service commands
configure
— service
— apply-groups reference
— apply-groups-exclude reference
— customer customer-name
— apply-groups reference
— apply-groups-exclude reference
— contact description
— customer-id number
— description description
— multi-service-site named-item
— apply-groups reference
— apply-groups-exclude reference
— assignment
— card number
— port port-named
— description description
— egress
— agg-rate
— limit-unused-bandwidth boolean
— queue-frame-based-accounting boolean
— rate number
— policer-control-policy reference
— scheduler-policy
— overrides
— scheduler named-item
— apply-groups reference
— apply-groups-exclude reference
— parent
— cir-weight number
— weight number
— rate
— cir (number | keyword)
— pir (number | keyword)
— policy-name reference
— ingress
— policer-control-policy reference
— scheduler-policy
— overrides
— scheduler named-item
— apply-groups reference
— apply-groups-exclude reference
— parent
— cir-weight number
— weight number
— rate
— cir (number | keyword)
— pir (number | keyword)
— policy-name reference
— phone description
— epipe service-name
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— bgp number
— adv-service-mtu number
— apply-groups reference
— apply-groups-exclude reference
— pw-template-binding reference
— apply-groups reference
— apply-groups-exclude reference
— endpoint reference
— import-rt route-target
— route-distinguisher (keyword | vpn-route-distinguisher)
— route-target
— export route-target
— import route-target
— vsi-export reference
— vsi-import reference
— bgp-evpn
— apply-groups reference
— apply-groups-exclude reference
— evi number
— local-attachment-circuit named-item
— apply-groups reference
— apply-groups-exclude reference
— bgp number
— endpoint reference
— eth-tag number
— mpls number
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— auto-bind-tunnel
— allow-flex-algo-fallback boolean
— ecmp number
— enforce-strict-tunnel-tagging boolean
— enforce-untagged-route keyword
— resolution keyword
— resolution-filter
— bgp boolean
— ldp boolean
— rsvp boolean
— sr-isis boolean
— sr-ospf boolean
— sr-ospf3 boolean
— sr-policy boolean
— sr-te boolean
— weighted-ecmp boolean
— control-word boolean
— default-route-tag one-byte-value
— domain-id domain-id
— dynamic-egress-label-limit boolean
— evi-three-byte-auto-rt boolean
— force-vc-forwarding keyword
— hash-label boolean
— mh-mode keyword
— oper-group reference
— route-next-hop
— ip-address (ipv4-address-no-zone | ipv6-address-no-zone)
— system-ipv4
— system-ipv6
— send-tunnel-encap
— mpls boolean
— remote-attachment-circuit named-item
— apply-groups reference
— apply-groups-exclude reference
— bgp number
— endpoint reference
— eth-tag number
— bgp-mh-site named-item
— activation-timer number
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— boot-timer number
— id number
— min-down-timer number
— preference number
— sap sap
— bgp-vpws
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— local-ve
— id number
— name named-item
— remote-ve named-item
— apply-groups reference
— apply-groups-exclude reference
— id number
— customer reference
— description description
— endpoint named-item
— apply-groups reference
— apply-groups-exclude reference
— description description
— hold-time-active number
— revert-time (number | keyword)
— standby-signaling keyword
— ignore-l2vpn-mtu-mismatch boolean
— load-balancing
— oper-group reference
— sap sap
— accounting-policy reference
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— bandwidth number
— collect-stats boolean
— description long-description
— dist-cpu-protection reference
— egress
— agg-rate
— queue-frame-based-accounting boolean
— rate number
— filter
— ip reference
— ipv6 reference
— qos
— policer-control-policy
— overrides
— apply-groups reference
— apply-groups-exclude reference
— root
— max-rate (number | keyword)
— priority-mbs-thresholds
— min-thresh-separation (number | keyword)
— priority number
— apply-groups reference
— apply-groups-exclude reference
— mbs-contribution (number | keyword)
— policy-name reference
— qinq-mark-top-only boolean
— sap-egress
— overrides
— queue reference
— adaptation-rule
— cir keyword
— pir keyword
— apply-groups reference
— apply-groups-exclude reference
— avg-frame-overhead decimal-number
— burst-limit (number | keyword)
— cbs (number | keyword)
— drop-tail
— low
— percent-reduction-from-mbs (number | keyword)
— mbs (number | keyword)
— parent
— cir-weight number
— weight number
— percent-rate
— cir decimal-number
— pir decimal-number
— rate
— cir (number | keyword)
— pir (number | keyword)
— policy-name reference
— port-redirect-group
— group-name reference
— instance number
— scheduler-policy
— overrides
— scheduler named-item
— apply-groups reference
— apply-groups-exclude reference
— parent
— cir-weight number
— weight number
— rate
— cir (number | keyword)
— pir (number | keyword)
— policy-name reference
— endpoint reference
— ignore-oper-down boolean
— ingress
— filter
— ip reference
— ipv6 reference
— qos
— match-qinq-dot1p keyword
— policer-control-policy
— overrides
— apply-groups reference
— apply-groups-exclude reference
— root
— max-rate (number | keyword)
— priority-mbs-thresholds
— min-thresh-separation (number | keyword)
— priority number
— apply-groups reference
— apply-groups-exclude reference
— mbs-contribution (number | keyword)
— policy-name reference
— sap-ingress
— fp-redirect-group
— group-name reference
— instance number
— overrides
— policer reference
— apply-groups reference
— apply-groups-exclude reference
— cbs (number | keyword)
— mbs (number | keyword)
— packet-byte-offset number
— percent-rate
— cir decimal-number
— pir decimal-number
— rate
— cir (number | keyword)
— pir (number | keyword)
— stat-mode keyword
— queue reference
— adaptation-rule
— cir keyword
— pir keyword
— apply-groups reference
— apply-groups-exclude reference
— cbs (number | keyword)
— drop-tail
— low
— percent-reduction-from-mbs (number | keyword)
— mbs (number | keyword)
— parent
— cir-weight number
— weight number
— percent-rate
— cir decimal-number
— pir decimal-number
— rate
— cir (number | keyword)
— pir (number | keyword)
— policy-name reference
— scheduler-policy
— overrides
— scheduler named-item
— apply-groups reference
— apply-groups-exclude reference
— parent
— cir-weight number
— weight number
— rate
— cir (number | keyword)
— pir (number | keyword)
— policy-name reference
— lag
— mc-ring
— apply-groups reference
— apply-groups-exclude reference
— ring-node named-item
— monitor-oper-group reference
— multi-service-site reference
— oper-group reference
— service-id number
— service-mtu number
— spoke-sdp sdp-bind-id
— accounting-policy reference
— admin-state keyword
— adv-service-mtu number
— apply-groups reference
— apply-groups-exclude reference
— bandwidth (number | keyword)
— collect-stats boolean
— control-word boolean
— description description
— egress
— filter
— ip reference
— ipv6 reference
— qos
— network
— policy-name reference
— port-redirect-group
— group-name reference
— instance number
— vc-label number
— endpoint
— icb boolean
— name reference
— precedence (number | keyword)
— force-vc-forwarding keyword
— hash-label
— signal-capability
— ingress
— filter
— ip reference
— ipv6 reference
— qos
— network
— fp-redirect-group
— group-name reference
— instance number
— policy-name reference
— vc-label number
— monitor-oper-group reference
— oper-group reference
— pw-status
— block-on-peer-fault boolean
— signaling boolean
— standby-signaling-slave boolean
— vc-type keyword
— vlan-vc-tag number
— test boolean
— vc-switching boolean
— vpn-id number
— ies service-name
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— customer reference
— description description
— interface interface-name
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— description very-long-description
— dynamic-tunnel-redundant-nexthop ipv4-unicast-address
— hold-time
— ipv4
— down
— init-only boolean
— seconds number
— up
— seconds number
— ipv6
— down
— init-only boolean
— seconds number
— up
— seconds number
— if-attribute
— admin-group reference
— srlg-group reference
— ingress
— ip-mtu number
— ip-tunnel-interface boolean
— ipsec
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— ip-exception reference
— ipsec-tunnel named-item
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— bfd
— bfd-designate boolean
— bfd-liveness
— dest-ip ipv4-unicast-address
— interface interface-name
— service-name service-name
— clear-df-bit boolean
— copy-traffic-class-upon-decapsulation boolean
— description description
— encapsulated-ip-mtu number
— icmp-generation
— frag-required
— admin-state keyword
— interval number
— message-count number
— icmp6-generation
— packet-too-big
— admin-state keyword
— interval number
— message-count number
— ip-mtu number
— key-exchange
— dynamic
— auto-establish boolean
— cert
— cert-profile reference
— status-verify
— default-result keyword
— primary keyword
— secondary keyword
— trust-anchor-profile reference
— id
— fqdn fully-qualified-domain-name
— ipv4 ipv4-unicast-address
— ipv6 (ipv4-address-no-zone | ipv6-address-no-zone)
— ike-policy reference
— ipsec-transform reference
— ppk
— id reference
— list reference
— pre-shared-key encrypted-leaf
— manual
— keys number direction keyword
— apply-groups reference
— apply-groups-exclude reference
— authentication-key hex-string
— encryption-key hex-string
— ipsec-transform reference
— spi number
— local-gateway-address-override (ipv4-address-no-zone | ipv6-address-no-zone)
— max-history-key-records
— esp number
— ike number
— pmtu-discovery-aging number
— private-sap number
— private-service service-name
— private-tcp-mss-adjust number
— propagate-pmtu-v4 boolean
— propagate-pmtu-v6 boolean
— public-tcp-mss-adjust (number | keyword)
— remote-gateway-address (ipv4-address-no-zone | ipv6-address-no-zone)
— replay-window number
— security-policy
— id number
— strict-match boolean
— ipv6-exception reference
— public-sap number
— tunnel-group reference
— ipv4
— addresses
— address ipv4-unicast-address
— apply-groups reference
— apply-groups-exclude reference
— prefix-length number
— allow-directed-broadcasts boolean
— bfd
— admin-state keyword
— echo-receive number
— multiplier number
— receive number
— transmit-interval number
— dhcp
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— description description
— gi-address ipv4-unicast-address
— lease-populate
— max-leases number
— option-82
— action keyword
— circuit-id
— ascii-tuple
— ifindex
— none
— sap-id
— vlan-ascii-tuple
— remote-id
— ascii-string string-not-all-spaces
— mac
— none
— vendor-specific-option
— client-mac-address boolean
— pool-name boolean
— sap-id boolean
— service-id boolean
— string string-not-all-spaces
— system-id boolean
— proxy-server
— admin-state keyword
— emulated-server ipv4-unicast-address
— lease-time
— radius-override boolean
— value number
— relay-plain-bootp boolean
— relay-proxy
— release-update-src-ip boolean
— siaddr-override ipv4-unicast-address
— server ipv4-unicast-address
— src-ip-addr keyword
— trusted boolean
— use-arp boolean
— icmp
— mask-reply boolean
— param-problem
— admin-state keyword
— number number
— seconds number
— redirects
— admin-state keyword
— number number
— seconds number
— ttl-expired
— admin-state keyword
— number number
— seconds number
— unreachables
— admin-state keyword
— number number
— seconds number
— ip-helper-address ipv4-unicast-address
— local-dhcp-server reference
— neighbor-discovery
— host-route
— populate keyword
— apply-groups reference
— apply-groups-exclude reference
— route-tag number
— learn-unsolicited boolean
— limit
— log-only boolean
— max-entries number
— threshold number
— local-proxy-arp boolean
— populate boolean
— proactive-refresh boolean
— proxy-arp-policy reference
— remote-proxy-arp boolean
— retry-timer number
— static-neighbor ipv4-address
— apply-groups reference
— apply-groups-exclude reference
— mac-address mac-address
— static-neighbor-unnumbered
— mac-address mac-address
— timeout number
— primary
— address ipv4-unicast-address
— apply-groups reference
— apply-groups-exclude reference
— broadcast keyword
— prefix-length number
— secondary ipv4-unicast-address
— apply-groups reference
— apply-groups-exclude reference
— broadcast keyword
— igp-inhibit boolean
— prefix-length number
— tcp-mss number
— unnumbered
— ip-address ipv4-unicast-address
— ip-int-name interface-name
— system
— urpf-check
— ignore-default boolean
— mode keyword
— vrrp number
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— authentication-key encrypted-leaf
— backup ipv4-unicast-address
— bfd-liveness
— apply-groups reference
— apply-groups-exclude reference
— dest-ip ipv4-address
— interface-name interface-name
— service-name service-name
— init-delay number
— mac mac-unicast-address
— master-int-inherit boolean
— message-interval number
— monitor-oper-group reference
— ntp-reply boolean
— oper-group reference
— owner boolean
— passive boolean
— ping-reply boolean
— policy reference
— preempt boolean
— priority number
— ssh-reply boolean
— standby-forwarding boolean
— telnet-reply boolean
— traceroute-reply boolean
— ipv6
— address ipv6-address
— apply-groups reference
— apply-groups-exclude reference
— duplicate-address-detection boolean
— eui-64 boolean
— prefix-length number
— primary-preference number
— bfd
— admin-state keyword
— echo-receive number
— multiplier number
— receive number
— transmit-interval number
— dhcp6
— apply-groups reference
— apply-groups-exclude reference
— relay
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— description description
— lease-populate
— max-nbr-of-leases number
— route-populate
— na boolean
— pd
— exclude boolean
— ta boolean
— option
— apply-groups reference
— apply-groups-exclude reference
— interface-id
— ascii-tuple
— if-index
— sap-id
— string string-not-all-spaces
— remote-id boolean
— server ipv6-address-with-zone
— source-address ipv6-unicast-or-linklocal-address
— duplicate-address-detection boolean
— forward-ipv4-packets boolean
— icmp6
— packet-too-big
— admin-state keyword
— number number
— seconds number
— param-problem
— admin-state keyword
— number number
— seconds number
— redirects
— admin-state keyword
— number number
— seconds number
— time-exceeded
— admin-state keyword
— number number
— seconds number
— unreachables
— admin-state keyword
— number number
— seconds number
— link-local-address
— address ipv6-address
— duplicate-address-detection boolean
— local-dhcp-server reference
— neighbor-discovery
— host-route
— populate keyword
— apply-groups reference
— apply-groups-exclude reference
— route-tag number
— learn-unsolicited keyword
— limit
— log-only boolean
— max-entries number
— threshold number
— local-proxy-nd boolean
— proactive-refresh keyword
— proxy-nd-policy reference
— reachable-time number
— secure-nd
— admin-state keyword
— allow-unsecured-msgs boolean
— public-key-min-bits number
— security-parameter number
— stale-time number
— static-neighbor ipv6-address
— apply-groups reference
— apply-groups-exclude reference
— mac-address mac-address
— tcp-mss number
— urpf-check
— ignore-default boolean
— mode keyword
— vrrp number
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— backup ipv6-address
— bfd-liveness
— apply-groups reference
— apply-groups-exclude reference
— dest-ip (ipv4-address-no-zone | ipv6-address-no-zone)
— interface-name interface-name
— service-name service-name
— init-delay number
— mac mac-unicast-address
— master-int-inherit boolean
— message-interval number
— monitor-oper-group reference
— ntp-reply boolean
— oper-group reference
— owner boolean
— passive boolean
— ping-reply boolean
— policy reference
— preempt boolean
— priority number
— standby-forwarding boolean
— telnet-reply boolean
— traceroute-reply boolean
— load-balancing
— ip-load-balancing keyword
— loopback boolean
— mac mac-unicast-address
— mac-accounting boolean
— monitor-oper-group reference
— multi-chassis-shunting-profile reference
— multicast-network-domain reference
— sap sap
— accounting-policy reference
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— bandwidth number
— collect-stats boolean
— description long-description
— dist-cpu-protection reference
— egress
— agg-rate
— queue-frame-based-accounting boolean
— rate number
— filter
— ip reference
— ipv6 reference
— qos
— policer-control-policy
— overrides
— apply-groups reference
— apply-groups-exclude reference
— root
— max-rate (number | keyword)
— priority-mbs-thresholds
— min-thresh-separation (number | keyword)
— priority number
— apply-groups reference
— apply-groups-exclude reference
— mbs-contribution (number | keyword)
— policy-name reference
— qinq-mark-top-only boolean
— sap-egress
— overrides
— queue reference
— adaptation-rule
— cir keyword
— pir keyword
— apply-groups reference
— apply-groups-exclude reference
— avg-frame-overhead decimal-number
— burst-limit (number | keyword)
— cbs (number | keyword)
— drop-tail
— low
— percent-reduction-from-mbs (number | keyword)
— mbs (number | keyword)
— parent
— cir-weight number
— weight number
— percent-rate
— cir decimal-number
— pir decimal-number
— rate
— cir (number | keyword)
— pir (number | keyword)
— policy-name reference
— port-redirect-group
— group-name reference
— instance number
— scheduler-policy
— overrides
— scheduler named-item
— apply-groups reference
— apply-groups-exclude reference
— parent
— cir-weight number
— weight number
— rate
— cir (number | keyword)
— pir (number | keyword)
— policy-name reference
— ingress
— filter
— ip reference
— ipv6 reference
— qos
— match-qinq-dot1p keyword
— policer-control-policy
— overrides
— apply-groups reference
— apply-groups-exclude reference
— root
— max-rate (number | keyword)
— priority-mbs-thresholds
— min-thresh-separation (number | keyword)
— priority number
— apply-groups reference
— apply-groups-exclude reference
— mbs-contribution (number | keyword)
— policy-name reference
— sap-ingress
— fp-redirect-group
— group-name reference
— instance number
— overrides
— policer reference
— apply-groups reference
— apply-groups-exclude reference
— cbs (number | keyword)
— mbs (number | keyword)
— packet-byte-offset number
— percent-rate
— cir decimal-number
— pir decimal-number
— rate
— cir (number | keyword)
— pir (number | keyword)
— stat-mode keyword
— queue reference
— adaptation-rule
— cir keyword
— pir keyword
— apply-groups reference
— apply-groups-exclude reference
— cbs (number | keyword)
— drop-tail
— low
— percent-reduction-from-mbs (number | keyword)
— mbs (number | keyword)
— parent
— cir-weight number
— weight number
— percent-rate
— cir decimal-number
— pir decimal-number
— rate
— cir (number | keyword)
— pir (number | keyword)
— policy-name reference
— scheduler-policy
— overrides
— scheduler named-item
— apply-groups reference
— apply-groups-exclude reference
— parent
— cir-weight number
— weight number
— rate
— cir (number | keyword)
— pir (number | keyword)
— policy-name reference
— ip-tunnel interface-name
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— backup-remote-ip-address (ipv4-address-no-zone | ipv6-address-no-zone)
— clear-df-bit boolean
— delivery-service service-name
— description description
— dest-ip (ipv4-address-no-zone | ipv6-address-no-zone)
— dscp keyword
— encapsulated-ip-mtu number
— gre-header
— admin-state keyword
— key
— admin-state keyword
— receive number
— send number
— icmp-generation
— frag-required
— admin-state keyword
— interval number
— message-count number
— icmp6-generation
— packet-too-big
— admin-state keyword
— number number
— seconds number
— ip-mtu number
— ipsec-transport-mode-profile reference
— local-ip-address (ipv4-address-no-zone | ipv6-address-no-zone)
— pmtu-discovery-aging number
— private-tcp-mss-adjust number
— propagate-pmtu-v4 boolean
— propagate-pmtu-v6 boolean
— public-tcp-mss-adjust (number | keyword)
— reassembly (number | keyword)
— remote-ip-address (ipv4-address-no-zone | ipv6-address-no-zone)
— ipsec-gateway named-item
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— cert
— cert-profile reference
— status-verify
— default-result keyword
— primary keyword
— secondary keyword
— trust-anchor-profile reference
— client-db
— fallback boolean
— name reference
— default-secure-service
— interface interface-name
— service-name service-name
— default-tunnel-template reference
— dhcp-address-assignment
— dhcpv4
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— gi-address ipv4-unicast-address
— send-release boolean
— server
— address ipv4-unicast-address
— router-instance router-instance-base-vprn-loose
— dhcpv6
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— link-address ipv6-unicast-address
— send-release boolean
— server
— address ipv6-unicast-address
— router-instance router-instance-base-vprn-loose
— ike-policy reference
— local
— address-assignment
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— ipv4
— dhcp-server named-item
— pool named-item
— router-instance router-instance-base-vprn-loose
— secondary-pool named-item
— ipv6
— dhcp-server named-item
— pool named-item
— router-instance router-instance-base-vprn-loose
— gateway-address (ipv4-address-no-zone | ipv6-address-no-zone)
— id
— auto
— fqdn fully-qualified-domain-name
— ipv4 ipv4-unicast-address
— ipv6 (ipv4-address-no-zone | ipv6-address-no-zone)
— max-history-key-records
— esp number
— ike number
— pre-shared-key encrypted-leaf
— radius
— accounting-policy reference
— authentication-policy reference
— ts-list reference
— lag
— multi-service-site reference
— spoke-sdp sdp-bind-id
— accounting-policy reference
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— collect-stats boolean
— description description
— egress
— filter
— ip reference
— ipv6 reference
— qos
— network
— policy-name reference
— port-redirect-group
— group-name reference
— instance number
— vc-label number
— hash-label
— signal-capability
— ingress
— filter
— ip reference
— ipv6 reference
— qos
— network
— fp-redirect-group
— group-name reference
— instance number
— policy-name reference
— vc-label number
— vc-type keyword
— static-tunnel-redundant-nexthop ipv4-unicast-address
— tos-marking-state keyword
— tunnel boolean
— vpls named-item-64
— apply-groups reference
— apply-groups-exclude reference
— egress
— reclassify-using-qos reference
— routed-override-filter
— ip reference
— ipv6 reference
— evpn
— arp
— advertise keyword
— apply-groups reference
— apply-groups-exclude reference
— route-tag number
— flood-garp-and-unknown-req boolean
— learn-dynamic boolean
— nd
— advertise keyword
— apply-groups reference
— apply-groups-exclude reference
— route-tag number
— learn-dynamic boolean
— ingress
— routed-override-filter
— ip reference
— ipv6 reference
— service-id number
— vpn-id number
— mac-list named-item
— apply-groups reference
— apply-groups-exclude reference
— description description
— mac mac-address
— apply-groups reference
— apply-groups-exclude reference
— mask mac-address
— md-auto-id
— customer-id-range
— apply-groups reference
— apply-groups-exclude reference
— end number
— start number
— pw-template-id-range
— apply-groups reference
— apply-groups-exclude reference
— end number
— start number
— service-id-range
— apply-groups reference
— apply-groups-exclude reference
— end number
— start number
— nat
— apply-groups reference
— apply-groups-exclude reference
— nat-policy external-named-item
— apply-groups reference
— apply-groups-exclude reference
— block-limit number
— description description
— filtering keyword
— pool
— name named-item
— router-instance string
— port-limits
— forwarding number
— watermarks
— high number
— low number
— session-limits
— max number
— watermarks
— high number
— low number
— tcp
— mss-adjust number
— timeouts
— icmp-query number
— tcp
— established number
— syn number
— time-wait number
— transitory number
— udp
— dns number
— initial number
— normal number
— udp
— inbound-refresh boolean
— oper-group named-item
— apply-groups reference
— apply-groups-exclude reference
— bfd-liveness
— apply-groups reference
— apply-groups-exclude reference
— dest-ip ipv4-unicast-address
— interface-name interface-name
— router-instance string
— hold-time
— down number
— up number
— proxy-arp-nd
— mac-list
— list named-item
— apply-groups reference
— apply-groups-exclude reference
— mac mac-unicast-address-no-zero
— pw-template pw-template-name
— accounting-policy number
— allow-fragmentation boolean
— apply-groups reference
— apply-groups-exclude reference
— auto-gre-sdp boolean
— block-on-peer-fault boolean
— collect-stats boolean
— control-word boolean
— egress
— filter
— ip named-item-64
— ipv6 named-item-64
— mac named-item-64
— mfib-allowed-mda-destinations
— mda slot-mda
— qos
— network
— policy-name named-item-64
— port-redirect-group
— group-name named-item
— instance number
— encryption-keygroup
— inbound number
— outbound number
— fdb
— auto-learn-mac-protect boolean
— auto-learn-mac-protect-exclude-list named-item
— discard-unknown-source boolean
— limit-mac-move keyword
— mac-learning
— aging boolean
— learning boolean
— mac-pinning boolean
— maximum-mac-addresses number
— protected-src-mac-violation-action keyword
— force-vc-forwarding keyword
— hash-label
— signal-capability
— igmp-snooping
— fast-leave boolean
— import-policy named-item
— maximum-number-groups number
— query-interval number
— query-last-member-interval number
— query-response-interval number
— robust-count number
— send-queries boolean
— version keyword
— ingress
— filter
— ip named-item-64
— ipv6 named-item-64
— mac named-item-64
— qos
— network
— fp-redirect-group
— group-name named-item
— instance number
— policy-name named-item-64
— l2pt
— termination
— protocols
— cdp boolean
— dtp boolean
— pagp boolean
— stp boolean
— udld boolean
— vtp boolean
— path-mtu number
— provisioned-sdp keyword
— pw-template-id number
— sdp-exclude reference
— sdp-include reference
— split-horizon-group
— description description
— fdb
— saps
— auto-learn-mac-protect boolean
— discard-unprotected-dest-mac boolean
— protected-src-mac-violation-action keyword
— name named-item
— stp
— admin-state keyword
— auto-edge boolean
— edge-port boolean
— link-type keyword
— path-cost number
— priority number
— root-guard boolean
— vc-type keyword
— vlan-vc-tag number
— sdp number
— accounting-policy reference
— admin-state keyword
— adv-mtu-override boolean
— allow-fragmentation boolean
— apply-groups reference
— apply-groups-exclude reference
— bgp-tunnel boolean
— booking-factor number
— collect-stats boolean
— delivery-type keyword
— description description
— far-end
— ip-address (ipv4-address-no-zone | ipv6-address-no-zone)
— keep-alive
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— hello-time number
— hold-down-time number
— maximum-drop-count number
— message-length number
— timeout number
— ldp boolean
— local-end (ipv4-address-no-zone | ipv6-address-no-zone)
— lsp named-item-64
— metric number
— mixed-lsp-mode
— revert-time (number | keyword)
— network-domain reference
— path-mtu number
— sdp-group reference
— signaling keyword
— sr-isis boolean
— sr-ospf boolean
— tunnel-far-end (ipv4-address-no-zone | ipv6-address-no-zone)
— vlan-vc-etype etype-value
— weighted-ecmp boolean
— sdp-group
— apply-groups reference
— apply-groups-exclude reference
— group-name named-item
— apply-groups reference
— apply-groups-exclude reference
— value number
— system
— apply-groups reference
— apply-groups-exclude reference
— bgp
— evpn
— ad-per-es-route
— extended-evi-range boolean
— route-distinguisher-ip-address ipv4-address
— route-target-type keyword
— ad-per-evi-routes
— attribute-propagation boolean
— bgp-path-selection boolean
— d-path-ignore boolean
— etree-leaf-label boolean
— etree-leaf-label-value (number | keyword)
— ip-prefix-routes
— interface-ful
— attribute-uniform-propagation boolean
— bgp-path-selection boolean
— d-path-length-ignore boolean
— multicast-leave-sync-propagation number
— route-distinguisher vpn-route-distinguisher
— bgp-auto-rd-range
— apply-groups reference
— apply-groups-exclude reference
— community-value
— end number
— start number
— ip-address ipv4-address
— fdb
— apply-groups reference
— apply-groups-exclude reference
— table-size number
— vpn-gre-source-ip ipv4-unicast-address
— vpls service-name
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— bgp number
— adv-service-mtu number
— apply-groups reference
— apply-groups-exclude reference
— pw-template-binding reference
— apply-groups reference
— apply-groups-exclude reference
— import-rt route-target
— monitor-oper-group reference
— oper-group reference
— split-horizon-group named-item
— route-distinguisher (keyword | vpn-route-distinguisher)
— route-target
— export route-target
— import route-target
— vsi-export reference
— vsi-import reference
— bgp-ad
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— vpls-id vpls-id
— vsi-id-prefix ipv4-address
— bgp-evpn
— apply-groups reference
— apply-groups-exclude reference
— evi number
— ignore-mtu-mismatch boolean
— incl-mcast-orig-ip ipv4-unicast-address
— mac-duplication
— blackhole boolean
— detect
— num-moves number
— trusted-mac-move-factor number
— window number
— retry (number | keyword)
— trusted-mac-time number
— mpls number
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— auto-bind-tunnel
— allow-flex-algo-fallback boolean
— ecmp number
— enforce-strict-tunnel-tagging boolean
— enforce-untagged-route keyword
— resolution keyword
— resolution-filter
— bgp boolean
— ldp boolean
— rsvp boolean
— sr-isis boolean
— sr-ospf boolean
— sr-ospf3 boolean
— sr-policy boolean
— sr-te boolean
— weighted-ecmp boolean
— control-word boolean
— default-route-tag one-byte-value
— dynamic-egress-label-limit boolean
— evi-three-byte-auto-rt boolean
— fdb
— protected-src-mac-violation-action keyword
— force-vc-forwarding keyword
— hash-label boolean
— mh-mode keyword
— oper-group reference
— route-next-hop
— ip-address (ipv4-address-no-zone | ipv6-address-no-zone)
— system-ipv4
— system-ipv6
— send-tunnel-encap
— mpls boolean
— split-horizon-group reference
— routes
— incl-mcast
— advertise-ingress-replication boolean
— advertise-l2-attributes boolean
— ip-prefix
— advertise boolean
— domain-id domain-id
— include-direct-interface-host boolean
— link-bandwidth
— advertise
— max-dynamic-weight number
— weight (number | keyword)
— weighted-ecmp boolean
— mac-ip
— advertise boolean
— arp-nd-extended-community boolean
— arp-nd-only-with-fdb-advertisement boolean
— sel-mcast
— advertise boolean
— vlan-aware-bundle-eth-tag number
— vlan-aware-bundle named-item
— bgp-mh-site named-item
— activation-timer number
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— boot-timer number
— failed-threshold (number | keyword)
— id number
— mesh-sdp-binds
— min-down-timer number
— monitor-oper-group reference
— sap sap
— shg-name named-item
— spoke-sdp sdp-bind-id
— bgp-vpls
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— maximum-ve-id number
— ve
— id number
— name named-item
— customer reference
— description description
— endpoint named-item
— apply-groups reference
— apply-groups-exclude reference
— block-on-mesh-failure boolean
— description description
— fdb
— auto-learn-mac-protect boolean
— mac-pinning boolean
— maximum-mac-addresses number
— protected-src-mac-violation-action keyword
— ignore-standby-signaling boolean
— mc-endpoint number
— apply-groups reference
— apply-groups-exclude reference
— mc-ep-peer
— name named-item
— peer-address reference
— revert-time (number | keyword)
— suppress-standby-signaling boolean
— etree boolean
— fdb
— discard-unknown boolean
— mac-learning
— aging boolean
— learning boolean
— local-age-time number
— remote-age-time number
— mac-move
— admin-state keyword
— hold-down-time number
— move-frequency number
— primary-cumulative-factor number
— retry-count (number | keyword)
— sap reference
— apply-groups reference
— apply-groups-exclude reference
— level keyword
— secondary-cumulative-factor number
— spoke-sdp reference
— apply-groups reference
— apply-groups-exclude reference
— level keyword
— mac-subnet-length number
— selective-learning boolean
— static-mac
— mac mac-unicast-address-no-zero
— apply-groups reference
— apply-groups-exclude reference
— blackhole
— endpoint reference
— mesh-sdp reference
— monitor keyword
— sap reference
— spoke-sdp reference
— table
— high-wmark number
— low-wmark number
— size number
— igmp-snooping
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— query-interval number
— query-source-address (keyword | ipv4-address)
— report-source-address ipv4-address
— robust-count number
— ignore-l2vpn-mtu-mismatch boolean
— interface interface-name
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— description very-long-description
— hold-time
— ipv4
— down
— init-only boolean
— seconds number
— up
— seconds number
— ipv4
— neighbor-discovery
— static-neighbor ipv4-address
— apply-groups reference
— apply-groups-exclude reference
— mac-address mac-address
— timeout number
— primary
— address ipv4-address
— apply-groups reference
— apply-groups-exclude reference
— prefix-length number
— mac mac-unicast-address
— isid-policy
— entry number
— advertise-local boolean
— apply-groups reference
— apply-groups-exclude reference
— range
— end number
— start number
— use-def-mcast boolean
— m-vpls boolean
— mac-flush
— tldp
— propagate boolean
— send-on-failure boolean
— mac-protect
— mac mac-address
— mcast-ipv6-snooping-scope keyword
— mcr-default-gtw
— apply-groups reference
— apply-groups-exclude reference
— ip ipv4-unicast-address
— mac mac-address
— mesh-sdp sdp-bind-id
— accounting-policy reference
— admin-state keyword
— adv-service-mtu number
— apply-groups reference
— apply-groups-exclude reference
— collect-stats boolean
— control-word boolean
— description description
— dhcp
— apply-groups reference
— apply-groups-exclude reference
— description description
— snoop boolean
— egress
— filter
— ip reference
— ipv6 reference
— mfib-allowed-mda-destinations
— mda slot-mda
— qos
— network
— policy-name reference
— port-redirect-group
— group-name reference
— instance number
— vc-label number
— etree-leaf boolean
— etree-root-leaf-tag boolean
— fdb
— auto-learn-mac-protect boolean
— auto-learn-mac-protect-exclude-list reference
— mac-pinning boolean
— protected-src-mac-violation-action keyword
— force-vc-forwarding keyword
— hash-label
— signal-capability
— igmp-snooping
— apply-groups reference
— apply-groups-exclude reference
— fast-leave boolean
— import-policy reference
— maximum-number-group-sources number
— maximum-number-groups number
— maximum-number-sources number
— mrouter-port boolean
— query-interval number
— query-last-member-interval number
— query-response-interval number
— robust-count number
— router-alert-check boolean
— send-queries boolean
— static
— group ipv4-multicast-address
— apply-groups reference
— apply-groups-exclude reference
— source ipv4-unicast-address
— starg
— version keyword
— ingress
— filter
— ip reference
— ipv6 reference
— qos
— network
— fp-redirect-group
— group-name reference
— instance number
— policy-name reference
— vc-label number
— mld-snooping
— apply-groups reference
— apply-groups-exclude reference
— fast-leave boolean
— import-policy reference
— maximum-number-groups number
— mrouter-port boolean
— query-interval number
— query-last-member-interval number
— query-response-interval number
— robust-count number
— router-alert-check boolean
— send-queries boolean
— static
— group ipv6-multicast-address
— apply-groups reference
— apply-groups-exclude reference
— source ipv6-unicast-address
— starg
— version keyword
— vc-type keyword
— vlan-vc-tag number
— mfib
— table
— high-wmark number
— low-wmark number
— size number
— mld-snooping
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— query-interval number
— query-source-address (keyword | ipv6-address)
— report-source-address ipv6-address
— robust-count number
— proxy-arp
— admin-state keyword
— age-time (number | keyword)
— apply-groups reference
— apply-groups-exclude reference
— duplicate-detect
— anti-spoof-mac mac-unicast-address-no-zero
— hold-down-time (number | keyword)
— num-moves number
— static-blackhole boolean
— window number
— dynamic-arp
— ip-address ipv4-unicast-address
— apply-groups reference
— apply-groups-exclude reference
— mac-list reference
— resolve-retry-time number
— sap reference
— dynamic-populate boolean
— evpn
— flood
— gratuitous-arp boolean
— unknown-arp-req boolean
— route-tag number
— flood
— received-gratuitous-arp boolean
— received-unknown-arp-req boolean
— process-arp-probes boolean
— restrict-non-configured-ip-address
— sponge-mac mac-unicast-address-no-zero
— send-refresh (number | keyword)
— static-arp
— ip-address ipv4-unicast-address
— apply-groups reference
— apply-groups-exclude reference
— mac mac-unicast-address-no-zero
— table-size number
— proxy-nd
— admin-state keyword
— age-time (number | keyword)
— apply-groups reference
— apply-groups-exclude reference
— duplicate-detect
— anti-spoof-mac mac-unicast-address-no-zero
— hold-down-time (number | keyword)
— num-moves number
— static-blackhole boolean
— window number
— dynamic-neighbor
— ip-address ipv6-address
— apply-groups reference
— apply-groups-exclude reference
— mac-list reference
— resolve-retry-time number
— sap reference
— dynamic-populate boolean
— evpn
— advertise-neighbor-type keyword
— flood
— unknown-neighbor-advertise-host boolean
— unknown-neighbor-advertise-router boolean
— unknown-neighbor-solicitation boolean
— route-tag number
— flood
— received-unknown-neighbor-advertise-host boolean
— received-unknown-neighbor-advertise-router boolean
— received-unknown-neighbor-solicitation boolean
— process-dad-neighbor-solicitations boolean
— restrict-non-configured-ip-address
— sponge-mac mac-unicast-address-no-zero
— send-refresh (number | keyword)
— static-neighbor
— ip-address ipv6-address
— apply-groups reference
— apply-groups-exclude reference
— mac mac-unicast-address-no-zero
— type keyword
— table-size number
— routed-vpls
— evpn-mpls-ecmp boolean
— multicast
— apply-groups reference
— apply-groups-exclude reference
— ipv4
— ipv6
— mld-snooping
— mrouter-port boolean
— sap sap
— accounting-policy reference
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— arp-reply-agent keyword
— bandwidth number
— bgp-vpls-mh-veid number
— bpdu-translation keyword
— collect-stats boolean
— description long-description
— dhcp
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— description description
— lease-populate
— max-leases number
— option-82
— action keyword
— circuit-id
— ascii-tuple
— hex-string hex-string
— none
— vlan-ascii-tuple
— remote-id
— ascii-string string-not-all-spaces
— hex-string hex-string
— mac
— none
— vendor-specific-option
— client-mac-address boolean
— sap-id boolean
— service-id boolean
— string string-not-all-spaces
— system-id boolean
— proxy-server
— admin-state keyword
— emulated-server ipv4-unicast-address
— lease-time
— radius-override boolean
— value number
— snoop boolean
— dhcp6
— apply-groups reference
— apply-groups-exclude reference
— description description
— ldra
— interface-type keyword
— options
— interface-id
— ascii-tuple
— vlan-ascii-tuple
— remote-id
— mac
— string string
— dist-cpu-protection reference
— egress
— agg-rate
— queue-frame-based-accounting boolean
— rate number
— dest-mac-rewrite mac-unicast-address-no-zero
— filter
— ip reference
— ipv6 reference
— qos
— policer-control-policy
— overrides
— apply-groups reference
— apply-groups-exclude reference
— root
— max-rate (number | keyword)
— priority-mbs-thresholds
— min-thresh-separation (number | keyword)
— priority number
— apply-groups reference
— apply-groups-exclude reference
— mbs-contribution (number | keyword)
— policy-name reference
— qinq-mark-top-only boolean
— sap-egress
— overrides
— queue reference
— adaptation-rule
— cir keyword
— pir keyword
— apply-groups reference
— apply-groups-exclude reference
— avg-frame-overhead decimal-number
— burst-limit (number | keyword)
— cbs (number | keyword)
— drop-tail
— low
— percent-reduction-from-mbs (number | keyword)
— mbs (number | keyword)
— parent
— cir-weight number
— weight number
— percent-rate
— cir decimal-number
— pir decimal-number
— rate
— cir (number | keyword)
— pir (number | keyword)
— policy-name reference
— port-redirect-group
— group-name reference
— instance number
— scheduler-policy
— overrides
— scheduler named-item
— apply-groups reference
— apply-groups-exclude reference
— parent
— cir-weight number
— weight number
— rate
— cir (number | keyword)
— pir (number | keyword)
— policy-name reference
— etree-leaf boolean
— etree-root-leaf-tag
— leaf number
— fdb
— auto-learn-mac-protect boolean
— auto-learn-mac-protect-exclude-list reference
— discard-unknown-source boolean
— discard-unprotected-dest-mac boolean
— limit-mac-move keyword
— mac-learning
— aging boolean
— learning boolean
— mac-pinning boolean
— maximum-mac-addresses number
— protected-src-mac-violation-action keyword
— i-vpls-mac-flush
— bgp-evpn
— igmp-snooping
— apply-groups reference
— apply-groups-exclude reference
— fast-leave boolean
— import-policy reference
— maximum-number-group-sources number
— maximum-number-groups number
— maximum-number-sources number
— mrouter-port boolean
— query-interval number
— query-last-member-interval number
— query-response-interval number
— robust-count number
— router-alert-check boolean
— send-queries boolean
— static
— group ipv4-multicast-address
— apply-groups reference
— apply-groups-exclude reference
— source ipv4-unicast-address
— starg
— version keyword
— ingress
— filter
— ip reference
— ipv6 reference
— qos
— match-qinq-dot1p keyword
— policer-control-policy
— overrides
— apply-groups reference
— apply-groups-exclude reference
— root
— max-rate (number | keyword)
— priority-mbs-thresholds
— min-thresh-separation (number | keyword)
— priority number
— apply-groups reference
— apply-groups-exclude reference
— mbs-contribution (number | keyword)
— policy-name reference
— sap-ingress
— fp-redirect-group
— group-name reference
— instance number
— overrides
— policer reference
— apply-groups reference
— apply-groups-exclude reference
— cbs (number | keyword)
— mbs (number | keyword)
— packet-byte-offset number
— percent-rate
— cir decimal-number
— pir decimal-number
— rate
— cir (number | keyword)
— pir (number | keyword)
— stat-mode keyword
— queue reference
— adaptation-rule
— cir keyword
— pir keyword
— apply-groups reference
— apply-groups-exclude reference
— cbs (number | keyword)
— drop-tail
— low
— percent-reduction-from-mbs (number | keyword)
— mbs (number | keyword)
— parent
— cir-weight number
— weight number
— percent-rate
— cir decimal-number
— pir decimal-number
— rate
— cir (number | keyword)
— pir (number | keyword)
— policy-name reference
— scheduler-policy
— overrides
— scheduler named-item
— apply-groups reference
— apply-groups-exclude reference
— parent
— cir-weight number
— weight number
— rate
— cir (number | keyword)
— pir (number | keyword)
— policy-name reference
— l2pt
— force-boundary
— protocols
— cdp boolean
— dtp boolean
— pagp boolean
— stp boolean
— udld boolean
— vtp boolean
— termination
— protocols
— cdp boolean
— dtp boolean
— pagp boolean
— stp boolean
— udld boolean
— vtp boolean
— lag
— managed-vlan-list
— range string
— mc-ring
— apply-groups reference
— apply-groups-exclude reference
— ring-node named-item
— mld-snooping
— apply-groups reference
— apply-groups-exclude reference
— fast-leave boolean
— import-policy reference
— maximum-number-groups number
— mrouter-port boolean
— query-interval number
— query-last-member-interval number
— query-response-interval number
— robust-count number
— router-alert-check boolean
— send-queries boolean
— static
— group ipv6-multicast-address
— apply-groups reference
— apply-groups-exclude reference
— source ipv6-unicast-address
— starg
— version keyword
— monitor-oper-group reference
— multi-service-site reference
— oper-group reference
— process-cpm-traffic-on-sap-down boolean
— split-horizon-group reference
— stp
— admin-state keyword
— auto-edge boolean
— edge-port boolean
— link-type keyword
— mst-instance number
— apply-groups reference
— apply-groups-exclude reference
— mst-path-cost number
— mst-port-priority number
— path-cost number
— port-num number
— priority number
— root-guard boolean
— service-id number
— service-mtu number
— split-horizon-group named-item
— apply-groups reference
— apply-groups-exclude reference
— description description
— fdb
— saps
— auto-learn-mac-protect boolean
— auto-learn-mac-protect-exclude-list reference
— discard-unprotected-dest-mac boolean
— protected-src-mac-violation-action keyword
— residential boolean
— spoke-sdp sdp-bind-id
— accounting-policy reference
— admin-state keyword
— adv-service-mtu number
— apply-groups reference
— apply-groups-exclude reference
— block-on-mesh-failure boolean
— bpdu-translation keyword
— collect-stats boolean
— control-word boolean
— description description
— dhcp
— apply-groups reference
— apply-groups-exclude reference
— description description
— snoop boolean
— egress
— filter
— ip reference
— ipv6 reference
— mfib-allowed-mda-destinations
— mda slot-mda
— qos
— network
— policy-name reference
— port-redirect-group
— group-name reference
— instance number
— vc-label number
— endpoint
— name reference
— precedence (number | keyword)
— etree-leaf boolean
— etree-root-leaf-tag boolean
— fdb
— auto-learn-mac-protect boolean
— auto-learn-mac-protect-exclude-list reference
— discard-unknown-source boolean
— limit-mac-move keyword
— mac-learning
— aging boolean
— learning boolean
— mac-pinning boolean
— maximum-mac-addresses number
— protected-src-mac-violation-action keyword
— force-vc-forwarding keyword
— hash-label
— signal-capability
— igmp-snooping
— apply-groups reference
— apply-groups-exclude reference
— fast-leave boolean
— import-policy reference
— maximum-number-group-sources number
— maximum-number-groups number
— maximum-number-sources number
— mrouter-port boolean
— query-interval number
— query-last-member-interval number
— query-response-interval number
— robust-count number
— router-alert-check boolean
— send-queries boolean
— static
— group ipv4-multicast-address
— apply-groups reference
— apply-groups-exclude reference
— source ipv4-unicast-address
— starg
— version keyword
— ignore-standby-signaling boolean
— ingress
— filter
— ip reference
— ipv6 reference
— qos
— network
— fp-redirect-group
— group-name reference
— instance number
— policy-name reference
— vc-label number
— l2pt
— termination
— protocols
— cdp boolean
— dtp boolean
— pagp boolean
— stp boolean
— udld boolean
— vtp boolean
— mld-snooping
— apply-groups reference
— apply-groups-exclude reference
— fast-leave boolean
— import-policy reference
— maximum-number-groups number
— mrouter-port boolean
— query-interval number
— query-last-member-interval number
— query-response-interval number
— robust-count number
— router-alert-check boolean
— send-queries boolean
— static
— group ipv6-multicast-address
— apply-groups reference
— apply-groups-exclude reference
— source ipv6-unicast-address
— starg
— version keyword
— monitor-oper-group reference
— oper-group reference
— pw-status
— signaling boolean
— split-horizon-group reference
— stp
— admin-state keyword
— auto-edge boolean
— edge-port boolean
— link-type keyword
— path-cost number
— port-num number
— priority number
— root-guard boolean
— vc-type keyword
— vlan-vc-tag number
— stp
— admin-state keyword
— forward-delay number
— hello-time number
— hold-count number
— maximum-age number
— mode keyword
— mst-instance number
— apply-groups reference
— apply-groups-exclude reference
— mst-priority number
— vlan-range string
— mst-maximum-hops number
— mst-name named-item
— mst-revision number
— priority number
— temp-flooding number
— vpn-id number
— vprn service-name
— aaa
— remote-servers
— radius
— access-algorithm keyword
— accounting boolean
— accounting-port number
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— authorization boolean
— interactive-authentication boolean
— port number
— server number
— address (ipv4-address-no-zone | ipv6-address-no-zone)
— apply-groups reference
— apply-groups-exclude reference
— authenticator keyword
— secret encrypted-leaf
— tls-client-profile reference
— server-retry number
— server-timeout number
— use-default-template boolean
— tacplus
— accounting
— record-type keyword
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— authorization
— request-format
— access-operation-cmd keyword
— use-priv-lvl boolean
— ignore-unknown-mandatory-vsas boolean
— interactive-authentication boolean
— priv-lvl-map
— priv-lvl number
— apply-groups reference
— apply-groups-exclude reference
— user-profile-name reference
— server number
— address (ipv4-address-no-zone | ipv6-address-no-zone)
— apply-groups reference
— apply-groups-exclude reference
— port number
— secret encrypted-leaf
— server-retry-timeout (number | keyword)
— server-timeout number
— service-request
— nokia-grpc-rpc-authorization boolean
— nokia-netconf-base-op-authorization boolean
— nokia-user boolean
— nokia-user-profile boolean
— use-default-template boolean
— admin-state keyword
— aggregates
— aggregate (ipv4-prefix | ipv6-prefix)
— aggregator
— address ipv4-unicast-address
— as-number number
— apply-groups reference
— apply-groups-exclude reference
— as-set boolean
— blackhole
— generate-icmp boolean
— community community
— description description
— discard-component-communities boolean
— indirect (ipv4-address-no-zone | ipv6-address-no-zone)
— local-preference number
— policy reference
— summary-only boolean
— tunnel-group number
— apply-groups reference
— apply-groups-exclude reference
— allow-export-bgp-vpn boolean
— apply-groups reference
— apply-groups-exclude reference
— autonomous-system number
— bgp
— admin-state keyword
— advertise-inactive boolean
— advertise-ipv6-next-hops
— ipv4 boolean
— aggregator-id-zero boolean
— apply-groups reference
— apply-groups-exclude reference
— asn-4-byte boolean
— attribute-set
— remove boolean
— authentication-key encrypted-leaf
— authentication-keychain reference
— backup-path
— ipv4 boolean
— ipv6 boolean
— label-ipv4 boolean
— label-ipv6 boolean
— best-path-selection
— always-compare-med
— med-value keyword
— strict-as boolean
— as-path-ignore
— ipv4 boolean
— ipv6 boolean
— label-ipv4 boolean
— label-ipv6 boolean
— compare-origin-validation-state boolean
— deterministic-med boolean
— ebgp-ibgp-equal
— ipv4 boolean
— ipv6 boolean
— label-ipv4 boolean
— label-ipv6 boolean
— ignore-nh-metric boolean
— ignore-router-id
— origin-invalid-unusable boolean
— bfd-liveness boolean
— bfd-strict-mode
— advertise
— holdtime number
— next-hop-reachability boolean
— client-reflect boolean
— cluster
— cluster-id ipv4-address
— connect-retry number
— convergence
— family keyword
— apply-groups reference
— apply-groups-exclude reference
— max-wait-to-advertise number
— min-wait-to-advertise number
— damp-peer-oscillations
— error-interval number
— idle-hold-time
— initial-wait number
— max-wait number
— second-wait number
— damping boolean
— default-label-preference
— ebgp number
— ibgp number
— default-preference
— ebgp number
— ibgp number
— description description
— dynamic-neighbor-limit number
— ebgp-default-reject-policy
— export boolean
— import boolean
— eibgp-loadbalance boolean
— enforce-first-as boolean
— error-handling
— legacy-mode boolean
— update-fault-tolerance boolean
— export
— apply-groups reference
— apply-groups-exclude reference
— policy (policy-expr-string | string)
— extended-nh-encoding
— ipv4 boolean
— family
— flow-ipv6 boolean
— ipv4 boolean
— ipv6 boolean
— label-ipv4 boolean
— mcast-ipv4 boolean
— mcast-ipv6 boolean
— fast-external-failover boolean
— graceful-restart
— gr-notification boolean
— long-lived
— advertise-stale-to-all-neighbors boolean
— advertised-stale-time number
— family keyword
— advertised-stale-time number
— apply-groups reference
— apply-groups-exclude reference
— helper-override-stale-time number
— forwarding-bits-set keyword
— helper-override-restart-time number
— helper-override-stale-time number
— without-no-export boolean
— restart-time number
— stale-routes-time number
— group named-item-64
— admin-state keyword
— advertise-inactive boolean
— advertise-ipv6-next-hops
— ipv4 boolean
— aggregator-id-zero boolean
— apply-groups reference
— apply-groups-exclude reference
— as-override boolean
— asn-4-byte boolean
— authentication-key encrypted-leaf
— authentication-keychain reference
— bfd-liveness boolean
— bfd-strict-mode
— advertise
— holdtime number
— next-hop-reachability boolean
— capability-negotiation boolean
— client-reflect boolean
— cluster
— cluster-id ipv4-address
— connect-retry number
— damp-peer-oscillations
— error-interval number
— idle-hold-time
— initial-wait number
— max-wait number
— second-wait number
— damping boolean
— default-label-preference
— ebgp number
— ibgp number
— default-preference
— ebgp number
— ibgp number
— description description
— dynamic-neighbor
— interface reference
— allowed-peer-as string
— apply-groups reference
— apply-groups-exclude reference
— max-sessions number
— match
— prefix (ipv4-prefix | ipv6-prefix)
— allowed-peer-as string
— apply-groups reference
— apply-groups-exclude reference
— dynamic-neighbor-limit number
— ebgp-default-reject-policy
— export boolean
— import boolean
— enforce-first-as boolean
— error-handling
— update-fault-tolerance boolean
— evpn-link-bandwidth
— add-to-received-bgp number
— export
— apply-groups reference
— apply-groups-exclude reference
— policy (policy-expr-string | string)
— extended-nh-encoding
— ipv4 boolean
— family
— flow-ipv6 boolean
— ipv4 boolean
— ipv6 boolean
— label-ipv4 boolean
— mcast-ipv4 boolean
— mcast-ipv6 boolean
— fast-external-failover boolean
— graceful-restart
— gr-notification boolean
— long-lived
— advertise-stale-to-all-neighbors boolean
— advertised-stale-time number
— family keyword
— advertised-stale-time number
— apply-groups reference
— apply-groups-exclude reference
— helper-override-stale-time number
— forwarding-bits-set keyword
— helper-override-restart-time number
— helper-override-stale-time number
— without-no-export boolean
— restart-time number
— stale-routes-time number
— hold-time
— minimum-hold-time number
— seconds number
— import
— apply-groups reference
— apply-groups-exclude reference
— policy (policy-expr-string | string)
— initial-send-delay-zero boolean
— keepalive number
— label-preference number
— link-bandwidth
— accept-from-ebgp
— ipv4 boolean
— ipv6 boolean
— label-ipv4 boolean
— add-to-received-ebgp
— ipv4 boolean
— ipv6 boolean
— label-ipv4 boolean
— aggregate-used-paths
— ipv4 boolean
— ipv6 boolean
— label-ipv4 boolean
— send-to-ebgp
— ipv4 boolean
— ipv6 boolean
— label-ipv4 boolean
— local-address (ipv4-address-no-zone | ipv6-address-no-zone | interface-name)
— local-as
— as-number number
— prepend-global-as boolean
— private boolean
— local-preference number
— loop-detect keyword
— loop-detect-threshold number
— med-out (number | keyword)
— min-route-advertisement number
— multihop number
— multipath-eligible boolean
— next-hop-self boolean
— origin-validation
— ipv4 boolean
— ipv6 boolean
— label-ipv4 boolean
— passive boolean
— path-mtu-discovery boolean
— peer-as number
— peer-ip-tracking boolean
— preference number
— prefix-limit keyword
— apply-groups reference
— apply-groups-exclude reference
— hold-excess number
— idle-timeout number
— log-only boolean
— maximum number
— post-import boolean
— threshold number
— remove-private
— limited boolean
— replace boolean
— skip-peer-as boolean
— send-communities
— extended boolean
— large boolean
— standard boolean
— send-default
— export-policy reference
— ipv4 boolean
— ipv6 boolean
— split-horizon boolean
— static-group boolean
— tcp-mss (number | keyword)
— third-party-nexthop boolean
— ttl-security number
— type keyword
— hold-time
— minimum-hold-time number
— seconds number
— ibgp-multipath boolean
— import
— apply-groups reference
— apply-groups-exclude reference
— policy (policy-expr-string | string)
— initial-send-delay-zero boolean
— keepalive number
— label-preference number
— local-as
— as-number number
— prepend-global-as boolean
— private boolean
— local-preference number
— loop-detect keyword
— loop-detect-threshold number
— med-out (number | keyword)
— min-route-advertisement number
— multihop number
— multipath
— ebgp number
— family keyword
— apply-groups reference
— apply-groups-exclude reference
— ebgp number
— ibgp number
— max-paths number
— restrict keyword
— unequal-cost boolean
— ibgp number
— max-paths number
— restrict keyword
— unequal-cost boolean
— neighbor (ipv4-address-with-zone | ipv6-address-with-zone)
— admin-state keyword
— advertise-inactive boolean
— advertise-ipv6-next-hops
— ipv4 boolean
— aggregator-id-zero boolean
— apply-groups reference
— apply-groups-exclude reference
— as-override boolean
— asn-4-byte boolean
— authentication-key encrypted-leaf
— authentication-keychain reference
— bfd-liveness boolean
— bfd-strict-mode
— advertise
— holdtime number
— next-hop-reachability boolean
— capability-negotiation boolean
— client-reflect boolean
— cluster
— cluster-id ipv4-address
— connect-retry number
— damp-peer-oscillations
— error-interval number
— idle-hold-time
— initial-wait number
— max-wait number
— second-wait number
— damping boolean
— default-label-preference
— ebgp number
— ibgp number
— default-preference
— ebgp number
— ibgp number
— description description
— ebgp-default-reject-policy
— export boolean
— import boolean
— enforce-first-as boolean
— error-handling
— update-fault-tolerance boolean
— evpn-link-bandwidth
— add-to-received-bgp number
— export
— apply-groups reference
— apply-groups-exclude reference
— policy (policy-expr-string | string)
— extended-nh-encoding
— ipv4 boolean
— family
— flow-ipv6 boolean
— ipv4 boolean
— ipv6 boolean
— label-ipv4 boolean
— mcast-ipv4 boolean
— mcast-ipv6 boolean
— fast-external-failover boolean
— graceful-restart
— gr-notification boolean
— long-lived
— advertise-stale-to-all-neighbors boolean
— advertised-stale-time number
— family keyword
— advertised-stale-time number
— apply-groups reference
— apply-groups-exclude reference
— helper-override-stale-time number
— forwarding-bits-set keyword
— helper-override-restart-time number
— helper-override-stale-time number
— without-no-export boolean
— restart-time number
— stale-routes-time number
— group reference
— hold-time
— minimum-hold-time number
— seconds number
— import
— apply-groups reference
— apply-groups-exclude reference
— policy (policy-expr-string | string)
— initial-send-delay-zero boolean
— keepalive number
— label-preference number
— link-bandwidth
— accept-from-ebgp
— ipv4 boolean
— ipv6 boolean
— label-ipv4 boolean
— add-to-received-ebgp
— ipv4 boolean
— ipv6 boolean
— label-ipv4 boolean
— aggregate-used-paths
— ipv4 boolean
— ipv6 boolean
— label-ipv4 boolean
— send-to-ebgp
— ipv4 boolean
— ipv6 boolean
— label-ipv4 boolean
— local-address (ipv4-address-no-zone | ipv6-address-no-zone | interface-name)
— local-as
— as-number number
— prepend-global-as boolean
— private boolean
— local-preference number
— loop-detect keyword
— loop-detect-threshold number
— med-out (number | keyword)
— min-route-advertisement number
— multihop number
— multipath-eligible boolean
— next-hop-self boolean
— origin-validation
— ipv4 boolean
— ipv6 boolean
— label-ipv4 boolean
— passive boolean
— path-mtu-discovery boolean
— peer-as number
— peer-creation-type keyword
— peer-ip-tracking boolean
— preference number
— prefix-limit keyword
— apply-groups reference
— apply-groups-exclude reference
— hold-excess number
— idle-timeout number
— log-only boolean
— maximum number
— post-import boolean
— threshold number
— remove-private
— limited boolean
— replace boolean
— skip-peer-as boolean
— send-communities
— extended boolean
— large boolean
— standard boolean
— send-default
— export-policy reference
— ipv4 boolean
— ipv6 boolean
— split-horizon boolean
— tcp-mss (number | keyword)
— third-party-nexthop boolean
— ttl-security number
— type keyword
— next-hop-resolution
— policy reference
— use-bgp-routes boolean
— use-leaked-routes
— static boolean
— path-mtu-discovery boolean
— peer-ip-tracking boolean
— peer-tracking-policy reference
— preference number
— rapid-withdrawal boolean
— remove-private
— limited boolean
— replace boolean
— skip-peer-as boolean
— rib-management
— ipv4
— leak-import
— apply-groups reference
— apply-groups-exclude reference
— policy (policy-expr-string | string)
— route-table-import
— apply-groups reference
— apply-groups-exclude reference
— policy-name reference
— ipv6
— leak-import
— apply-groups reference
— apply-groups-exclude reference
— policy (policy-expr-string | string)
— route-table-import
— apply-groups reference
— apply-groups-exclude reference
— policy-name reference
— label-ipv4
— leak-import
— apply-groups reference
— apply-groups-exclude reference
— policy (policy-expr-string | string)
— route-table-import
— apply-groups reference
— apply-groups-exclude reference
— policy-name reference
— label-ipv6
— leak-import
— apply-groups reference
— apply-groups-exclude reference
— policy (policy-expr-string | string)
— router-id ipv4-address
— send-communities
— extended boolean
— large boolean
— standard boolean
— send-default
— export-policy reference
— ipv4 boolean
— ipv6 boolean
— split-horizon boolean
— tcp-mss number
— third-party-nexthop boolean
— bgp-evpn
— mpls number
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— auto-bind-tunnel
— allow-flex-algo-fallback boolean
— ecmp number
— enforce-strict-tunnel-tagging boolean
— enforce-untagged-route keyword
— resolution keyword
— resolution-filter
— bgp boolean
— ldp boolean
— rsvp boolean
— sr-isis boolean
— sr-ospf boolean
— sr-ospf3 boolean
— sr-policy boolean
— sr-te boolean
— default-route-tag one-byte-value
— domain-id domain-id
— dynamic-egress-label-limit boolean
— evi number
— evpn-link-bandwidth
— advertise
— max-dynamic-weight number
— weight (number | keyword)
— weighted-ecmp boolean
— route-distinguisher (string | keyword)
— send-tunnel-encap
— mpls boolean
— vrf-export
— apply-groups reference
— apply-groups-exclude reference
— policy (policy-expr-string | string)
— vrf-import
— apply-groups reference
— apply-groups-exclude reference
— policy (policy-expr-string | string)
— vrf-target
— community route-target
— export-community route-target
— import-community route-target
— bgp-ipvpn
— attribute-set
— export boolean
— import keyword
— mpls
— admin-state keyword
— auto-bind-tunnel
— allow-flex-algo-fallback boolean
— apply-groups reference
— apply-groups-exclude reference
— ecmp number
— enforce-strict-tunnel-tagging boolean
— enforce-untagged-route keyword
— resolution keyword
— resolution-filter
— bgp boolean
— gre boolean
— ldp boolean
— rsvp boolean
— sr-isis boolean
— sr-ospf boolean
— sr-ospf3 boolean
— sr-policy boolean
— sr-te boolean
— static-blackhole-first boolean
— weighted-ecmp boolean
— domain-id domain-id
— dynamic-egress-label-limit boolean
— route-distinguisher (string | keyword)
— vrf-export
— apply-groups reference
— apply-groups-exclude reference
— policy (policy-expr-string | string)
— vrf-import
— apply-groups reference
— apply-groups-exclude reference
— policy (policy-expr-string | string)
— vrf-target
— community route-target
— export-community route-target
— import-community route-target
— bgp-shared-queue
— cir (number | keyword)
— pir (number | keyword)
— bgp-vpn-backup
— ipv4 boolean
— ipv6 boolean
— carrier-carrier-vpn boolean
— confederation
— confed-as-num number
— members number
— customer reference
— d-path-length-ignore boolean
— description description
— dhcp-server
— apply-groups reference
— apply-groups-exclude reference
— dhcpv4 named-item
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— description description
— failover
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— ignore-mclt-on-takeover boolean
— maximum-client-lead-time number
— partner-down-delay number
— peer reference
— apply-groups reference
— apply-groups-exclude reference
— sync-tag named-item
— startup-wait-time number
— force-renews boolean
— lease-hold
— additional-scenarios
— internal-lease-ipsec boolean
— solicited-release boolean
— time number
— pool named-item
— apply-groups reference
— apply-groups-exclude reference
— description description
— failover
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— ignore-mclt-on-takeover boolean
— maximum-client-lead-time number
— partner-down-delay number
— peer reference
— apply-groups reference
— apply-groups-exclude reference
— sync-tag named-item
— startup-wait-time number
— max-lease-time number
— min-lease-time number
— minimum-free
— absolute number
— event-when-depleted boolean
— percent number
— nak-non-matching-subnet boolean
— offer-time number
— options
— option (number | keyword)
— apply-groups reference
— apply-groups-exclude reference
— ascii-string string-not-all-spaces
— duration number
— empty
— hex-string hex-string
— ipv4-address ipv4-address
— netbios-node-type keyword
— subnet ipv4-unicast-prefix
— address-range ipv4-unicast-address end ipv4-unicast-address
— apply-groups reference
— apply-groups-exclude reference
— failover-control-type keyword
— apply-groups reference
— apply-groups-exclude reference
— drain boolean
— exclude-addresses ipv4-unicast-address end ipv4-unicast-address
— maximum-declined number
— minimum-free
— absolute number
— event-when-depleted boolean
— percent number
— options
— option (number | keyword)
— apply-groups reference
— apply-groups-exclude reference
— ascii-string string-not-all-spaces
— duration number
— empty
— hex-string hex-string
— ipv4-address ipv4-address
— netbios-node-type keyword
— pool-selection
— use-gi-address
— scope keyword
— use-pool-from-client
— delimiter string-not-all-spaces
— user-db reference
— user-identification keyword
— dhcpv6 named-item
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— auto-provisioned boolean
— defaults
— apply-groups reference
— apply-groups-exclude reference
— options
— option (number | keyword)
— apply-groups reference
— apply-groups-exclude reference
— ascii-string string-not-all-spaces
— domain-string string
— duration number
— empty
— hex-string hex-string
— ipv6-address ipv6-address
— preferred-lifetime number
— rebind-time number
— renew-time number
— valid-lifetime number
— description description
— failover
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— ignore-mclt-on-takeover boolean
— maximum-client-lead-time number
— partner-down-delay number
— peer reference
— apply-groups reference
— apply-groups-exclude reference
— sync-tag named-item
— startup-wait-time number
— ignore-rapid-commit boolean
— interface-id-mapping boolean
— lease-hold
— additional-scenarios
— internal-lease-ipsec boolean
— solicited-release boolean
— time number
— lease-query boolean
— pool named-item
— apply-groups reference
— apply-groups-exclude reference
— delegated-prefix
— length number
— maximum number
— minimum number
— description description
— exclude-prefix ipv6-prefix
— failover
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— ignore-mclt-on-takeover boolean
— maximum-client-lead-time number
— partner-down-delay number
— peer reference
— apply-groups reference
— apply-groups-exclude reference
— sync-tag named-item
— startup-wait-time number
— options
— option (number | keyword)
— apply-groups reference
— apply-groups-exclude reference
— ascii-string string-not-all-spaces
— domain-string string
— duration number
— empty
— hex-string hex-string
— ipv6-address ipv6-address
— prefix ipv6-prefix
— apply-groups reference
— apply-groups-exclude reference
— drain boolean
— failover-control-type keyword
— options
— option (number | keyword)
— apply-groups reference
— apply-groups-exclude reference
— ascii-string string-not-all-spaces
— domain-string string
— duration number
— empty
— hex-string hex-string
— ipv6-address ipv6-address
— preferred-lifetime number
— prefix-length-threshold number
— absolute number
— apply-groups reference
— apply-groups-exclude reference
— event-when-depleted boolean
— percent number
— prefix-type
— pd boolean
— wan-host boolean
— rebind-time number
— renew-time number
— valid-lifetime number
— prefix-length-threshold number
— apply-groups reference
— apply-groups-exclude reference
— event-when-depleted boolean
— minimum-free-percent number
— pool-selection
— use-link-address
— scope keyword
— use-pool-from-client
— delimiter string-not-all-spaces
— server-id
— apply-groups reference
— apply-groups-exclude reference
— duid-enterprise
— ascii-string string-not-all-spaces
— hex-string hex-string
— duid-link-local
— user-db reference
— user-identification keyword
— dns
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— default-domain fully-qualified-domain-name
— ipv4-source-address (keyword | ipv4-unicast-address)
— ipv6-source-address (keyword | ipv6-unicast-address)
— server (ipv4-address-no-zone | ipv6-address-no-zone)
— ecmp number
— ecmp-unequal-cost boolean
— export-inactive-bgp boolean
— export-inactive-bgp-enhanced boolean
— fib-priority keyword
— grt-leaking
— allow-local-management boolean
— apply-groups reference
— apply-groups-exclude reference
— export-grt
— policy-name (policy-expr-string | string)
— export-limit number
— export-v6-limit number
— grt-lookup boolean
— import-grt
— policy-name (policy-expr-string | string)
— hash-label boolean
— igmp
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— group-if-query-source-address ipv4-unicast-address
— interface interface-name
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— import-policy reference
— maximum-number-group-sources number
— maximum-number-groups number
— maximum-number-sources number
— query-interval number
— query-last-member-interval number
— query-response-interval number
— redundant-mcast boolean
— router-alert-check boolean
— ssm-translate
— group-range start ipv4-multicast-address end ipv4-multicast-address
— apply-groups reference
— apply-groups-exclude reference
— source ipv4-unicast-address
— static
— group ipv4-multicast-address
— apply-groups reference
— apply-groups-exclude reference
— source ipv4-unicast-address
— starg
— group-range start ipv4-multicast-address end ipv4-multicast-address step ipv4-address
— apply-groups reference
— apply-groups-exclude reference
— source ipv4-unicast-address
— starg
— subnet-check boolean
— version keyword
— query-interval number
— query-last-member-interval number
— query-response-interval number
— robust-count number
— ssm-translate
— group-range start ipv4-multicast-address end ipv4-multicast-address
— apply-groups reference
— apply-groups-exclude reference
— source ipv4-unicast-address
— ignore-nh-metric boolean
— interface interface-name
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— description very-long-description
— dynamic-tunnel-redundant-nexthop ipv4-unicast-address
— hold-time
— ipv4
— down
— init-only boolean
— seconds number
— up
— seconds number
— ipv6
— down
— init-only boolean
— seconds number
— up
— seconds number
— if-attribute
— admin-group reference
— srlg-group reference
— ingress
— ip-mtu number
— ip-tunnel-interface boolean
— ipsec
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— ip-exception reference
— ipsec-tunnel named-item
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— bfd
— bfd-designate boolean
— bfd-liveness
— dest-ip ipv4-unicast-address
— interface interface-name
— service-name service-name
— clear-df-bit boolean
— copy-traffic-class-upon-decapsulation boolean
— description description
— encapsulated-ip-mtu number
— icmp-generation
— frag-required
— admin-state keyword
— interval number
— message-count number
— icmp6-generation
— packet-too-big
— admin-state keyword
— interval number
— message-count number
— ip-mtu number
— key-exchange
— dynamic
— auto-establish boolean
— cert
— cert-profile reference
— status-verify
— default-result keyword
— primary keyword
— secondary keyword
— trust-anchor-profile reference
— id
— fqdn fully-qualified-domain-name
— ipv4 ipv4-unicast-address
— ipv6 (ipv4-address-no-zone | ipv6-address-no-zone)
— ike-policy reference
— ipsec-transform reference
— ppk
— id reference
— list reference
— pre-shared-key encrypted-leaf
— manual
— keys number direction keyword
— apply-groups reference
— apply-groups-exclude reference
— authentication-key hex-string
— encryption-key hex-string
— ipsec-transform reference
— spi number
— local-gateway-address-override (ipv4-address-no-zone | ipv6-address-no-zone)
— max-history-key-records
— esp number
— ike number
— pmtu-discovery-aging number
— private-sap number
— private-service service-name
— private-tcp-mss-adjust number
— propagate-pmtu-v4 boolean
— propagate-pmtu-v6 boolean
— public-tcp-mss-adjust (number | keyword)
— remote-gateway-address (ipv4-address-no-zone | ipv6-address-no-zone)
— replay-window number
— security-policy
— id number
— strict-match boolean
— ipv6-exception reference
— public-sap number
— tunnel-group reference
— ipv4
— addresses
— address ipv4-unicast-address
— apply-groups reference
— apply-groups-exclude reference
— prefix-length number
— allow-directed-broadcasts boolean
— bfd
— admin-state keyword
— echo-receive number
— multiplier number
— receive number
— transmit-interval number
— dhcp
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— description description
— gi-address ipv4-unicast-address
— lease-populate
— max-leases number
— option-82
— action keyword
— circuit-id
— ascii-tuple
— ifindex
— none
— sap-id
— vlan-ascii-tuple
— remote-id
— ascii-string string-not-all-spaces
— mac
— none
— vendor-specific-option
— client-mac-address boolean
— pool-name boolean
— sap-id boolean
— service-id boolean
— string string-not-all-spaces
— system-id boolean
— proxy-server
— admin-state keyword
— emulated-server ipv4-unicast-address
— lease-time
— radius-override boolean
— value number
— relay-plain-bootp boolean
— relay-proxy
— release-update-src-ip boolean
— siaddr-override ipv4-unicast-address
— server ipv4-unicast-address
— src-ip-addr keyword
— trusted boolean
— use-arp boolean
— icmp
— mask-reply boolean
— param-problem
— admin-state keyword
— number number
— seconds number
— redirects
— admin-state keyword
— number number
— seconds number
— ttl-expired
— admin-state keyword
— number number
— seconds number
— unreachables
— admin-state keyword
— number number
— seconds number
— ip-helper-address ipv4-unicast-address
— local-dhcp-server reference
— neighbor-discovery
— host-route
— populate keyword
— apply-groups reference
— apply-groups-exclude reference
— route-tag number
— learn-unsolicited boolean
— limit
— log-only boolean
— max-entries number
— threshold number
— local-proxy-arp boolean
— populate boolean
— proactive-refresh boolean
— proxy-arp-policy reference
— remote-proxy-arp boolean
— retry-timer number
— static-neighbor ipv4-address
— apply-groups reference
— apply-groups-exclude reference
— mac-address mac-address
— static-neighbor-unnumbered
— mac-address mac-address
— timeout number
— primary
— address ipv4-unicast-address
— apply-groups reference
— apply-groups-exclude reference
— broadcast keyword
— prefix-length number
— secondary ipv4-unicast-address
— apply-groups reference
— apply-groups-exclude reference
— broadcast keyword
— igp-inhibit boolean
— prefix-length number
— tcp-mss number
— unnumbered
— ip-address ipv4-unicast-address
— ip-int-name interface-name
— urpf-check
— ignore-default boolean
— mode keyword
— vrrp number
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— authentication-key encrypted-leaf
— backup ipv4-unicast-address
— bfd-liveness
— apply-groups reference
— apply-groups-exclude reference
— dest-ip ipv4-address
— interface-name interface-name
— service-name service-name
— init-delay number
— mac mac-unicast-address
— master-int-inherit boolean
— message-interval number
— monitor-oper-group reference
— ntp-reply boolean
— oper-group reference
— owner boolean
— passive boolean
— ping-reply boolean
— policy reference
— preempt boolean
— priority number
— ssh-reply boolean
— standby-forwarding boolean
— telnet-reply boolean
— traceroute-reply boolean
— ipv6
— address ipv6-address
— apply-groups reference
— apply-groups-exclude reference
— duplicate-address-detection boolean
— eui-64 boolean
— prefix-length number
— primary-preference number
— bfd
— admin-state keyword
— echo-receive number
— multiplier number
— receive number
— transmit-interval number
— dhcp6
— apply-groups reference
— apply-groups-exclude reference
— relay
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— description description
— lease-populate
— max-nbr-of-leases number
— route-populate
— na boolean
— pd
— exclude boolean
— ta boolean
— option
— apply-groups reference
— apply-groups-exclude reference
— interface-id
— ascii-tuple
— if-index
— sap-id
— string string-not-all-spaces
— remote-id boolean
— server ipv6-address-with-zone
— source-address ipv6-unicast-or-linklocal-address
— duplicate-address-detection boolean
— forward-ipv4-packets boolean
— icmp6
— packet-too-big
— admin-state keyword
— number number
— seconds number
— param-problem
— admin-state keyword
— number number
— seconds number
— redirects
— admin-state keyword
— number number
— seconds number
— time-exceeded
— admin-state keyword
— number number
— seconds number
— unreachables
— admin-state keyword
— number number
— seconds number
— link-local-address
— address ipv6-address
— duplicate-address-detection boolean
— local-dhcp-server reference
— neighbor-discovery
— host-route
— populate keyword
— apply-groups reference
— apply-groups-exclude reference
— route-tag number
— learn-unsolicited keyword
— limit
— log-only boolean
— max-entries number
— threshold number
— local-proxy-nd boolean
— proactive-refresh keyword
— proxy-nd-policy reference
— reachable-time number
— secure-nd
— admin-state keyword
— allow-unsecured-msgs boolean
— public-key-min-bits number
— security-parameter number
— stale-time number
— static-neighbor ipv6-address
— apply-groups reference
— apply-groups-exclude reference
— mac-address mac-address
— tcp-mss number
— urpf-check
— ignore-default boolean
— mode keyword
— vrrp number
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— backup ipv6-address
— bfd-liveness
— apply-groups reference
— apply-groups-exclude reference
— dest-ip (ipv4-address-no-zone | ipv6-address-no-zone)
— interface-name interface-name
— service-name service-name
— init-delay number
— mac mac-unicast-address
— master-int-inherit boolean
— message-interval number
— monitor-oper-group reference
— ntp-reply boolean
— oper-group reference
— owner boolean
— passive boolean
— ping-reply boolean
— policy reference
— preempt boolean
— priority number
— standby-forwarding boolean
— telnet-reply boolean
— traceroute-reply boolean
— load-balancing
— ip-load-balancing keyword
— loopback boolean
— mac mac-unicast-address
— mac-accounting boolean
— monitor-oper-group reference
— multi-chassis-shunting-profile reference
— sap sap
— accounting-policy reference
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— bandwidth number
— collect-stats boolean
— description long-description
— dist-cpu-protection reference
— egress
— agg-rate
— queue-frame-based-accounting boolean
— rate number
— filter
— ip reference
— ipv6 reference
— qos
— policer-control-policy
— overrides
— apply-groups reference
— apply-groups-exclude reference
— root
— max-rate (number | keyword)
— priority-mbs-thresholds
— min-thresh-separation (number | keyword)
— priority number
— apply-groups reference
— apply-groups-exclude reference
— mbs-contribution (number | keyword)
— policy-name reference
— qinq-mark-top-only boolean
— sap-egress
— overrides
— queue reference
— adaptation-rule
— cir keyword
— pir keyword
— apply-groups reference
— apply-groups-exclude reference
— avg-frame-overhead decimal-number
— burst-limit (number | keyword)
— cbs (number | keyword)
— drop-tail
— low
— percent-reduction-from-mbs (number | keyword)
— mbs (number | keyword)
— parent
— cir-weight number
— weight number
— percent-rate
— cir decimal-number
— pir decimal-number
— rate
— cir (number | keyword)
— pir (number | keyword)
— policy-name reference
— port-redirect-group
— group-name reference
— instance number
— scheduler-policy
— overrides
— scheduler named-item
— apply-groups reference
— apply-groups-exclude reference
— parent
— cir-weight number
— weight number
— rate
— cir (number | keyword)
— pir (number | keyword)
— policy-name reference
— ingress
— filter
— ip reference
— ipv6 reference
— qos
— match-qinq-dot1p keyword
— policer-control-policy
— overrides
— apply-groups reference
— apply-groups-exclude reference
— root
— max-rate (number | keyword)
— priority-mbs-thresholds
— min-thresh-separation (number | keyword)
— priority number
— apply-groups reference
— apply-groups-exclude reference
— mbs-contribution (number | keyword)
— policy-name reference
— sap-ingress
— fp-redirect-group
— group-name reference
— instance number
— overrides
— policer reference
— apply-groups reference
— apply-groups-exclude reference
— cbs (number | keyword)
— mbs (number | keyword)
— packet-byte-offset number
— percent-rate
— cir decimal-number
— pir decimal-number
— rate
— cir (number | keyword)
— pir (number | keyword)
— stat-mode keyword
— queue reference
— adaptation-rule
— cir keyword
— pir keyword
— apply-groups reference
— apply-groups-exclude reference
— cbs (number | keyword)
— drop-tail
— low
— percent-reduction-from-mbs (number | keyword)
— mbs (number | keyword)
— parent
— cir-weight number
— weight number
— percent-rate
— cir decimal-number
— pir decimal-number
— rate
— cir (number | keyword)
— pir (number | keyword)
— policy-name reference
— scheduler-policy
— overrides
— scheduler named-item
— apply-groups reference
— apply-groups-exclude reference
— parent
— cir-weight number
— weight number
— rate
— cir (number | keyword)
— pir (number | keyword)
— policy-name reference
— ip-tunnel interface-name
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— backup-remote-ip-address (ipv4-address-no-zone | ipv6-address-no-zone)
— clear-df-bit boolean
— delivery-service service-name
— description description
— dest-ip (ipv4-address-no-zone | ipv6-address-no-zone)
— dscp keyword
— encapsulated-ip-mtu number
— gre-header
— admin-state keyword
— key
— admin-state keyword
— receive number
— send number
— icmp-generation
— frag-required
— admin-state keyword
— interval number
— message-count number
— icmp6-generation
— packet-too-big
— admin-state keyword
— number number
— seconds number
— ip-mtu number
— ipsec-transport-mode-profile reference
— local-ip-address (ipv4-address-no-zone | ipv6-address-no-zone)
— pmtu-discovery-aging number
— private-tcp-mss-adjust number
— propagate-pmtu-v4 boolean
— propagate-pmtu-v6 boolean
— public-tcp-mss-adjust (number | keyword)
— reassembly (number | keyword)
— remote-ip-address (ipv4-address-no-zone | ipv6-address-no-zone)
— ipsec-gateway named-item
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— cert
— cert-profile reference
— status-verify
— default-result keyword
— primary keyword
— secondary keyword
— trust-anchor-profile reference
— client-db
— fallback boolean
— name reference
— default-secure-service
— interface interface-name
— service-name service-name
— default-tunnel-template reference
— dhcp-address-assignment
— dhcpv4
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— gi-address ipv4-unicast-address
— send-release boolean
— server
— address ipv4-unicast-address
— router-instance router-instance-base-vprn-loose
— dhcpv6
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— link-address ipv6-unicast-address
— send-release boolean
— server
— address ipv6-unicast-address
— router-instance router-instance-base-vprn-loose
— ike-policy reference
— local
— address-assignment
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— ipv4
— dhcp-server named-item
— pool named-item
— router-instance router-instance-base-vprn-loose
— secondary-pool named-item
— ipv6
— dhcp-server named-item
— pool named-item
— router-instance router-instance-base-vprn-loose
— gateway-address (ipv4-address-no-zone | ipv6-address-no-zone)
— id
— auto
— fqdn fully-qualified-domain-name
— ipv4 ipv4-unicast-address
— ipv6 (ipv4-address-no-zone | ipv6-address-no-zone)
— max-history-key-records
— esp number
— ike number
— pre-shared-key encrypted-leaf
— radius
— accounting-policy reference
— authentication-policy reference
— ts-list reference
— ipsec-tunnel named-item
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— bfd
— bfd-designate boolean
— bfd-liveness
— dest-ip ipv4-unicast-address
— interface interface-name
— service-name service-name
— clear-df-bit boolean
— copy-traffic-class-upon-decapsulation boolean
— description description
— dest-ip (ipv4-address-no-zone | ipv6-address-no-zone)
— encapsulated-ip-mtu number
— icmp-generation
— frag-required
— admin-state keyword
— interval number
— message-count number
— icmp6-generation
— packet-too-big
— admin-state keyword
— interval number
— message-count number
— ip-mtu number
— key-exchange
— dynamic
— auto-establish boolean
— cert
— cert-profile reference
— status-verify
— default-result keyword
— primary keyword
— secondary keyword
— trust-anchor-profile reference
— id
— fqdn fully-qualified-domain-name
— ipv4 ipv4-unicast-address
— ipv6 (ipv4-address-no-zone | ipv6-address-no-zone)
— ike-policy reference
— ipsec-transform reference
— ppk
— id reference
— list reference
— pre-shared-key encrypted-leaf
— manual
— keys number direction keyword
— apply-groups reference
— apply-groups-exclude reference
— authentication-key hex-string
— encryption-key hex-string
— ipsec-transform reference
— spi number
— max-history-key-records
— esp number
— ike number
— pmtu-discovery-aging number
— private-tcp-mss-adjust number
— propagate-pmtu-v4 boolean
— propagate-pmtu-v6 boolean
— public-tcp-mss-adjust (number | keyword)
— replay-window number
— security-policy
— id reference
— strict-match boolean
— tunnel-endpoint
— delivery-service service-name
— local-gateway-address (ipv4-address-no-zone | ipv6-address-no-zone)
— remote-ip-address (ipv4-address-no-zone | ipv6-address-no-zone)
— lag
— multi-service-site reference
— spoke-sdp sdp-bind-id
— accounting-policy reference
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— collect-stats boolean
— description description
— egress
— filter
— ip reference
— ipv6 reference
— qos
— network
— policy-name reference
— port-redirect-group
— group-name reference
— instance number
— vc-label number
— hash-label
— signal-capability
— ingress
— filter
— ip reference
— ipv6 reference
— qos
— network
— fp-redirect-group
— group-name reference
— instance number
— policy-name reference
— vc-label number
— vc-type keyword
— static-tunnel-redundant-nexthop ipv4-unicast-address
— tos-marking-state keyword
— tunnel boolean
— vpls named-item-64
— apply-groups reference
— apply-groups-exclude reference
— egress
— reclassify-using-qos reference
— routed-override-filter
— ip reference
— ipv6 reference
— evpn
— arp
— advertise keyword
— apply-groups reference
— apply-groups-exclude reference
— interface-less-routing
— bgp-evpn-instance number
— route-tag number
— flood-garp-and-unknown-req boolean
— learn-dynamic boolean
— nd
— advertise keyword
— apply-groups reference
— apply-groups-exclude reference
— interface-less-routing
— bgp-evpn-instance number
— route-tag number
— learn-dynamic boolean
— evpn-tunnel
— allow-bfd boolean
— ipv6-gateway-address keyword
— supplementary-broadcast-domain boolean
— ingress
— routed-override-filter
— ip reference
— ipv6 reference
— ip-mirror-interface interface-name
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— description very-long-description
— spoke-sdp sdp-bind-id
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— description description
— ingress
— filter
— ip reference
— vc-label number
— ipsec
— allow-reverse-route-override-type keyword
— multi-chassis-shunt-interface reference
— apply-groups reference
— apply-groups-exclude reference
— next-hop
— address (ipv4-address-no-zone | ipv6-address-no-zone)
— multi-chassis-shunting-profile named-item
— apply-groups reference
— apply-groups-exclude reference
— peer reference
— apply-groups reference
— apply-groups-exclude reference
— multi-chassis-shunt-interface reference
— overlapping-reverse-route boolean
— security-policy number
— apply-groups reference
— apply-groups-exclude reference
— entry number
— apply-groups reference
— apply-groups-exclude reference
— local-ip
— address ipv4-prefix
— any boolean
— local-ipv6
— address ipv6-prefix
— any boolean
— remote-ip
— address ipv4-prefix
— any boolean
— remote-ipv6
— address ipv6-prefix
— any boolean
— ipv6
— neighbor-discovery
— reachable-time number
— stale-time number
— router-advertisement
— apply-groups reference
— apply-groups-exclude reference
— dns-options
— apply-groups reference
— apply-groups-exclude reference
— rdnss-lifetime (keyword | number)
— server ipv6-address
— interface reference
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— current-hop-limit number
— dns-options
— apply-groups reference
— apply-groups-exclude reference
— include-rdnss boolean
— rdnss-lifetime (number | keyword)
— server ipv6-address
— managed-configuration boolean
— max-advertisement-interval number
— min-advertisement-interval number
— mtu number
— nd-router-preference keyword
— other-stateful-configuration boolean
— prefix ipv6-prefix
— apply-groups reference
— apply-groups-exclude reference
— autonomous boolean
— on-link boolean
— preferred-lifetime (keyword | number)
— valid-lifetime (keyword | number)
— reachable-time number
— retransmit-time number
— router-lifetime number
— use-virtual-mac boolean
— isis number
— admin-state keyword
— advertise-passive-only boolean
— advertise-router-capability keyword
— all-l1isis mac-address
— all-l2isis mac-address
— apply-groups reference
— apply-groups-exclude reference
— area-address area-address
— authentication-check boolean
— authentication-key encrypted-leaf
— authentication-keychain reference
— authentication-type keyword
— csnp-authentication boolean
— csnp-on-p2p boolean
— default-route-tag number
— export-limit
— log-percent number
— number number
— export-policy reference
— graceful-restart
— helper-mode boolean
— hello-authentication boolean
— hello-padding keyword
— ignore-attached-bit boolean
— ignore-lsp-errors boolean
— ignore-narrow-metric boolean
— iid-tlv boolean
— import-policy reference
— interface interface-name
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— bfd-liveness
— ipv4
— include-bfd-tlv boolean
— ipv6
— include-bfd-tlv boolean
— csnp-interval number
— default-instance boolean
— hello-authentication boolean
— hello-authentication-key encrypted-leaf
— hello-authentication-keychain reference
— hello-authentication-type keyword
— hello-padding keyword
— interface-type keyword
— ipv4-multicast boolean
— ipv6-unicast boolean
— level keyword
— apply-groups reference
— apply-groups-exclude reference
— hello-authentication-key encrypted-leaf
— hello-authentication-keychain reference
— hello-authentication-type keyword
— hello-interval number
— hello-multiplier number
— hello-padding keyword
— ipv4-multicast-metric number
— ipv6-unicast-metric number
— metric number
— passive boolean
— priority number
— sd-offset number
— sf-offset number
— level-capability keyword
— load-balancing-weight number
— loopfree-alternate
— exclude boolean
— policy-map
— route-nh-template reference
— lsp-pacing-interval number
— mesh-group
— blocked
— value number
— passive boolean
— retransmit-interval number
— tag number
— ipv4-multicast-routing keyword
— ipv4-routing boolean
— ipv6-routing keyword
— level keyword
— advertise-router-capability boolean
— apply-groups reference
— apply-groups-exclude reference
— authentication-key encrypted-leaf
— authentication-keychain reference
— authentication-type keyword
— csnp-authentication boolean
— default-ipv4-multicast-metric number
— default-ipv6-unicast-metric number
— default-metric number
— external-preference number
— hello-authentication boolean
— hello-padding keyword
— loopfree-alternate-exclude boolean
— lsp-mtu-size number
— preference number
— psnp-authentication boolean
— wide-metrics-only boolean
— level-capability keyword
— link-group named-item
— apply-groups reference
— apply-groups-exclude reference
— description very-long-description
— level keyword
— apply-groups reference
— apply-groups-exclude reference
— ipv4-multicast-metric-offset number
— ipv4-unicast-metric-offset number
— ipv6-unicast-metric-offset number
— member reference
— oper-members number
— revert-members number
— loopfree-alternate
— exclude
— prefix-policy reference
— lsp-lifetime number
— lsp-minimum-remaining-lifetime number
— lsp-mtu-size number
— lsp-refresh
— half-lifetime boolean
— interval number
— multi-topology
— ipv4-multicast boolean
— ipv6-unicast boolean
— multicast-import
— ipv4 boolean
— overload
— max-metric boolean
— overload-export-external boolean
— overload-export-interlevel boolean
— overload-fib-error-notify-only
— retry number
— overload-on-boot
— max-metric boolean
— timeout number
— poi-tlv boolean
— prefix-attributes-tlv boolean
— prefix-limit
— limit number
— log-only boolean
— overload-timeout (number | keyword)
— warning-threshold number
— psnp-authentication boolean
— reference-bandwidth number
— rib-priority
— high
— prefix-list reference
— tag number
— router-id router-id
— standard-multi-instance boolean
— strict-adjacency-check boolean
— summary-address (ipv4-prefix | ipv6-prefix)
— apply-groups reference
— apply-groups-exclude reference
— level-capability keyword
— route-tag number
— suppress-attached-bit boolean
— system-id system-id
— timers
— lsp-wait
— lsp-initial-wait number
— lsp-max-wait number
— lsp-second-wait number
— spf-wait
— spf-initial-wait number
— spf-max-wait number
— spf-second-wait number
— unicast-import
— ipv4 boolean
— ipv6 boolean
— label-mode keyword
— local-routes-domain-id domain-id
— log
— apply-groups reference
— apply-groups-exclude reference
— filter log-filter-name
— apply-groups reference
— apply-groups-exclude reference
— default-action keyword
— description description
— named-entry log-filter-entry-name
— action keyword
— apply-groups reference
— apply-groups-exclude reference
— description description
— match
— application
— eq keyword
— neq keyword
— event
— eq number
— gt number
— gte number
— lt number
— lte number
— neq number
— message
— eq string
— neq string
— regexp boolean
— severity
— eq keyword
— gt keyword
— gte keyword
— lt keyword
— lte keyword
— neq keyword
— subject
— eq named-item
— neq named-item
— regexp boolean
— log-id li-log-name
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— description description
— destination
— netconf
— max-entries number
— snmp
— max-entries number
— syslog reference
— filter reference
— netconf-stream named-item
— source
— change boolean
— debug boolean
— main boolean
— security boolean
— time-format keyword
— snmp-trap-group svc-vprn-snmp-trap-group-name
— apply-groups reference
— apply-groups-exclude reference
— description description
— trap-target string
— address (ipv4-address-no-zone | ipv6-address-no-zone)
— apply-groups reference
— apply-groups-exclude reference
— description description
— notify-community string
— port number
— replay boolean
— security-level keyword
— version keyword
— syslog log-vprn-syslog-name
— address (ipv4-address-no-zone | ipv6-address-no-zone)
— apply-groups reference
— apply-groups-exclude reference
— description description
— facility keyword
— hostname
— use-system-name
— use-vprn-name
— value named-item-255
— log-prefix (keyword | string)
— port number
— severity keyword
— timestamp-format keyword
— tls-client-profile reference
— management
— allow-ftp boolean
— allow-grpc boolean
— allow-netconf boolean
— allow-ssh boolean
— allow-telnet boolean
— allow-telnet6 boolean
— apply-groups reference
— apply-groups-exclude reference
— maximum-ipv4-routes
— log-only boolean
— threshold number
— value number
— maximum-ipv6-routes
— log-only boolean
— threshold number
— value number
— mc-maximum-routes
— log-only boolean
— threshold number
— value number
— mld
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— group-if-query-source-address ipv6-unicast-or-linklocal-address
— interface interface-name
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— import-policy reference
— maximum-number-group-sources number
— maximum-number-groups number
— maximum-number-sources number
— query-interval number
— query-last-member-interval number
— query-response-interval number
— router-alert-check boolean
— ssm-translate
— group-range start ipv6-multicast-address end ipv6-multicast-address
— apply-groups reference
— apply-groups-exclude reference
— source ipv6-unicast-address
— static
— group ipv6-multicast-address
— apply-groups reference
— apply-groups-exclude reference
— source ipv6-unicast-address
— starg
— group-range start ipv6-multicast-address end ipv6-multicast-address step ipv6-address
— apply-groups reference
— apply-groups-exclude reference
— source ipv6-unicast-address
— starg
— version keyword
— query-interval number
— query-last-member-interval number
— query-response-interval number
— robust-count number
— ssm-translate
— group-range start ipv6-multicast-address end ipv6-multicast-address
— apply-groups reference
— apply-groups-exclude reference
— source ipv6-unicast-address
— nat
— apply-groups reference
— apply-groups-exclude reference
— inside
— large-scale
— nat-policy reference
— nat44
— destination-prefix ipv4-unicast-prefix
— apply-groups reference
— apply-groups-exclude reference
— nat-policy reference
— deterministic
— address-map ipv4-address to ipv4-address nat-policy reference
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— outside-range ipv4-address
— prefix-map ipv4-unicast-prefix nat-policy reference
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— map ipv4-address to ipv4-address
— apply-groups reference
— apply-groups-exclude reference
— first-outside-address ipv4-address
— max-subscriber-limit number
— outside
— filters
— downstream
— ipv4 reference
— upstream
— ipv4 reference
— mtu number
— pool named-item
— address-range ipv4-unicast-address end ipv4-unicast-address
— apply-groups reference
— apply-groups-exclude reference
— description description
— drain boolean
— admin-state keyword
— applications
— agnostic boolean
— apply-groups reference
— apply-groups-exclude reference
— description description
— icmp-echo-reply boolean
— large-scale
— subscriber-limit number
— mode keyword
— nat-group reference
— port-forwarding
— dynamic-block-reservation boolean
— range-end number
— port-reservation
— port-blocks number
— ports number
— type keyword
— watermarks
— high number
— low number
— network
— apply-groups reference
— apply-groups-exclude reference
— ingress
— filter
— ip reference
— ipv6 reference
— qos
— fp-redirect-group reference
— instance number
— network-policy reference
— urpf-check boolean
— network-interface interface-name
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— description very-long-description
— dist-cpu-protection reference
— egress
— filter
— ip reference
— hold-time
— ipv4
— down
— init-only boolean
— seconds number
— up
— seconds number
— ingress
— filter
— ip reference
— ip-mtu number
— ipv4
— allow-directed-broadcasts boolean
— bfd
— admin-state keyword
— echo-receive number
— multiplier number
— receive number
— transmit-interval number
— icmp
— mask-reply boolean
— param-problem
— admin-state keyword
— number number
— seconds number
— redirects
— admin-state keyword
— number number
— seconds number
— ttl-expired
— admin-state keyword
— number number
— seconds number
— unreachables
— admin-state keyword
— number number
— seconds number
— neighbor-discovery
— retry-timer number
— static-neighbor ipv4-address
— apply-groups reference
— apply-groups-exclude reference
— mac-address mac-address
— timeout number
— primary
— address ipv4-unicast-address
— apply-groups reference
— apply-groups-exclude reference
— broadcast keyword
— prefix-length number
— secondary ipv4-unicast-address
— apply-groups reference
— apply-groups-exclude reference
— broadcast keyword
— igp-inhibit boolean
— prefix-length number
— tcp-mss number
— urpf-check
— ignore-default boolean
— mode keyword
— lag
— load-balancing
— ip-load-balancing keyword
— lsr-load-balancing keyword
— loopback
— mac mac-unicast-address
— port port-and-encap
— qos
— apply-groups reference
— apply-groups-exclude reference
— egress-instance number
— egress-port-redirect-group reference
— ingress-fp-redirect-group reference
— ingress-instance number
— network-policy reference
— tos-marking-state keyword
— ntp
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— authenticate boolean
— authentication-check boolean
— authentication-key number
— apply-groups reference
— apply-groups-exclude reference
— key encrypted-leaf
— type keyword
— authentication-keychain reference
— broadcast reference
— apply-groups reference
— apply-groups-exclude reference
— authentication-keychain reference
— key-id reference
— ttl number
— version number
— ospf number
— admin-state keyword
— advertise-router-capability keyword
— apply-groups reference
— apply-groups-exclude reference
— area ipv4-address
— advertise-ne-profile reference
— advertise-router-capability boolean
— apply-groups reference
— apply-groups-exclude reference
— area-range ipv4-unicast-prefix
— advertise boolean
— apply-groups reference
— apply-groups-exclude reference
— blackhole-aggregate boolean
— export-policy reference
— import-policy reference
— interface interface-name
— admin-state keyword
— advertise-router-capability boolean
— advertise-subnet boolean
— apply-groups reference
— apply-groups-exclude reference
— authentication-key encrypted-leaf
— authentication-keychain reference
— authentication-type keyword
— bfd-liveness
— remain-down-on-failure boolean
— strict boolean
— strict-mode-holddown number
— dead-interval number
— hello-interval number
— interface-type keyword
— load-balancing-weight number
— loopfree-alternate
— exclude boolean
— policy-map
— route-nh-template reference
— lsa-filter-out keyword
— message-digest-key number
— apply-groups reference
— apply-groups-exclude reference
— md5 encrypted-leaf
— metric number
— mtu number
— neighbor ipv4-unicast-address
— passive boolean
— poll-interval number
— priority number
— retransmit-interval number
— rib-priority keyword
— transit-delay number
— loopfree-alternate-exclude boolean
— nssa
— area-range ipv4-unicast-prefix
— advertise boolean
— apply-groups reference
— apply-groups-exclude reference
— originate-default-route
— adjacency-check boolean
— type-nssa boolean
— redistribute-external boolean
— summaries boolean
— sham-link interface-name ip-address ipv4-unicast-address
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— authentication-key encrypted-leaf
— authentication-keychain reference
— authentication-type keyword
— dead-interval number
— hello-interval number
— message-digest-key number
— apply-groups reference
— apply-groups-exclude reference
— md5 encrypted-leaf
— metric number
— retransmit-interval number
— transit-delay number
— stub
— default-metric number
— summaries boolean
— virtual-link ipv4-address transit-area reference
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— authentication-key encrypted-leaf
— authentication-keychain reference
— authentication-type keyword
— dead-interval number
— hello-interval number
— message-digest-key number
— apply-groups reference
— apply-groups-exclude reference
— md5 encrypted-leaf
— retransmit-interval number
— transit-delay number
— compatible-rfc1583 boolean
— export-limit
— log-percent number
— number number
— export-policy reference
— external-db-overflow
— interval number
— limit number
— external-preference number
— graceful-restart
— helper-mode boolean
— strict-lsa-checking boolean
— ignore-dn-bit boolean
— import-policy reference
— loopfree-alternate
— exclude
— prefix-policy reference
— multicast-import boolean
— overload boolean
— overload-include-ext-1 boolean
— overload-include-ext-2 boolean
— overload-include-stub boolean
— overload-on-boot
— timeout number
— preference number
— reference-bandwidth number
— rib-priority
— high
— prefix-list reference
— router-id router-id
— rtr-adv-lsa-limit
— log-only boolean
— max-lsa-count number
— overload-timeout (number | keyword)
— warning-threshold number
— super-backbone boolean
— suppress-dn-bit boolean
— timers
— incremental-spf-wait number
— lsa-accumulate number
— lsa-arrival number
— lsa-generate
— lsa-initial-wait number
— lsa-second-wait number
— max-lsa-wait number
— redistribute-delay number
— spf-wait
— spf-initial-wait number
— spf-max-wait number
— spf-second-wait number
— unicast-import boolean
— vpn-domain
— id system-id
— type keyword
— vpn-tag number
— ospf3 number
— admin-state keyword
— advertise-router-capability keyword
— apply-groups reference
— apply-groups-exclude reference
— area ipv4-address
— advertise-router-capability boolean
— apply-groups reference
— apply-groups-exclude reference
— area-range (ipv4-prefix | ipv6-prefix)
— advertise boolean
— apply-groups reference
— apply-groups-exclude reference
— blackhole-aggregate boolean
— export-policy reference
— import-policy reference
— interface interface-name
— admin-state keyword
— advertise-router-capability boolean
— apply-groups reference
— apply-groups-exclude reference
— authentication
— inbound reference
— outbound reference
— bfd-liveness
— remain-down-on-failure boolean
— strict boolean
— strict-mode-holddown number
— dead-interval number
— hello-interval number
— interface-type keyword
— load-balancing-weight number
— loopfree-alternate
— exclude boolean
— policy-map
— route-nh-template reference
— lsa-filter-out keyword
— metric number
— mtu number
— neighbor (ipv4-address-no-zone | ipv6-address-no-zone)
— passive boolean
— poll-interval number
— priority number
— retransmit-interval number
— rib-priority keyword
— transit-delay number
— key-rollover-interval number
— loopfree-alternate-exclude boolean
— nssa
— area-range (ipv4-prefix | ipv6-prefix)
— advertise boolean
— apply-groups reference
— apply-groups-exclude reference
— originate-default-route
— adjacency-check boolean
— type-nssa boolean
— redistribute-external boolean
— summaries boolean
— stub
— default-metric number
— summaries boolean
— virtual-link ipv4-address transit-area reference
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— authentication
— inbound reference
— outbound reference
— dead-interval number
— hello-interval number
— retransmit-interval number
— transit-delay number
— export-limit
— log-percent number
— number number
— export-policy reference
— external-db-overflow
— interval number
— limit number
— external-preference number
— graceful-restart
— helper-mode boolean
— strict-lsa-checking boolean
— ignore-dn-bit boolean
— import-policy reference
— loopfree-alternate
— exclude
— prefix-policy reference
— multicast-import boolean
— overload boolean
— overload-include-ext-1 boolean
— overload-include-ext-2 boolean
— overload-include-stub boolean
— overload-on-boot
— timeout number
— preference number
— reference-bandwidth number
— rib-priority
— high
— prefix-list reference
— router-id router-id
— rtr-adv-lsa-limit
— log-only boolean
— max-lsa-count number
— overload-timeout (number | keyword)
— warning-threshold number
— suppress-dn-bit boolean
— timers
— incremental-spf-wait number
— lsa-accumulate number
— lsa-arrival number
— lsa-generate
— lsa-initial-wait number
— lsa-second-wait number
— max-lsa-wait number
— redistribute-delay number
— spf-wait
— spf-initial-wait number
— spf-max-wait number
— spf-second-wait number
— unicast-import boolean
— pim
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— apply-to keyword
— bgp-nh-override boolean
— import
— join-policy reference
— register-policy reference
— interface interface-name
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— assert-period number
— bfd-liveness
— ipv4 boolean
— ipv6 boolean
— bsm-check-rtr-alert boolean
— hello-interval number
— hello-multiplier number
— improved-assert boolean
— instant-prune-echo boolean
— ipv4
— apply-groups reference
— apply-groups-exclude reference
— monitor-oper-group
— name reference
— operation keyword
— priority-delta number
— multicast boolean
— ipv6
— apply-groups reference
— apply-groups-exclude reference
— monitor-oper-group
— name reference
— operation keyword
— priority-delta number
— multicast boolean
— max-groups number
— multicast-senders keyword
— priority number
— sticky-dr
— priority number
— three-way-hello boolean
— tracking-support boolean
— ipv4
— admin-state keyword
— rpf-table keyword
— source-address
— register-message ipv4-unicast-address
— ssm-assert-compatible-mode boolean
— ssm-default-range boolean
— ipv6
— admin-state keyword
— rpf-table keyword
— source-address
— register-message ipv6-unicast-address
— ssm-default-range boolean
— mtu-over-head number
— non-dr-attract-traffic boolean
— rp
— bootstrap
— export reference
— import reference
— ipv4
— anycast ipv4-unicast-address rp-set-peer ipv4-unicast-address
— auto-rp-discovery boolean
— bsr-candidate
— address ipv4-unicast-address
— admin-state keyword
— hash-mask-len number
— priority number
— candidate boolean
— mapping-agent boolean
— rp-candidate
— address ipv4-unicast-address
— admin-state keyword
— group-range ipv4-multicast-prefix
— holdtime number
— priority number
— static
— address ipv4-unicast-address
— apply-groups reference
— apply-groups-exclude reference
— group-prefix ipv4-multicast-prefix
— override boolean
— ipv6
— anycast ipv6-unicast-address rp-set-peer ipv6-unicast-address
— bsr-candidate
— address ipv6-unicast-address
— admin-state keyword
— hash-mask-len number
— priority number
— embedded-rp
— admin-state keyword
— group-range ipv6-multicast-prefix
— rp-candidate
— address ipv6-unicast-address
— admin-state keyword
— group-range ipv6-multicast-prefix
— holdtime number
— priority number
— static
— address ipv6-unicast-address
— apply-groups reference
— apply-groups-exclude reference
— group-prefix ipv6-multicast-prefix
— override boolean
— spt-switchover (ipv4-prefix | ipv6-prefix)
— apply-groups reference
— apply-groups-exclude reference
— threshold (number | keyword)
— ssm-groups
— group-range (ipv4-prefix | ipv6-prefix)
— radius
— apply-groups reference
— apply-groups-exclude reference
— server named-item
— accept-coa boolean
— acct-port number
— address (ipv4-address-no-zone | ipv6-address-no-zone)
— apply-groups reference
— apply-groups-exclude reference
— auth-port number
— description description
— pending-requests-limit number
— secret encrypted-leaf
— rip
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— authentication-key encrypted-leaf
— authentication-type keyword
— bfd-liveness boolean
— check-zero boolean
— description description
— export-limit
— log-percent number
— number number
— export-policy reference
— group named-item
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— authentication-key encrypted-leaf
— authentication-type keyword
— bfd-liveness boolean
— check-zero boolean
— description description
— export-policy reference
— import-policy reference
— message-size number
— metric-in number
— metric-out number
— neighbor interface-name
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— authentication-key encrypted-leaf
— authentication-type keyword
— bfd-liveness boolean
— check-zero boolean
— description description
— export-policy reference
— import-policy reference
— message-size number
— metric-in number
— metric-out number
— preference number
— receive keyword
— send keyword
— split-horizon boolean
— timers
— flush number
— timeout number
— update number
— unicast-address ipv4-unicast-address
— preference number
— receive keyword
— send keyword
— split-horizon boolean
— timers
— flush number
— timeout number
— update number
— import-policy reference
— message-size number
— metric-in number
— metric-out number
— preference number
— propagate-metric boolean
— receive keyword
— send keyword
— split-horizon boolean
— timers
— flush number
— timeout number
— update number
— ripng
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— bfd-liveness boolean
— check-zero boolean
— description description
— export-limit
— log-percent number
— number number
— export-policy reference
— group named-item
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— bfd-liveness boolean
— check-zero boolean
— description description
— export-policy reference
— import-policy reference
— message-size number
— metric-in number
— metric-out number
— neighbor reference
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— bfd-liveness boolean
— check-zero boolean
— description description
— export-policy reference
— import-policy reference
— message-size number
— metric-in number
— metric-out number
— preference number
— receive keyword
— send keyword
— split-horizon boolean
— timers
— flush number
— timeout number
— update number
— unicast-address ipv6-unicast-address
— preference number
— receive keyword
— send keyword
— split-horizon boolean
— timers
— flush number
— timeout number
— update number
— import-policy reference
— message-size number
— metric-in number
— metric-out number
— preference number
— receive keyword
— send keyword
— split-horizon boolean
— timers
— flush number
— timeout number
— update number
— router-id router-id
— service-id number
— sfm-overload
— holdoff-time number
— sgt-qos
— dot1p
— application keyword
— apply-groups reference
— apply-groups-exclude reference
— dot1p (keyword | number)
— dscp
— application keyword
— apply-groups reference
— apply-groups-exclude reference
— dscp (keyword | number)
— dscp-map keyword
— apply-groups reference
— apply-groups-exclude reference
— fc keyword
— snmp
— access boolean
— community encrypted-leaf
— access-permissions keyword
— apply-groups reference
— apply-groups-exclude reference
— source-access-list reference
— version keyword
— source-address
— ipv4 keyword
— address ipv4-address
— apply-groups reference
— apply-groups-exclude reference
— interface-name interface-name
— ipv6 keyword
— address ipv6-address
— apply-groups reference
— apply-groups-exclude reference
— spoke-sdp sdp-bind-id
— apply-groups reference
— apply-groups-exclude reference
— description description
— static-routes
— apply-groups reference
— apply-groups-exclude reference
— hold-down
— initial number
— max-value number
— multiplier number
— route (ipv4-prefix | ipv6-prefix) route-type keyword
— apply-groups reference
— apply-groups-exclude reference
— blackhole
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— community community
— description description-allow-all-white-spaces
— generate-icmp boolean
— metric number
— preference number
— prefix-list
— flag keyword
— name reference
— router-instance string
— tag number
— community community
— grt
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— description description-allow-all-white-spaces
— metric number
— preference number
— indirect (ipv4-address-no-zone | ipv6-address-no-zone)
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— community community
— cpe-check (ipv4-address-no-zone | ipv6-address-no-zone)
— apply-groups reference
— apply-groups-exclude reference
— drop-count number
— interval number
— log boolean
— padding-size number
— description description-allow-all-white-spaces
— metric number
— preference number
— prefix-list
— flag keyword
— name reference
— router-instance string
— tag number
— interface interface-name
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— community community
— cpe-check (ipv4-address-no-zone | ipv6-address-no-zone)
— apply-groups reference
— apply-groups-exclude reference
— drop-count number
— interval number
— log boolean
— padding-size number
— description description-allow-all-white-spaces
— load-balancing-weight number
— metric number
— preference number
— prefix-list
— flag keyword
— name reference
— router-instance string
— tag number
— ipsec-tunnel named-item
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— community community
— description description-allow-all-white-spaces
— metric number
— preference number
— tag number
— next-hop (ipv4-address-with-zone | ipv6-address-with-zone)
— admin-state keyword
— apply-groups reference
— apply-groups-exclude reference
— bfd-liveness boolean
— community community
— cpe-check (ipv4-address-no-zone | ipv6-address-no-zone)
— apply-groups reference
— apply-groups-exclude reference
— drop-count number
— interval number
— log boolean
— padding-size number
— description description-allow-all-white-spaces
— load-balancing-weight number
— metric number
— preference number
— prefix-list
— flag keyword
— name reference
— router-instance string
— tag number
— validate-next-hop boolean
— tag number
— ttl-propagate
— local keyword
— transit keyword
— twamp-light
— apply-groups reference
— apply-groups-exclude reference
— reflector
— admin-state keyword
— allow-ipv6-udp-checksum-zero boolean
— apply-groups reference
— apply-groups-exclude reference
— description description
— prefix (ipv4-prefix | ipv6-prefix)
— apply-groups reference
— apply-groups-exclude reference
— description description
— type keyword
— udp-port number
— vprn-type keyword
— weighted-ecmp keyword
service command descriptions
service
customer [customer-name] customer-name
[customer-name] customer-name
contact description
customer-id number
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Customer ID | |
| Context | configure service customer customer-name customer-id number | |
| Tree | customer-id | |
| Range | 1 to 2147483647 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
description description
| Synopsis | Text description | |
| Context | configure service customer customer-name description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
multi-service-site [multi-service-site-name] named-item
| Synopsis | Enter the multi-service-site list instance | |
| Context | configure service customer customer-name multi-service-site named-item | |
| Tree | multi-service-site | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[multi-service-site-name] named-item
| Synopsis | Customer site name | |
| Context | configure service customer customer-name multi-service-site named-item | |
| Tree | multi-service-site | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
assignment
| Synopsis | Enter the assignment context | |
| Context | configure service customer customer-name multi-service-site named-item assignment | |
| Tree | assignment | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
card number
| Synopsis | Multi-service-site assignment to the card slot | |
| Context | configure service customer customer-name multi-service-site named-item assignment card number | |
| Tree | card | |
| Range | 1 to 20 | |
Notes | The following elements are part of a choice: card, fpe, or port. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
port port-named
| Synopsis | Multi-service-site assignment to the port | |
| Context | configure service customer customer-name multi-service-site named-item assignment port port-named | |
| Tree | port | |
Notes | The following elements are part of a choice: card, fpe, or port. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
description description
| Synopsis | Text description | |
| Context | configure service customer customer-name multi-service-site named-item description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
egress
| Synopsis | Enter the egress context | |
| Context | configure service customer customer-name multi-service-site named-item egress | |
| Tree | egress | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
agg-rate
limit-unused-bandwidth boolean
| Synopsis | Enable aggregate rate overrun protection | |
| Context | configure service customer customer-name multi-service-site named-item egress agg-rate limit-unused-bandwidth boolean | |
| Tree | limit-unused-bandwidth | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
queue-frame-based-accounting boolean
| Synopsis | Enable frame based accounting for policers and queues | |
| Context | configure service customer customer-name multi-service-site named-item egress agg-rate queue-frame-based-accounting boolean | |
| Tree | queue-frame-based-accounting | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
rate number
policer-control-policy reference
| Synopsis | Policer control policy | |
| Context | configure service customer customer-name multi-service-site named-item egress policer-control-policy reference | |
| Tree | policer-control-policy | |
Reference | configure qos policer-control-policy named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
scheduler-policy
| Synopsis | Enter the scheduler-policy context | |
| Context | configure service customer customer-name multi-service-site named-item egress scheduler-policy | |
| Tree | scheduler-policy | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
overrides
| Synopsis | Enter the overrides context | |
| Context | configure service customer customer-name multi-service-site named-item egress scheduler-policy overrides | |
| Tree | overrides | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
scheduler [scheduler-name] named-item
| Synopsis | Enter the scheduler list instance | |
| Context | configure service customer customer-name multi-service-site named-item egress scheduler-policy overrides scheduler named-item | |
| Tree | scheduler | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[scheduler-name] named-item
| Synopsis | Scheduler name | |
| Context | configure service customer customer-name multi-service-site named-item egress scheduler-policy overrides scheduler named-item | |
| Tree | scheduler | |
Description | This command specifies the scheduler name which is composed of printable 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes. Each scheduler must have a unique name within the context of the scheduler policy. However, the same name can be reused in multiple scheduler policies. If the scheduler name already exists within the policy tier level, the context changes to that scheduler name for the purpose of editing the scheduler commands. If the scheduler name exists within the policy on a different tier, an error occurs and the current context will not change. If the scheduler name does not exist in this or another tier within the scheduler policy, it is assumed that an attempt is being made to create a scheduler of that name. If the provided scheduler name is invalid, a name syntax error occurs, the command does not execute, and the context does not change. | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
parent
| Synopsis | Enter the parent context | |
| Context | configure service customer customer-name multi-service-site named-item egress scheduler-policy overrides scheduler named-item parent | |
| Tree | parent | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cir-weight number
| Synopsis | Weight used at the within-CIR port priority level | |
| Context | configure service customer customer-name multi-service-site named-item egress scheduler-policy overrides scheduler named-item parent cir-weight number | |
| Tree | cir-weight | |
| Range | 0 to 100 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
weight number
| Synopsis | Relative weight of the scheduler to feed the queue | |
| Context | configure service customer customer-name multi-service-site named-item egress scheduler-policy overrides scheduler named-item parent weight number | |
| Tree | weight | |
| Range | 0 to 100 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
rate
| Synopsis | Enter the rate context | |
| Context | configure service customer customer-name multi-service-site named-item egress scheduler-policy overrides scheduler named-item rate | |
| Tree | rate | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cir (number | keyword)
| Synopsis | CIR for the scheduler | |
| Context | configure service customer customer-name multi-service-site named-item egress scheduler-policy overrides scheduler named-item rate cir (number | keyword) | |
| Tree | cir | |
| Range | 0 to 6400000000 | |
| Units | kilobps | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
pir (number | keyword)
| Synopsis | PIR for the scheduler | |
| Context | configure service customer customer-name multi-service-site named-item egress scheduler-policy overrides scheduler named-item rate pir (number | keyword) | |
| Tree | pir | |
| Range | 1 to 6400000000 | |
| Units | kilobps | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
policy-name reference
| Synopsis | Scheduler policy name | |
| Context | configure service customer customer-name multi-service-site named-item egress scheduler-policy policy-name reference | |
| Tree | policy-name | |
Reference | configure qos scheduler-policy named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ingress
| Synopsis | Enter the ingress context | |
| Context | configure service customer customer-name multi-service-site named-item ingress | |
| Tree | ingress | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
policer-control-policy reference
| Synopsis | Policer control policy | |
| Context | configure service customer customer-name multi-service-site named-item ingress policer-control-policy reference | |
| Tree | policer-control-policy | |
Reference | configure qos policer-control-policy named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
scheduler-policy
| Synopsis | Enter the scheduler-policy context | |
| Context | configure service customer customer-name multi-service-site named-item ingress scheduler-policy | |
| Tree | scheduler-policy | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
overrides
| Synopsis | Enter the overrides context | |
| Context | configure service customer customer-name multi-service-site named-item ingress scheduler-policy overrides | |
| Tree | overrides | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
scheduler [scheduler-name] named-item
| Synopsis | Enter the scheduler list instance | |
| Context | configure service customer customer-name multi-service-site named-item ingress scheduler-policy overrides scheduler named-item | |
| Tree | scheduler | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[scheduler-name] named-item
| Synopsis | Scheduler name | |
| Context | configure service customer customer-name multi-service-site named-item ingress scheduler-policy overrides scheduler named-item | |
| Tree | scheduler | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
parent
| Synopsis | Enter the parent context | |
| Context | configure service customer customer-name multi-service-site named-item ingress scheduler-policy overrides scheduler named-item parent | |
| Tree | parent | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cir-weight number
| Synopsis | Weight used at the within-CIR port priority level | |
| Context | configure service customer customer-name multi-service-site named-item ingress scheduler-policy overrides scheduler named-item parent cir-weight number | |
| Tree | cir-weight | |
| Range | 0 to 100 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
weight number
| Synopsis | Relative weight of the scheduler to feed the queue | |
| Context | configure service customer customer-name multi-service-site named-item ingress scheduler-policy overrides scheduler named-item parent weight number | |
| Tree | weight | |
| Range | 0 to 100 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
rate
| Synopsis | Enter the rate context | |
| Context | configure service customer customer-name multi-service-site named-item ingress scheduler-policy overrides scheduler named-item rate | |
| Tree | rate | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cir (number | keyword)
| Synopsis | CIR for the scheduler | |
| Context | configure service customer customer-name multi-service-site named-item ingress scheduler-policy overrides scheduler named-item rate cir (number | keyword) | |
| Tree | cir | |
| Range | 0 to 6400000000 | |
| Units | kilobps | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
pir (number | keyword)
| Synopsis | PIR for the scheduler | |
| Context | configure service customer customer-name multi-service-site named-item ingress scheduler-policy overrides scheduler named-item rate pir (number | keyword) | |
| Tree | pir | |
| Range | 1 to 6400000000 | |
| Units | kilobps | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
policy-name reference
| Synopsis | Scheduler policy name | |
| Context | configure service customer customer-name multi-service-site named-item ingress scheduler-policy policy-name reference | |
| Tree | policy-name | |
Reference | configure qos scheduler-policy named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
phone description
epipe [service-name] service-name
[service-name] service-name
admin-state keyword
| Synopsis | Administrative state of the service | |
| Context | configure service epipe service-name admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bgp [bgp-instance] number
[bgp-instance] number
adv-service-mtu number
| Synopsis | Advertised service MTU value | |
| Context | configure service epipe service-name bgp number adv-service-mtu number | |
| Tree | adv-service-mtu | |
Description | This command configures the MTU signaled value used in the BGP for the service. When configured, the router uses the value for signaling and for validation with the received MTU instead of the service MTU. However, the value does not affect the locally enforced value, which is still based on the service MTU. | |
| Range | 0 to 9782 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
pw-template-binding [pw-template-name] reference
| Synopsis | Enter the pw-template-binding list instance | |
| Context | configure service epipe service-name bgp number pw-template-binding reference | |
| Tree | pw-template-binding | |
| Max. instances | 100 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[pw-template-name] reference
| Synopsis | Policy name | |
| Context | configure service epipe service-name bgp number pw-template-binding reference | |
| Tree | pw-template-binding | |
Reference | configure service pw-template pw-template-name | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
endpoint reference
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Endpoint name associated with the BGP PW template | |
| Context | configure service epipe service-name bgp number pw-template-binding reference endpoint reference | |
| Tree | endpoint | |
Description | This command specifies the endpoint name associated with the BGP PW template. When an endpoint is associated to the PW template binding of a BGP VPWS service, EVPN MPLS can also be configured and associated to the same endpoint in the same Epipe service. | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
import-rt route-target
route-distinguisher (keyword | vpn-route-distinguisher)
| Synopsis | RD component for NLRI for L2VPN and EVPN families | |
| Context | configure service epipe service-name bgp number route-distinguisher (keyword | vpn-route-distinguisher) | |
| Tree | route-distinguisher | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
route-target
| Synopsis | Enter the route-target context | |
| Context | configure service epipe service-name bgp number route-target | |
| Tree | route-target | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
export route-target
import route-target
vsi-export reference
| Synopsis | VSI export policies | |
| Context | configure service epipe service-name bgp number vsi-export reference | |
| Tree | vsi-export | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
vsi-import reference
| Synopsis | VSI import policies | |
| Context | configure service epipe service-name bgp number vsi-import reference | |
| Tree | vsi-import | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bgp-evpn
evi number
| Synopsis | EVPN ID | |
| Context | configure service epipe service-name bgp-evpn evi number | |
| Tree | evi | |
Description | This command configures an EVPN instance (EVI) unique in the system. It is used for the service-carving algorithm for multi-homing and auto-deriving route target and route distinguishers. The following options are supported: If this EVPN identifier is not specified, the value is zero and no route distinguisher or route target is automatically derived from it.If the specified EVPN identifier is lower than 65535 and no other route distinguisher or route target is configured in the service, the following applies:
If the specified EVPN identifier is higher than 65535 and no other route distinguisher or route target is configured in the service, the following applies.
| |
| Range | 1 to 16777215 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
local-attachment-circuit [name] named-item
| Synopsis | Enter the local-attachment-circuit list instance | |
| Context | configure service epipe service-name bgp-evpn local-attachment-circuit named-item | |
| Tree | local-attachment-circuit | |
| Max. instances | 2 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
[name] named-item
| Synopsis | Attachment circuit name | |
| Context | configure service epipe service-name bgp-evpn local-attachment-circuit named-item | |
| Tree | local-attachment-circuit | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bgp number
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | BGP instance ID | |
| Context | configure service epipe service-name bgp-evpn local-attachment-circuit named-item bgp number | |
| Tree | bgp | |
| Range | 1 to 2 | |
| Default | 1 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
endpoint reference
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Endpoint name | |
| Context | configure service epipe service-name bgp-evpn local-attachment-circuit named-item endpoint reference | |
| Tree | endpoint | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
eth-tag number
| Synopsis | Ethernet tag of the attachment circuit | |
| Context | configure service epipe service-name bgp-evpn local-attachment-circuit named-item eth-tag number | |
| Tree | eth-tag | |
Description | This command configures the Ethernet tag value of the attachment circuit. When configured in the local attachment circuit context, the tag value is used in the advertised AD per-EVI route sent for the attachment circuit. When configured in the remote attachment circuit context, the value is compared with the Ethernet tag value of the imported D per-EVI routes for the service. When there is a match, the system creates an EVPN destination for the Epipe. | |
| Range | 1 to 16777215 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mpls [bgp-instance] number
[bgp-instance] number
admin-state keyword
| Synopsis | Administrative state of BGP EVPN MPLS | |
| Context | configure service epipe service-name bgp-evpn mpls number admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
auto-bind-tunnel
| Synopsis | Enter the auto-bind-tunnel context | |
| Context | configure service epipe service-name bgp-evpn mpls number auto-bind-tunnel | |
| Tree | auto-bind-tunnel | |
Description | Commands in this context configure automatic binding of a VPRN service using tunnels to MP-BGP peers. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
allow-flex-algo-fallback boolean
| Synopsis | Enable flexible algorithm fallback | |
| Context | configure service epipe service-name bgp-evpn mpls number auto-bind-tunnel allow-flex-algo-fallback boolean | |
| Tree | allow-flex-algo-fallback | |
Description | When configured to true, a BGP router with a Flex-Algorithm action configured (via the configure policy-options policy-statement entry action flex-algo command) can resolve to a tunnel with algorithm 0 if no target Flex-Algorithm tunnel is available. When configured to false, the BGP router can resolve only to the intended Flex-Algorithm tunnel, which may cause traffic loss if no corresponding Flex-Algorithm tunnel is available. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ecmp number
enforce-strict-tunnel-tagging boolean
| Synopsis | Enable/disable enforcement of strict tunnel tagging | |
| Context | configure service epipe service-name bgp-evpn mpls number auto-bind-tunnel enforce-strict-tunnel-tagging boolean | |
| Tree | enforce-strict-tunnel-tagging | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
enforce-untagged-route keyword
| Synopsis | Untagged route type enforcement | |
| Context | configure service epipe service-name bgp-evpn mpls number auto-bind-tunnel enforce-untagged-route keyword | |
| Tree | enforce-untagged-route | |
Description | This command configures the enforcement of BGP routes with no administrative tag policy applied by modifying the next-hop resolution behavior for autobind services. If the untagged-tunnel option is configured, untagged routes only bind to LSPs with no administrative tag configured. If both tagged and untagged tunnels to the next hop exist, the system only considers the untagged tunnels. If no untagged tunnels to the next hop exist, the resolution of untagged routes fails. The untagged-tunnel option can be used in combination with the enforce-strict-tunnel-tagging command configured to true, in which case tagged routes resolve to tagged LSPs, and untagged routes only resolve to untagged LSPs. When unconfigured, untagged routes can bind to tagged or untagged LSPs. | |
| Options | none – Untagged routes can bind to tagged or untagged LSPs untagged-tunnel – Untagged routes only bind to LSPs without an admin tag | |
| Default | none | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
resolution keyword
| Synopsis | Resolution method for tunnel selection | |
| Context | configure service epipe service-name bgp-evpn mpls number auto-bind-tunnel resolution keyword | |
| Tree | resolution | |
| Options | ||
| Default | none | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
resolution-filter
| Synopsis | Enter the resolution-filter context | |
| Context | configure service epipe service-name bgp-evpn mpls number auto-bind-tunnel resolution-filter | |
| Tree | resolution-filter | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bgp boolean
| Synopsis | Use BGP tunneling for next-hop resolution | |
| Context | configure service epipe service-name bgp-evpn mpls number auto-bind-tunnel resolution-filter bgp boolean | |
| Tree | bgp | |
Description | When configured to true, BGP searches the BGP LSP for the address of the BGP next hop. When configured to false, BGP tunneling is not used and inter-area or inter-as prefixes are not resolved. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ldp boolean
| Synopsis | Use LDP tunneling for next-hop resolution | |
| Context | configure service epipe service-name bgp-evpn mpls number auto-bind-tunnel resolution-filter ldp boolean | |
| Tree | ldp | |
Description | When configured to true, BGP searches for an LDP LSP with a FEC prefix corresponding to the address of the BGP next hop. When configured to false, LDP tunneling is not used for next-hop resolution. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
rsvp boolean
| Synopsis | Use RSVP tunneling for next-hop resolution | |
| Context | configure service epipe service-name bgp-evpn mpls number auto-bind-tunnel resolution-filter rsvp boolean | |
| Tree | rsvp | |
Description | When configured to true, BGP searches the best metric RSVP LSP to determine the address of the BGP next hop. This address can correspond to the system interface or to another loopback interface used by the BGP instance on the remote node. The LSP metric is provided by MPLS in the tunnel table. In the case of multiple RSVP LSPs with the same lowest metric, BGP selects the LSP with the lowest tunnel ID. When configured to false, the RSVP LSP is not used for next-hop resolution. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
sr-isis boolean
| Synopsis | Use IS-IS SR tunneling for next-hop resolution | |
| Context | configure service epipe service-name bgp-evpn mpls number auto-bind-tunnel resolution-filter sr-isis boolean | |
| Tree | sr-isis | |
Description | When configured to true, BGP uses an IS-IS tunnel type to resolve the BGP next hop. When the sr-isis command is enabled, an SR tunnel to the BGP next hop is selected in the TTM according to the following procedure.
When configured to false, IS-IS tunneling is not used for next-hop resolution. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
sr-ospf boolean
| Synopsis | Use OSPF SR tunneling for next-hop resolution | |
| Context | configure service epipe service-name bgp-evpn mpls number auto-bind-tunnel resolution-filter sr-ospf boolean | |
| Tree | sr-ospf | |
Description | When configured to true, BGP uses an OSPF tunnel type to resolve the BGP next hop. When enabled, an SR tunnel to the BGP next hop is selected in the TTM according to the following procedure.
When configured to false, OSPF tunneling is not used for next-hop resolution. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
sr-ospf3 boolean
| Synopsis | Use OSPFv3 SR tunneling for next-hop resolution | |
| Context | configure service epipe service-name bgp-evpn mpls number auto-bind-tunnel resolution-filter sr-ospf3 boolean | |
| Tree | sr-ospf3 | |
Description | When configured to true, BGP uses an OSPF3 tunnel type to resolve the BGP next hop. When enabled, an SR tunnel to the BGP next hop is selected in the TTM according to the following procedure.
When configured to false, OSPF3 tunneling is not used for next-hop resolution. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
sr-policy boolean
| Synopsis | Use SR policies for next-hop resolution | |
| Context | configure service epipe service-name bgp-evpn mpls number auto-bind-tunnel resolution-filter sr-policy boolean | |
| Tree | sr-policy | |
Description | When configured to true, this command enables the use of SR policies to resolve the next hop of BGP-EVPN service routes. This command configures BGP to search for an SR policy with:
| |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
sr-te boolean
| Synopsis | Use SR-TE tunneling for next-hop resolution | |
| Context | configure service epipe service-name bgp-evpn mpls number auto-bind-tunnel resolution-filter sr-te boolean | |
| Tree | sr-te | |
Description | When configured to true, BGP uses an SR-TE tunnel type to resolve the BGP next hop. In the case of multiple SR-TE tunnels with the same lowest metric, BGP selects the tunnel with the lowest tunnel ID. When configured to false, SR-TE tunneling is not used for next-hop resolution. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
weighted-ecmp boolean
| Synopsis | Allow weighted load balancing | |
| Context | configure service epipe service-name bgp-evpn mpls number auto-bind-tunnel weighted-ecmp boolean | |
| Tree | weighted-ecmp | |
Description | When configured to true, this router enables weighted ECMP for packets using tunnels that a VPLS or Epipe automatically binds to. Packets are sprayed across LSPs in the ECMP according to the outcome of the hash algorithm and the configured load balancing weight of each LSP. When configured to false, this command disables weighted ECMP for next-hop tunnel selection. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
control-word boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable support for control word | |
| Context | configure service epipe service-name bgp-evpn mpls number control-word boolean | |
| Tree | control-word | |
Description | When configured to true, the router enables the transmission and reception of the control word for all EVPN-MPLS destinations at the same time. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
default-route-tag one-byte-value
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Default route tag | |
| Context | configure service epipe service-name bgp-evpn mpls number default-route-tag one-byte-value | |
| Tree | default-route-tag | |
Description | This command configures a route tag that is used when sending a route to the BGP application (for the corresponding service and BGP instance). If the corresponding BGP instance is enabled, the command cannot be changed. When used for BGP EVPN contexts, only one route tag can be passed to BGP for matching on export policies. In case of a conflict with other route tags pushed by EVPN, the default route tag has the least priority. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
domain-id domain-id
| Synopsis | Domain ID of received BGP route before readvertisement | |
| Context | configure service epipe service-name bgp-evpn mpls number domain-id domain-id | |
| Tree | domain-id | |
Description | This command specifies the domain ID. The domain ID identifies the network from which the BGP route was received before the RTM advertises it to a different neighbor. The domain ID is part of a domain, represented as domain-id:isf_safi_type in the D-PATH attribute, as described in draft-ietf-bess-evpn-ipvpn-interworking. Gateway routers modify the D-PATH attribute. A gateway is a PE where a VPRN is instantiated. The VPRN in this case advertises or receives routes from multiple BGP owners (for example, EVPN-IFL and BGP-IPVPN) or multiple instances of the same owner (for example, VPRN with two BGP-IPVPN instances). Gateways use the D-PATH attribute to detect loops (for received routes where the D-PATH contains a local domain ID) and to make BGP best-path selection decisions based on the D-PATH length (shorter D-PATH is preferred). In the following example, suppose a gateway receives prefix P in an EVPN-IFL instance with the following D-PATH from neighbor N: Seg Len=1 / 65000:1:128 If the router imports the route in VPRN-1, BGP-EVPN SRv6 instance with domain 65000:2, it readvertises it to its BGP-IPVPN MPLS instance as follows: Seg Len=2 / 65000:2:70 / 65000:1:128 That is, the gateway prepends the local domain ID and family to the D-PATH before readvertising the route into a different instance. The command is also supported in Epipe services with two instances. As in the case of multi-instance VPRN services, the configured domain ID in an Epipe instance is prepended to the AD per EVI route redistributed to the other instance. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dynamic-egress-label-limit boolean
| Synopsis | Enables dynamic egress label limit | |
| Context | configure service epipe service-name bgp-evpn mpls number dynamic-egress-label-limit boolean | |
| Tree | dynamic-egress-label-limit | |
Description | When configured to true, this command relaxes the egress MPLS label limit check when resolving BGP next hops in the tunnel table. For VPRN services, the OAM label is never computed and, therefore, one more egress label is allowed. For EVPN (Epipe and VPLS) services, the system only computes the control word and ESI label if they are used. For the control word, the system reduces the egress label limit by one label if the control word is configured in the service. When configured, the ESI label is not counted for Epipes or VPLS services without an ES. When configured to false this command, for EVPN, Epipe, and VPLS services, always accounts for the ESI label and control word. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
evi-three-byte-auto-rt boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Auto-derive the BGP EVPN route target | |
| Context | configure service epipe service-name bgp-evpn mpls number evi-three-byte-auto-rt boolean | |
| Tree | evi-three-byte-auto-rt | |
Description | When configured to true, the BGP-EVPN instance import and export route target is auto-derived as described in RFC 8365 (Global-Administrator:A/Type/D-ID/Service-ID). Where:
When configured to false, route target derivation is not allowed. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
force-vc-forwarding keyword
| Synopsis | VC forwarding action | |
| Context | configure service epipe service-name bgp-evpn mpls number force-vc-forwarding keyword | |
| Tree | force-vc-forwarding | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
hash-label boolean
| Synopsis | Default profile when the CP-provided profile is unknown | |
| Context | configure service epipe service-name bgp-evpn mpls number hash-label boolean | |
| Tree | hash-label | |
Description | When configured to true, the router pushes the hash label. The hash label is never used for BUM packets. The hash-label push is based on the following:
| |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
mh-mode keyword
| Synopsis | Multihoming mode | |
| Context | configure service epipe service-name bgp-evpn mpls number mh-mode keyword | |
| Tree | mh-mode | |
Description | This command configures each BGP-EVPN instance in a multi-instance Epipe service to behave as network or access. You can only configure one network instance for the service. If the service has a provider tunnel enabled, it requires a network instance. | |
| Options | ||
| Default | network | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
oper-group reference
| Synopsis | Operational group identifier | |
| Context | configure service epipe service-name bgp-evpn mpls number oper-group reference | |
| Tree | oper-group | |
Reference | configure service oper-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
route-next-hop
| Synopsis | Enter the route-next-hop context | |
| Context | configure service epipe service-name bgp-evpn mpls number route-next-hop | |
| Tree | route-next-hop | |
Description | Commands in this context configure the next hop of the EVPN routes. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ip-address (ipv4-address-no-zone | ipv6-address-no-zone)
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | IP address of the next-hop for the service EVPN route | |
| Context | configure service epipe service-name bgp-evpn mpls number route-next-hop ip-address (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | ip-address | |
Notes | The following elements are part of a choice: ip-address, system-ipv4, or system-ipv6. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
system-ipv4
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | System IPv4 address for service EVPN route next hop | |
| Context | configure service epipe service-name bgp-evpn mpls number route-next-hop system-ipv4 | |
| Tree | system-ipv4 | |
Notes | The following elements are part of a choice: ip-address, system-ipv4, or system-ipv6. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
system-ipv6
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | System IPv6 address for service EVPN route next hop | |
| Context | configure service epipe service-name bgp-evpn mpls number route-next-hop system-ipv6 | |
| Tree | system-ipv6 | |
Notes | The following elements are part of a choice: ip-address, system-ipv4, or system-ipv6. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
send-tunnel-encap
| Synopsis | Enter the send-tunnel-encap context | |
| Context | configure service epipe service-name bgp-evpn mpls number send-tunnel-encap | |
| Tree | send-tunnel-encap | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mpls boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable MPLS encapsulation | |
| Context | configure service epipe service-name bgp-evpn mpls number send-tunnel-encap mpls boolean | |
| Tree | mpls | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
remote-attachment-circuit [name] named-item
| Synopsis | Enter the remote-attachment-circuit list instance | |
| Context | configure service epipe service-name bgp-evpn remote-attachment-circuit named-item | |
| Tree | remote-attachment-circuit | |
| Max. instances | 2 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
[name] named-item
| Synopsis | Attachment circuit name | |
| Context | configure service epipe service-name bgp-evpn remote-attachment-circuit named-item | |
| Tree | remote-attachment-circuit | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bgp number
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | BGP instance ID | |
| Context | configure service epipe service-name bgp-evpn remote-attachment-circuit named-item bgp number | |
| Tree | bgp | |
| Range | 1 to 2 | |
| Default | 1 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
endpoint reference
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Endpoint name | |
| Context | configure service epipe service-name bgp-evpn remote-attachment-circuit named-item endpoint reference | |
| Tree | endpoint | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
eth-tag number
| Synopsis | Ethernet tag of the attachment circuit | |
| Context | configure service epipe service-name bgp-evpn remote-attachment-circuit named-item eth-tag number | |
| Tree | eth-tag | |
Description | This command configures the Ethernet tag value of the attachment circuit. When configured in the local attachment circuit context, the tag value is used in the advertised AD per-EVI route sent for the attachment circuit. When configured in the remote attachment circuit context, the value is compared with the Ethernet tag value of the imported D per-EVI routes for the service. When there is a match, the system creates an EVPN destination for the Epipe. | |
| Range | 1 to 16777215 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bgp-mh-site [site-name] named-item
| Synopsis | Enter the bgp-mh-site list instance | |
| Context | configure service epipe service-name bgp-mh-site named-item | |
| Tree | bgp-mh-site | |
| Max. instances | 1 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
[site-name] named-item
| Synopsis | Name for the specific site | |
| Context | configure service epipe service-name bgp-mh-site named-item | |
| Tree | bgp-mh-site | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
activation-timer number
| Synopsis | Time to wait for BGP updates from remote PEs | |
| Context | configure service epipe service-name bgp-mh-site named-item activation-timer number | |
| Tree | activation-timer | |
| Range | 0 to 100 | |
| Units | seconds | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the site | |
| Context | configure service epipe service-name bgp-mh-site named-item admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
boot-timer number
| Synopsis | Wait time after reboot to run the DF election algorithm | |
| Context | configure service epipe service-name bgp-mh-site named-item boot-timer number | |
| Tree | boot-timer | |
| Range | 0 to 600 | |
| Units | seconds | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
id number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Site ID for the service | |
| Context | configure service epipe service-name bgp-mh-site named-item id number | |
| Tree | id | |
Description | This command configures the ID for the site. The ID must match between services but is local to the service. | |
| Range | 1 to 65535 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
min-down-timer number
| Synopsis | Minimum down time when site goes operationally down | |
| Context | configure service epipe service-name bgp-mh-site named-item min-down-timer number | |
| Tree | min-down-timer | |
| Range | 0 to 100 | |
| Units | seconds | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
preference number
| Synopsis | Preference to advertise in NLRI L2 extended community | |
| Context | configure service epipe service-name bgp-mh-site named-item preference number | |
| Tree | preference | |
| Range | 1 to 65535 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
sap sap
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | SAP to be associated with this site | |
| Context | configure service epipe service-name bgp-mh-site named-item sap sap | |
| Tree | sap | |
| String length | 1 to 45 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
bgp-vpws
admin-state keyword
| Synopsis | Administrative state of the VPWS edge instance | |
| Context | configure service epipe service-name bgp-vpws admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
local-ve
id number
name named-item
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Local VPWS instance name | |
| Context | configure service epipe service-name bgp-vpws local-ve name named-item | |
| Tree | name | |
| String length | 1 to 32 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
remote-ve [name] named-item
[name] named-item
id number
customer reference
description description
| Synopsis | Text description | |
| Context | configure service epipe service-name description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
endpoint [name] named-item
[name] named-item
description description
| Synopsis | Text description | |
| Context | configure service epipe service-name endpoint named-item description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
hold-time-active number
| Synopsis | Time before entering standby when MC-LAG SAP goes down | |
| Context | configure service epipe service-name endpoint named-item hold-time-active number | |
| Tree | hold-time-active | |
| Range | 1 to 60 | |
| Units | deciseconds | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
revert-time (number | keyword)
| Synopsis | Time to wait before reverting to primary spoke SDP | |
| Context | configure service epipe service-name endpoint named-item revert-time (number | keyword) | |
| Tree | revert-time | |
| Range | 1 to 600 | |
| Units | seconds | |
| Options | ||
| Default | immediate | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
standby-signaling keyword
| Synopsis | Endpoint behavior to handle the PW standby bit | |
| Context | configure service epipe service-name endpoint named-item standby-signaling keyword | |
| Tree | standby-signaling | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
ignore-l2vpn-mtu-mismatch boolean
| Synopsis | Ignore the L2 VPN MTU mismatch with local service MTU | |
| Context | configure service epipe service-name ignore-l2vpn-mtu-mismatch boolean | |
| Tree | ignore-l2vpn-mtu-mismatch | |
Description | When configured to true, the router does not check the value of the Layer 2 MTU in the Layer2 Info Extended Community received in a BGP update message against the local service MTU or locally signaled MTU. It may, therefore, bring up the BGP VPWS service regardless of any MTU mismatch. When configured to false, an MTU mismatch prevents the system from bringing up a BGP-VPWS service. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
load-balancing
| Synopsis | Enter the load-balancing context | |
| Context | configure service epipe service-name load-balancing | |
| Tree | load-balancing | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
oper-group reference
| Synopsis | Oper-group name | |
| Context | configure service epipe service-name oper-group reference | |
| Tree | oper-group | |
Reference | configure service oper-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
sap [sap-id] sap
[sap-id] sap
accounting-policy reference
| Synopsis | Accounting policy | |
| Context | configure service epipe service-name sap sap accounting-policy reference | |
| Tree | accounting-policy | |
Reference | configure log accounting-policy number | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the SAP | |
| Context | configure service epipe service-name sap sap admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bandwidth number
collect-stats boolean
| Synopsis | Collect accounting statistics | |
| Context | configure service epipe service-name sap sap collect-stats boolean | |
| Tree | collect-stats | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
description long-description
| Synopsis | Text description | |
| Context | configure service epipe service-name sap sap description long-description | |
| Tree | description | |
| String length | 1 to 160 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dist-cpu-protection reference
| Synopsis | Distributed CPU protection policy for SAP | |
| Context | configure service epipe service-name sap sap dist-cpu-protection reference | |
| Tree | dist-cpu-protection | |
Reference | configure system security dist-cpu-protection policy named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
egress
agg-rate
queue-frame-based-accounting boolean
| Synopsis | Enable frame based accounting on policers and queues | |
| Context | configure service epipe service-name sap sap egress agg-rate queue-frame-based-accounting boolean | |
| Tree | queue-frame-based-accounting | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
rate number
filter
ip reference
ipv6 reference
qos
policer-control-policy
| Synopsis | Enter the policer-control-policy context | |
| Context | configure service epipe service-name sap sap egress qos policer-control-policy | |
| Tree | policer-control-policy | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
overrides
root
max-rate (number | keyword)
priority-mbs-thresholds
| Synopsis | Enter the priority-mbs-thresholds context | |
| Context | configure service epipe service-name sap sap egress qos policer-control-policy overrides root priority-mbs-thresholds | |
| Tree | priority-mbs-thresholds | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
min-thresh-separation (number | keyword)
| Synopsis | Minimum amount of separation buffer space | |
| Context | configure service epipe service-name sap sap egress qos policer-control-policy overrides root priority-mbs-thresholds min-thresh-separation (number | keyword) | |
| Tree | min-thresh-separation | |
| Range | 0 to 16777216 | |
| Units | bytes | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
priority [priority-level] number
[priority-level] number
mbs-contribution (number | keyword)
| Synopsis | Minimum amount of cumulative buffer space allowed | |
| Context | configure service epipe service-name sap sap egress qos policer-control-policy overrides root priority-mbs-thresholds priority number mbs-contribution (number | keyword) | |
| Tree | mbs-contribution | |
| Range | 0 to 16777216 | |
| Units | bytes | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
policy-name reference
| Synopsis | Policer control policy name | |
| Context | configure service epipe service-name sap sap egress qos policer-control-policy policy-name reference | |
| Tree | policy-name | |
Reference | configure qos policer-control-policy named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
qinq-mark-top-only boolean
| Synopsis | Mark top Q-tags | |
| Context | configure service epipe service-name sap sap egress qos qinq-mark-top-only boolean | |
| Tree | qinq-mark-top-only | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
sap-egress
| Synopsis | Enter the sap-egress context | |
| Context | configure service epipe service-name sap sap egress qos sap-egress | |
| Tree | sap-egress | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
overrides
queue [queue-id] reference
[queue-id] reference
adaptation-rule
| Synopsis | Enter the adaptation-rule context | |
| Context | configure service epipe service-name sap sap egress qos sap-egress overrides queue reference adaptation-rule | |
| Tree | adaptation-rule | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cir keyword
pir keyword
avg-frame-overhead decimal-number
| Synopsis | Average packet-to-frame encapsulation overhead | |
| Context | configure service epipe service-name sap sap egress qos sap-egress overrides queue reference avg-frame-overhead decimal-number | |
| Tree | avg-frame-overhead | |
Description | This command configures overrides for the average frame overhead. The overrides supersede the average frame overhead configuration under the queue. For a full description of this command, see the configure qos network-queue queue avg-frame-overhead and configure qos sap-egress queue avg-frame-overhead contexts. | |
| Range | 0.00 to 100.00 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
burst-limit (number | keyword)
| Synopsis | Explicit shaping burst size for the queue | |
| Context | configure service epipe service-name sap sap egress qos sap-egress overrides queue reference burst-limit (number | keyword) | |
| Tree | burst-limit | |
| Range | 1 to 14000000 | |
| Units | bytes | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
cbs (number | keyword)
drop-tail
low
percent-reduction-from-mbs (number | keyword)
| Synopsis | Percentage reduction from the MBS for a queue drop tail | |
| Context | configure service epipe service-name sap sap egress qos sap-egress overrides queue reference drop-tail low percent-reduction-from-mbs (number | keyword) | |
| Tree | percent-reduction-from-mbs | |
| Range | 0 to 100 | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mbs (number | keyword)
parent
cir-weight number
| Synopsis | CIR parameter that overrides parent for queue group | |
| Context | configure service epipe service-name sap sap egress qos sap-egress overrides queue reference parent cir-weight number | |
| Tree | cir-weight | |
| Range | 0 to 100 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
weight number
percent-rate
| Synopsis | Enter the percent-rate context | |
| Context | configure service epipe service-name sap sap egress qos sap-egress overrides queue reference percent-rate | |
| Tree | percent-rate | |
Notes | The following elements are part of a choice: percent-rate or rate. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cir decimal-number
pir decimal-number
rate
cir (number | keyword)
pir (number | keyword)
policy-name reference
| Synopsis | Policy ID to associate with SAP for mirrored service | |
| Context | configure service epipe service-name sap sap egress qos sap-egress policy-name reference | |
| Tree | policy-name | |
Reference | configure qos sap-egress qos-policy-name | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
port-redirect-group
| Synopsis | Enter the port-redirect-group context | |
| Context | configure service epipe service-name sap sap egress qos sap-egress port-redirect-group | |
| Tree | port-redirect-group | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
group-name reference
| Synopsis | Name of the queue group redirect list policy | |
| Context | configure service epipe service-name sap sap egress qos sap-egress port-redirect-group group-name reference | |
| Tree | group-name | |
Reference | configure qos queue-group-templates egress queue-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
instance number
| Synopsis | Instance of port queue group | |
| Context | configure service epipe service-name sap sap egress qos sap-egress port-redirect-group instance number | |
| Tree | instance | |
| Range | 1 to 65535 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
scheduler-policy
| Synopsis | Enter the scheduler-policy context | |
| Context | configure service epipe service-name sap sap egress qos scheduler-policy | |
| Tree | scheduler-policy | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
overrides
scheduler [scheduler-name] named-item
[scheduler-name] named-item
| Synopsis | Scheduler name | |
| Context | configure service epipe service-name sap sap egress qos scheduler-policy overrides scheduler named-item | |
| Tree | scheduler | |
Description | This command specifies the scheduler name which is composed of printable 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes. Each scheduler must have a unique name within the context of the scheduler policy. However, the same name can be reused in multiple scheduler policies. If the scheduler name already exists within the policy tier level, the context changes to that scheduler name for the purpose of editing the scheduler commands. If the scheduler name exists within the policy on a different tier, an error occurs and the current context does not change. If the scheduler name does not exist in this or another tier within the scheduler policy, it is assumed that an attempt is being made to create a scheduler of that name. If the provided scheduler name is invalid, a name syntax error occurs, the command does not execute, and the context is not change. | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
parent
cir-weight number
| Synopsis | Weight used at the within-CIR port priority level | |
| Context | configure service epipe service-name sap sap egress qos scheduler-policy overrides scheduler named-item parent cir-weight number | |
| Tree | cir-weight | |
| Range | 0 to 100 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
weight number
rate
cir (number | keyword)
pir (number | keyword)
policy-name reference
| Synopsis | Scheduler policy name | |
| Context | configure service epipe service-name sap sap egress qos scheduler-policy policy-name reference | |
| Tree | policy-name | |
Reference | configure qos scheduler-policy named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
endpoint reference
ignore-oper-down boolean
| Synopsis | Ignore operational down state of the SAP on SAP failure | |
| Context | configure service epipe service-name sap sap ignore-oper-down boolean | |
| Tree | ignore-oper-down | |
Description | When configured to true, the Epipe service does not transition to the operational down state when the SAP fails. This command can only be set to true for a single SAP in an Epipe. The command can be used in Epipes with or without EVPN enabled. When configured to false, the Epipe service transitions to the operational down state when SAP fails. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ingress
filter
ip reference
ipv6 reference
qos
match-qinq-dot1p keyword
| Synopsis | Ingress match QinQ Dot1p | |
| Context | configure service epipe service-name sap sap ingress qos match-qinq-dot1p keyword | |
| Tree | match-qinq-dot1p | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
policer-control-policy
| Synopsis | Enter the policer-control-policy context | |
| Context | configure service epipe service-name sap sap ingress qos policer-control-policy | |
| Tree | policer-control-policy | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
overrides
root
max-rate (number | keyword)
priority-mbs-thresholds
| Synopsis | Enter the priority-mbs-thresholds context | |
| Context | configure service epipe service-name sap sap ingress qos policer-control-policy overrides root priority-mbs-thresholds | |
| Tree | priority-mbs-thresholds | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
min-thresh-separation (number | keyword)
| Synopsis | Minimum amount of separation buffer space | |
| Context | configure service epipe service-name sap sap ingress qos policer-control-policy overrides root priority-mbs-thresholds min-thresh-separation (number | keyword) | |
| Tree | min-thresh-separation | |
| Range | 0 to 16777216 | |
| Units | bytes | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
priority [priority-level] number
[priority-level] number
mbs-contribution (number | keyword)
| Synopsis | Minimum amount of cumulative buffer space allowed | |
| Context | configure service epipe service-name sap sap ingress qos policer-control-policy overrides root priority-mbs-thresholds priority number mbs-contribution (number | keyword) | |
| Tree | mbs-contribution | |
| Range | 0 to 16777216 | |
| Units | bytes | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
policy-name reference
| Synopsis | Policer control policy name | |
| Context | configure service epipe service-name sap sap ingress qos policer-control-policy policy-name reference | |
| Tree | policy-name | |
Reference | configure qos policer-control-policy named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
sap-ingress
| Synopsis | Enter the sap-ingress context | |
| Context | configure service epipe service-name sap sap ingress qos sap-ingress | |
| Tree | sap-ingress | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
fp-redirect-group
| Synopsis | Enter the fp-redirect-group context | |
| Context | configure service epipe service-name sap sap ingress qos sap-ingress fp-redirect-group | |
| Tree | fp-redirect-group | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
group-name reference
| Synopsis | Queue group template name created on forwarding plane | |
| Context | configure service epipe service-name sap sap ingress qos sap-ingress fp-redirect-group group-name reference | |
| Tree | group-name | |
Reference | configure qos queue-group-templates ingress queue-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
instance number
| Synopsis | Queue group instance | |
| Context | configure service epipe service-name sap sap ingress qos sap-ingress fp-redirect-group instance number | |
| Tree | instance | |
| Range | 1 to 65535 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
overrides
policer [policer-id] reference
[policer-id] reference
cbs (number | keyword)
mbs (number | keyword)
packet-byte-offset number
| Synopsis | Packet size modification for policing information | |
| Context | configure service epipe service-name sap sap ingress qos sap-ingress overrides policer reference packet-byte-offset number | |
| Tree | packet-byte-offset | |
| Range | -32 to 31 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
percent-rate
| Synopsis | Enter the percent-rate context | |
| Context | configure service epipe service-name sap sap ingress qos sap-ingress overrides policer reference percent-rate | |
| Tree | percent-rate | |
Notes | The following elements are part of a choice: percent-rate or rate. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cir decimal-number
pir decimal-number
rate
cir (number | keyword)
pir (number | keyword)
stat-mode keyword
queue [queue-id] reference
[queue-id] reference
adaptation-rule
| Synopsis | Enter the adaptation-rule context | |
| Context | configure service epipe service-name sap sap ingress qos sap-ingress overrides queue reference adaptation-rule | |
| Tree | adaptation-rule | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cir keyword
pir keyword
cbs (number | keyword)
drop-tail
low
percent-reduction-from-mbs (number | keyword)
| Synopsis | Percentage reduction from the MBS for a queue drop tail | |
| Context | configure service epipe service-name sap sap ingress qos sap-ingress overrides queue reference drop-tail low percent-reduction-from-mbs (number | keyword) | |
| Tree | percent-reduction-from-mbs | |
| Range | 0 to 100 | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mbs (number | keyword)
parent
cir-weight number
| Synopsis | CIR parameter that overrides parent for queue group | |
| Context | configure service epipe service-name sap sap ingress qos sap-ingress overrides queue reference parent cir-weight number | |
| Tree | cir-weight | |
| Range | 0 to 100 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
weight number
percent-rate
| Synopsis | Enter the percent-rate context | |
| Context | configure service epipe service-name sap sap ingress qos sap-ingress overrides queue reference percent-rate | |
| Tree | percent-rate | |
Notes | The following elements are part of a choice: percent-rate or rate. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cir decimal-number
pir decimal-number
rate
cir (number | keyword)
pir (number | keyword)
policy-name reference
| Synopsis | Policy ID | |
| Context | configure service epipe service-name sap sap ingress qos sap-ingress policy-name reference | |
| Tree | policy-name | |
Reference | configure qos sap-ingress qos-policy-name | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
scheduler-policy
| Synopsis | Enter the scheduler-policy context | |
| Context | configure service epipe service-name sap sap ingress qos scheduler-policy | |
| Tree | scheduler-policy | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
overrides
scheduler [scheduler-name] named-item
[scheduler-name] named-item
| Synopsis | Scheduler name | |
| Context | configure service epipe service-name sap sap ingress qos scheduler-policy overrides scheduler named-item | |
| Tree | scheduler | |
Description | This command specifies the scheduler name which is composed of printable 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes. Each scheduler must have a unique name within the context of the scheduler policy. However, the same name can be reused in multiple scheduler policies. If the scheduler name already exists within the policy tier level, the context changes to that scheduler name for the purpose of editing the scheduler commands. If the scheduler name exists within the policy on a different tier, an error occurs and the current context does not change. If the scheduler name does not exist in this or another tier within the scheduler policy, it is assumed that an attempt is being made to create a scheduler of that name. If the provided scheduler name is invalid, a name syntax error occurs, the command does not execute, and the context is not change. | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
parent
cir-weight number
| Synopsis | Weight used at the within-CIR port priority level | |
| Context | configure service epipe service-name sap sap ingress qos scheduler-policy overrides scheduler named-item parent cir-weight number | |
| Tree | cir-weight | |
| Range | 0 to 100 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
weight number
rate
cir (number | keyword)
pir (number | keyword)
policy-name reference
| Synopsis | Scheduler policy name | |
| Context | configure service epipe service-name sap sap ingress qos scheduler-policy policy-name reference | |
| Tree | policy-name | |
Reference | configure qos scheduler-policy named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
lag
mc-ring
ring-node named-item
monitor-oper-group reference
| Synopsis | Monitor operational group | |
| Context | configure service epipe service-name sap sap monitor-oper-group reference | |
| Tree | monitor-oper-group | |
Reference | configure service oper-group named-item | |
Notes | The following elements are part of a choice: monitor-oper-group or oper-group. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
multi-service-site reference
| Synopsis | Multi service site name | |
| Context | configure service epipe service-name sap sap multi-service-site reference | |
| Tree | multi-service-site | |
Reference | configure service customer customer-name multi-service-site named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
oper-group reference
| Synopsis | Operational group | |
| Context | configure service epipe service-name sap sap oper-group reference | |
| Tree | oper-group | |
Reference | configure service oper-group named-item | |
Notes | The following elements are part of a choice: monitor-oper-group or oper-group. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
service-id number
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Service ID | |
| Context | configure service epipe service-name service-id number | |
| Tree | service-id | |
| Range | 1 to 2147483647 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
service-mtu number
| Synopsis | MTU size | |
| Context | configure service epipe service-name service-mtu number | |
| Tree | service-mtu | |
Description | This command configures the Maximum Transmission Unit (MTU) value (payload) for the service. The system uses the value to validate the operational state of the SAP and SDP binding within the service. The value overrides the default MTU for the service type. The service MTU and a SAP’s service delineation encapsulation overhead (4 bytes for a dot1q tag) are used to derive the required MTU of the physical port or channel on which the SAP was created. If the required payload is larger than the port or channel MTU, the SAP is placed in an inoperative state. If the required MTU is equal to or less than the port or channel MTU, the SAP transitions to the operative state. When binding an SDP to a service, the service MTU is compared to the path MTU associated with the SDP. The path MTU can be administratively defined in the context of the SDP. The default or administrative path MTU can be dynamically reduced due to the MTU capabilities discovered by the tunneling mechanism of the SDP or the egress interface MTU capabilities based on the next hop in the tunnel path. If the service MTU is larger than the path MTU, the SDP binding for the service is placed in an inoperative state. If the service MTU is equal to or less than the path MTU, the SDP binding is placed in an operational state. If a service MTU, port or channel MTU, or path MTU is dynamically or administratively modified, all associated SAP and SDP binding operational states are automatically reevaluated. Binding operational states are automatically reevaluated. For I-VPLS and Epipes bound to a B-VPLS, the service MTU must be at least 18 bytes smaller than the B-VPLS service MTU to accommodate the PBB header. Because this connects a Layer 2 to a Layer 3 service, adjust the service MTU under the Epipe service. The MTU that is advertised from the Epipe side is service MTU minus EtherHeaderSize. In the configure service epipe spoke-sdp context, the adv-service-mtu command can be used to override the configured MTU value used in T-LDP signaling to the far-end of an Epipe spoke-sdp. The adv-service-mtu command is also used to validate the value signaled by the far-end PE. | |
| Range | 1 to 9782 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
spoke-sdp [sdp-bind-id] sdp-bind-id
[sdp-bind-id] sdp-bind-id
accounting-policy reference
| Synopsis | Policy to collect accounting statistics | |
| Context | configure service epipe service-name spoke-sdp sdp-bind-id accounting-policy reference | |
| Tree | accounting-policy | |
Reference | configure log accounting-policy number | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the SDP binding to the service | |
| Context | configure service epipe service-name spoke-sdp sdp-bind-id admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
adv-service-mtu number
| Synopsis | Service MTU used in signaling | |
| Context | configure service epipe service-name spoke-sdp sdp-bind-id adv-service-mtu number | |
| Tree | adv-service-mtu | |
Description | This command configures the MTU value that is signaled in the targeted LDP for the spoke-SDP, instead of the service MTU. However, the configuration does not affect the locally enforced value, which is still based on the service MTU. This MTU value cannot be configured on a spoke-SDP that is bound to an SDP with the adv-mtu-override command (configure service sdp context). When unconfigured, an adjusted service MTU is used (service-mtu command). | |
| Range | 0 to 9782 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
bandwidth (number | keyword)
collect-stats boolean
| Synopsis | Allow agent to collect accounting statistics | |
| Context | configure service epipe service-name spoke-sdp sdp-bind-id collect-stats boolean | |
| Tree | collect-stats | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
control-word boolean
| Synopsis | Use the control word as preferred | |
| Context | configure service epipe service-name spoke-sdp sdp-bind-id control-word boolean | |
| Tree | control-word | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
description description
| Synopsis | Text description | |
| Context | configure service epipe service-name spoke-sdp sdp-bind-id description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
egress
filter
ip reference
ipv6 reference
qos
network
policy-name reference
| Synopsis | Network policy ID | |
| Context | configure service epipe service-name spoke-sdp sdp-bind-id egress qos network policy-name reference | |
| Tree | policy-name | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
port-redirect-group
| Synopsis | Enter the port-redirect-group context | |
| Context | configure service epipe service-name spoke-sdp sdp-bind-id egress qos network port-redirect-group | |
| Tree | port-redirect-group | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
group-name reference
| Synopsis | Name of the egress port queue group | |
| Context | configure service epipe service-name spoke-sdp sdp-bind-id egress qos network port-redirect-group group-name reference | |
| Tree | group-name | |
Reference | configure qos queue-group-templates egress queue-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
instance number
vc-label number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Egress MPLS VC label to send packets to the far end | |
| Context | configure service epipe service-name spoke-sdp sdp-bind-id egress vc-label number | |
| Tree | vc-label | |
| Range | 16 to 1048575 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
endpoint
icb boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Bind SDP as type Inter-Chassis Backup (ICB) | |
| Context | configure service epipe service-name spoke-sdp sdp-bind-id endpoint icb boolean | |
| Tree | icb | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
name reference
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Service endpoint name | |
| Context | configure service epipe service-name spoke-sdp sdp-bind-id endpoint name reference | |
| Tree | name | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
precedence (number | keyword)
| Synopsis | Precedence when multiple SDP binds are on one endpoint | |
| Context | configure service epipe service-name spoke-sdp sdp-bind-id endpoint precedence (number | keyword) | |
| Tree | precedence | |
| Range | 1 to 4 | |
| Options | ||
| Default | 4 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
force-vc-forwarding keyword
| Synopsis | VC forwarding action | |
| Context | configure service epipe service-name spoke-sdp sdp-bind-id force-vc-forwarding keyword | |
| Tree | force-vc-forwarding | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
hash-label
| Synopsis | Enable the hash-label context | |
| Context | configure service epipe service-name spoke-sdp sdp-bind-id hash-label | |
| Tree | hash-label | |
Description | Commands in this context configure the use of hash labels for egress datapaths. For information about hash-label handling, see the "Hash label" section of the 7705 SAR Gen 2 MPLS Guide. | |
Notes | The following elements are part of a choice: entropy-label or hash-label. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
signal-capability
| Synopsis | Signal hash label capability to the remote PE | |
| Context | configure service epipe service-name spoke-sdp sdp-bind-id hash-label signal-capability | |
| Tree | signal-capability | |
Description | When configured, this command enables the signaling and negotiating of the hash label between the local and remote PE nodes. The signaling process outcome determines whether the local PE inserts the hash label on the user packets. This outcome can override the local PE configuration. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ingress
filter
ip reference
ipv6 reference
qos
network
fp-redirect-group
| Synopsis | Enter the fp-redirect-group context | |
| Context | configure service epipe service-name spoke-sdp sdp-bind-id ingress qos network fp-redirect-group | |
| Tree | fp-redirect-group | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
group-name reference
| Synopsis | Name of the forwarding plane queue group template | |
| Context | configure service epipe service-name spoke-sdp sdp-bind-id ingress qos network fp-redirect-group group-name reference | |
| Tree | group-name | |
Reference | configure qos queue-group-templates ingress queue-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
instance number
policy-name reference
| Synopsis | Network policy ID | |
| Context | configure service epipe service-name spoke-sdp sdp-bind-id ingress qos network policy-name reference | |
| Tree | policy-name | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
vc-label number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Ingress MPLS VC label to send packets to the far end | |
| Context | configure service epipe service-name spoke-sdp sdp-bind-id ingress vc-label number | |
| Tree | vc-label | |
| Range | 1 to 1048575 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
monitor-oper-group reference
| Synopsis | Operational group that affects state of the SDP bind | |
| Context | configure service epipe service-name spoke-sdp sdp-bind-id monitor-oper-group reference | |
| Tree | monitor-oper-group | |
Reference | configure service oper-group named-item | |
Notes | The following elements are part of a choice: monitor-oper-group or oper-group. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
oper-group reference
| Synopsis | Operational group identifier | |
| Context | configure service epipe service-name spoke-sdp sdp-bind-id oper-group reference | |
| Tree | oper-group | |
Reference | configure service oper-group named-item | |
Notes | The following elements are part of a choice: monitor-oper-group or oper-group. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
pw-status
block-on-peer-fault boolean
| Synopsis | Block transmit direction of PW based on status code | |
| Context | configure service epipe service-name spoke-sdp sdp-bind-id pw-status block-on-peer-fault boolean | |
| Tree | block-on-peer-fault | |
| Default | false | |
Notes | The following elements are part of a choice: block-on-peer-fault or standby-signaling-slave. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
signaling boolean
standby-signaling-slave boolean
| Synopsis | Block spoke transmission based on PW standby status | |
| Context | configure service epipe service-name spoke-sdp sdp-bind-id pw-status standby-signaling-slave boolean | |
| Tree | standby-signaling-slave | |
| Default | false | |
Notes | The following elements are part of a choice: block-on-peer-fault or standby-signaling-slave. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
vc-type keyword
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Virtual circuit type associated with the SDP binding | |
| Context | configure service epipe service-name spoke-sdp sdp-bind-id vc-type keyword | |
| Tree | vc-type | |
| Options | ||
| Default | ether | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
vlan-vc-tag number
| Synopsis | SDP bind VC tag | |
| Context | configure service epipe service-name spoke-sdp sdp-bind-id vlan-vc-tag number | |
| Tree | vlan-vc-tag | |
| Range | 0 to 4094 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
test boolean
vc-switching boolean
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Use PW switching signaling for spoke SDPs in service | |
| Context | configure service epipe service-name vc-switching boolean | |
| Tree | vc-switching | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
vpn-id number
ies [service-name] service-name
[service-name] service-name
admin-state keyword
| Synopsis | Administrative state of the service | |
| Context | configure service ies service-name admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
customer reference
description description
| Synopsis | Text description | |
| Context | configure service ies service-name description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
interface [interface-name] interface-name
| Synopsis | Enter the interface list instance | |
| Context | configure service ies service-name interface interface-name | |
| Tree | interface | |
Description | Commands in this context create a logical IP routing interface. When created, attributes such as an IP address and SAP ID can be associated with the IP interface. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[interface-name] interface-name
admin-state keyword
| Synopsis | Administrative state of the interface | |
| Context | configure service ies service-name interface interface-name admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
description very-long-description
| Synopsis | Text description | |
| Context | configure service ies service-name interface interface-name description very-long-description | |
| Tree | description | |
| String length | 1 to 255 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dynamic-tunnel-redundant-nexthop ipv4-unicast-address
| Synopsis | Redundant next-hop address for the dynamic IPsec tunnel | |
| Context | configure service ies service-name interface interface-name dynamic-tunnel-redundant-nexthop ipv4-unicast-address | |
| Tree | dynamic-tunnel-redundant-nexthop | |
Description | This command configures a redundant next-hop address on a public or private IPsec interface (with a public or private tunnel SAP) for dynamic IPsec tunnel in 1:1 MC-IPsec. A standby node uses the specified next-hop address to shunt traffic to the master in case it receives traffic destined to a tunnel endpoint address. The standby tunnel group needs to be operationally up for the feature to work. The next-hop address is resolved in the routing table of a corresponding service. | |
Notes | The following elements are part of a choice: multi-chassis-shunting-profile or (dynamic-tunnel-redundant-nexthop and static-tunnel-redundant-nexthop). | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
hold-time
ipv4
down
| Synopsis | Enter the down context | |
| Context | configure service ies service-name interface interface-name hold-time ipv4 down | |
| Tree | down | |
Description | Commands in this context configure the down hold timer, which specifies the delay before activating the associated interface. The delay is invoked whenever the system attempts to bring the associated IP interface up, unless an operator configures the init-only command. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
init-only boolean
| Synopsis | Apply delay only at interface configuration or reboot | |
| Context | configure service ies service-name interface interface-name hold-time ipv4 down init-only boolean | |
| Tree | init-only | |
Description | This command applies a delay only when the IP interface is first configured or after a system reboot. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
seconds number
up
| Synopsis | Enter the up context | |
| Context | configure service ies service-name interface interface-name hold-time ipv4 up | |
| Tree | up | |
Description | Commands in this context configure the up hold timer, which specifies the delay before deactivation of the associated interface. The delay is invoked whenever the system attempts to bring the associated IP interface down. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
seconds number
ipv6
down
| Synopsis | Enter the down context | |
| Context | configure service ies service-name interface interface-name hold-time ipv6 down | |
| Tree | down | |
Description | Commands in this context configure the down hold timer, which specifies the delay before activation of the associated interface. The delay is invoked whenever the system attempts to bring the associated IP interface up, unless an operator configures the init-only command. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
init-only boolean
| Synopsis | Apply delay only at interface configuration or reboot | |
| Context | configure service ies service-name interface interface-name hold-time ipv6 down init-only boolean | |
| Tree | init-only | |
Description | When configured to true, the system applies a delay only when the IP interface is first configured or after a system reboot. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
seconds number
up
| Synopsis | Enter the up context | |
| Context | configure service ies service-name interface interface-name hold-time ipv6 up | |
| Tree | up | |
Description | Commands in this context configure the up hold timer, which specifies the delay before deactivation of the associated interface. The delay is invoked whenever the system attempts to bring the associated IP interface down. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
seconds number
if-attribute
| Synopsis | Enter the if-attribute context | |
| Context | configure service ies service-name interface interface-name if-attribute | |
| Tree | if-attribute | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-group reference
| Synopsis | Administrative group name for the interface | |
| Context | configure service ies service-name interface interface-name if-attribute admin-group reference | |
| Tree | admin-group | |
Description | This command specifies the administrative group membership to an interface. The configured administrative group membership is applied in all levels or areas the interface is participating in. The same interface cannot have different memberships in different levels or areas. | |
Reference | configure routing-options if-attribute admin-group named-item | |
| Max. instances | 32 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
srlg-group [name] reference
| Synopsis | Add a list entry for srlg-group | |
| Context | configure service ies service-name interface interface-name if-attribute srlg-group reference | |
| Tree | srlg-group | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[name] reference
| Synopsis | SRLG name | |
| Context | configure service ies service-name interface interface-name if-attribute srlg-group reference | |
| Tree | srlg-group | |
Reference | configure routing-options if-attribute srlg-group named-item | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ingress
ip-mtu number
| Synopsis | IP MTU applied to outgoing packets | |
| Context | configure service ies service-name interface interface-name ip-mtu number | |
| Tree | ip-mtu | |
Description | This command configures the IP maximum transmission unit (MTU) for the associated router IP interface. | |
| Range | 512 to 9786 | |
| Units | bytes | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
ip-tunnel-interface boolean
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable IP tunnel interface | |
| Context | configure service ies service-name interface interface-name ip-tunnel-interface boolean | |
| Tree | ip-tunnel-interface | |
Description | When configured to true, the system enables a GRE virtual IP interface. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
ipsec
admin-state keyword
| Synopsis | Administrative state of IPsec secured interface | |
| Context | configure service ies service-name interface interface-name ipsec admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ip-exception reference
| Synopsis | IP exception filter | |
| Context | configure service ies service-name interface interface-name ipsec ip-exception reference | |
| Tree | ip-exception | |
Description | This command configures the IP exception filter for the secured interface. All ingress traffic matching the specified filter bypasses IPsec processing. | |
Reference | configure filter ip-exception filter-name | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipsec-tunnel [name] named-item
| Synopsis | Enter the ipsec-tunnel list instance | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item | |
| Tree | ipsec-tunnel | |
Description | Commands in this context configure IPsec tunnels used to secure traffic forwarded over the interface. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[name] named-item
| Synopsis | IPsec tunnel name | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item | |
| Tree | ipsec-tunnel | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the IPsec tunnel | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bfd
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the bfd context | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item bfd | |
| Tree | bfd | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
bfd-designate boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Designate IPsec tunnel to carry BFD traffic | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item bfd bfd-designate boolean | |
| Tree | bfd-designate | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
bfd-liveness
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable the bfd-liveness context | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item bfd bfd-liveness | |
| Tree | bfd-liveness | |
Description | Commands in this context configure a BFD session to provide a heart-beat mechanism for a specified IPsec tunnel. There can be only one BFD session assigned to any given IPsec tunnel, but there can be multiple IPsec tunnels using the same BFD session. BFD controls the state of the association tunnel. If the BFD session goes down, the system brings down the associated non-designated IPsec tunnel. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
dest-ip ipv4-unicast-address
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Destination address used for the BFD session | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item bfd bfd-liveness dest-ip ipv4-unicast-address | |
| Tree | dest-ip | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
interface interface-name
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Name of the interface used by the BFD session | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item bfd bfd-liveness interface interface-name | |
| Tree | interface | |
| String length | 1 to 32 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
service-name service-name
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Administrative service name | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item bfd bfd-liveness service-name service-name | |
| Tree | service-name | |
Description | This command configures the name of the service where BFD traffic is forwarded to. | |
| String length | 1 to 64 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
clear-df-bit boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Reset the DF bit to 0 in all payload IP packets | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item clear-df-bit boolean | |
| Tree | clear-df-bit | |
Description | When configured to true, the DF bit is set to 0 in all payload IP packets associated with the IPsec tunnel, before any potential fragmentation occurs. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
copy-traffic-class-upon-decapsulation boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable traffic class copy upon decapsulation | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item copy-traffic-class-upon-decapsulation boolean | |
| Tree | copy-traffic-class-upon-decapsulation | |
Description | When configured to true, the system copies the traffic class from the outer tunnel IP packet header to the payload IP packet header in the decapsulating direction (public to private). | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
description description
| Synopsis | Text description | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
encapsulated-ip-mtu number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Maximum size of the encapsulated tunnel packet | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item encapsulated-ip-mtu number | |
| Tree | encapsulated-ip-mtu | |
Description | This command specifies the maximum size of the encapsulated tunnel packet to the IPsec tunnel, the IP tunnel, or the dynamic tunnels terminated on the IPsec Gateway. If the encapsulated IPv4 or IPv6 tunnel packet exceeds this value, the system fragments the packet. | |
| Range | 512 to 9000 | |
| Units | bytes | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
icmp-generation
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the icmp-generation context | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item icmp-generation | |
| Tree | icmp-generation | |
Description | Commands in this context configure settings for ICMPv4 message generation. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
frag-required
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the frag-required context | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item icmp-generation frag-required | |
| Tree | frag-required | |
Description | Commands in this context configure the attributes for sending generated ICMP Destination Unreachable "fragmentation needed and DF set" messages (type 3, code 4) back to the source, if the received size of the IPv4 packet on the private side exceeds the private MTU size. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
admin-state keyword
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Administrative state of sending ICMP messages | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item icmp-generation frag-required admin-state keyword | |
| Tree | admin-state | |
Description | This command configures the administrative state of sending ICMP Destination Unreachable "fragmentation needed, DF set" messages (type 3, code 4) messages to the source if the received size of the IPv4 packet on the private side exceeds the private MTU size. | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
interval number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Interval for sending ICMP messages | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item icmp-generation frag-required interval number | |
| Tree | interval | |
Description | This command configures the interval for sending ICMP Destination Unreachable "fragmentation needed, DF set" messages (type 3, code 4). | |
| Range | 1 to 60 | |
| Units | seconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
message-count number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Maximum number of ICMP messages that can be sent | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item icmp-generation frag-required message-count number | |
| Tree | message-count | |
Description | This command configures the maximum number of ICMP Destination Unreachable "fragmentation needed, DF set" messages (type 3, code 4) that can be sent during the configured interval. | |
| Range | 10 to 1000 | |
| Default | 100 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
icmp6-generation
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the icmp6-generation context | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item icmp6-generation | |
| Tree | icmp6-generation | |
Description | Commands in this context configure settings for ICMPv6 message generation. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
packet-too-big
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the packet-too-big context | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item icmp6-generation packet-too-big | |
| Tree | packet-too-big | |
Description | Commands in this context configure the parameters to send ICMPv6 PTB (Packet Too Big) messages on the private side. The system sends PTB messages if a received IPv6 packet on the private side is greater than 1280 bytes and it exceeds the private MTU of the tunnel. The private MTU for the tunnel is configured via the configure router interface ipsec ipsec-tunnel ip-mtu command for the interface. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
admin-state keyword
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Administrative state of Packet Too Big message sends | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item icmp6-generation packet-too-big admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
interval number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Interval for sending Packet Too Big messages | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item icmp6-generation packet-too-big interval number | |
| Tree | interval | |
| Range | 1 to 60 | |
| Units | seconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
message-count number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Maximum number of ICMPv6 PTB messages that can be sent | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item icmp6-generation packet-too-big message-count number | |
| Tree | message-count | |
Description | This command configures the maximum number of PTB messages that can be sent during the configured interval. | |
| Range | 10 to 1000 | |
| Default | 100 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
ip-mtu number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Private MTU of the IPsec tunnel | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item ip-mtu number | |
| Tree | ip-mtu | |
Description | This command specifies the private MTU of the IPsec tunnel. The private MTU is used to determine the need for fragmentation before encapsulation of the payload packet. | |
| Range | 512 to 9000 | |
| Units | bytes | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
key-exchange
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the key-exchange context | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange | |
| Tree | key-exchange | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
dynamic
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable the dynamic context | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic | |
| Tree | dynamic | |
Notes | The following elements are part of a choice: dynamic or manual. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
auto-establish boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Attempt to establish a phase 1 exchange automatically | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic auto-establish boolean | |
| Tree | auto-establish | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
cert
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the cert context | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic cert | |
| Tree | cert | |
Description | Commands in this context configure the attributes of the dynamic keying certificate. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
cert-profile reference
| Synopsis | Certificate profile name | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic cert cert-profile reference | |
| Tree | cert-profile | |
Reference | configure ipsec cert-profile named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
status-verify
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the status-verify context | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic cert status-verify | |
| Tree | status-verify | |
Description | Commands in this context configure attributes of Certificate Status Verification (CSV). | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
default-result keyword
| Synopsis | Default result for Certificate Status Verification | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic cert status-verify default-result keyword | |
| Tree | default-result | |
Description | This command specifies the default certificate revocation status result to use when all configured CSV methods fail to return a result. | |
| Options | ||
| Default | revoked | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
primary keyword
| Synopsis | Primary method of CSV to verify the revocation status | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic cert status-verify primary keyword | |
| Tree | primary | |
Description | This command configures the primary method of Certificate Status Verification (CSV) that is used to verify the revocation status of the certificate of the peer. | |
| Options | ||
| Default | crl | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
secondary keyword
| Synopsis | Secondary method used to verify certificate revocation | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic cert status-verify secondary keyword | |
| Tree | secondary | |
Description | This command specifies the secondary method of Certificate Status Verification (CSV) that is used to verify the revocation status of the peer certificate. | |
| Options | ||
| Default | none | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
trust-anchor-profile reference
| Synopsis | Trust anchor profile name | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic cert trust-anchor-profile reference | |
| Tree | trust-anchor-profile | |
Reference | configure ipsec trust-anchor-profile named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
id
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the id context | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic id | |
| Tree | id | |
Description | Commands in this context specify the local ID used for IDi or IDr for IKEv2 negotiation. The default behavior depends on the local authentication method as follows:
| |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
fqdn fully-qualified-domain-name
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | FQDN used as the local ID IKE type | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic id fqdn fully-qualified-domain-name | |
| Tree | fqdn | |
| String length | 1 to 255 | |
Notes | The following elements are part of a choice: fqdn, ipv4, or ipv6. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ipv4 ipv4-unicast-address
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | IPv4 as the local ID type | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic id ipv4 ipv4-unicast-address | |
| Tree | ipv4 | |
Notes | The following elements are part of a choice: fqdn, ipv4, or ipv6. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ipv6 (ipv4-address-no-zone | ipv6-address-no-zone)
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | IPv6 used as the local IKE ID type | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic id ipv6 (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | ipv6 | |
Notes | The following elements are part of a choice: fqdn, ipv4, or ipv6. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ike-policy reference
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | IKE policy ID | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic ike-policy reference | |
| Tree | ike-policy | |
Description | This command specifies the ID of the IKE policy used for IKE negotiation. The ipsec-transport-mode-profile configuration only supports IKEv2. | |
Reference | configure ipsec ike-policy number | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ipsec-transform reference
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | IPsec transform IDs used by the dynamic key | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic ipsec-transform reference | |
| Tree | ipsec-transform | |
Description | This command specifies IPsec transform IDs used for CHILD_SA negotiation. | |
Reference | configure ipsec ipsec-transform number | |
| Max. instances | 4 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
ppk
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the ppk context | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic ppk | |
| Tree | ppk | |
Description | Commands in this context configure the PPKs to use for dynamic keying of the IPsec tunnel. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
id reference
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | PPK ID | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic ppk id reference | |
| Tree | id | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
list reference
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | PPK list instance name | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic ppk list reference | |
| Tree | list | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
pre-shared-key encrypted-leaf
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Pre-shared key for authentication | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic pre-shared-key encrypted-leaf | |
| Tree | pre-shared-key | |
| String length | 1 to 115 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
manual
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable the manual context | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange manual | |
| Tree | manual | |
Description | Commands in this context configure settings for manually configured security associations for the IPsec tunnel. | |
Notes | The following elements are part of a choice: dynamic or manual. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
keys [security-association] number direction keyword
| Synopsis | Enter the keys list instance | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange manual keys number direction keyword | |
| Tree | keys | |
Description | Commands in this context configure the security association list for the tunnel. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[security-association] number
| Synopsis | SA entry ID | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange manual keys number direction keyword | |
| Tree | keys | |
| Range | 1 to 16 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
direction keyword
| Synopsis | Direction of the IPsec tunnel | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange manual keys number direction keyword | |
| Tree | keys | |
| Options | ||
|
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authentication-key hex-string
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Key used for the authentication algorithm | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange manual keys number direction keyword authentication-key hex-string | |
| Tree | authentication-key | |
| String length | 1 to 130 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
encryption-key hex-string
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Key used for the encryption algorithm | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange manual keys number direction keyword encryption-key hex-string | |
| Tree | encryption-key | |
| String length | 1 to 66 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ipsec-transform reference
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Transform entry used by manual SAs | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange manual keys number direction keyword ipsec-transform reference | |
| Tree | ipsec-transform | |
Reference | configure ipsec ipsec-transform number | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
spi number
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | SPI of inbound and outbound packets | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange manual keys number direction keyword spi number | |
| Tree | spi | |
Description | This command specifies the Security Parameter Index (SPI) used to look up the instruction to verify and decrypt the incoming IPsec packets when the direction is inbound. When the direction is outbound, the SPI is used in the encoding of the outgoing packets. The remote node can use the SPI to look up the instruction to verify and decrypt the packet. | |
| Range | 256 to 16383 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
local-gateway-address-override (ipv4-address-no-zone | ipv6-address-no-zone)
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Local IPsec tunnel endpoint address | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item local-gateway-address-override (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | local-gateway-address-override | |
Description | This command configures the local IPsec tunnel endpoint address. This overrides the default endpoint address, which is the interface address. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
max-history-key-records
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the max-history-key-records context | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item max-history-key-records | |
| Tree | max-history-key-records | |
Description | Commands in this context configure the settings for recording historical IPsec keys. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
esp number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Maximum number of recent records | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item max-history-key-records esp number | |
| Tree | esp | |
| Range | 1 to 48 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
ike number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Maximum number of historical IKE key records | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item max-history-key-records ike number | |
| Tree | ike | |
| Range | 1 to 3 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
pmtu-discovery-aging number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Aging out time of the learned path MTU | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item pmtu-discovery-aging number | |
| Tree | pmtu-discovery-aging | |
Description | This command configures the temporary public and private MTU expiration time. The temporary MTU is used for MTU propagation. | |
| Range | 900 to 3600 | |
| Units | seconds | |
| Default | 900 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
private-sap number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Private SAP ID | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item private-sap number | |
| Tree | private-sap | |
| Range | 0 to 4094 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
private-service service-name
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Private service name | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item private-service service-name | |
| Tree | private-service | |
Description | This command configures the private service name. If unconfigured, the private service is the service where the secured interface resides. | |
| String length | 1 to 64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
private-tcp-mss-adjust number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | TCP maximum segment size (MSS) adjustment | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item private-tcp-mss-adjust number | |
| Tree | private-tcp-mss-adjust | |
Description | This command specifies the TCP MSS to adjust for the tunnel on the private side. When configured, the system may use the value to update the MSS option in the received TCP SYN packet on the private side. | |
| Range | 512 to 9000 | |
| Units | bytes | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
propagate-pmtu-v4 boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable propagation of the path MTU to IPv4 hosts | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item propagate-pmtu-v4 boolean | |
| Tree | propagate-pmtu-v4 | |
Description | When configured to true, the system propagates the path MTU learned from the public side to the private side (IPv4 hosts). | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
propagate-pmtu-v6 boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable propagation of the path MTU to IPv6 hosts | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item propagate-pmtu-v6 boolean | |
| Tree | propagate-pmtu-v6 | |
Description | When configured to true, the system propagates the path MTU learned from the public side to the private side (IPv6 hosts). | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
public-tcp-mss-adjust (number | keyword)
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | TCP maximum segment size (MSS) on the public network | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item public-tcp-mss-adjust (number | keyword) | |
| Tree | public-tcp-mss-adjust | |
Description | This command configures the MSS for the TCP traffic in an IPsec tunnel that is sent from the public network to the private network. The system may use this value to adjust or insert the MSS option in the TCP SYN packet. | |
| Range | 512 to 9000 | |
| Units | bytes | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
remote-gateway-address (ipv4-address-no-zone | ipv6-address-no-zone)
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Remote IPsec tunnel endpoint address | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item remote-gateway-address (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | remote-gateway-address | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
replay-window number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Anti-replay window size | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item replay-window number | |
| Tree | replay-window | |
Description | This command specifies the size of an IPsec anti-replay window. If unconfigured, IPsec anti-replay is disabled. | |
| Range | 32 | 64 | 128 | 256 | 512 | |
| Units | packets | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
security-policy
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the security-policy context | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item security-policy | |
| Tree | security-policy | |
Description | Commands in this context specify a security policy used by the tunnel. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
id number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Security policy ID for use by the tunnel | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item security-policy id number | |
| Tree | id | |
| Max. range | 0 to 4294967295 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
strict-match boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable strict match of the security policy entry | |
| Context | configure service ies service-name interface interface-name ipsec ipsec-tunnel named-item security-policy strict-match boolean | |
| Tree | strict-match | |
Description | When configured to true, this command enables strict match of the security policy entry. When a CREATE_CHILD exchange request is received for a static IPsec tunnel, and this request is not a rekey request, ISA matches the received TSi and TSr with the configured security policy. This can be a match only when a received TS (in TSi or TSr) address range matches exactly with the subnet in a security policy entry. If there is no match, the setup fails, and TS_UNACCEPTABLE is sent. If there is a match, but there is an existing CHILD_SA for the matched security policy, the setup fails, and NO_PROPOSAL_CHOSEN is sent. If there is a match, and there is not a CHILD_SA for the matched entry, the subnet is sent in the matched security policy entry as TSi and TSr, and the CHILD_SA is created. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
ipv6-exception reference
| Synopsis | IPv6 filter exception used to bypass encryption | |
| Context | configure service ies service-name interface interface-name ipsec ipv6-exception reference | |
| Tree | ipv6-exception | |
Description | This command specifies the IPv6 filter exception for an IPsec-secured IPv6 interface. When an IPv6 filter exception is added, clear text packets that match the exception criteria in the IPv6 filter exception can ingress the interface, even when IPsec is enabled on the interface. | |
Reference | configure filter ipv6-exception filter-name | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
public-sap number
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Public SAP ID | |
| Context | configure service ies service-name interface interface-name ipsec public-sap number | |
| Tree | public-sap | |
| Range | 0 to 4094 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
tunnel-group reference
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Tunnel group ID | |
| Context | configure service ies service-name interface interface-name ipsec tunnel-group reference | |
| Tree | tunnel-group | |
Reference | configure isa tunnel-group number | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ipv4
addresses
address [ipv4-address] ipv4-unicast-address
[ipv4-address] ipv4-unicast-address
prefix-length number
| Synopsis | IPv4 address prefix length | |
| Context | configure service ies service-name interface interface-name ipv4 addresses address ipv4-unicast-address prefix-length number | |
| Tree | prefix-length | |
| Range | 0 to 32 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
allow-directed-broadcasts boolean
| Synopsis | Forward directed broadcasts | |
| Context | configure service ies service-name interface interface-name ipv4 allow-directed-broadcasts boolean | |
| Tree | allow-directed-broadcasts | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
bfd
admin-state keyword
| Synopsis | Administrative state of BFD sessions | |
| Context | configure service ies service-name interface interface-name ipv4 bfd admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
echo-receive number
| Synopsis | Minimum echo interval over this interface | |
| Context | configure service ies service-name interface interface-name ipv4 bfd echo-receive number | |
| Tree | echo-receive | |
| Range | 100 to 100000 | |
| Units | milliseconds | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
multiplier number
| Synopsis | Number of consecutive BFD messages missed from the peer | |
| Context | configure service ies service-name interface interface-name ipv4 bfd multiplier number | |
| Tree | multiplier | |
Description | This command configures the number of missed messages before the BFD session state is changed to down and the upper-level protocol is notified of the fault. A multiplier of less than 3 should not be used in production environments. | |
| Range | 1 to 20 | |
| Default | 3 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
receive number
| Synopsis | BFD receive interval over this interface | |
| Context | configure service ies service-name interface interface-name ipv4 bfd receive number | |
| Tree | receive | |
Description | This command specifies the receive interval for the BFD session. | |
| Range | 10 to 100000 | |
| Units | milliseconds | |
| Default | 100 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
transmit-interval number
| Synopsis | BFD transmit interval over this interface | |
| Context | configure service ies service-name interface interface-name ipv4 bfd transmit-interval number | |
| Tree | transmit-interval | |
Description | This command configures the transmit intervals. | |
| Range | 10 to 100000 | |
| Units | milliseconds | |
| Default | 100 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
dhcp
admin-state keyword
| Synopsis | Administrative state of DHCP | |
| Context | configure service ies service-name interface interface-name ipv4 dhcp admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
description description
| Synopsis | Text description | |
| Context | configure service ies service-name interface interface-name ipv4 dhcp description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
gi-address ipv4-unicast-address
| Synopsis | GI address for the DHCP relay | |
| Context | configure service ies service-name interface interface-name ipv4 dhcp gi-address ipv4-unicast-address | |
| Tree | gi-address | |
Description | This command configures the GI address to distinguish between the different subscriber interfaces (and potentially group interfaces) defined when the router functions as a DHCP relay. By default, the GI address used in the relayed DHCP packet is the primary IP address of a normal IES interface. Specifying the GI address allows the user to choose a secondary address. For group interfaces, a GI address must be specified under the group interface DHCP context or subscriber interface DHCP context for DHCP to function. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
lease-populate
| Synopsis | Enter the lease-populate context | |
| Context | configure service ies service-name interface interface-name ipv4 dhcp lease-populate | |
| Tree | lease-populate | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
max-leases number
| Synopsis | Maximum number of DHCPv4 leases allowed | |
| Context | configure service ies service-name interface interface-name ipv4 dhcp lease-populate max-leases number | |
| Tree | max-leases | |
| Range | 0 to 511999 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
option-82
| Synopsis | Enter the option-82 context | |
| Context | configure service ies service-name interface interface-name ipv4 dhcp option-82 | |
| Tree | option-82 | |
Description | Commands in this context configure the processing required when the router receives a DHCP request that already has an Option 82 field in the packet. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
action keyword
circuit-id
| Synopsis | Enter the circuit-id context | |
| Context | configure service ies service-name interface interface-name ipv4 dhcp option-82 circuit-id | |
| Tree | circuit-id | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ascii-tuple
| Synopsis | Use the ASCII-encoded tuple for the circuit ID | |
| Context | configure service ies service-name interface interface-name ipv4 dhcp option-82 circuit-id ascii-tuple | |
| Tree | ascii-tuple | |
Notes | The following elements are part of a choice: ascii-tuple, ifindex, none, sap-id, or vlan-ascii-tuple. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ifindex
| Synopsis | Use the interface index for the circuit ID | |
| Context | configure service ies service-name interface interface-name ipv4 dhcp option-82 circuit-id ifindex | |
| Tree | ifindex | |
Notes | The following elements are part of a choice: ascii-tuple, ifindex, none, sap-id, or vlan-ascii-tuple. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
none
sap-id
vlan-ascii-tuple
| Synopsis | Include the VLAN ID and dot1p bits in the ASCII tuple | |
| Context | configure service ies service-name interface interface-name ipv4 dhcp option-82 circuit-id vlan-ascii-tuple | |
| Tree | vlan-ascii-tuple | |
Description | When configured, the router includes the VLAN ID and dot1p bits with the ASCII-tuple information. This only occurs on dot1q and QinQ-encapsulated ports. When the Option 82 bits are stripped, dot1p bits are copied to the Ethernet header of the outgoing packet. When unconfigured, the router leaves the circuit ID sub-option of the DHCP packet empty. | |
Notes | The following elements are part of a choice: ascii-tuple, ifindex, none, sap-id, or vlan-ascii-tuple. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
remote-id
| Synopsis | Enter the remote-id context | |
| Context | configure service ies service-name interface interface-name ipv4 dhcp option-82 remote-id | |
| Tree | remote-id | |
Description | Commands in this context configure the remote IP sub-option of the DHCP packet with the identity of the remote host end (typically the DHCP client). | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ascii-string string-not-all-spaces
| Synopsis | User-defined ASCII string for the remote ID | |
| Context | configure service ies service-name interface interface-name ipv4 dhcp option-82 remote-id ascii-string string-not-all-spaces | |
| Tree | ascii-string | |
| String length | 1 to 32 | |
Notes | The following elements are part of a choice: ascii-string, mac, or none. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mac
none
vendor-specific-option
| Synopsis | Enter the vendor-specific-option context | |
| Context | configure service ies service-name interface interface-name ipv4 dhcp option-82 vendor-specific-option | |
| Tree | vendor-specific-option | |
Description | Commands in this context configure the Nokia Vendor-Specific Option (VSO) of the DHCP packet. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
client-mac-address boolean
| Synopsis | Send the MAC address in the VSO | |
| Context | configure service ies service-name interface interface-name ipv4 dhcp option-82 vendor-specific-option client-mac-address boolean | |
| Tree | client-mac-address | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
pool-name boolean
sap-id boolean
service-id boolean
| Synopsis | Send the service ID in the Vendor Specific Option | |
| Context | configure service ies service-name interface interface-name ipv4 dhcp option-82 vendor-specific-option service-id boolean | |
| Tree | service-id | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
string string-not-all-spaces
system-id boolean
proxy-server
| Synopsis | Enter the proxy-server context | |
| Context | configure service ies service-name interface interface-name ipv4 dhcp proxy-server | |
| Tree | proxy-server | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the DHCP proxy server | |
| Context | configure service ies service-name interface interface-name ipv4 dhcp proxy-server admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
emulated-server ipv4-unicast-address
| Synopsis | IP address used as the DHCP server address for the SAP | |
| Context | configure service ies service-name interface interface-name ipv4 dhcp proxy-server emulated-server ipv4-unicast-address | |
| Tree | emulated-server | |
Description | This command configures the IP address which will be used as the DHCP server address in the context of the SAP. Typically, the configured address should be in the context of the subnet represented by the service. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
lease-time
| Synopsis | Enter the lease-time context | |
| Context | configure service ies service-name interface interface-name ipv4 dhcp proxy-server lease-time | |
| Tree | lease-time | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
radius-override boolean
| Synopsis | Use lease time information provided by RADIUS server | |
| Context | configure service ies service-name interface interface-name ipv4 dhcp proxy-server lease-time radius-override boolean | |
| Tree | radius-override | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
value number
| Synopsis | DHCP lease time | |
| Context | configure service ies service-name interface interface-name ipv4 dhcp proxy-server lease-time value number | |
| Tree | value | |
| Range | 300 to 315446399 | |
| Units | seconds | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
relay-plain-bootp boolean
| Synopsis | Enable relaying of plain BOOTP packets | |
| Context | configure service ies service-name interface interface-name ipv4 dhcp relay-plain-bootp boolean | |
| Tree | relay-plain-bootp | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
relay-proxy
| Synopsis | Enable the relay-proxy context | |
| Context | configure service ies service-name interface interface-name ipv4 dhcp relay-proxy | |
| Tree | relay-proxy | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
release-update-src-ip boolean
| Synopsis | Update the source IP address of a DHCP RELEASE message | |
| Context | configure service ies service-name interface interface-name ipv4 dhcp relay-proxy release-update-src-ip boolean | |
| Tree | release-update-src-ip | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
siaddr-override ipv4-unicast-address
| Synopsis | DHCP server IP address for address hiding function | |
| Context | configure service ies service-name interface interface-name ipv4 dhcp relay-proxy siaddr-override ipv4-unicast-address | |
| Tree | siaddr-override | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
server ipv4-unicast-address
| Synopsis | IP addresses for DHCP server requests | |
| Context | configure service ies service-name interface interface-name ipv4 dhcp server ipv4-unicast-address | |
| Tree | server | |
Description | This command configures a list of servers that this interface forwards requests to. The operator can enter the list of servers as either IP addresses or fully qualified domain names. The operator must specify at least one server specified for DHCP relay to work. If there are multiple servers, the system forwards the request to all the servers in the list. | |
| Max. instances | 8 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
src-ip-addr keyword
| Synopsis | Type of source address to use for DHCP relay | |
| Context | configure service ies service-name interface interface-name ipv4 dhcp src-ip-addr keyword | |
| Tree | src-ip-addr | |
| Options | ||
| Default | auto | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
trusted boolean
| Synopsis | Relay untrusted packets | |
| Context | configure service ies service-name interface interface-name ipv4 dhcp trusted boolean | |
| Tree | trusted | |
Description | When configured to true, the router enables the trusted mode on the interface. When enabled, the relay agent changes the existing GI address (of the request) to the ingress interface, and forwards the request. A DHCP request that contains a GI address of 0.0.0.0 and an Option 82 field in the packet is discarded unless it arrives on a trusted circuit. This behavior only applies if the Relay Agent Information Option action is to keep the existing information. When the Option 82 field is replaced by the relay agent, the original Option 82 information is lost, and there is no reason to enable the trusted option. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
use-arp boolean
icmp
mask-reply boolean
| Synopsis | Allow responses to ICMP mask requests on the interface | |
| Context | configure service ies service-name interface interface-name ipv4 icmp mask-reply boolean | |
| Tree | mask-reply | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
param-problem
| Synopsis | Enter the param-problem context | |
| Context | configure service ies service-name interface interface-name ipv4 icmp param-problem | |
| Tree | param-problem | |
Description | Commands in this context specify the settings for ICMP Parameter Problem messages generated by the interface. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of sent Parameter Problem messages | |
| Context | configure service ies service-name interface interface-name ipv4 icmp param-problem admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
number number
seconds number
redirects
| Synopsis | Enter the redirects context | |
| Context | configure service ies service-name interface interface-name ipv4 icmp redirects | |
| Tree | redirects | |
Description | Commands in this context configure the settings for ICMP redirect messages generated by the interface. The system sends ICMP redirect messages to alert the sending node that a more optimal route is available on another router on the same subnetwork. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of sending ICMP redirect messages | |
| Context | configure service ies service-name interface interface-name ipv4 icmp redirects admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
number number
seconds number
ttl-expired
| Synopsis | Enter the ttl-expired context | |
| Context | configure service ies service-name interface interface-name ipv4 icmp ttl-expired | |
| Tree | ttl-expired | |
Description | Commands in this context configure the settings for ICMP TTL expired messages generated by the interface. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of sending TTL expired messages | |
| Context | configure service ies service-name interface interface-name ipv4 icmp ttl-expired admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
number number
seconds number
unreachables
| Synopsis | Enter the unreachables context | |
| Context | configure service ies service-name interface interface-name ipv4 icmp unreachables | |
| Tree | unreachables | |
Description | Commands in this context specify the settings for ICMP host and network destination unreachable messages generated by the interface. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of sending unreachable messages | |
| Context | configure service ies service-name interface interface-name ipv4 icmp unreachables admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
number number
seconds number
ip-helper-address ipv4-unicast-address
| Synopsis | Gateway address | |
| Context | configure service ies service-name interface interface-name ipv4 ip-helper-address ipv4-unicast-address | |
| Tree | ip-helper-address | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
local-dhcp-server reference
| Synopsis | DHCP server for the interface | |
| Context | configure service ies service-name interface interface-name ipv4 local-dhcp-server reference | |
| Tree | local-dhcp-server | |
Reference | configure router named-item-64 dhcp-server dhcpv4 named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
neighbor-discovery
| Synopsis | Enter the neighbor-discovery context | |
| Context | configure service ies service-name interface interface-name ipv4 neighbor-discovery | |
| Tree | neighbor-discovery | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
host-route
| Synopsis | Enter the host-route context | |
| Context | configure service ies service-name interface interface-name ipv4 neighbor-discovery host-route | |
| Tree | host-route | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
populate [route-type] keyword
| Synopsis | Enter the populate list instance | |
| Context | configure service ies service-name interface interface-name ipv4 neighbor-discovery host-route populate keyword | |
| Tree | populate | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[route-type] keyword
| Synopsis | Type of ARP or ND entries that generate host routes | |
| Context | configure service ies service-name interface interface-name ipv4 neighbor-discovery host-route populate keyword | |
| Tree | populate | |
| Options | ||
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
route-tag number
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Tag value used with the host route from an ARP/ND entry | |
| Context | configure service ies service-name interface interface-name ipv4 neighbor-discovery host-route populate keyword route-tag number | |
| Tree | route-tag | |
Description | This command specifies the route tag that is added in the route table for ARP or ND host routes. This tag can be matched on BGP VRF export and BGP peer export policies. | |
| Range | 1 to 255 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
learn-unsolicited boolean
| Synopsis | Learn new entries from any received NA message | |
| Context | configure service ies service-name interface interface-name ipv4 neighbor-discovery learn-unsolicited boolean | |
| Tree | learn-unsolicited | |
Description | When configured to true, the router can learn neighbor entries from received unsolicited Neighbor Advertisement (NA) messages, with or without the solicited (S) flag set. The command can be enabled for global addresses, link-local addresses, or for both. When configured to false, the router follows standard behavior for learning neighbor entries.
| |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
limit
log-only boolean
max-entries number
| Synopsis | Maximum number of entries learned on an IP interface | |
| Context | configure service ies service-name interface interface-name ipv4 neighbor-discovery limit max-entries number | |
| Tree | max-entries | |
| Range | 0 to 524288 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
threshold number
local-proxy-arp boolean
| Synopsis | Enable local proxy ARP on interface | |
| Context | configure service ies service-name interface interface-name ipv4 neighbor-discovery local-proxy-arp boolean | |
| Tree | local-proxy-arp | |
Description | When configured to true, the router enables local proxy ARP on the interface. When configured to false, the router does not respond to ARP requests for addresses on the same subnet. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
populate boolean
proactive-refresh boolean
| Synopsis | Send a single refresh message before entry timeout | |
| Context | configure service ies service-name interface interface-name ipv4 neighbor-discovery proactive-refresh boolean | |
| Tree | proactive-refresh | |
Description | When configured to true, the router always sends a refresh message 30 seconds before the timeout of the entry (a single refresh message with no retries). When configured to false, the router marks an entry as stale 30 seconds before age-out, and the router only sends an ARP request to refresh the entry if the IOM receives traffic that uses it. Then, the IOM asks the ARP application to send a refresh message. With ARP proactive refresh enabled, the ARP module sends a refresh message regardless of the IOM receiving traffic. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
proxy-arp-policy reference
| Synopsis | Proxy ARP policy name | |
| Context | configure service ies service-name interface interface-name ipv4 neighbor-discovery proxy-arp-policy reference | |
| Tree | proxy-arp-policy | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
remote-proxy-arp boolean
| Synopsis | Enable remote proxy ARP on the interface | |
| Context | configure service ies service-name interface interface-name ipv4 neighbor-discovery remote-proxy-arp boolean | |
| Tree | remote-proxy-arp | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
retry-timer number
| Synopsis | ARP retry interval | |
| Context | configure service ies service-name interface interface-name ipv4 neighbor-discovery retry-timer number | |
| Tree | retry-timer | |
| Range | 1 to 300 | |
| Units | deciseconds | |
| Default | 50 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
static-neighbor [ipv4-address] ipv4-address
| Synopsis | Enter the static-neighbor list instance | |
| Context | configure service ies service-name interface interface-name ipv4 neighbor-discovery static-neighbor ipv4-address | |
| Tree | static-neighbor | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[ipv4-address] ipv4-address
| Synopsis | IPv4 address that corresponds to the physical address | |
| Context | configure service ies service-name interface interface-name ipv4 neighbor-discovery static-neighbor ipv4-address | |
| Tree | static-neighbor | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mac-address mac-address
| Synopsis | MAC address for the static neighbor | |
| Context | configure service ies service-name interface interface-name ipv4 neighbor-discovery static-neighbor ipv4-address mac-address mac-address | |
| Tree | mac-address | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
static-neighbor-unnumbered
| Synopsis | Enable the static-neighbor-unnumbered context | |
| Context | configure service ies service-name interface interface-name ipv4 neighbor-discovery static-neighbor-unnumbered | |
| Tree | static-neighbor-unnumbered | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mac-address mac-address
| Synopsis | MAC address for the static neighbor | |
| Context | configure service ies service-name interface interface-name ipv4 neighbor-discovery static-neighbor-unnumbered mac-address mac-address | |
| Tree | mac-address | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
timeout number
| Synopsis | Timeout for an ARP entry learned on the interface | |
| Context | configure service ies service-name interface interface-name ipv4 neighbor-discovery timeout number | |
| Tree | timeout | |
Description | This command configures the minimum time an ARP entry learned on the IP interface is stored in the ARP table. ARP entries are automatically refreshed when an ARP request or gratuitous ARP is seen by an IP host. Otherwise, the ARP entry is aged from the ARP table. | |
| Range | 0 to 65535 | |
| Units | seconds | |
| Default | 14400 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
primary
address ipv4-unicast-address
broadcast keyword
prefix-length number
| Synopsis | IPv4 address prefix length | |
| Context | configure service ies service-name interface interface-name ipv4 primary prefix-length number | |
| Tree | prefix-length | |
| Range | 0 to 32 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
secondary [address] ipv4-unicast-address
[address] ipv4-unicast-address
broadcast keyword
igp-inhibit boolean
| Synopsis | Disable the running IGP from recognizing secondary IP | |
| Context | configure service ies service-name interface interface-name ipv4 secondary ipv4-unicast-address igp-inhibit boolean | |
| Tree | igp-inhibit | |
Description | When configured to true, the running IGP does not recognize the secondary IP address as a local interface. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
prefix-length number
| Synopsis | IPv4 address prefix length | |
| Context | configure service ies service-name interface interface-name ipv4 secondary ipv4-unicast-address prefix-length number | |
| Tree | prefix-length | |
| Range | 0 to 32 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
tcp-mss number
unnumbered
| Synopsis | Enter the unnumbered context | |
| Context | configure service ies service-name interface interface-name ipv4 unnumbered | |
| Tree | unnumbered | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ip-address ipv4-unicast-address
| Synopsis | IP address of the unnumbered interface | |
| Context | configure service ies service-name interface interface-name ipv4 unnumbered ip-address ipv4-unicast-address | |
| Tree | ip-address | |
Notes | The following elements are part of a choice: ip-address, ip-int-name, or system. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ip-int-name interface-name
| Synopsis | IP interface name | |
| Context | configure service ies service-name interface interface-name ipv4 unnumbered ip-int-name interface-name | |
| Tree | ip-int-name | |
| String length | 1 to 32 | |
Notes | The following elements are part of a choice: ip-address, ip-int-name, or system. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
system
urpf-check
| Synopsis | Enable the urpf-check context | |
| Context | configure service ies service-name interface interface-name ipv4 urpf-check | |
| Tree | urpf-check | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ignore-default boolean
| Synopsis | Ignore default route when performing a uRPF check | |
| Context | configure service ies service-name interface interface-name ipv4 urpf-check ignore-default boolean | |
| Tree | ignore-default | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
mode keyword
| Synopsis | Unicast RPF check mode | |
| Context | configure service ies service-name interface interface-name ipv4 urpf-check mode keyword | |
| Tree | mode | |
| Options | strict – Check source address match in RT and interface loose – Check source address match in RT only strict-no-ecmp – Check source address match in ECMP route | |
| Default | strict | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
vrrp [virtual-router-id] number
[virtual-router-id] number
admin-state keyword
| Synopsis | Administrative state of VRRP | |
| Context | configure service ies service-name interface interface-name ipv4 vrrp number admin-state keyword | |
| Tree | admin-state | |
Description | The command determines the administrative state of non-owner virtual router instances. Non-owner virtual router instances can be administratively disabled. This allows the termination of VRRP participation in the virtual router and stops all routing and other access capabilities with regards to the virtual router IP addresses. Disabling the virtual router instance provides a mechanism to maintain the virtual routers without causing false backup or master state changes. When disabled, no VRRP advertisement messages are generated and all received VRRP advertisement messages are silently discarded with no processing. Whenever the administrative or operational state of a virtual router instance transitions, a log message is generated. An owner virtual router context does not use this command. To administratively disable an owner virtual router instance, use the admin-state command within the parent IP interface node which administratively disables the IP interface. | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authentication-key encrypted-leaf
| Synopsis | Password for simple text authentication | |
| Context | configure service ies service-name interface interface-name ipv4 vrrp number authentication-key encrypted-leaf | |
| Tree | authentication-key | |
Description | This command optionally assigns a simple text password authentication key to generate master VRRP advertisement messages and validate received VRRP advertisement messages. If this command is re-executed with a different password key defined, the new key immediately replaces the old key. This command may be executed at any time. | |
| String length | 1 to 38 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
backup ipv4-unicast-address
| Synopsis | Virtual router IP addresses for the interface | |
| Context | configure service ies service-name interface interface-name ipv4 vrrp number backup ipv4-unicast-address | |
| Tree | backup | |
Description | This command associates virtual router IP addresses with those of the parental IP interface. This command has two different functions based on whether it is being executed on an owner or non-owner virtual router instance. Non-owner virtual router instances create a routable IP interface address that is operationally dependent on the virtual router instance mode (master or backup). This command, when executed on an owner virtual router instance, does not create a routable IP interface address; it simply defines the existing IP addresses of the parental IP interface that are advertised by the virtual router instance. For owner virtual router instances, this command defines the IP addresses that are advertised within VRRP advertisement messages. This communicates the IP addresses that the master is advertising to backup virtual routers receiving the messages. The specified unicast-ipv4-address must be equal to one of the existing IP addresses in the parental IP interface (primary or secondary) or this command fails. See "Owner and non-owner VRRP" in the 7705 SAR Gen 2 Router Configuration Guide for more information about owner and non-owner virtual router instances. | |
| Max. instances | 16 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
bfd-liveness
| Synopsis | Enable the bfd-liveness context | |
| Context | configure service ies service-name interface interface-name ipv4 vrrp number bfd-liveness | |
| Tree | bfd-liveness | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dest-ip ipv4-address
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Destination IP address to use for BFD session | |
| Context | configure service ies service-name interface interface-name ipv4 vrrp number bfd-liveness dest-ip ipv4-address | |
| Tree | dest-ip | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
interface-name interface-name
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Name of the interface running BFD | |
| Context | configure service ies service-name interface interface-name ipv4 vrrp number bfd-liveness interface-name interface-name | |
| Tree | interface-name | |
| String length | 1 to 32 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
service-name service-name
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Administrative service name | |
| Context | configure service ies service-name interface interface-name ipv4 vrrp number bfd-liveness service-name service-name | |
| Tree | service-name | |
| String length | 1 to 64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
init-delay number
| Synopsis | VRRP initialization delay timer | |
| Context | configure service ies service-name interface interface-name ipv4 vrrp number init-delay number | |
| Tree | init-delay | |
| Range | 1 to 65535 | |
| Units | seconds | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
mac mac-unicast-address
| Synopsis | Virtual MAC address to use in ARP responses | |
| Context | configure service ies service-name interface interface-name ipv4 vrrp number mac mac-unicast-address | |
| Tree | mac | |
Description | This command sets an explicit MAC address for the virtual router instance that overrides the VRRP default derived from the VRID. Changing the default MAC address is useful when an existing HSRP or other non-VRRP default MAC is in use by the IP hosts that use the virtual router IP address. Many hosts do not monitor unessential ARPs and continue to use the cached non-VRRP MAC address after the virtual router becomes master of the host’s gateway address. Additionally, this command sets the MAC address used in ARP responses when the virtual router instance is master. Routing of IP packets with unicast-mac-address as the destination MAC is also enabled. The MAC must be the same for all virtual routers participating as a virtual router or indeterminate connectivity by the attached IP hosts results. All VRRP advertisement messages are transmitted with unicast-mac-address as the source MAC. An operator can execute this command at any time and it takes effect immediately. When the virtual router MAC on a master virtual router instance changes, a gratuitous ARP is immediately sent with a VRRP advertisement message. If the virtual router instance is disabled or operating as a backup, the gratuitous ARP and VRRP advertisement messages are not sent. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
master-int-inherit boolean
| Synopsis | Allow master instance to dictate the master down timer | |
| Context | configure service ies service-name interface interface-name ipv4 vrrp number master-int-inherit boolean | |
| Tree | master-int-inherit | |
Description | When configured to true, the virtual router instance inherits the advertisement interval timer of the master VRRP router, which backup routers use to calculate the master down timer. When configured to false, the locally configured message interval must match the master's VRRP advertisement message advertisement interval field value or the message is discarded. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
message-interval number
| Synopsis | Interval for sending VRRP advertisement messages | |
| Context | configure service ies service-name interface interface-name ipv4 vrrp number message-interval number | |
| Tree | message-interval | |
Description | This command configures the administrative advertisement message timer used by the master virtual router instance to send VRRP advertisement messages. The backup master down timer is derived from the value configured using this command. The usage of this command varies for non-owner virtual router instances, depending on the state of the virtual router (master or backup) and the state of the master-int-inherit command:
| |
| Range | 1 to 2559 | |
| Units | deciseconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
monitor-oper-group reference
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | VRRP instance to follow a specified operational group | |
| Context | configure service ies service-name interface interface-name ipv4 vrrp number monitor-oper-group reference | |
| Tree | monitor-oper-group | |
Description | This command configures VRRP to associate with an operational group. When associated, VRRP notifies the operational group of its state changes so that other protocols can monitor it to provide a redundancy mechanism. When VRRP is the master router, the operational group is up and the operational group is down for all other VRRP states. | |
Reference | configure service oper-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ntp-reply boolean
| Synopsis | Allow processing of NTP requests | |
| Context | configure service ies service-name interface interface-name ipv4 vrrp number ntp-reply boolean | |
| Tree | ntp-reply | |
Description | When configured to true, the router redirects NTP requests to the VRRP virtual IP address. This behavior only applies to the router acting as the master VRRP router. When configured to false, the router does not process NTP requests. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
oper-group reference
| Synopsis | Operational group name associated with the VRRP | |
| Context | configure service ies service-name interface interface-name ipv4 vrrp number oper-group reference | |
| Tree | oper-group | |
Description | This command configures an operational group to associate with the VRRP. When associated, VRRP notifies the operational group of its state changes so that other protocols can monitor it to provide a redundancy mechanism. When VRRP is the master router (MR), the operational group is up. The operational group is down for all other VRRP states. | |
Reference | configure service oper-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
owner boolean
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Designate the virtual router instance as owner | |
| Context | configure service ies service-name interface interface-name ipv4 vrrp number owner boolean | |
| Tree | owner | |
Description | When configured to true, the router designates this virtual router instance as the owner of the virtual router IP addresses. Therefore, this virtual router becomes responsible for forwarding packets sent to the virtual router IP addresses. The owner also assumes the role of master virtual router. When configured to false, this virtual router instance is designated as a non-owner. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
passive boolean
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Suppress the processing of VRRP advertisement messages | |
| Context | configure service ies service-name interface interface-name ipv4 vrrp number passive boolean | |
| Tree | passive | |
Description | When configured to true, the router identifies this virtual router instance as passive; and therefore the owner of the virtual router IP addresses. A passive virtual router instance does not transmit or receive VRRP advertisement messages and is always in either the master state (if the interface is operationally up) or the init state (if the interface is operationally down). When configured to false, this virtual router instance is not identified as passive, meaning that it transmits and receives VRRP advertisement messages. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
ping-reply boolean
| Synopsis | Allow non-owner master to reply to ICMP echo requests | |
| Context | configure service ies service-name interface interface-name ipv4 vrrp number ping-reply boolean | |
| Tree | ping-reply | |
Description | When configured to true, the router allows the non-owner master to reply to ICMP echo requests directed at the IP addresses of the virtual router instance. Any routed interface can receive the ping request. Ping must not have been disabled at the management security level (either on the parental IP interface or on the Ping source host address). When configured to false, ICMP echo requests sent to non-owner master virtual IP addresses are silently discarded. Non-owner backup virtual routers never respond to ICMP echo requests, regardless of the configuration of this command. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
policy reference
| Synopsis | VRRP priority control policy | |
| Context | configure service ies service-name interface interface-name ipv4 vrrp number policy reference | |
| Tree | policy | |
Description | This command configures a VRRP priority control policy to associate with the virtual router instance. VRRP priority control policies can override or adjust the base priority value of the virtual router instance, depending on events or conditions within the chassis. An operator can associate a policy with more than one virtual router instance. The priority events within the policy either override or diminish the base priority set with the priority command. As priority events clear in the policy, the in-use priority can eventually be restored to the base priority value. For non-owner virtual router instances, if this command is not executed, the base priority is used as the in-use priority. | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
preempt boolean
| Synopsis | Allow the VRRP to override an existing non-owner master | |
| Context | configure service ies service-name interface interface-name ipv4 vrrp number preempt boolean | |
| Tree | preempt | |
Description | When configured to true, this virtual router instance overrides any non-owner master with an in-use message priority value less than the in-use priority value of this virtual router. When configured to false, this virtual router only becomes master if the master down timer expires before a VRRP advertisement message is received from another virtual router. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
priority number
| Synopsis | Base priority for the VRRP | |
| Context | configure service ies service-name interface interface-name ipv4 vrrp number priority number | |
| Tree | priority | |
Description | This command configures the base router priority for the virtual router instance, which defines the selection order of the virtual router in the master election process. The in-use priority is derived from the base priority. However, the in-use priority is modified by optional VRRP priority control policies. An operator can use VRRP priority control policies to either override or adjust the base priority value depending on events or conditions within the chassis. | |
| Range | 1 to 255 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ssh-reply boolean
| Synopsis | Allow the non-owner master to reply to SSH requests | |
| Context | configure service ies service-name interface interface-name ipv4 vrrp number ssh-reply boolean | |
| Tree | ssh-reply | |
Description | When configured to true, the router allows the non-owner master to reply to SSH requests directed at the IP addresses of the virtual router instance. Any routed interface can receive the SSH request. SSH cannot be disabled at the management security level (either on the parental IP interface or on the SSH source host address). When configure to false, SSH requests to non-owner master virtual IP addresses are silently discarded. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
standby-forwarding boolean
| Synopsis | Allow standby router to forward traffic | |
| Context | configure service ies service-name interface interface-name ipv4 vrrp number standby-forwarding boolean | |
| Tree | standby-forwarding | |
Description | When configured to true, the standby router forwards all traffic. When configured to false, the standby router cannot forward traffic sent to the MAC address of the virtual router. However, the standby router still forwards traffic sent to its own MAC address. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
telnet-reply boolean
| Synopsis | Allow non-owner master to reply to Telnet requests | |
| Context | configure service ies service-name interface interface-name ipv4 vrrp number telnet-reply boolean | |
| Tree | telnet-reply | |
Description | When configured to true, the router allows the non-owner master to reply to Telnet requests directed at the IP addresses of the virtual router instance. Any routed interface can receive Telnet requests. Telnet cannot be disabled at the management security level (either on the parental IP interface or on the Telnet source host address). When configured to false, the router silently discards Telnet requests sent to non-owner master virtual IP addresses. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
traceroute-reply boolean
| Synopsis | Allow non-owner master to reply to traceroute requests | |
| Context | configure service ies service-name interface interface-name ipv4 vrrp number traceroute-reply boolean | |
| Tree | traceroute-reply | |
Description | When configured to true, the router allows a non-owner master to reply to traceroute requests directed to the IP addresses of the virtual router instance. When configured to false, the router silently discards traceroute requests sent to non-owner master virtual IP addresses. Traceroute must not have been disabled at the management security level (either on the parental IP interface or the source host address). | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ipv6
address [ipv6-address] ipv6-address
[ipv6-address] ipv6-address
duplicate-address-detection boolean
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable Duplicate Address Detection | |
| Context | configure service ies service-name interface interface-name ipv6 address ipv6-address duplicate-address-detection boolean | |
| Tree | duplicate-address-detection | |
Description | When configured to true, the router enables Duplicate Address Detection (DAD). When configured to false, the router disables DAD and sets the address to preferred, even if there is a duplicated address. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
eui-64 boolean
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Form IPv6 address from prefix and 64-bit interface ID | |
| Context | configure service ies service-name interface interface-name ipv6 address ipv6-address eui-64 boolean | |
| Tree | eui-64 | |
Description | When configured to true, the router forms a complete IPv6 address from the supplied prefix and 64-bit interface identifier. The 64-bit interface identifier is derived from the MAC address on Ethernet interfaces. For interfaces without a MAC address, for example POS interfaces, use the base MAC address of the chassis. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
prefix-length number
| Synopsis | IPv6 address prefix length | |
| Context | configure service ies service-name interface interface-name ipv6 address ipv6-address prefix-length number | |
| Tree | prefix-length | |
| Range | 4 to 128 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
primary-preference number
| Synopsis | Index assigned to the IPv6 address of the interface | |
| Context | configure service ies service-name interface interface-name ipv6 address ipv6-address primary-preference number | |
| Tree | primary-preference | |
Description | This command assigns a primary preference index to an IPv6 address of the interface to enforce the order in which the address is used by control plane protocols and applications that require a fixed address of the interface, such as LDP and Segment Routing. In cases where a fixed address is required when originating packets from the interface, the IPv6 address with the lowest primary preference index is selected. If the selected address is removed, the next IPv6 address with the next lowest primary preference index is selected. If this index is not specified for the IPv6 address, the system assigns the next available index value to the address. The address index space is unique across all addresses of a given interface. | |
| Range | 1 to 4294967295 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bfd
admin-state keyword
| Synopsis | Administrative state of BFD sessions | |
| Context | configure service ies service-name interface interface-name ipv6 bfd admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
echo-receive number
| Synopsis | Minimum echo interval over this interface | |
| Context | configure service ies service-name interface interface-name ipv6 bfd echo-receive number | |
| Tree | echo-receive | |
| Range | 100 to 100000 | |
| Units | milliseconds | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
multiplier number
| Synopsis | Number of consecutive BFD messages missed from the peer | |
| Context | configure service ies service-name interface interface-name ipv6 bfd multiplier number | |
| Tree | multiplier | |
Description | This command configures the number of missed messages before the BFD session state is changed to down and the upper-level protocol is notified of the fault. A multiplier of less than 3 should not be used in production environments. | |
| Range | 1 to 20 | |
| Default | 3 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
receive number
| Synopsis | BFD receive interval over this interface | |
| Context | configure service ies service-name interface interface-name ipv6 bfd receive number | |
| Tree | receive | |
Description | This command specifies the receive interval for the BFD session. | |
| Range | 10 to 100000 | |
| Units | milliseconds | |
| Default | 100 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
transmit-interval number
| Synopsis | BFD transmit interval over this interface | |
| Context | configure service ies service-name interface interface-name ipv6 bfd transmit-interval number | |
| Tree | transmit-interval | |
Description | This command configures the transmit intervals. | |
| Range | 10 to 100000 | |
| Units | milliseconds | |
| Default | 100 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
dhcp6
relay
admin-state keyword
| Synopsis | Administrative state of DHCPv6 Relay | |
| Context | configure service ies service-name interface interface-name ipv6 dhcp6 relay admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
description description
| Synopsis | Text description | |
| Context | configure service ies service-name interface interface-name ipv6 dhcp6 relay description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
lease-populate
| Synopsis | Enter the lease-populate context | |
| Context | configure service ies service-name interface interface-name ipv6 dhcp6 relay lease-populate | |
| Tree | lease-populate | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
max-nbr-of-leases number
| Synopsis | Maximum lease state entries allowed for the interface | |
| Context | configure service ies service-name interface interface-name ipv6 dhcp6 relay lease-populate max-nbr-of-leases number | |
| Tree | max-nbr-of-leases | |
| Range | 0 to 32767 | |
| Default | 0 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
route-populate
| Synopsis | Enter the route-populate context | |
| Context | configure service ies service-name interface interface-name ipv6 dhcp6 relay lease-populate route-populate | |
| Tree | route-populate | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
na boolean
| Synopsis | Create route based on IA_NA prefix option in relay-reply message | |
| Context | configure service ies service-name interface interface-name ipv6 dhcp6 relay lease-populate route-populate na boolean | |
| Tree | na | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
pd
| Synopsis | Enable the pd context | |
| Context | configure service ies service-name interface interface-name ipv6 dhcp6 relay lease-populate route-populate pd | |
| Tree | pd | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
exclude boolean
ta boolean
| Synopsis | Create route based on IA_TA prefix option in relay-reply message | |
| Context | configure service ies service-name interface interface-name ipv6 dhcp6 relay lease-populate route-populate ta boolean | |
| Tree | ta | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
option
interface-id
| Synopsis | Enter the interface-id context | |
| Context | configure service ies service-name interface interface-name ipv6 dhcp6 relay option interface-id | |
| Tree | interface-id | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ascii-tuple
| Synopsis | Use ASCII-encoded concatenated tuple | |
| Context | configure service ies service-name interface interface-name ipv6 dhcp6 relay option interface-id ascii-tuple | |
| Tree | ascii-tuple | |
Notes | The following elements are part of a choice: ascii-tuple, if-index, sap-id, or string. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
if-index
| Synopsis | Use interface index in the DHCPv6 relay packet | |
| Context | configure service ies service-name interface interface-name ipv6 dhcp6 relay option interface-id if-index | |
| Tree | if-index | |
Notes | The following elements are part of a choice: ascii-tuple, if-index, sap-id, or string. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
sap-id
| Synopsis | Use SAP ID in interface ID option in relay packet | |
| Context | configure service ies service-name interface interface-name ipv6 dhcp6 relay option interface-id sap-id | |
| Tree | sap-id | |
Notes | The following elements are part of a choice: ascii-tuple, if-index, sap-id, or string. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
string string-not-all-spaces
| Synopsis | String for interface ID option in DHCPv6 relay packet | |
| Context | configure service ies service-name interface interface-name ipv6 dhcp6 relay option interface-id string string-not-all-spaces | |
| Tree | string | |
| String length | 1 to 80 | |
Notes | The following elements are part of a choice: ascii-tuple, if-index, sap-id, or string. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
remote-id boolean
server ipv6-address-with-zone
source-address ipv6-unicast-or-linklocal-address
| Synopsis | Source IPv6 address of the DHCPv6 relay messages | |
| Context | configure service ies service-name interface interface-name ipv6 dhcp6 relay source-address ipv6-unicast-or-linklocal-address | |
| Tree | source-address | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
duplicate-address-detection boolean
| Synopsis | Enable Duplicate Address Detection per interface | |
| Context | configure service ies service-name interface interface-name ipv6 duplicate-address-detection boolean | |
| Tree | duplicate-address-detection | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
forward-ipv4-packets boolean
| Synopsis | Forward unencapsulated IPv4 packets | |
| Context | configure service ies service-name interface interface-name ipv6 forward-ipv4-packets boolean | |
| Tree | forward-ipv4-packets | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
icmp6
packet-too-big
| Synopsis | Enter the packet-too-big context | |
| Context | configure service ies service-name interface interface-name ipv6 icmp6 packet-too-big | |
| Tree | packet-too-big | |
Description | Commands in this context configure limiting the number of ICMPv6 Packet Too Big messages. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of Packet Too Big message sends | |
| Context | configure service ies service-name interface interface-name ipv6 icmp6 packet-too-big admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
number number
seconds number
param-problem
| Synopsis | Enter the param-problem context | |
| Context | configure service ies service-name interface interface-name ipv6 icmp6 param-problem | |
| Tree | param-problem | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of Parameter Problem message sends | |
| Context | configure service ies service-name interface interface-name ipv6 icmp6 param-problem admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
number number
seconds number
redirects
admin-state keyword
| Synopsis | Administrative state of Redirect message sends | |
| Context | configure service ies service-name interface interface-name ipv6 icmp6 redirects admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
number number
seconds number
time-exceeded
| Synopsis | Enter the time-exceeded context | |
| Context | configure service ies service-name interface interface-name ipv6 icmp6 time-exceeded | |
| Tree | time-exceeded | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of Time Exceeded message sends | |
| Context | configure service ies service-name interface interface-name ipv6 icmp6 time-exceeded admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
number number
seconds number
unreachables
| Synopsis | Enter the unreachables context | |
| Context | configure service ies service-name interface interface-name ipv6 icmp6 unreachables | |
| Tree | unreachables | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of Unreachable message sends | |
| Context | configure service ies service-name interface interface-name ipv6 icmp6 unreachables admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
number number
seconds number
link-local-address
| Synopsis | Enter the link-local-address context | |
| Context | configure service ies service-name interface interface-name ipv6 link-local-address | |
| Tree | link-local-address | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
address ipv6-address
duplicate-address-detection boolean
| Synopsis | Enable Duplicate Address Detection | |
| Context | configure service ies service-name interface interface-name ipv6 link-local-address duplicate-address-detection boolean | |
| Tree | duplicate-address-detection | |
Description | When configured to true, the router enables Duplicate Address Detection (DAD) on the interface. When configured to false, the router disables DAD and sets the address to preferred, even if there is a duplicated address. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
local-dhcp-server reference
| Synopsis | DHCP server for the interface | |
| Context | configure service ies service-name interface interface-name ipv6 local-dhcp-server reference | |
| Tree | local-dhcp-server | |
Reference | configure router named-item-64 dhcp-server dhcpv6 named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
neighbor-discovery
| Synopsis | Enter the neighbor-discovery context | |
| Context | configure service ies service-name interface interface-name ipv6 neighbor-discovery | |
| Tree | neighbor-discovery | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
host-route
| Synopsis | Enter the host-route context | |
| Context | configure service ies service-name interface interface-name ipv6 neighbor-discovery host-route | |
| Tree | host-route | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
populate [route-type] keyword
| Synopsis | Enter the populate list instance | |
| Context | configure service ies service-name interface interface-name ipv6 neighbor-discovery host-route populate keyword | |
| Tree | populate | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[route-type] keyword
| Synopsis | Type of ARP or ND entries that generate host routes | |
| Context | configure service ies service-name interface interface-name ipv6 neighbor-discovery host-route populate keyword | |
| Tree | populate | |
| Options | ||
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
route-tag number
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Tag value used with the host route from an ARP/ND entry | |
| Context | configure service ies service-name interface interface-name ipv6 neighbor-discovery host-route populate keyword route-tag number | |
| Tree | route-tag | |
Description | This command specifies the route tag that is added in the route table for ARP or ND host routes. This tag can be matched on BGP VRF export and BGP peer export policies. | |
| Range | 1 to 255 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
learn-unsolicited keyword
| Synopsis | Type of entries learned from unsolicited NA messages | |
| Context | configure service ies service-name interface interface-name ipv6 neighbor-discovery learn-unsolicited keyword | |
| Tree | learn-unsolicited | |
Description | This command enables the ability to learn neighbor entries out of received unsolicited Neighbor Advertisement (NA) messages, with or without the solicited flag set. When unconfigured, the router follows standard RFC 4861 behavior for learning of neighbor entries. The neighbor is put in the stale state. This is the standard RFC behavior. | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
limit
log-only boolean
| Synopsis | Generate log entries when limit is reached | |
| Context | configure service ies service-name interface interface-name ipv6 neighbor-discovery limit log-only boolean | |
| Tree | log-only | |
Description | When configured to true, the router sends the warning message at the specified threshold percentage or upon exceeding the specified limit. Entries that exceed the limit are learned. When configured to false, the router does not send the warning message. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
max-entries number
| Synopsis | Maximum number of entries learned on an IP interface | |
| Context | configure service ies service-name interface interface-name ipv6 neighbor-discovery limit max-entries number | |
| Tree | max-entries | |
Description | This command configures the maximum number of entries that can be learned on an IP interface. When unconfigured, no maximum limit is imposed. | |
| Range | 0 to 102400 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
threshold number
local-proxy-nd boolean
| Synopsis | Enable local proxy neighbor discovery on the interface | |
| Context | configure service ies service-name interface interface-name ipv6 neighbor-discovery local-proxy-nd boolean | |
| Tree | local-proxy-nd | |
Description | When configured to true, the router enables local proxy neighbor discovery on the interface and replies to neighbor solicitation requests when both the hosts are on the same subnet. In this case, ICMP redirects are disabled. When configured to false, the router disables local proxy neighbor discovery on the interface and does not reply to neighbor solicitation requests if both the hosts are on the same subnet. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
proactive-refresh keyword
| Synopsis | Proactive refresh of neighbor entries | |
| Context | configure service ies service-name interface interface-name ipv6 neighbor-discovery proactive-refresh keyword | |
| Tree | proactive-refresh | |
Description | This command enables a proactive refresh of the neighbor entries. After the stale timer expires, the router sends an NUD message to the host (regardless of the existence of traffic to the IP address on the IOM), so the entry can be refreshed or removed. | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
proxy-nd-policy reference
| Synopsis | Proxy Neighbor Discovery policy name for the interface | |
| Context | configure service ies service-name interface interface-name ipv6 neighbor-discovery proxy-nd-policy reference | |
| Tree | proxy-nd-policy | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
reachable-time number
| Synopsis | Neighbor reachability detection timer | |
| Context | configure service ies service-name interface interface-name ipv6 neighbor-discovery reachable-time number | |
| Tree | reachable-time | |
| Range | 30 to 3600 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
secure-nd
admin-state keyword
| Synopsis | Administrative state of Secure Neighbor Discovery | |
| Context | configure service ies service-name interface interface-name ipv6 neighbor-discovery secure-nd admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
allow-unsecured-msgs boolean
| Synopsis | Accept unsecured messages | |
| Context | configure service ies service-name interface interface-name ipv6 neighbor-discovery secure-nd allow-unsecured-msgs boolean | |
| Tree | allow-unsecured-msgs | |
Description | When configured to true, the router accepts unsecured messages. When Secure Neighbor Discovery (SeND) is enabled, only secure messages are accepted. When configured to false, the router disables the acceptance of unsecured messages. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
public-key-min-bits number
| Synopsis | Minimum acceptable key length for public keys in CGA | |
| Context | configure service ies service-name interface interface-name ipv6 neighbor-discovery secure-nd public-key-min-bits number | |
| Tree | public-key-min-bits | |
| Range | 512 to 1024 | |
| Default | 1024 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
security-parameter number
| Synopsis | Security parameter used in the generation of a CGA | |
| Context | configure service ies service-name interface interface-name ipv6 neighbor-discovery secure-nd security-parameter number | |
| Tree | security-parameter | |
| Range | 0 to 1 | |
| Default | 1 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
stale-time number
| Synopsis | Time a Neighbor Discovery cache entry remains stale | |
| Context | configure service ies service-name interface interface-name ipv6 neighbor-discovery stale-time number | |
| Tree | stale-time | |
| Range | 60 to 65535 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
static-neighbor [ipv6-address] ipv6-address
| Synopsis | Enter the static-neighbor list instance | |
| Context | configure service ies service-name interface interface-name ipv6 neighbor-discovery static-neighbor ipv6-address | |
| Tree | static-neighbor | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[ipv6-address] ipv6-address
| Synopsis | IPv6 address corresponding to the physical address | |
| Context | configure service ies service-name interface interface-name ipv6 neighbor-discovery static-neighbor ipv6-address | |
| Tree | static-neighbor | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mac-address mac-address
| Synopsis | MAC address for the static neighbor | |
| Context | configure service ies service-name interface interface-name ipv6 neighbor-discovery static-neighbor ipv6-address mac-address mac-address | |
| Tree | mac-address | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
tcp-mss number
urpf-check
| Synopsis | Enable the urpf-check context | |
| Context | configure service ies service-name interface interface-name ipv6 urpf-check | |
| Tree | urpf-check | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ignore-default boolean
| Synopsis | Ignore default route when performing a uRPF check | |
| Context | configure service ies service-name interface interface-name ipv6 urpf-check ignore-default boolean | |
| Tree | ignore-default | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
mode keyword
| Synopsis | Unicast RPF check mode | |
| Context | configure service ies service-name interface interface-name ipv6 urpf-check mode keyword | |
| Tree | mode | |
| Options | strict – Check source address match in RT and interface loose – Check source address match in RT only strict-no-ecmp – Check source address match in ECMP route | |
| Default | strict | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
vrrp [virtual-router-id] number
[virtual-router-id] number
admin-state keyword
| Synopsis | Administrative state of VRRP | |
| Context | configure service ies service-name interface interface-name ipv6 vrrp number admin-state keyword | |
| Tree | admin-state | |
Description | The command determines the administrative state of non-owner virtual router instances. Non-owner virtual router instances can be administratively disabled. This allows the termination of VRRP participation in the virtual router and stops all routing and other access capabilities with regards to the virtual router IP addresses. Disabling the virtual router instance provides a mechanism to maintain the virtual routers without causing false backup or master state changes. When disabled, no VRRP advertisement messages are generated and all received VRRP advertisement messages are silently discarded with no processing. Whenever the administrative or operational state of a virtual router instance transitions, a log message is generated. An owner virtual router context does not use this command. To administratively disable an owner virtual router instance, use the admin-state command within the parent IP interface node which administratively disables the IP interface. | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
backup ipv6-address
| Synopsis | Virtual router IP addresses for the interface | |
| Context | configure service ies service-name interface interface-name ipv6 vrrp number backup ipv6-address | |
| Tree | backup | |
Description | This command associates router IPv6 virtual router IP addresses with those of the parental IP interface. This command has two different functions based on whether it is being executed on an owner or non-owner virtual router instance. Non-owner virtual router instance create a routable IP interface address that is operationally dependent on the virtual router instance mode (master or backup). This command, when executed on an owner virtual router instance, does not create a routable IP interface address; it simply defines the existing IP addresses of the parental IP interface that are advertised by the virtual router instance. For owner virtual router instances, this command defines the IP addresses that are advertised within VRRP advertisement messages. This communicates the IP addresses that the master is representing to backup virtual routers receiving the messages. The specified IPv6 address must be equal to one of the existing parental IP addresses in the parental IP interface (primary or secondary) or this command fails. See "Owner and non-owner VRRP" in the 7705 SAR Gen 2 Router Configuration Guide for more information about owner and non-owner virtual router instances. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bfd-liveness
| Synopsis | Enable the bfd-liveness context | |
| Context | configure service ies service-name interface interface-name ipv6 vrrp number bfd-liveness | |
| Tree | bfd-liveness | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dest-ip (ipv4-address-no-zone | ipv6-address-no-zone)
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Destination address for the BFD session | |
| Context | configure service ies service-name interface interface-name ipv6 vrrp number bfd-liveness dest-ip (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | dest-ip | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
interface-name interface-name
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Name of the interface running BFD | |
| Context | configure service ies service-name interface interface-name ipv6 vrrp number bfd-liveness interface-name interface-name | |
| Tree | interface-name | |
| String length | 1 to 32 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
service-name service-name
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Administrative service name | |
| Context | configure service ies service-name interface interface-name ipv6 vrrp number bfd-liveness service-name service-name | |
| Tree | service-name | |
| String length | 1 to 64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
init-delay number
| Synopsis | VRRP initialization delay timer | |
| Context | configure service ies service-name interface interface-name ipv6 vrrp number init-delay number | |
| Tree | init-delay | |
| Range | 1 to 65535 | |
| Units | seconds | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
mac mac-unicast-address
| Synopsis | Virtual MAC address to use in ARP responses | |
| Context | configure service ies service-name interface interface-name ipv6 vrrp number mac mac-unicast-address | |
| Tree | mac | |
Description | This command sets an explicit MAC address for the virtual router instance that overrides the VRRP default derived from the VRID. Changing the default MAC address is useful when an existing HSRP or other non-VRRP default MAC is in use by the IP hosts that use the virtual router IP address. Many hosts do not monitor unessential ARPs and continue to use the cached non-VRRP MAC address after the virtual router becomes master of the host’s gateway address. Additionally, this command sets the MAC address used in ARP responses when the virtual router instance is master. Routing of IP packets with unicast-mac-address as the destination MAC is also enabled. The MAC must be the same for all virtual routers participating as a virtual router or indeterminate connectivity by the attached IP hosts results. All VRRP advertisement messages are transmitted with unicast-mac-address as the source MAC. An operator can execute this command at any time and it takes effect immediately. When the virtual router MAC on a master virtual router instance changes, a gratuitous ARP is immediately sent with a VRRP advertisement message. If the virtual router instance is disabled or operating as a backup, the gratuitous ARP and VRRP advertisement messages are not sent. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
master-int-inherit boolean
| Synopsis | Allow master instance to dictate the master down timer | |
| Context | configure service ies service-name interface interface-name ipv6 vrrp number master-int-inherit boolean | |
| Tree | master-int-inherit | |
Description | When configured to true, the virtual router instance inherits the advertisement interval timer of the master VRRP router, which backup routers use to calculate the master down timer. When configured to false, the locally configured message interval must match the master's VRRP advertisement message advertisement interval field value or the message is discarded. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
message-interval number
| Synopsis | Interval for sending VRRP advertisement messages | |
| Context | configure service ies service-name interface interface-name ipv6 vrrp number message-interval number | |
| Tree | message-interval | |
Description | This command configures the administrative advertisement message timer used by the master virtual router instance to send VRRP advertisement messages. The backup master down timer is derived from the value configured using this command. The use of this command varies for non-owner virtual router instances, depending on the state of the virtual router (master or backup) and the state of the master-int-inherit command:
| |
| Range | 10 to 4095 | |
| Units | centiseconds | |
| Default | 100 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
monitor-oper-group reference
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | VRRP instance to follow a specified operational group | |
| Context | configure service ies service-name interface interface-name ipv6 vrrp number monitor-oper-group reference | |
| Tree | monitor-oper-group | |
Description | This command configures VRRP to associate with an operational group. When associated, VRRP notifies the operational group of its state changes so that other protocols can monitor it to provide a redundancy mechanism. When VRRP is the master router, the operational group is up and the operational group is down for all other VRRP states. | |
Reference | configure service oper-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ntp-reply boolean
| Synopsis | Allow processing of NTP requests | |
| Context | configure service ies service-name interface interface-name ipv6 vrrp number ntp-reply boolean | |
| Tree | ntp-reply | |
Description | When configured to true, the router redirects NTP requests to the VRRP virtual IP address. This behavior only applies to the router acting as the master VRRP router. When configured to false, the router does not process NTP requests. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
oper-group reference
| Synopsis | Operational group name associated with the VRRP | |
| Context | configure service ies service-name interface interface-name ipv6 vrrp number oper-group reference | |
| Tree | oper-group | |
Description | This command configures an operational group to associate with the VRRP. When associated, VRRP notifies the operational group of its state changes so that other protocols can monitor it to provide a redundancy mechanism. When VRRP is the master router (MR), the operational group is up. The operational group is down for all other VRRP states. | |
Reference | configure service oper-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
owner boolean
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Designate the virtual router instance as owner | |
| Context | configure service ies service-name interface interface-name ipv6 vrrp number owner boolean | |
| Tree | owner | |
Description | When configured to true, the router designates this virtual router instance as the owner of the virtual router IP addresses. Therefore, this virtual router becomes responsible for forwarding packets sent to the virtual router IP addresses. The owner also assumes the role of master virtual router. When configured to false, this virtual router instance is designated as a non-owner. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
passive boolean
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Suppress the processing of VRRP advertisement messages | |
| Context | configure service ies service-name interface interface-name ipv6 vrrp number passive boolean | |
| Tree | passive | |
Description | When configured to true, the router identifies this virtual router instance as passive; and therefore the owner of the virtual router IP addresses. A passive virtual router instance does not transmit or receive VRRP advertisement messages and is always in either the master state (if the interface is operationally up) or the init state (if the interface is operationally down). When configured to false, this virtual router instance is not identified as passive, meaning that it transmits and receives VRRP advertisement messages. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
ping-reply boolean
| Synopsis | Allow non-owner master to reply to ICMP echo requests | |
| Context | configure service ies service-name interface interface-name ipv6 vrrp number ping-reply boolean | |
| Tree | ping-reply | |
Description | When configured to true, the router allows the non-owner master to reply to ICMP echo requests directed at the IP addresses of the virtual router instance. Any routed interface can receive the ping request. Ping must not have been disabled at the management security level (either on the parental IP interface or on the Ping source host address). When configured to false, ICMP echo requests sent to non-owner master virtual IP addresses are silently discarded. Non-owner backup virtual routers never respond to ICMP echo requests, regardless of the configuration of this command. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
policy reference
| Synopsis | VRRP priority control policy | |
| Context | configure service ies service-name interface interface-name ipv6 vrrp number policy reference | |
| Tree | policy | |
Description | This command configures a VRRP priority control policy to associate with the virtual router instance. VRRP priority control policies can override or adjust the base priority value of the virtual router instance, depending on events or conditions within the chassis. An operator can associate a policy with more than one virtual router instance. The priority events within the policy either override or diminish the base priority set with the priority command. As priority events clear in the policy, the in-use priority can eventually be restored to the base priority value. For non-owner virtual router instances, if this command is not executed, the base priority is used as the in-use priority. | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
preempt boolean
| Synopsis | Allow the VRRP to override an existing non-owner master | |
| Context | configure service ies service-name interface interface-name ipv6 vrrp number preempt boolean | |
| Tree | preempt | |
Description | When configured to true, this virtual router instance overrides any non-owner master with an in-use message priority value less than the in-use priority value of this virtual router. When configured to false, this virtual router only becomes master if the master down timer expires before a VRRP advertisement message is received from another virtual router. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
priority number
| Synopsis | Base priority for the VRRP | |
| Context | configure service ies service-name interface interface-name ipv6 vrrp number priority number | |
| Tree | priority | |
Description | This command configures the base router priority for the virtual router instance, which defines the selection order of the virtual router in the master election process. The in-use priority is derived from the base priority. However, the in-use priority is modified by optional VRRP priority control policies. An operator can use VRRP priority control policies to either override or adjust the base priority value depending on events or conditions within the chassis. | |
| Range | 1 to 255 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
standby-forwarding boolean
| Synopsis | Allow standby router to forward traffic | |
| Context | configure service ies service-name interface interface-name ipv6 vrrp number standby-forwarding boolean | |
| Tree | standby-forwarding | |
Description | When configured to true, the standby router forwards all traffic. When configured to false, the standby router cannot forward traffic sent to the MAC address of the virtual router. However, the standby router still forwards traffic sent to its own MAC address. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
telnet-reply boolean
| Synopsis | Allow non-owner master to reply to Telnet requests | |
| Context | configure service ies service-name interface interface-name ipv6 vrrp number telnet-reply boolean | |
| Tree | telnet-reply | |
Description | When configured to true, the router allows the non-owner master to reply to Telnet requests directed at the IP addresses of the virtual router instance. Any routed interface can receive Telnet requests. Telnet cannot be disabled at the management security level (either on the parental IP interface or on the Telnet source host address). When configured to false, the router silently discards Telnet requests sent to non-owner master virtual IP addresses. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
traceroute-reply boolean
| Synopsis | Allow non-owner master to reply to traceroute requests | |
| Context | configure service ies service-name interface interface-name ipv6 vrrp number traceroute-reply boolean | |
| Tree | traceroute-reply | |
Description | When configured to true, the router allows a non-owner master to reply to traceroute requests directed to the IP addresses of the virtual router instance. When configured to false, the router silently discards traceroute requests sent to non-owner master virtual IP addresses. Traceroute must not have been disabled at the management security level (either on the parental IP interface or the source host address). | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
load-balancing
| Synopsis | Enter the load-balancing context | |
| Context | configure service ies service-name interface interface-name load-balancing | |
| Tree | load-balancing | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ip-load-balancing keyword
| Synopsis | IP load-balancing algorithm | |
| Context | configure service ies service-name interface interface-name load-balancing ip-load-balancing keyword | |
| Tree | ip-load-balancing | |
Description | This command specifies whether to include the source address, destination address, or both in LAG or ECMP hash on IP interfaces. Additionally, when the l4-load-balancing command is enabled, this command also includes the source or destination port in the hash inputs. | |
| Options | ||
| Default | both | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
loopback boolean
mac mac-unicast-address
mac-accounting boolean
| Synopsis | Enable MAC accounting functionality | |
| Context | configure service ies service-name interface interface-name mac-accounting boolean | |
| Tree | mac-accounting | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
monitor-oper-group reference
| Synopsis | Operational group to monitor | |
| Context | configure service ies service-name interface interface-name monitor-oper-group reference | |
| Tree | monitor-oper-group | |
Reference | configure service oper-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
multi-chassis-shunting-profile reference
| Synopsis | Multi-chassis shunting profile name | |
| Context | configure service ies service-name interface interface-name multi-chassis-shunting-profile reference | |
| Tree | multi-chassis-shunting-profile | |
Description | This command configures the name of a multi-chassis shunting profile to use on public or private tunnel interfaces. | |
Reference | configure router named-item-64 ipsec multi-chassis-shunting-profile named-item | |
Notes | The following elements are part of a choice: multi-chassis-shunting-profile or (dynamic-tunnel-redundant-nexthop and static-tunnel-redundant-nexthop). | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
multicast-network-domain reference
| Synopsis | Network domain name | |
| Context | configure service ies service-name interface interface-name multicast-network-domain reference | |
| Tree | multicast-network-domain | |
Reference | configure router named-item-64 network-domains network-domain named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
sap [sap-id] sap
[sap-id] sap
accounting-policy reference
| Synopsis | Accounting policy | |
| Context | configure service ies service-name interface interface-name sap sap accounting-policy reference | |
| Tree | accounting-policy | |
Reference | configure log accounting-policy number | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the SAP | |
| Context | configure service ies service-name interface interface-name sap sap admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bandwidth number
collect-stats boolean
| Synopsis | Collect accounting statistics | |
| Context | configure service ies service-name interface interface-name sap sap collect-stats boolean | |
| Tree | collect-stats | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
description long-description
| Synopsis | Text description | |
| Context | configure service ies service-name interface interface-name sap sap description long-description | |
| Tree | description | |
| String length | 1 to 160 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dist-cpu-protection reference
| Synopsis | Distributed CPU protection policy for SAP | |
| Context | configure service ies service-name interface interface-name sap sap dist-cpu-protection reference | |
| Tree | dist-cpu-protection | |
Reference | configure system security dist-cpu-protection policy named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
egress
agg-rate
queue-frame-based-accounting boolean
| Synopsis | Enable frame based accounting on policers and queues | |
| Context | configure service ies service-name interface interface-name sap sap egress agg-rate queue-frame-based-accounting boolean | |
| Tree | queue-frame-based-accounting | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
rate number
filter
ip reference
ipv6 reference
qos
policer-control-policy
| Synopsis | Enter the policer-control-policy context | |
| Context | configure service ies service-name interface interface-name sap sap egress qos policer-control-policy | |
| Tree | policer-control-policy | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
overrides
root
max-rate (number | keyword)
priority-mbs-thresholds
| Synopsis | Enter the priority-mbs-thresholds context | |
| Context | configure service ies service-name interface interface-name sap sap egress qos policer-control-policy overrides root priority-mbs-thresholds | |
| Tree | priority-mbs-thresholds | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
min-thresh-separation (number | keyword)
| Synopsis | Minimum amount of separation buffer space | |
| Context | configure service ies service-name interface interface-name sap sap egress qos policer-control-policy overrides root priority-mbs-thresholds min-thresh-separation (number | keyword) | |
| Tree | min-thresh-separation | |
| Range | 0 to 16777216 | |
| Units | bytes | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
priority [priority-level] number
[priority-level] number
mbs-contribution (number | keyword)
| Synopsis | Minimum amount of cumulative buffer space allowed | |
| Context | configure service ies service-name interface interface-name sap sap egress qos policer-control-policy overrides root priority-mbs-thresholds priority number mbs-contribution (number | keyword) | |
| Tree | mbs-contribution | |
| Range | 0 to 16777216 | |
| Units | bytes | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
policy-name reference
| Synopsis | Policer control policy name | |
| Context | configure service ies service-name interface interface-name sap sap egress qos policer-control-policy policy-name reference | |
| Tree | policy-name | |
Reference | configure qos policer-control-policy named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
qinq-mark-top-only boolean
| Synopsis | Mark top Q-tags | |
| Context | configure service ies service-name interface interface-name sap sap egress qos qinq-mark-top-only boolean | |
| Tree | qinq-mark-top-only | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
sap-egress
| Synopsis | Enter the sap-egress context | |
| Context | configure service ies service-name interface interface-name sap sap egress qos sap-egress | |
| Tree | sap-egress | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
overrides
queue [queue-id] reference
[queue-id] reference
| Synopsis | Policer unique ID | |
| Context | configure service ies service-name interface interface-name sap sap egress qos sap-egress overrides queue reference | |
| Tree | queue | |
Reference | configure qos sap-egress qos-policy-name queue number | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
adaptation-rule
| Synopsis | Enter the adaptation-rule context | |
| Context | configure service ies service-name interface interface-name sap sap egress qos sap-egress overrides queue reference adaptation-rule | |
| Tree | adaptation-rule | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cir keyword
pir keyword
avg-frame-overhead decimal-number
| Synopsis | Average packet-to-frame encapsulation overhead | |
| Context | configure service ies service-name interface interface-name sap sap egress qos sap-egress overrides queue reference avg-frame-overhead decimal-number | |
| Tree | avg-frame-overhead | |
Description | This command configures overrides for the average frame overhead. The overrides supersede the average frame overhead configuration under the queue. For a full description of this command, see the configure qos network-queue queue avg-frame-overhead and configure qos sap-egress queue avg-frame-overhead contexts. | |
| Range | 0.00 to 100.00 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
burst-limit (number | keyword)
| Synopsis | Explicit shaping burst size for the queue | |
| Context | configure service ies service-name interface interface-name sap sap egress qos sap-egress overrides queue reference burst-limit (number | keyword) | |
| Tree | burst-limit | |
| Range | 1 to 14000000 | |
| Units | bytes | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
cbs (number | keyword)
drop-tail
low
percent-reduction-from-mbs (number | keyword)
| Synopsis | Percentage reduction from the MBS for a queue drop tail | |
| Context | configure service ies service-name interface interface-name sap sap egress qos sap-egress overrides queue reference drop-tail low percent-reduction-from-mbs (number | keyword) | |
| Tree | percent-reduction-from-mbs | |
| Range | 0 to 100 | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mbs (number | keyword)
parent
cir-weight number
| Synopsis | CIR parameter that overrides parent for queue group | |
| Context | configure service ies service-name interface interface-name sap sap egress qos sap-egress overrides queue reference parent cir-weight number | |
| Tree | cir-weight | |
| Range | 0 to 100 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
weight number
percent-rate
| Synopsis | Enter the percent-rate context | |
| Context | configure service ies service-name interface interface-name sap sap egress qos sap-egress overrides queue reference percent-rate | |
| Tree | percent-rate | |
Notes | The following elements are part of a choice: percent-rate or rate. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cir decimal-number
pir decimal-number
rate
cir (number | keyword)
pir (number | keyword)
policy-name reference
| Synopsis | Policy ID to associate with SAP for mirrored service | |
| Context | configure service ies service-name interface interface-name sap sap egress qos sap-egress policy-name reference | |
| Tree | policy-name | |
Reference | configure qos sap-egress qos-policy-name | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
port-redirect-group
| Synopsis | Enter the port-redirect-group context | |
| Context | configure service ies service-name interface interface-name sap sap egress qos sap-egress port-redirect-group | |
| Tree | port-redirect-group | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
group-name reference
| Synopsis | Name of the queue group redirect list policy | |
| Context | configure service ies service-name interface interface-name sap sap egress qos sap-egress port-redirect-group group-name reference | |
| Tree | group-name | |
Reference | configure qos queue-group-templates egress queue-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
instance number
| Synopsis | Instance of port queue group | |
| Context | configure service ies service-name interface interface-name sap sap egress qos sap-egress port-redirect-group instance number | |
| Tree | instance | |
| Range | 1 to 65535 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
scheduler-policy
| Synopsis | Enter the scheduler-policy context | |
| Context | configure service ies service-name interface interface-name sap sap egress qos scheduler-policy | |
| Tree | scheduler-policy | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
overrides
scheduler [scheduler-name] named-item
[scheduler-name] named-item
| Synopsis | Scheduler name | |
| Context | configure service ies service-name interface interface-name sap sap egress qos scheduler-policy overrides scheduler named-item | |
| Tree | scheduler | |
Description | This command specifies the scheduler name which is composed of printable 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes. Each scheduler must have a unique name within the context of the scheduler policy. However, the same name can be reused in multiple scheduler policies. If the scheduler name already exists within the policy tier level, the context changes to that scheduler name for the purpose of editing the scheduler commands. If the scheduler name exists within the policy on a different tier, an error occurs and the current context does not change. If the scheduler name does not exist in this or another tier within the scheduler policy, it is assumed that an attempt is being made to create a scheduler of that name. If the provided scheduler name is invalid, a name syntax error occurs, the command does not execute, and the context is not change. | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
parent
cir-weight number
| Synopsis | Weight used at the within-CIR port priority level | |
| Context | configure service ies service-name interface interface-name sap sap egress qos scheduler-policy overrides scheduler named-item parent cir-weight number | |
| Tree | cir-weight | |
| Range | 0 to 100 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
weight number
rate
cir (number | keyword)
pir (number | keyword)
policy-name reference
| Synopsis | Scheduler policy name | |
| Context | configure service ies service-name interface interface-name sap sap egress qos scheduler-policy policy-name reference | |
| Tree | policy-name | |
Reference | configure qos scheduler-policy named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ingress
filter
ip reference
ipv6 reference
qos
match-qinq-dot1p keyword
| Synopsis | Ingress match QinQ Dot1p | |
| Context | configure service ies service-name interface interface-name sap sap ingress qos match-qinq-dot1p keyword | |
| Tree | match-qinq-dot1p | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
policer-control-policy
| Synopsis | Enter the policer-control-policy context | |
| Context | configure service ies service-name interface interface-name sap sap ingress qos policer-control-policy | |
| Tree | policer-control-policy | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
overrides
root
max-rate (number | keyword)
priority-mbs-thresholds
| Synopsis | Enter the priority-mbs-thresholds context | |
| Context | configure service ies service-name interface interface-name sap sap ingress qos policer-control-policy overrides root priority-mbs-thresholds | |
| Tree | priority-mbs-thresholds | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
min-thresh-separation (number | keyword)
| Synopsis | Minimum amount of separation buffer space | |
| Context | configure service ies service-name interface interface-name sap sap ingress qos policer-control-policy overrides root priority-mbs-thresholds min-thresh-separation (number | keyword) | |
| Tree | min-thresh-separation | |
| Range | 0 to 16777216 | |
| Units | bytes | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
priority [priority-level] number
[priority-level] number
mbs-contribution (number | keyword)
| Synopsis | Minimum amount of cumulative buffer space allowed | |
| Context | configure service ies service-name interface interface-name sap sap ingress qos policer-control-policy overrides root priority-mbs-thresholds priority number mbs-contribution (number | keyword) | |
| Tree | mbs-contribution | |
| Range | 0 to 16777216 | |
| Units | bytes | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
policy-name reference
| Synopsis | Policer control policy name | |
| Context | configure service ies service-name interface interface-name sap sap ingress qos policer-control-policy policy-name reference | |
| Tree | policy-name | |
Reference | configure qos policer-control-policy named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
sap-ingress
| Synopsis | Enter the sap-ingress context | |
| Context | configure service ies service-name interface interface-name sap sap ingress qos sap-ingress | |
| Tree | sap-ingress | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
fp-redirect-group
| Synopsis | Enter the fp-redirect-group context | |
| Context | configure service ies service-name interface interface-name sap sap ingress qos sap-ingress fp-redirect-group | |
| Tree | fp-redirect-group | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
group-name reference
| Synopsis | Queue group template name created on forwarding plane | |
| Context | configure service ies service-name interface interface-name sap sap ingress qos sap-ingress fp-redirect-group group-name reference | |
| Tree | group-name | |
Reference | configure qos queue-group-templates ingress queue-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
instance number
| Synopsis | Queue group instance | |
| Context | configure service ies service-name interface interface-name sap sap ingress qos sap-ingress fp-redirect-group instance number | |
| Tree | instance | |
| Range | 1 to 65535 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
overrides
policer [policer-id] reference
[policer-id] reference
| Synopsis | Policer unique ID | |
| Context | configure service ies service-name interface interface-name sap sap ingress qos sap-ingress overrides policer reference | |
| Tree | policer | |
Reference | configure qos sap-ingress qos-policy-name policer number | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cbs (number | keyword)
mbs (number | keyword)
packet-byte-offset number
| Synopsis | Packet size modification for policing information | |
| Context | configure service ies service-name interface interface-name sap sap ingress qos sap-ingress overrides policer reference packet-byte-offset number | |
| Tree | packet-byte-offset | |
| Range | -32 to 31 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
percent-rate
| Synopsis | Enter the percent-rate context | |
| Context | configure service ies service-name interface interface-name sap sap ingress qos sap-ingress overrides policer reference percent-rate | |
| Tree | percent-rate | |
Notes | The following elements are part of a choice: percent-rate or rate. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cir decimal-number
pir decimal-number
rate
cir (number | keyword)
pir (number | keyword)
stat-mode keyword
queue [queue-id] reference
[queue-id] reference
| Synopsis | Policer unique ID | |
| Context | configure service ies service-name interface interface-name sap sap ingress qos sap-ingress overrides queue reference | |
| Tree | queue | |
Reference | configure qos sap-ingress qos-policy-name queue number | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
adaptation-rule
| Synopsis | Enter the adaptation-rule context | |
| Context | configure service ies service-name interface interface-name sap sap ingress qos sap-ingress overrides queue reference adaptation-rule | |
| Tree | adaptation-rule | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cir keyword
pir keyword
cbs (number | keyword)
drop-tail
low
percent-reduction-from-mbs (number | keyword)
| Synopsis | Percentage reduction from the MBS for a queue drop tail | |
| Context | configure service ies service-name interface interface-name sap sap ingress qos sap-ingress overrides queue reference drop-tail low percent-reduction-from-mbs (number | keyword) | |
| Tree | percent-reduction-from-mbs | |
| Range | 0 to 100 | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mbs (number | keyword)
parent
cir-weight number
| Synopsis | CIR parameter that overrides parent for queue group | |
| Context | configure service ies service-name interface interface-name sap sap ingress qos sap-ingress overrides queue reference parent cir-weight number | |
| Tree | cir-weight | |
| Range | 0 to 100 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
weight number
percent-rate
| Synopsis | Enter the percent-rate context | |
| Context | configure service ies service-name interface interface-name sap sap ingress qos sap-ingress overrides queue reference percent-rate | |
| Tree | percent-rate | |
Notes | The following elements are part of a choice: percent-rate or rate. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cir decimal-number
pir decimal-number
rate
cir (number | keyword)
pir (number | keyword)
policy-name reference
| Synopsis | Policy ID | |
| Context | configure service ies service-name interface interface-name sap sap ingress qos sap-ingress policy-name reference | |
| Tree | policy-name | |
Reference | configure qos sap-ingress qos-policy-name | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
scheduler-policy
| Synopsis | Enter the scheduler-policy context | |
| Context | configure service ies service-name interface interface-name sap sap ingress qos scheduler-policy | |
| Tree | scheduler-policy | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
overrides
scheduler [scheduler-name] named-item
[scheduler-name] named-item
| Synopsis | Scheduler name | |
| Context | configure service ies service-name interface interface-name sap sap ingress qos scheduler-policy overrides scheduler named-item | |
| Tree | scheduler | |
Description | This command specifies the scheduler name which is composed of printable 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes. Each scheduler must have a unique name within the context of the scheduler policy. However, the same name can be reused in multiple scheduler policies. If the scheduler name already exists within the policy tier level, the context changes to that scheduler name for the purpose of editing the scheduler commands. If the scheduler name exists within the policy on a different tier, an error occurs and the current context does not change. If the scheduler name does not exist in this or another tier within the scheduler policy, it is assumed that an attempt is being made to create a scheduler of that name. If the provided scheduler name is invalid, a name syntax error occurs, the command does not execute, and the context is not change. | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
parent
cir-weight number
| Synopsis | Weight used at the within-CIR port priority level | |
| Context | configure service ies service-name interface interface-name sap sap ingress qos scheduler-policy overrides scheduler named-item parent cir-weight number | |
| Tree | cir-weight | |
| Range | 0 to 100 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
weight number
rate
cir (number | keyword)
pir (number | keyword)
| Synopsis | PIR at which the queue is to operate | |
| Context | configure service ies service-name interface interface-name sap sap ingress qos scheduler-policy overrides scheduler named-item rate pir (number | keyword) | |
| Tree | pir | |
| Range | 1 to 6400000000 | |
| Units | kilobps | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
policy-name reference
| Synopsis | Scheduler policy name | |
| Context | configure service ies service-name interface interface-name sap sap ingress qos scheduler-policy policy-name reference | |
| Tree | policy-name | |
Reference | configure qos scheduler-policy named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ip-tunnel [tunnel-name] interface-name
| Synopsis | Enter the ip-tunnel list instance | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name | |
| Tree | ip-tunnel | |
Description | Commands in this context configure an IP-GRE or IP-IP tunnel and associate it with a private tunnel SAP within an IES service. | |
| Max. instances | 1 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
[tunnel-name] interface-name
admin-state keyword
| Synopsis | Administrative state of the IP tunnel | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
backup-remote-ip-address (ipv4-address-no-zone | ipv6-address-no-zone)
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Backup remote IP address that is applied to this tunnel | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name backup-remote-ip-address (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | backup-remote-ip-address | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
clear-df-bit boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Clear the Do-not-Fragment bit | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name clear-df-bit boolean | |
| Tree | clear-df-bit | |
Description | When configured to true, the DF bit is cleared (set to 0) in all payload IP packets associated with the GRE or IPsec tunnel, before any potential fragmentation resulting from the ip-mtu command. This requires a modification of the header checksum. When configured to false, clearing of the DF bit is disabled. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
delivery-service service-name
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Service to originate and terminate GRE packets | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name delivery-service service-name | |
| Tree | delivery-service | |
Description | This command specifies the service used to originate and terminate the GRE encapsulated packets belonging to the GRE tunnel. The delivery service may be the same service that owns the private tunnel SAP associated with the GRE tunnel. The GRE tunnel does not come up until a valid delivery service is configured. | |
| String length | 1 to 64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
description description
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Text description | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
dest-ip [dest-ip-address] (ipv4-address-no-zone | ipv6-address-no-zone)
[dest-ip-address] (ipv4-address-no-zone | ipv6-address-no-zone)
| Synopsis | IP address of the remote IP tunnel endpoint | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name dest-ip (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | dest-ip | |
Description | This command configures the IP address of the remote IP tunnel endpoint. If the remote IP address is not within the subnet of the IP interface associated with the tunnel, the tunnel fails to come up. | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dscp keyword
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Differentiated Services Code Point (DSCP) name | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name dscp keyword | |
| Tree | dscp | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
encapsulated-ip-mtu number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Maximum size of the encapsulated tunnel packet | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name encapsulated-ip-mtu number | |
| Tree | encapsulated-ip-mtu | |
Description | This command specifies the maximum size of the encapsulated tunnel packet for the IP tunnel. If the packet exceeds this value, the system fragments the packet. | |
| Range | 512 to 9000 | |
| Units | bytes | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
gre-header
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the gre-header context | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name gre-header | |
| Tree | gre-header | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
admin-state keyword
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Administrative state of the GRE header in the tunnel | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name gre-header admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
key
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the key context | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name gre-header key | |
| Tree | key | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
admin-state keyword
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Administrative state of the keys in the GRE header | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name gre-header key admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
receive number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Receive key of the GRE header | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name gre-header key receive number | |
| Tree | receive | |
| Max. range | 0 to 4294967295 | |
| Default | 0 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
send number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Send key of the GRE header | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name gre-header key send number | |
| Tree | send | |
| Max. range | 0 to 4294967295 | |
| Default | 0 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
icmp-generation
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the icmp-generation context | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name icmp-generation | |
| Tree | icmp-generation | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
frag-required
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the frag-required context | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name icmp-generation frag-required | |
| Tree | frag-required | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
admin-state keyword
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Administrative state of sending ICMP messages | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name icmp-generation frag-required admin-state keyword | |
| Tree | admin-state | |
Description | This command configures the administrative state of sending ICMP Destination Unreachable "fragmentation needed, DF set" messages (type 3, code 4) messages to the source if the received size of the IPv4 packet on the private side exceeds the private MTU size. | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
interval number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Interval for sending ICMP messages | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name icmp-generation frag-required interval number | |
| Tree | interval | |
Description | This command configures the interval for sending ICMP Destination Unreachable "fragmentation needed, DF set" messages (type 3, code 4). | |
| Range | 1 to 60 | |
| Units | seconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
message-count number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Maximum number of ICMP messages sent | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name icmp-generation frag-required message-count number | |
| Tree | message-count | |
Description | This command configures the maximum number of ICMP messages that can be sent during the period specified by the interval command. | |
| Range | 10 to 1000 | |
| Default | 100 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
icmp6-generation
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the icmp6-generation context | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name icmp6-generation | |
| Tree | icmp6-generation | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
packet-too-big
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the packet-too-big context | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name icmp6-generation packet-too-big | |
| Tree | packet-too-big | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
admin-state keyword
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Administrative state of sending Packet Too Big messages | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name icmp6-generation packet-too-big admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
number number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Maximum number of PTB ICMPv6 messages that can be sent | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name icmp6-generation packet-too-big number number | |
| Tree | number | |
Description | This command configures the maximum number of ICMPv6 messages that can be sent during the configured interval. | |
| Range | 10 to 1000 | |
| Default | 100 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
seconds number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Maximum interval when PTB messages can be sent | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name icmp6-generation packet-too-big seconds number | |
| Tree | seconds | |
| Range | 1 to 60 | |
| Units | seconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ip-mtu number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | IP MTU for the interface | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name ip-mtu number | |
| Tree | ip-mtu | |
Description | This command specifies the IP MTU for the interface. If the DF bit is not set in the packet, IP packet fragmentation is performed, if necessary, based on this configured value. When unconfigured, all IP packets, regardless of the packet size or DF bit setting, are allowed into the tunnel without fragmentation. | |
| Range | 512 to 9000 | |
| Units | bytes | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
ipsec-transport-mode-profile reference
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | IPsec transport mode profile name | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name ipsec-transport-mode-profile reference | |
| Tree | ipsec-transport-mode-profile | |
Reference | configure ipsec ipsec-transport-mode-profile named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
local-ip-address (ipv4-address-no-zone | ipv6-address-no-zone)
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Local IP address of this tunnel | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name local-ip-address (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | local-ip-address | |
Description | This command specifies the local IP address to use for the IP tunnel. This configuration applies to the outer IP header of the encapsulated packets. The address must belong to one of the IP subnets associated with the public SAP interface of the tunnel group. The source IP address, the remote IP address, and the backup remote IP address of a tunnel must all belong to the same address family (IPv4 or IPv6). When this command specifies an IPv6 address, it must be a global unicast address. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
pmtu-discovery-aging number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Time to age out the learned path MTU | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name pmtu-discovery-aging number | |
| Tree | pmtu-discovery-aging | |
Description | This command configures the temporary public MTU expiration time. The temporary public MTU is used for MTU propagation. | |
| Range | 900 to 3600 | |
| Units | seconds | |
| Default | 900 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
private-tcp-mss-adjust number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | TCP Maximum Segment Size (MSS) on the private side | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name private-tcp-mss-adjust number | |
| Tree | private-tcp-mss-adjust | |
Description | This command specifies the TCP MSS to adjust for tunnels on the private side. The value is used to adjust the TCP MSS option in the TCP SYN packet. | |
| Range | 512 to 9000 | |
| Units | bytes | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
propagate-pmtu-v4 boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable propagation of the path MTU to IPv4 hosts | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name propagate-pmtu-v4 boolean | |
| Tree | propagate-pmtu-v4 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
propagate-pmtu-v6 boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable propagation of path MTU to IPv6 hosts | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name propagate-pmtu-v6 boolean | |
| Tree | propagate-pmtu-v6 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
public-tcp-mss-adjust (number | keyword)
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | TCP Maximum Segment Size (MSS) on the public side | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name public-tcp-mss-adjust (number | keyword) | |
| Tree | public-tcp-mss-adjust | |
Description | This command specifies the TCP MSS for TCP traffic sent from the public network to the private network. The value is used to adjust the TCP MSS option in the TCP SYN packet. | |
| Range | 512 to 9000 | |
| Units | bytes | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
reassembly (number | keyword)
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Maximum reassembly wait time | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name reassembly (number | keyword) | |
| Tree | reassembly | |
Description | This command configures the maximum time to wait to receive all fragments of a particular IPsec or GRE packet for reassembly. | |
| Range | 1 to 5000 | |
| Units | milliseconds | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
remote-ip-address (ipv4-address-no-zone | ipv6-address-no-zone)
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Remote IP address of the tunnel | |
| Context | configure service ies service-name interface interface-name sap sap ip-tunnel interface-name remote-ip-address (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | remote-ip-address | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ipsec-gateway [name] named-item
| Synopsis | Enter the ipsec-gateway list instance | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item | |
| Tree | ipsec-gateway | |
| Max. instances | 1 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
[name] named-item
| Synopsis | IPsec gateway name | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item | |
| Tree | ipsec-gateway | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the IPsec gateway | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cert
cert-profile reference
| Synopsis | Certificate profile name | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item cert cert-profile reference | |
| Tree | cert-profile | |
Reference | configure ipsec cert-profile named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
status-verify
| Synopsis | Enter the status-verify context | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item cert status-verify | |
| Tree | status-verify | |
Description | Commands in this context configure certificate revocation status verification. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
default-result keyword
| Synopsis | Default result of Certificate Status Verification (CSV) | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item cert status-verify default-result keyword | |
| Tree | default-result | |
Description | This command specifies the default result when both the primary and secondary methods fail to provide an answer. | |
| Options | ||
| Default | revoked | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
primary keyword
| Synopsis | Primary method of CSV to verify the revocation status | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item cert status-verify primary keyword | |
| Tree | primary | |
| Options | ||
| Default | crl | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
secondary keyword
| Synopsis | Secondary method of CSV to verify the revocation status | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item cert status-verify secondary keyword | |
| Tree | secondary | |
| Options | ||
| Default | none | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
trust-anchor-profile reference
| Synopsis | Trust anchor profile name | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item cert trust-anchor-profile reference | |
| Tree | trust-anchor-profile | |
Reference | configure ipsec trust-anchor-profile named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
client-db
| Synopsis | Enable the client-db context | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item client-db | |
| Tree | client-db | |
Description | Commands in this context configure the IPsec client database. The client database is used to authenticate the IKEv2 dynamic LAN-to-LAN tunnel. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
fallback boolean
| Synopsis | Fall back to the default authentication policy | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item client-db fallback boolean | |
| Tree | fallback | |
Description | When configured to true, this command specifies whether the IPsec gateway can fall back to the default authentication policy when the IPsec tunnel authentication request fails to match any clients in the IPsec database. When configured to false and the client database lookup fails to return a matched result, the system fails the tunnel setup. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
name reference
default-secure-service
| Synopsis | Enable the default-secure-service context | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item default-secure-service | |
| Tree | default-secure-service | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
interface interface-name
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Private IPsec tunnel interface name | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item default-secure-service interface interface-name | |
| Tree | interface | |
| String length | 1 to 32 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
service-name service-name
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Default security service name | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item default-secure-service service-name service-name | |
| Tree | service-name | |
| String length | 1 to 64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
default-tunnel-template reference
| Synopsis | Default tunnel policy template for the gateway | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item default-tunnel-template reference | |
| Tree | default-tunnel-template | |
Reference | configure ipsec tunnel-template number | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dhcp-address-assignment
| Synopsis | Enter the dhcp-address-assignment context | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item dhcp-address-assignment | |
| Tree | dhcp-address-assignment | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dhcpv4
| Synopsis | Enable the dhcpv4 context | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item dhcp-address-assignment dhcpv4 | |
| Tree | dhcpv4 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the IPsec DHCPv4 server | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item dhcp-address-assignment dhcpv4 admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
gi-address ipv4-unicast-address
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Gateway IP address of DHCPv4 packets sent by the system | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item dhcp-address-assignment dhcpv4 gi-address ipv4-unicast-address | |
| Tree | gi-address | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
send-release boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Send DHCPv4 release message when IPsec tunnel removed | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item dhcp-address-assignment dhcpv4 send-release boolean | |
| Tree | send-release | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
server
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the server context | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item dhcp-address-assignment dhcpv4 server | |
| Tree | server | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
address ipv4-unicast-address
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | DHCPv4 server addresses | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item dhcp-address-assignment dhcpv4 server address ipv4-unicast-address | |
| Tree | address | |
Description | This command specifies DHCPv4 server addresses for the DHCPv4-based address assignment. If multiple server addresses are specified, the first advertised DHCPv4 address received is chosen. | |
| Max. instances | 8 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
router-instance router-instance-base-vprn-loose
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Router instance used to reach the DHCPv4 server | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item dhcp-address-assignment dhcpv4 server router-instance router-instance-base-vprn-loose | |
| Tree | router-instance | |
| String length | 1 to 64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
dhcpv6
| Synopsis | Enable the dhcpv6 context | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item dhcp-address-assignment dhcpv6 | |
| Tree | dhcpv6 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the DHCPv6 server | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item dhcp-address-assignment dhcpv6 admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
link-address ipv6-unicast-address
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Link address of the relayed DHCPv6 packets | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item dhcp-address-assignment dhcpv6 link-address ipv6-unicast-address | |
| Tree | link-address | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
send-release boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Send DHCPv6 release message when IPsec tunnel removed | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item dhcp-address-assignment dhcpv6 send-release boolean | |
| Tree | send-release | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
server
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the server context | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item dhcp-address-assignment dhcpv6 server | |
| Tree | server | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
address ipv6-unicast-address
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | DHCPv6 server addresses | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item dhcp-address-assignment dhcpv6 server address ipv6-unicast-address | |
| Tree | address | |
Description | This command specifies DHCPv6 server addresses for the DHCPv6-based address assignment. If multiple server addresses are specified, the first advertised DHCPv6 address received is chosen. | |
| Max. instances | 8 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
router-instance router-instance-base-vprn-loose
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Router instance to reach the DHCPv6 server | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item dhcp-address-assignment dhcpv6 server router-instance router-instance-base-vprn-loose | |
| Tree | router-instance | |
| String length | 1 to 64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ike-policy reference
| Synopsis | IKE policy ID | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item ike-policy reference | |
| Tree | ike-policy | |
Reference | configure ipsec ike-policy number | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
local
address-assignment
| Synopsis | Enable the address-assignment context | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item local address-assignment | |
| Tree | address-assignment | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of local address assignments | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item local address-assignment admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable the ipv4 context | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item local address-assignment ipv4 | |
| Tree | ipv4 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
dhcp-server named-item
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Local DHCPv4 server name | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item local address-assignment ipv4 dhcp-server named-item | |
| Tree | dhcp-server | |
| String length | 1 to 32 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
pool named-item
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Name of the pool defined in the specified DHCPv4 server | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item local address-assignment ipv4 pool named-item | |
| Tree | pool | |
| String length | 1 to 32 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
router-instance router-instance-base-vprn-loose
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Router instance ID for the local DHCPv4 server | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item local address-assignment ipv4 router-instance router-instance-base-vprn-loose | |
| Tree | router-instance | |
| String length | 1 to 64 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
secondary-pool named-item
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Name of the secondary pool defined in the DHCPv4 server | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item local address-assignment ipv4 secondary-pool named-item | |
| Tree | secondary-pool | |
| String length | 1 to 32 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ipv6
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable the ipv6 context | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item local address-assignment ipv6 | |
| Tree | ipv6 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
dhcp-server named-item
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Local DHCPv6 server name | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item local address-assignment ipv6 dhcp-server named-item | |
| Tree | dhcp-server | |
| String length | 1 to 32 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
pool named-item
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Secondary pool name defined in the DHCPv6 server | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item local address-assignment ipv6 pool named-item | |
| Tree | pool | |
| String length | 1 to 32 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
router-instance router-instance-base-vprn-loose
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Router instance ID hosting the DHCPv6 connection | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item local address-assignment ipv6 router-instance router-instance-base-vprn-loose | |
| Tree | router-instance | |
| String length | 1 to 64 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
gateway-address (ipv4-address-no-zone | ipv6-address-no-zone)
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Local gateway address of the IPsec gateway | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item local gateway-address (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | gateway-address | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
id
| Synopsis | Enter the id context | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item local id | |
| Tree | id | |
Description | Commands in this context specify the local ID used for the Identification Indicator (IDi) or Identification Responder (IDr) in the IKEv2 tunnel. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
auto
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Select ID based on authentication method in IKE policy | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item local id auto | |
| Tree | auto | |
Notes | The following elements are part of a choice: auto, fqdn, ipv4, or ipv6. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
fqdn fully-qualified-domain-name
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | FQDN as the local ID type | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item local id fqdn fully-qualified-domain-name | |
| Tree | fqdn | |
| String length | 1 to 255 | |
Notes | The following elements are part of a choice: auto, fqdn, ipv4, or ipv6. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ipv4 ipv4-unicast-address
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | IPv4 address as the local ID type | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item local id ipv4 ipv4-unicast-address | |
| Tree | ipv4 | |
Notes | The following elements are part of a choice: auto, fqdn, ipv4, or ipv6. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ipv6 (ipv4-address-no-zone | ipv6-address-no-zone)
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | IPv6 address as the local ID type | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item local id ipv6 (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | ipv6 | |
Notes | The following elements are part of a choice: auto, fqdn, ipv4, or ipv6. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
max-history-key-records
| Synopsis | Enter the max-history-key-records context | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item max-history-key-records | |
| Tree | max-history-key-records | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
esp number
| Synopsis | Maximum number of recent records | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item max-history-key-records esp number | |
| Tree | esp | |
| Range | 1 to 48 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ike number
| Synopsis | Maximum number of historical IKE keys recorded | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item max-history-key-records ike number | |
| Tree | ike | |
| Range | 1 to 3 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
pre-shared-key encrypted-leaf
| Synopsis | Pre-shared key for the IPsec gateway | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item pre-shared-key encrypted-leaf | |
| Tree | pre-shared-key | |
| String length | 1 to 115 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
radius
accounting-policy reference
| Synopsis | RADIUS accounting policy | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item radius accounting-policy reference | |
| Tree | accounting-policy | |
Reference | configure ipsec radius accounting-policy named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authentication-policy reference
| Synopsis | RADIUS authentication policy | |
| Context | configure service ies service-name interface interface-name sap sap ipsec-gateway named-item radius authentication-policy reference | |
| Tree | authentication-policy | |
Reference | configure ipsec radius authentication-policy named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ts-list reference
lag
multi-service-site reference
| Synopsis | Multi service site name | |
| Context | configure service ies service-name interface interface-name sap sap multi-service-site reference | |
| Tree | multi-service-site | |
Reference | configure service customer customer-name multi-service-site named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
spoke-sdp [sdp-bind-id] sdp-bind-id
[sdp-bind-id] sdp-bind-id
accounting-policy reference
| Synopsis | Policy to collect accounting statistics | |
| Context | configure service ies service-name interface interface-name spoke-sdp sdp-bind-id accounting-policy reference | |
| Tree | accounting-policy | |
Reference | configure log accounting-policy number | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the SDP binding to the service | |
| Context | configure service ies service-name interface interface-name spoke-sdp sdp-bind-id admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
collect-stats boolean
| Synopsis | Allow agent to collect accounting statistics | |
| Context | configure service ies service-name interface interface-name spoke-sdp sdp-bind-id collect-stats boolean | |
| Tree | collect-stats | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
description description
| Synopsis | Text description | |
| Context | configure service ies service-name interface interface-name spoke-sdp sdp-bind-id description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
egress
filter
ip reference
ipv6 reference
qos
network
policy-name reference
port-redirect-group
| Synopsis | Enter the port-redirect-group context | |
| Context | configure service ies service-name interface interface-name spoke-sdp sdp-bind-id egress qos network port-redirect-group | |
| Tree | port-redirect-group | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
group-name reference
| Synopsis | Name of the egress port queue group | |
| Context | configure service ies service-name interface interface-name spoke-sdp sdp-bind-id egress qos network port-redirect-group group-name reference | |
| Tree | group-name | |
Reference | configure qos queue-group-templates egress queue-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
instance number
vc-label number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Egress MPLS VC label to send packets to the far end | |
| Context | configure service ies service-name interface interface-name spoke-sdp sdp-bind-id egress vc-label number | |
| Tree | vc-label | |
| Range | 16 to 1048575 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
hash-label
| Synopsis | Enable the hash-label context | |
| Context | configure service ies service-name interface interface-name spoke-sdp sdp-bind-id hash-label | |
| Tree | hash-label | |
Description | Commands in this context configure the use of hash labels for egress datapaths. For information about hash-label handling, see the "Hash labels" section of the 7705 SAR Gen 2 MPLS Guide. | |
Notes | The following elements are part of a choice: entropy-label or hash-label. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
signal-capability
| Synopsis | Signal hash label capability to the remote PE | |
| Context | configure service ies service-name interface interface-name spoke-sdp sdp-bind-id hash-label signal-capability | |
| Tree | signal-capability | |
Description | When configured, this command enables the signaling and negotiating of the hash label between the local and remote PE nodes. The signaling process outcome determines whether the local PE inserts the hash label on the user packets. This outcome can override the local PE configuration. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ingress
filter
ip reference
ipv6 reference
qos
network
fp-redirect-group
| Synopsis | Enter the fp-redirect-group context | |
| Context | configure service ies service-name interface interface-name spoke-sdp sdp-bind-id ingress qos network fp-redirect-group | |
| Tree | fp-redirect-group | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
group-name reference
| Synopsis | Name of the forwarding plane queue group template | |
| Context | configure service ies service-name interface interface-name spoke-sdp sdp-bind-id ingress qos network fp-redirect-group group-name reference | |
| Tree | group-name | |
Reference | configure qos queue-group-templates ingress queue-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
instance number
policy-name reference
vc-label number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Ingress MPLS VC label to send packets to the far end | |
| Context | configure service ies service-name interface interface-name spoke-sdp sdp-bind-id ingress vc-label number | |
| Tree | vc-label | |
| Range | 1 to 1048575 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
vc-type keyword
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Virtual circuit type associated with the SDP binding | |
| Context | configure service ies service-name interface interface-name spoke-sdp sdp-bind-id vc-type keyword | |
| Tree | vc-type | |
| Options | ||
| Default | ether | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
static-tunnel-redundant-nexthop ipv4-unicast-address
| Synopsis | Address for the static ISA tunnel redundant next-hop | |
| Context | configure service ies service-name interface interface-name static-tunnel-redundant-nexthop ipv4-unicast-address | |
| Tree | static-tunnel-redundant-nexthop | |
Description | This command configures a redundant next-hop address on a public or private IPsec interface (with a public or private tunnel SAP) for a static IPsec tunnel in 1:1 MC-IPsec. A standby node uses the specified next-hop address to shunt traffic to the master in case it receives traffic destined to a tunnel endpoint address. The standby tunnel group needs to be operationally up for the feature to work. The next-hop address is resolved in the routing table of the corresponding service. | |
Notes | The following elements are part of a choice: multi-chassis-shunting-profile or (dynamic-tunnel-redundant-nexthop and static-tunnel-redundant-nexthop). | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
tos-marking-state keyword
| Synopsis | TOS marking state | |
| Context | configure service ies service-name interface interface-name tos-marking-state keyword | |
| Tree | tos-marking-state | |
| Options | ||
| Default | untrusted | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
tunnel boolean
vpls [vpls-name] named-item-64
[vpls-name] named-item-64
egress
reclassify-using-qos reference
| Synopsis | Egress QoS policy | |
| Context | configure service ies service-name interface interface-name vpls named-item-64 egress reclassify-using-qos reference | |
| Tree | reclassify-using-qos | |
Reference | configure qos sap-egress qos-policy-name | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
routed-override-filter
| Synopsis | Enter the routed-override-filter context | |
| Context | configure service ies service-name interface interface-name vpls named-item-64 egress routed-override-filter | |
| Tree | routed-override-filter | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ip reference
ipv6 reference
| Synopsis | IPv6 filter policy name | |
| Context | configure service ies service-name interface interface-name vpls named-item-64 egress routed-override-filter ipv6 reference | |
| Tree | ipv6 | |
Reference | configure filter ipv6-filter filter-name | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
evpn
arp
advertise [route-type] keyword
| Synopsis | Enter the advertise list instance | |
| Context | configure service ies service-name interface interface-name vpls named-item-64 evpn arp advertise keyword | |
| Tree | advertise | |
Description | Commands in this context specify the configuration to allow ARP or ND entries that are installed in the ARP or ND cache to be advertised in EVPN MAC/IP routes. The learn-dynamic command must be set to false when using this functionality. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[route-type] keyword
| Synopsis | Type of ARP or ND entries that generate host routes | |
| Context | configure service ies service-name interface interface-name vpls named-item-64 evpn arp advertise keyword | |
| Tree | advertise | |
Description | This command specifies the type of ARP or ND entries that are installed in the ARP or ND cache into EVPN MAC/IP routes. | |
| Options | ||
|
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
route-tag number
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Tag value used with the host route from an ARP/ND entry | |
| Context | configure service ies service-name interface interface-name vpls named-item-64 evpn arp advertise keyword route-tag number | |
| Tree | route-tag | |
Description | This command specifies the route tag that is added separately to dynamic or static ARP or ND entries that are advertised in EVPN MAC/IP routes. This tag can be matched on BGP vsi-export (in the R-VPLS) and BGP peer export policies. | |
| Range | 0 to 255 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
flood-garp-and-unknown-req boolean
| Synopsis | Allow CPM originated ARP frames to flood R-VPLS service | |
| Context | configure service ies service-name interface interface-name vpls named-item-64 evpn arp flood-garp-and-unknown-req boolean | |
| Tree | flood-garp-and-unknown-req | |
Description | When configured to true, the system allows CPM-originated ARP frames to be flooded in the R-VPLS service. Any frames that are data path flooded such as the ARP messages received on a SAP, are flooded irrespective of this command. When configured to false, CPM-originated ARP flooding is suppressed. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
learn-dynamic boolean
| Synopsis | Process ARP or ND messages on EVPN tunnels | |
| Context | configure service ies service-name interface interface-name vpls named-item-64 evpn arp learn-dynamic boolean | |
| Tree | learn-dynamic | |
Description | When configured to true, the system processes ARP or ND messages that arrive on EVPN tunnels. When configured to false, learning is disabled and table entries are not created for these messages. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
nd
advertise [route-type] keyword
| Synopsis | Enter the advertise list instance | |
| Context | configure service ies service-name interface interface-name vpls named-item-64 evpn nd advertise keyword | |
| Tree | advertise | |
Description | Commands in this context specify the configuration to allow ARP or ND entries that are installed in the ARP or ND cache to be advertised in EVPN MAC/IP routes. The learn-dynamic command must be set to false when using this functionality. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[route-type] keyword
| Synopsis | Type of ARP or ND entries that generate host routes | |
| Context | configure service ies service-name interface interface-name vpls named-item-64 evpn nd advertise keyword | |
| Tree | advertise | |
Description | This command specifies the type of ARP or ND entries that are installed in the ARP or ND cache into EVPN MAC/IP routes. | |
| Options | ||
|
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
route-tag number
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Tag value used with the host route from an ARP/ND entry | |
| Context | configure service ies service-name interface interface-name vpls named-item-64 evpn nd advertise keyword route-tag number | |
| Tree | route-tag | |
Description | This command specifies the route tag that is added separately to dynamic or static ARP or ND entries that are advertised in EVPN MAC/IP routes. This tag can be matched on BGP vsi-export (in the R-VPLS) and BGP peer export policies. | |
| Range | 0 to 255 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
learn-dynamic boolean
| Synopsis | Process ARP or ND messages on EVPN tunnels | |
| Context | configure service ies service-name interface interface-name vpls named-item-64 evpn nd learn-dynamic boolean | |
| Tree | learn-dynamic | |
Description | When configured to true, the system processes ARP or ND messages that arrive on EVPN tunnels. When configured to false, learning is disabled and table entries are not created for these messages. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ingress
routed-override-filter
| Synopsis | Enter the routed-override-filter context | |
| Context | configure service ies service-name interface interface-name vpls named-item-64 ingress routed-override-filter | |
| Tree | routed-override-filter | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ip reference
| Synopsis | IPv4 filter policy name | |
| Context | configure service ies service-name interface interface-name vpls named-item-64 ingress routed-override-filter ip reference | |
| Tree | ip | |
Description | This command specifies an IP filter that is applied to routed unicast ingress packets entering the VPLS service and destined to the R-VPLS interface MAC address. The filter overrides any existing ingress IP filter applied to SAPs or SDP bindings for packets associated with the routing IP interface. The override filter is optional and when it is not defined or it is removed, the IP routed packets use the existing ingress IP filter configured on the VPLS endpoint. | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv6 reference
| Synopsis | IPv6 filter policy name | |
| Context | configure service ies service-name interface interface-name vpls named-item-64 ingress routed-override-filter ipv6 reference | |
| Tree | ipv6 | |
Description | This command specifies an IPv6 filter that is applied to routed unicast ingress packets entering the VPLS service and destined to the R-VPLS interface MAC address. The filter overrides any existing ingress IP filter applied to SAPs or SDP bindings for packets associated with the routing IP interface. The override filter is optional and when it is not defined or it is removed, the IP routed packets use the existing ingress IP filter configured on the VPLS endpoint. | |
Reference | configure filter ipv6-filter filter-name | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
service-id number
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Service ID | |
| Context | configure service ies service-name service-id number | |
| Tree | service-id | |
| Range | 1 to 2147483647 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
vpn-id number
mac-list [name] named-item
| Synopsis | Enter the mac-list list instance | |
| Context | configure service mac-list named-item | |
| Tree | mac-list | |
Description | Commands in this context specify the MAC addresses to be included in a MAC list to be used with the Auto-Learn MAC Protect (ALMP) functionality. The list is used to exclude certain MAC addresses from protection, for example, on SAPs or spoke SDPs configured with ALMP where certain MAC addresses (such as VRRP virtual MAC addresses) must be able to move to other objects. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[name] named-item
description description
| Synopsis | Text description | |
| Context | configure service mac-list named-item description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mac [address] mac-address
[address] mac-address
mask mac-address
md-auto-id
| Synopsis | Enter the md-auto-id context | |
| Context | configure service md-auto-id | |
| Tree | md-auto-id | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
customer-id-range
| Synopsis | Enable the customer-id-range context | |
| Context | configure service md-auto-id customer-id-range | |
| Tree | customer-id-range | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
end number
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Upper bound of the ID range | |
| Context | configure service md-auto-id customer-id-range end number | |
| Tree | end | |
| Range | 2 to 2147483647 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
start number
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Lower bound of the ID range | |
| Context | configure service md-auto-id customer-id-range start number | |
| Tree | start | |
| Range | 2 to 2147483647 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
pw-template-id-range
| Synopsis | Enable the pw-template-id-range context | |
| Context | configure service md-auto-id pw-template-id-range | |
| Tree | pw-template-id-range | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
end number
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Upper bound of the PW template ID range | |
| Context | configure service md-auto-id pw-template-id-range end number | |
| Tree | end | |
| Range | 1 to 2147483647 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
start number
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Lower bound of the PW template ID range | |
| Context | configure service md-auto-id pw-template-id-range start number | |
| Tree | start | |
| Range | 1 to 2147483647 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
service-id-range
| Synopsis | Enable the service-id-range context | |
| Context | configure service md-auto-id service-id-range | |
| Tree | service-id-range | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
end number
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Upper bound of the service ID range | |
| Context | configure service md-auto-id service-id-range end number | |
| Tree | end | |
| Range | 1 to 2147483647 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
start number
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Lower bound of the service ID range | |
| Context | configure service md-auto-id service-id-range start number | |
| Tree | start | |
| Range | 1 to 2147483647 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
nat
nat-policy [name] external-named-item
| Synopsis | Enter the nat-policy list instance | |
| Context | configure service nat nat-policy external-named-item | |
| Tree | nat-policy | |
| Max. instances | 4096 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[name] external-named-item
| Synopsis | NAT policy name | |
| Context | configure service nat nat-policy external-named-item | |
| Tree | nat-policy | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
block-limit number
| Synopsis | Maximum number of port blocks per subscriber | |
| Context | configure service nat nat-policy external-named-item block-limit number | |
| Tree | block-limit | |
| Range | 1 to 40 | |
| Default | 1 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
description description
| Synopsis | Text description | |
| Context | configure service nat nat-policy external-named-item description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
filtering keyword
| Synopsis | Filtering method for inbound traffic for the policy | |
| Context | configure service nat nat-policy external-named-item filtering keyword | |
| Tree | filtering | |
| Options | ||
| Default | endpoint-independent | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
pool
| Synopsis | Enter the pool context | |
| Context | configure service nat nat-policy external-named-item pool | |
| Tree | pool | |
Notes | The following elements are part of a choice: dnat-only, l2-outside, or pool. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
name named-item
router-instance string
|
WARNING: Modifying this element clears ISA state, such as flow state, for the new value to take effect. | ||
| Synopsis | Router or VPRN service name | |
| Context | configure service nat nat-policy external-named-item pool router-instance string | |
| Tree | router-instance | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
port-limits
| Synopsis | Enter the port-limits context | |
| Context | configure service nat nat-policy external-named-item port-limits | |
| Tree | port-limits | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
forwarding number
| Synopsis | Maximum number of port forwarding entries | |
| Context | configure service nat nat-policy external-named-item port-limits forwarding number | |
| Tree | forwarding | |
| Range | 1 to 65535 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
watermarks
| Synopsis | Enable the watermarks context | |
| Context | configure service nat nat-policy external-named-item port-limits watermarks | |
| Tree | watermarks | |
Description | This command configures watermarks for NAT resources. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
high number
| Synopsis | High watermark percentage | |
| Context | configure service nat nat-policy external-named-item port-limits watermarks high number | |
| Tree | high | |
Description | This command configures the high threshold value as a percentage of the total port-block space in a NAT pool. | |
| Range | 0 to 100 | |
| Units | percent | |
Notes |
This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
low number
| Synopsis | Low watermark percentage | |
| Context | configure service nat nat-policy external-named-item port-limits watermarks low number | |
| Tree | low | |
Description | This command configures the low threshold value as a percentage of the total port-block space in a NAT pool. | |
| Range | 0 to 100 | |
| Units | percent | |
Notes |
This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
session-limits
| Synopsis | Enter the session-limits context | |
| Context | configure service nat nat-policy external-named-item session-limits | |
| Tree | session-limits | |
Description | Commands in this context configure session-limit attributes for the policy. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
max number
| Synopsis | Maximum number of sessions per subscriber | |
| Context | configure service nat nat-policy external-named-item session-limits max number | |
| Tree | max | |
| Range | 1 to 65535 | |
| Default | 65535 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
watermarks
| Synopsis | Enable the watermarks context | |
| Context | configure service nat nat-policy external-named-item session-limits watermarks | |
| Tree | watermarks | |
Description | This command configures watermarks for NAT resources. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
high number
| Synopsis | High watermark percentage | |
| Context | configure service nat nat-policy external-named-item session-limits watermarks high number | |
| Tree | high | |
Description | This command configures the high threshold value as a percentage of the total port-block space in a NAT pool. | |
| Range | 0 to 100 | |
| Units | percent | |
Notes |
This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
low number
| Synopsis | Low watermark percentage | |
| Context | configure service nat nat-policy external-named-item session-limits watermarks low number | |
| Tree | low | |
Description | This command configures the low threshold value as a percentage of the total port-block space in a NAT pool. | |
| Range | 0 to 100 | |
| Units | percent | |
Notes |
This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
tcp
| Synopsis | Enter the tcp context | |
| Context | configure service nat nat-policy external-named-item tcp | |
| Tree | tcp | |
Description | Commands in this context configure the transmission control protocol (TCP) attributes of the policy. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mss-adjust number
| Synopsis | TCP MSS adjustment value | |
| Context | configure service nat nat-policy external-named-item tcp mss-adjust number | |
| Tree | mss-adjust | |
Description | This command configures the value to use to adjust the TCP Maximum Segment Size (MSS) option, if not already present or the present value is higher. | |
| Range | 160 to 10240 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
timeouts
| Synopsis | Enter the timeouts context | |
| Context | configure service nat nat-policy external-named-item timeouts | |
| Tree | timeouts | |
Description | Commands in this context configure the attributes of session idle timeouts for the policy. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
icmp-query number
| Synopsis | Timeout applied to an ICMP Query session | |
| Context | configure service nat nat-policy external-named-item timeouts icmp-query number | |
| Tree | icmp-query | |
| Range | 60 to 240 | |
| Units | seconds | |
| Default | 60 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
tcp
established number
| Synopsis | Idle timeout for TCP session in established state | |
| Context | configure service nat nat-policy external-named-item timeouts tcp established number | |
| Tree | established | |
| Range | 60 to 86400 | |
| Units | seconds | |
| Default | 7440 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
syn number
time-wait number
transitory number
| Synopsis | Idle timeout for TCP session in transitory state | |
| Context | configure service nat nat-policy external-named-item timeouts tcp transitory number | |
| Tree | transitory | |
| Range | 60 to 86400 | |
| Units | seconds | |
| Default | 240 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
udp
dns number
initial number
normal number
udp
| Synopsis | Enter the udp context | |
| Context | configure service nat nat-policy external-named-item udp | |
| Tree | udp | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
inbound-refresh boolean
| Synopsis | Extend UDP session timeout on inbound traffic | |
| Context | configure service nat nat-policy external-named-item udp inbound-refresh boolean | |
| Tree | inbound-refresh | |
Description | When configured to true, this command extends the UDP session timeout on inbound traffic. When configured to false, the UDP session timeout is not extended. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
oper-group [name] named-item
| Synopsis | Enter the oper-group list instance | |
| Context | configure service oper-group named-item | |
| Tree | oper-group | |
| Max. instances | 32768 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[name] named-item
| Synopsis | Operational group name | |
| Context | configure service oper-group named-item | |
| Tree | oper-group | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bfd-liveness
| Synopsis | Enable the bfd-liveness context | |
| Context | configure service oper-group named-item bfd-liveness | |
| Tree | bfd-liveness | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dest-ip ipv4-unicast-address
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Destination address for BFD | |
| Context | configure service oper-group named-item bfd-liveness dest-ip ipv4-unicast-address | |
| Tree | dest-ip | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
interface-name interface-name
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Source interface name | |
| Context | configure service oper-group named-item bfd-liveness interface-name interface-name | |
| Tree | interface-name | |
| String length | 1 to 32 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
router-instance string
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Routing context used for route lookup | |
| Context | configure service oper-group named-item bfd-liveness router-instance string | |
| Tree | router-instance | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
hold-time
| Synopsis | Enter the hold-time context | |
| Context | configure service oper-group named-item hold-time | |
| Tree | hold-time | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
down number
| Synopsis | Oper group hold down time | |
| Context | configure service oper-group named-item hold-time down number | |
| Tree | down | |
| Range | 1 to 3600 | |
| Units | seconds | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
up number
| Synopsis | Oper group hold up time | |
| Context | configure service oper-group named-item hold-time up number | |
| Tree | up | |
| Range | 0 to 3600 | |
| Units | seconds | |
| Default | 4 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
proxy-arp-nd
| Synopsis | Enter the proxy-arp-nd context | |
| Context | configure service proxy-arp-nd | |
| Tree | proxy-arp-nd | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mac-list
| Synopsis | Enter the mac-list context | |
| Context | configure service proxy-arp-nd mac-list | |
| Tree | mac-list | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
list [list-name] named-item
| Synopsis | Enter the list list instance | |
| Context | configure service proxy-arp-nd mac-list list named-item | |
| Tree | list | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[list-name] named-item
| Synopsis | Specify name for mac list | |
| Context | configure service proxy-arp-nd mac-list list named-item | |
| Tree | list | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mac [address] mac-unicast-address-no-zero
[address] mac-unicast-address-no-zero
pw-template [pw-template-name] pw-template-name
| Synopsis | Enter the pw-template list instance | |
| Context | configure service pw-template pw-template-name | |
| Tree | pw-template | |
| Max. instances | 2048 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[pw-template-name] pw-template-name
| Synopsis | SDP template name | |
| Context | configure service pw-template pw-template-name | |
| Tree | pw-template | |
| String length | 1 to 64 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
accounting-policy number
| Synopsis | Accounting policy | |
| Context | configure service pw-template pw-template-name accounting-policy number | |
| Tree | accounting-policy | |
| Range | 1 to 99 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
allow-fragmentation boolean
| Synopsis | Allow packets to be sent without setting DF bit | |
| Context | configure service pw-template pw-template-name allow-fragmentation boolean | |
| Tree | allow-fragmentation | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
auto-gre-sdp boolean
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Use a GRE tunnel to automatically create an SDP | |
| Context | configure service pw-template pw-template-name auto-gre-sdp boolean | |
| Tree | auto-gre-sdp | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
block-on-peer-fault boolean
| Synopsis | Enable block traffic on peer fault | |
| Context | configure service pw-template pw-template-name block-on-peer-fault boolean | |
| Tree | block-on-peer-fault | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
collect-stats boolean
| Synopsis | Collect statistics | |
| Context | configure service pw-template pw-template-name collect-stats boolean | |
| Tree | collect-stats | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
control-word boolean
| Synopsis | Enable/Disable the use of ControlWord | |
| Context | configure service pw-template pw-template-name control-word boolean | |
| Tree | control-word | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
egress
| Synopsis | Enter the egress context | |
| Context | configure service pw-template pw-template-name egress | |
| Tree | egress | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
filter
| Synopsis | Enter the filter context | |
| Context | configure service pw-template pw-template-name egress filter | |
| Tree | filter | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ip named-item-64
ipv6 named-item-64
mac named-item-64
mfib-allowed-mda-destinations
| Synopsis | Enter the mfib-allowed-mda-destinations context | |
| Context | configure service pw-template pw-template-name egress mfib-allowed-mda-destinations | |
| Tree | mfib-allowed-mda-destinations | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mda [mda-id] slot-mda
| Synopsis | Add a list entry for mda | |
| Context | configure service pw-template pw-template-name egress mfib-allowed-mda-destinations mda slot-mda | |
| Tree | mda | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[mda-id] slot-mda
| Synopsis | MFIB allowed MDA destination | |
| Context | configure service pw-template pw-template-name egress mfib-allowed-mda-destinations mda slot-mda | |
| Tree | mda | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
qos
| Synopsis | Enter the qos context | |
| Context | configure service pw-template pw-template-name egress qos | |
| Tree | qos | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
network
policy-name named-item-64
| Synopsis | Network policy ID | |
| Context | configure service pw-template pw-template-name egress qos network policy-name named-item-64 | |
| Tree | policy-name | |
| String length | 1 to 64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
port-redirect-group
| Synopsis | Enter the port-redirect-group context | |
| Context | configure service pw-template pw-template-name egress qos network port-redirect-group | |
| Tree | port-redirect-group | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
group-name named-item
| Synopsis | Name of the egress port queue group template | |
| Context | configure service pw-template pw-template-name egress qos network port-redirect-group group-name named-item | |
| Tree | group-name | |
| String length | 1 to 32 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
instance number
| Synopsis | Instance for FP ingress queue group | |
| Context | configure service pw-template pw-template-name egress qos network port-redirect-group instance number | |
| Tree | instance | |
| Range | 1 to 65535 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
encryption-keygroup
| Synopsis | Enter the encryption-keygroup context | |
| Context | configure service pw-template pw-template-name encryption-keygroup | |
| Tree | encryption-keygroup | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
inbound number
| Synopsis | Keygroup identifier in the inbound direction | |
| Context | configure service pw-template pw-template-name encryption-keygroup inbound number | |
| Tree | inbound | |
| Range | 1 to 127 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
outbound number
| Synopsis | Keygroup identifier in the outbound direction | |
| Context | configure service pw-template pw-template-name encryption-keygroup outbound number | |
| Tree | outbound | |
| Range | 1 to 127 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
fdb
| Synopsis | Enter the fdb context | |
| Context | configure service pw-template pw-template-name fdb | |
| Tree | fdb | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
auto-learn-mac-protect boolean
| Synopsis | Enable automatic update of MAC protect list | |
| Context | configure service pw-template pw-template-name fdb auto-learn-mac-protect boolean | |
| Tree | auto-learn-mac-protect | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
auto-learn-mac-protect-exclude-list named-item
| Synopsis | Name of the MAC protect exclusion list | |
| Context | configure service pw-template pw-template-name fdb auto-learn-mac-protect-exclude-list named-item | |
| Tree | auto-learn-mac-protect-exclude-list | |
Description | This command configures the name of a MAC protect exclusion list. Dynamically-learned MAC Source Addresses (SA) are protected if they are learned on an object with ALMP configured and no exclusion list is associated with the object, or if the MAC SA does not match any entry in an associated exclusion list. An exclusion list can be used in multiple objects of a service. If a list is empty, ALMP does not exclude any learned MAC SAs from protection on the object. | |
| String length | 1 to 32 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
discard-unknown-source boolean
| Synopsis | Discard frames with unknown source | |
| Context | configure service pw-template pw-template-name fdb discard-unknown-source boolean | |
| Tree | discard-unknown-source | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
limit-mac-move keyword
| Synopsis | MAC move limit | |
| Context | configure service pw-template pw-template-name fdb limit-mac-move keyword | |
| Tree | limit-mac-move | |
| Options | ||
| Default | blockable | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
mac-learning
| Synopsis | Enter the mac-learning context | |
| Context | configure service pw-template pw-template-name fdb mac-learning | |
| Tree | mac-learning | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
aging boolean
| Synopsis | Enable aging of MAC addresses | |
| Context | configure service pw-template pw-template-name fdb mac-learning aging boolean | |
| Tree | aging | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
learning boolean
| Synopsis | Enable learning of new MAC addresses | |
| Context | configure service pw-template pw-template-name fdb mac-learning learning boolean | |
| Tree | learning | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
mac-pinning boolean
| Synopsis | Enable MAC address pinning on this spoke SDP | |
| Context | configure service pw-template pw-template-name fdb mac-pinning boolean | |
| Tree | mac-pinning | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
maximum-mac-addresses number
| Synopsis | Maximum number of MAC address entries in the FDB | |
| Context | configure service pw-template pw-template-name fdb maximum-mac-addresses number | |
| Tree | maximum-mac-addresses | |
Description | This command specifies the maximum number of FDB entries for both learned and static MAC addresses for this PW template. When the configured limit is reached, no new addresses are learned from the SAP or spoke SDP until at least one FDB entry is aged out or cleared. When the configured limit is reached and the configure service pw-template fdb discard-unknown-source command is set to true for this PW template, packets with unknown source MAC addresses are discarded. If discard-unknown-source is set to false, the packets are forwarded if their destination MAC addresses are known, or flooded if their destination MAC addresses are unknown. However, if the configure service vpls fdb discard-unknown command is set to true, packets with unknown destination MAC addresses are discarded, even if the limit of FDB entries on the specific VPLS instance is not reached. When unconfigured, the PW template uses the global MAC learning limitations. | |
| Range | 1 to 511999 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
protected-src-mac-violation-action keyword
| Synopsis | Action for protected source MAC restriction | |
| Context | configure service pw-template pw-template-name fdb protected-src-mac-violation-action keyword | |
| Tree | protected-src-mac-violation-action | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
force-vc-forwarding keyword
| Synopsis | VC forwarding action | |
| Context | configure service pw-template pw-template-name force-vc-forwarding keyword | |
| Tree | force-vc-forwarding | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
hash-label
| Synopsis | Enable the hash-label context | |
| Context | configure service pw-template pw-template-name hash-label | |
| Tree | hash-label | |
Description | Commands in this context configure the use of hash labels for egress datapaths. For information about hash-label handling, see the "Hash labels" section of the 7705 SAR Gen 2 MPLS Guide. | |
Notes | The following elements are part of a choice: entropy-label or hash-label. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
signal-capability
| Synopsis | Signal hash label capability to the remote PE | |
| Context | configure service pw-template pw-template-name hash-label signal-capability | |
| Tree | signal-capability | |
Description | When configured, this command enables the signaling and negotiating of the hash label between the local and remote PE nodes. The signaling process outcome determines whether the local PE inserts the hash label on the user packets. This outcome can override the local PE configuration. The node must withdraw the label it sent to its peer and send a new label mapping message with the new value of the F-bit in the flow label interface option sub-TLV of the pseudowire ID FEC element. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
igmp-snooping
| Synopsis | Enter the igmp-snooping context | |
| Context | configure service pw-template pw-template-name igmp-snooping | |
| Tree | igmp-snooping | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
fast-leave boolean
| Synopsis | Allow IGMP fast leave processing | |
| Context | configure service pw-template pw-template-name igmp-snooping fast-leave boolean | |
| Tree | fast-leave | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
import-policy named-item
| Synopsis | Import policy that filters IGMP packets | |
| Context | configure service pw-template pw-template-name igmp-snooping import-policy named-item | |
| Tree | import-policy | |
| String length | 1 to 32 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
maximum-number-groups number
| Synopsis | Maximum multicast groups | |
| Context | configure service pw-template pw-template-name igmp-snooping maximum-number-groups number | |
| Tree | maximum-number-groups | |
| Range | 1 to 1000 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
query-interval number
| Synopsis | Time between two consecutive host-query messages | |
| Context | configure service pw-template pw-template-name igmp-snooping query-interval number | |
| Tree | query-interval | |
| Range | 2 to 1024 | |
| Units | seconds | |
| Default | 125 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
query-last-member-interval number
| Synopsis | Time between group-specific query messages | |
| Context | configure service pw-template pw-template-name igmp-snooping query-last-member-interval number | |
| Tree | query-last-member-interval | |
| Range | 1 to 50 | |
| Units | deciseconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
query-response-interval number
| Synopsis | Time to wait for a response to the host-query messages | |
| Context | configure service pw-template pw-template-name igmp-snooping query-response-interval number | |
| Tree | query-response-interval | |
| Range | 1 to 1023 | |
| Units | seconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
robust-count number
| Synopsis | Number of retries after expected message loss | |
| Context | configure service pw-template pw-template-name igmp-snooping robust-count number | |
| Tree | robust-count | |
| Range | 2 to 7 | |
| Default | 2 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
send-queries boolean
| Synopsis | Generate IGMP general queries | |
| Context | configure service pw-template pw-template-name igmp-snooping send-queries boolean | |
| Tree | send-queries | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
version keyword
| Synopsis | IGMP version | |
| Context | configure service pw-template pw-template-name igmp-snooping version keyword | |
| Tree | version | |
| Options | ||
| Default | 3 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
ingress
| Synopsis | Enter the ingress context | |
| Context | configure service pw-template pw-template-name ingress | |
| Tree | ingress | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
filter
| Synopsis | Enter the filter context | |
| Context | configure service pw-template pw-template-name ingress filter | |
| Tree | filter | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ip named-item-64
ipv6 named-item-64
mac named-item-64
qos
| Synopsis | Enter the qos context | |
| Context | configure service pw-template pw-template-name ingress qos | |
| Tree | qos | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
network
fp-redirect-group
| Synopsis | Enter the fp-redirect-group context | |
| Context | configure service pw-template pw-template-name ingress qos network fp-redirect-group | |
| Tree | fp-redirect-group | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
group-name named-item
| Synopsis | Name of the forwarding plane queue group template | |
| Context | configure service pw-template pw-template-name ingress qos network fp-redirect-group group-name named-item | |
| Tree | group-name | |
| String length | 1 to 32 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
instance number
| Synopsis | Instance for FP ingress queue group | |
| Context | configure service pw-template pw-template-name ingress qos network fp-redirect-group instance number | |
| Tree | instance | |
| Range | 1 to 65535 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
policy-name named-item-64
| Synopsis | Network policy ID | |
| Context | configure service pw-template pw-template-name ingress qos network policy-name named-item-64 | |
| Tree | policy-name | |
| String length | 1 to 64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
l2pt
| Synopsis | Enter the l2pt context | |
| Context | configure service pw-template pw-template-name l2pt | |
| Tree | l2pt | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
termination
| Synopsis | Enable the termination context | |
| Context | configure service pw-template pw-template-name l2pt termination | |
| Tree | termination | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
protocols
| Synopsis | Enter the protocols context | |
| Context | configure service pw-template pw-template-name l2pt termination protocols | |
| Tree | protocols | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cdp boolean
| Synopsis | Enable Cisco discovery protocol | |
| Context | configure service pw-template pw-template-name l2pt termination protocols cdp boolean | |
| Tree | cdp | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
dtp boolean
| Synopsis | Enable dynamic trunking protocol | |
| Context | configure service pw-template pw-template-name l2pt termination protocols dtp boolean | |
| Tree | dtp | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
pagp boolean
| Synopsis | Enable port aggregation protocol | |
| Context | configure service pw-template pw-template-name l2pt termination protocols pagp boolean | |
| Tree | pagp | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
stp boolean
| Synopsis | Enable all spanning tree protocols | |
| Context | configure service pw-template pw-template-name l2pt termination protocols stp boolean | |
| Tree | stp | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
udld boolean
| Synopsis | Enable unidirectional link detection | |
| Context | configure service pw-template pw-template-name l2pt termination protocols udld boolean | |
| Tree | udld | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
vtp boolean
| Synopsis | Enable virtual trunk protocol | |
| Context | configure service pw-template pw-template-name l2pt termination protocols vtp boolean | |
| Tree | vtp | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
path-mtu number
| Synopsis | MTU the SDP can transmit | |
| Context | configure service pw-template pw-template-name path-mtu number | |
| Tree | path-mtu | |
Description | This command configures the path MTU that the SDP can transmit. When an SDP created using the PW template is in use by a service, the path MTU cannot be modified. When not configured, the path MTU is derived from the network interface IP MTU. | |
| Range | 576 to 9782 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
provisioned-sdp keyword
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Provisioned SDP type | |
| Context | configure service pw-template pw-template-name provisioned-sdp keyword | |
| Tree | provisioned-sdp | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
pw-template-id number
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | PW template ID | |
| Context | configure service pw-template pw-template-name pw-template-id number | |
| Tree | pw-template-id | |
| Range | 1 to 2147483647 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
sdp-exclude [group-name] reference
| Synopsis | Add a list entry for sdp-exclude | |
| Context | configure service pw-template pw-template-name sdp-exclude reference | |
| Tree | sdp-exclude | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[group-name] reference
| Synopsis | SDP group name | |
| Context | configure service pw-template pw-template-name sdp-exclude reference | |
| Tree | sdp-exclude | |
Reference | configure service sdp-group group-name named-item | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
sdp-include [group-name] reference
| Synopsis | Add a list entry for sdp-include | |
| Context | configure service pw-template pw-template-name sdp-include reference | |
| Tree | sdp-include | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[group-name] reference
| Synopsis | SDP group name | |
| Context | configure service pw-template pw-template-name sdp-include reference | |
| Tree | sdp-include | |
Reference | configure service sdp-group group-name named-item | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
split-horizon-group
| Synopsis | Enter the split-horizon-group context | |
| Context | configure service pw-template pw-template-name split-horizon-group | |
| Tree | split-horizon-group | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
description description
| Synopsis | Text description | |
| Context | configure service pw-template pw-template-name split-horizon-group description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
fdb
| Synopsis | Enter the fdb context | |
| Context | configure service pw-template pw-template-name split-horizon-group fdb | |
| Tree | fdb | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
saps
| Synopsis | Enter the saps context | |
| Context | configure service pw-template pw-template-name split-horizon-group fdb saps | |
| Tree | saps | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
auto-learn-mac-protect boolean
| Synopsis | Enable automatic update of MAC protect list | |
| Context | configure service pw-template pw-template-name split-horizon-group fdb saps auto-learn-mac-protect boolean | |
| Tree | auto-learn-mac-protect | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
discard-unprotected-dest-mac boolean
| Synopsis | Enable/disable unprotected dest MAC restriction | |
| Context | configure service pw-template pw-template-name split-horizon-group fdb saps discard-unprotected-dest-mac boolean | |
| Tree | discard-unprotected-dest-mac | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
protected-src-mac-violation-action keyword
| Synopsis | Action for protected source MAC restriction | |
| Context | configure service pw-template pw-template-name split-horizon-group fdb saps protected-src-mac-violation-action keyword | |
| Tree | protected-src-mac-violation-action | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
name named-item
| Synopsis | Split horizon group name to which the SDP belongs | |
| Context | configure service pw-template pw-template-name split-horizon-group name named-item | |
| Tree | name | |
| String length | 1 to 32 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
stp
| Synopsis | Enter the stp context | |
| Context | configure service pw-template pw-template-name stp | |
| Tree | stp | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of STP | |
| Context | configure service pw-template pw-template-name stp admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
auto-edge boolean
| Synopsis | Enable automatic detection of edge port characteristics | |
| Context | configure service pw-template pw-template-name stp auto-edge boolean | |
| Tree | auto-edge | |
Description | When configured to true, the router automatically detects the edge port characteristics of the SAP or spoke SDP. The STP concludes there is no bridge behind the spoke SDP, the OPER_EDGE variable is dynamically set to true. If a BPDU is received, the OPER_EDGE variable is dynamically set to false. When configured to false, the router disables automatic detection. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
edge-port boolean
| Synopsis | Designate SAP or SDP as an edge port | |
| Context | configure service pw-template pw-template-name stp edge-port boolean | |
| Tree | edge-port | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
link-type keyword
| Synopsis | Configure STP link-type | |
| Context | configure service pw-template pw-template-name stp link-type keyword | |
| Tree | link-type | |
| Options | ||
| Default | pt-pt | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
path-cost number
| Synopsis | Configure path-cost | |
| Context | configure service pw-template pw-template-name stp path-cost number | |
| Tree | path-cost | |
| Range | 1 to 200000000 | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
priority number
| Synopsis | Configure STP priority | |
| Context | configure service pw-template pw-template-name stp priority number | |
| Tree | priority | |
| Range | 0 to 255 | |
| Default | 128 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
root-guard boolean
| Synopsis | Enable/disable STP root-guard | |
| Context | configure service pw-template pw-template-name stp root-guard boolean | |
| Tree | root-guard | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
vc-type keyword
| Synopsis | Virtual circuit type associated with the SDP bind | |
| Context | configure service pw-template pw-template-name vc-type keyword | |
| Tree | vc-type | |
| Options | ||
| Default | ether | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
vlan-vc-tag number
| Synopsis | VLAN VC tag | |
| Context | configure service pw-template pw-template-name vlan-vc-tag number | |
| Tree | vlan-vc-tag | |
| Range | 0 to 4094 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
sdp [sdp-id] number
[sdp-id] number
accounting-policy reference
| Synopsis | Accounting policy associated with an SDP | |
| Context | configure service sdp number accounting-policy reference | |
| Tree | accounting-policy | |
Description | This command associates an accounting policy with an SDP. When unconfigured, there is no accounting policy applied to the SDP. | |
Reference | configure log accounting-policy number | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the SDP | |
| Context | configure service sdp number admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
adv-mtu-override boolean
| Synopsis | Override the advertised VC-type MTU using the SDP ID | |
| Context | configure service sdp number adv-mtu-override boolean | |
| Tree | adv-mtu-override | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
allow-fragmentation boolean
| Synopsis | Allow packets to be sent without setting DF bit | |
| Context | configure service sdp number allow-fragmentation boolean | |
| Tree | allow-fragmentation | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
bgp-tunnel boolean
| Synopsis | Allow use of BGP route tunnels to reach far-end nodes | |
| Context | configure service sdp number bgp-tunnel boolean | |
| Tree | bgp-tunnel | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
booking-factor number
| Synopsis | Percentage of SDP max available bandwidth for VLL CAC | |
| Context | configure service sdp number booking-factor number | |
| Tree | booking-factor | |
| Range | 0 to 1000 | |
| Default | 100 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
collect-stats boolean
| Synopsis | Collect accounting statistics for this SDP | |
| Context | configure service sdp number collect-stats boolean | |
| Tree | collect-stats | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
delivery-type keyword
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Delivery type used by the SDP | |
| Context | configure service sdp number delivery-type keyword | |
| Tree | delivery-type | |
| Options | ||
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
description description
| Synopsis | Text description | |
| Context | configure service sdp number description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
far-end
ip-address (ipv4-address-no-zone | ipv6-address-no-zone)
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | IP address of the far end destination router | |
| Context | configure service sdp number far-end ip-address (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | ip-address | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
keep-alive
| Synopsis | Enter the keep-alive context | |
| Context | configure service sdp number keep-alive | |
| Tree | keep-alive | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of keepalive mechanism for the SDP | |
| Context | configure service sdp number keep-alive admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
hello-time number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Time period between SDP keepalive messages | |
| Context | configure service sdp number keep-alive hello-time number | |
| Tree | hello-time | |
| Range | 1 to 3600 | |
| Units | seconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
hold-down-time number
| Synopsis | Minimum time the SDP remains in the down state | |
| Context | configure service sdp number keep-alive hold-down-time number | |
| Tree | hold-down-time | |
| Range | 0 to 3600 | |
| Units | seconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
maximum-drop-count number
| Synopsis | Maximum failed request attempts when SDP is down | |
| Context | configure service sdp number keep-alive maximum-drop-count number | |
| Tree | maximum-drop-count | |
| Range | 1 to 5 | |
| Default | 3 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
message-length number
| Synopsis | Length of the keepalive request messages transmitted | |
| Context | configure service sdp number keep-alive message-length number | |
| Tree | message-length | |
| Range | 40 to 9198 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
timeout number
| Synopsis | Time SDP waits before tearing down the session | |
| Context | configure service sdp number keep-alive timeout number | |
| Tree | timeout | |
| Range | 1 to 10 | |
| Units | seconds | |
| Default | 5 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ldp boolean
local-end (ipv4-address-no-zone | ipv6-address-no-zone)
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Local end address of tunnel defined by the SDP | |
| Context | configure service sdp number local-end (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | local-end | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
lsp [lsp-name] named-item-64
[lsp-name] named-item-64
metric number
mixed-lsp-mode
| Synopsis | Enable the mixed-lsp-mode context | |
| Context | configure service sdp number mixed-lsp-mode | |
| Tree | mixed-lsp-mode | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
revert-time (number | keyword)
| Synopsis | Delay before SDP can revert to higher priority LSP type | |
| Context | configure service sdp number mixed-lsp-mode revert-time (number | keyword) | |
| Tree | revert-time | |
| Range | 1 to 600 | |
| Units | seconds | |
| Options | ||
| Default | immediate | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
network-domain reference
| Synopsis | Network domain name associated with the SDP | |
| Context | configure service sdp number network-domain reference | |
| Tree | network-domain | |
Reference | configure router named-item-64 network-domains network-domain named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
path-mtu number
sdp-group [group-name] reference
[group-name] reference
signaling keyword
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Signaling protocol used to obtain pseudowire labels | |
| Context | configure service sdp number signaling keyword | |
| Tree | signaling | |
Description | This command specifies the signaling protocol used to obtain the ingress and egress pseudowire labels in frames transmitted and received on the SDP. The signaling value can only be changed while the administrative status of the SDP is down. Additionally, the signaling can only be changed on an SDP if the SDP is not in use by BGP-AD or BGP-VPLS. BGP signaling can only be enabled if the SDP does not already have pseudowires signaled over it. Also, BGP signaling is not supported with mixed mode LSP SDPs. Note: If the tldp option is selected as the mechanism for exchanging service labels over an MPLS or GRE SDP and the T-LDP session is automatically established, an explicit T-LDP session that is subsequently configured takes precedence over the automatic T-LDP session. However, if the explicit, manually-configured session is then removed, the system does not revert to the automatic session and the automatic session is also deleted. To address this, recreate the T-LDP session by using the admin-state command to administratively disable and then enable the SDP. | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
sr-isis boolean
sr-ospf boolean
tunnel-far-end (ipv4-address-no-zone | ipv6-address-no-zone)
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | System address of the far-end router for the SDP | |
| Context | configure service sdp number tunnel-far-end (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | tunnel-far-end | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
vlan-vc-etype etype-value
| Synopsis | VLAN VC Ethertype | |
| Context | configure service sdp number vlan-vc-etype etype-value | |
| Tree | vlan-vc-etype | |
| String length | 5 to 6 | |
| Default | 0x8100 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
weighted-ecmp boolean
| Synopsis | Allow weighted load-balancing on an SDP | |
| Context | configure service sdp number weighted-ecmp boolean | |
| Tree | weighted-ecmp | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
sdp-group
group-name [group-name] named-item
| Synopsis | Enter the group-name list instance | |
| Context | configure service sdp-group group-name named-item | |
| Tree | group-name | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[group-name] named-item
| Synopsis | SDP administrative group name | |
| Context | configure service sdp-group group-name named-item | |
| Tree | group-name | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
value number
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Unique group value associated with the SDP admin group | |
| Context | configure service sdp-group group-name named-item value number | |
| Tree | value | |
| Range | 0 to 31 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
system
bgp
evpn
ad-per-es-route
| Synopsis | Enter the ad-per-es-route context | |
| Context | configure service system bgp evpn ad-per-es-route | |
| Tree | ad-per-es-route | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
extended-evi-range boolean
| Synopsis | Reserve extended RD comm-values for AD per-ES routes | |
| Context | configure service system bgp evpn ad-per-es-route extended-evi-range boolean | |
| Tree | extended-evi-range | |
Description | When configured to true, the system reserves the Route Distinguisher (RD) comm-values 1 to 65535 out of the type 1 RD that is used for AD per-ES routes. If ad-per-es-route route-target-type is also configured to evi-route-target-set, the system can pack the maximum number of EVI route targets in the AD per-ES routes When configured to false, this command only reserves comm-values 1 to 512. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
route-distinguisher-ip-address ipv4-address
| Synopsis | IP address for route distinguisher for EVPN AD-ES routes | |
| Context | configure service system bgp evpn ad-per-es-route route-distinguisher-ip-address ipv4-address | |
| Tree | route-distinguisher-ip-address | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
route-target-type keyword
| Synopsis | Method for the AD per-ES routes advertisement | |
| Context | configure service system bgp evpn ad-per-es-route route-target-type keyword | |
| Tree | route-target-type | |
| Options | ||
| Default | evi-route-target | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ad-per-evi-routes
| Synopsis | Enter the ad-per-evi-routes context | |
| Context | configure service system bgp evpn ad-per-evi-routes | |
| Tree | ad-per-evi-routes | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
attribute-propagation boolean
| Synopsis | Enable propagation of BGP path attributes | |
| Context | configure service system bgp evpn ad-per-evi-routes attribute-propagation boolean | |
| Tree | attribute-propagation | |
Description | When configured to true, the router propagates the attributes in multi-instance Epipe services. When configured to false, the router disables the propagation of the attributes, including D-PATH, even if the domain-id is configured in the service. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
bgp-path-selection boolean
| Synopsis | Enable BGP path selection | |
| Context | configure service system bgp evpn ad-per-evi-routes bgp-path-selection boolean | |
| Tree | bgp-path-selection | |
Description | When configured to true, the router compares the received EVPN VPWS AD per-EVI routes based on the BGP path attributes. The attribute-propagation command must be configured to true. When configured to false, the router does not compare the routes. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
d-path-ignore boolean
| Synopsis | Ignore D-PATH for BGP path selection | |
| Context | configure service system bgp evpn ad-per-evi-routes d-path-ignore boolean | |
| Tree | d-path-ignore | |
Description | When configured to true, the router ignores the Domain PATH attribute (D-PATH) when BGP computes the best path selection for received routes. When configured to false, the router considers the D-PATH length and value as a tiebreaker in determining the best-path selection. In accordance with draft-sr-bess-evpn-dpath, the router compares the D-PATH attribute received in AD per-EVI routes with the same key (same or different RD) as follows:
| |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
etree-leaf-label boolean
| Synopsis | Enable E-Tree leaf label for PE | |
| Context | configure service system bgp evpn etree-leaf-label boolean | |
| Tree | etree-leaf-label | |
Description | When configured to true, this command enables EVPN Ethernet-Tree (E-Tree) VPLS services on the router (not B-VPLS), allocates an E-Tree leaf label for the Provider Edge (PE) device, and configures the ILM entry.This command ensures that in-flight traffic can perform an ILM entry lookup at any time, and avoids discards when administratively enabling or disabling services, or reduces the timing window so that it does not occur during normal operation or configuration. The value for the E-Tree leaf label is set via the etree-leaf-label-value command. When configured to false, PE leaf labels are not supported. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
etree-leaf-label-value (number | keyword)
| Synopsis | Global E-tree leaf label for PE in EVPN E-Tree services | |
| Context | configure service system bgp evpn etree-leaf-label-value (number | keyword) | |
| Tree | etree-leaf-label-value | |
| Range | 32 to 524526 | |
| Options | ||
| Default | dynamic | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ip-prefix-routes
| Synopsis | Enter the ip-prefix-routes context | |
| Context | configure service system bgp evpn ip-prefix-routes | |
| Tree | ip-prefix-routes | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
interface-ful
| Synopsis | Enter the interface-ful context | |
| Context | configure service system bgp evpn ip-prefix-routes interface-ful | |
| Tree | interface-ful | |
Description | Commands in this context configure IP prefix routes for Interface-ful (IFF) configurations. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
attribute-uniform-propagation boolean
| Synopsis | Enable attribute uniform propagation | |
| Context | configure service system bgp evpn ip-prefix-routes interface-ful attribute-uniform-propagation boolean | |
| Tree | attribute-uniform-propagation | |
Description | When configured to true, the system enables the uniform propagation of BGP attributes for EVPN-IFF routes. When configured to false, the system re-originates the BGP path attributes when propagating EVPN-IFF routes into other inter-subnet forwarding families. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
bgp-path-selection boolean
| Synopsis | Enable BGP path selection | |
| Context | configure service system bgp evpn ip-prefix-routes interface-ful bgp-path-selection boolean | |
| Tree | bgp-path-selection | |
Description | When configured to true, the system enables BGP path selection for EVPN-IFF routes. The EVPN-IFF routes are ordered and selected in a similar manner as IP-VPN or EVPN-IFL routes, that is, based on the regular BGP path selection process. When configured to false, the system orders EVPN-IFF routes based on their {R-VPLS Ifindex, RD, Ethernet Tag}. For example, if two EVPN-IFF routes with different Route Distinguishers (RDs) are received for the same prefix on the same R-VPLS, the route with the lowest RD is selected. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
d-path-length-ignore boolean
| Synopsis | Ignore the D-PATH length when using BGP path selection | |
| Context | configure service system bgp evpn ip-prefix-routes interface-ful d-path-length-ignore boolean | |
| Tree | d-path-length-ignore | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
multicast-leave-sync-propagation number
| Synopsis | Multicast leave group synchronization delay | |
| Context | configure service system bgp evpn multicast-leave-sync-propagation number | |
| Tree | multicast-leave-sync-propagation | |
Description | This command configures the additional amount of time that the system waits before removing a multicast state that was synchronized in an Ethernet Segment via Multicast Join or Leave Synch routes. This value represents a delta corresponding to the time it takes for a BGP advertisement to propagate to ES peers. The node triggering the route computes the maximum response time as the product of the locally configured values, Last Member Query Count and Last Member Query Interval, and adds the delta value to the maximum response time. The query count value is configured in the configure services vrpn igmp robust-count command. The query interval value is taken from the configure service vpls sap igmp-snooping query-last-member-interval or the configure service vpls spoke-sdp igmp-snooping query-last-member-interval configuration, depending on the Ethernet Segment. Increasing the maximum response time by this value can help minimize the churn of removing and recreating the state on the node. This value should be configured consistently in all ES peers. | |
| Range | 0 to 300 | |
| Units | seconds | |
| Default | 5 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
route-distinguisher vpn-route-distinguisher
| Synopsis | Route distinguisher for ES routes | |
| Context | configure service system bgp evpn route-distinguisher vpn-route-distinguisher | |
| Tree | route-distinguisher | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bgp-auto-rd-range
| Synopsis | Enter the bgp-auto-rd-range context | |
| Context | configure service system bgp-auto-rd-range | |
| Tree | bgp-auto-rd-range | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
community-value
| Synopsis | Enter the community-value context | |
| Context | configure service system bgp-auto-rd-range community-value | |
| Tree | community-value | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
end number
| Synopsis | Upper bound of BGP route distinguisher community range | |
| Context | configure service system bgp-auto-rd-range community-value end number | |
| Tree | end | |
| Range | 1 to 65535 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
start number
| Synopsis | Lower bound of BGP route distinguisher community range | |
| Context | configure service system bgp-auto-rd-range community-value start number | |
| Tree | start | |
| Range | 1 to 65535 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ip-address ipv4-address
| Synopsis | IP address used for selecting the route distinguisher | |
| Context | configure service system bgp-auto-rd-range ip-address ipv4-address | |
| Tree | ip-address | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
fdb
table-size number
| Synopsis | Maximum FDB entries in the system | |
| Context | configure service system fdb table-size number | |
| Tree | table-size | |
Description | This command configures the maximum system FDB table size, which is dependent on the chassis type. CPMs with at least 16 GB of memory are required when exceeding 500 000 MAC addresses in a system. This command cannot be set to a value lower than the default, which is chassis-dependent. The maximum system FDB table size also limits the maximum FDB table size of any card within the system. The command default depends on the chassis type and available memory. | |
| Range | 4095 to 2047999 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
vpn-gre-source-ip ipv4-unicast-address
| Synopsis | VPN GRE source ip-address | |
| Context | configure service system vpn-gre-source-ip ipv4-unicast-address | |
| Tree | vpn-gre-source-ip | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
vpls [service-name] service-name
[service-name] service-name
admin-state keyword
| Synopsis | Administrative state of the service | |
| Context | configure service vpls service-name admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bgp [bgp-instance] number
[bgp-instance] number
adv-service-mtu number
| Synopsis | Advertised service MTU value | |
| Context | configure service vpls service-name bgp number adv-service-mtu number | |
| Tree | adv-service-mtu | |
Description | This command configures the MTU signaled value used in the BGP for BGP-VPLS service and in the LDP for BGP-AD service. The router uses the value for signaling and for validation with the received MTU instead of the service MTU. However, the value does not affect the locally enforced value, which is still based on the service MTU. | |
| Range | 0 to 9782 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
pw-template-binding [pw-template-name] reference
| Synopsis | Enter the pw-template-binding list instance | |
| Context | configure service vpls service-name bgp number pw-template-binding reference | |
| Tree | pw-template-binding | |
| Max. instances | 100 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[pw-template-name] reference
| Synopsis | Policy name | |
| Context | configure service vpls service-name bgp number pw-template-binding reference | |
| Tree | pw-template-binding | |
Reference | configure service pw-template pw-template-name | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
import-rt route-target
monitor-oper-group reference
| Synopsis | Operational group to monitor | |
| Context | configure service vpls service-name bgp number pw-template-binding reference monitor-oper-group reference | |
| Tree | monitor-oper-group | |
Reference | configure service oper-group named-item | |
Notes | The following elements are part of a choice: monitor-oper-group or oper-group. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
oper-group reference
| Synopsis | Operational group | |
| Context | configure service vpls service-name bgp number pw-template-binding reference oper-group reference | |
| Tree | oper-group | |
Reference | configure service oper-group named-item | |
Notes | The following elements are part of a choice: monitor-oper-group or oper-group. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
split-horizon-group named-item
| Synopsis | Split horizon group | |
| Context | configure service vpls service-name bgp number pw-template-binding reference split-horizon-group named-item | |
| Tree | split-horizon-group | |
| String length | 1 to 32 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
route-distinguisher (keyword | vpn-route-distinguisher)
| Synopsis | High-order 6 bytes that are used as string to compose VSI-ID for use in NLRI | |
| Context | configure service vpls service-name bgp number route-distinguisher (keyword | vpn-route-distinguisher) | |
| Tree | route-distinguisher | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
route-target
| Synopsis | Enter the route-target context | |
| Context | configure service vpls service-name bgp number route-target | |
| Tree | route-target | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
export route-target
import route-target
vsi-export reference
| Synopsis | VSI export policies | |
| Context | configure service vpls service-name bgp number vsi-export reference | |
| Tree | vsi-export | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
vsi-import reference
| Synopsis | VSI import policies | |
| Context | configure service vpls service-name bgp number vsi-import reference | |
| Tree | vsi-import | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bgp-ad
admin-state keyword
| Synopsis | Administrative state of BGP Auto-Discovery | |
| Context | configure service vpls service-name bgp-ad admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
vpls-id vpls-id
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | VPLS identifier as a 8-byte route distinguisher | |
| Context | configure service vpls service-name bgp-ad vpls-id vpls-id | |
| Tree | vpls-id | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
vsi-id-prefix ipv4-address
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | VSI prefix value | |
| Context | configure service vpls service-name bgp-ad vsi-id-prefix ipv4-address | |
| Tree | vsi-id-prefix | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
bgp-evpn
evi number
| Synopsis | EVPN ID | |
| Context | configure service vpls service-name bgp-evpn evi number | |
| Tree | evi | |
Description | This command configures a 2-byte EVPN instance (EVI) unique in the system. It is used for the service-carving algorithm for multi-homing and auto-deriving route target and route distinguishers. If not specified, the EVPN ID value is zero and no route distinguisher or route targets are auto-derived from it. If the EVI ID value is specified and no other route-distinguisher or route-target is configured in the service, the following rules apply:
If VSI import and export policies are configured, the route target must be configured in the policies and those values take precedence over the auto-derived route targets. If bgp-ad vpls-id and bgp-evpn evi are both configured on the same service, the VPLS ID auto-derived route target or route distinguisher takes precedence over the values auto-derived from the EVI. Use the show service id bgp command to display the operational route target for a service. | |
| Range | 1 to 16777215 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ignore-mtu-mismatch boolean
| Synopsis | Ignore MTU mismatch | |
| Context | configure service vpls service-name bgp-evpn ignore-mtu-mismatch boolean | |
| Tree | ignore-mtu-mismatch | |
Description | When configured to true, the system ignores the received Layer 2 MTU in the L2 Attributes extended community of the IMET route for a peer. When configured to false, the system compares the local service MTU against the received Layer 2 MTU and if there is a mismatch, keeps the EVPN destination to the peer with operational state down. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
incl-mcast-orig-ip ipv4-unicast-address
| Synopsis | Originating IP address | |
| Context | configure service vpls service-name bgp-evpn incl-mcast-orig-ip ipv4-unicast-address | |
| Tree | incl-mcast-orig-ip | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mac-duplication
| Synopsis | Enter the mac-duplication context | |
| Context | configure service vpls service-name bgp-evpn mac-duplication | |
| Tree | mac-duplication | |
Description | Commands in this context configure the BGP EVPN MAC duplication command options. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
blackhole boolean
detect
num-moves number
trusted-mac-move-factor number
| Synopsis | Trusted MAC move factor | |
| Context | configure service vpls service-name bgp-evpn mac-duplication detect trusted-mac-move-factor number | |
| Tree | trusted-mac-move-factor | |
Description | This command configures the factor by which the number of moves is multiplied when detecting a MAC duplication event for trusted MACs. For example, if the number of moves is 5 and the trusted MAC move factor is 3, 5 moves, within the window, is enough to declare a non-trusted MAC as duplicate. However, 15 moves are needed to declare a trusted MAC as duplicate. By default the factor for a trusted MAC is the same as for a non-trusted MAC. This provides a backwards compatible solution upon upgrade of the node. | |
| Range | 1 to 10 | |
| Default | 1 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
window number
retry (number | keyword)
trusted-mac-time number
| Synopsis | Trusted MAC time | |
| Context | configure service vpls service-name bgp-evpn mac-duplication trusted-mac-time number | |
| Tree | trusted-mac-time | |
Description | This command configures how long a MAC address needs to stay in the FDB as type learned without being flushed or changed in its type so the MAC is declared as trusted for the MAC duplication procedures. If the MAC changes from SAP to SAP within the same VPLS service and node, the MAC does not reset its trusted MAC timer. | |
| Range | 1 to 15 | |
| Units | minutes | |
| Default | 5 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mpls [bgp-instance] number
[bgp-instance] number
admin-state keyword
| Synopsis | Administrative state of BGP EVPN MPLS | |
| Context | configure service vpls service-name bgp-evpn mpls number admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
auto-bind-tunnel
| Synopsis | Enter the auto-bind-tunnel context | |
| Context | configure service vpls service-name bgp-evpn mpls number auto-bind-tunnel | |
| Tree | auto-bind-tunnel | |
Description | Commands in this context configure automatic binding of a VPRN service using tunnels to MP-BGP peers. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
allow-flex-algo-fallback boolean
| Synopsis | Enable flexible algorithm fallback | |
| Context | configure service vpls service-name bgp-evpn mpls number auto-bind-tunnel allow-flex-algo-fallback boolean | |
| Tree | allow-flex-algo-fallback | |
Description | When configured to true, a BGP router with a Flex-Algorithm action configured (via the configure policy-options policy-statement entry action flex-algo command) can resolve to a tunnel with algorithm 0 if no target Flex-Algorithm tunnel is available. When configured to false, the BGP router can resolve only to the intended Flex-Algorithm tunnel, which may cause traffic loss if no corresponding Flex-Algorithm tunnel is available. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ecmp number
enforce-strict-tunnel-tagging boolean
| Synopsis | Enable/disable enforcement of strict tunnel tagging | |
| Context | configure service vpls service-name bgp-evpn mpls number auto-bind-tunnel enforce-strict-tunnel-tagging boolean | |
| Tree | enforce-strict-tunnel-tagging | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
enforce-untagged-route keyword
| Synopsis | Untagged route type enforcement | |
| Context | configure service vpls service-name bgp-evpn mpls number auto-bind-tunnel enforce-untagged-route keyword | |
| Tree | enforce-untagged-route | |
Description | This command configures the enforcement of BGP routes with no administrative tag policy applied by modifying the next-hop resolution behavior for autobind services. If the untagged-tunnel option is configured, untagged routes only bind to LSPs with no administrative tag configured. If both tagged and untagged tunnels to the next hop exist, the system only considers the untagged tunnels. If no untagged tunnels to the next hop exist, the resolution of untagged routes fails. The untagged-tunnel option can be used in combination with the enforce-strict-tunnel-tagging command configured to true, in which case tagged routes resolve to tagged LSPs, and untagged routes only resolve to untagged LSPs. When unconfigured, untagged routes can bind to tagged or untagged LSPs. | |
| Options | none – Untagged routes can bind to tagged or untagged LSPs untagged-tunnel – Untagged routes only bind to LSPs without an admin tag | |
| Default | none | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
resolution keyword
| Synopsis | Resolution method for tunnel selection | |
| Context | configure service vpls service-name bgp-evpn mpls number auto-bind-tunnel resolution keyword | |
| Tree | resolution | |
| Options | ||
| Default | none | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
resolution-filter
| Synopsis | Enter the resolution-filter context | |
| Context | configure service vpls service-name bgp-evpn mpls number auto-bind-tunnel resolution-filter | |
| Tree | resolution-filter | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bgp boolean
| Synopsis | Use BGP tunneling for next-hop resolution | |
| Context | configure service vpls service-name bgp-evpn mpls number auto-bind-tunnel resolution-filter bgp boolean | |
| Tree | bgp | |
Description | When configured to true, BGP searches the BGP LSP for the address of the BGP next hop. When configured to false, BGP tunneling is not used and inter-area or inter-as prefixes are not resolved. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ldp boolean
| Synopsis | Use LDP tunneling for next-hop resolution | |
| Context | configure service vpls service-name bgp-evpn mpls number auto-bind-tunnel resolution-filter ldp boolean | |
| Tree | ldp | |
Description | When configured to true, BGP searches for an LDP LSP with a FEC prefix corresponding to the address of the BGP next hop. When configured to false, LDP tunneling is not used for next-hop resolution. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
rsvp boolean
| Synopsis | Use RSVP tunneling for next-hop resolution | |
| Context | configure service vpls service-name bgp-evpn mpls number auto-bind-tunnel resolution-filter rsvp boolean | |
| Tree | rsvp | |
Description | When configured to true, BGP searches the best metric RSVP LSP to determine the address of the BGP next hop. This address can correspond to the system interface or to another loopback interface used by the BGP instance on the remote node. The LSP metric is provided by MPLS in the tunnel table. In the case of multiple RSVP LSPs with the same lowest metric, BGP selects the LSP with the lowest tunnel ID. When configured to false, the RSVP LSP is not used for next-hop resolution. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
sr-isis boolean
| Synopsis | Use IS-IS SR tunneling for next-hop resolution | |
| Context | configure service vpls service-name bgp-evpn mpls number auto-bind-tunnel resolution-filter sr-isis boolean | |
| Tree | sr-isis | |
Description | When configured to true, BGP uses an IS-IS tunnel type to resolve the BGP next hop. When the sr-isis command is enabled, an SR tunnel to the BGP next hop is selected in the TTM according to the following procedure.
When configured to false, IS-IS tunneling is not used for next-hop resolution. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
sr-ospf boolean
| Synopsis | Use OSPF SR tunneling for next-hop resolution | |
| Context | configure service vpls service-name bgp-evpn mpls number auto-bind-tunnel resolution-filter sr-ospf boolean | |
| Tree | sr-ospf | |
Description | When configured to true, BGP uses an OSPF tunnel type to resolve the BGP next hop. When enabled, an SR tunnel to the BGP next hop is selected in the TTM according to the following procedure.
When configured to false, OSPF tunneling is not used for next-hop resolution. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
sr-ospf3 boolean
| Synopsis | Use OSPFv3 SR tunneling for next-hop resolution | |
| Context | configure service vpls service-name bgp-evpn mpls number auto-bind-tunnel resolution-filter sr-ospf3 boolean | |
| Tree | sr-ospf3 | |
Description | When configured to true, BGP uses an OSPF3 tunnel type to resolve the BGP next hop. When enabled, an SR tunnel to the BGP next hop is selected in the TTM according to the following procedure.
When configured to false, OSPF3 tunneling is not used for next-hop resolution. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
sr-policy boolean
| Synopsis | Use SR policies for next-hop resolution | |
| Context | configure service vpls service-name bgp-evpn mpls number auto-bind-tunnel resolution-filter sr-policy boolean | |
| Tree | sr-policy | |
Description | When configured to true, this command enables the use of SR policies to resolve the next hop of BGP-EVPN service routes. This command configures BGP to search for an SR policy with:
| |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
sr-te boolean
| Synopsis | Use SR-TE tunneling for next-hop resolution | |
| Context | configure service vpls service-name bgp-evpn mpls number auto-bind-tunnel resolution-filter sr-te boolean | |
| Tree | sr-te | |
Description | When configured to true, BGP uses an SR-TE tunnel type to resolve the BGP next hop. In the case of multiple SR-TE tunnels with the same lowest metric, BGP selects the tunnel with the lowest tunnel ID. When configured to false, SR-TE tunneling is not used for next-hop resolution. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
weighted-ecmp boolean
| Synopsis | Allow weighted load balancing | |
| Context | configure service vpls service-name bgp-evpn mpls number auto-bind-tunnel weighted-ecmp boolean | |
| Tree | weighted-ecmp | |
Description | When configured to true, this router enables weighted ECMP for packets using tunnels that a VPLS or Epipe automatically binds to. Packets are sprayed across LSPs in the ECMP according to the outcome of the hash algorithm and the configured load balancing weight of each LSP. When configured to false, this command disables weighted ECMP for next-hop tunnel selection. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
control-word boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable control word support | |
| Context | configure service vpls service-name bgp-evpn mpls number control-word boolean | |
| Tree | control-word | |
Description | When configured to true, the router enables the transmission and reception of the control word for all EVPN-MPLS destinations at the same time. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
default-route-tag one-byte-value
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Default route tag | |
| Context | configure service vpls service-name bgp-evpn mpls number default-route-tag one-byte-value | |
| Tree | default-route-tag | |
Description | This command configures a route tag that is used when sending a route to the BGP application (for the corresponding service and BGP instance). If the corresponding BGP instance is enabled, the command cannot be changed. When used for BGP EVPN contexts, only one route tag can be passed to BGP for matching on export policies. In case of a conflict with other route tags pushed by EVPN, the default route tag has the least priority. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
dynamic-egress-label-limit boolean
| Synopsis | Enables dynamic egress label limit | |
| Context | configure service vpls service-name bgp-evpn mpls number dynamic-egress-label-limit boolean | |
| Tree | dynamic-egress-label-limit | |
Description | When configured to true, this command relaxes the egress MPLS label limit check when resolving BGP next hops in the tunnel table. For VPRN services, the OAM label is never computed and, therefore, one more egress label is allowed. For EVPN (Epipe and VPLS) services, the system only computes the control word and ESI label if they are used. For the control word, the system reduces the egress label limit by one label if the control word is configured in the service. When configured, the ESI label is not counted for Epipes or VPLS services without an ES. When configured to false this command, for EVPN, Epipe, and VPLS services, always accounts for the ESI label and control word. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
evi-three-byte-auto-rt boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Auto-derive the BGP EVPN route target | |
| Context | configure service vpls service-name bgp-evpn mpls number evi-three-byte-auto-rt boolean | |
| Tree | evi-three-byte-auto-rt | |
Description | When configured to true, the BGP-EVPN instance import and export route target is auto-derived as described in RFC 8365 (Global-Administrator:A/Type/D-ID/Service-ID). Where:
When configured to false, route target derivation is not allowed. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
fdb
protected-src-mac-violation-action keyword
| Synopsis | Relearn request for a protected MAC is received action | |
| Context | configure service vpls service-name bgp-evpn mpls number fdb protected-src-mac-violation-action keyword | |
| Tree | protected-src-mac-violation-action | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
force-vc-forwarding keyword
| Synopsis | VC forwarding action | |
| Context | configure service vpls service-name bgp-evpn mpls number force-vc-forwarding keyword | |
| Tree | force-vc-forwarding | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
hash-label boolean
| Synopsis | Default profile when the CP-provided profile is unknown | |
| Context | configure service vpls service-name bgp-evpn mpls number hash-label boolean | |
| Tree | hash-label | |
Description | When configured to true, the router pushes the hash label. The hash label is never used for BUM packets. The hash-label push is based on the following:
| |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
mh-mode keyword
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Multihoming mode | |
| Context | configure service vpls service-name bgp-evpn mpls number mh-mode keyword | |
| Tree | mh-mode | |
Description | This command configures the multihoming mode for BGP-EVPN. Users can configure only one network instance for the service. If a provider tunnel is enabled for the service instance, this command must be configured using the network option. | |
| Options | ||
| Default | network | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
oper-group reference
| Synopsis | Operational group ID | |
| Context | configure service vpls service-name bgp-evpn mpls number oper-group reference | |
| Tree | oper-group | |
Reference | configure service oper-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
route-next-hop
| Synopsis | Enter the route-next-hop context | |
| Context | configure service vpls service-name bgp-evpn mpls number route-next-hop | |
| Tree | route-next-hop | |
Description | Commands in this context configure the next hop of the EVPN routes. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ip-address (ipv4-address-no-zone | ipv6-address-no-zone)
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | IP address of the next-hop for the service EVPN route | |
| Context | configure service vpls service-name bgp-evpn mpls number route-next-hop ip-address (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | ip-address | |
Notes | The following elements are part of a choice: ip-address, system-ipv4, or system-ipv6. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
system-ipv4
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | System IPv4 address for service EVPN route next hop | |
| Context | configure service vpls service-name bgp-evpn mpls number route-next-hop system-ipv4 | |
| Tree | system-ipv4 | |
Notes | The following elements are part of a choice: ip-address, system-ipv4, or system-ipv6. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
system-ipv6
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | System IPv6 address for service EVPN route next hop | |
| Context | configure service vpls service-name bgp-evpn mpls number route-next-hop system-ipv6 | |
| Tree | system-ipv6 | |
Notes | The following elements are part of a choice: ip-address, system-ipv4, or system-ipv6. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
send-tunnel-encap
| Synopsis | Enter the send-tunnel-encap context | |
| Context | configure service vpls service-name bgp-evpn mpls number send-tunnel-encap | |
| Tree | send-tunnel-encap | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mpls boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable MPLS encapsulation | |
| Context | configure service vpls service-name bgp-evpn mpls number send-tunnel-encap mpls boolean | |
| Tree | mpls | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
split-horizon-group reference
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Split horizon group | |
| Context | configure service vpls service-name bgp-evpn mpls number split-horizon-group reference | |
| Tree | split-horizon-group | |
Description | This command configures the value of split-horizon group for all BGP-EVPN segment routing v6 instances. | |
Reference | configure service vpls service-name split-horizon-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
routes
incl-mcast
| Synopsis | Enter the incl-mcast context | |
| Context | configure service vpls service-name bgp-evpn routes incl-mcast | |
| Tree | incl-mcast | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
advertise-ingress-replication boolean
| Synopsis | BGP EVPN IMET-IR route advertisement | |
| Context | configure service vpls service-name bgp-evpn routes incl-mcast advertise-ingress-replication boolean | |
| Tree | advertise-ingress-replication | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
advertise-l2-attributes boolean
| Synopsis | Advertise Layer 2 attributes | |
| Context | configure service vpls service-name bgp-evpn routes incl-mcast advertise-l2-attributes boolean | |
| Tree | advertise-l2-attributes | |
Description | When configured to true, the router advertises the Layer 2 Attributes Extended Community including:
The router compares the received Layer 2 MTU from a peer with the local service MTU. If there is a mismatch, the operation state of the EVPN destination is set to down, except if the configure service vpls bgp-evpn ignore-mtu-mistmatch command is set to true. A mismatch between the received C bit and the local control-word setting (in the configure service vpls bgp-evpn mpls context) results in the operational state of the EVPN destination being set to down. A mismatch between the received F bit and the local F bit (via the hash label configuration) results in the operational state of the EVPN destination being set to down. When configured to false, the Layer 2 Attributes Extended Community is not advertised with the Inclusive Multicast Ethernet Tag route for the service. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ip-prefix
advertise boolean
domain-id domain-id
| Synopsis | Domain ID of received BGP route before readvertisement | |
| Context | configure service vpls service-name bgp-evpn routes ip-prefix domain-id domain-id | |
| Tree | domain-id | |
Description | This command specifies the domain ID. The domain ID identifies the network from which the BGP route was received before the RTM advertises it to a different neighbor. The domain ID is part of a domain, represented as domain-id:isf_safi_type in the D-PATH attribute, as described in draft-ietf-bess-evpn-ipvpn-interworking. Gateway routers modify the D-PATH attribute. A gateway is a PE where a VPRN is instantiated. The VPRN in this case advertises or receives routes from multiple BGP owners (for example, EVPN-IFL and BGP-IPVPN) or multiple instances of the same owner (for example, VPRN with two BGP-IPVPN instances). Gateways use the D-PATH attribute to detect loops (for received routes where the D-PATH contains a local domain ID) and to make BGP best-path selection decisions based on the D-PATH length (shorter D-PATH is preferred). In the following example, suppose a gateway receives prefix P in an EVPN-IFL instance with the following D-PATH from neighbor N: Seg Len=1 / 65000:1:128 If the router imports the route in VPRN-1, BGP-EVPN SRv6 instance with domain 65000:2, it readvertises it to its BGP-IPVPN MPLS instance as follows: Seg Len=2 / 65000:2:70 / 65000:1:128 That is, the gateway prepends the local domain ID and family to the D-PATH before readvertising the route into a different instance. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
include-direct-interface-host boolean
| Synopsis | Advertise the interface host address in EVPN | |
| Context | configure service vpls service-name bgp-evpn routes ip-prefix include-direct-interface-host boolean | |
| Tree | include-direct-interface-host | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
link-bandwidth
| Synopsis | Enter the link-bandwidth context | |
| Context | configure service vpls service-name bgp-evpn routes ip-prefix link-bandwidth | |
| Tree | link-bandwidth | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
advertise
max-dynamic-weight number
| Synopsis | Maximum weight of the advertised evpn-iff route | |
| Context | configure service vpls service-name bgp-evpn routes ip-prefix link-bandwidth advertise max-dynamic-weight number | |
| Tree | max-dynamic-weight | |
| Range | 1 to 128 | |
| Default | 128 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
weight (number | keyword)
weighted-ecmp boolean
| Synopsis | Enable weighted ECMP | |
| Context | configure service vpls service-name bgp-evpn routes ip-prefix link-bandwidth weighted-ecmp boolean | |
| Tree | weighted-ecmp | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
mac-ip
advertise boolean
arp-nd-extended-community boolean
| Synopsis | Enable ARP/ND extended community | |
| Context | configure service vpls service-name bgp-evpn routes mac-ip arp-nd-extended-community boolean | |
| Tree | arp-nd-extended-community | |
Description | When configured to true, the system advertises the RFC9047 ARP/ND extended community along with the MAC/IP routes advertised for local static and dynamic proxy ARP or ND entries. The system also processes the ARP/ND extended community and selects the ARP or ND entries based on the immutable flag. When configured to false, the system does not advertise the RFC9047 ARP/ND extended community. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
arp-nd-only-with-fdb-advertisement boolean
| Synopsis | Advertise ARP/ND entries if local MAC is in the FDB | |
| Context | configure service vpls service-name bgp-evpn routes mac-ip arp-nd-only-with-fdb-advertisement boolean | |
| Tree | arp-nd-only-with-fdb-advertisement | |
Description | When configured to true, the router advertises local ARP/ND entries of VPRN interfaces using this VPLS in this BGP-EVPN service when the corresponding local MAC is programmed in the FDB. When configured to false, the router does not advertise local ARP/ND entries. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
sel-mcast
advertise boolean
vlan-aware-bundle-eth-tag number
| Synopsis | Ethernet tag associated with VPLS service | |
| Context | configure service vpls service-name bgp-evpn routes vlan-aware-bundle-eth-tag number | |
| Tree | vlan-aware-bundle-eth-tag | |
Description | This command configures the Ethernet Tag ID in the EVPN routes for control-plane interoperability mode with VLAN-aware bundle services. The configuration of a non-default value requires the previous configuration of a VLAN-aware bundle name on the service. When set to a non-zero value, the EVPN routes advertised for the VPLS service are advertised with this value into the Ethernet Tag ID field of the routes. On reception of EVPN routes with non-zero Ethernet Tag ID, BGP imports the routes based on the import route target as usual. However, the system checks the received Ethernet Tag ID field and only processes those routes whose Ethernet Tag ID matches the local VLAN-aware bundle Ethernet Tag ID. | |
| Range | 1 to 16777215 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
vlan-aware-bundle named-item
| Synopsis | VLAN aware bundle name | |
| Context | configure service vpls service-name bgp-evpn vlan-aware-bundle named-item | |
| Tree | vlan-aware-bundle | |
Description | This command configures the name that identifies a group of bundled VPLS services (broadcast domains). This name allows the user to execute show commands that are relevant to all the broadcast domains in a VLAN-aware bundle service group. | |
| String length | 1 to 32 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bgp-mh-site [site-name] named-item
| Synopsis | Enter the bgp-mh-site list instance | |
| Context | configure service vpls service-name bgp-mh-site named-item | |
| Tree | bgp-mh-site | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[site-name] named-item
| Synopsis | Name for the specific site | |
| Context | configure service vpls service-name bgp-mh-site named-item | |
| Tree | bgp-mh-site | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
activation-timer number
| Synopsis | Time that the local sites are in standby status, waiting for BGP updates | |
| Context | configure service vpls service-name bgp-mh-site named-item activation-timer number | |
| Tree | activation-timer | |
| Range | 0 to 100 | |
| Units | seconds | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the VPLS BGP multi-homing site | |
| Context | configure service vpls service-name bgp-mh-site named-item admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
boot-timer number
| Synopsis | Wait time after reboot to run the DF election algorithm | |
| Context | configure service vpls service-name bgp-mh-site named-item boot-timer number | |
| Tree | boot-timer | |
| Range | 0 to 600 | |
| Units | seconds | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
failed-threshold (number | keyword)
| Synopsis | Threshold for the site to be declared down | |
| Context | configure service vpls service-name bgp-mh-site named-item failed-threshold (number | keyword) | |
| Tree | failed-threshold | |
| Range | 1 to 1000 | |
| Options | ||
| Default | all | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
id number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Site ID | |
| Context | configure service vpls service-name bgp-mh-site named-item id number | |
| Tree | id | |
| Range | 1 to 65535 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
mesh-sdp-binds
| Synopsis | Specify if a mesh-sdp-binding is associated with this site | |
| Context | configure service vpls service-name bgp-mh-site named-item mesh-sdp-binds | |
| Tree | mesh-sdp-binds | |
Notes | The following elements are part of a choice: mesh-sdp-binds, sap, shg-name, or spoke-sdp. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
min-down-timer number
| Synopsis | Minimum downtime for BGP multi-homing site after transition from up to down | |
| Context | configure service vpls service-name bgp-mh-site named-item min-down-timer number | |
| Tree | min-down-timer | |
| Range | 0 to 100 | |
| Units | seconds | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
monitor-oper-group reference
| Synopsis | Operational group to monitor | |
| Context | configure service vpls service-name bgp-mh-site named-item monitor-oper-group reference | |
| Tree | monitor-oper-group | |
Reference | configure service oper-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
sap sap
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | SAP to be associated with this site | |
| Context | configure service vpls service-name bgp-mh-site named-item sap sap | |
| Tree | sap | |
| String length | 1 to 45 | |
Notes | The following elements are part of a choice: mesh-sdp-binds, sap, shg-name, or spoke-sdp. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
shg-name named-item
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | SHG name to be associated with the site | |
| Context | configure service vpls service-name bgp-mh-site named-item shg-name named-item | |
| Tree | shg-name | |
| String length | 1 to 32 | |
Notes | The following elements are part of a choice: mesh-sdp-binds, sap, shg-name, or spoke-sdp. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
spoke-sdp sdp-bind-id
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | SDP associated with the site | |
| Context | configure service vpls service-name bgp-mh-site named-item spoke-sdp sdp-bind-id | |
| Tree | spoke-sdp | |
| String length | 3 to 16 | |
Notes | The following elements are part of a choice: mesh-sdp-binds, sap, shg-name, or spoke-sdp. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
bgp-vpls
admin-state keyword
| Synopsis | Administrative state of the BGP-VPLS instance | |
| Context | configure service vpls service-name bgp-vpls admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
maximum-ve-id number
| Synopsis | Maximum vpls-edge id for BGP-VPLS | |
| Context | configure service vpls service-name bgp-vpls maximum-ve-id number | |
| Tree | maximum-ve-id | |
| Range | 1 to 65535 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ve
id number
name named-item
customer reference
description description
| Synopsis | Text description | |
| Context | configure service vpls service-name description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
endpoint [name] named-item
[name] named-item
block-on-mesh-failure boolean
| Synopsis | Enable blocking after the endpoints are in a down state | |
| Context | configure service vpls service-name endpoint named-item block-on-mesh-failure boolean | |
| Tree | block-on-mesh-failure | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
description description
| Synopsis | Text description | |
| Context | configure service vpls service-name endpoint named-item description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
fdb
auto-learn-mac-protect boolean
| Synopsis | Populate automatically MAC protect list with MAC addresses learned on SDP with this endpoint | |
| Context | configure service vpls service-name endpoint named-item fdb auto-learn-mac-protect boolean | |
| Tree | auto-learn-mac-protect | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
mac-pinning boolean
| Synopsis | Activate MAC address pinning on this endpoint | |
| Context | configure service vpls service-name endpoint named-item fdb mac-pinning boolean | |
| Tree | mac-pinning | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
maximum-mac-addresses number
| Synopsis | Maximum number of MAC address entries in the FDB | |
| Context | configure service vpls service-name endpoint named-item fdb maximum-mac-addresses number | |
| Tree | maximum-mac-addresses | |
Description | This command specifies the maximum number of FDB entries for both learned and static MAC addresses for this endpoint. When the configured limit is reached, no new addresses are learned from the SAP or spoke SDP until at least one FDB entry is aged out or cleared. Packets with unknown source MAC addresses are still forwarded if their destination MAC addresses are known, or flooded if their destination MAC addresses are unknown. However, if the configure service vpls fdb discard-unknown command is set to true, packets with unknown destination MAC addresses are discarded, even if the limit of FDB entries on the specific VPLS instance is not reached. When unconfigured, the endpoint uses the global MAC learning limitations. | |
| Range | 1 to 511999 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
protected-src-mac-violation-action keyword
| Synopsis | Action when a relearn request for a protected MAC is received on the SDP | |
| Context | configure service vpls service-name endpoint named-item fdb protected-src-mac-violation-action keyword | |
| Tree | protected-src-mac-violation-action | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ignore-standby-signaling boolean
| Synopsis | Ignore standby-bit received from TLDP peers when performing internal tasks | |
| Context | configure service vpls service-name endpoint named-item ignore-standby-signaling boolean | |
| Tree | ignore-standby-signaling | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
mc-endpoint [mc-ep-id] number
| Synopsis | Enter the mc-endpoint list instance | |
| Context | configure service vpls service-name endpoint named-item mc-endpoint number | |
| Tree | mc-endpoint | |
| Max. instances | 1 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
[mc-ep-id] number
| Synopsis | MC-EP ID | |
| Context | configure service vpls service-name endpoint named-item mc-endpoint number | |
| Tree | mc-endpoint | |
Description | This command configures the identifier associated with the MC-EP. The ID must be the same on both MC-EP peers. | |
| Range | 1 to 4294967295 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mc-ep-peer
| Synopsis | Enter the mc-ep-peer context | |
| Context | configure service vpls service-name endpoint named-item mc-endpoint number mc-ep-peer | |
| Tree | mc-ep-peer | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
name named-item
| Synopsis | Name of the MC-EP peer | |
| Context | configure service vpls service-name endpoint named-item mc-endpoint number mc-ep-peer name named-item | |
| Tree | name | |
| String length | 1 to 32 | |
Notes | The following elements are part of a choice: name or peer-address. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
peer-address reference
| Synopsis | IP address of the MC-EP peer | |
| Context | configure service vpls service-name endpoint named-item mc-endpoint number mc-ep-peer peer-address reference | |
| Tree | peer-address | |
Reference | configure redundancy multi-chassis peer (ipv4-address-no-zone | ipv6-address-no-zone) | |
Notes | The following elements are part of a choice: name or peer-address. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
revert-time (number | keyword)
| Synopsis | Time to wait before reverting to primary spoke SDP | |
| Context | configure service vpls service-name endpoint named-item revert-time (number | keyword) | |
| Tree | revert-time | |
| Range | 1 to 600 | |
| Units | seconds | |
| Options | ||
| Default | immediate | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
suppress-standby-signaling boolean
| Synopsis | Do not send pseudowire standby bit to TLDP peer when specified spoke SDP is selected as standby | |
| Context | configure service vpls service-name endpoint named-item suppress-standby-signaling boolean | |
| Tree | suppress-standby-signaling | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
etree boolean
fdb
discard-unknown boolean
| Synopsis | Discard packets with unknown destination MAC addresses | |
| Context | configure service vpls service-name fdb discard-unknown boolean | |
| Tree | discard-unknown | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
mac-learning
| Synopsis | Enter the mac-learning context | |
| Context | configure service vpls service-name fdb mac-learning | |
| Tree | mac-learning | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
aging boolean
learning boolean
local-age-time number
| Synopsis | Aging time for locally learned MAC addresses | |
| Context | configure service vpls service-name fdb mac-learning local-age-time number | |
| Tree | local-age-time | |
Description | This command configures the aging time for locally learned MAC addresses in the forwarding database (FDB) for the Virtual Private LAN Service (VPLS) instance. In a VPLS service, MAC addresses are associated with a Service Access Point (SAP) or a Service Destination Point (SDP). MACs associated with a SAP are classified as local MACs, and MACs associated with an SDP are remote MACs. In each VPLS service instance, there are independent aging timers for locally learned MAC and remotely learned MAC entries in the FDB. As in a Layer 2 switch, learned MACs can be aged out if no packets are sourced from the MAC address for a period of time (the aging time). | |
| Range | 60 to 86400 | |
| Default | 300 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
remote-age-time number
| Synopsis | Aging time for remotely learned MAC addresses | |
| Context | configure service vpls service-name fdb mac-learning remote-age-time number | |
| Tree | remote-age-time | |
Description | This command configures the aging time for remotely learned MAC addresses in the forwarding database (FDB) for the Virtual Private LAN Service (VPLS) instance. In a VPLS service, MAC addresses are associated with a Service Access Point (SAP) or a Service Destination Point (SDP). MACs associated with a SAP are classified as local MACs, and MACs associated with an SDP are remote MACs. In each VPLS service instance, there are independent aging timers for locally learned MAC and remotely learned MAC entries in the FDB. As in a Layer 2 switch, learned MACs can be aged out if no packets are sourced from the MAC address for a period of time (the aging time). To reduce the amount of signaling required between switches, configure this time larger than the local-age-time command. | |
| Range | 60 to 86400 | |
| Default | 900 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
mac-move
admin-state keyword
| Synopsis | Administrative state of MAC move | |
| Context | configure service vpls service-name fdb mac-move admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
hold-down-time number
| Synopsis | Wait time before re-enabling disabled SAP | |
| Context | configure service vpls service-name fdb mac-move hold-down-time number | |
| Tree | hold-down-time | |
| Range | 0 to 600 | |
| Units | seconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
move-frequency number
| Synopsis | Maximum rate MACs can be re-learned in the VPLS service | |
| Context | configure service vpls service-name fdb mac-move move-frequency number | |
| Tree | move-frequency | |
| Range | 1 to 10 | |
| Default | 2 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
primary-cumulative-factor number
| Synopsis | Factor for MAC-relearn periods for MAC-relearn rate | |
| Context | configure service vpls service-name fdb mac-move primary-cumulative-factor number | |
| Tree | primary-cumulative-factor | |
| Range | 3 to 10 | |
| Default | 3 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
retry-count (number | keyword)
| Synopsis | Number of retries for re-enabling the SAP or SDP | |
| Context | configure service vpls service-name fdb mac-move retry-count (number | keyword) | |
| Tree | retry-count | |
| Range | 1 to 255 | |
| Options | ||
| Default | 3 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
sap [sap-id] reference
[sap-id] reference
level keyword
secondary-cumulative-factor number
| Synopsis | Number of periods to measure mac-relearn rate | |
| Context | configure service vpls service-name fdb mac-move secondary-cumulative-factor number | |
| Tree | secondary-cumulative-factor | |
| Range | 2 to 9 | |
| Default | 2 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
spoke-sdp [sdp-bind-id] reference
[sdp-bind-id] reference
level keyword
mac-subnet-length number
| Synopsis | Number of bits performing MAC learning or MAC switching | |
| Context | configure service vpls service-name fdb mac-subnet-length number | |
| Tree | mac-subnet-length | |
| Range | 24 to 48 | |
| Default | 48 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
selective-learning boolean
| Synopsis | Allocate FDB entries on selectively learned line cards | |
| Context | configure service vpls service-name fdb selective-learning boolean | |
| Tree | selective-learning | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
static-mac
| Synopsis | Enter the static-mac context | |
| Context | configure service vpls service-name fdb static-mac | |
| Tree | static-mac | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mac [mac-address] mac-unicast-address-no-zero
[mac-address] mac-unicast-address-no-zero
blackhole
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Create a static FDB entry for the MAC address to black-hole traffic | |
| Context | configure service vpls service-name fdb static-mac mac mac-unicast-address-no-zero blackhole | |
| Tree | blackhole | |
Notes | The following elements are part of a mandatory choice: blackhole, endpoint, mesh-sdp, sap, or spoke-sdp. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
endpoint reference
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Endpoint associated with the MAC | |
| Context | configure service vpls service-name fdb static-mac mac mac-unicast-address-no-zero endpoint reference | |
| Tree | endpoint | |
Reference | ||
Notes | The following elements are part of a mandatory choice: blackhole, endpoint, mesh-sdp, sap, or spoke-sdp. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
mesh-sdp reference
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Mesh SDP bind associated with this MAC | |
| Context | configure service vpls service-name fdb static-mac mac mac-unicast-address-no-zero mesh-sdp reference | |
| Tree | mesh-sdp | |
Reference | ||
Notes | The following elements are part of a mandatory choice: blackhole, endpoint, mesh-sdp, sap, or spoke-sdp. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
monitor keyword
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Entity to be monitored to decide whether this entry can be installed in the FDB | |
| Context | configure service vpls service-name fdb static-mac mac mac-unicast-address-no-zero monitor keyword | |
| Tree | monitor | |
| Options | ||
| Default | none | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
sap reference
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | SAP associated with this MAC | |
| Context | configure service vpls service-name fdb static-mac mac mac-unicast-address-no-zero sap reference | |
| Tree | sap | |
Reference | ||
Notes | The following elements are part of a mandatory choice: blackhole, endpoint, mesh-sdp, sap, or spoke-sdp. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
spoke-sdp reference
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Spoke SDP bind associated with this MAC | |
| Context | configure service vpls service-name fdb static-mac mac mac-unicast-address-no-zero spoke-sdp reference | |
| Tree | spoke-sdp | |
Reference | ||
Notes | The following elements are part of a mandatory choice: blackhole, endpoint, mesh-sdp, sap, or spoke-sdp. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
table
high-wmark number
| Synopsis | High watermark for the FDB table | |
| Context | configure service vpls service-name fdb table high-wmark number | |
| Tree | high-wmark | |
| Range | 0 to 100 | |
| Default | 95 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
low-wmark number
size number
igmp-snooping
| Synopsis | Enter the igmp-snooping context | |
| Context | configure service vpls service-name igmp-snooping | |
| Tree | igmp-snooping | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of snooping | |
| Context | configure service vpls service-name igmp-snooping admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
query-interval number
| Synopsis | Time between two consecutive host-query messages | |
| Context | configure service vpls service-name igmp-snooping query-interval number | |
| Tree | query-interval | |
| Range | 1 to 65535 | |
| Units | seconds | |
| Default | 125 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
query-source-address (keyword | ipv4-address)
| Synopsis | Source address for IGMP queries | |
| Context | configure service vpls service-name igmp-snooping query-source-address (keyword | ipv4-address) | |
| Tree | query-source-address | |
| Options | ||
| Default | system | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
report-source-address ipv4-address
| Synopsis | Source IP address used when generating IGMP reports | |
| Context | configure service vpls service-name igmp-snooping report-source-address ipv4-address | |
| Tree | report-source-address | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
robust-count number
| Synopsis | Number of retries after expected message loss | |
| Context | configure service vpls service-name igmp-snooping robust-count number | |
| Tree | robust-count | |
| Range | 1 to 255 | |
| Default | 2 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
ignore-l2vpn-mtu-mismatch boolean
| Synopsis | Ignore the L2 VPN MTU mismatch with local service MTU | |
| Context | configure service vpls service-name ignore-l2vpn-mtu-mismatch boolean | |
| Tree | ignore-l2vpn-mtu-mismatch | |
Description | When configured to true, the router ignores the value of the Layer 2 MTU in the Layer 2 Info Extended Community received in a BGP update message or the value of the MTU interface parameter received in an LDP label mapping message against the local service MTU or locally signaled MTU. It may, therefore, bring up the VPLS service regardless of any MTU mismatch. When configured to false, an MTU mismatch prevents the system from bringing up a VPLS service. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
interface [interface-name] interface-name
[interface-name] interface-name
admin-state keyword
| Synopsis | Administrative state of the interface | |
| Context | configure service vpls service-name interface interface-name admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
description very-long-description
| Synopsis | Text description | |
| Context | configure service vpls service-name interface interface-name description very-long-description | |
| Tree | description | |
| String length | 1 to 255 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
hold-time
ipv4
down
| Synopsis | Enter the down context | |
| Context | configure service vpls service-name interface interface-name hold-time ipv4 down | |
| Tree | down | |
Description | Commands in this context configure the down hold timer, which specifies the delay before activating the associated interface. The delay is invoked whenever the system attempts to bring the associated IP interface up, unless an operator configures the init-only command. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
init-only boolean
| Synopsis | Apply delay only at interface configuration or reboot | |
| Context | configure service vpls service-name interface interface-name hold-time ipv4 down init-only boolean | |
| Tree | init-only | |
Description | This command applies a delay only when the IP interface is first configured or after a system reboot. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
seconds number
up
| Synopsis | Enter the up context | |
| Context | configure service vpls service-name interface interface-name hold-time ipv4 up | |
| Tree | up | |
Description | Commands in this context configure the up hold timer, which specifies the delay before deactivation of the associated interface. The delay is invoked whenever the system attempts to bring the associated IP interface down. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
seconds number
ipv4
neighbor-discovery
| Synopsis | Enter the neighbor-discovery context | |
| Context | configure service vpls service-name interface interface-name ipv4 neighbor-discovery | |
| Tree | neighbor-discovery | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
static-neighbor [ipv4-address] ipv4-address
| Synopsis | Enter the static-neighbor list instance | |
| Context | configure service vpls service-name interface interface-name ipv4 neighbor-discovery static-neighbor ipv4-address | |
| Tree | static-neighbor | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[ipv4-address] ipv4-address
| Synopsis | IPv4 address that corresponds to the physical address | |
| Context | configure service vpls service-name interface interface-name ipv4 neighbor-discovery static-neighbor ipv4-address | |
| Tree | static-neighbor | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mac-address mac-address
| Synopsis | MAC address for the static neighbor | |
| Context | configure service vpls service-name interface interface-name ipv4 neighbor-discovery static-neighbor ipv4-address mac-address mac-address | |
| Tree | mac-address | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
timeout number
primary
address ipv4-address
prefix-length number
| Synopsis | IPv4 address prefix length | |
| Context | configure service vpls service-name interface interface-name ipv4 primary prefix-length number | |
| Tree | prefix-length | |
| Range | 0 to 31 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mac mac-unicast-address
isid-policy
| Synopsis | Enter the isid-policy context | |
| Context | configure service vpls service-name isid-policy | |
| Tree | isid-policy | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
entry [range-entry-id] number
| Synopsis | Enter the entry list instance | |
| Context | configure service vpls service-name isid-policy entry number | |
| Tree | entry | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[range-entry-id] number
| Synopsis | ISID policy entry ID | |
| Context | configure service vpls service-name isid-policy entry number | |
| Tree | entry | |
| Range | 1 to 8191 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
advertise-local boolean
| Synopsis | Advertise locally-defined I-VPLS ISIDs or static ISIDs | |
| Context | configure service vpls service-name isid-policy entry number advertise-local boolean | |
| Tree | advertise-local | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
range
end number
start number
use-def-mcast boolean
| Synopsis | Use default multicast tree to propagate ISIS range | |
| Context | configure service vpls service-name isid-policy entry number use-def-mcast boolean | |
| Tree | use-def-mcast | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
m-vpls boolean
mac-flush
tldp
propagate boolean
send-on-failure boolean
| Synopsis | Send MAC withdraw message on SAP/Spoke-SDP failure | |
| Context | configure service vpls service-name mac-flush tldp send-on-failure boolean | |
| Tree | send-on-failure | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
mac-protect
| Synopsis | Enter the mac-protect context | |
| Context | configure service vpls service-name mac-protect | |
| Tree | mac-protect | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mac [mac-address] mac-address
| Synopsis | Add a list entry for mac | |
| Context | configure service vpls service-name mac-protect mac mac-address | |
| Tree | mac | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[mac-address] mac-address
| Synopsis | Protected MAC address | |
| Context | configure service vpls service-name mac-protect mac mac-address | |
| Tree | mac | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mcast-ipv6-snooping-scope keyword
| Synopsis | IPv6 multicast snooping scope | |
| Context | configure service vpls service-name mcast-ipv6-snooping-scope keyword | |
| Tree | mcast-ipv6-snooping-scope | |
| Options | ||
| Default | mac-based | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mcr-default-gtw
| Synopsis | Enter the mcr-default-gtw context | |
| Context | configure service vpls service-name mcr-default-gtw | |
| Tree | mcr-default-gtw | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ip ipv4-unicast-address
| Synopsis | Multi-chassis ring default gateway IP address | |
| Context | configure service vpls service-name mcr-default-gtw ip ipv4-unicast-address | |
| Tree | ip | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mac mac-address
| Synopsis | Multi-chassis ring default gateway MAC address | |
| Context | configure service vpls service-name mcr-default-gtw mac mac-address | |
| Tree | mac | |
| Default | 00:00:00:00:00:00 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mesh-sdp [sdp-bind-id] sdp-bind-id
[sdp-bind-id] sdp-bind-id
accounting-policy reference
| Synopsis | Policy to collect accounting statistics | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id accounting-policy reference | |
| Tree | accounting-policy | |
Reference | configure log accounting-policy number | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the SDP binding to the service | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
adv-service-mtu number
| Synopsis | Advertise service MTU value | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id adv-service-mtu number | |
| Tree | adv-service-mtu | |
Description | This command configures the MTU value that is signaled in the targeted LDP for the spoke-SDP. The router uses the value for signaling and for validation with the received MTU instead of the service MTU. However, the value does not affect the locally enforced value, which is still based on the service MTU. This command cannot be configured on a spoke-SDP that is bound to an SDP with the adv-mtu-override command. | |
| Range | 0 to 9782 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
collect-stats boolean
| Synopsis | Allow agent to collect accounting statistics | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id collect-stats boolean | |
| Tree | collect-stats | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
control-word boolean
| Synopsis | Use the control word as preferred | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id control-word boolean | |
| Tree | control-word | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
description description
| Synopsis | Text description | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dhcp
description description
| Synopsis | Text description | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id dhcp description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
snoop boolean
egress
filter
ip reference
ipv6 reference
mfib-allowed-mda-destinations
| Synopsis | Enter the mfib-allowed-mda-destinations context | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id egress mfib-allowed-mda-destinations | |
| Tree | mfib-allowed-mda-destinations | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mda [mda-id] slot-mda
[mda-id] slot-mda
qos
network
policy-name reference
| Synopsis | Network policy ID | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id egress qos network policy-name reference | |
| Tree | policy-name | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
port-redirect-group
| Synopsis | Enter the port-redirect-group context | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id egress qos network port-redirect-group | |
| Tree | port-redirect-group | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
group-name reference
| Synopsis | Name of the egress port queue group | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id egress qos network port-redirect-group group-name reference | |
| Tree | group-name | |
Reference | configure qos queue-group-templates egress queue-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
instance number
vc-label number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Egress MPLS VC label to send packets to the far end | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id egress vc-label number | |
| Tree | vc-label | |
| Range | 16 to 1048575 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
etree-leaf boolean
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable etree leaf access-circuit status | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id etree-leaf boolean | |
| Tree | etree-leaf | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
etree-root-leaf-tag boolean
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Status for E-tree root leaf tag | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id etree-root-leaf-tag boolean | |
| Tree | etree-root-leaf-tag | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
fdb
auto-learn-mac-protect boolean
| Synopsis | Enable automatic population of the MAC protect list | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id fdb auto-learn-mac-protect boolean | |
| Tree | auto-learn-mac-protect | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
auto-learn-mac-protect-exclude-list reference
| Synopsis | Referenced MAC protect exclusion list name | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id fdb auto-learn-mac-protect-exclude-list reference | |
| Tree | auto-learn-mac-protect-exclude-list | |
Description | This command references the name of a MAC protect exclusion list. Dynamically-learned MAC Source Addresses (SA) are protected if they are learned on an object with ALMP configured and no exclusion list is associated with the object, or if the MAC SA does not match any entry in an associated exclusion list. An exclusion list can be used in multiple objects of a service. If a list is empty, ALMP does not exclude any learned MAC SAs from protection on the object. | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mac-pinning boolean
| Synopsis | MAC address pinning in active status | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id fdb mac-pinning boolean | |
| Tree | mac-pinning | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
protected-src-mac-violation-action keyword
| Synopsis | Action to take whenever a relearn request for a protected MAC is received | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id fdb protected-src-mac-violation-action keyword | |
| Tree | protected-src-mac-violation-action | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
force-vc-forwarding keyword
| Synopsis | VC forwarding action | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id force-vc-forwarding keyword | |
| Tree | force-vc-forwarding | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
hash-label
| Synopsis | Enable the hash-label context | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id hash-label | |
| Tree | hash-label | |
Description | Commands in this context configure the use of hash labels for egress datapaths. For information about hash-label handling, see the "Hash label" section of the 7705 SAR Gen 2 MPLS Guide. | |
Notes | The following elements are part of a choice: entropy-label or hash-label. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
signal-capability
| Synopsis | Signal hash label capability to the remote PE | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id hash-label signal-capability | |
| Tree | signal-capability | |
Description | When configured, this command enables the signaling and negotiating of the hash label between the local and remote PE nodes. The signaling process outcome determines whether the local PE inserts the hash label on the user packets. This outcome can override the local PE configuration. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
igmp-snooping
| Synopsis | Enter the igmp-snooping context | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id igmp-snooping | |
| Tree | igmp-snooping | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
fast-leave boolean
| Synopsis | Allow IGMP fast leave processing | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id igmp-snooping fast-leave boolean | |
| Tree | fast-leave | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
import-policy reference
| Synopsis | Import policy that filters IGMP packets | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id igmp-snooping import-policy reference | |
| Tree | import-policy | |
Reference | configure policy-options policy-statement named-item-64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
maximum-number-group-sources number
| Synopsis | Maximum group source combinations | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id igmp-snooping maximum-number-group-sources number | |
| Tree | maximum-number-group-sources | |
| Range | 1 to 32000 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
maximum-number-groups number
| Synopsis | Maximum groups allowed | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id igmp-snooping maximum-number-groups number | |
| Tree | maximum-number-groups | |
| Range | 1 to 16000 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
maximum-number-sources number
| Synopsis | Maximum sources that are allowed per group | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id igmp-snooping maximum-number-sources number | |
| Tree | maximum-number-sources | |
| Range | 1 to 1000 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
mrouter-port boolean
| Synopsis | Operate port as a multicast router port | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id igmp-snooping mrouter-port boolean | |
| Tree | mrouter-port | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
query-interval number
| Synopsis | Time between two consecutive host-query messages | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id igmp-snooping query-interval number | |
| Tree | query-interval | |
| Range | 2 to 1024 | |
| Units | seconds | |
| Default | 125 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
query-last-member-interval number
| Synopsis | Time between group-specific query messages | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id igmp-snooping query-last-member-interval number | |
| Tree | query-last-member-interval | |
| Range | 1 to 50 | |
| Units | deciseconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
query-response-interval number
| Synopsis | Time to wait for a response to the host-query messages | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id igmp-snooping query-response-interval number | |
| Tree | query-response-interval | |
| Range | 1 to 1023 | |
| Units | seconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
robust-count number
| Synopsis | Number of retries after expected message loss | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id igmp-snooping robust-count number | |
| Tree | robust-count | |
| Range | 2 to 7 | |
| Default | 2 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
router-alert-check boolean
| Synopsis | Enable IP router alert check option | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id igmp-snooping router-alert-check boolean | |
| Tree | router-alert-check | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
send-queries boolean
| Synopsis | Generate IGMP general queries | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id igmp-snooping send-queries boolean | |
| Tree | send-queries | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
static
group [group-address] ipv4-multicast-address
[group-address] ipv4-multicast-address
| Synopsis | Group address of static IGMP multicast channel | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id igmp-snooping static group ipv4-multicast-address | |
| Tree | group | |
Description | This command configures an address that receives data on an interface. The IP address must be unique for each static group. | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
source [source-address] ipv4-unicast-address
| Synopsis | Add a list entry for source | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id igmp-snooping static group ipv4-multicast-address source ipv4-unicast-address | |
| Tree | source | |
Notes | The following elements are part of a mandatory choice: source or starg. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[source-address] ipv4-unicast-address
starg
version keyword
ingress
filter
ip reference
ipv6 reference
qos
network
fp-redirect-group
| Synopsis | Enter the fp-redirect-group context | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id ingress qos network fp-redirect-group | |
| Tree | fp-redirect-group | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
group-name reference
| Synopsis | Name of the forwarding plane queue group template | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id ingress qos network fp-redirect-group group-name reference | |
| Tree | group-name | |
Reference | configure qos queue-group-templates ingress queue-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
instance number
policy-name reference
| Synopsis | Network policy ID | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id ingress qos network policy-name reference | |
| Tree | policy-name | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
vc-label number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Ingress MPLS VC label to send packets to the far end | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id ingress vc-label number | |
| Tree | vc-label | |
| Range | 1 to 1048575 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
mld-snooping
| Synopsis | Enter the mld-snooping context | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id mld-snooping | |
| Tree | mld-snooping | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
fast-leave boolean
| Synopsis | Allow IGMP fast leave processing | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id mld-snooping fast-leave boolean | |
| Tree | fast-leave | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
import-policy reference
| Synopsis | Import policy that filters IGMP packets | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id mld-snooping import-policy reference | |
| Tree | import-policy | |
Reference | configure policy-options policy-statement named-item-64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
maximum-number-groups number
| Synopsis | Maximum groups allowed | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id mld-snooping maximum-number-groups number | |
| Tree | maximum-number-groups | |
| Range | 1 to 16000 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
mrouter-port boolean
| Synopsis | Operate port as a multicast router port | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id mld-snooping mrouter-port boolean | |
| Tree | mrouter-port | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
query-interval number
| Synopsis | Time between two consecutive host-query messages | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id mld-snooping query-interval number | |
| Tree | query-interval | |
| Range | 2 to 1024 | |
| Units | seconds | |
| Default | 125 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
query-last-member-interval number
| Synopsis | Time between group-specific query messages | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id mld-snooping query-last-member-interval number | |
| Tree | query-last-member-interval | |
| Range | 1 to 50 | |
| Units | deciseconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
query-response-interval number
| Synopsis | Time to wait for a response to the host-query messages | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id mld-snooping query-response-interval number | |
| Tree | query-response-interval | |
| Range | 1 to 1023 | |
| Units | seconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
robust-count number
| Synopsis | Number of retries after expected message loss | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id mld-snooping robust-count number | |
| Tree | robust-count | |
| Range | 2 to 7 | |
| Default | 2 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
router-alert-check boolean
| Synopsis | Enable IP router alert check option | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id mld-snooping router-alert-check boolean | |
| Tree | router-alert-check | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
send-queries boolean
| Synopsis | Generate IGMP general queries | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id mld-snooping send-queries boolean | |
| Tree | send-queries | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
static
group [group-address] ipv6-multicast-address
[group-address] ipv6-multicast-address
source [source-address] ipv6-unicast-address
| Synopsis | Add a list entry for source | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id mld-snooping static group ipv6-multicast-address source ipv6-unicast-address | |
| Tree | source | |
Notes | The following elements are part of a mandatory choice: source or starg. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[source-address] ipv6-unicast-address
starg
version keyword
vc-type keyword
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Type of virtual circuit (VC) associated with the SDP binding; VPLS not supported | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id vc-type keyword | |
| Tree | vc-type | |
| Options | ||
| Default | ether | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
vlan-vc-tag number
| Synopsis | SDP bind VC tag | |
| Context | configure service vpls service-name mesh-sdp sdp-bind-id vlan-vc-tag number | |
| Tree | vlan-vc-tag | |
| Range | 0 to 4094 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
mfib
table
high-wmark number
| Synopsis | High watermark for the MFIB table | |
| Context | configure service vpls service-name mfib table high-wmark number | |
| Tree | high-wmark | |
| Range | 0 to 100 | |
| Default | 95 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
low-wmark number
size number
mld-snooping
| Synopsis | Enter the mld-snooping context | |
| Context | configure service vpls service-name mld-snooping | |
| Tree | mld-snooping | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of snooping | |
| Context | configure service vpls service-name mld-snooping admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
query-interval number
| Synopsis | Time between two consecutive host-query messages | |
| Context | configure service vpls service-name mld-snooping query-interval number | |
| Tree | query-interval | |
| Range | 1 to 65535 | |
| Units | seconds | |
| Default | 125 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
query-source-address (keyword | ipv6-address)
| Synopsis | Source IP address used in MLD queries | |
| Context | configure service vpls service-name mld-snooping query-source-address (keyword | ipv6-address) | |
| Tree | query-source-address | |
| Options | ||
| Default | system | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
report-source-address ipv6-address
| Synopsis | Source IP address used when generating MLD reports | |
| Context | configure service vpls service-name mld-snooping report-source-address ipv6-address | |
| Tree | report-source-address | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
robust-count number
| Synopsis | Number of retries after expected message loss | |
| Context | configure service vpls service-name mld-snooping robust-count number | |
| Tree | robust-count | |
| Range | 1 to 255 | |
| Default | 2 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
proxy-arp
admin-state keyword
| Synopsis | Administrative state of the proxy | |
| Context | configure service vpls service-name proxy-arp admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
age-time (number | keyword)
duplicate-detect
| Synopsis | Enter the duplicate-detect context | |
| Context | configure service vpls service-name proxy-arp duplicate-detect | |
| Tree | duplicate-detect | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
anti-spoof-mac mac-unicast-address-no-zero
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | MAC address to replace the proxy-ARP/ND offending entry's MAC | |
| Context | configure service vpls service-name proxy-arp duplicate-detect anti-spoof-mac mac-unicast-address-no-zero | |
| Tree | anti-spoof-mac | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
hold-down-time (number | keyword)
| Synopsis | Hold down time for a duplicate entry | |
| Context | configure service vpls service-name proxy-arp duplicate-detect hold-down-time (number | keyword) | |
| Tree | hold-down-time | |
| Range | 2 to 60 | |
| Units | minutes | |
| Options | ||
| Default | 9 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
num-moves number
static-blackhole boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Consider anti-spoof MAC as black-hole static MAC in FDB | |
| Context | configure service vpls service-name proxy-arp duplicate-detect static-blackhole boolean | |
| Tree | static-blackhole | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
window number
dynamic-arp
| Synopsis | Enter the dynamic-arp context | |
| Context | configure service vpls service-name proxy-arp dynamic-arp | |
| Tree | dynamic-arp | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ip-address [ipv4-address] ipv4-unicast-address
| Synopsis | Enter the ip-address list instance | |
| Context | configure service vpls service-name proxy-arp dynamic-arp ip-address ipv4-unicast-address | |
| Tree | ip-address | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[ipv4-address] ipv4-unicast-address
| Synopsis | Proxy ARP IPv4 address | |
| Context | configure service vpls service-name proxy-arp dynamic-arp ip-address ipv4-unicast-address | |
| Tree | ip-address | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mac-list reference
| Synopsis | MAC list for the dynamic entry | |
| Context | configure service vpls service-name proxy-arp dynamic-arp ip-address ipv4-unicast-address mac-list reference | |
| Tree | mac-list | |
Reference | configure service proxy-arp-nd mac-list list named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
resolve-retry-time number
| Synopsis | Frequency at which the resolve messages are sent | |
| Context | configure service vpls service-name proxy-arp dynamic-arp ip-address ipv4-unicast-address resolve-retry-time number | |
| Tree | resolve-retry-time | |
| Range | 1 to 60 | |
| Units | minutes | |
| Default | 5 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
sap [sap-id] reference
| Synopsis | Add a list entry for sap | |
| Context | configure service vpls service-name proxy-arp dynamic-arp ip-address ipv4-unicast-address sap reference | |
| Tree | sap | |
Description | Commands in this context configure the proxy ARP or ND entry for creation when the ARP or neighbor advertisement (NA) packet for the configured IP address is received on the configured SAP, when configured under the dynamic-arp ip-address context. This command can be configured in combination with the mac-list for the entry, in which case, the MAC of the ARP or NA message and the SAP on which the ARP or NA packet is received are both checked before creating the entry. | |
| Max. instances | 1 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
[sap-id] reference
| Synopsis | SAP identifier | |
| Context | configure service vpls service-name proxy-arp dynamic-arp ip-address ipv4-unicast-address sap reference | |
| Tree | sap | |
Reference | ||
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dynamic-populate boolean
| Synopsis | Populate proxy ARP entries from snooped GARP/ARP/ND messages on SAPs/SDP-bindings | |
| Context | configure service vpls service-name proxy-arp dynamic-populate boolean | |
| Tree | dynamic-populate | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
evpn
flood
gratuitous-arp boolean
| Synopsis | Flood GARP-requests/GARP-replies to the EVPN | |
| Context | configure service vpls service-name proxy-arp evpn flood gratuitous-arp boolean | |
| Tree | gratuitous-arp | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
unknown-arp-req boolean
| Synopsis | Flood ARP-requests (with source squelching) if there is no active proxy-ARP entry for requested IP | |
| Context | configure service vpls service-name proxy-arp evpn flood unknown-arp-req boolean | |
| Tree | unknown-arp-req | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
route-tag number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Route tag used on export policies to match MAC/IP routes generated by proxy-ARP or proxy-ND module | |
| Context | configure service vpls service-name proxy-arp evpn route-tag number | |
| Tree | route-tag | |
| Range | 0 | 1 to 255 | |
| Default | 0 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
flood
received-gratuitous-arp boolean
| Synopsis | Allow GARP requests or replies to flood the service | |
| Context | configure service vpls service-name proxy-arp flood received-gratuitous-arp boolean | |
| Tree | received-gratuitous-arp | |
Description | When configured to true, the system floods GARP requests and replies received on a SAP (or SDP-bind) to the service flood-list (which includes EVPN destinations and other SAPs and SDP-binds). The GARPs impacted by this command are identified by the sender IP address being equal to the target IP address and the MAC DA that is broadcast. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
received-unknown-arp-req boolean
| Synopsis | Allow unknown ARP requests to flood the service | |
| Context | configure service vpls service-name proxy-arp flood received-unknown-arp-req boolean | |
| Tree | received-unknown-arp-req | |
Description | When configured to true, the unknown ARP requests received on a SAP (or SDP-bind) are flooded to the service flood-list (which includes EVPN destinations and other SAPs and SDP-binds). By default if there is no active proxy ARP entry for the requested IP address, the system floods ARP requests, including EVPN (with source squelching). | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
process-arp-probes boolean
| Synopsis | Enable replies to DAD ARP probes | |
| Context | configure service vpls service-name proxy-arp process-arp-probes boolean | |
| Tree | process-arp-probes | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
restrict-non-configured-ip-address
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable the restrict-non-configured-ip-address context | |
| Context | configure service vpls service-name proxy-arp restrict-non-configured-ip-address | |
| Tree | restrict-non-configured-ip-address | |
Description | Commands in this context configure whether all the configured dynamic IP address entries are considered the only authorized entries in the proxy ARP or ND table. ARP or ND packets coming from a unauthorized sender IP are dropped. Therefore, unauthorized IP addresses are not learned in the proxy ARP or ND table, and ARP requests or neighbor solicitations (NS) coming from a unauthorized sender IP are not replied (unless the sponge-mac command option is configured). | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
sponge-mac mac-unicast-address-no-zero
| Synopsis | Sponge MAC used to reply to unauthorized requests | |
| Context | configure service vpls service-name proxy-arp restrict-non-configured-ip-address sponge-mac mac-unicast-address-no-zero | |
| Tree | sponge-mac | |
Description | This command configures the system to ignore ARP requests or neighbor solicitations from an unauthorized IP address. These requests are not learned in the proxy ARP or ND table (when the restrict-non-configured-ip-address command is configured), and the system replies with the configured sponge MAC address. Any IP address that is not configured as proxy ARP, ND dynamic ARP, or neighbor IP address is considered unauthorized and there is no reply. The configured sponge MAC address is not installed in the FDB or advertised in EVPN. If needed, the sponge MAC address can be configured as a static MAC in the same service in the node or a remote node. This command supersedes the operation of the restrict-non-configured-ip-address command for replies to ARP requests or neighbor solicitation:
| |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
send-refresh (number | keyword)
| Synopsis | Time at which to send a refresh message | |
| Context | configure service vpls service-name proxy-arp send-refresh (number | keyword) | |
| Tree | send-refresh | |
| Range | 120 to 86400 | |
| Options | ||
| Default | never | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
static-arp
| Synopsis | Enter the static-arp context | |
| Context | configure service vpls service-name proxy-arp static-arp | |
| Tree | static-arp | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ip-address [ipv4-address] ipv4-unicast-address
| Synopsis | Enter the ip-address list instance | |
| Context | configure service vpls service-name proxy-arp static-arp ip-address ipv4-unicast-address | |
| Tree | ip-address | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[ipv4-address] ipv4-unicast-address
| Synopsis | Proxy ARP IPv4 address | |
| Context | configure service vpls service-name proxy-arp static-arp ip-address ipv4-unicast-address | |
| Tree | ip-address | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mac mac-unicast-address-no-zero
| Synopsis | Proxy ARP MAC address for static entry | |
| Context | configure service vpls service-name proxy-arp static-arp ip-address ipv4-unicast-address mac mac-unicast-address-no-zero | |
| Tree | mac | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
table-size number
| Synopsis | Maximum number of learned and static entries allowed in the proxy table of this service | |
| Context | configure service vpls service-name proxy-arp table-size number | |
| Tree | table-size | |
| Range | 1 to 16383 | |
| Default | 250 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
proxy-nd
admin-state keyword
| Synopsis | Administrative state of the proxy | |
| Context | configure service vpls service-name proxy-nd admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
age-time (number | keyword)
duplicate-detect
| Synopsis | Enter the duplicate-detect context | |
| Context | configure service vpls service-name proxy-nd duplicate-detect | |
| Tree | duplicate-detect | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
anti-spoof-mac mac-unicast-address-no-zero
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | MAC address to replace the proxy-ARP/ND offending entry's MAC | |
| Context | configure service vpls service-name proxy-nd duplicate-detect anti-spoof-mac mac-unicast-address-no-zero | |
| Tree | anti-spoof-mac | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
hold-down-time (number | keyword)
| Synopsis | Hold down time for a duplicate entry | |
| Context | configure service vpls service-name proxy-nd duplicate-detect hold-down-time (number | keyword) | |
| Tree | hold-down-time | |
| Range | 2 to 60 | |
| Units | minutes | |
| Options | ||
| Default | 9 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
num-moves number
static-blackhole boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Consider anti-spoof MAC as black-hole static MAC in FDB | |
| Context | configure service vpls service-name proxy-nd duplicate-detect static-blackhole boolean | |
| Tree | static-blackhole | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
window number
dynamic-neighbor
| Synopsis | Enter the dynamic-neighbor context | |
| Context | configure service vpls service-name proxy-nd dynamic-neighbor | |
| Tree | dynamic-neighbor | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ip-address [ipv6-address] ipv6-address
| Synopsis | Enter the ip-address list instance | |
| Context | configure service vpls service-name proxy-nd dynamic-neighbor ip-address ipv6-address | |
| Tree | ip-address | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[ipv6-address] ipv6-address
| Synopsis | Proxy ND IPv6 address | |
| Context | configure service vpls service-name proxy-nd dynamic-neighbor ip-address ipv6-address | |
| Tree | ip-address | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mac-list reference
| Synopsis | MAC list for the dynamic entry | |
| Context | configure service vpls service-name proxy-nd dynamic-neighbor ip-address ipv6-address mac-list reference | |
| Tree | mac-list | |
Reference | configure service proxy-arp-nd mac-list list named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
resolve-retry-time number
| Synopsis | Frequency at which the resolve messages are sent | |
| Context | configure service vpls service-name proxy-nd dynamic-neighbor ip-address ipv6-address resolve-retry-time number | |
| Tree | resolve-retry-time | |
| Range | 1 to 60 | |
| Units | minutes | |
| Default | 5 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
sap [sap-id] reference
| Synopsis | Add a list entry for sap | |
| Context | configure service vpls service-name proxy-nd dynamic-neighbor ip-address ipv6-address sap reference | |
| Tree | sap | |
Description | Commands in this context configure the proxy ARP or ND entry for creation when the ARP or neighbor advertisement (NA) packet for the configured IP address is received on the configured SAP, when configured under the dynamic-arp ip-address context. This command can be configured in combination with the mac-list for the entry, in which case, the MAC of the ARP or NA message and the SAP on which the ARP or NA packet is received are both checked before creating the entry. | |
| Max. instances | 1 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
[sap-id] reference
| Synopsis | SAP identifier | |
| Context | configure service vpls service-name proxy-nd dynamic-neighbor ip-address ipv6-address sap reference | |
| Tree | sap | |
Reference | ||
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dynamic-populate boolean
| Synopsis | Populate proxy ARP entries from snooped GARP/ARP/ND messages on SAPs/SDP-bindings | |
| Context | configure service vpls service-name proxy-nd dynamic-populate boolean | |
| Tree | dynamic-populate | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
evpn
advertise-neighbor-type keyword
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Advertisement type of static or dynamic entries in EVPN | |
| Context | configure service vpls service-name proxy-nd evpn advertise-neighbor-type keyword | |
| Tree | advertise-neighbor-type | |
Description | This command enables the advertisement of static or dynamic entries that are learned as host, router, or host and router (only one option is possible in a specified service). It also determines the R flag (host or router) when sending Neighbor Advertisement (NA) messages for existing EVPN entries in the proxy-ND table. The router-host command option is only possible when the ARP/ND extended community is advertised along with the MAC/IP routes. It determines that both host and router (dynamic and static) entries are advertised in MAC/IP routes, with an indication whether the entry is host or router in the R flag. These EVPN entries are installed as host or router entries depending on the R flag of the route, and NA messages for them are sent with the proper host or router indication. | |
| Options | ||
| Default | router | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
flood
unknown-neighbor-advertise-host boolean
| Synopsis | Flood host unsolicited Neighbor Advertisement (NA) replies to EVPN | |
| Context | configure service vpls service-name proxy-nd evpn flood unknown-neighbor-advertise-host boolean | |
| Tree | unknown-neighbor-advertise-host | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
unknown-neighbor-advertise-router boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Flood router unsolicited Neighbor Advertisement (NA) replies to EVPN | |
| Context | configure service vpls service-name proxy-nd evpn flood unknown-neighbor-advertise-router boolean | |
| Tree | unknown-neighbor-advertise-router | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
unknown-neighbor-solicitation boolean
| Synopsis | Flood unsolicited Neighbor Solicitation messages (with source squelching) into EVPN network | |
| Context | configure service vpls service-name proxy-nd evpn flood unknown-neighbor-solicitation boolean | |
| Tree | unknown-neighbor-solicitation | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
route-tag number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Route tag used on export policies to match MAC/IP routes generated by proxy-ARP or proxy-ND module | |
| Context | configure service vpls service-name proxy-nd evpn route-tag number | |
| Tree | route-tag | |
| Range | 0 | 1 to 255 | |
| Default | 0 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
flood
received-unknown-neighbor-advertise-host boolean
| Synopsis | Allow unknown NA host messages to flood the service | |
| Context | configure service vpls service-name proxy-nd flood received-unknown-neighbor-advertise-host boolean | |
| Tree | received-unknown-neighbor-advertise-host | |
Description | When configured to true, the system floods received unsolicited NAs into the VPLS service (to EVPN destinations and SAPs or SDP-binds). When configured to false, the system does not flood unsolicited NAs regardless of the configure service vpls proxy-nd evpn flood unknown-neighbor-advertise-host command configuration. The NA messages impacted by this command are NA messages with the following flags: S=0 and R=0. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
received-unknown-neighbor-advertise-router boolean
| Synopsis | Allow unknown router NA host messages to flood service | |
| Context | configure service vpls service-name proxy-nd flood received-unknown-neighbor-advertise-router boolean | |
| Tree | received-unknown-neighbor-advertise-router | |
Description | When configured to true, the system floods received unsolicited router NAs into the VPLS service (to EVPN destinations and SAPs or SDP-binds). When configured to false, the system does not flood unsolicited router NAs regardless of the configure service vpls proxy-nd evpn flood unknown-neighbor-advertise-router command configuration. The NA messages impacted by this command are NA messages with the following flags: S=0 and R=1. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
received-unknown-neighbor-solicitation boolean
| Synopsis | Allow unknown NS messages to flood the service | |
| Context | configure service vpls service-name proxy-nd flood received-unknown-neighbor-solicitation boolean | |
| Tree | received-unknown-neighbor-solicitation | |
Description | When configured to true, the system floods unknown NS messages into the VPLS service (to EVPN destinations and SAPs or SDP-binds). When configured to false, the system does not flood unknown NS messages regardless of the configure service vpls proxy-nd evpn flood unknown-neighbor-solicitation command configuration. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
process-dad-neighbor-solicitations boolean
| Synopsis | Enable replies to DAD neighbor solicitations | |
| Context | configure service vpls service-name proxy-nd process-dad-neighbor-solicitations boolean | |
| Tree | process-dad-neighbor-solicitations | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
restrict-non-configured-ip-address
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable the restrict-non-configured-ip-address context | |
| Context | configure service vpls service-name proxy-nd restrict-non-configured-ip-address | |
| Tree | restrict-non-configured-ip-address | |
Description | Commands in this context configure whether all the configured dynamic IP address entries are considered the only authorized entries in the proxy ARP or ND table. ARP or ND packets coming from a unauthorized sender IP are dropped. Therefore, unauthorized IP addresses are not learned in the proxy ARP or ND table, and ARP requests or neighbor solicitations (NS) coming from a unauthorized sender IP are not replied (unless the sponge-mac command option is configured). | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
sponge-mac mac-unicast-address-no-zero
| Synopsis | Sponge MAC used to reply to unauthorized requests | |
| Context | configure service vpls service-name proxy-nd restrict-non-configured-ip-address sponge-mac mac-unicast-address-no-zero | |
| Tree | sponge-mac | |
Description | This command configures the system to ignore ARP requests or neighbor solicitations from an unauthorized IP address. These requests are not learned in the proxy ARP or ND table (when the restrict-non-configured-ip-address command is configured), and the system replies with the configured sponge MAC address. Any IP address that is not configured as proxy ARP, ND dynamic ARP, or neighbor IP address is considered unauthorized and there is no reply. The configured sponge MAC address is not installed in the FDB or advertised in EVPN. If needed, the sponge MAC address can be configured as a static MAC in the same service in the node or a remote node. This command supersedes the operation of the restrict-non-configured-ip-address command for replies to ARP requests or neighbor solicitation:
| |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
send-refresh (number | keyword)
| Synopsis | Time at which to send a refresh message | |
| Context | configure service vpls service-name proxy-nd send-refresh (number | keyword) | |
| Tree | send-refresh | |
| Range | 120 to 86400 | |
| Options | ||
| Default | never | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
static-neighbor
| Synopsis | Enter the static-neighbor context | |
| Context | configure service vpls service-name proxy-nd static-neighbor | |
| Tree | static-neighbor | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ip-address [ipv6-address] ipv6-address
| Synopsis | Enter the ip-address list instance | |
| Context | configure service vpls service-name proxy-nd static-neighbor ip-address ipv6-address | |
| Tree | ip-address | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[ipv6-address] ipv6-address
| Synopsis | Proxy ND IPv6 address | |
| Context | configure service vpls service-name proxy-nd static-neighbor ip-address ipv6-address | |
| Tree | ip-address | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mac mac-unicast-address-no-zero
| Synopsis | Proxy ARP MAC address for static entry | |
| Context | configure service vpls service-name proxy-nd static-neighbor ip-address ipv6-address mac mac-unicast-address-no-zero | |
| Tree | mac | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
type keyword
| Synopsis | Entry type | |
| Context | configure service vpls service-name proxy-nd static-neighbor ip-address ipv6-address type keyword | |
| Tree | type | |
| Options | ||
| Default | router | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
table-size number
| Synopsis | Maximum number of learned and static entries allowed in the proxy table of this service | |
| Context | configure service vpls service-name proxy-nd table-size number | |
| Tree | table-size | |
| Range | 1 to 16383 | |
| Default | 250 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
routed-vpls
| Synopsis | Enable the routed-vpls context | |
| Context | configure service vpls service-name routed-vpls | |
| Tree | routed-vpls | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
evpn-mpls-ecmp boolean
| Synopsis | Enable ECMP behavior on R-VPLS services | |
| Context | configure service vpls service-name routed-vpls evpn-mpls-ecmp boolean | |
| Tree | evpn-mpls-ecmp | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
multicast
| Synopsis | Enter the multicast context | |
| Context | configure service vpls service-name routed-vpls multicast | |
| Tree | multicast | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4
ipv6
mld-snooping
| Synopsis | Enter the mld-snooping context | |
| Context | configure service vpls service-name routed-vpls multicast ipv6 mld-snooping | |
| Tree | mld-snooping | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mrouter-port boolean
| Synopsis | Operate VPLS L3 interface as a multicast router port | |
| Context | configure service vpls service-name routed-vpls multicast ipv6 mld-snooping mrouter-port boolean | |
| Tree | mrouter-port | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
sap [sap-id] sap
[sap-id] sap
accounting-policy reference
| Synopsis | Accounting policy | |
| Context | configure service vpls service-name sap sap accounting-policy reference | |
| Tree | accounting-policy | |
Reference | configure log accounting-policy number | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the SAP | |
| Context | configure service vpls service-name sap sap admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
arp-reply-agent keyword
| Synopsis | Enable arp-reply-agent function | |
| Context | configure service vpls service-name sap sap arp-reply-agent keyword | |
| Tree | arp-reply-agent | |
| Options | ||
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
bandwidth number
bgp-vpls-mh-veid number
| Synopsis | BGP-VPLS multi-homing VE-ID | |
| Context | configure service vpls service-name sap sap bgp-vpls-mh-veid number | |
| Tree | bgp-vpls-mh-veid | |
Description | This command specifies a VE ID that is configured on SAPs that are part of an EVPN single-active Ethernet Segment. The configuration of this command allows the advertisement of L2VPN routes that indicate the state of multi-homed SAPs to the remote BGP-VPLS PEs, which can trigger a MAC flush operation on the service to avoid traffic from being blackholed when a failure occurs in the active PE. When unconfigured from the SAP, L2VPN routes are withdrawn, which causes MAC flush processing on the remote BGP-VPLS. | |
| Range | 1 to 65535 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
bpdu-translation keyword
| Synopsis | Bpdu translation on this SAP | |
| Context | configure service vpls service-name sap sap bpdu-translation keyword | |
| Tree | bpdu-translation | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
collect-stats boolean
| Synopsis | Collect accounting statistics | |
| Context | configure service vpls service-name sap sap collect-stats boolean | |
| Tree | collect-stats | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
description long-description
| Synopsis | Text description | |
| Context | configure service vpls service-name sap sap description long-description | |
| Tree | description | |
| String length | 1 to 160 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dhcp
admin-state keyword
| Synopsis | Administrative state of DHCP | |
| Context | configure service vpls service-name sap sap dhcp admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
description description
| Synopsis | Text description | |
| Context | configure service vpls service-name sap sap dhcp description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
lease-populate
| Synopsis | Enter the lease-populate context | |
| Context | configure service vpls service-name sap sap dhcp lease-populate | |
| Tree | lease-populate | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
max-leases number
| Synopsis | Maximum number of DHCPv4 leases | |
| Context | configure service vpls service-name sap sap dhcp lease-populate max-leases number | |
| Tree | max-leases | |
| Range | 0 to 131071 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
option-82
| Synopsis | Enter the option-82 context | |
| Context | configure service vpls service-name sap sap dhcp option-82 | |
| Tree | option-82 | |
Description | Commands in this context configure the processing required when the router receives a DHCP request that already has an Option 82 field in the packet. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
action keyword
circuit-id
| Synopsis | Enter the circuit-id context | |
| Context | configure service vpls service-name sap sap dhcp option-82 circuit-id | |
| Tree | circuit-id | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ascii-tuple
| Synopsis | Use the ASCII-encoded tuple for the circuit ID | |
| Context | configure service vpls service-name sap sap dhcp option-82 circuit-id ascii-tuple | |
| Tree | ascii-tuple | |
Notes | The following elements are part of a choice: ascii-tuple, hex-string, none, or vlan-ascii-tuple. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
hex-string hex-string
| Synopsis | User-defined hexadeciaml value of the option | |
| Context | configure service vpls service-name sap sap dhcp option-82 circuit-id hex-string hex-string | |
| Tree | hex-string | |
| String length | 1 to 66 | |
Notes | The following elements are part of a choice: ascii-tuple, hex-string, none, or vlan-ascii-tuple. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
none
vlan-ascii-tuple
| Synopsis | Include the VLAN ID and dot1p bits in the ASCII tuple | |
| Context | configure service vpls service-name sap sap dhcp option-82 circuit-id vlan-ascii-tuple | |
| Tree | vlan-ascii-tuple | |
Description | When configured, the router includes the VLAN ID and dot1p bits with the ASCII-tuple information. This only occurs on dot1q and QinQ-encapsulated ports. When the Option 82 bits are stripped, dot1p bits are copied to the Ethernet header of the outgoing packet. When unconfigured, the router leaves the circuit ID sub-option of the DHCP packet empty. | |
Notes | The following elements are part of a choice: ascii-tuple, hex-string, none, or vlan-ascii-tuple. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
remote-id
| Synopsis | Enter the remote-id context | |
| Context | configure service vpls service-name sap sap dhcp option-82 remote-id | |
| Tree | remote-id | |
Description | Commands in this context configure the remote IP sub-option of the DHCP packet with the identity of the remote host end (typically the DHCP client). | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ascii-string string-not-all-spaces
| Synopsis | User-defined ASCII string for the remote ID | |
| Context | configure service vpls service-name sap sap dhcp option-82 remote-id ascii-string string-not-all-spaces | |
| Tree | ascii-string | |
| String length | 1 to 32 | |
Notes | The following elements are part of a choice: ascii-string, hex-string, mac, or none. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
hex-string hex-string
| Synopsis | Option as a hexadecimal string | |
| Context | configure service vpls service-name sap sap dhcp option-82 remote-id hex-string hex-string | |
| Tree | hex-string | |
| String length | 1 to 66 | |
Notes | The following elements are part of a choice: ascii-string, hex-string, mac, or none. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mac
none
vendor-specific-option
| Synopsis | Enter the vendor-specific-option context | |
| Context | configure service vpls service-name sap sap dhcp option-82 vendor-specific-option | |
| Tree | vendor-specific-option | |
Description | Commands in this context configure the Nokia Vendor-Specific Option (VSO) of the DHCP packet. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
client-mac-address boolean
| Synopsis | Send the MAC address in the VSO | |
| Context | configure service vpls service-name sap sap dhcp option-82 vendor-specific-option client-mac-address boolean | |
| Tree | client-mac-address | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
sap-id boolean
service-id boolean
| Synopsis | Send the service ID in the Vendor Specific Option | |
| Context | configure service vpls service-name sap sap dhcp option-82 vendor-specific-option service-id boolean | |
| Tree | service-id | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
string string-not-all-spaces
system-id boolean
proxy-server
| Synopsis | Enter the proxy-server context | |
| Context | configure service vpls service-name sap sap dhcp proxy-server | |
| Tree | proxy-server | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the DHCP proxy server | |
| Context | configure service vpls service-name sap sap dhcp proxy-server admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
emulated-server ipv4-unicast-address
| Synopsis | IP address used as DHCP server address in SAP context | |
| Context | configure service vpls service-name sap sap dhcp proxy-server emulated-server ipv4-unicast-address | |
| Tree | emulated-server | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
lease-time
| Synopsis | Enter the lease-time context | |
| Context | configure service vpls service-name sap sap dhcp proxy-server lease-time | |
| Tree | lease-time | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
radius-override boolean
| Synopsis | Use lease time information provided by RADIUS server | |
| Context | configure service vpls service-name sap sap dhcp proxy-server lease-time radius-override boolean | |
| Tree | radius-override | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
value number
| Synopsis | DHCP lease time | |
| Context | configure service vpls service-name sap sap dhcp proxy-server lease-time value number | |
| Tree | value | |
| Range | 300 to 315446399 | |
| Units | seconds | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
snoop boolean
dhcp6
description description
| Synopsis | Text description | |
| Context | configure service vpls service-name sap sap dhcp6 description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ldra
interface-type keyword
| Synopsis | LDRA interface type | |
| Context | configure service vpls service-name sap sap dhcp6 ldra interface-type keyword | |
| Tree | interface-type | |
Description | This command specifies the LDRA interface type. client-facing - configure the SAP as an untrusted client-facing interface. Only DHCPv6 client messages are accepted and encapsulated in a Relay-Forward message. It is mandatory to configure an interface ID for client-facing SAPs. Relay-Forward, Relay-Reply, and DHCPv6 server messages are silently dropped when received on a client-facing SAP. network-facing - configure the SAP as a network-facing interface. Only Relay-Reply messages are accepted: the server message is extracted from the Relay-Reply message and forwarded in the VPLS. All other DHCPv6 message types are silently dropped when received on a network-facing SAP. | |
| Options | ||
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
options
interface-id
| Synopsis | Enable the interface-id context | |
| Context | configure service vpls service-name sap sap dhcp6 ldra options interface-id | |
| Tree | interface-id | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ascii-tuple
| Synopsis | Use an ASCII-encoded concatenated tuple | |
| Context | configure service vpls service-name sap sap dhcp6 ldra options interface-id ascii-tuple | |
| Tree | ascii-tuple | |
Description | This command specifies the use of the ASCII-encoded concatenated tuple, which consists of the system name, service ID, and SAP ID separated by "|". | |
Notes | The following elements are part of a mandatory choice: ascii-tuple or vlan-ascii-tuple. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
vlan-ascii-tuple
| Synopsis | Use an enhanced ASCII-encoded concatenated tuple | |
| Context | configure service vpls service-name sap sap dhcp6 ldra options interface-id vlan-ascii-tuple | |
| Tree | vlan-ascii-tuple | |
Description | This command specifies the use of the ASCII-encoded concatenated tuple enhanced with VLAN ID and dot1p bits, consisting of the system name, service ID, SAP ID, dot1p inner VLAN, and inner VLAN ID separated by "|". | |
Notes | The following elements are part of a mandatory choice: ascii-tuple or vlan-ascii-tuple. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
remote-id
mac
| Synopsis | Use the DHCPv6 client source MAC address | |
| Context | configure service vpls service-name sap sap dhcp6 ldra options remote-id mac | |
| Tree | mac | |
Description | This command sets the enterprise number field of the Relay Agent remote ID to 6527 and configures the DHCPv6 client source MAC address as six hexadecimal numbers. | |
Notes | The following elements are part of a choice: mac or string. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
string string
| Synopsis | User-defined ASCII string | |
| Context | configure service vpls service-name sap sap dhcp6 ldra options remote-id string string | |
| Tree | string | |
Description | This command sets the enterprise number field of the Relay-Agent remote ID to 6527 and configures the ASCII-encoded string. | |
| String length | 1 to 32 | |
Notes | The following elements are part of a choice: mac or string. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dist-cpu-protection reference
| Synopsis | Distributed CPU protection policy for SAP | |
| Context | configure service vpls service-name sap sap dist-cpu-protection reference | |
| Tree | dist-cpu-protection | |
Reference | configure system security dist-cpu-protection policy named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
egress
agg-rate
queue-frame-based-accounting boolean
| Synopsis | Enable frame based accounting on policers and queues | |
| Context | configure service vpls service-name sap sap egress agg-rate queue-frame-based-accounting boolean | |
| Tree | queue-frame-based-accounting | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
rate number
dest-mac-rewrite mac-unicast-address-no-zero
| Synopsis | Destination MAC overwrite for unicast | |
| Context | configure service vpls service-name sap sap egress dest-mac-rewrite mac-unicast-address-no-zero | |
| Tree | dest-mac-rewrite | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
filter
ip reference
ipv6 reference
qos
policer-control-policy
| Synopsis | Enter the policer-control-policy context | |
| Context | configure service vpls service-name sap sap egress qos policer-control-policy | |
| Tree | policer-control-policy | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
overrides
root
max-rate (number | keyword)
priority-mbs-thresholds
| Synopsis | Enter the priority-mbs-thresholds context | |
| Context | configure service vpls service-name sap sap egress qos policer-control-policy overrides root priority-mbs-thresholds | |
| Tree | priority-mbs-thresholds | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
min-thresh-separation (number | keyword)
| Synopsis | Minimum amount of separation buffer space | |
| Context | configure service vpls service-name sap sap egress qos policer-control-policy overrides root priority-mbs-thresholds min-thresh-separation (number | keyword) | |
| Tree | min-thresh-separation | |
| Range | 0 to 16777216 | |
| Units | bytes | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
priority [priority-level] number
[priority-level] number
mbs-contribution (number | keyword)
| Synopsis | Minimum amount of cumulative buffer space allowed | |
| Context | configure service vpls service-name sap sap egress qos policer-control-policy overrides root priority-mbs-thresholds priority number mbs-contribution (number | keyword) | |
| Tree | mbs-contribution | |
| Range | 0 to 16777216 | |
| Units | bytes | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
policy-name reference
| Synopsis | Policer control policy name | |
| Context | configure service vpls service-name sap sap egress qos policer-control-policy policy-name reference | |
| Tree | policy-name | |
Reference | configure qos policer-control-policy named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
qinq-mark-top-only boolean
| Synopsis | Mark top Q-tags | |
| Context | configure service vpls service-name sap sap egress qos qinq-mark-top-only boolean | |
| Tree | qinq-mark-top-only | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
sap-egress
| Synopsis | Enter the sap-egress context | |
| Context | configure service vpls service-name sap sap egress qos sap-egress | |
| Tree | sap-egress | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
overrides
queue [queue-id] reference
[queue-id] reference
adaptation-rule
| Synopsis | Enter the adaptation-rule context | |
| Context | configure service vpls service-name sap sap egress qos sap-egress overrides queue reference adaptation-rule | |
| Tree | adaptation-rule | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cir keyword
pir keyword
avg-frame-overhead decimal-number
| Synopsis | Average packet-to-frame encapsulation overhead | |
| Context | configure service vpls service-name sap sap egress qos sap-egress overrides queue reference avg-frame-overhead decimal-number | |
| Tree | avg-frame-overhead | |
Description | This command configures overrides for the average frame overhead. The overrides supersede the average frame overhead configuration under the queue. For a full description of this command, see the configure qos network-queue queue avg-frame-overhead and configure qos sap-egress queue avg-frame-overhead contexts. | |
| Range | 0.00 to 100.00 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
burst-limit (number | keyword)
| Synopsis | Explicit shaping burst size for the queue | |
| Context | configure service vpls service-name sap sap egress qos sap-egress overrides queue reference burst-limit (number | keyword) | |
| Tree | burst-limit | |
| Range | 1 to 14000000 | |
| Units | bytes | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
cbs (number | keyword)
drop-tail
low
percent-reduction-from-mbs (number | keyword)
| Synopsis | Percentage reduction from the MBS for a queue drop tail | |
| Context | configure service vpls service-name sap sap egress qos sap-egress overrides queue reference drop-tail low percent-reduction-from-mbs (number | keyword) | |
| Tree | percent-reduction-from-mbs | |
| Range | 0 to 100 | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mbs (number | keyword)
parent
cir-weight number
| Synopsis | CIR parameter that overrides parent for queue group | |
| Context | configure service vpls service-name sap sap egress qos sap-egress overrides queue reference parent cir-weight number | |
| Tree | cir-weight | |
| Range | 0 to 100 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
weight number
percent-rate
| Synopsis | Enter the percent-rate context | |
| Context | configure service vpls service-name sap sap egress qos sap-egress overrides queue reference percent-rate | |
| Tree | percent-rate | |
Notes | The following elements are part of a choice: percent-rate or rate. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cir decimal-number
pir decimal-number
rate
cir (number | keyword)
pir (number | keyword)
policy-name reference
| Synopsis | Policy ID to associate with SAP for mirrored service | |
| Context | configure service vpls service-name sap sap egress qos sap-egress policy-name reference | |
| Tree | policy-name | |
Reference | configure qos sap-egress qos-policy-name | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
port-redirect-group
| Synopsis | Enter the port-redirect-group context | |
| Context | configure service vpls service-name sap sap egress qos sap-egress port-redirect-group | |
| Tree | port-redirect-group | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
group-name reference
| Synopsis | Name of the queue group redirect list policy | |
| Context | configure service vpls service-name sap sap egress qos sap-egress port-redirect-group group-name reference | |
| Tree | group-name | |
Reference | configure qos queue-group-templates egress queue-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
instance number
| Synopsis | Instance of port queue group | |
| Context | configure service vpls service-name sap sap egress qos sap-egress port-redirect-group instance number | |
| Tree | instance | |
| Range | 1 to 65535 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
scheduler-policy
| Synopsis | Enter the scheduler-policy context | |
| Context | configure service vpls service-name sap sap egress qos scheduler-policy | |
| Tree | scheduler-policy | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
overrides
scheduler [scheduler-name] named-item
[scheduler-name] named-item
| Synopsis | Scheduler name | |
| Context | configure service vpls service-name sap sap egress qos scheduler-policy overrides scheduler named-item | |
| Tree | scheduler | |
Description | This command specifies the scheduler name which is composed of printable 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes. Each scheduler must have a unique name within the context of the scheduler policy. However, the same name can be reused in multiple scheduler policies. If the scheduler name already exists within the policy tier level, the context changes to that scheduler name for the purpose of editing the scheduler commands. If the scheduler name exists within the policy on a different tier, an error occurs and the current context does not change. If the scheduler name does not exist in this or another tier within the scheduler policy, it is assumed that an attempt is being made to create a scheduler of that name. If the provided scheduler name is invalid, a name syntax error occurs, the command does not execute, and the context is not change. | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
parent
cir-weight number
| Synopsis | Weight used at the within-CIR port priority level | |
| Context | configure service vpls service-name sap sap egress qos scheduler-policy overrides scheduler named-item parent cir-weight number | |
| Tree | cir-weight | |
| Range | 0 to 100 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
weight number
rate
cir (number | keyword)
pir (number | keyword)
policy-name reference
| Synopsis | Scheduler policy name | |
| Context | configure service vpls service-name sap sap egress qos scheduler-policy policy-name reference | |
| Tree | policy-name | |
Reference | configure qos scheduler-policy named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
etree-leaf boolean
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable etree leaf access-circuit status | |
| Context | configure service vpls service-name sap sap etree-leaf boolean | |
| Tree | etree-leaf | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
etree-root-leaf-tag
| Synopsis | Enable the etree-root-leaf-tag context | |
| Context | configure service vpls service-name sap sap etree-root-leaf-tag | |
| Tree | etree-root-leaf-tag | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
leaf number
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Leaf tag value | |
| Context | configure service vpls service-name sap sap etree-root-leaf-tag leaf number | |
| Tree | leaf | |
| Range | 1 to 4094 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
fdb
auto-learn-mac-protect boolean
| Synopsis | Enable automatic update of MAC protect list | |
| Context | configure service vpls service-name sap sap fdb auto-learn-mac-protect boolean | |
| Tree | auto-learn-mac-protect | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
auto-learn-mac-protect-exclude-list reference
| Synopsis | Referenced MAC protect exclusion list | |
| Context | configure service vpls service-name sap sap fdb auto-learn-mac-protect-exclude-list reference | |
| Tree | auto-learn-mac-protect-exclude-list | |
Description | This command references the name of a MAC protect exclusion list. Dynamically-learned MAC Source Addresses (SA) are protected if they are learned on an object with ALMP configured and no exclusion list is associated with the object, or if the MAC SA does not match any entry in an associated exclusion list. An exclusion list can be used in multiple objects of a service. If a list is empty, ALMP does not exclude any learned MAC SAs from protection on the object. | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
discard-unknown-source boolean
| Synopsis | Discard frames with unknown source | |
| Context | configure service vpls service-name sap sap fdb discard-unknown-source boolean | |
| Tree | discard-unknown-source | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
discard-unprotected-dest-mac boolean
| Synopsis | Discard packet with unprotected destination MAC address | |
| Context | configure service vpls service-name sap sap fdb discard-unprotected-dest-mac boolean | |
| Tree | discard-unprotected-dest-mac | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
limit-mac-move keyword
| Synopsis | MAC move | |
| Context | configure service vpls service-name sap sap fdb limit-mac-move keyword | |
| Tree | limit-mac-move | |
| Options | ||
| Default | blockable | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
mac-learning
| Synopsis | Enter the mac-learning context | |
| Context | configure service vpls service-name sap sap fdb mac-learning | |
| Tree | mac-learning | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
aging boolean
learning boolean
mac-pinning boolean
| Synopsis | Enable MAC address pinning on this SAP | |
| Context | configure service vpls service-name sap sap fdb mac-pinning boolean | |
| Tree | mac-pinning | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
maximum-mac-addresses number
| Synopsis | Maximum number of MAC address entries in the FDB | |
| Context | configure service vpls service-name sap sap fdb maximum-mac-addresses number | |
| Tree | maximum-mac-addresses | |
Description | This command specifies the maximum number of FDB entries for both learned and static MAC addresses for this SAP. When the configured limit is reached, no new addresses are learned from the SAP or spoke SDP until at least one FDB entry is aged out or cleared. When the configured limit is reached and the configure service pw-template fdb discard-unknown-source command is set to true for this SAP, packets with unknown source MAC addresses are discarded. If discard-unknown-source is set to false, the packets are forwarded if their destination MAC addresses are known, or flooded if their destination MAC addresses are unknown. However, if the configure service vpls fdb discard-unknown command is set to true, packets with unknown destination MAC addresses are discarded, even if the limit of FDB entries on the specific VPLS instance is not reached. When unconfigured, the SAP uses the global MAC learning limitations. | |
| Range | 1 to 511999 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
protected-src-mac-violation-action keyword
| Synopsis | Action to take whenever a relearn request for a protected MAC is received | |
| Context | configure service vpls service-name sap sap fdb protected-src-mac-violation-action keyword | |
| Tree | protected-src-mac-violation-action | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
i-vpls-mac-flush
| Synopsis | Enter the i-vpls-mac-flush context | |
| Context | configure service vpls service-name sap sap i-vpls-mac-flush | |
| Tree | i-vpls-mac-flush | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bgp-evpn
igmp-snooping
| Synopsis | Enter the igmp-snooping context | |
| Context | configure service vpls service-name sap sap igmp-snooping | |
| Tree | igmp-snooping | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
fast-leave boolean
| Synopsis | Allow IGMP fast leave processing | |
| Context | configure service vpls service-name sap sap igmp-snooping fast-leave boolean | |
| Tree | fast-leave | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
import-policy reference
| Synopsis | Import policy that filters IGMP packets | |
| Context | configure service vpls service-name sap sap igmp-snooping import-policy reference | |
| Tree | import-policy | |
Reference | configure policy-options policy-statement named-item-64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
maximum-number-group-sources number
| Synopsis | Maximum group source combinations | |
| Context | configure service vpls service-name sap sap igmp-snooping maximum-number-group-sources number | |
| Tree | maximum-number-group-sources | |
| Range | 1 to 32000 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
maximum-number-groups number
| Synopsis | Maximum groups allowed | |
| Context | configure service vpls service-name sap sap igmp-snooping maximum-number-groups number | |
| Tree | maximum-number-groups | |
| Range | 1 to 16000 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
maximum-number-sources number
| Synopsis | Maximum sources that are allowed per group | |
| Context | configure service vpls service-name sap sap igmp-snooping maximum-number-sources number | |
| Tree | maximum-number-sources | |
| Range | 1 to 1000 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
mrouter-port boolean
| Synopsis | Operate port as a multicast router port | |
| Context | configure service vpls service-name sap sap igmp-snooping mrouter-port boolean | |
| Tree | mrouter-port | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
query-interval number
| Synopsis | Time between two consecutive host-query messages | |
| Context | configure service vpls service-name sap sap igmp-snooping query-interval number | |
| Tree | query-interval | |
| Range | 2 to 1024 | |
| Units | seconds | |
| Default | 125 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
query-last-member-interval number
| Synopsis | Time between group-specific query messages | |
| Context | configure service vpls service-name sap sap igmp-snooping query-last-member-interval number | |
| Tree | query-last-member-interval | |
| Range | 1 to 50 | |
| Units | deciseconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
query-response-interval number
| Synopsis | Time to wait for a response to the host-query messages | |
| Context | configure service vpls service-name sap sap igmp-snooping query-response-interval number | |
| Tree | query-response-interval | |
| Range | 1 to 1023 | |
| Units | seconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
robust-count number
| Synopsis | Number of retries after expected message loss | |
| Context | configure service vpls service-name sap sap igmp-snooping robust-count number | |
| Tree | robust-count | |
| Range | 2 to 7 | |
| Default | 2 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
router-alert-check boolean
| Synopsis | Enable IP router alert check option | |
| Context | configure service vpls service-name sap sap igmp-snooping router-alert-check boolean | |
| Tree | router-alert-check | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
send-queries boolean
| Synopsis | Generate IGMP general queries | |
| Context | configure service vpls service-name sap sap igmp-snooping send-queries boolean | |
| Tree | send-queries | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
static
group [group-address] ipv4-multicast-address
[group-address] ipv4-multicast-address
| Synopsis | Group address of static IGMP multicast channel | |
| Context | configure service vpls service-name sap sap igmp-snooping static group ipv4-multicast-address | |
| Tree | group | |
Description | This command configures an address that receives data on an interface. The IP address must be unique for each static group. | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
source [source-address] ipv4-unicast-address
[source-address] ipv4-unicast-address
starg
version keyword
ingress
filter
ip reference
ipv6 reference
qos
match-qinq-dot1p keyword
| Synopsis | Ingress match QinQ Dot1p | |
| Context | configure service vpls service-name sap sap ingress qos match-qinq-dot1p keyword | |
| Tree | match-qinq-dot1p | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
policer-control-policy
| Synopsis | Enter the policer-control-policy context | |
| Context | configure service vpls service-name sap sap ingress qos policer-control-policy | |
| Tree | policer-control-policy | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
overrides
root
max-rate (number | keyword)
priority-mbs-thresholds
| Synopsis | Enter the priority-mbs-thresholds context | |
| Context | configure service vpls service-name sap sap ingress qos policer-control-policy overrides root priority-mbs-thresholds | |
| Tree | priority-mbs-thresholds | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
min-thresh-separation (number | keyword)
| Synopsis | Minimum amount of separation buffer space | |
| Context | configure service vpls service-name sap sap ingress qos policer-control-policy overrides root priority-mbs-thresholds min-thresh-separation (number | keyword) | |
| Tree | min-thresh-separation | |
| Range | 0 to 16777216 | |
| Units | bytes | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
priority [priority-level] number
[priority-level] number
mbs-contribution (number | keyword)
| Synopsis | Minimum amount of cumulative buffer space allowed | |
| Context | configure service vpls service-name sap sap ingress qos policer-control-policy overrides root priority-mbs-thresholds priority number mbs-contribution (number | keyword) | |
| Tree | mbs-contribution | |
| Range | 0 to 16777216 | |
| Units | bytes | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
policy-name reference
| Synopsis | Policer control policy name | |
| Context | configure service vpls service-name sap sap ingress qos policer-control-policy policy-name reference | |
| Tree | policy-name | |
Reference | configure qos policer-control-policy named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
sap-ingress
| Synopsis | Enter the sap-ingress context | |
| Context | configure service vpls service-name sap sap ingress qos sap-ingress | |
| Tree | sap-ingress | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
fp-redirect-group
| Synopsis | Enter the fp-redirect-group context | |
| Context | configure service vpls service-name sap sap ingress qos sap-ingress fp-redirect-group | |
| Tree | fp-redirect-group | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
group-name reference
| Synopsis | Queue group template name created on forwarding plane | |
| Context | configure service vpls service-name sap sap ingress qos sap-ingress fp-redirect-group group-name reference | |
| Tree | group-name | |
Reference | configure qos queue-group-templates ingress queue-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
instance number
| Synopsis | Queue group instance | |
| Context | configure service vpls service-name sap sap ingress qos sap-ingress fp-redirect-group instance number | |
| Tree | instance | |
| Range | 1 to 65535 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
overrides
policer [policer-id] reference
[policer-id] reference
cbs (number | keyword)
mbs (number | keyword)
packet-byte-offset number
| Synopsis | Packet size modification for policing information | |
| Context | configure service vpls service-name sap sap ingress qos sap-ingress overrides policer reference packet-byte-offset number | |
| Tree | packet-byte-offset | |
| Range | -32 to 31 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
percent-rate
| Synopsis | Enter the percent-rate context | |
| Context | configure service vpls service-name sap sap ingress qos sap-ingress overrides policer reference percent-rate | |
| Tree | percent-rate | |
Notes | The following elements are part of a choice: percent-rate or rate. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cir decimal-number
pir decimal-number
rate
cir (number | keyword)
pir (number | keyword)
stat-mode keyword
queue [queue-id] reference
[queue-id] reference
adaptation-rule
| Synopsis | Enter the adaptation-rule context | |
| Context | configure service vpls service-name sap sap ingress qos sap-ingress overrides queue reference adaptation-rule | |
| Tree | adaptation-rule | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cir keyword
pir keyword
cbs (number | keyword)
drop-tail
low
percent-reduction-from-mbs (number | keyword)
| Synopsis | Percentage reduction from the MBS for a queue drop tail | |
| Context | configure service vpls service-name sap sap ingress qos sap-ingress overrides queue reference drop-tail low percent-reduction-from-mbs (number | keyword) | |
| Tree | percent-reduction-from-mbs | |
| Range | 0 to 100 | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mbs (number | keyword)
parent
cir-weight number
| Synopsis | CIR parameter that overrides parent for queue group | |
| Context | configure service vpls service-name sap sap ingress qos sap-ingress overrides queue reference parent cir-weight number | |
| Tree | cir-weight | |
| Range | 0 to 100 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
weight number
percent-rate
| Synopsis | Enter the percent-rate context | |
| Context | configure service vpls service-name sap sap ingress qos sap-ingress overrides queue reference percent-rate | |
| Tree | percent-rate | |
Notes | The following elements are part of a choice: percent-rate or rate. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cir decimal-number
pir decimal-number
rate
cir (number | keyword)
pir (number | keyword)
policy-name reference
| Synopsis | Policy ID | |
| Context | configure service vpls service-name sap sap ingress qos sap-ingress policy-name reference | |
| Tree | policy-name | |
Reference | configure qos sap-ingress qos-policy-name | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
scheduler-policy
| Synopsis | Enter the scheduler-policy context | |
| Context | configure service vpls service-name sap sap ingress qos scheduler-policy | |
| Tree | scheduler-policy | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
overrides
scheduler [scheduler-name] named-item
[scheduler-name] named-item
| Synopsis | Scheduler name | |
| Context | configure service vpls service-name sap sap ingress qos scheduler-policy overrides scheduler named-item | |
| Tree | scheduler | |
Description | This command specifies the scheduler name which is composed of printable 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes. Each scheduler must have a unique name within the context of the scheduler policy. However, the same name can be reused in multiple scheduler policies. If the scheduler name already exists within the policy tier level, the context changes to that scheduler name for the purpose of editing the scheduler commands. If the scheduler name exists within the policy on a different tier, an error occurs and the current context does not change. If the scheduler name does not exist in this or another tier within the scheduler policy, it is assumed that an attempt is being made to create a scheduler of that name. If the provided scheduler name is invalid, a name syntax error occurs, the command does not execute, and the context is not change. | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
parent
cir-weight number
| Synopsis | Weight used at the within-CIR port priority level | |
| Context | configure service vpls service-name sap sap ingress qos scheduler-policy overrides scheduler named-item parent cir-weight number | |
| Tree | cir-weight | |
| Range | 0 to 100 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
weight number
rate
cir (number | keyword)
pir (number | keyword)
policy-name reference
| Synopsis | Scheduler policy name | |
| Context | configure service vpls service-name sap sap ingress qos scheduler-policy policy-name reference | |
| Tree | policy-name | |
Reference | configure qos scheduler-policy named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
l2pt
force-boundary
| Synopsis | Enable the force-boundary context | |
| Context | configure service vpls service-name sap sap l2pt force-boundary | |
| Tree | force-boundary | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
protocols
cdp boolean
dtp boolean
pagp boolean
stp boolean
udld boolean
vtp boolean
termination
| Synopsis | Enable the termination context | |
| Context | configure service vpls service-name sap sap l2pt termination | |
| Tree | termination | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
protocols
cdp boolean
dtp boolean
pagp boolean
stp boolean
udld boolean
vtp boolean
lag
managed-vlan-list
| Synopsis | Enter the managed-vlan-list context | |
| Context | configure service vpls service-name sap sap managed-vlan-list | |
| Tree | managed-vlan-list | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
range [vlan-range] string
[vlan-range] string
mc-ring
ring-node named-item
mld-snooping
| Synopsis | Enter the mld-snooping context | |
| Context | configure service vpls service-name sap sap mld-snooping | |
| Tree | mld-snooping | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
fast-leave boolean
| Synopsis | Allow IGMP fast leave processing | |
| Context | configure service vpls service-name sap sap mld-snooping fast-leave boolean | |
| Tree | fast-leave | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
import-policy reference
| Synopsis | Import policy that filters IGMP packets | |
| Context | configure service vpls service-name sap sap mld-snooping import-policy reference | |
| Tree | import-policy | |
Reference | configure policy-options policy-statement named-item-64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
maximum-number-groups number
| Synopsis | Maximum groups allowed | |
| Context | configure service vpls service-name sap sap mld-snooping maximum-number-groups number | |
| Tree | maximum-number-groups | |
| Range | 1 to 16000 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
mrouter-port boolean
| Synopsis | Operate port as a multicast router port | |
| Context | configure service vpls service-name sap sap mld-snooping mrouter-port boolean | |
| Tree | mrouter-port | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
query-interval number
| Synopsis | Time between two consecutive host-query messages | |
| Context | configure service vpls service-name sap sap mld-snooping query-interval number | |
| Tree | query-interval | |
| Range | 2 to 1024 | |
| Units | seconds | |
| Default | 125 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
query-last-member-interval number
| Synopsis | Time between group-specific query messages | |
| Context | configure service vpls service-name sap sap mld-snooping query-last-member-interval number | |
| Tree | query-last-member-interval | |
| Range | 1 to 50 | |
| Units | deciseconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
query-response-interval number
| Synopsis | Time to wait for a response to the host-query messages | |
| Context | configure service vpls service-name sap sap mld-snooping query-response-interval number | |
| Tree | query-response-interval | |
| Range | 1 to 1023 | |
| Units | seconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
robust-count number
| Synopsis | Number of retries after expected message loss | |
| Context | configure service vpls service-name sap sap mld-snooping robust-count number | |
| Tree | robust-count | |
| Range | 2 to 7 | |
| Default | 2 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
router-alert-check boolean
| Synopsis | Enable IP router alert check option | |
| Context | configure service vpls service-name sap sap mld-snooping router-alert-check boolean | |
| Tree | router-alert-check | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
send-queries boolean
| Synopsis | Generate IGMP general queries | |
| Context | configure service vpls service-name sap sap mld-snooping send-queries boolean | |
| Tree | send-queries | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
static
group [group-address] ipv6-multicast-address
[group-address] ipv6-multicast-address
source [source-address] ipv6-unicast-address
[source-address] ipv6-unicast-address
starg
version keyword
monitor-oper-group reference
| Synopsis | Monitor operational group | |
| Context | configure service vpls service-name sap sap monitor-oper-group reference | |
| Tree | monitor-oper-group | |
Reference | configure service oper-group named-item | |
Notes | The following elements are part of a choice: monitor-oper-group or oper-group. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
multi-service-site reference
| Synopsis | Multi service site name | |
| Context | configure service vpls service-name sap sap multi-service-site reference | |
| Tree | multi-service-site | |
Reference | configure service customer customer-name multi-service-site named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
oper-group reference
| Synopsis | Operational group | |
| Context | configure service vpls service-name sap sap oper-group reference | |
| Tree | oper-group | |
Reference | configure service oper-group named-item | |
Notes | The following elements are part of a choice: monitor-oper-group or oper-group. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
process-cpm-traffic-on-sap-down boolean
| Synopsis | Process CPM traffic on SAP down event | |
| Context | configure service vpls service-name sap sap process-cpm-traffic-on-sap-down boolean | |
| Tree | process-cpm-traffic-on-sap-down | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
split-horizon-group reference
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Split horizon group | |
| Context | configure service vpls service-name sap sap split-horizon-group reference | |
| Tree | split-horizon-group | |
Reference | configure service vpls service-name split-horizon-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
stp
admin-state keyword
| Synopsis | Administrative state of STP | |
| Context | configure service vpls service-name sap sap stp admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
auto-edge boolean
| Synopsis | Enable automatic detection of edge port characteristics | |
| Context | configure service vpls service-name sap sap stp auto-edge boolean | |
| Tree | auto-edge | |
Description | When configured to true, the router automatically detects the edge port characteristics of the SAP or spoke SDP. The STP concludes there is no bridge behind the spoke SDP, the OPER_EDGE variable is dynamically set to true. If a BPDU is received, the OPER_EDGE variable is dynamically set to false. When configured to false, the router disables automatic detection. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
edge-port boolean
link-type keyword
mst-instance [mst-inst-number] number
| Synopsis | Enter the mst-instance list instance | |
| Context | configure service vpls service-name sap sap stp mst-instance number | |
| Tree | mst-instance | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[mst-inst-number] number
| Synopsis | Multiple Spanning Tree Instance number | |
| Context | configure service vpls service-name sap sap stp mst-instance number | |
| Tree | mst-instance | |
| Range | 1 to 4094 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mst-path-cost number
| Synopsis | MSTI path cost | |
| Context | configure service vpls service-name sap sap stp mst-instance number mst-path-cost number | |
| Tree | mst-path-cost | |
| Range | 1 to 200000000 | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
mst-port-priority number
| Synopsis | MSTI port priority | |
| Context | configure service vpls service-name sap sap stp mst-instance number mst-port-priority number | |
| Tree | mst-port-priority | |
| Range | 0 | 16 | 32 | 48 | 64 | 80 | 96 | 112 | 128 | 144 | 160 | 176 | 192 | 208 | 224 | 240 | |
| Default | 128 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
path-cost number
port-num number
priority number
root-guard boolean
| Synopsis | Enable/disable STP root-guard | |
| Context | configure service vpls service-name sap sap stp root-guard boolean | |
| Tree | root-guard | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
service-id number
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Service ID | |
| Context | configure service vpls service-name service-id number | |
| Tree | service-id | |
| Range | 1 to 2147483647 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
service-mtu number
| Synopsis | MTU size | |
| Context | configure service vpls service-name service-mtu number | |
| Tree | service-mtu | |
Description | This command configures the Maximum Transmission Unit (MTU) value (payload) for the service. The system uses the value to validate the operational state of the SAP and SDP binding within the service. The value overrides the default MTU for the service type. The service MTU and a SAP’s service delineation encapsulation overhead (4 bytes for a dot1q tag) are used to derive the required MTU of the physical port or channel on which the SAP was created. If the required payload is larger than the port or channel MTU, the SAP is placed in an inoperative state. If the required MTU is equal to or less than the port or channel MTU, the SAP transitions to the operative state. When binding an SDP to a service, the service MTU is compared to the path MTU associated with the SDP. The path MTU can be administratively defined in the context of the SDP. The default or administrative path MTU can be dynamically reduced due to the MTU capabilities discovered by the tunneling mechanism of the SDP or the egress interface MTU capabilities based on the next hop in the tunnel path. If the service MTU is larger than the path MTU, the SDP binding for the service is placed in an inoperative state. If the service MTU is equal to or less than the path MTU, the SDP binding is placed in an operational state. If a service MTU, port or channel MTU, or path MTU is dynamically or administratively modified, all associated SAP and SDP binding operational states are automatically reevaluated. Binding operational states are automatically reevaluated. For I-VPLS and Epipes bound to a B-VPLS, the service MTU must be at least 18 bytes smaller than the B-VPLS service MTU to accommodate the PBB header. Because this connects a Layer 2 to a Layer 3 service, adjust the service MTU under the Epipe service. The MTU that is advertised from the Epipe side is service MTU minus EtherHeaderSize. In the configure service epipe spoke-sdp context, the adv-service-mtu command can be used to override the configured MTU value used in T-LDP signaling to the far-end of an Epipe spoke-sdp. The adv-service-mtu command is also used to validate the value signaled by the far-end PE. | |
| Range | 1 to 9782 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
split-horizon-group [shg-name] named-item
| Synopsis | Enter the split-horizon-group list instance | |
| Context | configure service vpls service-name split-horizon-group named-item | |
| Tree | split-horizon-group | |
Description | Commands in this context configure the split-horizon group options used in the VPLS instance. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[shg-name] named-item
| Synopsis | SHG name to which the SDP belongs | |
| Context | configure service vpls service-name split-horizon-group named-item | |
| Tree | split-horizon-group | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
description description
| Synopsis | Text description | |
| Context | configure service vpls service-name split-horizon-group named-item description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
fdb
| Synopsis | Enter the fdb context | |
| Context | configure service vpls service-name split-horizon-group named-item fdb | |
| Tree | fdb | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
saps
auto-learn-mac-protect boolean
| Synopsis | Populate automatically MAC protect list with MAC addresses learned on SDP with split horizon group | |
| Context | configure service vpls service-name split-horizon-group named-item fdb saps auto-learn-mac-protect boolean | |
| Tree | auto-learn-mac-protect | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
auto-learn-mac-protect-exclude-list reference
| Synopsis | Referenced MAC protect exclusion list name | |
| Context | configure service vpls service-name split-horizon-group named-item fdb saps auto-learn-mac-protect-exclude-list reference | |
| Tree | auto-learn-mac-protect-exclude-list | |
Description | This command references the name of a MAC protect exclusion list. Dynamically-learned MAC Source Addresses (SA) are protected if they are learned on an object with ALMP configured and no exclusion list is associated with the object, or if the MAC SA does not match any entry in an associated exclusion list. An exclusion list can be used in multiple objects of a service. If a list is empty, ALMP does not exclude any learned MAC SAs from protection on the object. | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
discard-unprotected-dest-mac boolean
| Synopsis | Discard packet with unprotected destination MAC address | |
| Context | configure service vpls service-name split-horizon-group named-item fdb saps discard-unprotected-dest-mac boolean | |
| Tree | discard-unprotected-dest-mac | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
protected-src-mac-violation-action keyword
| Synopsis | Action to take whenever a relearn request for a protected MAC is received | |
| Context | configure service vpls service-name split-horizon-group named-item fdb saps protected-src-mac-violation-action keyword | |
| Tree | protected-src-mac-violation-action | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
residential boolean
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Define as a residential split horizon group | |
| Context | configure service vpls service-name split-horizon-group named-item residential boolean | |
| Tree | residential | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
spoke-sdp [sdp-bind-id] sdp-bind-id
[sdp-bind-id] sdp-bind-id
accounting-policy reference
| Synopsis | Policy to collect accounting statistics | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id accounting-policy reference | |
| Tree | accounting-policy | |
Reference | configure log accounting-policy number | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the SDP binding to the service | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
adv-service-mtu number
| Synopsis | Advertise service MTU value | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id adv-service-mtu number | |
| Tree | adv-service-mtu | |
Description | This command configures the MTU value that is signaled in the targeted LDP for the spoke-SDP. The router uses the value for signaling and for validation with the received MTU instead of the service MTU. However, the value does not affect the locally enforced value, which is still based on the service MTU. This command cannot be configured on a spoke-SDP that is bound to an SDP with the adv-mtu-override command. | |
| Range | 0 to 9782 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
block-on-mesh-failure boolean
| Synopsis | Enable blocking after all SDPs are operationally down | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id block-on-mesh-failure boolean | |
| Tree | block-on-mesh-failure | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
bpdu-translation keyword
| Synopsis | BPDU format | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id bpdu-translation keyword | |
| Tree | bpdu-translation | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
collect-stats boolean
| Synopsis | Allow agent to collect accounting statistics | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id collect-stats boolean | |
| Tree | collect-stats | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
control-word boolean
| Synopsis | Use the control word as preferred | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id control-word boolean | |
| Tree | control-word | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
description description
| Synopsis | Text description | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dhcp
description description
| Synopsis | Text description | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id dhcp description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
snoop boolean
egress
filter
ip reference
ipv6 reference
mfib-allowed-mda-destinations
| Synopsis | Enter the mfib-allowed-mda-destinations context | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id egress mfib-allowed-mda-destinations | |
| Tree | mfib-allowed-mda-destinations | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mda [mda-id] slot-mda
[mda-id] slot-mda
qos
network
policy-name reference
| Synopsis | Network policy ID | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id egress qos network policy-name reference | |
| Tree | policy-name | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
port-redirect-group
| Synopsis | Enter the port-redirect-group context | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id egress qos network port-redirect-group | |
| Tree | port-redirect-group | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
group-name reference
| Synopsis | Name of the egress port queue group | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id egress qos network port-redirect-group group-name reference | |
| Tree | group-name | |
Reference | configure qos queue-group-templates egress queue-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
instance number
vc-label number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Egress MPLS VC label to send packets to the far end | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id egress vc-label number | |
| Tree | vc-label | |
| Range | 16 to 1048575 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
endpoint
name reference
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Name of service endpoint to which SDP bind is attached | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id endpoint name reference | |
| Tree | name | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
precedence (number | keyword)
| Synopsis | Precedence of this SDP bind when there are multiple SDP binds attached to one service endpoint | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id endpoint precedence (number | keyword) | |
| Tree | precedence | |
| Range | 1 to 4 | |
| Options | ||
| Default | 4 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
etree-leaf boolean
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable etree leaf access-circuit status | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id etree-leaf boolean | |
| Tree | etree-leaf | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
etree-root-leaf-tag boolean
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | E-tree root leaf tag status | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id etree-root-leaf-tag boolean | |
| Tree | etree-root-leaf-tag | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
fdb
auto-learn-mac-protect boolean
| Synopsis | Populate automatically MAC protect list with source MAC addresses learned on SDP | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id fdb auto-learn-mac-protect boolean | |
| Tree | auto-learn-mac-protect | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
auto-learn-mac-protect-exclude-list reference
| Synopsis | Referenced MAC protect exclusion list name | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id fdb auto-learn-mac-protect-exclude-list reference | |
| Tree | auto-learn-mac-protect-exclude-list | |
Description | This command references the name of a MAC protect exclusion list. Dynamically-learned MAC Source Addresses (SA) are protected if they are learned on an object with ALMP configured and no exclusion list is associated with the object, or if the MAC SA does not match any entry in an associated exclusion list. An exclusion list can be used in multiple objects of a service. If a list is empty, ALMP does not exclude any learned MAC SAs from protection on the object. | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
discard-unknown-source boolean
| Synopsis | Discard packets with unknown destination MAC addresses | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id fdb discard-unknown-source boolean | |
| Tree | discard-unknown-source | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
limit-mac-move keyword
| Synopsis | MAC move | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id fdb limit-mac-move keyword | |
| Tree | limit-mac-move | |
| Options | ||
| Default | blockable | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
mac-learning
| Synopsis | Enter the mac-learning context | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id fdb mac-learning | |
| Tree | mac-learning | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
aging boolean
learning boolean
mac-pinning boolean
| Synopsis | MAC address pinning in active status | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id fdb mac-pinning boolean | |
| Tree | mac-pinning | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
maximum-mac-addresses number
| Synopsis | Maximum number of MAC address entries in the FDB | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id fdb maximum-mac-addresses number | |
| Tree | maximum-mac-addresses | |
Description | This command specifies the maximum number of FDB entries for both learned and static MAC addresses for this spoke SDP. When the configured limit is reached, no new addresses are learned from the SAP or spoke SDP until at least one FDB entry is aged out or cleared. When the configured limit is reached and the configure service spoke-sdp fdb discard-unknown-source command is set to true for this spoke SDP, packets with unknown source MAC addresses are discarded. If discard-unknown-source is set to false, the packets are forwarded if their destination MAC addresses are known, or flooded if their destination MAC addresses are unknown. However, if the configure service vpls fdb discard-unknown command is set to true, packets with unknown destination MAC addresses are discarded, even if the limit of FDB entries on the specific VPLS instance is not reached. When unconfigured, the spoke SDP uses the global MAC learning limitations. | |
| Range | 1 to 511999 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
protected-src-mac-violation-action keyword
| Synopsis | Action when a relearn request for a protected MAC is received on the SDP | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id fdb protected-src-mac-violation-action keyword | |
| Tree | protected-src-mac-violation-action | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
force-vc-forwarding keyword
| Synopsis | VC forwarding action | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id force-vc-forwarding keyword | |
| Tree | force-vc-forwarding | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
hash-label
| Synopsis | Enable the hash-label context | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id hash-label | |
| Tree | hash-label | |
Description | Commands in this context configure the use of hash labels for egress datapaths. For information about hash-label handling, see the "Hash label" section of the 7705 SAR Gen 2 MPLS Guide. | |
Notes | The following elements are part of a choice: entropy-label or hash-label. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
signal-capability
| Synopsis | Signal hash label capability to the remote PE | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id hash-label signal-capability | |
| Tree | signal-capability | |
Description | When configured, this command enables the signaling and negotiating of the hash label between the local and remote PE nodes. The signaling process outcome determines whether the local PE inserts the hash label on the user packets. This outcome can override the local PE configuration. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
igmp-snooping
| Synopsis | Enter the igmp-snooping context | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id igmp-snooping | |
| Tree | igmp-snooping | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
fast-leave boolean
| Synopsis | Allow IGMP fast leave processing | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id igmp-snooping fast-leave boolean | |
| Tree | fast-leave | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
import-policy reference
| Synopsis | Import policy that filters IGMP packets | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id igmp-snooping import-policy reference | |
| Tree | import-policy | |
Reference | configure policy-options policy-statement named-item-64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
maximum-number-group-sources number
| Synopsis | Maximum group source combinations | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id igmp-snooping maximum-number-group-sources number | |
| Tree | maximum-number-group-sources | |
| Range | 1 to 32000 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
maximum-number-groups number
| Synopsis | Maximum groups allowed | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id igmp-snooping maximum-number-groups number | |
| Tree | maximum-number-groups | |
| Range | 1 to 16000 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
maximum-number-sources number
| Synopsis | Maximum sources that are allowed per group | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id igmp-snooping maximum-number-sources number | |
| Tree | maximum-number-sources | |
| Range | 1 to 1000 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
mrouter-port boolean
| Synopsis | Operate port as a multicast router port | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id igmp-snooping mrouter-port boolean | |
| Tree | mrouter-port | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
query-interval number
| Synopsis | Time between two consecutive host-query messages | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id igmp-snooping query-interval number | |
| Tree | query-interval | |
| Range | 2 to 1024 | |
| Units | seconds | |
| Default | 125 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
query-last-member-interval number
| Synopsis | Time between group-specific query messages | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id igmp-snooping query-last-member-interval number | |
| Tree | query-last-member-interval | |
| Range | 1 to 50 | |
| Units | deciseconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
query-response-interval number
| Synopsis | Time to wait for a response to the host-query messages | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id igmp-snooping query-response-interval number | |
| Tree | query-response-interval | |
| Range | 1 to 1023 | |
| Units | seconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
robust-count number
| Synopsis | Number of retries after expected message loss | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id igmp-snooping robust-count number | |
| Tree | robust-count | |
| Range | 2 to 7 | |
| Default | 2 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
router-alert-check boolean
| Synopsis | Enable IP router alert check option | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id igmp-snooping router-alert-check boolean | |
| Tree | router-alert-check | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
send-queries boolean
| Synopsis | Generate IGMP general queries | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id igmp-snooping send-queries boolean | |
| Tree | send-queries | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
static
group [group-address] ipv4-multicast-address
[group-address] ipv4-multicast-address
| Synopsis | Group address of static IGMP multicast channel | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id igmp-snooping static group ipv4-multicast-address | |
| Tree | group | |
Description | This command configures an address that receives data on an interface. The IP address must be unique for each static group. | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
source [source-address] ipv4-unicast-address
| Synopsis | Add a list entry for source | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id igmp-snooping static group ipv4-multicast-address source ipv4-unicast-address | |
| Tree | source | |
Notes | The following elements are part of a mandatory choice: source or starg. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[source-address] ipv4-unicast-address
starg
version keyword
ignore-standby-signaling boolean
| Synopsis | Ignore standby-bit received from TLDP peers when performing internal tasks | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id ignore-standby-signaling boolean | |
| Tree | ignore-standby-signaling | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ingress
filter
ip reference
ipv6 reference
qos
network
fp-redirect-group
| Synopsis | Enter the fp-redirect-group context | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id ingress qos network fp-redirect-group | |
| Tree | fp-redirect-group | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
group-name reference
| Synopsis | Name of the forwarding plane queue group template | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id ingress qos network fp-redirect-group group-name reference | |
| Tree | group-name | |
Reference | configure qos queue-group-templates ingress queue-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
instance number
policy-name reference
| Synopsis | Network policy ID | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id ingress qos network policy-name reference | |
| Tree | policy-name | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
vc-label number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Ingress MPLS VC label to send packets to the far end | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id ingress vc-label number | |
| Tree | vc-label | |
| Range | 1 to 1048575 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
l2pt
termination
| Synopsis | Enable the termination context | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id l2pt termination | |
| Tree | termination | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
protocols
cdp boolean
dtp boolean
pagp boolean
stp boolean
udld boolean
vtp boolean
mld-snooping
| Synopsis | Enter the mld-snooping context | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id mld-snooping | |
| Tree | mld-snooping | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
fast-leave boolean
| Synopsis | Allow IGMP fast leave processing | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id mld-snooping fast-leave boolean | |
| Tree | fast-leave | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
import-policy reference
| Synopsis | Import policy that filters IGMP packets | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id mld-snooping import-policy reference | |
| Tree | import-policy | |
Reference | configure policy-options policy-statement named-item-64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
maximum-number-groups number
| Synopsis | Maximum groups allowed | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id mld-snooping maximum-number-groups number | |
| Tree | maximum-number-groups | |
| Range | 1 to 16000 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
mrouter-port boolean
| Synopsis | Operate port as a multicast router port | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id mld-snooping mrouter-port boolean | |
| Tree | mrouter-port | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
query-interval number
| Synopsis | Time between two consecutive host-query messages | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id mld-snooping query-interval number | |
| Tree | query-interval | |
| Range | 2 to 1024 | |
| Units | seconds | |
| Default | 125 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
query-last-member-interval number
| Synopsis | Time between group-specific query messages | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id mld-snooping query-last-member-interval number | |
| Tree | query-last-member-interval | |
| Range | 1 to 50 | |
| Units | deciseconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
query-response-interval number
| Synopsis | Time to wait for a response to the host-query messages | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id mld-snooping query-response-interval number | |
| Tree | query-response-interval | |
| Range | 1 to 1023 | |
| Units | seconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
robust-count number
| Synopsis | Number of retries after expected message loss | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id mld-snooping robust-count number | |
| Tree | robust-count | |
| Range | 2 to 7 | |
| Default | 2 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
router-alert-check boolean
| Synopsis | Enable IP router alert check option | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id mld-snooping router-alert-check boolean | |
| Tree | router-alert-check | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
send-queries boolean
| Synopsis | Generate IGMP general queries | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id mld-snooping send-queries boolean | |
| Tree | send-queries | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
static
group [group-address] ipv6-multicast-address
[group-address] ipv6-multicast-address
source [source-address] ipv6-unicast-address
| Synopsis | Add a list entry for source | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id mld-snooping static group ipv6-multicast-address source ipv6-unicast-address | |
| Tree | source | |
Notes | The following elements are part of a mandatory choice: source or starg. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[source-address] ipv6-unicast-address
starg
version keyword
monitor-oper-group reference
| Synopsis | Operational group that affects state of the SDP bind | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id monitor-oper-group reference | |
| Tree | monitor-oper-group | |
Reference | configure service oper-group named-item | |
Notes | The following elements are part of a choice: monitor-oper-group or oper-group. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
oper-group reference
| Synopsis | Operational group identifier | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id oper-group reference | |
| Tree | oper-group | |
Reference | configure service oper-group named-item | |
Notes | The following elements are part of a choice: monitor-oper-group or oper-group. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
pw-status
signaling boolean
split-horizon-group reference
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Name of the split horizon group where the spoke SDP bind belongs to | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id split-horizon-group reference | |
| Tree | split-horizon-group | |
Reference | configure service vpls service-name split-horizon-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
stp
admin-state keyword
| Synopsis | Administrative state of STP | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id stp admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
auto-edge boolean
| Synopsis | Enable automatic detection of edge port characteristics | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id stp auto-edge boolean | |
| Tree | auto-edge | |
Description | When configured to true, the router automatically detects the edge port characteristics of the SAP or spoke SDP. The STP concludes there is no bridge behind the spoke SDP, the OPER_EDGE variable is dynamically set to true. If a BPDU is received, the OPER_EDGE variable is dynamically set to false. When configured to false, the router disables automatic detection. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
edge-port boolean
link-type keyword
path-cost number
port-num number
priority number
root-guard boolean
| Synopsis | Enable/disable STP root-guard | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id stp root-guard boolean | |
| Tree | root-guard | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
vc-type keyword
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Type of virtual circuit (VC) associated with the SDP binding; VPLS not supported | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id vc-type keyword | |
| Tree | vc-type | |
| Options | ||
| Default | ether | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
vlan-vc-tag number
| Synopsis | SDP bind VC tag | |
| Context | configure service vpls service-name spoke-sdp sdp-bind-id vlan-vc-tag number | |
| Tree | vlan-vc-tag | |
| Range | 0 to 4094 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
stp
admin-state keyword
| Synopsis | Administrative state of STP | |
| Context | configure service vpls service-name stp admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
forward-delay number
| Synopsis | Configure forward-delay | |
| Context | configure service vpls service-name stp forward-delay number | |
| Tree | forward-delay | |
| Range | 4 to 30 | |
| Default | 15 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
hello-time number
| Synopsis | Configure hello-time | |
| Context | configure service vpls service-name stp hello-time number | |
| Tree | hello-time | |
| Range | 1 to 10 | |
| Default | 2 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
hold-count number
| Synopsis | Configure BPDU transmit hold count | |
| Context | configure service vpls service-name stp hold-count number | |
| Tree | hold-count | |
| Range | 1 to 20 | |
| Default | 6 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
maximum-age number
| Synopsis | Configure maximum STP information age | |
| Context | configure service vpls service-name stp maximum-age number | |
| Tree | maximum-age | |
| Range | 6 to 40 | |
| Default | 20 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
mode keyword
mst-instance [mst-inst-number] number
| Synopsis | Enter the mst-instance list instance | |
| Context | configure service vpls service-name stp mst-instance number | |
| Tree | mst-instance | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[mst-inst-number] number
| Synopsis | Multiple Spanning Tree Instance number | |
| Context | configure service vpls service-name stp mst-instance number | |
| Tree | mst-instance | |
| Range | 1 to 4094 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mst-priority number
| Synopsis | Priority of multiple spanning tree instance | |
| Context | configure service vpls service-name stp mst-instance number mst-priority number | |
| Tree | mst-priority | |
| Range | 0 | 4096 | 8192 | 12288 | 16384 | 20480 | 24576 | 28672 | 32768 | 36864 | 40960 | 45056 | 49152 | 53248 | 57344 | 61440 | |
| Default | 32768 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
vlan-range [range] string
| Synopsis | Add a list entry for vlan-range | |
| Context | configure service vpls service-name stp mst-instance number vlan-range string | |
| Tree | vlan-range | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[range] string
| Synopsis | Range of VLANs associated with the M-VPLS SAP | |
| Context | configure service vpls service-name stp mst-instance number vlan-range string | |
| Tree | vlan-range | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mst-maximum-hops number
| Synopsis | Maximum number of hops in an MSTP region | |
| Context | configure service vpls service-name stp mst-maximum-hops number | |
| Tree | mst-maximum-hops | |
| Range | 1 to 40 | |
| Default | 20 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
mst-name named-item
mst-revision number
| Synopsis | MST configuration revision | |
| Context | configure service vpls service-name stp mst-revision number | |
| Tree | mst-revision | |
| Range | 0 to 65535 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
priority number
temp-flooding number
| Synopsis | Temporary flooding | |
| Context | configure service vpls service-name temp-flooding number | |
| Tree | temp-flooding | |
| Range | 3 to 600 | |
| Units | seconds | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
vpn-id number
vprn [service-name] service-name
[service-name] service-name
aaa
remote-servers
| Synopsis | Enter the remote-servers context | |
| Context | configure service vprn service-name aaa remote-servers | |
| Tree | remote-servers | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
radius
access-algorithm keyword
| Synopsis | Algorithm used to access the set of RADIUS servers | |
| Context | configure service vprn service-name aaa remote-servers radius access-algorithm keyword | |
| Tree | access-algorithm | |
| Options | ||
| Default | direct | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
accounting boolean
| Synopsis | Enable RADIUS command accounting | |
| Context | configure service vprn service-name aaa remote-servers radius accounting boolean | |
| Tree | accounting | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
accounting-port number
| Synopsis | Port number on RADIUS server for accounting requests | |
| Context | configure service vprn service-name aaa remote-servers radius accounting-port number | |
| Tree | accounting-port | |
| Range | 1 to 65535 | |
| Default | 1813 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the authentication server | |
| Context | configure service vprn service-name aaa remote-servers radius admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authorization boolean
| Synopsis | Enable RADIUS authorization | |
| Context | configure service vprn service-name aaa remote-servers radius authorization boolean | |
| Tree | authorization | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
interactive-authentication boolean
| Synopsis | Enable RADIUS interactive authentication | |
| Context | configure service vprn service-name aaa remote-servers radius interactive-authentication boolean | |
| Tree | interactive-authentication | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
port number
server [index] number
[index] number
address (ipv4-address-no-zone | ipv6-address-no-zone)
authenticator keyword
| Synopsis | Authenticator hash algorithm for the RADIUS server | |
| Context | configure service vprn service-name aaa remote-servers radius server number authenticator keyword | |
| Tree | authenticator | |
Description | This command specifies the hash algorithm used to authenticate RADIUS Access-Request, Access-Accept, Access-Reject, Access-Challenge, Accounting-Request, and Accounting-Response packets. | |
| Options | ||
| Default | md5 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
secret encrypted-leaf
tls-client-profile reference
| Synopsis | TLS client profile for the RADIUS server | |
| Context | configure service vprn service-name aaa remote-servers radius server number tls-client-profile reference | |
| Tree | tls-client-profile | |
Description | This command specifies the TLS client profile used to encrypt RADIUS communication. When configured, RADIUS messages are sent using TLS. | |
Reference | configure system security tls client-tls-profile named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
server-retry number
| Synopsis | Number of attempts to retry contacting RADIUS server | |
| Context | configure service vprn service-name aaa remote-servers radius server-retry number | |
| Tree | server-retry | |
| Range | 1 to 10 | |
| Default | 3 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
server-timeout number
| Synopsis | Time to wait for a response from the RADIUS server | |
| Context | configure service vprn service-name aaa remote-servers radius server-timeout number | |
| Tree | server-timeout | |
| Range | 1 to 90 | |
| Units | seconds | |
| Default | 3 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
use-default-template boolean
| Synopsis | Apply the RADIUS default user template to RADIUS user | |
| Context | configure service vprn service-name aaa remote-servers radius use-default-template boolean | |
| Tree | use-default-template | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
tacplus
accounting
| Synopsis | Enable the accounting context | |
| Context | configure service vprn service-name aaa remote-servers tacplus accounting | |
| Tree | accounting | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
record-type keyword
| Synopsis | Type of accounting record packet sent to TACACS+ server | |
| Context | configure service vprn service-name aaa remote-servers tacplus accounting record-type keyword | |
| Tree | record-type | |
| Options | ||
| Default | stop-only | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the TACACS+ protocol | |
| Context | configure service vprn service-name aaa remote-servers tacplus admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authorization
| Synopsis | Enable the authorization context | |
| Context | configure service vprn service-name aaa remote-servers tacplus authorization | |
| Tree | authorization | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
request-format
| Synopsis | Enter the request-format context | |
| Context | configure service vprn service-name aaa remote-servers tacplus authorization request-format | |
| Tree | request-format | |
Description | Commands in this context configure access operations that are sent to the TACACS+ server during authorization. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
access-operation-cmd keyword
| Synopsis | Access operations sent in authorization requests | |
| Context | configure service vprn service-name aaa remote-servers tacplus authorization request-format access-operation-cmd keyword | |
| Tree | access-operation-cmd | |
Description | This command sends an operation argument in authorization requests. In model-driven interfaces, this command configures the system to send the operation in the cmd argument, and the path in the cmd-args argument, in TACACS+ authorization requests. This command does not apply to authorization requests in classic interfaces. | |
| Options | ||
| Max. instances | 1 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
use-priv-lvl boolean
| Synopsis | Allow privilege level mapping | |
| Context | configure service vprn service-name aaa remote-servers tacplus authorization use-priv-lvl boolean | |
| Tree | use-priv-lvl | |
Description | When configured to true, this command automatically performs a single authorization request to the TACACS+ server for cmd* (all commands) immediately after login, and then uses the local profile associated (via the priv-lvl-map) with the priv-lvl returned by the TACACS+ server for all subsequent authorization (except enable-admin). After the initial authorization for cmd*, no further authorization requests are sent to the TACACS+ server (except enable-admin). When configured to false, each command is sent to the TACACS+ server for authorization (this is true regardless of whether the tacplus use-default-template setting is enabled). | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ignore-unknown-mandatory-vsas boolean
| Synopsis | Ignore unknown mandatory VSAs and fail authentication | |
| Context | configure service vprn service-name aaa remote-servers tacplus ignore-unknown-mandatory-vsas boolean | |
| Tree | ignore-unknown-mandatory-vsas | |
Description | When configured to true, the system ignores unknown mandatory VSAs and authentication succeeds. When configured to false, the system ignores unknown mandatory VSAs received in a reply from the TACACS+ server. Authentication fails and the user is disconnected because the system cannot process a mandatory VSA that is unknown. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
interactive-authentication boolean
| Synopsis | Allows TACACS+ interactive authentication | |
| Context | configure service vprn service-name aaa remote-servers tacplus interactive-authentication boolean | |
| Tree | interactive-authentication | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
priv-lvl-map
| Synopsis | Enter the priv-lvl-map context | |
| Context | configure service vprn service-name aaa remote-servers tacplus priv-lvl-map | |
| Tree | priv-lvl-map | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
priv-lvl [level] number
| Synopsis | Enter the priv-lvl list instance | |
| Context | configure service vprn service-name aaa remote-servers tacplus priv-lvl-map priv-lvl number | |
| Tree | priv-lvl | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[level] number
| Synopsis | Privilege level for the mapping | |
| Context | configure service vprn service-name aaa remote-servers tacplus priv-lvl-map priv-lvl number | |
| Tree | priv-lvl | |
| Range | 0 to 15 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
user-profile-name reference
| Synopsis | User profile for the mapping | |
| Context | configure service vprn service-name aaa remote-servers tacplus priv-lvl-map priv-lvl number user-profile-name reference | |
| Tree | user-profile-name | |
Reference | configure system security aaa local-profiles profile named-item | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
server [index] number
[index] number
address (ipv4-address-no-zone | ipv6-address-no-zone)
port number
secret encrypted-leaf
server-retry-timeout (number | keyword)
| Synopsis | Time before retrying requests when health checks are disabled | |
| Context | configure service vprn service-name aaa remote-servers tacplus server-retry-timeout (number | keyword) | |
| Tree | server-retry-timeout | |
Description | This command configures the maximum timeout before retrying requests when health checks are disabled and all TACACS+ servers are operationally down. Set the value of this timer to a lower value or disable it to increase the interactive responsiveness of AAA requests after the servers become unreachable. | |
| Range | 1 to 300 | |
| Units | seconds | |
| Options | none – Disable retry timeout and send requests immediately | |
| Default | 300 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
server-timeout number
| Synopsis | Time to wait for a response from the TACACS+ server | |
| Context | configure service vprn service-name aaa remote-servers tacplus server-timeout number | |
| Tree | server-timeout | |
| Range | 1 to 90 | |
| Units | seconds | |
| Default | 3 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
service-request
| Synopsis | Enter the service-request context | |
| Context | configure service vprn service-name aaa remote-servers tacplus service-request | |
| Tree | service-request | |
Description | Commands in this context enable Nokia services to be requested from the TACACS+ server. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
nokia-grpc-rpc-authorization boolean
| Synopsis | Request nokia-grpc-rpc-authorization service VSAs | |
| Context | configure service vprn service-name aaa remote-servers tacplus service-request nokia-grpc-rpc-authorization boolean | |
| Tree | nokia-grpc-rpc-authorization | |
Description | When configured to true, the nokia-grpc-rpc-authorization service is requested from the TACACS+ server after successful authentication. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
nokia-netconf-base-op-authorization boolean
| Synopsis | Request nokia-netconf-base-op-authorization service VSAs | |
| Context | configure service vprn service-name aaa remote-servers tacplus service-request nokia-netconf-base-op-authorization boolean | |
| Tree | nokia-netconf-base-op-authorization | |
Description | When configured to true, the nokia-netconf-base-op-authorization service is requested from the TACACS+ server after successful authentication. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
nokia-user boolean
| Synopsis | Request nokia-user service VSAs | |
| Context | configure service vprn service-name aaa remote-servers tacplus service-request nokia-user boolean | |
| Tree | nokia-user | |
Description | When configured to true, the nokia-user service is requested from the TACACS+ server after successful authentication. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
nokia-user-profile boolean
| Synopsis | Request nokia-user-profile service VSAs | |
| Context | configure service vprn service-name aaa remote-servers tacplus service-request nokia-user-profile boolean | |
| Tree | nokia-user-profile | |
Description | When configured to true, the nokia-user-profile service is requested from the TACACS+ server after successful authentication. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
use-default-template boolean
| Synopsis | Apply TACACS+ default user-template to TACACS+ user | |
| Context | configure service vprn service-name aaa remote-servers tacplus use-default-template boolean | |
| Tree | use-default-template | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the service | |
| Context | configure service vprn service-name admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
aggregates
| Synopsis | Enter the aggregates context | |
| Context | configure service vprn service-name aggregates | |
| Tree | aggregates | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
aggregate [ip-prefix] (ipv4-prefix | ipv6-prefix)
| Synopsis | Enter the aggregate list instance | |
| Context | configure service vprn service-name aggregates aggregate (ipv4-prefix | ipv6-prefix) | |
| Tree | aggregate | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[ip-prefix] (ipv4-prefix | ipv6-prefix)
| Synopsis | Destination IP address prefix of the aggregate route | |
| Context | configure service vprn service-name aggregates aggregate (ipv4-prefix | ipv6-prefix) | |
| Tree | aggregate | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
aggregator
| Synopsis | Enter the aggregator context | |
| Context | configure service vprn service-name aggregates aggregate (ipv4-prefix | ipv6-prefix) aggregator | |
| Tree | aggregator | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
address ipv4-unicast-address
| Synopsis | Aggregator IP address | |
| Context | configure service vprn service-name aggregates aggregate (ipv4-prefix | ipv6-prefix) aggregator address ipv4-unicast-address | |
| Tree | address | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
as-number number
| Synopsis | Aggregator AS number | |
| Context | configure service vprn service-name aggregates aggregate (ipv4-prefix | ipv6-prefix) aggregator as-number number | |
| Tree | as-number | |
| Range | 1 to 4294967295 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
as-set boolean
| Synopsis | Use AS_SET path segment type for the aggregate route | |
| Context | configure service vprn service-name aggregates aggregate (ipv4-prefix | ipv6-prefix) as-set boolean | |
| Tree | as-set | |
Description | When configured to true, the AS_PATH attribute of the aggregate contains an AS_SET containing all AS numbers from the contributing routes. This can increase the amount of churn due to best-path changes. When configured to false, the AS_PATH attribute contains no AS_SET and will be originated by the ESR. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
blackhole
generate-icmp boolean
| Synopsis | Send ICMP unreachable messages for aggregate routes | |
| Context | configure service vprn service-name aggregates aggregate (ipv4-prefix | ipv6-prefix) blackhole generate-icmp boolean | |
| Tree | generate-icmp | |
Description | When configured to true, ICMP unreachable messages are sent when packets match an aggregate route in the FIB with a black-hole next-hop. When configured to false, ICMP unreachable messages are not generated. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
community community
| Synopsis | Community name that is added to the aggregate route | |
| Context | configure service vprn service-name aggregates aggregate (ipv4-prefix | ipv6-prefix) community community | |
| Tree | community | |
Description | This command associates a BGP community with the aggregate route. The community name can be matched in route policies and is automatically added to BGP routes exported from the aggregate route. | |
| String length | 1 to 72 | |
| Max. instances | 12 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
description description
| Synopsis | Text description | |
| Context | configure service vprn service-name aggregates aggregate (ipv4-prefix | ipv6-prefix) description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
discard-component-communities boolean
| Synopsis | Advertise aggregate with aggregate route community set | |
| Context | configure service vprn service-name aggregates aggregate (ipv4-prefix | ipv6-prefix) discard-component-communities boolean | |
| Tree | discard-component-communities | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
indirect (ipv4-address-no-zone | ipv6-address-no-zone)
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Address of the indirect next hop | |
| Context | configure service vprn service-name aggregates aggregate (ipv4-prefix | ipv6-prefix) indirect (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | indirect | |
Description | This command programs aggregate routes into the forwarding table with an indirect next hop. If a packet matches the aggregate route but not a contributing route, it is forwarded toward the indirect next hop rather than being discarded. | |
Notes | The following elements are part of a choice: blackhole or indirect. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
local-preference number
| Synopsis | Local preference used when aggregate route is exported | |
| Context | configure service vprn service-name aggregates aggregate (ipv4-prefix | ipv6-prefix) local-preference number | |
| Tree | local-preference | |
Description | This command configures the local preference value to use when the aggregate route is exported rather than using any of the local preference values assigned for any of the contributing routes. | |
| Range | 0 to 4294967295 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
policy reference
| Synopsis | Policy name for the aggregated route | |
| Context | configure service vprn service-name aggregates aggregate (ipv4-prefix | ipv6-prefix) policy reference | |
| Tree | policy | |
Description | This command associates an aggregate route with a policy reference. The aggregated route is activated only when there is at least one eligible active route in the sub-trees below it that is accepted by the policy evaluation. There is no evaluation into any sub-tree that starts with another active aggregate route. Eligible routes exclude host routes and LDP shortcut routes. If an aggregate route has no policy, or the reference is to an empty policy, this configuration is treated as equivalent to a policy with one rule that accepts all routes. | |
Reference | configure policy-options policy-statement named-item-64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
summary-only boolean
| Synopsis | Advertise the aggregate route only | |
| Context | configure service vprn service-name aggregates aggregate (ipv4-prefix | ipv6-prefix) summary-only boolean | |
| Tree | summary-only | |
Description | When configured to true, the router suppresses the advertisement of more specific component routes for the aggregate. When configured to false, the router advertises both the aggregate route and its contributing routes. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
tunnel-group number
| Synopsis | Tunnel group from which to associate the MC IPSec state | |
| Context | configure service vprn service-name aggregates aggregate (ipv4-prefix | ipv6-prefix) tunnel-group number | |
| Tree | tunnel-group | |
Description | This command adds the MC-IPsec state of the specific tunnel-group to the aggregate route. | |
| Range | 1 to 64 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
allow-export-bgp-vpn boolean
| Synopsis | Include BGP-VPN routes for export | |
| Context | configure service vprn service-name allow-export-bgp-vpn boolean | |
| Tree | allow-export-bgp-vpn | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
autonomous-system number
| Synopsis | AS number advertised to peers for this router | |
| Context | configure service vprn service-name autonomous-system number | |
| Tree | autonomous-system | |
Description | This command configures the autonomous system (AS) number for the router. This value must be set before BGP can be activated. If the AS number is changed on a router with an active BGP instance, the new AS number is not used until the BGP instance is restarted. | |
| Range | 1 to 4294967295 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bgp
admin-state keyword
| Synopsis | Administrative state of the BGP instance | |
| Context | configure service vprn service-name bgp admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
advertise-inactive boolean
| Synopsis | Advertise inactive BGP routes to peers | |
| Context | configure service vprn service-name bgp advertise-inactive boolean | |
| Tree | advertise-inactive | |
Description | When configured to true, this command allows any inactive BGP route to be advertised, even though it is not the used route. When configured to false, the advertisement of inactive BGP routes to other BGP peers is disabled. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
advertise-ipv6-next-hops
| Synopsis | Enter the advertise-ipv6-next-hops context | |
| Context | configure service vprn service-name bgp advertise-ipv6-next-hops | |
| Tree | advertise-ipv6-next-hops | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4 boolean
aggregator-id-zero boolean
| Synopsis | Set router ID in the BGP AGGREGATOR attribute to 0 | |
| Context | configure service vprn service-name bgp aggregator-id-zero boolean | |
| Tree | aggregator-id-zero | |
Description | When configured to true, the router ID in the BGP AGGREGATOR path attribute is set to 0 when BGP aggregates routes. This prevents different routers within an AS from creating aggregate routes for the same prefix with different path attributes. When configured to false, the AS number and router ID are added to the AGGREGATOR path attribute. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
asn-4-byte boolean
| Synopsis | Advertise support for 4-byte ASNs | |
| Context | configure service vprn service-name bgp asn-4-byte boolean | |
| Tree | asn-4-byte | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
attribute-set
| Synopsis | Enter the attribute-set context | |
| Context | configure service vprn service-name bgp attribute-set | |
| Tree | attribute-set | |
Description | Commands in this context configure the handling of attribute set (ATTR_SET) attributes in BGP routes received from PE-CE peers of the VPRN. ATTR_SET is an optional transitive BGP path attribute standardized by RFC 6368 that is added to BGP L3 VPN routes to provide logical separation between the BGP domain of a customer and the BGP domain of a service provider. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
remove boolean
| Synopsis | Remove ATTR_SET in received BGP routes from PE-CE peers | |
| Context | configure service vprn service-name bgp attribute-set remove boolean | |
| Tree | remove | |
Description | When configured to true, BGP ignores and silently discards ATTR_SETs in BGP routes received from PE-CE peers of the VPRN. The discarded ATTR_SETs do not affect BGP best path selection in the VPRN, and they do not appear in the VPN-IP routes that result from the VRF export of the BGP routes. Nokia recommends configuring this command to true in most deployments. When configured to false, BGP ignores ATTR_SETs in BGP routes received from PE-CE peers of the VPRN, but does not discard them. This allows the ATTR_SETs to propagate between CE devices connected to the VPRN and to other PE devices when the BGP routes are exported as VPN-IP routes. Note: If the configuration of this command is changed, ROUTE_REFRESH messages are sent to all PE-CE peers of the VPRN. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
authentication-key encrypted-leaf
| Synopsis | BGP authentication key for all peers | |
| Context | configure service vprn service-name bgp authentication-key encrypted-leaf | |
| Tree | authentication-key | |
Description | This command configures the authentication key used to protect all sessions. The stored format of the authentication key is based on the configure system security hash-control management-interface md-cli hash-algorithm setting. | |
| String length | 1 to 370 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authentication-keychain reference
| Synopsis | TCP authentication keychain for the session | |
| Context | configure service vprn service-name bgp authentication-keychain reference | |
| Tree | authentication-keychain | |
Description | This command associates the keychain to be used to authenticate the BGP session. The keychain allows the rollover of authentication keys during the lifetime of a session. | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
backup-path
| Synopsis | Enter the backup-path context | |
| Context | configure service vprn service-name bgp backup-path | |
| Tree | backup-path | |
Description | Commands in this context enable the use of a backup path for specified BGP-learned prefixes belonging to the base router. Multiple paths must be received for a prefix in order to take advantage of this feature. When a prefix has a backup path and its primary paths fail, the affected traffic is rapidly diverted to the backup path without waiting for control plane re-convergence to occur. When many prefixes share the same primary paths and in some cases, the same backup path, the time to divert failover traffic to the backup path is independent of the number of prefixes. By default, IPv4 and IPv6 prefixes do not have a backup path installed in the IOM. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4 boolean
ipv6 boolean
label-ipv4 boolean
| Synopsis | Enable support for labeled-unicast IPv4 routes | |
| Context | configure service vprn service-name bgp backup-path label-ipv4 boolean | |
| Tree | label-ipv4 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
label-ipv6 boolean
| Synopsis | Enable support for labeled unicast IPv6 routes | |
| Context | configure service vprn service-name bgp backup-path label-ipv6 boolean | |
| Tree | label-ipv6 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
best-path-selection
| Synopsis | Enter the best-path-selection context | |
| Context | configure service vprn service-name bgp best-path-selection | |
| Tree | best-path-selection | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
always-compare-med
| Synopsis | Enter the always-compare-med context | |
| Context | configure service vprn service-name bgp best-path-selection always-compare-med | |
| Tree | always-compare-med | |
Description | Commands in this context determine how the BGP decision process is affected by the MED path attribute. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
med-value keyword
| Synopsis | Action for a missing MED attribute | |
| Context | configure service vprn service-name bgp best-path-selection always-compare-med med-value keyword | |
| Tree | med-value | |
| Options | ||
| Default | off | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
strict-as boolean
| Synopsis | Compare MED only for routes from same neighbor AS | |
| Context | configure service vprn service-name bgp best-path-selection always-compare-med strict-as boolean | |
| Tree | strict-as | |
Description | When configured to true, the route selection process can compare the MED path attribute between routes only if they come from the same neighbor AS. When configured to false, the route selection process can compare the MED path attribute between routes even if they come from different neighbor ASs. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
as-path-ignore
| Synopsis | Enter the as-path-ignore context | |
| Context | configure service vprn service-name bgp best-path-selection as-path-ignore | |
| Tree | as-path-ignore | |
Description | Commands in this context determine whether the AS path length is considered in the selection process for routes of the specified address families. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4 boolean
| Synopsis | Ignore AS path length for unlabeled unicast IPv4 routes | |
| Context | configure service vprn service-name bgp best-path-selection as-path-ignore ipv4 boolean | |
| Tree | ipv4 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ipv6 boolean
| Synopsis | Ignore AS path length for unlabeled unicast IPv6 routes | |
| Context | configure service vprn service-name bgp best-path-selection as-path-ignore ipv6 boolean | |
| Tree | ipv6 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
label-ipv4 boolean
| Synopsis | Ignore AS path length for labeled-unicast IPv4 routes | |
| Context | configure service vprn service-name bgp best-path-selection as-path-ignore label-ipv4 boolean | |
| Tree | label-ipv4 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
label-ipv6 boolean
| Synopsis | Ignore AS path length for labeled unicast IPv6 routes | |
| Context | configure service vprn service-name bgp best-path-selection as-path-ignore label-ipv6 boolean | |
| Tree | label-ipv6 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
compare-origin-validation-state boolean
| Synopsis | Allow comparison of origin validation states | |
| Context | configure service vprn service-name bgp best-path-selection compare-origin-validation-state boolean | |
| Tree | compare-origin-validation-state | |
Description | When configured to true, the RPKI origin validation state is compared between BGP routes, where a Valid state is preferred over a Not-Found state, and a Not-Found state is preferred over an Invalid state. When configured to false, the RPKI origin validate state comparison is not performed as part of the BGP route selection process. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
deterministic-med boolean
| Synopsis | Group paths based on AS before MED attribute comparison | |
| Context | configure service vprn service-name bgp best-path-selection deterministic-med boolean | |
| Tree | deterministic-med | |
Description | When configured to true, BGP groups paths from the same AS that are equal up to the MED attribute comparison and then compares the best path from each group to select the overall best path. This process ensures that the best-path selection process is deterministic in all cases. When configured to false, paths are not grouped and the overall best-path selection can depend on the order of route arrival. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ebgp-ibgp-equal
| Synopsis | Enter the ebgp-ibgp-equal context | |
| Context | configure service vprn service-name bgp best-path-selection ebgp-ibgp-equal | |
| Tree | ebgp-ibgp-equal | |
Description | Commands in this context allow BGP to ignore the difference between EBGP and IBGP routes in selecting the best path and eligible multipaths (if multipath and ECMP are enabled) for the specified address families. The result is a form of EIBGP load-balancing in a multipath scenario. This behavior can be applied selectively to certain address families. By default, the BGP decision process prefers an EBGP learned route over an IBGP learned route. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4 boolean
| Synopsis | Consider EBGP and IBGP IPv4 routes equal | |
| Context | configure service vprn service-name bgp best-path-selection ebgp-ibgp-equal ipv4 boolean | |
| Tree | ipv4 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ipv6 boolean
| Synopsis | Consider EBGP and IBGP IPv6 routes equal | |
| Context | configure service vprn service-name bgp best-path-selection ebgp-ibgp-equal ipv6 boolean | |
| Tree | ipv6 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
label-ipv4 boolean
| Synopsis | Consider EBGP and IBGP label-IPv4 routes equal | |
| Context | configure service vprn service-name bgp best-path-selection ebgp-ibgp-equal label-ipv4 boolean | |
| Tree | label-ipv4 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
label-ipv6 boolean
| Synopsis | Consider EBGP and IBGP label-IPv6 routes equal | |
| Context | configure service vprn service-name bgp best-path-selection ebgp-ibgp-equal label-ipv6 boolean | |
| Tree | label-ipv6 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ignore-nh-metric boolean
| Synopsis | Ignore next-hop distance in best path selection | |
| Context | configure service vprn service-name bgp best-path-selection ignore-nh-metric boolean | |
| Tree | ignore-nh-metric | |
Description | When configured to true, BGP ignores the resolved distance to the BGP next hop in its route selection process. When configured to false, BGP factors the distance to the next hop into its decision process when it compares two BGP routes with the same NLRI learned from base router BGP peers (in the router context) or IP prefix learned from VPRN BGP peers (in the vprn context). | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ignore-router-id
| Synopsis | Enable the ignore-router-id context | |
| Context | configure service vprn service-name bgp best-path-selection ignore-router-id | |
| Tree | ignore-router-id | |
Description | Commands in this context determine whether the BGP selection process ignores the BGP identifier (router ID) comparison of two EBGP paths from different EBGP peers when determining the best path for the specified address families. By default, BGP selects the path with the lower router ID when it compares two paths from EBGP peers. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
origin-invalid-unusable boolean
| Synopsis | Ignore routes with invalid origin validation state | |
| Context | configure service vprn service-name bgp best-path-selection origin-invalid-unusable boolean | |
| Tree | origin-invalid-unusable | |
Description | When configured to true, routes that have an RPKI origin validation state of Invalid are considered unusable by the best-path selection algorithm. These routes cannot be used for forwarding and cannot be advertised to BGP peers. When configured to false, routes with an RPKI origin validation state of Invalid are compared to other usable routes for the same prefix, according to the BGP decision process. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
bfd-liveness boolean
| Synopsis | Enable BFD | |
| Context | configure service vprn service-name bgp bfd-liveness boolean | |
| Tree | bfd-liveness | |
Description | When configured to true, BFD is enabled on all BGP sessions, subject to the association of those BGP sessions with IP interfaces that have BFD configurations. When configured to false, BFD is not enabled globally for all BGP sessions. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
bfd-strict-mode
| Synopsis | Enter the bfd-strict-mode context | |
| Context | configure service vprn service-name bgp bfd-strict-mode | |
| Tree | bfd-strict-mode | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
advertise
| Synopsis | Enable the advertise context | |
| Context | configure service vprn service-name bgp bfd-strict-mode advertise | |
| Tree | advertise | |
Description | Commands in this context configure BGP to advertise the Strict-BFD capability to peers that are within scope of this command and meet the following requirements:
When the preceding conditions are satisfied and two peers attempting to form a session both advertise the Strict-BFD capability, the BGP finite state machine in each router transitions the session state to established after the BFD session with the peer enters the up state. When unconfigured, BGP does not advertise the Strict-BFD capability to peers. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
holdtime number
| Synopsis | Maximum time BGP waits for the BFD session to come up | |
| Context | configure service vprn service-name bgp bfd-strict-mode advertise holdtime number | |
| Tree | holdtime | |
Description | This command configures the maximum time BGP waits for the BFD session to come up, provided that the Strict-BFD procedures apply to a session, and the negotiated BGP hold time is zero (no keepalives). If the negotiated BGP hold time is greater than zero, the advertised hold time is not considered. | |
| Range | 1 to 65535 | |
| Units | seconds | |
| Default | 30 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
next-hop-reachability boolean
| Synopsis | Consider next hop unreachable if BFD session is down | |
| Context | configure service vprn service-name bgp bfd-strict-mode next-hop-reachability boolean | |
| Tree | next-hop-reachability | |
Description | When configured to true, the router considers next-hop self routes belonging to specific address families received from a peer within scope of this command as having an unresolved next hop, provided that the following requirements are met:
The unresolved state is maintained until the BFD session state changes to up or administratively down, even if there is a resolving route or tunnel that matches the BGP next-hop address. Routes received from one peer with a BGP next-hop address equal to the address of another peer are not affected by the BFD session to the other peer. The behavior of the router when this command is true does not depend on whether Strict-BFD is used, as both features are independent. Configuring this command to true only affects routes belonging to the following address families:
When configured to false, the router does not consider next-hop self routes belonging to the preceding address families as having an unresolved next hop if the BFD session goes down. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
client-reflect boolean
| Synopsis | Allow client reflection of routes by route reflector | |
| Context | configure service vprn service-name bgp client-reflect boolean | |
| Tree | client-reflect | |
Description | When configured to true, routes received from neighbors considered to be RR clients are reflected to other peers as expected. When configured to false, routes received from neighbors considered to be RR clients are not reflected to other clients. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
cluster
cluster-id ipv4-address
| Synopsis | Route reflector cluster ID | |
| Context | configure service vprn service-name bgp cluster cluster-id ipv4-address | |
| Tree | cluster-id | |
Description | The command specifies the cluster ID to associate with the routing instance, effectively making all IBGP peers of the routing instance RR clients. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
connect-retry number
| Synopsis | BGP connect retry timer value | |
| Context | configure service vprn service-name bgp connect-retry number | |
| Tree | connect-retry | |
Description | This command configures the BGP connect retry timer. When the timer expires, BGP tries to reconnect to the configured peer. | |
| Range | 1 to 65535 | |
| Default | 120 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
convergence
| Synopsis | Enter the convergence context | |
| Context | configure service vprn service-name bgp convergence | |
| Tree | convergence | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
family [family-type] keyword
[family-type] keyword
max-wait-to-advertise number
| Synopsis | Maximum wait time before advertising routes | |
| Context | configure service vprn service-name bgp convergence family keyword max-wait-to-advertise number | |
| Tree | max-wait-to-advertise | |
| Range | 0 to 3600 | |
| Default | 0 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
min-wait-to-advertise number
| Synopsis | Minimum wait time before advertising routes | |
| Context | configure service vprn service-name bgp convergence min-wait-to-advertise number | |
| Tree | min-wait-to-advertise | |
| Range | 0 to 3600 | |
| Default | 0 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
damp-peer-oscillations
| Synopsis | Enable the damp-peer-oscillations context | |
| Context | configure service vprn service-name bgp damp-peer-oscillations | |
| Tree | damp-peer-oscillations | |
Description | Commands in this context support the DampPeerOscillations FSM behavior described in section 8.1 of RFC 4271, A Border Gateway Protocol 4 (BGP-4). When unconfigured, the router does not perform peer oscillation damping and immediately transitions out of the idle state after every reset. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
error-interval number
| Synopsis | Time after a reset that the session must be error-free | |
| Context | configure service vprn service-name bgp damp-peer-oscillations error-interval number | |
| Tree | error-interval | |
Description | This command sets the interval of time after a reset, during which the session must be error-free in order to reset the penalty counter and return the idle hold time to the initial wait time. | |
| Range | 0 to 2048 | |
| Default | 30 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
idle-hold-time
| Synopsis | Enter the idle-hold-time context | |
| Context | configure service vprn service-name bgp damp-peer-oscillations idle-hold-time | |
| Tree | idle-hold-time | |
Description | Commands in this context configure how long a BGP peer session remains in the idle state after some type of error causes the session to reset. In the idle state, BGP does not initiate or respond to attempts to establish a new session. Repeated errors that occur in a short time period after each session reset cause longer and longer hold times in the idle state. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
initial-wait number
| Synopsis | Time session remains in idle state after stabilization | |
| Context | configure service vprn service-name bgp damp-peer-oscillations idle-hold-time initial-wait number | |
| Tree | initial-wait | |
| Range | 0 to 2048 | |
| Default | 0 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
max-wait number
| Synopsis | Maximum session idle time after repeated instability | |
| Context | configure service vprn service-name bgp damp-peer-oscillations idle-hold-time max-wait number | |
| Tree | max-wait | |
| Range | 1 to 2048 | |
| Default | 60 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
second-wait number
| Synopsis | Time that doubles after each session failure | |
| Context | configure service vprn service-name bgp damp-peer-oscillations idle-hold-time second-wait number | |
| Tree | second-wait | |
Description | This command defines the hold time that doubles after each repeated session failure that occurs in a short span of time. | |
| Range | 1 to 2048 | |
| Default | 5 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
damping boolean
| Synopsis | Use BGP route damping to reduce route flap | |
| Context | configure service vprn service-name bgp damping boolean | |
| Tree | damping | |
Description | When configured to true, this command enables route damping to reduce the number of update messages sent between BGP peers and reduce the load on peers without affecting the route convergence time for stable routes. Route damping is controlled by profiles set in route policies. If no profile is specified in the route policy, the default damping profile is used with the following parameters:
When configured to false, BGP route damping for learned routes is disabled. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
default-label-preference
| Synopsis | Enter the default-label-preference context | |
| Context | configure service vprn service-name bgp default-label-preference | |
| Tree | default-label-preference | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ebgp number
ibgp number
default-preference
| Synopsis | Enter the default-preference context | |
| Context | configure service vprn service-name bgp default-preference | |
| Tree | default-preference | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ebgp number
ibgp number
description description
| Synopsis | Text description | |
| Context | configure service vprn service-name bgp description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dynamic-neighbor-limit number
| Synopsis | Max dynamic BGP sessions to accept from remote peers | |
| Context | configure service vprn service-name bgp dynamic-neighbor-limit number | |
| Tree | dynamic-neighbor-limit | |
Description | This command configures the maximum number of dynamic BGP sessions to accept from remote peers associated with the entire BGP instance. If accepting a new dynamic session causes the instance limit to be exceeded, the new session attempt is rejected and a Notification message is sent back to the remote peer. | |
| Range | 1 to 8192 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ebgp-default-reject-policy
| Synopsis | Enter the ebgp-default-reject-policy context | |
| Context | configure service vprn service-name bgp ebgp-default-reject-policy | |
| Tree | ebgp-default-reject-policy | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
export boolean
import boolean
eibgp-loadbalance boolean
| Synopsis | Use ECMP over BGP VPN and BGP routes | |
| Context | configure service vprn service-name bgp eibgp-loadbalance boolean | |
| Tree | eibgp-loadbalance | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
enforce-first-as boolean
| Synopsis | Enforce the configured peer AS value in received routes | |
| Context | configure service vprn service-name bgp enforce-first-as boolean | |
| Tree | enforce-first-as | |
Description | When configured to true for an EBGP session, all routes received from an EBGP peer are checked to ensure that the most recent ASN in the AS_PATH attribute of each route matches the configured AS of the session. If there is not a match, the session is reset (if the update-fault-tolerance command in the error-handling context is set to false) or the session is left up but the route is treated as withdrawn (if update-fault-tolerance is set to true). This command does not flap an established session because it applies only to routes received after the command is issued. When configured to false, received routes are not checked for compliance with the rule. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
error-handling
| Synopsis | Enter the error-handling context | |
| Context | configure service vprn service-name bgp error-handling | |
| Tree | error-handling | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
legacy-mode boolean
| Synopsis | Enable legacy-mode of BGP error handling | |
| Context | configure service vprn service-name bgp error-handling legacy-mode boolean | |
| Tree | legacy-mode | |
Description | When configured to true, the BGP instance handles the BGP update error messages based on the configured update-fault-tolerance commands. If these commands are not explicitly configured, BGP error handling follows the legacy procedures described in RFC 4271, which can result in disruptive session resets. When configured to false, the BGP instance ignores the configured update-fault-tolerance commands and applies the new error handling procedures described in RFC 7606 on all sessions. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
update-fault-tolerance boolean
| Synopsis | Tolerate non-critical errors in UPDATE messages | |
| Context | configure service vprn service-name bgp error-handling update-fault-tolerance boolean | |
| Tree | update-fault-tolerance | |
Description | When configured to true, non-critical errors are handled with treat-as-withdraw, attribute-discard, and other non-disruptive approaches that do not cause a session reset. Critical errors still trigger a session reset. When configured to false, most errors trigger a session reset. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
export
policy (policy-expr-string | string)
extended-nh-encoding
| Synopsis | Enter the extended-nh-encoding context | |
| Context | configure service vprn service-name bgp extended-nh-encoding | |
| Tree | extended-nh-encoding | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4 boolean
family
flow-ipv6 boolean
ipv4 boolean
ipv6 boolean
label-ipv4 boolean
| Synopsis | Advertise support for the label-IPv4 address family | |
| Context | configure service vprn service-name bgp family label-ipv4 boolean | |
| Tree | label-ipv4 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
mcast-ipv4 boolean
| Synopsis | Advertise support for the MCAST-IPv4 address family | |
| Context | configure service vprn service-name bgp family mcast-ipv4 boolean | |
| Tree | mcast-ipv4 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
mcast-ipv6 boolean
| Synopsis | Advertise support for the MCAST-IPv6 address family | |
| Context | configure service vprn service-name bgp family mcast-ipv6 boolean | |
| Tree | mcast-ipv6 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
fast-external-failover boolean
| Synopsis | Drop external BGP session immediately when link fails | |
| Context | configure service vprn service-name bgp fast-external-failover boolean | |
| Tree | fast-external-failover | |
Description | When configured to true, the router drops an external BGP session to a single-hop neighbor immediately when the local interface goes down. When configured to false, the BGP session remains up until the hold time expires. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
graceful-restart
| Synopsis | Enable the graceful-restart context | |
| Context | configure service vprn service-name bgp graceful-restart | |
| Tree | graceful-restart | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
gr-notification boolean
| Synopsis | Perform Graceful Restart procedures | |
| Context | configure service vprn service-name bgp graceful-restart gr-notification boolean | |
| Tree | gr-notification | |
Description | When configured to true, the Graceful Restart capability sent by the router indicates support for NOTIFICATION messages. If the peer also supports this capability, the session is restarted gracefully (while preserving forwarding) if either peer sends a NOTIFICATION message due to some type of event or error. When configured to false, NOTIFICATION messages are not supported. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
long-lived
| Synopsis | Enable the long-lived context | |
| Context | configure service vprn service-name bgp graceful-restart long-lived | |
| Tree | long-lived | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
advertise-stale-to-all-neighbors boolean
| Synopsis | Advertise stale routes to all BGP peers | |
| Context | configure service vprn service-name bgp graceful-restart long-lived advertise-stale-to-all-neighbors boolean | |
| Tree | advertise-stale-to-all-neighbors | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
advertised-stale-time number
| Synopsis | LLGR stale routes time | |
| Context | configure service vprn service-name bgp graceful-restart long-lived advertised-stale-time number | |
| Tree | advertised-stale-time | |
| Range | 0 to 16777215 | |
| Default | 86400 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
family [family-type] keyword
| Synopsis | Enter the family list instance | |
| Context | configure service vprn service-name bgp graceful-restart long-lived family keyword | |
| Tree | family | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[family-type] keyword
| Synopsis | Address family type for LLGR | |
| Context | configure service vprn service-name bgp graceful-restart long-lived family keyword | |
| Tree | family | |
| Options | ||
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
advertised-stale-time number
| Synopsis | LLGR stale routes time for family override | |
| Context | configure service vprn service-name bgp graceful-restart long-lived family keyword advertised-stale-time number | |
| Tree | advertised-stale-time | |
| Range | 0 to 16777215 | |
| Default | 86400 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
helper-override-stale-time number
| Synopsis | Locally-configured stale routes override time | |
| Context | configure service vprn service-name bgp graceful-restart long-lived family keyword helper-override-stale-time number | |
| Tree | helper-override-stale-time | |
| Range | 0 to 16777215 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
forwarding-bits-set keyword
| Synopsis | BGP LLGR forwarding-bit behavior for address family | |
| Context | configure service vprn service-name bgp graceful-restart long-lived forwarding-bits-set keyword | |
| Tree | forwarding-bits-set | |
Description | This command determines the setting of the F bit in the GR and LLGR capabilities advertised by the router. When the F bit is set for an address family, it indicates that the advertising router is able to preserve forwarding state for the routes of that address family across the last restart. When the session is re-established after a restart and the F bit is not set, all stale routes from the peer are immediately removed for the corresponding address family. This command allows the F bit to be set for all address families or only for non-forwarding address families (L2-VPN, route target, flow-IPv4, and flow-IPv6). | |
| Options | ||
| Default | none | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
helper-override-restart-time number
| Synopsis | Locally-configured override for restart time | |
| Context | configure service vprn service-name bgp graceful-restart long-lived helper-override-restart-time number | |
| Tree | helper-override-restart-time | |
Description | This command overrides the restart time advertised by a peer (in its GR capability) with a locally-configured value. This override applies only to AFI/SAFI that were included in the GR capability of the peer. The restart-time is always zero for AFI/SAFI not included in the GR capability. This command is useful if the local router wants to force the LLGR phase to begin after a set time for all protected AFI/SAFI. | |
| Range | 0 to 4095 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
helper-override-stale-time number
| Synopsis | Locally-configured stale routes override time | |
| Context | configure service vprn service-name bgp graceful-restart long-lived helper-override-stale-time number | |
| Tree | helper-override-stale-time | |
Description | This command configures a locally-imposed LLGR stale time that overrides the long-lived stale routes time that is advertised by the router in its LLGR capability. This command applies to all AFI/SAFI in the advertised LLGR capability except for any AFI/SAFI with a family-specific override. | |
| Range | 0 to 16777215 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
without-no-export boolean
| Synopsis | Advertise LLGR stale routes to non-LLGR peers | |
| Context | configure service vprn service-name bgp graceful-restart long-lived without-no-export boolean | |
| Tree | without-no-export | |
Description | When configured to true, LLGR stale routes can be advertised to any peer (EBGP or IBGP) that did not signal the LLGR capability. For IBGP and confederation-EBGP peers that did not advertise the LLGR capability, the local preference attribute in the advertised stale routes is automatically set to 0. When configured to false, LLGR stale routes are not advertised to any EBGP peer that did not signal the LLGR capability. For IBGP and confederation-EBGP peers that did not advertise the LLGR capability, the local preference attribute in the advertised stale routes is automatically set to 0 and a NO_EXPORT standard community is automatically added to the routes. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
restart-time number
| Synopsis | Restart time advertised by GR capability | |
| Context | configure service vprn service-name bgp graceful-restart restart-time number | |
| Tree | restart-time | |
| Range | 0 to 4095 | |
| Default | 120 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
stale-routes-time number
| Synopsis | Maximum time to maintain routes after graceful restart | |
| Context | configure service vprn service-name bgp graceful-restart stale-routes-time number | |
| Tree | stale-routes-time | |
| Range | 1 to 3600 | |
| Default | 360 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
group [group-name] named-item-64
[group-name] named-item-64
admin-state keyword
| Synopsis | Administrative state of the BGP group | |
| Context | configure service vprn service-name bgp group named-item-64 admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
advertise-inactive boolean
| Synopsis | Advertise an inactive BGP route to peers | |
| Context | configure service vprn service-name bgp group named-item-64 advertise-inactive boolean | |
| Tree | advertise-inactive | |
Description | When configured to true, this command allows an inactive BGP route to be advertised, even though it is not the most preferred route. The effect of the command on advertised unlabeled, labeled, and multicapt IPv4 and IPv6 routes depends on several factors.
When unconfigured, the command inherits the value of the global-level setting (true or false). The command cannot be explicity configured to false. When this command inherits a value of false, the advertisement of inactive BGP routes to other BGP peers is disabled. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
advertise-ipv6-next-hops
| Synopsis | Enable the advertise-ipv6-next-hops context | |
| Context | configure service vprn service-name bgp group named-item-64 advertise-ipv6-next-hops | |
| Tree | advertise-ipv6-next-hops | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4 boolean
aggregator-id-zero boolean
| Synopsis | Set router ID in the BGP AGGREGATOR attribute to zero | |
| Context | configure service vprn service-name bgp group named-item-64 aggregator-id-zero boolean | |
| Tree | aggregator-id-zero | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
as-override boolean
| Synopsis | Replace the peer's ASN with the local ASN in AS Path | |
| Context | configure service vprn service-name bgp group named-item-64 as-override boolean | |
| Tree | as-override | |
Description | When configured to true, the advertising router's local AS replaces all occurrences of the peer AS in the AS_PATH attribute. This command should be used with caution, as it breaks BGP's loop detection mechanism. When configured to false, no AS override is performed. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
asn-4-byte boolean
| Synopsis | Advertise the use of 4-byte ASNs | |
| Context | configure service vprn service-name bgp group named-item-64 asn-4-byte boolean | |
| Tree | asn-4-byte | |
Description | When this command inherits a value of true, the use of 4-byte ASNs is supported. When unconfigured, the command inherits the value of the global-level setting (true or false). The command cannot be explicitly configured to true. When configured to false, this command disables the use of 4-byte ASNs. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authentication-key encrypted-leaf
| Synopsis | BGP authentication key for peers in the group | |
| Context | configure service vprn service-name bgp group named-item-64 authentication-key encrypted-leaf | |
| Tree | authentication-key | |
Description | This command configures the authentication key that must be configured on both peers. The stored format of the authentication key is based on the configure system security hash-control management-interface md-cli hash-algorithm setting. | |
| String length | 1 to 370 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authentication-keychain reference
| Synopsis | TCP authentication keychain for the session | |
| Context | configure service vprn service-name bgp group named-item-64 authentication-keychain reference | |
| Tree | authentication-keychain | |
Description | This command associates the keychain to be used to authenticate the BGP session. The keychain allows the rollover of authentication keys during the lifetime of a session. | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bfd-liveness boolean
| Synopsis | Enable BFD | |
| Context | configure service vprn service-name bgp group named-item-64 bfd-liveness boolean | |
| Tree | bfd-liveness | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bfd-strict-mode
| Synopsis | Enter the bfd-strict-mode context | |
| Context | configure service vprn service-name bgp group named-item-64 bfd-strict-mode | |
| Tree | bfd-strict-mode | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
advertise
| Synopsis | Enable the advertise context | |
| Context | configure service vprn service-name bgp group named-item-64 bfd-strict-mode advertise | |
| Tree | advertise | |
Description | Commands in this context configure BGP to advertise the Strict-BFD capability to peers that are within scope of this command and meet the following requirements:
When the preceding conditions are satisfied and two peers attempting to form a session both advertise the Strict-BFD capability, the BGP finite state machine in each router transitions the session state to established after the BFD session with the peer enters the up state. When unconfigured, BGP does not advertise the Strict-BFD capability to peers. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
holdtime number
| Synopsis | Maximum time BGP waits for the BFD session to come up | |
| Context | configure service vprn service-name bgp group named-item-64 bfd-strict-mode advertise holdtime number | |
| Tree | holdtime | |
Description | This command configures the maximum time BGP waits for the BFD session to come up, provided that the Strict-BFD procedures apply to a session, and the negotiated BGP hold time is zero (no keepalives). If the negotiated BGP hold time is greater than zero, the advertised hold time is not considered. | |
| Range | 1 to 65535 | |
| Units | seconds | |
| Default | 30 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
next-hop-reachability boolean
| Synopsis | Consider next hop unreachable if BFD session is down | |
| Context | configure service vprn service-name bgp group named-item-64 bfd-strict-mode next-hop-reachability boolean | |
| Tree | next-hop-reachability | |
Description | When configured to true, the router considers next-hop self routes belonging to specific address families received from a peer within scope of this command as having an unresolved next hop, provided that the following requirements are met:
The unresolved state is maintained until the BFD session state changes to up or administratively down, even if there is a resolving route or tunnel that matches the BGP next-hop address. Routes received from one peer with a BGP next-hop address equal to the address of another peer are not affected by the BFD session to the other peer. The behavior of the router when this command is true does not depend on whether Strict-BFD is used, as both features are independent. Configuring this command to true only affects routes belonging to the following address families:
When configured to false, the router does not consider next-hop self routes belonging to the preceding address families as having an unresolved next hop if the BFD session goes down. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
capability-negotiation boolean
| Synopsis | Enable capability negotiation | |
| Context | configure service vprn service-name bgp group named-item-64 capability-negotiation boolean | |
| Tree | capability-negotiation | |
Description | When configured to true, this command enables the exchange of capabilities. When configured to false and the peering is flapped, new capabilities are not negotiated and strictly IPv4 exchanges are supported with the peer. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
client-reflect boolean
| Synopsis | Allow cluster RR to advertise routes to its clients | |
| Context | configure service vprn service-name bgp group named-item-64 client-reflect boolean | |
| Tree | client-reflect | |
Description | When unconfigured, this command inherits the value of the global-level setting (true or false). The command cannot be explicitly configured to true. When the command inherits a value of true, client reflection of routes is enabled. When configured to false, this command disables client reflection of routes. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cluster
cluster-id ipv4-address
| Synopsis | Route reflector cluster ID | |
| Context | configure service vprn service-name bgp group named-item-64 cluster cluster-id ipv4-address | |
| Tree | cluster-id | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
connect-retry number
| Synopsis | BGP connect retry timer value | |
| Context | configure service vprn service-name bgp group named-item-64 connect-retry number | |
| Tree | connect-retry | |
| Range | 1 to 65535 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
damp-peer-oscillations
| Synopsis | Enable the damp-peer-oscillations context | |
| Context | configure service vprn service-name bgp group named-item-64 damp-peer-oscillations | |
| Tree | damp-peer-oscillations | |
Description | Commands in this context specify how long a BGP peer session remains in the idle state after an error causes the session to reset. In the idle state, BGP does not initiate or respond to attempts to establish a new session. Repeated errors that occur a short time after each session reset cause longer and longer hold times in the idle state. When unconfigured, command settings are inherited from the global-level configuration. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
error-interval number
| Synopsis | Time after a reset that the session must be error-free | |
| Context | configure service vprn service-name bgp group named-item-64 damp-peer-oscillations error-interval number | |
| Tree | error-interval | |
Description | This command sets the interval of time after a reset, during which the session must be error-free in order to reset the penalty counter and return the idle hold time to the initial wait time. | |
| Range | 0 to 2048 | |
| Default | 30 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
idle-hold-time
| Synopsis | Enter the idle-hold-time context | |
| Context | configure service vprn service-name bgp group named-item-64 damp-peer-oscillations idle-hold-time | |
| Tree | idle-hold-time | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
initial-wait number
| Synopsis | Time session remains in idle state after stabilization | |
| Context | configure service vprn service-name bgp group named-item-64 damp-peer-oscillations idle-hold-time initial-wait number | |
| Tree | initial-wait | |
| Range | 0 to 2048 | |
| Default | 0 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
max-wait number
| Synopsis | Maximum session idle time after repeated instability | |
| Context | configure service vprn service-name bgp group named-item-64 damp-peer-oscillations idle-hold-time max-wait number | |
| Tree | max-wait | |
| Range | 1 to 2048 | |
| Default | 60 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
second-wait number
| Synopsis | Time that doubles after each repeated session failure | |
| Context | configure service vprn service-name bgp group named-item-64 damp-peer-oscillations idle-hold-time second-wait number | |
| Tree | second-wait | |
Description | This command defines the hold time that doubles after each repeated session failure that occurs in a short span of time. | |
| Range | 1 to 2048 | |
| Default | 5 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
damping boolean
default-label-preference
| Synopsis | Enter the default-label-preference context | |
| Context | configure service vprn service-name bgp group named-item-64 default-label-preference | |
| Tree | default-label-preference | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ebgp number
ibgp number
default-preference
| Synopsis | Enter the default-preference context | |
| Context | configure service vprn service-name bgp group named-item-64 default-preference | |
| Tree | default-preference | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ebgp number
ibgp number
description description
| Synopsis | Text description | |
| Context | configure service vprn service-name bgp group named-item-64 description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dynamic-neighbor
| Synopsis | Enter the dynamic-neighbor context | |
| Context | configure service vprn service-name bgp group named-item-64 dynamic-neighbor | |
| Tree | dynamic-neighbor | |
Description | Commands in this context configure dynamic BGP sessions for a peer group. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
interface [interface-name] reference
| Synopsis | Enter the interface list instance | |
| Context | configure service vprn service-name bgp group named-item-64 dynamic-neighbor interface reference | |
| Tree | interface | |
Description | Commands in this context configure an unnumbered VPRN access IP interface for dynamic neighbors. If this interface connects to a network with other BGP routers, sessions with the other routers can be set up automatically without explicitly configuring them as BGP neighbors. The interface must be IPv6 enabled, but because the interface is considered unnumbered, it does not require an IPv4 address or a global-unicast IPv6 address. The sessions are set up using IPv6 link-local addresses. The BGP unnumbered feature supports all address families that allow IPv6 link-local BGP next-hop addresses. This includes IPv4 with the use of RFC 8950 extensions. When an interface is added to the list of dynamic-neighbor interfaces, an outgoing connection attempt is initiated toward any directly connected router on the interface that announces itself using an ICMPv6 router advertisement message. The session attempt is unsuccessful if the peer type is not EBGP, the reported AS number of the peer does not match one of the allowed values, or the maximum session limit of the interface would be exceeded. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[interface-name] reference
| Synopsis | Name of the dynamic neighbor interface | |
| Context | configure service vprn service-name bgp group named-item-64 dynamic-neighbor interface reference | |
| Tree | interface | |
Reference | configure service vprn service-name interface interface-name | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
allowed-peer-as string
| Synopsis | Allowed peer AS value or range of acceptable values | |
| Context | configure service vprn service-name bgp group named-item-64 dynamic-neighbor interface reference allowed-peer-as string | |
| Tree | allowed-peer-as | |
Description | This command specifies a singular allowed peer AS value or a range of acceptable values in the format n1..n2. All values greater than or equal to n1 and less than or equal to n2 are acceptable. For example, if the acceptable peer AS numbers are 65001 to 65005 (range) and 62100 (singular value), configure this command to use a value of [65001..65005 62100]. | |
| Max. instances | 32 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
max-sessions number
| Synopsis | Maximum number of dynamic sessions allowed | |
| Context | configure service vprn service-name bgp group named-item-64 dynamic-neighbor interface reference max-sessions number | |
| Tree | max-sessions | |
Description | This command specifies the maximum number of dynamic sessions that are allowed to be set up on the interface as a result of accepting sessions from link-local addresses or initiating sessions by receiving IPv6 router advertisements. | |
| Range | 1 to 255 | |
| Default | 1 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
match
prefix [ip-prefix] (ipv4-prefix | ipv6-prefix)
[ip-prefix] (ipv4-prefix | ipv6-prefix)
allowed-peer-as string
| Synopsis | Allowed peer AS value or range of acceptable values | |
| Context | configure service vprn service-name bgp group named-item-64 dynamic-neighbor match prefix (ipv4-prefix | ipv6-prefix) allowed-peer-as string | |
| Tree | allowed-peer-as | |
Description | This command specifies a singular allowed peer AS value or a range of acceptable values in the format n1..n2. All values greater than or equal to n1 and less than or equal to n2 are acceptable. For example, if the acceptable peer AS numbers are 65001 to 65005 (range) and 62100 (singular value), configure this command to use a value of [65001..65005 62100]. | |
| Max. instances | 32 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dynamic-neighbor-limit number
| Synopsis | Maximum dynamic BGP sessions to accept from remote peer | |
| Context | configure service vprn service-name bgp group named-item-64 dynamic-neighbor-limit number | |
| Tree | dynamic-neighbor-limit | |
Description | This command configures the maximum number of dynamic BGP sessions that are accepted from remote peers associated with a specific peer group. If accepting a new dynamic session causes the group limit to be exceeded, the new session attempt is rejected and a Notification message is sent back to the remote peer. When unconfigured, the setting is inherited from the BGP global-level configuration. | |
| Range | 1 to 8192 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ebgp-default-reject-policy
| Synopsis | Enable the ebgp-default-reject-policy context | |
| Context | configure service vprn service-name bgp group named-item-64 ebgp-default-reject-policy | |
| Tree | ebgp-default-reject-policy | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
export boolean
import boolean
enforce-first-as boolean
| Synopsis | Enforce the configured peer AS value in received routes | |
| Context | configure service vprn service-name bgp group named-item-64 enforce-first-as boolean | |
| Tree | enforce-first-as | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
error-handling
| Synopsis | Enter the error-handling context | |
| Context | configure service vprn service-name bgp group named-item-64 error-handling | |
| Tree | error-handling | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
update-fault-tolerance boolean
| Synopsis | Tolerate non-critical errors in UPDATE messages | |
| Context | configure service vprn service-name bgp group named-item-64 error-handling update-fault-tolerance boolean | |
| Tree | update-fault-tolerance | |
Description | When configured to true, non-critical errors are handled with treat-as-withdraw, attribute-discard, and other non-disruptive approaches that do not cause a session reset. Critical errors still trigger a session reset. When unconfigured, the command inherits the value of the global-level setting (true or false). The command cannot be explicitly configured to false. When this command inherits a value of false, all errors trigger a session reset. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
evpn-link-bandwidth
| Synopsis | Enter the evpn-link-bandwidth context | |
| Context | configure service vprn service-name bgp group named-item-64 evpn-link-bandwidth | |
| Tree | evpn-link-bandwidth | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
add-to-received-bgp number
| Synopsis | Weight added to received PE-CE BGP routes | |
| Context | configure service vprn service-name bgp group named-item-64 evpn-link-bandwidth add-to-received-bgp number | |
| Tree | add-to-received-bgp | |
Description | This command configures the weight value added to all BGP PE-CE routes for the purpose of weighted ECMP if EVPN-IFL and BGP PE-CE routes are combined into the same ECMP set. For the load-balancing betweeen EVPN-IFL and BGP PE-CE routes the configure service vprn bgp eibgp-loadbalance command must already be configured in the system. | |
| Range | 1 to 128 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
export
policy (policy-expr-string | string)
extended-nh-encoding
| Synopsis | Enable the extended-nh-encoding context | |
| Context | configure service vprn service-name bgp group named-item-64 extended-nh-encoding | |
| Tree | extended-nh-encoding | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4 boolean
family
flow-ipv6 boolean
ipv4 boolean
ipv6 boolean
label-ipv4 boolean
| Synopsis | Advertise support for the label-IPv4 address family | |
| Context | configure service vprn service-name bgp group named-item-64 family label-ipv4 boolean | |
| Tree | label-ipv4 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
mcast-ipv4 boolean
| Synopsis | Advertise support for the MCAST-IPv4 address family | |
| Context | configure service vprn service-name bgp group named-item-64 family mcast-ipv4 boolean | |
| Tree | mcast-ipv4 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
mcast-ipv6 boolean
| Synopsis | Advertise support for the MCAST-IPv6 address family | |
| Context | configure service vprn service-name bgp group named-item-64 family mcast-ipv6 boolean | |
| Tree | mcast-ipv6 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
fast-external-failover boolean
| Synopsis | Drop external BGP session immediately when link fails | |
| Context | configure service vprn service-name bgp group named-item-64 fast-external-failover boolean | |
| Tree | fast-external-failover | |
Description | When this command inherits a value of true, the router drops an external BGP session on a single-hop route immediately when the local interface goes down. When unconfigured, the command inherits the value of the global-level setting (true or false). The command cannot be explicitly configured to true. When configured to false, the BGP session remains up until the hold time expires. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
graceful-restart
| Synopsis | Enable the graceful-restart context | |
| Context | configure service vprn service-name bgp group named-item-64 graceful-restart | |
| Tree | graceful-restart | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
gr-notification boolean
| Synopsis | Perform graceful restart procedures after NOTIFICATION | |
| Context | configure service vprn service-name bgp group named-item-64 graceful-restart gr-notification boolean | |
| Tree | gr-notification | |
Description | When configured to true, the Graceful Restart capability sent by the router indicates support for NOTIFICATION messages. If the peer also supports this capability, the session is restarted gracefully (while preserving forwarding) if either peer sends a NOTIFICATION message due to some type of event or error. When configured to false, NOTIFICATION messages are not supported. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
long-lived
| Synopsis | Enable the long-lived context | |
| Context | configure service vprn service-name bgp group named-item-64 graceful-restart long-lived | |
| Tree | long-lived | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
advertise-stale-to-all-neighbors boolean
| Synopsis | Advertise stale routes to all BGP peers | |
| Context | configure service vprn service-name bgp group named-item-64 graceful-restart long-lived advertise-stale-to-all-neighbors boolean | |
| Tree | advertise-stale-to-all-neighbors | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
advertised-stale-time number
| Synopsis | Advertised long-lived stale time for LLGR routes | |
| Context | configure service vprn service-name bgp group named-item-64 graceful-restart long-lived advertised-stale-time number | |
| Tree | advertised-stale-time | |
| Range | 0 to 16777215 | |
| Default | 86400 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
family [family-type] keyword
| Synopsis | Enter the family list instance | |
| Context | configure service vprn service-name bgp group named-item-64 graceful-restart long-lived family keyword | |
| Tree | family | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[family-type] keyword
| Synopsis | Address family type for LLGR | |
| Context | configure service vprn service-name bgp group named-item-64 graceful-restart long-lived family keyword | |
| Tree | family | |
| Options | ||
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
advertised-stale-time number
| Synopsis | LLGR stale routes time for family override | |
| Context | configure service vprn service-name bgp group named-item-64 graceful-restart long-lived family keyword advertised-stale-time number | |
| Tree | advertised-stale-time | |
Description | This command configures the long-lived stale routes time that is advertised by the router in its LLGR capability. This command applies to all AFI/SAFI in the advertised LLGR capability with a family-specific override. | |
| Range | 0 to 16777215 | |
| Default | 86400 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
helper-override-stale-time number
| Synopsis | Locally-configured stale routes override time | |
| Context | configure service vprn service-name bgp group named-item-64 graceful-restart long-lived family keyword helper-override-stale-time number | |
| Tree | helper-override-stale-time | |
Description | This command configures a locally-imposed LLGR stale time that overrides the long-lived stale routes time that is advertised by the router in its LLGR capability. This is a family-specific override value. | |
| Range | 0 to 16777216 | |
| Default | 16777216 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
forwarding-bits-set keyword
| Synopsis | BGP LLGR forwarding-bit behavior for address family | |
| Context | configure service vprn service-name bgp group named-item-64 graceful-restart long-lived forwarding-bits-set keyword | |
| Tree | forwarding-bits-set | |
Description | This command determines the setting of the F bit in the GR and LLGR capabilities advertised by the router. When the F bit is set for an address family, it indicates that the advertising router is able to preserve forwarding state for the routes of that address family across the last restart. When the session is re-established after a restart and the F bit is not set, all stale routes from the peer are immediately removed for the corresponding address family. This command allows the F bit to be set for all address families or only for non-forwarding address families (L2-VPN, route target, flow-IPv4, and flow-IPv6). | |
| Options | ||
| Default | none | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
helper-override-restart-time number
| Synopsis | Locally-configured override for restart time | |
| Context | configure service vprn service-name bgp group named-item-64 graceful-restart long-lived helper-override-restart-time number | |
| Tree | helper-override-restart-time | |
Description | This command overrides the restart time advertised by a peer (in its GR capability) with a locally-configured value. This override applies only to AFI/SAFI that were included in the GR capability of the peer. The restart-time is always zero for AFI/SAFI not included in the GR capability. This command is useful if the local router wants to force the LLGR phase to begin after a set time for all protected AFI/SAFI. | |
| Range | 0 to 4095 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
helper-override-stale-time number
| Synopsis | Locally-configured stale routes override time | |
| Context | configure service vprn service-name bgp group named-item-64 graceful-restart long-lived helper-override-stale-time number | |
| Tree | helper-override-stale-time | |
Description | This command configures a locally-imposed LLGR stale time that overrides the long-lived stale routes time that is advertised by the router in its LLGR capability. This command applies to all AFI/SAFI in the advertised LLGR capability except for any AFI/SAFI with a family-specific override. | |
| Range | 0 to 16777215 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
without-no-export boolean
| Synopsis | Advertise LLGR stale routes to non-LLGR peers | |
| Context | configure service vprn service-name bgp group named-item-64 graceful-restart long-lived without-no-export boolean | |
| Tree | without-no-export | |
Description | When configured to true, LLGR stale routes can be advertised to any peer (EBGP or IBGP) that did not signal the LLGR capability. For IBGP and confederation-EBGP peers that did not advertise the LLGR capability, the local preference attribute in the advertised stale routes is automatically set to 0. When configured to false, LLGR stale routes are not advertised to any EBGP peer that did not signal the LLGR capability. For IBGP and confederation-EBGP peers that did not advertise the LLGR capability, the local preference attribute in the advertised stale routes is automatically set to 0 and a NO_EXPORT standard community is automatically added to the routes. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
restart-time number
| Synopsis | Restart time advertised by GR capability | |
| Context | configure service vprn service-name bgp group named-item-64 graceful-restart restart-time number | |
| Tree | restart-time | |
| Range | 0 to 4095 | |
| Default | 300 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
stale-routes-time number
| Synopsis | Maximum time to maintain routes after graceful restart | |
| Context | configure service vprn service-name bgp group named-item-64 graceful-restart stale-routes-time number | |
| Tree | stale-routes-time | |
| Range | 1 to 3600 | |
| Default | 360 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
hold-time
minimum-hold-time number
| Synopsis | Minimum hold time between successive messages | |
| Context | configure service vprn service-name bgp group named-item-64 hold-time minimum-hold-time number | |
| Tree | minimum-hold-time | |
Description | This command specifies the minimum hold time that is accepted for the session. If a peer proposes a hold time lower than this value, the session attempt is rejected. When unconfigured, the command value is inherited from the BGP global-level setting. | |
| Range | 0 | 3 to 65536 | |
| Default | 0 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
seconds number
| Synopsis | Maximum time BGP waits between successive messages | |
| Context | configure service vprn service-name bgp group named-item-64 hold-time seconds number | |
| Tree | seconds | |
Description | This command configures the maximum time BGP waits between successive messages (either keepalive or update) from its peer before closing the connection. Although the implementation allows setting the keepalive timer at the BGP group level times separately, the configured keepalive timer is overridden by this value under the following circumstances.
When unconfigured, the command setting is inherited from the BGP global-level configuration. | |
| Range | 0 | 3 to 65535 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
import
policy (policy-expr-string | string)
initial-send-delay-zero boolean
| Synopsis | Send BGP updates as soon as the session comes up | |
| Context | configure service vprn service-name bgp group named-item-64 initial-send-delay-zero boolean | |
| Tree | initial-send-delay-zero | |
Description | When configured to true, BGP updates are sent as soon as the session comes up. When unconfigured, the command inherits the value of the global-level setting (true or false). The command cannot be explicitly configured to false. When this command inherits a value of false, BGP waits to send UPDATE messages for the minimum route advertisement time after a session is established. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
keepalive number
| Synopsis | Time after which the BGP KEEPALIVE message is sent | |
| Context | configure service vprn service-name bgp group named-item-64 keepalive number | |
| Tree | keepalive | |
Description | This command configures the BGP keepalive timer value. A keepalive message is sent every time this timer expires. This value is generally one-third of the hold time interval configured in the hold-time seconds context. Although the implementation allows this keepalive value and the hold time interval to be independently set, under the following circumstances, the configured keepalive value is overridden by the hold time interval value:
When unconfigured, the command inherits the BGP global-level setting. | |
| Range | 0 to 21845 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
label-preference number
| Synopsis | Route preference for routes from labeled-unicast peers | |
| Context | configure service vprn service-name bgp group named-item-64 label-preference number | |
| Tree | label-preference | |
| Range | 1 to 255 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
link-bandwidth
| Synopsis | Enter the link-bandwidth context | |
| Context | configure service vprn service-name bgp group named-item-64 link-bandwidth | |
| Tree | link-bandwidth | |
Description | Commands in this context specify the handling of the Link Bandwidth Extended Community attached to specific BGP routes. When all used multipaths of an IP prefix correspond to BGP routes with a Link Bandwidth EC, the datapath is programmed to use weighted ECMP across the BGP next hops in proportion to the bandwidth values. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
accept-from-ebgp
| Synopsis | Enter the accept-from-ebgp context | |
| Context | configure service vprn service-name bgp group named-item-64 link-bandwidth accept-from-ebgp | |
| Tree | accept-from-ebgp | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4 boolean
| Synopsis | Support Link Bandwidth EC in IPv4 routes | |
| Context | configure service vprn service-name bgp group named-item-64 link-bandwidth accept-from-ebgp ipv4 boolean | |
| Tree | ipv4 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ipv6 boolean
| Synopsis | Support Link Bandwidth EC in IPv6 routes | |
| Context | configure service vprn service-name bgp group named-item-64 link-bandwidth accept-from-ebgp ipv6 boolean | |
| Tree | ipv6 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
label-ipv4 boolean
| Synopsis | Support Link Bandwidth EC in label-IPv4 routes | |
| Context | configure service vprn service-name bgp group named-item-64 link-bandwidth accept-from-ebgp label-ipv4 boolean | |
| Tree | label-ipv4 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
add-to-received-ebgp
| Synopsis | Enter the add-to-received-ebgp context | |
| Context | configure service vprn service-name bgp group named-item-64 link-bandwidth add-to-received-ebgp | |
| Tree | add-to-received-ebgp | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4 boolean
| Synopsis | Support Link Bandwidth EC in IPv4 routes | |
| Context | configure service vprn service-name bgp group named-item-64 link-bandwidth add-to-received-ebgp ipv4 boolean | |
| Tree | ipv4 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ipv6 boolean
| Synopsis | Support Link Bandwidth EC in IPv6 routes | |
| Context | configure service vprn service-name bgp group named-item-64 link-bandwidth add-to-received-ebgp ipv6 boolean | |
| Tree | ipv6 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
label-ipv4 boolean
| Synopsis | Support Link Bandwidth EC in label-IPv4 routes | |
| Context | configure service vprn service-name bgp group named-item-64 link-bandwidth add-to-received-ebgp label-ipv4 boolean | |
| Tree | label-ipv4 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
aggregate-used-paths
| Synopsis | Enter the aggregate-used-paths context | |
| Context | configure service vprn service-name bgp group named-item-64 link-bandwidth aggregate-used-paths | |
| Tree | aggregate-used-paths | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4 boolean
| Synopsis | Support Link Bandwidth EC in IPv4 routes | |
| Context | configure service vprn service-name bgp group named-item-64 link-bandwidth aggregate-used-paths ipv4 boolean | |
| Tree | ipv4 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ipv6 boolean
| Synopsis | Support Link Bandwidth EC in IPv6 routes | |
| Context | configure service vprn service-name bgp group named-item-64 link-bandwidth aggregate-used-paths ipv6 boolean | |
| Tree | ipv6 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
label-ipv4 boolean
| Synopsis | Support Link Bandwidth EC in label-IPv4 routes | |
| Context | configure service vprn service-name bgp group named-item-64 link-bandwidth aggregate-used-paths label-ipv4 boolean | |
| Tree | label-ipv4 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
send-to-ebgp
| Synopsis | Enter the send-to-ebgp context | |
| Context | configure service vprn service-name bgp group named-item-64 link-bandwidth send-to-ebgp | |
| Tree | send-to-ebgp | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4 boolean
| Synopsis | Support Link Bandwidth EC in IPv4 routes | |
| Context | configure service vprn service-name bgp group named-item-64 link-bandwidth send-to-ebgp ipv4 boolean | |
| Tree | ipv4 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ipv6 boolean
| Synopsis | Support Link Bandwidth EC in IPv6 routes | |
| Context | configure service vprn service-name bgp group named-item-64 link-bandwidth send-to-ebgp ipv6 boolean | |
| Tree | ipv6 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
label-ipv4 boolean
| Synopsis | Support Link Bandwidth EC in label-IPv4 routes | |
| Context | configure service vprn service-name bgp group named-item-64 link-bandwidth send-to-ebgp label-ipv4 boolean | |
| Tree | label-ipv4 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
local-address (ipv4-address-no-zone | ipv6-address-no-zone | interface-name)
| Synopsis | Local IP address used when communicating with BGP peers | |
| Context | configure service vprn service-name bgp group named-item-64 local-address (ipv4-address-no-zone | ipv6-address-no-zone | interface-name) | |
| Tree | local-address | |
| String length | 1 to 32 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
local-as
as-number number
prepend-global-as boolean
| Synopsis | Prepend global ASN when advertising routes to BGP peer | |
| Context | configure service vprn service-name bgp group named-item-64 local-as prepend-global-as boolean | |
| Tree | prepend-global-as | |
Description | When configured to true, the global ASN is added to the AS_PATH attribute in outbound routes sent to the peer. When configured to false, the global ASN is not included in the AS_PATH attribute. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
private boolean
| Synopsis | Hide the local ASN in sent paths learned from peering | |
| Context | configure service vprn service-name bgp group named-item-64 local-as private boolean | |
| Tree | private | |
Description | When configured to true, the local AS number is only advertised to peers that use the local ASN for establishing BGP peering sessions. When configured to false, the local ASN is advertised to all peers, including those that can use the global ASN for establishing BGP peering sessions. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
local-preference number
| Synopsis | Default local preference if not in incoming routes | |
| Context | configure service vprn service-name bgp group named-item-64 local-preference number | |
| Tree | local-preference | |
| Range | 0 to 4294967295 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
loop-detect keyword
| Synopsis | Strategy for loop detection in the AS path | |
| Context | configure service vprn service-name bgp group named-item-64 loop-detect keyword | |
| Tree | loop-detect | |
| Options | ||
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
loop-detect-threshold number
| Synopsis | Threshold for the global ASN in a received AS path | |
| Context | configure service vprn service-name bgp group named-item-64 loop-detect-threshold number | |
| Tree | loop-detect-threshold | |
| Range | 0 to 15 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
med-out (number | keyword)
min-route-advertisement number
| Synopsis | Minimum time before a prefix can be advertised to peer | |
| Context | configure service vprn service-name bgp group named-item-64 min-route-advertisement number | |
| Tree | min-route-advertisement | |
| Range | 1 to 255 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
multihop number
multipath-eligible boolean
| Synopsis | Allow routes from group peers in multipath eligibility | |
| Context | configure service vprn service-name bgp group named-item-64 multipath-eligible boolean | |
| Tree | multipath-eligible | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
next-hop-self boolean
| Synopsis | Advertise routes with local address as next-hop address | |
| Context | configure service vprn service-name bgp group named-item-64 next-hop-self boolean | |
| Tree | next-hop-self | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
origin-validation
| Synopsis | Enter the origin-validation context | |
| Context | configure service vprn service-name bgp group named-item-64 origin-validation | |
| Tree | origin-validation | |
Description | Commands in this context configure the marking of every inbound IPv4, IPv6, and labeled IPv4 route from the BGP peer with one of the following origin validation states:
The configurations apply to all types of VPRN BGP peers, but generally should be applied only to EBGP peers and groups that contain only EBGP peers. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4 boolean
ipv6 boolean
label-ipv4 boolean
| Synopsis | Enable support for labeled-unicast IPv4 routes | |
| Context | configure service vprn service-name bgp group named-item-64 origin-validation label-ipv4 boolean | |
| Tree | label-ipv4 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
passive boolean
path-mtu-discovery boolean
| Synopsis | Enable Path MTU Discovery | |
| Context | configure service vprn service-name bgp group named-item-64 path-mtu-discovery boolean | |
| Tree | path-mtu-discovery | |
Description | When configured to true, Path MTU Discovery (PMTUD) is enabled for the associated TCP connections. When set to true, PMTUD is activated toward an IPv4 BGP neighbor and the Don’t Fragment (DF) bit is set in the IP header of all IPv4 packets sent to the peer. If any device along the path toward the peer cannot forward the packet because the IP MTU of the interface is smaller than the IP packet size, this device drops the packet and sends an ICMP or ICMPv6 error message encoding the interface MTU. When the router receives the ICMP or ICMPv6 message, it lowers the TCP maximum segment size limit from the previous value so that the IP MTU constraint can be accommodated. When configured to false and there is no TCP MSS configuration that can be associated with a BGP neighbor (in either the BGP configuration or the first hop IP interface configuration), the router advertises a value of only 1024 bytes as the TCP MSS option value, limiting received TCP segments to that size. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
peer-as number
peer-ip-tracking boolean
| Synopsis | Enable BGP peer tracking | |
| Context | configure service vprn service-name bgp group named-item-64 peer-ip-tracking boolean | |
| Tree | peer-ip-tracking | |
Description | When configured to true, this command enables BGP peer tracking. Peer tracking should be used with caution. Peer tracking can tear a session down even if the loss of connectivity turns out to be short-lived (for example, while the IGP protocol is re-converging). Next-hop tracking, which is always enabled, handles temporary connectivity issues more effectively. When unconfigured, the command inherits the value of the global-level setting (true or false). The command cannot be explicitly configured to false. When this command inherits a value of false, peer tracking is disabled. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
preference number
| Synopsis | Route preference for routes learned from all peers | |
| Context | configure service vprn service-name bgp group named-item-64 preference number | |
| Tree | preference | |
| Range | 1 to 255 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
prefix-limit [family] keyword
| Synopsis | Enter the prefix-limit list instance | |
| Context | configure service vprn service-name bgp group named-item-64 prefix-limit keyword | |
| Tree | prefix-limit | |
Description | Commands in this context limit the number of BGP routes per address family received from a BGP peer and define the actions when crossing the configured maximum. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[family] keyword
| Synopsis | Address family to which the limit applies | |
| Context | configure service vprn service-name bgp group named-item-64 prefix-limit keyword | |
| Tree | prefix-limit | |
| Options | ||
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
hold-excess number
| Synopsis | Percentage of maximum routes to install in route table | |
| Context | configure service vprn service-name bgp group named-item-64 prefix-limit keyword hold-excess number | |
| Tree | hold-excess | |
Description | This command specifies the percentage of maximum routes that are allowed to be installed in the route table for the configured address family. If a peer within scope of the configuration exceeds the limit, the overflow routes are held in the BGP RIB as inactive routes and are ineligible for forwarding and advertisement to other peers. If the post-import command is configured to true, only routes not rejected by import policies count toward the limit. A BGP route in an overflow state is reconsidered for activation and reinstallation when an UPDATE message is received for the route. This command is mutually exclusive with the idle-timeout and log-only commands. | |
| Range | 1 to 100 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
idle-timeout number
| Synopsis | Time BGP peering remains idle before reconnecting | |
| Context | configure service vprn service-name bgp group named-item-64 prefix-limit keyword idle-timeout number | |
| Tree | idle-timeout | |
Description | This command configures the time in minutes before a BGP peer is automatically re-established after reaching the prefix limit. When unconfigured, the BGP peer stays down until the operator performs a reset. This command and log-only cannot be configured simultaneously. | |
| Range | 1 to 1024 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
log-only boolean
| Synopsis | Send warning message at threshold instead of take-down | |
| Context | configure service vprn service-name bgp group named-item-64 prefix-limit keyword log-only boolean | |
| Tree | log-only | |
Description | When configured to true, the router disables the BGP session from being taken down upon reaching the prefix limit. Instead, only a warning message is sent when the limit is reached. A warning message is also sent when the configured threshold percentage of the limit is reached. This command and idle-timeout cannot be configured simultaneously. When configured to false, the router generates a log event and takes the BGP session down upon reaching the prefix limit. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
maximum number
| Synopsis | Maximum number of routes to be learned from a peer | |
| Context | configure service vprn service-name bgp group named-item-64 prefix-limit keyword maximum number | |
| Tree | maximum | |
Description | This command configures the maximum number of BGP routes of the specified address family that can be received from a peer before administrative action is taken. When log-only is unconfigured, the BGP session is taken down whenever the limit of any family is exceeded even if the limits of the other family has not been exceeded. | |
| Range | 1 to 4294967295 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
post-import boolean
| Synopsis | Apply limit only to routes accepted by import policies | |
| Context | configure service vprn service-name bgp group named-item-64 prefix-limit keyword post-import boolean | |
| Tree | post-import | |
Description | When configured to true, the system limits the number of routes that are accepted by import policies. Routes rejected by import policies are not counted against the configured limit. When configured to false, the system limits the number of routes to all routes received from the peer. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
threshold number
remove-private
| Synopsis | Enable the remove-private context | |
| Context | configure service vprn service-name bgp group named-item-64 remove-private | |
| Tree | remove-private | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
limited boolean
replace boolean
skip-peer-as boolean
| Synopsis | Keep private ASN if it is the same as the BGP peer ASN | |
| Context | configure service vprn service-name bgp group named-item-64 remove-private skip-peer-as boolean | |
| Tree | skip-peer-as | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
send-communities
| Synopsis | Enter the send-communities context | |
| Context | configure service vprn service-name bgp group named-item-64 send-communities | |
| Tree | send-communities | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
extended boolean
| Synopsis | Advertise the Extended Communities attribute to peers | |
| Context | configure service vprn service-name bgp group named-item-64 send-communities extended boolean | |
| Tree | extended | |
Description | When unconfigured, this command inherits the value of the global-level setting (true or false). The command cannot be explicitly configured to true. When this command inherits a value of true, BGP extended communities are sent to peers in the Extended Communities attribute. When configured to false, all extended communities are removed from all routes advertised to BGP peers. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
large boolean
| Synopsis | Advertise the Large Communities attribute to peers | |
| Context | configure service vprn service-name bgp group named-item-64 send-communities large boolean | |
| Tree | large | |
Description | When unconfigured, this command inherits the value of the global-level setting (true or false). The command cannot be explicitly configured to true. When this command inherits a value of true, BGP large communities are sent to peers in the Large Communities attribute. When configured to false, all large communities are removed from all routes advertised to BGP peers. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
standard boolean
| Synopsis | Advertise the Communities attribute to peers | |
| Context | configure service vprn service-name bgp group named-item-64 send-communities standard boolean | |
| Tree | standard | |
Description | When unconfigured, this command inherits the value of the global-level setting (true or false). The command cannot be explicitly configured to true. When this command inherits a value of true, BGP standard communities are sent to peers in the Communities attribute. When configured to false, all standard communities are removed from all routes advertised to BGP peers. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
send-default
| Synopsis | Enable the send-default context | |
| Context | configure service vprn service-name bgp group named-item-64 send-default | |
| Tree | send-default | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
export-policy reference
| Synopsis | Export policy name | |
| Context | configure service vprn service-name bgp group named-item-64 send-default export-policy reference | |
| Tree | export-policy | |
Reference | configure policy-options policy-statement named-item-64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4 boolean
ipv6 boolean
split-horizon boolean
| Synopsis | Prevent routes being reflected back to best-route peer | |
| Context | configure service vprn service-name bgp group named-item-64 split-horizon boolean | |
| Tree | split-horizon | |
Description | When configured to true, this command enables the use of split-horizon. This command prevents routes from being reflected back to a peer that sends the best route. It applies to routes of all address families and to any type of sending peer; confed-EBGP, EBGP and IBGP. Enabling the split-horizon functionality may have a detrimental impact on peer and route scaling and should only be used when absolutely necessary. When unconfigured, the command inherits the value of the global-level setting (true or false). The command cannot be explicitly configured to false. When this command inherits a value of false, the use of split-horizon is disabled. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
static-group boolean
| Synopsis | Use group for static peers | |
| Context | configure service vprn service-name bgp group named-item-64 static-group boolean | |
| Tree | static-group | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
tcp-mss (number | keyword)
| Synopsis | TCP maximum segment size override | |
| Context | configure service vprn service-name bgp group named-item-64 tcp-mss (number | keyword) | |
| Tree | tcp-mss | |
Description | This command configures an override for the TCP maximum segment size to use with a specific peer or set of peers (depending on the scope of the command). The configured value controls two properties of the TCP connection as follows: TCP MSS option - The router advertises the TCP MSS option value in the TCP SYN packet it sends as part of the 3-way handshake. The advertised value may be lower than the configured value, depending on the IP MTU of the first hop IP interface. The peers must abide by this value when sending TCP segments to the local router. TCP maximum segment size - The actual transmitted size may be lower than the configured value, depending on the TCP MSS option value signaled by the peers, the effect of path MTU discovery, or other factors. | |
| Range | 384 to 9746 | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
third-party-nexthop boolean
| Synopsis | Apply third-party next-hop processing to EBGP peers | |
| Context | configure service vprn service-name bgp group named-item-64 third-party-nexthop boolean | |
| Tree | third-party-nexthop | |
Description | When configured to true, this command enables the router to send third-party next hop to EBGP peers in the same subnet as the source peer. The address family of the transport must match the address family of the route. When an IPv4 or IPv6 route is received from one EBGP peer and advertised to another EBGP peer in the same IP subnet, the BGP next hop is left unchanged. When unconfigured, the command inherits the value of the global-level setting (true or false). The command cannot be explicitly configured to false. When this command inherits a value of false, third-party next-hop processing is disabled and the next hop carries the IP address of the interface used to establish the TCP connection to the peer. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ttl-security number
| Synopsis | Minimum TTL value for an incoming BGP packet | |
| Context | configure service vprn service-name bgp group named-item-64 ttl-security number | |
| Tree | ttl-security | |
Description | This command configures the minimum TTL value that BGP accepst from an incoming packet. A packet with a TTL value less than the minimum configured TTL value is discarded. | |
| Range | 1 to 255 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
type keyword
hold-time
minimum-hold-time number
| Synopsis | Minimum hold time between successive messages | |
| Context | configure service vprn service-name bgp hold-time minimum-hold-time number | |
| Tree | minimum-hold-time | |
Description | This command specifies the minimum hold time that is accepted for the session. If a peer proposes a hold time lower than this value, the session attempt is rejected. | |
| Range | 0 | 3 to 65535 | |
| Default | 0 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
seconds number
| Synopsis | Maximum time BGP waits between successive messages | |
| Context | configure service vprn service-name bgp hold-time seconds number | |
| Tree | seconds | |
Description | This command configures the maximum time BGP waits between successive messages (either keepalive or update) from its peer before closing the connection. Although the implementation allows setting the keepalive timer at the BGP global level times separately, the configured keepalive timer is overridden by this value under the following circumstances.
| |
| Range | 0 | 3 to 65535 | |
| Default | 90 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
ibgp-multipath boolean
| Synopsis | Enable IBGP multipath load balancing | |
| Context | configure service vprn service-name bgp ibgp-multipath boolean | |
| Tree | ibgp-multipath | |
Description | When configured to true, this command enables IBGP multipath load balancing when adding BGP routes to the route table if the route resolving the BGP next hop offers multiple next hops. When configured to false, this command disables IBGP multipath load balancing. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
import
policy (policy-expr-string | string)
initial-send-delay-zero boolean
| Synopsis | Send BGP updates as soon as session comes up | |
| Context | configure service vprn service-name bgp initial-send-delay-zero boolean | |
| Tree | initial-send-delay-zero | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
keepalive number
label-preference number
| Synopsis | Route preference for routes from labeled-unicast peers | |
| Context | configure service vprn service-name bgp label-preference number | |
| Tree | label-preference | |
| Range | 1 to 255 | |
| Default | 170 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
local-as
as-number number
prepend-global-as boolean
| Synopsis | Prepend global AS when advertising routes to BGP peer | |
| Context | configure service vprn service-name bgp local-as prepend-global-as boolean | |
| Tree | prepend-global-as | |
Description | When configured to true, the global ASN is added to the AS_PATH attribute in outbound routes sent to the peer. When configured to false, the global ASN is hidden in paths announced to the EBGP peer. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
private boolean
| Synopsis | Hide the local ASN in sent paths learned from peering | |
| Context | configure service vprn service-name bgp local-as private boolean | |
| Tree | private | |
Description | When configured to true, the local ASN is hidden in paths learned from the peering. When configured to false, the local ASN is advertised to all peers, including those that can use the global ASN for establishing BGP peering sessions. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
local-preference number
| Synopsis | Default local preference if not in incoming routes | |
| Context | configure service vprn service-name bgp local-preference number | |
| Tree | local-preference | |
| Max. range | 0 to 4294967295 | |
| Default | 100 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
loop-detect keyword
| Synopsis | Strategy for loop detection in the AS path | |
| Context | configure service vprn service-name bgp loop-detect keyword | |
| Tree | loop-detect | |
| Options | ||
| Default | ignore-loop | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
loop-detect-threshold number
| Synopsis | Threshold for the global ASN in a received AS path | |
| Context | configure service vprn service-name bgp loop-detect-threshold number | |
| Tree | loop-detect-threshold | |
| Range | 0 to 15 | |
| Default | 0 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
med-out (number | keyword)
min-route-advertisement number
| Synopsis | Minimum time before a prefix can be advertised to peer | |
| Context | configure service vprn service-name bgp min-route-advertisement number | |
| Tree | min-route-advertisement | |
| Range | 1 to 255 | |
| Default | 30 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
multihop number
| Synopsis | TTL in IP packet headers for EBGP peers multi-hops away | |
| Context | configure service vprn service-name bgp multihop number | |
| Tree | multihop | |
Description | This command configures the Time to Live (TTL) value entered in the IP header of packets sent to an EBGP peer multiple hops away. This command applies only to EBGP. | |
| Range | 1 to 255 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
multipath
ebgp number
family [family-type] keyword
| Synopsis | Enter the family list instance | |
| Context | configure service vprn service-name bgp multipath family keyword | |
| Tree | family | |
Description | Commands in this context set ECMP multipath parameters that apply only to the specified label unicast address family. When multipath is enabled, traffic to the destination is load-shared across a set of paths (BGP routes) that the BGP decision process considers equal to the best path. The distribution of traffic over the multiple paths may or may not be equal. The distribution is based on weights derived from the Link Bandwidth Extended Community. For more information about the criteria a non-best route must meet to qualify as a multipath, see “BGP route installation in the route table” in the 7705 SAR Gen 2 Unicast Routing Protocols User Guide. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[family-type] keyword
ebgp number
| Synopsis | Maximum multipaths when best path is EBGP learned route | |
| Context | configure service vprn service-name bgp multipath family keyword ebgp number | |
| Tree | ebgp | |
Description | This command configures the maximum number of multipaths per prefix or NLRI when the best path is an EBGP learned route. The limit configured using this command overrides the limit configured in the max-paths command. If the best path is an EBGP learned route, and this command is set to 1, multipaths are disabled. | |
| Range | 1 to 64 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ibgp number
| Synopsis | Maximum multipaths when best path is IBGP learned route | |
| Context | configure service vprn service-name bgp multipath family keyword ibgp number | |
| Tree | ibgp | |
Description | This command configures the maximum number of multipaths per prefix or NLRI when the best path is an IBGP learned route. The limit configured using this command overrides the limit configured in the max-paths command. If the best path is an IBGP learned route and this command is set to 1, multipaths are disabled. | |
| Range | 1 to 64 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
max-paths number
| Synopsis | Maximum number of multipaths per prefix or NLRI | |
| Context | configure service vprn service-name bgp multipath family keyword max-paths number | |
| Tree | max-paths | |
Description | This command configures the maximum number of multipaths per prefix or NLRI for the IP family option specified using the family command. Consider the following when configuring this command:
| |
| Range | 1 to 64 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
restrict keyword
unequal-cost boolean
| Synopsis | Ignore differences in the next-hop cost for multipath | |
| Context | configure service vprn service-name bgp multipath family keyword unequal-cost boolean | |
| Tree | unequal-cost | |
Description | When configured to true, BGP ignores differences in the next-hop cost when determining eligible multipaths. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ibgp number
max-paths number
restrict keyword
unequal-cost boolean
| Synopsis | Ignore differences in the next-hop cost for multipath | |
| Context | configure service vprn service-name bgp multipath unequal-cost boolean | |
| Tree | unequal-cost | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
neighbor [ip-address] (ipv4-address-with-zone | ipv6-address-with-zone)
[ip-address] (ipv4-address-with-zone | ipv6-address-with-zone)
admin-state keyword
| Synopsis | Administrative state of the BGP neighbor | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
advertise-inactive boolean
| Synopsis | Advertise an inactive BGP route to peers | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) advertise-inactive boolean | |
| Tree | advertise-inactive | |
Description | When configured to true, this command allows an inactive BGP route to be advertised, even though it is not the most preferred route. The effect of the command on advertised unlabeled, labeled, and multicast IPv4 and IPv6 routes depends on several factors.
When unconfigured, the command inherits the value of the global-level setting (true or false). The command cannot be explicitly configured to false. When this command inherits a value of false, the advertisement of inactive BGP routes to other BGP peers is disabled. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
advertise-ipv6-next-hops
| Synopsis | Enable the advertise-ipv6-next-hops context | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) advertise-ipv6-next-hops | |
| Tree | advertise-ipv6-next-hops | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4 boolean
aggregator-id-zero boolean
| Synopsis | Set router ID in the BGP AGGREGATOR attribute to zero | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) aggregator-id-zero boolean | |
| Tree | aggregator-id-zero | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
as-override boolean
| Synopsis | Replace the peer ASN with the local ASN in AS Path | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) as-override boolean | |
| Tree | as-override | |
Description | When configured to true, the advertising router's local AS replaces all occurrences of the peer AS in the AS_PATH attribute. This command should be used with caution, as it breaks BGP's loop detection mechanism. When unconfigured, the command inherits the value of the group-level setting (true or false). This command cannot be explicitly configured to false. When the command inherits a value of false, no AS override is performed. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
asn-4-byte boolean
| Synopsis | Advertise the use of 4-byte ASNs | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) asn-4-byte boolean | |
| Tree | asn-4-byte | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authentication-key encrypted-leaf
| Synopsis | BGP authentication key | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) authentication-key encrypted-leaf | |
| Tree | authentication-key | |
| String length | 1 to 370 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authentication-keychain reference
| Synopsis | TCP authentication keychain for the session | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) authentication-keychain reference | |
| Tree | authentication-keychain | |
Description | This command associates the keychain to be used to authenticate the BGP session. The keychain allows the rollover of authentication keys during the lifetime of a session. | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bfd-liveness boolean
| Synopsis | Enable BFD | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) bfd-liveness boolean | |
| Tree | bfd-liveness | |
Description | When configured to true, BFD is enabled on a given protocol interface where the state of the protocol interface is tied to the state of the BFD session between the local node and the remote node. When unconfigured, the command inherits the value of the group-level setting (true or false). The command cannot be explicitly configured to false. When this command inherits a value of false, BFD is removed from the associated protocol adjacency. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bfd-strict-mode
| Synopsis | Enter the bfd-strict-mode context | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) bfd-strict-mode | |
| Tree | bfd-strict-mode | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
advertise
| Synopsis | Enable the advertise context | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) bfd-strict-mode advertise | |
| Tree | advertise | |
Description | Commands in this context configure BGP to advertise the Strict-BFD capability to peers that are within scope of this command and meet the following requirements:
When the preceding conditions are satisfied and two peers attempting to form a session both advertise the Strict-BFD capability, the BGP finite state machine in each router transitions the session state to established after the BFD session with the peer enters the up state. When unconfigured, BGP does not advertise the Strict-BFD capability to peers. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
holdtime number
| Synopsis | Maximum time BGP waits for the BFD session to come up | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) bfd-strict-mode advertise holdtime number | |
| Tree | holdtime | |
Description | This command configures the maximum time BGP waits for the BFD session to come up, provided that the Strict-BFD procedures apply to a session, and the negotiated BGP hold time is zero (no keepalives). If the negotiated BGP hold time is greater than zero, the advertised hold time is not considered. | |
| Range | 1 to 65535 | |
| Units | seconds | |
| Default | 30 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
next-hop-reachability boolean
| Synopsis | Consider next hop unreachable if BFD session is down | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) bfd-strict-mode next-hop-reachability boolean | |
| Tree | next-hop-reachability | |
Description | When configured to true, the router considers next-hop self routes belonging to specific address families received from a peer within scope of this command as having an unresolved next hop, provided that the following requirements are met:
The unresolved state is maintained until the BFD session state changes to up or administratively down, even if there is a resolving route or tunnel that matches the BGP next-hop address. Routes received from one peer with a BGP next-hop address equal to the address of another peer are not affected by the BFD session to the other peer.The behavior of the router when this command is true does not depend on whether Strict-BFD is used, as both features are independent. Configuring this command to true only affects routes belonging to the following address families:
When configured to false, the router does not consider next-hop self routes belonging to the preceding address families as having an unresolved next hop if the BFD session goes down. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
capability-negotiation boolean
| Synopsis | Enable capability negotiation | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) capability-negotiation boolean | |
| Tree | capability-negotiation | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
client-reflect boolean
| Synopsis | Allow cluster RR to advertise routes to its clients | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) client-reflect boolean | |
| Tree | client-reflect | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cluster
cluster-id ipv4-address
| Synopsis | Route reflector cluster ID | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) cluster cluster-id ipv4-address | |
| Tree | cluster-id | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
connect-retry number
| Synopsis | BGP connect retry timer value | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) connect-retry number | |
| Tree | connect-retry | |
| Range | 1 to 65535 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
damp-peer-oscillations
| Synopsis | Enable the damp-peer-oscillations context | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) damp-peer-oscillations | |
| Tree | damp-peer-oscillations | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
error-interval number
| Synopsis | Time after a reset that the session must be error-free | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) damp-peer-oscillations error-interval number | |
| Tree | error-interval | |
Description | This command sets the interval of time after a reset, during which the session must be error-free in order to reset the penalty counter and return the idle hold time to the initial wait time. | |
| Range | 0 to 2048 | |
| Default | 30 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
idle-hold-time
| Synopsis | Enter the idle-hold-time context | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) damp-peer-oscillations idle-hold-time | |
| Tree | idle-hold-time | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
initial-wait number
| Synopsis | Time session remains in idle state after stabilization | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) damp-peer-oscillations idle-hold-time initial-wait number | |
| Tree | initial-wait | |
| Range | 0 to 2048 | |
| Default | 0 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
max-wait number
| Synopsis | Maximum session idle time after repeated instability | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) damp-peer-oscillations idle-hold-time max-wait number | |
| Tree | max-wait | |
| Range | 1 to 2048 | |
| Default | 60 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
second-wait number
| Synopsis | Time that doubles after each repeated session failure | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) damp-peer-oscillations idle-hold-time second-wait number | |
| Tree | second-wait | |
Description | This command defines the hold time that doubles after each repeated session failure that occurs in a short span of time. | |
| Range | 1 to 2048 | |
| Default | 5 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
damping boolean
default-label-preference
| Synopsis | Enter the default-label-preference context | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) default-label-preference | |
| Tree | default-label-preference | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ebgp number
ibgp number
default-preference
| Synopsis | Enter the default-preference context | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) default-preference | |
| Tree | default-preference | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ebgp number
ibgp number
description description
| Synopsis | Text description | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ebgp-default-reject-policy
| Synopsis | Enable the ebgp-default-reject-policy context | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) ebgp-default-reject-policy | |
| Tree | ebgp-default-reject-policy | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
export boolean
import boolean
enforce-first-as boolean
| Synopsis | Enforce the configured peer AS value in received routes | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) enforce-first-as boolean | |
| Tree | enforce-first-as | |
Description | When configured to true for an EBGP session, all routes received from an EBGP peer are checked to ensure that the most recent ASN in the AS_PATH attribute of each route matches the configured AS of the session. If there is not a match, the session is reset (if the update-fault-tolerance command in the error-handling context is set to false) or the session is left up but the route is treated as withdrawn (if update-fault-tolerance is set to true). This command does not flap an established session because it applies only to routes received after the command is issued. When unconfigured, the command inherits the value of the group-level setting (true or false). The command cannot be explicitly configured to false. When this command inherits a value of false, received routes are not checked for compliance with the rule. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
error-handling
| Synopsis | Enter the error-handling context | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) error-handling | |
| Tree | error-handling | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
update-fault-tolerance boolean
| Synopsis | Tolerate non-critical errors in UPDATE messages | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) error-handling update-fault-tolerance boolean | |
| Tree | update-fault-tolerance | |
Description | When configured to true, non-critical errors are handled with treat-as-withdraw, attribute-discard, and other non-disruptive approaches that do not cause a session reset. Critical errors still trigger a session reset. When unconfigured, the command inherits the value of the group-level setting (true or false). The command cannot be explicitly configured to false. When this command inherits a value of false, all errors trigger a session reset. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
evpn-link-bandwidth
| Synopsis | Enter the evpn-link-bandwidth context | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) evpn-link-bandwidth | |
| Tree | evpn-link-bandwidth | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
add-to-received-bgp number
| Synopsis | Weight added to received PE-CE BGP routes | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) evpn-link-bandwidth add-to-received-bgp number | |
| Tree | add-to-received-bgp | |
Description | This command configures the weight value added to all BGP PE-CE routes for the purpose of weighted ECMP if EVPN-IFL and BGP PE-CE routes are combined into the same ECMP set. For the load-balancing betweeen EVPN-IFL and BGP PE-CE routes the configure service vprn bgp eibgp-loadbalance command must already be configured in the system. | |
| Range | 1 to 128 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
export
policy (policy-expr-string | string)
| Synopsis | Export policy name | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) export policy (policy-expr-string | string) | |
| Tree | policy | |
| String length | 1 to 255 | |
| Max. instances | 15 | |
| Min. instances | 1 | |
|
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
extended-nh-encoding
| Synopsis | Enable the extended-nh-encoding context | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) extended-nh-encoding | |
| Tree | extended-nh-encoding | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4 boolean
family
flow-ipv6 boolean
ipv4 boolean
ipv6 boolean
label-ipv4 boolean
| Synopsis | Advertise support for the label-IPv4 address family | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) family label-ipv4 boolean | |
| Tree | label-ipv4 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
mcast-ipv4 boolean
| Synopsis | Advertise support for the MCAST-IPv4 address family | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) family mcast-ipv4 boolean | |
| Tree | mcast-ipv4 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
mcast-ipv6 boolean
| Synopsis | Advertise support for the MCAST-IPv6 address family | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) family mcast-ipv6 boolean | |
| Tree | mcast-ipv6 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
fast-external-failover boolean
| Synopsis | Drop external BGP session immediately when link fails | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) fast-external-failover boolean | |
| Tree | fast-external-failover | |
Description | When this command inherits a value of true, the router drops an external BGP session on a single-hop route immediately when the local interface goes down. When unconfigured, the command inherits the value of the group-level setting (true or false). The command cannot be explicitly configured to true. When configured to false, the BGP session remains up until the hold time expires. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
graceful-restart
| Synopsis | Enable the graceful-restart context | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) graceful-restart | |
| Tree | graceful-restart | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
gr-notification boolean
| Synopsis | Perform graceful restart procedures after NOTIFICATION | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) graceful-restart gr-notification boolean | |
| Tree | gr-notification | |
Description | When configured to true, the Graceful Restart capability sent by the router indicates support for NOTIFICATION messages. If the peer also supports this capability, the session is restarted gracefully (while preserving forwarding) if either peer sends a NOTIFICATION message due to some type of event or error. When configured to false, NOTIFICATION messages are not supported. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
long-lived
| Synopsis | Enable the long-lived context | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) graceful-restart long-lived | |
| Tree | long-lived | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
advertise-stale-to-all-neighbors boolean
| Synopsis | Advertise stale routes to all BGP peers | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) graceful-restart long-lived advertise-stale-to-all-neighbors boolean | |
| Tree | advertise-stale-to-all-neighbors | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
advertised-stale-time number
| Synopsis | Advertised long-lived stale time for LLGR routes | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) graceful-restart long-lived advertised-stale-time number | |
| Tree | advertised-stale-time | |
| Range | 0 to 16777215 | |
| Default | 86400 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
family [family-type] keyword
| Synopsis | Enter the family list instance | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) graceful-restart long-lived family keyword | |
| Tree | family | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[family-type] keyword
| Synopsis | Address family type for LLGR | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) graceful-restart long-lived family keyword | |
| Tree | family | |
| Options | ||
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
advertised-stale-time number
| Synopsis | LLGR stale routes time for family override | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) graceful-restart long-lived family keyword advertised-stale-time number | |
| Tree | advertised-stale-time | |
Description | This command configures the long-lived stale routes time that is advertised by the router in its LLGR capability. This command applies to all AFI/SAFI in the advertised LLGR capability with a family-specific override. | |
| Range | 0 to 16777215 | |
| Default | 86400 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
helper-override-stale-time number
| Synopsis | Locally-configured stale routes override time | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) graceful-restart long-lived family keyword helper-override-stale-time number | |
| Tree | helper-override-stale-time | |
Description | This command configures a locally-imposed LLGR stale time that overrides the long-lived stale routes time that is advertised by the router in its LLGR capability. This is a family-specific override value. | |
| Range | 0 to 16777216 | |
| Default | 16777216 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
forwarding-bits-set keyword
| Synopsis | BGP LLGR forwarding-bit behavior for address family | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) graceful-restart long-lived forwarding-bits-set keyword | |
| Tree | forwarding-bits-set | |
Description | This command determines the setting of the F bit in the GR and LLGR capabilities advertised by the router. When the F bit is set for an address family, it indicates that the advertising router is able to preserve forwarding state for the routes of that address family across the last restart. When the session is re-established after a restart and the F bit is not set, all stale routes from the peer are immediately removed for the corresponding address family. This command allows the F bit to be set for all address families or only for non-forwarding address families (L2-VPN, route target, flow-IPv4, and flow-IPv6). | |
| Options | ||
| Default | none | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
helper-override-restart-time number
| Synopsis | Locally-configured override for restart time | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) graceful-restart long-lived helper-override-restart-time number | |
| Tree | helper-override-restart-time | |
Description | This command overrides the restart time advertised by a peer (in its GR capability) with a locally-configured value. This override applies only to AFI/SAFI that were included in the GR capability of the peer. The restart-time is always zero for AFI/SAFI not included in the GR capability. This command is useful if the local router wants to force the LLGR phase to begin after a set time for all protected AFI/SAFI. | |
| Range | 0 to 4095 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
helper-override-stale-time number
| Synopsis | Locally-configured stale routes override time | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) graceful-restart long-lived helper-override-stale-time number | |
| Tree | helper-override-stale-time | |
Description | This command configures a locally-imposed LLGR stale time that overrides the long-lived stale routes time that is advertised by the router in its LLGR capability. This command applies to all AFI/SAFI in the advertised LLGR capability except for any AFI/SAFI with a family-specific override. | |
| Range | 0 to 16777215 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
without-no-export boolean
| Synopsis | Advertise LLGR stale routes to non-LLGR peers | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) graceful-restart long-lived without-no-export boolean | |
| Tree | without-no-export | |
Description | When configured to true, LLGR stale routes can be advertised to any peer (EBGP or IBGP) that did not signal the LLGR capability. For IBGP and confederation-EBGP peers that did not advertise the LLGR capability, the local preference attribute in the advertised stale routes is automatically set to 0. When configured to false, LLGR stale routes are not advertised to any EBGP peer that did not signal the LLGR capability. For IBGP and confederation-EBGP peers that did not advertise the LLGR capability, the local preference attribute in the advertised stale routes is automatically set to 0 and a NO_EXPORT standard community is automatically added to the routes. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
restart-time number
| Synopsis | Restart time advertised by GR capability | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) graceful-restart restart-time number | |
| Tree | restart-time | |
| Range | 0 to 4095 | |
| Default | 300 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
stale-routes-time number
| Synopsis | Maximum time to maintain routes after graceful restart | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) graceful-restart stale-routes-time number | |
| Tree | stale-routes-time | |
| Range | 1 to 3600 | |
| Default | 360 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
group reference
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Neighbor to group | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) group reference | |
| Tree | group | |
Reference | ||
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
hold-time
minimum-hold-time number
| Synopsis | Minimum time BGP waits between successive messages | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) hold-time minimum-hold-time number | |
| Tree | minimum-hold-time | |
| Range | 0 | 3 to 65536 | |
| Default | 0 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
seconds number
| Synopsis | Maximum hold time between successive messages | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) hold-time seconds number | |
| Tree | seconds | |
Description | The BGP hold time specifies the maximum time BGP waits between successive messages (either keepalive or update) from its peer, before closing the connection. Even though the implementation allows setting the keepalive timer at the BGP neighbor level times separately, the configured keepalive timer is overridden by this value under the following circumstances:
When unconfigured, the command setting is inherited from the BGP group-level configuration. | |
| Range | 0 | 3 to 65535 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
import
policy (policy-expr-string | string)
| Synopsis | Route policy name | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) import policy (policy-expr-string | string) | |
| Tree | policy | |
| String length | 1 to 255 | |
| Max. instances | 15 | |
| Min. instances | 1 | |
|
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
initial-send-delay-zero boolean
| Synopsis | Send BGP updates as soon as the session comes up | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) initial-send-delay-zero boolean | |
| Tree | initial-send-delay-zero | |
Description | When configured to true, BGP updates are sent as soon as the session comes up. When unconfigured, the command inherits the value of the group-level setting (true or false). The command cannot be explicitly configured to false. When this command inherits a value of false, BGP waits to send UPDATE messages for the minimum route advertisement time after a session is established. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
keepalive number
label-preference number
| Synopsis | Route preference for routes from labeled-unicast peers | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) label-preference number | |
| Tree | label-preference | |
| Range | 1 to 255 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
link-bandwidth
| Synopsis | Enter the link-bandwidth context | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) link-bandwidth | |
| Tree | link-bandwidth | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
accept-from-ebgp
| Synopsis | Enable the accept-from-ebgp context | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) link-bandwidth accept-from-ebgp | |
| Tree | accept-from-ebgp | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4 boolean
| Synopsis | Support Link Bandwidth EC in IPv4 routes | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) link-bandwidth accept-from-ebgp ipv4 boolean | |
| Tree | ipv4 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ipv6 boolean
| Synopsis | Support Link Bandwidth EC in IPv6 routes | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) link-bandwidth accept-from-ebgp ipv6 boolean | |
| Tree | ipv6 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
label-ipv4 boolean
| Synopsis | Support Link Bandwidth EC in label-IPv4 routes | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) link-bandwidth accept-from-ebgp label-ipv4 boolean | |
| Tree | label-ipv4 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
add-to-received-ebgp
| Synopsis | Enable the add-to-received-ebgp context | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) link-bandwidth add-to-received-ebgp | |
| Tree | add-to-received-ebgp | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4 boolean
| Synopsis | Support Link Bandwidth EC in IPv4 routes | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) link-bandwidth add-to-received-ebgp ipv4 boolean | |
| Tree | ipv4 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ipv6 boolean
| Synopsis | Support Link Bandwidth EC in IPv6 routes | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) link-bandwidth add-to-received-ebgp ipv6 boolean | |
| Tree | ipv6 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
label-ipv4 boolean
| Synopsis | Support Link Bandwidth EC in label-IPv4 routes | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) link-bandwidth add-to-received-ebgp label-ipv4 boolean | |
| Tree | label-ipv4 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
aggregate-used-paths
| Synopsis | Enable the aggregate-used-paths context | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) link-bandwidth aggregate-used-paths | |
| Tree | aggregate-used-paths | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4 boolean
| Synopsis | Support Link Bandwidth EC in IPv4 routes | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) link-bandwidth aggregate-used-paths ipv4 boolean | |
| Tree | ipv4 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ipv6 boolean
| Synopsis | Support Link Bandwidth EC in IPv6 routes | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) link-bandwidth aggregate-used-paths ipv6 boolean | |
| Tree | ipv6 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
label-ipv4 boolean
| Synopsis | Support Link Bandwidth EC in label-IPv4 routes | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) link-bandwidth aggregate-used-paths label-ipv4 boolean | |
| Tree | label-ipv4 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
send-to-ebgp
| Synopsis | Enable the send-to-ebgp context | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) link-bandwidth send-to-ebgp | |
| Tree | send-to-ebgp | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4 boolean
| Synopsis | Support Link Bandwidth EC in IPv4 routes | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) link-bandwidth send-to-ebgp ipv4 boolean | |
| Tree | ipv4 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ipv6 boolean
| Synopsis | Support Link Bandwidth EC in IPv6 routes | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) link-bandwidth send-to-ebgp ipv6 boolean | |
| Tree | ipv6 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
label-ipv4 boolean
| Synopsis | Support Link Bandwidth EC in label-IPv4 routes | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) link-bandwidth send-to-ebgp label-ipv4 boolean | |
| Tree | label-ipv4 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
local-address (ipv4-address-no-zone | ipv6-address-no-zone | interface-name)
| Synopsis | Local IP address used when communicating with BGP peers | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) local-address (ipv4-address-no-zone | ipv6-address-no-zone | interface-name) | |
| Tree | local-address | |
| String length | 1 to 32 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
local-as
as-number number
prepend-global-as boolean
| Synopsis | Prepend global ASN when advertising routes to BGP peer | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) local-as prepend-global-as boolean | |
| Tree | prepend-global-as | |
Description | When configured to true, the global ASN is added to the AS_PATH attribute in outbound routes sent to the peer. When configured to false, the global ASN is not included in the AS_PATH attribute. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
private boolean
| Synopsis | Hide the local ASN in sent paths learned from peering | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) local-as private boolean | |
| Tree | private | |
Description | When configured to true, the local AS number is only advertised to peers that use the local ASN for establishing BGP peering sessions. When configured to false, the local ASN is advertised to all peers, including those that can use the global ASN for establishing BGP peering sessions. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
local-preference number
| Synopsis | Default local preference if not in incoming routes | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) local-preference number | |
| Tree | local-preference | |
| Range | 0 to 4294967295 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
loop-detect keyword
| Synopsis | Strategy for loop detection in the AS path | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) loop-detect keyword | |
| Tree | loop-detect | |
| Options | ||
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
loop-detect-threshold number
| Synopsis | Threshold for the global ASN in a received AS path | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) loop-detect-threshold number | |
| Tree | loop-detect-threshold | |
| Range | 0 to 15 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
med-out (number | keyword)
min-route-advertisement number
| Synopsis | Minimum interval between successive prefix updates | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) min-route-advertisement number | |
| Tree | min-route-advertisement | |
| Range | 1 to 255 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
multihop number
multipath-eligible boolean
| Synopsis | Allow routes from this peer in multipath eligibility | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) multipath-eligible boolean | |
| Tree | multipath-eligible | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
next-hop-self boolean
| Synopsis | Advertise routes with local address as next-hop address | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) next-hop-self boolean | |
| Tree | next-hop-self | |
Description | When configured to true, this command configures BGP to advertise routes to members of a group using a local address of the BGP instance as the BGP next-hop address. Note that this command is set without exception, regardless of the route source (EBGP or IBGP) or its family. When used with VPN-IPv4 and VPN-IPv6 routes, the configure router bgp rr-vpn-forwarding command should also be configured. When unconfigured, the command inherits the value of the group-level setting (true or false). The command cannot be explicitly configured to false. When this command inherits a value of false, protocol standard behavior is applied to determine whether to set next-hop-self in advertised routes. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
origin-validation
| Synopsis | Enable the origin-validation context | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) origin-validation | |
| Tree | origin-validation | |
Description | Commands in this context configure the marking of every inbound IPv4, IPv6, and labeled IPv4 route from the BGP peer with one of the following origin validation states:
The configurations apply to all types of VPRN BGP peers, but generally should be applied only to EBGP peers and groups that contain only EBGP peers. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4 boolean
ipv6 boolean
label-ipv4 boolean
| Synopsis | Enable support for labeled-unicast IPv4 routes | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) origin-validation label-ipv4 boolean | |
| Tree | label-ipv4 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
passive boolean
path-mtu-discovery boolean
| Synopsis | Enable path MTU discovery | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) path-mtu-discovery boolean | |
| Tree | path-mtu-discovery | |
Description | When configured to true, Path MTU Discovery (PMTUD) is enabled for the associated TCP connections. When set to true, PMTUD is activated toward an IPv4 BGP neighbor and the Don’t Fragment (DF) bit is set in the IP header of all IPv4 packets sent to the peer. If any device along the path toward the peer cannot forward the packet because the IP MTU of the interface is smaller than the IP packet size, this device drops the packet and sends an ICMP or ICMPv6 error message encoding the interface MTU. When the router receives the ICMP or ICMPv6 message, it lowers the TCP maximum segment size limit from the previous value so that the IP MTU constraint can be accommodated. When PMTUD is configured to false and there is no TCP MSS configuration that can be associated with a BGP neighbor (in either the BGP configuration or the first hop IP interface configuration), the router advertises a value of only 1024 bytes as the TCP MSS option value, limiting received TCP segments to that size. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
peer-as number
| Synopsis | Peer AS number | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) peer-as number | |
| Tree | peer-as | |
Description | This command configures the autonomous system number for the peer. The peer AS number must be configured for each configured peer. For EBGP peers, the peer AS number configured must be different from the autonomous system number configured for this router under the global level since the peer will be in a different autonomous system than this router. For IBGP peers, the peer AS number must be the same as the autonomous system number of this router configured under the global level. | |
| Range | 1 to 4294967295 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
peer-creation-type keyword
| Synopsis | Peer creation type | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) peer-creation-type keyword | |
| Tree | peer-creation-type | |
| Options | ||
| Default | static | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
peer-ip-tracking boolean
| Synopsis | Enable BGP peer tracking | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) peer-ip-tracking boolean | |
| Tree | peer-ip-tracking | |
Description | When configured to true, this command enables BGP peer tracking. Peer tracking should be used with caution. Peer tracking can tear a session down even if the loss of connectivity turns out to be short-lived (for example, while the IGP protocol is re-converging). Next-hop tracking, which is always enabled, handles temporary connectivity issues more effectively. When unconfigured, the command inherits the value of the group-level setting (true or false). The command cannot be explicitly configured to false. When this command inherits a value of false, peer tracking is disabled. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
preference number
| Synopsis | Route preference for routes learned from all peers | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) preference number | |
| Tree | preference | |
Description | This command configures the route preference for routes learned from the configured peers. The lower the preference value, the higher the chance of the route being the active route. The router assigns BGP routes the highest default preference as compared to routes that are direct, static or learned via MPLS or OSPF. When unconfigured, the command setting is inherited from the group-level configuration. | |
| Range | 1 to 255 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
prefix-limit [family] keyword
| Synopsis | Enter the prefix-limit list instance | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) prefix-limit keyword | |
| Tree | prefix-limit | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[family] keyword
| Synopsis | Address family to which the limit applies | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) prefix-limit keyword | |
| Tree | prefix-limit | |
| Options | ||
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
hold-excess number
| Synopsis | Percentage of maximum routes to install in route table | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) prefix-limit keyword hold-excess number | |
| Tree | hold-excess | |
Description | This command specifies the percentage of maximum routes that are allowed to be installed in the route table for the configured address family. If a peer within scope of the configuration exceeds the limit, the overflow routes are held in the BGP RIB as inactive routes and are ineligible for forwarding and advertisement to other peers. If the post-import command is configured to true, only routes not rejected by import policies count toward the limit. A BGP route in an overflow state is reconsidered for activation and reinstallation when an UPDATE message is received for the route. This command is mutually exclusive with the idle-timeout and log-only commands. | |
| Range | 1 to 100 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
idle-timeout number
| Synopsis | Time which BGP peering remains idle before reconnecting | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) prefix-limit keyword idle-timeout number | |
| Tree | idle-timeout | |
Description | This command defines the idle time after an administrative take-down before BGP re-establishes a session and reconnects to a peer. When unconfigured, the command inherits the value from the group-level configuration. | |
| Range | 1 to 1024 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
log-only boolean
maximum number
| Synopsis | Maximum number of routes to be learned from a peer | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) prefix-limit keyword maximum number | |
| Tree | maximum | |
Description | This command configures the maximum number of BGP routes than can be received from a peer before administrative action is taken. | |
| Range | 1 to 4294967295 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
post-import boolean
| Synopsis | Apply limit only to routes accepted by import policies | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) prefix-limit keyword post-import boolean | |
| Tree | post-import | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
threshold number
remove-private
| Synopsis | Enable the remove-private context | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) remove-private | |
| Tree | remove-private | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
limited boolean
replace boolean
skip-peer-as boolean
| Synopsis | Keep private ASN if it is the same as the BGP peer ASN | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) remove-private skip-peer-as boolean | |
| Tree | skip-peer-as | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
send-communities
| Synopsis | Enter the send-communities context | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) send-communities | |
| Tree | send-communities | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
extended boolean
| Synopsis | Advertise the Extended Communities attribute to peers | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) send-communities extended boolean | |
| Tree | extended | |
Description | When unconfigured, this command inherits the value of the group-level setting (true or false). The command cannot be explicitly configured to true. When this command inherits a value of true, BGP extended communities are sent to peers in the Extended Communities attribute. When configured to false, all extended communities are removed from all routes advertised to BGP peers. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
large boolean
| Synopsis | Advertise the Large Communities attribute to peers | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) send-communities large boolean | |
| Tree | large | |
Description | When unconfigured, this command inherits the value of the group-level setting (true or false). The command cannot be explicitly configured to true. When this command inherits a value of true, BGP large communities are sent to peers in the Large Communities attribute. When configured to false, all large communities are removed from all routes advertised to BGP peers. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
standard boolean
| Synopsis | Advertise the Communities attribute to peers | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) send-communities standard boolean | |
| Tree | standard | |
Description | When unconfigured, this command inherits the value of the group-level setting (true or false). The command cannot be explicitly configured to true. When this command inherits a value of true, BGP standard communities are sent to peers in the Communities attribute. When configured to false, all standard communities are removed from all routes advertised to BGP peers. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
send-default
| Synopsis | Enable the send-default context | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) send-default | |
| Tree | send-default | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
export-policy reference
| Synopsis | Export policy name | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) send-default export-policy reference | |
| Tree | export-policy | |
Reference | configure policy-options policy-statement named-item-64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4 boolean
ipv6 boolean
split-horizon boolean
| Synopsis | Prevent routes being reflected back to best-route peer | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) split-horizon boolean | |
| Tree | split-horizon | |
Description | When configured to true, this command enables the use of split-horizon. This command prevents routes from being reflected back to a peer that sends the best route. It applies to routes of all address families and to any type of sending peer; confed-EBGP, EBGP and IBGP. Enabling the split-horizon functionality may have a detrimental impact on peer and route scaling and should only be used when absolutely necessary. When unconfigured, the command inherits the value of the group-level setting (true or false). The command cannot be explicitly configured to false. When this command inherits a value of false, the use of split-horizon is disabled. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
tcp-mss (number | keyword)
| Synopsis | TCP maximum segment size override | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) tcp-mss (number | keyword) | |
| Tree | tcp-mss | |
Description | This command configures an override for the TCP maximum segment size to use with a specific peer or set of peers (depending on the scope of the command). The configured value controls two properties of the TCP connection as follows: TCP MSS option - The router advertises the TCP MSS option value in the TCP SYN packet it sends as part of the 3-way handshake. The advertised value may be lower than the configured value, depending on the IP MTU of the first hop IP interface. The peers must abide by this value when sending TCP segments to the local router. TCP maximum segment size - The actual transmitted size may be lower than the configured value, depending on the TCP MSS option value signaled by the peers, the effect of path MTU discovery, or other factors. | |
| Range | 384 to 9746 | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
third-party-nexthop boolean
| Synopsis | Apply third-party next-hop processing to EBGP peers | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) third-party-nexthop boolean | |
| Tree | third-party-nexthop | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ttl-security number
| Synopsis | Minimum TTL value for an incoming BGP packet | |
| Context | configure service vprn service-name bgp neighbor (ipv4-address-with-zone | ipv6-address-with-zone) ttl-security number | |
| Tree | ttl-security | |
Description | This command configures the minimum TTL value that BGP will accept from an incoming packet. A packet with a TTL value less than the minimum configured TTL value is discarded. When unconfigured, the command inherits the value of the group-level setting. | |
| Range | 1 to 255 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
type keyword
next-hop-resolution
| Synopsis | Enter the next-hop-resolution context | |
| Context | configure service vprn service-name bgp next-hop-resolution | |
| Tree | next-hop-resolution | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
policy reference
| Synopsis | Policy that filters routes for BGP next-hop resolution | |
| Context | configure service vprn service-name bgp next-hop-resolution policy reference | |
| Tree | policy | |
Reference | configure policy-options policy-statement named-item-64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
use-bgp-routes boolean
| Synopsis | Use BGP routes to resolve BGP next hops | |
| Context | configure service vprn service-name bgp next-hop-resolution use-bgp-routes boolean | |
| Tree | use-bgp-routes | |
Description | When configured to true, BGP routes resolve BGP next hops. When this command is enabled, any unlabeled IPv4 or IPv6 BGP route received from a VPRN BGP peer becomes resolvable by up to four other BGP routes in order to resolve the route to a VPRN IP interface. A VPRN BGP route is not resolvable by another VPRN BGP route or by a BGP-VPN route. This command also allows unlabeled IPv4 or IPv6 BGP routes leaked from the GRT with unresolved next hops (in the GRT) to be resolvable by BGP-VPN routes (of the VPRN). When configured to false, BGP next hops are not resolved. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
use-leaked-routes
| Synopsis | Enter the use-leaked-routes context | |
| Context | configure service vprn service-name bgp next-hop-resolution use-leaked-routes | |
| Tree | use-leaked-routes | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
static boolean
| Synopsis | Use leaked static routes to resolve BGP next hop | |
| Context | configure service vprn service-name bgp next-hop-resolution use-leaked-routes static boolean | |
| Tree | static | |
Description | When configured to true, the router allows any non-leaked unlabeled unicast IPv4 or IPv6 route in the BGP RIB to be resolved by a leaked static route with direct next hops. A BGP route resolved this way cannot resolve other routes (including BGP routes) and cannot be redistributed into non-BGP protocols, such as IGP. When configured to false, the router prevents the use of leaked static routes to resolve BGP routes. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
path-mtu-discovery boolean
| Synopsis | Enable Path MTU Discovery | |
| Context | configure service vprn service-name bgp path-mtu-discovery boolean | |
| Tree | path-mtu-discovery | |
Description | When configured to true, Path MTU Discovery (PMTUD) is activated toward an IPv4 BGP neighbor. The Don't Fragment (DF) bit is set in the IP header of all IPv4 packets sent to the peer. If any device along the path toward the peer cannot forward the packet because the IP MTU of the interface is smaller than the IP packet size, the device drops the packet and sends an ICMP or ICMPv6 error message encoding the interface MTU. When the router receives the ICMP or ICMPv6 message, it lowers the TCP maximum segment size limit from the previous value to accomodate the IP MTU constraint. When configured to false, PMTUD is disabled and there is no TCP MSS configuration to associate with a BGP neighbor (in either the BGP configuration or the first-hop IP interface configuration). The router advertises a TCP MSS option of only 1024 bytes, limiting the received TCP segments to that size. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
peer-ip-tracking boolean
| Synopsis | Enable BGP peer tracking | |
| Context | configure service vprn service-name bgp peer-ip-tracking boolean | |
| Tree | peer-ip-tracking | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
peer-tracking-policy reference
| Synopsis | Policy for BGP peer tracking on router instance | |
| Context | configure service vprn service-name bgp peer-tracking-policy reference | |
| Tree | peer-tracking-policy | |
Description | This command specifies the name of a policy statement to use with the BGP peer-tracking function on BGP sessions where peer tracking is enabled. When unconfigured, the default peer-tracking policy allows any type of route to match the neighbor IP address except aggregate routes and LDP shortcut routes. Peer tracking should be used with caution. The peer-tracking policy should only permit one of direct-interface or direct routes to be advertised to a BGP peer. Advertising both routes causes the best route to oscillate. | |
Reference | configure policy-options policy-statement named-item-64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
preference number
| Synopsis | Route preference for routes learned from all peers | |
| Context | configure service vprn service-name bgp preference number | |
| Tree | preference | |
Description | This command configures the route preference for routes learned from the configured peers. The lower the preference value, the higher the chance of the route being the active route. The router assigns BGP routes the highest default preference as compared to routes that are direct, static or learned via MPLS or OSPF. | |
| Range | 1 to 255 | |
| Default | 170 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
rapid-withdrawal boolean
| Synopsis | Send BGP withdrawal UPDATE messages immediately | |
| Context | configure service vprn service-name bgp rapid-withdrawal boolean | |
| Tree | rapid-withdrawal | |
Description | When configured to true, UPDATE messages containing withdrawn NLRI are sent immediately to a peer without waiting for the MRAI timer to expire. UPDATE messages containing reachable NLRI continue to wait for the MRAI timer to expire, or for a rapid update trigger. When configured to false, withdrawal processing continues with the normal behavior. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
remove-private
| Synopsis | Enable the remove-private context | |
| Context | configure service vprn service-name bgp remove-private | |
| Tree | remove-private | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
limited boolean
replace boolean
skip-peer-as boolean
| Synopsis | Keep private ASN if AS-PATH contains eBGP peer's ASN | |
| Context | configure service vprn service-name bgp remove-private skip-peer-as boolean | |
| Tree | skip-peer-as | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
rib-management
| Synopsis | Enter the rib-management context | |
| Context | configure service vprn service-name bgp rib-management | |
| Tree | rib-management | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4
leak-import
| Synopsis | Enter the leak-import context | |
| Context | configure service vprn service-name bgp rib-management ipv4 leak-import | |
| Tree | leak-import | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
policy (policy-expr-string | string)
| Synopsis | Leak import policy name | |
| Context | configure service vprn service-name bgp rib-management ipv4 leak-import policy (policy-expr-string | string) | |
| Tree | policy | |
Description | This command specifies one or more leak import policies. Policy names are limited to 64 characters except for the first policy. Only one object can be a policy logical expression consisting of policy names (enclosed in square brackets) and logical operators (AND, OR, NOT). | |
| String length | 1 to 255 | |
| Max. instances | 15 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
route-table-import
| Synopsis | Enter the route-table-import context | |
| Context | configure service vprn service-name bgp rib-management ipv4 route-table-import | |
| Tree | route-table-import | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
policy-name reference
| Synopsis | Name of policy that controls route importation into RIB | |
| Context | configure service vprn service-name bgp rib-management ipv4 route-table-import policy-name reference | |
| Tree | policy-name | |
Description | This command specifies the name of a policy that controls the importation of active routes from the IP route table into one of the BGP RIBs. When this command is configured, routes dropped or rejected by the policy are not installed in the associated RIB. Rejected routes cannot be advertised to BGP peers associated with the RIB, but they can still be used to resolve BGP next hops of routes in that RIB. If the active route for a prefix is rejected by the policy, the best BGP route for that prefix in the BGP RIB can be advertised to peers as though it is used. Aggregate routes are always imported into each RIB, independent of the specified policy. Route modifications specified in the actions of the policy are ignored and have no effect on the imported routes. When unconfigured, or if the command refers to an empty policy, all non-BGP routes from the IP route table are imported into the applicable RIB. | |
Reference | configure policy-options policy-statement named-item-64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv6
leak-import
| Synopsis | Enter the leak-import context | |
| Context | configure service vprn service-name bgp rib-management ipv6 leak-import | |
| Tree | leak-import | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
policy (policy-expr-string | string)
| Synopsis | Leak import policy name | |
| Context | configure service vprn service-name bgp rib-management ipv6 leak-import policy (policy-expr-string | string) | |
| Tree | policy | |
Description | This command specifies one or more leak import policies. Policy names are limited to 64 characters except for the first policy. Only one object can be a policy logical expression consisting of policy names (enclosed in square brackets) and logical operators (AND, OR, NOT). | |
| String length | 1 to 255 | |
| Max. instances | 15 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
route-table-import
| Synopsis | Enter the route-table-import context | |
| Context | configure service vprn service-name bgp rib-management ipv6 route-table-import | |
| Tree | route-table-import | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
policy-name reference
| Synopsis | Name of policy that controls route importation into RIB | |
| Context | configure service vprn service-name bgp rib-management ipv6 route-table-import policy-name reference | |
| Tree | policy-name | |
Description | This command specifies the name of a policy that controls the importation of active routes from the IP route table into one of the BGP RIBs. When this command is configured, routes dropped or rejected by the policy are not installed in the associated RIB. Rejected routes cannot be advertised to BGP peers associated with the RIB, but they can still be used to resolve BGP next hops of routes in that RIB. If the active route for a prefix is rejected by the policy, the best BGP route for that prefix in the BGP RIB can be advertised to peers as though it is used. Aggregate routes are always imported into each RIB, independent of the specified policy. Route modifications specified in the actions of the policy are ignored and have no effect on the imported routes. When unconfigured, or if the command refers to an empty policy, all non-BGP routes from the IP route table are imported into the applicable RIB. | |
Reference | configure policy-options policy-statement named-item-64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
label-ipv4
| Synopsis | Enter the label-ipv4 context | |
| Context | configure service vprn service-name bgp rib-management label-ipv4 | |
| Tree | label-ipv4 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
leak-import
| Synopsis | Enter the leak-import context | |
| Context | configure service vprn service-name bgp rib-management label-ipv4 leak-import | |
| Tree | leak-import | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
policy (policy-expr-string | string)
| Synopsis | Leak import policy name | |
| Context | configure service vprn service-name bgp rib-management label-ipv4 leak-import policy (policy-expr-string | string) | |
| Tree | policy | |
Description | This command specifies one or more leak import policies. Policy names are limited to 64 characters except for the first policy. Only one object can be a policy logical expression consisting of policy names (enclosed in square brackets) and logical operators (AND, OR, NOT). | |
| String length | 1 to 255 | |
| Max. instances | 15 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
route-table-import
| Synopsis | Enter the route-table-import context | |
| Context | configure service vprn service-name bgp rib-management label-ipv4 route-table-import | |
| Tree | route-table-import | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
policy-name reference
| Synopsis | Name of policy that controls route importation into RIB | |
| Context | configure service vprn service-name bgp rib-management label-ipv4 route-table-import policy-name reference | |
| Tree | policy-name | |
Description | This command specifies the name of a policy that controls the importation of active routes from the IP route table into one of the BGP RIBs. When this command is configured, routes dropped or rejected by the policy are not installed in the associated RIB. Rejected routes cannot be advertised to BGP peers associated with the RIB, but they can still be used to resolve BGP next hops of routes in that RIB. If the active route for a prefix is rejected by the policy, the best BGP route for that prefix in the BGP RIB can be advertised to peers as though it is used. Aggregate routes are always imported into each RIB, independent of the specified policy. Route modifications specified in the actions of the policy are ignored and have no effect on the imported routes. When unconfigured, or if the command refers to an empty policy, all non-BGP routes from the IP route table are imported into the applicable RIB. | |
Reference | configure policy-options policy-statement named-item-64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
label-ipv6
| Synopsis | Enter the label-ipv6 context | |
| Context | configure service vprn service-name bgp rib-management label-ipv6 | |
| Tree | label-ipv6 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
leak-import
| Synopsis | Enter the leak-import context | |
| Context | configure service vprn service-name bgp rib-management label-ipv6 leak-import | |
| Tree | leak-import | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
policy (policy-expr-string | string)
| Synopsis | Leak import policy name | |
| Context | configure service vprn service-name bgp rib-management label-ipv6 leak-import policy (policy-expr-string | string) | |
| Tree | policy | |
Description | This command specifies one or more leak import policies. Policy names are limited to 64 characters except for the first policy. Only one object can be a policy logical expression consisting of policy names (enclosed in square brackets) and logical operators (AND, OR, NOT). | |
| String length | 1 to 255 | |
| Max. instances | 15 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
router-id ipv4-address
| Synopsis | Router ID for the BGP instance in the AS | |
| Context | configure service vprn service-name bgp router-id ipv4-address | |
| Tree | router-id | |
Description | This command specifies the router ID to be used with the BGP instance. Changing the BGP router ID on an active BGP instance causes the BGP instance to restart with the new router ID. When an SR OS is configured with an IPv6-only BOF and no IPv4 system interface address, explicitly-defined IPv4 router IDs are required for BGP as there is no mechanism to derive the router ID from an IPv6 system interface address. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
send-communities
| Synopsis | Enter the send-communities context | |
| Context | configure service vprn service-name bgp send-communities | |
| Tree | send-communities | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
extended boolean
large boolean
standard boolean
send-default
| Synopsis | Enter the send-default context | |
| Context | configure service vprn service-name bgp send-default | |
| Tree | send-default | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
export-policy reference
| Synopsis | Export policy name | |
| Context | configure service vprn service-name bgp send-default export-policy reference | |
| Tree | export-policy | |
Reference | configure policy-options policy-statement named-item-64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4 boolean
ipv6 boolean
split-horizon boolean
| Synopsis | Prevent routes being reflected back to best-route peer | |
| Context | configure service vprn service-name bgp split-horizon boolean | |
| Tree | split-horizon | |
Description | When configured to true, this command enables the use of split-horizon. This command prevents routes from being reflected back to a peer that sends the best route. It applies to routes of all address families and to any type of sending peer; confed-EBGP, EBGP and IBGP. Enabling the split-horizon functionality may have a detrimental impact on peer and route scaling and should only be used when absolutely necessary. When configured to false, the use of split-horizon is disabled. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
tcp-mss number
| Synopsis | TCP maximum segment size override | |
| Context | configure service vprn service-name bgp tcp-mss number | |
| Tree | tcp-mss | |
Description | This command configures an override for the TCP maximum segment size to use with a specific peer or set of peers (depending on the scope of the command). The configured value controls two properties of the TCP connection as follows: TCP MSS option - The router advertises the TCP MSS option value in the TCP SYN packet it sends as part of the 3-way handshake. The advertised value may be lower than the configured value, depending on the IP MTU of the first hop IP interface. The peers must abide by this value when sending TCP segments to the local router. TCP maximum segment size - The actual transmitted size may be lower than the configured value, depending on the TCP MSS option value signaled by the peers, the effect of path MTU discovery, or other factors. | |
| Range | 384 to 9746 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
third-party-nexthop boolean
| Synopsis | Apply third-party next-hop processing to EBGP peers | |
| Context | configure service vprn service-name bgp third-party-nexthop boolean | |
| Tree | third-party-nexthop | |
Description | When configured to true, this command enables the router to send third-party next hop to EBGP peers in the same subnet as the source peer. The address family of the transport must match the address family of the route. When an IPv4 or IPv6 route is received from one EBGP peer and advertised to another EBGP peer in the same IP subnet, the BGP next hop is left unchanged. When configured to false, third-party next-hop processing is disabled and the next hop carries the IP address of the interface used to establish the TCP connection to the peer. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
bgp-evpn
mpls [bgp-instance] number
[bgp-instance] number
admin-state keyword
| Synopsis | Administrative state of BGP-EVPN MPLS | |
| Context | configure service vprn service-name bgp-evpn mpls number admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
auto-bind-tunnel
| Synopsis | Enter the auto-bind-tunnel context | |
| Context | configure service vprn service-name bgp-evpn mpls number auto-bind-tunnel | |
| Tree | auto-bind-tunnel | |
Description | Commands in this context configure the automatic binding options of a BGP-EVPN service using tunnels to MP-BGP peers. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
allow-flex-algo-fallback boolean
| Synopsis | Enable flexible algorithm fallback | |
| Context | configure service vprn service-name bgp-evpn mpls number auto-bind-tunnel allow-flex-algo-fallback boolean | |
| Tree | allow-flex-algo-fallback | |
Description | When configured to true, a BGP router with a Flex-Algorithm action configured (via the configure policy-options policy-statement entry action flex-algo command) can resolve to a tunnel with algorithm 0 if no target Flex-Algorithm tunnel is available. When configured to false, the BGP router can resolve only to the intended Flex-Algorithm tunnel, which may cause traffic loss if no corresponding Flex-Algorithm tunnel is available. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ecmp number
| Synopsis | Maximum ECMP routes allowed | |
| Context | configure service vprn service-name bgp-evpn mpls number auto-bind-tunnel ecmp number | |
| Tree | ecmp | |
Description | This command configures the maximum number of tunnels that can be used as ECMP next hops for the VPRN. This value overrides the ECMP value configured at the configure service vprn context level. | |
| Range | 1 to 32 | |
| Default | 1 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
enforce-strict-tunnel-tagging boolean
| Synopsis | Allow enforcement of strict tunnel tagging | |
| Context | configure service vprn service-name bgp-evpn mpls number auto-bind-tunnel enforce-strict-tunnel-tagging boolean | |
| Tree | enforce-strict-tunnel-tagging | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
enforce-untagged-route keyword
| Synopsis | Untagged route type enforcement | |
| Context | configure service vprn service-name bgp-evpn mpls number auto-bind-tunnel enforce-untagged-route keyword | |
| Tree | enforce-untagged-route | |
Description | This command configures the enforcement of BGP routes with no administrative tag policy applied by modifying the next-hop resolution behavior for autobind services. If the untagged-tunnel option is configured, untagged routes only bind to LSPs with no administrative tag configured. If both tagged and untagged tunnels to the next hop exist, the system only considers the untagged tunnels. If no untagged tunnels to the next hop exist, the resolution of untagged routes fails. The untagged-tunnel option can be used in combination with the enforce-strict-tunnel-tagging command configured to true, in which case tagged routes resolve to tagged LSPs, and untagged routes only resolve to untagged LSPs. When unconfigured, untagged routes can bind to tagged or untagged LSPs. | |
| Options | none – Untagged routes can bind to tagged or untagged LSPs untagged-tunnel – Untagged routes only bind to LSPs without an admin tag | |
| Default | none | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
resolution keyword
| Synopsis | Resolution method for tunnel selection | |
| Context | configure service vprn service-name bgp-evpn mpls number auto-bind-tunnel resolution keyword | |
| Tree | resolution | |
| Options | ||
| Default | none | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
resolution-filter
| Synopsis | Enter the resolution-filter context | |
| Context | configure service vprn service-name bgp-evpn mpls number auto-bind-tunnel resolution-filter | |
| Tree | resolution-filter | |
Description | Commands in this context configure the subset of tunnel types that can be used in the resolution of BGP-EVPN routes within the automatic binding of the BGP-EVPN MPLS service to tunnels to MP-BGP peers. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bgp boolean
| Synopsis | Use BGP tunneling for next-hop resolution | |
| Context | configure service vprn service-name bgp-evpn mpls number auto-bind-tunnel resolution-filter bgp boolean | |
| Tree | bgp | |
Description | When configured to true, BGP searches the BGP LSP for the address of the BGP next hop. When configured to false, BGP tunneling is not used and inter-area or inter-as prefixes are not resolved. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ldp boolean
| Synopsis | Use LDP tunneling for next-hop resolution | |
| Context | configure service vprn service-name bgp-evpn mpls number auto-bind-tunnel resolution-filter ldp boolean | |
| Tree | ldp | |
Description | When configured to true, BGP searches for an LDP LSP with a FEC prefix corresponding to the address of the BGP next hop. When configured to false, LDP tunneling is not used for next-hop resolution. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
rsvp boolean
| Synopsis | Use RSVP tunneling for next-hop resolution | |
| Context | configure service vprn service-name bgp-evpn mpls number auto-bind-tunnel resolution-filter rsvp boolean | |
| Tree | rsvp | |
Description | When configured to true, BGP searches the best metric RSVP LSP to determine the address of the BGP next hop. This address can correspond to the system interface or to another loopback interface used by the BGP instance on the remote node. The LSP metric is provided by MPLS in the tunnel table. In the case of multiple RSVP LSPs with the same lowest metric, BGP selects the LSP with the lowest tunnel ID. When configured to false, the RSVP LSP is not used for next-hop resolution. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
sr-isis boolean
| Synopsis | Use IS-IS SR tunneling for next-hop resolution | |
| Context | configure service vprn service-name bgp-evpn mpls number auto-bind-tunnel resolution-filter sr-isis boolean | |
| Tree | sr-isis | |
Description | When configured to true, BGP uses an IS-IS tunnel type to resolve the BGP next hop. When the sr-isis command is enabled, an SR tunnel to the BGP next hop is selected in the TTM according to the following procedure.
When configured to false, IS-IS tunneling is not used for next-hop resolution. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
sr-ospf boolean
| Synopsis | Use OSPF SR tunneling for next-hop resolution | |
| Context | configure service vprn service-name bgp-evpn mpls number auto-bind-tunnel resolution-filter sr-ospf boolean | |
| Tree | sr-ospf | |
Description | When configured to true, BGP uses an OSPF tunnel type to resolve the BGP next hop. When enabled, an SR tunnel to the BGP next hop is selected in the TTM according to the following procedure.
When configured to false, OSPF tunneling is not used for next-hop resolution. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
sr-ospf3 boolean
| Synopsis | Use OSPFv3 SR tunneling for next-hop resolution | |
| Context | configure service vprn service-name bgp-evpn mpls number auto-bind-tunnel resolution-filter sr-ospf3 boolean | |
| Tree | sr-ospf3 | |
Description | When configured to true, BGP uses an OSPF3 tunnel type to resolve the BGP next hop. When enabled, an SR tunnel to the BGP next hop is selected in the TTM according to the following procedure.
When configured to false, OSPF3 tunneling is not used for next-hop resolution. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
sr-policy boolean
| Synopsis | Use SR policies for next-hop resolution | |
| Context | configure service vprn service-name bgp-evpn mpls number auto-bind-tunnel resolution-filter sr-policy boolean | |
| Tree | sr-policy | |
Description | When configured to true, this command enables the use of SR policies to resolve the next hop of BGP-EVPN service routes. This command configures BGP to search for an SR policy with:
| |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
sr-te boolean
| Synopsis | Use SR-TE tunneling for next-hop resolution | |
| Context | configure service vprn service-name bgp-evpn mpls number auto-bind-tunnel resolution-filter sr-te boolean | |
| Tree | sr-te | |
Description | When configured to true, BGP uses an SR-TE tunnel type to resolve the BGP next hop. In the case of multiple SR-TE tunnels with the same lowest metric, BGP selects the tunnel with the lowest tunnel ID. When configured to false, SR-TE tunneling is not used for next-hop resolution. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
default-route-tag one-byte-value
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Default route tag | |
| Context | configure service vprn service-name bgp-evpn mpls number default-route-tag one-byte-value | |
| Tree | default-route-tag | |
Description | This command configures a route tag that is used when sending a route to the BGP application (for the corresponding service and BGP instance). If the corresponding BGP instance is enabled, the command cannot be changed. When used for BGP EVPN contexts, only one route tag can be passed to BGP for matching on export policies. In case of a conflict with other route tags pushed by EVPN, the default route tag has the least priority. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
domain-id domain-id
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Domain ID of received BGP route before readvertisement | |
| Context | configure service vprn service-name bgp-evpn mpls number domain-id domain-id | |
| Tree | domain-id | |
Description | This command specifies the D-PATH domain ID. The domain ID identifies the network from which the BGP route was received before the RTM advertises it to a different neighbor. The domain ID is part of a domain, represented as domain-id:isf_safi_type in the D-PATH attribute, as described in draft-ietf-bess-evpn-ipvpn-interworking. Gateway routers modify the D-PATH attribute. A gateway is a PE where a VPRN is instantiated. The VPRN in this case advertises or receives routes from multiple BGP owners (for example, EVPN-IFL and BGP-IPVPN) or multiple instances of the same owner (for example, VPRN with two BGP-IPVPN instances). Gateways use the D-PATH attribute to detect loops (for received routes where the D-PATH contains a local domain ID) and to make BGP best-path selection decisions based on the D-PATH length (shorter D-PATH is preferred). In the following example, suppose a gateway receives prefix P in an EVPN-IFL instance with the following D-PATH from neighbor N: Seg Len=1 / 65000:1:128 If the router imports the route in VPRN-1, BGP-EVPN SRv6 instance with domain 65000:2, it readvertises it to its BGP-IPVPN MPLS instance as follows: Seg Len=2 / 65000:2:70 / 65000:1:128 That is, the gateway prepends the local domain ID and family to the D-PATH before readvertising the route into a different instance. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
dynamic-egress-label-limit boolean
| Synopsis | Enables dynamic egress label limit | |
| Context | configure service vprn service-name bgp-evpn mpls number dynamic-egress-label-limit boolean | |
| Tree | dynamic-egress-label-limit | |
Description | When configured to true, this command relaxes the egress MPLS label limit check when resolving BGP next hops in the tunnel table. For VPRN services, the OAM label is never computed and, therefore, one more egress label is allowed. For EVPN (Epipe and VPLS) services, the system only computes the control word and ESI label if they are used. For the control word, the system reduces the egress label limit by one label if the control word is configured in the service. When configured, the ESI label is not counted for Epipes or VPLS services without an ES. When configured to false this command, for EVPN, Epipe, and VPLS services, always accounts for the ESI label and control word. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
evi number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | EVPN instance ID | |
| Context | configure service vprn service-name bgp-evpn mpls number evi number | |
| Tree | evi | |
Description | This command configures the EVI that identifies the BGP EVPN instance in a VPRN (for the EVPN-IFL model) that is associated with the Layer 3 Ethernet segment. This configuration is required on the PEs attached to the Ethernet segment and on the remote PEs that need to create ES destinations to the MH Layer 3 Ethernet segment. | |
| Range | 1 to 16777215 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
evpn-link-bandwidth
| Synopsis | Enter the evpn-link-bandwidth context | |
| Context | configure service vprn service-name bgp-evpn mpls number evpn-link-bandwidth | |
| Tree | evpn-link-bandwidth | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
advertise
max-dynamic-weight number
| Synopsis | Maximum dynamic weight of the route | |
| Context | configure service vprn service-name bgp-evpn mpls number evpn-link-bandwidth advertise max-dynamic-weight number | |
| Tree | max-dynamic-weight | |
Description | This command configures the maximum weight advertised in the EVPN link bandwidth extended community for the advertised EVPN IP-Prefix routes for the service. If weight dynamic is configured, the actual advertised weight is the minimum of the number of BGP PE-CE paths for the prefix and the configured maximum weight. | |
| Range | 1 to 128 | |
| Default | 128 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
weight (number | keyword)
| Synopsis | Weight of the route | |
| Context | configure service vprn service-name bgp-evpn mpls number evpn-link-bandwidth advertise weight (number | keyword) | |
| Tree | weight | |
Description | This command configures the weight advertised in the EVPN link bandwidth extended community for the advertised EVPN IP-Prefix routes for the service. If set to dynamic, the weight is dynamically set based on the number of BGP PE-CE paths for the IP-Prefix that is advertised in an EVPN IP-Prefix route. | |
| Range | 1 to 128 | |
| Options | ||
| Default | dynamic | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
weighted-ecmp boolean
| Synopsis | Enable weighted ECMP | |
| Context | configure service vprn service-name bgp-evpn mpls number evpn-link-bandwidth weighted-ecmp boolean | |
| Tree | weighted-ecmp | |
Description | When configured to true, the router supports the processing of the EVPN link bandwidth extended community when installing an ECMP set for an EVPN IP-Prefix route in the VPRN route table. Flows to an IP Prefix received with a weight and a zero ESI value are sprayed according to the weight. If the EVPN IP-Prefix route received with the weight has a non-zero ESI, the weight is divided into the number of PEs attached to the Ethernet Segment (and rounded up if the result is not an integer). The command also enables the weighted ECMP functionality for BGP CEs that are configured with an evpn-link-bandwidth add-to-received-bgp weight. When configured to false, the router disables the processing of the EVPN link bandwidth extended community. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
route-distinguisher (string | keyword)
| Synopsis | Route distinguisher | |
| Context | configure service vprn service-name bgp-evpn mpls number route-distinguisher (string | keyword) | |
| Tree | route-distinguisher | |
Description | This command specifies a unique route distinguisher (RD) to be associated with each routing instance to identify which VPN the route belongs to. | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
send-tunnel-encap
| Synopsis | Enter the send-tunnel-encap context | |
| Context | configure service vprn service-name bgp-evpn mpls number send-tunnel-encap | |
| Tree | send-tunnel-encap | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mpls boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable MPLS encapsulation | |
| Context | configure service vprn service-name bgp-evpn mpls number send-tunnel-encap mpls boolean | |
| Tree | mpls | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
vrf-export
| Synopsis | Enable the vrf-export context | |
| Context | configure service vprn service-name bgp-evpn mpls number vrf-export | |
| Tree | vrf-export | |
Description | Commands in this context specify route policies that control how routes are exported from the local VRF to other VRFs on the same or remote PE routers (via MP-BGP). Aggregate routes are not advertised via MP-BGP protocols to other MP-BGP peers. Route policies are configured in the configure policy-options context. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
policy (policy-expr-string | string)
| Synopsis | Policy name | |
| Context | configure service vprn service-name bgp-evpn mpls number vrf-export policy (policy-expr-string | string) | |
| Tree | policy | |
Description | This command configures VRF route policies that control routes between local VRFs and other VRFs on the same or remote PE routers (using MP-BGP). Each referenced object is either a policy logical expression or the name of a single policy. Only one referenced object can be a policy logical expression consisting of policy names (enclosed in square brackets) and logical operators (AND, OR, NOT). The objects are evaluated in the specified order to determine whether to accept or reject the route. Only the first policy can have the maximum length and the rest can be up to 64 characters. Aggregate routes are not advertised using MP-BGP protocols to the other MP-BGP peers. | |
| String length | 1 to 255 | |
| Max. instances | 15 | |
| Min. instances | 1 | |
|
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
vrf-import
| Synopsis | Enable the vrf-import context | |
| Context | configure service vprn service-name bgp-evpn mpls number vrf-import | |
| Tree | vrf-import | |
Description | Commands in this context specify route policies that control how VPN-IP and EVPN-IFL routes that are exported by other VRFs on the same or remote PEs, are imported into the local VRF. Route policies are configured in the configure policy-options context. Unless the preference value is changed by the policy, the preference value for BGP-VPN and EVPN-IFL routes specified in this context is set to 170 when imported from remote PE routers, or the value is retained from the protocol preference value of the exported route when imported from other VRFs on the same router. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
policy (policy-expr-string | string)
| Synopsis | Policy name | |
| Context | configure service vprn service-name bgp-evpn mpls number vrf-import policy (policy-expr-string | string) | |
| Tree | policy | |
Description | This command configures VRF route policies that control routes between local VRFs and other VRFs on the same or remote PE routers (using MP-BGP). Each referenced object is either a policy logical expression or the name of a single policy. Only one referenced object can be a policy logical expression consisting of policy names (enclosed in square brackets) and logical operators (AND, OR, NOT). The objects are evaluated in the specified order to determine whether to accept or reject the route. Only the first policy can have the maximum length and the rest can be up to 64 characters. Aggregate routes are not advertised using MP-BGP protocols to the other MP-BGP peers. | |
| String length | 1 to 255 | |
| Max. instances | 15 | |
| Min. instances | 1 | |
|
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
vrf-target
| Synopsis | Enter the vrf-target context | |
| Context | configure service vprn service-name bgp-evpn mpls number vrf-target | |
| Tree | vrf-target | |
Description | Commands in this context configure the route target that is added to advertised routes or compared against received routes from other VRFs on the same or remote PE routers (via MP-BGP). BGP-VPN and EVPN-IFL routes imported using a VRF target configuration use the BGP preference value of 170 when imported from remote PE routers, or retain the protocol preference value of the exported route when imported from other VRFs in the same router. Configured VRF import or export policies override the VRF target policy. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
community route-target
| Synopsis | Extended BGP community | |
| Context | configure service vprn service-name bgp-evpn mpls number vrf-target community route-target | |
| Tree | community | |
Description | This command configures an extended BGP community in the form type:x:y. Type can only be target and x and y are 16-bit integers. | |
| String length | 10 to 28 | |
Notes | The following elements are part of a choice: community or (export-community and import-community). | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
export-community route-target
| Synopsis | Communities sent to remote PE neighbors | |
| Context | configure service vprn service-name bgp-evpn mpls number vrf-target export-community route-target | |
| Tree | export-community | |
| String length | 10 to 28 | |
Notes | The following elements are part of a choice: community or (export-community and import-community). | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
import-community route-target
| Synopsis | Communities accepted from remote PE neighbors | |
| Context | configure service vprn service-name bgp-evpn mpls number vrf-target import-community route-target | |
| Tree | import-community | |
| String length | 10 to 28 | |
Notes | The following elements are part of a choice: community or (export-community and import-community). | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bgp-ipvpn
attribute-set
| Synopsis | Enter the attribute-set context | |
| Context | configure service vprn service-name bgp-ipvpn attribute-set | |
| Tree | attribute-set | |
Description | Commands in this context configure the handling of attribute set (ATTR_SET) attributes attached to VPN-IP routes imported into or exported from the VPRN. ATTR_SET is an optional transitive BGP path attribute standardized by RFC 6368 that is added to BGP L3 VPN routes to provide logical separation between the BGP domain of a customer and the BGP domain of a service provider. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
export boolean
| Synopsis | Add ATTR_SET path attribute to exported VPN-IP routes | |
| Context | configure service vprn service-name bgp-ipvpn attribute-set export boolean | |
| Tree | export | |
Description | When configured to true, the router adds an ATTR_SET path attribute to all VPN-IP routes that come from the VRF export of BGP routes advertised by PE-CE peers of the VPRN. This attribute contains an exact copy of all BGP path attributes (post-import policy) of the PE-CE BGP route, excluding the NEXT_HOP, MP_REACH, and MP_UNREACH attributes, as well as the AS4_PATH or AS4_AGGREGATOR attributes. The origin AS in the ATTR_SET encodes the ASN (or confederation ID, if configured) of the exporting VPRN service. Neither the VRF export policy nor a regular BGP export policy is allowed to modify the contents of the ATTR_SET. When configured to false, the router does not add an ATTR_SET path attribute to VPN-IP routes exported by the VPRN. Nokia recommends configuring this command to false, unless there is a requirement for the VPRN to deliver an independent domain L3 VPN service. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
import keyword
| Synopsis | Reception behavior of ATTR_SET | |
| Context | configure service vprn service-name bgp-ipvpn attribute-set import keyword | |
| Tree | import | |
Description | This command configures the reception behavior for ATTR_SETs in received VPN-IP routes.
| |
| Options | ||
| Default | ignore | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
mpls
admin-state keyword
| Synopsis | Administrative state of BGP-IPVPN MPLS | |
| Context | configure service vprn service-name bgp-ipvpn mpls admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
auto-bind-tunnel
| Synopsis | Enter the auto-bind-tunnel context | |
| Context | configure service vprn service-name bgp-ipvpn mpls auto-bind-tunnel | |
| Tree | auto-bind-tunnel | |
Description | Commands in this context configure the automatic-binding options of a BGP-IPVPN service using tunnels to MP-BGP peers. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
allow-flex-algo-fallback boolean
| Synopsis | Enable flexible algorithm fallback | |
| Context | configure service vprn service-name bgp-ipvpn mpls auto-bind-tunnel allow-flex-algo-fallback boolean | |
| Tree | allow-flex-algo-fallback | |
Description | When configured to true, a BGP router with a Flex-Algorithm action configured (via the configure policy-options policy-statement entry action flex-algo command) can resolve to a tunnel with algorithm 0 if no target Flex-Algorithm tunnel is available. When configured to false, the BGP router can resolve only to the intended Flex-Algorithm tunnel, which may cause traffic loss if no corresponding Flex-Algorithm tunnel is available. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ecmp number
| Synopsis | Maximum ECMP routes allowed | |
| Context | configure service vprn service-name bgp-ipvpn mpls auto-bind-tunnel ecmp number | |
| Tree | ecmp | |
Description | This command configures the maximum number of tunnels that can be used as ECMP next hops for the VPRN. This value overrides the ECMP value configured at the configure service vprn context level. | |
| Range | 1 to 32 | |
| Default | 1 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
enforce-strict-tunnel-tagging boolean
| Synopsis | Allow enforcement of strict tunnel tagging | |
| Context | configure service vprn service-name bgp-ipvpn mpls auto-bind-tunnel enforce-strict-tunnel-tagging boolean | |
| Tree | enforce-strict-tunnel-tagging | |
Description | When configured to true, the system must only consider LSPs marked with an administrative tag for next-hop resolution. When configured to false, tagged RSVP and SR-TE LSPs are considered first. The system then uses untagged LSPs of other types. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
enforce-untagged-route keyword
| Synopsis | Untagged route type enforcement | |
| Context | configure service vprn service-name bgp-ipvpn mpls auto-bind-tunnel enforce-untagged-route keyword | |
| Tree | enforce-untagged-route | |
Description | This command configures the enforcement of BGP routes with no administrative tag policy applied by modifying the next-hop resolution behavior for autobind services. If the untagged-tunnel option is configured, untagged routes only bind to LSPs with no administrative tag configured. If both tagged and untagged tunnels to the next hop exist, the system only considers the untagged tunnels. If no untagged tunnels to the next hop exist, the resolution of untagged routes fails. The untagged-tunnel option can be used in combination with the enforce-strict-tunnel-tagging command configured to true, in which case tagged routes resolve to tagged LSPs, and untagged routes only resolve to untagged LSPs. When unconfigured, untagged routes can bind to tagged or untagged LSPs. | |
| Options | none – Untagged routes can bind to tagged or untagged LSPs untagged-tunnel – Untagged routes only bind to LSPs without an admin tag | |
| Default | none | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
resolution keyword
| Synopsis | Resolution method for tunnel selection | |
| Context | configure service vprn service-name bgp-ipvpn mpls auto-bind-tunnel resolution keyword | |
| Tree | resolution | |
| Options | ||
| Default | none | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
resolution-filter
| Synopsis | Enter the resolution-filter context | |
| Context | configure service vprn service-name bgp-ipvpn mpls auto-bind-tunnel resolution-filter | |
| Tree | resolution-filter | |
Description | Commands in this context configure the subset of tunnel types that can be used in the resolution of BGP-IPVPN routes within the automatic binding of the BGP-IPVPN MPLS service to tunnels to MP-BGP peers. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bgp boolean
| Synopsis | Use BGP tunneling for next-hop resolution | |
| Context | configure service vprn service-name bgp-ipvpn mpls auto-bind-tunnel resolution-filter bgp boolean | |
| Tree | bgp | |
Description | When configured to true, BGP searches the BGP LSP for the address of the BGP next hop. When configured to false, BGP tunneling is not used and inter-area or inter-as prefixes are not resolved. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
gre boolean
| Synopsis | Use GRE tunneling for next-hop resolution | |
| Context | configure service vprn service-name bgp-ipvpn mpls auto-bind-tunnel resolution-filter gre boolean | |
| Tree | gre | |
Description | When configured to true, this command enables setting the tunnel type for the auto bind tunnel. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ldp boolean
| Synopsis | Use LDP tunneling for next-hop resolution | |
| Context | configure service vprn service-name bgp-ipvpn mpls auto-bind-tunnel resolution-filter ldp boolean | |
| Tree | ldp | |
Description | When configured to true, BGP searches for an LDP LSP with a FEC prefix corresponding to the address of the BGP next hop. When configured to false, LDP tunneling is not used for next-hop resolution. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
rsvp boolean
| Synopsis | Use RSVP tunneling for next-hop resolution | |
| Context | configure service vprn service-name bgp-ipvpn mpls auto-bind-tunnel resolution-filter rsvp boolean | |
| Tree | rsvp | |
Description | When configured to true, BGP searches the best metric RSVP LSP to determine the address of the BGP next hop. This address can correspond to the system interface or to another loopback interface used by the BGP instance on the remote node. The LSP metric is provided by MPLS in the tunnel table. In the case of multiple RSVP LSPs with the same lowest metric, BGP selects the LSP with the lowest tunnel ID. When configured to false, the RSVP LSP is not used for next-hop resolution. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
sr-isis boolean
| Synopsis | Use IS-IS SR tunneling for next-hop resolution | |
| Context | configure service vprn service-name bgp-ipvpn mpls auto-bind-tunnel resolution-filter sr-isis boolean | |
| Tree | sr-isis | |
Description | When configured to true, BGP uses an IS-IS tunnel type to resolve the BGP next hop. When the sr-isis command is enabled, an SR tunnel to the BGP next hop is selected in the TTM according to the following procedure.
When configured to false, IS-IS tunneling is not used for next-hop resolution. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
sr-ospf boolean
| Synopsis | Use OSPF SR tunneling for next-hop resolution | |
| Context | configure service vprn service-name bgp-ipvpn mpls auto-bind-tunnel resolution-filter sr-ospf boolean | |
| Tree | sr-ospf | |
Description | When configured to true, BGP uses an OSPF tunnel type to resolve the BGP next hop. When enabled, an SR tunnel to the BGP next hop is selected in the TTM according to the following procedure.
When configured to false, OSPF tunneling is not used for next-hop resolution. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
sr-ospf3 boolean
| Synopsis | Use OSPFv3 SR tunneling for next-hop resolution | |
| Context | configure service vprn service-name bgp-ipvpn mpls auto-bind-tunnel resolution-filter sr-ospf3 boolean | |
| Tree | sr-ospf3 | |
Description | When configured to true, BGP uses an OSPF3 tunnel type to resolve the BGP next hop. When enabled, an SR tunnel to the BGP next hop is selected in the TTM according to the following procedure.
When configured to false, OSPF3 tunneling is not used for next-hop resolution. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
sr-policy boolean
| Synopsis | Use SR policies for next-hop resolution | |
| Context | configure service vprn service-name bgp-ipvpn mpls auto-bind-tunnel resolution-filter sr-policy boolean | |
| Tree | sr-policy | |
Description | When configured to true, this command enables the use of SR policies to resolve the next hop of BGP IP-VPN service routes. This command configures BGP to search for an SR policy with:
| |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
sr-te boolean
| Synopsis | Use SR-TE tunneling for next-hop resolution | |
| Context | configure service vprn service-name bgp-ipvpn mpls auto-bind-tunnel resolution-filter sr-te boolean | |
| Tree | sr-te | |
Description | When configured to true, BGP uses an SR-TE tunnel type to resolve the BGP next hop. In the case of multiple SR-TE tunnels with the same lowest metric, BGP selects the tunnel with the lowest tunnel ID. When configured to false, SR-TE tunneling is not used for next-hop resolution. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
static-blackhole-first boolean
| Synopsis | Check for static blackhole route to resolve next hop | |
| Context | configure service vprn service-name bgp-ipvpn mpls auto-bind-tunnel static-blackhole-first boolean | |
| Tree | static-blackhole-first | |
Description | When configured to true, the router uses a modified next-hop resolution sequence for each imported VPN-IP route. The router first checks for a static route in the Base routing table that matches the BGP next-hop address. If at least one such static route exists, and the route that is the longest match of the BGP next-hop address is a blackhole static route, the router resolves the VPN-IP route and programs it into the VPRN IP FIB table with a next-hop action that discards all matching packets. If there is no matching static route, or the longest matching static route is not a blackhole, the router resolves the VPN-IP route in the Base routing table as normal, that is, according to the configured VPRN auto-bind filter options. When configured to false, the router resolves the VPN-IP route in the Base routing table according to the configured VPRN auto-bind filter options. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
weighted-ecmp boolean
| Synopsis | Allow weighted load-balancing | |
| Context | configure service vprn service-name bgp-ipvpn mpls auto-bind-tunnel weighted-ecmp boolean | |
| Tree | weighted-ecmp | |
Description | When configured to true, this command enables weighted ECMP for packets using tunnels that a VPRN automatically binds to. Packets are sprayed across LSPs in the ECMP according to the outcome of the hash algorithm and the configured load balancing weight of each LSP. When configured to false, this command disables weighted ECMP for next-hop tunnel selection. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
domain-id domain-id
| Synopsis | Domain ID of received BGP route before readvertisement | |
| Context | configure service vprn service-name bgp-ipvpn mpls domain-id domain-id | |
| Tree | domain-id | |
Description | This command specifies the D-PATH domain ID. The domain ID identifies the network from which the BGP route was received before the RTM advertises it to a different neighbor. The domain ID is part of a domain, represented as domain-id:isf_safi_type in the D-PATH attribute, as described in draft-ietf-bess-evpn-ipvpn-interworking. Gateway routers modify the D-PATH attribute. A gateway is a PE where a VPRN is instantiated. The VPRN in this case advertises or receives routes from multiple BGP owners (for example, EVPN-IFL and BGP-IPVPN) or multiple instances of the same owner (for example, VPRN with two BGP-IPVPN instances). Gateways use the D-PATH attribute to detect loops (for received routes where the D-PATH contains a local domain ID) and to make BGP best-path selection decisions based on the D-PATH length (shorter D-PATH is preferred). In the following example, suppose a gateway receives prefix P in an EVPN-IFL instance with the following D-PATH from neighbor N: Seg Len=1 / 65000:1:128 If the router imports the route in VPRN-1, BGP-EVPN SRv6 instance with domain 65000:2, it readvertises it to its BGP-IPVPN MPLS instance as follows: Seg Len=2 / 65000:2:70 / 65000:1:128 That is, the gateway prepends the local domain ID and family to the D-PATH before readvertising the route into a different instance. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dynamic-egress-label-limit boolean
| Synopsis | Enables dynamic egress label limit | |
| Context | configure service vprn service-name bgp-ipvpn mpls dynamic-egress-label-limit boolean | |
| Tree | dynamic-egress-label-limit | |
Description | When configured to true, this command relaxes the egress MPLS label limit check when resolving BGP next hops in the tunnel table. For VPRN services, the OAM label is never computed and, therefore, one more egress label is allowed. For EVPN (Epipe and VPLS) services, the system only computes the control word and ESI label if they are used. For the control word, the system reduces the egress label limit by one label if the control word is configured in the service. When configured, the ESI label is not counted for Epipes or VPLS services without an ES. When configured to false this command, for EVPN, Epipe, and VPLS services, always accounts for the ESI label and control word. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
route-distinguisher (string | keyword)
| Synopsis | Route distinguisher | |
| Context | configure service vprn service-name bgp-ipvpn mpls route-distinguisher (string | keyword) | |
| Tree | route-distinguisher | |
Description | This command specifies a unique route distinguisher (RD) to be associated with each routing instance to identify which VPN the route belongs to. | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
vrf-export
| Synopsis | Enable the vrf-export context | |
| Context | configure service vprn service-name bgp-ipvpn mpls vrf-export | |
| Tree | vrf-export | |
Description | Commands in this context specify route policies that control how routes are exported from the local VRF to other VRFs on the same or remote PE routers (via MP-BGP). Aggregate routes are not advertised via MP-BGP protocols to other MP-BGP peers. Route policies are configured in the configure policy-options context. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
policy (policy-expr-string | string)
| Synopsis | Policy name | |
| Context | configure service vprn service-name bgp-ipvpn mpls vrf-export policy (policy-expr-string | string) | |
| Tree | policy | |
Description | This command configures VRF route policies that control routes between local VRFs and other VRFs on the same or remote PE routers (using MP-BGP). Each referenced object is either a policy logical expression or the name of a single policy. Only one referenced object can be a policy logical expression consisting of policy names (enclosed in square brackets) and logical operators (AND, OR, NOT). The objects are evaluated in the specified order to determine whether to accept or reject the route. Only the first policy can have the maximum length and the rest can be up to 64 characters. Aggregate routes are not advertised using MP-BGP protocols to the other MP-BGP peers. | |
| String length | 1 to 255 | |
| Max. instances | 15 | |
| Min. instances | 1 | |
|
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
vrf-import
| Synopsis | Enable the vrf-import context | |
| Context | configure service vprn service-name bgp-ipvpn mpls vrf-import | |
| Tree | vrf-import | |
Description | Commands in this context specify route policies that control how VPN-IP and EVPN-IFL routes that are exported by other VRFs on the same or remote PEs, are imported into the local VRF. Route policies are configured in the configure policy-options context. Unless the preference value is changed by the policy, the preference value for BGP-VPN and EVPN-IFL routes specified in this context is set to 170 when imported from remote PE routers, or the value is retained from the protocol preference value of the exported route when imported from other VRFs on the same router. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
policy (policy-expr-string | string)
| Synopsis | Policy name | |
| Context | configure service vprn service-name bgp-ipvpn mpls vrf-import policy (policy-expr-string | string) | |
| Tree | policy | |
Description | This command configures VRF route policies that control routes between local VRFs and other VRFs on the same or remote PE routers (using MP-BGP). Each referenced object is either a policy logical expression or the name of a single policy. Only one referenced object can be a policy logical expression consisting of policy names (enclosed in square brackets) and logical operators (AND, OR, NOT). The objects are evaluated in the specified order to determine whether to accept or reject the route. Only the first policy can have the maximum length and the rest can be up to 64 characters. Aggregate routes are not advertised using MP-BGP protocols to the other MP-BGP peers. | |
| String length | 1 to 255 | |
| Max. instances | 15 | |
| Min. instances | 1 | |
|
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
vrf-target
| Synopsis | Enter the vrf-target context | |
| Context | configure service vprn service-name bgp-ipvpn mpls vrf-target | |
| Tree | vrf-target | |
Description | Commands in this context configure the route target that is added to advertised routes or compared against received routes from other VRFs on the same or remote PE routers (via MP-BGP). BGP-VPN and EVPN-IFL routes imported using a VRF target configuration use the BGP preference value of 170 when imported from remote PE routers, or retain the protocol preference value of the exported route when imported from other VRFs in the same router. Configured VRF import or export policies override the VRF target policy. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
community route-target
| Synopsis | Extended BGP community | |
| Context | configure service vprn service-name bgp-ipvpn mpls vrf-target community route-target | |
| Tree | community | |
Description | This command configures an extended BGP community in the form type:x:y. Type can only be target and x and y are 16-bit integers. | |
| String length | 10 to 28 | |
Notes | The following elements are part of a choice: community or (export-community and import-community). | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
export-community route-target
| Synopsis | Communities sent to remote PE neighbors | |
| Context | configure service vprn service-name bgp-ipvpn mpls vrf-target export-community route-target | |
| Tree | export-community | |
| String length | 10 to 28 | |
Notes | The following elements are part of a choice: community or (export-community and import-community). | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
import-community route-target
| Synopsis | Communities accepted from remote PE neighbors | |
| Context | configure service vprn service-name bgp-ipvpn mpls vrf-target import-community route-target | |
| Tree | import-community | |
| String length | 10 to 28 | |
Notes | The following elements are part of a choice: community or (export-community and import-community). | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bgp-shared-queue
| Synopsis | Enable the bgp-shared-queue context | |
| Context | configure service vprn service-name bgp-shared-queue | |
| Tree | bgp-shared-queue | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cir (number | keyword)
| Synopsis | Committed information rate for shared queue | |
| Context | configure service vprn service-name bgp-shared-queue cir (number | keyword) | |
| Tree | cir | |
| Range | 0 to 100000000 | |
| Units | kilobps | |
| Options | ||
| Default | 4000 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
pir (number | keyword)
| Synopsis | Peak information rate for shared queue | |
| Context | configure service vprn service-name bgp-shared-queue pir (number | keyword) | |
| Tree | pir | |
| Range | 1 to 100000000 | |
| Units | kilobps | |
| Options | ||
| Default | 4000 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bgp-vpn-backup
| Synopsis | Enter the bgp-vpn-backup context | |
| Context | configure service vprn service-name bgp-vpn-backup | |
| Tree | bgp-vpn-backup | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4 boolean
| Synopsis | Allow BGP-VPN to be used as backup for IPv4 prefixes | |
| Context | configure service vprn service-name bgp-vpn-backup ipv4 boolean | |
| Tree | ipv4 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ipv6 boolean
| Synopsis | Allow BGP-VPN to be used as backup for IPv6 prefixes | |
| Context | configure service vprn service-name bgp-vpn-backup ipv6 boolean | |
| Tree | ipv6 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
carrier-carrier-vpn boolean
| Synopsis | Allow VPRN service to support a Carrier Supporting Carrier model | |
| Context | configure service vprn service-name carrier-carrier-vpn boolean | |
| Tree | carrier-carrier-vpn | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
confederation
| Synopsis | Enter the confederation context | |
| Context | configure service vprn service-name confederation | |
| Tree | confederation | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
confed-as-num number
| Synopsis | Confederation number within an autonomous system | |
| Context | configure service vprn service-name confederation confed-as-num number | |
| Tree | confed-as-num | |
| Range | 1 to 4294967295 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
members [as-number] number
| Synopsis | Add a list entry for members | |
| Context | configure service vprn service-name confederation members number | |
| Tree | members | |
| Max. instances | 256 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[as-number] number
| Synopsis | Confederation AS number | |
| Context | configure service vprn service-name confederation members number | |
| Tree | members | |
| Range | 1 to 4294967295 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
customer reference
d-path-length-ignore boolean
| Synopsis | Enable D-PATH length ignore | |
| Context | configure service vprn service-name d-path-length-ignore boolean | |
| Tree | d-path-length-ignore | |
Description | When configured to true, the VPRN RTM ignores the D-PATH domain segment length for best path selection purposes (for routes in the VPRN). This allows the user to control whether the RTM considers the D-PATH length when comparing two VPN routes with different RDs. When configured to false, the router does not ignore the D-PATH domain segment length. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
description description
| Synopsis | Text description | |
| Context | configure service vprn service-name description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dhcp-server
| Synopsis | Enter the dhcp-server context | |
| Context | configure service vprn service-name dhcp-server | |
| Tree | dhcp-server | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dhcpv4 [name] named-item
| Synopsis | Enter the dhcpv4 list instance | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item | |
| Tree | dhcpv4 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[name] named-item
| Synopsis | DHCP server name | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item | |
| Tree | dhcpv4 | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the DHCP server | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
description description
| Synopsis | Text description | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
failover
admin-state keyword
| Synopsis | Administrative state of the failover mechanism | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item failover admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ignore-mclt-on-takeover boolean
| Synopsis | Ignore maximum client lead during takeover from partner | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item failover ignore-mclt-on-takeover boolean | |
| Tree | ignore-mclt-on-takeover | |
Description | When configured to true, the remote IP address range can be taken over immediately when the intercommunication link enters the PARTNER-DOWN state, without having to wait for the MCLT to expire. When configured to false, the DHCP lease time for new clients is restricted to the MCLT during a failure. For existing clients, the lease time is gradually reduced over time to the MCLT by consecutive DHCP renewals. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
maximum-client-lead-time number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Maximum time that DHCP server can extend client's lease | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item failover maximum-client-lead-time number | |
| Tree | maximum-client-lead-time | |
Description | This command configures the maximum client lead time (MCLT), which is the maximum time that a DHCP server can extend the client's lease time beyond the lease time currently known by the DHCP partner node. In dual-homed environments, the initial lease time for all DHCP clients is restricted to the MCLT by default. Consecutive DHCP renewals can extend the lease time beyond the MCLT. | |
| Range | 600 to 86399 | |
| Units | seconds | |
| Default | 600 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
partner-down-delay number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Delay to prevent lease duplication during link failure | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item failover partner-down-delay number | |
| Tree | partner-down-delay | |
Description | This command configures the interval before a failed intercommunication link transitions from the COMM-INT state to the PARTNER-DOWN state. This delay prevents IP lease duplication during link failure by not allowing new IP addresses to be assigned from the remote IP address range. This timer is intended to provide the operator with enough time to remedy the failed situation and avoid duplication of IP addresses and prefixes during the failure. | |
| Range | 0 to 86399 | |
| Units | seconds | |
| Default | 86399 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
peer [address] reference
[address] reference
| Synopsis | IP address of the failover peer | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item failover peer reference | |
| Tree | peer | |
Reference | configure redundancy multi-chassis peer (ipv4-address-no-zone | ipv6-address-no-zone) | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
sync-tag named-item
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Tag that identifies synchronizing server or pool pairs | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item failover peer reference sync-tag named-item | |
| Tree | sync-tag | |
| String length | 1 to 32 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
startup-wait-time number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Time between initialization and assuming active role | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item failover startup-wait-time number | |
| Tree | startup-wait-time | |
Description | This command configures a delay that avoids transient issues during the initialization process. During startup wait time, each failover peer waits after the initialization process before assuming the active role for the prefix designated as local or remote. | |
| Range | 60 to 3600 | |
| Units | seconds | |
| Default | 120 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
force-renews boolean
| Synopsis | Send FORCERENEW messages to force renewals of leases | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item force-renews boolean | |
| Tree | force-renews | |
Description | When configured to true, FORCERENEW messages are enabled for DHCP. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
lease-hold
| Synopsis | Enter the lease-hold context | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item lease-hold | |
| Tree | lease-hold | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
additional-scenarios
| Synopsis | Enter the additional-scenarios context | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item lease-hold additional-scenarios | |
| Tree | additional-scenarios | |
Description | Commands in this context configure additional types of leases or triggers that cause the system to hold up leases. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
internal-lease-ipsec boolean
| Synopsis | Apply the lease hold timer to local IPsec clients | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item lease-hold additional-scenarios internal-lease-ipsec boolean | |
| Tree | internal-lease-ipsec | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
solicited-release boolean
| Synopsis | Apply lease hold timer for solicited releases | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item lease-hold additional-scenarios solicited-release boolean | |
| Tree | solicited-release | |
Description | This command enables the server to hold up a lease even for a solicited release, for example, when the server receives a normal DHCP release message. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
time number
| Synopsis | Lease hold time | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item lease-hold time number | |
| Tree | time | |
| Range | 1 to 631152000 | |
| Units | seconds | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
pool [pool-name] named-item
[pool-name] named-item
description description
| Synopsis | Text description | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
failover
admin-state keyword
| Synopsis | Administrative state of the failover mechanism | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item failover admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ignore-mclt-on-takeover boolean
| Synopsis | Ignore maximum client lead during takeover from partner | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item failover ignore-mclt-on-takeover boolean | |
| Tree | ignore-mclt-on-takeover | |
Description | When configured to true, the remote IP address range can be taken over immediately when the intercommunication link enters the PARTNER-DOWN state, without having to wait for the MCLT to expire. When configured to false, the DHCP lease time for new clients is restricted to the MCLT during a failure. For existing clients, the lease time is gradually reduced over time to the MCLT by consecutive DHCP renewals. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
maximum-client-lead-time number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Maximum time that DHCP server can extend client's lease | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item failover maximum-client-lead-time number | |
| Tree | maximum-client-lead-time | |
Description | This command configures the maximum client lead time (MCLT), which is the maximum time that a DHCP server can extend the client's lease time beyond the lease time currently known by the DHCP partner node. In dual-homed environments, the initial lease time for all DHCP clients is restricted to the MCLT by default. Consecutive DHCP renewals can extend the lease time beyond the MCLT. | |
| Range | 600 to 86399 | |
| Units | seconds | |
| Default | 600 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
partner-down-delay number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Delay to prevent lease duplication during link failure | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item failover partner-down-delay number | |
| Tree | partner-down-delay | |
Description | This command configures the interval before a failed intercommunication link transitions from the COMM-INT state to the PARTNER-DOWN state. This delay prevents IP lease duplication during link failure by not allowing new IP addresses to be assigned from the remote IP address range. This timer is intended to provide the operator with enough time to remedy the failed situation and avoid duplication of IP addresses and prefixes during the failure. | |
| Range | 0 to 86399 | |
| Units | seconds | |
| Default | 86399 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
peer [address] reference
[address] reference
| Synopsis | IP address of the failover peer | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item failover peer reference | |
| Tree | peer | |
Reference | configure redundancy multi-chassis peer (ipv4-address-no-zone | ipv6-address-no-zone) | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
sync-tag named-item
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Tag that identifies synchronizing server or pool pairs | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item failover peer reference sync-tag named-item | |
| Tree | sync-tag | |
| String length | 1 to 32 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
startup-wait-time number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Time between initialization and assuming active role | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item failover startup-wait-time number | |
| Tree | startup-wait-time | |
Description | This command configures a delay that avoids transient issues during the initialization process. During startup wait time, each failover peer waits after the initialization process before assuming the active role for the prefix designated as local or remote. | |
| Range | 60 to 3600 | |
| Units | seconds | |
| Default | 120 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
max-lease-time number
| Synopsis | Maximum lease time | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item max-lease-time number | |
| Tree | max-lease-time | |
| Range | 10 to 315446399 | |
| Units | seconds | |
| Default | 864000 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
min-lease-time number
| Synopsis | Minimum lease time | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item min-lease-time number | |
| Tree | min-lease-time | |
| Range | 10 to 315446399 | |
| Units | seconds | |
| Default | 600 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
minimum-free
| Synopsis | Enter the minimum-free context | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item minimum-free | |
| Tree | minimum-free | |
Description | Commands in this context specify the minimum number of free addresses in this pool. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
absolute number
| Synopsis | Minimum number of free addresses in this pool or subnet | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item minimum-free absolute number | |
| Tree | absolute | |
| Range | 0 to 255 | |
| Default | 1 | |
Notes |
The following elements are part of a choice: absolute or percent. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
event-when-depleted boolean
| Synopsis | Generate notification when addresses are depleted | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item minimum-free event-when-depleted boolean | |
| Tree | event-when-depleted | |
Description | When configured to true, a system-generated event is generated when all available addresses in the pool or subnet of a local DHCP server are depleted. When configured to false, no action is taken when all available addresses in the pool or subnet of a local DHCP server are depleted. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
percent number
| Synopsis | Minimum free addresses as a percentage | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item minimum-free percent number | |
| Tree | percent | |
| Range | 0 to 100 | |
| Default | 1 | |
Notes |
The following elements are part of a choice: absolute or percent. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
nak-non-matching-subnet boolean
| Synopsis | Send NAK if no match for request address pool range | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item nak-non-matching-subnet boolean | |
| Tree | nak-non-matching-subnet | |
Description | When configured to true, a NAK response when the local DHCPv4 server receives a DHCP request with option 50 (the client is trying to request a previously allocated message). If the address-allocation algorithm uses a pool that does not contain the requested address, the system returns the DHCP NAK. When configured to false or unconfigured, the system drops the DHCP packet. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
offer-time number
| Synopsis | Time interval during which a DHCP offer remains valid | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item offer-time number | |
| Tree | offer-time | |
| Range | 10 to 600 | |
| Units | seconds | |
| Default | 60 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
options
option [number] (number | keyword)
[number] (number | keyword)
| Synopsis | DHCP option to send identification strings to client | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item options option (number | keyword) | |
| Tree | option | |
| Range | 1 to 254 | |
| Options | ||
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ascii-string string-not-all-spaces
| Synopsis | DHCP option specified as an ASCII string | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item options option (number | keyword) ascii-string string-not-all-spaces | |
| Tree | ascii-string | |
| String length | 1 to 127 | |
Notes | The following elements are part of a mandatory choice: ascii-string, duration, empty, hex-string, ipv4-address, or netbios-node-type. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
duration number
| Synopsis | DHCP option as time duration | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item options option (number | keyword) duration number | |
| Tree | duration | |
| Range | 10 to 315446399 | |
| Units | seconds | |
|
Notes | The following elements are part of a mandatory choice: ascii-string, duration, empty, hex-string, ipv4-address, or netbios-node-type. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
empty
| Synopsis | Remove DHCP option from the configuration | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item options option (number | keyword) empty | |
| Tree | empty | |
Notes | The following elements are part of a mandatory choice: ascii-string, duration, empty, hex-string, ipv4-address, or netbios-node-type. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
hex-string hex-string
| Synopsis | DHCP option specified as hexadecimal string | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item options option (number | keyword) hex-string hex-string | |
| Tree | hex-string | |
| String length | 1 to 256 | |
Notes | The following elements are part of a mandatory choice: ascii-string, duration, empty, hex-string, ipv4-address, or netbios-node-type. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4-address ipv4-address
| Synopsis | DHCP option as a list of IPv4 addresses | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item options option (number | keyword) ipv4-address ipv4-address | |
| Tree | ipv4-address | |
| Max. instances | 4 | |
Notes | The following elements are part of a mandatory choice: ascii-string, duration, empty, hex-string, ipv4-address, or netbios-node-type. This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
netbios-node-type keyword
| Synopsis | DHCP option as NetBIOS node type | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item options option (number | keyword) netbios-node-type keyword | |
| Tree | netbios-node-type | |
| Options | ||
|
Notes | The following elements are part of a mandatory choice: ascii-string, duration, empty, hex-string, ipv4-address, or netbios-node-type. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
subnet [ipv4-prefix] ipv4-unicast-prefix
[ipv4-prefix] ipv4-unicast-prefix
address-range [start] ipv4-unicast-address end ipv4-unicast-address
| Synopsis | Enter the address-range list instance | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item subnet ipv4-unicast-prefix address-range ipv4-unicast-address end ipv4-unicast-address | |
| Tree | address-range | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[start] ipv4-unicast-address
| Synopsis | Lower bound of the IP address range | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item subnet ipv4-unicast-prefix address-range ipv4-unicast-address end ipv4-unicast-address | |
| Tree | address-range | |
Description | This command specifies the start of a range of IP addresses that are excluded from the pool of IP addresses in this subnet. | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
end ipv4-unicast-address
| Synopsis | Upper bound of the IP address range | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item subnet ipv4-unicast-prefix address-range ipv4-unicast-address end ipv4-unicast-address | |
| Tree | address-range | |
Description | This command specifies the end of a range of IP addresses that are excluded from the pool of IP addresses in this subnet. | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
failover-control-type keyword
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Failover control type for this range | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item subnet ipv4-unicast-prefix address-range ipv4-unicast-address end ipv4-unicast-address failover-control-type keyword | |
| Tree | failover-control-type | |
| Options | ||
| Default | local | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
drain boolean
| Synopsis | Prevent new lease assignment from this subnet | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item subnet ipv4-unicast-prefix drain boolean | |
| Tree | drain | |
Description | When configured to true, new leases cannot be assigned and existing leases are kept up until they are released. When configured to false, the subnet is active and new leases can be assigned. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
exclude-addresses [start] ipv4-unicast-address end ipv4-unicast-address
| Synopsis | Add a list entry for exclude-addresses | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item subnet ipv4-unicast-prefix exclude-addresses ipv4-unicast-address end ipv4-unicast-address | |
| Tree | exclude-addresses | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[start] ipv4-unicast-address
| Synopsis | Lower bound of the IP address range | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item subnet ipv4-unicast-prefix exclude-addresses ipv4-unicast-address end ipv4-unicast-address | |
| Tree | exclude-addresses | |
Description | This command specifies the start of a range of IP addresses that are excluded from the pool of IP addresses in this subnet. | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
end ipv4-unicast-address
| Synopsis | Upper bound of the IP address range | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item subnet ipv4-unicast-prefix exclude-addresses ipv4-unicast-address end ipv4-unicast-address | |
| Tree | exclude-addresses | |
Description | This command specifies the end of a range of IP addresses that are excluded from the pool of IP addresses in this subnet. | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
maximum-declined number
| Synopsis | Maximum number of declined addresses allowed | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item subnet ipv4-unicast-prefix maximum-declined number | |
| Tree | maximum-declined | |
| Max. range | 0 to 4294967295 | |
| Default | 64 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
minimum-free
| Synopsis | Enter the minimum-free context | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item subnet ipv4-unicast-prefix minimum-free | |
| Tree | minimum-free | |
Description | Commands in this context specify the minimum number of free addresses in this pool. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
absolute number
| Synopsis | Minimum number of free addresses in this pool or subnet | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item subnet ipv4-unicast-prefix minimum-free absolute number | |
| Tree | absolute | |
| Range | 0 to 255 | |
| Default | 1 | |
Notes |
The following elements are part of a choice: absolute or percent. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
event-when-depleted boolean
| Synopsis | Generate notification when addresses are depleted | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item subnet ipv4-unicast-prefix minimum-free event-when-depleted boolean | |
| Tree | event-when-depleted | |
Description | When configured to true, a system-generated event is generated when all available addresses in the pool or subnet of a local DHCP server are depleted. When configured to false, no action is taken when all available addresses in the pool or subnet of a local DHCP server are depleted. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
percent number
| Synopsis | Minimum free addresses as a percentage | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item subnet ipv4-unicast-prefix minimum-free percent number | |
| Tree | percent | |
| Range | 0 to 100 | |
| Default | 1 | |
Notes |
The following elements are part of a choice: absolute or percent. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
options
option [number] (number | keyword)
[number] (number | keyword)
| Synopsis | DHCP option to send identification strings to client | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item subnet ipv4-unicast-prefix options option (number | keyword) | |
| Tree | option | |
| Range | 1 to 254 | |
| Options | ||
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ascii-string string-not-all-spaces
| Synopsis | DHCP option specified as an ASCII string | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item subnet ipv4-unicast-prefix options option (number | keyword) ascii-string string-not-all-spaces | |
| Tree | ascii-string | |
| String length | 1 to 127 | |
Notes | The following elements are part of a mandatory choice: ascii-string, duration, empty, hex-string, ipv4-address, or netbios-node-type. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
duration number
| Synopsis | DHCP option as time duration | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item subnet ipv4-unicast-prefix options option (number | keyword) duration number | |
| Tree | duration | |
| Range | 10 to 315446399 | |
| Units | seconds | |
|
Notes | The following elements are part of a mandatory choice: ascii-string, duration, empty, hex-string, ipv4-address, or netbios-node-type. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
empty
| Synopsis | Empty DHCP option | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item subnet ipv4-unicast-prefix options option (number | keyword) empty | |
| Tree | empty | |
Notes | The following elements are part of a mandatory choice: ascii-string, duration, empty, hex-string, ipv4-address, or netbios-node-type. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
hex-string hex-string
| Synopsis | DHCP option specified as hexadecimal string | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item subnet ipv4-unicast-prefix options option (number | keyword) hex-string hex-string | |
| Tree | hex-string | |
| String length | 1 to 256 | |
Notes | The following elements are part of a mandatory choice: ascii-string, duration, empty, hex-string, ipv4-address, or netbios-node-type. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4-address ipv4-address
| Synopsis | DHCP option as a list of IPv4 addresses | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item subnet ipv4-unicast-prefix options option (number | keyword) ipv4-address ipv4-address | |
| Tree | ipv4-address | |
| Max. instances | 4 | |
Notes | The following elements are part of a mandatory choice: ascii-string, duration, empty, hex-string, ipv4-address, or netbios-node-type. This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
netbios-node-type keyword
| Synopsis | DHCP option as NetBIOS node type | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool named-item subnet ipv4-unicast-prefix options option (number | keyword) netbios-node-type keyword | |
| Tree | netbios-node-type | |
| Options | ||
|
Notes | The following elements are part of a mandatory choice: ascii-string, duration, empty, hex-string, ipv4-address, or netbios-node-type. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
pool-selection
| Synopsis | Enter the pool-selection context | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool-selection | |
| Tree | pool-selection | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
use-gi-address
| Synopsis | Enable the use-gi-address context | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool-selection use-gi-address | |
| Tree | use-gi-address | |
Description | Commands in this context configure gateway interface (GI) address matching. When configured, the pool can be used for address matching even if a subnet is not found. If the local user database name is not used, addresses are provided only by GI. If a user must be blocked from getting an address, the server maps to a local user database and configures the user with no address. A pool can include multiple subnets. Since the GI is shared by multiple subnets in a subscriber interface, the pool can provide IP addresses from any of the subnets included when the GI is matched to one of its subnets. This allows a pool to be created that represents a sub-net. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
scope keyword
| Synopsis | GI address-matching scope | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool-selection use-gi-address scope keyword | |
| Tree | scope | |
| Options | ||
| Default | subnet | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
use-pool-from-client
| Synopsis | Enable the use-pool-from-client context | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool-selection use-pool-from-client | |
| Tree | use-pool-from-client | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
delimiter string-not-all-spaces
| Synopsis | Delimiter to combine primary and secondary pool names | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item pool-selection use-pool-from-client delimiter string-not-all-spaces | |
| Tree | delimiter | |
Description | This command configures a single ASCII character that separates the pool names in DHCP vendor-specific option 82, which identifies the address pool to be used for this client. | |
| String length | 1 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
user-db reference
| Synopsis | Local user database for authentication | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item user-db reference | |
| Tree | user-db | |
Reference | configure subscriber-mgmt local-user-db named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
user-identification keyword
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | User identification method for the DHCP server | |
| Context | configure service vprn service-name dhcp-server dhcpv4 named-item user-identification keyword | |
| Tree | user-identification | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
dhcpv6 [name] named-item
| Synopsis | Enter the dhcpv6 list instance | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item | |
| Tree | dhcpv6 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[name] named-item
| Synopsis | DHCP server name | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item | |
| Tree | dhcpv6 | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the DHCP server | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
auto-provisioned boolean
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Auto-provision the pools of this server | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item auto-provisioned boolean | |
| Tree | auto-provisioned | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
defaults
options
option [number] (number | keyword)
[number] (number | keyword)
ascii-string string-not-all-spaces
| Synopsis | DHCP option specified as an ASCII string | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item defaults options option (number | keyword) ascii-string string-not-all-spaces | |
| Tree | ascii-string | |
| String length | 1 to 127 | |
Notes | The following elements are part of a mandatory choice: ascii-string, domain-string, duration, empty, hex-string, or ipv6-address. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
domain-string string
| Synopsis | DHCP option specified as a domain name | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item defaults options option (number | keyword) domain-string string | |
| Tree | domain-string | |
| String length | 1 to 127 | |
Notes | The following elements are part of a mandatory choice: ascii-string, domain-string, duration, empty, hex-string, or ipv6-address. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
duration number
| Synopsis | DHCP option specified as time | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item defaults options option (number | keyword) duration number | |
| Tree | duration | |
| Range | 10 to 315446399 | |
| Units | seconds | |
|
Notes | The following elements are part of a mandatory choice: ascii-string, domain-string, duration, empty, hex-string, or ipv6-address. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
empty
| Synopsis | Empty DHCP option | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item defaults options option (number | keyword) empty | |
| Tree | empty | |
Notes | The following elements are part of a mandatory choice: ascii-string, domain-string, duration, empty, hex-string, or ipv6-address. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
hex-string hex-string
| Synopsis | DHCP option specified as hexadecimal string | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item defaults options option (number | keyword) hex-string hex-string | |
| Tree | hex-string | |
| String length | 1 to 256 | |
Notes | The following elements are part of a mandatory choice: ascii-string, domain-string, duration, empty, hex-string, or ipv6-address. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv6-address ipv6-address
| Synopsis | DHCP option specified as a list of IPv6 addresses | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item defaults options option (number | keyword) ipv6-address ipv6-address | |
| Tree | ipv6-address | |
| Max. instances | 4 | |
Notes | The following elements are part of a mandatory choice: ascii-string, domain-string, duration, empty, hex-string, or ipv6-address. This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
preferred-lifetime number
| Synopsis | Time this lease remains preferred | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item defaults preferred-lifetime number | |
| Tree | preferred-lifetime | |
Description | This command configures the preferred lifetime of the IPv6 lease address or prefix. When the preferred lifetime expires, any derived addresses are deprecated. The preferred lifetime must be less than or equal to the valid lifetime. Each address or prefix assigned to the client has associated preferred and valid lifetimes specified by the address assignment authority (such as the DHCP server, RADIUS, or ESM). To request an extension of the lifetimes assigned to an address, the client sends a renew message to the addressing authority. The authority sends a reply message to the client with the new lifetimes, allowing the client to continue to use the address/prefix without interruption. The lifetimes are transmitted from the addressing authority to the client in the identity association (IA) option at the top level of the message (not the address or prefix level). | |
| Range | 300 to 315446399 | |
| Units | seconds | |
| Default | 3600 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
rebind-time number
| Synopsis | Rebind time for the lease | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item defaults rebind-time number | |
| Tree | rebind-time | |
Description | This command configures the rebind time, known as T2, at which the client contacts the addressing authority to extend the lifetimes of its leases. The IP addressing authority (such as the DHCP server, RADIUS, or ESM) controls the time for extending lifetimes on assigned addresses/prefixes through the T1 and T2 parameters assigned to an identity association (IA). At renew time, T1, the client initiates a renew or reply message exchange to extend the lifetimes of any addresses in the IA. The client includes an IA option with all addresses or prefixes currently assigned to the IA in its renew message. Recommended values for T1 and T2 are 0.5 and 0.8 times the shortest preferred lifetime of the addresses or prefixes in the IA that the addressing authority is willing to extend, respectively. The configured rebind timer value should always be less than or equal to the rebind timer. The T1 and T2 values are carried in the IPV6 address option in the IA. | |
| Range | 0 to 1209600 | |
| Units | seconds | |
| Default | 2880 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
renew-time number
| Synopsis | Renew time for the lease | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item defaults renew-time number | |
| Tree | renew-time | |
Description | This command configures the renew time, known as T1, at which the client makes a transition to the lease-renewal state. The IP addressing authority (such as the DHCP server, RADIUS, or ESM) controls the time for extending lifetimes on assigned addresses/prefixes through the T1 and T2 parameters assigned to an identity association (IA). At renew time, T1, the client initiates a renew/reply message exchange to extend the lifetimes of any addresses in the IA. The client includes an IA option with all addresses/prefixes currently assigned to the IA in its renew message. Recommended values for T1 and T2 are 0.5 and 0.8 times the shortest preferred lifetime of the addresses or prefixes in the IA that the addressing authority is willing to extend, respectively. The configured renew timer value should always be shorter than or equal to the rebind timer. The T1 and T2 values are carried in the IPV6 address option in the IA. | |
| Range | 0 to 604800 | |
| Units | seconds | |
| Default | 1800 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
valid-lifetime number
| Synopsis | Time for the lease to remain valid | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item defaults valid-lifetime number | |
| Tree | valid-lifetime | |
Description | This command configures a valid lifetime for a DHCPv6 lease address or prefix. The valid lifetime is the length of time an address and prefix remains in the valid state. The valid lifetime must be greater than or equal to the preferred lifetime. When the valid lifetime expires, the address and prefix becomes invalid and must not be used in communications. RFC 2461 recommends a default value of 30 days. Each address and prefix assigned to the client has associated preferred and valid lifetimes specified by the address assignment authority (such as the DHCP server, RADIUS, or ESM). To request an extension of the lifetimes assigned to an address, the client sends a renew message to the addressing authority. The authority sends a reply message to the client with the new lifetimes, allowing the client to continue to use the address and prefix without interruption. The lifetimes are transmitted from the addressing authority to the client in the identity association (IA) option at the top level of the message (not the address or prefix level). | |
| Range | 300 to 315446399 | |
| Units | seconds | |
| Default | 86400 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
description description
| Synopsis | Text description | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
failover
admin-state keyword
| Synopsis | Administrative state of the failover mechanism | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item failover admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ignore-mclt-on-takeover boolean
| Synopsis | Ignore maximum client lead during takeover from partner | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item failover ignore-mclt-on-takeover boolean | |
| Tree | ignore-mclt-on-takeover | |
Description | When configured to true, the remote IP address range can be taken over immediately when the intercommunication link enters the PARTNER-DOWN state, without having to wait for the MCLT to expire. When configured to false, the DHCP lease time for new clients is restricted to the MCLT during a failure. For existing clients, the lease time is gradually reduced over time to the MCLT by consecutive DHCP renewals. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
maximum-client-lead-time number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Maximum time that DHCP server can extend client's lease | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item failover maximum-client-lead-time number | |
| Tree | maximum-client-lead-time | |
Description | This command configures the maximum client lead time (MCLT), which is the maximum time that a DHCP server can extend the client's lease time beyond the lease time currently known by the DHCP partner node. In dual-homed environments, the initial lease time for all DHCP clients is restricted to the MCLT by default. Consecutive DHCP renewals can extend the lease time beyond the MCLT. | |
| Range | 600 to 86399 | |
| Units | seconds | |
| Default | 600 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
partner-down-delay number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Delay to prevent lease duplication during link failure | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item failover partner-down-delay number | |
| Tree | partner-down-delay | |
Description | This command configures the interval before a failed intercommunication link transitions from the COMM-INT state to the PARTNER-DOWN state. This delay prevents IP lease duplication during link failure by not allowing new IP addresses to be assigned from the remote IP address range. This timer is intended to provide the operator with enough time to remedy the failed situation and avoid duplication of IP addresses and prefixes during the failure. | |
| Range | 0 to 86399 | |
| Units | seconds | |
| Default | 86399 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
peer [address] reference
[address] reference
| Synopsis | IP address of the failover peer | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item failover peer reference | |
| Tree | peer | |
Reference | configure redundancy multi-chassis peer (ipv4-address-no-zone | ipv6-address-no-zone) | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
sync-tag named-item
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Tag that identifies synchronizing server or pool pairs | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item failover peer reference sync-tag named-item | |
| Tree | sync-tag | |
| String length | 1 to 32 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
startup-wait-time number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Time between initialization and assuming active role | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item failover startup-wait-time number | |
| Tree | startup-wait-time | |
Description | This command configures a delay that avoids transient issues during the initialization process. During startup wait time, each failover peer waits after the initialization process before assuming the active role for the prefix designated as local or remote. | |
| Range | 60 to 3600 | |
| Units | seconds | |
| Default | 120 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ignore-rapid-commit boolean
| Synopsis | Ignore Rapid Commit option | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item ignore-rapid-commit boolean | |
| Tree | ignore-rapid-commit | |
Description | When configured to true, the server ignores the Rapid Commit option sent by the client and uses the regular message exchange. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
interface-id-mapping boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Map hosts within interface-to-prefix combinations | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item interface-id-mapping boolean | |
| Tree | interface-id-mapping | |
Description | When configured to true, this command specifies an interface-mapping method that uses a combination of unique /64 prefixes and interface IDs. A /64 prefix is allocated to each interface ID, and all clients with the same interface ID are assigned an address from the prefix. This method is used for bridging clients in the same local loop and SAP, so that sharing the prefix allows communication to stay local. For SLAAC-based assignment, downstream neighbor discovery is automatically enabled to resolve the assigned address. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
lease-hold
| Synopsis | Enter the lease-hold context | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item lease-hold | |
| Tree | lease-hold | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
additional-scenarios
| Synopsis | Enter the additional-scenarios context | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item lease-hold additional-scenarios | |
| Tree | additional-scenarios | |
Description | Commands in this context configure additional types of leases or triggers that cause the system to hold up leases. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
internal-lease-ipsec boolean
| Synopsis | Apply the lease hold timer to local IPsec clients | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item lease-hold additional-scenarios internal-lease-ipsec boolean | |
| Tree | internal-lease-ipsec | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
solicited-release boolean
| Synopsis | Apply lease hold timer for solicited releases | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item lease-hold additional-scenarios solicited-release boolean | |
| Tree | solicited-release | |
Description | This command enables the server to hold up a lease even for a solicited release, for example, when the server receives a normal DHCP release message. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
time number
| Synopsis | Lease hold time | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item lease-hold time number | |
| Tree | time | |
| Range | 1 to 631152000 | |
| Units | seconds | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
lease-query boolean
| Synopsis | Handle and reply to lease query messages | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item lease-query boolean | |
| Tree | lease-query | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
pool [pool-name] named-item
[pool-name] named-item
delegated-prefix
| Synopsis | Enter the delegated-prefix context | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item delegated-prefix | |
| Tree | delegated-prefix | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
length number
| Synopsis | Prefix length for pool if unspecified by client | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item delegated-prefix length number | |
| Tree | length | |
| Range | 48 to 127 | |
| Default | 64 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
maximum number
| Synopsis | Maximum delegated prefix length for this pool | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item delegated-prefix maximum number | |
| Tree | maximum | |
| Range | 48 to 127 | |
| Default | 64 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
minimum number
| Synopsis | Minimum delegated prefix length for this pool | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item delegated-prefix minimum number | |
| Tree | minimum | |
| Range | 48 to 127 | |
| Default | 48 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
description description
| Synopsis | Text description | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
exclude-prefix [ipv6-prefix] ipv6-prefix
| Synopsis | Add a list entry for exclude-prefix | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item exclude-prefix ipv6-prefix | |
| Tree | exclude-prefix | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[ipv6-prefix] ipv6-prefix
| Synopsis | IPv6 prefix to be excluded from available pool prefixes | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item exclude-prefix ipv6-prefix | |
| Tree | exclude-prefix | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
failover
admin-state keyword
| Synopsis | Administrative state of the failover mechanism | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item failover admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ignore-mclt-on-takeover boolean
| Synopsis | Ignore maximum client lead during takeover from partner | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item failover ignore-mclt-on-takeover boolean | |
| Tree | ignore-mclt-on-takeover | |
Description | When configured to true, the remote IP address range can be taken over immediately when the intercommunication link enters the PARTNER-DOWN state, without having to wait for the MCLT to expire. When configured to false, the DHCP lease time for new clients is restricted to the MCLT during a failure. For existing clients, the lease time is gradually reduced over time to the MCLT by consecutive DHCP renewals. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
maximum-client-lead-time number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Maximum time that DHCP server can extend client's lease | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item failover maximum-client-lead-time number | |
| Tree | maximum-client-lead-time | |
Description | This command configures the maximum client lead time (MCLT), which is the maximum time that a DHCP server can extend the client's lease time beyond the lease time currently known by the DHCP partner node. In dual-homed environments, the initial lease time for all DHCP clients is restricted to the MCLT by default. Consecutive DHCP renewals can extend the lease time beyond the MCLT. | |
| Range | 600 to 86399 | |
| Units | seconds | |
| Default | 600 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
partner-down-delay number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Delay to prevent lease duplication during link failure | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item failover partner-down-delay number | |
| Tree | partner-down-delay | |
Description | This command configures the interval before a failed intercommunication link transitions from the COMM-INT state to the PARTNER-DOWN state. This delay prevents IP lease duplication during link failure by not allowing new IP addresses to be assigned from the remote IP address range. This timer is intended to provide the operator with enough time to remedy the failed situation and avoid duplication of IP addresses and prefixes during the failure. | |
| Range | 0 to 86399 | |
| Units | seconds | |
| Default | 86399 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
peer [address] reference
[address] reference
| Synopsis | IP address of the failover peer | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item failover peer reference | |
| Tree | peer | |
Reference | configure redundancy multi-chassis peer (ipv4-address-no-zone | ipv6-address-no-zone) | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
sync-tag named-item
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Tag that identifies synchronizing server or pool pairs | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item failover peer reference sync-tag named-item | |
| Tree | sync-tag | |
| String length | 1 to 32 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
startup-wait-time number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Time between initialization and assuming active role | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item failover startup-wait-time number | |
| Tree | startup-wait-time | |
Description | This command configures a delay that avoids transient issues during the initialization process. During startup wait time, each failover peer waits after the initialization process before assuming the active role for the prefix designated as local or remote. | |
| Range | 60 to 3600 | |
| Units | seconds | |
| Default | 120 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
options
option [number] (number | keyword)
[number] (number | keyword)
ascii-string string-not-all-spaces
| Synopsis | DHCP option specified as an ASCII string | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item options option (number | keyword) ascii-string string-not-all-spaces | |
| Tree | ascii-string | |
| String length | 1 to 127 | |
Notes | The following elements are part of a mandatory choice: ascii-string, domain-string, duration, empty, hex-string, or ipv6-address. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
domain-string string
| Synopsis | DHCP option specified as a domain name | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item options option (number | keyword) domain-string string | |
| Tree | domain-string | |
| String length | 1 to 127 | |
Notes | The following elements are part of a mandatory choice: ascii-string, domain-string, duration, empty, hex-string, or ipv6-address. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
duration number
| Synopsis | DHCP option specified as time | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item options option (number | keyword) duration number | |
| Tree | duration | |
| Range | 10 to 315446399 | |
| Units | seconds | |
|
Notes | The following elements are part of a mandatory choice: ascii-string, domain-string, duration, empty, hex-string, or ipv6-address. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
empty
| Synopsis | Empty DHCP option | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item options option (number | keyword) empty | |
| Tree | empty | |
Notes | The following elements are part of a mandatory choice: ascii-string, domain-string, duration, empty, hex-string, or ipv6-address. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
hex-string hex-string
| Synopsis | DHCP option specified as hexadecimal string | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item options option (number | keyword) hex-string hex-string | |
| Tree | hex-string | |
| String length | 1 to 256 | |
Notes | The following elements are part of a mandatory choice: ascii-string, domain-string, duration, empty, hex-string, or ipv6-address. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv6-address ipv6-address
| Synopsis | DHCP option specified as a list of IPv6 addresses | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item options option (number | keyword) ipv6-address ipv6-address | |
| Tree | ipv6-address | |
| Max. instances | 4 | |
Notes | The following elements are part of a mandatory choice: ascii-string, domain-string, duration, empty, hex-string, or ipv6-address. This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
prefix [ipv6-prefix] ipv6-prefix
[ipv6-prefix] ipv6-prefix
drain boolean
failover-control-type keyword
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Failover control type for this range | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item prefix ipv6-prefix failover-control-type keyword | |
| Tree | failover-control-type | |
| Options | ||
| Default | local | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
options
option [number] (number | keyword)
[number] (number | keyword)
| Synopsis | DHCP option to send as identification string | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item prefix ipv6-prefix options option (number | keyword) | |
| Tree | option | |
| Range | 1 to 65535 | |
| Options | ||
|
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ascii-string string-not-all-spaces
| Synopsis | DHCP option specified as an ASCII string | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item prefix ipv6-prefix options option (number | keyword) ascii-string string-not-all-spaces | |
| Tree | ascii-string | |
| String length | 1 to 127 | |
Notes | The following elements are part of a mandatory choice: ascii-string, domain-string, duration, empty, hex-string, or ipv6-address. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
domain-string string
| Synopsis | DHCP option specified as a domain name | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item prefix ipv6-prefix options option (number | keyword) domain-string string | |
| Tree | domain-string | |
| String length | 1 to 127 | |
Notes | The following elements are part of a mandatory choice: ascii-string, domain-string, duration, empty, hex-string, or ipv6-address. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
duration number
| Synopsis | DHCP option specified as time | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item prefix ipv6-prefix options option (number | keyword) duration number | |
| Tree | duration | |
| Range | 10 to 315446399 | |
| Units | seconds | |
|
Notes | The following elements are part of a mandatory choice: ascii-string, domain-string, duration, empty, hex-string, or ipv6-address. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
empty
| Synopsis | Empty DHCP option | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item prefix ipv6-prefix options option (number | keyword) empty | |
| Tree | empty | |
Notes | The following elements are part of a mandatory choice: ascii-string, domain-string, duration, empty, hex-string, or ipv6-address. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
hex-string hex-string
| Synopsis | DHCP option specified as hexadecimal string | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item prefix ipv6-prefix options option (number | keyword) hex-string hex-string | |
| Tree | hex-string | |
| String length | 1 to 256 | |
Notes | The following elements are part of a mandatory choice: ascii-string, domain-string, duration, empty, hex-string, or ipv6-address. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv6-address ipv6-address
| Synopsis | DHCP option specified as a list of IPv6 addresses | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item prefix ipv6-prefix options option (number | keyword) ipv6-address ipv6-address | |
| Tree | ipv6-address | |
| Max. instances | 4 | |
Notes | The following elements are part of a mandatory choice: ascii-string, domain-string, duration, empty, hex-string, or ipv6-address. This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
preferred-lifetime number
| Synopsis | Time this lease remains preferred | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item prefix ipv6-prefix preferred-lifetime number | |
| Tree | preferred-lifetime | |
Description | This command configures the preferred lifetime of the IPv6 lease address or prefix. When the preferred lifetime expires, any derived addresses are deprecated. The preferred lifetime must be less than or equal to the valid lifetime. Each address or prefix assigned to the client has associated preferred and valid lifetimes specified by the address assignment authority (such as the DHCP server, RADIUS, or ESM). To request an extension of the lifetimes assigned to an address, the client sends a renew message to the addressing authority. The authority sends a reply message to the client with the new lifetimes, allowing the client to continue to use the address/prefix without interruption. The lifetimes are transmitted from the addressing authority to the client in the identity association (IA) option at the top level of the message (not the address or prefix level). | |
| Range | 300 to 315446399 | |
| Units | seconds | |
| Default | 3600 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
prefix-length-threshold [prefix-length] number
| Synopsis | Enter the prefix-length-threshold list instance | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item prefix ipv6-prefix prefix-length-threshold number | |
| Tree | prefix-length-threshold | |
| Max. instances | 8 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
[prefix-length] number
| Synopsis | Delegated prefix length for pool thresholds | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item prefix ipv6-prefix prefix-length-threshold number | |
| Tree | prefix-length-threshold | |
| Range | 1 to 128 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
absolute number
| Synopsis | Minimum number of free prefixes for this prefix length | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item prefix ipv6-prefix prefix-length-threshold number absolute number | |
| Tree | absolute | |
| Range | 1 to 4294967295 | |
Notes | The following elements are part of a choice: absolute or percent. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
event-when-depleted boolean
| Synopsis | Generate a notification when this pool is depleted | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item prefix ipv6-prefix prefix-length-threshold number event-when-depleted boolean | |
| Tree | event-when-depleted | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
percent number
| Synopsis | Minimum percentage of free prefixes for prefix length | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item prefix ipv6-prefix prefix-length-threshold number percent number | |
| Tree | percent | |
| Range | 1 to 100 | |
Notes | The following elements are part of a choice: absolute or percent. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
prefix-type
| Synopsis | Enter the prefix-type context | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item prefix ipv6-prefix prefix-type | |
| Tree | prefix-type | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
pd boolean
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Allocate IA-PD prefixes from this prefix pool | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item prefix ipv6-prefix prefix-type pd boolean | |
| Tree | pd | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
wan-host boolean
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Allocate IA-NA or SLAAC prefixes from this prefix pool | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item prefix ipv6-prefix prefix-type wan-host boolean | |
| Tree | wan-host | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
rebind-time number
| Synopsis | Rebind time for the lease | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item prefix ipv6-prefix rebind-time number | |
| Tree | rebind-time | |
Description | This command configures the rebind time, known as T2, at which the client contacts the addressing authority to extend the lifetimes of its leases. The IP addressing authority (such as the DHCP server, RADIUS, or ESM) controls the time for extending lifetimes on assigned addresses/prefixes through the T1 and T2 parameters assigned to an identity association (IA). At renew time, T1, the client initiates a renew or reply message exchange to extend the lifetimes of any addresses in the IA. The client includes an IA option with all addresses or prefixes currently assigned to the IA in its renew message. Recommended values for T1 and T2 are 0.5 and 0.8 times the shortest preferred lifetime of the addresses or prefixes in the IA that the addressing authority is willing to extend, respectively. The configured rebind timer value should always be less than or equal to the rebind timer. The T1 and T2 values are carried in the IPV6 address option in the IA. | |
| Range | 0 to 1209600 | |
| Units | seconds | |
| Default | 2880 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
renew-time number
| Synopsis | Renew time for the lease | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item prefix ipv6-prefix renew-time number | |
| Tree | renew-time | |
Description | This command configures the renew time, known as T1, at which the client makes a transition to the lease-renewal state. The IP addressing authority (such as the DHCP server, RADIUS, or ESM) controls the time for extending lifetimes on assigned addresses/prefixes through the T1 and T2 parameters assigned to an identity association (IA). At renew time, T1, the client initiates a renew/reply message exchange to extend the lifetimes of any addresses in the IA. The client includes an IA option with all addresses/prefixes currently assigned to the IA in its renew message. Recommended values for T1 and T2 are 0.5 and 0.8 times the shortest preferred lifetime of the addresses or prefixes in the IA that the addressing authority is willing to extend, respectively. The configured renew timer value should always be shorter than or equal to the rebind timer. The T1 and T2 values are carried in the IPV6 address option in the IA. | |
| Range | 0 to 604800 | |
| Units | seconds | |
| Default | 1800 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
valid-lifetime number
| Synopsis | Time for the lease to remain valid | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item prefix ipv6-prefix valid-lifetime number | |
| Tree | valid-lifetime | |
Description | This command configures a valid lifetime for a DHCPv6 lease address or prefix. The valid lifetime is the length of time an address and prefix remains in the valid state. The valid lifetime must be greater than or equal to the preferred lifetime. When the valid lifetime expires, the address and prefix becomes invalid and must not be used in communications. RFC 2461 recommends a default value of 30 days. Each address and prefix assigned to the client has associated preferred and valid lifetimes specified by the address assignment authority (such as the DHCP server, RADIUS, or ESM). To request an extension of the lifetimes assigned to an address, the client sends a renew message to the addressing authority. The authority sends a reply message to the client with the new lifetimes, allowing the client to continue to use the address and prefix without interruption. The lifetimes are transmitted from the addressing authority to the client in the identity association (IA) option at the top level of the message (not the address or prefix level). | |
| Range | 300 to 315446399 | |
| Units | seconds | |
| Default | 86400 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
prefix-length-threshold [prefix-length] number
| Synopsis | Enter the prefix-length-threshold list instance | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item prefix-length-threshold number | |
| Tree | prefix-length-threshold | |
| Max. instances | 8 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
[prefix-length] number
| Synopsis | Delegated prefix length for pool thresholds | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item prefix-length-threshold number | |
| Tree | prefix-length-threshold | |
| Range | 1 to 128 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
event-when-depleted boolean
| Synopsis | Generate a notification when this pool is depleted | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item prefix-length-threshold number event-when-depleted boolean | |
| Tree | event-when-depleted | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
minimum-free-percent number
| Synopsis | Percentage of free prefixes for this prefix length | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool named-item prefix-length-threshold number minimum-free-percent number | |
| Tree | minimum-free-percent | |
| Range | 0 to 100 | |
| Default | 0 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
pool-selection
| Synopsis | Enter the pool-selection context | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool-selection | |
| Tree | pool-selection | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
use-link-address
| Synopsis | Enable the use-link-address context | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool-selection use-link-address | |
| Tree | use-link-address | |
Description | This command configures the local pool selection for DHCPv6 address or prefix assignment to use the link address. When configured, the selected pool contains a prefix covering the link address. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
scope keyword
| Synopsis | Scope of the IP address selection | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool-selection use-link-address scope keyword | |
| Tree | scope | |
| Options | ||
| Default | subnet | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
use-pool-from-client
| Synopsis | Enable the use-pool-from-client context | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool-selection use-pool-from-client | |
| Tree | use-pool-from-client | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
delimiter string-not-all-spaces
| Synopsis | Delimiter to combine primary and secondary pool names | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item pool-selection use-pool-from-client delimiter string-not-all-spaces | |
| Tree | delimiter | |
Description | This command configures a single ASCII character that separates the pool names in DHCP vendor-specific option 82, which identifies the address pool to be used for this client. | |
| String length | 1 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
server-id
duid-enterprise
| Synopsis | Enter the duid-enterprise context | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item server-id duid-enterprise | |
| Tree | duid-enterprise | |
Notes | The following elements are part of a choice: duid-enterprise or duid-link-local. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ascii-string string-not-all-spaces
| Synopsis | DUID enterprise server ID specified as an ASCII string | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item server-id duid-enterprise ascii-string string-not-all-spaces | |
| Tree | ascii-string | |
| String length | 1 to 58 | |
Notes | The following elements are part of a choice: ascii-string or hex-string. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
hex-string hex-string
| Synopsis | DUID enterprise server ID specified as a hex string | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item server-id duid-enterprise hex-string hex-string | |
| Tree | hex-string | |
| String length | 1 to 118 | |
Notes | The following elements are part of a choice: ascii-string or hex-string. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
duid-link-local
| Synopsis | Derive DUID server ID from a system link-layer address | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item server-id duid-link-local | |
| Tree | duid-link-local | |
Notes | The following elements are part of a choice: duid-enterprise or duid-link-local. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
user-db reference
| Synopsis | Local user database to lookup DHCP lease data | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item user-db reference | |
| Tree | user-db | |
Reference | configure subscriber-mgmt local-user-db named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
user-identification keyword
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | User identification method for the DHCP server | |
| Context | configure service vprn service-name dhcp-server dhcpv6 named-item user-identification keyword | |
| Tree | user-identification | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
dns
admin-state keyword
| Synopsis | Administrative state of DNS | |
| Context | configure service vprn service-name dns admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
default-domain fully-qualified-domain-name
| Synopsis | Domain name added in DNS retries | |
| Context | configure service vprn service-name dns default-domain fully-qualified-domain-name | |
| Tree | default-domain | |
Description | This command configures the DNS domain name to be added in DNS retries when a DNS query is not replied or an empty DNS reply is received. The name can contain only alphabetical characters (A-Z), numeric characters (0-9), the minus sign (-), and the period (.). | |
| String length | 1 to 255 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4-source-address (keyword | ipv4-unicast-address)
| Synopsis | Source address to contact an IPv4 DNS server | |
| Context | configure service vprn service-name dns ipv4-source-address (keyword | ipv4-unicast-address) | |
| Tree | ipv4-source-address | |
| Options | ||
| Default | use-interface-ip | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv6-source-address (keyword | ipv6-unicast-address)
| Synopsis | Source address to contact an IPv6 DNS server | |
| Context | configure service vprn service-name dns ipv6-source-address (keyword | ipv6-unicast-address) | |
| Tree | ipv6-source-address | |
| Options | ||
| Default | use-interface-ip | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
server (ipv4-address-no-zone | ipv6-address-no-zone)
ecmp number
| Synopsis | Maximum equal-cost routes for routing table instance | |
| Context | configure service vprn service-name ecmp number | |
| Tree | ecmp | |
Description | This command configures ECMP and defines the number of routes for path sharing. ECMP can be used only for routes learned with the same preference and the same protocol. If available ECMP routes at the best preference exceed the maximum ECMP routes allowed, the system selects the route using the following criteria:
| |
| Range | 1 to 64 | |
| Default | 1 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
ecmp-unequal-cost boolean
| Synopsis | Enable ECMP unequal cost capability | |
| Context | configure service vprn service-name ecmp-unequal-cost boolean | |
| Tree | ecmp-unequal-cost | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
export-inactive-bgp boolean
| Synopsis | Export preferred BGP route even if inactive | |
| Context | configure service vprn service-name export-inactive-bgp boolean | |
| Tree | export-inactive-bgp | |
Description | When configured to true, the preferred BGP route learned by a VPRN is exported as the VPN-IP route even if it is inactive in the route table because a preferred BGP VPRN route from another PE is present. This overrides the default state in which the VPRN cannot export an inactive BGP route. For the BGP route to be exported, the VRF export policy must accept it. This command applies to both MPLS VPN and SRv6 VPN routes. In SRv6 VPN routes the advertised instruction is an End.DT, while in MPLS VPN routes the advertised label is a per-next-hop label.This “best-external” type of route advertisement is useful in active/standby multi-homing scenarios because it ensures that all PEs know about the backup path provided by the standby PE. When configured to false, the preferred BGP route is not exported if it is inactive. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
export-inactive-bgp-enhanced boolean
| Synopsis | Export best BGP route when better non-BGP route present | |
| Context | configure service vprn service-name export-inactive-bgp-enhanced boolean | |
| Tree | export-inactive-bgp-enhanced | |
Description | When configured to true, the router allows a BGP route that is inactive (because a better non-BGP route for the same prefix is present) to be exportable as a VPN-IP route. A BGP route learned from a VPRN BGP peer is exportable as a VPN-IP route, only if it is the best route for the prefix and is installed in the route table of the VPRN. If the export-inactive-bgp command is true in the VPRN configuration, this rule is relaxed, and the best inactive VPRN BGP route is exportable as a VPN-IP route, provided that the active installed route for the prefix is an imported VPN-IP route. The rule described in the preceding paragraph can be relaxed even further by configuring this command to true. When this command is true, the best inactive VPRN BGP route (best amongst all routes received from all CEs) is exportable as a VPN-IP route, regardless of the route type of the active installed route. The configuration of this command overrides the export-inactive-bgp command. If this command is true, the export-inactive-bgp command does not need to be true. When configured to false, the router disables allowing an inactive BGP route in the presence of a better non-BGP route to be exportable as a VPN-IP route. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
fib-priority keyword
| Synopsis | FIB priority for VPRN BGP routes | |
| Context | configure service vprn service-name fib-priority keyword | |
| Tree | fib-priority | |
Description | This command prioritizes the order in which BGP FIB entries across different routing instances are pushed to the IOM for updating. This allows BGP route updates for higher priority router instances to occur as quickly as possible by assigning a FIB priority to the associated router instances (base and VPRN instances). If routing updates are available for multiple router instances, the IOMs or IMMs update the FIB with entries with high priority router instances before entries with standard priority router instances. | |
| Options | standard – Standard FIB priority for routing instances high – High FIB priority for routing instances | |
| Default | standard | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
grt-leaking
| Synopsis | Enter the grt-leaking context | |
| Context | configure service vprn service-name grt-leaking | |
| Tree | grt-leaking | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
allow-local-management boolean
| Synopsis | Enable management traffic | |
| Context | configure service vprn service-name grt-leaking allow-local-management boolean | |
| Tree | allow-local-management | |
Description | When configured to true, this command enables the support of specific management protocols over VPRN interfaces that terminate on Base routing context IPv4 and IPv6 interface addresses, including Base loopback and system addresses. This command does not control the support for management protocols terminating on VPRN interfaces directly. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
export-grt
| Synopsis | Enter the export-grt context | |
| Context | configure service vprn service-name grt-leaking export-grt | |
| Tree | export-grt | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
policy-name (policy-expr-string | string)
| Synopsis | Route policy name or policy logical expression | |
| Context | configure service vprn service-name grt-leaking export-grt policy-name (policy-expr-string | string) | |
| Tree | policy-name | |
| String length | 1 to 255 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
export-limit number
| Synopsis | Maximum number of routes exported from VRF to GRT | |
| Context | configure service vprn service-name grt-leaking export-limit number | |
| Tree | export-limit | |
| Range | 0 to 1000 | |
| Default | 5 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
export-v6-limit number
| Synopsis | Maximum number of IPv6 routes exported from VPRN to GRT | |
| Context | configure service vprn service-name grt-leaking export-v6-limit number | |
| Tree | export-v6-limit | |
| Range | 0 to 1000 | |
| Default | 5 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
grt-lookup boolean
| Synopsis | Enable global route table lookup | |
| Context | configure service vprn service-name grt-leaking grt-lookup boolean | |
| Tree | grt-lookup | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
import-grt
| Synopsis | Enter the import-grt context | |
| Context | configure service vprn service-name grt-leaking import-grt | |
| Tree | import-grt | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
policy-name (policy-expr-string | string)
| Synopsis | Route policy name or policy logical expression | |
| Context | configure service vprn service-name grt-leaking import-grt policy-name (policy-expr-string | string) | |
| Tree | policy-name | |
| String length | 1 to 255 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
hash-label boolean
| Synopsis | Include hash label | |
| Context | configure service vprn service-name hash-label boolean | |
| Tree | hash-label | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
igmp
admin-state keyword
| Synopsis | Administrative state of IGMP | |
| Context | configure service vprn service-name igmp admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
group-if-query-source-address ipv4-unicast-address
| Synopsis | Default query-source address for all group interfaces | |
| Context | configure service vprn service-name igmp group-if-query-source-address ipv4-unicast-address | |
| Tree | group-if-query-source-address | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
interface [ip-interface-name] interface-name
[ip-interface-name] interface-name
admin-state keyword
| Synopsis | Administrative state of IGMP | |
| Context | configure service vprn service-name igmp interface interface-name admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
import-policy reference
| Synopsis | Import policy that filters IGMP packets | |
| Context | configure service vprn service-name igmp interface interface-name import-policy reference | |
| Tree | import-policy | |
Description | This command configures the IGMP import policy, or filter, for an interface subscriber or a group interface. An IGMP filter is also known as a black or white list, and it is defined as a router policy option. When redirection is applied, only the import policy from the subscriber is in effect. The import policy under the group interface is applicable only for IGMP states received directly on the SAP (AN in IGMP proxy mode). | |
Reference | configure policy-options policy-statement named-item-64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
maximum-number-group-sources number
| Synopsis | Maximum number of group sources for this interface | |
| Context | configure service vprn service-name igmp interface interface-name maximum-number-group-sources number | |
| Tree | maximum-number-group-sources | |
Description | This command configures the maximum number of group sources for which IGMP or MLD can have local receiver information based on received IGMP or MLD reports on this interface. When this configuration is changed dynamically to a lower value than the currently accepted number of group sources, the group sources that are already accepted are not deleted. Only new group sources are not allowed. | |
| Range | 1 to 32000 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
maximum-number-groups number
| Synopsis | Maximum number of groups for this interface | |
| Context | configure service vprn service-name igmp interface interface-name maximum-number-groups number | |
| Tree | maximum-number-groups | |
| Range | 1 to 16000 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
maximum-number-sources number
| Synopsis | Maximum number of sources that are allowed per group | |
| Context | configure service vprn service-name igmp interface interface-name maximum-number-sources number | |
| Tree | maximum-number-sources | |
| Range | 1 to 1000 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
query-interval number
| Synopsis | Time between two consecutive host-query messages | |
| Context | configure service vprn service-name igmp interface interface-name query-interval number | |
| Tree | query-interval | |
| Range | 2 to 1024 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
query-last-member-interval number
| Synopsis | Time between group-specific query messages | |
| Context | configure service vprn service-name igmp interface interface-name query-last-member-interval number | |
| Tree | query-last-member-interval | |
| Range | 1 to 1023 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
query-response-interval number
| Synopsis | Time to wait for a response to the host-query messages | |
| Context | configure service vprn service-name igmp interface interface-name query-response-interval number | |
| Tree | query-response-interval | |
| Range | 1 to 1023 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
redundant-mcast boolean
| Synopsis | Use interface as a redundant-pair member for multicast | |
| Context | configure service vprn service-name igmp interface interface-name redundant-mcast boolean | |
| Tree | redundant-mcast | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
router-alert-check boolean
| Synopsis | Enable router alert checking for IGMP or MLD messages | |
| Context | configure service vprn service-name igmp interface interface-name router-alert-check boolean | |
| Tree | router-alert-check | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ssm-translate
| Synopsis | Enter the ssm-translate context | |
| Context | configure service vprn service-name igmp interface interface-name ssm-translate | |
| Tree | ssm-translate | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
group-range start ipv4-multicast-address end ipv4-multicast-address
| Synopsis | Enter the group-range list instance | |
| Context | configure service vprn service-name igmp interface interface-name ssm-translate group-range start ipv4-multicast-address end ipv4-multicast-address | |
| Tree | group-range | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
start ipv4-multicast-address
| Synopsis | Lower bound of the IP address group range | |
| Context | configure service vprn service-name igmp interface interface-name ssm-translate group-range start ipv4-multicast-address end ipv4-multicast-address | |
| Tree | group-range | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
end ipv4-multicast-address
| Synopsis | Upper bound of the IP address group range | |
| Context | configure service vprn service-name igmp interface interface-name ssm-translate group-range start ipv4-multicast-address end ipv4-multicast-address | |
| Tree | group-range | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
source [source-address] ipv4-unicast-address
| Synopsis | Add a list entry for source | |
| Context | configure service vprn service-name igmp interface interface-name ssm-translate group-range start ipv4-multicast-address end ipv4-multicast-address source ipv4-unicast-address | |
| Tree | source | |
| Min. instances | 1 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
[source-address] ipv4-unicast-address
| Synopsis | Source IP address of multicast channel sending data | |
| Context | configure service vprn service-name igmp interface interface-name ssm-translate group-range start ipv4-multicast-address end ipv4-multicast-address source ipv4-unicast-address | |
| Tree | source | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
static
group [group-address] ipv4-multicast-address
[group-address] ipv4-multicast-address
| Synopsis | Group address of static IGMP multicast channel | |
| Context | configure service vprn service-name igmp interface interface-name static group ipv4-multicast-address | |
| Tree | group | |
Description | This command configures an address that receives data on an interface. The IP address must be unique for each static group. | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
source [source-address] ipv4-unicast-address
| Synopsis | Add a list entry for source | |
| Context | configure service vprn service-name igmp interface interface-name static group ipv4-multicast-address source ipv4-unicast-address | |
| Tree | source | |
Notes | The following elements are part of a mandatory choice: source or starg. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[source-address] ipv4-unicast-address
starg
group-range start ipv4-multicast-address end ipv4-multicast-address step ipv4-address
| Synopsis | Enter the group-range list instance | |
| Context | configure service vprn service-name igmp interface interface-name static group-range start ipv4-multicast-address end ipv4-multicast-address step ipv4-address | |
| Tree | group-range | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
start ipv4-multicast-address
| Synopsis | IP address for the start of the static group range | |
| Context | configure service vprn service-name igmp interface interface-name static group-range start ipv4-multicast-address end ipv4-multicast-address step ipv4-address | |
| Tree | group-range | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
end ipv4-multicast-address
| Synopsis | IP address for the end of the static group range | |
| Context | configure service vprn service-name igmp interface interface-name static group-range start ipv4-multicast-address end ipv4-multicast-address step ipv4-address | |
| Tree | group-range | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
step ipv4-address
| Synopsis | Step interval in the group-range address | |
| Context | configure service vprn service-name igmp interface interface-name static group-range start ipv4-multicast-address end ipv4-multicast-address step ipv4-address | |
| Tree | group-range | |
| MD-CLI default | 0.0.0.1 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
source [source-address] ipv4-unicast-address
| Synopsis | Add a list entry for source | |
| Context | configure service vprn service-name igmp interface interface-name static group-range start ipv4-multicast-address end ipv4-multicast-address step ipv4-address source ipv4-unicast-address | |
| Tree | source | |
Notes | The following elements are part of a mandatory choice: source or starg. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[source-address] ipv4-unicast-address
| Synopsis | Source IP address of multicast channel sending data | |
| Context | configure service vprn service-name igmp interface interface-name static group-range start ipv4-multicast-address end ipv4-multicast-address step ipv4-address source ipv4-unicast-address | |
| Tree | source | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
starg
| Synopsis | any source address (*,G) | |
| Context | configure service vprn service-name igmp interface interface-name static group-range start ipv4-multicast-address end ipv4-multicast-address step ipv4-address starg | |
| Tree | starg | |
Notes | The following elements are part of a mandatory choice: source or starg. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
subnet-check boolean
| Synopsis | Allow subnet checking | |
| Context | configure service vprn service-name igmp interface interface-name subnet-check boolean | |
| Tree | subnet-check | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
version keyword
query-interval number
| Synopsis | Time between two consecutive host-query messages | |
| Context | configure service vprn service-name igmp query-interval number | |
| Tree | query-interval | |
Description | This command configures the timing of the host-query messages that solicit group membership information. The messages are sent to the all-systems multicast group address, 224.0.0.1. | |
| Range | 2 to 1024 | |
| Units | seconds | |
| Default | 125 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
query-last-member-interval number
| Synopsis | Time between group-specific query messages | |
| Context | configure service vprn service-name igmp query-last-member-interval number | |
| Tree | query-last-member-interval | |
Description | This command configures the timing of the query-message interval, defining the interval for leave-group messages among others. The lower the interval that is configured, the faster the detection of the loss of the last member of a group. | |
| Range | 1 to 1023 | |
| Units | seconds | |
| Default | 1 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
query-response-interval number
| Synopsis | Time to wait for a response to the host-query messages | |
| Context | configure service vprn service-name igmp query-response-interval number | |
| Tree | query-response-interval | |
| Range | 1 to 1023 | |
| Units | seconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
robust-count number
| Synopsis | Number of retries after expected message loss | |
| Context | configure service vprn service-name igmp robust-count number | |
| Tree | robust-count | |
Description | This command configures the level of expected packet loss on a subnet. If a subnet anticipates losses, this value can be increased. | |
| Range | 2 to 10 | |
| Default | 2 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
ssm-translate
| Synopsis | Enter the ssm-translate context | |
| Context | configure service vprn service-name igmp ssm-translate | |
| Tree | ssm-translate | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
group-range start ipv4-multicast-address end ipv4-multicast-address
| Synopsis | Enter the group-range list instance | |
| Context | configure service vprn service-name igmp ssm-translate group-range start ipv4-multicast-address end ipv4-multicast-address | |
| Tree | group-range | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
start ipv4-multicast-address
| Synopsis | Lower bound of the IP address group range | |
| Context | configure service vprn service-name igmp ssm-translate group-range start ipv4-multicast-address end ipv4-multicast-address | |
| Tree | group-range | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
end ipv4-multicast-address
| Synopsis | Upper bound of the IP address group range | |
| Context | configure service vprn service-name igmp ssm-translate group-range start ipv4-multicast-address end ipv4-multicast-address | |
| Tree | group-range | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
source [source-address] ipv4-unicast-address
| Synopsis | Add a list entry for source | |
| Context | configure service vprn service-name igmp ssm-translate group-range start ipv4-multicast-address end ipv4-multicast-address source ipv4-unicast-address | |
| Tree | source | |
| Min. instances | 1 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
[source-address] ipv4-unicast-address
| Synopsis | Source IP address of multicast channel sending data | |
| Context | configure service vprn service-name igmp ssm-translate group-range start ipv4-multicast-address end ipv4-multicast-address source ipv4-unicast-address | |
| Tree | source | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ignore-nh-metric boolean
| Synopsis | Ignore next hop metric | |
| Context | configure service vprn service-name ignore-nh-metric boolean | |
| Tree | ignore-nh-metric | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
interface [interface-name] interface-name
[interface-name] interface-name
admin-state keyword
| Synopsis | Administrative state of the interface | |
| Context | configure service vprn service-name interface interface-name admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
description very-long-description
| Synopsis | Text description | |
| Context | configure service vprn service-name interface interface-name description very-long-description | |
| Tree | description | |
| String length | 1 to 255 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dynamic-tunnel-redundant-nexthop ipv4-unicast-address
| Synopsis | Redundant next-hop address for the dynamic IPsec tunnel | |
| Context | configure service vprn service-name interface interface-name dynamic-tunnel-redundant-nexthop ipv4-unicast-address | |
| Tree | dynamic-tunnel-redundant-nexthop | |
Description | This command configures a redundant next-hop address on a public or private IPsec interface (with a public or private tunnel SAP) for dynamic IPsec tunnel in 1:1 MC-IPsec. A standby node uses the specified next-hop address to shunt traffic to the master in case it receives traffic destined to a tunnel endpoint address. The standby tunnel group needs to be operationally up for the feature to work. The next-hop address is resolved in the routing table of a corresponding service. | |
Notes | The following elements are part of a choice: multi-chassis-shunting-profile or (dynamic-tunnel-redundant-nexthop and static-tunnel-redundant-nexthop). | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
hold-time
ipv4
down
| Synopsis | Enter the down context | |
| Context | configure service vprn service-name interface interface-name hold-time ipv4 down | |
| Tree | down | |
Description | Commands in this context configure the down hold timer, which specifies the delay before activating the associated interface. The delay is invoked whenever the system attempts to bring the associated IP interface up, unless an operator configures the init-only command. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
init-only boolean
| Synopsis | Apply delay only at interface configuration or reboot | |
| Context | configure service vprn service-name interface interface-name hold-time ipv4 down init-only boolean | |
| Tree | init-only | |
Description | This command applies a delay only when the IP interface is first configured or after a system reboot. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
seconds number
up
| Synopsis | Enter the up context | |
| Context | configure service vprn service-name interface interface-name hold-time ipv4 up | |
| Tree | up | |
Description | Commands in this context configure the up hold timer, which specifies the delay before deactivation of the associated interface. The delay is invoked whenever the system attempts to bring the associated IP interface down. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
seconds number
ipv6
down
| Synopsis | Enter the down context | |
| Context | configure service vprn service-name interface interface-name hold-time ipv6 down | |
| Tree | down | |
Description | Commands in this context configure the down hold timer, which specifies the delay before activation of the associated interface. The delay is invoked whenever the system attempts to bring the associated IP interface up, unless an operator configures the init-only command. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
init-only boolean
| Synopsis | Apply delay only at interface configuration or reboot | |
| Context | configure service vprn service-name interface interface-name hold-time ipv6 down init-only boolean | |
| Tree | init-only | |
Description | When configured to true, the system applies a delay only when the IP interface is first configured or after a system reboot. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
seconds number
up
| Synopsis | Enter the up context | |
| Context | configure service vprn service-name interface interface-name hold-time ipv6 up | |
| Tree | up | |
Description | Commands in this context configure the up hold timer, which specifies the delay before deactivation of the associated interface. The delay is invoked whenever the system attempts to bring the associated IP interface down. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
seconds number
if-attribute
| Synopsis | Enter the if-attribute context | |
| Context | configure service vprn service-name interface interface-name if-attribute | |
| Tree | if-attribute | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-group reference
| Synopsis | Administrative group name for the interface | |
| Context | configure service vprn service-name interface interface-name if-attribute admin-group reference | |
| Tree | admin-group | |
Description | This command specifies the administrative group membership to an interface. The configured administrative group membership is applied in all levels or areas the interface is participating in. The same interface cannot have different memberships in different levels or areas. | |
Reference | configure routing-options if-attribute admin-group named-item | |
| Max. instances | 32 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
srlg-group [name] reference
| Synopsis | Add a list entry for srlg-group | |
| Context | configure service vprn service-name interface interface-name if-attribute srlg-group reference | |
| Tree | srlg-group | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[name] reference
| Synopsis | SRLG name | |
| Context | configure service vprn service-name interface interface-name if-attribute srlg-group reference | |
| Tree | srlg-group | |
Reference | configure routing-options if-attribute srlg-group named-item | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ingress
ip-mtu number
| Synopsis | IP MTU applied to outgoing packets | |
| Context | configure service vprn service-name interface interface-name ip-mtu number | |
| Tree | ip-mtu | |
Description | This command configures the IP maximum transmission unit (MTU) for the associated router IP interface. | |
| Range | 512 to 9786 | |
| Units | bytes | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
ip-tunnel-interface boolean
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable IP tunnel interface | |
| Context | configure service vprn service-name interface interface-name ip-tunnel-interface boolean | |
| Tree | ip-tunnel-interface | |
Description | When configured to true, the system enables a GRE virtual IP interface. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
ipsec
admin-state keyword
| Synopsis | Administrative state of IPsec secured interface | |
| Context | configure service vprn service-name interface interface-name ipsec admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ip-exception reference
| Synopsis | IP exception filter | |
| Context | configure service vprn service-name interface interface-name ipsec ip-exception reference | |
| Tree | ip-exception | |
Description | This command configures the IP exception filter for the secured interface. All ingress traffic matching the specified filter bypasses IPsec processing. | |
Reference | configure filter ip-exception filter-name | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipsec-tunnel [name] named-item
| Synopsis | Enter the ipsec-tunnel list instance | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item | |
| Tree | ipsec-tunnel | |
Description | Commands in this context configure IPsec tunnels used to secure traffic forwarded over the interface. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[name] named-item
| Synopsis | IPsec tunnel name | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item | |
| Tree | ipsec-tunnel | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the IPsec tunnel | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bfd
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the bfd context | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item bfd | |
| Tree | bfd | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
bfd-designate boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Designate IPsec tunnel to carry BFD traffic | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item bfd bfd-designate boolean | |
| Tree | bfd-designate | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
bfd-liveness
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable the bfd-liveness context | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item bfd bfd-liveness | |
| Tree | bfd-liveness | |
Description | Commands in this context configure a BFD session to provide a heart-beat mechanism for a specified IPsec tunnel. There can be only one BFD session assigned to any given IPsec tunnel, but there can be multiple IPsec tunnels using the same BFD session. BFD controls the state of the association tunnel. If the BFD session goes down, the system brings down the associated non-designated IPsec tunnel. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
dest-ip ipv4-unicast-address
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Destination address used for the BFD session | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item bfd bfd-liveness dest-ip ipv4-unicast-address | |
| Tree | dest-ip | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
interface interface-name
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Name of the interface used by the BFD session | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item bfd bfd-liveness interface interface-name | |
| Tree | interface | |
| String length | 1 to 32 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
service-name service-name
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Administrative service name | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item bfd bfd-liveness service-name service-name | |
| Tree | service-name | |
Description | This command configures the name of the service where BFD traffic is forwarded to. | |
| String length | 1 to 64 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
clear-df-bit boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Reset the DF bit to 0 in all payload IP packets | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item clear-df-bit boolean | |
| Tree | clear-df-bit | |
Description | When configured to true, the DF bit is set to 0 in all payload IP packets associated with the IPsec tunnel, before any potential fragmentation occurs. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
copy-traffic-class-upon-decapsulation boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable traffic class copy upon decapsulation | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item copy-traffic-class-upon-decapsulation boolean | |
| Tree | copy-traffic-class-upon-decapsulation | |
Description | When configured to true, the system copies the traffic class from the outer tunnel IP packet header to the payload IP packet header in the decapsulating direction (public to private). | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
description description
| Synopsis | Text description | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
encapsulated-ip-mtu number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Maximum size of the encapsulated tunnel packet | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item encapsulated-ip-mtu number | |
| Tree | encapsulated-ip-mtu | |
Description | This command specifies the maximum size of the encapsulated tunnel packet to the IPsec tunnel, the IP tunnel, or the dynamic tunnels terminated on the IPsec Gateway. If the encapsulated IPv4 or IPv6 tunnel packet exceeds this value, the system fragments the packet. | |
| Range | 512 to 9000 | |
| Units | bytes | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
icmp-generation
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the icmp-generation context | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item icmp-generation | |
| Tree | icmp-generation | |
Description | Commands in this context configure settings for ICMPv4 message generation. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
frag-required
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the frag-required context | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item icmp-generation frag-required | |
| Tree | frag-required | |
Description | Commands in this context configure the attributes for sending generated ICMP Destination Unreachable "fragmentation needed and DF set" messages (type 3, code 4) back to the source, if the received size of the IPv4 packet on the private side exceeds the private MTU size. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
admin-state keyword
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Administrative state of sending ICMP messages | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item icmp-generation frag-required admin-state keyword | |
| Tree | admin-state | |
Description | This command configures the administrative state of sending ICMP Destination Unreachable "fragmentation needed, DF set" messages (type 3, code 4) messages to the source if the received size of the IPv4 packet on the private side exceeds the private MTU size. | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
interval number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Interval for sending ICMP messages | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item icmp-generation frag-required interval number | |
| Tree | interval | |
Description | This command configures the interval for sending ICMP Destination Unreachable "fragmentation needed, DF set" messages (type 3, code 4). | |
| Range | 1 to 60 | |
| Units | seconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
message-count number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Maximum number of ICMP messages that can be sent | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item icmp-generation frag-required message-count number | |
| Tree | message-count | |
Description | This command configures the maximum number of ICMP Destination Unreachable "fragmentation needed, DF set" messages (type 3, code 4) that can be sent during the configured interval. | |
| Range | 10 to 1000 | |
| Default | 100 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
icmp6-generation
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the icmp6-generation context | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item icmp6-generation | |
| Tree | icmp6-generation | |
Description | Commands in this context configure settings for ICMPv6 message generation. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
packet-too-big
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the packet-too-big context | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item icmp6-generation packet-too-big | |
| Tree | packet-too-big | |
Description | Commands in this context configure the parameters to send ICMPv6 PTB (Packet Too Big) messages on the private side. The system sends PTB messages if a received IPv6 packet on the private side is greater than 1280 bytes and it exceeds the private MTU of the tunnel. The private MTU for the tunnel is configured via the configure router interface ipsec ipsec-tunnel ip-mtu command for the interface. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
admin-state keyword
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Administrative state of Packet Too Big message sends | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item icmp6-generation packet-too-big admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
interval number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Interval for sending Packet Too Big messages | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item icmp6-generation packet-too-big interval number | |
| Tree | interval | |
| Range | 1 to 60 | |
| Units | seconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
message-count number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Maximum number of ICMPv6 PTB messages that can be sent | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item icmp6-generation packet-too-big message-count number | |
| Tree | message-count | |
Description | This command configures the maximum number of PTB messages that can be sent during the configured interval. | |
| Range | 10 to 1000 | |
| Default | 100 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
ip-mtu number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Private MTU of the IPsec tunnel | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item ip-mtu number | |
| Tree | ip-mtu | |
Description | This command specifies the private MTU of the IPsec tunnel. The private MTU is used to determine the need for fragmentation before encapsulation of the payload packet. | |
| Range | 512 to 9000 | |
| Units | bytes | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
key-exchange
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the key-exchange context | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange | |
| Tree | key-exchange | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
dynamic
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable the dynamic context | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic | |
| Tree | dynamic | |
Notes | The following elements are part of a choice: dynamic or manual. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
auto-establish boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Attempt to establish a phase 1 exchange automatically | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic auto-establish boolean | |
| Tree | auto-establish | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
cert
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the cert context | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic cert | |
| Tree | cert | |
Description | Commands in this context configure the attributes of the dynamic keying certificate. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
cert-profile reference
| Synopsis | Certificate profile name | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic cert cert-profile reference | |
| Tree | cert-profile | |
Reference | configure ipsec cert-profile named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
status-verify
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the status-verify context | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic cert status-verify | |
| Tree | status-verify | |
Description | Commands in this context configure attributes of Certificate Status Verification (CSV). | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
default-result keyword
| Synopsis | Default result for Certificate Status Verification | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic cert status-verify default-result keyword | |
| Tree | default-result | |
Description | This command specifies the default certificate revocation status result to use when all configured CSV methods fail to return a result. | |
| Options | ||
| Default | revoked | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
primary keyword
| Synopsis | Primary method of CSV to verify the revocation status | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic cert status-verify primary keyword | |
| Tree | primary | |
Description | This command configures the primary method of Certificate Status Verification (CSV) that is used to verify the revocation status of the certificate of the peer. | |
| Options | ||
| Default | crl | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
secondary keyword
| Synopsis | Secondary method used to verify certificate revocation | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic cert status-verify secondary keyword | |
| Tree | secondary | |
Description | This command specifies the secondary method of Certificate Status Verification (CSV) that is used to verify the revocation status of the peer certificate. | |
| Options | ||
| Default | none | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
trust-anchor-profile reference
| Synopsis | Trust anchor profile name | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic cert trust-anchor-profile reference | |
| Tree | trust-anchor-profile | |
Reference | configure ipsec trust-anchor-profile named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
id
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the id context | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic id | |
| Tree | id | |
Description | Commands in this context specify the local ID used for IDi or IDr for IKEv2 negotiation. The default behavior depends on the local authentication method as follows:
| |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
fqdn fully-qualified-domain-name
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | FQDN used as the local ID IKE type | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic id fqdn fully-qualified-domain-name | |
| Tree | fqdn | |
| String length | 1 to 255 | |
Notes | The following elements are part of a choice: fqdn, ipv4, or ipv6. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ipv4 ipv4-unicast-address
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | IPv4 as the local ID type | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic id ipv4 ipv4-unicast-address | |
| Tree | ipv4 | |
Notes | The following elements are part of a choice: fqdn, ipv4, or ipv6. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ipv6 (ipv4-address-no-zone | ipv6-address-no-zone)
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | IPv6 used as the local IKE ID type | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic id ipv6 (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | ipv6 | |
Notes | The following elements are part of a choice: fqdn, ipv4, or ipv6. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ike-policy reference
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | IKE policy ID | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic ike-policy reference | |
| Tree | ike-policy | |
Description | This command specifies the ID of the IKE policy used for IKE negotiation. The ipsec-transport-mode-profile configuration only supports IKEv2. | |
Reference | configure ipsec ike-policy number | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ipsec-transform reference
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | IPsec transform IDs used by the dynamic key | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic ipsec-transform reference | |
| Tree | ipsec-transform | |
Description | This command specifies IPsec transform IDs used for CHILD_SA negotiation. | |
Reference | configure ipsec ipsec-transform number | |
| Max. instances | 4 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
ppk
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the ppk context | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic ppk | |
| Tree | ppk | |
Description | Commands in this context configure the PPKs to use for dynamic keying of the IPsec tunnel. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
id reference
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | PPK ID | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic ppk id reference | |
| Tree | id | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
list reference
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | PPK list instance name | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic ppk list reference | |
| Tree | list | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
pre-shared-key encrypted-leaf
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Pre-shared key for authentication | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange dynamic pre-shared-key encrypted-leaf | |
| Tree | pre-shared-key | |
| String length | 1 to 115 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
manual
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable the manual context | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange manual | |
| Tree | manual | |
Description | Commands in this context configure settings for manually configured security associations for the IPsec tunnel. | |
Notes | The following elements are part of a choice: dynamic or manual. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
keys [security-association] number direction keyword
| Synopsis | Enter the keys list instance | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange manual keys number direction keyword | |
| Tree | keys | |
Description | Commands in this context configure the security association list for the tunnel. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[security-association] number
| Synopsis | SA entry ID | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange manual keys number direction keyword | |
| Tree | keys | |
| Range | 1 to 16 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
direction keyword
| Synopsis | Direction of the IPsec tunnel | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange manual keys number direction keyword | |
| Tree | keys | |
| Options | ||
|
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authentication-key hex-string
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Key used for the authentication algorithm | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange manual keys number direction keyword authentication-key hex-string | |
| Tree | authentication-key | |
| String length | 1 to 130 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
encryption-key hex-string
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Key used for the encryption algorithm | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange manual keys number direction keyword encryption-key hex-string | |
| Tree | encryption-key | |
| String length | 1 to 66 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ipsec-transform reference
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Transform entry used by manual SAs | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange manual keys number direction keyword ipsec-transform reference | |
| Tree | ipsec-transform | |
Reference | configure ipsec ipsec-transform number | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
spi number
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | SPI of inbound and outbound packets | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item key-exchange manual keys number direction keyword spi number | |
| Tree | spi | |
Description | This command specifies the Security Parameter Index (SPI) used to look up the instruction to verify and decrypt the incoming IPsec packets when the direction is inbound. When the direction is outbound, the SPI is used in the encoding of the outgoing packets. The remote node can use the SPI to look up the instruction to verify and decrypt the packet. | |
| Range | 256 to 16383 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
local-gateway-address-override (ipv4-address-no-zone | ipv6-address-no-zone)
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Local IPsec tunnel endpoint address | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item local-gateway-address-override (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | local-gateway-address-override | |
Description | This command configures the local IPsec tunnel endpoint address. This overrides the default endpoint address, which is the interface address. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
max-history-key-records
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the max-history-key-records context | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item max-history-key-records | |
| Tree | max-history-key-records | |
Description | Commands in this context configure the settings for recording historical IPsec keys. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
esp number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Maximum number of recent records | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item max-history-key-records esp number | |
| Tree | esp | |
| Range | 1 to 48 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
ike number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Maximum number of historical IKE key records | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item max-history-key-records ike number | |
| Tree | ike | |
| Range | 1 to 3 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
pmtu-discovery-aging number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Aging out time of the learned path MTU | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item pmtu-discovery-aging number | |
| Tree | pmtu-discovery-aging | |
Description | This command configures the temporary public and private MTU expiration time. The temporary MTU is used for MTU propagation. | |
| Range | 900 to 3600 | |
| Units | seconds | |
| Default | 900 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
private-sap number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Private SAP ID | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item private-sap number | |
| Tree | private-sap | |
| Range | 0 to 4094 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
private-service service-name
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Private service name | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item private-service service-name | |
| Tree | private-service | |
Description | This command configures the private service name. If unconfigured, the private service is the service where the secured interface resides. | |
| String length | 1 to 64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
private-tcp-mss-adjust number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | TCP maximum segment size (MSS) adjustment | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item private-tcp-mss-adjust number | |
| Tree | private-tcp-mss-adjust | |
Description | This command specifies the TCP MSS to adjust for the tunnel on the private side. When configured, the system may use the value to update the MSS option in the received TCP SYN packet on the private side. | |
| Range | 512 to 9000 | |
| Units | bytes | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
propagate-pmtu-v4 boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable propagation of the path MTU to IPv4 hosts | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item propagate-pmtu-v4 boolean | |
| Tree | propagate-pmtu-v4 | |
Description | When configured to true, the system propagates the path MTU learned from the public side to the private side (IPv4 hosts). | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
propagate-pmtu-v6 boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable propagation of the path MTU to IPv6 hosts | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item propagate-pmtu-v6 boolean | |
| Tree | propagate-pmtu-v6 | |
Description | When configured to true, the system propagates the path MTU learned from the public side to the private side (IPv6 hosts). | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
public-tcp-mss-adjust (number | keyword)
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | TCP maximum segment size (MSS) on the public network | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item public-tcp-mss-adjust (number | keyword) | |
| Tree | public-tcp-mss-adjust | |
Description | This command configures the MSS for the TCP traffic in an IPsec tunnel that is sent from the public network to the private network. The system may use this value to adjust or insert the MSS option in the TCP SYN packet. | |
| Range | 512 to 9000 | |
| Units | bytes | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
remote-gateway-address (ipv4-address-no-zone | ipv6-address-no-zone)
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Remote IPsec tunnel endpoint address | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item remote-gateway-address (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | remote-gateway-address | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
replay-window number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Anti-replay window size | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item replay-window number | |
| Tree | replay-window | |
Description | This command specifies the size of an IPsec anti-replay window. If unconfigured, IPsec anti-replay is disabled. | |
| Range | 32 | 64 | 128 | 256 | 512 | |
| Units | packets | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
security-policy
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the security-policy context | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item security-policy | |
| Tree | security-policy | |
Description | Commands in this context specify a security policy used by the tunnel. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
id number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Security policy ID for use by the tunnel | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item security-policy id number | |
| Tree | id | |
| Max. range | 0 to 4294967295 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
strict-match boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable strict match of the security policy entry | |
| Context | configure service vprn service-name interface interface-name ipsec ipsec-tunnel named-item security-policy strict-match boolean | |
| Tree | strict-match | |
Description | When configured to true, this command enables strict match of the security policy entry. When a CREATE_CHILD exchange request is received for a static IPsec tunnel, and this request is not a rekey request, ISA matches the received TSi and TSr with the configured security policy. This can be a match only when a received TS (in TSi or TSr) address range matches exactly with the subnet in a security policy entry. If there is no match, the setup fails, and TS_UNACCEPTABLE is sent. If there is a match, but there is an existing CHILD_SA for the matched security policy, the setup fails, and NO_PROPOSAL_CHOSEN is sent. If there is a match, and there is not a CHILD_SA for the matched entry, the subnet is sent in the matched security policy entry as TSi and TSr, and the CHILD_SA is created. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
ipv6-exception reference
| Synopsis | IPv6 filter exception used to bypass encryption | |
| Context | configure service vprn service-name interface interface-name ipsec ipv6-exception reference | |
| Tree | ipv6-exception | |
Description | This command specifies the IPv6 filter exception for an IPsec-secured IPv6 interface. When an IPv6 filter exception is added, clear text packets that match the exception criteria in the IPv6 filter exception can ingress the interface, even when IPsec is enabled on the interface. | |
Reference | configure filter ipv6-exception filter-name | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
public-sap number
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Public SAP ID | |
| Context | configure service vprn service-name interface interface-name ipsec public-sap number | |
| Tree | public-sap | |
| Range | 0 to 4094 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
tunnel-group reference
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Tunnel group ID | |
| Context | configure service vprn service-name interface interface-name ipsec tunnel-group reference | |
| Tree | tunnel-group | |
Reference | configure isa tunnel-group number | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ipv4
addresses
address [ipv4-address] ipv4-unicast-address
[ipv4-address] ipv4-unicast-address
prefix-length number
| Synopsis | IPv4 address prefix length | |
| Context | configure service vprn service-name interface interface-name ipv4 addresses address ipv4-unicast-address prefix-length number | |
| Tree | prefix-length | |
| Range | 0 to 32 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
allow-directed-broadcasts boolean
| Synopsis | Forward directed broadcasts | |
| Context | configure service vprn service-name interface interface-name ipv4 allow-directed-broadcasts boolean | |
| Tree | allow-directed-broadcasts | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
bfd
admin-state keyword
| Synopsis | Administrative state of BFD sessions | |
| Context | configure service vprn service-name interface interface-name ipv4 bfd admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
echo-receive number
| Synopsis | Minimum echo interval over this interface | |
| Context | configure service vprn service-name interface interface-name ipv4 bfd echo-receive number | |
| Tree | echo-receive | |
| Range | 100 to 100000 | |
| Units | milliseconds | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
multiplier number
| Synopsis | Number of consecutive BFD messages missed from the peer | |
| Context | configure service vprn service-name interface interface-name ipv4 bfd multiplier number | |
| Tree | multiplier | |
Description | This command configures the number of missed messages before the BFD session state is changed to down and the upper-level protocol is notified of the fault. A multiplier of less than 3 should not be used in production environments. | |
| Range | 1 to 20 | |
| Default | 3 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
receive number
| Synopsis | BFD receive interval over this interface | |
| Context | configure service vprn service-name interface interface-name ipv4 bfd receive number | |
| Tree | receive | |
Description | This command specifies the receive interval for the BFD session. | |
| Range | 10 to 100000 | |
| Units | milliseconds | |
| Default | 100 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
transmit-interval number
| Synopsis | BFD transmit interval over this interface | |
| Context | configure service vprn service-name interface interface-name ipv4 bfd transmit-interval number | |
| Tree | transmit-interval | |
Description | This command configures the transmit intervals. | |
| Range | 10 to 100000 | |
| Units | milliseconds | |
| Default | 100 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
dhcp
admin-state keyword
| Synopsis | Administrative state of DHCP | |
| Context | configure service vprn service-name interface interface-name ipv4 dhcp admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
description description
| Synopsis | Text description | |
| Context | configure service vprn service-name interface interface-name ipv4 dhcp description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
gi-address ipv4-unicast-address
| Synopsis | GI address for the DHCP relay | |
| Context | configure service vprn service-name interface interface-name ipv4 dhcp gi-address ipv4-unicast-address | |
| Tree | gi-address | |
Description | This command configures the GI address to distinguish between the different subscriber interfaces (and potentially group interfaces) defined when the router functions as a DHCP relay. By default, the GI address used in the relayed DHCP packet is the primary IP address of a normal IES interface. Specifying the GI address allows the user to choose a secondary address. For group interfaces, a GI address must be specified under the group interface DHCP context or subscriber interface DHCP context for DHCP to function. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
lease-populate
| Synopsis | Enter the lease-populate context | |
| Context | configure service vprn service-name interface interface-name ipv4 dhcp lease-populate | |
| Tree | lease-populate | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
max-leases number
| Synopsis | Maximum number of DHCPv4 leases allowed | |
| Context | configure service vprn service-name interface interface-name ipv4 dhcp lease-populate max-leases number | |
| Tree | max-leases | |
| Range | 0 to 511999 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
option-82
| Synopsis | Enter the option-82 context | |
| Context | configure service vprn service-name interface interface-name ipv4 dhcp option-82 | |
| Tree | option-82 | |
Description | Commands in this context configure the processing required when the router receives a DHCP request that already has an Option 82 field in the packet. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
action keyword
circuit-id
| Synopsis | Enter the circuit-id context | |
| Context | configure service vprn service-name interface interface-name ipv4 dhcp option-82 circuit-id | |
| Tree | circuit-id | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ascii-tuple
| Synopsis | Use the ASCII-encoded tuple for the circuit ID | |
| Context | configure service vprn service-name interface interface-name ipv4 dhcp option-82 circuit-id ascii-tuple | |
| Tree | ascii-tuple | |
Notes | The following elements are part of a choice: ascii-tuple, ifindex, none, sap-id, or vlan-ascii-tuple. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ifindex
| Synopsis | Use the interface index for the circuit ID | |
| Context | configure service vprn service-name interface interface-name ipv4 dhcp option-82 circuit-id ifindex | |
| Tree | ifindex | |
Notes | The following elements are part of a choice: ascii-tuple, ifindex, none, sap-id, or vlan-ascii-tuple. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
none
| Synopsis | Do not include the circuit ID | |
| Context | configure service vprn service-name interface interface-name ipv4 dhcp option-82 circuit-id none | |
| Tree | none | |
Notes | The following elements are part of a choice: ascii-tuple, ifindex, none, sap-id, or vlan-ascii-tuple. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
sap-id
vlan-ascii-tuple
| Synopsis | Include the VLAN ID and dot1p bits in the ASCII tuple | |
| Context | configure service vprn service-name interface interface-name ipv4 dhcp option-82 circuit-id vlan-ascii-tuple | |
| Tree | vlan-ascii-tuple | |
Description | When configured, the router includes the VLAN ID and dot1p bits with the ASCII-tuple information. This only occurs on dot1q and QinQ-encapsulated ports. When the Option 82 bits are stripped, dot1p bits are copied to the Ethernet header of the outgoing packet. When unconfigured, the router leaves the circuit ID sub-option of the DHCP packet empty. | |
Notes | The following elements are part of a choice: ascii-tuple, ifindex, none, sap-id, or vlan-ascii-tuple. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
remote-id
| Synopsis | Enter the remote-id context | |
| Context | configure service vprn service-name interface interface-name ipv4 dhcp option-82 remote-id | |
| Tree | remote-id | |
Description | Commands in this context configure the remote IP sub-option of the DHCP packet with the identity of the remote host end (typically the DHCP client). | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ascii-string string-not-all-spaces
| Synopsis | User-defined ASCII string for the remote ID | |
| Context | configure service vprn service-name interface interface-name ipv4 dhcp option-82 remote-id ascii-string string-not-all-spaces | |
| Tree | ascii-string | |
| String length | 1 to 32 | |
Notes | The following elements are part of a choice: ascii-string, mac, or none. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mac
none
vendor-specific-option
| Synopsis | Enter the vendor-specific-option context | |
| Context | configure service vprn service-name interface interface-name ipv4 dhcp option-82 vendor-specific-option | |
| Tree | vendor-specific-option | |
Description | Commands in this context configure the Nokia Vendor-Specific Option (VSO) of the DHCP packet. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
client-mac-address boolean
| Synopsis | Send the MAC address in the VSO | |
| Context | configure service vprn service-name interface interface-name ipv4 dhcp option-82 vendor-specific-option client-mac-address boolean | |
| Tree | client-mac-address | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
pool-name boolean
sap-id boolean
service-id boolean
| Synopsis | Send the service ID in the Vendor Specific Option | |
| Context | configure service vprn service-name interface interface-name ipv4 dhcp option-82 vendor-specific-option service-id boolean | |
| Tree | service-id | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
string string-not-all-spaces
system-id boolean
proxy-server
| Synopsis | Enter the proxy-server context | |
| Context | configure service vprn service-name interface interface-name ipv4 dhcp proxy-server | |
| Tree | proxy-server | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the DHCP proxy server | |
| Context | configure service vprn service-name interface interface-name ipv4 dhcp proxy-server admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
emulated-server ipv4-unicast-address
| Synopsis | IP address used as the DHCP server address for the SAP | |
| Context | configure service vprn service-name interface interface-name ipv4 dhcp proxy-server emulated-server ipv4-unicast-address | |
| Tree | emulated-server | |
Description | This command configures the IP address which will be used as the DHCP server address in the context of the SAP. Typically, the configured address should be in the context of the subnet represented by the service. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
lease-time
| Synopsis | Enter the lease-time context | |
| Context | configure service vprn service-name interface interface-name ipv4 dhcp proxy-server lease-time | |
| Tree | lease-time | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
radius-override boolean
| Synopsis | Use lease time information provided by RADIUS server | |
| Context | configure service vprn service-name interface interface-name ipv4 dhcp proxy-server lease-time radius-override boolean | |
| Tree | radius-override | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
value number
| Synopsis | DHCP lease time | |
| Context | configure service vprn service-name interface interface-name ipv4 dhcp proxy-server lease-time value number | |
| Tree | value | |
| Range | 300 to 315446399 | |
| Units | seconds | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
relay-plain-bootp boolean
| Synopsis | Enable relaying of plain BOOTP packets | |
| Context | configure service vprn service-name interface interface-name ipv4 dhcp relay-plain-bootp boolean | |
| Tree | relay-plain-bootp | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
relay-proxy
| Synopsis | Enable the relay-proxy context | |
| Context | configure service vprn service-name interface interface-name ipv4 dhcp relay-proxy | |
| Tree | relay-proxy | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
release-update-src-ip boolean
| Synopsis | Update the source IP address of a DHCP RELEASE message | |
| Context | configure service vprn service-name interface interface-name ipv4 dhcp relay-proxy release-update-src-ip boolean | |
| Tree | release-update-src-ip | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
siaddr-override ipv4-unicast-address
| Synopsis | DHCP server IP address for address hiding function | |
| Context | configure service vprn service-name interface interface-name ipv4 dhcp relay-proxy siaddr-override ipv4-unicast-address | |
| Tree | siaddr-override | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
server ipv4-unicast-address
| Synopsis | IP addresses for DHCP server requests | |
| Context | configure service vprn service-name interface interface-name ipv4 dhcp server ipv4-unicast-address | |
| Tree | server | |
Description | This command configures a list of servers that this interface forwards requests to. The operator can enter the list of servers as either IP addresses or fully qualified domain names. The operator must specify at least one server specified for DHCP relay to work. If there are multiple servers, the system forwards the request to all the servers in the list. | |
| Max. instances | 8 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
src-ip-addr keyword
| Synopsis | Type of source address to use for DHCP relay | |
| Context | configure service vprn service-name interface interface-name ipv4 dhcp src-ip-addr keyword | |
| Tree | src-ip-addr | |
| Options | ||
| Default | auto | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
trusted boolean
| Synopsis | Relay untrusted packets | |
| Context | configure service vprn service-name interface interface-name ipv4 dhcp trusted boolean | |
| Tree | trusted | |
Description | When configured to true, the router enables the trusted mode on the interface. When enabled, the relay agent changes the existing GI address (of the request) to the ingress interface, and forwards the request. A DHCP request that contains a GI address of 0.0.0.0 and an Option 82 field in the packet is discarded unless it arrives on a trusted circuit. This behavior only applies if the Relay Agent Information Option action is to keep the existing information. When the Option 82 field is replaced by the relay agent, the original Option 82 information is lost, and there is no reason to enable the trusted option. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
use-arp boolean
icmp
mask-reply boolean
| Synopsis | Allow responses to ICMP mask requests on the interface | |
| Context | configure service vprn service-name interface interface-name ipv4 icmp mask-reply boolean | |
| Tree | mask-reply | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
param-problem
| Synopsis | Enter the param-problem context | |
| Context | configure service vprn service-name interface interface-name ipv4 icmp param-problem | |
| Tree | param-problem | |
Description | Commands in this context specify the settings for ICMP Parameter Problem messages generated by the interface. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of sent Parameter Problem messages | |
| Context | configure service vprn service-name interface interface-name ipv4 icmp param-problem admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
number number
seconds number
redirects
| Synopsis | Enter the redirects context | |
| Context | configure service vprn service-name interface interface-name ipv4 icmp redirects | |
| Tree | redirects | |
Description | Commands in this context configure the settings for ICMP redirect messages generated by the interface. The system sends ICMP redirect messages to alert the sending node that a more optimal route is available on another router on the same subnetwork. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of sending ICMP redirect messages | |
| Context | configure service vprn service-name interface interface-name ipv4 icmp redirects admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
number number
seconds number
ttl-expired
| Synopsis | Enter the ttl-expired context | |
| Context | configure service vprn service-name interface interface-name ipv4 icmp ttl-expired | |
| Tree | ttl-expired | |
Description | Commands in this context configure the settings for ICMP TTL expired messages generated by the interface. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of sending TTL expired messages | |
| Context | configure service vprn service-name interface interface-name ipv4 icmp ttl-expired admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
number number
seconds number
unreachables
| Synopsis | Enter the unreachables context | |
| Context | configure service vprn service-name interface interface-name ipv4 icmp unreachables | |
| Tree | unreachables | |
Description | Commands in this context specify the settings for ICMP host and network destination unreachable messages generated by the interface. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of sending unreachable messages | |
| Context | configure service vprn service-name interface interface-name ipv4 icmp unreachables admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
number number
seconds number
ip-helper-address ipv4-unicast-address
| Synopsis | Gateway address | |
| Context | configure service vprn service-name interface interface-name ipv4 ip-helper-address ipv4-unicast-address | |
| Tree | ip-helper-address | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
local-dhcp-server reference
| Synopsis | DHCP server for the interface | |
| Context | configure service vprn service-name interface interface-name ipv4 local-dhcp-server reference | |
| Tree | local-dhcp-server | |
Reference | configure service vprn service-name dhcp-server dhcpv4 named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
neighbor-discovery
| Synopsis | Enter the neighbor-discovery context | |
| Context | configure service vprn service-name interface interface-name ipv4 neighbor-discovery | |
| Tree | neighbor-discovery | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
host-route
| Synopsis | Enter the host-route context | |
| Context | configure service vprn service-name interface interface-name ipv4 neighbor-discovery host-route | |
| Tree | host-route | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
populate [route-type] keyword
| Synopsis | Enter the populate list instance | |
| Context | configure service vprn service-name interface interface-name ipv4 neighbor-discovery host-route populate keyword | |
| Tree | populate | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[route-type] keyword
| Synopsis | Type of ARP or ND entries that generate host routes | |
| Context | configure service vprn service-name interface interface-name ipv4 neighbor-discovery host-route populate keyword | |
| Tree | populate | |
| Options | ||
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
route-tag number
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Tag value used with the host route from an ARP/ND entry | |
| Context | configure service vprn service-name interface interface-name ipv4 neighbor-discovery host-route populate keyword route-tag number | |
| Tree | route-tag | |
Description | This command specifies the route tag that is added in the route table for ARP or ND host routes. This tag can be matched on BGP VRF export and BGP peer export policies. | |
| Range | 1 to 255 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
learn-unsolicited boolean
| Synopsis | Learn new entries from any received NA message | |
| Context | configure service vprn service-name interface interface-name ipv4 neighbor-discovery learn-unsolicited boolean | |
| Tree | learn-unsolicited | |
Description | When configured to true, the router can learn neighbor entries from received unsolicited Neighbor Advertisement (NA) messages, with or without the solicited (S) flag set. The command can be enabled for global addresses, link-local addresses, or for both. When configured to false, the router follows standard behavior for learning neighbor entries.
| |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
limit
log-only boolean
max-entries number
| Synopsis | Maximum number of entries learned on an IP interface | |
| Context | configure service vprn service-name interface interface-name ipv4 neighbor-discovery limit max-entries number | |
| Tree | max-entries | |
| Range | 0 to 524288 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
threshold number
local-proxy-arp boolean
| Synopsis | Enable local proxy ARP on interface | |
| Context | configure service vprn service-name interface interface-name ipv4 neighbor-discovery local-proxy-arp boolean | |
| Tree | local-proxy-arp | |
Description | When configured to true, the router enables local proxy ARP on the interface. When configured to false, the router does not respond to ARP requests for addresses on the same subnet. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
populate boolean
proactive-refresh boolean
| Synopsis | Send a single refresh message before entry timeout | |
| Context | configure service vprn service-name interface interface-name ipv4 neighbor-discovery proactive-refresh boolean | |
| Tree | proactive-refresh | |
Description | When configured to true, the router always sends a refresh message 30 seconds before the timeout of the entry (a single refresh message with no retries). When configured to false, the router marks an entry as stale 30 seconds before age-out, and the router only sends an ARP request to refresh the entry if the IOM receives traffic that uses it. Then, the IOM asks the ARP application to send a refresh message. With ARP proactive refresh enabled, the ARP module sends a refresh message regardless of the IOM receiving traffic. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
proxy-arp-policy reference
| Synopsis | Proxy ARP policy name | |
| Context | configure service vprn service-name interface interface-name ipv4 neighbor-discovery proxy-arp-policy reference | |
| Tree | proxy-arp-policy | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
remote-proxy-arp boolean
| Synopsis | Enable remote proxy ARP on the interface | |
| Context | configure service vprn service-name interface interface-name ipv4 neighbor-discovery remote-proxy-arp boolean | |
| Tree | remote-proxy-arp | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
retry-timer number
| Synopsis | ARP retry interval | |
| Context | configure service vprn service-name interface interface-name ipv4 neighbor-discovery retry-timer number | |
| Tree | retry-timer | |
| Range | 1 to 300 | |
| Units | deciseconds | |
| Default | 50 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
static-neighbor [ipv4-address] ipv4-address
| Synopsis | Enter the static-neighbor list instance | |
| Context | configure service vprn service-name interface interface-name ipv4 neighbor-discovery static-neighbor ipv4-address | |
| Tree | static-neighbor | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[ipv4-address] ipv4-address
| Synopsis | IPv4 address that corresponds to the physical address | |
| Context | configure service vprn service-name interface interface-name ipv4 neighbor-discovery static-neighbor ipv4-address | |
| Tree | static-neighbor | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mac-address mac-address
| Synopsis | MAC address for the static neighbor | |
| Context | configure service vprn service-name interface interface-name ipv4 neighbor-discovery static-neighbor ipv4-address mac-address mac-address | |
| Tree | mac-address | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
static-neighbor-unnumbered
| Synopsis | Enable the static-neighbor-unnumbered context | |
| Context | configure service vprn service-name interface interface-name ipv4 neighbor-discovery static-neighbor-unnumbered | |
| Tree | static-neighbor-unnumbered | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mac-address mac-address
| Synopsis | MAC address for the static neighbor | |
| Context | configure service vprn service-name interface interface-name ipv4 neighbor-discovery static-neighbor-unnumbered mac-address mac-address | |
| Tree | mac-address | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
timeout number
| Synopsis | Timeout for an ARP entry learned on the interface | |
| Context | configure service vprn service-name interface interface-name ipv4 neighbor-discovery timeout number | |
| Tree | timeout | |
Description | This command configures the minimum time an ARP entry learned on the IP interface is stored in the ARP table. ARP entries are automatically refreshed when an ARP request or gratuitous ARP is seen by an IP host. Otherwise, the ARP entry is aged from the ARP table. | |
| Range | 0 to 65535 | |
| Units | seconds | |
| Default | 14400 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
primary
address ipv4-unicast-address
broadcast keyword
prefix-length number
| Synopsis | IPv4 address prefix length | |
| Context | configure service vprn service-name interface interface-name ipv4 primary prefix-length number | |
| Tree | prefix-length | |
| Range | 0 to 32 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
secondary [address] ipv4-unicast-address
[address] ipv4-unicast-address
broadcast keyword
igp-inhibit boolean
| Synopsis | Disable the running IGP from recognizing secondary IP | |
| Context | configure service vprn service-name interface interface-name ipv4 secondary ipv4-unicast-address igp-inhibit boolean | |
| Tree | igp-inhibit | |
Description | When configured to true, the running IGP does not recognize the secondary IP address as a local interface. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
prefix-length number
| Synopsis | IPv4 address prefix length | |
| Context | configure service vprn service-name interface interface-name ipv4 secondary ipv4-unicast-address prefix-length number | |
| Tree | prefix-length | |
| Range | 0 to 32 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
tcp-mss number
unnumbered
| Synopsis | Enter the unnumbered context | |
| Context | configure service vprn service-name interface interface-name ipv4 unnumbered | |
| Tree | unnumbered | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ip-address ipv4-unicast-address
| Synopsis | IP address for the interface | |
| Context | configure service vprn service-name interface interface-name ipv4 unnumbered ip-address ipv4-unicast-address | |
| Tree | ip-address | |
Notes | The following elements are part of a choice: ip-address or ip-int-name. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ip-int-name interface-name
| Synopsis | IP interface name | |
| Context | configure service vprn service-name interface interface-name ipv4 unnumbered ip-int-name interface-name | |
| Tree | ip-int-name | |
| String length | 1 to 32 | |
Notes | The following elements are part of a choice: ip-address or ip-int-name. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
urpf-check
| Synopsis | Enable the urpf-check context | |
| Context | configure service vprn service-name interface interface-name ipv4 urpf-check | |
| Tree | urpf-check | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ignore-default boolean
| Synopsis | Ignore default route when performing a uRPF check | |
| Context | configure service vprn service-name interface interface-name ipv4 urpf-check ignore-default boolean | |
| Tree | ignore-default | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
mode keyword
| Synopsis | Unicast RPF check mode | |
| Context | configure service vprn service-name interface interface-name ipv4 urpf-check mode keyword | |
| Tree | mode | |
| Options | strict – Check source address match in RT and interface loose – Check source address match in RT only strict-no-ecmp – Check source address match in ECMP route | |
| Default | strict | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
vrrp [virtual-router-id] number
[virtual-router-id] number
admin-state keyword
| Synopsis | Administrative state of VRRP | |
| Context | configure service vprn service-name interface interface-name ipv4 vrrp number admin-state keyword | |
| Tree | admin-state | |
Description | The command determines the administrative state of non-owner virtual router instances. Non-owner virtual router instances can be administratively disabled. This allows the termination of VRRP participation in the virtual router and stops all routing and other access capabilities with regards to the virtual router IP addresses. Disabling the virtual router instance provides a mechanism to maintain the virtual routers without causing false backup or master state changes. When disabled, no VRRP advertisement messages are generated and all received VRRP advertisement messages are silently discarded with no processing. Whenever the administrative or operational state of a virtual router instance transitions, a log message is generated. An owner virtual router context does not use this command. To administratively disable an owner virtual router instance, use the admin-state command within the parent IP interface node which administratively disables the IP interface. | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authentication-key encrypted-leaf
| Synopsis | Password for simple text authentication | |
| Context | configure service vprn service-name interface interface-name ipv4 vrrp number authentication-key encrypted-leaf | |
| Tree | authentication-key | |
Description | This command optionally assigns a simple text password authentication key to generate master VRRP advertisement messages and validate received VRRP advertisement messages. If this command is re-executed with a different password key defined, the new key immediately replaces the old key. This command may be executed at any time. | |
| String length | 1 to 38 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
backup ipv4-unicast-address
| Synopsis | Virtual router IP addresses for the interface | |
| Context | configure service vprn service-name interface interface-name ipv4 vrrp number backup ipv4-unicast-address | |
| Tree | backup | |
Description | This command associates virtual router IP addresses with those of the parental IP interface. This command has two different functions based on whether it is being executed on an owner or non-owner virtual router instance. Non-owner virtual router instances create a routable IP interface address that is operationally dependent on the virtual router instance mode (master or backup). This command, when executed on an owner virtual router instance, does not create a routable IP interface address; it simply defines the existing IP addresses of the parental IP interface that are advertised by the virtual router instance. For owner virtual router instances, this command defines the IP addresses that are advertised within VRRP advertisement messages. This communicates the IP addresses that the master is advertising to backup virtual routers receiving the messages. The specified unicast-ipv4-address must be equal to one of the existing IP addresses in the parental IP interface (primary or secondary) or this command fails. See "Owner and non-owner VRRP" in the 7705 SAR Gen 2 Router Configuration Guide for more information about owner and non-owner virtual router instances. | |
| Max. instances | 16 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
bfd-liveness
| Synopsis | Enable the bfd-liveness context | |
| Context | configure service vprn service-name interface interface-name ipv4 vrrp number bfd-liveness | |
| Tree | bfd-liveness | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dest-ip ipv4-address
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Destination IP address to use for BFD session | |
| Context | configure service vprn service-name interface interface-name ipv4 vrrp number bfd-liveness dest-ip ipv4-address | |
| Tree | dest-ip | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
interface-name interface-name
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Name of the interface running BFD | |
| Context | configure service vprn service-name interface interface-name ipv4 vrrp number bfd-liveness interface-name interface-name | |
| Tree | interface-name | |
| String length | 1 to 32 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
service-name service-name
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Administrative service name | |
| Context | configure service vprn service-name interface interface-name ipv4 vrrp number bfd-liveness service-name service-name | |
| Tree | service-name | |
| String length | 1 to 64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
init-delay number
| Synopsis | VRRP initialization delay timer | |
| Context | configure service vprn service-name interface interface-name ipv4 vrrp number init-delay number | |
| Tree | init-delay | |
| Range | 1 to 65535 | |
| Units | seconds | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
mac mac-unicast-address
| Synopsis | Virtual MAC address to use in ARP responses | |
| Context | configure service vprn service-name interface interface-name ipv4 vrrp number mac mac-unicast-address | |
| Tree | mac | |
Description | This command sets an explicit MAC address for the virtual router instance that overrides the VRRP default derived from the VRID. Changing the default MAC address is useful when an existing HSRP or other non-VRRP default MAC is in use by the IP hosts that use the virtual router IP address. Many hosts do not monitor unessential ARPs and continue to use the cached non-VRRP MAC address after the virtual router becomes master of the host’s gateway address. Additionally, this command sets the MAC address used in ARP responses when the virtual router instance is master. Routing of IP packets with unicast-mac-address as the destination MAC is also enabled. The MAC must be the same for all virtual routers participating as a virtual router or indeterminate connectivity by the attached IP hosts results. All VRRP advertisement messages are transmitted with unicast-mac-address as the source MAC. An operator can execute this command at any time and it takes effect immediately. When the virtual router MAC on a master virtual router instance changes, a gratuitous ARP is immediately sent with a VRRP advertisement message. If the virtual router instance is disabled or operating as a backup, the gratuitous ARP and VRRP advertisement messages are not sent. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
master-int-inherit boolean
| Synopsis | Allow master instance to dictate the master down timer | |
| Context | configure service vprn service-name interface interface-name ipv4 vrrp number master-int-inherit boolean | |
| Tree | master-int-inherit | |
Description | When configured to true, the virtual router instance inherits the advertisement interval timer of the master VRRP router, which backup routers use to calculate the master down timer. When configured to false, the locally configured message interval must match the master's VRRP advertisement message advertisement interval field value or the message is discarded. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
message-interval number
| Synopsis | Interval for sending VRRP advertisement messages | |
| Context | configure service vprn service-name interface interface-name ipv4 vrrp number message-interval number | |
| Tree | message-interval | |
Description | This command configures the administrative advertisement message timer used by the master virtual router instance to send VRRP advertisement messages. The backup master down timer is derived from the value configured using this command. The usage of this command varies for non-owner virtual router instances, depending on the state of the virtual router (master or backup) and the state of the master-int-inherit command:
| |
| Range | 1 to 2559 | |
| Units | deciseconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
monitor-oper-group reference
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | VRRP instance to follow a specified operational group | |
| Context | configure service vprn service-name interface interface-name ipv4 vrrp number monitor-oper-group reference | |
| Tree | monitor-oper-group | |
Description | This command configures VRRP to associate with an operational group. When associated, VRRP notifies the operational group of its state changes so that other protocols can monitor it to provide a redundancy mechanism. When VRRP is the master router, the operational group is up and the operational group is down for all other VRRP states. | |
Reference | configure service oper-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ntp-reply boolean
| Synopsis | Allow processing of NTP requests | |
| Context | configure service vprn service-name interface interface-name ipv4 vrrp number ntp-reply boolean | |
| Tree | ntp-reply | |
Description | When configured to true, the router redirects NTP requests to the VRRP virtual IP address. This behavior only applies to the router acting as the master VRRP router. When configured to false, the router does not process NTP requests. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
oper-group reference
| Synopsis | Operational group name associated with the VRRP | |
| Context | configure service vprn service-name interface interface-name ipv4 vrrp number oper-group reference | |
| Tree | oper-group | |
Description | This command configures an operational group to associate with the VRRP. When associated, VRRP notifies the operational group of its state changes so that other protocols can monitor it to provide a redundancy mechanism. When VRRP is the master router (MR), the operational group is up. The operational group is down for all other VRRP states. | |
Reference | configure service oper-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
owner boolean
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Designate the virtual router instance as owner | |
| Context | configure service vprn service-name interface interface-name ipv4 vrrp number owner boolean | |
| Tree | owner | |
Description | When configured to true, the router designates this virtual router instance as the owner of the virtual router IP addresses. Therefore, this virtual router becomes responsible for forwarding packets sent to the virtual router IP addresses. The owner also assumes the role of master virtual router. When configured to false, this virtual router instance is designated as a non-owner. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
passive boolean
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Suppress the processing of VRRP advertisement messages | |
| Context | configure service vprn service-name interface interface-name ipv4 vrrp number passive boolean | |
| Tree | passive | |
Description | When configured to true, the router identifies this virtual router instance as passive; and therefore the owner of the virtual router IP addresses. A passive virtual router instance does not transmit or receive VRRP advertisement messages and is always in either the master state (if the interface is operationally up) or the init state (if the interface is operationally down). When configured to false, this virtual router instance is not identified as passive, meaning that it transmits and receives VRRP advertisement messages. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
ping-reply boolean
| Synopsis | Allow non-owner master to reply to ICMP echo requests | |
| Context | configure service vprn service-name interface interface-name ipv4 vrrp number ping-reply boolean | |
| Tree | ping-reply | |
Description | When configured to true, the router allows the non-owner master to reply to ICMP echo requests directed at the IP addresses of the virtual router instance. Any routed interface can receive the ping request. Ping must not have been disabled at the management security level (either on the parental IP interface or on the Ping source host address). When configured to false, ICMP echo requests sent to non-owner master virtual IP addresses are silently discarded. Non-owner backup virtual routers never respond to ICMP echo requests, regardless of the configuration of this command. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
policy reference
| Synopsis | VRRP priority control policy | |
| Context | configure service vprn service-name interface interface-name ipv4 vrrp number policy reference | |
| Tree | policy | |
Description | This command configures a VRRP priority control policy to associate with the virtual router instance. VRRP priority control policies can override or adjust the base priority value of the virtual router instance, depending on events or conditions within the chassis. An operator can associate a policy with more than one virtual router instance. The priority events within the policy either override or diminish the base priority set with the priority command. As priority events clear in the policy, the in-use priority can eventually be restored to the base priority value. For non-owner virtual router instances, if this command is not executed, the base priority is used as the in-use priority. | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
preempt boolean
| Synopsis | Allow the VRRP to override an existing non-owner master | |
| Context | configure service vprn service-name interface interface-name ipv4 vrrp number preempt boolean | |
| Tree | preempt | |
Description | When configured to true, this virtual router instance overrides any non-owner master with an in-use message priority value less than the in-use priority value of this virtual router. When configured to false, this virtual router only becomes master if the master down timer expires before a VRRP advertisement message is received from another virtual router. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
priority number
| Synopsis | Base priority for the VRRP | |
| Context | configure service vprn service-name interface interface-name ipv4 vrrp number priority number | |
| Tree | priority | |
Description | This command configures the base router priority for the virtual router instance, which defines the selection order of the virtual router in the master election process. The in-use priority is derived from the base priority. However, the in-use priority is modified by optional VRRP priority control policies. An operator can use VRRP priority control policies to either override or adjust the base priority value depending on events or conditions within the chassis. | |
| Range | 1 to 255 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ssh-reply boolean
| Synopsis | Allow the non-owner master to reply to SSH requests | |
| Context | configure service vprn service-name interface interface-name ipv4 vrrp number ssh-reply boolean | |
| Tree | ssh-reply | |
Description | When configured to true, the router allows the non-owner master to reply to SSH requests directed at the IP addresses of the virtual router instance. Any routed interface can receive the SSH request. SSH cannot be disabled at the management security level (either on the parental IP interface or on the SSH source host address). When configure to false, SSH requests to non-owner master virtual IP addresses are silently discarded. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
standby-forwarding boolean
| Synopsis | Allow standby router to forward traffic | |
| Context | configure service vprn service-name interface interface-name ipv4 vrrp number standby-forwarding boolean | |
| Tree | standby-forwarding | |
Description | When configured to true, the standby router forwards all traffic. When configured to false, the standby router cannot forward traffic sent to the MAC address of the virtual router. However, the standby router still forwards traffic sent to its own MAC address. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
telnet-reply boolean
| Synopsis | Allow non-owner master to reply to Telnet requests | |
| Context | configure service vprn service-name interface interface-name ipv4 vrrp number telnet-reply boolean | |
| Tree | telnet-reply | |
Description | When configured to true, the router allows the non-owner master to reply to Telnet requests directed at the IP addresses of the virtual router instance. Any routed interface can receive Telnet requests. Telnet cannot be disabled at the management security level (either on the parental IP interface or on the Telnet source host address). When configured to false, the router silently discards Telnet requests sent to non-owner master virtual IP addresses. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
traceroute-reply boolean
| Synopsis | Allow non-owner master to reply to traceroute requests | |
| Context | configure service vprn service-name interface interface-name ipv4 vrrp number traceroute-reply boolean | |
| Tree | traceroute-reply | |
Description | When configured to true, the router allows a non-owner master to reply to traceroute requests directed to the IP addresses of the virtual router instance. When configured to false, the router silently discards traceroute requests sent to non-owner master virtual IP addresses. Traceroute must not have been disabled at the management security level (either on the parental IP interface or the source host address). | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ipv6
address [ipv6-address] ipv6-address
[ipv6-address] ipv6-address
duplicate-address-detection boolean
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable Duplicate Address Detection | |
| Context | configure service vprn service-name interface interface-name ipv6 address ipv6-address duplicate-address-detection boolean | |
| Tree | duplicate-address-detection | |
Description | When configured to true, the router enables Duplicate Address Detection (DAD). When configured to false, the router disables DAD and sets the address to preferred, even if there is a duplicated address. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
eui-64 boolean
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Form IPv6 address from prefix and 64-bit interface ID | |
| Context | configure service vprn service-name interface interface-name ipv6 address ipv6-address eui-64 boolean | |
| Tree | eui-64 | |
Description | When configured to true, the router forms a complete IPv6 address from the supplied prefix and 64-bit interface identifier. The 64-bit interface identifier is derived from the MAC address on Ethernet interfaces. For interfaces without a MAC address, for example POS interfaces, use the base MAC address of the chassis. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
prefix-length number
| Synopsis | IPv6 address prefix length | |
| Context | configure service vprn service-name interface interface-name ipv6 address ipv6-address prefix-length number | |
| Tree | prefix-length | |
| Range | 4 to 128 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
primary-preference number
| Synopsis | Index assigned to the IPv6 address of the interface | |
| Context | configure service vprn service-name interface interface-name ipv6 address ipv6-address primary-preference number | |
| Tree | primary-preference | |
Description | This command assigns a primary preference index to an IPv6 address of the interface to enforce the order in which the address is used by control plane protocols and applications that require a fixed address of the interface, such as LDP and Segment Routing. In cases where a fixed address is required when originating packets from the interface, the IPv6 address with the lowest primary preference index is selected. If the selected address is removed, the next IPv6 address with the next lowest primary preference index is selected. If this index is not specified for the IPv6 address, the system assigns the next available index value to the address. The address index space is unique across all addresses of a given interface. | |
| Range | 1 to 4294967295 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bfd
admin-state keyword
| Synopsis | Administrative state of BFD sessions | |
| Context | configure service vprn service-name interface interface-name ipv6 bfd admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
echo-receive number
| Synopsis | Minimum echo interval over this interface | |
| Context | configure service vprn service-name interface interface-name ipv6 bfd echo-receive number | |
| Tree | echo-receive | |
| Range | 100 to 100000 | |
| Units | milliseconds | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
multiplier number
| Synopsis | Number of consecutive BFD messages missed from the peer | |
| Context | configure service vprn service-name interface interface-name ipv6 bfd multiplier number | |
| Tree | multiplier | |
Description | This command configures the number of missed messages before the BFD session state is changed to down and the upper-level protocol is notified of the fault. A multiplier of less than 3 should not be used in production environments. | |
| Range | 1 to 20 | |
| Default | 3 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
receive number
| Synopsis | BFD receive interval over this interface | |
| Context | configure service vprn service-name interface interface-name ipv6 bfd receive number | |
| Tree | receive | |
Description | This command specifies the receive interval for the BFD session. | |
| Range | 10 to 100000 | |
| Units | milliseconds | |
| Default | 100 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
transmit-interval number
| Synopsis | BFD transmit interval over this interface | |
| Context | configure service vprn service-name interface interface-name ipv6 bfd transmit-interval number | |
| Tree | transmit-interval | |
Description | This command configures the transmit intervals. | |
| Range | 10 to 100000 | |
| Units | milliseconds | |
| Default | 100 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
dhcp6
relay
admin-state keyword
| Synopsis | Administrative state of DHCPv6 Relay | |
| Context | configure service vprn service-name interface interface-name ipv6 dhcp6 relay admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
description description
| Synopsis | Text description | |
| Context | configure service vprn service-name interface interface-name ipv6 dhcp6 relay description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
lease-populate
| Synopsis | Enter the lease-populate context | |
| Context | configure service vprn service-name interface interface-name ipv6 dhcp6 relay lease-populate | |
| Tree | lease-populate | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
max-nbr-of-leases number
| Synopsis | Maximum lease state entries allowed for the interface | |
| Context | configure service vprn service-name interface interface-name ipv6 dhcp6 relay lease-populate max-nbr-of-leases number | |
| Tree | max-nbr-of-leases | |
| Range | 0 to 32767 | |
| Default | 0 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
route-populate
| Synopsis | Enter the route-populate context | |
| Context | configure service vprn service-name interface interface-name ipv6 dhcp6 relay lease-populate route-populate | |
| Tree | route-populate | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
na boolean
| Synopsis | Create route based on IA_NA prefix option in relay-reply message | |
| Context | configure service vprn service-name interface interface-name ipv6 dhcp6 relay lease-populate route-populate na boolean | |
| Tree | na | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
pd
| Synopsis | Enable the pd context | |
| Context | configure service vprn service-name interface interface-name ipv6 dhcp6 relay lease-populate route-populate pd | |
| Tree | pd | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
exclude boolean
ta boolean
| Synopsis | Create route based on IA_TA prefix option in relay-reply message | |
| Context | configure service vprn service-name interface interface-name ipv6 dhcp6 relay lease-populate route-populate ta boolean | |
| Tree | ta | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
option
interface-id
| Synopsis | Enter the interface-id context | |
| Context | configure service vprn service-name interface interface-name ipv6 dhcp6 relay option interface-id | |
| Tree | interface-id | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ascii-tuple
| Synopsis | Use ASCII-encoded concatenated tuple | |
| Context | configure service vprn service-name interface interface-name ipv6 dhcp6 relay option interface-id ascii-tuple | |
| Tree | ascii-tuple | |
Notes | The following elements are part of a choice: ascii-tuple, if-index, sap-id, or string. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
if-index
| Synopsis | Use interface index in the DHCPv6 relay packet | |
| Context | configure service vprn service-name interface interface-name ipv6 dhcp6 relay option interface-id if-index | |
| Tree | if-index | |
Notes | The following elements are part of a choice: ascii-tuple, if-index, sap-id, or string. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
sap-id
| Synopsis | Use SAP ID in interface ID option in relay packet | |
| Context | configure service vprn service-name interface interface-name ipv6 dhcp6 relay option interface-id sap-id | |
| Tree | sap-id | |
Notes | The following elements are part of a choice: ascii-tuple, if-index, sap-id, or string. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
string string-not-all-spaces
| Synopsis | String for interface ID option in DHCPv6 relay packet | |
| Context | configure service vprn service-name interface interface-name ipv6 dhcp6 relay option interface-id string string-not-all-spaces | |
| Tree | string | |
| String length | 1 to 80 | |
Notes | The following elements are part of a choice: ascii-tuple, if-index, sap-id, or string. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
remote-id boolean
server ipv6-address-with-zone
source-address ipv6-unicast-or-linklocal-address
| Synopsis | Source IPv6 address of the DHCPv6 relay messages | |
| Context | configure service vprn service-name interface interface-name ipv6 dhcp6 relay source-address ipv6-unicast-or-linklocal-address | |
| Tree | source-address | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
duplicate-address-detection boolean
| Synopsis | Enable Duplicate Address Detection per interface | |
| Context | configure service vprn service-name interface interface-name ipv6 duplicate-address-detection boolean | |
| Tree | duplicate-address-detection | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
forward-ipv4-packets boolean
| Synopsis | Forward unencapsulated IPv4 packets | |
| Context | configure service vprn service-name interface interface-name ipv6 forward-ipv4-packets boolean | |
| Tree | forward-ipv4-packets | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
icmp6
packet-too-big
| Synopsis | Enter the packet-too-big context | |
| Context | configure service vprn service-name interface interface-name ipv6 icmp6 packet-too-big | |
| Tree | packet-too-big | |
Description | Commands in this context configure limiting the number of ICMPv6 Packet Too Big messages. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of Packet Too Big message sends | |
| Context | configure service vprn service-name interface interface-name ipv6 icmp6 packet-too-big admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
number number
seconds number
param-problem
| Synopsis | Enter the param-problem context | |
| Context | configure service vprn service-name interface interface-name ipv6 icmp6 param-problem | |
| Tree | param-problem | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of Parameter Problem message sends | |
| Context | configure service vprn service-name interface interface-name ipv6 icmp6 param-problem admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
number number
seconds number
redirects
admin-state keyword
| Synopsis | Administrative state of Redirect message sends | |
| Context | configure service vprn service-name interface interface-name ipv6 icmp6 redirects admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
number number
seconds number
time-exceeded
| Synopsis | Enter the time-exceeded context | |
| Context | configure service vprn service-name interface interface-name ipv6 icmp6 time-exceeded | |
| Tree | time-exceeded | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of Time Exceeded message sends | |
| Context | configure service vprn service-name interface interface-name ipv6 icmp6 time-exceeded admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
number number
seconds number
unreachables
| Synopsis | Enter the unreachables context | |
| Context | configure service vprn service-name interface interface-name ipv6 icmp6 unreachables | |
| Tree | unreachables | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of Unreachable message sends | |
| Context | configure service vprn service-name interface interface-name ipv6 icmp6 unreachables admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
number number
seconds number
link-local-address
| Synopsis | Enter the link-local-address context | |
| Context | configure service vprn service-name interface interface-name ipv6 link-local-address | |
| Tree | link-local-address | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
address ipv6-address
duplicate-address-detection boolean
| Synopsis | Enable Duplicate Address Detection | |
| Context | configure service vprn service-name interface interface-name ipv6 link-local-address duplicate-address-detection boolean | |
| Tree | duplicate-address-detection | |
Description | When configured to true, the router enables Duplicate Address Detection (DAD) on the interface. When configured to false, the router disables DAD and sets the address to preferred, even if there is a duplicated address. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
local-dhcp-server reference
| Synopsis | DHCP server for the interface | |
| Context | configure service vprn service-name interface interface-name ipv6 local-dhcp-server reference | |
| Tree | local-dhcp-server | |
Description | This command instantiates a local DHCP server. A local DHCP server can serve multiple interfaces but is limited to the routing context in which it was created. | |
Reference | configure service vprn service-name dhcp-server dhcpv6 named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
neighbor-discovery
| Synopsis | Enter the neighbor-discovery context | |
| Context | configure service vprn service-name interface interface-name ipv6 neighbor-discovery | |
| Tree | neighbor-discovery | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
host-route
| Synopsis | Enter the host-route context | |
| Context | configure service vprn service-name interface interface-name ipv6 neighbor-discovery host-route | |
| Tree | host-route | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
populate [route-type] keyword
| Synopsis | Enter the populate list instance | |
| Context | configure service vprn service-name interface interface-name ipv6 neighbor-discovery host-route populate keyword | |
| Tree | populate | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[route-type] keyword
| Synopsis | Type of ARP or ND entries that generate host routes | |
| Context | configure service vprn service-name interface interface-name ipv6 neighbor-discovery host-route populate keyword | |
| Tree | populate | |
| Options | ||
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
route-tag number
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Tag value used with the host route from an ARP/ND entry | |
| Context | configure service vprn service-name interface interface-name ipv6 neighbor-discovery host-route populate keyword route-tag number | |
| Tree | route-tag | |
Description | This command specifies the route tag that is added in the route table for ARP or ND host routes. This tag can be matched on BGP VRF export and BGP peer export policies. | |
| Range | 1 to 255 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
learn-unsolicited keyword
| Synopsis | Type of entries learned from unsolicited NA messages | |
| Context | configure service vprn service-name interface interface-name ipv6 neighbor-discovery learn-unsolicited keyword | |
| Tree | learn-unsolicited | |
Description | This command enables the ability to learn neighbor entries out of received unsolicited Neighbor Advertisement (NA) messages, with or without the solicited flag set. When unconfigured, the router follows standard RFC 4861 behavior for learning of neighbor entries. The neighbor is put in the stale state. This is the standard RFC behavior. | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
limit
log-only boolean
| Synopsis | Generate log entries when limit is reached | |
| Context | configure service vprn service-name interface interface-name ipv6 neighbor-discovery limit log-only boolean | |
| Tree | log-only | |
Description | When configured to true, the router sends the warning message at the specified threshold percentage or upon exceeding the specified limit. Entries that exceed the limit are learned. When configured to false, the router does not send the warning message. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
max-entries number
| Synopsis | Maximum number of entries learned on an IP interface | |
| Context | configure service vprn service-name interface interface-name ipv6 neighbor-discovery limit max-entries number | |
| Tree | max-entries | |
Description | This command configures the maximum number of entries that can be learned on an IP interface. When unconfigured, no maximum limit is imposed. | |
| Range | 0 to 102400 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
threshold number
local-proxy-nd boolean
| Synopsis | Enable local proxy neighbor discovery on the interface | |
| Context | configure service vprn service-name interface interface-name ipv6 neighbor-discovery local-proxy-nd boolean | |
| Tree | local-proxy-nd | |
Description | When configured to true, the router enables local proxy neighbor discovery on the interface and replies to neighbor solicitation requests when both the hosts are on the same subnet. In this case, ICMP redirects are disabled. When configured to false, the router disables local proxy neighbor discovery on the interface and does not reply to neighbor solicitation requests if both the hosts are on the same subnet. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
proactive-refresh keyword
| Synopsis | Proactive refresh of neighbor entries | |
| Context | configure service vprn service-name interface interface-name ipv6 neighbor-discovery proactive-refresh keyword | |
| Tree | proactive-refresh | |
Description | This command enables a proactive refresh of the neighbor entries. After the stale timer expires, the router sends an NUD message to the host (regardless of the existence of traffic to the IP address on the IOM), so the entry can be refreshed or removed. | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
proxy-nd-policy reference
| Synopsis | Proxy Neighbor Discovery policy name for the interface | |
| Context | configure service vprn service-name interface interface-name ipv6 neighbor-discovery proxy-nd-policy reference | |
| Tree | proxy-nd-policy | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
reachable-time number
| Synopsis | Neighbor reachability detection timer | |
| Context | configure service vprn service-name interface interface-name ipv6 neighbor-discovery reachable-time number | |
| Tree | reachable-time | |
| Range | 30 to 3600 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
secure-nd
admin-state keyword
| Synopsis | Administrative state of Secure Neighbor Discovery | |
| Context | configure service vprn service-name interface interface-name ipv6 neighbor-discovery secure-nd admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
allow-unsecured-msgs boolean
| Synopsis | Accept unsecured messages | |
| Context | configure service vprn service-name interface interface-name ipv6 neighbor-discovery secure-nd allow-unsecured-msgs boolean | |
| Tree | allow-unsecured-msgs | |
Description | When configured to true, the router accepts unsecured messages. When Secure Neighbor Discovery (SeND) is enabled, only secure messages are accepted. When configured to false, the router disables the acceptance of unsecured messages. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
public-key-min-bits number
| Synopsis | Minimum acceptable key length for public keys in CGA | |
| Context | configure service vprn service-name interface interface-name ipv6 neighbor-discovery secure-nd public-key-min-bits number | |
| Tree | public-key-min-bits | |
| Range | 512 to 1024 | |
| Default | 1024 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
security-parameter number
| Synopsis | Security parameter used in the generation of a CGA | |
| Context | configure service vprn service-name interface interface-name ipv6 neighbor-discovery secure-nd security-parameter number | |
| Tree | security-parameter | |
| Range | 0 to 1 | |
| Default | 1 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
stale-time number
| Synopsis | Time a Neighbor Discovery cache entry remains stale | |
| Context | configure service vprn service-name interface interface-name ipv6 neighbor-discovery stale-time number | |
| Tree | stale-time | |
| Range | 60 to 65535 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
static-neighbor [ipv6-address] ipv6-address
| Synopsis | Enter the static-neighbor list instance | |
| Context | configure service vprn service-name interface interface-name ipv6 neighbor-discovery static-neighbor ipv6-address | |
| Tree | static-neighbor | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[ipv6-address] ipv6-address
| Synopsis | IPv6 address corresponding to the physical address | |
| Context | configure service vprn service-name interface interface-name ipv6 neighbor-discovery static-neighbor ipv6-address | |
| Tree | static-neighbor | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mac-address mac-address
| Synopsis | MAC address for the static neighbor | |
| Context | configure service vprn service-name interface interface-name ipv6 neighbor-discovery static-neighbor ipv6-address mac-address mac-address | |
| Tree | mac-address | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
tcp-mss number
urpf-check
| Synopsis | Enable the urpf-check context | |
| Context | configure service vprn service-name interface interface-name ipv6 urpf-check | |
| Tree | urpf-check | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ignore-default boolean
| Synopsis | Ignore default route when performing a uRPF check | |
| Context | configure service vprn service-name interface interface-name ipv6 urpf-check ignore-default boolean | |
| Tree | ignore-default | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
mode keyword
| Synopsis | Unicast RPF check mode | |
| Context | configure service vprn service-name interface interface-name ipv6 urpf-check mode keyword | |
| Tree | mode | |
| Options | strict – Check source address match in RT and interface loose – Check source address match in RT only strict-no-ecmp – Check source address match in ECMP route | |
| Default | strict | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
vrrp [virtual-router-id] number
[virtual-router-id] number
admin-state keyword
| Synopsis | Administrative state of VRRP | |
| Context | configure service vprn service-name interface interface-name ipv6 vrrp number admin-state keyword | |
| Tree | admin-state | |
Description | The command determines the administrative state of non-owner virtual router instances. Non-owner virtual router instances can be administratively disabled. This allows the termination of VRRP participation in the virtual router and stops all routing and other access capabilities with regards to the virtual router IP addresses. Disabling the virtual router instance provides a mechanism to maintain the virtual routers without causing false backup or master state changes. When disabled, no VRRP advertisement messages are generated and all received VRRP advertisement messages are silently discarded with no processing. Whenever the administrative or operational state of a virtual router instance transitions, a log message is generated. An owner virtual router context does not use this command. To administratively disable an owner virtual router instance, use the admin-state command within the parent IP interface node which administratively disables the IP interface. | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
backup ipv6-address
| Synopsis | Virtual router IP addresses for the interface | |
| Context | configure service vprn service-name interface interface-name ipv6 vrrp number backup ipv6-address | |
| Tree | backup | |
Description | This command associates router IPv6 virtual router IP addresses with those of the parental IP interface. This command has two different functions based on whether it is being executed on an owner or non-owner virtual router instance. Non-owner virtual router instance create a routable IP interface address that is operationally dependent on the virtual router instance mode (master or backup). This command, when executed on an owner virtual router instance, does not create a routable IP interface address; it simply defines the existing IP addresses of the parental IP interface that are advertised by the virtual router instance. For owner virtual router instances, this command defines the IP addresses that are advertised within VRRP advertisement messages. This communicates the IP addresses that the master is representing to backup virtual routers receiving the messages. The specified IPv6 address must be equal to one of the existing parental IP addresses in the parental IP interface (primary or secondary) or this command fails. See "Owner and non-owner VRRP" in the 7705 SAR Gen 2 Router Configuration Guide for more information about owner and non-owner virtual router instances. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bfd-liveness
| Synopsis | Enable the bfd-liveness context | |
| Context | configure service vprn service-name interface interface-name ipv6 vrrp number bfd-liveness | |
| Tree | bfd-liveness | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dest-ip (ipv4-address-no-zone | ipv6-address-no-zone)
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Destination address for the BFD session | |
| Context | configure service vprn service-name interface interface-name ipv6 vrrp number bfd-liveness dest-ip (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | dest-ip | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
interface-name interface-name
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Name of the interface running BFD | |
| Context | configure service vprn service-name interface interface-name ipv6 vrrp number bfd-liveness interface-name interface-name | |
| Tree | interface-name | |
| String length | 1 to 32 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
service-name service-name
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Administrative service name | |
| Context | configure service vprn service-name interface interface-name ipv6 vrrp number bfd-liveness service-name service-name | |
| Tree | service-name | |
| String length | 1 to 64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
init-delay number
| Synopsis | VRRP initialization delay timer | |
| Context | configure service vprn service-name interface interface-name ipv6 vrrp number init-delay number | |
| Tree | init-delay | |
| Range | 1 to 65535 | |
| Units | seconds | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
mac mac-unicast-address
| Synopsis | Virtual MAC address to use in ARP responses | |
| Context | configure service vprn service-name interface interface-name ipv6 vrrp number mac mac-unicast-address | |
| Tree | mac | |
Description | This command sets an explicit MAC address for the virtual router instance that overrides the VRRP default derived from the VRID. Changing the default MAC address is useful when an existing HSRP or other non-VRRP default MAC is in use by the IP hosts that use the virtual router IP address. Many hosts do not monitor unessential ARPs and continue to use the cached non-VRRP MAC address after the virtual router becomes master of the host’s gateway address. Additionally, this command sets the MAC address used in ARP responses when the virtual router instance is master. Routing of IP packets with unicast-mac-address as the destination MAC is also enabled. The MAC must be the same for all virtual routers participating as a virtual router or indeterminate connectivity by the attached IP hosts results. All VRRP advertisement messages are transmitted with unicast-mac-address as the source MAC. An operator can execute this command at any time and it takes effect immediately. When the virtual router MAC on a master virtual router instance changes, a gratuitous ARP is immediately sent with a VRRP advertisement message. If the virtual router instance is disabled or operating as a backup, the gratuitous ARP and VRRP advertisement messages are not sent. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
master-int-inherit boolean
| Synopsis | Allow master instance to dictate the master down timer | |
| Context | configure service vprn service-name interface interface-name ipv6 vrrp number master-int-inherit boolean | |
| Tree | master-int-inherit | |
Description | When configured to true, the virtual router instance inherits the advertisement interval timer of the master VRRP router, which backup routers use to calculate the master down timer. When configured to false, the locally configured message interval must match the master's VRRP advertisement message advertisement interval field value or the message is discarded. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
message-interval number
| Synopsis | Interval for sending VRRP advertisement messages | |
| Context | configure service vprn service-name interface interface-name ipv6 vrrp number message-interval number | |
| Tree | message-interval | |
Description | This command configures the administrative advertisement message timer used by the master virtual router instance to send VRRP advertisement messages. The backup master down timer is derived from the value configured using this command. The use of this command varies for non-owner virtual router instances, depending on the state of the virtual router (master or backup) and the state of the master-int-inherit command:
| |
| Range | 10 to 4095 | |
| Units | centiseconds | |
| Default | 100 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
monitor-oper-group reference
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | VRRP instance to follow a specified operational group | |
| Context | configure service vprn service-name interface interface-name ipv6 vrrp number monitor-oper-group reference | |
| Tree | monitor-oper-group | |
Description | This command configures VRRP to associate with an operational group. When associated, VRRP notifies the operational group of its state changes so that other protocols can monitor it to provide a redundancy mechanism. When VRRP is the master router, the operational group is up and the operational group is down for all other VRRP states. | |
Reference | configure service oper-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ntp-reply boolean
| Synopsis | Allow processing of NTP requests | |
| Context | configure service vprn service-name interface interface-name ipv6 vrrp number ntp-reply boolean | |
| Tree | ntp-reply | |
Description | When configured to true, the router redirects NTP requests to the VRRP virtual IP address. This behavior only applies to the router acting as the master VRRP router. When configured to false, the router does not process NTP requests. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
oper-group reference
| Synopsis | Operational group name associated with the VRRP | |
| Context | configure service vprn service-name interface interface-name ipv6 vrrp number oper-group reference | |
| Tree | oper-group | |
Description | This command configures an operational group to associate with the VRRP. When associated, VRRP notifies the operational group of its state changes so that other protocols can monitor it to provide a redundancy mechanism. When VRRP is the master router (MR), the operational group is up. The operational group is down for all other VRRP states. | |
Reference | configure service oper-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
owner boolean
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Designate the virtual router instance as owner | |
| Context | configure service vprn service-name interface interface-name ipv6 vrrp number owner boolean | |
| Tree | owner | |
Description | When configured to true, the router designates this virtual router instance as the owner of the virtual router IP addresses. Therefore, this virtual router becomes responsible for forwarding packets sent to the virtual router IP addresses. The owner also assumes the role of master virtual router. When configured to false, this virtual router instance is designated as a non-owner. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
passive boolean
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Suppress the processing of VRRP advertisement messages | |
| Context | configure service vprn service-name interface interface-name ipv6 vrrp number passive boolean | |
| Tree | passive | |
Description | When configured to true, the router identifies this virtual router instance as passive; and therefore the owner of the virtual router IP addresses. A passive virtual router instance does not transmit or receive VRRP advertisement messages and is always in either the master state (if the interface is operationally up) or the init state (if the interface is operationally down). When configured to false, this virtual router instance is not identified as passive, meaning that it transmits and receives VRRP advertisement messages. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
ping-reply boolean
| Synopsis | Allow non-owner master to reply to ICMP echo requests | |
| Context | configure service vprn service-name interface interface-name ipv6 vrrp number ping-reply boolean | |
| Tree | ping-reply | |
Description | When configured to true, the router allows the non-owner master to reply to ICMP echo requests directed at the IP addresses of the virtual router instance. Any routed interface can receive the ping request. Ping must not have been disabled at the management security level (either on the parental IP interface or on the Ping source host address). When configured to false, ICMP echo requests sent to non-owner master virtual IP addresses are silently discarded. Non-owner backup virtual routers never respond to ICMP echo requests, regardless of the configuration of this command. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
policy reference
| Synopsis | VRRP priority control policy | |
| Context | configure service vprn service-name interface interface-name ipv6 vrrp number policy reference | |
| Tree | policy | |
Description | This command configures a VRRP priority control policy to associate with the virtual router instance. VRRP priority control policies can override or adjust the base priority value of the virtual router instance, depending on events or conditions within the chassis. An operator can associate a policy with more than one virtual router instance. The priority events within the policy either override or diminish the base priority set with the priority command. As priority events clear in the policy, the in-use priority can eventually be restored to the base priority value. For non-owner virtual router instances, if this command is not executed, the base priority is used as the in-use priority. | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
preempt boolean
| Synopsis | Allow the VRRP to override an existing non-owner master | |
| Context | configure service vprn service-name interface interface-name ipv6 vrrp number preempt boolean | |
| Tree | preempt | |
Description | When configured to true, this virtual router instance overrides any non-owner master with an in-use message priority value less than the in-use priority value of this virtual router. When configured to false, this virtual router only becomes master if the master down timer expires before a VRRP advertisement message is received from another virtual router. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
priority number
| Synopsis | Base priority for the VRRP | |
| Context | configure service vprn service-name interface interface-name ipv6 vrrp number priority number | |
| Tree | priority | |
Description | This command configures the base router priority for the virtual router instance, which defines the selection order of the virtual router in the master election process. The in-use priority is derived from the base priority. However, the in-use priority is modified by optional VRRP priority control policies. An operator can use VRRP priority control policies to either override or adjust the base priority value depending on events or conditions within the chassis. | |
| Range | 1 to 255 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
standby-forwarding boolean
| Synopsis | Allow standby router to forward traffic | |
| Context | configure service vprn service-name interface interface-name ipv6 vrrp number standby-forwarding boolean | |
| Tree | standby-forwarding | |
Description | When configured to true, the standby router forwards all traffic. When configured to false, the standby router cannot forward traffic sent to the MAC address of the virtual router. However, the standby router still forwards traffic sent to its own MAC address. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
telnet-reply boolean
| Synopsis | Allow non-owner master to reply to Telnet requests | |
| Context | configure service vprn service-name interface interface-name ipv6 vrrp number telnet-reply boolean | |
| Tree | telnet-reply | |
Description | When configured to true, the router allows the non-owner master to reply to Telnet requests directed at the IP addresses of the virtual router instance. Any routed interface can receive Telnet requests. Telnet cannot be disabled at the management security level (either on the parental IP interface or on the Telnet source host address). When configured to false, the router silently discards Telnet requests sent to non-owner master virtual IP addresses. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
traceroute-reply boolean
| Synopsis | Allow non-owner master to reply to traceroute requests | |
| Context | configure service vprn service-name interface interface-name ipv6 vrrp number traceroute-reply boolean | |
| Tree | traceroute-reply | |
Description | When configured to true, the router allows a non-owner master to reply to traceroute requests directed to the IP addresses of the virtual router instance. When configured to false, the router silently discards traceroute requests sent to non-owner master virtual IP addresses. Traceroute must not have been disabled at the management security level (either on the parental IP interface or the source host address). | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
load-balancing
| Synopsis | Enter the load-balancing context | |
| Context | configure service vprn service-name interface interface-name load-balancing | |
| Tree | load-balancing | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ip-load-balancing keyword
| Synopsis | IP load-balancing algorithm | |
| Context | configure service vprn service-name interface interface-name load-balancing ip-load-balancing keyword | |
| Tree | ip-load-balancing | |
Description | This command specifies whether to include the source address, destination address, or both in LAG or ECMP hash on IP interfaces. Additionally, when the l4-load-balancing command is enabled, this command also includes the source or destination port in the hash inputs. | |
| Options | ||
| Default | both | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
loopback boolean
mac mac-unicast-address
mac-accounting boolean
| Synopsis | Enable MAC accounting functionality | |
| Context | configure service vprn service-name interface interface-name mac-accounting boolean | |
| Tree | mac-accounting | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
monitor-oper-group reference
| Synopsis | Operational group to monitor | |
| Context | configure service vprn service-name interface interface-name monitor-oper-group reference | |
| Tree | monitor-oper-group | |
Reference | configure service oper-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
multi-chassis-shunting-profile reference
| Synopsis | Multi-chassis shunting profile name | |
| Context | configure service vprn service-name interface interface-name multi-chassis-shunting-profile reference | |
| Tree | multi-chassis-shunting-profile | |
Description | This command configures the name of a multi-chassis shunting profile to use on public or private tunnel interfaces. | |
Reference | configure service vprn service-name ipsec multi-chassis-shunting-profile named-item | |
Notes | The following elements are part of a choice: multi-chassis-shunting-profile or (dynamic-tunnel-redundant-nexthop and static-tunnel-redundant-nexthop). | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
sap [sap-id] sap
[sap-id] sap
accounting-policy reference
| Synopsis | Accounting policy | |
| Context | configure service vprn service-name interface interface-name sap sap accounting-policy reference | |
| Tree | accounting-policy | |
Reference | configure log accounting-policy number | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the SAP | |
| Context | configure service vprn service-name interface interface-name sap sap admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bandwidth number
collect-stats boolean
| Synopsis | Collect accounting statistics | |
| Context | configure service vprn service-name interface interface-name sap sap collect-stats boolean | |
| Tree | collect-stats | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
description long-description
| Synopsis | Text description | |
| Context | configure service vprn service-name interface interface-name sap sap description long-description | |
| Tree | description | |
| String length | 1 to 160 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dist-cpu-protection reference
| Synopsis | Distributed CPU protection policy for SAP | |
| Context | configure service vprn service-name interface interface-name sap sap dist-cpu-protection reference | |
| Tree | dist-cpu-protection | |
Reference | configure system security dist-cpu-protection policy named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
egress
agg-rate
queue-frame-based-accounting boolean
| Synopsis | Enable frame based accounting on policers and queues | |
| Context | configure service vprn service-name interface interface-name sap sap egress agg-rate queue-frame-based-accounting boolean | |
| Tree | queue-frame-based-accounting | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
rate number
filter
ip reference
ipv6 reference
qos
policer-control-policy
| Synopsis | Enter the policer-control-policy context | |
| Context | configure service vprn service-name interface interface-name sap sap egress qos policer-control-policy | |
| Tree | policer-control-policy | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
overrides
root
max-rate (number | keyword)
priority-mbs-thresholds
| Synopsis | Enter the priority-mbs-thresholds context | |
| Context | configure service vprn service-name interface interface-name sap sap egress qos policer-control-policy overrides root priority-mbs-thresholds | |
| Tree | priority-mbs-thresholds | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
min-thresh-separation (number | keyword)
| Synopsis | Minimum amount of separation buffer space | |
| Context | configure service vprn service-name interface interface-name sap sap egress qos policer-control-policy overrides root priority-mbs-thresholds min-thresh-separation (number | keyword) | |
| Tree | min-thresh-separation | |
| Range | 0 to 16777216 | |
| Units | bytes | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
priority [priority-level] number
[priority-level] number
mbs-contribution (number | keyword)
| Synopsis | Minimum amount of cumulative buffer space allowed | |
| Context | configure service vprn service-name interface interface-name sap sap egress qos policer-control-policy overrides root priority-mbs-thresholds priority number mbs-contribution (number | keyword) | |
| Tree | mbs-contribution | |
| Range | 0 to 16777216 | |
| Units | bytes | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
policy-name reference
| Synopsis | Policer control policy name | |
| Context | configure service vprn service-name interface interface-name sap sap egress qos policer-control-policy policy-name reference | |
| Tree | policy-name | |
Reference | configure qos policer-control-policy named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
qinq-mark-top-only boolean
| Synopsis | Mark top Q-tags | |
| Context | configure service vprn service-name interface interface-name sap sap egress qos qinq-mark-top-only boolean | |
| Tree | qinq-mark-top-only | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
sap-egress
| Synopsis | Enter the sap-egress context | |
| Context | configure service vprn service-name interface interface-name sap sap egress qos sap-egress | |
| Tree | sap-egress | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
overrides
queue [queue-id] reference
[queue-id] reference
| Synopsis | Policer unique ID | |
| Context | configure service vprn service-name interface interface-name sap sap egress qos sap-egress overrides queue reference | |
| Tree | queue | |
Reference | configure qos sap-egress qos-policy-name queue number | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
adaptation-rule
| Synopsis | Enter the adaptation-rule context | |
| Context | configure service vprn service-name interface interface-name sap sap egress qos sap-egress overrides queue reference adaptation-rule | |
| Tree | adaptation-rule | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cir keyword
pir keyword
avg-frame-overhead decimal-number
| Synopsis | Average packet-to-frame encapsulation overhead | |
| Context | configure service vprn service-name interface interface-name sap sap egress qos sap-egress overrides queue reference avg-frame-overhead decimal-number | |
| Tree | avg-frame-overhead | |
Description | This command configures overrides for the average frame overhead. The overrides supersede the average frame overhead configuration under the queue. For a full description of this command, see the configure qos network-queue queue avg-frame-overhead and configure qos sap-egress queue avg-frame-overhead contexts. | |
| Range | 0.00 to 100.00 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
burst-limit (number | keyword)
| Synopsis | Explicit shaping burst size for the queue | |
| Context | configure service vprn service-name interface interface-name sap sap egress qos sap-egress overrides queue reference burst-limit (number | keyword) | |
| Tree | burst-limit | |
| Range | 1 to 14000000 | |
| Units | bytes | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
cbs (number | keyword)
drop-tail
low
percent-reduction-from-mbs (number | keyword)
| Synopsis | Percentage reduction from the MBS for a queue drop tail | |
| Context | configure service vprn service-name interface interface-name sap sap egress qos sap-egress overrides queue reference drop-tail low percent-reduction-from-mbs (number | keyword) | |
| Tree | percent-reduction-from-mbs | |
| Range | 0 to 100 | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mbs (number | keyword)
parent
cir-weight number
| Synopsis | CIR parameter that overrides parent for queue group | |
| Context | configure service vprn service-name interface interface-name sap sap egress qos sap-egress overrides queue reference parent cir-weight number | |
| Tree | cir-weight | |
| Range | 0 to 100 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
weight number
percent-rate
| Synopsis | Enter the percent-rate context | |
| Context | configure service vprn service-name interface interface-name sap sap egress qos sap-egress overrides queue reference percent-rate | |
| Tree | percent-rate | |
Notes | The following elements are part of a choice: percent-rate or rate. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cir decimal-number
pir decimal-number
rate
cir (number | keyword)
pir (number | keyword)
policy-name reference
| Synopsis | Policy ID to associate with SAP for mirrored service | |
| Context | configure service vprn service-name interface interface-name sap sap egress qos sap-egress policy-name reference | |
| Tree | policy-name | |
Reference | configure qos sap-egress qos-policy-name | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
port-redirect-group
| Synopsis | Enter the port-redirect-group context | |
| Context | configure service vprn service-name interface interface-name sap sap egress qos sap-egress port-redirect-group | |
| Tree | port-redirect-group | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
group-name reference
| Synopsis | Name of the queue group redirect list policy | |
| Context | configure service vprn service-name interface interface-name sap sap egress qos sap-egress port-redirect-group group-name reference | |
| Tree | group-name | |
Reference | configure qos queue-group-templates egress queue-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
instance number
| Synopsis | Instance of port queue group | |
| Context | configure service vprn service-name interface interface-name sap sap egress qos sap-egress port-redirect-group instance number | |
| Tree | instance | |
| Range | 1 to 65535 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
scheduler-policy
| Synopsis | Enter the scheduler-policy context | |
| Context | configure service vprn service-name interface interface-name sap sap egress qos scheduler-policy | |
| Tree | scheduler-policy | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
overrides
scheduler [scheduler-name] named-item
[scheduler-name] named-item
| Synopsis | Scheduler name | |
| Context | configure service vprn service-name interface interface-name sap sap egress qos scheduler-policy overrides scheduler named-item | |
| Tree | scheduler | |
Description | This command specifies the scheduler name which is composed of printable 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes. Each scheduler must have a unique name within the context of the scheduler policy. However, the same name can be reused in multiple scheduler policies. If the scheduler name already exists within the policy tier level, the context changes to that scheduler name for the purpose of editing the scheduler commands. If the scheduler name exists within the policy on a different tier, an error occurs and the current context does not change. If the scheduler name does not exist in this or another tier within the scheduler policy, it is assumed that an attempt is being made to create a scheduler of that name. If the provided scheduler name is invalid, a name syntax error occurs, the command does not execute, and the context is not change. | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
parent
cir-weight number
| Synopsis | Weight used at the within-CIR port priority level | |
| Context | configure service vprn service-name interface interface-name sap sap egress qos scheduler-policy overrides scheduler named-item parent cir-weight number | |
| Tree | cir-weight | |
| Range | 0 to 100 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
weight number
rate
cir (number | keyword)
pir (number | keyword)
| Synopsis | PIR at which the queue is to operate | |
| Context | configure service vprn service-name interface interface-name sap sap egress qos scheduler-policy overrides scheduler named-item rate pir (number | keyword) | |
| Tree | pir | |
| Range | 1 to 6400000000 | |
| Units | kilobps | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
policy-name reference
| Synopsis | Scheduler policy name | |
| Context | configure service vprn service-name interface interface-name sap sap egress qos scheduler-policy policy-name reference | |
| Tree | policy-name | |
Reference | configure qos scheduler-policy named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ingress
filter
ip reference
ipv6 reference
qos
match-qinq-dot1p keyword
| Synopsis | Ingress match QinQ Dot1p | |
| Context | configure service vprn service-name interface interface-name sap sap ingress qos match-qinq-dot1p keyword | |
| Tree | match-qinq-dot1p | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
policer-control-policy
| Synopsis | Enter the policer-control-policy context | |
| Context | configure service vprn service-name interface interface-name sap sap ingress qos policer-control-policy | |
| Tree | policer-control-policy | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
overrides
root
max-rate (number | keyword)
priority-mbs-thresholds
| Synopsis | Enter the priority-mbs-thresholds context | |
| Context | configure service vprn service-name interface interface-name sap sap ingress qos policer-control-policy overrides root priority-mbs-thresholds | |
| Tree | priority-mbs-thresholds | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
min-thresh-separation (number | keyword)
| Synopsis | Minimum amount of separation buffer space | |
| Context | configure service vprn service-name interface interface-name sap sap ingress qos policer-control-policy overrides root priority-mbs-thresholds min-thresh-separation (number | keyword) | |
| Tree | min-thresh-separation | |
| Range | 0 to 16777216 | |
| Units | bytes | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
priority [priority-level] number
[priority-level] number
mbs-contribution (number | keyword)
| Synopsis | Minimum amount of cumulative buffer space allowed | |
| Context | configure service vprn service-name interface interface-name sap sap ingress qos policer-control-policy overrides root priority-mbs-thresholds priority number mbs-contribution (number | keyword) | |
| Tree | mbs-contribution | |
| Range | 0 to 16777216 | |
| Units | bytes | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
policy-name reference
| Synopsis | Policer control policy name | |
| Context | configure service vprn service-name interface interface-name sap sap ingress qos policer-control-policy policy-name reference | |
| Tree | policy-name | |
Reference | configure qos policer-control-policy named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
sap-ingress
| Synopsis | Enter the sap-ingress context | |
| Context | configure service vprn service-name interface interface-name sap sap ingress qos sap-ingress | |
| Tree | sap-ingress | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
fp-redirect-group
| Synopsis | Enter the fp-redirect-group context | |
| Context | configure service vprn service-name interface interface-name sap sap ingress qos sap-ingress fp-redirect-group | |
| Tree | fp-redirect-group | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
group-name reference
| Synopsis | Queue group template name created on forwarding plane | |
| Context | configure service vprn service-name interface interface-name sap sap ingress qos sap-ingress fp-redirect-group group-name reference | |
| Tree | group-name | |
Reference | configure qos queue-group-templates ingress queue-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
instance number
| Synopsis | Queue group instance | |
| Context | configure service vprn service-name interface interface-name sap sap ingress qos sap-ingress fp-redirect-group instance number | |
| Tree | instance | |
| Range | 1 to 65535 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
overrides
policer [policer-id] reference
[policer-id] reference
| Synopsis | Policer unique ID | |
| Context | configure service vprn service-name interface interface-name sap sap ingress qos sap-ingress overrides policer reference | |
| Tree | policer | |
Reference | configure qos sap-ingress qos-policy-name policer number | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cbs (number | keyword)
mbs (number | keyword)
packet-byte-offset number
| Synopsis | Packet size modification for policing information | |
| Context | configure service vprn service-name interface interface-name sap sap ingress qos sap-ingress overrides policer reference packet-byte-offset number | |
| Tree | packet-byte-offset | |
| Range | -32 to 31 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
percent-rate
| Synopsis | Enter the percent-rate context | |
| Context | configure service vprn service-name interface interface-name sap sap ingress qos sap-ingress overrides policer reference percent-rate | |
| Tree | percent-rate | |
Notes | The following elements are part of a choice: percent-rate or rate. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cir decimal-number
pir decimal-number
rate
cir (number | keyword)
pir (number | keyword)
stat-mode keyword
queue [queue-id] reference
[queue-id] reference
| Synopsis | Policer unique ID | |
| Context | configure service vprn service-name interface interface-name sap sap ingress qos sap-ingress overrides queue reference | |
| Tree | queue | |
Reference | configure qos sap-ingress qos-policy-name queue number | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
adaptation-rule
| Synopsis | Enter the adaptation-rule context | |
| Context | configure service vprn service-name interface interface-name sap sap ingress qos sap-ingress overrides queue reference adaptation-rule | |
| Tree | adaptation-rule | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cir keyword
pir keyword
cbs (number | keyword)
drop-tail
low
percent-reduction-from-mbs (number | keyword)
| Synopsis | Percentage reduction from the MBS for a queue drop tail | |
| Context | configure service vprn service-name interface interface-name sap sap ingress qos sap-ingress overrides queue reference drop-tail low percent-reduction-from-mbs (number | keyword) | |
| Tree | percent-reduction-from-mbs | |
| Range | 0 to 100 | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mbs (number | keyword)
parent
cir-weight number
| Synopsis | CIR parameter that overrides parent for queue group | |
| Context | configure service vprn service-name interface interface-name sap sap ingress qos sap-ingress overrides queue reference parent cir-weight number | |
| Tree | cir-weight | |
| Range | 0 to 100 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
weight number
percent-rate
| Synopsis | Enter the percent-rate context | |
| Context | configure service vprn service-name interface interface-name sap sap ingress qos sap-ingress overrides queue reference percent-rate | |
| Tree | percent-rate | |
Notes | The following elements are part of a choice: percent-rate or rate. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cir decimal-number
pir decimal-number
rate
cir (number | keyword)
pir (number | keyword)
policy-name reference
| Synopsis | Policy ID | |
| Context | configure service vprn service-name interface interface-name sap sap ingress qos sap-ingress policy-name reference | |
| Tree | policy-name | |
Reference | configure qos sap-ingress qos-policy-name | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
scheduler-policy
| Synopsis | Enter the scheduler-policy context | |
| Context | configure service vprn service-name interface interface-name sap sap ingress qos scheduler-policy | |
| Tree | scheduler-policy | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
overrides
scheduler [scheduler-name] named-item
[scheduler-name] named-item
| Synopsis | Scheduler name | |
| Context | configure service vprn service-name interface interface-name sap sap ingress qos scheduler-policy overrides scheduler named-item | |
| Tree | scheduler | |
Description | This command specifies the scheduler name which is composed of printable 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes. Each scheduler must have a unique name within the context of the scheduler policy. However, the same name can be reused in multiple scheduler policies. If the scheduler name already exists within the policy tier level, the context changes to that scheduler name for the purpose of editing the scheduler commands. If the scheduler name exists within the policy on a different tier, an error occurs and the current context does not change. If the scheduler name does not exist in this or another tier within the scheduler policy, it is assumed that an attempt is being made to create a scheduler of that name. If the provided scheduler name is invalid, a name syntax error occurs, the command does not execute, and the context is not change. | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
parent
cir-weight number
| Synopsis | Weight used at the within-CIR port priority level | |
| Context | configure service vprn service-name interface interface-name sap sap ingress qos scheduler-policy overrides scheduler named-item parent cir-weight number | |
| Tree | cir-weight | |
| Range | 0 to 100 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
weight number
rate
cir (number | keyword)
| Synopsis | CIR at which the queue it to operate | |
| Context | configure service vprn service-name interface interface-name sap sap ingress qos scheduler-policy overrides scheduler named-item rate cir (number | keyword) | |
| Tree | cir | |
| Range | 0 to 6400000000 | |
| Units | kilobps | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
pir (number | keyword)
| Synopsis | PIR at which the queue is to operate | |
| Context | configure service vprn service-name interface interface-name sap sap ingress qos scheduler-policy overrides scheduler named-item rate pir (number | keyword) | |
| Tree | pir | |
| Range | 1 to 6400000000 | |
| Units | kilobps | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
policy-name reference
| Synopsis | Scheduler policy name | |
| Context | configure service vprn service-name interface interface-name sap sap ingress qos scheduler-policy policy-name reference | |
| Tree | policy-name | |
Reference | configure qos scheduler-policy named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ip-tunnel [tunnel-name] interface-name
[tunnel-name] interface-name
admin-state keyword
| Synopsis | Administrative state of the IP tunnel | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
backup-remote-ip-address (ipv4-address-no-zone | ipv6-address-no-zone)
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Backup remote IP address that is applied to this tunnel | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name backup-remote-ip-address (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | backup-remote-ip-address | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
clear-df-bit boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Clear the Do-not-Fragment bit | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name clear-df-bit boolean | |
| Tree | clear-df-bit | |
Description | When configured to true, the DF bit is cleared (set to 0) in all payload IP packets associated with the GRE or IPsec tunnel, before any potential fragmentation resulting from the ip-mtu command. This requires a modification of the header checksum. When configured to false, clearing of the DF bit is disabled. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
delivery-service service-name
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Service to originate and terminate GRE packets | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name delivery-service service-name | |
| Tree | delivery-service | |
Description | This command specifies the service used to originate and terminate the GRE encapsulated packets belonging to the GRE tunnel. The delivery service may be the same service that owns the private tunnel SAP associated with the GRE tunnel. The GRE tunnel does not come up until a valid delivery service is configured. | |
| String length | 1 to 64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
description description
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Text description | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
dest-ip [dest-ip-address] (ipv4-address-no-zone | ipv6-address-no-zone)
[dest-ip-address] (ipv4-address-no-zone | ipv6-address-no-zone)
| Synopsis | IP address of the remote IP tunnel endpoint | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name dest-ip (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | dest-ip | |
Description | This command configures the IP address of the remote IP tunnel endpoint. If the remote IP address is not within the subnet of the IP interface associated with the tunnel, the tunnel fails to come up. | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dscp keyword
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Differentiated Services Code Point (DSCP) name | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name dscp keyword | |
| Tree | dscp | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
encapsulated-ip-mtu number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Maximum size of the encapsulated tunnel packet | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name encapsulated-ip-mtu number | |
| Tree | encapsulated-ip-mtu | |
Description | This command specifies the maximum size of the encapsulated tunnel packet for the IP tunnel. If the packet exceeds this value, the system fragments the packet. | |
| Range | 512 to 9000 | |
| Units | bytes | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
gre-header
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the gre-header context | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name gre-header | |
| Tree | gre-header | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
admin-state keyword
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Administrative state of the GRE header in the tunnel | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name gre-header admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
key
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the key context | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name gre-header key | |
| Tree | key | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
admin-state keyword
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Administrative state of the keys in the GRE header | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name gre-header key admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
receive number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Receive key of the GRE header | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name gre-header key receive number | |
| Tree | receive | |
| Max. range | 0 to 4294967295 | |
| Default | 0 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
send number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Send key of the GRE header | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name gre-header key send number | |
| Tree | send | |
| Max. range | 0 to 4294967295 | |
| Default | 0 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
icmp-generation
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the icmp-generation context | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name icmp-generation | |
| Tree | icmp-generation | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
frag-required
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the frag-required context | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name icmp-generation frag-required | |
| Tree | frag-required | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
admin-state keyword
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Administrative state of sending ICMP messages | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name icmp-generation frag-required admin-state keyword | |
| Tree | admin-state | |
Description | This command configures the administrative state of sending ICMP Destination Unreachable "fragmentation needed, DF set" messages (type 3, code 4) messages to the source if the received size of the IPv4 packet on the private side exceeds the private MTU size. | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
interval number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Interval for sending ICMP messages | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name icmp-generation frag-required interval number | |
| Tree | interval | |
Description | This command configures the interval for sending ICMP Destination Unreachable "fragmentation needed, DF set" messages (type 3, code 4). | |
| Range | 1 to 60 | |
| Units | seconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
message-count number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Maximum number of ICMP messages sent | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name icmp-generation frag-required message-count number | |
| Tree | message-count | |
Description | This command configures the maximum number of ICMP messages that can be sent during the period specified by the interval command. | |
| Range | 10 to 1000 | |
| Default | 100 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
icmp6-generation
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the icmp6-generation context | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name icmp6-generation | |
| Tree | icmp6-generation | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
packet-too-big
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the packet-too-big context | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name icmp6-generation packet-too-big | |
| Tree | packet-too-big | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
admin-state keyword
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Administrative state of sending Packet Too Big messages | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name icmp6-generation packet-too-big admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
number number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Maximum number of PTB ICMPv6 messages that can be sent | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name icmp6-generation packet-too-big number number | |
| Tree | number | |
Description | This command configures the maximum number of ICMPv6 messages that can be sent during the configured interval. | |
| Range | 10 to 1000 | |
| Default | 100 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
seconds number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Maximum interval when PTB messages can be sent | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name icmp6-generation packet-too-big seconds number | |
| Tree | seconds | |
| Range | 1 to 60 | |
| Units | seconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ip-mtu number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | IP MTU for the interface | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name ip-mtu number | |
| Tree | ip-mtu | |
Description | This command specifies the IP MTU for the interface. If the DF bit is not set in the packet, IP packet fragmentation is performed, if necessary, based on this configured value. When unconfigured, all IP packets, regardless of the packet size or DF bit setting, are allowed into the tunnel without fragmentation. | |
| Range | 512 to 9000 | |
| Units | bytes | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
ipsec-transport-mode-profile reference
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | IPsec transport mode profile name | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name ipsec-transport-mode-profile reference | |
| Tree | ipsec-transport-mode-profile | |
Reference | configure ipsec ipsec-transport-mode-profile named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
local-ip-address (ipv4-address-no-zone | ipv6-address-no-zone)
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Local IP address of this tunnel | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name local-ip-address (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | local-ip-address | |
Description | This command specifies the local IP address to use for the IP tunnel. This configuration applies to the outer IP header of the encapsulated packets. The address must belong to one of the IP subnets associated with the public SAP interface of the tunnel group. The source IP address, the remote IP address, and the backup remote IP address of a tunnel must all belong to the same address family (IPv4 or IPv6). When this command specifies an IPv6 address, it must be a global unicast address. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
pmtu-discovery-aging number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Time to age out the learned path MTU | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name pmtu-discovery-aging number | |
| Tree | pmtu-discovery-aging | |
Description | This command configures the temporary public MTU expiration time. The temporary public MTU is used for MTU propagation. | |
| Range | 900 to 3600 | |
| Units | seconds | |
| Default | 900 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
private-tcp-mss-adjust number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | TCP Maximum Segment Size (MSS) on the private side | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name private-tcp-mss-adjust number | |
| Tree | private-tcp-mss-adjust | |
Description | This command specifies the TCP MSS to adjust for tunnels on the private side. The value is used to adjust the TCP MSS option in the TCP SYN packet. | |
| Range | 512 to 9000 | |
| Units | bytes | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
propagate-pmtu-v4 boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable propagation of the path MTU to IPv4 hosts | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name propagate-pmtu-v4 boolean | |
| Tree | propagate-pmtu-v4 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
propagate-pmtu-v6 boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable propagation of path MTU to IPv6 hosts | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name propagate-pmtu-v6 boolean | |
| Tree | propagate-pmtu-v6 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
public-tcp-mss-adjust (number | keyword)
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | TCP Maximum Segment Size (MSS) on the public side | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name public-tcp-mss-adjust (number | keyword) | |
| Tree | public-tcp-mss-adjust | |
Description | This command specifies the TCP MSS for TCP traffic sent from the public network to the private network. The value is used to adjust the TCP MSS option in the TCP SYN packet. | |
| Range | 512 to 9000 | |
| Units | bytes | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
reassembly (number | keyword)
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Maximum reassembly wait time | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name reassembly (number | keyword) | |
| Tree | reassembly | |
Description | This command configures the maximum time to wait to receive all fragments of a particular IPsec or GRE packet for reassembly. | |
| Range | 1 to 5000 | |
| Units | milliseconds | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
remote-ip-address (ipv4-address-no-zone | ipv6-address-no-zone)
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Remote IP address of the tunnel | |
| Context | configure service vprn service-name interface interface-name sap sap ip-tunnel interface-name remote-ip-address (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | remote-ip-address | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ipsec-gateway [name] named-item
| Synopsis | Enter the ipsec-gateway list instance | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item | |
| Tree | ipsec-gateway | |
| Max. instances | 1 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
[name] named-item
| Synopsis | IPsec gateway name | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item | |
| Tree | ipsec-gateway | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the IPsec gateway | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cert
cert-profile reference
| Synopsis | Certificate profile name | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item cert cert-profile reference | |
| Tree | cert-profile | |
Reference | configure ipsec cert-profile named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
status-verify
| Synopsis | Enter the status-verify context | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item cert status-verify | |
| Tree | status-verify | |
Description | Commands in this context configure certificate revocation status verification. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
default-result keyword
| Synopsis | Default result of Certificate Status Verification (CSV) | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item cert status-verify default-result keyword | |
| Tree | default-result | |
Description | This command specifies the default result when both the primary and secondary methods fail to provide an answer. | |
| Options | ||
| Default | revoked | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
primary keyword
| Synopsis | Primary method of CSV to verify the revocation status | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item cert status-verify primary keyword | |
| Tree | primary | |
| Options | ||
| Default | crl | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
secondary keyword
| Synopsis | Secondary method of CSV to verify the revocation status | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item cert status-verify secondary keyword | |
| Tree | secondary | |
| Options | ||
| Default | none | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
trust-anchor-profile reference
| Synopsis | Trust anchor profile name | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item cert trust-anchor-profile reference | |
| Tree | trust-anchor-profile | |
Reference | configure ipsec trust-anchor-profile named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
client-db
| Synopsis | Enable the client-db context | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item client-db | |
| Tree | client-db | |
Description | Commands in this context configure the IPsec client database. The client database is used to authenticate the IKEv2 dynamic LAN-to-LAN tunnel. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
fallback boolean
| Synopsis | Fall back to the default authentication policy | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item client-db fallback boolean | |
| Tree | fallback | |
Description | When configured to true, this command specifies whether the IPsec gateway can fall back to the default authentication policy when the IPsec tunnel authentication request fails to match any clients in the IPsec database. When configured to false and the client database lookup fails to return a matched result, the system fails the tunnel setup. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
name reference
default-secure-service
| Synopsis | Enable the default-secure-service context | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item default-secure-service | |
| Tree | default-secure-service | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
interface interface-name
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Private IPsec tunnel interface name | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item default-secure-service interface interface-name | |
| Tree | interface | |
| String length | 1 to 32 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
service-name service-name
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Default security service name | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item default-secure-service service-name service-name | |
| Tree | service-name | |
| String length | 1 to 64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
default-tunnel-template reference
| Synopsis | Default tunnel policy template for the gateway | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item default-tunnel-template reference | |
| Tree | default-tunnel-template | |
Reference | configure ipsec tunnel-template number | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dhcp-address-assignment
| Synopsis | Enter the dhcp-address-assignment context | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item dhcp-address-assignment | |
| Tree | dhcp-address-assignment | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dhcpv4
| Synopsis | Enable the dhcpv4 context | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item dhcp-address-assignment dhcpv4 | |
| Tree | dhcpv4 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the IPsec DHCPv4 server | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item dhcp-address-assignment dhcpv4 admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
gi-address ipv4-unicast-address
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Gateway IP address of DHCPv4 packets sent by the system | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item dhcp-address-assignment dhcpv4 gi-address ipv4-unicast-address | |
| Tree | gi-address | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
send-release boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Send DHCPv4 release message when IPsec tunnel removed | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item dhcp-address-assignment dhcpv4 send-release boolean | |
| Tree | send-release | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
server
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the server context | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item dhcp-address-assignment dhcpv4 server | |
| Tree | server | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
address ipv4-unicast-address
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | DHCPv4 server addresses | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item dhcp-address-assignment dhcpv4 server address ipv4-unicast-address | |
| Tree | address | |
Description | This command specifies DHCPv4 server addresses for the DHCPv4-based address assignment. If multiple server addresses are specified, the first advertised DHCPv4 address received is chosen. | |
| Max. instances | 8 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
router-instance router-instance-base-vprn-loose
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Router instance used to reach the DHCPv4 server | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item dhcp-address-assignment dhcpv4 server router-instance router-instance-base-vprn-loose | |
| Tree | router-instance | |
| String length | 1 to 64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
dhcpv6
| Synopsis | Enable the dhcpv6 context | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item dhcp-address-assignment dhcpv6 | |
| Tree | dhcpv6 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the DHCPv6 server | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item dhcp-address-assignment dhcpv6 admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
link-address ipv6-unicast-address
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Link address of the relayed DHCPv6 packets | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item dhcp-address-assignment dhcpv6 link-address ipv6-unicast-address | |
| Tree | link-address | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
send-release boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Send DHCPv6 release message when IPsec tunnel removed | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item dhcp-address-assignment dhcpv6 send-release boolean | |
| Tree | send-release | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
server
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the server context | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item dhcp-address-assignment dhcpv6 server | |
| Tree | server | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
address ipv6-unicast-address
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | DHCPv6 server addresses | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item dhcp-address-assignment dhcpv6 server address ipv6-unicast-address | |
| Tree | address | |
Description | This command specifies DHCPv6 server addresses for the DHCPv6-based address assignment. If multiple server addresses are specified, the first advertised DHCPv6 address received is chosen. | |
| Max. instances | 8 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
router-instance router-instance-base-vprn-loose
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Router instance to reach the DHCPv6 server | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item dhcp-address-assignment dhcpv6 server router-instance router-instance-base-vprn-loose | |
| Tree | router-instance | |
| String length | 1 to 64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ike-policy reference
| Synopsis | IKE policy ID | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item ike-policy reference | |
| Tree | ike-policy | |
Reference | configure ipsec ike-policy number | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
local
address-assignment
| Synopsis | Enable the address-assignment context | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item local address-assignment | |
| Tree | address-assignment | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of local address assignments | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item local address-assignment admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable the ipv4 context | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item local address-assignment ipv4 | |
| Tree | ipv4 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
dhcp-server named-item
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Local DHCPv4 server name | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item local address-assignment ipv4 dhcp-server named-item | |
| Tree | dhcp-server | |
| String length | 1 to 32 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
pool named-item
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Name of the pool defined in the specified DHCPv4 server | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item local address-assignment ipv4 pool named-item | |
| Tree | pool | |
| String length | 1 to 32 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
router-instance router-instance-base-vprn-loose
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Router instance ID for the local DHCPv4 server | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item local address-assignment ipv4 router-instance router-instance-base-vprn-loose | |
| Tree | router-instance | |
| String length | 1 to 64 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
secondary-pool named-item
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Name of the secondary pool defined in the DHCPv4 server | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item local address-assignment ipv4 secondary-pool named-item | |
| Tree | secondary-pool | |
| String length | 1 to 32 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ipv6
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable the ipv6 context | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item local address-assignment ipv6 | |
| Tree | ipv6 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
dhcp-server named-item
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Local DHCPv6 server name | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item local address-assignment ipv6 dhcp-server named-item | |
| Tree | dhcp-server | |
| String length | 1 to 32 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
pool named-item
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Secondary pool name defined in the DHCPv6 server | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item local address-assignment ipv6 pool named-item | |
| Tree | pool | |
| String length | 1 to 32 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
router-instance router-instance-base-vprn-loose
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Router instance ID hosting the DHCPv6 connection | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item local address-assignment ipv6 router-instance router-instance-base-vprn-loose | |
| Tree | router-instance | |
| String length | 1 to 64 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
gateway-address (ipv4-address-no-zone | ipv6-address-no-zone)
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Local gateway address of the IPsec gateway | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item local gateway-address (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | gateway-address | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
id
| Synopsis | Enter the id context | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item local id | |
| Tree | id | |
Description | Commands in this context specify the local ID used for the Identification Indicator (IDi) or Identification Responder (IDr) in the IKEv2 tunnel. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
auto
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Select ID based on authentication method in IKE policy | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item local id auto | |
| Tree | auto | |
Notes | The following elements are part of a choice: auto, fqdn, ipv4, or ipv6. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
fqdn fully-qualified-domain-name
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | FQDN as the local ID type | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item local id fqdn fully-qualified-domain-name | |
| Tree | fqdn | |
| String length | 1 to 255 | |
Notes | The following elements are part of a choice: auto, fqdn, ipv4, or ipv6. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ipv4 ipv4-unicast-address
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | IPv4 address as the local ID type | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item local id ipv4 ipv4-unicast-address | |
| Tree | ipv4 | |
Notes | The following elements are part of a choice: auto, fqdn, ipv4, or ipv6. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ipv6 (ipv4-address-no-zone | ipv6-address-no-zone)
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | IPv6 address as the local ID type | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item local id ipv6 (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | ipv6 | |
Notes | The following elements are part of a choice: auto, fqdn, ipv4, or ipv6. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
max-history-key-records
| Synopsis | Enter the max-history-key-records context | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item max-history-key-records | |
| Tree | max-history-key-records | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
esp number
| Synopsis | Maximum number of recent records | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item max-history-key-records esp number | |
| Tree | esp | |
| Range | 1 to 48 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ike number
| Synopsis | Maximum number of historical IKE keys recorded | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item max-history-key-records ike number | |
| Tree | ike | |
| Range | 1 to 3 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
pre-shared-key encrypted-leaf
| Synopsis | Pre-shared key for the IPsec gateway | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item pre-shared-key encrypted-leaf | |
| Tree | pre-shared-key | |
| String length | 1 to 115 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
radius
accounting-policy reference
| Synopsis | RADIUS accounting policy | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item radius accounting-policy reference | |
| Tree | accounting-policy | |
Reference | configure ipsec radius accounting-policy named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authentication-policy reference
| Synopsis | RADIUS authentication policy | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-gateway named-item radius authentication-policy reference | |
| Tree | authentication-policy | |
Reference | configure ipsec radius authentication-policy named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ts-list reference
ipsec-tunnel [name] named-item
| Synopsis | Enter the ipsec-tunnel list instance | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item | |
| Tree | ipsec-tunnel | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[name] named-item
| Synopsis | IPsec tunnel name | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item | |
| Tree | ipsec-tunnel | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the IPsec tunnel | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bfd
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the bfd context | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item bfd | |
| Tree | bfd | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
bfd-designate boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Designate IPsec tunnel to carry BFD traffic | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item bfd bfd-designate boolean | |
| Tree | bfd-designate | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
bfd-liveness
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable the bfd-liveness context | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item bfd bfd-liveness | |
| Tree | bfd-liveness | |
Description | Commands in this context configure a BFD session to provide a heart-beat mechanism for a specified IPsec tunnel. There can be only one BFD session assigned to any given IPsec tunnel, but there can be multiple IPsec tunnels using the same BFD session. BFD controls the state of the association tunnel. If the BFD session goes down, the system brings down the associated non-designated IPsec tunnel. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
dest-ip ipv4-unicast-address
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Destination address used for the BFD session | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item bfd bfd-liveness dest-ip ipv4-unicast-address | |
| Tree | dest-ip | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
interface interface-name
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Name of the interface used by the BFD session | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item bfd bfd-liveness interface interface-name | |
| Tree | interface | |
| String length | 1 to 32 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
service-name service-name
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Administrative service name | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item bfd bfd-liveness service-name service-name | |
| Tree | service-name | |
Description | This command configures the name of the service where BFD traffic is forwarded to. | |
| String length | 1 to 64 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
clear-df-bit boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Reset the DF bit to 0 in all payload IP packets | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item clear-df-bit boolean | |
| Tree | clear-df-bit | |
Description | When configured to true, the DF bit is set to 0 in all payload IP packets associated with the IPsec tunnel, before any potential fragmentation occurs. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
copy-traffic-class-upon-decapsulation boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable traffic class copy upon decapsulation | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item copy-traffic-class-upon-decapsulation boolean | |
| Tree | copy-traffic-class-upon-decapsulation | |
Description | When configured to true, the system copies the traffic class from the outer tunnel IP packet header to the payload IP packet header in the decapsulating direction (public to private). | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
description description
| Synopsis | Text description | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dest-ip [address] (ipv4-address-no-zone | ipv6-address-no-zone)
[address] (ipv4-address-no-zone | ipv6-address-no-zone)
| Synopsis | Private IP address of the remote IP tunnel endpoint | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item dest-ip (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | dest-ip | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
encapsulated-ip-mtu number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Maximum size of the encapsulated tunnel packet | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item encapsulated-ip-mtu number | |
| Tree | encapsulated-ip-mtu | |
Description | This command specifies the maximum size of the encapsulated tunnel packet to the IPsec tunnel, the IP tunnel, or the dynamic tunnels terminated on the IPsec Gateway. If the encapsulated IPv4 or IPv6 tunnel packet exceeds this value, the system fragments the packet. | |
| Range | 512 to 9000 | |
| Units | bytes | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
icmp-generation
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the icmp-generation context | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item icmp-generation | |
| Tree | icmp-generation | |
Description | Commands in this context configure settings for ICMPv4 message generation. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
frag-required
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the frag-required context | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item icmp-generation frag-required | |
| Tree | frag-required | |
Description | Commands in this context configure the attributes for sending generated ICMP Destination Unreachable "fragmentation needed and DF set" messages (type 3, code 4) back to the source, if the received size of the IPv4 packet on the private side exceeds the private MTU size. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
admin-state keyword
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Administrative state of sending ICMP messages | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item icmp-generation frag-required admin-state keyword | |
| Tree | admin-state | |
Description | This command configures the administrative state of sending ICMP Destination Unreachable "fragmentation needed, DF set" messages (type 3, code 4) messages to the source if the received size of the IPv4 packet on the private side exceeds the private MTU size. | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
interval number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Interval for sending ICMP messages | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item icmp-generation frag-required interval number | |
| Tree | interval | |
Description | This command configures the interval for sending ICMP Destination Unreachable "fragmentation needed, DF set" messages (type 3, code 4). | |
| Range | 1 to 60 | |
| Units | seconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
message-count number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Maximum number of ICMP messages that can be sent | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item icmp-generation frag-required message-count number | |
| Tree | message-count | |
Description | This command configures the maximum number of ICMP Destination Unreachable "fragmentation needed, DF set" messages (type 3, code 4) that can be sent during the configured interval. | |
| Range | 10 to 1000 | |
| Default | 100 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
icmp6-generation
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the icmp6-generation context | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item icmp6-generation | |
| Tree | icmp6-generation | |
Description | Commands in this context configure settings for ICMPv6 message generation. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
packet-too-big
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the packet-too-big context | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item icmp6-generation packet-too-big | |
| Tree | packet-too-big | |
Description | Commands in this context configure the parameters to send ICMPv6 PTB (Packet Too Big) messages on the private side. The system sends PTB messages if a received IPv6 packet on the private side is greater than 1280 bytes and it exceeds the private MTU of the tunnel. The private MTU for the tunnel is configured via the configure router interface ipsec ipsec-tunnel ip-mtu command for the interface. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
admin-state keyword
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Administrative state of Packet Too Big message sends | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item icmp6-generation packet-too-big admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
interval number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Interval for sending Packet Too Big messages | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item icmp6-generation packet-too-big interval number | |
| Tree | interval | |
| Range | 1 to 60 | |
| Units | seconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
message-count number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Maximum number of ICMPv6 PTB messages that can be sent | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item icmp6-generation packet-too-big message-count number | |
| Tree | message-count | |
Description | This command configures the maximum number of PTB messages that can be sent during the configured interval. | |
| Range | 10 to 1000 | |
| Default | 100 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
ip-mtu number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Private MTU of the IPsec tunnel | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item ip-mtu number | |
| Tree | ip-mtu | |
Description | This command specifies the private MTU of the IPsec tunnel. The private MTU is used to determine the need for fragmentation before encapsulation of the payload packet. | |
| Range | 512 to 9000 | |
| Units | bytes | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
key-exchange
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the key-exchange context | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item key-exchange | |
| Tree | key-exchange | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
dynamic
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable the dynamic context | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item key-exchange dynamic | |
| Tree | dynamic | |
Notes | The following elements are part of a choice: dynamic or manual. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
auto-establish boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Attempt to establish a phase 1 exchange automatically | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item key-exchange dynamic auto-establish boolean | |
| Tree | auto-establish | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
cert
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the cert context | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item key-exchange dynamic cert | |
| Tree | cert | |
Description | Commands in this context configure the attributes of the dynamic keying certificate. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
cert-profile reference
| Synopsis | Certificate profile name | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item key-exchange dynamic cert cert-profile reference | |
| Tree | cert-profile | |
Reference | configure ipsec cert-profile named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
status-verify
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the status-verify context | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item key-exchange dynamic cert status-verify | |
| Tree | status-verify | |
Description | Commands in this context configure attributes of Certificate Status Verification (CSV). | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
default-result keyword
| Synopsis | Default result for Certificate Status Verification | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item key-exchange dynamic cert status-verify default-result keyword | |
| Tree | default-result | |
Description | This command specifies the default certificate revocation status result to use when all configured CSV methods fail to return a result. | |
| Options | ||
| Default | revoked | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
primary keyword
| Synopsis | Primary method of CSV to verify the revocation status | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item key-exchange dynamic cert status-verify primary keyword | |
| Tree | primary | |
Description | This command configures the primary method of Certificate Status Verification (CSV) that is used to verify the revocation status of the certificate of the peer. | |
| Options | ||
| Default | crl | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
secondary keyword
| Synopsis | Secondary method used to verify certificate revocation | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item key-exchange dynamic cert status-verify secondary keyword | |
| Tree | secondary | |
Description | This command specifies the secondary method of Certificate Status Verification (CSV) that is used to verify the revocation status of the peer certificate. | |
| Options | ||
| Default | none | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
trust-anchor-profile reference
| Synopsis | Trust anchor profile name | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item key-exchange dynamic cert trust-anchor-profile reference | |
| Tree | trust-anchor-profile | |
Reference | configure ipsec trust-anchor-profile named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
id
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the id context | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item key-exchange dynamic id | |
| Tree | id | |
Description | Commands in this context specify the local ID used for IDi or IDr for IKEv2 negotiation. The default behavior depends on the local authentication method as follows:
| |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
fqdn fully-qualified-domain-name
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | FQDN used as the local ID IKE type | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item key-exchange dynamic id fqdn fully-qualified-domain-name | |
| Tree | fqdn | |
| String length | 1 to 255 | |
Notes | The following elements are part of a choice: fqdn, ipv4, or ipv6. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ipv4 ipv4-unicast-address
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | IPv4 as the local ID type | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item key-exchange dynamic id ipv4 ipv4-unicast-address | |
| Tree | ipv4 | |
Notes | The following elements are part of a choice: fqdn, ipv4, or ipv6. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ipv6 (ipv4-address-no-zone | ipv6-address-no-zone)
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | IPv6 used as the local IKE ID type | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item key-exchange dynamic id ipv6 (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | ipv6 | |
Notes | The following elements are part of a choice: fqdn, ipv4, or ipv6. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ike-policy reference
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | IKE policy ID | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item key-exchange dynamic ike-policy reference | |
| Tree | ike-policy | |
Description | This command specifies the ID of the IKE policy used for IKE negotiation. The ipsec-transport-mode-profile configuration only supports IKEv2. | |
Reference | configure ipsec ike-policy number | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ipsec-transform reference
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | IPsec transform IDs used by the dynamic key | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item key-exchange dynamic ipsec-transform reference | |
| Tree | ipsec-transform | |
Description | This command specifies IPsec transform IDs used for CHILD_SA negotiation. | |
Reference | configure ipsec ipsec-transform number | |
| Max. instances | 4 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
ppk
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the ppk context | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item key-exchange dynamic ppk | |
| Tree | ppk | |
Description | Commands in this context configure the PPKs to use for dynamic keying of the IPsec tunnel. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
id reference
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | PPK ID | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item key-exchange dynamic ppk id reference | |
| Tree | id | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
list reference
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | PPK list instance name | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item key-exchange dynamic ppk list reference | |
| Tree | list | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
pre-shared-key encrypted-leaf
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Pre-shared key for authentication | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item key-exchange dynamic pre-shared-key encrypted-leaf | |
| Tree | pre-shared-key | |
| String length | 1 to 115 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
manual
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable the manual context | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item key-exchange manual | |
| Tree | manual | |
Notes | The following elements are part of a choice: dynamic or manual. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
keys [security-association] number direction keyword
| Synopsis | Enter the keys list instance | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item key-exchange manual keys number direction keyword | |
| Tree | keys | |
Description | Commands in this context configure the security association list for the tunnel. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[security-association] number
| Synopsis | SA entry ID | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item key-exchange manual keys number direction keyword | |
| Tree | keys | |
| Range | 1 to 16 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
direction keyword
| Synopsis | Direction of the IPsec tunnel | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item key-exchange manual keys number direction keyword | |
| Tree | keys | |
| Options | ||
|
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authentication-key hex-string
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Key used for the authentication algorithm | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item key-exchange manual keys number direction keyword authentication-key hex-string | |
| Tree | authentication-key | |
| String length | 1 to 130 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
encryption-key hex-string
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Key used for the encryption algorithm | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item key-exchange manual keys number direction keyword encryption-key hex-string | |
| Tree | encryption-key | |
| String length | 1 to 66 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ipsec-transform reference
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Transform entry used by manual SAs | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item key-exchange manual keys number direction keyword ipsec-transform reference | |
| Tree | ipsec-transform | |
Reference | configure ipsec ipsec-transform number | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
spi number
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | SPI of inbound and outbound packets | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item key-exchange manual keys number direction keyword spi number | |
| Tree | spi | |
Description | This command specifies the Security Parameter Index (SPI) used to look up the instruction to verify and decrypt the incoming IPsec packets when the direction is inbound. When the direction is outbound, the SPI is used in the encoding of the outgoing packets. The remote node can use the SPI to look up the instruction to verify and decrypt the packet. | |
| Range | 256 to 16383 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
max-history-key-records
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the max-history-key-records context | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item max-history-key-records | |
| Tree | max-history-key-records | |
Description | Commands in this context configure the settings for recording historical IPsec keys. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
esp number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Maximum number of recent records | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item max-history-key-records esp number | |
| Tree | esp | |
| Range | 1 to 48 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
ike number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Maximum number of historical IKE key records | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item max-history-key-records ike number | |
| Tree | ike | |
| Range | 1 to 3 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
pmtu-discovery-aging number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Aging out time of the learned path MTU | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item pmtu-discovery-aging number | |
| Tree | pmtu-discovery-aging | |
Description | This command configures the temporary public and private MTU expiration time. The temporary MTU is used for MTU propagation. | |
| Range | 900 to 3600 | |
| Units | seconds | |
| Default | 900 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
private-tcp-mss-adjust number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | TCP maximum segment size (MSS) adjustment | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item private-tcp-mss-adjust number | |
| Tree | private-tcp-mss-adjust | |
Description | This command specifies the TCP MSS to adjust for the tunnel on the private side. When configured, the system may use the value to update the MSS option in the received TCP SYN packet on the private side. | |
| Range | 512 to 9000 | |
| Units | bytes | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
propagate-pmtu-v4 boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable propagation of the path MTU to IPv4 hosts | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item propagate-pmtu-v4 boolean | |
| Tree | propagate-pmtu-v4 | |
Description | When configured to true, the system propagates the path MTU learned from the public side to the private side (IPv4 hosts). | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
propagate-pmtu-v6 boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable propagation of the path MTU to IPv6 hosts | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item propagate-pmtu-v6 boolean | |
| Tree | propagate-pmtu-v6 | |
Description | When configured to true, the system propagates the path MTU learned from the public side to the private side (IPv6 hosts). | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
public-tcp-mss-adjust (number | keyword)
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | TCP maximum segment size (MSS) on the public network | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item public-tcp-mss-adjust (number | keyword) | |
| Tree | public-tcp-mss-adjust | |
Description | This command configures the MSS for the TCP traffic in an IPsec tunnel that is sent from the public network to the private network. The system may use this value to adjust or insert the MSS option in the TCP SYN packet. | |
| Range | 512 to 9000 | |
| Units | bytes | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
replay-window number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Anti-replay window size | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item replay-window number | |
| Tree | replay-window | |
Description | This command specifies the size of an IPsec anti-replay window. If unconfigured, IPsec anti-replay is disabled. | |
| Range | 32 | 64 | 128 | 256 | 512 | |
| Units | packets | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
security-policy
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enter the security-policy context | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item security-policy | |
| Tree | security-policy | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
id reference
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | IPsec security policy ID | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item security-policy id reference | |
| Tree | id | |
Reference | configure service vprn service-name ipsec security-policy number | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
strict-match boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable strict match of the security policy entry | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item security-policy strict-match boolean | |
| Tree | strict-match | |
Description | When configured to true, this command enables strict match of the security policy entry. When a CREATE_CHILD exchange request is received for a static IPsec tunnel, and this request is not a rekey request, ISA matches the received TSi and TSr with the configured security policy. This can be a match only when a received TS (in TSi or TSr) address range matches exactly with the subnet in a security policy entry. If there is no match, the setup fails, and TS_UNACCEPTABLE is sent. If there is a match, but there is an existing CHILD_SA for the matched security policy, the setup fails, and NO_PROPOSAL_CHOSEN is sent. If there is a match, and there is not a CHILD_SA for the matched entry, the subnet is sent in the matched security policy entry as TSi and TSr, and the CHILD_SA is created. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
tunnel-endpoint
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Enable the tunnel-endpoint context | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item tunnel-endpoint | |
| Tree | tunnel-endpoint | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
delivery-service service-name
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Delivery service name | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item tunnel-endpoint delivery-service service-name | |
| Tree | delivery-service | |
| String length | 1 to 64 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
local-gateway-address (ipv4-address-no-zone | ipv6-address-no-zone)
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Address used for tunnel of the remote security gateway | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item tunnel-endpoint local-gateway-address (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | local-gateway-address | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
remote-ip-address (ipv4-address-no-zone | ipv6-address-no-zone)
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Remote IP address of the tunnel | |
| Context | configure service vprn service-name interface interface-name sap sap ipsec-tunnel named-item tunnel-endpoint remote-ip-address (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | remote-ip-address | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
lag
multi-service-site reference
| Synopsis | Multi service site name | |
| Context | configure service vprn service-name interface interface-name sap sap multi-service-site reference | |
| Tree | multi-service-site | |
Reference | configure service customer customer-name multi-service-site named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
spoke-sdp [sdp-bind-id] sdp-bind-id
[sdp-bind-id] sdp-bind-id
accounting-policy reference
| Synopsis | Policy to collect accounting statistics | |
| Context | configure service vprn service-name interface interface-name spoke-sdp sdp-bind-id accounting-policy reference | |
| Tree | accounting-policy | |
Reference | configure log accounting-policy number | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the SDP binding to the service | |
| Context | configure service vprn service-name interface interface-name spoke-sdp sdp-bind-id admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
collect-stats boolean
| Synopsis | Allow agent to collect accounting statistics | |
| Context | configure service vprn service-name interface interface-name spoke-sdp sdp-bind-id collect-stats boolean | |
| Tree | collect-stats | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
description description
| Synopsis | Text description | |
| Context | configure service vprn service-name interface interface-name spoke-sdp sdp-bind-id description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
egress
filter
ip reference
ipv6 reference
qos
network
policy-name reference
port-redirect-group
| Synopsis | Enter the port-redirect-group context | |
| Context | configure service vprn service-name interface interface-name spoke-sdp sdp-bind-id egress qos network port-redirect-group | |
| Tree | port-redirect-group | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
group-name reference
| Synopsis | Name of the egress port queue group | |
| Context | configure service vprn service-name interface interface-name spoke-sdp sdp-bind-id egress qos network port-redirect-group group-name reference | |
| Tree | group-name | |
Reference | configure qos queue-group-templates egress queue-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
instance number
vc-label number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Egress MPLS VC label to send packets to the far end | |
| Context | configure service vprn service-name interface interface-name spoke-sdp sdp-bind-id egress vc-label number | |
| Tree | vc-label | |
| Range | 16 to 1048575 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
hash-label
| Synopsis | Enable the hash-label context | |
| Context | configure service vprn service-name interface interface-name spoke-sdp sdp-bind-id hash-label | |
| Tree | hash-label | |
Description | Commands in this context configure the use of hash labels for egress datapaths. For information about hash-label handling, see the "Hash labels" section of the 7705 SAR Gen 2 MPLS Guide. | |
Notes | The following elements are part of a choice: entropy-label or hash-label. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
signal-capability
| Synopsis | Signal hash label capability to the remote PE | |
| Context | configure service vprn service-name interface interface-name spoke-sdp sdp-bind-id hash-label signal-capability | |
| Tree | signal-capability | |
Description | When configured, this command enables the signaling and negotiating of the hash label between the local and remote PE nodes. The signaling process outcome determines whether the local PE inserts the hash label on the user packets. This outcome can override the local PE configuration. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ingress
filter
ip reference
ipv6 reference
qos
network
fp-redirect-group
| Synopsis | Enter the fp-redirect-group context | |
| Context | configure service vprn service-name interface interface-name spoke-sdp sdp-bind-id ingress qos network fp-redirect-group | |
| Tree | fp-redirect-group | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
group-name reference
| Synopsis | Name of the forwarding plane queue group template | |
| Context | configure service vprn service-name interface interface-name spoke-sdp sdp-bind-id ingress qos network fp-redirect-group group-name reference | |
| Tree | group-name | |
Reference | configure qos queue-group-templates ingress queue-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
instance number
policy-name reference
vc-label number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Ingress MPLS VC label to send packets to the far end | |
| Context | configure service vprn service-name interface interface-name spoke-sdp sdp-bind-id ingress vc-label number | |
| Tree | vc-label | |
| Range | 1 to 1048575 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
vc-type keyword
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Type of virtual circuit (VC) associated with the SDP binding | |
| Context | configure service vprn service-name interface interface-name spoke-sdp sdp-bind-id vc-type keyword | |
| Tree | vc-type | |
| Options | ||
| Default | ether | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
static-tunnel-redundant-nexthop ipv4-unicast-address
| Synopsis | Address for the static ISA tunnel redundant next-hop | |
| Context | configure service vprn service-name interface interface-name static-tunnel-redundant-nexthop ipv4-unicast-address | |
| Tree | static-tunnel-redundant-nexthop | |
Description | This command configures a redundant next-hop address on a public or private IPsec interface (with a public or private tunnel SAP) for a static IPsec tunnel in 1:1 MC-IPsec. A standby node uses the specified next-hop address to shunt traffic to the master in case it receives traffic destined to a tunnel endpoint address. The standby tunnel group needs to be operationally up for the feature to work. The next-hop address is resolved in the routing table of the corresponding service. | |
Notes | The following elements are part of a choice: multi-chassis-shunting-profile or (dynamic-tunnel-redundant-nexthop and static-tunnel-redundant-nexthop). | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
tos-marking-state keyword
| Synopsis | TOS marking state | |
| Context | configure service vprn service-name interface interface-name tos-marking-state keyword | |
| Tree | tos-marking-state | |
| Options | ||
| Default | trusted | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
tunnel boolean
vpls [vpls-name] named-item-64
[vpls-name] named-item-64
egress
reclassify-using-qos reference
| Synopsis | Egress QoS policy | |
| Context | configure service vprn service-name interface interface-name vpls named-item-64 egress reclassify-using-qos reference | |
| Tree | reclassify-using-qos | |
Reference | configure qos sap-egress qos-policy-name | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
routed-override-filter
| Synopsis | Enter the routed-override-filter context | |
| Context | configure service vprn service-name interface interface-name vpls named-item-64 egress routed-override-filter | |
| Tree | routed-override-filter | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ip reference
ipv6 reference
| Synopsis | IPv6 filter policy name | |
| Context | configure service vprn service-name interface interface-name vpls named-item-64 egress routed-override-filter ipv6 reference | |
| Tree | ipv6 | |
Reference | configure filter ipv6-filter filter-name | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
evpn
arp
advertise [route-type] keyword
| Synopsis | Enter the advertise list instance | |
| Context | configure service vprn service-name interface interface-name vpls named-item-64 evpn arp advertise keyword | |
| Tree | advertise | |
Description | Commands in this context specify the configuration to allow ARP or ND entries that are installed in the ARP or ND cache to be advertised in EVPN MAC/IP routes. The learn-dynamic command must be set to false when using this functionality. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[route-type] keyword
| Synopsis | Type of ARP or ND entries that generate host routes | |
| Context | configure service vprn service-name interface interface-name vpls named-item-64 evpn arp advertise keyword | |
| Tree | advertise | |
Description | This command specifies the type of ARP or ND entries that are installed in the ARP or ND cache into EVPN MAC/IP routes. | |
| Options | ||
|
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
interface-less-routing
| Synopsis | Enable the interface-less-routing context | |
| Context | configure service vprn service-name interface interface-name vpls named-item-64 evpn arp advertise keyword interface-less-routing | |
| Tree | interface-less-routing | |
Description | Commands in this context enable the entries for advertisement in EVPN MAC/IP advertisement routes that include:
| |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bgp-evpn-instance number
| Synopsis | EVPN interface-less VPRN instance | |
| Context | configure service vprn service-name interface interface-name vpls named-item-64 evpn arp advertise keyword interface-less-routing bgp-evpn-instance number | |
| Tree | bgp-evpn-instance | |
Description | This command configures the EVPN interface-less BGP instance from which the label and route target are taken when advertising the entry in an EVPN MAC/IP advertisement route. | |
| Range | 1 | |
| Default | 1 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
route-tag number
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Tag value used with the host route from an ARP/ND entry | |
| Context | configure service vprn service-name interface interface-name vpls named-item-64 evpn arp advertise keyword route-tag number | |
| Tree | route-tag | |
Description | This command specifies the route tag that is added separately to dynamic or static ARP or ND entries that are advertised in EVPN MAC/IP routes. This tag can be matched on BGP vsi-export (in the R-VPLS) and BGP peer export policies. | |
| Range | 0 to 255 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
flood-garp-and-unknown-req boolean
| Synopsis | Allow CPM originated ARP frames to flood R-VPLS service | |
| Context | configure service vprn service-name interface interface-name vpls named-item-64 evpn arp flood-garp-and-unknown-req boolean | |
| Tree | flood-garp-and-unknown-req | |
Description | When configured to true, the system allows CPM-originated ARP frames to be flooded in the R-VPLS service. Any frames that are data path flooded such as the ARP messages received on a SAP, are flooded irrespective of this command. When configured to false, CPM-originated ARP flooding is suppressed. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
learn-dynamic boolean
| Synopsis | Process ARP or ND messages on EVPN tunnels | |
| Context | configure service vprn service-name interface interface-name vpls named-item-64 evpn arp learn-dynamic boolean | |
| Tree | learn-dynamic | |
Description | When configured to true, the system processes ARP or ND messages that arrive on EVPN tunnels. When configured to false, learning is disabled and table entries are not created for these messages. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
nd
advertise [route-type] keyword
| Synopsis | Enter the advertise list instance | |
| Context | configure service vprn service-name interface interface-name vpls named-item-64 evpn nd advertise keyword | |
| Tree | advertise | |
Description | Commands in this context specify the configuration to allow ARP or ND entries that are installed in the ARP or ND cache to be advertised in EVPN MAC/IP routes. The learn-dynamic command must be set to false when using this functionality. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[route-type] keyword
| Synopsis | Type of ARP or ND entries that generate host routes | |
| Context | configure service vprn service-name interface interface-name vpls named-item-64 evpn nd advertise keyword | |
| Tree | advertise | |
Description | This command specifies the type of ARP or ND entries that are installed in the ARP or ND cache into EVPN MAC/IP routes. | |
| Options | ||
|
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
interface-less-routing
| Synopsis | Enable the interface-less-routing context | |
| Context | configure service vprn service-name interface interface-name vpls named-item-64 evpn nd advertise keyword interface-less-routing | |
| Tree | interface-less-routing | |
Description | Commands in this context enable the entries for advertisement in EVPN MAC/IP advertisement routes that include:
| |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bgp-evpn-instance number
| Synopsis | EVPN interface-less VPRN instance | |
| Context | configure service vprn service-name interface interface-name vpls named-item-64 evpn nd advertise keyword interface-less-routing bgp-evpn-instance number | |
| Tree | bgp-evpn-instance | |
Description | This command configures the EVPN interface-less BGP instance from which the label and route target are taken when advertising the entry in an EVPN MAC/IP advertisement route. | |
| Range | 1 | |
| Default | 1 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
route-tag number
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Tag value used with the host route from an ARP/ND entry | |
| Context | configure service vprn service-name interface interface-name vpls named-item-64 evpn nd advertise keyword route-tag number | |
| Tree | route-tag | |
Description | This command specifies the route tag that is added separately to dynamic or static ARP or ND entries that are advertised in EVPN MAC/IP routes. This tag can be matched on BGP vsi-export (in the R-VPLS) and BGP peer export policies. | |
| Range | 0 to 255 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
learn-dynamic boolean
| Synopsis | Process ARP or ND messages on EVPN tunnels | |
| Context | configure service vprn service-name interface interface-name vpls named-item-64 evpn nd learn-dynamic boolean | |
| Tree | learn-dynamic | |
Description | When configured to true, the system processes ARP or ND messages that arrive on EVPN tunnels. When configured to false, learning is disabled and table entries are not created for these messages. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
evpn-tunnel
| Synopsis | Enable the evpn-tunnel context | |
| Context | configure service vprn service-name interface interface-name vpls named-item-64 evpn-tunnel | |
| Tree | evpn-tunnel | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
allow-bfd boolean
ipv6-gateway-address keyword
| Synopsis | Type of IPv6 gateway address | |
| Context | configure service vprn service-name interface interface-name vpls named-item-64 evpn-tunnel ipv6-gateway-address keyword | |
| Tree | ipv6-gateway-address | |
| Options | ||
| Default | ip | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
supplementary-broadcast-domain boolean
| Synopsis | Use the EVPN tunnel as a Supplementary Broadcast Domain | |
| Context | configure service vprn service-name interface interface-name vpls named-item-64 evpn-tunnel supplementary-broadcast-domain boolean | |
| Tree | supplementary-broadcast-domain | |
Description | When configured to true, this command allows the EVPN tunnel to be used as a Supplementary Broadcast Domain (SBD). The SBD is used in EVPN OISM to advertise the SMET routes and to receive the multicast traffic on egress PEs that are not attached to the source R-VPLS service. When configured to false, this command disables EVPN tunnel use as an SBD. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ingress
routed-override-filter
| Synopsis | Enter the routed-override-filter context | |
| Context | configure service vprn service-name interface interface-name vpls named-item-64 ingress routed-override-filter | |
| Tree | routed-override-filter | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ip reference
| Synopsis | IPv4 filter policy name | |
| Context | configure service vprn service-name interface interface-name vpls named-item-64 ingress routed-override-filter ip reference | |
| Tree | ip | |
Description | This command specifies an IP filter that is applied to routed unicast ingress packets entering the VPLS service and destined to the R-VPLS interface MAC address. The filter overrides any existing ingress IP filter applied to SAPs or SDP bindings for packets associated with the routing IP interface. The override filter is optional and when it is not defined or it is removed, the IP routed packets use the existing ingress IP filter configured on the VPLS endpoint. | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv6 reference
| Synopsis | IPv6 filter policy name | |
| Context | configure service vprn service-name interface interface-name vpls named-item-64 ingress routed-override-filter ipv6 reference | |
| Tree | ipv6 | |
Description | This command specifies an IPv6 filter that is applied to routed unicast ingress packets entering the VPLS service and destined to the R-VPLS interface MAC address. The filter overrides any existing ingress IP filter applied to SAPs or SDP bindings for packets associated with the routing IP interface. The override filter is optional and when it is not defined or it is removed, the IP routed packets use the existing ingress IP filter configured on the VPLS endpoint. | |
Reference | configure filter ipv6-filter filter-name | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ip-mirror-interface [interface-name] interface-name
| Synopsis | Enter the ip-mirror-interface list instance | |
| Context | configure service vprn service-name ip-mirror-interface interface-name | |
| Tree | ip-mirror-interface | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[interface-name] interface-name
| Synopsis | Interface name | |
| Context | configure service vprn service-name ip-mirror-interface interface-name | |
| Tree | ip-mirror-interface | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the interface | |
| Context | configure service vprn service-name ip-mirror-interface interface-name admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
description very-long-description
| Synopsis | Text description | |
| Context | configure service vprn service-name ip-mirror-interface interface-name description very-long-description | |
| Tree | description | |
| String length | 1 to 255 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
spoke-sdp [sdp-bind-id] sdp-bind-id
| Synopsis | Enter the spoke-sdp list instance | |
| Context | configure service vprn service-name ip-mirror-interface interface-name spoke-sdp sdp-bind-id | |
| Tree | spoke-sdp | |
| Max. instances | 1 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
[sdp-bind-id] sdp-bind-id
| Synopsis | SDP binding ID | |
| Context | configure service vprn service-name ip-mirror-interface interface-name spoke-sdp sdp-bind-id | |
| Tree | spoke-sdp | |
| String length | 3 to 16 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the SDP binding to the service | |
| Context | configure service vprn service-name ip-mirror-interface interface-name spoke-sdp sdp-bind-id admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
description description
| Synopsis | Text description | |
| Context | configure service vprn service-name ip-mirror-interface interface-name spoke-sdp sdp-bind-id description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ingress
filter
ip reference
vc-label number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Spoke SDP ingress VC label | |
| Context | configure service vprn service-name ip-mirror-interface interface-name spoke-sdp sdp-bind-id ingress vc-label number | |
| Tree | vc-label | |
| Range | 1 to 1048575 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ipsec
allow-reverse-route-override-type keyword
| Synopsis | System behavior for new reverse route | |
| Context | configure service vprn service-name ipsec allow-reverse-route-override-type keyword | |
| Tree | allow-reverse-route-override-type | |
Description | This command specifies the system behavior when a new reverse route overlaps with an existing reverse route. When unconfigured, the system does not allow a new dynamic LAN-to-LAN tunnel that terminates in the private VPRN service to be created with an overlapping reverse route. | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
multi-chassis-shunt-interface [name] reference
| Synopsis | Enter the multi-chassis-shunt-interface list instance | |
| Context | configure service vprn service-name ipsec multi-chassis-shunt-interface reference | |
| Tree | multi-chassis-shunt-interface | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[name] reference
| Synopsis | Multi-chassis shunt interface name | |
| Context | configure service vprn service-name ipsec multi-chassis-shunt-interface reference | |
| Tree | multi-chassis-shunt-interface | |
Reference | configure service vprn service-name interface interface-name | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
next-hop
address (ipv4-address-no-zone | ipv6-address-no-zone)
multi-chassis-shunting-profile [name] named-item
| Synopsis | Enter the multi-chassis-shunting-profile list instance | |
| Context | configure service vprn service-name ipsec multi-chassis-shunting-profile named-item | |
| Tree | multi-chassis-shunting-profile | |
| Max. instances | 64 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
[name] named-item
| Synopsis | Multi-chassis shunting profile name | |
| Context | configure service vprn service-name ipsec multi-chassis-shunting-profile named-item | |
| Tree | multi-chassis-shunting-profile | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
peer [ip-address] reference
[ip-address] reference
| Synopsis | Peer address | |
| Context | configure service vprn service-name ipsec multi-chassis-shunting-profile named-item peer reference | |
| Tree | peer | |
Reference | configure redundancy multi-chassis peer (ipv4-address-no-zone | ipv6-address-no-zone) | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
multi-chassis-shunt-interface reference
| Synopsis | Multi-chassis shunt interface | |
| Context | configure service vprn service-name ipsec multi-chassis-shunting-profile named-item peer reference multi-chassis-shunt-interface reference | |
| Tree | multi-chassis-shunt-interface | |
Reference | configure service vprn service-name ipsec multi-chassis-shunt-interface reference | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
overlapping-reverse-route boolean
| Synopsis | Accept overlapping DL2L tunnel reverse routes | |
| Context | configure service vprn service-name ipsec overlapping-reverse-route boolean | |
| Tree | overlapping-reverse-route | |
Description | When configured to true, the router accepts overlapping DL2L tunnel reverse routes from different tunnels and installs the routes based on the preference, metric, or ECMP configuration. When configured to false, the router does not accept overlapping reverse routes and handles the overlapping route according to the configure service vprn ipsec allow-reverse-route-override-type command configuration. This command is mutually exclusive with the allow-reverse-route-override-type command. See the 7705 SAR Gen 2 Multiservice ISA and ESA Guide for more information. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
security-policy [id] number
| Synopsis | Enter the security-policy list instance | |
| Context | configure service vprn service-name ipsec security-policy number | |
| Tree | security-policy | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[id] number
| Synopsis | IPsec security policy ID | |
| Context | configure service vprn service-name ipsec security-policy number | |
| Tree | security-policy | |
| Range | 1 to 32768 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
entry [entry-id] number
[entry-id] number
local-ip
| Synopsis | Enter the local-ip context | |
| Context | configure service vprn service-name ipsec security-policy number entry number local-ip | |
| Tree | local-ip | |
Description | Commands in this context configure the local (from the VPN) IPv4 prefix/mask for the policy entry. The system evaluates the local IP as the source IP when traffic is examined in the direction of the flows from private to public and as the destination IP when traffic flows from public to private. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
address ipv4-prefix
any boolean
local-ipv6
| Synopsis | Enter the local-ipv6 context | |
| Context | configure service vprn service-name ipsec security-policy number entry number local-ipv6 | |
| Tree | local-ipv6 | |
Description | Commands in this context configure the local (from the VPN) IPv6 prefix/mask for the policy entry. The system evaluates the local IP as the source IP when traffic is examined in the direction of the flows from private to public and as the destination IP when traffic flows from public to private. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
address ipv6-prefix
| Synopsis | Destination IPv6 address of the aggregate route | |
| Context | configure service vprn service-name ipsec security-policy number entry number local-ipv6 address ipv6-prefix | |
| Tree | address | |
Notes | The following elements are part of a choice: address or any. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
any boolean
| Synopsis | Use any IP address | |
| Context | configure service vprn service-name ipsec security-policy number entry number local-ipv6 any boolean | |
| Tree | any | |
| Default | false | |
Notes | The following elements are part of a choice: address or any. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
remote-ip
| Synopsis | Enter the remote-ip context | |
| Context | configure service vprn service-name ipsec security-policy number entry number remote-ip | |
| Tree | remote-ip | |
Description | Commands in this context configure the remote (from the tunnel) IP prefix/mask for the policy entry. The system evaluates the remote IP as the source IP when traffic flows public to private and as the destination IP when traffic flows from private to public. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
address ipv4-prefix
any boolean
remote-ipv6
| Synopsis | Enter the remote-ipv6 context | |
| Context | configure service vprn service-name ipsec security-policy number entry number remote-ipv6 | |
| Tree | remote-ipv6 | |
Description | Commands in this context configure the remote (from the tunnel) IPv6 prefix/mask for the policy entry. The system evaluates the remote IP as the source IP when traffic flows from public to private and as the destination IP when traffic flows from private to public. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
address ipv6-prefix
| Synopsis | Destination IPv6 address of the aggregate route | |
| Context | configure service vprn service-name ipsec security-policy number entry number remote-ipv6 address ipv6-prefix | |
| Tree | address | |
Notes | The following elements are part of a choice: address or any. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
any boolean
| Synopsis | Use any IP address | |
| Context | configure service vprn service-name ipsec security-policy number entry number remote-ipv6 any boolean | |
| Tree | any | |
| Default | false | |
Notes | The following elements are part of a choice: address or any. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv6
neighbor-discovery
| Synopsis | Enter the neighbor-discovery context | |
| Context | configure service vprn service-name ipv6 neighbor-discovery | |
| Tree | neighbor-discovery | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
reachable-time number
| Synopsis | Neighbor reachability detection timer | |
| Context | configure service vprn service-name ipv6 neighbor-discovery reachable-time number | |
| Tree | reachable-time | |
| Range | 30 to 3600 | |
| Default | 30 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
stale-time number
| Synopsis | Neighbor discovery cache entry stale time | |
| Context | configure service vprn service-name ipv6 neighbor-discovery stale-time number | |
| Tree | stale-time | |
| Range | 60 to 65535 | |
| Default | 14400 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
router-advertisement
| Synopsis | Enter the router-advertisement context | |
| Context | configure service vprn service-name ipv6 router-advertisement | |
| Tree | router-advertisement | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dns-options
| Synopsis | Enable the dns-options context | |
| Context | configure service vprn service-name ipv6 router-advertisement dns-options | |
| Tree | dns-options | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
rdnss-lifetime (keyword | number)
| Synopsis | Maximum time over which the RDNSS address is valid | |
| Context | configure service vprn service-name ipv6 router-advertisement dns-options rdnss-lifetime (keyword | number) | |
| Tree | rdnss-lifetime | |
Description | This command specifies the maximum time that the RDNSS address is used for name resolution by the client. | |
| Range | 0 | 4 to 3600 | |
| Units | seconds | |
| Options | ||
| Default | infinite | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
server ipv6-address
| Synopsis | RAs that are forwarded to IPv6 DNS servers | |
| Context | configure service vprn service-name ipv6 router-advertisement dns-options server ipv6-address | |
| Tree | server | |
| Max. instances | 4 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
interface [ip-int-name] reference
[ip-int-name] reference
admin-state keyword
| Synopsis | Administrative state of router advertisement | |
| Context | configure service vprn service-name ipv6 router-advertisement interface reference admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
current-hop-limit number
| Synopsis | Hop limit advertised in RA messages | |
| Context | configure service vprn service-name ipv6 router-advertisement interface reference current-hop-limit number | |
| Tree | current-hop-limit | |
| Range | 0 to 255 | |
| Default | 64 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
dns-options
| Synopsis | Enable the dns-options context | |
| Context | configure service vprn service-name ipv6 router-advertisement interface reference dns-options | |
| Tree | dns-options | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
include-rdnss boolean
| Synopsis | Include the RDNSS option in the RA | |
| Context | configure service vprn service-name ipv6 router-advertisement interface reference dns-options include-rdnss boolean | |
| Tree | include-rdnss | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
rdnss-lifetime (number | keyword)
| Synopsis | Maximum time over which the RDNSS address 25 is valid | |
| Context | configure service vprn service-name ipv6 router-advertisement interface reference dns-options rdnss-lifetime (number | keyword) | |
| Tree | rdnss-lifetime | |
| Range | 0 | 4 to 3600 | |
| Units | seconds | |
| Options | ||
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
server ipv6-address
| Synopsis | RAs that are forwarded to IPv6 DNS servers | |
| Context | configure service vprn service-name ipv6 router-advertisement interface reference dns-options server ipv6-address | |
| Tree | server | |
| Max. instances | 4 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
managed-configuration boolean
| Synopsis | Set the managed address configuration flag | |
| Context | configure service vprn service-name ipv6 router-advertisement interface reference managed-configuration boolean | |
| Tree | managed-configuration | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
max-advertisement-interval number
| Synopsis | Maximum time between sending advertisement messages | |
| Context | configure service vprn service-name ipv6 router-advertisement interface reference max-advertisement-interval number | |
| Tree | max-advertisement-interval | |
| Range | 4 to 1800 | |
| Units | seconds | |
| Default | 600 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
min-advertisement-interval number
| Synopsis | Minimum interval between router advertisement messages | |
| Context | configure service vprn service-name ipv6 router-advertisement interface reference min-advertisement-interval number | |
| Tree | min-advertisement-interval | |
| Range | 3 to 1350 | |
| Units | seconds | |
| Default | 200 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mtu number
nd-router-preference keyword
| Synopsis | Default router preference for Router Advertisements | |
| Context | configure service vprn service-name ipv6 router-advertisement interface reference nd-router-preference keyword | |
| Tree | nd-router-preference | |
Description | This command configures the default router preference for Router Advertisements (RAs) and allows IPv6 hosts to discover and select a default gateway address by listening to RAs. This feature provides basic traffic engineering functionality for host devices. When this command is applied, the router advertises the respective router preference to the connected host to assist in its selection of the most appropriate default gateway on a link. This extension is backward compatible, both for routers (setting the router preference bits) and hosts (interpreting the router preference bits). These bits are ignored by hosts that do not implement the RFC 4191 functionality by configuring this command. Similarly, hosts that do not implement the RFC 4191 functionality interpret the values sent by devices that do not implement the RFC 4191 extension as a medium preference. | |
| Options | ||
| Default | medium | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
other-stateful-configuration boolean
| Synopsis | Set the other configuration flag | |
| Context | configure service vprn service-name ipv6 router-advertisement interface reference other-stateful-configuration boolean | |
| Tree | other-stateful-configuration | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
prefix [ipv6-prefix] ipv6-prefix
[ipv6-prefix] ipv6-prefix
autonomous boolean
| Synopsis | Set the autonomous flag value | |
| Context | configure service vprn service-name ipv6 router-advertisement interface reference prefix ipv6-prefix autonomous boolean | |
| Tree | autonomous | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
on-link boolean
preferred-lifetime (keyword | number)
| Synopsis | Remaining time that the prefix remains preferred | |
| Context | configure service vprn service-name ipv6 router-advertisement interface reference prefix ipv6-prefix preferred-lifetime (keyword | number) | |
| Tree | preferred-lifetime | |
| Range | 0 to 4294967294 | |
| Units | seconds | |
| Options | ||
| Default | 604800 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
valid-lifetime (keyword | number)
| Synopsis | Remaining time in which the prefix is still valid | |
| Context | configure service vprn service-name ipv6 router-advertisement interface reference prefix ipv6-prefix valid-lifetime (keyword | number) | |
| Tree | valid-lifetime | |
| Range | 0 to 4294967294 | |
| Units | seconds | |
| Options | ||
| Default | 2592000 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
reachable-time number
| Synopsis | Time the router is reachable by other hosts or nodes | |
| Context | configure service vprn service-name ipv6 router-advertisement interface reference reachable-time number | |
| Tree | reachable-time | |
| Range | 0 to 3600000 | |
| Units | milliseconds | |
| Default | 0 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
retransmit-time number
| Synopsis | Time to advertise neighbor advertisement messages | |
| Context | configure service vprn service-name ipv6 router-advertisement interface reference retransmit-time number | |
| Tree | retransmit-time | |
| Range | 0 to 1800000 | |
| Units | milliseconds | |
| Default | 0 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
router-lifetime number
| Synopsis | Lifetime value in neighbor advertisement messages | |
| Context | configure service vprn service-name ipv6 router-advertisement interface reference router-lifetime number | |
| Tree | router-lifetime | |
| Range | 0 | 4 to 9000 | |
| Units | seconds | |
| Default | 1800 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
use-virtual-mac boolean
| Synopsis | Use VRRP virtual MAC address for advertisement message | |
| Context | configure service vprn service-name ipv6 router-advertisement interface reference use-virtual-mac boolean | |
| Tree | use-virtual-mac | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
isis [isis-instance] number
[isis-instance] number
admin-state keyword
| Synopsis | Administrative state of the IS-IS instance | |
| Context | configure service vprn service-name isis number admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
advertise-passive-only boolean
| Synopsis | Advertise prefixes that belong to passive interfaces | |
| Context | configure service vprn service-name isis number advertise-passive-only boolean | |
| Tree | advertise-passive-only | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
advertise-router-capability keyword
| Synopsis | Router capabilities advertisement to neighbors | |
| Context | configure service vprn service-name isis number advertise-router-capability keyword | |
| Tree | advertise-router-capability | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
all-l1isis mac-address
| Synopsis | Destination MAC address for all L1 IS-IS routers | |
| Context | configure service vprn service-name isis number all-l1isis mac-address | |
| Tree | all-l1isis | |
| Default | 01:80:C2:00:00:14 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
all-l2isis mac-address
| Synopsis | Destination MAC address for all L2 IS-IS routers | |
| Context | configure service vprn service-name isis number all-l2isis mac-address | |
| Tree | all-l2isis | |
| Default | 01:80:C2:00:00:15 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
area-address area-address
| Synopsis | Area address portion of the NSAP address | |
| Context | configure service vprn service-name isis number area-address area-address | |
| Tree | area-address | |
| String length | 2 to 38 | |
| Max. instances | 3 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
authentication-check boolean
| Synopsis | Perform authentication check to reject mismatch PDUs | |
| Context | configure service vprn service-name isis number authentication-check boolean | |
| Tree | authentication-check | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
authentication-key encrypted-leaf
| Synopsis | Authentication key to verify PDUs sent from neighbors | |
| Context | configure service vprn service-name isis number authentication-key encrypted-leaf | |
| Tree | authentication-key | |
| String length | 1 to 366 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authentication-keychain reference
| Synopsis | Keychain used to sign and authenticate | |
| Context | configure service vprn service-name isis number authentication-keychain reference | |
| Tree | authentication-keychain | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authentication-type keyword
| Synopsis | Authentication type | |
| Context | configure service vprn service-name isis number authentication-type keyword | |
| Tree | authentication-type | |
| Options | ||
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
csnp-authentication boolean
| Synopsis | Authenticate individual IS-IS packets of the CSNP type | |
| Context | configure service vprn service-name isis number csnp-authentication boolean | |
| Tree | csnp-authentication | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
csnp-on-p2p boolean
| Synopsis | Send periodic CSNP PDUs on point-to-point interfaces | |
| Context | configure service vprn service-name isis number csnp-on-p2p boolean | |
| Tree | csnp-on-p2p | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
default-route-tag number
| Synopsis | Route tag for the default route | |
| Context | configure service vprn service-name isis number default-route-tag number | |
| Tree | default-route-tag | |
| Range | 1 to 4294967295 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
export-limit
| Synopsis | Enable the export-limit context | |
| Context | configure service vprn service-name isis number export-limit | |
| Tree | export-limit | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
log-percent number
| Synopsis | Export limit before warning and SNMP notification sent | |
| Context | configure service vprn service-name isis number export-limit log-percent number | |
| Tree | log-percent | |
| Range | 1 to 100 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
number number
export-policy reference
| Synopsis | Export policies that determine exported routes | |
| Context | configure service vprn service-name isis number export-policy reference | |
| Tree | export-policy | |
Description | This command configures export routing policies for the routes exported from the routing table to IS-IS. If the export policy is undefined, the system does not export non IS-IS routes from the routing table manager to IS-IS. If multiple policy names are specified, the policies are evaluated in the order they are specified. The first policy that matches is applied. If the aggregate command is also configured in the configure router context, the aggregation is applied before the export policy is applied. Routing policies are created in the configure router policy-options context. | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
graceful-restart
| Synopsis | Enable the graceful-restart context | |
| Context | configure service vprn service-name isis number graceful-restart | |
| Tree | graceful-restart | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
helper-mode boolean
| Synopsis | Enable the Graceful Restart helper for IS-IS | |
| Context | configure service vprn service-name isis number graceful-restart helper-mode boolean | |
| Tree | helper-mode | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
hello-authentication boolean
| Synopsis | Authenticate Hello type IS-IS protocol packets | |
| Context | configure service vprn service-name isis number hello-authentication boolean | |
| Tree | hello-authentication | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
hello-padding keyword
| Synopsis | IS-IS Hello message padding | |
| Context | configure service vprn service-name isis number hello-padding keyword | |
| Tree | hello-padding | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
ignore-attached-bit boolean
| Synopsis | Ignore attached bit on received Layer 1 LSPs | |
| Context | configure service vprn service-name isis number ignore-attached-bit boolean | |
| Tree | ignore-attached-bit | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ignore-lsp-errors boolean
| Synopsis | Ignore LSP packets with errors | |
| Context | configure service vprn service-name isis number ignore-lsp-errors boolean | |
| Tree | ignore-lsp-errors | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ignore-narrow-metric boolean
| Synopsis | Ignore links with narrow metrics | |
| Context | configure service vprn service-name isis number ignore-narrow-metric boolean | |
| Tree | ignore-narrow-metric | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
iid-tlv boolean
import-policy reference
| Synopsis | Import policy names for routes from IGP to route table | |
| Context | configure service vprn service-name isis number import-policy reference | |
| Tree | import-policy | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
interface [interface-name] interface-name
[interface-name] interface-name
admin-state keyword
| Synopsis | Administrative state of the IS-IS interface | |
| Context | configure service vprn service-name isis number interface interface-name admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bfd-liveness
| Synopsis | Enter the bfd-liveness context | |
| Context | configure service vprn service-name isis number interface interface-name bfd-liveness | |
| Tree | bfd-liveness | |
Description | Commands in this context enable the use of bidirectional forwarding (BFD) to control IPv4 and IPv6 adjacencies. Enabling BFD on an IPv4 or IPv6 protocol interface ties the protocol interface state to the BFD session state between the local and remote nodes. BFD must be enabled on the applicable IP interface. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4
include-bfd-tlv boolean
| Synopsis | Enable IS-IS BFD TLVs on the interface | |
| Context | configure service vprn service-name isis number interface interface-name bfd-liveness ipv4 include-bfd-tlv boolean | |
| Tree | include-bfd-tlv | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ipv6
include-bfd-tlv boolean
| Synopsis | Enable IS-IS BFD TLVs on the interface | |
| Context | configure service vprn service-name isis number interface interface-name bfd-liveness ipv6 include-bfd-tlv boolean | |
| Tree | include-bfd-tlv | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
csnp-interval number
| Synopsis | Time interval between successive CSN PDUs sent | |
| Context | configure service vprn service-name isis number interface interface-name csnp-interval number | |
| Tree | csnp-interval | |
| Range | 1 to 65535 | |
| Units | seconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
default-instance boolean
| Synopsis | Allow non-MI capable router to establish an adjacency | |
| Context | configure service vprn service-name isis number interface interface-name default-instance boolean | |
| Tree | default-instance | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
hello-authentication boolean
| Synopsis | Authenticate Hello type IS-IS protocol packets | |
| Context | configure service vprn service-name isis number interface interface-name hello-authentication boolean | |
| Tree | hello-authentication | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
hello-authentication-key encrypted-leaf
| Synopsis | Authentication key or hash string for Hello PDUs | |
| Context | configure service vprn service-name isis number interface interface-name hello-authentication-key encrypted-leaf | |
| Tree | hello-authentication-key | |
| String length | 1 to 366 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
hello-authentication-keychain reference
| Synopsis | Authentication keychain to use for the session | |
| Context | configure service vprn service-name isis number interface interface-name hello-authentication-keychain reference | |
| Tree | hello-authentication-keychain | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
hello-authentication-type keyword
| Synopsis | Hello authentication type | |
| Context | configure service vprn service-name isis number interface interface-name hello-authentication-type keyword | |
| Tree | hello-authentication-type | |
| Options | ||
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
hello-padding keyword
| Synopsis | Padding on IS-IS Hello packets | |
| Context | configure service vprn service-name isis number interface interface-name hello-padding keyword | |
| Tree | hello-padding | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
interface-type keyword
| Synopsis | Interface type to broadcast, point-to-point, or to be default | |
| Context | configure service vprn service-name isis number interface interface-name interface-type keyword | |
| Tree | interface-type | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
ipv4-multicast boolean
| Synopsis | Enable IPv4 multicast routing for the interface | |
| Context | configure service vprn service-name isis number interface interface-name ipv4-multicast boolean | |
| Tree | ipv4-multicast | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ipv6-unicast boolean
| Synopsis | Enable IPv6 unicast routing for the interface | |
| Context | configure service vprn service-name isis number interface interface-name ipv6-unicast boolean | |
| Tree | ipv6-unicast | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
level [level-number] keyword
[level-number] keyword
hello-authentication-key encrypted-leaf
| Synopsis | Authentication key for Hello PDUs | |
| Context | configure service vprn service-name isis number interface interface-name level keyword hello-authentication-key encrypted-leaf | |
| Tree | hello-authentication-key | |
Description | This command configures the authentication key (password) for Hello PDUs. Both the Hello authentication key and the Hello authentication type on a segment must match. If both IS-IS and Hello authentication are configured, Hello messages are validated using Hello authentication. If only IS-IS authentication is configured, it is used to authenticate all IS-IS (including Hello) protocol PDUs. | |
| String length | 1 to 366 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
hello-authentication-keychain reference
| Synopsis | Authentication keychain to use for the session | |
| Context | configure service vprn service-name isis number interface interface-name level keyword hello-authentication-keychain reference | |
| Tree | hello-authentication-keychain | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
hello-authentication-type keyword
| Synopsis | Hello authentication enabled on the context | |
| Context | configure service vprn service-name isis number interface interface-name level keyword hello-authentication-type keyword | |
| Tree | hello-authentication-type | |
Description | This command enables Hello authentication at the level context. Both the Hello authentication key and the Hello authentication type on a segment must match. The Hello authentication-key statement must also be included. | |
| Options | ||
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
hello-interval number
| Synopsis | Interval between Hello messages sent on this level | |
| Context | configure service vprn service-name isis number interface interface-name level keyword hello-interval number | |
| Tree | hello-interval | |
| Range | 1 to 20000 | |
| Units | seconds | |
| Default | 9 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
hello-multiplier number
| Synopsis | Hello messages missed from neighbor before router declares adjacency down | |
| Context | configure service vprn service-name isis number interface interface-name level keyword hello-multiplier number | |
| Tree | hello-multiplier | |
| Range | 2 to 100 | |
| Default | 3 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
hello-padding keyword
| Synopsis | Padding on IS-IS Hello packets | |
| Context | configure service vprn service-name isis number interface interface-name level keyword hello-padding keyword | |
| Tree | hello-padding | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
ipv4-multicast-metric number
| Synopsis | IS-IS interface metric applied for IPv4 multicast | |
| Context | configure service vprn service-name isis number interface interface-name level keyword ipv4-multicast-metric number | |
| Tree | ipv4-multicast-metric | |
| Range | 1 to 16777215 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv6-unicast-metric number
| Synopsis | IS-IS interface metric applied for IPv6 unicast | |
| Context | configure service vprn service-name isis number interface interface-name level keyword ipv6-unicast-metric number | |
| Tree | ipv6-unicast-metric | |
| Range | 1 to 16777215 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
metric number
passive boolean
priority number
sd-offset number
sf-offset number
level-capability keyword
| Synopsis | IS-IS levels for this interface | |
| Context | configure service vprn service-name isis number interface interface-name level-capability keyword | |
| Tree | level-capability | |
| Options | ||
| Default | 1/2 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
load-balancing-weight number
| Synopsis | Load balancing weight | |
| Context | configure service vprn service-name isis number interface interface-name load-balancing-weight number | |
| Tree | load-balancing-weight | |
| Max. range | 0 to 4294967295 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
loopfree-alternate
| Synopsis | Enter the loopfree-alternate context | |
| Context | configure service vprn service-name isis number interface interface-name loopfree-alternate | |
| Tree | loopfree-alternate | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
exclude boolean
policy-map
| Synopsis | Enable the policy-map context | |
| Context | configure service vprn service-name isis number interface interface-name loopfree-alternate policy-map | |
| Tree | policy-map | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
route-nh-template reference
| Synopsis | Route next hop policy template name | |
| Context | configure service vprn service-name isis number interface interface-name loopfree-alternate policy-map route-nh-template reference | |
| Tree | route-nh-template | |
Reference | configure routing-options route-next-hop-policy template named-item | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
lsp-pacing-interval number
| Synopsis | Interval for sending LSPs from interface | |
| Context | configure service vprn service-name isis number interface interface-name lsp-pacing-interval number | |
| Tree | lsp-pacing-interval | |
| Range | 0 to 65535 | |
| Units | milliseconds | |
| Default | 100 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mesh-group
| Synopsis | Enable the mesh-group context | |
| Context | configure service vprn service-name isis number interface interface-name mesh-group | |
| Tree | mesh-group | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
blocked
value number
passive boolean
retransmit-interval number
| Synopsis | Minimum time between LSP PDU retransmissions on point-to-point interface | |
| Context | configure service vprn service-name isis number interface interface-name retransmit-interval number | |
| Tree | retransmit-interval | |
| Range | 1 to 65535 | |
| Units | seconds | |
| Default | 5 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
tag number
ipv4-multicast-routing keyword
| Synopsis | IS-IS topology for IPv4 multicast routing | |
| Context | configure service vprn service-name isis number ipv4-multicast-routing keyword | |
| Tree | ipv4-multicast-routing | |
| Options | ||
| Default | native | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ipv4-routing boolean
| Synopsis | Support IPv4 routing for IS-IS instance | |
| Context | configure service vprn service-name isis number ipv4-routing boolean | |
| Tree | ipv4-routing | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ipv6-routing keyword
| Synopsis | Routing topology for IPv6 | |
| Context | configure service vprn service-name isis number ipv6-routing keyword | |
| Tree | ipv6-routing | |
| Options | ||
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
level [level-number] keyword
[level-number] keyword
advertise-router-capability boolean
| Synopsis | Allow router advertisement capabilities | |
| Context | configure service vprn service-name isis number level keyword advertise-router-capability boolean | |
| Tree | advertise-router-capability | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
authentication-key encrypted-leaf
| Synopsis | Authentication key to verify PDUs sent on the interface | |
| Context | configure service vprn service-name isis number level keyword authentication-key encrypted-leaf | |
| Tree | authentication-key | |
Description | This command sets the authentication key used to verify PDUs sent by neighboring routers on the interface. Neighboring routers use passwords to authenticate PDUs sent from an interface. For authentication to work, both the authentication key and the authentication type on a segment must match. The authentication-type command must also be included. | |
| String length | 1 to 366 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authentication-keychain reference
| Synopsis | Keychain used to sign and authenticate | |
| Context | configure service vprn service-name isis number level keyword authentication-keychain reference | |
| Tree | authentication-keychain | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authentication-type keyword
| Synopsis | Authentication type to be used | |
| Context | configure service vprn service-name isis number level keyword authentication-type keyword | |
| Tree | authentication-type | |
| Options | ||
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
csnp-authentication boolean
| Synopsis | Enable authentication of CSNP IS-IS protocol packets | |
| Context | configure service vprn service-name isis number level keyword csnp-authentication boolean | |
| Tree | csnp-authentication | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
default-ipv4-multicast-metric number
| Synopsis | Default metric for IPv4 unicast | |
| Context | configure service vprn service-name isis number level keyword default-ipv4-multicast-metric number | |
| Tree | default-ipv4-multicast-metric | |
| Range | 1 to 16777215 | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
default-ipv6-unicast-metric number
| Synopsis | Default metric for IPv6 unicast | |
| Context | configure service vprn service-name isis number level keyword default-ipv6-unicast-metric number | |
| Tree | default-ipv6-unicast-metric | |
| Range | 1 to 16777215 | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
default-metric number
| Synopsis | Default metric | |
| Context | configure service vprn service-name isis number level keyword default-metric number | |
| Tree | default-metric | |
| Range | 1 to 16777215 | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
external-preference number
| Synopsis | External route preference for IS-IS level | |
| Context | configure service vprn service-name isis number level keyword external-preference number | |
| Tree | external-preference | |
| Range | 1 to 255 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
hello-authentication boolean
| Synopsis | Authenticate Hello type IS-IS protocol packets | |
| Context | configure service vprn service-name isis number level keyword hello-authentication boolean | |
| Tree | hello-authentication | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
hello-padding keyword
| Synopsis | Padding on IS-IS Hello packets | |
| Context | configure service vprn service-name isis number level keyword hello-padding keyword | |
| Tree | hello-padding | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
loopfree-alternate-exclude boolean
| Synopsis | Exclude interface participating in specific IS-IS level in SPF LFA computation | |
| Context | configure service vprn service-name isis number level keyword loopfree-alternate-exclude boolean | |
| Tree | loopfree-alternate-exclude | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
lsp-mtu-size number
| Synopsis | LSP MTU size | |
| Context | configure service vprn service-name isis number level keyword lsp-mtu-size number | |
| Tree | lsp-mtu-size | |
| Range | 490 to 9778 | |
| Units | bytes | |
| Default | 1492 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
preference number
| Synopsis | External route preference at level | |
| Context | configure service vprn service-name isis number level keyword preference number | |
| Tree | preference | |
| Range | 1 to 255 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
psnp-authentication boolean
| Synopsis | Enable authentication on PSNP IS-IS protocol packets | |
| Context | configure service vprn service-name isis number level keyword psnp-authentication boolean | |
| Tree | psnp-authentication | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
wide-metrics-only boolean
| Synopsis | Use wide metrics advertisements in the LSPs | |
| Context | configure service vprn service-name isis number level keyword wide-metrics-only boolean | |
| Tree | wide-metrics-only | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
level-capability keyword
| Synopsis | Routing level for instance | |
| Context | configure service vprn service-name isis number level-capability keyword | |
| Tree | level-capability | |
| Options | ||
| Default | 1/2 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
link-group [link-group-name] named-item
| Synopsis | Enter the link-group list instance | |
| Context | configure service vprn service-name isis number link-group named-item | |
| Tree | link-group | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[link-group-name] named-item
| Synopsis | Link group name for the IS-IS protocol | |
| Context | configure service vprn service-name isis number link-group named-item | |
| Tree | link-group | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
description very-long-description
| Synopsis | Text description | |
| Context | configure service vprn service-name isis number link-group named-item description very-long-description | |
| Tree | description | |
| String length | 1 to 255 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
level [level-number] keyword
[level-number] keyword
ipv4-multicast-metric-offset number
| Synopsis | Offset value for the IPv4 multicast address family | |
| Context | configure service vprn service-name isis number link-group named-item level keyword ipv4-multicast-metric-offset number | |
| Tree | ipv4-multicast-metric-offset | |
| Range | 1 to 16777215 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4-unicast-metric-offset number
| Synopsis | Offset value for the IPv4 unicast address family | |
| Context | configure service vprn service-name isis number link-group named-item level keyword ipv4-unicast-metric-offset number | |
| Tree | ipv4-unicast-metric-offset | |
| Range | 1 to 16777215 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv6-unicast-metric-offset number
| Synopsis | Offset value for the IPv6 unicast address family | |
| Context | configure service vprn service-name isis number link-group named-item level keyword ipv6-unicast-metric-offset number | |
| Tree | ipv6-unicast-metric-offset | |
| Range | 1 to 16777215 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
member [interface-name] reference
[interface-name] reference
| Synopsis | Interface name for the associated link group | |
| Context | configure service vprn service-name isis number link-group named-item level keyword member reference | |
| Tree | member | |
Reference | configure service vprn service-name isis number interface interface-name | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
oper-members number
| Synopsis | Minimum number of operational links | |
| Context | configure service vprn service-name isis number link-group named-item level keyword oper-members number | |
| Tree | oper-members | |
| Range | 1 to 8 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
revert-members number
| Synopsis | Minimum number of operational links to return link group to normal state and remove offsets | |
| Context | configure service vprn service-name isis number link-group named-item level keyword revert-members number | |
| Tree | revert-members | |
| Range | 1 to 8 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
loopfree-alternate
| Synopsis | Enable the loopfree-alternate context | |
| Context | configure service vprn service-name isis number loopfree-alternate | |
| Tree | loopfree-alternate | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
exclude
prefix-policy reference
| Synopsis | Policy to exclude prefixes from LFA SPF calculation | |
| Context | configure service vprn service-name isis number loopfree-alternate exclude prefix-policy reference | |
| Tree | prefix-policy | |
Description | This command specifies the name of the policy for the prefixes to exclude from the LFA SPF calculation. An excluded prefix is not included in LFA calculation regardless of its priority. The prefix tag is, however, used in the main SPF. | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
lsp-lifetime number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Amount of time during which an LSP is considered valid | |
| Context | configure service vprn service-name isis number lsp-lifetime number | |
| Tree | lsp-lifetime | |
| Range | 350 to 65535 | |
| Units | seconds | |
| Default | 1200 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
lsp-minimum-remaining-lifetime number
| Synopsis | Minimum value for the Remaining Lifetime of an LSP | |
| Context | configure service vprn service-name isis number lsp-minimum-remaining-lifetime number | |
| Tree | lsp-minimum-remaining-lifetime | |
| Range | 350 to 65535 | |
| Units | seconds | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
lsp-mtu-size number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | LSP MTU size | |
| Context | configure service vprn service-name isis number lsp-mtu-size number | |
| Tree | lsp-mtu-size | |
| Range | 490 to 9778 | |
| Units | bytes | |
| Default | 1492 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
lsp-refresh
| Synopsis | Enter the lsp-refresh context | |
| Context | configure service vprn service-name isis number lsp-refresh | |
| Tree | lsp-refresh | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
half-lifetime boolean
| Synopsis | Set the refresh interval to always be half the LSP lifetime | |
| Context | configure service vprn service-name isis number lsp-refresh half-lifetime boolean | |
| Tree | half-lifetime | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
interval number
multi-topology
| Synopsis | Enable the multi-topology context | |
| Context | configure service vprn service-name isis number multi-topology | |
| Tree | multi-topology | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4-multicast boolean
| Synopsis | Support IPv4 topology (MT3) | |
| Context | configure service vprn service-name isis number multi-topology ipv4-multicast boolean | |
| Tree | ipv4-multicast | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ipv6-unicast boolean
| Synopsis | Support multi-topology TLVs | |
| Context | configure service vprn service-name isis number multi-topology ipv6-unicast boolean | |
| Tree | ipv6-unicast | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
multicast-import
| Synopsis | Enter the multicast-import context | |
| Context | configure service vprn service-name isis number multicast-import | |
| Tree | multicast-import | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4 boolean
overload
max-metric boolean
| Synopsis | Advertise transit links with maximum metric instead of setting overload bit | |
| Context | configure service vprn service-name isis number overload max-metric boolean | |
| Tree | max-metric | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
overload-export-external boolean
| Synopsis | Advertise the external routes when router is in overloaded | |
| Context | configure service vprn service-name isis number overload-export-external boolean | |
| Tree | overload-export-external | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
overload-export-interlevel boolean
| Synopsis | Advertise the inter-level routes when router is overloaded | |
| Context | configure service vprn service-name isis number overload-export-interlevel boolean | |
| Tree | overload-export-interlevel | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
overload-fib-error-notify-only
| Synopsis | Enable the overload-fib-error-notify-only context | |
| Context | configure service vprn service-name isis number overload-fib-error-notify-only | |
| Tree | overload-fib-error-notify-only | |
Description | Commands in this context configure the IS-IS router to send a notification when an overload condition occurs while programming the FIB, instead of advertising the overload condition of the router in the IS-IS LSP. Note: Nokia recommends being careful using this command. When you configure the router not to advertise the IS-IS overload state in the IS-IS LSP, other routers are not instructed to take the overloaded router out of the IS-IS forwarding topology and this will cause suboptimal forwarding and non-deterministic behavior on the overloaded router. To avoid changing the default IS-IS overflow behavior, leave this command disabled. When this command is configured, the IS-IS router enters a suboptimal state where it sends only a notification trap; transit traffic can still use the router in this state. The IS-IS router tracks the segment routing prefix SIDs where FIB programming failed. With the retry command configured, the router retries programming the segment routing prefix SIDs in the FIB using this tracked information. When this command is not configured, during normal operation, the system may force the router to enter an overload state because of a lack of FIB resources. In this state, the router is used to terminate traffic and is not used to transit traffic. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
retry number
| Synopsis | Time to retry programming failed entries in the FIB | |
| Context | configure service vprn service-name isis number overload-fib-error-notify-only retry number | |
| Tree | retry | |
Description | This command configures the time the router uses to retry programming the failed entries in the FIB. The overload-fib-error-notify-only command must be configured to use the retry timer. The removal of the overload-fib-error-notify-only configuration causes the system to program the failed entries in the FIB by triggering an immediate SPF. | |
| Range | 10 to 1800 | |
| Units | seconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
overload-on-boot
| Synopsis | Enable the overload-on-boot context | |
| Context | configure service vprn service-name isis number overload-on-boot | |
| Tree | overload-on-boot | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
max-metric boolean
| Synopsis | Advertise transit links with maximum metric instead of setting overload bit | |
| Context | configure service vprn service-name isis number overload-on-boot max-metric boolean | |
| Tree | max-metric | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
timeout number
poi-tlv boolean
prefix-attributes-tlv boolean
| Synopsis | Use IS-IS Prefix Attributes TLV to exchange extended IPv4 and IPv6 reachability information | |
| Context | configure service vprn service-name isis number prefix-attributes-tlv boolean | |
| Tree | prefix-attributes-tlv | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
prefix-limit
| Synopsis | Enable the prefix-limit context | |
| Context | configure service vprn service-name isis number prefix-limit | |
| Tree | prefix-limit | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
limit number
log-only boolean
overload-timeout (number | keyword)
| Synopsis | Time in overload state when prefix limit is reached | |
| Context | configure service vprn service-name isis number prefix-limit overload-timeout (number | keyword) | |
| Tree | overload-timeout | |
| Range | 1 to 1800 | |
| Units | seconds | |
| Options | ||
| Default | forever | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
warning-threshold number
| Synopsis | Threshold value to trigger a warning message to be sent | |
| Context | configure service vprn service-name isis number prefix-limit warning-threshold number | |
| Tree | warning-threshold | |
| Range | 0 to 100 | |
| Units | percent | |
| Default | 0 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
psnp-authentication boolean
| Synopsis | Authenticate individual IS-IS protocol packets of partial sequence number PDU (PSNP) type | |
| Context | configure service vprn service-name isis number psnp-authentication boolean | |
| Tree | psnp-authentication | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
reference-bandwidth number
| Synopsis | Reference bandwidth for bandwidth relative costing | |
| Context | configure service vprn service-name isis number reference-bandwidth number | |
| Tree | reference-bandwidth | |
| Range | 1 to 18446744073709551615 | |
| Units | kilobps | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
rib-priority
| Synopsis | Enter the rib-priority context | |
| Context | configure service vprn service-name isis number rib-priority | |
| Tree | rib-priority | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
high
prefix-list reference
| Synopsis | List used to select routes processed at higher priority through OSPF route calculation process | |
| Context | configure service vprn service-name isis number rib-priority high prefix-list reference | |
| Tree | prefix-list | |
Reference | configure policy-options prefix-list named-item-64 | |
Notes | The following elements are part of a choice: prefix-list or tag. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
tag number
router-id router-id
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Unique router ID for the ISIS instance | |
| Context | configure service vprn service-name isis number router-id router-id | |
| Tree | router-id | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
standard-multi-instance boolean
| Synopsis | Enable RFC standards compliant multi-instance behavior | |
| Context | configure service vprn service-name isis number standard-multi-instance boolean | |
| Tree | standard-multi-instance | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
strict-adjacency-check boolean
| Synopsis | Enable strict checking of address families for IS-IS adjacencies | |
| Context | configure service vprn service-name isis number strict-adjacency-check boolean | |
| Tree | strict-adjacency-check | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
summary-address [ip-prefix] (ipv4-prefix | ipv6-prefix)
| Synopsis | Enter the summary-address list instance | |
| Context | configure service vprn service-name isis number summary-address (ipv4-prefix | ipv6-prefix) | |
| Tree | summary-address | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[ip-prefix] (ipv4-prefix | ipv6-prefix)
| Synopsis | IP prefix for the summary address | |
| Context | configure service vprn service-name isis number summary-address (ipv4-prefix | ipv6-prefix) | |
| Tree | summary-address | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
level-capability keyword
| Synopsis | IS-IS level for the summary address | |
| Context | configure service vprn service-name isis number summary-address (ipv4-prefix | ipv6-prefix) level-capability keyword | |
| Tree | level-capability | |
| Options | ||
| Default | 1/2 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
route-tag number
suppress-attached-bit boolean
| Synopsis | Allow IS-IS to suppress setting attached bit on LSPs | |
| Context | configure service vprn service-name isis number suppress-attached-bit boolean | |
| Tree | suppress-attached-bit | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
system-id system-id
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | System ID | |
| Context | configure service vprn service-name isis number system-id system-id | |
| Tree | system-id | |
| String length | 14 | |
| Default | 0000.0000.0000 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
timers
lsp-wait
lsp-initial-wait number
| Synopsis | Initial LSP generation delay | |
| Context | configure service vprn service-name isis number timers lsp-wait lsp-initial-wait number | |
| Tree | lsp-initial-wait | |
| Range | 10 to 100000 | |
| Units | milliseconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
lsp-max-wait number
| Synopsis | Maximum time between two consecutive LSP occurrences | |
| Context | configure service vprn service-name isis number timers lsp-wait lsp-max-wait number | |
| Tree | lsp-max-wait | |
| Range | 10 to 120000 | |
| Units | milliseconds | |
| Default | 5000 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
lsp-second-wait number
| Synopsis | Delay between first and second LSP generation | |
| Context | configure service vprn service-name isis number timers lsp-wait lsp-second-wait number | |
| Tree | lsp-second-wait | |
| Range | 10 to 100000 | |
| Units | milliseconds | |
| Default | 1000 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
spf-wait
spf-initial-wait number
| Synopsis | Initial SPF calculation delay after topology change | |
| Context | configure service vprn service-name isis number timers spf-wait spf-initial-wait number | |
| Tree | spf-initial-wait | |
| Range | 10 to 100000 | |
| Units | milliseconds | |
| Default | 1000 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
spf-max-wait number
| Synopsis | Maximum interval amid two consecutive SPF calculations | |
| Context | configure service vprn service-name isis number timers spf-wait spf-max-wait number | |
| Tree | spf-max-wait | |
| Range | 10 to 120000 | |
| Units | milliseconds | |
| Default | 10000 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
spf-second-wait number
| Synopsis | Hold time between first and second SPF calculations | |
| Context | configure service vprn service-name isis number timers spf-wait spf-second-wait number | |
| Tree | spf-second-wait | |
| Range | 10 to 100000 | |
| Units | milliseconds | |
| Default | 1000 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
unicast-import
| Synopsis | Enter the unicast-import context | |
| Context | configure service vprn service-name isis number unicast-import | |
| Tree | unicast-import | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4 boolean
ipv6 boolean
label-mode keyword
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Allocation mode for VPRN service labels | |
| Context | configure service vprn service-name label-mode keyword | |
| Tree | label-mode | |
| Options | ||
| Default | vrf | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
local-routes-domain-id domain-id
| Synopsis | Local routes domain ID | |
| Context | configure service vprn service-name local-routes-domain-id domain-id | |
| Tree | local-routes-domain-id | |
Description | This command specifies the domain ID that is used in the D-PATH attribute for local routes before those routes are exported to a BGP neighbor using BGP-IPVPN, EVPN-IFF, EVPN-IFL, or PE-CE BGP. A local route is a non-BGP route installed in the VPRN route table and learned using static route or an IGP. The domain IDs are used in the D-PATH attribute, in accordance with draft-ietf-bess-evpn-ipvpn-interworking. Gateway routers modify the D-PATH attribute. A gateway is a PE where a VPRN is instantiated. The VPRN in this case advertises or receives routes from multiple BGP owners (for example, EVPN IFL and BGP IPVPN). Gateways use the D-PATH attribute to detect loops (for received routes where the D-PATH contains a local domain ID) and to make BGP best-path selection decisions based on the D-PATH length (shorter D-PATH is preferred). | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
log
filter [filter-name] log-filter-name
[filter-name] log-filter-name
default-action keyword
| Synopsis | Default action for the event filter | |
| Context | configure service vprn service-name log filter log-filter-name default-action keyword | |
| Tree | default-action | |
| Options | ||
| Default | forward | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
description description
| Synopsis | Text description | |
| Context | configure service vprn service-name log filter log-filter-name description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
named-entry [entry-name] log-filter-entry-name
| Synopsis | Enter the named-entry list instance | |
| Context | configure service vprn service-name log filter log-filter-name named-entry log-filter-entry-name | |
| Tree | named-entry | |
Description | Commands in this context create or edit an event filter entry. | |
| Max. instances | 999 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[entry-name] log-filter-entry-name
| Synopsis | Entry name | |
| Context | configure service vprn service-name log filter log-filter-name named-entry log-filter-entry-name | |
| Tree | named-entry | |
| String length | 1 to 64 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
action keyword
description description
| Synopsis | Text description | |
| Context | configure service vprn service-name log filter log-filter-name named-entry log-filter-entry-name description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
match
application
| Synopsis | Enter the application context | |
| Context | configure service vprn service-name log filter log-filter-name named-entry log-filter-entry-name match application | |
| Tree | application | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
eq keyword
| Synopsis | Application to match | |
| Context | configure service vprn service-name log filter log-filter-name named-entry log-filter-entry-name match application eq keyword | |
| Tree | eq | |
| Options | ||
Notes | The following elements are part of a choice: eq or neq. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
neq keyword
| Synopsis | Application to be filtered out | |
| Context | configure service vprn service-name log filter log-filter-name named-entry log-filter-entry-name match application neq keyword | |
| Tree | neq | |
| Options | ||
Notes | The following elements are part of a choice: eq or neq. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
event
eq number
| Synopsis | Log event message to match | |
| Context | configure service vprn service-name log filter log-filter-name named-entry log-filter-entry-name match event eq number | |
| Tree | eq | |
| Range | 1 to 4294967295 | |
Notes | The following elements are part of a choice: eq, gt, gte, lt, lte, or neq. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
gt number
| Synopsis | Number of the log event to match | |
| Context | configure service vprn service-name log filter log-filter-name named-entry log-filter-entry-name match event gt number | |
| Tree | gt | |
| Range | 1 to 4294967295 | |
Notes | The following elements are part of a choice: eq, gt, gte, lt, lte, or neq. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
gte number
| Synopsis | Number of the log event to match | |
| Context | configure service vprn service-name log filter log-filter-name named-entry log-filter-entry-name match event gte number | |
| Tree | gte | |
| Range | 1 to 4294967295 | |
Notes | The following elements are part of a choice: eq, gt, gte, lt, lte, or neq. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
lt number
| Synopsis | Number of the log event to match | |
| Context | configure service vprn service-name log filter log-filter-name named-entry log-filter-entry-name match event lt number | |
| Tree | lt | |
| Range | 1 to 4294967295 | |
Notes | The following elements are part of a choice: eq, gt, gte, lt, lte, or neq. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
lte number
| Synopsis | Number of the log event to match | |
| Context | configure service vprn service-name log filter log-filter-name named-entry log-filter-entry-name match event lte number | |
| Tree | lte | |
| Range | 1 to 4294967295 | |
Notes | The following elements are part of a choice: eq, gt, gte, lt, lte, or neq. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
neq number
| Synopsis | Log event message to filter out | |
| Context | configure service vprn service-name log filter log-filter-name named-entry log-filter-entry-name match event neq number | |
| Tree | neq | |
| Range | 1 to 4294967295 | |
Notes | The following elements are part of a choice: eq, gt, gte, lt, lte, or neq. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
message
eq string
neq string
| Synopsis | Log event message to be filtered out | |
| Context | configure service vprn service-name log filter log-filter-name named-entry log-filter-entry-name match message neq string | |
| Tree | neq | |
| String length | 1 to 400 | |
Notes | The following elements are part of a choice: eq or neq. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
regexp boolean
severity
eq keyword
| Synopsis | Log event severity level to match | |
| Context | configure service vprn service-name log filter log-filter-name named-entry log-filter-entry-name match severity eq keyword | |
| Tree | eq | |
| Options | ||
|
Notes | The following elements are part of a choice: eq, gt, gte, lt, lte, or neq. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
gt keyword
| Synopsis | Log event severity level | |
| Context | configure service vprn service-name log filter log-filter-name named-entry log-filter-entry-name match severity gt keyword | |
| Tree | gt | |
| Options | ||
|
Notes | The following elements are part of a choice: eq, gt, gte, lt, lte, or neq. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
gte keyword
| Synopsis | Log event severity level | |
| Context | configure service vprn service-name log filter log-filter-name named-entry log-filter-entry-name match severity gte keyword | |
| Tree | gte | |
| Options | ||
|
Notes | The following elements are part of a choice: eq, gt, gte, lt, lte, or neq. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
lt keyword
| Synopsis | Log event severity level | |
| Context | configure service vprn service-name log filter log-filter-name named-entry log-filter-entry-name match severity lt keyword | |
| Tree | lt | |
| Options | ||
|
Notes | The following elements are part of a choice: eq, gt, gte, lt, lte, or neq. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
lte keyword
| Synopsis | Log event severity level | |
| Context | configure service vprn service-name log filter log-filter-name named-entry log-filter-entry-name match severity lte keyword | |
| Tree | lte | |
| Options | ||
|
Notes | The following elements are part of a choice: eq, gt, gte, lt, lte, or neq. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
neq keyword
| Synopsis | Log event severity level to filter out | |
| Context | configure service vprn service-name log filter log-filter-name named-entry log-filter-entry-name match severity neq keyword | |
| Tree | neq | |
| Options | ||
|
Notes | The following elements are part of a choice: eq, gt, gte, lt, lte, or neq. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
subject
eq named-item
| Synopsis | Log event subject string to match | |
| Context | configure service vprn service-name log filter log-filter-name named-entry log-filter-entry-name match subject eq named-item | |
| Tree | eq | |
| String length | 1 to 32 | |
Notes | The following elements are part of a choice: eq or neq. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
neq named-item
| Synopsis | Log event subject string to filter out | |
| Context | configure service vprn service-name log filter log-filter-name named-entry log-filter-entry-name match subject neq named-item | |
| Tree | neq | |
| String length | 1 to 32 | |
Notes | The following elements are part of a choice: eq or neq. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
regexp boolean
log-id [name] li-log-name
[name] li-log-name
admin-state keyword
| Synopsis | Administrative state of the log | |
| Context | configure service vprn service-name log log-id li-log-name admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
description description
| Synopsis | Text description | |
| Context | configure service vprn service-name log log-id li-log-name description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
destination
| Synopsis | Enter the destination context | |
| Context | configure service vprn service-name log log-id li-log-name destination | |
| Tree | destination | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
netconf
max-entries number
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Number of events stored in the NETCONF log | |
| Context | configure service vprn service-name log log-id li-log-name destination netconf max-entries number | |
| Tree | max-entries | |
| Range | 50 to 3000 | |
| Default | 100 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
snmp
max-entries number
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Number of events stored in the memory log | |
| Context | configure service vprn service-name log log-id li-log-name destination snmp max-entries number | |
| Tree | max-entries | |
| Range | 50 to 3000 | |
| Default | 100 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 | |
syslog reference
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Index with the information to format event messages sent to a specific SYSLOG collector | |
| Context | configure service vprn service-name log log-id li-log-name destination syslog reference | |
| Tree | syslog | |
Reference | configure service vprn service-name log syslog log-vprn-syslog-name | |
Notes | The following elements are part of a choice: netconf, snmp, or syslog. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
filter reference
netconf-stream named-item
| Synopsis | Destination NETCONF stream name | |
| Context | configure service vprn service-name log log-id li-log-name netconf-stream named-item | |
| Tree | netconf-stream | |
| String length | 1 to 32 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
source
change boolean
debug boolean
main boolean
security boolean
time-format keyword
| Synopsis | Time zone output for file log contents and syslog | |
| Context | configure service vprn service-name log log-id li-log-name time-format keyword | |
| Tree | time-format | |
| Options | ||
| Default | utc | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
snmp-trap-group [log-name] svc-vprn-snmp-trap-group-name
| Synopsis | Enter the snmp-trap-group list instance | |
| Context | configure service vprn service-name log snmp-trap-group svc-vprn-snmp-trap-group-name | |
| Tree | snmp-trap-group | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[log-name] svc-vprn-snmp-trap-group-name
| Synopsis | Log ID | |
| Context | configure service vprn service-name log snmp-trap-group svc-vprn-snmp-trap-group-name | |
| Tree | snmp-trap-group | |
| String length | 1 to 17 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
description description
| Synopsis | Text description | |
| Context | configure service vprn service-name log snmp-trap-group svc-vprn-snmp-trap-group-name description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
trap-target [name] string
| Synopsis | Enter the trap-target list instance | |
| Context | configure service vprn service-name log snmp-trap-group svc-vprn-snmp-trap-group-name trap-target string | |
| Tree | trap-target | |
| Max. instances | 25 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
[name] string
| Synopsis | Trap target name | |
| Context | configure service vprn service-name log snmp-trap-group svc-vprn-snmp-trap-group-name trap-target string | |
| Tree | trap-target | |
| String length | 1 to 28 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
address (ipv4-address-no-zone | ipv6-address-no-zone)
| Synopsis | IP address of the trap receiver | |
| Context | configure service vprn service-name log snmp-trap-group svc-vprn-snmp-trap-group-name trap-target string address (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | address | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
description description
| Synopsis | Text description | |
| Context | configure service vprn service-name log snmp-trap-group svc-vprn-snmp-trap-group-name trap-target string description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
notify-community string
| Synopsis | SNMPv1 or SNMPv2c community name string, or SNMPv3 security name, for sending a notification | |
| Context | configure service vprn service-name log snmp-trap-group svc-vprn-snmp-trap-group-name trap-target string notify-community string | |
| Tree | notify-community | |
| String length | 1 to 31 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
port number
| Synopsis | UDP port number to send messages to this remote SNMP notification collector | |
| Context | configure service vprn service-name log snmp-trap-group svc-vprn-snmp-trap-group-name trap-target string port number | |
| Tree | port | |
| Range | 0 | 1 to 65535 | |
| Default | 162 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
replay boolean
| Synopsis | Retransmit missed notifications | |
| Context | configure service vprn service-name log snmp-trap-group svc-vprn-snmp-trap-group-name trap-target string replay boolean | |
| Tree | replay | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
security-level keyword
| Synopsis | Security level at which SNMP notification messages are sent to SNMP notification collector | |
| Context | configure service vprn service-name log snmp-trap-group svc-vprn-snmp-trap-group-name trap-target string security-level keyword | |
| Tree | security-level | |
| Options | ||
| Default | no-auth-no-privacy | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
version keyword
| Synopsis | SNMP version to format notification messages sent to this SNMP notification collector | |
| Context | configure service vprn service-name log snmp-trap-group svc-vprn-snmp-trap-group-name trap-target string version keyword | |
| Tree | version | |
| Options | ||
| Default | snmpv3 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
syslog [syslog-name] log-vprn-syslog-name
[syslog-name] log-vprn-syslog-name
address (ipv4-address-no-zone | ipv6-address-no-zone)
description description
| Synopsis | Text description | |
| Context | configure service vprn service-name log syslog log-vprn-syslog-name description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
facility keyword
hostname
| Synopsis | Enter the hostname context | |
| Context | configure service vprn service-name log syslog log-vprn-syslog-name hostname | |
| Tree | hostname | |
Description | Commands in this context control how the HOSTNAME field of syslog messages is populated. If no command option is configured, the HOSTNAME is populated with an IP address. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
use-system-name
| Synopsis | Enable the use-system-name context | |
| Context | configure service vprn service-name log syslog log-vprn-syslog-name hostname use-system-name | |
| Tree | use-system-name | |
Description | Commands in this context configure the system to use the system name configured with the configure system name command as the HOSTNAME field of syslog messages. Do not use any spaces in the system name if it is used for the syslog HOSTNAME. | |
Notes | The following elements are part of a choice: use-system-name, use-vprn-name, or value. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
use-vprn-name
| Synopsis | Enable the use-vprn-name context | |
| Context | configure service vprn service-name log syslog log-vprn-syslog-name hostname use-vprn-name | |
| Tree | use-vprn-name | |
Description | Commands in this context configure the system to use the VPRN service name configured with the configure service vprn service-name command as the HOSTNAME field of syslog messages sent in this VPRN. Do not use any spaces in the VPRN name if it is used for the syslog HOSTNAME. | |
Notes | The following elements are part of a choice: use-system-name, use-vprn-name, or value. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
value named-item-255
| Synopsis | Syslog HOSTNAME field value | |
| Context | configure service vprn service-name log syslog log-vprn-syslog-name hostname value named-item-255 | |
| Tree | value | |
Description | This command configures a string as the HOSTNAME field of syslog messages. Do not use any spaces in the string used for the syslog HOSTNAME. | |
| String length | 1 to 255 | |
Notes | The following elements are part of a choice: use-system-name, use-vprn-name, or value. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
log-prefix (keyword | string)
| Synopsis | Prefix string to log message sent to target syslog host | |
| Context | configure service vprn service-name log syslog log-vprn-syslog-name log-prefix (keyword | string) | |
| Tree | log-prefix | |
| String length | 1 to 32 | |
| Options | ||
| Default | TMNX | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
port number
severity keyword
timestamp-format keyword
| Synopsis | Syslog timestamp format | |
| Context | configure service vprn service-name log syslog log-vprn-syslog-name timestamp-format keyword | |
| Tree | timestamp-format | |
| Options | millisecond – Set timestamp format to milliseconds | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
tls-client-profile reference
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | TLS client profile used to encrypt syslog communication | |
| Context | configure service vprn service-name log syslog log-vprn-syslog-name tls-client-profile reference | |
| Tree | tls-client-profile | |
Description | This command specifies the Transport Layer Security (TLS) client profile used to encrypt syslog communications. When configured, syslog messages are sent using TLS. Any change to this command results in a brief interruption of the event log, which may cause the loss of a few syslog messages. When this command is unconfigured, the syslog messages are sent over UDP. | |
Reference | configure system security tls client-tls-profile named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
management
| Synopsis | Enable the management context | |
| Context | configure service vprn service-name management | |
| Tree | management | |
Description | Commands in this context control which management protocols can be used to access the SR OS router via the VPRN router instance. For SNMP control, see the configure service vprn snmp access command. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
allow-ftp boolean
| Synopsis | Allow access to the FTP server | |
| Context | configure service vprn service-name management allow-ftp boolean | |
| Tree | allow-ftp | |
Description | When configured to true, this command allows FTP access to the SR OS router via the VPRN router instance. When configured to false, this command disallows access to the SR OS FTP server. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
allow-grpc boolean
| Synopsis | Allow access to the gRPC server | |
| Context | configure service vprn service-name management allow-grpc boolean | |
| Tree | allow-grpc | |
Description | When configured to true, this command allows access to the gRPC server via the VPRN router instance. When configured to false, this command disallows gRPC server access. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
allow-netconf boolean
| Synopsis | Allow access to the NETCONF server | |
| Context | configure service vprn service-name management allow-netconf boolean | |
| Tree | allow-netconf | |
Description | When configured to true, this command allows NETCONF server access to the SR OS router via the VPRN router instance. When configured to false, this command disallows access to the NETCONF server. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
allow-ssh boolean
| Synopsis | Allow access to the SSH server | |
| Context | configure service vprn service-name management allow-ssh boolean | |
| Tree | allow-ssh | |
Description | When configured to true, this command allows SSH server access to the SR OS router via the VPRN router instance. When configured to false, this command disallows SSH server access. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
allow-telnet boolean
| Synopsis | Allow access to the IPv4 Telnet server | |
| Context | configure service vprn service-name management allow-telnet boolean | |
| Tree | allow-telnet | |
Description | When configured to true, this command allows IPv4 Telnet server access to the SR OS router via the VPRN router instance. When configured to false, this command disallows access to the IPv4 Telnet server. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
allow-telnet6 boolean
| Synopsis | Allow access to the Telnet IPv6 server | |
| Context | configure service vprn service-name management allow-telnet6 boolean | |
| Tree | allow-telnet6 | |
Description | When configured to true, this command allows IPv6 Telnet server access to the SR OS router via the VPRN router instance. When configured to false, this command removes access to the IPv6 Telnet server. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
maximum-ipv4-routes
| Synopsis | Enter the maximum-ipv4-routes context | |
| Context | configure service vprn service-name maximum-ipv4-routes | |
| Tree | maximum-ipv4-routes | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
log-only boolean
| Synopsis | Action when the maximum number of routes, held within a VRF context, is reached | |
| Context | configure service vprn service-name maximum-ipv4-routes log-only boolean | |
| Tree | log-only | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
threshold number
| Synopsis | Mid-level water marker for the number of routes which this VRF holds | |
| Context | configure service vprn service-name maximum-ipv4-routes threshold number | |
| Tree | threshold | |
| Range | 1 to 100 | |
| Units | percent | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
value number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Maximum number of routes that are configured on this virtual router | |
| Context | configure service vprn service-name maximum-ipv4-routes value number | |
| Tree | value | |
| Range | 1 to 2147483647 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
maximum-ipv6-routes
| Synopsis | Enter the maximum-ipv6-routes context | |
| Context | configure service vprn service-name maximum-ipv6-routes | |
| Tree | maximum-ipv6-routes | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
log-only boolean
| Synopsis | Action when the maximum number of routes, held within a VRF context, is reached | |
| Context | configure service vprn service-name maximum-ipv6-routes log-only boolean | |
| Tree | log-only | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
threshold number
| Synopsis | Mid-level water marker for the number of routes which this VRF holds | |
| Context | configure service vprn service-name maximum-ipv6-routes threshold number | |
| Tree | threshold | |
| Range | 1 to 100 | |
| Units | percent | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
value number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Maximum number of routes that are configured on this virtual router | |
| Context | configure service vprn service-name maximum-ipv6-routes value number | |
| Tree | value | |
| Range | 1 to 2147483647 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
mc-maximum-routes
| Synopsis | Enter the mc-maximum-routes context | |
| Context | configure service vprn service-name mc-maximum-routes | |
| Tree | mc-maximum-routes | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
log-only boolean
| Synopsis | Log and allow learning of new multicast routes | |
| Context | configure service vprn service-name mc-maximum-routes log-only boolean | |
| Tree | log-only | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
threshold number
| Synopsis | Maximum multicast routes which the VRF holds | |
| Context | configure service vprn service-name mc-maximum-routes threshold number | |
| Tree | threshold | |
| Range | 1 to 100 | |
| Units | percent | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
value number
| Synopsis | Maximum multicast routes configured on virtual router | |
| Context | configure service vprn service-name mc-maximum-routes value number | |
| Tree | value | |
| Range | 1 to 2147483647 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mld
admin-state keyword
| Synopsis | Administrative state of MLD | |
| Context | configure service vprn service-name mld admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
group-if-query-source-address ipv6-unicast-or-linklocal-address
| Synopsis | Source address in queries for group interfaces when not configured at group interface level | |
| Context | configure service vprn service-name mld group-if-query-source-address ipv6-unicast-or-linklocal-address | |
| Tree | group-if-query-source-address | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
interface [ip-interface-name] interface-name
[ip-interface-name] interface-name
admin-state keyword
| Synopsis | Administrative state of the MLD interface | |
| Context | configure service vprn service-name mld interface interface-name admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
import-policy reference
| Synopsis | Import policy to filter MLD packets | |
| Context | configure service vprn service-name mld interface interface-name import-policy reference | |
| Tree | import-policy | |
Reference | configure policy-options policy-statement named-item-64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
maximum-number-group-sources number
| Synopsis | Maximum number of group sources for this interface | |
| Context | configure service vprn service-name mld interface interface-name maximum-number-group-sources number | |
| Tree | maximum-number-group-sources | |
Description | This command configures the maximum number of group sources for which IGMP or MLD can have local receiver information based on received IGMP or MLD reports on this interface. When this configuration is changed dynamically to a lower value than the currently accepted number of group sources, the group sources that are already accepted are not deleted. Only new group sources are not allowed. | |
| Range | 1 to 32000 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
maximum-number-groups number
| Synopsis | Maximum number of groups for this interface | |
| Context | configure service vprn service-name mld interface interface-name maximum-number-groups number | |
| Tree | maximum-number-groups | |
| Range | 1 to 16000 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
maximum-number-sources number
| Synopsis | Maximum number of sources that are allowed per group | |
| Context | configure service vprn service-name mld interface interface-name maximum-number-sources number | |
| Tree | maximum-number-sources | |
| Range | 1 to 1000 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
query-interval number
| Synopsis | Time between two consecutive host-query messages | |
| Context | configure service vprn service-name mld interface interface-name query-interval number | |
| Tree | query-interval | |
| Range | 2 to 1024 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
query-last-member-interval number
| Synopsis | Time between group-specific query messages | |
| Context | configure service vprn service-name mld interface interface-name query-last-member-interval number | |
| Tree | query-last-member-interval | |
| Range | 1 to 1023 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
query-response-interval number
| Synopsis | Time to wait for a response to the host-query messages | |
| Context | configure service vprn service-name mld interface interface-name query-response-interval number | |
| Tree | query-response-interval | |
| Range | 1 to 1023 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
router-alert-check boolean
| Synopsis | Enable router alert checking for IGMP or MLD messages | |
| Context | configure service vprn service-name mld interface interface-name router-alert-check boolean | |
| Tree | router-alert-check | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ssm-translate
| Synopsis | Enter the ssm-translate context | |
| Context | configure service vprn service-name mld interface interface-name ssm-translate | |
| Tree | ssm-translate | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
group-range start ipv6-multicast-address end ipv6-multicast-address
| Synopsis | Enter the group-range list instance | |
| Context | configure service vprn service-name mld interface interface-name ssm-translate group-range start ipv6-multicast-address end ipv6-multicast-address | |
| Tree | group-range | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
start ipv6-multicast-address
| Synopsis | Lower bound of the group range | |
| Context | configure service vprn service-name mld interface interface-name ssm-translate group-range start ipv6-multicast-address end ipv6-multicast-address | |
| Tree | group-range | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
end ipv6-multicast-address
| Synopsis | Upper bound of the group range | |
| Context | configure service vprn service-name mld interface interface-name ssm-translate group-range start ipv6-multicast-address end ipv6-multicast-address | |
| Tree | group-range | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
source [source-address] ipv6-unicast-address
| Synopsis | Add a list entry for source | |
| Context | configure service vprn service-name mld interface interface-name ssm-translate group-range start ipv6-multicast-address end ipv6-multicast-address source ipv6-unicast-address | |
| Tree | source | |
| Min. instances | 1 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
[source-address] ipv6-unicast-address
| Synopsis | Source IP address | |
| Context | configure service vprn service-name mld interface interface-name ssm-translate group-range start ipv6-multicast-address end ipv6-multicast-address source ipv6-unicast-address | |
| Tree | source | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
static
group [group-address] ipv6-multicast-address
[group-address] ipv6-multicast-address
source [source-address] ipv6-unicast-address
| Synopsis | Add a list entry for source | |
| Context | configure service vprn service-name mld interface interface-name static group ipv6-multicast-address source ipv6-unicast-address | |
| Tree | source | |
Notes | The following elements are part of a mandatory choice: source or starg. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[source-address] ipv6-unicast-address
starg
group-range start ipv6-multicast-address end ipv6-multicast-address step ipv6-address
| Synopsis | Enter the group-range list instance | |
| Context | configure service vprn service-name mld interface interface-name static group-range start ipv6-multicast-address end ipv6-multicast-address step ipv6-address | |
| Tree | group-range | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
start ipv6-multicast-address
| Synopsis | Lower bound of the static multicast group | |
| Context | configure service vprn service-name mld interface interface-name static group-range start ipv6-multicast-address end ipv6-multicast-address step ipv6-address | |
| Tree | group-range | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
end ipv6-multicast-address
| Synopsis | Upper bound of the static multicast group | |
| Context | configure service vprn service-name mld interface interface-name static group-range start ipv6-multicast-address end ipv6-multicast-address step ipv6-address | |
| Tree | group-range | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
step ipv6-address
| Synopsis | Step interval for the group-range addresses | |
| Context | configure service vprn service-name mld interface interface-name static group-range start ipv6-multicast-address end ipv6-multicast-address step ipv6-address | |
| Tree | group-range | |
| MD-CLI default | ::1 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
source [source-address] ipv6-unicast-address
| Synopsis | Add a list entry for source | |
| Context | configure service vprn service-name mld interface interface-name static group-range start ipv6-multicast-address end ipv6-multicast-address step ipv6-address source ipv6-unicast-address | |
| Tree | source | |
Notes | The following elements are part of a mandatory choice: source or starg. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[source-address] ipv6-unicast-address
| Synopsis | Source IP address | |
| Context | configure service vprn service-name mld interface interface-name static group-range start ipv6-multicast-address end ipv6-multicast-address step ipv6-address source ipv6-unicast-address | |
| Tree | source | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
starg
| Synopsis | any source address (*,G) | |
| Context | configure service vprn service-name mld interface interface-name static group-range start ipv6-multicast-address end ipv6-multicast-address step ipv6-address starg | |
| Tree | starg | |
Notes | The following elements are part of a mandatory choice: source or starg. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
version keyword
query-interval number
| Synopsis | Time between two consecutive host-query messages | |
| Context | configure service vprn service-name mld query-interval number | |
| Tree | query-interval | |
| Range | 2 to 1024 | |
| Units | seconds | |
| Default | 125 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
query-last-member-interval number
| Synopsis | Time between group-specific query messages | |
| Context | configure service vprn service-name mld query-last-member-interval number | |
| Tree | query-last-member-interval | |
| Range | 1 to 1023 | |
| Units | seconds | |
| Default | 1 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
query-response-interval number
| Synopsis | Time to wait for a response to the host-query messages | |
| Context | configure service vprn service-name mld query-response-interval number | |
| Tree | query-response-interval | |
| Range | 1 to 1023 | |
| Units | seconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
robust-count number
| Synopsis | Number of retries after expected message loss | |
| Context | configure service vprn service-name mld robust-count number | |
| Tree | robust-count | |
| Range | 2 to 10 | |
| Default | 2 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
ssm-translate
| Synopsis | Enter the ssm-translate context | |
| Context | configure service vprn service-name mld ssm-translate | |
| Tree | ssm-translate | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
group-range start ipv6-multicast-address end ipv6-multicast-address
| Synopsis | Enter the group-range list instance | |
| Context | configure service vprn service-name mld ssm-translate group-range start ipv6-multicast-address end ipv6-multicast-address | |
| Tree | group-range | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
start ipv6-multicast-address
| Synopsis | Lower bound of the group range | |
| Context | configure service vprn service-name mld ssm-translate group-range start ipv6-multicast-address end ipv6-multicast-address | |
| Tree | group-range | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
end ipv6-multicast-address
| Synopsis | Upper bound of the group range | |
| Context | configure service vprn service-name mld ssm-translate group-range start ipv6-multicast-address end ipv6-multicast-address | |
| Tree | group-range | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
source [source-address] ipv6-unicast-address
| Synopsis | Add a list entry for source | |
| Context | configure service vprn service-name mld ssm-translate group-range start ipv6-multicast-address end ipv6-multicast-address source ipv6-unicast-address | |
| Tree | source | |
| Min. instances | 1 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
[source-address] ipv6-unicast-address
| Synopsis | Source IP address | |
| Context | configure service vprn service-name mld ssm-translate group-range start ipv6-multicast-address end ipv6-multicast-address source ipv6-unicast-address | |
| Tree | source | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
nat
inside
large-scale
| Synopsis | Enter the large-scale context | |
| Context | configure service vprn service-name nat inside large-scale | |
| Tree | large-scale | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
nat-policy reference
|
WARNING: Modifying this element clears ISA state, such as flow state, for the new value to take effect. | ||
| Synopsis | NAT policy name for LSN | |
| Context | configure service vprn service-name nat inside large-scale nat-policy reference | |
| Tree | nat-policy | |
Reference | configure service nat nat-policy external-named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
nat44
destination-prefix [ip-prefix-length] ipv4-unicast-prefix
| Synopsis | Enter the destination-prefix list instance | |
| Context | configure service vprn service-name nat inside large-scale nat44 destination-prefix ipv4-unicast-prefix | |
| Tree | destination-prefix | |
| Max. instances | 6144 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[ip-prefix-length] ipv4-unicast-prefix
| Synopsis | IP prefix for the destination address | |
| Context | configure service vprn service-name nat inside large-scale nat44 destination-prefix ipv4-unicast-prefix | |
| Tree | destination-prefix | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
nat-policy reference
|
WARNING: Modifying this element clears ISA state, such as flow state, for the new value to take effect. | ||
| Synopsis | NAT policy | |
| Context | configure service vprn service-name nat inside large-scale nat44 destination-prefix ipv4-unicast-prefix nat-policy reference | |
| Tree | nat-policy | |
Reference | configure service nat nat-policy external-named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
deterministic
| Synopsis | Enter the deterministic context | |
| Context | configure service vprn service-name nat inside large-scale nat44 deterministic | |
| Tree | deterministic | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
address-map [from] ipv4-address to ipv4-address nat-policy reference
| Synopsis | Enter the address-map list instance | |
| Context | configure service vprn service-name nat inside large-scale nat44 deterministic address-map ipv4-address to ipv4-address nat-policy reference | |
| Tree | address-map | |
Description | Commands in this context map inside IPv4 addresses of deterministic NAT44 subscribers to the outside IPv4 addresses in a NAT pool. This context is only applicable to deterministic NAT44 with a single ESA-VM in a NAT-group. The number of subscribers per outside IPv4 address is flexible and not restricted to a discrete range governed by the 2^n rule. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[from] ipv4-address
| Synopsis | First IP address of inside IP NAT range | |
| Context | configure service vprn service-name nat inside large-scale nat44 deterministic address-map ipv4-address to ipv4-address nat-policy reference | |
| Tree | address-map | |
Description | This command specifies the starting IPv4 address, IPv6 address, or IPv6 prefix on the inside IP address range. | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
to ipv4-address
| Synopsis | Ending IP address of inside IP NAT range | |
| Context | configure service vprn service-name nat inside large-scale nat44 deterministic address-map ipv4-address to ipv4-address nat-policy reference | |
| Tree | address-map | |
Description | This command specifies the ending IPv4 address, IPv6 address, or IPv6 prefix on the inside IP address range. | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
nat-policy reference
| Synopsis | NAT policy name for LSN | |
| Context | configure service vprn service-name nat inside large-scale nat44 deterministic address-map ipv4-address to ipv4-address nat-policy reference | |
| Tree | address-map | |
Reference | configure service nat nat-policy external-named-item | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of address map | |
| Context | configure service vprn service-name nat inside large-scale nat44 deterministic address-map ipv4-address to ipv4-address nat-policy reference admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
outside-range ipv4-address
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | First outside IP address in NAT pool | |
| Context | configure service vprn service-name nat inside large-scale nat44 deterministic address-map ipv4-address to ipv4-address nat-policy reference outside-range ipv4-address | |
| Tree | outside-range | |
Description | This command specifies the first outside IP address in the NAT pool. The last outside IP address is determined by the number of subscribers mapped to an outside IP address via the configure router nat outside pool large-scale subscriber-limit and configure service vprn nat outside pool large-scale subscriber-limit commands. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
prefix-map [source-prefix] ipv4-unicast-prefix nat-policy reference
| Synopsis | Enter the prefix-map list instance | |
| Context | configure service vprn service-name nat inside large-scale nat44 deterministic prefix-map ipv4-unicast-prefix nat-policy reference | |
| Tree | prefix-map | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[source-prefix] ipv4-unicast-prefix
| Synopsis | Traffic sent from sources within this prefix will be NATed | |
| Context | configure service vprn service-name nat inside large-scale nat44 deterministic prefix-map ipv4-unicast-prefix nat-policy reference | |
| Tree | prefix-map | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
nat-policy reference
| Synopsis | NAT policy | |
| Context | configure service vprn service-name nat inside large-scale nat44 deterministic prefix-map ipv4-unicast-prefix nat-policy reference | |
| Tree | prefix-map | |
Reference | configure service nat nat-policy external-named-item | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the prefix | |
| Context | configure service vprn service-name nat inside large-scale nat44 deterministic prefix-map ipv4-unicast-prefix nat-policy reference admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
map [from] ipv4-address to ipv4-address
| Synopsis | Enter the map list instance | |
| Context | configure service vprn service-name nat inside large-scale nat44 deterministic prefix-map ipv4-unicast-prefix nat-policy reference map ipv4-address to ipv4-address | |
| Tree | map | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[from] ipv4-address
| Synopsis | First IP address of inside IP NAT range | |
| Context | configure service vprn service-name nat inside large-scale nat44 deterministic prefix-map ipv4-unicast-prefix nat-policy reference map ipv4-address to ipv4-address | |
| Tree | map | |
Description | This command specifies the starting IPv4 address, IPv6 address, or IPv6 prefix on the inside IP address range. | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
to ipv4-address
| Synopsis | Ending IP address of inside IP NAT range | |
| Context | configure service vprn service-name nat inside large-scale nat44 deterministic prefix-map ipv4-unicast-prefix nat-policy reference map ipv4-address to ipv4-address | |
| Tree | map | |
Description | This command specifies the ending IPv4 address, IPv6 address, or IPv6 prefix on the inside IP address range. | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
first-outside-address ipv4-address
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Outside IP address mapped to inside IP address range | |
| Context | configure service vprn service-name nat inside large-scale nat44 deterministic prefix-map ipv4-unicast-prefix nat-policy reference map ipv4-address to ipv4-address first-outside-address ipv4-address | |
| Tree | first-outside-address | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
max-subscriber-limit number
|
WARNING: Modifying this element clears ISA state, such as flow state, for the new value to take effect. | ||
| Synopsis | Largest value for all subscriber limits in each deterministic pool | |
| Context | configure service vprn service-name nat inside large-scale nat44 max-subscriber-limit number | |
| Tree | max-subscriber-limit | |
| Range | 1 | 2 | 4 | 8 | 16 | 32 | 64 | 128 | 256 | 512 | 1024 | 2048 | 4096 | 8192 | 16384 | 32768 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
outside
filters
downstream
| Synopsis | Enter the downstream context | |
| Context | configure service vprn service-name nat outside filters downstream | |
| Tree | downstream | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4 reference
upstream
ipv4 reference
mtu number
pool [name] named-item
[name] named-item
address-range [start] ipv4-unicast-address end ipv4-unicast-address
| Synopsis | Enter the address-range list instance | |
| Context | configure service vprn service-name nat outside pool named-item address-range ipv4-unicast-address end ipv4-unicast-address | |
| Tree | address-range | |
| Max. instances | 4096 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[start] ipv4-unicast-address
| Synopsis | Lower bound of the NAT address range | |
| Context | configure service vprn service-name nat outside pool named-item address-range ipv4-unicast-address end ipv4-unicast-address | |
| Tree | address-range | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
end ipv4-unicast-address
| Synopsis | Upper bound of the NAT address range | |
| Context | configure service vprn service-name nat outside pool named-item address-range ipv4-unicast-address end ipv4-unicast-address | |
| Tree | address-range | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
description description
| Synopsis | Text description | |
| Context | configure service vprn service-name nat outside pool named-item address-range ipv4-unicast-address end ipv4-unicast-address description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
drain boolean
admin-state keyword
| Synopsis | Administrative state of the outside routing NAT pool | |
| Context | configure service vprn service-name nat outside pool named-item admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
applications
| Synopsis | Enter the applications context | |
| Context | configure service vprn service-name nat outside pool named-item applications | |
| Tree | applications | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
agnostic boolean
|
WARNING: Modifying this element clears ISA state, such as flow state, for the new value to take effect. | ||
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | NAT pool to create in the outside routing context | |
| Context | configure service vprn service-name nat outside pool named-item applications agnostic boolean | |
| Tree | agnostic | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
description description
| Synopsis | Text description | |
| Context | configure service vprn service-name nat outside pool named-item description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
icmp-echo-reply boolean
| Synopsis | Allow NAT pool IP addresses to respond to ICMP PINGs | |
| Context | configure service vprn service-name nat outside pool named-item icmp-echo-reply boolean | |
| Tree | icmp-echo-reply | |
Description | This command allows IP addresses in the NAT pool to respond to ICMP Echo requests (PINGs). The configuration can be toggled while the pool is in use. In L2-aware NAT when port-block-extensions is disabled, the reply from an outside IP address is generated only when this IP address has at least one host (binding) behind it. In L2-aware NAT when port-block-extensions is enabled, the reply from an outside IP address is generated regardless if a binding is present. In LSN, the reply from an outside IP address is generated regardless if a binding is present. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
large-scale
| Synopsis | Enter the large-scale context | |
| Context | configure service vprn service-name nat outside pool named-item large-scale | |
| Tree | large-scale | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
subscriber-limit number
|
WARNING: Modifying this element clears ISA state, such as flow state, for the new value to take effect. | ||
| Synopsis | Maximum number of subscribers per IP address | |
| Context | configure service vprn service-name nat outside pool named-item large-scale subscriber-limit number | |
| Tree | subscriber-limit | |
| Range | 1 to 65535 | 4294967295 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
mode keyword
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
WARNING: Modifying this element clears ISA state, such as flow state, for the new value to take effect. | ||
| Synopsis | Mode of operation of this NAT address pool | |
| Context | configure service vprn service-name nat outside pool named-item mode keyword | |
| Tree | mode | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
nat-group reference
|
WARNING: Modifying this element clears ISA state, such as flow state, for the new value to take effect. | ||
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Create a NAT group | |
| Context | configure service vprn service-name nat outside pool named-item nat-group reference | |
| Tree | nat-group | |
Reference | ||
Notes | The following elements are part of a mandatory choice: nat-group or wlan-gw-group. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
port-forwarding
| Synopsis | Enter the port-forwarding context | |
| Context | configure service vprn service-name nat outside pool named-item port-forwarding | |
| Tree | port-forwarding | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dynamic-block-reservation boolean
|
WARNING: Modifying this element clears ISA state, such as flow state, for the new value to take effect. | ||
| Synopsis | Reserve dynamic block for subscriber | |
| Context | configure service vprn service-name nat outside pool named-item port-forwarding dynamic-block-reservation boolean | |
| Tree | dynamic-block-reservation | |
Description | When configured to true, the system reserves dynamic port block when the first port forward for the subscriber is created. The dynamic port block allocation is logged only if the block is being used and mappings are created. Dynamic port block reservation due to the port forward creation but without any dynamic mapping, is not logged. The reserved port block is released only when the last mapping in the block expires and there are no port forwards associated with the subscriber. The de-allocation log (syslog or RADIUS) is generated when the dynamic port block is completely released. Dynamic port block reservations can be enabled only if the configured maximum number of subscribers per outside IP addresses are less than or equal to the maximum number of configured port blocks per outside IP address. When configured to false, dynamic port blocks are not reserved when the first port forward for the subscriber is created. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
range-end number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
WARNING: Modifying this element clears ISA state, such as flow state, for the new value to take effect. | ||
| Synopsis | End of the wildcard range for port forwards | |
| Context | configure service vprn service-name nat outside pool named-item port-forwarding range-end number | |
| Tree | range-end | |
Description | This command configures the upper boundary of the wildcard port range dedicated to port forwarding in a NAT pool, whereas the range-start command configures the lower boundary (the starting port) of the wildcard port range dedicated to port forwarding in a NAT pool. If unconfigured, the range-end implicit value is set to 1023, that represents the end of the well-known port range that is always enabled. Port forwards are supported only in pools in NAPT mode. Pools in 1:1 mode do not support port-forwards. | |
| Range | 0 | 1023 to 65535 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
port-reservation
| Synopsis | Enter the port-reservation context | |
| Context | configure service vprn service-name nat outside pool named-item port-reservation | |
| Tree | port-reservation | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
port-blocks number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
WARNING: Modifying this element clears ISA state, such as flow state, for the new value to take effect. | ||
| Synopsis | Port block size for NAT subscribers | |
| Context | configure service vprn service-name nat outside pool named-item port-reservation port-blocks number | |
| Tree | port-blocks | |
Description | In CGN, this command specifies the number of port-blocks per outside IP address in the NAT pool. The available ports per outside IP address (the end port minus the upper bound value of the static port-forwarding range) are divided into the number of port blocks specified in this command. This implicitly determines the size of each port block. For L2-aware NAT, this command can be configured only if the port block extensions (extended port blocks) are disabled. You must disable the l2-aware port-block-extension hierarchy in the NAT pool. | |
| Range | 0 to 64512 | |
Notes | The following elements are part of a choice: port-blocks or ports. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ports number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
WARNING: Modifying this element clears ISA state, such as flow state, for the new value to take effect. | ||
| Synopsis | Size of the port block for NAT subscribers | |
| Context | configure service vprn service-name nat outside pool named-item port-reservation ports number | |
| Tree | ports | |
Description | For carrier-grade NAT (CGN), this command specifies the size of port blocks for NAT subscribers in the NAT pool. For Layer 2 aware NAT, this command specifies the size of the initial port block of a subscriber in the pool. Additional port blocks (extended port blocks) for the Layer 2 aware subscriber must be explicitly enabled under the l2-aware port-block-extension hierarchy in the NAT pool. This command does not affect the size of extended port blocks. For deterministic pools, the port range begins with zero. However, for non-deterministic pools, the port range begins with one. | |
| Range | 0 to 64512 | |
Notes | The following elements are part of a choice: port-blocks or ports. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
type keyword
|
WARNING: Modifying this element clears ISA state, such as flow state, for the new value to take effect. | ||
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | NAT pool type | |
| Context | configure service vprn service-name nat outside pool named-item type keyword | |
| Tree | type | |
| Options | ||
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
watermarks
| Synopsis | Enable the watermarks context | |
| Context | configure service vprn service-name nat outside pool named-item watermarks | |
| Tree | watermarks | |
Description | This command configures watermarks for NAT resources. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
high number
| Synopsis | High watermark percentage | |
| Context | configure service vprn service-name nat outside pool named-item watermarks high number | |
| Tree | high | |
Description | This command configures the high threshold value as a percentage of the total port-block space in a NAT pool. | |
| Range | 0 to 100 | |
| Units | percent | |
Notes |
This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
low number
| Synopsis | Low watermark percentage | |
| Context | configure service vprn service-name nat outside pool named-item watermarks low number | |
| Tree | low | |
Description | This command configures the low threshold value as a percentage of the total port-block space in a NAT pool. | |
| Range | 0 to 100 | |
| Units | percent | |
Notes |
This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
network
ingress
filter
ip reference
ipv6 reference
qos
fp-redirect-group reference
| Synopsis | The forwarding-plane queue group Policy for this VPRN | |
| Context | configure service vprn service-name network ingress qos fp-redirect-group reference | |
| Tree | fp-redirect-group | |
Reference | configure qos queue-group-templates ingress queue-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
instance number
network-policy reference
| Synopsis | Network policy name associated with a VPRN | |
| Context | configure service vprn service-name network ingress qos network-policy reference | |
| Tree | network-policy | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
urpf-check boolean
| Synopsis | Enable unicast RPF check of network ingress traffic | |
| Context | configure service vprn service-name network ingress urpf-check boolean | |
| Tree | urpf-check | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
network-interface [interface-name] interface-name
| Synopsis | Enter the network-interface list instance | |
| Context | configure service vprn service-name network-interface interface-name | |
| Tree | network-interface | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[interface-name] interface-name
| Synopsis | Network interface name | |
| Context | configure service vprn service-name network-interface interface-name | |
| Tree | network-interface | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the interface | |
| Context | configure service vprn service-name network-interface interface-name admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
description very-long-description
| Synopsis | Text description | |
| Context | configure service vprn service-name network-interface interface-name description very-long-description | |
| Tree | description | |
| String length | 1 to 255 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dist-cpu-protection reference
| Synopsis | Distributed CPU protection policy | |
| Context | configure service vprn service-name network-interface interface-name dist-cpu-protection reference | |
| Tree | dist-cpu-protection | |
Reference | configure system security dist-cpu-protection policy named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
egress
| Synopsis | Enter the egress context | |
| Context | configure service vprn service-name network-interface interface-name egress | |
| Tree | egress | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
filter
ip reference
hold-time
| Synopsis | Enter the hold-time context | |
| Context | configure service vprn service-name network-interface interface-name hold-time | |
| Tree | hold-time | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4
down
| Synopsis | Enter the down context | |
| Context | configure service vprn service-name network-interface interface-name hold-time ipv4 down | |
| Tree | down | |
Description | Commands in this context configure the down hold timer, which specifies the delay before activating the associated interface. The delay is invoked whenever the system attempts to bring the associated IP interface up, unless an operator configures the init-only command. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
init-only boolean
| Synopsis | Apply delay only at interface configuration or reboot | |
| Context | configure service vprn service-name network-interface interface-name hold-time ipv4 down init-only boolean | |
| Tree | init-only | |
Description | This command applies a delay only when the IP interface is first configured or after a system reboot. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
seconds number
up
| Synopsis | Enter the up context | |
| Context | configure service vprn service-name network-interface interface-name hold-time ipv4 up | |
| Tree | up | |
Description | Commands in this context configure the up hold timer, which specifies the delay before deactivation of the associated interface. The delay is invoked whenever the system attempts to bring the associated IP interface down. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
seconds number
ingress
| Synopsis | Enter the ingress context | |
| Context | configure service vprn service-name network-interface interface-name ingress | |
| Tree | ingress | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
filter
ip reference
ip-mtu number
| Synopsis | IP MTU applied to outgoing packets | |
| Context | configure service vprn service-name network-interface interface-name ip-mtu number | |
| Tree | ip-mtu | |
Description | This command configures the IP maximum transmission unit (MTU) for the associated router IP interface. | |
| Range | 512 to 9786 | |
| Units | bytes | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
ipv4
| Synopsis | Enter the ipv4 context | |
| Context | configure service vprn service-name network-interface interface-name ipv4 | |
| Tree | ipv4 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
allow-directed-broadcasts boolean
| Synopsis | Accept broadcasts that are directed to this interface | |
| Context | configure service vprn service-name network-interface interface-name ipv4 allow-directed-broadcasts boolean | |
| Tree | allow-directed-broadcasts | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
bfd
admin-state keyword
| Synopsis | Administrative state of BFD sessions | |
| Context | configure service vprn service-name network-interface interface-name ipv4 bfd admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
echo-receive number
| Synopsis | Minimum echo interval over this interface | |
| Context | configure service vprn service-name network-interface interface-name ipv4 bfd echo-receive number | |
| Tree | echo-receive | |
| Range | 100 to 100000 | |
| Units | milliseconds | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
multiplier number
| Synopsis | Number of consecutive BFD messages missed from the peer | |
| Context | configure service vprn service-name network-interface interface-name ipv4 bfd multiplier number | |
| Tree | multiplier | |
Description | This command configures the number of missed messages before the BFD session state is changed to down and the upper-level protocol is notified of the fault. A multiplier of less than 3 should not be used in production environments. | |
| Range | 1 to 20 | |
| Default | 3 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
receive number
| Synopsis | BFD receive interval over this interface | |
| Context | configure service vprn service-name network-interface interface-name ipv4 bfd receive number | |
| Tree | receive | |
Description | This command specifies the receive interval for the BFD session. | |
| Range | 10 to 100000 | |
| Units | milliseconds | |
| Default | 100 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
transmit-interval number
| Synopsis | BFD transmit interval over this interface | |
| Context | configure service vprn service-name network-interface interface-name ipv4 bfd transmit-interval number | |
| Tree | transmit-interval | |
Description | This command configures the transmit intervals. | |
| Range | 10 to 100000 | |
| Units | milliseconds | |
| Default | 100 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
icmp
mask-reply boolean
| Synopsis | Allow responses to ICMP mask requests on the interface | |
| Context | configure service vprn service-name network-interface interface-name ipv4 icmp mask-reply boolean | |
| Tree | mask-reply | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
param-problem
| Synopsis | Enter the param-problem context | |
| Context | configure service vprn service-name network-interface interface-name ipv4 icmp param-problem | |
| Tree | param-problem | |
Description | Commands in this context specify the settings for ICMP Parameter Problem messages generated by the interface. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of sent Parameter Problem messages | |
| Context | configure service vprn service-name network-interface interface-name ipv4 icmp param-problem admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
number number
| Synopsis | Maximum number of Parameter Problem messages to send | |
| Context | configure service vprn service-name network-interface interface-name ipv4 icmp param-problem number number | |
| Tree | number | |
| Range | 10 to 1000 | |
| Default | 100 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
seconds number
| Synopsis | Time used to limit number of Parameter Problem messages | |
| Context | configure service vprn service-name network-interface interface-name ipv4 icmp param-problem seconds number | |
| Tree | seconds | |
| Range | 1 to 60 | |
| Units | seconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
redirects
| Synopsis | Enter the redirects context | |
| Context | configure service vprn service-name network-interface interface-name ipv4 icmp redirects | |
| Tree | redirects | |
Description | Commands in this context configure the settings for ICMP redirect messages generated by the interface. The system sends ICMP redirect messages to alert the sending node that a more optimal route is available on another router on the same subnetwork. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of sending ICMP redirect messages | |
| Context | configure service vprn service-name network-interface interface-name ipv4 icmp redirects admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
number number
seconds number
ttl-expired
| Synopsis | Enter the ttl-expired context | |
| Context | configure service vprn service-name network-interface interface-name ipv4 icmp ttl-expired | |
| Tree | ttl-expired | |
Description | Commands in this context configure the settings for ICMP TTL expired messages generated by the interface. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of sending TTL expired messages | |
| Context | configure service vprn service-name network-interface interface-name ipv4 icmp ttl-expired admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
number number
| Synopsis | Maximum number of TTL expired messages to send | |
| Context | configure service vprn service-name network-interface interface-name ipv4 icmp ttl-expired number number | |
| Tree | number | |
| Range | 10 to 2000 | |
| Default | 100 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
seconds number
| Synopsis | Time used to limit the number of TTL expired messages | |
| Context | configure service vprn service-name network-interface interface-name ipv4 icmp ttl-expired seconds number | |
| Tree | seconds | |
| Range | 1 to 60 | |
| Units | seconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
unreachables
| Synopsis | Enter the unreachables context | |
| Context | configure service vprn service-name network-interface interface-name ipv4 icmp unreachables | |
| Tree | unreachables | |
Description | Commands in this context specify the settings for ICMP host and network destination unreachable messages generated by the interface. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of sending unreachable messages | |
| Context | configure service vprn service-name network-interface interface-name ipv4 icmp unreachables admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
number number
| Synopsis | Maximum number of unreachable messages to send | |
| Context | configure service vprn service-name network-interface interface-name ipv4 icmp unreachables number number | |
| Tree | number | |
| Range | 10 to 2000 | |
| Default | 100 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
seconds number
| Synopsis | Time to limit the number of ICMP unreachable messages | |
| Context | configure service vprn service-name network-interface interface-name ipv4 icmp unreachables seconds number | |
| Tree | seconds | |
| Range | 1 to 60 | |
| Units | seconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
neighbor-discovery
| Synopsis | Enter the neighbor-discovery context | |
| Context | configure service vprn service-name network-interface interface-name ipv4 neighbor-discovery | |
| Tree | neighbor-discovery | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
retry-timer number
| Synopsis | ARP retry interval | |
| Context | configure service vprn service-name network-interface interface-name ipv4 neighbor-discovery retry-timer number | |
| Tree | retry-timer | |
| Range | 1 to 300 | |
| Units | deciseconds | |
| Default | 50 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
static-neighbor [ipv4-address] ipv4-address
| Synopsis | Enter the static-neighbor list instance | |
| Context | configure service vprn service-name network-interface interface-name ipv4 neighbor-discovery static-neighbor ipv4-address | |
| Tree | static-neighbor | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[ipv4-address] ipv4-address
| Synopsis | IPv4 address that corresponds to the physical address | |
| Context | configure service vprn service-name network-interface interface-name ipv4 neighbor-discovery static-neighbor ipv4-address | |
| Tree | static-neighbor | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mac-address mac-address
| Synopsis | MAC address for the static neighbor | |
| Context | configure service vprn service-name network-interface interface-name ipv4 neighbor-discovery static-neighbor ipv4-address mac-address mac-address | |
| Tree | mac-address | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
timeout number
| Synopsis | Timeout for an ARP entry learned on the interface | |
| Context | configure service vprn service-name network-interface interface-name ipv4 neighbor-discovery timeout number | |
| Tree | timeout | |
Description | This command configures the minimum time an ARP entry learned on the IP interface is stored in the ARP table. ARP entries are automatically refreshed when an ARP request or gratuitous ARP is seen by an IP host. Otherwise, the ARP entry is aged from the ARP table. | |
| Range | 0 to 65535 | |
| Units | seconds | |
| Default | 14400 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
primary
address ipv4-unicast-address
broadcast keyword
prefix-length number
| Synopsis | IPv4 address prefix length | |
| Context | configure service vprn service-name network-interface interface-name ipv4 primary prefix-length number | |
| Tree | prefix-length | |
| Range | 0 to 32 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
secondary [address] ipv4-unicast-address
[address] ipv4-unicast-address
broadcast keyword
igp-inhibit boolean
| Synopsis | Disable the running IGP from recognizing secondary IP | |
| Context | configure service vprn service-name network-interface interface-name ipv4 secondary ipv4-unicast-address igp-inhibit boolean | |
| Tree | igp-inhibit | |
Description | When configured to true, the running IGP does not recognize the secondary IP address as a local interface. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
prefix-length number
| Synopsis | IPv4 address prefix length | |
| Context | configure service vprn service-name network-interface interface-name ipv4 secondary ipv4-unicast-address prefix-length number | |
| Tree | prefix-length | |
| Range | 0 to 32 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
tcp-mss number
urpf-check
| Synopsis | Enable the urpf-check context | |
| Context | configure service vprn service-name network-interface interface-name ipv4 urpf-check | |
| Tree | urpf-check | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ignore-default boolean
| Synopsis | Ignore default route when performing a uRPF check | |
| Context | configure service vprn service-name network-interface interface-name ipv4 urpf-check ignore-default boolean | |
| Tree | ignore-default | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
mode keyword
| Synopsis | Unicast RPF check mode | |
| Context | configure service vprn service-name network-interface interface-name ipv4 urpf-check mode keyword | |
| Tree | mode | |
| Options | strict – Check source address match in RT and interface loose – Check source address match in RT only strict-no-ecmp – Check source address match in ECMP route | |
| Default | strict | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
lag
| Synopsis | Enter the lag context | |
| Context | configure service vprn service-name network-interface interface-name lag | |
| Tree | lag | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
load-balancing
| Synopsis | Enter the load-balancing context | |
| Context | configure service vprn service-name network-interface interface-name load-balancing | |
| Tree | load-balancing | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ip-load-balancing keyword
| Synopsis | IP load-balancing algorithm | |
| Context | configure service vprn service-name network-interface interface-name load-balancing ip-load-balancing keyword | |
| Tree | ip-load-balancing | |
Description | This command specifies whether to include the source address, destination address, or both in LAG or ECMP hash on IP interfaces. Additionally, when the l4-load-balancing command is enabled, this command also includes the source or destination port in the hash inputs. | |
| Options | ||
| Default | both | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
lsr-load-balancing keyword
| Synopsis | LSR load-balancing algorithm | |
| Context | configure service vprn service-name network-interface interface-name load-balancing lsr-load-balancing keyword | |
| Tree | lsr-load-balancing | |
Description | This command specifies whether the IP header is used in the LAG and ECMP LSR hashing algorithm. This is the per-interface setting. | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
loopback
| Synopsis | Use interface as a loopback interface | |
| Context | configure service vprn service-name network-interface interface-name loopback | |
| Tree | loopback | |
Notes | The following elements are part of a choice: loopback or port. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
mac mac-unicast-address
| Synopsis | MAC address for the interface | |
| Context | configure service vprn service-name network-interface interface-name mac mac-unicast-address | |
| Tree | mac | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
port port-and-encap
| Synopsis | Port to bind the interface | |
| Context | configure service vprn service-name network-interface interface-name port port-and-encap | |
| Tree | port | |
| String length | 1 to 45 | |
Notes | The following elements are part of a choice: loopback or port. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
qos
| Synopsis | Enter the qos context | |
| Context | configure service vprn service-name network-interface interface-name qos | |
| Tree | qos | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
egress-instance number
| Synopsis | Port egress queue group instance for this interface | |
| Context | configure service vprn service-name network-interface interface-name qos egress-instance number | |
| Tree | egress-instance | |
Description | This command specifies which instance to associate with this specific network IP interface since multiple instances of the same egress queue-group can be applied to the same port. | |
| Range | 1 to 65535 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
egress-port-redirect-group reference
| Synopsis | QoS queue group name | |
| Context | configure service vprn service-name network-interface interface-name qos egress-port-redirect-group reference | |
| Tree | egress-port-redirect-group | |
Description | This command configures the egress queue group used for all egress forwarding-class redirections specified within the network QoS policy ID. The specified queue group name must exist as an egress queue group applied to the egress context of the port associated with the IP interface. | |
Reference | configure qos queue-group-templates egress queue-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ingress-fp-redirect-group reference
| Synopsis | Forwarding plane queue group policy for the interface | |
| Context | configure service vprn service-name network-interface interface-name qos ingress-fp-redirect-group reference | |
| Tree | ingress-fp-redirect-group | |
Description | This command configures the ingress queue-group used for all ingress forwarding-class redirections specified within the network QoS policy ID. The specified queue group name must exist as an ingress queue group applied to the ingress context of the forwarding plane associated with the IP interface. | |
Reference | configure qos queue-group-templates ingress queue-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ingress-instance number
| Synopsis | Forwarding plane ingress queue group for this interface | |
| Context | configure service vprn service-name network-interface interface-name qos ingress-instance number | |
| Tree | ingress-instance | |
Description | This command configures which instance to associate with this specific network IP interface. An operator can apply multiple instances of the same ingress queue group to the same forwarding plane. | |
| Range | 1 to 65535 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
network-policy reference
| Synopsis | Network policy name associated with a network interface | |
| Context | configure service vprn service-name network-interface interface-name qos network-policy reference | |
| Tree | network-policy | |
Description | This command associates an existing network policy name with the IP interface. | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
tos-marking-state keyword
| Synopsis | TOS marking state | |
| Context | configure service vprn service-name network-interface interface-name tos-marking-state keyword | |
| Tree | tos-marking-state | |
| Options | ||
| Default | trusted | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ntp
admin-state keyword
| Synopsis | Administrative state of NTP execution | |
| Context | configure service vprn service-name ntp admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authenticate boolean
| Synopsis | Authentication of NTP PDUs when acting as a server | |
| Context | configure service vprn service-name ntp authenticate boolean | |
| Tree | authenticate | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
authentication-check boolean
| Synopsis | Authenticate NTP PDUs and reject mismatches | |
| Context | configure service vprn service-name ntp authentication-check boolean | |
| Tree | authentication-check | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
authentication-key [key-id] number
| Synopsis | Enter the authentication-key list instance | |
| Context | configure service vprn service-name ntp authentication-key number | |
| Tree | authentication-key | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[key-id] number
| Synopsis | Authentication key ID used for NTP packets | |
| Context | configure service vprn service-name ntp authentication-key number | |
| Tree | authentication-key | |
| Range | 1 to 255 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
key encrypted-leaf
type keyword
authentication-keychain reference
| Synopsis | Authentication keychain for unsolicited traffic | |
| Context | configure service vprn service-name ntp authentication-keychain reference | |
| Tree | authentication-keychain | |
Description | This command configures the authentication keychain used to handle unsolicited NTP requests. If a request is received with a key ID that matches both a configured key and the keychain, the MAC is checked first using the key information. If the authentication fails, the MAC is checked using the information from the keychain. | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
broadcast [interface-name] reference
[interface-name] reference
authentication-keychain reference
| Synopsis | Keychain used to authenticate broadcast messages | |
| Context | configure service vprn service-name ntp broadcast reference authentication-keychain reference | |
| Tree | authentication-keychain | |
Description | This command configures the keychain used to authenticate messages sent by this node. The keychain infrastructure is queried using this keychain name to get the youngest key used for generating the authentication value for the message. When an NTP packet is received by this node, the keychain infrastructure is queried using the keychain name and the key ID extracted from the received message to get the key used to perform the authentication check. If authentication does not pass, the packet is rejected. Keychain entries also have a direction. The key ID and authentication keychain are mutually exclusive. When neither one is set, for example, the key ID has a value of '0' and the value of this command is empty, no authentication is performed. | |
Reference | ||
Notes | The following elements are part of a choice: authentication-keychain or key-id. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
key-id reference
| Synopsis | Authentication key and type used by the node | |
| Context | configure service vprn service-name ntp broadcast reference key-id reference | |
| Tree | key-id | |
Reference | configure service vprn service-name ntp authentication-key number | |
Notes | The following elements are part of a choice: authentication-keychain or key-id. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ttl number
version number
ospf [ospf-instance] number
[ospf-instance] number
admin-state keyword
| Synopsis | Administrative state of the OSPF instance | |
| Context | configure service vprn service-name ospf number admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
advertise-router-capability keyword
| Synopsis | Allow router advertisement capabilities | |
| Context | configure service vprn service-name ospf number advertise-router-capability keyword | |
| Tree | advertise-router-capability | |
| Options | ||
| Default | false | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
area [area-id] ipv4-address
[area-id] ipv4-address
advertise-ne-profile reference
| Synopsis | Network element profile to be advertised | |
| Context | configure service vprn service-name ospf number area ipv4-address advertise-ne-profile reference | |
| Tree | advertise-ne-profile | |
Reference | configure system network-element-discovery profile named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
advertise-router-capability boolean
| Synopsis | Allow router advertisement capabilities | |
| Context | configure service vprn service-name ospf number area ipv4-address advertise-router-capability boolean | |
| Tree | advertise-router-capability | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
area-range [ip-prefix-mask] ipv4-unicast-prefix
| Synopsis | Enter the area-range list instance | |
| Context | configure service vprn service-name ospf number area ipv4-address area-range ipv4-unicast-prefix | |
| Tree | area-range | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[ip-prefix-mask] ipv4-unicast-prefix
| Synopsis | IPv4 unicast address prefix and mask | |
| Context | configure service vprn service-name ospf number area ipv4-address area-range ipv4-unicast-prefix | |
| Tree | area-range | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
advertise boolean
blackhole-aggregate boolean
| Synopsis | Install a low priority blackhole route to avoid loops | |
| Context | configure service vprn service-name ospf number area ipv4-address blackhole-aggregate boolean | |
| Tree | blackhole-aggregate | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
export-policy reference
| Synopsis | Type 3 Summary-LSA/OSPFv3 inter-area-prefix-LSA route | |
| Context | configure service vprn service-name ospf number area ipv4-address export-policy reference | |
| Tree | export-policy | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
import-policy reference
| Synopsis | Route imported as Summary Type 3/Inter-Area-Prefix-LSA | |
| Context | configure service vprn service-name ospf number area ipv4-address import-policy reference | |
| Tree | import-policy | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
interface [interface-name] interface-name
[interface-name] interface-name
admin-state keyword
| Synopsis | Administrative state of the OSPF interface | |
| Context | configure service vprn service-name ospf number area ipv4-address interface interface-name admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
advertise-router-capability boolean
| Synopsis | Allow router advertisement capabilities | |
| Context | configure service vprn service-name ospf number area ipv4-address interface interface-name advertise-router-capability boolean | |
| Tree | advertise-router-capability | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
advertise-subnet boolean
| Synopsis | Advertise point-to-point interfaces as subnet routes | |
| Context | configure service vprn service-name ospf number area ipv4-address interface interface-name advertise-subnet boolean | |
| Tree | advertise-subnet | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
authentication-key encrypted-leaf
| Synopsis | Authentication key | |
| Context | configure service vprn service-name ospf number area ipv4-address interface interface-name authentication-key encrypted-leaf | |
| Tree | authentication-key | |
| String length | 1 to 38 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authentication-keychain reference
| Synopsis | TCP authentication keychain for the session | |
| Context | configure service vprn service-name ospf number area ipv4-address interface interface-name authentication-keychain reference | |
| Tree | authentication-keychain | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authentication-type keyword
| Synopsis | Authentication type used on OSPF interface | |
| Context | configure service vprn service-name ospf number area ipv4-address interface interface-name authentication-type keyword | |
| Tree | authentication-type | |
| Options | ||
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
bfd-liveness
| Synopsis | Enable the bfd-liveness context | |
| Context | configure service vprn service-name ospf number area ipv4-address interface interface-name bfd-liveness | |
| Tree | bfd-liveness | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
remain-down-on-failure boolean
| Synopsis | Force adjacency down on failure until session returns | |
| Context | configure service vprn service-name ospf number area ipv4-address interface interface-name bfd-liveness remain-down-on-failure boolean | |
| Tree | remain-down-on-failure | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
strict boolean
| Synopsis | Enable BFD strict mode | |
| Context | configure service vprn service-name ospf number area ipv4-address interface interface-name bfd-liveness strict boolean | |
| Tree | strict | |
Description | When configured to true, the system uses BFD strict-mode. BFD strict-mode mandates that an active BFD session must exist between the OSPF neighbors before establishing a full adjacency. When configured to true, the router uses Link-Local Signaling (LLS) with the B-flag set to instruct the OSPF neighbors that BFD must be enabled on the link. BFD strict-mode requires both sides to have the B-flag set. During OSPFv3 BFD strict-mode operations, the router advertises the local interface IPv4 address TLV using LLS, but the SR OS router continues to use IPv6-based BFD sessions for both the IPv4 and IPv6 address families. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
strict-mode-holddown number
| Synopsis | Adjacency up time delay after BFD session establishment | |
| Context | configure service vprn service-name ospf number area ipv4-address interface interface-name bfd-liveness strict-mode-holddown number | |
| Tree | strict-mode-holddown | |
Description | This command configures a delay timer before bringing up the OSPF adjacency after the BFD session establishment. Holddown helps mitigate potential routing churn when BFD sessions are unstable. The holddown timer is reset when a BFD session operationally toggles. | |
| Range | 1 to 600 | |
| Units | seconds | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
dead-interval number
| Synopsis | OSPF wait time for Hellos before neighbor declared down | |
| Context | configure service vprn service-name ospf number area ipv4-address interface interface-name dead-interval number | |
| Tree | dead-interval | |
| Range | 2 to 65535 | |
| Units | seconds | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
hello-interval number
| Synopsis | Time between OSPF Hellos of this interface | |
| Context | configure service vprn service-name ospf number area ipv4-address interface interface-name hello-interval number | |
| Tree | hello-interval | |
| Range | 1 to 65535 | |
| Units | seconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
interface-type keyword
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Interface type | |
| Context | configure service vprn service-name ospf number area ipv4-address interface interface-name interface-type keyword | |
| Tree | interface-type | |
Description | This command specifies the interface type. broadcast - Broadcast network To significantly improve adjacency forming and network convergence, configure a network as point-to-point if only two routers are connected, even if the network is a broadcast media such as Ethernet. non-broadcast - Non-broadcast network point-to-point - Point-to-point link Set the interface type of an Ethernet link to point-to-point to avoid having to carry the broadcast adjacency maintenance overhead if the Ethernet link provided is used as a point-to-point. p2mp-nbma - Point-to-multipoint on a link without broadcast or multicast support No designated router or backup designated router is elected on this type of interface and all OSPF neighbors connect through individual point-to-point links. Only VPRN and IES services interfaces support this interface type. secondary - Multiple secondary adjacencies allowed A secondary interface allows multiple secondary adjacencies, in addition to the primary adjacency, to be established over a single IP interface. This interface type can also be applied to the system interface and to loopback interfaces to allow them to participate in multiple areas, although no adjacencies are formed over these types of interfaces. | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
load-balancing-weight number
| Synopsis | Load-balancing weight | |
| Context | configure service vprn service-name ospf number area ipv4-address interface interface-name load-balancing-weight number | |
| Tree | load-balancing-weight | |
| Range | 1 to 4294967295 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
loopfree-alternate
| Synopsis | Enter the loopfree-alternate context | |
| Context | configure service vprn service-name ospf number area ipv4-address interface interface-name loopfree-alternate | |
| Tree | loopfree-alternate | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
exclude boolean
policy-map
| Synopsis | Enable the policy-map context | |
| Context | configure service vprn service-name ospf number area ipv4-address interface interface-name loopfree-alternate policy-map | |
| Tree | policy-map | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
route-nh-template reference
| Synopsis | Route next hop policy template name | |
| Context | configure service vprn service-name ospf number area ipv4-address interface interface-name loopfree-alternate policy-map route-nh-template reference | |
| Tree | route-nh-template | |
Reference | configure routing-options route-next-hop-policy template named-item | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
lsa-filter-out keyword
| Synopsis | LSA flooding reduction | |
| Context | configure service vprn service-name ospf number area ipv4-address interface interface-name lsa-filter-out keyword | |
| Tree | lsa-filter-out | |
| Options | ||
| Default | none | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
message-digest-key [key-id] number
| Synopsis | Enter the message-digest-key list instance | |
| Context | configure service vprn service-name ospf number area ipv4-address interface interface-name message-digest-key number | |
| Tree | message-digest-key | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[key-id] number
| Synopsis | Message digest index | |
| Context | configure service vprn service-name ospf number area ipv4-address interface interface-name message-digest-key number | |
| Tree | message-digest-key | |
| Range | 1 to 255 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
md5 encrypted-leaf
metric number
mtu number
neighbor [address] ipv4-unicast-address
[address] ipv4-unicast-address
passive boolean
poll-interval number
| Synopsis | Interval for Hellos to non-adjacent OSPF NBMA neighbor | |
| Context | configure service vprn service-name ospf number area ipv4-address interface interface-name poll-interval number | |
| Tree | poll-interval | |
| Max. range | 0 to 4294967295 | |
| Units | seconds | |
| Default | 120 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
priority number
retransmit-interval number
| Synopsis | Time before OSPF retransmits an unacknowledged LSA | |
| Context | configure service vprn service-name ospf number area ipv4-address interface interface-name retransmit-interval number | |
| Tree | retransmit-interval | |
| Range | 1 to 1800 | |
| Units | seconds | |
| Default | 5 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
rib-priority keyword
| Synopsis | RIB priority for OSPF | |
| Context | configure service vprn service-name ospf number area ipv4-address interface interface-name rib-priority keyword | |
| Tree | rib-priority | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
transit-delay number
| Synopsis | Required LSA transmit time | |
| Context | configure service vprn service-name ospf number area ipv4-address interface interface-name transit-delay number | |
| Tree | transit-delay | |
| Range | 1 to 1800 | |
| Units | seconds | |
| Default | 1 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
loopfree-alternate-exclude boolean
| Synopsis | Exclude interfaces in OSPF areas in SPF LFA computation | |
| Context | configure service vprn service-name ospf number area ipv4-address loopfree-alternate-exclude boolean | |
| Tree | loopfree-alternate-exclude | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
nssa
area-range [ip-prefix-mask] ipv4-unicast-prefix
| Synopsis | Enter the area-range list instance | |
| Context | configure service vprn service-name ospf number area ipv4-address nssa area-range ipv4-unicast-prefix | |
| Tree | area-range | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[ip-prefix-mask] ipv4-unicast-prefix
| Synopsis | IPv4 unicast address prefix and mask | |
| Context | configure service vprn service-name ospf number area ipv4-address nssa area-range ipv4-unicast-prefix | |
| Tree | area-range | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
advertise boolean
originate-default-route
| Synopsis | Enable the originate-default-route context | |
| Context | configure service vprn service-name ospf number area ipv4-address nssa originate-default-route | |
| Tree | originate-default-route | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
adjacency-check boolean
| Synopsis | Perform adjacency checks before originating a default route | |
| Context | configure service vprn service-name ospf number area ipv4-address nssa originate-default-route adjacency-check boolean | |
| Tree | adjacency-check | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
type-nssa boolean
redistribute-external boolean
| Synopsis | Redistribute external routes into the NSSA | |
| Context | configure service vprn service-name ospf number area ipv4-address nssa redistribute-external boolean | |
| Tree | redistribute-external | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
summaries boolean
sham-link [interface] interface-name ip-address ipv4-unicast-address
[interface] interface-name
| Synopsis | Local interface name used for the sham-link | |
| Context | configure service vprn service-name ospf number area ipv4-address sham-link interface-name ip-address ipv4-unicast-address | |
| Tree | sham-link | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ip-address ipv4-unicast-address
admin-state keyword
| Synopsis | Administrative state of the OSPF interface | |
| Context | configure service vprn service-name ospf number area ipv4-address sham-link interface-name ip-address ipv4-unicast-address admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authentication-key encrypted-leaf
| Synopsis | Authentication key to send and receive OSPF packets | |
| Context | configure service vprn service-name ospf number area ipv4-address sham-link interface-name ip-address ipv4-unicast-address authentication-key encrypted-leaf | |
| Tree | authentication-key | |
| String length | 1 to 38 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authentication-keychain reference
| Synopsis | TCP authentication keychain for the session | |
| Context | configure service vprn service-name ospf number area ipv4-address sham-link interface-name ip-address ipv4-unicast-address authentication-keychain reference | |
| Tree | authentication-keychain | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authentication-type keyword
| Synopsis | Authentication type to be used | |
| Context | configure service vprn service-name ospf number area ipv4-address sham-link interface-name ip-address ipv4-unicast-address authentication-type keyword | |
| Tree | authentication-type | |
| Options | ||
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
dead-interval number
| Synopsis | OSPF wait time for Hellos before neighbor declared down | |
| Context | configure service vprn service-name ospf number area ipv4-address sham-link interface-name ip-address ipv4-unicast-address dead-interval number | |
| Tree | dead-interval | |
| Range | 2 to 65535 | |
| Units | seconds | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
hello-interval number
| Synopsis | Time between OSPF Hellos of this interface | |
| Context | configure service vprn service-name ospf number area ipv4-address sham-link interface-name ip-address ipv4-unicast-address hello-interval number | |
| Tree | hello-interval | |
| Range | 1 to 65535 | |
| Units | seconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
message-digest-key [key-id] number
| Synopsis | Enter the message-digest-key list instance | |
| Context | configure service vprn service-name ospf number area ipv4-address sham-link interface-name ip-address ipv4-unicast-address message-digest-key number | |
| Tree | message-digest-key | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[key-id] number
| Synopsis | Message digest index | |
| Context | configure service vprn service-name ospf number area ipv4-address sham-link interface-name ip-address ipv4-unicast-address message-digest-key number | |
| Tree | message-digest-key | |
| Range | 1 to 255 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
md5 encrypted-leaf
| Synopsis | MD5 key or hash key | |
| Context | configure service vprn service-name ospf number area ipv4-address sham-link interface-name ip-address ipv4-unicast-address message-digest-key number md5 encrypted-leaf | |
| Tree | md5 | |
| String length | 1 to 51 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
metric number
retransmit-interval number
| Synopsis | Time before OSPF retransmits an unacknowledged LSA | |
| Context | configure service vprn service-name ospf number area ipv4-address sham-link interface-name ip-address ipv4-unicast-address retransmit-interval number | |
| Tree | retransmit-interval | |
| Range | 1 to 1800 | |
| Units | seconds | |
| Default | 5 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
transit-delay number
| Synopsis | Required LSA transmit time | |
| Context | configure service vprn service-name ospf number area ipv4-address sham-link interface-name ip-address ipv4-unicast-address transit-delay number | |
| Tree | transit-delay | |
| Range | 1 to 1800 | |
| Units | seconds | |
| Default | 1 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
stub
default-metric number
| Synopsis | Metric used by ABR for default route into the stub area | |
| Context | configure service vprn service-name ospf number area ipv4-address stub default-metric number | |
| Tree | default-metric | |
| Range | 1 to 16777214 | |
| Default | 1 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
summaries boolean
virtual-link [router-id] ipv4-address transit-area reference
| Synopsis | Enter the virtual-link list instance | |
| Context | configure service vprn service-name ospf number area ipv4-address virtual-link ipv4-address transit-area reference | |
| Tree | virtual-link | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[router-id] ipv4-address
| Synopsis | Router identity of the virtual link neighbor | |
| Context | configure service vprn service-name ospf number area ipv4-address virtual-link ipv4-address transit-area reference | |
| Tree | virtual-link | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
transit-area reference
| Synopsis | Transit area that links backbone area to area without physical connection with the backbone | |
| Context | configure service vprn service-name ospf number area ipv4-address virtual-link ipv4-address transit-area reference | |
| Tree | virtual-link | |
Reference | configure service vprn service-name ospf number area ipv4-address | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the OSPF interface | |
| Context | configure service vprn service-name ospf number area ipv4-address virtual-link ipv4-address transit-area reference admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authentication-key encrypted-leaf
| Synopsis | Authentication key | |
| Context | configure service vprn service-name ospf number area ipv4-address virtual-link ipv4-address transit-area reference authentication-key encrypted-leaf | |
| Tree | authentication-key | |
| String length | 1 to 38 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authentication-keychain reference
| Synopsis | TCP authentication keychain for the session | |
| Context | configure service vprn service-name ospf number area ipv4-address virtual-link ipv4-address transit-area reference authentication-keychain reference | |
| Tree | authentication-keychain | |
Reference | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authentication-type keyword
| Synopsis | Authentication type used on OSPF interface | |
| Context | configure service vprn service-name ospf number area ipv4-address virtual-link ipv4-address transit-area reference authentication-type keyword | |
| Tree | authentication-type | |
| Options | ||
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
dead-interval number
| Synopsis | OSPF wait time for Hellos before neighbor declared down | |
| Context | configure service vprn service-name ospf number area ipv4-address virtual-link ipv4-address transit-area reference dead-interval number | |
| Tree | dead-interval | |
| Range | 2 to 65535 | |
| Units | seconds | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
hello-interval number
| Synopsis | Time between OSPF Hellos of this interface | |
| Context | configure service vprn service-name ospf number area ipv4-address virtual-link ipv4-address transit-area reference hello-interval number | |
| Tree | hello-interval | |
| Range | 1 to 65535 | |
| Units | seconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
message-digest-key [key-id] number
| Synopsis | Enter the message-digest-key list instance | |
| Context | configure service vprn service-name ospf number area ipv4-address virtual-link ipv4-address transit-area reference message-digest-key number | |
| Tree | message-digest-key | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[key-id] number
| Synopsis | Message digest index | |
| Context | configure service vprn service-name ospf number area ipv4-address virtual-link ipv4-address transit-area reference message-digest-key number | |
| Tree | message-digest-key | |
| Range | 1 to 255 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
md5 encrypted-leaf
| Synopsis | MD5 hash key | |
| Context | configure service vprn service-name ospf number area ipv4-address virtual-link ipv4-address transit-area reference message-digest-key number md5 encrypted-leaf | |
| Tree | md5 | |
| String length | 1 to 51 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
retransmit-interval number
| Synopsis | Time before OSPF retransmits an unacknowledged LSA | |
| Context | configure service vprn service-name ospf number area ipv4-address virtual-link ipv4-address transit-area reference retransmit-interval number | |
| Tree | retransmit-interval | |
| Range | 1 to 1800 | |
| Units | seconds | |
| Default | 5 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
transit-delay number
| Synopsis | Required LSA transmit time | |
| Context | configure service vprn service-name ospf number area ipv4-address virtual-link ipv4-address transit-area reference transit-delay number | |
| Tree | transit-delay | |
| Range | 1 to 1800 | |
| Units | seconds | |
| Default | 1 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
compatible-rfc1583 boolean
| Synopsis | OSPF summary and external route calculations | |
| Context | configure service vprn service-name ospf number compatible-rfc1583 boolean | |
| Tree | compatible-rfc1583 | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
export-limit
| Synopsis | Enable the export-limit context | |
| Context | configure service vprn service-name ospf number export-limit | |
| Tree | export-limit | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
log-percent number
| Synopsis | Export limit before warning and SNMP notification sent | |
| Context | configure service vprn service-name ospf number export-limit log-percent number | |
| Tree | log-percent | |
| Range | 1 to 100 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
number number
export-policy reference
| Synopsis | Export policies that determine exported routes | |
| Context | configure service vprn service-name ospf number export-policy reference | |
| Tree | export-policy | |
Description | This command configures export routing policies for the routes exported from the routing table to IS-IS. If the export policy is undefined, the system does not export non IS-IS routes from the routing table manager to IS-IS. If multiple policy names are specified, the policies are evaluated in the order they are specified. The first policy that matches is applied. If the aggregate command is also configured in the configure router context, the aggregation is applied before the export policy is applied. Routing policies are created in the configure router policy-options context. | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
external-db-overflow
| Synopsis | Enable the external-db-overflow context | |
| Context | configure service vprn service-name ospf number external-db-overflow | |
| Tree | external-db-overflow | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
interval number
limit number
external-preference number
| Synopsis | Preference for OSPF external routes | |
| Context | configure service vprn service-name ospf number external-preference number | |
| Tree | external-preference | |
| Range | 1 to 255 | |
| Default | 150 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
graceful-restart
| Synopsis | Enable the graceful-restart context | |
| Context | configure service vprn service-name ospf number graceful-restart | |
| Tree | graceful-restart | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
helper-mode boolean
| Synopsis | Enable graceful restart helper for OSPF | |
| Context | configure service vprn service-name ospf number graceful-restart helper-mode boolean | |
| Tree | helper-mode | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
strict-lsa-checking boolean
| Synopsis | Perform strict LSA checking during graceful restart | |
| Context | configure service vprn service-name ospf number graceful-restart strict-lsa-checking boolean | |
| Tree | strict-lsa-checking | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ignore-dn-bit boolean
| Synopsis | Ignore the DN bit for OSPF LSA packets for the instance | |
| Context | configure service vprn service-name ospf number ignore-dn-bit boolean | |
| Tree | ignore-dn-bit | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
import-policy reference
| Synopsis | Import policy names for routes from IGP to route table | |
| Context | configure service vprn service-name ospf number import-policy reference | |
| Tree | import-policy | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
loopfree-alternate
| Synopsis | Enable the loopfree-alternate context | |
| Context | configure service vprn service-name ospf number loopfree-alternate | |
| Tree | loopfree-alternate | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
exclude
prefix-policy reference
| Synopsis | Policy to exclude prefixes from LFA SPF calculation | |
| Context | configure service vprn service-name ospf number loopfree-alternate exclude prefix-policy reference | |
| Tree | prefix-policy | |
Description | This command specifies the name of the policy for the prefixes to exclude from the LFA SPF calculation. An excluded prefix is not included in LFA calculation regardless of its priority. The prefix tag is, however, used in the main SPF. | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
multicast-import boolean
| Synopsis | Submit routes into the multicast Route Table Manager | |
| Context | configure service vprn service-name ospf number multicast-import boolean | |
| Tree | multicast-import | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
overload boolean
overload-include-ext-1 boolean
| Synopsis | Advertise routes with maximum metric value for overload | |
| Context | configure service vprn service-name ospf number overload-include-ext-1 boolean | |
| Tree | overload-include-ext-1 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
overload-include-ext-2 boolean
| Synopsis | Advertise routes with maximum metric value for overload | |
| Context | configure service vprn service-name ospf number overload-include-ext-2 boolean | |
| Tree | overload-include-ext-2 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
overload-include-stub boolean
| Synopsis | Advertise all stub interfaces with max metric value | |
| Context | configure service vprn service-name ospf number overload-include-stub boolean | |
| Tree | overload-include-stub | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
overload-on-boot
| Synopsis | Enable the overload-on-boot context | |
| Context | configure service vprn service-name ospf number overload-on-boot | |
| Tree | overload-on-boot | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
timeout number
preference number
| Synopsis | Preference for OSPF internal routes | |
| Context | configure service vprn service-name ospf number preference number | |
| Tree | preference | |
| Range | 1 to 255 | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
reference-bandwidth number
| Synopsis | Bandwidth to reference default costing of interfaces | |
| Context | configure service vprn service-name ospf number reference-bandwidth number | |
| Tree | reference-bandwidth | |
| Range | 1 to 18446744073709551615 | |
| Units | kilobps | |
| Default | 100000000 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
rib-priority
| Synopsis | Enter the rib-priority context | |
| Context | configure service vprn service-name ospf number rib-priority | |
| Tree | rib-priority | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
high
prefix-list reference
| Synopsis | Higher priority list used during OSPF route calculation | |
| Context | configure service vprn service-name ospf number rib-priority high prefix-list reference | |
| Tree | prefix-list | |
Reference | configure policy-options prefix-list named-item-64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
router-id router-id
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Unique router ID for the OSPF instance | |
| Context | configure service vprn service-name ospf number router-id router-id | |
| Tree | router-id | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
rtr-adv-lsa-limit
| Synopsis | Enable the rtr-adv-lsa-limit context | |
| Context | configure service vprn service-name ospf number rtr-adv-lsa-limit | |
| Tree | rtr-adv-lsa-limit | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
log-only boolean
max-lsa-count number
| Synopsis | Max number of LSAs one router can advertise | |
| Context | configure service vprn service-name ospf number rtr-adv-lsa-limit max-lsa-count number | |
| Tree | max-lsa-count | |
| Range | 1 to 4294967295 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
overload-timeout (number | keyword)
| Synopsis | Maximum time in overload after LSA limit is reached | |
| Context | configure service vprn service-name ospf number rtr-adv-lsa-limit overload-timeout (number | keyword) | |
| Tree | overload-timeout | |
| Range | 1 to 1800 | |
| Units | seconds | |
| Options | ||
| Default | forever | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
warning-threshold number
| Synopsis | Percentage of the max LSA count that causes a warning | |
| Context | configure service vprn service-name ospf number rtr-adv-lsa-limit warning-threshold number | |
| Tree | warning-threshold | |
| Range | 0 to 100 | |
| Units | percent | |
| Default | 0 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
super-backbone boolean
| Synopsis | Enable super backbone functionality | |
| Context | configure service vprn service-name ospf number super-backbone boolean | |
| Tree | super-backbone | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
suppress-dn-bit boolean
| Synopsis | Suppress the DN bit setting for OSPF LSA packets | |
| Context | configure service vprn service-name ospf number suppress-dn-bit boolean | |
| Tree | suppress-dn-bit | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
timers
incremental-spf-wait number
| Synopsis | Delay time before an incremental SPF calculation starts | |
| Context | configure service vprn service-name ospf number timers incremental-spf-wait number | |
| Tree | incremental-spf-wait | |
| Range | 0 to 1000 | |
| Units | milliseconds | |
| Default | 1000 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
lsa-accumulate number
| Synopsis | Delay to gather LSAs before advertising to neighbors | |
| Context | configure service vprn service-name ospf number timers lsa-accumulate number | |
| Tree | lsa-accumulate | |
| Range | 0 to 1000 | |
| Units | milliseconds | |
| Default | 1000 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
lsa-arrival number
| Synopsis | Min delay between receipt of same LSAs from neighbors | |
| Context | configure service vprn service-name ospf number timers lsa-arrival number | |
| Tree | lsa-arrival | |
| Range | 0 to 600000 | |
| Units | milliseconds | |
| Default | 1000 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
lsa-generate
| Synopsis | Enter the lsa-generate context | |
| Context | configure service vprn service-name ospf number timers lsa-generate | |
| Tree | lsa-generate | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
lsa-initial-wait number
| Synopsis | First wait period between OSPF LSA generation | |
| Context | configure service vprn service-name ospf number timers lsa-generate lsa-initial-wait number | |
| Tree | lsa-initial-wait | |
| Range | 10 to 600000 | |
| Units | milliseconds | |
| Default | 5000 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
lsa-second-wait number
| Synopsis | Hold time between the first and second LSA generation | |
| Context | configure service vprn service-name ospf number timers lsa-generate lsa-second-wait number | |
| Tree | lsa-second-wait | |
| Range | 10 to 600000 | |
| Units | milliseconds | |
| Default | 5000 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
max-lsa-wait number
| Synopsis | Max time between two LSAs being generated | |
| Context | configure service vprn service-name ospf number timers lsa-generate max-lsa-wait number | |
| Tree | max-lsa-wait | |
| Range | 10 to 600000 | |
| Units | milliseconds | |
| Default | 5000 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
redistribute-delay number
| Synopsis | Hold down timer for external routes into OSPF | |
| Context | configure service vprn service-name ospf number timers redistribute-delay number | |
| Tree | redistribute-delay | |
| Range | 0 to 1000 | |
| Units | milliseconds | |
| Default | 1000 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
spf-wait
spf-initial-wait number
| Synopsis | Initial SPF calculation delay after a topology change | |
| Context | configure service vprn service-name ospf number timers spf-wait spf-initial-wait number | |
| Tree | spf-initial-wait | |
| Range | 10 to 100000 | |
| Units | milliseconds | |
| Default | 1000 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
spf-max-wait number
| Synopsis | Max interval between two consecutive SPF calculations | |
| Context | configure service vprn service-name ospf number timers spf-wait spf-max-wait number | |
| Tree | spf-max-wait | |
| Range | 10 to 120000 | |
| Units | milliseconds | |
| Default | 10000 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
spf-second-wait number
| Synopsis | Hold time between the first and second SPF calculation | |
| Context | configure service vprn service-name ospf number timers spf-wait spf-second-wait number | |
| Tree | spf-second-wait | |
| Range | 10 to 100000 | |
| Units | milliseconds | |
| Default | 1000 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
unicast-import boolean
| Synopsis | Submit routes into the unicast Route Table Manager | |
| Context | configure service vprn service-name ospf number unicast-import boolean | |
| Tree | unicast-import | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
vpn-domain
| Synopsis | Enable the vpn-domain context | |
| Context | configure service vprn service-name ospf number vpn-domain | |
| Tree | vpn-domain | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
id system-id
| Synopsis | OSPF VPN domain ID | |
| Context | configure service vprn service-name ospf number vpn-domain id system-id | |
| Tree | id | |
Description | This command specifies the OSPF VPN domain. This is exchanged using BGP in the Extended Community attribute associated with a prefix. | |
| String length | 14 | |
| Default | 0000.0000.0000 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
type keyword
vpn-tag number
ospf3 [ospf-instance] number
[ospf-instance] number
admin-state keyword
| Synopsis | Administrative state of the OSPF instance | |
| Context | configure service vprn service-name ospf3 number admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
advertise-router-capability keyword
| Synopsis | Allow router advertisement capabilities | |
| Context | configure service vprn service-name ospf3 number advertise-router-capability keyword | |
| Tree | advertise-router-capability | |
| Options | ||
| Default | false | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
area [area-id] ipv4-address
[area-id] ipv4-address
advertise-router-capability boolean
| Synopsis | Allow router advertisement capabilities | |
| Context | configure service vprn service-name ospf3 number area ipv4-address advertise-router-capability boolean | |
| Tree | advertise-router-capability | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
area-range [ip-prefix-mask] (ipv4-prefix | ipv6-prefix)
| Synopsis | Enter the area-range list instance | |
| Context | configure service vprn service-name ospf3 number area ipv4-address area-range (ipv4-prefix | ipv6-prefix) | |
| Tree | area-range | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[ip-prefix-mask] (ipv4-prefix | ipv6-prefix)
| Synopsis | Address ranges to create on an ABR for route summarization or suppression | |
| Context | configure service vprn service-name ospf3 number area ipv4-address area-range (ipv4-prefix | ipv6-prefix) | |
| Tree | area-range | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
advertise boolean
blackhole-aggregate boolean
| Synopsis | Install a low priority blackhole route to avoid loops | |
| Context | configure service vprn service-name ospf3 number area ipv4-address blackhole-aggregate boolean | |
| Tree | blackhole-aggregate | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
export-policy reference
| Synopsis | Type 3 Summary-LSA/OSPFv3 inter-area-prefix-LSA route | |
| Context | configure service vprn service-name ospf3 number area ipv4-address export-policy reference | |
| Tree | export-policy | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
import-policy reference
| Synopsis | Route imported as Summary Type 3/Inter-Area-Prefix-LSA | |
| Context | configure service vprn service-name ospf3 number area ipv4-address import-policy reference | |
| Tree | import-policy | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
interface [interface-name] interface-name
[interface-name] interface-name
admin-state keyword
| Synopsis | Administrative state of the OSPF interface | |
| Context | configure service vprn service-name ospf3 number area ipv4-address interface interface-name admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
advertise-router-capability boolean
| Synopsis | Allow router advertisement capabilities | |
| Context | configure service vprn service-name ospf3 number area ipv4-address interface interface-name advertise-router-capability boolean | |
| Tree | advertise-router-capability | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
authentication
| Synopsis | Enable the authentication context | |
| Context | configure service vprn service-name ospf3 number area ipv4-address interface interface-name authentication | |
| Tree | authentication | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
inbound reference
outbound reference
bfd-liveness
| Synopsis | Enable the bfd-liveness context | |
| Context | configure service vprn service-name ospf3 number area ipv4-address interface interface-name bfd-liveness | |
| Tree | bfd-liveness | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
remain-down-on-failure boolean
| Synopsis | Force adjacency down on failure until session returns | |
| Context | configure service vprn service-name ospf3 number area ipv4-address interface interface-name bfd-liveness remain-down-on-failure boolean | |
| Tree | remain-down-on-failure | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
strict boolean
| Synopsis | Enable BFD strict mode | |
| Context | configure service vprn service-name ospf3 number area ipv4-address interface interface-name bfd-liveness strict boolean | |
| Tree | strict | |
Description | When configured to true, the system uses BFD strict-mode. BFD strict-mode mandates that an active BFD session must exist between the OSPF neighbors before establishing a full adjacency. When configured to true, the router uses Link-Local Signaling (LLS) with the B-flag set to instruct the OSPF neighbors that BFD must be enabled on the link. BFD strict-mode requires both sides to have the B-flag set. During OSPFv3 BFD strict-mode operations, the router advertises the local interface IPv4 address TLV using LLS, but the SR OS router continues to use IPv6-based BFD sessions for both the IPv4 and IPv6 address families. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
strict-mode-holddown number
| Synopsis | Adjacency up time delay after BFD session establishment | |
| Context | configure service vprn service-name ospf3 number area ipv4-address interface interface-name bfd-liveness strict-mode-holddown number | |
| Tree | strict-mode-holddown | |
Description | This command configures a delay timer before bringing up the OSPF adjacency after the BFD session establishment. Holddown helps mitigate potential routing churn when BFD sessions are unstable. The holddown timer is reset when a BFD session operationally toggles. | |
| Range | 1 to 600 | |
| Units | seconds | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
dead-interval number
| Synopsis | OSPF wait time for Hellos before neighbor declared down | |
| Context | configure service vprn service-name ospf3 number area ipv4-address interface interface-name dead-interval number | |
| Tree | dead-interval | |
| Range | 2 to 65535 | |
| Units | seconds | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
hello-interval number
| Synopsis | Time between OSPF Hellos of this interface | |
| Context | configure service vprn service-name ospf3 number area ipv4-address interface interface-name hello-interval number | |
| Tree | hello-interval | |
| Range | 1 to 65535 | |
| Units | seconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
interface-type keyword
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Interface type | |
| Context | configure service vprn service-name ospf3 number area ipv4-address interface interface-name interface-type keyword | |
| Tree | interface-type | |
Description | This command specifies the interface type. broadcast - Broadcast network To significantly improve adjacency forming and network convergence, configure a network as point-to-point if only two routers are connected, even if the network is a broadcast media such as Ethernet. non-broadcast - Non-broadcast network point-to-point - Point-to-point link Set the interface type of an Ethernet link to point-to-point to avoid having to carry the broadcast adjacency maintenance overhead if the Ethernet link provided is used as a point-to-point. p2mp-nbma - Point-to-multipoint on a link without broadcast or multicast support No designated router or backup designated router is elected on this type of interface and all OSPF neighbors connect through individual point-to-point links. Only VPRN and IES services interfaces support this interface type. secondary - Multiple secondary adjacencies allowed A secondary interface allows multiple secondary adjacencies, in addition to the primary adjacency, to be established over a single IP interface. This interface type can also be applied to the system interface and to loopback interfaces to allow them to participate in multiple areas, although no adjacencies are formed over these types of interfaces. | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
load-balancing-weight number
| Synopsis | Load-balancing weight | |
| Context | configure service vprn service-name ospf3 number area ipv4-address interface interface-name load-balancing-weight number | |
| Tree | load-balancing-weight | |
| Range | 1 to 4294967295 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
loopfree-alternate
| Synopsis | Enter the loopfree-alternate context | |
| Context | configure service vprn service-name ospf3 number area ipv4-address interface interface-name loopfree-alternate | |
| Tree | loopfree-alternate | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
exclude boolean
policy-map
| Synopsis | Enable the policy-map context | |
| Context | configure service vprn service-name ospf3 number area ipv4-address interface interface-name loopfree-alternate policy-map | |
| Tree | policy-map | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
route-nh-template reference
| Synopsis | Route next hop policy template name | |
| Context | configure service vprn service-name ospf3 number area ipv4-address interface interface-name loopfree-alternate policy-map route-nh-template reference | |
| Tree | route-nh-template | |
Reference | configure routing-options route-next-hop-policy template named-item | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
lsa-filter-out keyword
| Synopsis | LSA flooding reduction | |
| Context | configure service vprn service-name ospf3 number area ipv4-address interface interface-name lsa-filter-out keyword | |
| Tree | lsa-filter-out | |
| Options | ||
| Default | none | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
metric number
mtu number
neighbor [address] (ipv4-address-no-zone | ipv6-address-no-zone)
[address] (ipv4-address-no-zone | ipv6-address-no-zone)
| Synopsis | IPv6 link local address of the OSPFv3 neighbor | |
| Context | configure service vprn service-name ospf3 number area ipv4-address interface interface-name neighbor (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | neighbor | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
passive boolean
poll-interval number
| Synopsis | Interval for Hellos to non-adjacent OSPF NBMA neighbor | |
| Context | configure service vprn service-name ospf3 number area ipv4-address interface interface-name poll-interval number | |
| Tree | poll-interval | |
| Max. range | 0 to 4294967295 | |
| Units | seconds | |
| Default | 120 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
priority number
retransmit-interval number
| Synopsis | Time before OSPF retransmits an unacknowledged LSA | |
| Context | configure service vprn service-name ospf3 number area ipv4-address interface interface-name retransmit-interval number | |
| Tree | retransmit-interval | |
| Range | 1 to 1800 | |
| Units | seconds | |
| Default | 5 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
rib-priority keyword
| Synopsis | RIB priority for OSPF | |
| Context | configure service vprn service-name ospf3 number area ipv4-address interface interface-name rib-priority keyword | |
| Tree | rib-priority | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
transit-delay number
| Synopsis | Required LSA transmit time | |
| Context | configure service vprn service-name ospf3 number area ipv4-address interface interface-name transit-delay number | |
| Tree | transit-delay | |
| Range | 1 to 1800 | |
| Units | seconds | |
| Default | 1 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
key-rollover-interval number
| Synopsis | Key rollover interval | |
| Context | configure service vprn service-name ospf3 number area ipv4-address key-rollover-interval number | |
| Tree | key-rollover-interval | |
| Range | 10 to 300 | |
| Units | seconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
loopfree-alternate-exclude boolean
| Synopsis | Exclude interfaces in OSPF areas in SPF LFA computation | |
| Context | configure service vprn service-name ospf3 number area ipv4-address loopfree-alternate-exclude boolean | |
| Tree | loopfree-alternate-exclude | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
nssa
area-range [ip-prefix-mask] (ipv4-prefix | ipv6-prefix)
| Synopsis | Enter the area-range list instance | |
| Context | configure service vprn service-name ospf3 number area ipv4-address nssa area-range (ipv4-prefix | ipv6-prefix) | |
| Tree | area-range | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[ip-prefix-mask] (ipv4-prefix | ipv6-prefix)
| Synopsis | Address ranges to create on an ABR for route summarization or suppression | |
| Context | configure service vprn service-name ospf3 number area ipv4-address nssa area-range (ipv4-prefix | ipv6-prefix) | |
| Tree | area-range | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
advertise boolean
originate-default-route
| Synopsis | Enable the originate-default-route context | |
| Context | configure service vprn service-name ospf3 number area ipv4-address nssa originate-default-route | |
| Tree | originate-default-route | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
adjacency-check boolean
| Synopsis | Perform adjacency checks before originating a default route | |
| Context | configure service vprn service-name ospf3 number area ipv4-address nssa originate-default-route adjacency-check boolean | |
| Tree | adjacency-check | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
type-nssa boolean
redistribute-external boolean
| Synopsis | Redistribute external routes into the NSSA | |
| Context | configure service vprn service-name ospf3 number area ipv4-address nssa redistribute-external boolean | |
| Tree | redistribute-external | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
summaries boolean
stub
default-metric number
| Synopsis | Metric used by ABR for default route into the stub area | |
| Context | configure service vprn service-name ospf3 number area ipv4-address stub default-metric number | |
| Tree | default-metric | |
| Range | 1 to 16777214 | |
| Default | 1 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
summaries boolean
virtual-link [router-id] ipv4-address transit-area reference
| Synopsis | Enter the virtual-link list instance | |
| Context | configure service vprn service-name ospf3 number area ipv4-address virtual-link ipv4-address transit-area reference | |
| Tree | virtual-link | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[router-id] ipv4-address
| Synopsis | Router identity of the virtual link neighbor | |
| Context | configure service vprn service-name ospf3 number area ipv4-address virtual-link ipv4-address transit-area reference | |
| Tree | virtual-link | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
transit-area reference
| Synopsis | Transit area that links backbone area to area without physical connection with the backbone | |
| Context | configure service vprn service-name ospf3 number area ipv4-address virtual-link ipv4-address transit-area reference | |
| Tree | virtual-link | |
Reference | configure service vprn service-name ospf3 number area ipv4-address | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the OSPF interface | |
| Context | configure service vprn service-name ospf3 number area ipv4-address virtual-link ipv4-address transit-area reference admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authentication
| Synopsis | Enable the authentication context | |
| Context | configure service vprn service-name ospf3 number area ipv4-address virtual-link ipv4-address transit-area reference authentication | |
| Tree | authentication | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
inbound reference
| Synopsis | sa-name | |
| Context | configure service vprn service-name ospf3 number area ipv4-address virtual-link ipv4-address transit-area reference authentication inbound reference | |
| Tree | inbound | |
Reference | ||
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
outbound reference
| Synopsis | sa-name | |
| Context | configure service vprn service-name ospf3 number area ipv4-address virtual-link ipv4-address transit-area reference authentication outbound reference | |
| Tree | outbound | |
Reference | ||
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dead-interval number
| Synopsis | OSPF wait time for Hellos before neighbor declared down | |
| Context | configure service vprn service-name ospf3 number area ipv4-address virtual-link ipv4-address transit-area reference dead-interval number | |
| Tree | dead-interval | |
| Range | 2 to 65535 | |
| Units | seconds | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
hello-interval number
| Synopsis | Time between OSPF Hellos of this interface | |
| Context | configure service vprn service-name ospf3 number area ipv4-address virtual-link ipv4-address transit-area reference hello-interval number | |
| Tree | hello-interval | |
| Range | 1 to 65535 | |
| Units | seconds | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
retransmit-interval number
| Synopsis | Time before OSPF retransmits an unacknowledged LSA | |
| Context | configure service vprn service-name ospf3 number area ipv4-address virtual-link ipv4-address transit-area reference retransmit-interval number | |
| Tree | retransmit-interval | |
| Range | 1 to 1800 | |
| Units | seconds | |
| Default | 5 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
transit-delay number
| Synopsis | Required LSA transmit time | |
| Context | configure service vprn service-name ospf3 number area ipv4-address virtual-link ipv4-address transit-area reference transit-delay number | |
| Tree | transit-delay | |
| Range | 1 to 1800 | |
| Units | seconds | |
| Default | 1 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
export-limit
| Synopsis | Enable the export-limit context | |
| Context | configure service vprn service-name ospf3 number export-limit | |
| Tree | export-limit | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
log-percent number
| Synopsis | Export limit before warning and SNMP notification sent | |
| Context | configure service vprn service-name ospf3 number export-limit log-percent number | |
| Tree | log-percent | |
| Range | 1 to 100 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
number number
export-policy reference
| Synopsis | Export policies that determine exported routes | |
| Context | configure service vprn service-name ospf3 number export-policy reference | |
| Tree | export-policy | |
Description | This command configures export routing policies for the routes exported from the routing table to IS-IS. If the export policy is undefined, the system does not export non IS-IS routes from the routing table manager to IS-IS. If multiple policy names are specified, the policies are evaluated in the order they are specified. The first policy that matches is applied. If the aggregate command is also configured in the configure router context, the aggregation is applied before the export policy is applied. Routing policies are created in the configure router policy-options context. | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
external-db-overflow
| Synopsis | Enable the external-db-overflow context | |
| Context | configure service vprn service-name ospf3 number external-db-overflow | |
| Tree | external-db-overflow | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
interval number
limit number
external-preference number
| Synopsis | Preference for OSPF external routes | |
| Context | configure service vprn service-name ospf3 number external-preference number | |
| Tree | external-preference | |
| Range | 1 to 255 | |
| Default | 150 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
graceful-restart
| Synopsis | Enable the graceful-restart context | |
| Context | configure service vprn service-name ospf3 number graceful-restart | |
| Tree | graceful-restart | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
helper-mode boolean
| Synopsis | Enable graceful restart helper for OSPF | |
| Context | configure service vprn service-name ospf3 number graceful-restart helper-mode boolean | |
| Tree | helper-mode | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
strict-lsa-checking boolean
| Synopsis | Perform strict LSA checking during graceful restart | |
| Context | configure service vprn service-name ospf3 number graceful-restart strict-lsa-checking boolean | |
| Tree | strict-lsa-checking | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ignore-dn-bit boolean
| Synopsis | Ignore the DN bit for OSPF LSA packets for the instance | |
| Context | configure service vprn service-name ospf3 number ignore-dn-bit boolean | |
| Tree | ignore-dn-bit | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
import-policy reference
| Synopsis | Import policy names for routes from IGP to route table | |
| Context | configure service vprn service-name ospf3 number import-policy reference | |
| Tree | import-policy | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
loopfree-alternate
| Synopsis | Enable the loopfree-alternate context | |
| Context | configure service vprn service-name ospf3 number loopfree-alternate | |
| Tree | loopfree-alternate | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
exclude
prefix-policy reference
| Synopsis | Policy to exclude prefixes from LFA SPF calculation | |
| Context | configure service vprn service-name ospf3 number loopfree-alternate exclude prefix-policy reference | |
| Tree | prefix-policy | |
Description | This command specifies the name of the policy for the prefixes to exclude from the LFA SPF calculation. An excluded prefix is not included in LFA calculation regardless of its priority. The prefix tag is, however, used in the main SPF. | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
multicast-import boolean
| Synopsis | Submit routes into the multicast Route Table Manager | |
| Context | configure service vprn service-name ospf3 number multicast-import boolean | |
| Tree | multicast-import | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
overload boolean
overload-include-ext-1 boolean
| Synopsis | Advertise routes with maximum metric value for overload | |
| Context | configure service vprn service-name ospf3 number overload-include-ext-1 boolean | |
| Tree | overload-include-ext-1 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
overload-include-ext-2 boolean
| Synopsis | Advertise routes with maximum metric value for overload | |
| Context | configure service vprn service-name ospf3 number overload-include-ext-2 boolean | |
| Tree | overload-include-ext-2 | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
overload-include-stub boolean
| Synopsis | Advertise all stub interfaces with max metric value | |
| Context | configure service vprn service-name ospf3 number overload-include-stub boolean | |
| Tree | overload-include-stub | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
overload-on-boot
| Synopsis | Enable the overload-on-boot context | |
| Context | configure service vprn service-name ospf3 number overload-on-boot | |
| Tree | overload-on-boot | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
timeout number
preference number
| Synopsis | Preference for OSPF internal routes | |
| Context | configure service vprn service-name ospf3 number preference number | |
| Tree | preference | |
| Range | 1 to 255 | |
| Default | 10 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
reference-bandwidth number
| Synopsis | Bandwidth to reference default costing of interfaces | |
| Context | configure service vprn service-name ospf3 number reference-bandwidth number | |
| Tree | reference-bandwidth | |
| Range | 1 to 18446744073709551615 | |
| Units | kilobps | |
| Default | 100000000 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
rib-priority
| Synopsis | Enter the rib-priority context | |
| Context | configure service vprn service-name ospf3 number rib-priority | |
| Tree | rib-priority | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
high
prefix-list reference
| Synopsis | Higher priority list used during OSPF route calculation | |
| Context | configure service vprn service-name ospf3 number rib-priority high prefix-list reference | |
| Tree | prefix-list | |
Reference | configure policy-options prefix-list named-item-64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
router-id router-id
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Unique router ID for the OSPF instance | |
| Context | configure service vprn service-name ospf3 number router-id router-id | |
| Tree | router-id | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
rtr-adv-lsa-limit
| Synopsis | Enable the rtr-adv-lsa-limit context | |
| Context | configure service vprn service-name ospf3 number rtr-adv-lsa-limit | |
| Tree | rtr-adv-lsa-limit | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
log-only boolean
max-lsa-count number
| Synopsis | Max number of LSAs one router can advertise | |
| Context | configure service vprn service-name ospf3 number rtr-adv-lsa-limit max-lsa-count number | |
| Tree | max-lsa-count | |
| Range | 1 to 4294967295 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
overload-timeout (number | keyword)
| Synopsis | Maximum time in overload after LSA limit is reached | |
| Context | configure service vprn service-name ospf3 number rtr-adv-lsa-limit overload-timeout (number | keyword) | |
| Tree | overload-timeout | |
| Range | 1 to 1800 | |
| Units | seconds | |
| Options | ||
| Default | forever | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
warning-threshold number
| Synopsis | Percentage of the max LSA count that causes a warning | |
| Context | configure service vprn service-name ospf3 number rtr-adv-lsa-limit warning-threshold number | |
| Tree | warning-threshold | |
| Range | 0 to 100 | |
| Units | percent | |
| Default | 0 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
suppress-dn-bit boolean
| Synopsis | Suppress the DN bit setting for OSPF LSA packets | |
| Context | configure service vprn service-name ospf3 number suppress-dn-bit boolean | |
| Tree | suppress-dn-bit | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
timers
incremental-spf-wait number
| Synopsis | Delay time before an incremental SPF calculation starts | |
| Context | configure service vprn service-name ospf3 number timers incremental-spf-wait number | |
| Tree | incremental-spf-wait | |
| Range | 0 to 1000 | |
| Units | milliseconds | |
| Default | 1000 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
lsa-accumulate number
| Synopsis | Delay to gather LSAs before advertising to neighbors | |
| Context | configure service vprn service-name ospf3 number timers lsa-accumulate number | |
| Tree | lsa-accumulate | |
| Range | 0 to 1000 | |
| Units | milliseconds | |
| Default | 1000 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
lsa-arrival number
| Synopsis | Min delay between receipt of same LSAs from neighbors | |
| Context | configure service vprn service-name ospf3 number timers lsa-arrival number | |
| Tree | lsa-arrival | |
| Range | 0 to 600000 | |
| Units | milliseconds | |
| Default | 1000 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
lsa-generate
| Synopsis | Enter the lsa-generate context | |
| Context | configure service vprn service-name ospf3 number timers lsa-generate | |
| Tree | lsa-generate | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
lsa-initial-wait number
| Synopsis | First wait period between OSPF LSA generation | |
| Context | configure service vprn service-name ospf3 number timers lsa-generate lsa-initial-wait number | |
| Tree | lsa-initial-wait | |
| Range | 10 to 600000 | |
| Units | milliseconds | |
| Default | 5000 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
lsa-second-wait number
| Synopsis | Hold time between the first and second LSA generation | |
| Context | configure service vprn service-name ospf3 number timers lsa-generate lsa-second-wait number | |
| Tree | lsa-second-wait | |
| Range | 10 to 600000 | |
| Units | milliseconds | |
| Default | 5000 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
max-lsa-wait number
| Synopsis | Max time between two LSAs being generated | |
| Context | configure service vprn service-name ospf3 number timers lsa-generate max-lsa-wait number | |
| Tree | max-lsa-wait | |
| Range | 10 to 600000 | |
| Units | milliseconds | |
| Default | 5000 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
redistribute-delay number
| Synopsis | Hold down timer for external routes into OSPF | |
| Context | configure service vprn service-name ospf3 number timers redistribute-delay number | |
| Tree | redistribute-delay | |
| Range | 0 to 1000 | |
| Units | milliseconds | |
| Default | 1000 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
spf-wait
spf-initial-wait number
| Synopsis | Initial SPF calculation delay after a topology change | |
| Context | configure service vprn service-name ospf3 number timers spf-wait spf-initial-wait number | |
| Tree | spf-initial-wait | |
| Range | 10 to 100000 | |
| Units | milliseconds | |
| Default | 1000 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
spf-max-wait number
| Synopsis | Max interval between two consecutive SPF calculations | |
| Context | configure service vprn service-name ospf3 number timers spf-wait spf-max-wait number | |
| Tree | spf-max-wait | |
| Range | 10 to 120000 | |
| Units | milliseconds | |
| Default | 10000 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
spf-second-wait number
| Synopsis | Hold time between the first and second SPF calculation | |
| Context | configure service vprn service-name ospf3 number timers spf-wait spf-second-wait number | |
| Tree | spf-second-wait | |
| Range | 10 to 100000 | |
| Units | milliseconds | |
| Default | 1000 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
unicast-import boolean
| Synopsis | Submit routes into the unicast Route Table Manager | |
| Context | configure service vprn service-name ospf3 number unicast-import boolean | |
| Tree | unicast-import | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
pim
admin-state keyword
| Synopsis | Administrative state of PIM | |
| Context | configure service vprn service-name pim admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
apply-to keyword
bgp-nh-override boolean
| Synopsis | Disable VRF import EC support for next-hop resolution | |
| Context | configure service vprn service-name pim bgp-nh-override boolean | |
| Tree | bgp-nh-override | |
Description | When configured to true, the RPF check is performed using IPv4 VPN AF next-hop instead of IPv4 AF VRF import extended community (EC). When configured to false, the RPF check is performed using IPv4 AF VRF import EC. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
import
join-policy reference
| Synopsis | Policy name | |
| Context | configure service vprn service-name pim import join-policy reference | |
| Tree | join-policy | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
register-policy reference
| Synopsis | Policy name | |
| Context | configure service vprn service-name pim import register-policy reference | |
| Tree | register-policy | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
interface [interface-name] interface-name
[interface-name] interface-name
admin-state keyword
| Synopsis | Administrative state of the PIM interface | |
| Context | configure service vprn service-name pim interface interface-name admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
assert-period number
| Synopsis | Time for periodic refreshes of PIM Assert messages on an interface | |
| Context | configure service vprn service-name pim interface interface-name assert-period number | |
| Tree | assert-period | |
| Range | 1 to 300 | |
| Default | 60 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
bfd-liveness
| Synopsis | Enter the bfd-liveness context | |
| Context | configure service vprn service-name pim interface interface-name bfd-liveness | |
| Tree | bfd-liveness | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4 boolean
ipv6 boolean
bsm-check-rtr-alert boolean
| Synopsis | Check router alert option in bootstrap messages received | |
| Context | configure service vprn service-name pim interface interface-name bsm-check-rtr-alert boolean | |
| Tree | bsm-check-rtr-alert | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
hello-interval number
| Synopsis | Frequency at which PIM Hello messages are sent over this interface | |
| Context | configure service vprn service-name pim interface interface-name hello-interval number | |
| Tree | hello-interval | |
| Range | 0 to 255 | |
| Default | 30 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
hello-multiplier number
| Synopsis | Multiplier to determine the hold time for PIM neighbor | |
| Context | configure service vprn service-name pim interface interface-name hello-multiplier number | |
| Tree | hello-multiplier | |
| Range | 20 to 100 | |
| Default | 35 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
improved-assert boolean
| Synopsis | Allow improved assert processing on interface | |
| Context | configure service vprn service-name pim interface interface-name improved-assert boolean | |
| Tree | improved-assert | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
instant-prune-echo boolean
| Synopsis | Allow PIM to send an instant prune echo when router starts the prune pending timer for PIM interface | |
| Context | configure service vprn service-name pim interface interface-name instant-prune-echo boolean | |
| Tree | instant-prune-echo | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ipv4
monitor-oper-group
| Synopsis | Enter the monitor-oper-group context | |
| Context | configure service vprn service-name pim interface interface-name ipv4 monitor-oper-group | |
| Tree | monitor-oper-group | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
name reference
| Synopsis | Operational group identifier | |
| Context | configure service vprn service-name pim interface interface-name ipv4 monitor-oper-group name reference | |
| Tree | name | |
Reference | configure service oper-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
operation keyword
priority-delta number
| Synopsis | Delta priority with operation when operational group is active | |
| Context | configure service vprn service-name pim interface interface-name ipv4 monitor-oper-group priority-delta number | |
| Tree | priority-delta | |
| Range | 1 to 4294967295 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
multicast boolean
ipv6
monitor-oper-group
| Synopsis | Enter the monitor-oper-group context | |
| Context | configure service vprn service-name pim interface interface-name ipv6 monitor-oper-group | |
| Tree | monitor-oper-group | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
name reference
| Synopsis | Operational group identifier | |
| Context | configure service vprn service-name pim interface interface-name ipv6 monitor-oper-group name reference | |
| Tree | name | |
Reference | configure service oper-group named-item | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
operation keyword
priority-delta number
| Synopsis | Delta priority with operation when operational group is active | |
| Context | configure service vprn service-name pim interface interface-name ipv6 monitor-oper-group priority-delta number | |
| Tree | priority-delta | |
| Range | 1 to 4294967295 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
multicast boolean
max-groups number
| Synopsis | Maximum number of groups for the interface | |
| Context | configure service vprn service-name pim interface interface-name max-groups number | |
| Tree | max-groups | |
| Range | 0 | 1 to 16000 | |
| Default | 0 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
multicast-senders keyword
| Synopsis | Subnet matching for the incoming data packets | |
| Context | configure service vprn service-name pim interface interface-name multicast-senders keyword | |
| Tree | multicast-senders | |
| Options | ||
| Default | auto | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
priority number
sticky-dr
priority number
three-way-hello boolean
| Synopsis | Allow three-way hello compatibility mode | |
| Context | configure service vprn service-name pim interface interface-name three-way-hello boolean | |
| Tree | three-way-hello | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
tracking-support boolean
| Synopsis | Allow upstream routers to explicitly track join membership | |
| Context | configure service vprn service-name pim interface interface-name tracking-support boolean | |
| Tree | tracking-support | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ipv4
admin-state keyword
| Synopsis | Administrative state of PIM operation for IPv4 | |
| Context | configure service vprn service-name pim ipv4 admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
rpf-table keyword
source-address
| Synopsis | Enter the source-address context | |
| Context | configure service vprn service-name pim ipv4 source-address | |
| Tree | source-address | |
Description | Commands in this context configure the source IP address for PIM messages. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
register-message ipv4-unicast-address
| Synopsis | Source IPv4 address for PIM register messages | |
| Context | configure service vprn service-name pim ipv4 source-address register-message ipv4-unicast-address | |
| Tree | register-message | |
Description | This command configures the source IPv4 address for register messages in this PIM instance. The IP address can be set to any unicast address, regardless of whether it resides on the node. Ensure that the specified IP address is configured on the router as a loopback or interface IP address. When unconfigured, the source IP address for register messages is selected by choosing the smallest IP address from available interfaces on the node. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ssm-assert-compatible-mode boolean
| Synopsis | Enable SSM assert compatible mode | |
| Context | configure service vprn service-name pim ipv4 ssm-assert-compatible-mode boolean | |
| Tree | ssm-assert-compatible-mode | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ssm-default-range boolean
| Synopsis | SSM default range | |
| Context | configure service vprn service-name pim ipv4 ssm-default-range boolean | |
| Tree | ssm-default-range | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
ipv6
admin-state keyword
| Synopsis | Administrative state of PIM operation for IPv6 | |
| Context | configure service vprn service-name pim ipv6 admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
rpf-table keyword
source-address
| Synopsis | Enter the source-address context | |
| Context | configure service vprn service-name pim ipv6 source-address | |
| Tree | source-address | |
Description | Commands in this context configure the source IP address for PIM messages. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
register-message ipv6-unicast-address
| Synopsis | Source IPv6 address for PIM register messages | |
| Context | configure service vprn service-name pim ipv6 source-address register-message ipv6-unicast-address | |
| Tree | register-message | |
Description | This command configures the source IPv6 address for register messages in this PIM instance. The IP address can be set to any unicast address, regardless of whether it resides on the node. Ensure that the specified IP address is configured on the router as a loopback or interface IP address. When unconfigured, the source IP address for register messages is selected by choosing the smallest IP address from available interfaces on the node. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ssm-default-range boolean
| Synopsis | SSM default range | |
| Context | configure service vprn service-name pim ipv6 ssm-default-range boolean | |
| Tree | ssm-default-range | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
mtu-over-head number
| Synopsis | MVPN tunnel MTU size reduction to allow for BIER header | |
| Context | configure service vprn service-name pim mtu-over-head number | |
| Tree | mtu-over-head | |
Description | This command subtracts the specified value from the MVPN tunnel MTU to allow a BIER header to be added without exceeding the network MTU. | |
| Range | 0 | 44 | 76 | 140 | 268 | 536 | |
| Default | 0 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
non-dr-attract-traffic boolean
| Synopsis | Attract traffic when the router is not the designated one | |
| Context | configure service vprn service-name pim non-dr-attract-traffic boolean | |
| Tree | non-dr-attract-traffic | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
rp
bootstrap
export reference
| Synopsis | Export policy to control the flow of bootstrap messages | |
| Context | configure service vprn service-name pim rp bootstrap export reference | |
| Tree | export | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
import reference
| Synopsis | Import policy to control the flow of bootstrap messages | |
| Context | configure service vprn service-name pim rp bootstrap import reference | |
| Tree | import | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4
anycast [ipv4-address] ipv4-unicast-address rp-set-peer ipv4-unicast-address
[ipv4-address] ipv4-unicast-address
rp-set-peer ipv4-unicast-address
auto-rp-discovery boolean
| Synopsis | Enable auto-RP discovery mode and auto-RP listener | |
| Context | configure service vprn service-name pim rp ipv4 auto-rp-discovery boolean | |
| Tree | auto-rp-discovery | |
Description | When configured to true, the system enables the auto-RP protocol in discovery mode and the auto-RP listener functionality. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
bsr-candidate
| Synopsis | Enter the bsr-candidate context | |
| Context | configure service vprn service-name pim rp ipv4 bsr-candidate | |
| Tree | bsr-candidate | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
address ipv4-unicast-address
admin-state keyword
| Synopsis | Administrative state of the Candidate BSR | |
| Context | configure service vprn service-name pim rp ipv4 bsr-candidate admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
hash-mask-len number
| Synopsis | Length for bootstrap hash mask | |
| Context | configure service vprn service-name pim rp ipv4 bsr-candidate hash-mask-len number | |
| Tree | hash-mask-len | |
| Range | 0 to 32 | |
| Default | 30 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
priority number
candidate boolean
| Synopsis | Enable auto-RP to advertise candidate RP information | |
| Context | configure service vprn service-name pim rp ipv4 candidate boolean | |
| Tree | candidate | |
Description | When configured to true, the auto-RP is enabled to advertise the candidate RP information. The auto-RP candidate RP announces the candidate RP messages on the 224.0.1.39 multicast address. This functionality is in addition to the listener functionality enabled by the auto RP discovery. When configured to false, the candidate RP information is not specified. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
mapping-agent boolean
| Synopsis | Enable the mapping agent on the node | |
| Context | configure service vprn service-name pim rp ipv4 mapping-agent boolean | |
| Tree | mapping-agent | |
Description | When configured to true, the mapping agent is enabled on the node. The auto-RP MA observes the auto-rp-announcement messages, selects the RP and generates the RP discovery 224.0.1.40 messages. This functionality is in addition to the auto-RP discovery functionality. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
rp-candidate
| Synopsis | Enter the rp-candidate context | |
| Context | configure service vprn service-name pim rp ipv4 rp-candidate | |
| Tree | rp-candidate | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
address ipv4-unicast-address
| Synopsis | Local RP address | |
| Context | configure service vprn service-name pim rp ipv4 rp-candidate address ipv4-unicast-address | |
| Tree | address | |
Description | This command specifies the local RP address that is sent in the RP candidate advertisements to the Bootstrap Router. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the Candidate RP | |
| Context | configure service vprn service-name pim rp ipv4 rp-candidate admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
group-range [ipv4-prefix] ipv4-multicast-prefix
| Synopsis | Add a list entry for group-range | |
| Context | configure service vprn service-name pim rp ipv4 rp-candidate group-range ipv4-multicast-prefix | |
| Tree | group-range | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[ipv4-prefix] ipv4-multicast-prefix
| Synopsis | IPv4 address and prefix length | |
| Context | configure service vprn service-name pim rp ipv4 rp-candidate group-range ipv4-multicast-prefix | |
| Tree | group-range | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
holdtime number
priority number
static
address [ipv4-address] ipv4-unicast-address
[ipv4-address] ipv4-unicast-address
group-prefix [ipv4-prefix] ipv4-multicast-prefix
| Synopsis | Add a list entry for group-prefix | |
| Context | configure service vprn service-name pim rp ipv4 static address ipv4-unicast-address group-prefix ipv4-multicast-prefix | |
| Tree | group-prefix | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[ipv4-prefix] ipv4-multicast-prefix
| Synopsis | IPv4 address and prefix length | |
| Context | configure service vprn service-name pim rp ipv4 static address ipv4-unicast-address group-prefix ipv4-multicast-prefix | |
| Tree | group-prefix | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
override boolean
ipv6
anycast [ipv6-address] ipv6-unicast-address rp-set-peer ipv6-unicast-address
[ipv6-address] ipv6-unicast-address
rp-set-peer ipv6-unicast-address
bsr-candidate
| Synopsis | Enter the bsr-candidate context | |
| Context | configure service vprn service-name pim rp ipv6 bsr-candidate | |
| Tree | bsr-candidate | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
address ipv6-unicast-address
admin-state keyword
| Synopsis | Administrative state of the Candidate BSR | |
| Context | configure service vprn service-name pim rp ipv6 bsr-candidate admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
hash-mask-len number
| Synopsis | Length for bootstrap hash mask | |
| Context | configure service vprn service-name pim rp ipv6 bsr-candidate hash-mask-len number | |
| Tree | hash-mask-len | |
| Range | 0 to 128 | |
| Default | 126 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
priority number
embedded-rp
| Synopsis | Enable the embedded-rp context | |
| Context | configure service vprn service-name pim rp ipv6 embedded-rp | |
| Tree | embedded-rp | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of embedded RP | |
| Context | configure service vprn service-name pim rp ipv6 embedded-rp admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
group-range [ipv6-prefix] ipv6-multicast-prefix
| Synopsis | Add a list entry for group-range | |
| Context | configure service vprn service-name pim rp ipv6 embedded-rp group-range ipv6-multicast-prefix | |
| Tree | group-range | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[ipv6-prefix] ipv6-multicast-prefix
| Synopsis | IPv6 address and prefix length | |
| Context | configure service vprn service-name pim rp ipv6 embedded-rp group-range ipv6-multicast-prefix | |
| Tree | group-range | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
rp-candidate
| Synopsis | Enter the rp-candidate context | |
| Context | configure service vprn service-name pim rp ipv6 rp-candidate | |
| Tree | rp-candidate | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
address ipv6-unicast-address
admin-state keyword
| Synopsis | Administrative state of the Candidate RP | |
| Context | configure service vprn service-name pim rp ipv6 rp-candidate admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
group-range [ipv6-prefix] ipv6-multicast-prefix
| Synopsis | Add a list entry for group-range | |
| Context | configure service vprn service-name pim rp ipv6 rp-candidate group-range ipv6-multicast-prefix | |
| Tree | group-range | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[ipv6-prefix] ipv6-multicast-prefix
| Synopsis | IPv6 address and prefix length | |
| Context | configure service vprn service-name pim rp ipv6 rp-candidate group-range ipv6-multicast-prefix | |
| Tree | group-range | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
holdtime number
priority number
static
address [ipv6-address] ipv6-unicast-address
[ipv6-address] ipv6-unicast-address
group-prefix [ipv6-prefix] ipv6-multicast-prefix
| Synopsis | Add a list entry for group-prefix | |
| Context | configure service vprn service-name pim rp ipv6 static address ipv6-unicast-address group-prefix ipv6-multicast-prefix | |
| Tree | group-prefix | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[ipv6-prefix] ipv6-multicast-prefix
| Synopsis | IPv6 address and prefix length | |
| Context | configure service vprn service-name pim rp ipv6 static address ipv6-unicast-address group-prefix ipv6-multicast-prefix | |
| Tree | group-prefix | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
override boolean
spt-switchover [ip-prefix] (ipv4-prefix | ipv6-prefix)
| Synopsis | Enter the spt-switchover list instance | |
| Context | configure service vprn service-name pim spt-switchover (ipv4-prefix | ipv6-prefix) | |
| Tree | spt-switchover | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[ip-prefix] (ipv4-prefix | ipv6-prefix)
| Synopsis | IP address and mask length | |
| Context | configure service vprn service-name pim spt-switchover (ipv4-prefix | ipv6-prefix) | |
| Tree | spt-switchover | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
threshold (number | keyword)
ssm-groups
| Synopsis | Enter the ssm-groups context | |
| Context | configure service vprn service-name pim ssm-groups | |
| Tree | ssm-groups | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
group-range [ip-prefix] (ipv4-prefix | ipv6-prefix)
| Synopsis | Add a list entry for group-range | |
| Context | configure service vprn service-name pim ssm-groups group-range (ipv4-prefix | ipv6-prefix) | |
| Tree | group-range | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[ip-prefix] (ipv4-prefix | ipv6-prefix)
| Synopsis | IP address and mask length | |
| Context | configure service vprn service-name pim ssm-groups group-range (ipv4-prefix | ipv6-prefix) | |
| Tree | group-range | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
radius
server [name] named-item
[name] named-item
accept-coa boolean
| Synopsis | Process Change of Authorization (CoA) messages | |
| Context | configure service vprn service-name radius server named-item accept-coa boolean | |
| Tree | accept-coa | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
acct-port number
address (ipv4-address-no-zone | ipv6-address-no-zone)
auth-port number
description description
| Synopsis | Text description | |
| Context | configure service vprn service-name radius server named-item description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
pending-requests-limit number
| Synopsis | Limit of the number for pending RADIUS requests | |
| Context | configure service vprn service-name radius server named-item pending-requests-limit number | |
| Tree | pending-requests-limit | |
| Range | 1 to 4096 | |
| Default | 4096 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
secret encrypted-leaf
rip
admin-state keyword
| Synopsis | Administrative state of the RIP instance | |
| Context | configure service vprn service-name rip admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authentication-key encrypted-leaf
| Synopsis | Authentication password passed between RIP neighbors | |
| Context | configure service vprn service-name rip authentication-key encrypted-leaf | |
| Tree | authentication-key | |
Description | This command sets the authentication password to be passed between RIP neighbors. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes. The authentication type and authentication key must match exactly for the RIP message to be considered authentic and processed. When unconfigured, this command removes the authentication password from the configuration and disables authentication. | |
| String length | 1 to 51 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authentication-type keyword
| Synopsis | Authentication type used between RIP neighbors | |
| Context | configure service vprn service-name rip authentication-type keyword | |
| Tree | authentication-type | |
Description | This command sets the type of authentication to be used between RIP neighbors. The authentication type and authentication key must match exactly for the RIP message to be considered authentic and processed. When unconfigured, this command removes the authentication type from the configuration and effectively disables authentication. | |
| Options | ||
| Default | none | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bfd-liveness boolean
| Synopsis | Enable BFD to control the state of protocol adjacency | |
| Context | configure service vprn service-name rip bfd-liveness boolean | |
| Tree | bfd-liveness | |
Description | When configured to true, this command enables BFD to control the state of the associated protocol adjacency. When configured to false, this command removes BFD from the associated protocol adjacency. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
check-zero boolean
| Synopsis | Enable checking of mandatory zero fields | |
| Context | configure service vprn service-name rip check-zero boolean | |
| Tree | check-zero | |
Description | When configured to true, this command enables checking of the mandatory zero fields in the RIPv1 and RIPv2 specifications and rejecting non-compliant RIP messages. When configured to false, this command disables the check and allows the receipt of RIP messages even if the mandatory zero fields are non-zero. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
description description
| Synopsis | Text description | |
| Context | configure service vprn service-name rip description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
export-limit
| Synopsis | Enable the export-limit context | |
| Context | configure service vprn service-name rip export-limit | |
| Tree | export-limit | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
log-percent number
| Synopsis | Export limit before warning and SNMP notification sent | |
| Context | configure service vprn service-name rip export-limit log-percent number | |
| Tree | log-percent | |
| Range | 1 to 100 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
number number
export-policy reference
| Synopsis | Policies to determine exported routes | |
| Context | configure service vprn service-name rip export-policy reference | |
| Tree | export-policy | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
group [group-name] named-item
[group-name] named-item
admin-state keyword
| Synopsis | Administrative state of RIP neighbor interface group | |
| Context | configure service vprn service-name rip group named-item admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authentication-key encrypted-leaf
| Synopsis | Authentication password passed between RIP neighbors | |
| Context | configure service vprn service-name rip group named-item authentication-key encrypted-leaf | |
| Tree | authentication-key | |
Description | This command sets the authentication password to be passed between RIP neighbors. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes. The authentication type and authentication key must match exactly for the RIP message to be considered authentic and processed. When unconfigured, the authentication password is removed from the configuration and authentication is disabled. | |
| String length | 1 to 51 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authentication-type keyword
| Synopsis | Authentication type | |
| Context | configure service vprn service-name rip group named-item authentication-type keyword | |
| Tree | authentication-type | |
Description | This command configures the type of authentication to be used. The authentication type and authentication key must match exactly for the RIP message to be considered authentic and processed. When unconfigured, this command removes the authentication type from the configuration and effectively disables authentication. | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
bfd-liveness boolean
| Synopsis | Enable BFD to control the state of protocol adjacency | |
| Context | configure service vprn service-name rip group named-item bfd-liveness boolean | |
| Tree | bfd-liveness | |
Description | When configured to true, this command enables BFD to control the state of the associated protocol adjacency. When configured to false, this command removes BFD from the associated protocol adjacency. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
check-zero boolean
| Synopsis | Enable checking of mandatory zero fields | |
| Context | configure service vprn service-name rip group named-item check-zero boolean | |
| Tree | check-zero | |
Description | When configured to true, this command enables checking of the mandatory zero fields in the RIPv1 and RIPv2 specifications and rejecting non-compliant RIP messages. When configured to false, this command disables the check and allows the receipt of RIP messages even if the mandatory zero fields are non-zero. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
description description
| Synopsis | Text description | |
| Context | configure service vprn service-name rip group named-item description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
export-policy reference
| Synopsis | Policies used to rule which routes are exported to RIP | |
| Context | configure service vprn service-name rip group named-item export-policy reference | |
| Tree | export-policy | |
Description | This command specifies the export route policies used to determine which routes are exported to RIP. If multiple policy names are specified, the policies are evaluated in the order they are specified. The first policy that matches is applied. | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
import-policy reference
| Synopsis | Policies to decide routes accepted from RIP neighbors | |
| Context | configure service vprn service-name rip group named-item import-policy reference | |
| Tree | import-policy | |
Description | This command configures import route policies to determine which routes are accepted from RIP neighbors. If multiple policy names are specified, the policies are evaluated in the order they are specified. The first policy that matches is applied. | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
message-size number
| Synopsis | Maximum number of routes per RIP update message | |
| Context | configure service vprn service-name rip group named-item message-size number | |
| Tree | message-size | |
| Range | 25 to 255 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
metric-in number
metric-out number
| Synopsis | Metric added to routes exported into RIP | |
| Context | configure service vprn service-name rip group named-item metric-out number | |
| Tree | metric-out | |
| Range | 1 to 16 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
neighbor [interface-name] interface-name
[interface-name] interface-name
admin-state keyword
| Synopsis | Administrative state of the RIP neighbor interface | |
| Context | configure service vprn service-name rip group named-item neighbor interface-name admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authentication-key encrypted-leaf
| Synopsis | Authentication password passed between RIP neighbors | |
| Context | configure service vprn service-name rip group named-item neighbor interface-name authentication-key encrypted-leaf | |
| Tree | authentication-key | |
Description | This command sets the authentication password to be passed between RIP neighbors. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes. The authentication type and authentication key must match exactly for the RIP message to be considered authentic and processed. When unconfigured, this command removes the authentication password from the configuration and disables authentication. | |
| String length | 1 to 51 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
authentication-type keyword
| Synopsis | Authentication type | |
| Context | configure service vprn service-name rip group named-item neighbor interface-name authentication-type keyword | |
| Tree | authentication-type | |
Description | This command configures the type of authentication to be used. The authentication type and authentication key must match exactly for the RIP message to be considered authentic and processed. When unconfigured, this command removes the authentication type from the configuration and effectively disables authentication. | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
bfd-liveness boolean
| Synopsis | Enable BFD to control the state of protocol adjacency | |
| Context | configure service vprn service-name rip group named-item neighbor interface-name bfd-liveness boolean | |
| Tree | bfd-liveness | |
Description | When configured to true, this command enables BFD to control the state of the associated protocol adjacency. When configured to false, this command removes BFD from the associated protocol adjacency. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
check-zero boolean
| Synopsis | Enable checking of mandatory zero fields | |
| Context | configure service vprn service-name rip group named-item neighbor interface-name check-zero boolean | |
| Tree | check-zero | |
Description | When configured to true, this command enables checking of the mandatory zero fields in the RIPv1 and RIPv2 specifications and rejecting non-compliant RIP messages. When configured to false, this command disables the check and allows the receipt of RIP messages even if the mandatory zero fields are non-zero. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
description description
| Synopsis | Text description | |
| Context | configure service vprn service-name rip group named-item neighbor interface-name description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
export-policy reference
| Synopsis | Policies used to rule which routes are exported to RIP | |
| Context | configure service vprn service-name rip group named-item neighbor interface-name export-policy reference | |
| Tree | export-policy | |
Description | This command specifies the export route policies used to determine which routes are exported to RIP. If multiple policy names are specified, the policies are evaluated in the order they are specified. The first policy that matches is applied. | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
import-policy reference
| Synopsis | Policies to decide routes accepted from RIP neighbors | |
| Context | configure service vprn service-name rip group named-item neighbor interface-name import-policy reference | |
| Tree | import-policy | |
Description | This command configures import route policies to determine which routes are accepted from RIP neighbors. If multiple policy names are specified, the policies are evaluated in the order they are specified. The first policy that matches is applied. | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
message-size number
| Synopsis | Maximum number of routes per RIP update message | |
| Context | configure service vprn service-name rip group named-item neighbor interface-name message-size number | |
| Tree | message-size | |
| Range | 25 to 255 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
metric-in number
metric-out number
| Synopsis | Metric added to routes exported into RIP | |
| Context | configure service vprn service-name rip group named-item neighbor interface-name metric-out number | |
| Tree | metric-out | |
| Range | 1 to 16 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
preference number
| Synopsis | Route preference | |
| Context | configure service vprn service-name rip group named-item neighbor interface-name preference number | |
| Tree | preference | |
| Range | 1 to 255 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
receive keyword
send keyword
split-horizon boolean
| Synopsis | Enable split horizon and poison reverse | |
| Context | configure service vprn service-name rip group named-item neighbor interface-name split-horizon boolean | |
| Tree | split-horizon | |
Description | When configured to true, this command enables the use of split horizon with poison reverse. Split-horizon with poison reverse means that routes learned from a neighbor through a given interface are advertised in updates out of the same interface but with a metric of 16 (infinity). When configured to false. this command enables split horizon without poison reverse. This allows the routes to be re-advertised on interfaces other than the interface that learned the route, with the advertised metric equaling an increment of the metric-in value. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
timers
flush number
| Synopsis | RIP flush timer | |
| Context | configure service vprn service-name rip group named-item neighbor interface-name timers flush number | |
| Tree | flush | |
Description | This command specifies the time a route is maintained in the RIP database after it has been declared invalid. When the timer expires, the route is flushed from the RIP database completely. | |
| Range | 1 to 1200 | |
| Units | seconds | |
Notes |
This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
timeout number
| Synopsis | RIP timeout timer | |
| Context | configure service vprn service-name rip group named-item neighbor interface-name timers timeout number | |
| Tree | timeout | |
Description | This command specifies the RIP timeout timer. If a route is not updated by the time the timer expires, the route is declared invalid, but the route is maintained in the RIP database. | |
| Range | 1 to 1200 | |
| Units | seconds | |
Notes |
This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
update number
unicast-address [address] ipv4-unicast-address
| Synopsis | Add a list entry for unicast-address | |
| Context | configure service vprn service-name rip group named-item neighbor interface-name unicast-address ipv4-unicast-address | |
| Tree | unicast-address | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[address] ipv4-unicast-address
| Synopsis | Unicast IPv6 address for the neighbor | |
| Context | configure service vprn service-name rip group named-item neighbor interface-name unicast-address ipv4-unicast-address | |
| Tree | unicast-address | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
preference number
| Synopsis | Route preference | |
| Context | configure service vprn service-name rip group named-item preference number | |
| Tree | preference | |
| Range | 1 to 255 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
receive keyword
send keyword
split-horizon boolean
| Synopsis | Enable split horizon and poison reverse | |
| Context | configure service vprn service-name rip group named-item split-horizon boolean | |
| Tree | split-horizon | |
Description | When configured to true, this command enables the use of split horizon with poison reverse. Split-horizon with poison reverse means that routes learned from a neighbor through a given interface are advertised in updates out of the same interface but with a metric of 16 (infinity). When configured to false. this command enables split horizon without poison reverse. This allows the routes to be re-advertised on interfaces other than the interface that learned the route, with the advertised metric equaling an increment of the metric-in value. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
timers
flush number
| Synopsis | RIP flush timer | |
| Context | configure service vprn service-name rip group named-item timers flush number | |
| Tree | flush | |
Description | This command specifies the time a route is maintained in the RIP database after it has been declared invalid. When the timer expires, the route is flushed from the RIP database completely. | |
| Range | 1 to 1200 | |
| Units | seconds | |
Notes |
This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
timeout number
| Synopsis | RIP timeout timer | |
| Context | configure service vprn service-name rip group named-item timers timeout number | |
| Tree | timeout | |
Description | This command specifies the RIP timeout timer. If a route is not updated by the time the timer expires, the route is declared invalid, but the route is maintained in the RIP database. | |
| Range | 1 to 1200 | |
| Units | seconds | |
Notes |
This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
update number
import-policy reference
| Synopsis | Import policies to decide routes for routing table | |
| Context | configure service vprn service-name rip import-policy reference | |
| Tree | import-policy | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
message-size number
| Synopsis | Maximum number of routes in the RIP message | |
| Context | configure service vprn service-name rip message-size number | |
| Tree | message-size | |
| Range | 25 to 255 | |
| Default | 25 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
metric-in number
metric-out number
| Synopsis | Metric added to routes exported into RIP | |
| Context | configure service vprn service-name rip metric-out number | |
| Tree | metric-out | |
| Range | 1 to 16 | |
| Default | 1 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
preference number
| Synopsis | Route preference | |
| Context | configure service vprn service-name rip preference number | |
| Tree | preference | |
| Range | 1 to 255 | |
| Default | 100 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
propagate-metric boolean
| Synopsis | Enable the BGP MED used to configure the RIP metric | |
| Context | configure service vprn service-name rip propagate-metric boolean | |
| Tree | propagate-metric | |
Description | When configured to true, this command enables the BGP MED to be used to configure the RIP metric at the BGP to RIP transition on egress routers. When configured to false, this command sets the RIP metric to the optional value configured with the metric-out command plus one. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
receive keyword
send keyword
split-horizon boolean
| Synopsis | Enable split horizon and poison reverse | |
| Context | configure service vprn service-name rip split-horizon boolean | |
| Tree | split-horizon | |
Description | When configured to true, this command enables the use of split horizon with poison reverse. Split-horizon with poison reverse means that routes learned from a neighbor through a given interface are advertised in updates out of the same interface but with a metric of 16 (infinity). When configured to false. this command enables split horizon without poison reverse. This allows the routes to be re-advertised on interfaces other than the interface that learned the route, with the advertised metric equaling an increment of the metric-in value. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
timers
flush number
| Synopsis | RIP flush timer | |
| Context | configure service vprn service-name rip timers flush number | |
| Tree | flush | |
Description | This command specifies the time a route is maintained in the RIP database after it has been declared invalid. When the timer expires, the route is flushed from the RIP database completely. | |
| Range | 1 to 1200 | |
| Units | seconds | |
Notes |
This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
timeout number
| Synopsis | RIP timeout timer | |
| Context | configure service vprn service-name rip timers timeout number | |
| Tree | timeout | |
Description | This command specifies the RIP timeout timer. If a route is not updated by the time the timer expires, the route is declared invalid, but the route is maintained in the RIP database. | |
| Range | 1 to 1200 | |
| Units | seconds | |
Notes |
This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
update number
ripng
admin-state keyword
| Synopsis | Administrative state of the RIPng instance | |
| Context | configure service vprn service-name ripng admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bfd-liveness boolean
| Synopsis | Enable BFD to control the state of protocol adjacency | |
| Context | configure service vprn service-name ripng bfd-liveness boolean | |
| Tree | bfd-liveness | |
Description | When configured to true, this command enables BFD to control the state of the associated protocol adjacency. When configured to false, this command removes BFD from the associated protocol adjacency. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
check-zero boolean
| Synopsis | Enable checking of mandatory zero fields | |
| Context | configure service vprn service-name ripng check-zero boolean | |
| Tree | check-zero | |
Description | When configured to true, this command enables checking of the mandatory zero fields in the RIPv1 and RIPv2 specifications and rejecting non-compliant RIP messages. When configured to false, this command disables the check and allows the receipt of RIP messages even if the mandatory zero fields are non-zero. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
description description
| Synopsis | Text description | |
| Context | configure service vprn service-name ripng description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
export-limit
| Synopsis | Enable the export-limit context | |
| Context | configure service vprn service-name ripng export-limit | |
| Tree | export-limit | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
log-percent number
| Synopsis | Export limit before warning and SNMP notification sent | |
| Context | configure service vprn service-name ripng export-limit log-percent number | |
| Tree | log-percent | |
| Range | 1 to 100 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
number number
export-policy reference
| Synopsis | Policies to determine exported routes | |
| Context | configure service vprn service-name ripng export-policy reference | |
| Tree | export-policy | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
group [group-name] named-item
[group-name] named-item
admin-state keyword
| Synopsis | Administrative state of RIPng neighbor interface group | |
| Context | configure service vprn service-name ripng group named-item admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bfd-liveness boolean
| Synopsis | Enable BFD to control the state of protocol adjacency | |
| Context | configure service vprn service-name ripng group named-item bfd-liveness boolean | |
| Tree | bfd-liveness | |
Description | When configured to true, this command enables BFD to control the state of the associated protocol adjacency. When configured to false, this command removes BFD from the associated protocol adjacency. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
check-zero boolean
| Synopsis | Enable checking of mandatory zero fields | |
| Context | configure service vprn service-name ripng group named-item check-zero boolean | |
| Tree | check-zero | |
Description | When configured to true, this command enables checking of the mandatory zero fields in the RIPv1 and RIPv2 specifications and rejecting non-compliant RIP messages. When configured to false, this command disables the check and allows the receipt of RIP messages even if the mandatory zero fields are non-zero. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
description description
| Synopsis | Text description | |
| Context | configure service vprn service-name ripng group named-item description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
export-policy reference
| Synopsis | Policies used to rule which routes are exported to RIP | |
| Context | configure service vprn service-name ripng group named-item export-policy reference | |
| Tree | export-policy | |
Description | This command specifies the export route policies used to determine which routes are exported to RIP. If multiple policy names are specified, the policies are evaluated in the order they are specified. The first policy that matches is applied. | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
import-policy reference
| Synopsis | Policies to decide routes accepted from RIP neighbors | |
| Context | configure service vprn service-name ripng group named-item import-policy reference | |
| Tree | import-policy | |
Description | This command configures import route policies to determine which routes are accepted from RIP neighbors. If multiple policy names are specified, the policies are evaluated in the order they are specified. The first policy that matches is applied. | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
message-size number
| Synopsis | Maximum number of routes in the message | |
| Context | configure service vprn service-name ripng group named-item message-size number | |
| Tree | message-size | |
| Range | 25 to 255 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
metric-in number
metric-out number
| Synopsis | Metric added to routes exported into RIPng | |
| Context | configure service vprn service-name ripng group named-item metric-out number | |
| Tree | metric-out | |
| Range | 1 to 16 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
neighbor [interface-name] reference
[interface-name] reference
admin-state keyword
| Synopsis | Administrative state of the RIPng neighbor | |
| Context | configure service vprn service-name ripng group named-item neighbor reference admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | enable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
bfd-liveness boolean
| Synopsis | Enable BFD to control the state of protocol adjacency | |
| Context | configure service vprn service-name ripng group named-item neighbor reference bfd-liveness boolean | |
| Tree | bfd-liveness | |
Description | When configured to true, this command enables BFD to control the state of the associated protocol adjacency. When configured to false, this command removes BFD from the associated protocol adjacency. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
check-zero boolean
| Synopsis | Enable checking of mandatory zero fields | |
| Context | configure service vprn service-name ripng group named-item neighbor reference check-zero boolean | |
| Tree | check-zero | |
Description | When configured to true, this command enables checking of the mandatory zero fields in the RIPv1 and RIPv2 specifications and rejecting non-compliant RIP messages. When configured to false, this command disables the check and allows the receipt of RIP messages even if the mandatory zero fields are non-zero. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
description description
| Synopsis | Text description | |
| Context | configure service vprn service-name ripng group named-item neighbor reference description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
export-policy reference
| Synopsis | Policies used to rule which routes are exported to RIP | |
| Context | configure service vprn service-name ripng group named-item neighbor reference export-policy reference | |
| Tree | export-policy | |
Description | This command specifies the export route policies used to determine which routes are exported to RIP. If multiple policy names are specified, the policies are evaluated in the order they are specified. The first policy that matches is applied. | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
import-policy reference
| Synopsis | Policies to decide routes accepted from RIP neighbors | |
| Context | configure service vprn service-name ripng group named-item neighbor reference import-policy reference | |
| Tree | import-policy | |
Description | This command configures import route policies to determine which routes are accepted from RIP neighbors. If multiple policy names are specified, the policies are evaluated in the order they are specified. The first policy that matches is applied. | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
message-size number
| Synopsis | Maximum number of routes in the message | |
| Context | configure service vprn service-name ripng group named-item neighbor reference message-size number | |
| Tree | message-size | |
| Range | 25 to 255 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
metric-in number
metric-out number
| Synopsis | Metric added to routes exported into RIPng | |
| Context | configure service vprn service-name ripng group named-item neighbor reference metric-out number | |
| Tree | metric-out | |
| Range | 1 to 16 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
preference number
| Synopsis | Route preference | |
| Context | configure service vprn service-name ripng group named-item neighbor reference preference number | |
| Tree | preference | |
| Range | 1 to 255 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
receive keyword
send keyword
split-horizon boolean
| Synopsis | Enable split horizon and poison reverse | |
| Context | configure service vprn service-name ripng group named-item neighbor reference split-horizon boolean | |
| Tree | split-horizon | |
Description | When configured to true, this command enables the use of split horizon with poison reverse. Split-horizon with poison reverse means that routes learned from a neighbor through a given interface are advertised in updates out of the same interface but with a metric of 16 (infinity). When configured to false. this command enables split horizon without poison reverse. This allows the routes to be re-advertised on interfaces other than the interface that learned the route, with the advertised metric equaling an increment of the metric-in value. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
timers
flush number
| Synopsis | RIP flush timer | |
| Context | configure service vprn service-name ripng group named-item neighbor reference timers flush number | |
| Tree | flush | |
Description | This command specifies the time a route is maintained in the RIP database after it has been declared invalid. When the timer expires, the route is flushed from the RIP database completely. | |
| Range | 1 to 1200 | |
| Units | seconds | |
Notes |
This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
timeout number
| Synopsis | RIP timeout timer | |
| Context | configure service vprn service-name ripng group named-item neighbor reference timers timeout number | |
| Tree | timeout | |
Description | This command specifies the RIP timeout timer. If a route is not updated by the time the timer expires, the route is declared invalid, but the route is maintained in the RIP database. | |
| Range | 1 to 1200 | |
| Units | seconds | |
Notes |
This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
update number
unicast-address [address] ipv6-unicast-address
| Synopsis | Add a list entry for unicast-address | |
| Context | configure service vprn service-name ripng group named-item neighbor reference unicast-address ipv6-unicast-address | |
| Tree | unicast-address | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[address] ipv6-unicast-address
| Synopsis | Unicast IPv6 address for the neighbor | |
| Context | configure service vprn service-name ripng group named-item neighbor reference unicast-address ipv6-unicast-address | |
| Tree | unicast-address | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
preference number
| Synopsis | Route preference | |
| Context | configure service vprn service-name ripng group named-item preference number | |
| Tree | preference | |
| Range | 1 to 255 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
receive keyword
send keyword
split-horizon boolean
| Synopsis | Enable split horizon and poison reverse | |
| Context | configure service vprn service-name ripng group named-item split-horizon boolean | |
| Tree | split-horizon | |
Description | When configured to true, this command enables the use of split horizon with poison reverse. Split-horizon with poison reverse means that routes learned from a neighbor through a given interface are advertised in updates out of the same interface but with a metric of 16 (infinity). When configured to false. this command enables split horizon without poison reverse. This allows the routes to be re-advertised on interfaces other than the interface that learned the route, with the advertised metric equaling an increment of the metric-in value. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
timers
flush number
| Synopsis | RIP flush timer | |
| Context | configure service vprn service-name ripng group named-item timers flush number | |
| Tree | flush | |
Description | This command specifies the time a route is maintained in the RIP database after it has been declared invalid. When the timer expires, the route is flushed from the RIP database completely. | |
| Range | 1 to 1200 | |
| Units | seconds | |
Notes |
This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
timeout number
| Synopsis | RIP timeout timer | |
| Context | configure service vprn service-name ripng group named-item timers timeout number | |
| Tree | timeout | |
Description | This command specifies the RIP timeout timer. If a route is not updated by the time the timer expires, the route is declared invalid, but the route is maintained in the RIP database. | |
| Range | 1 to 1200 | |
| Units | seconds | |
Notes |
This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
update number
import-policy reference
| Synopsis | Import policies to decide routes for routing table | |
| Context | configure service vprn service-name ripng import-policy reference | |
| Tree | import-policy | |
Reference | configure policy-options policy-statement named-item-64 | |
| Max. instances | 5 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
message-size number
| Synopsis | Maximum number of routes in the message | |
| Context | configure service vprn service-name ripng message-size number | |
| Tree | message-size | |
| Range | 25 to 255 | |
| Default | 25 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
metric-in number
metric-out number
| Synopsis | Metric added to routes exported into RIPng | |
| Context | configure service vprn service-name ripng metric-out number | |
| Tree | metric-out | |
| Range | 1 to 16 | |
| Default | 1 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
preference number
| Synopsis | Route preference | |
| Context | configure service vprn service-name ripng preference number | |
| Tree | preference | |
| Range | 1 to 255 | |
| Default | 100 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
receive keyword
send keyword
split-horizon boolean
| Synopsis | Enable split horizon and poison reverse | |
| Context | configure service vprn service-name ripng split-horizon boolean | |
| Tree | split-horizon | |
Description | When configured to true, this command enables the use of split horizon with poison reverse. Split-horizon with poison reverse means that routes learned from a neighbor through a given interface are advertised in updates out of the same interface but with a metric of 16 (infinity). When configured to false, this command enables split horizon without poison reverse. This allows the routes to be re-advertised on interfaces other than the interface that learned the route, with the advertised metric equaling an increment of the metric-in value. | |
| Default | true | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
timers
flush number
| Synopsis | RIP flush timer | |
| Context | configure service vprn service-name ripng timers flush number | |
| Tree | flush | |
Description | This command specifies the time a route is maintained in the RIP database after it has been declared invalid. When the timer expires, the route is flushed from the RIP database completely. | |
| Range | 1 to 1200 | |
| Units | seconds | |
Notes |
This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
timeout number
| Synopsis | RIP timeout timer | |
| Context | configure service vprn service-name ripng timers timeout number | |
| Tree | timeout | |
Description | This command specifies the RIP timeout timer. If a route is not updated by the time the timer expires, the route is declared invalid, but the route is maintained in the RIP database. | |
| Range | 1 to 1200 | |
| Units | seconds | |
Notes |
This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
update number
router-id router-id
service-id number
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Service ID | |
| Context | configure service vprn service-name service-id number | |
| Tree | service-id | |
| Range | 1 to 2147483647 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
sfm-overload
| Synopsis | Enable the sfm-overload context | |
| Context | configure service vprn service-name sfm-overload | |
| Tree | sfm-overload | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
holdoff-time number
| Synopsis | Delay in detecting SFM failures and setting overload | |
| Context | configure service vprn service-name sfm-overload holdoff-time number | |
| Tree | holdoff-time | |
| Range | 1 to 600 | |
| Units | seconds | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
sgt-qos
dot1p
application [dot1p-app-name] keyword
| Synopsis | Enter the application list instance | |
| Context | configure service vprn service-name sgt-qos dot1p application keyword | |
| Tree | application | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[dot1p-app-name] keyword
| Synopsis | Dot1p application ID that generates control traffic | |
| Context | configure service vprn service-name sgt-qos dot1p application keyword | |
| Tree | application | |
| Options | ||
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dot1p (keyword | number)
| Synopsis | Dot1p value to the traffic generated by this application | |
| Context | configure service vprn service-name sgt-qos dot1p application keyword dot1p (keyword | number) | |
| Tree | dot1p | |
| Range | 0 to 7 | |
| Options | be – Best effort l2 – Low 2 (best effort) af – Assured forwarding (assured) l1 – Low 1 (assured) h2 – High 2 (high priority) ef – Expedited forwarding (high priority) h1 – High 1 (high priority) nc – Network control (high priority) | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dscp
application [dscp-app-name] keyword
| Synopsis | Enter the application list instance | |
| Context | configure service vprn service-name sgt-qos dscp application keyword | |
| Tree | application | |
Description | Commands in this context configure DSCP remarking for self-generated application traffic. All packets generated by the configured application instance use the value configured for the DSCP name or value. The instance can be Base, router, VPRN, or management. The system uses the DSCP value configured in this instance to:
| |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[dscp-app-name] keyword
| Synopsis | DSCP application ID that generates control traffic | |
| Context | configure service vprn service-name sgt-qos dscp application keyword | |
| Tree | application | |
Description | This command configures the DSCP application ID that generates control traffic. | |
| Options | ||
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
dscp (keyword | number)
dscp-map [dscp-name] keyword
[dscp-name] keyword
fc keyword
| Synopsis | Value for the forwarding class for this mapping | |
| Context | configure service vprn service-name sgt-qos dscp dscp-map keyword fc keyword | |
| Tree | fc | |
| Options | be – Best effort l2 – Low 2 (best effort) af – Assured forwarding (assured) l1 – Low 1 (assured) h2 – High 2 (high priority) ef – Expedited forwarding (high priority) h1 – High 1 (high priority) nc – Network control (high priority) | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
snmp
access boolean
community [community-string] encrypted-leaf
| Synopsis | Enter the community list instance | |
| Context | configure service vprn service-name snmp community encrypted-leaf | |
| Tree | community | |
Description | Commands in this context set the SNMP community names to be used with the associated VPRN instance. These VPRN community names are used to associate SNMP v1/v2c requests with a particular VPRN context and to return a reply that contains VPRN-specific data or limit SNMP access to data in a specific VPRN instance. VPRN SNMP communities configured with an access permission of 'r' are automatically associated with the default access group "snmp-vprn-ro” and the “vprn-view” view (read only). VPRN SNMP communities configured with an access permission of 'rw' are automatically associated with the default access group "snmp-vprn” and the “vprn-view” view (read/write). The community in an SNMP v1/v2 request determines the SNMP context (that is, the VPRN number for accessing SNMP tables) and not the VPRN of the incoming interface on which the request was received. For example, when an SNMP request arrives on VPRN 5 interface “ringo” with a destination IP address equal to the “ringo” interface, but the community in the SNMP request is the community configured against VPRN 101, the SNMP request is processed using the VPRN 101 context. (the response contains information about VPRN 101). Nokia recommends avoiding the use of a simple series of VPRN SNMP community values that are similar to each other (for example, avoid my-vprncomm-1, my-vprn-comm-2, and so on). | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[community-string] encrypted-leaf
access-permissions keyword
| Synopsis | Access permissions to MIB objects | |
| Context | configure service vprn service-name snmp community encrypted-leaf access-permissions keyword | |
| Tree | access-permissions | |
| Options | ||
Notes |
This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
source-access-list reference
| Synopsis | List name used to validate the source IP address | |
| Context | configure service vprn service-name snmp community encrypted-leaf source-access-list reference | |
| Tree | source-access-list | |
Description | This command specifies the SNMP source access list to use with the SNMP community. The source access list is used to validate the source IP address of all received SNMP requests that use the community. | |
Reference | configure system security snmp source-access-list string-not-all-spaces | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
version keyword
source-address
| Synopsis | Enter the source-address context | |
| Context | configure service vprn service-name source-address | |
| Tree | source-address | |
Description | Commands in this context configure the source address and application to use in all unsolicited packets. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipv4 [application] keyword
| Synopsis | Enter the ipv4 list instance | |
| Context | configure service vprn service-name source-address ipv4 keyword | |
| Tree | ipv4 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[application] keyword
| Synopsis | Application that uses the source IP address | |
| Context | configure service vprn service-name source-address ipv4 keyword | |
| Tree | ipv4 | |
| Options | ||
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
address ipv4-address
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Source IPv4 address | |
| Context | configure service vprn service-name source-address ipv4 keyword address ipv4-address | |
| Tree | address | |
Notes | The following elements are part of a mandatory choice: address or interface-name. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
interface-name interface-name
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | IP interface name | |
| Context | configure service vprn service-name source-address ipv4 keyword interface-name interface-name | |
| Tree | interface-name | |
| String length | 1 to 32 | |
Notes | The following elements are part of a mandatory choice: address or interface-name. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
ipv6 [application] keyword
| Synopsis | Enter the ipv6 list instance | |
| Context | configure service vprn service-name source-address ipv6 keyword | |
| Tree | ipv6 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[application] keyword
| Synopsis | Application that uses the source IP address | |
| Context | configure service vprn service-name source-address ipv6 keyword | |
| Tree | ipv6 | |
| Options | ||
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
address ipv6-address
|
WARNING: Modifying this element recreates the parent element automatically for the new value to take effect. | ||
| Synopsis | Source IPv6 address | |
| Context | configure service vprn service-name source-address ipv6 keyword address ipv6-address | |
| Tree | address | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
spoke-sdp [sdp-bind-id] sdp-bind-id
[sdp-bind-id] sdp-bind-id
description description
| Synopsis | Text description | |
| Context | configure service vprn service-name spoke-sdp sdp-bind-id description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
static-routes
| Synopsis | Enter the static-routes context | |
| Context | configure service vprn service-name static-routes | |
| Tree | static-routes | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
hold-down
| Synopsis | Enable the hold-down context | |
| Context | configure service vprn service-name static-routes hold-down | |
| Tree | hold-down | |
Description | Commands in this context enable the hold-down time feature globally for static routes in the system. The static route hold-down time is a mechanism to protect from rapid, fluctuating state changes of static routes resulting from issues with reachability because of link flap. The commands in this context apply to all static routes in the VPRN and the base router instance in which this hold-down time is configured in. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
initial number
| Synopsis | Value for the initial hold-down time | |
| Context | configure service vprn service-name static-routes hold-down initial number | |
| Tree | initial | |
Description | This command specifies the initial value of the hold-down time globally for static routes in the system. When a static route is ready to become active, it remains inactive for the hold-down time before activating the static-route. If, during this hold-down period, the static route becomes inactive again because of factors such as interface failure, the hold-down timer is reset, effectively postponing the activation of the route until the next opportunity. | |
| Range | 1 to 65535 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
max-value number
| Synopsis | Maximum value of the hold-down time | |
| Context | configure service vprn service-name static-routes hold-down max-value number | |
| Tree | max-value | |
Description | This command specifies the maximum value of the hold-down time globally for static routes in the system. | |
| Range | 1 to 65535 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
multiplier number
| Synopsis | Multiplier of the previous hold-down time | |
| Context | configure service vprn service-name static-routes hold-down multiplier number | |
| Tree | multiplier | |
Description | This command specifies the multiplier value by which the previous hold-down time is multiplied to calculate the new one. This value applies globally for static routes in the system. | |
| Range | 1 to 10 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
route [ip-prefix] (ipv4-prefix | ipv6-prefix) route-type keyword
| Synopsis | Enter the route list instance | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword | |
| Tree | route | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[ip-prefix] (ipv4-prefix | ipv6-prefix)
| Synopsis | IP prefix and prefix length for the static routes | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword | |
| Tree | route | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
route-type keyword
| Synopsis | Static route type | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword | |
| Tree | route | |
| Options | ||
|
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
blackhole
| Synopsis | Enable the blackhole context | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword blackhole | |
| Tree | blackhole | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the static route operation | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword blackhole admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
community community
| Synopsis | Community ID associated with the static route | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword blackhole community community | |
| Tree | community | |
| String length | 1 to 72 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
description description-allow-all-white-spaces
| Synopsis | Text description | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword blackhole description description-allow-all-white-spaces | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
generate-icmp boolean
| Synopsis | Send ICMP unreachable messages when received packets match a static route with black-hole next-hop | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword blackhole generate-icmp boolean | |
| Tree | generate-icmp | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
metric number
| Synopsis | Static route metric | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword blackhole metric number | |
| Tree | metric | |
| Range | 0 to 65535 | |
| Default | 1 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
preference number
| Synopsis | Priority of this static route over the routes from different sources | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword blackhole preference number | |
| Tree | preference | |
| Range | 1 to 255 | |
| Default | 5 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
prefix-list
| Synopsis | Enter the prefix-list context | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword blackhole prefix-list | |
| Tree | prefix-list | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
flag keyword
| Synopsis | Static route match condition from prefix list | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword blackhole prefix-list flag keyword | |
| Tree | flag | |
| Options | ||
| Default | any | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
name reference
| Synopsis | Prefix list name | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword blackhole prefix-list name reference | |
| Tree | name | |
Reference | configure policy-options prefix-list named-item-64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
router-instance string
| Synopsis | Router instance used for matching prefix list | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword blackhole prefix-list router-instance string | |
| Tree | router-instance | |
Description | This command configures the router instance used for matching against the prefix list. If the conditional static route is configured in a VPRN and the router instance is configured as "Base", the activation of the static route is dependent on the existence of routes in the Base router and the evaluation of the prefix list and flag is done in that context. By default there is no configured value for this command option, and the conditional static route is dependent on the existence of routes in the same router instance as the static route itself, subject to the details of the prefix list and the flag setting. Entries in a referenced prefix list that are not match type 'exact' are interpreted as though they are 'exact'. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
tag number
| Synopsis | Static route tag | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword blackhole tag number | |
| Tree | tag | |
| Range | 1 to 4294967295 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
community community
| Synopsis | Community ID associated with the static route | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword community community | |
| Tree | community | |
| String length | 1 to 72 | |
| Max. instances | 12 | |
Notes | This element is ordered by the user. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
grt
| Synopsis | Enable the grt context | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword grt | |
| Tree | grt | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the static route operation | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword grt admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
description description-allow-all-white-spaces
| Synopsis | Text description | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword grt description description-allow-all-white-spaces | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
metric number
| Synopsis | Static route metric | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword grt metric number | |
| Tree | metric | |
| Range | 0 to 65535 | |
| Default | 1 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
preference number
| Synopsis | Priority of this static route over the routes from different sources | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword grt preference number | |
| Tree | preference | |
| Range | 1 to 255 | |
| Default | 5 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
indirect [ip-address] (ipv4-address-no-zone | ipv6-address-no-zone)
| Synopsis | Enter the indirect list instance | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword indirect (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | indirect | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[ip-address] (ipv4-address-no-zone | ipv6-address-no-zone)
| Synopsis | Next-hop IP address used to reach the destination | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword indirect (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | indirect | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the static route operation | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword indirect (ipv4-address-no-zone | ipv6-address-no-zone) admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
community community
| Synopsis | Community ID associated with the static route | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword indirect (ipv4-address-no-zone | ipv6-address-no-zone) community community | |
| Tree | community | |
| String length | 1 to 72 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cpe-check [address] (ipv4-address-no-zone | ipv6-address-no-zone)
| Synopsis | Enter the cpe-check list instance | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword indirect (ipv4-address-no-zone | ipv6-address-no-zone) cpe-check (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | cpe-check | |
Description | When configured, this command enables the Customer Premises Equipment (CPE) check feature and specifies the IP address of the target CPE device. This option initiates a background ICMP ping test to the configured target IP address. The IP address can either be an IPv4 address for IPv4 static routes or an IPv6 address for IPv6 static routes. To avoid possible circular references, the target IP address cannot exist in the same subnet as the static route subnet. This command is mutually exclusive with BFD support on a specific static route. Note: A node that is sourcing CPE-check packets waits an additional full interval before taking action, which gives the CPE time to respond. For example, with a drop-count of 3 and an interval of 1s, three CPE-check packets are sent out and the node waits for the duration of another interval before acting on the loss. Failure declaration may take extra time depending on the load, interval, and other factors. In line with multitasking, multi-priority operating principles of the node, and the relative priority of cpe-ping, the node paces these minor events. | |
| Max. instances | 1 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
[address] (ipv4-address-no-zone | ipv6-address-no-zone)
| Synopsis | IP address of the target CPE device | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword indirect (ipv4-address-no-zone | ipv6-address-no-zone) cpe-check (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | cpe-check | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
drop-count number
| Synopsis | Consecutive ping replies missed before CPE deemed down | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword indirect (ipv4-address-no-zone | ipv6-address-no-zone) cpe-check (ipv4-address-no-zone | ipv6-address-no-zone) drop-count number | |
| Tree | drop-count | |
| Range | 1 to 255 | |
| Default | 3 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
interval number
| Synopsis | Interval between ICMP pings to target CPE IP address | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword indirect (ipv4-address-no-zone | ipv6-address-no-zone) cpe-check (ipv4-address-no-zone | ipv6-address-no-zone) interval number | |
| Tree | interval | |
| Range | 1 to 255 | |
| Units | seconds | |
| Default | 1 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
log boolean
| Synopsis | Log CPE connectivity checks transitions | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword indirect (ipv4-address-no-zone | ipv6-address-no-zone) cpe-check (ipv4-address-no-zone | ipv6-address-no-zone) log boolean | |
| Tree | log | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
padding-size number
| Synopsis | Padding size for CPE connectivity checks | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword indirect (ipv4-address-no-zone | ipv6-address-no-zone) cpe-check (ipv4-address-no-zone | ipv6-address-no-zone) padding-size number | |
| Tree | padding-size | |
| Range | 0 to 16384 | |
| Units | bytes | |
| Default | 56 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
description description-allow-all-white-spaces
| Synopsis | Text description | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword indirect (ipv4-address-no-zone | ipv6-address-no-zone) description description-allow-all-white-spaces | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
metric number
| Synopsis | Static route metric | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword indirect (ipv4-address-no-zone | ipv6-address-no-zone) metric number | |
| Tree | metric | |
| Range | 0 to 65535 | |
| Default | 1 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
preference number
| Synopsis | Priority of this static route over the routes from different sources | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword indirect (ipv4-address-no-zone | ipv6-address-no-zone) preference number | |
| Tree | preference | |
| Range | 1 to 255 | |
| Default | 5 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
prefix-list
| Synopsis | Enter the prefix-list context | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword indirect (ipv4-address-no-zone | ipv6-address-no-zone) prefix-list | |
| Tree | prefix-list | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
flag keyword
| Synopsis | Static route match condition from prefix list | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword indirect (ipv4-address-no-zone | ipv6-address-no-zone) prefix-list flag keyword | |
| Tree | flag | |
| Options | ||
| Default | any | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
name reference
| Synopsis | Prefix list name | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword indirect (ipv4-address-no-zone | ipv6-address-no-zone) prefix-list name reference | |
| Tree | name | |
Reference | configure policy-options prefix-list named-item-64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
router-instance string
| Synopsis | Router instance used for matching prefix list | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword indirect (ipv4-address-no-zone | ipv6-address-no-zone) prefix-list router-instance string | |
| Tree | router-instance | |
Description | This command configures the router instance used for matching against the prefix list. If the conditional static route is configured in a VPRN and the router instance is configured as "Base", the activation of the static route is dependent on the existence of routes in the Base router and the evaluation of the prefix list and flag is done in that context. By default there is no configured value for this command option, and the conditional static route is dependent on the existence of routes in the same router instance as the static route itself, subject to the details of the prefix list and the flag setting. Entries in a referenced prefix list that are not match type 'exact' are interpreted as though they are 'exact'. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
tag number
| Synopsis | Static route tag | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword indirect (ipv4-address-no-zone | ipv6-address-no-zone) tag number | |
| Tree | tag | |
| Range | 1 to 4294967295 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
interface [interface-name] interface-name
| Synopsis | Enter the interface list instance | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword interface interface-name | |
| Tree | interface | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[interface-name] interface-name
| Synopsis | Router interface name | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword interface interface-name | |
| Tree | interface | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the static route operation | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword interface interface-name admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
community community
| Synopsis | Community ID associated with the static route | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword interface interface-name community community | |
| Tree | community | |
| String length | 1 to 72 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cpe-check [address] (ipv4-address-no-zone | ipv6-address-no-zone)
| Synopsis | Enter the cpe-check list instance | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword interface interface-name cpe-check (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | cpe-check | |
Description | When configured, this command enables the Customer Premises Equipment (CPE) check feature and specifies the IP address of the target CPE device. This option initiates a background ICMP ping test to the configured target IP address. The IP address can either be an IPv4 address for IPv4 static routes or an IPv6 address for IPv6 static routes. To avoid possible circular references, the target IP address cannot exist in the same subnet as the static route subnet. This command is mutually exclusive with BFD support on a specific static route. Note: A node that is sourcing CPE-check packets waits an additional full interval before taking action, which gives the CPE time to respond. For example, with a drop-count of 3 and an interval of 1s, three CPE-check packets are sent out and the node waits for the duration of another interval before acting on the loss. Failure declaration may take extra time depending on the load, interval, and other factors. In line with multitasking, multi-priority operating principles of the node, and the relative priority of cpe-ping, the node paces these minor events. | |
| Max. instances | 1 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
[address] (ipv4-address-no-zone | ipv6-address-no-zone)
| Synopsis | IP address of the target CPE device | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword interface interface-name cpe-check (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | cpe-check | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
drop-count number
| Synopsis | Consecutive ping replies missed before CPE deemed down | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword interface interface-name cpe-check (ipv4-address-no-zone | ipv6-address-no-zone) drop-count number | |
| Tree | drop-count | |
| Range | 1 to 255 | |
| Default | 3 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
interval number
| Synopsis | Interval between ICMP pings to target CPE IP address | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword interface interface-name cpe-check (ipv4-address-no-zone | ipv6-address-no-zone) interval number | |
| Tree | interval | |
| Range | 1 to 255 | |
| Units | seconds | |
| Default | 1 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
log boolean
| Synopsis | Log CPE connectivity checks transitions | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword interface interface-name cpe-check (ipv4-address-no-zone | ipv6-address-no-zone) log boolean | |
| Tree | log | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
padding-size number
| Synopsis | Padding size for CPE connectivity checks | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword interface interface-name cpe-check (ipv4-address-no-zone | ipv6-address-no-zone) padding-size number | |
| Tree | padding-size | |
| Range | 0 to 16384 | |
| Units | bytes | |
| Default | 56 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
description description-allow-all-white-spaces
| Synopsis | Text description | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword interface interface-name description description-allow-all-white-spaces | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
load-balancing-weight number
| Synopsis | Load-balancing weight for all of the ECMP next hops | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword interface interface-name load-balancing-weight number | |
| Tree | load-balancing-weight | |
| Range | 1 to 4294967295 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
metric number
| Synopsis | Static route metric | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword interface interface-name metric number | |
| Tree | metric | |
| Range | 0 to 65535 | |
| Default | 1 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
preference number
| Synopsis | Priority of this static route over the routes from different sources | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword interface interface-name preference number | |
| Tree | preference | |
| Range | 1 to 255 | |
| Default | 5 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
prefix-list
| Synopsis | Enter the prefix-list context | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword interface interface-name prefix-list | |
| Tree | prefix-list | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
flag keyword
| Synopsis | Static route match condition from prefix list | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword interface interface-name prefix-list flag keyword | |
| Tree | flag | |
| Options | ||
| Default | any | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
name reference
| Synopsis | Prefix list name | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword interface interface-name prefix-list name reference | |
| Tree | name | |
Reference | configure policy-options prefix-list named-item-64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
router-instance string
| Synopsis | Router instance used for matching prefix list | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword interface interface-name prefix-list router-instance string | |
| Tree | router-instance | |
Description | This command configures the router instance used for matching against the prefix list. If the conditional static route is configured in a VPRN and the router instance is configured as "Base", the activation of the static route is dependent on the existence of routes in the Base router and the evaluation of the prefix list and flag is done in that context. By default there is no configured value for this command option, and the conditional static route is dependent on the existence of routes in the same router instance as the static route itself, subject to the details of the prefix list and the flag setting. Entries in a referenced prefix list that are not match type 'exact' are interpreted as though they are 'exact'. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
tag number
| Synopsis | Static route tag | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword interface interface-name tag number | |
| Tree | tag | |
| Range | 1 to 4294967295 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ipsec-tunnel [ipsec-tunnel-name] named-item
| Synopsis | Enter the ipsec-tunnel list instance | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword ipsec-tunnel named-item | |
| Tree | ipsec-tunnel | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[ipsec-tunnel-name] named-item
| Synopsis | IPsec tunnel name | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword ipsec-tunnel named-item | |
| Tree | ipsec-tunnel | |
| String length | 1 to 32 | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the static route operation | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword ipsec-tunnel named-item admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
community community
| Synopsis | Community ID associated with the static route | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword ipsec-tunnel named-item community community | |
| Tree | community | |
| String length | 1 to 72 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
description description-allow-all-white-spaces
| Synopsis | Text description | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword ipsec-tunnel named-item description description-allow-all-white-spaces | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
metric number
| Synopsis | Static route metric | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword ipsec-tunnel named-item metric number | |
| Tree | metric | |
| Range | 0 to 65535 | |
| Default | 1 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
preference number
| Synopsis | Priority of this static route over the routes from different sources | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword ipsec-tunnel named-item preference number | |
| Tree | preference | |
| Range | 1 to 255 | |
| Default | 5 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
tag number
| Synopsis | Static route tag | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword ipsec-tunnel named-item tag number | |
| Tree | tag | |
| Range | 1 to 4294967295 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
next-hop [ip-address] (ipv4-address-with-zone | ipv6-address-with-zone)
| Synopsis | Enter the next-hop list instance | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword next-hop (ipv4-address-with-zone | ipv6-address-with-zone) | |
| Tree | next-hop | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
[ip-address] (ipv4-address-with-zone | ipv6-address-with-zone)
| Synopsis | Next-hop IP address used to reach the destination | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword next-hop (ipv4-address-with-zone | ipv6-address-with-zone) | |
| Tree | next-hop | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the static route operation | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword next-hop (ipv4-address-with-zone | ipv6-address-with-zone) admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
bfd-liveness boolean
| Synopsis | Use Bidirectional Forwarding Detection on this static route | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword next-hop (ipv4-address-with-zone | ipv6-address-with-zone) bfd-liveness boolean | |
| Tree | bfd-liveness | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
community community
| Synopsis | Community ID associated with the static route | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword next-hop (ipv4-address-with-zone | ipv6-address-with-zone) community community | |
| Tree | community | |
| String length | 1 to 72 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
cpe-check [address] (ipv4-address-no-zone | ipv6-address-no-zone)
| Synopsis | Enter the cpe-check list instance | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword next-hop (ipv4-address-with-zone | ipv6-address-with-zone) cpe-check (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | cpe-check | |
| Max. instances | 1 | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
[address] (ipv4-address-no-zone | ipv6-address-no-zone)
| Synopsis | IP address of the target CPE device | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword next-hop (ipv4-address-with-zone | ipv6-address-with-zone) cpe-check (ipv4-address-no-zone | ipv6-address-no-zone) | |
| Tree | cpe-check | |
Notes | This element is part of a list key. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
drop-count number
| Synopsis | Consecutive ping replies missed before CPE deemed down | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword next-hop (ipv4-address-with-zone | ipv6-address-with-zone) cpe-check (ipv4-address-no-zone | ipv6-address-no-zone) drop-count number | |
| Tree | drop-count | |
| Range | 1 to 255 | |
| Default | 3 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
interval number
| Synopsis | Interval between ICMP pings to target CPE IP address | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword next-hop (ipv4-address-with-zone | ipv6-address-with-zone) cpe-check (ipv4-address-no-zone | ipv6-address-no-zone) interval number | |
| Tree | interval | |
| Range | 1 to 255 | |
| Units | seconds | |
| Default | 1 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
log boolean
| Synopsis | Log CPE connectivity checks transitions | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword next-hop (ipv4-address-with-zone | ipv6-address-with-zone) cpe-check (ipv4-address-no-zone | ipv6-address-no-zone) log boolean | |
| Tree | log | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
padding-size number
| Synopsis | Padding size for CPE connectivity checks | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword next-hop (ipv4-address-with-zone | ipv6-address-with-zone) cpe-check (ipv4-address-no-zone | ipv6-address-no-zone) padding-size number | |
| Tree | padding-size | |
| Range | 0 to 16384 | |
| Units | bytes | |
| Default | 56 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
description description-allow-all-white-spaces
| Synopsis | Text description | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword next-hop (ipv4-address-with-zone | ipv6-address-with-zone) description description-allow-all-white-spaces | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
load-balancing-weight number
| Synopsis | Load-balancing weight for all of the ECMP next hops | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword next-hop (ipv4-address-with-zone | ipv6-address-with-zone) load-balancing-weight number | |
| Tree | load-balancing-weight | |
| Range | 1 to 4294967295 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
metric number
| Synopsis | Static route metric | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword next-hop (ipv4-address-with-zone | ipv6-address-with-zone) metric number | |
| Tree | metric | |
| Range | 0 to 65535 | |
| Default | 1 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
preference number
| Synopsis | Priority of this static route over the routes from different sources | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword next-hop (ipv4-address-with-zone | ipv6-address-with-zone) preference number | |
| Tree | preference | |
| Range | 1 to 255 | |
| Default | 5 | |
| Introduced | 25.3.R2 | |
Platforms |
7705 SAR Gen 2 |
prefix-list
| Synopsis | Enter the prefix-list context | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword next-hop (ipv4-address-with-zone | ipv6-address-with-zone) prefix-list | |
| Tree | prefix-list | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
flag keyword
| Synopsis | Static route match condition from prefix list | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword next-hop (ipv4-address-with-zone | ipv6-address-with-zone) prefix-list flag keyword | |
| Tree | flag | |
| Options | ||
| Default | any | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
name reference
| Synopsis | Prefix list name | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword next-hop (ipv4-address-with-zone | ipv6-address-with-zone) prefix-list name reference | |
| Tree | name | |
Reference | configure policy-options prefix-list named-item-64 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
router-instance string
| Synopsis | Router instance used for matching prefix list | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword next-hop (ipv4-address-with-zone | ipv6-address-with-zone) prefix-list router-instance string | |
| Tree | router-instance | |
Description | This command configures the router instance used for matching against the prefix list. If the conditional static route is configured in a VPRN and the router instance is configured as "Base", the activation of the static route is dependent on the existence of routes in the Base router and the evaluation of the prefix list and flag is done in that context. By default there is no configured value for this command option, and the conditional static route is dependent on the existence of routes in the same router instance as the static route itself, subject to the details of the prefix list and the flag setting. Entries in a referenced prefix list that are not match type 'exact' are interpreted as though they are 'exact'. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
tag number
| Synopsis | Static route tag | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword next-hop (ipv4-address-with-zone | ipv6-address-with-zone) tag number | |
| Tree | tag | |
| Range | 1 to 4294967295 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
validate-next-hop boolean
| Synopsis | Track the state of the next hop in the IPv4 ARP Cache or the IPv6 Neighbor Cache | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword next-hop (ipv4-address-with-zone | ipv6-address-with-zone) validate-next-hop boolean | |
| Tree | validate-next-hop | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |
tag number
| Synopsis | Static route tag | |
| Context | configure service vprn service-name static-routes route (ipv4-prefix | ipv6-prefix) route-type keyword tag number | |
| Tree | tag | |
| Range | 1 to 4294967295 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
ttl-propagate
| Synopsis | Enter the ttl-propagate context | |
| Context | configure service vprn service-name ttl-propagate | |
| Tree | ttl-propagate | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
local keyword
| Synopsis | Local TTL propagation control for the VPRN | |
| Context | configure service vprn service-name ttl-propagate local keyword | |
| Tree | local | |
Description | This command specifies the local TTL propagation control for the VPRN and overrides the global configuration of the TTL propagation for locally generated packets that are forwarded over MPLS LSPs in a given VPRN service context. | |
| Options | ||
| Default | use-base | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
transit keyword
| Synopsis | Transit TTL propagation control for the VPRN | |
| Context | configure service vprn service-name ttl-propagate transit keyword | |
| Tree | transit | |
Description | This command overrides the global configuration of the TTL propagation for in transit packets that are forwarded over MPLS LSPs in a given VPRN service context. | |
| Options | ||
| Default | use-base | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
twamp-light
| Synopsis | Enter the twamp-light context | |
| Context | configure service vprn service-name twamp-light | |
| Tree | twamp-light | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
reflector
| Synopsis | Enable the reflector context | |
| Context | configure service vprn service-name twamp-light reflector | |
| Tree | reflector | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
admin-state keyword
| Synopsis | Administrative state of the TWAMP Light reflector | |
| Context | configure service vprn service-name twamp-light reflector admin-state keyword | |
| Tree | admin-state | |
| Options | ||
| Default | disable | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
allow-ipv6-udp-checksum-zero boolean
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | Process IPv6 packets with a zero UDP checksum | |
| Context | configure service vprn service-name twamp-light reflector allow-ipv6-udp-checksum-zero boolean | |
| Tree | allow-ipv6-udp-checksum-zero | |
Description | When configured to true, this command allows the processing of IPv6 packets that arrive with a UDP checksum of zero. The destination UDP ports that are registered as TWAMP Test packets as part of this template allow this behavior. When configured to false, IPv6 packets that arrive with a UDP checksum of zero are discarded. | |
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 | |
description description
| Synopsis | Text description | |
| Context | configure service vprn service-name twamp-light reflector description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
prefix [ip-prefix] (ipv4-prefix | ipv6-prefix)
[ip-prefix] (ipv4-prefix | ipv6-prefix)
description description
| Synopsis | Text description | |
| Context | configure service vprn service-name twamp-light reflector prefix (ipv4-prefix | ipv6-prefix) description description | |
| Tree | description | |
| String length | 1 to 80 | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
type keyword
| Synopsis | Processing behavior type for the reflector | |
| Context | configure service vprn service-name twamp-light reflector type keyword | |
| Tree | type | |
Description | This command configures the processing behavior of the TWAMP Light reflector. When the value is twamp-light the reflector does not check the received PDU as a traditional base TWAMP Light packet without TLV processing. When the value is stamp, the reflector attempts to find and process supported STAMP TLVs that follow the base STAMP packet. In mixed environments where different types of Session-Senders may be targeting a common TWAMP Light reflector, set the value to stamp. When the reflector is operating in stamp mode, the primary parsing is based on STAMP, checking and processing known TLVs, or determining if the arriving PDU is a TWAMP Light PDU. A Session-Sender launching a TWAMP Light-based packet must use all zeros padding pattern when the pad size is non zero. | |
| Options | ||
| Default | twamp-light | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 |
udp-port number
|
WARNING: Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect. | ||
| Synopsis | UDP port on which the specified TWAMP-Light reflector listens for TWAMP PDUs | |
| Context | configure service vprn service-name twamp-light reflector udp-port number | |
| Tree | udp-port | |
| Range | 862 | 64364 to 64373 | |
Notes | This element is mandatory. | |
| Introduced | 25.3.R2 | |
Platforms | 7705 SAR Gen 2 | |
vprn-type keyword
weighted-ecmp keyword
| Synopsis | Weighted load-balancing capability for ECMP routes | |
| Context | configure service vprn service-name weighted-ecmp keyword | |
| Tree | weighted-ecmp | |
| Options | ||
| Default | false | |
| Introduced | 25.3.R2 | |
|
Platforms | 7705 SAR Gen 2 |