n Commands

Context

[Tree] (config>service>vprn>dhcp>server>pool nak-non-matching-subnet)

[Tree] (config>router>dhcp>server>pool nak-non-matching-subnet)

Full Context

configure service vprn dhcp local-dhcp-server pool nak-non-matching-subnet

configure router dhcp local-dhcp-server pool nak-non-matching-subnet

Description

When this command is enabled, if the local DHCPv4 server receives a DHCP request with option 50 (client requested a previously allocated message as described in section 3.2 of RFC 2131, Dynamic Host Configuration Protocol) and the address allocation algorithm uses a pool that does not have option 50, the system returns a DHCP NAK. Otherwise, the system drops the DHCP packet.

The no form of this command reverts to the default.

Default

no nak-non-matching-subnet

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system name)

Full Context

configure system name

Description

This command creates a system name string for the device.

For example, system-name parameter ALA-1 for the name command configures the device name as ALA-1.

ABC>config>system# name "ALA-1"
ALA-1>config>system#

Only one system name can be configured. If multiple system names are configured, the last one encountered overwrites the previous entry.

The no form of the command reverts to the default value.

Default

no name

Parameters

system-name

Specifies the system name as a character string. The string may be up to 64 characters. Any printable, seven-bit ASCII characters can be used within the string. If the string contains special characters (#, ?, space), the entire string must be enclosed within double quotes.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>policy-options>policy-statement>entry>from>policy-variables name)

[Tree] (config>router>policy-options>global-variables name)

Full Context

configure router policy-options policy-statement entry from policy-variables name

configure router policy-options global-variables name

Description

This command configures routing policies that are often reused across BGP peers of a common type (transit, peer, customer, and so on). Using global variables allows a user to have a single variable that is consistent across all peers of a type, while retaining the flexibility to reference different policy functions (prefixes, prefix-lists, community lists, and so on) with unique names.

Depending on the parameter referenced, specify the correct type as follows:

• value-string: as-path, as-path-group, community, prefix-list, damping

• ip-address: next-hop

• value-number: aigp-metric, as-path-prepend, local-preference, metric, origin, origin-validation, preference, tag, type

The no form of this command removes the global variable.

Parameters

name-string

Specifies the name of the global variable, with the variable delimited by at-signs (@) at the beginning and the end of the name. Allowed values are any string up to 32 characters, composed of printable, 7-bit ASCII characters. If the string contains special characters (#, ?, space), the entire string must be enclosed within double quotes.

value-string

The value of the policy variable. Allowed values are any string up to 32 characters long composed of printable, 7-bit ASCII characters. If the string contains special characters (#, ?, space), the entire string must be enclosed within double quotes.

value-number

Specifies the numerical value of the policy variable.

Values

0 to 4294967295

ip-address

Specifies the IP address of the policy variable.

Values

ipv4-address	a.b.c.d
ipv6-address	x:x:x:x:x:x:x:x (eight 16-bit pieces)
	x:x:x:x:x:x:d.d.d.d
	x - [0 to FFFF]H
	d - [0 to 255]D

decimal

Specifies the decimal value of the policy variable.

Values

0.000 to 4294967295.000

ip-prefix/ip-prefix-length

Specifies the IP prefix and prefix length of the policy variable.

Values

ip-prefix/ip-prefix-length	ipv4-prefix/ipv4-prefix-length | ipv6-prefix/ipv6-prefix-length
ipv4-prefix	a.b.c.d (host bits must be 0)
ipv4-prefix-length	[0 to 32]
ipv6-prefix	x:x:x:x:x:x:x:x (eight 16-bit pieces)
	x:x:x:x:x:x:d.d.d.d
	x - [0 to FFFF]H
	d - [0 to 255]D
ipv6-prefix-length	[0 to 128]

Platforms

7705 SAR Gen 2

Context

[Tree] (config>ipsec>rad-auth-plcy>include nas-identifier)

[Tree] (config>ipsec>rad-acct-plcy>include nas-identifier)

Full Context

configure ipsec radius-authentication-policy include-radius-attribute nas-identifier

configure ipsec radius-accounting-policy include-radius-attribute nas-identifier

Description

This command enables the generation of the nas-identifier RADIUS attribute.

Default

no nas-identifier

Platforms

7705 SAR Gen 2

Context

[Tree] (config>ipsec>rad-auth-plcy>include nas-ip-addr)

[Tree] (config>ipsec>rad-acct-plcy>include nas-ip-addr)

Full Context

configure ipsec radius-authentication-policy include-radius-attribute nas-ip-addr

configure ipsec radius-accounting-policy include-radius-attribute nas-ip-addr

Description

This command enables the generation of the NAS IP address attribute.

Default

no nas-ip-addr

Platforms

7705 SAR Gen 2

Context

[Tree] (config>ipsec>rad-acct-plcy>include nas-port-id)

[Tree] (config>ipsec>rad-auth-plcy>include nas-port-id)

Full Context

configure ipsec radius-accounting-policy include-radius-attribute nas-port-id

configure ipsec radius-authentication-policy include-radius-attribute nas-port-id

Description

This command enables the generation of the nas-port-id RADIUS attribute. Optionally, the value of this attribute (the SAP-id) can be prefixed by a fixed string and suffixed by the circuit-id or the remote-id of the client connection. If a suffix is configured, but no corresponding data is available, the suffix used will be 0/0/0/0/0/0.

Default

no nas-port-id

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router nat)

[Tree] (config>service>vprn nat)

Full Context

configure router nat

configure service vprn nat

Description

This command enables a NAT instance for the specified router or service.

The no form of this command disables the NAT instance.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>filter>ip-filter>entry>action nat)

Full Context

configure filter ip-filter entry action nat

Description

This command enables NAT traffic diversion based on IPv4 filters (LSN44) or IPv6 filters (DS-Lite, NAT64). The filter contains a matching condition based on any combination of the 5 tuple. Traffic is diverted to NAT based on such defined matching condition. Filter fields outside of the 5 tuples are not valid and it will be ignored in filter based traffic diversion to NAT.

The pool selection for the outside IP address and port along with other mapping characteristics can be specified by the means on the NAT policy.

Parameters

nat-type

Specifies the NAT type.

nat-policy-name

Specifies the NAT policy name, up to 32 characters.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>isa nat-group)

Full Context

configure isa nat-group

Description

This command configures an ISA NAT group.

The no form of the command removes the ID from the configuration.

Parameters

nat-group-id

Specifies the ISA NAT group ID.

Values

1 to 4

create

Keyword used to create the NAT group.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>nat>inside nat-policy)

[Tree] (config>service>vprn>nat>inside nat-policy)

Full Context

configure router nat inside nat-policy

configure service vprn nat inside nat-policy

Description

This command configures the NAT policy that is used for large-scale NAT in this service. If a nat-policy is not configured, then the default nat-policy is used.

The no form of the command removes the policy name from the configuration.

Parameters

nat-policy-name

Specifies the NAT policy name, up to 32 characters.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>nat nat-policy)

Full Context

configure service nat nat-policy

Description

This command configures a NAT policy.

Parameters

nat-policy-name

Specifies the NAT policy name, up to 32 characters.

create

Keyword used to create the NAT policy.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>persistence nat-port-forwarding)

Full Context

configure system persistence nat-port-forwarding

Description

This command configures NAT port forwarding persistence parameters.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>ipsec>ike-policy nat-traversal)

Full Context

configure ipsec ike-policy nat-traversal

Description

This command specifies whether NAT-T (Network Address Translation Traversal) is enabled, disabled or in forced mode.

The no form of this command reverts the parameters to the default.

Default

no nat-traversal

Parameters

force

Forces to enable NAT-T

keep-alive-interval keep-alive-interval

Specifies the keep-alive interval in seconds.

Values

120 to 600

force-keep-alive

When specified, the keep-alive does not expire.

Platforms

7705 SAR Gen 2

Context

[Tree] (debug>router>rsvp>event nbr)

Full Context

debug router rsvp event nbr

Description

This command debugs neighbor events.

The no form of the command disables the debugging.

Parameters

detail

Displays detailed information about neighbor events.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>if>vpls>evpn nd)

[Tree] (config>service>ies>if>vpls>evpn nd)

Full Context

configure service vprn interface vpls evpn nd

configure service ies interface vpls evpn nd

Description

Commands in this context configure ND host route parameters.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>if>ipv6 nd-host-route)

Full Context

configure service vprn interface ipv6 nd-host-route

Description

Commands in this context populate ND host route entries.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>ies>if>ipv6 nd-learn-unsolicited)

Full Context

configure service ies interface ipv6 nd-learn-unsolicited

Description

This command enables the ability to learn neighbor entries out of received unsolicited Neighbor Advertisement messages with or without the solicited flag set. The command can be enabled for global addresses, link-local addresses, or for both.

The no form of this command makes the router use standard RFC 4861 behavior, as described below, for learning of neighbor entries.

• If an unsolicited NA, regardless of the S flag, is received from a neighbor that is not yet in the ND cache, the NA is ignored.

• If an NS, RS, RA, or Redirect message with a Link Layer Address (MAC) is received from a neighbor that is not yet in the ND cache, a new neighbor entry is created in the cache to store the received Link Layer MAC. The neighbor is put in the stale state.

Parameters

global

Learns global neighbor entries out of received unsolicited Neighbor Advertisement messages.

link-local

Learns link local neighbor entries out of received unsolicited Neighbor Advertisement messages.

both

Learns both global and link local neighbor entries out of received unsolicited Neighbor Advertisement messages.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>if>ipv6 nd-learn-unsolicited)

Full Context

configure service vprn interface ipv6 nd-learn-unsolicited

Description

This command enables the ability to learn neighbor entries out of received unsolicited Neighbor Advertisement messages, with or without the solicited flag set. The command can be enabled for global addresses, link-local addresses, or for both.

The no form of this command makes the router follow standard RFC 4861 behavior for learning of neighbor entries.

• If an unsolicited NA (regardless of the S flag) is received from a neighbor that is not yet in the ND cache, the NA is ignored in line with RFC 4861.

• If an NS, RS, RA, or Redirect message with a Link Layer Address (MAC) is received from a neighbor that is not yet in the ND cache, a new neighbor entry is created in the cache to store the received Link Layer MAC. The neighbor is put in the STALE state. This is the standard RFC behavior.

Parameters

global

Learns global neighbor entries out of received unsolicited Neighbor Advertisement messages.

link-local

Learns link local neighbor entries out of received unsolicited Neighbor Advertisement messages.

both

Learns both global and link local neighbor entries out of received unsolicited Neighbor Advertisement messages.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>if>ipv6 nd-learn-unsolicited)

Full Context

configure router interface ipv6 nd-learn-unsolicited

Description

This command enables the ability to learn neighbor entries out of received unsolicited Neighbor Advertisement messages, with or without the solicited flag set. The command can be enabled for global addresses, link-local addresses, or for both.

The no form of this command makes the router follow standard RFC 4861 behavior for learning of neighbor entries.

• If an unsolicited NA (regardless of the S flag) is received from a neighbor that is not yet in the ND cache, the NA is ignored in line with RFC 4861.

• If an NS, RS, RA, or Redirect message with a Link Layer Address (MAC) is received from a neighbor that is not yet in the ND cache, a new neighbor entry is created in the cache to store the received Link Layer MAC. The neighbor is put in the STALE state. This is the standard RFC behavior.

Parameters

global

Learns global neighbor entries out of received unsolicited Neighbor Advertisement messages. This parameter is relevant only to global IPv6 addresses.

link-local

Learns link local neighbor entries out of received unsolicited Neighbor Advertisement messages.

both

Learns both global and link local neighbor entries out of received unsolicited Neighbor Advertisement messages.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>ies>if>ipv6 nd-proactive-refresh)

Full Context

configure service ies interface ipv6 nd-proactive-refresh

Description

This command enables a proactive refresh of the neighbor entries. When enabled, at the stale timer expiration, the router sends a NUD message to the host (regardless of the existence of traffic to the IP address on the IOM), so the entry can be refreshed or removed.

This behavior is different from ARP, where the refresh is sent 30 seconds prior to the entry’s age out time. The refresh can be optionally enabled for global addresses, link-local addresses, or both.

The no form of this command disables the proactive behavior and the router only refreshes an entry if there is traffic that needs to be sent to the IP address.

Parameters

global

Refreshes global neighbor entries.

link-local

Refreshes link local neighbor entries.

both

Refreshes both global and link local neighbor entries.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>if>ipv6 nd-proactive-refresh)

Full Context

configure service vprn interface ipv6 nd-proactive-refresh

Description

This command enables a proactive refresh of the neighbor entries. When enabled, at the stale timer expiration, the router sends an NUD message to the host (regardless of the existence of traffic to the IP address on the IOM), so the entry can be refreshed or removed.

This behavior is different from ARP, where the refresh is sent 30 seconds prior to the entry’s age out time. The refresh can be optionally enabled for global addresses, link-local addresses, or both.

The no form of this command disables the proactive behavior and the router only refreshes an entry if there is traffic that needs to be sent to the IP address.

Parameters

global

Refreshes global neighbor entries. This parameter is relevant only to global IPv6 addresses.

link-local

Refreshes link local neighbor entries. This parameter is relevant only to global IPv6 addresses.

both

Refreshes both global and link local neighbor entries. This parameter is relevant only to global IPv6 addresses.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>if>ipv6 nd-proactive-refresh)

Full Context

configure router interface ipv6 nd-proactive-refresh

Description

This command enables a proactive refresh of the neighbor entries. When enabled, at the stale timer expiration, the router sends an NUD message to the host (regardless of the existence of traffic to the IP address on the IOM), so the entry can be refreshed or removed.

This behavior is different from ARP, where the refresh is sent 30 seconds prior to the entry’s age out time. The refresh can be optionally enabled for global addresses, link-local addresses, or both.

The no form of this command disables the proactive behavior and the router only refreshes an entry if there is traffic that needs to be sent to the IP address.

Parameters

global

Refreshes global neighbor entries. This parameter is relevant only to global IPv6 addresses.

link-local

Refreshes link local neighbor entries. This parameter is relevant only to global IPv6 addresses.

both

Refreshes both global and link local neighbor entries. This parameter is relevant only to global IPv6 addresses.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>router-advert>if nd-router-preference)

[Tree] (config>router>router-advert>if nd-router-preference)

Full Context

configure service vprn router-advertisement interface nd-router-preference

configure router router-advertisement interface nd-router-preference

Description

This command configures the default router preference for Router Advertisement (RA) and allows IPv6 hosts to discover and select a default gateway address by listening to RAs.

This feature provides basic traffic engineering functionality for host devices. When this command is applied, the router advertises the respective router preference to the connected host to assist in its selection of the most appropriate default gateway on a link.

This extension is backward compatible, both for routers (setting the router preference bits) and hosts (interpreting the router preference bits). These bits are ignored by hosts that do not implement the RFC 4191 functionality by configuring this command. Similarly, hosts that do not implement the RFC 4191 functionality interpret the values sent by devices that do not implement the RFC 4191 extension with the medium preference option.

The no form of this command configures this command to the default value.

Default

nd-router-preference medium

Parameters

medium

Specifies the router advertises a medium default gateway preference.

high

Specifies the router advertises a high default gateway preference.

low

Specifies the router advertises a low default gateway preference.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>ned>profile neid)

Full Context

configure system network-element-discovery profile neid

Description

This command configures the NEID for this profile.

The no form of this command deletes the NEID for this profile.

Parameters

hex-string

A hexadecimal string that consists of a subnet ID and basic ID. The first 8 high-order bits indicate the subnet ID and range from 0x1 to 0xFE. The 16 low-order bits indicate the basic ID and ranges from 0x0001 to 0xFFFE. The NEID cannot be configured as 0x90006 to 0x9FF06 or 0x9bff0.

Values

0x10001 to 0xFEFFFE

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>rip>group neighbor)

[Tree] (config>router>ripng>group neighbor)

[Tree] (config>service>vprn>rip>group neighbor)

Full Context

configure router rip group neighbor

configure router ripng group neighbor

configure service vprn rip group neighbor

Description

This command creates a context for configuring a RIP neighbor interface. By default, group interfaces are not activated with RIP, unless explicitly configured. The BNG only learns RIP routes from IPv4 host on the group interface. The RIP neighbor group interface defaults to none. The send operation is unchangeable for group-interface.

The no form of this command deletes the RIP interface configuration for this group interface. The shutdown command in the config>router>rip>group group-name>neighbor context can be used to disable an interface without removing the configuration for the interface.

Default

no neighbor

Parameters

ip-int-name

Specifies the IP interface name. Interface names must be unique within the group of defined IP interfaces for config router interface and config service ies interface commands. An interface name cannot be in the form of an IP address. Interface names can be any string up to 32 characters long composed of printable, 7-bit ASCII characters. If the string contains special characters (#, ?, space), the entire string must be enclosed within double quotes.

If the IP interface name does not exist or does not have an IP address configured, an error message will be returned.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>ies>if>ipv6 neighbor)

Full Context

configure service ies interface ipv6 neighbor

Description

This command configures IPv6-to-MAC address mapping on the IES interface.

Parameters

ipv6-address

The IPv6 address of the interface for which to display information.

Values

ipv6-address:	x:x:x:x:x:x:x:x (eight 16-bit pieces)
	x:x:x:x:x:x:d.d.d.d
	x - [0..FFFF]H
	d - [0..255]D

mac-address

Specifies the 48-bit MAC address for the IPv6-to-MAC address mapping in the form aa:bb:cc:dd:ee:ff or aa-bb-cc-dd-ee-ff where aa, bb, cc, dd, ee and ff are hexadecimal numbers. Allowed values are any non-broadcast, non-multicast MAC and non-IEEE reserved MAC addresses.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>bgp>group neighbor)

Full Context

configure router bgp group neighbor

Description

This command creates a BGP peer/neighbor instance within the context of the BGP group.

This command can be issued repeatedly to create multiple peers and their associated configuration.

The no form of this command is used to remove the specified neighbor and the entire configuration associated with the neighbor. The neighbor must be administratively shutdown before attempting to delete it. If the neighbor is not shutdown, the command will not result in any action except a warning message on the console indicating that neighbor is still administratively up.

Default

no neighbor

Parameters

ip-address

Specifies the IP address of the BGP peer router in dotted decimal notation.

Values

ipv4-address:

• a.b.c.d (host bits must be 0)

ipv6-address:

• x:x:x:x:x:x:x:x [-interface]

• x:x:x:x:x:x:d.d.d.d [-interface]

• x: [0 to FFFF]H

• d: [0 to 255]D

• interface: 32 characters maximum, mandatory for link local addresses

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>bgp>group neighbor)

Full Context

configure service vprn bgp group neighbor

Description

This command creates a BGP peer/neighbor instance within the context of the BGP group.

This command can be issued repeatedly to create multiple peers and their associated configuration.

The no form of this command is used to remove the specified neighbor and the entire configuration associated with the neighbor. The neighbor must be administratively shutdown before attempting to delete it. If the neighbor is not shut down, the command will not result in any action except a warning message on the console indicating that neighbor is still administratively up.

Parameters

ip-address

The IP address of the BGP peer router in dotted decimal notation.

Values

ipv4-address	a.b.c.d (host bits must be 0)
ipv6-address	x:x:x:x:x:x:x:x[-interface]
	x:x:x:x:x:x:d.d.d.d[-interface]
	x: [0 to FFFF]H
	d: [0 to 255]D
	interface: 32 characters maximum, mandatory for link local addresses

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>if>ipv6 neighbor)

Full Context

configure service vprn interface ipv6 neighbor

Description

This command configures IPv6-to-MAC address mapping on the interface.

Parameters

ipv6-address

Specifies the IPv6 address on the interface.

Values

ipv6-address	x:x:x:x:x:x:x:x (eight 16-bit pieces)
	x:x:x:x:x:x:d.d.d.d
	x [0 to FFFF]H
	d [0 to 255]D

mac-address

Specifies the 48-bit MAC address for the static ARP in the form aa:bb: cc:dd:ee:ff or aa-bb-cc -dd-ee-ff where aa, bb, cc, dd, ee and ff are hexadecimal numbers. Allowed values are any non-broadcast, non-multicast MAC and non-IEEE reserved MAC addresses.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>ospf>area>if neighbor)

[Tree] (config>service>vprn>ospf3>area>if neighbor)

Full Context

configure service vprn ospf area interface neighbor

configure service vprn ospf3 area interface neighbor

Description

This command configures an OSPF non-broadcast multi-access (NBMA) neighbor. The OSPF interface must be configured as an NBMA interface with the interface-type non-broadcast command. An NBMA network has no broadcast or multicast capabilities, so the router cannot discover its neighbors dynamically. All neighbors must be configured statically with the neighbor command.

In addition to configuring the OSPF NBMA neighbor’s IP address, the neighbor’s MAC address may need to be configured with the config>service>vprn>interface>static-arp command for OSPFv2 neighbors using its IPv4 address, and the config>service>vprn>interface>ipv6>neighbor command for OSPFv3 neighbors using its IPv6 link-local address.

The no form of this command removes the neighbor configuration.

Default

No OSPF NBMA neighbors are configured.

Parameters

ip-address

Specifies the OSPFv2 neighbor’s IPv4 address or the OSPFv3 neighbor’s IPv6 link-local address.

Values

ipv4-address:	a.b.c.d
ipv6-address:	x:x:x:x:x:x:x:x [-interface]
	x:x:x:x:x:x:d.d.d.d [-interface]
	x: [0..FFFF]H
	d: [0..255]D
	interface —32 characters max, for link local addresses.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>if>ipv6 neighbor)

Full Context

configure router interface ipv6 neighbor

Description

This command configures an IPv6-to-MAC address mapping on the interface. Use this command if a directly attached IPv6 node does not support ICMPv6 neighbor discovery, or for some reason, a static address must be used. This command can only be used on Ethernet media.

The ipv6-address must be on the subnet that was configured from the IPv6 address command or a link-local address.

Parameters

ipv6-address

The IPv6 address assigned to a router interface.

Values

ipv6-address:	x:x:x:x:x:x:x:x (eight 16-bit pieces)
	x:x:x:x:x:x:d.d.d.d
	x:	[0 to FFFF]H
	d:	[0 to 255]D

mac-address

Specifies the MAC address for the neighbor in the form of xx:xx:xx:xx:xx:xx or xx-xx-xx-xx-xx-xx.

Platforms

7705 SAR Gen 2

Context

[Tree] (debug>router>ip neighbor)

Full Context

debug router ip neighbor

Description

This command enables IPv6 neighbor debugging.

Parameters

ip-int-name

Specifies the IP interface name.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>ospf3>area>interface neighbor)

[Tree] (config>router>ospf>area>interface neighbor)

Full Context

configure router ospf3 area interface neighbor

configure router ospf area interface neighbor

Description

This command configures an OSPF non-broadcast multi-access (NBMA) neighbor. The OSPF interface must be configured as an NBMA interface with the interface-type non-broadcast command. An NBMA network has no broadcast or multicast capabilities, so the router cannot discover its neighbors dynamically. All neighbors must be configured statically with the neighbor command.

In addition to configuring the IP address of the OSPF NBMA neighbor, the MAC address of the neighbor may need to be configured with the config>router>interface>static-arp command for OSPFv2 neighbors using its IPv4 address, and the config>router>interface>ipv6>neighbor command for OSPFv3 neighbors using its IPv6 link-local address.

The no form of this command removes the neighbor configuration.

Default

no neighbor

Parameters

ipv4-address

Specifies the IPv4 address of the OSPFv2 neighbor.

Values

ipv4-address — a.b.c.d

ipv6-address

Specifies the IPv6 link-local address of the OSPFv3 neighbor.

Values

ipv6-address:	x:x:x:x:x:x:x:x [-interface]
	x:x:x:x:x:x:d.d.d.d [-interface]
	x: [0..FFFF]H
	d: [0..255]D
	interface — 32 characters maximum for link local addresses.

Platforms

7705 SAR Gen 2

Context

[Tree] (debug>router>ospf3 neighbor)

[Tree] (debug>router>ospf neighbor)

Full Context

debug router ospf3 neighbor

debug router ospf neighbor

Description

This command enables debugging for an OSPF or OSPF3 neighbor.

Parameters

ip-int-name

Specifies the neighbor interface name.

ip-address

Specifies neighbor information for the neighbor identified by the specified IP address, in the debug>router>ospf context.

router-id

Specifies neighbor information for the neighbor identified by the specified router ID, in the debug>router>ospf3 context.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>policy-options>policy-statement>entry>to neighbor)

[Tree] (config>router>policy-options>policy-statement>entry>from neighbor)

Full Context

configure router policy-options policy-statement entry to neighbor

configure router policy-options policy-statement entry from neighbor

Description

This command specifies the neighbor address as found in the source address of the actual join and prune message as a filter criterion. If no neighbor is specified, any neighbor is considered a match.

The no form of the of the command removes the neighbor IP match criterion from the configuration.

Default

no neighbor

Parameters

ip-address

Specifies the neighbor IP address in dotted decimal notation.

Values

ipv4-address:

• a.b.c.d

ipv6-address:

• x:x:x:x:x:x:x:x [-interface]

• x:x:x:x:x:x:d.d.d.d [-interface]

• x: [0 to FFFF]H

• d: [0 to 255]D

• interface: 32 characters maximum, mandatory for link local addresses

prefix-list name

Specifies the prefix-list name. Allowed values are any string up to 64 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, ?, space), the entire string must be enclosed within double quotes.

The name specified must already be defined.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>ies>if>ipv6 neighbor-limit)

Full Context

configure service ies interface ipv6 neighbor-limit

Description

This command configures the maximum amount of dynamic IPv6 neighbor entries that can be learned on an IP interface.

When the number of dynamic neighbor entries reaches the configured percentage of this limit, an SNMP trap is sent. When the limit is exceeded, no new entries are learned until an entry expires and traffic to these destinations is dropped. Entries that have already been learned is refreshed.

The no form of this command removes the neighbor-limit.

Default

no neighbor-limit

Parameters

log-only

Enables the warning message to be sent at the specified threshold percentage, and also when the limit is exceeded. However, entries above the limit is learned.

percent

The threshold value (as a percentage) that triggers a warning message to be sent.

Values

0 to 100

limit

The number of entries that can be learned on an IP interface expressed as a decimal integer. If the limit is set to 0, dynamic neighbor learning is disabled and no dynamic neighbor entries are learned.

Values

0 to 102400

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>if>ipv6 neighbor-limit)

Full Context

configure service vprn interface ipv6 neighbor-limit

Description

This command configures the maximum amount of dynamic IPv6 neighbor entries that can be learned on an IP interface.

When the number of dynamic neighbor entries reaches the configured percentage of this limit, an SNMP trap is sent. When the limit is exceeded, no new entries are learned until an entry expires and traffic to these destinations will be dropped. Entries that have already been learned will be refreshed.

The no form of this command removes the neighbor-limit.

Default

neighbor-limit 90

Parameters

log-only

Enables the warning message to be sent at the specified threshold percentage, and also when the limit is exceeded. However, entries above the limit will be learned.

percent

The threshold value (as a percentage) that triggers a warning message to be sent.

Values

0 to 100

limit

The number of entries that can be learned on an IP interface expressed as a decimal integer. If the limit is set to 0, dynamic neighbor learning is disabled and no dynamic neighbor entries are learned.

Values

0 to 102400

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>if>ipv6 neighbor-limit)

Full Context

configure router interface ipv6 neighbor-limit

Description

This command configures the maximum amount of dynamic IPv6 neighbor entries that can be learned on an IP interface.

When the number of dynamic neighbor entries reaches the configured percentage of this limit, an SNMP trap is sent. When the limit is exceeded, no new entries are learned until an entry expires and traffic to these destinations will be dropped. Entries that have already been learned will be refreshed.

The no form of this command removes the neighbor-limit.

Default

no neighbor-limit

Parameters

limit

The number of entries that can be learned on an IP interface expressed as a decimal integer. If the limit is set to 0, dynamic neighbor learning is disabled and no dynamic neighbor entries are learned.

Values

0 to 102400

log-only

Enables the warning message to be sent at the specified threshold percentage, and also when the limit is exceeded. However, entries above the limit will be learned.

percent

The threshold value (as a percentage) that triggers a warning message to be sent.

Values

0 to 100

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>ldp>graceful-restart neighbor-liveness-time)

Full Context

configure router ldp graceful-restart neighbor-liveness-time

Description

This command configures the neighbor liveness time.

The no form of this command returns the default value.

Default

no neighbor-liveness (which equals a value of 120 seconds)

Parameters

interval

Specifies the length of time in seconds.

Values

5 to 300

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>bgp neighbor-trust)

Full Context

configure router bgp neighbor-trust

Description

This command enables a label security feature for prefixes of a VPN family at an inter-AS boundary.

This label security feature allows the configuration of a router, acting in a PE, ASBR, or both roles, to accept packets of VPN-IP or EVPN prefixes only from direct EBGP neighbors to which it advertised a service label.

The untrusted state identifies the participating interfaces. The router supports a maximum of 15 network interfaces that can participate in this feature.

At a high level, BGP tracks each direct EBGP neighbor over an untrusted interface to which it sent a prefix label. For each of those prefixes, BGP programs a bitmap in the ILM record that indicates, on per-untrusted interface basis, whether the matching received packets must be forwarded or dropped.

The no form of this command disables the inter-AS security feature for the VPN family.

Parameters

vpn-ipv4

Keyword to enable the inter-AS label security for VPN IPv4 family.

vpn-ipv6

Keyword to enable the inter-AS label security for VPN IPv6 family.

evpn

Keyword to enable the inter-AS label security for EVPN family.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>ned>profile neip)

Full Context

configure system network-element-discovery profile neip

Description

Commands in this context configure the NEIP.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>subscr-mgmt>loc-user-db>ipoe>host>options netbios-name-server)

[Tree] (config>service>vprn>dhcp>server>pool>options netbios-name-server)

[Tree] (config>router>dhcp>server>pool>options netbios-name-server)

Full Context

configure subscriber-mgmt local-user-db ipoe host options netbios-name-server

configure service vprn dhcp local-dhcp-server pool options netbios-name-server

configure router dhcp local-dhcp-server pool options netbios-name-server

Description

This command configures up to four Network Basic Input/Output System (NetBIOS) name server IP addresses for a DHCP client.

The no form of this command removes the IP address from the netbios-name-server configuration.

Parameters

ip-address

Specifies up to four NetBIOS name server IP addresses. The address must be unique within the subnet and specified in dotted decimal notation. Allowed values are IP addresses in the range 1.0.0.0 – 223.255.255.255 (with support of /31 subnets).

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>dhcp>server>pool>options netbios-node-type)

[Tree] (config>subscr-mgmt>loc-user-db>ipoe>host>options netbios-node-type)

[Tree] (config>router>dhcp>server>pool>options netbios-node-type)

Full Context

configure service vprn dhcp local-dhcp-server pool options netbios-node-type

configure subscriber-mgmt local-user-db ipoe host options netbios-node-type

configure router dhcp local-dhcp-server pool options netbios-node-type

Description

This command configures the Network Basic Input/Output System (NetBIOS) node type.

The no form of this command removes the NetBIOS node type parameters from the configuration.

Parameters

netbios-node-type

Specifies the netbios node type.

Values

B — Broadcast node uses broadcasting to query nodes on the network for the owner of a NetBIOS name.

P — Peer-to-peer node uses directed calls to communicate with a known NetBIOS name server for the IP address of a NetBIOS machine name.

M — Mixed node uses broadcast queries to find a node, and if that fails, queries a known P-node name server for the address.

H — Hybrid node is the opposite of the M-node action so that a directed query is executed first, and if that fails, a broadcast is attempted.

Platforms

7705 SAR Gen 2

Context

[Tree] (debug>system netconf)

Full Context

debug system netconf

Description

Commands in this context debug NETCONF.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>security>profile netconf)

Full Context

configure system security profile netconf

Description

This command authorizes various netconf capabilities for the user.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>security>management-interface netconf)

Full Context

configure system security management-interface netconf

Description

Commands in this context configure hash-control for the Netconf interface.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>log>log-id netconf-stream)

Full Context

configure log log-id netconf-stream

Description

This command is used to associate a NETCONF stream name with a log ID. The NETCONF stream name must be unique per SR OS device. For the same log ID, to netconf must be configured for a subscription to that NETCONF stream name to be accepted. A netconf-stream cannot be set to "NETCONF” as "NETCONF” is reserved for log-id 101. If a netconf-stream is changed, active subscriptions to the changed stream name are terminated by SR OS.

The no form of this command removes a NETCONF stream name from a log ID. Active subscriptions to the removed stream name are terminated by SR OS.

Parameters

stream-name

Specifies a NETCONF stream name, up to 32 characters.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>port network)

[Tree] (config>card>mda network)

Full Context

configure port network

configure card mda network

Description

This command enables the network context to configure egress and ingress pool policy parameters.

On the MDA level, network egress pools are only allocated on channelized MDAs.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>card>fp>ingress network)

Full Context

configure card fp ingress network

Description

This command specifies the CLI node that contains the network forwarding-plane parameters.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>port>ethernet network)

Full Context

configure port ethernet network

Description

This command enables access to the context to configure network port parameters.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn network)

Full Context

configure service vprn network

Description

Commands in this context configure network parameters for the VPRN service.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>qos network)

Full Context

configure qos network

Description

This command creates or edits a QoS network policy. The network policy defines the treatment that IP or MPLS packets receive as they ingress and egress the network port.

The QoS network policy consists of an ingress and egress component. The ingress component of the policy defines how DiffServ code points and MPLS EXP bits are mapped to internal forwarding class and profile state. The forwarding class and profile state define the Per Hop Behavior (PHB) or the QoS treatment through the router. The mapping on each network interface defaults to the mappings defined in the default network QoS policy until an explicit policy is defined for the network interface.

The egress component of the network QoS policy defines the queuing parameters associated with each forwarding class. Each of the forwarding classes defined within the system automatically creates a queue on each network interface. This queue gets all the parameters defined within the default network QoS policy 1 until an explicit policy is defined for the network interface access uplink port. If the egressing packet originated on an ingress SAP, or the remarking parameter is defined for the egress interface, the egress QoS policy also defines the IP DSCP, dot1p/DE, or MPLS EXP bit marking based on the forwarding class and the profile state.

Network policy-id 1 exists as the default policy that is applied to all network interfaces by default. The network policy-id 1 cannot be modified or deleted. It defines the default DSCP-to-FC mapping and MPLS EXP-to-FC mapping for the ingress. For the egress, it defines six forwarding classes that represent individual queues and the packet marking criteria.

Network policy-id 1 exists as the default policy that is applied to all network ports by default. This default policy cannot be modified or deleted. It defines the default DSCP-to-FC mapping and default unicast meters for ingress IP traffic. For the egress, it defines the forwarding class to dot1p and DSCP values and the packet marking criteria.

If a new network policy is created (for instance, policy-id 3), only the default action and egress forwarding class parameters are identical to the default policy. A new network policy does not contain the default DSCP-to-FC and MPLS-EXP-to-FC mapping for network QoS policy of type ip-interface or the DSCP-to-FC mapping (for network QoS policy of type port). The default network policy can be copied (use the copy command) to create a new network policy that includes the default ingress DSCP-to-FC and MPLS EXP-to-FC mapping (as appropriate). Parameters can be modified, or the no form of this command can be used to remove an object from the configuration.

Any changes made to an existing policy, using any of the sub-commands, will be applied immediately to all network interfaces where this policy is applied. For this reason, when many changes are required on a policy, it is highly recommended that the policy be copied to a work area policy-id. That work-in-progress policy can be modified until complete, then written over the original policy-id. Use the config qos copy command to maintain policies in this manner.

The no form of this command deletes the network policy. A policy cannot be deleted until it is removed from all entities where it is applied. The default network policy policy-id 1 cannot be deleted.

Default

network 1 — System Default Network Policy 1

Parameters

network-policy-id

The policy-id uniquely identifies the policy on the router.

Values

1 to 65535

Default

1

create

Required parameter when creating a QoS network policy.

name name

A name that is saved as part of the configuration data. If a name is not specified at creation time, then SR OS assigns a string version of the network policy identifier as the name.

Values

A string up to 64 characters

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>network-domains network-domain)

Full Context

configure router network-domains network-domain

Description

This command creates network-domains that can be associated with individual interfaces and SDPs.

Default

network-domain "default”

Parameters

network-domain-name

Specifies the network domain name, up to 32 characters.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>if network-domain)

Full Context

configure router interface network-domain

Description

This command assigns a given interface to a given network-domain. The network-domain is then taken into account during sap-ingress queue allocation for VPLS SAP.

The network-domain association can only be done in a base-routing context. Associating a network domain with an loop-back or system interface will be rejected. Associating a network-domain with an interface that has no physical port specified will be accepted, but will have no effect as long as a corresponding port, or LAG, is defined.

Single interfaces can be associated with multiple network-domains.

Default

network-domain "default”

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>sdp network-domain)

Full Context

configure service sdp network-domain

Description

This command assigns a given SDP to a given network-domain. The network-domain is then taken into account during sap-ingress queue allocation for VPLS SAP.

The network-domain association can only be done in a base-routing context. Associating a network domain with an loop-back or system interface will be rejected. Associating a network-domain with an interface that has no physical port specified will be accepted, but will have no effect as long as a corresponding port, or LAG, is undefined.

A single SDP can only be associated with a single network-domain.

Default

network-domain "default"

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router network-domains)

Full Context

configure router network-domains

Description

This command opens context for defining network-domains. This command is applicable only in the base routing context.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system network-element-discovery)

Full Context

configure system network-element-discovery

Description

Commands in this context configure the network-element discovery parameters and MIB table generation.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn network-interface)

Full Context

configure service vprn network-interface

Description

This command configures a network interface in a VPRN that acts as a CSC interface to a CSC-CE in a Carrier Supporting Carrier IP VPN deployment model.

Parameters

interface-name

Specifies the name of the interface to be added.

create

Keyword used to create the network interface.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>qos network-queue)

Full Context

configure qos network-queue

Description

This command creates a context to configure a network queue policy. Network queue policies define the ingress network queuing at the FP network node level and on the Ethernet port and SONET/SDH path level to define network egress queuing.

Default

network-queue "default”

Parameters

policy-name

The name of the network queue policy.

Values

Valid names consist of any string up to 32 characters, composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, etc.), the entire string must be enclosed within double quotes.

create

Required keyword when creating a network queue policy.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>security>user>console new-password-at-login)

Full Context

configure system security user console new-password-at-login

Description

This command forces the user to change a password at the next console login. The new password applies to FTP but the change can be enforced only by the console, SSH, or Telnet login.

The no form of this command does not force the user to change passwords.

Default

no new-password-at-login

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>management-interface>cli>md-cli>environment>prompt newline)

Full Context

configure system management-interface cli md-cli environment prompt newline

Description

This command displays a new line before the first prompt line.

The no form of this command suppresses the new line before the first prompt line.

Default

newline

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>security>mgmt-access-filter>ipv6-filter>entry next-header)

Full Context

configure system security management-access-filter ipv6-filter entry next-header

Description

This command specifies the next header to match. The protocol type such as TCP, UDP or OSPF is identified by its respective protocol number. Well-known protocol numbers include ICMP(1), TCP(6), UDP(17). IPv6 Extension headers are identified by the next header IPv6 numbers as per RFC 2460.

Parameters

next-header

Specifies for IPv4 MAF the IP protocol field, and for IPv6 the next header type to be used in the match criteria for this Management Access Filter Entry.

Values

next-header:	0 to 255, protocol numbers accepted in DHB
keywords:	none, crtp, crudp, egp, eigrp, encap, ether-ip, gre, icmp, drp, igmp, igp, ip, ipv6, ipv6-icmp, ipv6-no-nxt, isis, iso-ip, l2tp, spf-igp, pim, pnni, ptp, rdp, rsvp, stp, tcp, udp, vrrp

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>static-route-entry next-hop)

Full Context

configure service vprn static-route-entry next-hop

Description

This command specifies the directly connected next hop IP address or interface used to reach the destination. If the next hop is over an unnumbered interface or a point-to-point interface, the ip-int-name of the unnumbered or point-to-point interface (on this node) can be configured.

The configured ip-address can be either on the network side or the access side on this node. The address must be associated with a network directly connected to a network configured on this node.

Default

no next-hop

Parameters

ip-int-name, ipv4-address, ipv6-address

the IP-INT, IPv4, and IPv6 addresses

Values

ip-int-name	32 characters max
ipv4-address	a.b.c.d
ipv6-address	x:x:x:x:x:x:x:x-[interface]
	x:x:x:x:x:x:d.d.d.d[-interface]
	x: [0 to FFFF]H
	d: [0 to 255]D
	interface: 32 characters maximum, mandatory for link local addresses

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>mpls>fwd-policies>fwd-policy>nh-grp>pri next-hop)

[Tree] (config>router>mpls>fwd-policies>fwd-policy>nh-grp>bkup next-hop)

Full Context

configure router mpls forwarding-policies forwarding-policy next-hop-group primary-next-hop next-hop

configure router mpls forwarding-policies forwarding-policy next-hop-group backup-next-hop next-hop

Description

This command configures the address of primary or backup next hop of an NHG entry in a forwarding policy.

The no form of this command removes the address of primary or backup next hop of an NHG entry in a forwarding policy.

Parameters

ip-address

Specifies the destination IPv4 or IPv6 address.

Values

	ipv4-address	a.b.c.d
	ipv6-address	x:x:x:x:x:x:x:x (eight 16-bit pieces)
		x:x:x:x:x:x:d.d.d.d
		x - [0..FFFF]H
		d - [0..255]D

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>static-route-entry next-hop)

Full Context

configure router static-route-entry next-hop

Description

This command specifies the directly connected next hop IP address or interface used to reach the destination. If the next hop is over a point-to-point unnumbered interface, the ip-int-name of the unnumbered point-to-point interface (on this node) can be configured.

The configured ip-address can be either on the network side or the access side on this node. The address must be associated with a network directly connected to a network configured on this node.

Default

no next-hop

Parameters

ip-int-name | ip-address | ipv6-address

Specifies the interface or IPv4/IPv6 address of the next hop.

Values

ip-int-name	32 characters max
ipv4-address	a.b.c.d
ipv6-address	x:x:x:x:x:x:x:x-[interface]
	x:x:x:x:x:x:d.d.d.d[-interface]
	x: [0..FFFF]H
	d: [0..255]D
	interface: 32 characters maximum, mandatory for link local addresses

Platforms

7705 SAR Gen 2

Context

[Tree] (config>vrrp>policy>priority-event>route-unknown next-hop)

Full Context

configure vrrp policy priority-event route-unknown next-hop

Description

This command enables an allowed next hop IP address to match the IP route prefix for a route-unknown priority control event.

If the next-hop IP address does not match one of the defined ip-address, the match is considered unsuccessful and the route-unknown event transitions to the set state.

The next-hop command is optional. If no next-hop ip-address commands are configured, the comparison between the RTM prefix return and the route-unknown IP route prefix are not included in the next hop information.

When more than one next hop IP addresses are eligible for matching, a next-hop command must be executed for each IP address. Defining the same IP address multiple times has no effect after the first instance.

The no form of the command removes the ip-address from the list of acceptable next hops when looking up the route-unknown prefix. If this ip-address is the last next hop defined on the route-unknown event, the returned next hop information is ignored when testing the match criteria. If the ip-address does not exist, the no next-hop command returns a warning error, but continues to execute if part of an exec script.

Default

no next-hop — No next hop IP address for the route unknown priority control event is defined.

Parameters

ip-address

The IP address for an acceptable next hop IP address for a returned route prefix from the RTM when looking up the route-unknown route prefix.

Values

ipv4-address:	a.b.c.d
ipv6-address:	x:x:x:x:x:x:x:x[-interface]
	x:	[0..FFFF]H
	interface:	32 chars maximum, mandatory for link local addresses

The link-local IPv6 address must have an interface name specified. The global IPv6 address must not have an interface name specified.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>policy-options>policy-statement>entry>from next-hop)

Full Context

configure router policy-options policy-statement entry from next-hop

Description

This command enables BGP routes to be matched based on the BGP next-hop address. The match condition is evaluated against the IPv4 or IPv6 address in the NEXT_HOP or MP_REACH_NLRI attribute.

When the next-hop match is applied to VPN-IP routes, the Route Distinguisher (RD) is ignored.

A non-BGP route does not match a policy entry if it contains the next-hop command.

Default

no next-hop

Parameters

ip-address

An IPv4 or IPv6 address.

Values

a.b.c.d or x:x:x:x:x:x:x:x or x:x:x:x:x:x:d.d.d.d

name

Specifies the name of a prefix-list (up to 64 characters).

prefix-list

Specifies that the BGP next hop should be matched against a prefix-list instead of an individual IP address.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>policy-options>policy-statement>entry>action next-hop)

[Tree] (config>router>policy-options>policy-statement>default-action next-hop)

Full Context

configure router policy-options policy-statement entry action next-hop

configure router policy-options policy-statement default-action next-hop

Description

This command assigns the specified next hop IP address to routes matching the policy statement entry.

If a next-hop IP address is not specified, the next-hop attribute is not changed.

The no form of this command disables assigning a next hop address in the route policy entry.

Default

no next-hop

Parameters

ip-address

Specifies the next hop IP address in dotted decimal notation.

Values

ipv4-address:	a.b.c.d
ipv6-address:	x:x:x:x:x:x:x:x
	x:x:x:x:x:x:d.d.d.d
	x:	[0 to FFFF]H
	d:	[0 to 255]D
param-name:	The next-hop parameter variable name.
	Allowed values are any string up to 32 characters long composed of printable, 7-bit ASCII characters. If the string contains special characters (#, ?, space), the entire string must be enclosed within double quotes. Policy parameters must start and end with at-signs (@); for example, "@variable@”.

peer-address

Set the next-hop IP address to the peer’s IP address.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>mpls>fwd-policies>fwd-policy next-hop-group)

Full Context

configure router mpls forwarding-policies forwarding-policy next-hop-group

Description

This command configures an NHG entry in an MPLS forwarding policy.

Each NHG can have primary and backup next hops of the same type.

The no form of this command removes the NHG from the MPLS forwarding policy.

Parameters

index

Specifies the index value.

Values

1 to 32

direct

Specifies the direct resolution type.

indirect

Specifies the indirect resolution type.

Platforms

7705 SAR Gen 2

Context

[Tree] (configure>router>bgp>group>neighbor>bfd-strict-mode next-hop-reachability)

[Tree] (configure>router>bgp>bfd-strict-mode next-hop-reachability)

[Tree] (configure>service>vprn>bgp>bfd-strict-mode next-hop-reachability)

[Tree] (configure>service>vprn>bgp>group>bfd-strict-mode next-hop-reachability)

[Tree] (configure>service>vprn>bgp>group>neighbor>bfd-strict-mode next-hop-reachability)

[Tree] (configure>router>bgp>group>bfd-strict-mode next-hop-reachability)

Full Context

configure router bgp group neighbor bfd-strict-mode next-hop-reachability

configure router bgp bfd-strict-mode next-hop-reachability

configure service vprn bgp bfd-strict-mode next-hop-reachability

configure service vprn bgp group bfd-strict-mode next-hop-reachability

configure service vprn bgp group neighbor bfd-strict-mode next-hop-reachability

configure router bgp group bfd-strict-mode next-hop-reachability

Description

This command configures the router to consider next-hop self routes belonging to specific address families received from a peer within scope of this command as having an unresolved next hop, provided that the following requirements are met:

• The BFD session to the peer is in a down state.

• There is a valid interface BFD configuration that applies to the peer.

• There is a valid BFD liveness configuration that applies to the peer.

The unresolved state is maintained until the BFD session state changes to up or administratively down, even if there is a resolving route or tunnel that matches the BGP next-hop address.

Routes received from one peer with a BGP next-hop address equal to the address of another peer are not affected by the BFD session to the other peer.

The behavior of the router when this command is enabled does not depend on whether Strict-BFD is used, as both features are independent.

Enabling this command only affects routes belonging to the following address families:

• IPv4

• IPv6

• IPv4 VPN

• IPv6 VPN

• labeled unicast IPv4

• labeled unicast IPv6

• EVPN

• IPv4 multicast

• IPv6 multicast

• IPv4 VPN multicast

• IPv6 VPN multicast

The no form of this command prevents the router from considering next-hop self routes belonging to the preceding address families as having an unresolved next hop if the BFD session goes down.

Default

no next-hop-reachability

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>bgp next-hop-resolution)

Full Context

configure service vprn bgp next-hop-resolution

Description

Commands in this context configure next-hop resolution parameters.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>bgp next-hop-resolution)

Full Context

configure router bgp next-hop-resolution

Description

Commands in this context configure next-hop resolution parameters.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>bgp>group>neighbor next-hop-self)

[Tree] (config>service>vprn>bgp>group next-hop-self)

Full Context

configure service vprn bgp group neighbor next-hop-self

configure service vprn bgp group next-hop-self

Description

This command configures the group or neighbor to always set the NEXTHOP path attribute to its own physical interface when advertising to a peer.

This is primarily used to avoid third-party route advertisements when connected to a multi-access network.

The no form of this command used at the group level allows third-party route advertisements in a multi-access network.

The no form of this command used at the neighbor level reverts to the value defined at the group level.

Default

no next-hop-self — Third-party route advertisements are allowed.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>bgp>group next-hop-self)

[Tree] (config>router>bgp>group>neighbor next-hop-self)

Full Context

configure router bgp group next-hop-self

configure router bgp group neighbor next-hop-self

Description

This command enables BGP to advertise routes to members of a group or to a specific neighbor using a local address of the BGP instance as the BGP next-hop address. Note that next-hop-self is set without exception, regardless of the route source (EBGP or IBGP) or its family. When used with VPN-IPv4 and VPN-IPv6 routes the enable-rr-vpn-forwarding command should also be configured.

The no form of this command uses protocol standard behavior to decide whether or not to set next-hop-self in advertised routes.

Default

no next-hop-self

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>policy-options>policy-statement>default-action next-hop-self)

[Tree] (config>router>policy-options>policy-statement>entry>action next-hop-self)

Full Context

configure router policy-options policy-statement default-action next-hop-self

configure router policy-options policy-statement entry action next-hop-self

Description

This command configures BGP to advertise routes that match a policy entry (or that match no other policy entry and, therefore, to which the default action applies) using a local address of the BGP instance as the BGP next-hop address. The command applies to IPv4, IPv6, label-IPv4, and label-IPv6 routes. It also applies to VPN-IPv4 and VPN-IPv6 routes, but only when used in conjunction with the enable-rr-vpn-forwarding command.

This command affects how routes are advertised to IBGP peers, regardless of whether or not they were learned from an IBGP or EBGP peer

The no form of this command uses protocol standard behavior to decide whether or not to set next-hop-self in advertised routes.

Default

no next-hop-self

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>bgp>group next-hop-unchanged)

[Tree] (config>router>bgp>group>neighbor next-hop-unchanged)

Full Context

configure router bgp group next-hop-unchanged

configure router bgp group neighbor next-hop-unchanged

Description

This command enables unchanged BGP next-hops when sending BGP routes to peers in this group or neighbor.

The no form of this command disables unchanged BGP next-hops.

Default

no next-hop-unchanged

Parameters

evpn

Specifies BGP next hops are unchanged for the evpn address family.

label-ipv4

Specifies BGP next hops are unchanged for the label-ipv4 address family.

label-ipv6

Specifies BGP next hops are unchanged for the label-ipv6 address family.

vpn-ipv4

Specifies BGP next hops are unchanged for the vpn-ipv4 address family.

vpn-ipv6

Specifies BGP next hops are unchanged for the vpn-ipv6 address family.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>route-next-hop-policy>template nh-type)

Full Context

configure router route-next-hop-policy template nh-type

Description

This command configures the next-hop type constraint into the route next-hop policy template.

The user can select if tunnel backup next-hop or IP backup next-hop is preferred. The default in SR OS implementation is to prefer IP next-hop over tunnel next-hop. The implementation will fall back to the other type if no LFA next-hop of the preferred type is found.

When the route next-hop policy template is applied to an IP interface, all prefixes using this interface as a primary next-hop will follow the next-hop type preference specified in the template.

The no form deletes the next-hop type constraint from the route next-hop policy template.

Default

nh-type ip

Parameters

{ip | tunnel}

Specifies the two possible values for the next-hop type.

Default

ip

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>management-interface>yang-modules nmda)

Full Context

configure system management-interface yang-modules nmda

Description

Commands in this context configure the attributes for the Network Management Datastores Architecture (NMDA).

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>management-interface>yang-modules>nmda nmda-support)

Full Context

configure system management-interface yang-modules nmda nmda-support

Description

This command enables the advertisement of NMDA support over NETCONF through the use of YANG library 1.1.

The no form of this command disables NMDA advertisement over NETCONF and YANG library 1.0 is used.

Default

no nmda-support

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>rsvp node-id-in-rro)

Full Context

configure router rsvp node-id-in-rro

Description

This command enables the option to include node-id sub-object in RRO. Node-ID sub-object propagation is required to provide fast reroute protection for LSP that spans across multiple area domains.

If this option is disabled, then node-id is not included in RRO object.

Default

node-id-in-rro exclude

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>mpls>lsp>fast-reroute node-protect)

[Tree] (config>router>mpls>lsp-template>fast-reroute node-protect)

Full Context

configure router mpls lsp fast-reroute node-protect

configure router mpls lsp-template fast-reroute node-protect

Description

This command enables or disables node and link protection on the specified LSP. Node protection ensures that traffic from an LSP traversing a neighboring router will reach its destination even if the neighboring router fails.

Default

node-protect (for a provisioned LSP)

no node-protect (for a P2P LSP template)

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>isis>loopfree-alternates>remote-lfa node-protect)

Full Context

configure router isis loopfree-alternates remote-lfa node-protect

Description

This command enables node-protect in which the router prefers a node-protect over a link-protect repair tunnel for a given prefix if both are found in the Remote LFA or TI-LFA SPF computations. The SPF computations may only find a link-protect repair tunnel for prefixes owned by the protected node.

The no form of this command disables node-protect.

Default

no node-protect

Parameters

value

Specifies the maximum number of PQ nodes found in the LFA SPFs for which the node protection check is performed. The node-protect condition means the router must run the original Remote LFA algorithm plus one extra forward SPF on behalf of each PQ node found, potentially after applying the max-pq-cost parameter, to check if the path from the PQ node to the destination does not traverse the protected node. Setting this parameter to a lower value means the LFA SPFs will use less computation time and resources but may result in not finding a node-protect repair tunnel.

Values

1 to 32

Default

16

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>isis>loopfree-alternates>ti-lfa node-protect)

Full Context

configure router isis loopfree-alternates ti-lfa node-protect

Description

This command enables node-protect in which the router prefers a node-protect over a link-protect repair tunnel for a given prefix if both are found in the Remote LFA or TI-LFA SPF computations. The SPF computations may only find a link-protect repair tunnel for prefixes owned by the protected node.

The no form of this command disables node-protect.

Default

no node-protect

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>ospf>loopfree-alternates>remote-lfa node-protect)

Full Context

configure router ospf loopfree-alternates remote-lfa node-protect

Description

This command enables node-protect in which the router prefers a node-protect over a link-protect repair tunnel for a given prefix if both are found in the Remote LFA or TI-LFA SPF computations. The SPF computations may only find a link-protect repair tunnel for prefixes owned by the protected node.

The no form of this command disables node-protect.

Default

no node-protect

Parameters

max-pq-nodes value

Specifies the maximum number of PQ nodes found in the LFA SPFs for which the node protection check is performed. The node-protect condition means the router must run the original Remote LFA algorithm plus one extra forward SPF on behalf of each PQ node found, potentially after applying the max-pq-cost parameter, to check if the path from the PQ node to the destination does not traverse the protected node. Setting this parameter to a lower value means the LFA SPFs will use less computation time and resources but may result in not finding a node-protect repair tunnel.

Values

1 to 32

Default

16

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>ospf>loopfree-alternates>ti-lfa node-protect)

Full Context

configure router ospf loopfree-alternates ti-lfa node-protect

Description

This command enables node-protect in which the router prefers a node-protect over a link-protect repair tunnel for a given prefix if both are found in the Remote LFA or TI-LFA SPF computations. The SPF computations may only find a link-protect repair tunnel for prefixes owned by the protected node.

The no form of this command disables node-protect.

Default

no node-protect

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>ospf>area>interface node-sid)

Full Context

configure router ospf area interface node-sid

Description

This command assigns a node SID index or label value to the prefix representing the primary address of a network interface of type system or loopback. A separate SID value can be configured for each IPv4 and IPv6 primary address of the interface. The secondary address of an IPv4 interface cannot be assigned a node SID index and does not inherit the SID of the primary IPv4 address.

In OSPFv2 and OSPFv3, the node SID is configured in the primary area but is inherited in any other area in which the interface is added as secondary.

This command fails if the network interface is not of type loopback or if the interface is defined in an IES or VPRN context. Assigning the same SID index or label value to the same interface in two different IGP instances is not allowed within the same node.

The value of the label or index SID is taken from the range configured for this IGP instance. When using the global mode of operation, the segment routing module checks that the same index or label value is not assigned to more than one loopback interface address. When using the per-instance mode of operation, this check is not required because the index, and therefore, the label ranges of IGP instances are not allowed to overlap.

The clear-n-flag option allows the user to clear the N-flag (node-sid flag) in an OSPF or OSPF3 prefix SID sub-TLV originated for the prefix of a loopback interface on the system. By default, the prefix SID sub-TLV for the prefix of a loopback interface is tagged as a node SID; that is, it belongs to this node only. However, to configure and advertise an anycast SID using the same loopback interface prefix on multiple nodes, the user must clear the N-flag to assure interoperability with third-party implementations, which may perform a strict check on the receive end and drop duplicate prefix SID sub-TLVs when the N-flag is set.

The SR OS implementation is relaxed on the receive end and accepts duplicate prefix SIDs with the N-flag set or clear. SR OS will resolve to the closest owner, or owners if ECMP, of the prefix SID cost-wise.

Parameters

index-value

Specifies the node SID index value.

Values

0 to 4294967295

label-value

Specifies the node SID label value.

Values

0 to 4294967295

clear-n-flag

Clears the node SID flag.

Default

no clear-n-flag

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>ospf>area>if>flex-algo node-sid)

Full Context

configure router ospf area interface flex-algo node-sid

Description

This command configures a flexible algorithm-aware node SID label.

The no form of this command removes the configured node SID label.

Default

no node-sid

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>segment-routing>sr-mpls>prefix-sids node-sid)

Full Context

configure router segment-routing sr-mpls prefix-sids node-sid

Description

This command sets the N-flag for the SR SID. The N-flag should be set when the prefix SID is a node SID for the primary prefix. If the N-flag is not set, the SR SID is an SR anycast SID.

The no form of this command removes the assigned node SID.

Default

no node-sid

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>management-interface>yang-modules nokia-combined-modules)

Full Context

configure system management-interface yang-modules nokia-combined-modules

Description

This command enables support of the "combined” Nokia SR OS YANG files for both configuration and state data in the NETCONF server.

When management-interface configuration-mode is set to classic, attempts to access (read or write) the configuration using the Nokia configuration modules or namespace via NETCONF results in errors, even if nokia-combined-modules or nokia-submodules is enabled.

This command and the nokia-submodules command cannot both be enabled at the same time.

The no form of this command disables support of the combined Nokia SR OS YANG files.

Default

nokia-combined-modules

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>security>tacplus>service-request nokia-grpc-rpc-authorization)

[Tree] (config>service>vprn>aaa>remote-servers>tacplus>service-request nokia-grpc-rpc-authorization)

Full Context

configure system security tacplus service-request nokia-grpc-rpc-authorization

configure service vprn aaa remote-servers tacplus service-request nokia-grpc-rpc-authorization

Description

This command enables the nokia-grpc-rpc-authorization service to be requested from the TACACS+ server after successful authentication.

The no form of this command disables the nokia-grpc-rpc-authorization service from being requested from the TACACS+ server.

Default

no nokia-grpc-rpc-authorization

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>security>tacplus>service-request nokia-netconf-base-op-authorization)

[Tree] (config>service>vprn>aaa>remote-servers>tacplus>service-request nokia-netconf-base-op-authorization)

Full Context

configure system security tacplus service-request nokia-netconf-base-op-authorization

configure service vprn aaa remote-servers tacplus service-request nokia-netconf-base-op-authorization

Description

This command enables the nokia-netconf-base-op-authorization service to be requested from the TACACS+ server after successful authentication.

The no form of this command disables that the nokia-netconf-base-op-authorization service from being requested from the TACACS+ server.

Default

no nokia-netconf-base-op-authorization

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>management-interface>yang-modules nokia-submodules)

Full Context

configure system management-interface yang-modules nokia-submodules

Description

This command enables support of the alternative submodule-based packaging of the Nokia SR OS YANG files for both configuration and state data in the SR OS NETCONF server.

When management-interface configuration-mode is set to classic, attempts to access (read or write) the configuration using the Nokia configuration modules or namespace via NETCONF results in errors, even if nokia-combined-modules or nokia-submodules is enabled.

This command and the nokia-combined-modules command cannot both be enabled at the same time.

The no form of this command disables support of submodule-based packaging of the Nokia SR OS YANG files.

Default

no nokia-submodules

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>security>tacplus>service-request nokia-user)

[Tree] (config>service>vprn>aaa>remote-servers>tacplus>service-request nokia-user)

Full Context

configure system security tacplus service-request nokia-user

configure service vprn aaa remote-servers tacplus service-request nokia-user

Description

This command enables the nokia-netconf-base-op-authorization service to be requested from the TACACS+ server after successful authentication

The no form of this command disables the nokia-netconf-base-op-authorization service from being requested from the TACACS+ server.

Default

no nokia-user

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>pim non-dr-attract-traffic)

Full Context

configure service vprn pim non-dr-attract-traffic

Description

This command specifies whether the router should ignore the designated router state and attract traffic even when it is not the designated router.

An operator can configure an interface (router or IES or VPRN interfaces) to IGMP and PIM. The interface IGMP state will be synchronized to the backup node if it is associated with the redundant peer port. The interface can be configured to use PIM which will cause multicast streams to be sent to the elected DR only. The DR will also be the router sending traffic to the DSLAM. Since it may be required to attract traffic to both routers a flag non-dr-attract-traffic can be used in the PIM context to have the router ignore the DR state and attract traffic when not DR. While using this flag, the router may not send the stream down to the DSLAM while not DR.

When enabled, the designated router state is ignored. When disabled, no non-dr-attract-traffic, the designated router value is honored.

Default

no non-dr-attract-traffic

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>pim non-dr-attract-traffic)

Full Context

configure router pim non-dr-attract-traffic

Description

This command specifies whether the router should ignore the designated router state and attract traffic even when it is not the designated router.

An operator can configure an interface (router or IES or VPRN interfaces) to IGMP and PIM. The interface state will be synchronized to the backup node if it is associated with the redundant peer port. The interface can be configured to use PIM which will cause multicast streams to be sent to the elected DR only. The DR will also be the router sending traffic to the DSLAM. Since it may be required to attract traffic to both routers a flag non-dr-attract-traffic can be used in the PIM context to have the router ignore the DR state and attract traffic when not DR. While using this flag, the router may not send the stream down to the DSLAM while not DR.

When enabled, the designated router state is ignored.

The no form of this command the designated router value is honored.

Default

no non-dr-attract-traffic

Platforms

7705 SAR Gen 2

Context

[Tree] (config>port>ethernet>lldp>dstmac notification)

Full Context

configure port ethernet lldp dest-mac notification

Description

This command enables LLDP notifications.

The no form of this command disables LLDP notifications.

Default

no notification

Platforms

7705 SAR Gen 2

Context

[Tree] (debug>router>bgp notification)

Full Context

debug router bgp notification

Description

This command decodes and logs all sent and received notification messages in the debug log.

The no form of this command disables the debugging.

Parameters

neighbor ip-address

Debugs only events affecting the specified BGP neighbor.

Values

ipv4-address:

• a.b.c.d (host bits must be 0)

ipv6-address:

• x:x:x:x:x:x:x:x [-interface] (eight 16-bit pieces)

• x:x:x:x:x:x:d.d.d.d [-interface]

• x: [0 to FFFF]H

• d: [0 to 255]D

• interface: up to 32 characters for link local addresses

group name

Debugs only events affecting the specified peer group name, up to 64 characters, and associated neighbors.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>lag>lldp-member-template>dstmac notification)

Full Context

configure lag lldp-member-template dest-mac notification

Description

This command enables LLDP notifications.

The no form of this command disables LLDP notifications.

Default

no notification

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>telemetry notification-bundling)

Full Context

configure system telemetry notification-bundling

Description

Commands in this context configure SubscribeResponse notification bundling.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>lldp notification-interval)

Full Context

configure system lldp notification-interval

Description

This command configures the minimum time between change notifications.

The no form of this command reverts to the default value.

Default

no notification-interval

Parameters

time

Specifies the minimum time, in seconds, between change notifications.

Values

5 to 3600

Default

5

Platforms

7705 SAR Gen 2

Context

[Tree] (config>filter>redirect-policy notify-dest-change)

Full Context

configure filter redirect-policy notify-dest-change

Description

This command instructs the system to send notifications (Log, SNMP, …) when the active destination of a redirect policy changes. No notification is sent when there are no more active destinations (as this is covered by a specific other notification). Notifications can be controlled (using the config>log>event-control command) using application ID 2017 and event-name tFilterRPActiveDstChangeEvent.

The no form of the command disables notification generation.

Default

no notify-dest-change

Platforms

7705 SAR Gen 2

Context

[Tree] (debug>system nsp-proxy)

Full Context

debug system nsp-proxy

Description

This command enables debugging for NSP proxy.

The no form of this command disables debugging for NSP proxy.

Default

no nsp-proxy

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>ospf3>area nssa)

[Tree] (config>service>vprn>ospf>area nssa)

Full Context

configure service vprn ospf3 area nssa

configure service vprn ospf area nssa

Description

This command creates the context to configure an OSPF Not So Stubby Area (NSSA) and adds/removes the NSSA designation from the area.

NSSAs are similar to stub areas in that no external routes are imported into the area from other OSPF areas. The major difference between a stub area and an NSSA is that an NSSA has the capability to flood external routes that it learns throughout its area and via an ABR to the entire OSPF domain.

Existing virtual links of a non-stub or NSSA area are removed when the designation is changed to NSSA or stub.

An area can be designated as stub or NSSA but never both at the same time.

By default, an area is not configured as an NSSA area.

The no form of this command removes the NSSA designation and configuration context from the area.

Default

no nssa — The OSPF area is not an NSSA.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>ospf3>area nssa)

[Tree] (config>router>ospf>area nssa)

Full Context

configure router ospf3 area nssa

configure router ospf area nssa

Description

This command creates the context to configure an OSPF or OSPF3 Not So Stubby Area (NSSA) and adds/removes the NSSA designation from the area.

NSSAs are similar to stub areas in that no external routes are imported into the area from other OSPF areas. The major difference between a stub area and an NSSA is an NSSA has the capability to flood external routes that it learns throughout its area and via an ABR to the entire OSPF or OSPF3 domain.

Existing virtual links of a non-stub or NSSA area will be removed when the designation is changed to NSSA or stub.

An area can be designated as stub or NSSA but never both at the same time.

By default, an area is not configured as an NSSA area.

The no form of this command removes the NSSA designation and configuration context from the area.

Default

no nssa

Platforms

7705 SAR Gen 2

Context

[Tree] (debug>router>ospf3 nssa-range)

[Tree] (debug>router>ospf nssa-range)

Full Context

debug router ospf3 nssa-range

debug router ospf nssa-range

Description

This command enables debugging for an NSSA range.

Parameters

ip-address

Specifies the IPv4 or IPv6 address range to debug OSPF or OSPF3 leaks.

Values

ipv4-address:

• a.b.c.d

ipv6-address:

• x:x:x:x:x:x:x:x (eight 16-bit pieces)

• x:x:x:x:x:x:d.d.d.d

• x: [0 to FFFF]H

• d: [0 to 255]D

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn ntp)

Full Context

configure service vprn ntp

Description

Commands in this context configure Network Time Protocol (NTP) and its operation. It also enables NTP server mode within the VPRN routing instance so that the router will respond to NTP requests from external clients received inside the VPRN.

The no form of this command stops the execution of NTP and removes its configuration.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>time ntp)

Full Context

configure system time ntp

Description

Commands in this context configure Network Time Protocol (NTP) and its operation. This protocol defines a method to accurately distribute and maintain time for network elements. Furthermore, this capability allows for the synchronization of clocks between the various network elements.

The no form of the command stops the execution of NTP and remove its configuration.

Default

ntp

Platforms

7705 SAR Gen 2

Context

[Tree] (debug>system ntp)

Full Context

debug system ntp

Description

This command enables and configures debugging for NTP.

The no form of the command disables debugging for NTP.

Parameters

router-instance

Specifies the router name or CPM router instance.

Values

router-name | vprn-svc-id

router-name – "Base”, "management”

vprn-svc-id – 1 to 2147483647

Default

Base

ip-int-name

Specifies the name of the IP interface. The name can be up to 32 characters and must begin with a letter. If the string contains special characters (#, $, spaces, etc.), the entire string must be enclosed within double quotes.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>ies>if>vrrp ntp-reply)

[Tree] (config>service>ies>if>ipv6>vrrp ntp-reply)

Full Context

configure service ies interface vrrp ntp-reply

configure service ies interface ipv6 vrrp ntp-reply

Description

This command enables the reception and response to NTP Requests directed at the VRRP virtual IP address. This behavior only applies the router currently acting as the master VRRP router.

The no form of this command disables NTP Requests from being processed.

Default

no ntp-reply

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>if>vrrp ntp-reply)

[Tree] (config>service>vprn>if>ipv6>vrrp ntp-reply)

Full Context

configure service vprn interface vrrp ntp-reply

configure service vprn interface ipv6 vrrp ntp-reply

Description

This command enables the reception and response to NTP Requests directed at the VRRP virtual IP address. This behavior only applies the router currently acting as the master VRRP router.

The no form of this command disables NTP Requests from being processed.

Default

no ntp-reply

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>if>vrrp ntp-reply)

[Tree] (config>router>if>ipv6>vrrp ntp-reply)

Full Context

configure router interface vrrp ntp-reply

configure router interface ipv6 vrrp ntp-reply

Description

This command enables the reception and response to NTP Requests directed at the VRRP virtual IP address. This behavior only applies the router currently acting as the master VRRP router.

The no form of this command disables NTP Requests from being processed.

Default

no ntp-reply

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>time>ntp ntp-server)

Full Context

configure system time ntp ntp-server

Description

This command configures the node to assume the role of an NTP server. Unless the server command is used, this node will function as an NTP client only and will not distribute the time to downstream network elements.

Default

no ntp-server

Parameters

authenticate

Specifies to make authentication a requirement (optional). If authentication is required, the authentication key-id received in a message must have been configured in the authentication-key command, and that key-id type and key value must also match.

The authentication key from the received messages will be used for the transmitted messages.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>log>filter>entry>match number)

Full Context

configure service vprn log filter entry match number

Description

This command adds an SR OS application event number as a match criterion.

SR OS event numbers uniquely identify a specific logging event within an application.

Only one number command can be entered per event filter entry. The latest number command overwrites the previous command.

The no form of this command removes the event number as a match criterion.

Default

no event-number — No event ID match criterion is specified.

Parameters

eq | neq | lt | lte | gt | gte

Specifies the type of match. Valid operators are listed below.

Values

Table 1. Valid Operators

Operator	Note
eq	equal to
neq	not equal to
lt	less than
lte	less than or equal to
gt	greater than
gte	greater than or equal to

event-id

Specifies the event ID, expressed as a decimal integer.

Values

1 to 4294967295

Platforms

7705 SAR Gen 2

Context

[Tree] (config>log>filter>entry>match number)

Full Context

configure log filter entry match number

Description

This command adds an SR OS application event number as a match criterion.

SR OS event numbers uniquely identify a specific logging event within an application.

Only one number command can be entered per event filter entry. The latest number command overwrites the previous command.

The no form of this command removes the event number as a match criterion.

Parameters

eq | neq | lt | lte | gt | gte

Specifies the type of match. Valid operators are listed in Valid Operators.

Table 2. Valid Operators

Operator	Notes
eq	equal to
neq	not equal to
lt	less than
lte	less than or equal to
gt	greater than
gte	greater than or equal to

event-id

The event ID, expressed as a decimal integer.

Values

1 to 4294967295

Platforms

7705 SAR Gen 2

Context

[Tree] (config>vrrp>policy>priority-event>lag-port-down number-down)

Full Context

configure vrrp policy priority-event lag-port-down number-down

Description

This command creates a context to configure an event set threshold within a lag-port-down priority control event.

The number-down command defines a sub-node within the lag-port-down event and is uniquely identified with the number-of-lag-ports-down parameter. Each number-down node within the same lag-port-down event node must have a unique number-of-lag-ports-down value. Each number-down node has its own priority command that takes effect whenever that node represents the current threshold.

The total number of sub-nodes (uniquely identified by the number-of-lag-ports-down parameter) allowed in a single lag-port-down event is equal to the total number of possible physical ports allowed in a LAG.

A number-down node is not required for each possible number of ports that could be down. The active threshold is always the closest lower threshold. When the number of ports down equals a given threshold, that is the active threshold.

The no form of the command deletes the event set threshold. The threshold may be removed at any time. If the removed threshold is the current active threshold, the event set thresholds must be re-evaluated after removal.

Default

no number-down — No threshold for the LAG priority event is created.

Parameters

number-of-lag-ports-down

The number of LAG ports down to create a set event threshold. This is the active threshold when the number of down ports in the LAG equals or exceeds number-of-lag-ports-down, but does not equal or exceed the next highest configured number-of-lag-ports-down.

Values

1 to 64 (applies to 64-link LAG) 1 to 32 (applies to other LAGs)

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vpls>mac-move number-retries)

[Tree] (config>service>template>vpls-template>mac-move number-retries)

Full Context

configure service vpls mac-move number-retries

configure service template vpls-template mac-move number-retries

Description

This command configures the number of times retries are performed for re-enabling the SAP/SDP.

Default

number-retries 3

Parameters

number-retries

Specifies number of retries for re-enabling the SAP/SDP. A zero (0) value indicates unlimited number of retries.

Values

0 to 255

Platforms

7705 SAR Gen 2