p Commands – Part III

Context

[Tree] (config>router>ldp prefer-tunnel-in-tunnel)

Full Context

configure router ldp prefer-tunnel-in-tunnel

Description

This command specifies to use tunnel-in-tunnel over a simple LDP tunnel. Specifically, the user packets for LDP FECs learned over this targeted LDP session can be sent inside an RSVP LSP which terminates on the same egress router as the destination of the targeted LDP session. The user can specify an explicit list of RSVP LSP tunnels under the Targeted LDP session or LDP will perform a lookup in the Tunnel Table Manager (TTM) for the best RSVP LSP. In the former case, only the specified LSPs will be considered to tunnel LDP user packets. In the latter case, all LSPs available to the TTM and which terminate on the same egress router as this target ed LDP session will be considered. In both cases, the metric specified under the LSP configuration is used to control this selection.

The lookup in the TTM will prefer a LDP tunnel over an LDP-over-RSVP tunnel if both are available. Also, the tunneling operates on the dataplane only. Control packets of this targeted LDP session are sent over the IGP path.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>bgp preference)

[Tree] (config>service>vprn>bgp>group preference)

Full Context

configure service vprn bgp preference

configure service vprn bgp group preference

Description

This command configures the route preference for routes learned from the configured peer(s).

This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in peer-group) or neighbor level (only applies to specified peer). The most specific value is used.

The lower the preference the higher the chance of the route being the active route. The OS assigns BGP routes highest default preference compared to routes that are direct, static or learned via MPLS or OSPF.

The no form of this command, if used at the global level, reverts to default value.

The no form of this command used at the group level reverts to the value defined at the global level.

The no form of this command used at the neighbor level reverts to the value defined at the group level.

Default

preference 170

Parameters

preference

Specifies the route preference, expressed as a decimal integer.

Values

1 to 255

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>static-route-entry>next-hop preference)

[Tree] (config>service>vprn>static-route-entry>black-hole preference)

[Tree] (config>service>vprn>static-route-entry>indirect preference)

[Tree] (config>service>vprn>static-route-entry>ipsec-tunnel preference)

[Tree] (config>service>vprn>static-route-entry>grt preference)

Full Context

configure service vprn static-route-entry next-hop preference

configure service vprn static-route-entry black-hole preference

configure service vprn static-route-entry indirect preference

configure service vprn static-route-entry ipsec-tunnel preference

configure service vprn static-route-entry grt preference

Description

This command specifies the route preference to be assigned to the associated static route. The lower the preference value the more preferred the route is considered.

Default Route Preference lists the default route preference based on the route source.

The no form of this command returns the returns the associated static route preference to its default value.

Default

preference 5

Parameters

preference-value

Specifies the route preference value.

Values

1 to 255

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>isis>level preference)

Full Context

configure service vprn isis level preference

Description

This command configures the preference level of either IS-IS Level 1 or IS-IS Level 2 internal routes. By default, the preferences are listed in the table below.

A route can be learned by the router by different protocols, in which case, the costs are not comparable. When this occurs, the preference is used to decide to which route will be used.

Different protocols should not be configured with the same preference, if this occurs the tiebreaker is per the default preference table as defined in the table below. If multiple routes are learned with an identical preference using the same protocol, the lowest cost route is used. If multiple routes are learned with an identical preference using the same protocol and the costs (metrics) are equal, then the decision what route to use is determined by the configuration of the ecmp in the config>router context.

Default

Default preferences are listed in Default Preferences.

Parameters

preference

The preference for external routes at this level expressed as a decimal integer.

Values

1 to 255

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>ospf3 preference)

[Tree] (config>service>vprn>ospf preference)

Full Context

configure service vprn ospf3 preference

configure service vprn ospf preference

Description

This command configures the preference for OSPF internal routes.

A route can be learned by the router from different protocols in which case the costs are not comparable, when this occurs the preference is used to decide to which route will be used.

Different protocols should not be configured with the same preference. If the same preference is configured, the tiebreaker is per the default preference table as defined in Default Route Preferences . If multiple routes are learned with an identical preference using the same protocol, the lowest cost route is used.

If multiple routes are learned with an identical preference using the same protocol and the costs (metrics) are equal, then the decision of what route to use is determined by the configuration of the ecmp in the config>router context.

The no form of this command reverts to the default value.

Default

preference 10 — OSPF internal routes have a preference of 10.

Parameters

preference

The preference for internal routes expressed as a decimal integer. Defaults for different route types are listed in the following table.

Values

1 to 255

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>ripng preference)

[Tree] (config>service>vprn>rip>group>neighbor preference)

[Tree] (config>service>vprn>ripng>group preference)

[Tree] (config>service>vprn>ripng>group>neighbor preference)

[Tree] (config>service>vprn>rip preference)

[Tree] (config>service>vprn>rip>group preference)

Full Context

configure service vprn ripng preference

configure service vprn rip group neighbor preference

configure service vprn ripng group preference

configure service vprn ripng group neighbor preference

configure service vprn rip preference

configure service vprn rip group preference

Description

This command sets the route preference assigned to RIP routes. This value can be overridden by route policies.

The no form of this command resets the preference to the default.

Default

no preference

Parameters

preference

Specifies the preference value.

Values

1 to 255

Default

100

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>mpls>fwd-policies>fwd-policy preference)

Full Context

configure router mpls forwarding-policies forwarding-policy preference

Description

This command configures the preference of an MPLS forwarding policy.

The no form of this command removes the preference parameter from the MPLS forwarding policy.

Default

preference 255

Parameters

preference-value

Specifies the preference value.

The preference-value parameter allows the user to configure multiple label-binding forwarding policies with the same binding label or multiple endpoint policies with the same endpoint address. This provides the capability to achieve a 1:N backup strategy for the forwarding policy. Only the most preferred, lowest numerically preference value, policy is activated in data path.

Values

1 to 255

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>static-route-entry>indirect preference)

[Tree] (config>router>static-route-entry>next-hop preference)

[Tree] (config>router>static-route-entry>black-hole preference)

Full Context

configure router static-route-entry indirect preference

configure router static-route-entry next-hop preference

configure router static-route-entry black-hole preference

Description

This command specifies the route preference to be assigned to the associated static route. The lower the preference value the more preferred the route is considered.

Default Route Preference shows the default route preference based on the route source.

The no form of this command returns the returns the associated static route preference to its default value.

Default

preference 5

Parameters

preference

Specifies the route preference value.

Values

1 to 255

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>bgp>group preference)

[Tree] (config>router>bgp preference)

[Tree] (config>router>bgp>group>neighbor preference)

Full Context

configure router bgp group preference

configure router bgp preference

configure router bgp group neighbor preference

Description

This command configures the route preference for routes learned from the configured peers.

This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in peer-group) or neighbor level (only applies to specified peer). The most specific value is used.

The lower the preference the higher the chance of the route being the active route. The router assigns BGP routes highest default preference compared to routes that are direct, static or learned via MPLS or OSPF.

The no form of this command used at the global level reverts to default value.

The no form of this command used at the group level reverts to the value defined at the global level.

The no form of this command used at the neighbor level reverts to the value defined at the group level.

Default

preference 170

Parameters

preference

Specifies the route preference expressed as a decimal integer.

Values

1 to 255

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>isis>level preference)

Full Context

configure router isis level preference

Description

This command configures the preference level of either IS-IS Level 1 or IS-IS Level 2 internal routes. By default, the preferences are listed in the table below.

A route can be learned by the router by different protocols, in which case, the costs are not comparable. When this occurs, the preference is used to decide to which route will be used.

Different protocols should not be configured with the same preference, if this occurs the tiebreaker is per the default preference table as defined in the following table. If multiple routes are learned with an identical preference using the same protocol, the lowest cost route is used. If multiple routes are learned with an identical preference using the same protocol and the costs (metrics) are equal, then the decision what route to use is determined by the configuration of the ecmp in the config>router context.

Default

preference (Level 1) — 15

preference (Level 2) — 18

Parameters

preference

Specifies the preference for external routes at this level expressed as a decimal integer. The default preferences are listed in Default Internal Route Preferences .

Table 5. Default Internal Route Preferences

Route Type	Preference	Configurable
Direct attached	0	—
Static-route	5	Yes
OSPF internal routes	10	—
IS-IS level 1 internal	15	Yes
IS-IS level 2 internal	18	Yes
OSPF external	150	Yes
IS-IS level 1 external	160	Yes1
IS-IS level 2 external	165	Yes1
BGP	170	Yes

¹ External preferences are changed using the external-preference command in the config>router>isis>level level-number context.

Values

1 to 255

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>ospf preference)

[Tree] (config>router>ospf3 preference)

Full Context

configure router ospf preference

configure router ospf3 preference

Description

This command configures the preference for OSPF internal routes.

A route can be learned by the router from different protocols, in which case, the costs are not comparable. When this occurs, the preference is used to decide which route will be used.

Different protocols should not be configured with the same preference, if this occurs the tiebreaker is per the default preference table as defined in Route Preference Defaults by Route Type . If multiple routes are learned with an identical preference using the same protocol, the lowest cost route is used.

If multiple routes are learned with an identical preference using the same protocol and the costs (metrics) are equal, then the decision of what route to use is determined by the configuration of the ecmp in the config>router context.

The no form of this command reverts to the default value.

Default

preference 10

Parameters

preference

Specifies the preference for internal routes expressed as a decimal integer. Defaults for different route types are listed in Route Preference Defaults by Route Type .

Table 6. Route Preference Defaults by Route Type

Route Type	Preference	Configurable
Direct attached	0	No
Static routes	5	Yes
OSPF internal	10	Yes1
IS-IS level 1 internal	15	Yes
IS-IS level 2 internal	18	Yes
RIP	100	Yes
OSPF external	150	Yes
IS-IS level 1 external	160	Yes
IS-IS level 2 external	165	Yes
BGP	170	Yes

¹ Preference for OSPF internal routes is configured with the preference command.

Values

1 to 255

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>ospf>lfa>mhp preference)

[Tree] (config>router>isis>lfa>mhp preference)

Full Context

configure router ospf loopfree-alternates multi-homed-prefix preference

configure router isis loopfree-alternates multi-homed-prefix preference

Description

This command configures the preference for the multihomed prefix LFA backup path. This knob can be enabled at a LFA computing node to force the programming of the multihomed prefix LFA backup path which, in some topologies, can avoid transiting using the best ABR or ASBR.

The no form of this command reverts to the default value.

Default

preference none

Parameters

none

Specifies the preference for an LFA, TI-LFA, or RLFA backup path over the multihomed prefix LFA backup path. The multihomed prefix LFA is only programmed in cases where the prefix is not protected by LFA, RLFA, or TI-LFA.

all

Specifies the forced programming of the multihomed prefix LFA backup path regardless of the outcome of the LFA, TI-LFA, or RLFA backup path computation.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>rip>group preference)

[Tree] (config>router>ripng>group>neighbor preference)

[Tree] (config>router>rip>group>neighbor preference)

[Tree] (config>router>ripng preference)

[Tree] (config>router>rip preference)

[Tree] (config>router>ripng>group preference)

Full Context

configure router rip group preference

configure router ripng group neighbor preference

configure router rip group neighbor preference

configure router ripng preference

configure router rip preference

configure router ripng group preference

Description

This command configures the preference for RIP routes.

A route can be learned by the router from different protocols in which case the costs are not comparable. When this occurs, the preference is used to decide which route will be used.

Different protocols should not be configured with the same preference, if this occurs the tiebreaker is per the default preference table as defined in Route Preference Defaults by Route Type . If multiple routes are learned with an identical preference using the same protocol, the lowest cost route is used.

If multiple routes are learned with an identical preference using the same protocol and the costs (metrics) are equal, then the decision of what route to use is determined by the configuration of the ecmp in the config>router context.

The no form of the command reverts to the default value.

Default

preference 100

Parameters

preference

Specifies the preference for RIP routes expressed as a decimal integer. Defaults for different route types are listed in Route Preference Defaults by Route Type .

Table 7. Route Preference Defaults by Route Type

Route Type	Preference	Configurable
Direct attached	0	—
Static routes	5	Yes
OSPF internal	10	Yes
IS-IS level 1 internal	15	Yes
IS-IS level 2 internal	18	Yes
RIP	100	Yes
OSPF external	150	Yes
IS-IS level 1 external	160	Yes
IS-IS level 2 external	165	Yes
BGP	170	Yes

Values

0 to 255

Platforms

7705 SAR Gen 2

Context

[Tree] (conf>router>segment-routing>sr-policies>policy preference)

Full Context

configure router segment-routing sr-policies static-policy preference

Description

This command associates a preference value with a statically defined-segment routing policy. This is an optional parameter.

When there are multiple policies for the same (color, endpoint) combination that are targeted for local installation, only one is selected as the active path for the (color, endpoint). In this selection process (which considers both static local policies and BGP signaled policies), the policy with the highest preference value is preferred over all policies with a lower preference value.

The no form of this command reverts to the default value.

Default

preference 100

Parameters

preference

Specifies the preference ID.

Values

0 to 4294967295

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>policy-options>policy-statement>entry>action preference)

Full Context

configure router policy-options policy-statement entry action preference

Description

This command assigns a route preference to routes matching the route policy statement entry.

If no preference is specified, the default Route Table Manager (RTM) preference for the protocol is used.

The no form of this command disables setting an RTM preference in the route policy entry.

Default

no preference

Parameters

preference

Specifies the route preference expressed as a decimal integer.

Values

1 to 255 (0 represents unset - MIB only)

name — The preference parameter variable name. Allowed values are any string up to 32 characters long composed of printable, 7-bit ASCII characters. If the string contains special characters (#, ?, space), the entire string must be enclosed within double quotes. Policy parameters must start and end with at-signs (@); for example, "@variable@”.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>ipsec>tnl-temp>rev-route preference)

Full Context

configure ipsec tunnel-template reverse-route preference

Description

This command configures the route preference assigned to the DL2L tunnel reverse routes. The system uses this preference when selecting a route to install in the route table.

Default

preference 0

Parameters

preference

Specifies the preference value for reverse routes.

Values

0 to 255

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>dhcp6>server>pool>prefix preferred-lifetime)

[Tree] (config>router>dhcp6>server>pool>prefix preferred-lifetime)

Full Context

configure service vprn dhcp6 local-dhcp-server pool prefix preferred-lifetime

configure router dhcp6 local-dhcp-server pool prefix preferred-lifetime

Description

This command configures the preferred lifetime.

The no form of this command reverts to the default value.

Default

preferred-lifetime hrs 1

Parameters

preferred-lifetime

Specifies the preferred time for a prefix.

Values

days:	0 to 3650
hours:	0 to 23
minutes:	0 to 59
seconds	0 to 59

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>router-advert>if>prefix preferred-lifetime)

[Tree] (config>router>router-advert>if>prefix preferred-lifetime)

Full Context

configure service vprn router-advertisement interface prefix preferred-lifetime

configure router router-advertisement interface prefix preferred-lifetime

Description

This command configures the remaining length of time in seconds that this prefix will continue to be preferred, such as, time until deprecation. The address generated from a deprecated prefix should not be used as a source address in new communications, but packets received on such an interface are processed as expected.

Default

preferred-lifetime 604800

Parameters

seconds

Specifies the remaining length of time in seconds that this prefix will continue to be preferred.

Values

0 to 4294967294

infinite

Specifies that the prefix will always be preferred. A value of 4,294,967,295 represents infinity.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>dhcp6>server>pool prefix)

[Tree] (config>service>vprn>dhcp6>server>pool prefix)

Full Context

configure router dhcp6 local-dhcp-server pool prefix

configure service vprn dhcp6 local-dhcp-server pool prefix

Description

This command allocates a prefix to a pool from which Prefix Delegation prefixes and or WAN addresses can be assigned for DHCP6.

The no form of this command removes the prefix parameters from the configuration.

Default

prefix failover local

Parameters

prefix ipv6-addr/prefix-length

Specifies the prefix.

Values

ipv6-address	x:x:x:x:x:x:x:x (eight 16-bit pieces)
		x:x:x:x:x:x:d.d.d.d
		x [0 to FFFF]H
		d [0 to 255]D
	prefix-length	1 to 128

failover {local | remote | access-driven}

This command designates a prefix as local, remote, or access-driven. This is used when multi-chassis synchronization is enabled.

Values

local — An IPv6 prefix designated as local is used for new lease grants or to renew the existing lease grants. Local prefix designation should be always paired with the remote designation of the same prefix on the peering node.

The IPv6 prefix configured as local on one node can only be configured as remote on the other node. No other combination is allowed between the two nodes for an IPv6 prefix that is configured as local.

The DHCPv6 relay could point to both IPv6 DHCP server addresses— the one hosting the local IPv6 prefix and the one hosting the corresponding remote IPv6 prefix. Under normal circumstances the new lease will always be allocated from the local IPv6 prefix while the leases can be renewed from either IPv6 prefix (local or remote). Under network failure, the remote IPv6 prefix can be taken over according to the intercommunication link state transitions and associated timers.

remote — A prefix designated as remote is used only to renew the existing DHCP leases. The new leases are assigned from it only after the maximum-client-lead-time and partner-down-delay time elapses.

To ensure faster takeover, the partner-down-delay can be set to 0 and the MCLT time can be ignored. Extra caution should be exercised when enabling this mode of operation, as described in the configuration guides.

The IPv6 prefix configured as remote on one node can only be configured as local on the other node. No other combination is allowed between the two nodes for an IP address ranges that is configured as remote.

access-driven — A prefix designated as access-driven is like local (a new prefix assignment as well as a renewal). However, as the prefix is shared between the redundant server pair, the following additional conditions should be met to avoid duplicate address allocations:

• A dual home access protection mechanism such as SRRP or MC-LAG must ensure a single active path from the

  DHCP client to the server.

• The DHCP relay should point to the local server only.

pd

Specifies that this aggregate is used by IPv6 ESM hosts for DHCPv6 prefix-delegation.

wan-host

Specifies that this aggregate is used by IPv6 ESM hosts for local addressing or by a routing gateway’s WAN interface.

create

Keyword used to create the prefix configuration. The create keyword requirement can be enabled or disabled in the environment>create context.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vpls>bgp-ad>vsi-id prefix)

Full Context

configure service vpls bgp-ad vsi-id prefix

Description

This command specifies the low-order 4 bytes used to compose the Virtual Switch Instance Identifier (VSI-ID) to use for NLRI in BGP auto-discovery in this VPLS service.

If no value is set, the system IP address will be used.

Default

no prefix

Parameters

low-order-vsi-id

Specifies a unique VSI ID

Values

0— 4294967295

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>bgp>group>dynamic-neighbor>match prefix)

Full Context

configure service vprn bgp group dynamic-neighbor match prefix

Description

This command configures a prefix to accept dynamic BGP sessions (sessions from source IP addresses not matching any configured neighbor addresses). A dynamic session is associated with the group having the longest match prefix entry for the source IP address of the peer. The group association determines local parameters that apply to the session, including the local AS, the local IP address, the MP-BGP families, the import and export policies, and so on.

The no form of this command removes a prefix entry.

Parameters

ip-prefix/prefix-length

Specifies a prefix from which to accept dynamic BGP sessions.

Values

ipv4-prefix — a.b.c.d (host bits must be 0)

ipv4-prefix-length — 0 to 32

ipv6-prefix — x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x — [0 to FFFF]H

d — [0 to 255]D

ipv6-prefix-length — 0 to 128

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>router-advert>if prefix)

Full Context

configure service vprn router-advertisement interface prefix

Description

This command configures an IPv6 prefix in the router advertisement messages. To support multiple IPv6 prefixes, use multiple prefix statements. No prefix is advertised until explicitly configured using prefix statements.

Parameters

ipv6-prefix

Specifies the IP prefix for prefix list entry in dotted decimal notation.

Values

ipv4-prefix	a.b.c.d (host bits must be 0)
ipv4-prefix-length	0 to 32
ipv6-prefix	x:x:x:x:x:x:x:x (eight 16-bit pieces)
	x:x:x:x:x:x:d.d.d.d
	x: [0 to FFFF]H
	d: [0 to 255]D
ipv6-prefix-length	0 to 128

prefix-length

Specifies a route must match the most significant bits and have a prefix length.

Values

1 to 128

Platforms

7705 SAR Gen 2

Context

[Tree] (config>test-oam>twamp>server prefix)

Full Context

configure test-oam twamp server prefix

Description

This command configures an IP address prefix containing one or more TWAMP clients. For a TWAMP client to connect to the TWAMP server (and subsequently conduct tests) it must establish the control connection using an IP address that is part of a configured prefix.

Parameters

ip-prefix/prefix-length

Specifies an IPv4 or IPv6 address prefix.

Values

ipv4-prefix:	a.b.c.d (host bits must be 0)
ipv4-prefix-le:	0 to 32
ipv6-prefix:	x:x:x:x:x:x:x:x (eight 16-bit pieces)
	x:x:x:x:x:x:d.d.d.d
	x:	[0 to FFFF]H
	d:	[0 to 255]D
ipv6-prefix-le:	0 to 128

prefix length

Specifies the prefix length.

Values

0 to128

create

Creates a prefix instance. The create keyword requirement can be enabled or disabled in the environment>create context.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>twamp-light>reflector prefix)

[Tree] (config>router>twamp-light>reflector prefix)

Full Context

configure service vprn twamp-light reflector prefix

configure router twamp-light reflector prefix

Description

This command defines which TWAMP Light packet prefixes the reflector processes.

The no form of this command with the specific prefix removes the accepted source.

Parameters

ip-prefix/prefix-length

Specifies the IPv4 or IPv6 address and length.

Values

ipv4-prefix:	a.b.c.d (host bits must be 0)
ipv4-prefix-le:	0 to 32
ipv6-prefix:	x:x:x:x:x:x:x:x (eight 16-bit pieces)
	x:x:x:x:x:x:d.d.d.d
	x:	[0 to FFFF]H
	d:	[0 to 255]D
ipv6-prefix-le:	0 to 128

create

Creates a prefix instance. The create keyword requirement can be enabled or disabled in the environment>create context.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>qos>match-list>ip-prefix-list prefix)

Full Context

configure qos match-list ip-prefix-list prefix

Description

This command adds an IPv4 address prefix to an existing IPv4 address prefix match list.

To add a set of unique prefixes, execute the command with all unique prefixes. The prefixes are allowed to overlap IPv4 address space.

An IPv4 prefix addition will be blocked, if resource exhaustion is detected anywhere in the system because of QoS Policies that use this IPv4 address prefix list.

The no form of this command deletes the specified prefix from the list.

Parameters

ip-prefix

A valid IPv4 address prefix in dotted decimal notation.

Values

0.0.0.0 to 255.255.255.255 (host bit must be 0)

prefix-length

Length of the entered IP prefix

Values

1 to 32

Platforms

7705 SAR Gen 2

Context

[Tree] (config>qos>match-list>ipv6-prefix-list prefix)

Full Context

configure qos match-list ipv6-prefix-list prefix

Description

This command adds an IPv6 address prefix to an existing IPv6 address prefix match list.

To add set of unique prefixes, execute the command with all unique prefixes. The prefixes are allowed to overlap IPv6 address space.

An IPv6 prefix addition will be blocked if resource exhaustion is detected anywhere in the system because of QoS Policies that use this IPv6 address prefix list.

The no form of this command deletes the specified prefix from the list.

Parameters

ipv6-prefix

Specifies the IPv6 prefix for the IP match criterion in hex digits.

Values

ipv6-address: x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x: [0 to FFFF]H

d: [0 to 255]D

prefix-length

Specifies the IPv6 prefix length for the IPv6 address expressed as a decimal integer.

Values

1 to 128

Platforms

7705 SAR Gen 2

Context

[Tree] (config>filter>match-list>ip-prefix-list prefix)

Full Context

configure filter match-list ip-prefix-list prefix

Description

This command adds an IPv4 address prefix to an existing IPv4 address prefix match list.

The no form of this command deletes the specified prefix from the list.

Operational Notes:

To add set of unique prefixes, execute the command with all unique prefixes. The prefixes are allowed to overlap IPv4 address space.

An IPv4 prefix addition will be blocked, if resource exhaustion is detected anywhere in the system because of filter policies that use this IPv4 address prefix list.

Parameters

ip-prefix

Specifies a valid IPv4 address prefix in dotted decimal notation.

Values

0.0.0.0 to 255.255.255.255 (host bit must be 0)

prefix-length

Specifies the length of the entered IPv4 prefix.

Values

0 to 32

Platforms

7705 SAR Gen 2

Context

[Tree] (config>filter>match-list>ipv6-prefix-list prefix)

Full Context

configure filter match-list ipv6-prefix-list prefix

Description

This command adds an IPv6 address prefix to an existing IPv6 address prefix match list.

The no form of this command deletes the specified prefix from the list.

Operational Notes:

To add set of different prefixes, execute the command with all unique prefixes. The prefixes are allowed to overlap IPv6 address space.

An IPv6 prefix addition will be blocked, if resource exhaustion is detected anywhere in the system because of filter policies that use this IPv6 address prefix list.

Parameters

ipv6-prefix/prefix-length

Specifies an IPv6 address prefix written as hexadecimal numbers separated by colons with host bits set to 0. One string of zeros can be omitted, so 2001:db8::700:0:217A is equivalent to 2001:db8:0:0:0:700:0:217A.

Values

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x: [0..FFFF]H

d: [0..255]D

prefix-length

Specifies the length of the entered IPv6 prefix.

Values

1 to 128

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>router-advert>if prefix)

Full Context

configure router router-advertisement interface prefix

Description

This command configures an IPv6 prefix in the router advertisement messages. To support multiple IPv6 prefixes, use multiple prefix statements. No prefix is advertised until explicitly configured using prefix statements.

Parameters

ipv6-prefix

The IP prefix for prefix list entry in dotted decimal notation.

Values

ipv6-prefix	x:x:x:x:x:x:x:x (eight 16-bit pieces)
	x:x:x:x:x:x:d.d.d.d
	x:	[0 to FFFF]H
	d:	[0 to 255]D
ipv6-prefix-length	0 to 128

prefix-length

Specifies a route must match the most significant bits and have a prefix length.

Values

1 to 128

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>bgp>group>dynamic-neighbor>match prefix)

Full Context

configure router bgp group dynamic-neighbor match prefix

Description

This command configures a prefix to accept dynamic BGP sessions (sessions from source IP addresses not matching any configured neighbor addresses). A dynamic session is associated with the group having the longest match prefix entry for the source IP address of the peer. The group association determines local parameters that apply to the session, including the local AS, the local IP address, the MP-BGP families, the import and export policies, and so on.

The no form of this command removes a prefix entry.

Parameters

ip-prefix/ip-prefix-length

Specifies a prefix from which to accept dynamic BGP sessions.

Values

ipv4-prefix — a.b.c.d (host bits must be 0)

ipv4-prefix-length — 0 to 32

ipv6-prefix — x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x — [0 to FFFF]H

d — [0 to 255]D

ipv6-prefix-length — 0 to 128

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>policy-options>prefix-list prefix)

Full Context

configure router policy-options prefix-list prefix

Description

This command creates a prefix entry in the route policy prefix list.

The no form of this command deletes the prefix entry from the prefix list.

Parameters

ip-prefix/prefix-length

Specifies the IP prefix and length for the prefix list entry in dotted decimal notation.

Values

ipv4-prefix:

• a.b.c.d (host bits must be 0)

ipv4-prefix-length: [0 to 32]

ipv6-prefix:

• x:x:x:x:x:x:x:x (eight 16-bit pieces)

• x:x:x:x:x:x:d.d.d.d

• x: [0 to FFFF]H

• d: [0 to 255]D

ipv6-prefix-length: [0 to 128]

exact

Specifies the prefix list entry only matches the route with the specified ip-prefix and prefix mask (length) values.

longer

Specifies the prefix list entry matches any route that matches the specified ip-prefix and prefix mask length values equal to or greater than the specified mask.

through length

Specifies the prefix list entry matches any route that matches the specified ip-prefix and has a prefix length between the specified length values inclusive.

Values

0 to 32

prefix-length-range length1 - length2

Specifies a route must match the most significant bits and have a prefix length with the given range. The range is inclusive of start and end values.

Values

0 to 32, length2 > length1

to ip-prefix/prefix-length

Specifies a second IP prefix and length used in route policy prefix lists. A route matches prefix1 to prefix2 if it matches prefix1 and prefix2 according to their respective prefix lengths and if the route’s own prefix length is between the prefix lengths of prefix1 and prefix2. It could take many individual 'exact’ match prefix entries to reproduce the same logic.

mask-pattern

Specifies the address mask to use for matching entries to this prefix entry. A route matches a prefix and address mask combination if the bitwise logical AND of this prefix and the mask equals the bitwise logical AND of the route’s address and the same mask and, additionally, the prefix length of the route matches the prefix length of the prefix entry.

Values

ipv4-address:

• a.b.c.d

ipv6-address:

• x:x:x:x:x:x:x:x (eight 16-bit pieces)

• x:x:x:x:x:x:d.d.d.d

• x: [0 to FFFF]H

• d: [0 to 255]D

Platforms

7705 SAR Gen 2

Context

[Tree] (config>oam-pm>session>ip>tunnel>mpls>sr-ospf prefix)

[Tree] (config>oam-pm>session>ip>tunnel>mpls>sr-isis prefix)

Full Context

configure oam-pm session ip tunnel mpls sr-ospf prefix

configure oam-pm session ip tunnel mpls sr-isis prefix

Description

This command configures the IP prefix used with the IGP instance to tunnel IP packets for the session tests.

The no form of this command deletes the prefix from the configuration.

Default

no prefix

Parameters

ip-prefix/prefix-length

Specifies an IPv4 or IPv6 address prefix.

Values

ipv4-prefix:	a.b.c.d (host bits must be 0)
ipv4-prefix-le:	0 to 32
ipv6-prefix:	x:x:x:x:x:x:x:x (eight 16-bit pieces)
	x:x:x:x:x:x:d.d.d.d
	x:	[0 to FFFF]H
	d:	[0 to 255]D
ipv6-prefix-le:	0 to 128

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>isis prefix-attributes-tlv)

Full Context

configure service vprn isis prefix-attributes-tlv

Description

This command enables IS-IS Prefix Attributes TLV support to exchange extended IPv4 and IPv6 reachability information. Extended reachability information is required for traffic engineering features using path computation element (PCE) or optimal route reflection.

The no form of this command removes the prefix-attributes-tlv configuration.

Default

no prefix-attributes-tlv

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>isis prefix-attributes-tlv)

Full Context

configure router isis prefix-attributes-tlv

Description

This command enables IS-IS Prefix Attributes TLV support to exchange extended IPv4 and IPv6 reachability information. Extended reachability information is required for traffic engineering features using path computation element (PCE) or optimal route reflection.

The no form of this command removes the prefix-attributes-tlv configuration.

Default

no prefix-attributes-tlv

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>ldp>aggregate-prefix-match prefix-exclude)

Full Context

configure router ldp aggregate-prefix-match prefix-exclude

Description

This command specifies the policy name containing the prefixes to be excluded from the aggregate prefix match procedures. In this case, LDP will perform an exact match of a specific FEC element prefix as opposed to a longest match of one or more LDP FEC element prefixes, against this prefix when it receives a FEC-label binding or when a change to this prefix occurs in the routing table.

The no form of this command removes all policies from the configuration.

Default

no prefix-exclude

Parameters

policy-name

Specifies the route policy name, up to five. Allowed values are any string up to 32 characters long composed of printable, 7-bit ASCII characters. If the string contains special characters (#, ?, space), the entire string must be enclosed within double quotes.

The specified name(s) must already be defined.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>filter>match-list>ip-pfx-list prefix-exclude)

Full Context

configure filter match-list ip-prefix-list prefix-exclude

Description

This command excludes IPv4 prefix(es) from an ip-prefix-list. The prefix-exclude command is mutually exclusive with apply-path.

The no form of this command deletes the specified excluded prefixes from the ip-prefix-list.

Parameters

ip-prefix

Specifies a valid IPv4 address prefix in dotted decimal notation.

Values

0.0.0.0 to 255.255.255.255 (host bit must be 0)

prefix-length

Specifies the length of the entered IPv4 prefix.

Values

0 to 32

Platforms

7705 SAR Gen 2

Context

[Tree] (config>filter>match-list>ipv6-pfx-list prefix-exclude)

Full Context

configure filter match-list ipv6-prefix-list prefix-exclude

Description

This command excludes IPv6 prefix(es) from an ipv6-prefix-list.The prefix-exclude command is mutually exclusive with apply-path.

The no form of this command deletes the specified excluded prefixes from the ipv6-prefix-list.

Parameters

ipv6-prefix/prefix-length

Specifies an IPv6 address prefix written as hexadecimal numbers separated by colons with host bits set to 0. One string of zeros can be omitted, so 2001:db8::700:0:217A is equivalent to 2001:db8:0:0:0:700:0:217A.

Values

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x: [0..FFFF]H

d: [0..255]D

prefix-length

Specifies the length of the entered IPv6 prefix.

Values

1 to 128

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>ldp>if-params>if>ipv6>fec-type-capability prefix-ipv4)

[Tree] (config>router>ldp>if-params>if>ipv4>fec-type-capability prefix-ipv4)

[Tree] (config>router>ldp>session-params>peer>fec-type-capability prefix-ipv4)

Full Context

configure router ldp interface-parameters interface ipv6 fec-type-capability prefix-ipv4

configure router ldp interface-parameters interface ipv4 fec-type-capability prefix-ipv4

configure router ldp session-parameters peer fec-type-capability prefix-ipv4

Description

This command enables or disables IPv4 prefix FEC capability on the session or interface.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>ldp>if-params>if>ipv6>fec-type-capability prefix-ipv6)

[Tree] (config>router>ldp>if-params>if>ipv4>fec-type-capability prefix-ipv6)

[Tree] (config>router>ldp>session-params>peer>fec-type-capability prefix-ipv6)

Full Context

configure router ldp interface-parameters interface ipv6 fec-type-capability prefix-ipv6

configure router ldp interface-parameters interface ipv4 fec-type-capability prefix-ipv6

configure router ldp session-parameters peer fec-type-capability prefix-ipv6

Description

This command enables or disables IPv6 prefix FEC capability on the session or interface.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>bgp>group>neighbor prefix-limit)

[Tree] (config>service>vprn>bgp>group prefix-limit)

Full Context

configure service vprn bgp group neighbor prefix-limit

configure service vprn bgp group prefix-limit

Description

This command configures the maximum number of BGP routes received from a peer before administrative action is taken. The administrative action can include generating a log or taking the session down. If a session is taken down, configure the idle-timeout parameter to bring it back up automatically after a specific duration. Alternatively, it can be configured to stay down indefinitely, until the user performs a reset.

No prefix limits for any address family are configured by default.

This command allows the user to apply a separate limit to each address family. A set of address family limits can be applied to one neighbor or to all neighbors in a group.

The no form of this command removes the prefix-limit.

Parameters

threshold percentage

Specifies the threshold value (as a percentage) that triggers a warning message to be sent.

Values

1 to 100

family

Specifies the address family to which the limit applies.

Values

ipv4, label-ipv4, ipv6, mcast-ipv4, flow-ipv4, flow-ipv6, mcast-ipv6

limit

Specifies the number of routes that can be learned from a peer expressed as a decimal integer.

Values

1 to 4294967295

idle-timeout minutes

Specifies the duration in minutes before automatically re-establishing a session.

Values

1 to 1024

idle-timeout forever

Specifies that the session is re-established only after the clear router bgp command is executed.

log-only

Enables the warning message to be sent at the specified threshold percentage, and also when the limit is reached. However, the BGP session is not taken down.

post-import

Specifies that the limit should be applied only to the number of routes that are accepted by import policies.

hold-excess percentage

Specifies the percentage of maximum routes that are allowed to be installed in the route table. If a peer within scope of the configuration exceeds the limit, the overflow routes are held in the BGP RIB as inactive routes and are ineligible for forwarding or advertisement to other peers. If the post-import parameter is configured, only routes not rejected by import policies count toward the limit. A BGP route in the overflow state is reconsidered for activation and reinstallation when an UPDATE message is received for the route. This parameter is mutually exclusive with the idle-timeout and log-only parameters.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>isis prefix-limit)

Full Context

configure service vprn isis prefix-limit

Description

This command configures the maximum number of prefixes that IS-IS can learn, and use to protect the system from a router that has accidentally advertised a large number of prefixes. If the number of prefixes reaches the configured percentage of this limit, an SNMP trap is sent. If the limit is exceeded, IS-IS will go into overload.

The overload-timeout option controls the length of time that IS-IS is in the overload state when the prefix limit is reached. The system automatically attempts to restart IS-IS at the end of this duration. If the overload-timeout forever option is used, IS-IS is not restarted automatically and stays in overload until the condition is manually cleared by the administrator. This is also the default behavior when the overload-timeout option is not configured.

The no form of this command removes the prefix-limit.

Default

prefix-limit overload-timeout forever

Parameters

limit

Specifies the number of prefixes that can be learned, expressed as a decimal integer.

Values

1 to 4294967296

log-only

Enables a warning message to be sent at the specified threshold percentage and also when the limit is exceeded. However, overload is not set when this parameter is configured.

percent

Specifies the threshold value (as a percentage) that triggers a warning message to be sent.

Values

0 to 100

overload-timeout

Keyword used to control the length of time that IS-IS is in the overload state when the prefix limit is reached.

seconds

Specifies the time in minutes before IS-IS is restarted.

Values

1 to 1800

forever

Specifies that IS-IS should be restarted only after the execution of the clear router isis overload prefix-limit command.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>bgp>group prefix-limit)

[Tree] (config>router>bgp>group>neighbor prefix-limit)

Full Context

configure router bgp group prefix-limit

configure router bgp group neighbor prefix-limit

Description

This command configures the maximum number of BGP routes received from a peer before administrative action is taken. The administrative action can include generating a log or taking the session down. If a session is taken down, configure the idle-timeout parameter to bring it back up automatically after a specific duration. Alternatively, it can be configured to stay down indefinitely, until the user performs a reset.

No prefix limits for any address family are configured by default.

This command allows the user to apply a separate limit to each address family. A set of address family limits can be applied to one neighbor or to all neighbors in a group.

The no form of this command removes the prefix-limit.

Parameters

log-only

Enables the warning message to be sent at the specified threshold percentage, and also when the limit is reached. However, the BGP session is not taken down.

threshold percentage

Specifies the threshold value (as a percentage) that triggers a warning message to be sent.

Values

1 to 100

family

Specifies the address family to which the limit applies.

Values

ipv4, label-ipv4, vpn-ipv4, ipv6, label-ipv6, vpn-ipv6, mcast-ipv4, l2-vpn, mvpn-ipv4, mdt-safi, ms-pw, flow-ipv4, route-target, mcast-vpn-ipv4, mvpn-ipv6, flow-ipv6, evpn, mcast-ipv6, bgp-ls, sr-policy-ipv4, sr-policy-ipv6, mcast-vpn-ipv6, flow-vpn-ipv4, flow-vpn-ipv6

limit

Specifies the number of routes that can be learned from a peer expressed as a decimal integer.

Values

1 to 4294967295

idle-timeout minutes

Specifies the duration in minutes before automatically re-establishing a session.

Values

1 to 1024

idle-timeout forever

Specifies that the session is re-established only after the clear router bgp command is executed.

post-import

Specifies that the limit applies only to the number of routes that are accepted by import policies.

hold-excess percentage

Specifies the percentage of maximum routes that are allowed to be installed in the route table. If a peer within scope of the configuration exceeds the limit, the overflow routes are held in the BGP RIB as inactive routes and are ineligible for forwarding or advertisement to other peers. If the post-import parameter is configured, only routes not rejected by import policies count toward the limit. A BGP route in the overflow state is reconsidered for activation and reinstallation when an UPDATE message is received for the route. This parameter is mutually exclusive with the idle-timeout and log-only parameters.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>isis prefix-limit)

Full Context

configure router isis prefix-limit

Description

This command configures the maximum number of prefixes that IS-IS can learn, and use to protect the system from a router that has accidentally advertised a large number of prefixes. If the number of prefixes reaches the configured percentage of this limit, an SNMP trap is sent. If the limit is exceeded, IS-IS will go into overload.

The overload-timeout option controls the length of time that IS-IS is in the overload state when the prefix-limit is reached. The system automatically attempts to restart IS-IS at the end of this duration. If the overload-timeout forever option is used, IS-IS is not restarted automatically and stays in overload until the condition is manually cleared by the administrator. This is also the default behavior when the overload-timeout option is not configured.

The no form of this command removes the prefix-limit.

Default

no prefix-limit

Parameters

log-only

Enables a warning message to be sent at the specified threshold percentage and also when the limit is exceeded. However, overload is not set when this parameter is configured.

limit

Specifies the number of prefixes that can be learned expressed as a decimal integer.

Values

1 to 4294967296

percent

Specifies the threshold value (as a percentage) that triggers a warning message to be sent.

Values

0 to 100

seconds

Specifies the time in minutes before IS-IS is restarted.

Values

1 to 1800

forever

Specifies that IS-IS should be restarted only after the execution of the clear router isis overload prefix-limit command.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>static-route-entry>indirect prefix-list)

[Tree] (config>service>vprn>static-route-entry>black-hole prefix-list)

[Tree] (config>service>vprn>static-route-entry>next-hop prefix-list)

Full Context

configure service vprn static-route-entry indirect prefix-list

configure service vprn static-route-entry black-hole prefix-list

configure service vprn static-route-entry next-hop prefix-list

Description

This command associates a constraint to the associated static route such that the static route is only active if any, none, or all of the routes in the prefix list are present and active in the route table.

If the conditional static route is configured in a VPRN and the router-instance-name is configured as “Base”, the activation of the static route is dependent on the existence of routes in the Base router; the prefix-list and flag are evaluated in this context.

No router instance is specified by default, and the conditional static route is dependent on the existence of routes in the same router instance as the static route itself, subject to the details of the prefix list and the flag setting.

Entries in a referenced prefix list that are not match type ‘exact’ are interpreted as though they are ‘exact’.

The no form of this command disables these constraints on the static route.

Default

no prefix-list

Parameters

prefix-list-name

Specifies the name of a currently configured prefix list.

all

Specifies that the static route condition is met if all prefixes in the prefix list are present in the active static route.

none

Specifies that the static route condition is met if none of the prefixes in the named prefix-list are present in the active static route.

any

Specifies that the static route condition is met if any prefixes in the prefix list are present in the active static route.

router-instance-name

Specifies the name of the router instance. Must be "Base".

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>static-route-entry>black-hole prefix-list)

[Tree] (config>router>static-route-entry>next-hop prefix-list)

[Tree] (config>router>static-route-entry>indirect prefix-list)

Full Context

configure router static-route-entry black-hole prefix-list

configure router static-route-entry next-hop prefix-list

configure router static-route-entry indirect prefix-list

Description

This command associates a new constraint to the associated static route such that the static route is only active if none or all of the routes in the prefix list are present and active in the route-table.

Default

no prefix-list

Parameters

prefix-list-name

Specifies the name of a currently configured prefix-list.

all

Specifies that the static route condition is met if all prefixes in the prefix-list must be present in the active route-table.

none

Specifies that the static route condition is met if none of the prefixes in the named prefix-list can be present in the active route-table.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>policy-options prefix-list)

Full Context

configure router policy-options prefix-list

Description

This command creates a context to configure a prefix list to use in route policy entries.

The no form of this command deletes the named prefix list.

Parameters

name

Specifies the prefix list name. Allowed values are any string up to 64 characters long composed of printable, 7-bit ASCII characters. If the string contains special characters (#, ?, space), the entire string must be enclosed within double quotes. Policy parameters must be enclosed by at-signs (@) and may be midstring; for example, "@variable@," "start@variable@end"," @variable@end", or "start@variable@".

An empty prefix list can be configured for pre-provisioning. This empty prefix list will not find a match when referred to by a policy. When removing member prefixes from a prefix list, the prefix list will not be automatically removed when the last member is removed. If required, an empty prefix list must be explicitly removed using the no form of this command.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>policy-options>policy-statement>entry>to prefix-list)

[Tree] (config>router>policy-options>policy-statement>entry>from prefix-list)

Full Context

configure router policy-options policy-statement entry to prefix-list

configure router policy-options policy-statement entry from prefix-list

Description

This command configures a prefix list as a match criterion for a route policy statement entry.

If no prefix list is specified, any network prefix is considered a match.

An empty prefix list will evaluate as if 'no match' was found.

The prefix lists specify the network prefix (this includes the prefix and length) a specific policy entry applies.

A maximum of 28 prefix names can be specified.

The no form of this command removes the prefix list match criterion.

Default

no prefix-list

Parameters

name

Specifies the prefix list name. Allowed values are any string up to 64 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, ?, space), the entire string must be enclosed within double quotes. Policy parameters must be enclosed by at-signs (@) and may be midstring; for example, "@variable@," "start@variable@end"," @variable@end", or "start@variable@".

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>policy-options>policy-statement>entry>from prefix-list-override)

Full Context

configure router policy-options policy-statement entry from prefix-list-override

Description

This command converts a prefix list to a specific match type. The routing policy uses the converted list as a match condition.

The prefix list to be converted can be specified by its name, as an expression containing the name of a global variable that holds the name of the prefix list, or as an expression containing the name of a subroutine variable that holds the name of the prefix list.

Parameters

name

Specifies the prefix list to be converted, up to 64 characters.

exact

Keyword to convert all entries in the specified prefix list to the exact match type.

longer

Keyword to convert all entries in the specified prefix list to the longer match type.

length1-length2

Specifies the start and end length of the prefix range.

Values

0 to 128

Note: length2 (end length) must be equal to or greater than length1 (start length).

length

Specifies the through length of the prefix.

Values

0 to 128

Note: Configure the through length of the prefix to a value higher than the prefix length configured in the configure router policy-options prefix-list prefix command.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>nat>inside>deterministic prefix-map)

[Tree] (config>router>nat>inside>deterministic prefix-map)

Full Context

configure service vprn nat inside deterministic prefix-map

configure router nat inside deterministic prefix-map

Description

This command is applicable to deterministic NAT and static 1:1 NAT. It is used to configure source IP prefixes on the inside and their association with outside deterministic NAT pools via the NAT policy. Hosts within the source IP prefix are deterministically mapped to outside IP addresses and port ranges in the associated deterministic NAT pool.

Multiple source IP prefixes within an inside routing instance can be defined and they can reference different NAT policies (and therefore, outside deterministic NAT pools and routing instances). Source IP prefixes from multiple routing instances can share the same deterministic NAT pool.

With this command, multiple NAT policies based on a destination prefix or filter criteria can be used together with deterministic NAT.

Non-deterministic NAT can be used simultaneously with deterministic NAT within the same inside routing instance. However, they cannot share the same NAT pool.

Source IP prefixes can be added or removed as long as the associated deterministic NAT pool is in a no shutdown mode.

Removing a prefix or modifying the map statement under it requires that the source IP prefix be in a shutdown mode.

Parameters

ip-prefix/length

Specifies source IP prefix on the inside whose hosts is deterministically mapped to an outside IP address and port block in the corresponding deterministic NAT pool.

Values

<ip-prefix/ip-pref*>	<ipv4-prefix>/<ipv4-prefix-length>
	<ipv6-prefix>/<ipv6-prefix-length>
<ipv4-prefix>	a.b.c.d (host bits must be 0)
<ipv4-prefix-length>	0 to 32
<ipv6-prefix>	x:x:x:x:x:x:x:x (eight 16-bit pieces)
	x:x:x:x:x:x:d.d.d.d
	x - [0 to FFFF]H
	d - [0 to 255]D
<ipv6-prefix-length>	0 to 128

nat-sub-type

Specifies the subscriber type.

Values

classic-lsn-sub: LSN44 subscriber

dslit-lsn-sub: DT-lite subscriber

nat-policy-name

Specifies a NAT policy, up to 32 characters, that points to an outside pool and outside routing instance.

create

Keyword used to create the particular prefix instance.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>isis>loopfree-alternates>exclude prefix-policy)

Full Context

configure service vprn isis loopfree-alternates exclude prefix-policy

Description

This command specifies the name of the policy for the prefixes to exclude from the LFA SPF calculation in this ISIS instance.

The no form of this command deletes the exclude prefix policy.

Default

no prefix-policy

Parameters

prefix-policy prefix-policy

Specifies the name of the prefix policy, up to 32 characters. Up to five prefix policies can be specified. The specified name must have been already defined.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>ospf3>loopfree-alternates>exclude prefix-policy)

[Tree] (config>service>vprn>ospf>loopfree-alternates>exclude prefix-policy)

Full Context

configure service vprn ospf3 loopfree-alternates exclude prefix-policy

configure service vprn ospf loopfree-alternates exclude prefix-policy

Description

This command specifies the name of the policy for the prefixes to exclude from the LFA SPF calculation in this OSPF or OSPF3 instance.

The no form of this command deletes the exclude prefix policy.

Default

no prefix-policy

Parameters

prefix-policy prefix-policy

Specifies the name of the prefix policy, up to 32 characters. Up to five prefix policies can be specified. The specified name must have been already defined.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>isis>loopfree-alternates>exclude prefix-policy)

Full Context

configure router isis loopfree-alternates exclude prefix-policy

Description

This command excludes from LFA SPF calculation prefixes that match a prefix entry or a tag entry in a prefix policy.

The implementation already allows the user to exclude an interface in IS-IS or OSPF, an OSPF area, or an IS-IS level from the LFA SPF.

If a prefix is excluded from LFA, then it will not be included in LFA calculation regardless of its priority. The prefix tag will, however, be used in the main SPF.

This command specifies the name of the policy for the prefixes to exclude from the LFA SPF calculation in this IS-IS instance.

The default action, when not explicitly specified by the user in the prefix policy, is a "reject". Thus, regardless if the user did or did not explicitly add the statement "default-action reject" to the prefix policy, a prefix that did not match any entry in the policy will be accepted into LFA SPF.

The no form of this command deletes the exclude prefix policy.

Default

no prefix-policy

Parameters

prefix-policy prefix-policy

Specifies the name of the prefix policy, up to 32 characters. Up to five prefix policies can be specified. The specified name must have been already defined.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>ospf>loopfree-alternates>exclude prefix-policy)

[Tree] (config>router>ospf3>loopfree-alternates>exclude prefix-policy)

Full Context

configure router ospf loopfree-alternates exclude prefix-policy

configure router ospf3 loopfree-alternates exclude prefix-policy

Description

This command excludes from LFA SPF calculation prefixes that match a prefix entry or a tag entry in a prefix policy.

The implementation already allows the user to exclude an interface in IS-IS or OSPF, an OSPF area, or an IS-IS level from the LFA SPF.

If a prefix is excluded from LFA, then it will not be included in LFA calculation regardless of its priority. The prefix tag will, however, be used in the main SPF.

This command specifies the name of the policy for the prefixes to exclude from the LFA SPF calculation in this OSPF or OSPF3 instance.

The default action, when not explicitly specified by the user in the prefix policy, is a "reject”. Thus, regardless if the user did or did not explicitly add the statement "default-action reject” to the prefix policy, a prefix that did not match any entry in the policy will be accepted into LFA SPF.

The no form of this command deletes the exclude prefix policy.

Default

no prefix-policy

Parameters

prefix-policy

Specifies the name of the prefix policy, up to 32 characters. Up to five prefix policies can be specified. The specified name must have been already defined.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>bgp>segment-routing prefix-sid-range)

Full Context

configure router bgp segment-routing prefix-sid-range

Description

This command configures the label block that BGP segment routing is allowed to use.

The start-label and max-index parameters specify that BGP should be restricted to a subrange of the SRGB, with the subrange starting at start-label and ending at max-index.

It is not possible to enable segment routing (perform a no shutdown) unless the prefix-sid-range is configured using the global keyword or using the start-label and max-index parameters.

The no form of the command allocates no labels for BGP segment-routing.

Default

no prefix-sid-range

Parameters

global

Specifies that BGP is allowed to allocate labels from the entire space of the SRGB, as defined under config>router>mpls-labels>sr-labels.

start-label

Specifies the first label value that is available to BGP in a contiguous range of labels.

Values

0 to 524287

max-index

Specifies the last label value that is available to BGP in a contiguous range of labels.

Values

1 to 524287

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>isis>segment-routing prefix-sid-range)

Full Context

configure router isis segment-routing prefix-sid-range

Description

This command configures the prefix SID index range and offset label value for a given IGP instance.

The key parameter is the configuration of the prefix SID index range and the offset label value which this IGP instance will use. Since each prefix SID represents a network global IP address, the SID index for a prefix must be network-wide unique. Thus, all routers in the network are expected to configure and advertise the same prefix SID index range for a given IGP instance. However, the label value used by each router to represent this prefix; that is, the label programmed in the ILM can be local to that router by the use of an offset label, referred to as a start label:

Local Label (Prefix SID) = start-label + {SID index}

The label operation in the network becomes thus very similar to LDP when operating in the independent label distribution mode (RFC 5036, LDP Specification) with the difference that the label value used to forward a packet to each downstream router is computed by the upstream router based on advertised prefix SID index using the above formula.

There are two mutually exclusive modes of operation for the prefix SID range on the router. In the global mode of operation, the user configures the global value and this IGP instance will assume the start label value is the lowest label value in the SRGB and the prefix SID index range size equal to the range size of the SRGB. Once one IGP instance selected the global option for the prefix SID range, all IGP instances on the system will be restricted to do the same. The user must shutdown the segment routing context and delete the prefix-sid-range command in all IGP instances in order to change the SRGB. Once the SRGB is changed, the user must re-enter the prefix-sid-range command again. The SRGB range change will be failed if an already allocated SID index/label goes out of range.

In the per-instance mode of operation, the user partitions the SRGB into non-overlapping sub-ranges among the IGP instances. The user thus configures a subset of the SRGB by specifying the start label value and the prefix SID index range size. All resulting net label values (start-label + index} must be within the SRGB or the configuration will be failed. Furthermore, the code checks for overlaps of the resulting net label value range across IGP instances and will strictly enforce that these ranges do not overlap. The user must shutdown the segment routing context of an IGP instance in order to change the SID index/label range of that IGP instance using the prefix-sid-range command. In addition, any range change will be failed if an already allocated SID index/label goes out of range. The user can however change the SRGB on the fly as long as it does not reduce the current per IGP instance SID index/label range defined with the prefix-sid-range. Otherwise, the user must shutdown the segment routing context of the IGP instance and delete and re-configure the prefix-sid-range command.

Default

no prefix-sid-range

Parameters

label-value

Specifies the label offset for the SR label range of this IGP instance.

Values

0 to 524287

index-value

Specifies the maximum value of the prefix SID index range for this IGP instance.

Values

1 to 524287

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>ospf>segm-rtng prefix-sid-range)

Full Context

configure router ospf segment-routing prefix-sid-range

Description

This command configures the prefix SID index range and offset label value for an IGP instance.

The key parameter is the configuration of the prefix SID index range and the offset label value that this IGP instance will use. Because each prefix SID represents a network global IP address, the SID index for a prefix must be unique network-wide. Therefore, all routers in the network are expected to configure and advertise the same prefix SID index range for an IGP instance. However, the label value used by each router to represent this prefix, that is, the label programmed in the ILM, can be local to that router by the use of an offset label, referred to as a start label:

Local Label (Prefix SID) = start-label + {SID index}

The label operation in the network is very similar to LDP when operating in independent label distribution mode (RFC 5036, LDP Specification), with the difference being that the label value used to forward a packet to each downstream router is computed by the upstream router based on the advertised prefix SID index using the above formula.

There are two mutually exclusive modes of operation for the prefix SID range on the router. In the global mode of operation, the user configures the global value and this IGP instance will assume the start label value is the lowest label value in the SRGB and the prefix SID index range size equal to the range size of the SRGB. After one IGP instance selected the global option for the prefix SID range, all IGP instances on the system will be restricted to do the same. The user must shutdown the segment routing context and delete the prefix-sid-range command in all IGP instances in order to change the SRGB. After the SRGB is changed, the user must re-enter the prefix-sid-range command again. The SRGB range change will be failed if an already allocated SID index/label goes out of range.

In per-instance mode, the user partitions the SRGB into non-overlapping sub-ranges among the IGP instances. The user configures a subset of the SRGB by specifying the start label value and the prefix SID index range size. All resulting net label values (start-label + index) must be within the SRGB or the configuration will fail. The 7705 SAR Gen 2 checks for overlaps of the resulting net label value range across IGP instances and will strictly enforce no overlapping of these ranges. The user must shut down the segment routing context of an IGP instance in order to change the SID index/label range of that IGP instance using the prefix-sid-range command. A range change will fail if an already allocated SID index/label goes out of range. The user can change the SRGB without shutting down the segment routing context as long as it does not reduce the current per-IGP instance SID index/label range defined with the prefix-sid-range command. Otherwise, shut down the segment routing context of the IGP instance, and disable and re-enable the prefix-sid-range command.

Default

no prefix-sid-range

Parameters

label-value

Specifies the label offset for the SR label range of this IGP instance.

Values

0 to 524287

index-value

Specifies the maximum value of the prefix SID index range for this IGP.

Values

1 to 524287

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>segment-routing>sr-mpls prefix-sids)

Full Context

configure router segment-routing sr-mpls prefix-sids

Description

This command configures the prefix SIDs for an interface.

The no form of this command removes the prefix SIDs list instance.

Default

no prefix-sids

Parameters

ip-int-name

Specifies the loopback or system interface name that owns the prefix to be advertised, up to 32 characters.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>isis prefix-unreachable)

Full Context

configure router isis prefix-unreachable

Description

Commands in this context configure the prefix-unreachable context.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>security>ssh preserve-key)

Full Context

configure system security ssh preserve-key

Description

After enabling this command, private keys, public keys, and host key file are saved by the server. It is restored following a system reboot or the ssh server restart.

The no form of this command specifies that the keys are held in memory by an SSH server and is not restored following a system reboot.

Default

no preserve-key

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>mpls>lsp primary)

Full Context

configure router mpls lsp primary

Description

This command specifies a preferred path for the LSP. This command is optional only if the secondary path-name is included in the LSP definition. Only one primary path can be defined for an LSP.

Some of the attributes of the LSP such as the bandwidth, and hop-limit can be optionally specified as the attributes of the primary path. The attributes specified in the primary path path-name command, override the LSP attributes.

The no form of this command deletes the association of this path-name from the LSP lsp-name. All configurations specific to this primary path, such as record, bandwidth, and hop limit, are deleted. The primary path must be shutdown first in order to delete it. The no primary command will not result in any action except a warning message on the console indicating that the primary path is administratively up.

Parameters

path-name

Specifies the case-sensitive alphanumeric name label for the LSP path up to 64 characters in length.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>isa>tunnel-grp primary)

Full Context

configure isa tunnel-group primary

Description

This command assigns an ISA IPsec module configured in the specified slot to this IPsec group. The backup ISA IPsec provides the IPsec group with warm redundancy when the primary ISA IPsec in the group is configured. Primary and backup ISA IPsec have equal operational status and when both MDAs are coming up, the one that becomes operational first becomes the active ISA IPsec.

All configuration information is pushed down to the backup MDA from the CPM once the CPM gets notice that the primary module has gone down. This allows multiple IPsec groups to use the same backup module. Any statistics not yet spooled will be lost. Auto-switching from the backup to primary, once the primary becomes available again, is supported.

The operator is notified through SNMP events when:

• When the ISA IPsec service goes down (all modules in the group are down) or comes back up (a module in the group becomes active).

• When ISA IPsec redundancy fails (one of the modules in the group is down) or recovers (the failed module comes back up).

• When an ISA IPsec activity switch took place.

The no form of this command removes the specified primary ID from the group’s configuration.

Default

no primary

Parameters

mda-id

Specifies the card/slot identifying a provisioned IPsec ISA.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>if>ipsec>ipsec-tun>dyn>cert>status-verify primary)

[Tree] (config>ipsec>trans-mode-prof>dyn>cert>status-verify primary)

[Tree] (config>service>vprn>if>sap>ipsec-tun>dyn>cert>status-verify primary)

[Tree] (config>service>vprn>if>ipsec>ipsec-tunnel>dyn>cert>status-verify primary)

[Tree] (config>service>ies>if>ipsec>ipsec-tunnel>dyn>cert>status-verify primary)

[Tree] (config>service>vprn>if>sap>ipsec-gw>cert>status-verify primary)

[Tree] (config>service>ies>if>sap>ipsec-gw>cert>status-verify primary)

Full Context

configure router interface ipsec ipsec-tunnel dynamic-keying cert status-verify primary

configure ipsec ipsec-transport-mode-profile dynamic-keying cert status-verify primary

configure service vprn interface sap ipsec-tunnel dynamic-keying cert status-verify primary

configure service vprn interface ipsec ipsec-tunnel dynamic-keying cert status-verify primary

configure service ies interface ipsec ipsec-tunnel dynamic-keying cert status-verify primary

configure service vprn interface sap ipsec-gw cert status-verify primary

configure service ies interface sap ipsec-gw cert status-verify primary

Description

This command specifies the primary and secondary CVS methods used to verify the revocation status of the peer’s certificate.

OCSP or CRL uses the corresponding configuration in the CA profile of the issuer of the certificate in question.

Default

primary crl

Parameters

primary

Specifies the primary CSV method used to verify the revocation status of the peer’s certificate.

Values

ocsp — Specifies that the OCSP protocol should be used. The OCSP server is configured in the corresponding CA profile.

crl — Specifies that the local CRL file should be used. The CRL file is configured in the corresponding CA profile.

Default

crl

secondary

Specifies the secondary CSV method used to verify the revocation status of the peer’s certificate.

Values

ocsp — Specifies that the OCSP protocol should be used. The OCSP server is configured in the corresponding CA profile.

crl — Specifies that the local CRL file should be used. The CRL file is configured in the corresponding CA profile.

none — Specifies that no secondary method of CSV is used.

Default

none

Platforms

7705 SAR Gen 2

Context

[Tree] (bof primary-config)

Full Context

bof primary-config

Description

This command specifies the name and location of the primary configuration file.

The system attempts to use the configuration specified in primary-config. If the specified file cannot be located, the system automatically attempts to obtain the configuration from the location specified in secondary-config and then the tertiary-config.

If an error in the configuration file is encountered, the boot process aborts.

The no form of this command removes the primary-config configuration.

Parameters

file-url

Specifies the primary configuration file location, expressed as a file URL.

Values

file-url	{local-url | remote-url} (up to 180 characters)
local-url	[cflash-id/][file-path]
remote-url	[{ftp://| tftp://} login:pswd@remote-locn/][file-path]
cflash-id	cf1:, cf1-A:, cf1-B:, cf2:, cf2-A:, cf2-B:, cf3:, cf3-A:, cf3-B:

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>dns primary-dns)

Full Context

configure service vprn dns primary-dns

Description

This command configures the primary DNS server used for DNS name resolution. DNS name resolution can be used when executing ping, traceroute, and service-ping, and also when defining file URLs. DNS name resolution is not supported when DNS names are embedded in configuration files.

The no form of this command removes the primary DNS server from the configuration.

Default

no primary-dns — No primary DNS server is configured.

Parameters

ip-address

The IP or IPv6 address of the primary DNS server.

Values

ipv4-address -a.b.c.d
ipv6-address:	x:x:x:x:x:x:x:x[-interface]
	x:x:x:x:x:x:d.d.d.d[-interface]
	x: [0..FFFF]H
	d: [0..255]D
	interface - 32 characters max, for link local addresses.

Platforms

7705 SAR Gen 2

Context

[Tree] (bof primary-dns)

Full Context

bof primary-dns

Description

This command configures the primary DNS server used for DNS name resolution. DNS name resolution can be used when executing ping, traceroute, and service-ping, and also when defining file URLs. DNS name resolution is not supported when DNS names are embedded in configuration files.

The no form of this command removes the primary DNS server from the configuration.

Default

no primary-dns

Parameters

ip-address

Specifies the IP or IPv6 address of the primary DNS server.

Values

ipv4-address	a.b.c.d
ipv6-address	x:x:x:x:x:x:x:x[-interface]
	x:x:x:x:x:x:d.d.d.d[-interface]
	x: [0 to FFFF]H
	d: [0 to 255]D
interface	32 chars max, for link local addresses

Platforms

7705 SAR Gen 2

Context

[Tree] (bof primary-image)

Full Context

bof primary-image

Description

This command specifies the primary directory location for runtime image file loading.

The system attempts to load all runtime image files configured in the primary-image first. If this fails, the system attempts to load the runtime images from the location configured in the secondary-image. If the secondary image load fails, the tertiary image specified in tertiary-image is used.

All runtime image files (*.tim files) must be located in the same directory.

The no form of this command removes the primary-image configuration.

Parameters

file-url

Specifies the file-url can be either local (this CPM) or a remote FTP server.

Values

file-url	{local-url | remote-url} (up to 180 characters)
local-url	[cflash-id/][file-path]
remote-url	[{ftp://| tftp://} login:pswd@remote-locn/][file-path]
cflash-id	cf1:, cf1-A:, cf1-B:, cf2:, cf2-A:, cf2-B:, cf3:, cf3-A:, cf3-B:

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>bgp>orr>location primary-ip-address)

Full Context

configure router bgp optimal-route-reflection location primary-ip-address

Description

This command specifies the primary IP address of a reference location used for BGP optimal route reflection. Up to three IPv4 addresses and three IPv6 addresses can be specified per location.

If the TE DB is unable find a node in its topology database that matches a primary address of the location, then it tries to find a node matching a secondary address. If this attempt also fails, the TE DB tries to find a node matching a tertiary address.

The IP addresses specified for a location should be topologically "close” to a set of clients that should all receive the same optimal path for that location.

The no form of this command removes the primary IP address information.

Default

no primary-ip-address

Parameters

ipv4-address

Specifies the primary IPv4 address of a location expressed in dotted decimal notation.

Values

a.b.c.d

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>bgp>orr>location primary-ipv6-address)

Full Context

configure router bgp optimal-route-reflection location primary-ipv6-address

Description

This command specifies the primary IPv6 address of a reference location used for BGP optimal route reflection. Up to three IPv4 addresses and three IPv6 addresses can be specified per location.

If the TE DB is unable find a node in its topology database that matches a primary address of the location, then it tries to find a node matching a secondary address. If this attempt also fails, the TE DB tries to find a node matching a tertiary address.

The IP addresses specified for a location should be topologically "close” to a set of clients that should all receive the same optimal path for that location.

The no form of this command removes the primary IPv6 address information.

Default

no primary-ipv6-address

Parameters

ipv6-address

Specifies the primary IPv6 address of a location expressed in dotted decimal notation.

Values

ipv6-address:

• x:x:x:x:x:x:x:x (eight 16-bit pieces)

• x:x:x:x:x:x:d.d.d.d

• x: [0 to FFFF]H

• d: [0 to 255]D

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>mpls>fwd-policies>fwd-policy>nh-grp primary-next-hop)

Full Context

configure router mpls forwarding-policies forwarding-policy next-hop-group primary-next-hop

Description

Commands in this context configure the primary next hop of an NHG entry in a forwarding policy.

The no form of this command removes the primary next-hop context from an NHG entry in a forwarding policy.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>template>vpls-template>mac-move primary-ports)

[Tree] (config>service>vpls>mac-move primary-ports)

Full Context

configure service template vpls-template mac-move primary-ports

configure service vpls mac-move primary-ports

Description

Commands in this context define primary VPLS ports. VPLS ports that were declared as secondary prior to the execution of this command will be moved from secondary port-level to primary port-level. Changing a port to the tertiary level can only be done by first removing it from the secondary port-level.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>card>fp>ingress>access>queue-group>policer-control-override>priority-mbs-thresholds priority)

[Tree] (config>card>fp>ingress>network>queue-group>policer-control-override>priority-mbs-thresholds priority)

Full Context

configure card fp ingress access queue-group policer-control-override priority-mbs-thresholds priority

configure card fp ingress network queue-group policer-control-override priority-mbs-thresholds priority

Description

The priority level command contains the mbs-contribution configuration command for a given strict priority level. Eight levels are supported numbered 1 through 8 with 8 being the highest strict priority.

Each of the eight priority CLI nodes always exists and do not need to be created. While parameters exist for each priority level, the parameters are only applied when the priority level within a parent policer instance is currently supporting child policers.

Parameters

level

Specifies the priority level.

Values

1 to 8

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>epipe>sap>egress>policy-ctrl-over>mbs-thrshlds priority)

[Tree] (config>service>epipe>sap>ingress>policy-ctrl-over>mbs-thrshlds priority)

Full Context

configure service epipe sap egress policer-control-override priority-mbs-thresholds priority

configure service epipe sap ingress policer-control-override priority-mbs-thresholds priority

Description

The priority-level level override CLI node contains the specified priority level’s mbs-contribution override value.

This node does not need to be created and will not be output in show or save configurations unless an mbs-contribution override exist for level.

Parameters

level

The level parameter is required when specifying priority-level and identifies which of the parent policer instances priority level’s the mbs-contribution is overriding.

Values

1 to 8

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>template>vpls-template>stp priority)

[Tree] (config>service>vpls>stp priority)

[Tree] (config>service>template>vpls-sap-template>stp priority)

Full Context

configure service template vpls-template stp priority

configure service vpls stp priority

configure service template vpls-sap-template stp priority

Description

The bridge-priority command is used to populate the priority portion of the bridge ID field within outbound BPDUs (the most significant 4 bits of the bridge ID). It is also used as part of the decision process when determining the best BPDU between messages received and sent. All values are truncated to multiples of 4096, conforming with IEEE 802.1t and 802.1D-2004.

The no form of this command returns the bridge priority to the default value.

Default

priority 4096

Parameters

bridge-priority

Specifies the bridge priority for the STP instance

Values

Allowed values are integers in the range of 4096 to 65535 with 4096 being the highest priority. The actual bridge priority value stored/used is the number entered with the lowest 12 bits masked off which means the actual range of values is 4096 to 61440 in increments of 4096.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vpls>spoke-sdp>stp priority)

[Tree] (config>service>vpls>sap>stp priority)

Full Context

configure service vpls spoke-sdp stp priority

configure service vpls sap stp priority

Description

This command configures the Nokia Spanning Tree Protocol (STP) priority for the SAP or spoke SDP.

STP priority is a configurable parameter associated with a SAP or spoke SDP. When configuration BPDUs are received, the priority is used in some circumstances as a tie breaking mechanism to determine whether the SAP or spoke SDP be designated or blocked.

In traditional STP implementations (802.1D-1998), this field is called the port priority and has a value of 0 to 255. This field is coupled with the port number (0 to 255 also) to create a 16 bit value. In the latest STP standard (802.1D-2004) only the upper 4 bits of the port priority field are used to encode the SAP or spoke SDP priority. The remaining 4 bits are used to extend the port ID field into a 12 bit virtual port number field. The virtual port number uniquely references a SAP or spoke SDP within the STP instance.

STP computes the actual priority by taking the input value and masking out the lower four bits. The result is the value that is stored in the SDP priority parameter. For instance, if a value of 0 is entered, masking out the lower 4 bits results in a parameter value of 0. If a value of 255 is entered, the result is 240.

The no form of this command returns the STP priority to the default value.

Default

priority 128

Parameters

stp-priority

Specifies the STP priority value for the SAP or spoke SDP. 0 is the highest priority. The actual value used for STP priority (and stored in the configuration) is the result of masking out the lower 4 bits, therefore the actual value range is 0 to 240 in increments of 16.

Values

0 to 255

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vpls>sap>egress>policy-ctrl-over>mbs-thrshlds priority)

[Tree] (config>service>vpls>sap>ingress>policy-ctrl-over>mbs-thrshlds priority)

Full Context

configure service vpls sap egress policer-control-override priority-mbs-thresholds priority

configure service vpls sap ingress policer-control-override priority-mbs-thresholds priority

Description

The priority-level level override CLI node contains the specified priority level’s mbs-contribution override value.

This node does not need to be created and will not be output in show or save configurations unless an mbs-contribution override exist for level.

The no form of this command sets the MBS contribution for the associated priority to its default value.

Parameters

level

Specifies that the level parameter is required when specifying priority-level and identifies which of the parent policer instances priority level’s the mbs-contribution is overriding

Values

1 to 8

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>ies>if>ipv6>vrrp priority)

Full Context

configure service ies interface ipv6 vrrp priority

Description

This command provides the ability to configure a specific priority value to the virtual router instance. In conjunction with an optional policy command, the base-priority is used to derive the in-use priority of the virtual router instance.

This command is only available in the non-owner vrrp virtual-router-id nodal context. The priority of owner virtual router instances is permanently set to 255 and cannot be changed. For non-owner virtual router instances, if the priority command is not executed, the base-priority will be set to 100.

The no form of this command restores the default value of 100 to base-priority.

Default

priority 100

Parameters

base-priority

The base-priority parameter configures the base priority used by the virtual router instance. If a VRRP Priority Control policy is not also defined, the base-priority will be the in-use priority for the virtual router instance.

Values

1 to 254

Default

100

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>ies>if>sap>egress>policer-ctrl-over>mbs-thrshlds priority)

[Tree] (config>service>ies>if>sap>ingress>policer-ctrl-over>mbs-thrshlds priority)

Full Context

configure service ies interface sap egress policer-control-override priority-mbs-thresholds priority

configure service ies interface sap ingress policer-control-override priority-mbs-thresholds priority

Description

The priority-level level override CLI node contains the specified priority level’s mbs-contribution override value.

This node does not need to be created and will not be output in show or save configurations unless an mbs-contribution override exist for level.

The no form of this command sets the MBS contribution for the associated priority to its default value.

Parameters

level

Specifies that the level parameter is required when specifying priority-level and identifies which of the parent policer instances priority level’s the mbs-contribution is overriding.

Values

1 to 8

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>ies>if>vrrp priority)

Full Context

configure service ies interface vrrp priority

Description

The priority command provides the ability to configure a specific priority value to the virtual router instance. In conjunction with an optional policy command, the base-priority is used to derive the in-use priority of the virtual router instance.

The priority command is only available in the non-owner vrrp virtual-router-id nodal context. The priority of owner virtual router instances is permanently set to 255 and cannot be changed. For non-owner virtual router instances, if the priority command is not executed, the base-priority will be set to 100.

The no form of this command restores the default value of 100 to base-priority.

Parameters

base-priority

The base-priority parameter configures the base priority used by the virtual router instance. If a VRRP Priority Control policy is not also defined, the base-priority will be the in-use priority for the virtual router instance.

Values

1 to 254

Default

100

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>if>sap>ingress>policer-ctrl-over>mbs-thrshlds priority)

[Tree] (config>service>vprn>if>sap>egress>policer-ctrl-over>mbs-thrshlds priority)

Full Context

configure service vprn interface sap ingress policer-control-override priority-mbs-thresholds priority

configure service vprn interface sap egress policer-control-override priority-mbs-thresholds priority

Description

The priority-level level override CLI node contains the specified priority level’s mbs-contribution override value.

This node does not need to be created and will not be output in show or save configurations unless an mbs-contribution override exist for level.

The no form of this command sets the MBS contribution for the associated priority to its default value.

Parameters

level

Specifies that the level parameter is required when specifying priority-level and identifies which of the parent policer instances priority level’s the mbs-contribution is overriding.

Values

1 to 8

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>if>ipv6>vrrp priority)

[Tree] (config>service>vprn>if>vrrp priority)

Full Context

configure service vprn interface ipv6 vrrp priority

configure service vprn interface vrrp priority

Description

The priority command provides the ability to configure a specific priority value to the virtual router instance. In conjunction with an optional policy command, the base-priority is used to derive the in-use priority of the virtual router instance.

The priority command is only available in the non-owner vrrp virtual-router-id nodal context. The priority of owner virtual router instances is permanently set to 255 and cannot be changed. For non-owner virtual router instances, if the priority command is not executed, the base-priority will be set to 100.

The no form of this command restores the default value of 100 to base-priority.

Parameters

base-priority

The base-priority parameter configures the base priority used by the virtual router instance. If a VRRP priority control policy is not also defined, the base-priority will be the in-use priority for the virtual router instance.

Values

1 to 254

Default

100

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>isis>if>level priority)

Full Context

configure service vprn isis interface level priority

Description

This command configures the priority of the IS-IS router interface for designated router election on a multi-access network.

This priority is included in hello PDUs transmitted by the interface on a multi-access network. The router with the highest priority is the preferred designated router. The designated router is responsible for sending LSPs with regard to this network and the routers that are attached to it.

The no form of this command reverts to the default value.

Default

priority 64

Parameters

number

Specifies the priority for this interface at this level.

Values

0 to 127

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>ospf>area>if priority)

[Tree] (config>service>vprn>ospf3>area>if priority)

Full Context

configure service vprn ospf area interface priority

configure service vprn ospf3 area interface priority

Description

This command configures the priority of the OSPF interface that is used to elect the designated router (DR) on the subnet.

This parameter is only used if the interface is of type broadcast. The router with the highest priority interface becomes the DR. A router with priority 0 is not eligible to be the designated router or backup designated router.

The no form of this command resets the interface priority to the default value.

Default

priority 1

Parameters

number

The interface priority expressed as a decimal integer. A value of 0 indicates the router is not eligible to be the Designated Router of Backup Designated Router on the interface subnet.

Values

0 to 255

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>pim>if priority)

Full Context

configure service vprn pim interface priority

Description

This command sets the priority value to become the rendezvous point (RP) that is included in bootstrap messages sent by the router. The RP is sometimes called the bootstrap router. The priority command indicates whether the router is eligible to be a bootstrap router.

The no form of this command disqualifies the router to participate in the bootstrap election.

Default

priority 1 (The router is the least likely to become the designated router.)

Parameters

dr-priority

Specifies the priority to become the designated router. The higher the value, the higher the priority.

Values

1 to 4294967295

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>pim>rp>bsr-candidate priority)

[Tree] (config>service>vprn>pim>rp>ipv6>bsr-candidate priority)

Full Context

configure service vprn pim rp bsr-candidate priority

configure service vprn pim rp ipv6 bsr-candidate priority

Description

This command defines the priority used to become the rendezvous point (RP). The higher the priority value the more likely that this router becomes the RP. If there is a tie, the router with the highest IP address is elected.

Parameters

bootstrap-priority

The priority to become the bootstrap router.

Values

0 to 255

Default

0 (the router is not eligible to be the bootstrap router)

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>pim>rp>rp-candidate priority)

Full Context

configure service vprn pim rp rp-candidate priority

Description

This command defines the priority used to become the rendezvous point (RP). The higher the priority value, the more likely that this router will become the RP.

Use the no form of this command to revert to the default value.

Default

priority 192

Parameters

priority

Specifies the priority to become the designated router. The higher the value the more likely the router will become the RP.

Values

0 to 255

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>mpls>lsp-template priority)

[Tree] (config>router>mpls>lsp>secondary priority)

[Tree] (config>router>mpls>lsp>primary priority)

Full Context

configure router mpls lsp-template priority

configure router mpls lsp secondary priority

configure router mpls lsp primary priority

Description

This command enables the soft preemption procedures for this LSP path. The operator enables the soft preemption mechanism on a specific LSP name by explicitly configuring the setup and holding priorities for the primary path at the head-end node. The operator can similarly configure priority values for a secondary path for this LSP name. Different values could be used for the primary and for any of the secondary paths. In the absence of explicit user configuration, the setup priority is internally set to the default value of 7 and the holding priority is set to the default value of 0.

Preemption is effected when a router preempting node processes a new RSVP session reservation and there is not enough available bandwidth on the RSVP interface, or the Class Type (CT) when Diff-Serv is enabled, to satisfy the bandwidth in the FlowSpec object while there exist other session reservations for LSP paths with a strictly lower holding priority (numerically higher holding priority value) than the setup priority of the new LSP reservation. If enough available bandwidth is freed on the link or CT to accommodate the new reservation by preempting one or more lower priority LSP paths, the preempting node allows temporary overbooking of the RSVP interface and honors the new reservation.

The preempting node will immediately set the 'Preemption pending’ flag (0x10) in the IPv4 Sub-Object in the RRO object in the Resv refresh for each of the preempted LSP paths. The IPv4 Sub-Object corresponds to the outgoing interface being used by the preempting and preempted LSP paths; however, the bandwidth value in the FlowSpec object is not changed. The Resv flag must also be set if the preempting node is a merge point for the primary LSP path and the backup bypass LSP or detour LSP and the backup LSP is activated.

When evaluating if enough available bandwidth will be freed, the preempting node considers the reservations in order from the lowest holding priority (numerically higher holding priority value) to the holding priority just below the setup priority of the new reservation. A new reservation cannot preempt a reservation which has a value of the holding priority equal to the new reservation setup priority.

When Diff-Serv is enabled on the preempting node and the MAM bandwidth allocation model is used, a new reservation can only preempt a reservation in the same Class Type (CT).

LSP paths which were not flagged at the head-end for soft preemption will be hard preempted. LSP paths with the default holding priority of 0 cannot be preempted. LSP paths with zero bandwidth do not preempt other LSP paths regardless of the values of the path setup priority and the path holding priority. They can also not be preempted.

When evaluating if enough available bandwidth will be freed, the preempting node considers the reservations in order from the lowest holding priority (numerically higher holding priority) to the holding priority just below the setup priority of the new reservation. There is no specific order in which the reservations in the same holding priority are considered.

The preempting node starts a preemption timer for each of the preempted LSP paths. While this timer is on, the node should continue to refresh the Path and Resv for the preempted LSP paths. When the preemption timer expires, the node tears down the reservation if the head-end node has not already done so.

A head-end node upon receipt of the Resv refresh message with the 'Preemption pending’ flag must immediately perform a make-before-break on the affected adaptive CSPF LSP. Both IGP metric and TE metric based CSPF LSPs are included. If an alternative path that excludes the flagged interface is not found, then the LSP is put on a retry in a similar way to the Global Revertive procedure at a head-end node. However, the number of retries and the retry timer are governed by the values of the retry-limit and retry-timer parameters: config>router>mpls>lsp>retry-limit; config>router>mpls>lsp>retry-timer.

MPLS will keep the address list of flagged interfaces for a maximum of 60 s (not user-configurable) from the time the first Resv message with the 'Preemption pending’ flag is received. This actually means that MPLS will request CSPF to find a path that excludes the flagged interfaces in the first few retries until success or until 60 s have elapsed. Subsequent retries after the 60 s will not exclude the flagged interfaces as it is assumed IGP has converged by then and the Unreserved Bandwidth sub-TLV for that priority, or TE Class, in the TE database will show the updated value taking into account the preempting LSP path reservation or a value of zero if overbooked.

If the LSP has a configured secondary standby which is operationally UP, the router will switch the path of the LSP to it and then start the MBB. If no standby path is available and a secondary non-standby is configured, the router will start the MBB and signal the path of the secondary. The LSP path will be switched to either the secondary or the new primary, whichever comes up first.

The no form of this command reverts the LSP path priority to the default values and results in setting the setup priority to 7, in setting the hold priority to 0, and in clearing the 'soft preemption desired’ flag in the RRO in the Resv refresh message.

Default

no priority

Parameters

setup-priority

Specifies the priority of the reservation for this session at setup time.

Values

0 to 7 (0 is the highest priority and 7 is the lowest priority.)

Default

7 — This session does not preempt any other session.

holding-priority

Specifies the priority of the reservation for this session at preemption action.

Values

0 to 7 (0 is the highest priority and 7 is the lowest priority.)

Default

0 — This session does not get preempted by any other session.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>redundancy>multi-chassis>peer>mc-ipsec>tunnel-group priority)

Full Context

configure redundancy multi-chassis peer mc-ipsec tunnel-group priority

Description

This command specifies the local priority of the tunnel-group, this is used to elect master, higher number win. If priority are same, then the peer has more active ISA win; and priority and the number of active ISA are same, then the peer with higher IP address win.

The no form of this command removes the priority value from the configuration.

Default

priority 100

Parameters

priority

Specifies the priority of this tunnel-group.

Values

0 to 255

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>pim>interface priority)

Full Context

configure router pim interface priority

Description

This command sets the priority value to elect the designated router (DR). The DR election priority is a 32-bit unsigned number and the numerically larger priority is always preferred.

The no form of this command reverts to the default value.

Default

priority 1

Parameters

priority

Specifies the priority to become the designated router. The higher the value, the higher the priority.

Values

1 to 4294967295

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>pim>rp>ipv6>rp-candidate priority)

[Tree] (config>router>pim>rp>rp-candidate priority)

Full Context

configure router pim rp ipv6 rp-candidate priority

configure router pim rp rp-candidate priority

Description

This command configures the Candidate-RP priority for becoming a rendezvous point (RP). This value is used to elect RP for a group range.

The no form of this command reverts to the default value.

Default

priority 192

Parameters

priority

Specifies the priority to become a rendezvous point (RP). A value of 0 is considered as the highest priority.

Values

0 to 255

Platforms

7705 SAR Gen 2

Context

[Tree] (config>qos>plcr-ctrl-plcy>root>priority-mbs-thresholds priority)

Full Context

configure qos policer-control-policy root priority-mbs-thresholds priority

Description

The priority level command contains the mbs-contribution configuration command for a given strict priority level. Eight levels are supported numbered 1 through 8 with 8 being the highest strict priority.

Each of the eight priority CLI nodes always exists and do not need to be created. While parameters exist for each priority level, the parameters are only applied when the priority level within a parent policer instance is currently supporting child policers.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>filter>redirect-policy>dest priority)

Full Context

configure filter redirect-policy destination priority

Description

Redirect policies can contain multiple destinations. Each destination is assigned an initial or base priority which describes its relative importance within the policy.

Default

priority 100

Parameters

priority

Specifies the priority, expressed as a decimal integer, used to weigh the destination’s relative importance within the policy.

Values

1 to 255

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>fad>flex-algo priority)

Full Context

configure router flexible-algorithm-definitions flex-algo priority

Description

This command configures the priority of the FAD. This priority is used as a tie-breaker when the router has received multiple FADs for the same flexible algorithm.

Every router that is configured to participate in a particular flexible algorithm uses the same tie-breaker logic to select the winning FAD. This allows for consistent FAD definition selection in cases where routers advertise different definitions for a specific flexible algorithm. The following rules apply to the breaker mechanism.

• From the advertisements of the FAD in the area (including both locally generated advertisements and received advertisements), select the one with the highest priority value.

• If there are multiple advertisements of the FAD with the same highest priority, select the one that is originated from the router with either the highest system ID or router ID.

The no form of this command sets the priority to the default value.

Default

priority 100

Parameters

priority

Configures the priority of this FAD.

Values

0 to 255

Default

100

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>if>ipv6>vrrp priority)

[Tree] (config>router>if>vrrp priority)

Full Context

configure router interface ipv6 vrrp priority

configure router interface vrrp priority

Description

This command configures the base router priority for the virtual router instance used in the master election process.

The priority is the most important parameter set on a non-owner virtual router instance. The priority defines a virtual router’s selection order in the master election process. Together, the priority value and the preempt mode allow the virtual router with the best priority to become the master virtual router.

The base-priority is used to derive the in-use priority of the virtual router instance as modified by any optional VRRP priority control policy. VRRP priority control policies can be used to either override or adjust the base priority value depending on events or conditions within the chassis.

The priority command is only available in the non-owner vrrp nodal context. The priority of owner virtual router instances is permanently set to 255 and cannot be changed.

For non-owner virtual router instances, the default base priority value is 100.

The no form of the command reverts to the default value.

Default

priority 100

Parameters

priority

The base priority used by the virtual router instance expressed as a decimal integer. If no VRRP priority control policy is defined, the base-priority is the in-use priority for the virtual router instance.

Values

1 to 254

Platforms

7705 SAR Gen 2

Context

[Tree] (config>vrrp>policy>priority-event>route-unknown priority)

[Tree] (config>vrrp>policy>priority-event>port-down priority)

[Tree] (config>vrrp>policy>priority-event>lag-port-down>number-down priority)

[Tree] (config>vrrp>policy>priority-event>lag-port-down>weight-down priority)

[Tree] (config>vrrp>policy>priority-event>host-unreachable priority)

Full Context

configure vrrp policy priority-event route-unknown priority

configure vrrp policy priority-event port-down priority

configure vrrp policy priority-event lag-port-down number-down priority

configure vrrp policy priority-event lag-port-down weight-down priority

configure vrrp policy priority-event host-unreachable priority

Description

This command controls the effect the set event has on the virtual router instance in-use priority.

When the event is set, the priority-level is either subtracted from the base priority of each virtual router instance or it defines the explicit in-use priority value of the virtual router instance depending on whether the delta or explicit keywords are specified.

Multiple set events in the same policy have interaction constraints:

• If any set events have an explicit priority value, all the delta priority values are ignored.

• The set event with the lowest explicit priority value defines the in-use priority that are used by all virtual router instances associated with the policy.

• If no set events have an explicit priority value, all the set events delta priority values are added and subtracted from the base priority value defined on each virtual router instance associated with the policy.

• If the delta priorities sum exceeds the delta-in-use-limit parameter, then the delta-in-use-limit parameter is used as the value subtracted from the base priority value defined on each virtual router instance associated with the policy.

If the priority command is not configured on the priority event, the priority-value defaults to 0 and the qualifier keyword defaults to delta, therefore, there is no impact on the in-use priority.

The no form of the command configures the set event to subtract 0 from the base priority (no effect).

Default

no priority

Parameters

priority-level

The priority level adjustment value expressed as a decimal integer.

Values

0 to 254

delta

Configures what effect the priority-level will have on the base priority value. The default base priority value is delta.

When delta is specified, the priority-level value is subtracted from the associated virtual router instance’s base priority when the event is set and no explicit events are set. The sum of the priority event priority-level values on all set delta priority events are subtracted from the virtual router base priority to derive the virtual router instance in-use priority value. If the delta priority event is cleared, the priority-level is no longer used in the in-use priority calculation.

explicit

Configures what effect the priority-level will have on the base priority value.

When explicit is specified, the priority-level value is used to override the base priority of the virtual router instance if the priority event is set and no other explicit priority event is set with a lower priority-level. The set explicit priority value with the lowest priority-level determines the actual in-use protocol value for all virtual router instances associated with the policy.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>vrrp>policy>priority-event>mc-ipsec-non-forwarding priority)

Full Context

configure vrrp policy priority-event mc-ipsec-non-forwarding priority

Description

This command controls the effect the set event has on the virtual router instance in-use priority.

When the event is set, the priority-level is either subtracted from the base priority of each virtual router instance or it defines the explicit in-use priority value of the virtual router instance depending on whether the delta or explicit keywords are specified.

Multiple set events in the same policy have interaction constraints:

• If any set events have an explicit priority value, all the delta priority values are ignored.

• The set event with the lowest explicit priority value defines the in-use priority that are used by all virtual router instances associated with the policy.

• If no set events have an explicit priority value, all the set events delta priority values are added and subtracted from the base priority value defined on each virtual router instance associated with the policy.

• If the delta priorities sum exceeds the delta-in-use-limit parameter, then the delta-in-use-limit parameter is used as the value subtracted from the base priority value defined on each virtual router instance associated with the policy.

If the priority command is not configured on the priority event, the priority-value defaults to 0 and the qualifier keyword defaults to delta, therefore, there is no impact on the in-use priority.

The no form of the command configures the set event to subtract 0 from the base priority (no effect).

Default

no priority

Parameters

priority-level

The priority level adjustment value expressed as a decimal integer.

Values

0 to 254

explicit

When explicit is specified, the priority-level value is used to override the base priority of the virtual router instance if the priority event is set and no other explicit priority event is set with a lower priority-level. The set explicit priority value with the lowest priority-level determines the actual in-use protocol value for all virtual router instances associated with the policy.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>pw-template>stp priority)

Full Context

configure service pw-template stp priority

Description

The bridge-priority command is used to populate the priority portion of the bridge ID field within outbound BPDUs (the most significant 4 bits of the bridge ID). It is also used as part of the decision process when determining the best BPDU between messages received and sent. All values will be truncated to multiples of 4096, conforming with IEEE 802.1t and 802.1D-2004.

The no form of this command returns the bridge priority to the default value.

Default

priority 4096

Parameters

bridge-priority

Specifies the bridge priority for the STP instance.

Values

Allowed values are integers in the range of 4096 to 65535 with 4096 being the highest priority. The actual bridge priority value stored/used is the number entered with the lowest 12 bits masked off which means the actual range of values is 4096 to 61440 in increments of 4096.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>isis>if>level priority)

Full Context

configure router isis interface level priority

Description

This command configures the priority of the IS-IS router interface for designated router election on a multi-access network.

This priority is included in hello PDUs transmitted by the interface on a multi-access network. The router with the highest priority is the preferred designated router. The designated router is responsible for sending LSPs with regard to this network and the routers that are attached to it.

The no form of this command reverts to the default value.

Default

priority 64

Parameters

number

Specifies the priority for this interface at this level.

Values

0 to 127

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>ospf>area>interface priority)

[Tree] (config>router>ospf3>area>interface priority)

Full Context

configure router ospf area interface priority

configure router ospf3 area interface priority

Description

This command configures the priority of the OSPF interface that is used in an election of the designated router on the subnet.

This parameter is only used if the interface is of type broadcast. The router with the highest priority interface becomes the designated router. A router with priority 0 is not eligible to be Designated Router or Backup Designated Router.

The no form of this command reverts the interface priority to the default value.

Default

priority 1

Parameters

number

Specifies the interface priority expressed as a decimal integer. A value of 0 indicates the router is not eligible to be the Designated Router or Backup Designated Router on the interface subnet.

Values

0 to 255

Platforms

7705 SAR Gen 2

Context

[Tree] (config>redundancy>multi-chassis>ipsec-domain priority)

Full Context

configure redundancy multi-chassis ipsec-domain priority

Description

This command configures the priority for the tunnel group in the IPsec domain. The node with the higher priority is more likely to be elected as active within the domain.

The no form of this command reverts to the default value.

Default

priority 100

Parameters

value

Specifies the IPsec domain tunnel group priority.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>vrrp>policy priority-event)

Full Context

configure vrrp policy priority-event

Description

This command creates the context to configure VRRP priority control events used to define criteria to modify the VRRP in-use priority.

A priority control event specifies an object to monitor and the effect on the in-use priority level for an associated virtual router instance.

Up to 32 priority control events can be configured within the priority-event node.

The no form of the command clears any configured priority events.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>card>fp>ingress>access>queue-group>policer-control-override priority-mbs-thresholds)

[Tree] (config>card>fp>ingress>network>queue-group>policer-control-override priority-mbs-thresholds)

Full Context

configure card fp ingress access queue-group policer-control-override priority-mbs-thresholds

configure card fp ingress network queue-group policer-control-override priority-mbs-thresholds

Description

This command contains the root arbiter parent policer’s min-thresh-separation command and each priority level’s mbs-contribution command that is used to internally derive each priority level’s shared-portion and fair-portion values. The system uses each priority level’s shared-portion and fair-portion value to calculate each priority level’s discard-unfair and discard-all MBS thresholds that enforce priority sensitive rate-based discards within the root arbiter’s parent policer.

The priority-mbs-thresholds CLI node always exists and does not need to be created.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>epipe>sap>egress>policer-control-override priority-mbs-thresholds)

[Tree] (config>service>epipe>sap>ingress>policer-control-override priority-mbs-thresholds)

Full Context

configure service epipe sap egress policer-control-override priority-mbs-thresholds

configure service epipe sap ingress policer-control-override priority-mbs-thresholds

Description

This command overrides the CLI node contains the configured min-thresh-separation and the various priority level mbs-contribution override commands.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vpls>sap>ingress>policer-ctrl-over priority-mbs-thresholds)

[Tree] (config>service>vpls>sap>egress>policer-ctrl-over priority-mbs-thresholds)

Full Context

configure service vpls sap ingress policer-control-override priority-mbs-thresholds

configure service vpls sap egress policer-control-override priority-mbs-thresholds

Description

This command overrides the CLI node contains the configured min-thresh-separation and the various priority level mbs-contribution override commands.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>ies>if>sap>egress>policer-ctrl-over priority-mbs-thresholds)

[Tree] (config>service>ies>if>sap>ingress>policer-ctrl-over priority-mbs-thresholds)

Full Context

configure service ies interface sap egress policer-control-override priority-mbs-thresholds

configure service ies interface sap ingress policer-control-override priority-mbs-thresholds

Description

This command overrides the CLI node contains the configured min-thresh-separation and the various priority level mbs-contribution override commands.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>if>sap>egress>policer-ctrl-over priority-mbs-thresholds)

[Tree] (config>service>vprn>if>sap>ingress>policer-ctrl-over priority-mbs-thresholds)

Full Context

configure service vprn interface sap egress policer-control-override priority-mbs-thresholds

configure service vprn interface sap ingress policer-control-override priority-mbs-thresholds

Description

This command overrides the CLI node contains the configured min-thresh-separation and the various priority level mbs-contribution override commands.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>qos>plcr-ctrl-plcy>root priority-mbs-thresholds)

Full Context

configure qos policer-control-policy root priority-mbs-thresholds

Description

The priority-mbs-thresholds command contains the root arbiter parent policer’s min-thresh-separation command and each priority level’s mbs-contribution command that is used to internally derive each priority level’s shared-portion and fair-portion values. The system uses each priority level’s shared-portion and fair-portion value to calculate each priority level’s discard-unfair and discard-all MBS thresholds that enforce priority-sensitive rate-based discards within the root arbiter’s parent policer.

The priority-mbs-thresholds CLI node always exists and does not need to be created.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>aaa>rmt-srv>tacplus>priv-lvl-map priv-lvl)

[Tree] (config>system>security>tacplus>priv-lvl-map priv-lvl)

Full Context

configure service vprn aaa remote-servers tacplus priv-lvl-map priv-lvl

configure system security tacplus priv-lvl-map priv-lvl

Description

This command maps a specific TACACS+ priv-lvl to a locally configured profile for authorization. This mapping is used when the use-priv-lvl option is specified for TACPLUS authorization.

Parameters

priv-lvl

Specifies the privilege level used when sending a TACACS+ ENABLE request.

Values

0 to 15

user-profile-name

Specifies the user profile for this mapping.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>aaa>rmt-srv>tacplus priv-lvl-map)

[Tree] (config>system>security>tacplus priv-lvl-map)

Full Context

configure service vprn aaa remote-servers tacplus priv-lvl-map

configure system security tacplus priv-lvl-map

Description

Commands in this context specify a series of mappings between TACACS+ priv-lvl and locally configured profiles for authorization. These mappings are used when the use-priv-lvl option is specified for tacplus authorization.

The no form of this command reverts to the default.

Default

priv-lvl-map

Platforms

7705 SAR Gen 2

Context

[Tree] (config>ipsec>client-db>client private-interface)

Full Context

configure ipsec client-db client private-interface

Description

This command specifies the private interface name that is used for tunnel setup.

The no form of this command reverts to the default.

Default

no private-interface

Parameters

ip-int-name

Specifies the name of the private interface.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>ipsec>client-db>client private-service)

Full Context

configure ipsec client-db client private-service

Description

This command specifies the private service ID that is used for tunnel setup.

The no form of this command reverts to the default.

Default

no private-service

Parameters

service-id

Specifies the service ID of the tunnel delivery service.

This variant of this command is only supported in 'classic' configuration-mode (configure system management-interface configuration-mode classic). The private-service name service-name variant can be used in all configuration modes.

Values

{id | svc-name}

id:	1 to 2147483647
svc-name:	up to 64 characters (svc-name is an alias for input only. The svc-name gets replaced with an id automatically by SR OS in the configuration).

name service-name

Identifies the service, up to 64 characters.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>if>ipsec>ipsec-tunnel private-tcp-mss-adjust)

[Tree] (config>ipsec>tnl-temp private-tcp-mss-adjust)

[Tree] (config>service>ies>if>sap>ip-tunnel private-tcp-mss-adjust)

[Tree] (config>service>ies>if>ipsec>ipsec-tunnel private-tcp-mss-adjust)

[Tree] (config>service>vprn>if>sap>ip-tunnel private-tcp-mss-adjust)

[Tree] (config>service>vprn>if>ipsec>ipsec-tunnel private-tcp-mss-adjust)

[Tree] (config>service>vprn>if>sap>ipsec-tun private-tcp-mss-adjust)

Full Context

configure router interface ipsec ipsec-tunnel private-tcp-mss-adjust

configure ipsec tunnel-template private-tcp-mss-adjust

configure service ies interface sap ip-tunnel private-tcp-mss-adjust

configure service ies interface ipsec ipsec-tunnel private-tcp-mss-adjust

configure service vprn interface sap ip-tunnel private-tcp-mss-adjust

configure service vprn interface ipsec ipsec-tunnel private-tcp-mss-adjust

configure service vprn interface sap ipsec-tunnel private-tcp-mss-adjust

Description

This command enables TCP MSS to adjust for L2TPv3 tunnels, IPsec, or IP tunnels on the private side. When the command is configured, the system updates the TCP MSS option to the value of the received TCP SYN packet on the private side.

The no form of this command disables TCP MSS adjust on the private side.

Default

no private-tcp-mcc-adjust

Parameters

bytes

Specifies the new TCP MSS value in bytes.

Values

512 to 9000

octets

Specifies the new TCP MSS value in octets.

Values

512 to 9000

Platforms

7705 SAR Gen 2

Context

[Tree] (config>saa>test>trap-gen probe-fail-enable)

Full Context

configure saa test trap-gen probe-fail-enable

Description

This command enables the generation of an SNMP trap when the consecutive probe failure threshold (configured using the probe-fail-threshold command) is reached during the execution of the SAA ping test. This command is not applicable to SAA trace route tests.

The no form of this command disables the generation of an SNMP trap.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>saa>test>trap-gen probe-fail-threshold)

Full Context

configure saa test trap-gen probe-fail-threshold

Description

This command configures the threshold for trap generation after ping probe failure.

This command has no effect when probe-fail-enable is disabled. This command is not applicable to SAA trace route tests.

The no form of this command returns the threshold value to the default.

Default

probe-fail-threshold 1

Parameters

threshold

Specifies the number of consecutive ping probe failures required to generate a trap.

Values

0 to 15

Platforms

7705 SAR Gen 2

Context

[Tree] (config>saa>test probe-history)

Full Context

configure saa test probe-history

Description

Specifies history probe behavior. Defaults are associated with various configured parameters within the SAA test. Auto (keep) is used for test with probe counts of 100 or less, and intervals of 1 second and above. Auto (drop) only maintains summary information for tests marked as continuous with file functions, probe counts more than 100 and intervals of less than 1 second. SAA tests that are not continuous with a write to file defaults to Auto (keep). The operator is free to change the default behaviors for each type. Each test that maintains per probe history consumes more system memory. When per probe entries are required, the probe history is available at the completion of the test.

Default

probe-history auto

Parameters

auto

An auto selector that determines the storage of the history information.

drop

Stores summarized min/max/avg data not per probe information for test runs. This may be configured for all tests to conserve memory.

keep

Stores per probe information for tests. This consumes significantly more memory than summary information and should only be used if necessary.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vpls>proxy-arp process-arp-probes)

Full Context

configure service vpls proxy-arp process-arp-probes

Description

This command enables router proxy ARP function replies to Duplicate Address Detection (DAD) ARP probes upon a successful proxy ARP table lookup.

The no form of this command disables the router from replying to DAD ARP probes.

Default

process-arp-probes

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vpls>sap process-cpm-traffic-on-sap-down)

Full Context

configure service vpls sap process-cpm-traffic-on-sap-down

Description

This command is applicable to simple SAPs configured on LAGs that are not part of any "endpoint” configurations or complicated resiliency schemes like MC-LAG with inter-chassis-backup (ICB) configurations. When configured, a simple LAG SAP is not removed from the forwarding plane and flooded traffic (unknown unicast, broadcast and multicast) is dropped on egress. This allows applicable control traffic that is extracted at the egress interface to be processed by the CPM. This command will not prevent a VPLS service from entering an operationally down state if it is the last active connection to enter a nonoperational state. By default, without this command, when a SAP on a LAG enters a nonoperational state, it is removed from the forwarding plane and no forwarding occurs to the egress.

The no form of this command removes a SAP over a LAG that is not operational from the forwarding process.

Default

no process-cpm-traffic-on-sap-down

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vpls>proxy-nd process-dad-neighbor-solicitations)

Full Context

configure service vpls proxy-nd process-dad-neighbor-solicitations

Description

This command enables the router proxy ND replies to Duplicate Address Detection (DAD) neighbor solicitations upon a successful proxy ND table lookup.

The no form of this command disables the router from replying to DAD neighbor solicitations.

Default

process-dad-neighbor-solicitations

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>isis>upa process-received-upa)

Full Context

configure router isis prefix-unreachable process-received-upa

Description

This command enables processing of UPAs received from other routers. When configured, received UPAs are inserted into the unicast routing table as unreachable prefixes. When configured on an Area Boundary Router (ABR), received UPAs are inserted into the unreachable prefix table and redistributed into the other areas.

The no form of this command disables the processing of UPAs received from other routers. When disabled, received UPAs are ignored by the router.

Default

no process-received-upa

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>security profile)

Full Context

configure system security profile

Description

This command creates a context to create user profiles for command authorization and other functions associated with a user.

Profiles can be used to deny or permit user access to entire command branches or to specific commands.

Once the profiles are created, the user command assigns users to one or more profiles. You can define up to 16 user profiles but a maximum of 8 profiles can be assigned to a user.

The no form of this command deletes a user profile.

Parameters

user-profile-name

Specifies the user profile name entered as a character string. The string is case sensitive and limited to 32 ASCII 7-bit printable characters with no spaces.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>saa>test>type-multi-line>lsp-ping>sr-policy profile)

[Tree] (config>saa>test>type-multi-line>lsp-ping profile)

Full Context

configure saa test type-multi-line lsp-ping sr-policy profile

configure saa test type-multi-line lsp-ping profile

Description

This command configures the profile state of the MPLS echo request packet.

The no form of this command reverts to the default value.

Default

profile out

Parameters

in

Specifies "in” as the profile state of the MPLS echo request packet.

out

Specifies "out” as the profile state of the MPLS echo request packet.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>oam-pm>session>ip profile)

Full Context

configure oam-pm session ip profile

Description

This command defines whether the TWAMP Light PDU packet should be treated as in-profile or out-of-profile. The default has been selected because the forwarding class defaults to best effort.

The no form of this command restores the default value.

Default

profile out

Parameters

in

Specifies that the TWAMP Light PDU packet is sent as in-profile.

out

Specifies that the TWAMP Light PDU packet is sent as out-of-profile.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>qos>sap-ingress>fc profile)

Full Context

configure qos sap-ingress fc profile

Description

This command places a forwarding class or subclass into a color aware profile mode. Normally, packets associated with a class are considered in-profile or out-of-profile solely based on the dynamic rate of the ingress queue relative to its CIR. Explicitly defining a class as in-profile or out-of-profile overrides this function by handling each packet with the defined profile state.

The profile command may only be executed when the forwarding class or the parent forwarding class (for a subclass) is mapped to a queue that has been enabled to support color aware profile packets. The queue may only be configured for profile-mode at the time the queue is created in the SAP ingress QoS policy.

A queue operating in profile-mode may support in-profile, out-of-profile, and non-profiled packets simultaneously. However, the high- and low-priority classification actions are ignored when the queue is in profile-mode.

The no form of this command removes an explicit in-profile or out-of-profile configuration on a forwarding class or subclass.

Default

no profile — The default profile state of a forwarding class or subclass is not to treat ingress packets as color aware. An explicit definition for in-profile or out-of-profile must be specified on the forwarding class or subclass.

Parameters

in

The in keyword is mutually exclusive to the out keyword. When the profile in command is executed, all packets associated with the class will be handled as in-profile. Packets explicitly handled as in-profile or out-of-profile still flow through the ingress service queue associated with the class to preserve order within flows. In-profile packets will count against the CIR of the queue, diminishing the amount of CIR available to other classes using the queue that are not configured with an explicit profile.

out

The out keyword is mutually exclusive to the in keyword. When the profile out command is executed, all packets associated with the class will be handled as out-of-profile. Packets explicitly handled as in-profile or out-of-profile still flow through the ingress service queue associated with the class to preserve order within flows. Out-of-profile packets will not count against the CIR of the queue, allowing other classes using the queue that are not configured with an explicit profile to be measured against the full CIR.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>network-element-discovery profile)

Full Context

configure system network-element-discovery profile

Description

This command configures a profile to be used by IGP to advertise the network element information to its neighbors.

The no form of this command deletes the specified profile.

Parameters

name

Specifies the name of the profile, up to 32 characters.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>security>user-template profile)

Full Context

configure system security user-template profile

Description

This command configures the command authorization profile to associate with a user template. See the user-template command for more details.

Parameters

user-profile-name

The user profile name entered as a character string. The string is case sensitive and limited to 32 ASCII 7-bit printable characters with no spaces.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>security>pki>cert-auto-upd>cert profile)

Full Context

configure system security pki certificate-auto-update cert profile

Description

This command configures a certificate-update-profile to reference the update behavior.

Parameters

cert-update-profile

Specifies the certificate profile name, up to 32 characters.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>qos>sap-ingress>policer profile-capped)

[Tree] (config>qos>sap-egress>policer profile-capped)

Full Context

configure qos sap-ingress policer profile-capped

configure qos sap-egress policer profile-capped

Description

Profile-capped mode enforces an overall in-profile burst limit to the CIR bucket for ingress undefined, ingress explicit in-profile, egress soft-in-profile, and egress explicit in-profile packets. The default behavior when profile-capped mode is not enabled is to ignore the CIR output state when an explicit in-profile packet is handled by an ingress or egress policer.

The profile-capped mode makes two changes:

• At egress, soft-in-profile packets (packets received from ingress as in-profile) are treated the same as explicit in-profile (unless explicitly reclassified as out-of-profile) and have an initial policer state of in-profile.

• At both ingress and egress, any packet output from the policer with a non-conforming CIR state are treated as out-of-profile (out-of-profile state is ignored for initial in-profile packets when profile-capped mode is not enabled).

Default

no profile-capped

Platforms

7705 SAR Gen 2

Context

[Tree] (config>qos>qgrps>egr>qgrp>policer profile-capped)

[Tree] (config>qos>qgrps>ing>qgrp>policer profile-capped)

Full Context

configure qos queue-group-templates egress queue-group policer profile-capped

configure qos queue-group-templates ingress queue-group policer profile-capped

Description

This command enables a limit on the profile.

Default

no profile-capped

Platforms

7705 SAR Gen 2

Context

[Tree] (config>qos>sap-egress>policer profile-out-preserve)

Full Context

configure qos sap-egress policer profile-out-preserve

Description

This command specifies whether to preserve the color of offered out-of-profile traffic at sap-egress policer (profile of the packet can change based on egress CIR state).

When enabled, traffic determined as out-of-profile at ingress policer will be treated as out-of-profile at sap-egress policer.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>qos>plcr-ctrl-plcy>root profile-preferred)

Full Context

configure qos policer-control-policy root profile-preferred

Description

The profile-preferred command ensures that the root policer provides a preference to consume its PIR bucket tokens at a given priority level to packets that have their profile state set to in-profile by the output of the child policer CIR bucket.

Default

no profile-preferred

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>management-interface>cli>md-cli>environment progress-indicator)

Full Context

configure system management-interface cli md-cli environment progress-indicator

Description

Commands in this context configure progress indicator parameters.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>management-interface>cli>md-cli>environment prompt)

Full Context

configure system management-interface cli md-cli environment prompt

Description

Commands in this context configure prompt parameters.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>mpls>lsp-template>fast-reroute propagate-admin-group)

[Tree] (config>router>mpls>lsp>fast-reroute propagate-admin-group)

Full Context

configure router mpls lsp-template fast-reroute propagate-admin-group

configure router mpls lsp fast-reroute propagate-admin-group

Description

The command enables the signaling of the primary LSP path admin-group constraints in the FRR object at the ingress.

When this command is executed, the admin-group constraints configured in the context of the P2P LSP primary path, or the ones configured in the context of the LSP and inherited by the primary path, are copied into the FAST_REROUTE object. The admin-group constraints are copied into the 'include-any’ or 'exclude-any’ fields.

The ingress LER thus propagates these constraints to the downstream nodes during the signaling of the LSP to allow them to include the admin-group constraints in the selection of the FRR backup LSP for protecting the LSP primary path.

The ingress LER inserts the FAST_REROUTE object by default in a primary LSP path message. If the user disables the object using the following command, the admin-group constraints will not be propagated: config>router>mpls>no frr-object.

Note that the same admin-group constraints can be copied into the Session Attribute object. They are intended for the use of an LSR, typically an ABR, to expand the ERO of an inter-area LSP path. They are also used by any LSR node in the path of a CSPF or non-CSPF LSP to check the admin-group constraints against the ERO regardless if the hop is strict or loose. These are governed strictly by the command:

config>router>mpls>lsp>propagate-admin-group

In other words, the user may decide to copy the primary path admin-group constraints into the FAST_REROUTE object only, or into the Session Attribute object only, or into both. Note, however, that the PLR rules for processing the admin-group constraints can make use of either of the two object admin-group constraints.

This feature is supported with the following LSP types and in both intra-area and inter-area TE where applicable:

• Primary path of a RSVP P2P LSP.

• S2L path of an RSVP P2MP LSP instance

• LSP template for an S2L path of an RSVP P2MP LSP instance.

The no form of this command disables the signaling of administrative group constraints in the FRR object.

Default

no propagate-admin-group

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>mpls>lsp propagate-admin-group)

[Tree] (config>router>mpls>lsp-template propagate-admin-group)

Full Context

configure router mpls lsp propagate-admin-group

configure router mpls lsp-template propagate-admin-group

Description

This command enables propagation of session attribute object with resource affinity (C-type 1) in PATH message. If an LSR receives a session attribute with resource affinity, then it will check the compatibility of admin-groups received in PATH message against configured admin-groups on the egress interface of LSP.

To support admin-group for inter-area LSP, the ingress node must configure propagating admin-groups within the session attribute object. If a PATH message is received by an LSR node that has the cspf-on-loose-hop option enabled and the message includes admin-groups, then the ERO expansion by CSPF to calculate the path to the next loose hop includes the admin-group constraints received from ingress node.

If this option is disabled, then the session attribute object without resource affinity (C-Type 7) is propagated in PATH message and CSPF at the LSR node does not include admin-group constraints.

This admin group propagation is supported with a P2P LSP, a P2MP LSP instance, and an LSP template.

The user can change the value of the propagate-admin-group option on the fly. A RSVP P2P LSP performs a Make-Before-Break (MBB) on changing the configuration. A S2L path of an RSVP P2MP LSP performs a Break-Before-Make on changing the configuration.

The no form of this command reverts to the default value.

Default

no propagate-admin-group

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vpls propagate-mac-flush)

Full Context

configure service vpls propagate-mac-flush

Description

This command enabled propagation of mac-flush messages received from the specified T-LDP on all spoke and mesh-SDPs within the context of the VPLS service. The propagation will follow split-horizon principles and any data-path blocking in order to avoid looping of these messages.

Default

no propagate-mac-flush

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>rip propagate-metric)

Full Context

configure service vprn rip propagate-metric

Description

This command enables the BGP MED to be used to configure the RIP metric at the BGP to RIP transition on egress routers. BGP always configures the BGP MED to the RIP metric at the ingress router. When propagate-metric is configured, the RIP metric at egress routers is configured as the BGP MED attribute added to the optional value configured with the metric-out command.

The no version of this command sets the RIP metric to the optional value configured with the metric-out command plus 1.

Default

no propagate-metric

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>if>ipsec>ipsec-tunnel propagate-pmtu-v4)

[Tree] (config>service>ies>if>sap>ip-tunnel propagate-pmtu-v4)

[Tree] (config>service>ies>if>ipsec>ipsec-tunnel propagate-pmtu-v4)

[Tree] (config>service>vprn>if>sap>ip-tunnel propagate-pmtu-v4)

[Tree] (config>ipsec>tnl-temp propagate-pmtu-v4)

[Tree] (config>service>vprn>if>ipsec>ipsec-tunnel propagate-pmtu-v4)

[Tree] (config>service>vprn>if>sap>ipsec-tunnel propagate-pmtu-v4)

Full Context

configure router interface ipsec ipsec-tunnel propagate-pmtu-v4

configure service ies interface sap ip-tunnel propagate-pmtu-v4

configure service ies interface ipsec ipsec-tunnel propagate-pmtu-v4

configure service vprn interface sap ip-tunnel propagate-pmtu-v4

configure ipsec tunnel-template propagate-pmtu-v4

configure service vprn interface ipsec ipsec-tunnel propagate-pmtu-v4

configure service vprn interface sap ipsec-tunnel propagate-pmtu-v4

Description

This command enables the system to propagate the path MTU learned from public side to private side (IPv4 hosts).

The no form of this command prevents the learned path MTU propagation.

Default

propagate-pmtu-v4

Platforms

7705 SAR Gen 2

Context

[Tree] (config>ipsec>tnl-temp propagate-pmtu-v6)

[Tree] (config>service>vprn>if>ipsec>ipsec-tunnel propagate-pmtu-v6)

[Tree] (config>router>if>ipsec>ipsec-tunnel propagate-pmtu-v6)

[Tree] (config>service>ies>if>ipsec>ipsec-tunnel propagate-pmtu-v6)

[Tree] (config>service>ies>if>sap>ip-tunnel propagate-pmtu-v6)

[Tree] (config>service>vprn>if>sap>ip-tunnel propagate-pmtu-v6)

[Tree] (config>service>vprn>if>sap>ipsec-tunnel propagate-pmtu-v6)

Full Context

configure ipsec tunnel-template propagate-pmtu-v6

configure service vprn interface ipsec ipsec-tunnel propagate-pmtu-v6

configure router interface ipsec ipsec-tunnel propagate-pmtu-v6

configure service ies interface ipsec ipsec-tunnel propagate-pmtu-v6

configure service ies interface sap ip-tunnel propagate-pmtu-v6

configure service vprn interface sap ip-tunnel propagate-pmtu-v6

configure service vprn interface sap ipsec-tunnel propagate-pmtu-v6

Description

This command enables the system to propagate the path MTU learned from public side to private side (IPv6 hosts).

The no form of this command prevents the learned path MTU propagation.

Default

propagate-pmtu-v6

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>route-next-hop-policy>template protection-type)

Full Context

configure router route-next-hop-policy template protection-type

Description

This command configures the protection type constraint into the route next-hop policy template.

The user can select if link protection or node protection is preferred in the selection of an LFA next-hop for all IP prefixes and LDP FEC prefixes to which a route next-hop policy template is applied. The default in SR OS implementation is node protection. The implementation will fall back to the other type if no LFA next-hop of the preferred type is found.

When the route next-hop policy template is applied to an IP interface, all prefixes using this interface as a primary next-hop will follow the protection type preference specified in the template.

The no form deletes the protection type constraint from the route next-hop policy template.

Default

protection-type node

Parameters

{link | node}

Specifies the two possible values for the protection type.

Default

node

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>grpc>gnmi proto-version)

Full Context

configure system grpc gnmi proto-version

Description

This command sets the gnmi.proto version that the GRPC server should use for all gNMI RPCs.

Default

proto-version latest

Parameters

v070

Specifies to use v0.7.0 for gNMI RPCs. Only use this option for backward compatibility with legacy collectors.

latest

Specifies to use the latest gnmi.proto version for gNMI RPCs. The latest version is v0.8.0.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>security>pki>cert-upd-prof protocol)

Full Context

configure system security pki certificate-update-profile protocol

Description

This command configures the protocol to update the certificate.

Default

protocol cmpv2

Parameters

protocol

Specifies the protocol type.

Values

cmpv2, est

profile-name

Specifies the name of the CA or EST profile to be used for the certificate update.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>ipsec>static-sa protocol)

Full Context

configure ipsec static-sa protocol

Description

This command configures the security protocol to use for an IPsec manual SA. The no statement resets to the default value.

Default

protocol esp

Parameters

ipsec-protocol

Identifies the IPsec protocol used with this static SA.

Values

ah — Specifies the Authentication Header protocol.esp — Specifies the Encapsulation Security Payload protocol.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>ipsec>ts-list>remote>entry protocol)

[Tree] (config>ipsec>ts-list>local>entry protocol)

Full Context

configure ipsec ts-list remote entry protocol

configure ipsec ts-list local entry protocol

Description

This command specifies the protocol and port range in the IKEv2 traffic selector.

The SR OS supports OPAQUE ports and port ranges for the following protocols:

• TCP

• UDP

• SCTP

• ICMP

• ICMPv6

• MIPv6

For ICMP and ICMPv6, the port value takes the form icmp-type/icmp-code. For MIPv6, the port value is the mobility header type. For other protocols, only the port any configuration can be used.

Default

no protocol

Parameters

protocol-id

Specifies the protocol ID. The value can be a number, a protocol name, or any.