t Commands – Part II

Context

[Tree] (config>port>tdm tpif)

Full Context

configure port tdm tpif

Description

This command creates an IEEE C37.94 TPIF channel.

The no form of this command deletes the TPIF channel on the port.

Default

no tpif

Platforms

7705 SAR-Hx, 7705 SAR-Mx

Context

[Tree] (traceroute)

Full Context

traceroute

Description

This command determines the route to a destination address. DNS lookups for the responding hosts are enabled by default.

Parameters

candidate-path

Specifies a candidate path of the SRv6 policy to traceroute. The candidate path does not need to be the currently active candidate path.

dest-port-udp-fixed

Specifies that the destination UDP port number should not increment with each packet transmitted. By default, the UDP traceroute starts with destination UDP port 33434 and each subsequent packet sent to this destination UDP port increases by 1. The next packet uses UDP seat port 33435, the next 33436, and so on.

For a UDP test, this parameter prevents the per-transmitted packet increment of the destination UDP port number. The TCP protocol does not increment the destination TCP port, using a single destination TCP port for all traceroute packets for the test.

decode

Perform additional original datagram parsing functions. This parameter must be used with the detail parameter.

detail

Specifies to display additional information about the resulting packet.

distinguisher

Specifies the distinguisher of the SRv6 policy candidate path to send the traceroute probe on. This parameter must be configured if protocol-owner is configured to bgp.

Values

1 to 4294967295

dns-name

Specifies the DNS name, up to 63 characters, of the far-end device on which to send the traceroute request message.

endpoint ipv6-address

Specifies an SRv6 policy for a specific endpoint as the target of the traceroute.

Values

ipv6-address:	x:x:x:x:x:x:x:x
	x:x:x:x:x:x:d.d.d.d
	x:	[0 to FFFF]H
	d:	[0 to 255]D

ip-address

Specifies the far-end IP address on which to send the traceroute request message in dotted decimal notation.

Values

ipv4-address:	a.b.c.d
ipv6-address:	x:x:x:x:x:x:x:x
	x:x:x:x:x:x:d.d.d.d
	x:	[0 to FFFF]H
	d:	[0 to 255]D

max-ttl

Specifies the maximum Time-To-Live (TTL) value to include in the traceroute request, expressed as a decimal integer.

Values

1 to 255

Default

30

milliseconds

Specifies the time in milliseconds to wait for a response to a probe, expressed as a decimal integer.

Values

1 to 60000

Default

5000

min-ttl

Specifies the IP TTL in the initial traceroute packet to target a specific node or starting node along the path.

Values

1 to 255

Default

1

no-dns

Specifies that, when the no-dns keyword is specified, DNS lookups of the responding hosts are not performed, and only the IP addresses are printed.

original-datagram

Parse the returned original datagram including any IPv6 and SRH header information.

pad-size

Specifies the number of bytes added to the UDP or TCP payload.

Values

0 to 9786

Default

0

port-number

Specifies the transport protocol destination port number.

Values

1 to 65535

Default

33434

preference

Specifies the preference of the SRv6 policy candidate path to send the traceroute probe on.

Values

0 to 4294967295

Default

100

probes-per-hop

Specifies the number of probes per hop.

Values

1 to 10

Default

3

protocol-owner

Specifies the protocol owner of the SRv6 policy candidate path to traceroute.

Values

bgp — Specifies a BGP SRv6 policy.

static — Specifies a locally configured static SRv6 policy.

protocol udp | tcp

Sets the transport protocol for the traceroute packet. The TCP protocol is silently discarded on a targeted VRPN service. VPRN services only respond to UDP traceroutes.

Default

udp

router-or-service

Specifies the routing instance or service, by number. The router-instance parameter is the preferred parameter to specify the router or service.

Values

router-name: Base, management, vpls-management

vprn-svc-id: 1 to 2147483647

Default

Base

router-instance

Specifies the preferred method for entering a service name. Stored as the service name, this is the only service-linking function allowed for both mixed-mode and model-driven configuration modes.

Values

router-name: Base, management, vpls-management

vprn-svc-name: up to 64 characters

service-name

Specifies the alias function that allows the service name to be used, converted, and stored as service ID.

source ip-address

Specifies the source IP address to use as the source of the probe packets, in dotted decimal notation. If the IP address is not one of the device’s interfaces, an error is returned.

Values

ipv4-address:	a.b.c.d
ipv6-address:	x:x:x:x:x:x:x:x (eight 16-bit pieces)
	x:x:x:x:x:x:d.d.d.d
	x:	[0 to FFFF]H
	d:	[0 to 255]D

type-of-service

Specifies the Type-of-Service (ToS) bits in the IP header of the probe packets, expressed as a decimal integer.

Values

0 to 255

Default

0

srv6-policy

Keyword to specify that the traceroute probe is applied to an SRv6 policy matching a specific color and endpoint. The traceroute probe may optionally be targeted at a specific segment list of the SRv6 policy. When the segment list is not specified, the traceroute probe is sent on the lowest available segment list.

color-id

Specifies the SRv6 policy color ID.

Values

0 to 4294967295

segment-list

Specifies the SRv6 policy segment list to trace.

Values

1 to 32

Platforms

7705 SAR Gen 2

Output

ICMPv4 Type 3 symbols in CLI, ICMPv6 Type 1 symbols in CLI, and ICMPv6 Type 2 symbols in CLI describe the ICMPv4 Type 3, and the ICMPv6 Type 1 and 2 symbols in the CLI outputs. For references without a symbol in the form !<code>, see www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml.

The following output is an example of traceroute for an IPv4 prefix.

A:node-2# traceroute 192.168.xx.xx4
traceroute to 192.168.xx.xx4, 30 hops max, 40 byte packets
 1  192.168.xx.xx4 0.000 ms  0.000 ms  0.000 ms

The following output is an example of traceroute for an IPv4 prefix resolved to an IPv4 SR policy with ICMP tunneling enabled.

A:node-2# traceroute 11.21.1.6 detail no-dns 
traceroute to 11.21.1.6, 30 hops max, 40 byte packets
  1   1  10.10.11.3  3.36 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =   28303, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =   28306, Exp = 7, TTL =   1, S = 0
             entry  3:  MPLS Label =  524283, Exp = 7, TTL =   1, S = 1
  1   2  10.10.11.3  3.68 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =   28303, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =   28306, Exp = 7, TTL =   1, S = 0
             entry  3:  MPLS Label =  524283, Exp = 7, TTL =   1, S = 1
  1   3  10.10.11.3  4.18 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =   28303, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =   28306, Exp = 7, TTL =   1, S = 0
             entry  3:  MPLS Label =  524283, Exp = 7, TTL =   1, S = 1
  2   1  10.10.10.5  3.77 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =   28506, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =  524283, Exp = 7, TTL =   2, S = 1
  2   2  10.10.10.5  8.02 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =   28506, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =  524283, Exp = 7, TTL =   2, S = 1
  2   3  10.10.10.5  4.72 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =   28506, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =  524283, Exp = 7, TTL =   2, S = 1
  3   1  11.21.1.6  5.33 ms
  3   2  11.21.1.6  4.77 ms
  3   3  11.21.1.6  4.07 ms

The following output is an example of traceroute for an IPv6 prefix resolved to an IPv4 SR policy with ICMP tunneling enabled.

A:node-2# traceroute fc00::b15:106 detail no-dns 
traceroute to fc00::b15:106, 30 hops max, 60 byte packets
  1   1  fc00::a0a:b03  3.41 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =   28303, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =   28306, Exp = 7, TTL =   1, S = 0
             entry  3:  MPLS Label =       2, Exp = 7, TTL =   1, S = 1
  1   2  fc00::a0a:b03  2.58 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =   28303, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =   28306, Exp = 7, TTL =   1, S = 0
             entry  3:  MPLS Label =       2, Exp = 7, TTL =   1, S = 1
  1   3  fc00::a0a:b03  3.90 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =   28303, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =   28306, Exp = 7, TTL =   1, S = 0
             entry  3:  MPLS Label =       2, Exp = 7, TTL =   1, S = 1
  2   1  fc00::a0a:a05  4.65 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =   28506, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =       2, Exp = 7, TTL =   2, S = 1
  2   2  fc00::a0a:a05  4.85 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =   28506, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =       2, Exp = 7, TTL =   2, S = 1
  2   3  fc00::a0a:a05  4.78 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =   28506, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =       2, Exp = 7, TTL =   2, S = 1
  3   1  fc00::b15:106  2.89 ms
  3   2  fc00::b15:106  3.58 ms
  3   3  fc00::b15:106  4.15 ms

The following output is an example of traceroute for an IPv6 prefix resolved to an IPv6 SR-OSPF3 tunnel with ICMP tunneling enabled.

A:node-2# traceroute fc00::b14:106 detail 
traceroute to fc00::b14:106, 30 hops max, 60 byte packets
  1   1  fc00::a0a:402  (fc00::a0a:402)  4.38 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =   29266, Exp = 7, TTL =   1, S = 1
  1   2  fc00::a0a:402  (fc00::a0a:402)  3.42 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =   29266, Exp = 7, TTL =   1, S = 1
  1   3  fc00::a0a:402  (fc00::a0a:402)  4.19 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =   29266, Exp = 7, TTL =   1, S = 1
  2   1  fc00::a0a:904  (fc00::a0a:904)  4.05 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =   29466, Exp = 7, TTL =   1, S = 1
  2   2  fc00::a0a:904  (fc00::a0a:904)  3.62 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =   29466, Exp = 7, TTL =   1, S = 1
  2   3  fc00::a0a:904  (fc00::a0a:904)  4.64 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =   29466, Exp = 7, TTL =   1, S = 1
  3   1  fc00::b14:106  (fc00::b14:106)  3.35 ms
  3   2  fc00::b14:106  (fc00::b14:106)  4.02 ms
  3   3  fc00::b14:106  (fc00::b14:106)  3.30 ms

The following output is an example of traceroute for a label-ipv4 prefix resolved to an IPv6 SR-TE LSP with ICMP tunneling enabled (requires IPv4 system address).

A:node-2# traceroute 11.21.1.1 source 11.21.1.6 detail 
traceroute to 11.21.1.1 from 11.21.1.6, 30 hops max, 40 byte packets
  1   1  10.20.1.4  (10.20.1.4)  4.96 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =  524270, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =  524285, Exp = 7, TTL =   1, S = 0
             entry  3:  MPLS Label =  524236, Exp = 7, TTL =   1, S = 1
  1   2  10.20.1.4  (10.20.1.4)  5.35 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =  524270, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =  524285, Exp = 7, TTL =   1, S = 0
             entry  3:  MPLS Label =  524236, Exp = 7, TTL =   1, S = 1
  1   3  10.20.1.4  (10.20.1.4)  5.43 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =  524270, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =  524285, Exp = 7, TTL =   1, S = 0
             entry  3:  MPLS Label =  524236, Exp = 7, TTL =   1, S = 1
  2   1  10.20.1.2  (10.20.1.2)  4.72 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =  524285, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =  524236, Exp = 7, TTL =   2, S = 1
  2   2  10.20.1.2  (10.20.1.2)  5.71 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =  524285, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =  524236, Exp = 7, TTL =   2, S = 1
  2   3  10.20.1.2  (10.20.1.2)  5.03 ms
         returned MPLS Label Stack Object
            entry  1:  MPLS Label =  524285, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =  524236, Exp = 7, TTL =   2, S = 1
  3   1  11.21.1.1  (11.21.1.1)  3.51 ms
  3   2  11.21.1.1  (11.21.1.1)  3.91 ms
  3   3  11.21.1.1  (11.21.1.1)  3.09 ms

The following output is an example of traceroute for a label-ipv6 prefix resolved to an IPv4 SR-TE LSP with ICMP tunneling enabled.

A:node-2# traceroute fc00::b15:101 detail 
traceroute to fc00::b15:101, 30 hops max, 60 byte packets
  1   1  fc00::a0a:404  (fc00::a0a:404)  3.36 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =  524270, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =  524285, Exp = 7, TTL =   1, S = 0
             entry  3:  MPLS Label =       2, Exp = 7, TTL =   1, S = 1
  1   2  fc00::a0a:404  (fc00::a0a:404)  3.46 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =  524270, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =  524285, Exp = 7, TTL =   1, S = 0
             entry  3:  MPLS Label =       2, Exp = 7, TTL =   1, S = 1
  1   3  fc00::a0a:404  (fc00::a0a:404)  3.77 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =  524270, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =  524285, Exp = 7, TTL =   1, S = 0
             entry  3:  MPLS Label =       2, Exp = 7, TTL =   1, S = 1
  2   1  fc00::a0a:102  (fc00::a0a:102)  4.54 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =  524285, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =       2, Exp = 7, TTL =   2, S = 1
  2   2  fc00::a0a:102  (fc00::a0a:102)  4.70 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =  524285, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =       2, Exp = 7, TTL =   2, S = 1
  2   3  fc00::a0a:102  (fc00::a0a:102)  3.63 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =  524285, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =       2, Exp = 7, TTL =   2, S = 1
  3   1  fc00::b15:101  (fc00::b15:101)  3.40 ms
  3   2  fc00::b15:101  (fc00::b15:101)  3.15 ms
  3   3  fc00::b15:101  (fc00::b15:101)  3.23 ms

The following output is an example of traceroute for a vpn-ipv4 prefix resolved to an IPv6 SR-TE LSP with ICMP tunneling enabled (requires IPv4 system address).

A:node-2# traceroute router-instance "vprn.sr-te.4" 1.0.4.1 source 6.0.4.1 detail 
traceroute to 1.0.4.1 from 6.0.4.1, 30 hops max, 40 byte packets
  1   1  10.20.1.4  (10.20.1.4)  5.03 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =   28462, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =   28261, Exp = 7, TTL =   1, S = 0
             entry  3:  MPLS Label =  524241, Exp = 7, TTL =   1, S = 1
  1   2  10.20.1.4  (10.20.1.4)  4.52 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =   28462, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =   28261, Exp = 7, TTL =   1, S = 0
             entry  3:  MPLS Label =  524241, Exp = 7, TTL =   1, S = 1
  1   3  10.20.1.4  (10.20.1.4)  5.61 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =   28462, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =   28261, Exp = 7, TTL =   1, S = 0
             entry  3:  MPLS Label =  524241, Exp = 7, TTL =   1, S = 1
  2   1  10.20.1.2  (10.20.1.2)  5.38 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =   28262, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =   28261, Exp = 7, TTL =   2, S = 0
             entry  3:  MPLS Label =  524241, Exp = 7, TTL =   2, S = 1
  2   2  10.20.1.2  (10.20.1.2)  5.39 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =   28262, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =   28261, Exp = 7, TTL =   2, S = 0
             entry  3:  MPLS Label =  524241, Exp = 7, TTL =   2, S = 1
  2   3  10.20.1.2  (10.20.1.2)  5.27 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =   28262, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =   28261, Exp = 7, TTL =   2, S = 0
             entry  3:  MPLS Label =  524241, Exp = 7, TTL =   2, S = 1
  3   1  1.0.4.1  (1.0.4.1)  4.09 ms
  3   2  1.0.4.1  (1.0.4.1)  4.47 ms
  3   3  1.0.4.1  (1.0.4.1)  4.13 ms

The following output is an example of traceroute for a vpn-ipv6 prefix resolved to an IPv6 SR-TE LSP with ICMP tunneling enabled.

A:node-2# traceroute router 5004 fc00::100:401 detail 
traceroute to fc00::100:401, 30 hops max, 60 byte packets
  1   1  fc00::a0a:404  (fc00::a0a:404)  5.45 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =   28462, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =   28261, Exp = 7, TTL =   1, S = 0
             entry  3:  MPLS Label =  524241, Exp = 7, TTL =   1, S = 1
  1   2  fc00::a0a:404  (fc00::a0a:404)  5.14 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =   28462, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =   28261, Exp = 7, TTL =   1, S = 0
             entry  3:  MPLS Label =  524241, Exp = 7, TTL =   1, S = 1
  1   3  fc00::a0a:404  (fc00::a0a:404)  5.31 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =   28462, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =   28261, Exp = 7, TTL =   1, S = 0
             entry  3:  MPLS Label =  524241, Exp = 7, TTL =   1, S = 1
  2   1  fc00::a0a:102  (fc00::a0a:102)  4.70 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =   28262, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =   28261, Exp = 7, TTL =   2, S = 0
             entry  3:  MPLS Label =  524241, Exp = 7, TTL =   2, S = 1
  2   2  fc00::a0a:102  (fc00::a0a:102)  5.20 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =   28262, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =   28261, Exp = 7, TTL =   2, S = 0
             entry  3:  MPLS Label =  524241, Exp = 7, TTL =   2, S = 1
  2   3  fc00::a0a:102  (fc00::a0a:102)  5.16 ms
         returned MPLS Label Stack Object
             entry  1:  MPLS Label =   28262, Exp = 7, TTL =   1, S = 0
             entry  2:  MPLS Label =   28261, Exp = 7, TTL =   2, S = 0
             entry  3:  MPLS Label =  524241, Exp = 7, TTL =   2, S = 1
  3   1  fc00::100:401  (fc00::100:401)  5.38 ms
  3   2  fc00::100:401  (fc00::100:401)  4.48 ms
  3   3  fc00::100:401  (fc00::100:401)  4.39 ms

The following output is an example of traceroute for an IPv4 prefix using the tcp and the detail options.

A:node-2# traceroute 192.168.34.2 protocol tcp detail
traceroute to 192.168.34.2, 30 hops max, 40 byte packets
  1   1  192.168.13.2  (192.168.13.2)  0.755 ms
  1   2  192.168.13.2  (192.168.13.2)  0.913 ms
  1   3  192.168.13.2  (192.168.13.2)  0.928 ms
  2   1  192.168.34.2  (192.168.34.2)  1.19 ms (port closed)
  2   2  192.168.34.2  (192.168.34.2)  1.29 ms (port closed)
  2   3  192.168.34.2  (192.168.34.2)  1.59 ms (port closed)

The following output is an example of traceroute for an IPv4 prefix using the tcp and the detail options.

A:node-2# traceroute 192.168.34.2 protocol tcp dest-port 862 detail
traceroute to 192.168.34.2, 30 hops max, 40 byte packets
  1   1  192.168.13.2  (192.168.13.2)  0.915 ms
  1   2  192.168.13.2  (192.168.13.2)  0.861 ms
  1   3  192.168.13.2  (192.168.13.2)  0.825 ms
  2   1  192.168.34.2  (192.168.34.2)  1.42 ms (port open)
  2   2  192.168.34.2  (192.168.34.2)  1.27 ms (port open)
  2   3  192.168.34.2  (192.168.34.2)  1.52 ms (port open)

The following output is an example of traceroute of an SRv6 SID using the decode original-datagram option.

A:node-2# traceroute 2002:abcd:1100:102:1:: detail decode original-datagram probe-count 1 
traceroute to 2002:abcd:1100:102:1::, 30 hops max, 60 byte packets
  1   1  2001:100:4:12::4  (2001:100:4:12::4)  1.23 ms
         Original Datagram
             IPv6 Header, Hop Limit 1, DSCP be
                 SA = 2001:1:1:1::112, DA = 2002:abcd:1100:102:1::
  2   1  2001:100:3:4::3  (2001:100:3:4::3)  2.25 ms
         Original Datagram
             IPv6 Header, Hop Limit 1, DSCP be
                 SA = 2001:1:1:1::112, DA = 2002:abcd:1100:101:1::
             Segment Routing Header SRv6, Segments Left 1
                 Segment_List[0] = 2002:abcd:1100:102:1::
  3   1  2001:100:1:3::1  (2001:100:1:3::1)  3.21 ms
         Original Datagram
             IPv6 Header, Hop Limit 1, DSCP be
                 SA = 2001:1:1:1::112, DA = 2002:abcd:1100:101:1::
             Segment Routing Header SRv6, Segments Left 1
                 Segment_List[0] = 2002:abcd:1100:102:1::
  4   1  2001:1:1:1::102  (2001:1:1:1::102)  9.16 ms
         Original Datagram
             IPv6 Header, Hop Limit 1, DSCP be
                 SA = 2001:1:1:1::112, DA = 2002:abcd:1100:102:1::
             Segment Routing Header SRv6, Segments Left 0
                 Segment_List[0] = 2002:abcd:1100:102:1::

The following output is an example of traceroute of an SRv6 policy.

A:node-2# traceroute srv6-policy color 10 endpoint 6:6:6:6::86 probe-count 1                                 
traceroute srv6-policy color 10 endpoint 6:6:6:6::86, 30 hops max, 60 byte packets (excluding SRH)
  1  fc00::a0a:203 (fc00::a0a:203)    2.76 ms
  2  fc00::a0a:505 (fc00::a0a:505)    5.11 ms
  3  6:6:6:6::86 (6:6:6:6::86)    6.18 ms

The following output is an example of traceroute of an SRv6 policy using the decode original-datagram option.

A:node-2# traceroute srv6-policy color 10 endpoint 6:6:6:6::86 probe-count 1 detail decode original-datagram 
traceroute srv6-policy color 10 endpoint 6:6:6:6::86, 30 hops max, 60 byte packets (excluding SRH)
  1   1  fc00::a0a:203  (fc00::a0a:203)  2.70 ms
         Original Datagram
             IPv6 Header, Hop Limit 1, DSCP be
                 SA = 1:1:1:1::61, DA = 3:3:3:3:0:a::
             Segment Routing Header SRv6, Segments Left 2
                 Segment_List[0] = 6:6:6:6::86
                 Segment_List[1] = 5:5:5:5:0:a::
  2   1  fc00::a0a:505  (fc00::a0a:505)  4.88 ms
         Original Datagram
             IPv6 Header, Hop Limit 1, DSCP be
                 SA = 1:1:1:1::61, DA = 5:5:5:5:0:a::
             Segment Routing Header SRv6, Segments Left 1
                 Segment_List[0] = 6:6:6:6::86
                 Segment_List[1] = 5:5:5:5:0:a::
  3   1  6:6:6:6::86  (6:6:6:6::86)  5.51 ms
         Original Datagram
             IPv6 Header, Hop Limit 1, DSCP be
                 SA = 1:1:1:1::61, DA = 6:6:6:6::86

The following output is an example of traceroute for a candidate path of an SRv6 policy.

A:node-2# traceroute srv6-policy color 20 endpoint fc00::a14:106 probe-count 1 detail candidate-path protocol-owner static distinguisher 126 preference 100 
traceroute srv6-policy color 20 endpoint fc00::a14:106 candidate-path protocol-owner static preference 100 distinguisher 126, 30 hops max, 60 byte packets (excluding SRH)
  1   1  fc00::a0a:203  (fc00::a0a:203)  2.87 ms
  2   1  fc00::a0a:505  (fc00::a0a:505)  4.58 ms
  3   1  fc00::a14:106  (fc00::a14:106)  6.28 ms

Context

[Tree] (config>service>ies>if>ipv6>vrrp traceroute-reply)

Full Context

configure service ies interface ipv6 vrrp traceroute-reply

Description

This command is valid only if the VRRP virtual router instance associated with this entry is a non-owner.

When this command is enabled, a non-owner master can reply to traceroute requests directed to the virtual router instance IP addresses.

A non-owner backup virtual router never responds to such traceroute requests regardless of the trace-route-reply status.

Default

no traceroute-reply

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>ies>if>vrrp traceroute-reply)

Full Context

configure service ies interface vrrp traceroute-reply

Description

This command is valid only if the VRRP virtual router instance associated with this entry is a non-owner.

When this command is enabled, a non-owner master can reply to traceroute requests directed to the virtual router instance IP addresses.

A non-owner backup virtual router never responds to such traceroute requests regardless of the trace-route-reply status.

Default

no traceroute-reply

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>if>ipv6>vrrp traceroute-reply)

[Tree] (config>service>vprn>if>vrrp traceroute-reply)

Full Context

configure service vprn interface ipv6 vrrp traceroute-reply

configure service vprn interface vrrp traceroute-reply

Description

This command is valid only if the VRRP virtual router instance associated with this entry is a non-owner.

When this command is enabled, a non-owner master can reply to traceroute requests directed to the virtual router instance IP addresses.

A non-owner backup virtual router never responds to such traceroute requests regardless of the trace-route-reply status.

Default

no traceroute-reply

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>if>vrrp traceroute-reply)

[Tree] (config>router>if>ipv6>vrrp traceroute-reply)

Full Context

configure router interface vrrp traceroute-reply

configure router interface ipv6 vrrp traceroute-reply

Description

This command is valid only if the VRRP virtual router instance associated with this entry is a non-owner.

When this command is enabled, a non-owner master can reply to traceroute requests directed to the virtual router instance IP addresses.

A non-owner backup virtual router never responds to such traceroute requests regardless of the trace-route-reply status.

Traceroute must not have been disabled at the management security level (either on the parental IP interface or the source host address).

Default

no traceroute-reply

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>pim>if tracking-support)

Full Context

configure service vprn pim interface tracking-support

Description

This command sets the T bit in the LAN Prune Delay option of the Hello Message. This indicates the router's capability to disable Join message suppression.

Default

no tracking-support

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>pim>interface tracking-support)

Full Context

configure router pim interface tracking-support

Description

This command sets the T bit in the LAN Prune Delay option of the Hello Message. This indicates the router's capability to enable join message suppression. This capability allows for upstream routers to explicitly track join membership.

The no form of this command disables tracking support.

Default

no tracking-support

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>isis traffic-engineering)

Full Context

configure router isis traffic-engineering

Description

This command enables this IS-IS instance to advertise TE link attributes for RSVP-TE and SR-TE enabled interfaces.

Default

no traffic-engineering

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>ospf traffic-engineering)

Full Context

configure router ospf traffic-engineering

Description

This command enables the advertisement of the traffic engineering information for the router and its links.

Traffic engineering enables the router to perform route calculations constrained by nodes or links. The traffic engineering of this router are limited to calculations based on link and nodal constraints.

The no form of this command disables the advertisement of the traffic engineering information.

Default

no traffic-engineering

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>isis traffic-engineering-options)

Full Context

configure router isis traffic-engineering-options

Description

Commands in this context configure advanced traffic-engineering options.

The no form of this command deletes the context.

Default

no traffic-engineering-options

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>ospf traffic-engineering-options)

Full Context

configure router ospf traffic-engineering-options

Description

Commands in this context configure the advanced traffic-engineering options.

The no form of this command removes the context to configure the advanced traffic-engineering options.

Default

no traffic-engineering-options

Platforms

7705 SAR Gen 2

Context

[Tree] (config>port transceiver)

Full Context

configure port transceiver

Description

Commands in this context configure transceiver parameters.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>ipsec>trans-mode-prof>dyn transform)

[Tree] (config>service>vprn>if>ipsec>ipsec-tunnel>dyn transform)

[Tree] (config>service>ies>if>ipsec>ipsec-tunnel>dyn transform)

[Tree] (config>ipsec>tnl-temp transform)

[Tree] (config>router>if>ipsec>ipsec-tunnel>dyn transform)

Full Context

configure ipsec ipsec-transport-mode-profile dynamic-keying transform

configure service vprn interface ipsec ipsec-tunnel dynamic-keying transform

configure service ies interface ipsec ipsec-tunnel dynamic-keying transform

configure ipsec tunnel-template transform

configure router interface ipsec ipsec-tunnel dynamic-keying transform

Description

This command associates the IPsec transform sets allowed for this the CHILD_SA. A maximum of four transforms can be specified. The transforms are listed in decreasing order of preference (the first one specified is the most preferred).

The no form of this command removes the transform ID from the configuration.

Default

no transform

Parameters

transform-id

Specifies a number to identify a tranform used for CHILD_SA negotiation. Up to four transform ID can be specified.

Values

1 to 2048

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>if>sap>ipsec-tun>dyn transform)

Full Context

configure service vprn interface sap ipsec-tunnel dynamic-keying transform

Description

This command associates the IPsec transform sets allowed for this tunnel. A maximum of four transforms can be specified. The transforms are listed in decreasing order of preference (the first one specified is the most preferred).

Default

no transform

Parameters

transform-id

Specifies the value used for transforms for dynamic keying.

Values

1 to 2048

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>ttl-propagate transit)

Full Context

configure service vprn ttl-propagate transit

Description

This command overrides the global configuration of the TTL propagation for in transit packets which are forwarded over a MPLS LSPs in a given VPRN service context.

The global configuration is performed under config>router>ttl-propagate>vprn-transit.

The default behavior for a given VPRN instance is to inherit the global configuration for the same command. The user can explicitly set the default behavior by configuring the inherit value.

Default

transit inherit

Parameters

inherit

specifies the TTL propagation behavior is inherited from the global configuration under config>router>ttl-propagate>vprn-transit.

none

specifies the TTL of the IP packet is not propagated into the VC label or labels in the transport label stack.

vc-only

specifies the TTL of the IP packet is propagated into the VC label and not into the labels. in the transport label stack

all

specifies the TTL of the IP packet is propagated into the VC label and all labels in the transport label stack.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>ospf>area>sham-link transit-delay)

[Tree] (config>service>vprn>ospf>area>virtual-link transit-delay)

[Tree] (config>service>vprn>ospf>area>if transit-delay)

[Tree] (config>service>vprn>ospf3>area>if transit-delay)

[Tree] (config>service>vprn>ospf3>area>virtual-link transit-delay)

Full Context

configure service vprn ospf area sham-link transit-delay

configure service vprn ospf area virtual-link transit-delay

configure service vprn ospf area interface transit-delay

configure service vprn ospf3 area interface transit-delay

configure service vprn ospf3 area virtual-link transit-delay

Description

This command configures the estimated time, in seconds, that it takes to transmit a LSA on the interface or virtual link or sham-link.

The no form of this command reverts to the default delay time.

Default

transit-delay 1

Parameters

seconds

The transit delay in seconds expressed as a decimal integer.

Values

0 to 3600

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>ospf>area>virtual-link transit-delay)

[Tree] (config>router>ospf3>area>virtual-link transit-delay)

[Tree] (config>router>ospf>area>interface transit-delay)

[Tree] (config>router>ospf3>area>interface transit-delay)

Full Context

configure router ospf area virtual-link transit-delay

configure router ospf3 area virtual-link transit-delay

configure router ospf area interface transit-delay

configure router ospf3 area interface transit-delay

Description

This command configures the estimated time, in seconds, that it takes to transmit a link state advertisement (LSA) on the interface or virtual link.

The no form of this command reverts to the default delay time.

Default

transit-delay 1

Parameters

seconds

Specifies the transit delay in seconds expressed as a decimal integer.

Values

1 to 1800

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>security>pki>ca-profile>ocsp transmission-profile)

Full Context

configure system security pki ca-profile ocsp transmission-profile

Description

This command specifies the transmission-profile for OCSP. When specified, this configuration overrides the service service-id or service service-name configured in the config>system>security>pki>ca-profile>ocsp context.

The no form of the command removes the profile name from the configuration.

Default

no transmission-profile

Parameters

name

Specifies the file transmission profile name, up to 32 characters.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>security>pki>est-profile transmission-profile)

Full Context

configure system security pki est-profile transmission-profile

Description

This command specifies the transmission profile name created in the config>system file-transmission-profile context for the EST profile.

The no form of the command removes the name from the EST profile configuration.

Default

no transmission-profile

Parameters

name

Specifies the file transmission profile name, up to 32 characters.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>bfd>bfd-template transmit-interval)

Full Context

configure router bfd bfd-template transmit-interval

Description

This command specifies the transmit timer used for BFD packets. If the template is used for a BFD session on an MPLS-TP LSP, then this timer is used for CC packets.

The no form of this command reverts to the default value.

Default

transmit-interval 100

Parameters

transmit-interval

Specifies the transmit interval. The minimum interval that can be configured is hardware dependent.

Values

10 ms to 100,000 ms in 1 ms intervals

Default

10 ms for CPM3 or higher; 1 second for other hardware

Platforms

7705 SAR Gen 2

Context

[Tree] (config>port>ethernet>efm-oam transmit-interval)

Full Context

configure port ethernet efm-oam transmit-interval

Description

This command configures the transmit interval of OAM PDUs.

The no form of this command removes the configuration.

Default

transmit-interval 10 multiplier 5

Parameters

interval

Specifies the transmit interval, in 100 milliseconds.

Values

1 to 600

multiplier

Specifies the multiplier for transmit-interval to set local link down timer.

Values

2 to 5

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>lsp-bfd>tail-end transmit-interval)

Full Context

configure router lsp-bfd tail-end transmit-interval

Description

This command configures the LSP BFD minimum transmit interval for the tail end of LSP BFD sessions.

The no form of this command reverts to the default value.

Default

transmit-interval 1000

Parameters

transmit-interval

Specifies the transmit interval, in milliseconds.

Values

100 to 1000

Default

1000

Platforms

7705 SAR Gen 2

Context

[Tree] (config>port>ethernet>dot1x transmit-period)

Full Context

configure port ethernet dot1x transmit-period

Description

This command configures the period after which the router sends a new EAPOL request message.

The no form of this command returns the value to the default.

Default

transmit-period 30

Parameters

seconds

Specifies the server transmit period in seconds.

Values

1 to 3600

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>snmp transport)

Full Context

configure system snmp transport

Description

This command configures the transport protocol used by the SNMP agent.

The no form of this command removes the transport protocol.

Default

no transport

Parameters

transport-protocol

Specifies the transport protocol.

Values

udp — Keyword to specify UDP only.

tcp — Keyword to specify TCP only.

both — Keyword to specify TCP and UDP.

Default

udp

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>ldp>if-params>ipv6 transport-address)

[Tree] (config>router>ldp>if-params>if>ipv4 transport-address)

[Tree] (config>router>ldp>if-params>ipv4 transport-address)

[Tree] (config>router>ldp>if-params>if>ipv6 transport-address)

Full Context

configure router ldp interface-parameters ipv6 transport-address

configure router ldp interface-parameters interface ipv4 transport-address

configure router ldp interface-parameters ipv4 transport-address

configure router ldp interface-parameters interface ipv6 transport-address

Description

This command configures the transport address to be used when setting up the LDP TCP sessions. The transport address can be configured as interface or system. The transport address can be configured globally (applies to all LDP interfaces) or per interface. The most specific value is used.

With the transport-address command, you can set up the LDP interface to the connection which can be set to the interface address or the system address. However, there can be an issue of which address to use when there are parallel adjacencies. This situation can not only happen with parallel links, it could be a link and a targeted adjacency since targeted adjacencies request the session to be set up only to the system IP address.

The transport-address value should not be interface if multiple interfaces exist between two LDP neighbors. Depending on the first adjacency to be formed, the TCP endpoint is chosen. In other words, if one LDP interface is set up as transport-address interface and another for transport-address system, then, depending on which adjacency was set up first, the TCP endpoint addresses are determined. After that, because the hello contains the LSR ID, the LDP session can be checked to verify that it is set up and then match the adjacency to the session.

For any iLDP interface, as the local-lsr-id parameters is changed to interface, the transport-address configuration loses effectiveness. Since it will be ignored and the iLDP session will always use the relevant interface IP address as transport-address even though system is chosen.

The no form of this command, at the global level, sets the transport address to the default value.

The no form of this command, at the interface level, sets the transport address to the value defined under the global level.

Default

system

Parameters

interface

Specifies the IP interface address is used to set up the LDP session between neighbors. The transport address interface cannot be used if multiple interfaces exist between two neighbors, since only one LDP session is set up between two neighbors.

system

Specifies the system IP address is used to set up the LDP session between neighbors.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>redundancy>multi-chassis>peer>sync transport-encryption)

Full Context

configure redundancy multi-chassis peer sync transport-encryption

Description

Commands in this context configure MCS applications that need to encrypt synchronized states for transportation .

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>bgp>next-hop-res>labeled-routes transport-tunnel)

Full Context

configure router bgp next-hop-resolution labeled-routes transport-tunnel

Description

Commands in this context configure options for the next-hop resolution of BGP labeled routes (VPN-IP and labeled-unicast) using tunnels in TTM. The context allows the selection of different tunnel resolution options for different types of BGP labeled routes: label-unicast IPv4, label-unicast IPv6, and VPN-IP routes (both VPN-IPv4 and VPN-IPv6).

By default (if this context and the resolution options are not configured), these routes resolve only to LDP tunnels.

If the resolution option is explicitly set to disabled, the default binding to LDP tunnel resumes. If resolution is set to any, then any supported tunnel type is allowed and the selection is based on the lowest numerical TTM preference value.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>saa>test trap-gen)

Full Context

configure saa test trap-gen

Description

Commands in this context configure trap generation for the SAA test.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>log>snmp-trap-group trap-target)

Full Context

configure service vprn log snmp-trap-group trap-target

Description

This command adds/modifies a trap receiver and configures the operational parameters for the trap receiver. A trap reports significant events that occur on a network device such as errors or failures.

Before an SNMP trap can be issued to a trap receiver, the log-id, snmp-trap-group, and at least one snmp-trap-group must be configured.

The snmp-trap-group command is used to add or remove a trap receiver from an snmp-trap-group. The operational parameters specified in the command include:

• The IP address of the trap receiver

• The UDP port used to send the SNMP trap

• SNMP version

• SNMP community name for SNMPv1 and SNMPv2c receivers.

• Security name and level for SNMPv3 trap receivers.

A single snmp-trap-group log-id can have multiple trap-receivers. Each trap receiver can have different operational parameters.

An address can be configured as a trap receiver more than once as long as a different port is used for each instance.

To prevent resource limitations, only configure a maximum of 10 trap receivers.

If the same trap-target name port port parameter value is specified in more than one SNMP trap group, each trap destination should be configured with a different notify-community value. This allows a trap receiving an application, such as NMS, to reconcile a separate event sequence number stream for each router event log when multiple event logs are directed to the same IP address and port destination.

The no form of this command removes the SNMP trap receiver from the SNMP trap group.

Default

No SNMP trap targets are defined.

Parameters

name

specifies the name of the trap target up to 28 characters in length

address ip-address

The IP address of the trap receiver in dotted decimal notation. Only one IP address destination can be specified per trap destination group.

Values

ipv4-address	a.b.c.d (host bits must be 0)
ipv6-address	x:x:x:x:x:x:x:x[-interface]
	x:x:x:x:x:x:d.d.d.d[-interface]
	x: [0 to FFFF]H
	d: [0 to 255]D
	interface: 32 characters maximum, mandatory for link local addresses

port

Specifies the destination UDP port used to send traps to the destination, expressed as a decimal integer. Only one port can be specified per trap-target statement. If multiple traps need to be issued to the same address then multiple ports must be configured.

Values

1 to 65535

Default

162

snmpv1 | snmpv2c | snmpv3

Specifies the SNMP version format to use for traps sent to the trap receiver.

The keyword snmpv1 selects the SNMP version 1 format. When specifying snmpv1, the notify-community must be configured for the proper SNMP community string that the trap receiver expects to be present in alarms and traps messages. If the SNMP version is changed from snmpv3 to snmpv1, then the notify-community parameter must be changed to reflect the community string rather than the security-name that is used by snmpv3.

The keyword snmpv2c selects the SNMP version 2c format. When specifying snmpv2c, the notify-community must be configured for the proper SNMP community string that the trap receiver expects to be present in alarms and traps messages. If the SNMP version is changed from snmpv3 to snmpv2c, then the notify-community parameter must be changed to reflect the community string rather than the security-name that is used by snmpv3.

The keyword snmpv3 selects the SNMP version 3 format. When specifying snmpv3, the notify-community must be configured for the SNMP security-name. If the SNMP version is changed from snmpv1 or snmpv2c to snmpv3, then the notify-community parameter must be changed to reflect the security-name rather than the community string used by snmpv1 or snmpv2c.

Pre-existing conditions are checked before the snmpv3SecurityName is accepted. These are:

• The username must be configured.

• The v3 access group must be configured.

• The v3 notification view must be configured.

Values

snmpv1, snmpv2c, snmpv3

Default

snmpv3

notify-community community | security-name

Specifies the community string for snmpv1 or snmpv2c or the snmpv3 security-name. If no notify-community is configured, then no alarms nor traps will be issued for the trap destination. If the SNMP version is modified, the notify-community must be changed to the proper form for the SNMP version.

community

The community string as required by the snmpv1 or snmpv2c trap receiver. Allowed values are any string up to 31 characters, composed of printable, 7-bit ASCII characters. If the string contains special characters (for example, #, $, spaces), the entire string must be enclosed within double quotes.

security-name

The security-name as defined in the config>system>security>user context for SNMP v3. The security-name can be an ASCII string up to 31 characters in length.

security-level {no-auth-no-privacy | auth-no-privacy | privacy}

Specifies the required authentication and privacy levels required to access the views configured on this node when configuring an snmpv3 trap receiver.

The keyword no-auth-no-privacy specifies no authentication and no privacy (encryption) are required.

The keyword auth-no-privacy specifies authentication is required but no privacy (encryption) is required. When this option is configured the security-name must be configured for authentication.

The keyword privacy specifies both authentication and privacy (encryption) is required. When this option is configured the security-name must be configured for authentication and privacy.

Values

no-auth-no-privacy, auth-no-privacy, privacy

Default

no-auth-no-privacy. This parameter can only be configured if SNMPv3 is also configured.

replay

Enable replay of missed events to target. If replay is applied to an SNMP trap target address, the address is monitored for reachability. Reachability is determined by whether or not there is a route in the routing table by which the target address can be reached. Before sending a trap to a target address, the SNMP module asks the PIP module if there is either an in-band or out-of-band route to the target address. If there is no route to the SNMP target address, the SNMP module saves the sequence-id of the first event that will be missed by the trap target. When the routing table changes again so that there is now a route by which the SNMP target address can be reached, the SNMP module replays (for example, retransmits) all events generated to the SNMP notification log while the target address was removed from the route table. Because of route table change convergence time, it is possible that one or more events may be lost at the beginning or end of a replay sequence. The cold-start-wait and route-recovery-wait timers under config>log>app-route-notifications can help reduce the probability of lost events.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>log>snmp-trap-group trap-target)

Full Context

configure log snmp-trap-group trap-target

Description

This command configures a trap receiver and configures the operational parameters for the trap receiver. A trap reports significant events that occur on a network device such as errors or failures.

Before an SNMP trap can be issued to a trap receiver, the log-id, snmp-trap-group and at least one trap-target must be configured.

The trap-target command is used to add/remove a trap receiver from an snmp-trap-group. The operational parameters specified in the command include:

• The IP address of the trap receiver

• The UDP port used to send the SNMP trap

• SNMP version

• SNMP community name for SNMPv1 and SNMPv2c receivers.

• Security name and level for SNMPv3 trap receivers.

A single snmp-trap-group log-id can have multiple trap-receivers. Each trap receiver can have different operational parameters.

An address can be configured as a trap receiver more than once as long as a different port is used for each instance.

To prevent resource limitations, only configure a maximum of 10 trap receivers.

The no form of this command removes the SNMP trap receiver from the SNMP trap group.

Parameters

name

Specifies the name of the trap target, up to 28 characters.

ip-address

Specifies the IP address of the trap receiver in dotted decimal notation. Only one IP address destination can be specified per trap destination group.

Values

ipv4-address	a.b.c.d (host bits must be 0)
ipv6-address	x:x:x:x:x:x:x:x[-interface]
	x:x:x:x:x:x:d.d.d.d[-interface]
	x: [0..FFFF]H
	d: [0..255]D
	interface: 32 characters maximum, mandatory for link local addresses

port

Specifies the destination UDP port used for sending traps to the destination, expressed as a decimal integer. Only one port can be specified per trap-target statement. If multiple traps need to be issued to the same address then multiple ports must be configured.

Default

162

Values

1 to 65535

snmpv1 | snmpv2c | snmpv3

Specifies the SNMP version format to use for traps sent to the trap receiver.

The keyword snmpv1 selects the SNMP version 1 format. When specifying snmpv1, the notify-community must be configured for the proper SNMP community string that the trap receiver expects to be present in alarms and traps messages. If the SNMP version is changed from snmpv3 to snmpv1, then the notify-community parameter must be changed to reflect the community string rather than the security-name that is used by snmpv3.

The keyword snmpv2c selects the SNMP version 2c format. When specifying snmpv2c, the notify-community must be configured for the proper SNMP community string that the trap receiver expects to be present in alarms and traps messages. If the SNMP version is changed from snmpv3 to snmpv2c, then the notify-community parameter must be changed to reflect the community string rather than the security-name that is used by snmpv3.

The keyword snmpv3 selects the SNMP version 3 format. When specifying snmpv3, the notify-community must be configured for the SNMP security-name. The security name is the name of a locally configured user. If the SNMP version is changed from snmpv1 or snmpv2c to snmpv3, then the notify-community parameter must be changed to reflect the security-name rather than the community string used by snmpv1 or snmpv2c.

The following conditions must all be met before traps will be issued using an SNMPv3 trap-target:

The user name must be configured, and must be configured with an snmp group that exists.

The v3 access group must be configured, or be one of the built-in SR OS views.

The v3 notification view must be configured, or be one of the built-in SR OS views.

Default

snmpv3

Values

snmpv1, snmpv2c, snmpv3

community | security-name

Specifies the community string for snmpv1 or snmpv2c or the snmpv3 security-name. If the notify-community is not configured, then no alarms or traps will be issued for the trap destination. If the SNMP version is modified, the notify-community must be changed to the proper form for the SNMP version.

community-name

Specifies the community string as required by the snmpv1 or snmpv2c trap receiver. Allowed values are any string up to 31 characters, composed of printable, 7-bit ASCII characters. If the string contains special characters (for example, #, $, spaces), the entire string must be enclosed within double quotes.

security-name

For SNMPv3 trap targets, specifies the security-name as defined in the config>system> security>user context. The security-name can be an ASCII string up to 31 characters in length.

security-level {no-auth-no-privacy | auth-no-privacy | privacy}

Specifies the required authentication and privacy levels required to access the views configured on this node when configuring an snmpv3 trap receiver.

The keyword no-auth-no-privacy specifies no authentication and no privacy (encryption) are required.

The keyword auth-no-privacy specifies authentication is required but no privacy (encryption) is required. When this option is configured the security-name must be configured for authentication.

The keyword privacy specifies both authentication and privacy (encryption) is required. When this option is configured the security-name must be configured for authentication and privacy.

Default

no-auth-no-privacy. This parameter can only be configured if SNMPv3 is also configured.

Values

no-auth-no-privacy, auth-no-privacy, privacy

replay

Enables the replay of missed events to target. If replay is applied to an SNMP trap target address, the address is monitored for reachability. Reachability is determined by whether or not there is a route in the routing table by which the target address can be reached. Before sending a trap to a target address, the SNMP module asks the PIP module if there is either an in-band or out-of-band route to the target address. If there is no route to the SNMP target address, the SNMP module saves the sequence-id of the first event that will be missed by the trap target. When the routing table changes again so that there is now a route by which the SNMP target address can be reached, the SNMP module replays (for example, retransmits) all events generated to the SNMP notification log while the target address was removed from the route table.

Note:

Due to route table change convergence time, it is possible that one or more events may be lost at the beginning or end of a replay sequence. The cold-start-wait and route-recovery-wait timers under the config>log>app-route-notifications context can help reduce the probability of lost events.

Platforms

7705 SAR Gen 2

Context

[Tree] (tree)

Full Context

tree

Description

This command displays the command hierarchy structure of the current working context.

Parameters

detail

Displays parameter information for each command shown in the tree output.

flat

Displays the full context on each line.

Platforms

7705 SAR Gen 2

Context

[Tree] (debug>router>rip trigger)

Full Context

debug router rip trigger

Description

This command enables debugging for RIP trigger updates.

Parameters

ip-int-name | ip-address

Debugs the RIP updates sent on the neighbor IP address or interface.

Platforms

7705 SAR Gen 2

Context

[Tree] (debug>router>ripng trigger)

Full Context

debug router ripng trigger

Description

This command enables debugging for RIP trigger updates.

Parameters

ip-int-name| ipv6-address

Debugs the RIP updates sent on the neighbor IP address or interface.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>log>event-trigger>event trigger-entry)

Full Context

configure log event-trigger event trigger-entry

Description

This command configures an instance of a trigger for an EHS handler. A trigger entry binds a set of matching criteria for a log event to a particular handler. If the log event occurs in the system and matches the criteria configured in the associated log filter then the handler will be executed.

The no form of this command removes the specified trigger entry.

Parameters

entry-id

Specifies the identifier of the EHS event trigger entry.

Values

1 to 1500

Platforms

7705 SAR Gen 2

Context

[Tree] (config>port>ethernet>efm-oam trigger-fault)

Full Context

configure port ethernet efm-oam trigger-fault

Description

This command configures the appropriate flag field in the Information OAM PDU, bursting three consecutive packets during the off cycle. If the local port state is operational, this command changes the local port state to "Link Up”. If the local port state is not operational, this configuration is installed as an EFM reason to prevent the port from returning to an operationally up state. This command can be used as a precursor to a port shutdown. This terminates the peering relationship without waiting for protocol timeouts, assuming the peer supports the necessary action when it receives the dying gasp or critical event flag setting.

The no form of this command disables this functionality.

Default

no trigger-fault

Parameters

dying-gasp

Keyword to set the dying gasp flag.

critical-event

Keyword to set the critical event flag.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router triggered-policy)

Full Context

configure router triggered-policy

Description

This command triggers route policy re-evaluation.

By default, when a change is made to a policy in the config router policy options context and then committed, the change is effective immediately. There may be circumstances when the changes should or must be delayed; for example, if a policy change is implemented that would affect every BGP peer on a router, the consequences could be dramatic. It is more effective to control changes on a peer by peer basis.

If the triggered-policy command is enabled, and a given peer is established, and you want the peer to remain up, then, in order for a change to a route policy to take effect, a clear command with the soft or soft-inbound option must be used. In other words, when a triggered-policy is enabled, any routine policy change or policy assignment change within the protocol will not take effect until the protocol is reset or a clear command is issued to re-evaluate route policies; for example, clear router bgp neighbor x.x.x.x soft. This keeps the peer up and the change made to a route policy is applied only to that peer, or group of peers.

Default

no triggered-policy

Platforms

7705 SAR Gen 2

Context

[Tree] (config>ipsec>trust-anchor-profile trust-anchor)

Full Context

configure ipsec trust-anchor-profile trust-anchor

Description

This command specifies a CA profile as a trust anchor CA. Up to 8 multiple trust anchors can be specified in a single trust anchor profile.

The no form of this command removes the name from the configuration.

Parameters

ca-profile-name

Specifies the name of the trust anchor profile, up to 32 characters.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>security>tls>trust-anchor-profile trust-anchor)

Full Context

configure system security tls trust-anchor-profile trust-anchor

Description

This command configures a trust anchor with a CA profile used by the TLS profile. Up to eight CA profiles can be configured under the trust anchor. TLS will read the CA profiles one by one to try to authenticate the server certificate.

Parameters

ca-profile-name

Specifies the name of the TLS trust anchor, up to 32 characters.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>ipsec trust-anchor-profile)

Full Context

configure ipsec trust-anchor-profile

Description

This command specifies the trust anchor profile name for the IPsec tunnel or IPsec GW.

Default

no trust-anchor-profile

Parameters

name

Specifies the name of trust anchor profile up to 32 characters.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>if>ipsec>ipsec-tunnel>dyn>cert trust-anchor-profile)

[Tree] (config>service>ies>if>sap>ipsec-gw>cert trust-anchor-profile)

[Tree] (config>router>if>ipsec>ipsec-tunnel>dyn>cert trust-anchor-profile)

[Tree] (config>ipsec>trans-mode-prof>dyn>cert trust-anchor-profile)

[Tree] (config>service>vprn>if>sap>ipsec-gw>cert trust-anchor-profile)

[Tree] (config>service>ies>if>ipsec>ipsec-tunnel>dyn>cert trust-anchor-profile)

Full Context

configure service vprn interface ipsec ipsec-tunnel dynamic-keying cert trust-anchor-profile

configure service ies interface sap ipsec-gw cert trust-anchor-profile

configure router interface ipsec ipsec-tunnel dynamic-keying cert trust-anchor-profile

configure ipsec ipsec-transport-mode-profile dynamic-keying cert trust-anchor-profile

configure service vprn interface sap ipsec-gw cert trust-anchor-profile

configure service ies interface ipsec ipsec-tunnel dynamic-keying cert trust-anchor-profile

Description

This command specifies the name of trust anchor profile used for certificate authentication.

The no form of this command removes the name from the configuration.

Default

no trust-anchor-profile

Parameters

name

Specifies the name of trust anchor profile, up to 32 characters.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>security>tls>client-tls-profile trust-anchor-profile)

[Tree] (config>system>security>tls>server-tls-profile>authenticate-client trust-anchor-profile)

Full Context

configure system security tls client-tls-profile trust-anchor-profile

configure system security tls server-tls-profile authenticate-client trust-anchor-profile

Description

This command assigns the trust anchor used by this TLS profile to authenticate the server or client.

The no form of the command removes the configured trust anchor profile.

Parameters

name

Specifies the name of the trust anchor profile.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>security>tls trust-anchor-profile)

Full Context

configure system security tls trust-anchor-profile

Description

This command configures a trust anchor profile to be used in the TLS profile. The trust anchor is used for authentication of the server certificate.

Parameters

name

Specifies the name of the trust anchor profile, up to 32 characters.

create

Keyword used to create the trust anchor profile.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>if>dhcp trusted)

[Tree] (config>service>vprn>if>dhcp trusted)

[Tree] (config>service>ies>if>dhcp trusted)

Full Context

configure router interface dhcp trusted

configure service vprn interface dhcp trusted

configure service ies interface dhcp trusted

Description

This command enables relaying untrusted packets. According to RFC 3046, DHCP Relay Agent Information Option, a DHCP request where the giaddr is 0.0.0.0 and which contains an Option 82 field in the packet, should be discarded, unless it arrives on a "trusted” circuit. If the trusted mode is enabled on an IP interface, the Relay Agent (the router) modifies the requested giaddr to be equal to the ingress interface and forward the request.

The no form of this command reverts to the default.

Default

no trusted

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vpls>bgp-evpn>mac-duplication trusted-mac-time)

Full Context

configure service vpls bgp-evpn mac-duplication trusted-mac-time

Description

This command determines how long a MAC address needs to stay in the FDB as type learned without being flushed or changed in its type so that the MAC is declared as trusted for the mac-duplication procedures. If the MAC changes from SAP to SAP within the same VPLS service and node, the MAC does not reset its trusted MAC timer.

Default

trusted-mac-time 5

Parameters

range

Specifies the time, in minutes, before the MAC address can be flushed from the FDB.

Values

1 to 15

Platforms

7705 SAR Gen 2

Context

[Tree] (config>ipsec ts-list)

Full Context

configure ipsec ts-list

Description

This command creates a new traffic selector (TS).

The no form of this command removes the list name from the configuration.

Parameters

list-name

Specifies the name of the TS-list.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>security>tech-support ts-location)

Full Context

configure system security tech-support ts-location

Description

The ts-location command is used (along with an automatic system generated file name) when no file-url parameter is provided for the admin tech-support command. If no ts-location is defined then the operator must provide a file-url with the admin tech-support command itself.

The directory specified for the ts-location is not auto-created by SR OS. The operator must ensure that it exists.

See the admin tech-support command for more details about the system generated file name.

Default

no ts-location

Parameters

file-url

Specifies the destination directory for auto-named tech-support files (when no file-url is specified with the admin tech-support command). The file-url for the ts-location must be a directory (no filename or extension). The root directory (for example, cf1:\) is blocked for local compact flash destinations. A sub-directory (for example, cf2:\tech-support) must be used if local cf is the location.

Values

local-url | remote-url
local-url	[cflash-id/][file-path] 200 chars max, including cflash-id
	directory length 99 chars max each
remote-url	[ftp://login:pswd@remote-locn/][file-path]
	247 chars max
	directory length 99 chars max each
remote-locn	[hostname | ipv4-address | "["ipv6-address"]" ]
ipv4-address	a.b.c.d
ipv6-address	x:x:x:x:x:x:x:x[-interface]
	x:x:x:x:x:x:d.d.d.d[-interface]
	x - [0 to FFFF]H
	d - [0 to 255]D
	interface - 32 chars max, for link local addresses
cflash-id	cf1:, cf1-A:, cf1-B:, cf2:, cf2-A:, cf2-B:, cf3:, cf3-A:, cf3-B:

Platforms

7705 SAR Gen 2

Context

[Tree] (config>ipsec>client-db>client ts-negotiation)

Full Context

configure ipsec client-db client ts-negotiation

Description

This command specifies the traffic selector (TS) to be used for tunnel setup.

The no form of this command reverts to the default.

Default

no ts-negotiation

Parameters

list-name

Specifies the TS list used by this tunnel, up to 32 characters.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>if>sap>ipsec-gw ts-negotiation)

[Tree] (config>service>ies>if>sap>ipsec-gw ts-negotiation)

Full Context

configure service vprn interface sap ipsec-gw ts-negotiation

configure service ies interface sap ipsec-gw ts-negotiation

Description

This command enables the IKEv2 traffic selector negotiation with the specified ts-list.

Parameters

list-name

Specifies the ts-list name

Platforms

7705 SAR Gen 2

Context

[Tree] (config>saa>test>type-multi-line>lsp-ping>sr-policy ttl)

[Tree] (config>saa>test>type-multi-line>lsp-ping ttl)

Full Context

configure saa test type-multi-line lsp-ping sr-policy ttl

configure saa test type-multi-line lsp-ping ttl

Description

This command configures a time-to-live value for the MPLS label.

The no form of this command reverts to the default value.

Default

ttl 255

Parameters

label-ttl

Specifies the time-to-live value.

Values

1 to 255

Default

255

Platforms

7705 SAR Gen 2

Context

[Tree] (config>oam-pm>session>ip ttl)

Full Context

configure oam-pm session ip ttl

Description

This command defines the value of the TTL field of the packet header.

The no form of this command restores the default value.

Default

ttl 225

Parameters

time-to-live

Specifies the value to be used in the TTL field.

Values

1 to 255

Default

255

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>ies>if>icmp ttl-expired)

Full Context

configure service ies interface icmp ttl-expired

Description

This command configures the rate Internet Control Message Protocol (ICMP) TTL expired messages are issued by the IP interface.

By default, generation of ICMP TTL expired messages is enabled at a maximum rate of 100 per 10 second time interval.

The no form of this command disables the limiting the rate of TTL expired messages on the router interface and reverts to the default values.

Default

ttl-expired 100 10

Parameters

number

The maximum number of ICMP TTL expired messages to send, expressed as a decimal integer. This parameter must be specified with the seconds parameter.

Values

10 to 2000

seconds

The time frame in seconds used to limit the number of ICMP TTL expired messages that can be issued, expressed as a decimal integer.

Values

1 to 60

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>nw-if>icmp ttl-expired)

[Tree] (config>service>vprn>if>icmp ttl-expired)

Full Context

configure service vprn network-interface icmp ttl-expired

configure service vprn interface icmp ttl-expired

Description

This command configures the rate of Internet Control Message Protocol (ICMP) TTL expired messages are issued by the IP interface.

By default, generation of ICMP TTL expired messages is enabled at a maximum rate of 100 per 10 second time interval.

The no form of this command disables the limiting the rate of TTL expired messages on the router interface.

Default

ttl-expired 100 10

Parameters

number

Specifies the maximum number of ICMP TTL expired messages to send, expressed as a decimal integer. This parameter must be specified with the seconds parameter.

Values

10 to 2000

seconds

Specifies the time frame in seconds used to limit the number of ICMP TTL expired messages that can be issued, expressed as a decimal integer.

Values

1 to 60

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>if>icmp ttl-expired)

Full Context

configure router interface icmp ttl-expired

Description

This command configures the rate that Internet Control Message Protocol (ICMP) Time To Live (TTL) expired messages are issued by the IP interface.

By default, generation of ICMP TTL expired messages is enabled at a maximum rate of 100 per 10 second time interval.

The no form of this command disables the generation of TTL expired messages.

Default

ttl-expired 100 10 — Maximum of 100 TTL expired message in 10 seconds.

Parameters

number

The maximum number of ICMP TTL expired messages to send, expressed as a decimal integer. The seconds parameter must also be specified.

Values

10 to 2000

seconds

The time frame, in seconds, used to limit the number of ICMP TTL expired messages that can be issued, expressed as a decimal integer.

Values

1 to 60

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn ttl-propagate)

Full Context

configure service vprn ttl-propagate

Description

Commands in this context configure TTL propagation for transit and locally generated packets in a given VPRN routing context.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router ttl-propagate)

Full Context

configure router ttl-propagate

Description

Commands in this context configure TTL propagation for transit and locally generated packets in the Global Routing Table (GRT) and VPRN routing contexts

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>bgp>group ttl-security)

[Tree] (config>service>vprn>bgp>group>neighbor ttl-security)

Full Context

configure service vprn bgp group ttl-security

configure service vprn bgp group neighbor ttl-security

Description

Configure TTL security parameters for incoming packets.

Parameters

min-ttl-value

Specifies the minimum TTL value for an incoming BGP packet.

Values

1 to 255

Default

1

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>login-control>ssh ttl-security)

[Tree] (config>router>bgp>group ttl-security)

[Tree] (config>system>login-control>telnet ttl-security)

[Tree] (config>router>bgp>group>neighbor ttl-security)

[Tree] (config>router>ldp>tcp-session-params>peer-transport ttl-security)

Full Context

configure system login-control ssh ttl-security

configure router bgp group ttl-security

configure system login-control telnet ttl-security

configure router bgp group neighbor ttl-security

configure router ldp tcp-session-parameters peer-transport ttl-security

Description

This command configures TTL security parameters for incoming packets. When the feature is enabled, LDP will accept incoming IP packets from a peer only if the TTL value in the packet is greater than or equal to the minimum TTL value configured for that peer. Per-peer-queueing must be enabled in order for TTL protection to operate.

The no form of this command disables TTL security.

Parameters

min-ttl-value

Specifies the minimum TTL value for an incoming BGP packet.

Values

1 to 255

Platforms

7705 SAR Gen 2

Context

[Tree] (debug>ipsec tunnel)

Full Context

debug ipsec tunnel

Description

This command enables debugging for specified IPsec tunnel.

Parameters

ipsec-tunnel-name

Specifies the name of ipsec-tunnel, up to 32 characters.

detail

Displays detailed debug information.

no-dpd-debug

Stops logging IKEv1 and IKEv2 DPD events for less noise during debug.

display-keys

Specifies the IKE-SA and CHILD-SA keys for inclusion in the debug output.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>grpc-tunnel tunnel)

Full Context

configure system grpc-tunnel tunnel

Description

Commands in this context configure gRPC tunnel parameters for the specified tunnel. There can be multiple tunnels to one or more destinations.

The no form of this command removes the specified gRPC tunnel.

Parameters

name

Specifies the tunnel name, up to 32 characters.

create

Keyword used to create a tunnel.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>oam-pm>session>ip tunnel)

Full Context

configure oam-pm session ip tunnel

Description

Commands in this context configure packet tunneling options for the session. This command and the oam-pm session ip forwarding command are mutually exclusive.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>port>ethernet>dot1x tunnel-dot1q)

Full Context

configure port ethernet dot1x tunnel-dot1q

Description

This command configures the tunneling of single tagged (dot1q) dot1x packets arriving on the port. When enabled, the router extracts these packets to the CPM.

The no form of this command disables the tunelling of the dot1q dot 1x packets on the port.

Default

tunnel-dot1q

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>ldp tunnel-down-damp-time)

Full Context

configure router ldp tunnel-down-damp-time

Description

This command specifies the time interval (in s), that LDP waits before posting a tunnel down event to the Tunnel Table Manager (TTM).

When LDP can no longer resolve a FEC and de-activates it, it de-programs the NHLFE in the data path. It will however delay deleting the LDP tunnel entry in the TTM until the tunnel-down-damp-time timer expires. This means users of the LDP tunnel, such as SDPs (all services) and BGP (L3 VPN), will not be notified immediately. Traffic is still blackholed because the forwarding engine NHLFE has been de-programmed.

If the FEC gets resolved before the tunnel-down-damp-time timer expires, then LDP programs the forwarding engine with the new NHLFE and performs a tunnel modify event in TTM updating the dampened entry in TTM with the new NHLFE information. If the FEC does not get resolved and the tunnel-down-damp-time timer expires, LDP posts a tunnel down event to TTM which deletes the LDP tunnel.

When there is an upper layer (user of LDP) which depends of LDP control plane for failover detection then label withdrawal delay and tunnel-down-damp-time options must be set to 0.

An example is pseudowire redundancy where the primary PW does not have its own fast failover detection mechanism and the node depends on LDP tunnel down event to activate the standby PW.

The no form of this command resumes the default value of this command.

Default

no tunnel-down-damp-time (which equals a value of 3 seconds)

Parameters

seconds

Specifies the time interval (in s), that LDP waits before posting a tunnel down event to the Tunnel Table Manager.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vpls tunnel-elmi)

Full Context

configure service vpls tunnel-elmi

Description

This command enables the tunneling of E-LMI packets in a VPLS service. The following must also be true for this command to function:

• the configure port ethernet elmi mode uni-n command is not configured

• the E-LMI packets map to that VPLS service

The no form of this command disables tunneling of the E-LMI packets for a VPLS service.

Default

no tunnel-elmi

Platforms

7705 SAR Gen 2

Context

[Tree] (debug>router>isis tunnel-endpoint)

Full Context

debug router isis tunnel-endpoint

Description

This command enables debugging for an ISIS tunnel endpoint.

The no form of the command disables the debugging.

Parameters

tunnel-spf

Debugs tunnel SPF information.

ip-address

When specified, only packets with the specified address are debugged.

Platforms

7705 SAR Gen 2

Context

[Tree] (debug>router>ospf3 tunnel-endpoint)

[Tree] (debug>router>ospf tunnel-endpoint)

Full Context

debug router ospf3 tunnel-endpoint

debug router ospf tunnel-endpoint

Description

This command enables debugging for OSPF tunnel endpoints.

Parameters

tunnel-spf

Specifies the tunnel SPF IP address.

tunnel-leak

Specifies the tunnel leak IP address.

ip-address

Specifies the IP address.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>sdp tunnel-far-end)

Full Context

configure service sdp tunnel-far-end

Description

This command enables the user to specify an SDP tunnel destination address that is different from the configuration in the SDP far-end option. The SDP must be shutdown first to add or change the configuration of the tunnel-far-end option.

When this option is enabled, service packets are encapsulated using an LDP LSP with a FEC prefix matching the value entered in ip-address. By default, service packets are encapsulated using an LDP LSP with a FEC prefix matching the address entered in the SDP far-end option.

The T-LDP session to the remote PE is still targeted to the address configured under the far-end option. This means that targeted hello messages are sent to the far-end address, which is also the LSR-ID of the remote node. TCP based LDP messages, such as initialization and label mapping messages, are sent to the address specified in the transport-address field of the "hello” message received from the remote PE. This address can be the same as the remote PE LSR-ID, or a different address. This feature works, however, if the signaling option in the SDP is set to off instead of tldp, in which case, the service labels are statically configured.

This feature operates on an SDP of type LDP only. It can be used with VLL, VPLS, and VPRN services when an explicit binding to an SDP with the tunnel-far-end is specified. It also operates with a spoke interface on an IES or VPRN service. Finally, this feature operates with a BGP AD based VPLS service when the use-provisioned-sdp option is enabled in the pseudowire template.

This feature is not supported in an SDP of type MPLS when an RSVP LSP name is configured under the SDP. It also does not work with a mixed-lsp SDP.

The no form of this command disables the use of the tunnel-far-end option and returns to using the address specified in the far-end.

Default

no tunnel-far-end

Parameters

ip-address | ipv6-address

Specifies the system address of the far-end router for the SDP in dotted decimal notation.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>isa tunnel-group)

Full Context

configure isa tunnel-group

Description

This command allows a tunnel group to be created or edited. A tunnel group is a set of one or more MS-ISAs that support the origination and termination of IPsec and IP/GRE tunnels. All of the MS-ISAs in a tunnel group must have isa-tunnel as their configured mda-type.

The no form of this command deletes the specified tunnel group from the configuration

Parameters

tunnel-group-id

Identifies the tunnel group.

Values

1 to 16

isa-scale-mode

Defines the maximum number of tunnels (all types combined) which can be established on each ISA of the tunnel group and for the whole tunnel-group. When it is not explicitly specified, isa-scale-mode has a default value, but that value is different on different platforms.

Values

tunnel-limit-2k, tunnel-limit-32k, tunnel-limit-64k, tunnel-limit-8, tunnel-limit-32

create

Mandatory keyword used when creating tunnel group in the ISA context. The create keyword requirement can be enabled or disabled in the environment>create context.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>redundancy>multi-chassis>peer>mc-ipsec tunnel-group)

Full Context

configure redundancy multi-chassis peer mc-ipsec tunnel-group

Description

This command enables multi-chassis redundancy for specified tunnel-group; or enters an already configured tunnel-group context. The configured tunnel-group could failover independently.

The no form of this command removes the tunnel group ID from the configuration.

Parameters

tunnel-group-id

Specifies the tunnel-group identifier.

Values

1 to 16

Platforms

7705 SAR Gen 2

Context

[Tree] (config>redundancy>multi-chassis>peer>mc-ipsec tunnel-group)

Full Context

configure redundancy multi-chassis peer mc-ipsec tunnel-group

Description

This command enables multi-chassis redundancy for specified tunnel-group; or enters an already configured tunnel-group context. The configured tunnel-group could failover independently.

The no form of this command removes the tunnel group ID from the configuration.

Parameters

tunnel-group-id

Specifies the tunnel-group identifier.

Values

1 to 16

Platforms

7705 SAR Gen 2

Context

[Tree] (config>redundancy>multi-chassis>peer>sync tunnel-group)

Full Context

configure redundancy multi-chassis peer sync tunnel-group

Description

This command enables multi-chassis synchronization of IPsec states of specified tunnel-groups with a peer. The sync-tag parameter is used to match corresponding tunnel-group on both peers. IPsec states will be synchronized between tunnel-groups with same sync-tag.

Parameters

tunnel-group-id

Specifies the ID of the tunnel group.

tag-name

Specifies the name of the sync-tag.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>redundancy>multi-chassis>ipsec-domain tunnel-group)

Full Context

configure redundancy multi-chassis ipsec-domain tunnel-group

Description

This command specifies the tunnel group ID for the IPsec domain.

The no form of this command removes the tunnel group ID from the configuration.

Default

no tunnel-group

Parameters

tunnel-group-id

Specifies the tunnel group ID, up to 64 characters.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router tunnel-interface)

Full Context

configure router tunnel-interface

Description

This command creates a tunnel interface associated with an RSVP P2MP LSP. IPv4 multicast packets are forwarded over the P2MP LSP at the ingress LER based on a static join configuration of the multicast group against the tunnel interface associated with the originating P2MP LSP. At the egress LER, packets of a multicast group are received from the P2MP LSP via a static assignment of the specific <S,G> to the tunnel interface associated with a terminating LSP.

At ingress LER, the tunnel interface identifier consists of a string of characters representing the LSP name for the RSVP P2MP LSP. The user can create one or more tunnel interfaces and associate each to a different RSVP P2MP LSP.

At egress LER, the tunnel interface identifier consists of a couple of string of characters representing the LSP name for the RSVP P2MP LSP followed by the system address of the ingress LER. The LSP name must correspond to a P2MP LSP name configured by the user at the ingress LER. The LSP name string must not contain "::” (two :s) nor contain a ":” (single ":”) at the end of the LSP name. However, a ":” (single ":”) can appear anywhere in the string except at the end of the name.

Parameters

rsvp-p2mp lsp-name

Specifies the LSP. The LSP name can be up to 32 characters long and must be unique.

ldp-p2mp p2mp-id

Identifier used for signaling MLDP P2MP LSP.

Values

1 to 4294967296 (on leaf node)

1 to 8192 (on root node)

sender sender-address

Specifies the sender IP address: a.b.c.d.

Platforms

7705 SAR Gen 2

Context

[Tree] (debug>router>pim tunnel-interface)

Full Context

debug router pim tunnel-interface

Description

This command enables debugging for PIM tunnel interfaces.

The no form of this command disables debugging for PIM tunnel interfaces.

Parameters

lsp-name

Specifies the LSP for RSVP P2MP.

ip-address

Specifies the IP address of the sender.

p2mp-id

Specifies the P2MP ID for LDP P2MP.

detail

Displays detailed information for PIM tunnel interfaces.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>isa tunnel-member-pool)

Full Context

configure isa tunnel-member-pool

Description

Commands in this context configure associated ESA VM and MDAs.

The no form of this command removes the pool name from the configuration.

Parameters

name

Specifies the tunnel member pool name of the command, up to 32 characters.

create

Keyword used to create the command instance.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>isis>segment-routing tunnel-mtu)

Full Context

configure router isis segment-routing tunnel-mtu

Description

This command configures the MTU of all SR tunnels within each IGP instance.

The MTU of a SR tunnel populated into TTM is determined like in the case of an IGP tunnel; for example, LDP LSP, based on the outgoing interface MTU minus the label stack size. Remote LFA can add, at most, one more label to the tunnel for a total of two labels. There is no default value for this command. If the user does not configure an SR tunnel MTU, the MTU is determined by IGP as explained below.

The MTU of the SR tunnel in bytes is then determined as follows:

SR_Tunnel_MTU = MIN {Cfg_SR_MTU, IGP_Tunnel_MTU- (1+frr-overhead)*4}

Where:

Cfg_SR_MTU is the MTU configured by the user for all SR tunnels within a given IGP instance using the above CLI. If no value was configured by the user, the SR tunnel MTU will be determined by the IGP interface calculation explained next.

IGP_Tunnel_MTU is the minimum of the IS-IS or OSPF interface MTU among all the ECMP paths or among the primary and LFA backup paths of this SR tunnel.

frr-overhead is set to 1 if segment-routing and remote-lfa options are enabled in the IGMP instance. Otherwise, it is set to 0.

The SR tunnel MTU is dynamically updated anytime any of the above parameters used in its calculation changes. This includes when the set of the tunnel next-hops changes or the user changes the configured SR MTU or interface MTU value.

Default

no tunnel-mtu

Parameters

bytes

Specifies the size of the Maximum Transmission Unit (MTU) in bytes.

Values

512 to 9786

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>ospf>segm-rtng tunnel-mtu)

Full Context

configure router ospf segment-routing tunnel-mtu

Description

This command configures the MTU of all SR tunnels within each IGP instance.

The MTU of a SR tunnel populated into the TTM is determined as the same as an IGP tunnel; for example, for an LDP LSP, based on the outgoing interface MTU minus the label stack size. Remote LFA can add, at most, one more label to the tunnel for a total of two labels. There is no default value for this command. If the user does not configure an SR tunnel MTU, the MTU will be determined by IGP as follows:

The MTU of the SR tunnel in bytes is then determined as follows:

SR_Tunnel_MTU = MIN {Cfg_SR_MTU, IGP_Tunnel_MTU- (1+frr—overhead)X4}

Where:

• Cfg_SR_MTU is the MTU configured by the user for all SR tunnels within an IGP instance using the tunnel-mtu command. If no value is configured by the user, the SR tunnel MTU is determined by the IGP interface calculation explained in the next bullet point.

• IGP_Tunnel_MTU is the minimum of the IS-IS or OSPF interface MTU among all the ECMP paths or among the primary and LFA backup paths of this SR tunnel.

• frr-overhead is set to 1 if the segment-routing and remote-lfa options are enabled in the IGMP instance. Otherwise, it is set to 0.

The SR tunnel MTU is dynamically updated whenever any of the above parameters used in its calculation changes. This includes if the set of the tunnel next-hops changes or the user changes the configured SR MTU or interface MTU value.

Default

no tunnel-mtu

Parameters

bytes

Specifies the size of the MTU in bytes.

Values

512 to 9786

Platforms

7705 SAR Gen 2

Context

[Tree] (cfg>port>eth>lldp>dstmac tunnel-nearest-bridge)

Full Context

configure port ethernet lldp dest-mac tunnel-nearest-bridge

Description

This command allows LLDP packets received on the port with the destination address of the nearest bridge to be tunneled without being intercepted on the local port. The dest-mac nearest-bridge must be disabled for tunneling to occur. This is applicable to NULL SAP Epipe and VPLS services only.

Default

no tunnel-nearest-bridge

Platforms

7705 SAR Gen 2

Context

[Tree] (config>lag>lldp-member-template>dstmac tunnel-nearest-bridge)

Full Context

configure lag lldp-member-template dest-mac tunnel-nearest-bridge

Description

This command allows LLDP packets received on the port with the destination address of the nearest bridge to be tunneled without being intercepted on the local port. The dest-mac nearest-bridge must be disabled for tunneling to occur. This is applicable to NULL SAP Epipe and VPLS services only.

The no form of this command disables the packets from being tunneled.

Default

no tunnel-nearest-bridge

Platforms

7705 SAR Gen 2

Context

[Tree] (config>port>ethernet>lldp>dest-mac tunnel-nearest-customer)

Full Context

configure port ethernet lldp dest-mac tunnel-nearest-customer

Description

This command enables tunneling of LLDP packets received on the port with the destination address of the nearest customer, without being intercepted on the local port. The dest-mac nearest-customer command must be disabled for tunneling to occur.

The no form of this command disables nearest customer tunneling.

Default

tunnel-nearest-customer

Platforms

7705 SAR Gen 2

Context

[Tree] (config>port>ethernet>lldp>dest-mac tunnel-nearest-non-tpmr)

Full Context

configure port ethernet lldp dest-mac tunnel-nearest-non-tpmr

Description

This command enables tunneling of LLDP packets received on the port with the destination address of the nearest non-TPMR, without being intercepted on the local port. The dest-mac nearest-non-tpmr command must be disabled for tunneling to occur.

The no form of this command disables the use of the nearest non-TPMR tunnel.

Default

tunnel-nearest-non-tpmr

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>static-route-entry>indirect tunnel-next-hop)

Full Context

configure router static-route-entry indirect tunnel-next-hop

Description

Commands in this context configure the static route's nexthop to be resolved to an indirect tunnel next-hop.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>isis>igp-shortcut tunnel-next-hop)

Full Context

configure router isis igp-shortcut tunnel-next-hop

Description

Commands in this context configure the resolution of IGP IPv4 prefix families, IGP IPv6 prefix families, SR-ISIS IPv4 tunnel families, SR-ISIS IPv6 tunnel families, and SR-OSPF IPv4 tunnel families using IGP shortcuts.

The resolution node is introduced to provide flexibility in the selection of the tunnel types for each of the IP prefix and SR tunnel families.

The IPv4 family option causes the IS-IS or OSPF SPF to include the IPv4 IGP shortcuts in the IP reach calculation of IPv4 nodes and prefixes. RSVP-TE or SR-TE LSPs terminating on a node identified by its router ID can be used to reach IPv4 prefixes owned by this node or for which this node is the IPv4 next hop.

The IPv6 family option causes the IS-IS or OSPFv3 SPF to include the IPv4 IGP shortcuts in the IP reach calculation of IPv6 nodes and prefixes. RSVP-TE or SR-TE LSPs terminating on a node identified by its router ID can be used to reach IPv6 prefixes owned by this node or for which this node is the IPv6 next-hop. The resolution of IPv6 prefixes is supported in OSPFv3 and in both IS-IS MT=0 and MT=2.

The IS-IS and OSPFv3 IPv6 routes resolved to IPv4 IGP shortcuts are used to:

• forward packets of IS-IS or OSPFv3 prefixes matching these routes

• forward CPM-originated IPv6 packets

• resolve the BGP next hop of BGP IPv6 prefixes

• resolve the indirect next hop of static IPv6 routes

In the data path, a packet for an IPv6 prefix has a label stack that consists of the IPv6 Explicit-Null label value of 2 at the bottom of the label stack followed by the label stack of the IPv4 RSVP-TE LSP.

There is no default behavior for IPv4 prefixes to automatically resolve to RSVP-TE or SR-TE LSPs used as IGP shortcuts by only enabling the igp-shortcut context. Instead, the user must enable the ipv4 family or ipv6 family and set the resolution to the value of rsvp-te to select the RSVP-TE tunnel type, or to the value of sr-te to select the SR-TE tunnel type.

Setting the resolution to the any value means that IGP selects the tunnels used as IGP shortcuts according to the TTM preference for the tunnel type. The RSVP-TE LSP type is of higher priority than the SR-TE LSP type.

An IP prefix of family=ipv4 or family=ipv6 always resolves to a single type of tunnel rsvp-te or sr-te. Rsvp-te type is preferred if both types are allowed by the prefix family resolution and both types exist in the set of tunnel next-hops of the prefix. The feature does not support mixing tunnel types per prefix.

If resolution for the IPv4 or IPv6 family is set to disabled, the corresponding prefixes are resolved to IP next-hops in the multicast routing table.

The srv4 family enables the resolution of SR-OSPF IPv4 tunnels and SR-ISIS IPv4 tunnels in MT=0 over RSVP-TE IPv4 IGP shortcuts. A maximum of 32 ECMP tunnel next-hops can be programmed for an SR-OSPF or an SR-ISIS IPv4 tunnel.

The srv6 family enables the resolution of SR-ISIS IPv6 tunnels in MT=0 over RSVP-TE IPv4 IGP shortcuts. A maximum of 32 ECMP tunnel next-hops can be programmed for an SR-ISIS IPv6 tunnel.

One or more RSVP-TE LSPs can be selected if resolution=match-family-ip and the corresponding IPv4 or IPv6 prefix resolves to RSVP-TE LSPs.

If resolution for the SRv4 or SRv6 tunnel family is set to disabled, the corresponding tunnels are resolved to IP next-hops in the multicast routing table.

To enable (disable) IGP shortcuts in the IGP instance, the user must perform a shutdown or no shutdown in the igp-shortcut context.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>ospf3>igp-shortcut tunnel-next-hop)

[Tree] (config>router>ospf>igp-shortcut tunnel-next-hop)

Full Context

configure router ospf3 igp-shortcut tunnel-next-hop

configure router ospf igp-shortcut tunnel-next-hop

Description

Commands in this context configure the resolution of IGP IPv4 prefix families, IGP IPv6 prefix families, SR-ISIS IPv4 tunnel families, SR-ISIS IPv6 tunnel families, and SR-OSPF IPv4 tunnel families using IGP shortcuts.

The resolution node is introduced to provide flexibility in the selection of the tunnel types for each of the IP prefix and SR tunnel families.

The IPv4 family option causes the IS-IS or OSPF SPF to include the IPv4 IGP shortcuts in the IP reach calculation of IPv4 nodes and prefixes. RSVP-TE or SR-TE LSPs terminating on a node identified by its router ID can be used to reach IPv4 prefixes owned by this node or for which this node is the IPv4 next hop.

The IPv6 family option causes the IS-IS or OSPFv3 SPF to include the IPv4 IGP shortcuts in the IP reach calculation of IPv6 nodes and prefixes. RSVP-TE or SR-TE LSPs terminating on a node identified by its router ID can be used to reach IPv6 prefixes owned by this node or for which this node is the IPv6 next hop. The resolution of IPv6 prefixes is supported in OSPFv3 and in both IS-IS MT=0 and MT=2.

The IS-IS and OSPFv3 IPv6 routes resolved to IPv4 IGP shortcuts are used to:

• forward packets of IS-IS or OSPFv3 prefixes matching these routes

• forward CPM-originated IPv6 packets

• resolve the BGP next hop of BGP IPv6 prefixes

• resolve the indirect next hop of static IPv6 routes

In the data path, a packet for an IPv6 prefix has a label stack that consists of the IPv6 Explicit-Null label value of 2 at the bottom of the label stack followed by the label stack of the IPv4 RSVP-TE LSP.

There is no default behavior for IPv4 prefixes to automatically resolve to RSVP-TE or SR-TE LSPs used as IGP shortcuts by only enabling the igp-shortcut context. Instead, the user must enable the ipv4 family or ipv6 family and set the resolution to the value of rsvp-te to select the RSVP-TE tunnel type, or to the value of sr-te to select the SR-TE tunnel type.

Setting the resolution to the any value means that IGP selects the tunnels used as IGP shortcuts according to the TTM preference for the tunnel type. The RSVP-TE LSP type is of higher priority than the SR-TE LSP type.

An IP prefix of family=ipv4 or family=ipv6 always resolves to a single type of tunnel rsvp-te or sr-te. Rsvp-te type is preferred if both types are allowed by the prefix family resolution and both types exist in the set of tunnel next-hops of the prefix. The feature does not support mixing tunnel types per prefix.

If resolution for the IPv4 or IPv6 family is set to disabled, the corresponding prefixes are resolved to IP next-hops in the multicast routing table.

The srv4 family enables the resolution of SR-OSPF IPv4 tunnels and SR-ISIS IPv4 tunnels in MT=0 over RSVP-TE IPv4 IGP shortcuts. A maximum of 32 ECMP tunnel next-hops can be programmed for an SR-OSPF or an SR-ISIS IPv4 tunnel.

The srv6 family enables the resolution of SR-ISIS IPv6 tunnels in MT=0 over RSVP-TE IPv4 IGP shortcuts. A maximum of 32 ECMP tunnel next-hops can be programmed for an SR-ISIS IPv6 tunnel.

One or more RSVP-TE LSPs can be selected if resolution=match-family-ip and the corresponding IPv4 or IPv6 prefix resolves to RSVP-TE LSPs.

If resolution for the SRv4 or SRv6 tunnel family is set to disabled, the corresponding tunnels are resolved to IP next-hops in the multicast routing table.

To enable or disable IGP shortcuts in the IGP instance, the user must perform a shutdown or no shutdown in the igp-shortcut context.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>port>ethernet>dot1x tunnel-qinq)

Full Context

configure port ethernet dot1x tunnel-qinq

Description

This command configures the tunneling of double tagged (QinQ) dot1x packets. When enabled, the router extracts the packets to the CPM.

The no form of this command disables the tunelling of the QinQ dot1x packets on the port.

Default

tunnel-qinq

Platforms

7705 SAR Gen 2

Context

[Tree] (debug>router>ip tunnel-table)

Full Context

debug router ip tunnel-table

Description

This command enables debugging for tunnel tables.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>ldp tunnel-table-pref)

Full Context

configure router ldp tunnel-table-pref

Description

This command configures the tunnel table preference for LDP tunnel type away from its default value.

The tunnel table preference applies to the next-hop resolution of BGP routes of the following families: EVPN, IPv4, IPv6, VPN-IPv4, VPN-IPv6, label-IPv4, and label-IPv6 in the tunnel table.

This feature does not apply to a VPRN, VPLS, or VLL service with explicit binding to an SDP that enabled the mixed-lsp-mode option. The tunnel preference in such an SDP is fixed and is controlled by the service manager. The configuration of the tunnel table preference parameter does not modify the behavior of such an SDP and the services that bind to it.

It is recommended to not set two or more tunnel types to the same preference value. In such a situation, the tunnel table prefers the tunnel type which was first introduced in SR OS implementation historically.

The no form of this command reverts to the default value.

Default

tunnel-table-pref 9

Parameters

preference

Specifies the preference value.

Values

1 to 255

Default

9

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>mpls tunnel-table-pref)

Full Context

configure router mpls tunnel-table-pref

Description

Commands in this context configure the tunnel table preference for RSVP-TE LSP and SR-TE LSP tunnel types.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>isis>segment-routing tunnel-table-pref)

Full Context

configure router isis segment-routing tunnel-table-pref

Description

This command configures the TTM preference of SR tunnels created by the IGP instance. This is used in the case of BGP shortcuts, VPRN auto-bind, or BGP transport tunnel when the new tunnel binding commands are configured to the any value which parses the TTM for tunnels in the protocol preference order. The user can choose to either go with the global TTM preference or list explicitly the tunnel types they want to use. When they list the tunnel types explicitly, the TTM preference will still be used to select one type over the other. In both cases, a fallback to the next preferred tunnel type is performed if the selected one fails. Also, a reversion to a more preferred tunnel type is performed as soon as one is available.

The segment routing module adds to TTM a SR tunnel entry for each resolved remote node SID prefix and programs the data path with the corresponding LTN with the push operation pointing to the primary and LFA backup NHLFEs.

The default preference for SR tunnels in the TTM is set lower than LDP tunnels but higher than BGP tunnels to allow controlled migration of customers without disrupting their current deployment when they enable segment routing. The following is the setting of the default preference of the various tunnel types. This includes the preference of SR tunnels based on shortest path (referred to as SR-ISIS and SR-OSPF).

The global default TTM preference for the tunnel types is as follows:

• ROUTE_PREF_RSVP 7

• ROUTE_PREF_SR_TE 8

• ROUTE_PREF_LDP 9

• ROUTE_PREF_OSPF_TTM 10

• ROUTE_PREF_ISIS_TTM 11

• ROUTE_PREF_BGP_TTM 12

• ROUTE_PREF_GRE 255

The default value for SR-ISIS or SR-OSPF is the same regardless if one or more IS-IS or OSPF instances programmed a tunnel for the same prefix. The selection of a SR tunnel in this case will be based on lowest IGP instance-id.

It is recommended to not set two or more tunnel types to the same preference value. In such a situation, the tunnel table prefers the tunnel type which was first introduced in SR OS implementation historically.

Default

tunnel-table-pref 11

Parameters

preference

Specifies the integer value to represent the preference of IS-IS or OSPF SR tunnels in TTM.

Values

1 to 255

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>ospf>segm-rtng tunnel-table-pref)

Full Context

configure router ospf segment-routing tunnel-table-pref

Description

This command configures the TTM preference of shortest path SR tunnels created by the IGP instance. This is used for BGP shortcuts, VPRN auto-bind, or BGP transport tunnel when the tunnel binding commands are configured to the any value, which parses the TTM for tunnels in the protocol preference order. The user can choose to either accept the global TTM preference or explicitly list the tunnel types they want to use. If the user lists the tunnel types explicitly, the TTM preference is still used to select one type over the other. In both cases, a fallback to the next preferred tunnel type is performed if the selected type fails. A reversion to a more preferred tunnel type is performed as soon as one is available.

The segment routing module adds to the TTM an SR tunnel entry for each resolved remote node SID prefix and programs the data path having the corresponding LTN with the push operation pointing to the primary and LFA backup NHLFEs.

The default preference for shortest path SR tunnels in the TTM is set lower than LDP tunnels but higher than BGP tunnels to allow controlled migration of customers without disrupting their current deployment when they enable segment routing. The following is the value of the default preference for the various tunnel types. This includes the preference of SR tunnels based on shortest path (referred to as SR-ISIS and SR-OSPF).

The global default TTM preference for the tunnel types is as follows:

• ROUTE_PREF_RSVP 7

• ROUTE_PREF_SR_TE 8

• ROUTE_PREF_LDP 9

• ROUTE_PREF_OSPF_TTM 10

• ROUTE_PREF_ISIS_TTM 11

• ROUTE_PREF_BGP_TTM 12

• ROUTE_PREF_GRE 255

The default value for SR-ISIS or SR-OSPF is the same regardless if one or more IS-IS or OSPF instances programmed a tunnel for the same prefix. The selection of a SR tunnel in this case will be based on the lowest IGP instance ID. Similarly, IPv6 SR-ISIS and SR-OSPF3 tunnels are programmed into TTMv6 with the same default preference value as IPv4 SR-ISIS and IPv4 SR-OSPF respectively.

It is recommended to not set two or more tunnel types to the same preference value. In such a situation, the tunnel table prefers the tunnel type which was first introduced in SR OS implementation historically.

Default

tunnel-table-pref 10

Parameters

preference

Specifies the integer value to represent the preference of IS-IS, OSPF, or OSPF3 SR tunnels in the TTM.

Values

1 to 255

Platforms

7705 SAR Gen 2

Context

[Tree] (config>ipsec>client-db>client tunnel-template)

Full Context

configure ipsec client-db client tunnel-template

Description

This command specifies the tunnel template to be used for tunnel setup.

The no form of this command reverts to the default.

Default

no tunnel-template

Parameters

tunnel-template-id

Specifies the identifier of the tunnel template.

Values

1 to 2048

Platforms

7705 SAR Gen 2

Context

[Tree] (config>ipsec tunnel-template)

Full Context

configure ipsec tunnel-template

Description

This command creates a tunnel template. Up to 2000 templates are allowed.

Parameters

ipsec-template-identifier

Specifies the template identifier.

Values

1 to 2048

create

Mandatory keyword used when creating a tunnel-template in the IPsec context. The create keyword requirement can be enabled or disabled in the environment>create context.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>port>ethernet>dot1x tunneling)

Full Context

configure port ethernet dot1x tunneling

Description

This command enables the tunneling of untagged 802.1x frames received on a port and is supported only when dot1x port-control is set to force-auth. 802.1x tunneling is applicable to both Epipe and VPLS services using either a null SAP or a default SAP on a dot1q port. When configured, untagged 802.1x frames will be switched into the service with the corresponding supported SAP.

The no form of this command disables tunneling of untagged 802.1x frames.

Default

no tunneling

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>ldp>targ-session>peer tunneling)

[Tree] (config>router>ldp>targ-session>peer-template tunneling)

Full Context

configure router ldp targeted-session peer tunneling

configure router ldp targeted-session peer-template tunneling

Description

This command enables LDP over tunnels.

The no form of this command disables tunneling.

Default

no tunneling

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>ldp>targ-session>auto-rx>ipv4 tunneling)

[Tree] (config>router>ldp>targ-session>auto-tx>ipv4 tunneling)

Full Context

configure router ldp targeted-session auto-rx ipv4 tunneling

configure router ldp targeted-session auto-tx ipv4 tunneling

Description

This command enables the local system to use the targeted LDP session to send FEC/label bindings that it has advertised to other LDP peers. For LDP rLFA, the source node requires the PQ node's label binding information in order to reach the destination. Therefore, this command must be enabled for the auto-rx context. However, because auto-rx has lower precedence, tunneling must be enabled under the auto-tx command, in case auto-rx is in a no shutdown state on the same system.

The no form of this command disables the local system from sending FEC/label bindings.

Default

no tunneling

Platforms

7705 SAR Gen 2

Context

[Tree] (config>port>ethernet>efm-oam tunneling)

Full Context

configure port ethernet efm-oam tunneling

Description

This command enables EFM OAM PDU tunneling, which allows a port mode Epipe SAP to pass OAM frames through the pipe to the far end.

The no form of this command disables tunneling.

Default

no tunneling

Platforms

7705 SAR Gen 2

Context

[Tree] (config>test-oam twamp)

Full Context

configure test-oam twamp

Description

This command enables TWAMP functionality.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>oam-pm>session>ip twamp-light)

Full Context

configure oam-pm session ip twamp-light

Description

This command assigns an identifier to the TWAMP Light test and creates the individual test.

The no form of this command removes the TWAMP Light test function from the OAM-PM session.

Parameters

test-id

Specifies the value of the 4-byte local test identifier not sent in the TWAMP Light packets.

Values

0 to 2147483647 | auto

auto - automatically assigns a test-id

create

Creates the test.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router twamp-light)

[Tree] (config>test-oam>twamp twamp-light)

[Tree] (config>service>vprn twamp-light)

Full Context

configure router twamp-light

configure test-oam twamp twamp-light

configure service vprn twamp-light

Description

Commands in this context configure TWAMP Light parameters.

Platforms

7705 SAR Gen 2

Context

[Tree] (oam>eth-cfm two-way-delay-test)

Full Context

oam eth-cfm two-way-delay-test

Description

This command issues an ETH-CFM two-way delay test.

Parameters

mac-address

Specifies a unicast destination MAC address.

Values

xx:xx:xx:xx:xx:xx or xx-xx-xx-xx-xx-xx

remote-mepid mep-id

Specifies the remote MEP ID of the peer within the association. The domain and association information are derived from the source mep for the session. The Layer 2 IEEE MAC address is resolved from previously-learned remote MAC addressing, derived from the reception and processing of the ETH-CC PDU. The local MEP must be administratively enabled.

Values

1 to 8191

mep mep-id

Specifies the local MEP ID.

Values

1 to 8191

md-index

Specifies the MD index.

Values

1 to 4294967295

ma-index

Specifies the MA index.

Values

1 to 4294967295

priority

Specifies the priority.

Values

0 to 7

Default

7

Platforms

7705 SAR Gen 2

Context

[Tree] (oam>eth-cfm two-way-slm-test)

Full Context

oam eth-cfm two-way-slm-test

Description

This command configures an Ethernet CFM two-way SLM test in SAA.

Parameters

mac-address

Specifies a unicast destination MAC address in the format xx:xx:xx:xx:xx:xx or xx-xx-xx-xx-xx-xx.

remote-mepid mep-id

Specifies the remote MEP ID of the peer within the association. The domain and association information are derived from the source MEP for the session. The Layer 2 IEEE MAC address is resolved from previously-learned remote MAC addressing, derived from the reception and processing of the ETH-CC PDU. The local MEP must be administratively enabled.

Values

1 to 8191

mep mep-id

Specifies the local MEP ID.

Values

1 to 8191

md-index

Specifies the MD index.

Values

1 to 4294967295

ma-index

Specifies the MA index.

Values

1 to 4294967295

priority

Specifies the priority.

Values

0 to 7

Default

7

send-count

Specifies the number of messages to send, expressed as a decimal integer. The count parameter is used to override the default number of message requests sent. The message interval value must be expired before the next message request is sent.

Values

1 to 1000

Default

1

data-size

Specifies the size of the data portion of the Data TLV. If 0 is specified, no Data TLV is added to the packet.

Values

0 to 1500

Default

0

timeout

Specifies the time, in seconds, used to override the default timeout value and is the amount of time that the router waits for a message reply after sending the message request. After the expiration of the message time out, the requesting router assumes that the message response is not received. Any response received after the request times out is silently discarded. The timeout value must be less than the interval.

Values

1 to 10

Default

5

interval

Specifies the interval parameter in seconds, expressed as a decimal integer. This parameter is used to configure the spacing between probes within a test run.

Values

0.1 to 0.9, 1 to 10

Default

5

Platforms

7705 SAR Gen 2

Context

[Tree] (config>port>serial>rs232>socket tx)

Full Context

configure port serial rs232 socket tx

Description

Commands in this context configure parameters for data packets transmitted over a serial port’s raw socket.

Platforms

7705 SAR-Hx, 7705 SAR-Mx

Context

[Tree] (config>system>lldp tx-credit-max)

Full Context

configure system lldp tx-credit-max

Description

This command configures the maximum consecutive LLDPDUs transmitted.

The no form of this command reverts to the default value.

Default

no tx-credit-max

Parameters

count

Specifies the maximum consecutive LLDPDUs transmitted.

Values

1 to 100

Default

5

Platforms

7705 SAR Gen 2

Context

[Tree] (config>port>ethernet>ssm tx-dus)

Full Context

configure port ethernet ssm tx-dus

Description

This command forces the QL value transmitted from the SSM channel of the SONET/SDH port or the SyncE port to be set to QL-DUS/QL-DNU. This capability is provided to block the use of the interface from the 7705 SAR Gen 2 for timing purposes.

The no form of this command disables this capability.

Default

no tx-dus

Platforms

7705 SAR Gen 2

Context

[Tree] (config>port>ethernet>ssm tx-extended-ql-tlv)

Full Context

configure port ethernet ssm tx-extended-ql-tlv

Description

This command configures the extended QL TLV for inclusion in transmitted ESMC messages.

The no form of this command disables the inclusion of the TLV in the ESMC frames.

Default

tx-extended-ql-tlv

Platforms

7705 SAR-Hx, 7705 SAR-Mx

Context

[Tree] (config>system>lldp tx-hold-multiplier)

Full Context

configure system lldp tx-hold-multiplier

Description

This command configures the multiplier of the tx-interval.

The no form of this command reverts to the default value.

Default

no tx-hold-multiplier

Parameters

multiplier

Specifies the multiplier of the tx-interval.

Values

2 to 10

Default

4

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>lldp tx-interval)

Full Context

configure system lldp tx-interval

Description

This command configures the LLDP transmit interval time.

The no form of this command reverts to the default value.

Default

no tx-interval

Parameters

interval

Specifies the LLDP transmit interval time.

Values

5 to 32768

Default

30

Platforms

7705 SAR Gen 2

Context

[Tree] (config>port>ethernet>lldp>dstmac tx-mgmt-address)

Full Context

configure port ethernet lldp dest-mac tx-mgmt-address

Description

This command specifies which management address to transmit. The operator can choose to send the system IPv4 address, the system IPv6 address, the out-of-band IPv4 address, the out-of-band IPv6 address, or any combination of these. The system address is sent only once. The address must be configured for the specific version of the protocol in order to send the management address.

The no form of the command resets value to the default.

Default

no tx-mgmt-address

Parameters

system

Specifies to use the system IP address. The system address will only be transmitted once it has been configured if this parameter is specified.

system-ipv6

Specifies to use the system IPv6 address. The system address will only be transmitted once it has been configured if this parameter is specified.

oob

Specifies to use the out-of-band IPv4 address for active CPM.

oob-ipv6

Specifies to use the out-of-band IPv6 address for active CPM.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>lag>lldp-member-template>dstmac tx-mgmt-address)

Full Context

configure lag lldp-member-template dest-mac tx-mgmt-address

Description

This command configures the management address to transmit. The operator can choose to send the system IPv4 address, system IPv6 address, out-of-band IPv4 address, out-of-band IPv6 address, or any combination of these. The system address is sent only once. The address must be configured for the specific version of the protocol to send the management address.

The no form of this command reverts to the default value.

Default

no tx-mgmt-address

Parameters

system

Keyword to use the system IP address. The system address is only transmitted after it has been configured if this keyword is specified.

system-ipv6

Keyword to use the system IPv6 address. The system address must be configured before it can be transmitted using this keyword.

oob

Keyword to use the out-of-band IPv4 address for active CPM.

oob-ipv6

Keyword to use the out-of-band IPv6 address for active CPM.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>ptp tx-path-trace)

Full Context

configure system ptp tx-path-trace

Description

This command configures the local PTP clock to include the PATH_TRACE TLV in Announce messages.

The no form of this command disables the inclusion of the PATH_TRACE TLV in Announce messages transmitted by the local PTP clock.

Default

no tx-path-trace

Platforms

7705 SAR-Hx, 7705 SAR-Mx

Context

[Tree] (config>port>ethernet>lldp>dstmac tx-tlvs)

Full Context

configure port ethernet lldp dest-mac tx-tlvs

Description

This command specifies which LLDP TLVs to transmit. The TX TLVs, defined as a bitmap, includes the basic set of LLDP TLVs whose transmission is allowed on the local LLDP agent by the network management. Each bit in the bitmap corresponds to a TLV type associated with a specific optional TLV. Organizationally-specific TLVs are excluded from this bitmap.

There is no bit reserved for the management address TLV type since transmission of management address TLVs are controlled by another object.

The no form of this command resets the value to the default.

Default

no tx-tlvs

Parameters

port-desc

Indicates that the LLDP agent should transmit port description TLVs.

sys-name

Indicates that the LLDP agent should transmit system name TLVs.

sys-desc

Indicates that the LLDP agent should transmit system description TLVs.

sys-cap

Indicates that the LLDP agent should transmit system capabilities TLVs.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>lag>lldp-member-template>dstmac tx-tlvs)

Full Context

configure lag lldp-member-template dest-mac tx-tlvs

Description

This command configures which LLDP TLVs to transmit. The TX TLVs, defined as a bitmap, include the basic set of LLDP TLVs whose transmission is allowed on the local LLDP agent by the network management. Each bit in the bitmap corresponds to a TLV type associated with a specific optional TLV. Organizationally specific TLVs are excluded from this bitmap.

No bit is reserved for the management address TLV type because transmission of these TLVs is controlled by another object.

The no form of this command reverts to the default value.

Default

no tx-tlvs

Parameters

port-desc

Keyword to specify that the LLDP agent transmits port description TLVs.

sys-name

Keyword to specify that the LLDP agent transmits system name TLVs.

sys-desc

Keyword to specify that the LLDP agent transmits system description TLVs.

sys-cap

Keyword to specify that the LLDP agent transmits system capabilities TLVs.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>ptp tx-while-sync-uncertain)

Full Context

configure system ptp tx-while-sync-uncertain

Description

This command configures the local PTP clock to transmit Announce messages to downstream clocks, indicating it has not yet stabilized on the recovered synchronization source (upstream clocks or GM clock). While the PTP clock is unsynchronized, the SyncUncertain state is true.

The no form of this command prevents the local PTP clock from sending Announce messages to downstream clocks to indicate it is not synchronized to a valid timing source. If the no form of this command is used while the SyncUncertain state for the clock is true, unicast negotiation grant requests are not granted and current grants are cancelled.

Default

tx-while-sync-uncertain

Platforms

7705 SAR-Hx, 7705 SAR-Mx

Context

[Tree] (config>service>vprn>twamp-light>refl type)

[Tree] (config>router>twamp-light>reflector type)

Full Context

configure service vprn twamp-light reflector type

configure router twamp-light reflector type

Description

This command configures the processing behavior of the TWAMP Light reflector. When the value is twamp-light, the reflector does not check the received PDU as a traditional base TWAMP Light packet without TLV processing. When the value is stamp, the reflector attempts to find and process supported STAMP TLVs that follow the base STAMP packet.

In mixed environments where different types of session senders may be targeting a common TWAMP Light reflector, the value should be set to stamp. When the reflector is operating in stamp mode, the primary parsing is based on STAMP, checking and processing known TLVs, and also determining when TLVs are not present and the arriving PDU is a TWAMP Light PDU. A session sender launching a TWAMP Light-based packet must use all zeros and a padding pattern zero when the pad size is non zero.

Default

type twamp-light

Parameters

reflector-type

Specifies the type of processing behavior for the reflector.

Values

stamp, twamp-light

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn>bgp>group>neighbor type)

[Tree] (config>service>vprn>bgp>group type)

Full Context

configure service vprn bgp group neighbor type

configure service vprn bgp group type

Description

This command designates the BGP peer as type internal or external.

The type of internal indicates the peer is an IBGP peer while the type of external indicates that the peer is an EBGP peer.

By default, the OS derives the type of neighbor based on the local AS specified. If the local AS specified is the same as the AS of the router, the peer is considered internal. If the local AS is different, then the peer is considered external.

The no form of this command used at the group level reverts to the default value.

The no form of this command used at the neighbor level reverts to the value defined at the group level.

Default

no type

Parameters

internal

Configures the peer as internal.

external

Configures the peer as external.

no type

Type of neighbor is derived on the local AS specified.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>service>vprn type)

Full Context

configure service vprn type

Description

This command designates the type of VPRN instance being configured for hub and spoke topologies. Use the no form to reset to the default of a fully meshed VPRN.

Default

no type

Parameters

hub

Specifies a hub VPRN which allows all traffic from the hub SAPs to be routed to the destination directly, while all traffic from spoke VPRNs or network interfaces can only be routed to a hub SAP.

spoke

Specifies a spoke VPRN which allows traffic from associated SAPs or spoke terminations to only be forwarded through routes learned from separate VPRN, which should be configured as a type Hub VPRN.

subscriber-split-horizon

Controls the flow of traffic for wholesale subscriber applications.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>saa>test type)

Full Context

configure saa test type

Description

This command creates the context to provide the test type for the named test. Only a single test type can be configured.

A test can only be modified while the test is in shut down mode.

Once a test type has been configured, the command can be modified by re-entering the command. However, the test type must be the same as the previously entered test type.

To change the test type, the old command must be removed using the config>saa>test>no type command.

The no form of this command removes the test type parameters from the configuration.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>qos>sap-ingress>mac-criteria type)

Full Context

configure qos sap-ingress mac-criteria type

Description

This command sets the mac-criteria type.

Default

type normal

Parameters

filter-type

Specifies which type of entries this MAC filter can contain.

Values

normal — Regular match criteria are allowed; ISID match not allowed.

vid — Configures the VID filter type used to match on ethernet_II frame types. This allows matching VLAN tags for explicit filtering.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>bfd>bfd-template type)

Full Context

configure router bfd bfd-template type

Description

This command selects the CPM network processor as the local termination point for the BFD session. This is enabled by default.

The no form of this command reverts to the default behavior.

Default

no type

Platforms

7705 SAR Gen 2

Context

[Tree] (file type)

Full Context

file type

Description

This command displays the contents of a text file.

Parameters

file-url

Specifies the file contents to display.

Values

local-url	[cflash-id/][file-path] up to 200 characters, including cflash-id directory length up to 99 each
remote-url	[{ftp | tftp | sftp | http | https}://login:pswd@remote-locn/][ file-path]
	up to 247 characters
	directory length up to 99 characters each
remote-locn	[hostname | ipv4-address | [ipv6-address]]
ipv4-address	a.b.c.d
ipv6-address	x:x:x:x:x:x:x:x[-interface]
	x:x:x:x:x:x:d.d.d.d[-interface]
	x - [0 to FFFF]H
	d - [0 to 255]D
	interface - up to 32 characters, for link local addresses 255
cflash-id	cf1:, cf1-A:, cf1-B:, cf2:, cf2-A:, cf2-B:, cf3:, cf3-A:, cf3-B:

profile

Specifies the TLS client profile configured under config>system>security>tls> client-tls-profile to use.

proxy-url

Specifies the URL of an HTTP proxy. For example, http://proxy.mydomain.com:8000. This URL must be an HTTP URL and not an HTTPS URL.

no-redirect

Keyword to automatically refuse any HTTP redirects without prompting the user.

router-instance

Specifies the router name or the VPRN service ID.

Values

router-instance:	router-name | vprn-svc-id
router-name:	"Base" | "management" | "vpls-management"
vprn-svc-id:	1 to 2147483647

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>cron>sched type)

Full Context

configure system cron schedule type

Description

This command specifies how the system should interpret the commands contained within the schedule node.

Default

type periodic

Parameters

schedule-type

Specifies the type of schedule for the system to interpret the commands contained within the schedule node.

Values

periodic — Specifies a schedule which runs at a given interval. The interval must be specified for this feature to run successfully.

calendar — Specifies a schedule which runs based on a calendar. The month, weekday, day-of-month, and minute parameters must be specified for this feature to run successfully.

oneshot — Specifies a schedule which runs one time only. As soon as the first event specified in these parameters takes place and the associated event occurs, the schedule enters a shutdown state. The month, weekday, day-of-month, and minute parameters must be specified for this feature to run successfully.

Default

periodic

Platforms

7705 SAR Gen 2

Context

[Tree] (config>system>management-interface>cli>md-cli>environment>progress-indicator type)

Full Context

configure system management-interface cli md-cli environment progress-indicator type

Description

This command specifies the type of progress indicator used in the MD-CLI.

Default

type dots

Parameters

indicator-type

Specifies the progress indicator type.

Values

dots: displays the progress indicator as dynamically changing dots

Platforms

7705 SAR Gen 2

Context

[Tree] (debug>system>grpc type)

Full Context

debug system grpc type

Description

This command enables debugging for all RPCs or a particular RPC.

The no form of this command deactivates debugging for all RPCs.

Parameters

all

Specifies that debugging is enabled for all RPCs.

gnmi-capabilities

Specifies that debugging is enabled for gNMI capability RPC.

gnmi-get

Specifies that debugging is enabled for gNMI get RPC.

gnmi-set

Specifies that debugging is enabled for gNMI set RPC.

gnmi-subscribe

Specifies that debugging is enabled for gNMI subscribe RPC.

gnoi-cert-mgmt-rpcs

Specifies that debugging is enabled for gNOI certificate management RPCs.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>bgp>group>neighbor type)

[Tree] (config>router>bgp>group type)

Full Context

configure router bgp group neighbor type

configure router bgp group type

Description

This command designates the BGP peer as type internal or external.

The type of internal indicates the peer is an IBGP peer while the type of external indicates that the peer is an EBGP peer.

By default, the router derives the type of neighbor based on the local AS specified. If the local AS specified is the same as the AS of the router, the peer is considered internal. If the local AS is different, then the peer is considered external.

The no form of this command used at the group level reverts to the default value.

The no form of this command used at the neighbor level reverts to the value defined at the group level.

Default

no type

Parameters

internal

Configures the peer as internal.

external

Configures the peer as external.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>policy-options>policy-statement>entry>from type)

Full Context

configure router policy-options policy-statement entry from type

Description

This command configures an OSPF type metric as a match criterion in the route policy statement entry.

If no type is specified, any OSPF type is considered a match.

The no form of this command removes the OSPF type match criterion.

Default

no type

Parameters

1

Matches OSPF routes with type 1 LSAs.

2

Matches OSPF routes with type 2 LSAs.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>router>policy-options>policy-statement>entry>action type)

[Tree] (config>router>policy-options>policy-statement>default-action type)

Full Context

configure router policy-options policy-statement entry action type

configure router policy-options policy-statement default-action type

Description

This command sets the subtype for the Type 5 LSA (external LSA).

The no form of this command disables assigning a type in the route policy entry.

Default

type 2

Parameters

type

Specifies the type metric.

Values

Subtype 1 — The external metric in the external LSA is comparable with the internal metric, and thus one can sum up all the metrics along the path (both internal and external) to get the total cost to the destination.

Subtype 2 — The metric in the external LSA is much more important than the internal metric, so the internal metrics should only be considered when comparing two external routes that have the same external metric.

param-name

The type parameter variable name. Allowed values are any string up to 32 characters long composed of printable, 7-bit ASCII characters. If the string contains special characters (#, ?, space), the entire string must be enclosed within double quotes. Policy parameters must start and end with at-signs (@); for example, "@variable@”.

Platforms

7705 SAR Gen 2

Context

[Tree] (config>saa>test type-multi-line)

Full Context

configure saa test type-multi-line

Description

This command creates the context to configure the OAM probe type and its parameters in a flexible multi-line format.

The no form of this command removes the context.

Platforms

7705 SAR Gen 2