Virtual Private Routed Network service
This chapter provides information about the Virtual Private Routed Network (VPN) service and implementation notes.VPRN services are supported only in network mode. It is not supported in access-uplink mode.
VPRN service overview
RFC2547b is an extension to the original RFC 2547, which describes a method of distributing routing information and forwarding data to provide a Layer 3 Virtual Private Network (VPN) service to end customers.
Each Virtual Private Routed Network (VPRN) consists of a set of customer sites connected to one or more PE routers. Each associated PE router maintains a separate IP forwarding table for each VPRN. Additionally, the PE routers exchange the routing information configured or learned from all customer sites via MP-BGP peering. Each route exchanged via the MP-BGP protocol includes a Route Distinguisher (RD), which identifies the VPRN association.
The service provider uses BGP to exchange the routes of a particular VPN among the PE routers that are attached to that VPN. This is done in a way which ensures that routes from different VPNs remain distinct and separate, even if two VPNs have an overlapping address space. The PE routers distribute routes from other CE routers in that VPN to the CE routers in a particular VPN. Because the CE routers do not peer with each other there is no overlay visible to the VPN routing algorithm.
When BGP distributes a VPN route, it also distributes an MPLS label for that route. On an SR-series, the label distributed with a VPN route depends on the configured label-mode of the VPRN that is originating the route
Before a customer data packet travels across the service provider's backbone, it is encapsulated with the MPLS label that corresponds, in the customer's VPN, to the route which best matches the packet's destination address. The MPLS packet is further encapsulated with either another MPLS label header, so that it gets tunneled across the backbone to the correct PE router. Each route exchanged by the MP-BGP protocol includes a route distinguisher (RD), which identifies the VPRN association. Therefore the backbone core routers do not need to know the VPN routes. The following figure shows a VPRN network diagram.
VPRN services are only supported on 7210 SAS platforms operating in network mode.
Routing prerequisites
RFC2547bis requires the following features:
multi-protocol extensions
extended BGP community support
BGP capability negotiation
parameters defined in RFC 2918
Tunneling protocol options are as follows:
Label Distribution Protocol (LDP)
MPLS RSVP-TE tunnels
BGP support
BGP is used with BGP extensions mentioned in Routing prerequisites to distribute VPRN routing information across the service provider network.
BGP was initially designed to distribute IPv4 routing information. Therefore, multi-protocol extensions and the use of a VPN-IPv4 address were created to extend BGP ability to carry overlapping routing information. A VPN-IPv4 address is a 12-byte value consisting of the 8-byte route distinguisher (RD) and the 4-byte IPv4 IP address prefix. The RD must be unique within the scope of the VPRN. This allows the IP address prefixes within different VRFs to overlap.
A VPN-IPv6 address is a 24-byte value consisting of the 8-byte RD and 16-byte IPv6 address prefix. Service providers typically assign one or a small number of RDs per VPN service network-wide.
Route distinguishers
The route distinguisher (RD) is an 8-byte value consisting of 2 major fields, the Type field and value field, as shown in the following figure. The type field determines how the value field should be interpreted. The 7210 SAS implementation supports the three (3) type values as defined in the Internet draft.
The three Type values are:
Type 0: Value Field - Administrator subfield (2 bytes)
Assigned number subfield (4 bytes)
The administrator field must contain an ASN (using private AS numbers is discouraged). The Assigned field contains a number assigned by the service provider.
Type 1: Value Field - Administrator subfield (4 bytes)
Assigned number subfield (2 bytes)
The administrator field must contain an IP address (using private IP address space is discouraged). The Assigned field contains a number assigned by the service provider.
Type 2: Value Field - Administrator subfield (4 bytes)
Assigned number subfield (2 bytes)
The administrator field must contain a 4-byte ASN (using private AS numbers is discouraged). The Assigned field contains a number assigned by the service provider.
Route reflector
Per RFC2547bis the use of Route Reflectors is supported in the service provider core. Multiple sets of route reflectors can be used for different types of BGP routes, including IPv4 and VPN-IPv6. 7210 can only be used a route reflector client. It cannot be used as a route reflector ("server").
Customer Edge to Provider Edge route exchange
Routing information between the Customer Edge (CE) and Provider Edge (PE) can be exchanged by the following methods:
Static Routes (with both IPv4 and IPv6)
E-BGP (with both IPv4 and IPv6 VPNs)
OSPF (v2 IPv4)
Each protocol provides controls to limit the number of routes learned from each CE router.
Route redistribution
Routing information learned from the CE-to-PE routing protocols and configured static routes should be injected in the associated local VPN routing/forwarding (VRF). In the case of dynamic routing protocols, there may be protocol specific route policies that modify or reject certain routes before they are injected into the local VRF.
Route redistribution from the local VRF to CE-to-PE routing protocols is to be controlled via the route policies in each routing protocol instance, in the same manner that is used by the base router instance.
The advertisement or redistribution of routing information from the local VRF to or from the MP-BGP instance is specified per VRF and is controlled by VRF route target associations or by VRF route policies.
VPN-IP routes imported into a VPRN, have the protocol type bgp-vpn to denote that it is an VPRN route. This can be used within the route policy match criteria.
CPE connectivity check
Static routes are used within many IES and VPRN services. Unlike dynamic routing protocols, there is no way to change the state of routes based on availability information for the associated CPE. CPE connectivity check adds flexibility so that unavailable destinations will be removed from the VPRN routing tables dynamically and minimize wasted bandwidth.
Directly connected IP target and Multiple hops to IP target show static routes.
The availability of the far-end static route is monitored through periodic polling. The polling period is configured. If the poll fails a specified number of sequential polls, the static route is marked as inactive.
Either ICMP ping or unicast ARP mechanism can be used to test the connectivity. ICMP ping is preferred.
If the connectivity check fails and the static route is de-activated, the 7210 SAS router will continue to send polls and reactivate any routes that are restored.
Constrained Route Distribution
This section describes constrained route distribution or RT constraint (RTC).
Constrained VPN route distribution based on route targets
The RTC is a mechanism allows a router to advertise route target membership information to its BGP peers to indicate interest in receiving only VPN routes tagged with specific route target extended communities. After receiving this information, peers restrict the advertised VPN routes to only those requested, which minimizes the control plane load in terms of protocol traffic and possibly routing information base (RIB) memory.
MP-BGP carries the route target membership information, using an address family identifier (AFI) value of 1 and subsequent address family identifier (SAFI) value of 132. For two routers to exchange RT membership network layer reachability information (NLRI), they must advertise the corresponding AFI/SAFI to each other during capability negotiation. MP-BGP allows RT membership NLRI to be propagated, loop-free, within an AS and between ASs using well-known BGP route selection and advertisement rules.
Outbound route filtering (ORF) can also be used for RT-based route filtering, but ORF messages have a limited scope of distribution (to direct peers or neighbors), and, therefore, do not automatically create pruned inter-cluster and inter-AS route distribution trees.
Configuring the route target address family
RTC is supported only by the base router BGP instance. When the family command at the bgp, group or neighbor CLI context includes the route-target keyword, the RTC capability is negotiated with the associated set of eBGP and iBGP peers.
ORF is mutually exclusive with RTC on a specific BGP session. The CLI will not attempt to block this configuration, but if both capabilities are enabled on a session, the ORF capability is not included in the OPEN message sent to the peer.
Originating RT constraint routes
When the base router has one or more RTC peers (BGP peers with which the RTC capability has been successfully negotiated), one RTC route is created for each RT extended community imported into a locally-configured Layer-2 VPN or Layer-3 VPN service. These imported route targets are configured in the following contexts:
config>service>vpls>bgp
config>service>vprn
config>service>vprn>mvpn
See the 7210 SAS-Mxp, R6, R12, S, Sx, T Routing Protocols Guide for more information about BGP address families that support RTC.
By default, these RTC routes are automatically advertised to all RTC peers, without the need for an export policy to explicitly accept them. Each RTC route has a prefix, prefix length, and path attributes. The prefix value is the concatenation of the origin AS (a 4-byte value representing the 2- or 4-octet AS of the originating router, as configured using the configure router autonomous-system command) and 0 or 16 to 64 bits of a route target extended community encoded in one of the following formats: 2-octet AS specific extended community, IPv4 address specific extended community, or 4-octet AS specific extended community.
A router may be configured to send the default RTC route to any RTC peer using the new default-route-target group or neighbor CLI command. The default RTC route is a special type of RTC route that has zero prefix length. Sending the default RTC route to a peer conveys a request to receive all VPN routes (regardless of route target extended community) from that peer. The default RTC route is typically advertised by a route reflector to its clients. The advertisement of the default RTC route to a peer does not suppress other, more specific, RTC routes from being sent to that peer.
Receiving and re-advertising RT constraint routes
All received RTC routes that are deemed valid are stored in the RIB-IN. An RTC route is considered invalid and treated as withdrawn if any of the following conditions apply:
The prefix length is 1 to 31.
The prefix length is 33 to 47.
The prefix length is 48 to 96 and the 16 most-significant bits are not 0x0002, 0x0102, or 0x0202.
If multiple RTC routes are received for the same prefix value, standard BGP best path selection procedures are used to determine the best of these routes.
The best RTC route per prefix is re-advertised to RTC peers based on the following rules:
The best path for a default RTC route (prefix length 0, origin AS only with prefix length 32, or origin AS plus 16 bits of an RT type with prefix length 48) is never propagated to another peer.
A PE with only iBGP RTC peers that is neither a route reflector nor an AS boundary router (ASBR) does not re-advertise the best RTC route to any RTC peer because of standard iBGP split horizon rules.
A route reflector that receives its best RTC route for a prefix from a client peer re-advertises that route (subject to export policies) to all of its client and non-client iBGP peers (including the originator), per standard RR operation. When the route is re-advertised to client peers, the RR sets the ORIGINATOR_ID to its own router ID and modifies the NEXT_HOP to be its local address for the sessions (for example, system IP).
A route reflector that receives its best RTC route for a prefix from a non-client peer re-advertises that route (subject to export policies) to all of its client peers, per standard RR operation. If the RR has a non-best path for the prefix from any of its clients, it advertises the best of the client-advertised paths to all non-client peers.
An ASBR that is neither a PE nor a route reflector that receives its best RTC route for a prefix from an iBGP peer re-advertises that route (subject to export policies) to its eBGP peers. It modifies the NEXT_HOP and AS_PATH of the re-advertised route per standard BGP rules. The aggregation of RTC routes is not supported.
An ASBR that is neither a PE nor a route reflector that receives its best RTC route for a prefix from an eBGP peer re-advertises that route (subject to export policies) to its eBGP and iBGP peers. When re-advertised routes are sent to eBGP peers, the ASBR modifies the NEXT_HOP and AS_PATH per standard BGP rules. The aggregation of RTC routes is not supported.
These advertisement rules do not handle hierarchical RR topologies properly. This is a limitation of the current RT constraint standard.
Using RT constraint routes
In general (ignoring iBGP-to-iBGP rules, add-path, best-external, and so on), the best VPN route for every prefix/NLRI in the RIB is sent to every peer supporting the VPN address family, but export policies may be used to prevent the advertisement of some prefix/NLRIs to specific peers. These export policies may be configured statically or created dynamically based on use of ORF or RTC with a peer. ORF and RTC are mutually exclusive on a session.
When RTC is configured on a session that also supports VPN address families using route targets (vpn-ipv4, vpn-ipv6, and so on), the advertisement of the VPN routes is affected as follows:
When the session comes up, the advertisement of the VPN routes is delayed briefly to allow RTC routes to be received from the peer.
After the initial delay, the received RTC routes are analyzed and acted upon. If S1 is the set of routes previously advertised to the peer and S2 is the set of routes that should be advertised based on the most recent received RTC routes, the following applies:
The set of routes in S1 but not in S2 should be withdrawn immediately (subject to the minimum route advertisement interval (MRAI)).
The set of routes in S2 but not in S1 should be advertised immediately (subject to MRAI).
If a default RTC route is received from a peer P1, the VPN routes that are advertised to P1 are the set that:
are eligible for advertisement to P1 per BGP route advertisement rules
have not been rejected by manually configured export policies
have not been advertised to the peer
Note:This applies whether P1 advertised the best route for the default RTC prefix.
In this context, a default RTC route is any of the following:
a route with NLRI length = zero
a route with NLRI value = origin AS and NLRI length = 32
a route with NLRI value = {origin AS+0x0002 | origin AS+0x0102 | origin AS+0x0202} and NLRI length = 48
If an RTC route for prefix A (origin-AS = A1, RT = A2/n, n > 48) is received from an iBGP peer I1 in autonomous system A1, the VPN routes that are advertised to I1 is the set that:
are eligible for advertisement to I1 per BGP route advertisement rules
have not been rejected by manually configured export policies
carry at least one route target extended community with value A2 in the n most significant bits
have not been advertised to the peer
Note:This applies whether I1 advertised the best route for A.
If the best RTC route for a prefix A (origin-AS = A1, RT = A2/n, n > 48) is received from an IBGP peer I1 in autonomous system B, the VPN routes that are advertised to I1 is the set that:
are eligible for advertisement to I1 per BGP route advertisement rules
have not been rejected by manually configured export policies
carry at least one route target extended community with value A2 in the n most significant bits
have not been advertised to the peer
Note:This applies only if I1 advertised the best route for A.
If the best RTC route for a prefix A (origin-AS = A1, RT = A2/n, n > 48) is received from an eBGP peer E1, the VPN routes that are advertised to E1 is the set that:
are eligible for advertisement to E1 per BGP route advertisement rules
have not been rejected by manually configured export policies
carry at least one route target extended community with value A2 in the n most significant bits
have not been advertised to the peer
Note:This applies only if E1 advertised the best route for A.
BGP fast reroute in a VPRN
BGP fast reroute is a feature that brings together indirection techniques in the forwarding plane and precomputation of BGP backup paths in the control plane to support fast reroute of BGP traffic around unreachable/failed next-hops. In a VPRN context BGP fast reroute is supported using VPN-IPv4 and VPN-IPv6 VPN routes. The supported VPRN scenarios are described in the following table.
Ingress packet |
Primary route |
Backup route |
Prefix independent convergence |
---|---|---|---|
IPv4 (ingress PE) |
VPN-IPv4 route with next-hop A resolved by a LDP, RSVP, or BGP tunnel |
VPN-IPv4 route with next-hop A resolved by a LDP, RSVP, or BGP tunnel |
Yes |
IPv6 (ingress PE) |
VPN-IPv6 route with next-hop A resolved by a LDP, RSVP, or BGP tunnel |
VPN-IPv6 route with next-hop B resolved by a LDP, RSVP, or BGP tunnel |
Yes |
BGP fast reroute in a VPRN configuration
Configuring the config>service>vprn>enable-bgp-vpn-backup command causes only imported BGP-VPN routes to be considered when selecting the primary and backup paths.
This command is required to support fast failover of ingress traffic from one remote PE to another remote PE.
7210 SAS platforms do not support BGP backup path commands that are used to enable consideration of multiple paths learned from CE BGP peers when selecting primary and backup paths to reach the CE.
VPRN features
This section describes VPRN features and special capabilities or considerations as they relate to VPRN services.
IP interfaces
VPRN customer IP interfaces can be configured with most of the same options found on the core IP interfaces.
The advanced configuration options supported are:
DHCPv4 and DHCPv6 relay
VRRP
Secondary IP addresses
ICMP options
Configuration options found on core IP interfaces that are not supported on VPRN IP interfaces are:
NTP broadcast receipt
DHCP and DHCPv6
Unless otherwise stated, DHCP is equivalent to ‟DHCP for IPv4,” or DHCPv4.
The DHCP protocol is used to communicate network information and configuration parameters from a DHCP server to a DHCP-aware client. DHCP is based on the BOOTP protocol, with additional configuration options and the capability to allocate dynamic network addresses. DHCP devices are also capable of handling BOOTP messages.
A DHCP client is an IP-capable device (typically a computer or base station) that uses DHCP to obtain configuration parameters, such as a network address. A DHCP server is an Internet host or router that returns configuration parameters to DHCP clients. A DHCP relay agent is a host or router that passes DHCP messages between clients and servers.
DHCPv6 is not based on, and does not use, the BOOTP protocol.
Service providers use the DHCP protocol to assign IP addresses and provide other configuration parameters.
IP routers do not forward broadcast or multicast packets, which may suggest that the DHCP client and server must reside on the same IP network segment. However, this configuration is not required because when the 7210 SAS is acting as a DHCP relay agent, it processes these DHCP broadcast or multicast packets and relays them to a preconfigured DHCP server. As a result, DHCP clients and servers do not need to reside on the same IP network segment.
For DHCP relay, the 7210 SAS supports a maximum of eight DHCP servers for each VPRN or IES instance and eight DHCP servers for each node.
For DHCPv6 relay, the 7210 SAS supports a maximum of eight DHCPv6 servers for each VPRN instance and eight DHCPv6 servers for each node.
DHCP relay and DHCPv6 relay
The 7210 SAS provides DHCP relay agent services and DHCPv6 relay agent services for DHCP clients. DHCP is used for IPv4 network addresses and DHCPv6 is used for IPv6 network addresses. Both DHCP and DHCPv6 are known as stateful protocols because they use dedicated servers to maintain parameter information.
In the stateful autoconfiguration model, hosts obtain interface addresses and configuration information and parameters from a server. The server maintains a database that tracks which addresses are assigned to which hosts.
The 7210 SAS acts as a relay agent for DHCP and DHCPv6 requests and responses. DHCPv6 functionality is only supported on VPRN access IP interfaces.
DHCP relay
The 7210 SAS provides DHCP relay agent services for DHCP clients.
Service providers use the DHCP protocol to assign IP addresses and provide other configuration parameters. The DHCP protocol requires the client to transmit a request packet with a destination broadcast address of 255.255.255.255, which is processed by the DHCP server.
When the 7210 SAS is acting as a DHCP relay agent, it processes DHCP broadcast packets and relays them to a preconfigured DHCP server, ensuring that DHCP clients and servers do not need to reside on the same network segment.
DHCP offer messages are not dropped if they contain a giaddr that does not match the local configured subnets on the DHCP relay interface.
DHCP options
DHCP options are codes that the 7210 SAS inserts in packets being forwarded from a DHCP client to a DHCP server. Some options have additional information stored in suboptions.
The 7210 SAS supports the Relay Agent Information Option 82, as described in RFC 3046. The following suboptions are supported:
circuit ID
remote ID
vendor-specific options
DHCPv6 Relay
DHCPv6 relay is only supported on 7210 SAS-Mxp.
DHCPv6 relay operation is similar to DHCP in that servers send configuration parameters, such as IPv6 network addresses, to IPv6 nodes; however, DHCPv6 relay is not based on the DHCP or BOOTP protocol. DHCPv6 can be used instead of, or in conjunction with, stateless autoconfiguration.
DHCPv6 uses IPv6 methods of addressing, especially the use of reserved, link-local scoped multicast addresses. DHCPv6 clients transmit messages to these reserved addresses, allowing messages to be sent without the client knowing the address of any DHCP server. This transmission allows efficient communication even before a client is assigned an IP address. When a client has an address and knows the identity of a server, the client can communicate with the server directly using unicast addressing.
The DHCPv6 protocol requires the client to transmit a request packet with a destination multicast address of ff02::1:2 (which addresses all DHCP servers and relay agents on the local network segment) that is processed by the DHCP server.
Similar to DHCP address allocation, if a client needs to obtain an IPv6 address and other configuration parameters, it sends a Solicit message to locate a DHCPv6 server, then requests an address assignment and other configuration information from the server. Servers that meet the requirements of the client respond with an Advertise message. The client chooses one of the servers and sends a Request message; the server sends back a Reply message with the confirmed IPv6 address and configuration information.
If the client already has an IPv6 address, either assigned manually or obtained in another way, the client only needs to obtain configuration information. In this case, exchanges are done using a two-message process. The client sends a Request message for only configuration information. A DHCPv6 server that has configuration information for the client sends back a Reply message with the information.
The 7210 SAS supports the DHCPv6 relay agent option in the same way that it supports the DHCP relay agent option: when the 7210 SAS is acting as a DHCPv6 relay agent, it relays messages between clients and servers that are not connected to the same link.
The DHCP relay agent uses one of its interfaces as an IP source address in the DHCP relay-forward message. The DHCPv6 server uses the same source IP address as the destination IP address in the DHCP relay-reply message. There are restrictions for the source IP address used by the DHCP relay agent, which depend on whether the relay agent is a few hops away or is directly connected.
In the case where the relay agent is a few hops away from the DHCPv6 server, the source address used by the relay agent must not fall under the subnet or prefix range configured on the IP interface on which the client is connected. For example, the loopback interface address of the DHCP relay agent can be used instead. To forward the DHCPv6 relay-reply message back to the relay agent, add a static route for the relay agent source IP address.
In the case where the relay agent is directly connected, there are two options. In the first option, the relay agent use the address of the directly connected interface as the relay-forward source address, and no additional configuration is required for the DHCP server to forward the relay-reply message back to the relay-agent. The other option is to use an interface address on the relay agent that does not fall under the subnet or prefix range configured on the IP interface on which the client is connected. Similar to the scenario where the relay-agent is a few hops away, a static route is required to forward the DHCP relay-reply message back to the relay agent.
DHCPv6 options
DHCPv6 options are codes that the 7210 SAS inserts in packets being forwarded from a DHCPv6 client to a DHCPv6 server. DHCPv6 supports interface ID and remote ID options, as described in RFC 3315, Dynamic Host Configuration Protocol for IPv6 (DHCPV6) and RFC 4649, DHCPv6 Relay Agent Remote-ID Option.
SAPs
IPv6 support for VPRN IP interfaces
IPv6 VPRN IP interfaces are supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode.
VPRN IPv6 access interfaces are allowed to be configured to provide IPv6 VPN connectivity to customers.
IPv4 and IPv6 route table lookup entries are shared. Before adding routes for IPv6 destinations, route entries in the routed lookup table needs to be allocated for IPv6 addresses. This can be done using the CLI config system resource-profile router max-ipv6-routes command. This command allocates route entries for /64 IPv6 prefix route lookups. The system does not allocate any IPv6 route entries by default and user needs to allocate some resources before using IPv6. For the command to take effect the node must be rebooted after making the change. For more information, see the following example and see the 7210 SAS-Mxp, R6, R12, S, Sx, T Basic System Configuration Guide.
A separate route table (or a block in the route table) is used for IPv6 /128-bit prefix route lookup. A limited amount of IPv6 /128 prefixes route lookup entries is supported. The software enables lookups in this table by default (that is no user configuration is required to enable Ipv6 /128-bit route lookup).
In addition, the number IP subnets can be configured by the user using the configure system resource-profile router max-ip-subnets command. Suitable defaults are assigned to this parameter. Users can increase the number of subnets if they plan to add more IPv6 addresses for eachIPv6 interface.
Following features and restrictions is applicable for IPv6 VPRN IP interfaces:
PE-CE routing - static routing and EBGP is supported
A limited amount of IPv6 /128 prefixes route lookup entries is supported on 7210 SAS platforms.
VRRP for VPRN IPv6 interfaces is not supported.
Encapsulations
The following SAP encapsulations are supported on the 7210 SAS VPRN service:
Ethernet null
Ethernet dot1q
QinQ
LAG
QoS policies
When applied to a VPRN SAP, service ingress QoS policies creates the unicast meter defined in the policy. QoS policies only create the unicast meters defined in the policy if PIM is not configured on the associated IP interface, if PIM is configured, the multipoint meters are applied as well.
For 7210 SAS-Sx/S 1/10GE, 7210 SAS-Sx 10/100GE, and 7210 SAS-T (network mode) (with VPRN services), access egress policies are available for use on access ports. On 7210 SAS-Mxp Service egress QoS policies are supported.
Both Layer 2 (dot1p only) and Layer 3 criteria can be used in the QoS policies for traffic classification in an VPRN.
Filter policies
Ingress and egress IPv4 and IPv6 filter policies can be applied to VPRN SAPs.
CPU QoS for VPRN interfaces
Traffic bound to CPU received on VPRN access interfaces are policed/rate-limited and queued into CPU queues. The software allocates a policer per IP application or a set of IP applications, for rate-limiting CPU bound IP traffic from all VPRN access SAPs. The policers CIR/PIR values are set to appropriate values based on feature scaling and these values are not user configurable. The software allocates a set of queues for CPU bound IP traffic from all VPRN access SAPs. The queues are either shared by a set of IP applications or in some cases allocated to an IP application. The queues are shaped to appropriate rate based on feature scaling. The shaper rate is not user configurable.
The instance of queues and policers used for traffic received on network port IP interfaces is different for traffic received from access port IP interfaces. Additionally, the network CPU queues are accorded higher priority than the access CPU queues. This is done to provide better security and mitigate the risk of access traffic affecting network traffic.
The 7210 SAS-Mxp allows the user to configure the IP differentiated services code point (DSCP) value for self-generated traffic. On the 7210 SAS-T, 7210 SAS-Sx/S 1/10GE, and 7210 SAS-Sx 10/100GE, IP DSCP marking of self-generated traffic is not user-configurable and is assigned by software.
CE to PE routing protocols
The 7210 SAS VPRN supports the following CE to PE routing protocols:
eBGP (for both IPv4 and IPv6)
static with both IPv4 and IPv6)
OSPF v2 (IPv4)
PE to PE tunneling mechanisms
The 7210 SAS supports multiple mechanisms to provide transport tunnels for the forwarding of traffic between PE routers within the 2547bis network.
The 7210 SAS VPRN implementation supports the use of:
RSVP-TE protocol to create tunnel LSP's between PE routers
LDP protocol to create tunnel LSP's between PE routers
These transport tunnel mechanisms provide the flexibility to use dynamically created LSPs, where the ‟autobind” feature is used to automatically bind service tunnels, and there is the ability to provide specific VPN services with their own transport tunnels by explicitly binding SDPs, if required. When the auto-bind-tunnel command is used, all services traverse the same LSPs and do not allow alternate tunneling mechanisms or the ability to configure sets of LSPs with bandwidth reservations for specific customers, as is available with explicit SDPs for the service.
Per-VRF route limiting
The 7210 SAS allows setting the maximum number of routes that can be accepted in the VRF for a VPRN service. There are options to specify a percentage threshold at which to generate an event to indicate that the VRF table is nearly full, and an option to disable additional route learning when the VRF is full or only generate an event.
Exporting MP-BGP VPN routes
To reduce the number of MP-BGP VPN tunnels in a group of IP/MPLS PE routers that are part of the same L3 VPN instance, a hierarchy can be established by reexporting the VPN IP routes on a PE aggregation router (which can be an ABR node). In the case of VPRN service labels, reexporting VPN IP routes reduces the required MPLS FIB resources to the scale available on smaller access routers.
Use the config>service>vprn>allow-export-bgp-vpn command to configure the feature. This command enables the vrf-export and vrf-target export functions to include BGP-VPN routes that are installed in the VPRN route table.
When a route is installed in the VPRN route table, the route is exported as a new VPN-IP route to an MP-IBGP peer only; that is, the route is accepted by the VRF export policy but may be rejected by a BGP export policy. Assuming that the export policies have simple accept and reject actions, the new VPN-IP route is the same as the original VPN-IP route, except in the following cases:
The RD is changed to the value of the advertising VPRN.
The BGP next-hop is changed to a local address of the PE.
The label value is changed to the per-VRF label value of the advertising VPRN.
Configuration guidelines
The following configuration guidelines apply to this feature:
You must shut down and restart the VPRN context for any changes to the allow-export-bgp-vpn command to take effect.
You must configure the VPRN service with a loopback IP interface for the command to take effect.
SAPs cannot be configured in a VPRN service in which the allow-export-bgp-vpn command is enabled.
Spoke-SDPs
Spoke-SDP termination into a Layer 3 service is not supported on 7210 SAS platforms.
Using OSPF in IP-VPNs
OSPF used as a PE-CE routing protocol is supported only for IPv4 VPNs.
Using OSPF as a CE to PE routing protocol allows OSPF that is currently running as the IGP routing protocol to migrate to an IP-VPN backbone without changing the IGP routing protocol, introducing BGP as the CE-PE or relying on static routes for the distribution of routes into the service providers IP-VPN. The following features are supported:
Advertisement/redistribution of BGP-VPN routes as summary (type 3) LSAs flooded to CE neighbors of the VPRN OSPF instance. This occurs if the OSPF route type (in the OSPF route type BGP extended community attribute carried with the VPN route) is not external (or NSSA) and the locally configured domain-id matches the domain-id carried in the OSPF domain ID BGP extended community attribute carried with the VPN route.
OSPF sham links. A sham link is a logical PE-to-PE unnumbered point-to-point interface that essentially rides over the PE-to-PE transport tunnel. A sham link can be associated with any area and can therefore appear as an intra-area link to CE routers attached to different PEs in the VPN.
Service label mode of a VPRN
The 7210 SAS allocates one unique (platform-wide) service label per VRF. All VPN-IP routes exported by the PE from a particular VPRN service with that configuration have the same service label. When the PE receives a terminating MPLS packet, the service label value determines the VRF to which the packet belongs. A lookup of the IP packet DA in the forwarding table of the selected VRF determines the next-hop interface.
Multicast in IP-VPN applications
Multicast in IP-VPN services using NG-MVPN mechanisms is supported on the 7210 SAS-T, 7210 SAS-Mxp, 7210 SAS-Sx 1/10GE operating in the standalone mode, and 7210 SAS-S 1/10GE operating in the standalone-VC mode.
Applications for this feature include enterprise customers implementing a VPRN solution for their WAN networking needs, customer applications including stock-ticker information, financial institutions for stock and other types of trading data, and video delivery systems.
The following figure shows an example of multicast in an IP-VPN application. The provider domain encompasses the core routers (1 through 4) and the edge routers (5 through 10). The various IP-VPN customers each have their own multicast domain, VPN-1 (CE routers 12, 13, and 16) and VPN-2 (CE Routers 11, 14, 15, 17, and 18). In this VPRN example, the VPN-1 data generated by the customer behind router 16 is multicast only by PE router 9 to PE routers 6 and 7 for delivery to CE routers 12 and 13 respectively. Data for VPN-2 generated by the customer behind router 15 is forwarded by PE router 8 to PE routers 5, 7, and 10 for delivery to CE routers 18, 11, 14, and 17 respectively.
The demarcation of these domains is in the PE router (routers 5 through 10). The PE router participates in both the customer multicast domain and the provider multicast domain. The customer CE routers are limited to a multicast adjacency with the multicast instance on the PE created to support that specific customer IP-VPN. This way, customers are isolated from the provider core multicast domain and other customer multicast domains while the provider core routers only participate in the provider multicast domain and are isolated from all customer multicast domains.
The PE router for a specific customer multicast domain becomes adjacent to the CE routers attached to that PE and to all other PE routers that participate in the IP-VPN (or customer) multicast domain. This is achieved by the PE router, which encapsulates the customer multicast control data and multicast streams inside the provider multicast packets. These encapsulated packets are forwarded only to the PE routers that are participating in the same MVPN domain and are part of the same customer VPRN. This prunes the distribution of the multicast control and data traffic to the PE routers that do not participate in the customer multicast domain.
Multicast protocols supported in the provider network
An MVPN is defined by two sets of sites: the sender sites set and receiver sites set, with the following properties:
Hosts within the sender sites set could originate multicast traffic for receivers in the receiver sites set.
Receivers not in the receiver sites set should not be able to receive this traffic.
Hosts within the receiver sites set could receive multicast traffic originated by any host in the sender sites set.
Hosts within the receiver sites set should not be able to receive multicast traffic originated by any host that is not in the sender sites set.
A site could be both in the sender sites set and receiver sites set, which implies that hosts within such a site could both originate and receive multicast traffic. An extreme case is when the sender sites set is the same as the receiver sites set, in which case all sites could originate and receive multicast traffic from each other.
Sites within a specific MVPN can only be within the same organizations, which implies that an MVPN can be an intranet. A specific site may be in more than one MVPN, which implies that MVPNs may overlap. Not all sites of a specific MVPN have to be connected to the same service provider, which implies that an MVPN can span multiple service providers.
Another way to look at MVPN is to say that an MVPN is defined by a set of administrative policies. These policies determine the sender sites set and receiver site set. These policies are established by MVPN customers, but implemented by MVPN service providers using the existing BGP/MPLS VPN mechanisms, such as route targets, with extensions, as necessary.
MVPN Using BGP control plane
The 7210 SAS supports next generation MVPN with MLDP and RSVP P2MP provider tunnels.
The Nokia implementation supports the following features:
MVPN is supported on the 7210 SAS-T, 7210 SAS-Mxp, 7210 SAS-Sx 1/10GE operating in standalone mode, and 7210 SAS-S 1/10GE operating in standalone-VC mode.
MVPN membership auto-discovery using BGP is supported.
PE-PE transmission of C-multicast routing using BGP is supported.
IPv4 is supported.
Inter-AS MVPN with option A is supported. This does not require any additional control or data plane implementations.
MVPN membership auto-discovery using BGP
BGP-based auto-discovery (AD) is performed by using a multicast VPN address family. Any PE router that attaches to an MVPN must issue a BGP update message containing an NLRI in this address family, along with a specific set of attributes.
The PE router uses route targets to specify MVPN route import and export. The route target may be the same as the one used for the corresponding unicast VPN, or it may be different. The PE router can specify separate import route targets for sender sites and receiver sites for a specific MVPN.
The route distinguisher (RD) that is used for the corresponding unicast VPN can also be used for the MVPN.
When BGP AD is enabled, PIM peering on the I-PMSI is disabled, so no PIM hellos are sent on the I-PMSI. C-tree to P-tunnel bindings are also discovered using BGP S-PMSI AD routes, instead of PIM join TLVs.
For example, if AD is disabled, the c-mcast-signaling bgp command fails and the following error message displays:
C-multicast signaling in BGP requires auto-discovery to be enabled
AD is enabled by default on the 7210 SAS-T, 7210 SAS-Mxp, 7210 SAS-Sx 10/100GE operating in standalone mode, and 7210 SAS-S 1/10GE operating in standalone-VC mode.
If c-mcast-signaling is set to bgp, the no auto-discovery command fails and the following error message displays:
C-multicast signaling in BGP requires auto-discovery to be enabled
When c-mcast-signaling is set to bgp, S-PMSI AD is always enabled (configuration is ignored).
Provider tunnel support
The following provider tunnels are supported:
mLDP inclusive provider tunnel
mLDP selective provider tunnel
RSVP P2MP LSPs inclusive provider tunnel
RSVP P2MP LSPs selective provider tunnel
Inter-AS VPRNs
Inter-AS IP-VPN services have been driven by the popularity of IP services and service provider expansion beyond the borders of a single Autonomous System (AS) or the requirement for IP VPN services to cross the AS boundaries of multiple providers. Three options for supporting inter-AS IP-VPNs are described in RFC 4364, BGP/MPLS IP Virtual Private Networks (VPNs).
7210 SAS platforms support only Option-A and Option-C. Option-B is not supported and is included in this description only for completeness.
The first option, referred to as Option-A (shown in the following figure), is considered inherent in any implementation. This method uses a back-to-back connection between separate VPRN instances in each AS. As a result, each VPRN instance views the inter-AS connection as an external interface to a remote VPRN customer site. The back-to-back VRF connections between the ASBR nodes require individual sub-interfaces, one per VRF.
The second option, referred to as Option-B (shown in the following figure), relies heavily on the AS Boundary Routers (ASBRs) as the interface between the autonomous systems. This approach enhances the scalability of the eBGP VRF-to-VRF solution by eliminating the need for per-VPRN configuration on the ASBRs. However it requires that the ASBRs provide a control plan and forwarding plane connection between the autonomous systems. The ASBRs are connected to the PE nodes in its local autonomous system using iBGP either directly or through route reflectors. This means the ASBRs receive all the VPRN information and will forward these VPRN updates, VPN-IPV4, to all its EBGP peers, ASBRs, using itself as the next-hop. It also changes the label associated with the route. This means the ASBRs must maintain an associate mapping of labels received and labels issued for those routes. The peer ASBRs will in turn forward those updates to all local IBGP peers.
This form of inter-AS VPRNs does not require instances of the VPRN to be created on the ASBR, as in option-A, as a result there is less management overhead. This is also the most common form of Inter-AS VPRNs used between different service providers as all routes advertised between autonomous systems can be controlled by route policies on the ASBRs.
The third option, referred to as Option-C (shown in the following figure), allows for a higher scale of VPRNs across AS boundaries but also expands the trust model between ASNs. As a result this model is typically used within a single company that may have multiple ASNs for various reasons.
This model differs from Option-B, in that in Option-B all direct knowledge of the remote AS is contained and limited to the ASBR. As a result, in option-B the ASBR performs all necessary mapping functions and the PE routers do not need perform any additional functions then in a non-Inter-AS VPRN.
With Option-C, knowledge from the remote AS is distributed throughout the local AS. This distribution allows for higher scalability but also requires all PEs and ASBRs involved in the Inter-AS VPRNs to participate in the exchange of inter-AS routing information.
In Option-C, the ASBRs distribute reachability information for remote PE system IP addresses only. This is done between the ASBRs by exchanging MP-eBGP labeled routes, using RFC 3107, Carrying Label Information in BGP-4.
Distribution of VPRN routing information is handled by either direct MP-BGP peering between PEs in the different ASNs or more likely by one or more route reflectors in ASN.
Configuring a VPRN service with CLI
This section provides information to configure Virtual Private Routed Network (VPRN) services using the command line interface.
Basic configuration
The following fields require specific input (there are no defaults) to configure a basic VPRN service:
customer ID (see Configuring customers accounts)
specify interface parameters
VPRN service configuration
*A:ALA-1>config>service>vprn# info
----------------------------------------------
vrf-import "vrfImpPolCust1"
vrf-export "vrfExpPolCust1"
autonomous-system 10000
route-distinguisher 10001:1
auto-bind ldp
vrf-target target:10001:1
interface "to-ce1" create
address 10.1.0.1/24
exit
sap 1/1/10:1 create
ingress
qos 100
exit
filter ip 10
exit
exit
exit
exit
static-route 10.5.0.0/24 next-hop 10.1.1.2
bgp
router-id 10.0.0.1
group "to-cel"
export "vprnBgpExpPolCust1"
peer-as 65101
neighbor 10.1.1.2
exit
exit
exit
no shutdown
----------------------------------------------
*A:ALA-1>config>service>vprn#
Common configuration tasks
This section provides a brief overview of the tasks that must be performed to configure a VPRN service and provides the CLI commands:
Associate a VPRN service with a customer ID.
Define an autonomous system (optional).
Define a route distinguisher (mandatory).
Define VRF route-target associations or VRF import/export policies.
Create an interface.
Define SAP parameters on the interface:
Select nodes and ports.
Optional - select QoS policies other than the default (configured in
config>qos
context)Optional - select filter policies (configured in
config>filter
context)Optional - select accounting policy (configured in
config>log
context)
Define BGP parameters (optional):
BGP must be enabled in the
config>router>bgp
context.Enable the service.
Configuring VPRN components
Creating a VPRN service
Use the following CLI syntax to create a VRPN service. A route distinguisher must be defined in order for VPRN to be operationally active.
config>service# vprn service-id [customer customer-id]
route-distinguisher [ip-address:number1 | asn:number2]
description description-string
no shutdown
VPRN service configuration
*A:ALA-1>config>service# info
----------------------------------------------
...
vprn 1 customer 1 create
route-distinguisher 10001:0
no shutdown
exit
...
----------------------------------------------
*A:ALA-1>config>service>vprn#
Configuring global VPRN parameters
See VPRN services command reference for CLI syntax to configure VPRN parameters.
VPRN service with configured parameters
*A:ALA-1>config>service# info
----------------------------------------------
...
vprn 1 customer 1 create
vrf-import "vrfImpPolCust1"
vrf-export "vrfExpPolCust1"
autonomous-system 10000
route-distinguisher 10001:1
exit
no shutdown
exit
...
----------------------------------------------
*A:ALA-1>config>service#
Configuring Router Interfaces
See the 7210 SAS-Mxp, R6, R12, S, Sx, T Router Configuration Guide for command descriptions and syntax information to configure router interfaces.
Router interface configuration
ALA48>config>router# info
#------------------------------------------
echo "IP Configuration"
#------------------------------------------
...
interface "if1"
address 10.2.2.1/24
exit
interface "if2"
address 10.49.1.46/24
port 1/1/34
exit
interface "if3"
address 10.11.11.1/24
exit
...
#------------------------------------------
ALA48>config>router#
Configuring VPRN protocols - BGP
The autonomous system number and router ID configured in the VPRN context only applies to that particular service.
The minimal parameters that should be configured for a VPRN BGP instance are:
Specify an autonomous system number for the router. See Configuring global VPRN parameters.
Specify a router ID - Note that if a new or different router ID value is entered in the BGP context, then the new values takes precedence and overwrites the VPRN-level router ID. See Configuring global VPRN parameters.
Specify a VPRN BGP peer group.
Specify a VPRN BGP neighbor with which to peer.
Specify a VPRN BGP peer-AS that is associated with the preceding peer.
VPRN BGP is administratively enabled upon creation. Minimally, to enable VPRN BGP in a VPRN instance, you must associate an autonomous system number and router ID for the VPRN service, create a peer group, neighbor, and associate a peer ASN. There are no default VPRN BGP groups or neighbors. Each VPRN BGP group and neighbor must be explicitly configured.
All parameters configured for VPRN BGP are applied to the group and are inherited by each peer, but a group parameter can be overridden on a specific basis. VPRN BGP command hierarchy consists of three levels:
the global level
the group level
the neighbor level
For example:
config>service>vprn>bgp# (global level)
group (group level)
neighbor (neighbor level)
Note that the local-address must be explicitly configured if two systems have multiple BGP peer sessions between them for the session to be established.
For more information about the BGP protocol, see the 7210 SAS-Mxp, R6, R12, S, Sx, T Router Configuration Guide.
Configuring VPRN BGP group and neighbor parameters
A group is a collection of related VPRN BGP peers. The group name should be a descriptive name for the group. Follow your group, name, and ID naming conventions for consistency and to help when troubleshooting faults.
All parameters configured for a peer group are applied to the group and are inherited by each peer (neighbor), but a group parameter can be overridden on a specific neighbor-level basis.
After a group name is created and options are configured, neighbors can be added within the same autonomous system to create IBGP connections or neighbors in different autonomous systems to create EBGP peers. All parameters configured for the peer group level are applied to each neighbor, but a group parameter can be overridden on a specific neighbor basis.
VPRN BGP CLI syntax
Use the syntax to configure VPRN BGP parameters (BGP configuration commands).
VPRN BGP configuration
*A:ALA-1>config>service# info
----------------------------------------------
...
vprn 1 customer 1 create
vrf-import "vrfImpPolCust1"
vrf-export "vrfExpPolCust1"
autonomous-system 10000
route-distinguisher 10001:1
auto-bind ldp
vrf-target target:10001:1
interface "to-ce1" create
address 10.1.0.1/24
sap 1/1/10:1 create
ingress
qos 100
exit
filter ip 6
exit
exit
exit
static-route 10.5.0.0/24 next-hop 10.1.1.2
bgp
router-id 10.0.0.1
group "to-cel"
export "vprnBgpExpPolCust1"
peer-as 65101
neighbor 10.1.1.2
exit
exit
exit
spoke-sdp 2 create
exit
no shutdown
exit
...
----------------------------------------------
*A:ALA-1>config>service#
Configuring a VPRN interface
Interface names associate an IP address to the interface, and then associate the IP interface with a physical port. The logical interface can associate attributes like an IP address, port, Link Aggregation Group (LAG) or the system.
There are no default interfaces.
Note that you can configure a VPRN interface as a loopback interface by issuing the loopback command instead of the sap sap-id command. The loopback flag cannot be set on an interface where a SAP is already defined and a SAP cannot be defined on a loopback interface.
When using mtrace/mstat in a Layer 3 VPN context then the configuration for the VPRN should have a loopback address configured which has the same address as the core instance's system address (BGP next-hop).
See OSPF configuration commands (IPv4 only) for CLI commands and syntax.
VPRN interface configuration output
*A:7210 SAS>config>service>vprn>if# info detail
----------------------------------------------
no description
no address
no mac
arp-timeout 14400
no allow-directed-broadcasts
icmp
mask-reply
redirects 100 10
unreachables 100 10
ttl-expired 100 10
exit
no arp-populate
dhcp
shutdown
no description
proxy-server
shutdown
no emulated-server
no lease-time
exit
no option
no server
no trusted
no lease-populate
no gi-address
no relay-plain-bootp
no use-arp
exit
no authentication-policy
no ip-mtu
no host-connectivity-verify
no delayed-enable
no bfd
ipcp
no peer-ip-address
no dns
exit
no proxy-arp-policy
no local-proxy-arp
no remote-proxy-arp
no shutdown
----------------------------------------------
*A:7210 SAS>config>service>vprn>if#
Configuring a VPRN interface SAP
A SAP is a combination of a port and encapsulation parameters which identifies the service access point on the interface and within the 7210 SAS. Each SAP must be unique within a router. A SAP cannot be defined if the interface loopback command is enabled.
When configuring VPRN interface SAP parameters, a default QoS policy is applied to each ingress and egress SAP. Additional QoS policies and scheduler policies must be configured in the config>qos context. Filter policies are configured in the config>filter context and must be explicitly applied to a SAP. There are no default filter policies.
VPRN interface SAP configuration output
*A:ALA-1>config>service# info
----------------------------------------------
...
vprn 1 customer 1 create
vrf-import "vrfImpPolCust1"
vrf-export "vrfExpPolCust1"
autonomous-system 10000
route-distinguisher 10001:1
auto-bind ldp
vrf-target target:10001:1
interface "to-ce1" create
address 10.1.0.1/24
sap 1/1/10:1 create
ingress
qos 100
exit
filter ip 6
exit
exit
exit
static-route 10.5.0.0/24 next-hop 10.1.1.2
spoke-sdp 2 create
exit
no shutdown
exit
...
----------------------------------------------
*A:ALA-1>config>service#
Configuring VPRN protocols - OSPF
In a VPRN interface, each VPN routing instance is isolated from any other VPN routing instance, and from the routing used across the backbone. OSPF can be run with any VPRN, independently of the routing protocols used in other VPRNs, or in the backbone itself. For more information about the OSPF protocol, see the 7210 SAS-Mxp, R6, R12, S, Sx, T Routing Protocols Guide.
config>service>vprn>ospf#
VPRN OSPF CLI syntax
The following is a sample output of the VPRN OSPF previous configuration.
A:duta>config>service>vprn# info
----------------------------------------------
router-id 10.10.10.1
autonomous-system 100
route-distinguisher 65510:1
auto-bind ldp
vrf-target target:65520:1
interface "to-ixia-1" create
address 10.1.1.1/24
sap 1/1/9:1 create
exit
exit
interface "to-ixia-2" create
address 10.1.2.1/24
sap 1/1/9:12 create
exit
exit
ospf
super-backbone
vpn-domain 0005 0000.0000.0001
export "from_mbgp_to_ospf"
area 0.0.0.0
interface "to-ixia-2"
mtu 1500
no shutdown
exit
sham-link "to-ixia-1" 10.1.1.1
exit
sham-link "to-ixia-1" 10.11.1.1
exit
exit
exit
no shutdown
----------------------------------------------
A:duta>config>service>vprn#
For more information about the OSPF protocol, see the 7210 SAS-Mxp, R6, R12, S, Sx, T Routing Protocols Guide.
Service management tasks
This section describes the service management tasks.
Modifying VPRN service parameters
Use the CLI syntax to modify VPRN parameters (VPRN services command reference).
The following is a sample VPRN service configuration output.
*A:ALA-1>config>service# info
----------------------------------------------
...
vprn 1 customer 1 create
shutdown
vrf-import "vrfImpPolCust1"
vrf-export "vrfExpPolCust1"
maximum-routes 2000
autonomous-system 10000
route-distinguisher 10001:1
interface "to-ce1" create
address 10.1.1.1/24
sap 1/1/10:1 create
exit
exit
static-route 10.5.0.0/24 next-hop 10.1.1.2
bgp
router-id 10.0.0.1
group "to-ce1"
export "vprnBgpExpPolCust1"
peer-as 65101
neighbor 10.1.1.2
exit
exit
exit
spoke-sdp 2 create
exit
exit
...
----------------------------------------------
*A:ALA-1>config>service>vprn#
Deleting a VPRN service
An VPRN service cannot be deleted until SAPs and interfaces are shut down and deleted. If protocols or a spoke-SDP are defined, they must be shut down and removed from the configuration as well.
Use the following syntax to delete a VPRN service.
config>service#
[no] vprn service-id [customer customer-id]
shutdown
[no]interfaceip-int-name
shutdown
[no]sap sap-id]
[no] bgp
shutdown
[no] spoke-sdp sdp-id
[no] shutdown
Disabling a VPRN service
Use the following syntax to shut down a VPRN service without deleting any service parameters.
config>service#
vprn service-id [customer customer-id]
shutdown
- Example:
config>service# vprn 1 config>service>vprn# shutdown config>service>vprn# exit
*A:ALA-1>config>service# info
----------------------------------------------
...
vprn 1 customer 1 create
shutdown
vrf-import "vrfImpPolCust1"
vrf-export "vrfExpPolCust1"
autonomous-system 10000
route-distinguisher 10001:1
auto-bind ldp
vrf-target target:10001:1
interface "to-ce1" create
address 10.1.0.1/24
sap 1/1/10:1 create
ingress
qos 100
exit
filter ip 6
exit
exit
exit
static-route 10.5.0.0/24 next-hop 10.1.1.2
bgp
router-id 10.0.0.1
group "to-cel"
export "vprnBgpExpPolCust1"
peer-as 65101
neighbor 10.1.1.2
exit
exit
exit
spoke-sdp 2 create
exit
exit
...
----------------------------------------------
*A:ALA-1>config>service#
Re-enabling a VPRN service
Use the following syntax to re-enable a VPRN service that was shut down.
config>service#
vprn service-id [customer customer-id]
no shutdown
VPRN services command reference
Command hierarchies
VPRN configuration commands
VPRN service configuration commands
config
- service
- vprn service-id [customer customer-id]
- no vprn service-id
- [no] allow-export-bgp-vpn
- auto-bind-tunnel
- resolution {any | filter | disabled}
- resolution-filter
- [no] ldp
- [no] rsvp
- [no] sr-isis
- [no] sr-ospf
- autonomous-system as-number
- no autonomous-system
- description description-string
- no description
- enable-bgp-vpn-backup [ipv4] [ipv6]
- no enable-bgp-vpn-backup
- maximum-ipv6-routes number [log-only] [threshold percent]
- no maximum-ipv6-routes
- maximum-routes number [log-only] [threshold percent]
- no maximum-routes
- route-distinguisher [ip-address:number1 | asn:number2]
- no route-distinguisher
- router-id ip-address
- no router-id
- sgt-qos
- application dscp-app-name dscp {dscp-value | dscp-name}
- application dot1p-app-name dot1p dot1p-priority
- no application {dscp-app-name | dot1p-app-name}
- dscp dscp-name fc fc-name
- no dscp dscp-name
- [no] shutdown
- snmp-community community-name [version SNMP-version]
- no snmp-community community-name
- source-address
- application app [ip-int-name | ip-address]
- no application app
Spoke-SDP commands
config
- service
- vprn
- [no] spoke-sdp sdp-id
- description description-string
- no description
- [no] shutdown
- [no] static-route {ip-prefix/prefix-length | ip-prefix netmask} [preference preference] [metric metric] [tag tag] [enable | disable] {next-hop ip-int-name | ip-address | ipsec-tunnel ipsec-tunnel-name} [bfd-enable | {cpe-check cpe-ip-address [interval seconds] [drop-count count] [log]}] {prefix-list prefix-list-name [all | none]}]
- [no] static-route {ip-prefix/prefix-length | ip-prefix netmask} [preference preference] [metric metric] [tag tag] [enable | disable] indirect ip-address [cpe-check cpe-ip-address [interval seconds][drop-count count] [log]] {prefix-list prefix-list-name [all | none]}]
- [no] static-route {ip-prefix/prefix-length | ip-prefix netmask} [preference preference] [metric metric] [tag tag] [enable | disable] black-hole {prefix-list prefix-list-name [all | none]}]
- vrf-export policy-name [policy-name ... (up to 5 max)]
- no vrf-export
- vrf-import policy-name [policy-name ... (up to 5 max)]
- no vrf-import
- vrf-target {ext-comm | {[export ext-comm][import ext-comm]}}
- no vrf-target
- [no] shutdown
Routed VPLS commands
config
- service
- vprn service-id [customer customer-id]
- no vprn service-id
- interface ip-int-name [create]
- no interface ip-int-name
- vpls service-name
- no vpls
- ingress
- [no] enable-table-classification
- routed-override-qos-policy policy-id
- no routed-override-qos-policy
- v4-routed-override-filter ip-filter-id
- no v4-routed-override-filter
IGMP commands
config
- service
- vprn service-id [customer customer-id]
- no vprn service-id
- igmp
- [no] interface ip-int-name
- disable-router-alert-check
- no disable-router-alert-check
- import policy-name
- no import
- max-groups value
- no max-groups
- max-sources sources
- no max-sources
- [no] shutdown
- ssm-translate
- [no] grp-range start end
- [no] source ip-address
- static
- [no] group grp-ip-address
- [no] source ip-address
- [no] starg
- [no subnet-check
- version version
- no version
- [no] query-interval
- query-interval seconds
- [no] query-last-member-interval
- query-last-member-interval seconds
- [no] query-response-interval
- query-response-interval seconds
- [no] robust-count
- robust-count robust-count
- [no] shutdown
- ssm-translate
- [no] grp-range start end
- [no] source ip-address
Multicast VPN commands
Multicast VPN commands are only supported on the 7210 SAS-Mxp, 7210 SAS-T (network operating mode), and 7210 SAS-Sx/S 1/10GE (operating in standalone and standalone-VC mode).
config
- service
- vprn service-id [customer customer-id]
- no vprn service-id
- mvpn
- [no] auto-discovery [default]
- c-mcast-signaling {bgp}
- no c-mcast-signaling
- [no] intersite-shared
- mdt-type {sender-receiver | sender-only | receiver-only}
- no mdt-type
- provider-tunnel
- inclusive
- bsr {unicast | spmsi}
- no bsr
- [no] mldp
- [no] shutdown
- [no] rsvp
- lsp-template lsp-template
- no lsp-template
- [no] shutdown
- [no] wildcard-spmsi
- selective
- data-delay-interval value
- no data-delay-interval
- data-threshold {c-grp-ip-addr/mask | c-grp-ip-addr netmask}
- no data-threshold {c-grp-ip-addr/mask | c-grp-ip-addr netmask}
- maximum-p2mp-spmsi range
- no maximum-p2mp-spmsi
- [no] mldp
- [no] shutdown
- [no] rsvp
- lsp-template lsp-template
- no lsp-template
- no shutdown
- umh-selection {highest-ip}
- no umh-selection
- vrf-export {unicast | policy-name [policy-name...(up to 15 max)]}
- no vrf-export
- vrf-import {unicast | policy-name [policy-name...(up to 15 max)]}
- no vrf-import
- vrf-target {unicast | ext-community | export unicast | ext-community | import unicast | ext-community}
- no vrf-target
- export {unicast | ext-community}
- import {unicast | ext-community}
Interface commands
config
- service
- vprn service-id [customer customer-id]
- no vprn service-id
- [no] interface ip-int-name
- address {ip-address/mask | ipaddress netmask} [broadcast all-ones | host-ones]
- no address
- [no] allow-directed-broadcasts
- arp-timeout [seconds]
- no arp-timeout
- bfd transmit-interval [receive receive-interval] [multiplier multiplier][echo-receive echo-interval]
- no bfd
- cflowd-parameters
- sampling {unicast|multicast} type {interface} [direction {ingress-only}]
- no sampling {unicast|multicast}
- delayed-enable seconds
- no delayed-enable
- dhcp
- description description-string
- no description
- gi-address ip-address [src-ip-addr]
- no gi-address
- [no] option
- action {replace | drop | keep}
- no action
- [no] circuit-id [ascii-tuple | ifindex | sap-id | vlan-ascii-tuple]
- [no] remote-id [mac | string string]
- [no] vendor-specific-option
- [no] client-mac-address
- [no] sap-id
- [no] service-id
- string text
- no string
- [no] system-id
- no relay-plain-bootp
- relay-plain-bootp
- no server
- server server1 [server2 ... (up to 8 max)]
- [no] shutdown
- [no] trusted
- description description-string
- no description [description-string]
- icmp
- [no] mask-reply
- redirects number seconds
- no redirects [number seconds]
- ttl-expired number seconds
- no ttl-expired [number seconds]
- unreachables number seconds
- no unreachables [number seconds]
- ip-mtu octets
- no ip-mtu
- ipv6
- no ipv6
- [no] address ipv6-address/prefix-length [eui-64] [preferred]
- [no] dhcp6-relay
- description description-string
- no description
- [no] option
- interface-id
- interface-id ascii-tuple
- interface-id ifindex
- interface-id sap-id
- interface-id string
- no interface-id
- [no] remote-id
- [no] server ipv6z-address
- [no] shutdown
- [no] source-address ipv6-address
- icmp6
- [no] packet-too-big number seconds
- [no] param-problem number seconds
- [no] redirects number seconds
- [no] time-exceeded number seconds
- [no] unreachables number seconds
- [no] link-local-address ipv6-address [preferred]
- [no] local-proxy-nd
- [no] neighbor ipv6-address mac-address
- [no] proxy-nd-policy policy-name [policy-name ... (up to 5 max)]
- [no] local-proxy-arp
- [no] loopback
- [no] proxy-arp-policy policy-name [policy-name ... (up to 5 max)]
- proxy-arp-policy ieee-address
- no proxy-arp-policy
- [no] remote-proxy-arp
- secondary {ip-address/mask | ip-address netmask} [broadcast {all-ones | host-ones}] [igp-inhibit]
- no secondary {ip-address/mask | ip-address netmask}
- static-arp ip-address ieee-address
- no static-arp ip-address [ieee-address]
- static-arp ieee-addr unnumbered
- no static-arp [ieee-addr] unnumbered
- [no] shutdown
- [no] vrrp virtual-router-id
Interface VRRP commands
Interface VRRP commands support IPv6 addresses on 7210 SAS-Mxp only.
Interface VRRP commands are only supported on 7210 SAS platforms operating in network mode.
config
- service
- vprn service-id [customer customer-id]
- no vprn service-id
- interface ip-int-name
- ipv6
- vrrp virtual-router-id [owner]
- no vrrp virtual-router-id
- [no] backup ip-address
- init-delay seconds
- no init-delay
- [no] master-int-inherit
- message-interval {[seconds] [milliseconds milliseconds]}
- no message-interval
- [no] ping-reply
- policy vrrp-policy-id
- no policy
- [no] preempt
- priority priority
- no priority
- [no] shutdown
- [no] standby-forwarding
- [no] telnet-reply
- [no] traceroute-reply
- vrrp virtual-router-id [owner]
- no vrrp virtual-router-id
- authentication-key {authentication-key | hash-key} [hash | hash2]
- no authentication-key
- [no] backup ip-address
- [no] bfd-enable [service-id] interface interface-name dst-ip ip-address
- init-delay seconds
- no init-delay
- [no] master-int-inherit
- message-interval {[seconds] [milliseconds milliseconds]}
- no message-interval
- [no] ping-reply
- policy vrrp-policy-id
- no policy
- [no] preempt
- priority priority
- no priority
- [no] shutdown
- [no] ssh-reply
- [no] standby-forwarding
- [no] telnet-reply
- [no] traceroute-reply
Interface SAP commands
config
- service
- vprn service-id [customer customer-id] [create]
- no vprn service-id
- [no] interface ip-int-name [create] [tunnel]
- [no] sap sap-id [create]
- accounting-policy acct-policy-id
- no accounting-policy [acct-policy-id]
- [no] collect-stats
- description description-string
- no description [description-string]
- ingress
- meter-override
- meter meter-id [create]
- no meter meter-id
- adaptation-rule [pir adaptation-rule] [cir adaptation-rule]
- cbs size [kbits | bytes | kbytes]
- no cbs
- mbs size [kbits | bytes | kbytes]
- no mbs
- mode mode
- no mode
- rate cir cir-rate [pir pir-rate]
- [no] shutdown
- statistics
- ingress
- counter-mode {in-out-profile-count | forward-drop-count}
VPRN SAP QoS and filter commands (for 7210 SAS-T, 7210 SAS-Sx/S 1/10GE, and 7210 SAS-Sx 10/100GE)
config
- service
- vprn service-id [customer customer-id] [create]
- no vprn service-id
- [no] interface ip-int-name [create] [tunnel]
- [no] sap sap-id
- egress
- aggregate-meter-rate rate-in-kbps [burst burst-in-kbits] [enable-stats]
- no aggregate-meter-rate
- filter ip ip-filter-id
- filter ipv6 ipv6 -filter-id
- no filter [ip ip-filter-id] [ipv6 ipv6 -filter-id]
- qos policy-id
- no qos
- ingress
- aggregate-meter-rate rate-in-kbps [burst burst-in-kbits]
- no aggregate-meter-rate
- filter ip ip-filter-id
- filter [ipv6 ipv6-filter-id]
- no filter [ip ip-filter-id] [ipv6 ipv6-filter-id]
- qos policy-id
- no qos
VPRN SAP QoS and filter commands (for 7210 SAS-Mxp)
config
- service
- vprn service-id [customer customer-id] [create]
- no vprn service-id
- [no] interface ip-int-name [create] [tunnel]
- [no] sap sap-id
- egress
- agg-rate-limit agg-rate
- no agg-rate-limit
- filter [ip ip-filter-id]
- filter [ipv6 ipv6 -filter-id]
- filter [mac mac-filter-id]
- no filter [ip ip-filter-id] [ipv6 ipv6 -filter-id] [mac mac-filter-id]
- qos policy-id
- no qos
- ingress
- aggregate-meter-rate rate-in-kbps [burst burst-in-kbits]
- no aggregate-meter-rate
- filter [ip ip-filter-id]
- filter [ipv6 ipv6-filter-id]
- filter [mac mac-filter-id]
- no filter [ip ip-filter-id] [ipv6 ipv6-filter-id] [mac mac-filter-id]
- qos policy-id [enable-table-classification]
- no qos
BGP configuration commands
config
- service
- vprn service-id [customer customer-id]
- no vprn service-id
- [no] bgp
- [no] advertise-inactive
- [no] aggregator-id-zero
- always-compare-med {zero | infinity}
- no always-compare-med
- [no] as-path-ignore
- auth-keychain name
- authentication-key [authentication-key | hash-key] [hash | hash2]
- no authentication-key
- [no] backup-path [ipv4] [ipv6]
- best-path-selection
- always-compare-med {zero | infinity}
- always-compare-med strict-as {zero | infinity}
- no always-compare-med
- as-path-ignore [ipv4] [ipv6]
- no as-path-ignore
- ignore-nh-metric
- no ignore-nh-metric
- ignore-router-id
- no ignore-router-id
- [no] connect-retry seconds
- [no] damping
- description description-string
- no description
- [no] disable-4byte-asn
- disable-capability-negotiation
- no disable-capability-negotiation
- disable-communities [standard] [extended]
- no disable-communities
- [no] disable-fast-external-failover
- [no] enable-peer-tracking
- export policy-name [policy-name...(up to 5 max)]
- no export
- family [ipv4] [ipv6]
- no family
- hold-time seconds [strict]
- no hold-time
- import policy-name [policy-name...(up to 5 max)]
- no import
- keepalive seconds
- no keepalive
- local-preference ip-address
- no local-preference
- local-as
- local-as as-number [private]
- no local-as
- local-preference local-preference
- no local-preference
- loop-detect {drop-peer | discard-route | ignore-loop | off}
- no loop-detect
- med-out {number | igp-cost}
- no med-out
- min-as-origination seconds
- no min-as-origination
- min-route-advertisement seconds
- no min-route-advertisement
- multihop ttl-value
- no multihop
- next-hop-self
- no next-hop-self
- preference preference
- no preference
- peer-as as number
- no peer-as
- [no] path-mtu-discovery
- [no] rapid-withdrawal
- [no] remove-private
- router-id ip-address
- no router-id
- [no] shutdown
- [no] group name [dynamic-peer]
- [no] advertise-inactive
- [no] aggregator-id-zero
- [no] as-override
- auth-keychain name
- authentication-key [authentication-key | hash-key] [hash | hash2]
- no authentication-key
- connect-retry seconds
- no connect-retry
- [no] damping
- description description-string
- no description
- [no] disable-4byte-asn
- disable-communities [standard] [extended]
- no disable-communities
- [no] disable-fast-external-failover
- [no] enable-peer-tracking
- export policy-name [policy-name...(up to 5 max)]
- no export
- family [ipv4] [ipv6]
- no family
- hold-time seconds [strict]
- no hold-time
- import policy-name [policy-name...(up to 5 max)]
- no import
- keepalive seconds
- no keepalive
- local-address ip-address
- no local-address
- local-as as-number [private]
- no local-as
- local-preference local-preference
- no local-preference
- loop-detect {drop-peer | discard-route | ignore-loop | off}
- no loop-detect
- med-out {number | igp-cost}
- no med-out
- min-as-origination seconds
- no min-as-origination
- min-route-advertisement seconds
- no min-route-advertisement
- multihop ttl-value
- no multihop
- [no] next-hop-self
- peer-as as-number
- no peer-as
- preference preference
- no preference
- [no] path-mtu-discovery
- prefix-limit limit [log-only] [threshold percent]
- no prefix-limit
- [no] remove-private
- [no] shutdown
- ttl-security min-ttl-value
- no ttl-security
- type {internal | external}
- no type
- [no] neighbor ip-address
- [no] advertise-inactive
- [no] aggregator-id-zero
- [no] as-override
- auth-keychain name
- authentication-key [authentication-key | hash-key] [hash | hash2]
- no authentication-key
- connect-retry seconds
- no connect-retry
- [no] damping
- description description-string
- no description
- [no] disable-4byte-asn
- disable-communities [standard] [extended]
- no disable-communities
- [no] disable-fast-external-failover
- [no] enable-peer-tracking
- export policy-name [policy-name...(up to 5 max)]
- no export
- family [ipv4] [ipv6]
- no family
- hold-time seconds [strict]
- no hold-time
- import policy-name [policy-name...(up to 5 max)]
- no import
- keepalive seconds
- no keepalive
- local-address ip-address
- no local-address
- local-as as-number [private]
- no local-as
- local-preference local-preference
- no local-preference
- loop-detect {drop-peer | discard-route | ignore-loop | off}
- no loop-detect
- med-out {number | igp-cost}
- no med-out
- min-as-origination seconds
- no min-as-origination
- min-route-advertisement seconds
- no min-route-advertisement
- multihop ttl-value
- no multihop
- [no] next-hop-self
- peer-as as-number
- no peer-as
- preference preference
- no preference
- [no] path-mtu-discovery
- prefix-limit limit [log-only] [threshold percent]
- no prefix-limit
- [no] remove-private
- [no] shutdown
- ttl-security min-ttl-value
- no ttl-security
- type {internal | external}
- no type
Router advertisement commands
config
- service
- vprn service-id [customer customer-id]
- no vprn service-id
- [no]router-advertisement
- [no] interface ip-int-name
- current-hop-limit number
- no current-hop-limit
- [no] managed-configuration
- max-advertisement-interval seconds
- no max-advertisement-interval
- min-advertisement-interval seconds
- no min-advertisement-interval
- mtu mtu-bytes
- no mtu
- [no] other-stateful-configuration
- prefix
- [no] autonomous
- [no] on-link
- preferred-lifetime {seconds | infinite}
- no preferred-lifetime
- valid-lifetime{seconds | infinite}
- no valid-lifetime
- reachable-time milli-seconds
- no reachable-time
- retransmit-time milli-seconds
- no retransmit-time
- router-lifetime seconds
- no router-lifetime
- [no] shutdown
OSPF configuration commands (IPv4 only)
OSPF configuration commands only support IPv4 addresses.
config
- service
- vprn service-id [customer customer-id]
- no vprn service-id
- [no] ospf
- [no] area area-id
- area-range ip-prefix/mask [advertise | not-advertise]
- no area-range ip-prefix/mask
- [no] blackhole-aggregate
- [no] interface ip-int-name [secondary]
- [no] advertise-subnet
- authentication-key [authentication-key | hash-key] [hash | hash2]
- no authentication-key
- authentication-type {password | message-digest}
- no authentication-type
- bfd-enable [remain-down-on-failure]
- no bfd-enable
- dead-interval seconds
- no dead-interval
- hello-interval seconds
- no hello-interval
- interface-type {broadcast | point-to-point}
- no interface-type
- message-digest-key key-id md5 [key | hash-key] [hash | hash2]
- no message-digest-key key-id
- metric metric
- no metric
- mtu bytes
- no mtu
- [no] passive
- priority number
- no priority
- retransmit-interval seconds
- no retransmit-interval
- [no] shutdown
- transit-delay seconds
- no transit-delay
- [no] nssa
- area-range ip-prefix/mask [advertise | not-advertise]
- no area-range ip-prefix/mask
- originate-default-route [type-7]
- no originate-default-route
- [no] redistribute-external
- [no] summaries
- [no] sham-link ip-int-name ip-address
- authentication-key [authentication-key | hash-key] [hash | hash2]
- no authentication-key
- authentication-type {password | message-digest}
- no authentication-type
- dead-interval seconds
- no dead-interval
- hello-interval seconds
- no hello-interval
- message-digest-key key-id md5 [key | hash-key] [hash | hash2]
- no message-digest-key key-id
- metric metric
- no metric
- retransmit-interval seconds
- no retransmit-interval
- [no] shutdown
- transit-delay seconds
- no transit-delay
- [no] stub
- default-metric metric
- no default-metric
- [no] summaries
- [no] virtual-link router-id transit-area area-id
- authentication-key [authentication-key | hash-key] [hash | hash2]
- no authentication-key
- authentication-type {password | message-digest}
- no authentication-type
- dead-interval seconds
- no dead-interval
- hello-interval seconds
- no hello-interval
- message-digest-key key-id md5 [key | hash-key] [hash | hash2]
- no message-digest-key key-id
- retransmit-interval seconds
- no retransmit-interval
- [no] shutdown
- transit-delay seconds
- no transit-delay
- [no] compatible-rfc1583
- export policy-name [policy-name...(up to 5 max)]
- no export
- external-db-overflow limit seconds
- no external-db-overflow
- external-preference preference
- no external-preference
- [no] ignore-dn-bit
- import policy-name [policy-name...(up to 5 max)]
- no import policy-name [policy-name...(up to 5 max)]
- overload [timeout seconds]
- no overload
- [no] overload-include-stub
- overload-on-boot [timeout seconds]
- no overload-on-boot
- preference preference
- no preference
- reference-bandwidth bandwidth-in-kbps
- no reference-bandwidth
- router-id ip-address
- no router-id
- [no] shutdown
- [no] super-backbone
- [no] suppress-dn-bit
- timers
- [no] lsa-arrival lsa-arrival-time
- [no] lsa-generate max-lsa-wait [lsa-initial-wait [lsa-second-wait]]
- [no] spf-wait max-spf-wait [spf-initial-wait [spf-second-wait]]
- vpn-domain id {0005 | 0105 | 0205 | 8005}
- no vpn-domain
- vpn-tag vpn-tag
- no vpn-tag
PIM configuration commands (for 7210 SAS-T (network operating mode) and 7210 SAS-Mxp)
config
- service
- vprn
- [no] pim
- import {join-policy | register-policy} [policy-name [.. policy-name ..(up to 5 max)]
- no import {join-policy | register-policy}
- [no] interface ip-int-name
- assert-period assert-period
- no assert-period
- [no] bfd-enable [ipv4]
- [no] bsm-check-rtr-alert
- hello-interval hello-interval
- no hello-interval
- hello-multiplier deci-units
- no hello-multiplier
- [no] improved-assert
- instant-prune-echo
- no instant-prune-echo
- max-groups value
- no max-groups
- multicast-senders {auto | always | never}
- no multicast-senders
- priority dr-priority
- no priority
- [no] shutdown
- sticky-dr [priority dr-priority]
- no sticky-dr
- three-way-hello
- no three-way-hello
- [no] tracking-support
- [no] non-dr-attract-traffic
- rp
- [no] anycast rp-ip-address
- [no] rp-set-peer ip-address
- bootstrap-export policy-name [policy-name ... (up to 5 max)]
- no bootstrap-export
- bootstrap-import policy-name [policy-name ... (up to 5 max)]
- no bootstrap-import
- bsr-candidate
- address ip-address
- no address
- hash-mask-len hash-mask-length
- no hash-mask-len
- priority bootstrap-priority
- no priority
- [no] shutdown
- rp-candidate
- address ip-address
- no address
- [no] group-range {grp-ip-address/mask | grp-ip-address [netmask]}
- holdtime holdtime
- no holdtime
- priority priority
- no priority
- [no] shutdown
- static
- [no] address ip-address
- [no] group-prefix {grp-ip-address/mask | grp-ip-address netmask}
- [no] override
- [no] shutdown
- spt-switchover-threshold {grp-ip-address/mask | grp-ip-address netmask} spt-threshold
- no spt-switchover-threshold {grp-ip-address/mask | grp-ip-address netmask} spt-threshold
- ssm-assert-compatible-mode [enable | disable]
- ssm-default-range-disable ipv4
- [no] ssm-groups
- [no] group-range {grp-ip-address/mask | grp-ip-address netmask}
Show commands
show
- service
- egress-label start-label [end-label]
- ingress-label start-label [[end-label]
- id service-id
- all
- base
- dhcp
- statistics [sap sap-id] [interface interface-name]
- summary [interface interface-name | saps]
- sap [sap-id [detail]]
- sdp [sdp-id | far-end ip-address] [detail]
- labels
- sap-using [sap sap-id]
- sap-using interface [ip-address | ip-int-name]
- sap-using [ingress | egress] filter filter-id
- sap-using [ingress | qos-policy qos-policy-id
- sdp-using [sdp-id | far-end ip-address] [detail | keep-alive-history]
- sdp-using [sdp-id[:vc-id]
- service-using [vprn] [sdp sdp-id] [customer customer-id]
show
- router [vprn-service-id]
- aggregate [family] [active]
- arp [ip-int-name | ip-address[/mask] | macieee-mac address | summary] [local | dynamic | static | managed]
- bgp
- auth-keychain [keychain]
- damping [ip-prefix[/prefix-length]] [decayed | history | suppressed] [detail] [ipv4]
- damping [ip-prefix[/prefix-length]] [decayed | history | suppressed] [detail] vpn-ipv4
- group [name] [detail] inter-as-label
- neighbor [ip-address [detail]
- neighbor [as-number [detail]
- neighbor [ip-address [[family family] filter1] [filter3]]
- neighbor [as-number [[family family] filter2]]
- next-hop [family] [ip-address [detail]]
- paths
- routes [family family] [prefix [detail | longer]]
- routes [family family] [prefix [hunt | brief]]
- routes [family family] [community comm-id]
- routes [family family] [aspath-regex reg-ex1]
- routes [family] [ipv6-prefix[/prefix-length] [detail | longer] | [hunt [brief]]]
- summary [all]
- interface [{[ip-address | ip-int-name] [detail]} | summary [family family] [neighbor ip-address]
- mvpn
- mvpn-list [type type] [auto-discovery auto-discovery] [signalling signalling] [group group]
- route-table [family][ip-address[/prefix-length] [longer | exact]] | [protocol protocol-name] | [summary]
- sgt-qos (See Note)
- application
- dscp-map
- static-arp [ip-address | ip-int-name | mac ieee-mac-address]
- static-route [ip-prefix /mask] | [preference preference] | [next-hop ip-address | tag tag] [detail]
- tunnel-table [ip-address[/mask] [protocol protocol | sdp sdp-id]
- tunnel-table [summary]
For descriptions of the show router sgt-qos commands, refer to the 7210 SAS-Mxp, R6, R12, S, Sx, T Quality of Service Guide, ‟Network QoS Policy Command Reference, Show Commands (for 7210 SAS-Mxp)”.
Clear commands
clear
- router
- bgp
- damping [{prefix/mask [neighbor ip-address]} | {group name}]
- flap-statistics [[ip-prefix/mask] [neighbor ip-address]] | [group group-name] | [regex reg-exp] | [policy policy-name]
- neighbor {ip-address | as as-number | external | all} [soft | soft-inbound | statistics]
- protocol
- forwarding-table [slot-number]
- interface [ip-int-name | ip-address] [icmp] [statistics]
clear
- service
- id service-id
- spoke-sdp sdp-id:vc-id ingress-vc-label
- statistics
- sap sap-id {all | counters | stp}
- sdp sdp-id keep-alive
- id service-id
- counters
- spoke-sdp sdp-id:vc-id {all | counters | stp}
- spoke-sdp
Debug commands
debug
- service
- id service-id
- [no] event-type {config-change | svc-oper-status-change | sap-oper-status-change | sdpbind-oper-status-change}
- [no] sap sap-id
- event-type {config-change | oper-status-change}
- [no] sdp sdp-id:vc-id
- event-type {config-change | oper-status-change}
- stp
- [no] all-events
- [no] bpdu
- [no] core-connectivity
- [no] exception
- [no] fsm-state-changes
- [no] fsm-timers
- [no] port-role
- [no] port-state
- [no] sap sap-id
- [no] sdp sdp-id:vc-id
Command descriptions
VPRN service configuration commands
Generic commands
description
Syntax
description description-string
no description
Context
config>service>vprn>bgp
config>service>vprn
config>service>vprn>if
config>service>vprn>if>sap
config>service>vprn>if>ipv6 (only supported on the 7210 SAS-Mxp)
config>service>vprn>if>ipv6>dhcp6-relay (only supported on the 7210 SAS-Mxp)
config>service>vprn>bgp
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command creates a text description stored in the configuration file for a configuration context.
The no form of this command removes the string from the configuration.
Parameters
- description-string
Specifies the description character string. Allowed values are any string up to 80 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.
shutdown
Syntax
[no] shutdown
Context
config>service>vprn
config>service>vprn>if
config>service>vprn>if>sap
config>service>vprn>if>ipv6 (only supported on the 7210 SAS-Mxp)
config>service>vprn>if>ipv6>dhcp6-relay (only supported on the 7210 SAS-Mxp)
config>service>vprn>bgp
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
config>service>vprn>spoke-sdp
config>service>vprn>if>vrrp
config>service>vprn>if>ipv6>vrrp
config>service>vprn>if>dhcp
config>service>vprn>if>ipv6>dhcp
config>service>vprn>if>ipv6>ospf
config>service>vprn>if>ipv6>pim
config>service>vprn>if>ipv6>igmp
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command administratively disables an entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics.
The operational state of the entity is disabled, as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.
Default administrative states for services and service entities is described as follows in Special Cases.
The no form of this command places the entity into an administratively enabled state.
If the AS number was previously changed, the BGP AS number inherits the new value.
Special Cases
- Service Admin State
Bindings to an SDP within the service are put into the out-of-service state when the service is shut down. While the service is shut down, all customer packets are dropped and counted as discards for billing and debugging purposes.
A service is regarded as operational providing that one IP Interface SAP and one SDP is operational.
- VPRN BGP
Disables the BGP instance on the specific IP interface. Routes learned from a neighbor that is shut down are immediately removed from the BGP database and RTM. If BGP is globally shut down, all group and neighbor interfaces are operationally shut down. If a BGP group is shut down, all member neighbor interfaces are shutdown operationally. If a BGP neighbor is shut down, only that neighbor interface is operationally shutdown.
- VRRP Protocol Handling
On all 7210 SAS platforms, VRRP is created in the no shutdown state.
On the 7210 SAS-Mxp, the protocol is handled as follows.
The configure service vprn if vrrp command instantiates the protocol in the no shutdown state, and resources are allocated to enable the node to process the protocol.
To deallocate resources, you must issue the configure service vprn if vrrp shutdown and configure service vprn if no vrrp commands to allow the node to start up correctly after the reboot. It is not sufficient to only issue a configure service vprn if vrrp shutdown command.
Resources for VRRP are allocated when the VRRP context is enabled, either in the base routing instance or the VPRN service instance. Resources are deallocated when the configuration of the last VRRP context under either base routing instances or VPRN service is removed or shutdown.
- VRRPv3 Protocol Handling
On all 7210 SAS platforms, VRRPv3 is created in the no shutdown state.
On the 7210 SAS-Mxp, the protocol is handled as follows.
The configure service vprn if ipv6 vrrp command instantiates the protocol in the no shutdown state, and resources are allocated to enable the node to process the protocol.
To deallocate resources, you must issue the configure service vprn if ipv6 vrrp shutdown and configure service vprn if ipv6 no vrrp commands to allow the node to start up correctly after the reboot. It is not sufficient to only issue the configure service vprn if ipv6 vrrp shutdown command.
The resources for VRRPv3 are allocated when the VRRPv3 context is enabled either in the base routing instance or the VPRN service instance. Resources are deallocated when the configuration of the last VRRPv3 context under either base routing instances or VPRN service is removed or shutdown.
- BGP Protocol Handling
On all 7210 SAS platforms, BGP is created in the no shutdown state.
On the 7210 SAS-Mxp, the protocol is handled as follows.
The configure service vprn bgp command instantiates the protocol in the no shutdown state, and resources are allocated to enable the node to process the protocol.
To deallocate resources, you must issue the configure service vprn bgp shutdown and configure service vprn no bgp commands to allow the node to start up correctly after the reboot. It is not sufficient to only issue a configure service vprn bgp shutdown command.
Resources for BGP are allocated when the BGP context is enabled either in the base routing instance or the VPRN service. Resources are deallocated when the configuration of the last BGP context under either the base routing instance or VPRN service instance is removed and shutdown.
- IGMP Protocol Handling
On all 7210 SAS platforms, IGMP is created in the no shutdown state.
On the 7210 SAS-Mxp, the protocol is handled as follows.
The configure service vprn igmp command instantiates the protocol in the no shutdown state, and resources are allocated to enable the node to process the protocol.
To deallocate resources, you must issue the configure service vprn igmp shutdown and configure service vprn no igmp commands to allow the node to start up correctly after the reboot. It is not sufficient to issue only the configure service vprn igmp shutdown command.
Resources for IGMP are allocated when the IGMP protocol is enabled, either in the base routing instance or the VPRN service instance. Resources are deallocated when the configuration of the last IGMP context under either base routing instances or VPRN service is removed or shutdown.
- PIM Protocol Handling
On all 7210 SAS platforms, PIM is created in the no shutdown state.
On the 7210 SAS-Mxp, the protocol is handled as follows.
The configure service vprn pim command instantiates the protocol in the no shutdown state and resources are allocated to enable the node to process the protocol.
To deallocate resources, you must issue the configure service vprn pim shutdown and configure service vprn no pim commands to allow the node to start up correctly after the reboot. It is not sufficient to issue only the configure service vprn pim shutdown command.
Resources for PIM are allocated when the PIM protocol is enabled, either in the base routing instance or the VPRN service instance. Resources are deallocated when the configuration of the last PIM context under either base routing instances or VPRN service is removed or shutdown.
- OSPFv2 Protocol Handling
On all 7210 SAS platforms, OSPFv2 is created in the no shutdown state.
On the 7210 SAS-Mxp, the protocol is handled as follows.
The configure service vprn ospf command instantiates the protocol in the no shutdown state, and resources are allocated to enable the node to process the protocol.
To deallocate resource, you must issue the configure service vprn ospf shutdown and configure service vprn no ospf commands to allow the node to start up correctly after the reboot. It is not sufficient to issue only the configure service vprn ospf shutdown command.
Resources for OSPF are allocated when the OSPF protocol is enabled, either in the base routing instance or the VPRN service instance. Resources are deallocated when the configuration of the last OSPF context under either base routing instances or VPRN service is removed or shutdown
- DHCP Protocol Handling for 7210 SAS-Mxp
When the no shutdown command is issued in the configure>service>vprn>if>dhcp context under the first IPv4 interface configured, in either the base routing instance or VPRN service instance, resources are allocated to enable the node to process the protocol.
The resources are deallocated when you issue the configure service vprn if dhcp shutdown command for the last IPv4 interface configured, in either the base routing instance or VPRN service instance enabled to use DHCP relay (IPv4).
- DHCP6-RELAY Protocol Handling for 7210 SAS-Mxp
When the no shutdown command is issued in the configure>service>vprn>if>ipv6>dhcp6-relay context under the first IPv6 interface configured in any VPRN service, resources are allocated to enable processing of the protocol by the node.
The resources are deallocated when you issue the configure service vprn if ipv6 dhcp6-relay shutdown command for the last IPv6 interface configured in either the base routing instance or VPRN service instance enabled to use DHCP6 relay.
Global commands
vprn
Syntax
vprn service-id [customer customer-id] [create]
no vprn service-id
Context
config>service
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command creates or edits a Virtual Private Routed Network (VPRN) service instance.
If the service-id does not exist, a context for the service is created. If the service-id exists, the context for editing the service is entered.
VPRN services allow the creation of customer-facing IP interfaces in the same routing instance used for service network core routing connectivity. VPRN services require that the IP addressing scheme used by the subscriber must be unique between it and other addressing schemes used by the provider and potentially the entire Internet.
IP interfaces defined within the context of an VPRN service ID must have a SAP created as the access point to the subscriber network.
When a service is created, the customer keyword and customer-id must be specified to associate the service with a customer. The customer-id must already exist, having been created using the customer command in the service context. When a service is created with a customer association, it is not possible to edit the customer association. The service must be deleted and recreated with a new customer association.
When a service is created, the use of the customer customer-id is optional to navigate into the service configuration context. Attempting to edit a service with the incorrect customer-id results in an error.
Multiple VPRN services are created to separate customer-owned IP interfaces. More than one VPRN service can be created for a single customer ID. More than one IP interface can be created within a single VPRN service ID. All IP interfaces created within an VPRN service ID belong to the same customer.
The no form of this command deletes the VPRN service instance with the specified service-id. The service cannot be deleted until all the IP interfaces and all routing protocol configurations defined within the service ID have been shut down and deleted.
Parameters
- service-id
Specifies the service ID number identifying the service in the service domain. This ID must be unique to this service and may not be used for any other service of any type. The service-id must be the same number used for every 7210 SAS on which this service is defined.
- customer customer-id
Specifies an existing customer ID number to be associated with the service. This parameter is required on service creation and is optional for service editing or deleting.
allow-export-bgp-vpn
Syntax
[no] allow-export-bgp-vpn
Context
config>service>vprn
Platforms
7210 SAS-Mxp
Description
This command causes the vrf-export and vrf-target commands to include BGP-VPN routes installed in the VPRN route table. These routes are usually not readvertisable as VPN-IP routes because of split horizon.
When a BGP-VPN route is reexported, the route distinguisher and label values are rewritten according to the configuration of the reexporting VPRN.
This command requires the VPRN context to be shut down and restarted for changes to take effect.
This command can be configured only with VPRN loopback interfaces.
Ensure that routing updates do not loop back to the source when this command is used, otherwise the routes could become unstable.
The no form of this command reverts to the default value.
Default
no allow-export-bgp-vpn
auto-bind-tunnel
Syntax
auto-bind-tunnel
Context
config>service>vprn
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
Commands in this context configure automatic binding of a VPRN service using tunnels to MP-BGP peers.
The user must configure the resolution option to enable auto-bind resolution to tunnels in the TTM. If the resolution option is explicitly set to disabled, auto-binding to tunnels is removed.
If the resolution is set to any, any supported tunnel type in a VPRN context is selected following the TTM preference. If one or more explicit tunnel types are specified using the resolution-filter option, only these tunnel types are selected again following the TTM preference.
The user must set the resolution command to filter to activate the list of tunnel types configured under resolution-filter.
When an explicit SDP to a BGP next hop is configured in a VPRN service (using the configure service vprn spoke-sdp command), it overrides the auto-bind-tunnel selection for that BGP next hop only. There is no support for reverting automatically to the auto-bind-tunnel selection if the explicit SDP goes down. The user must delete the explicit spoke-SDP in the VPRN service context to resume using the auto-bind-tunnel selection for the BGP next hop.
resolution
Syntax
resolution {any | filter | disabled}
Context
config>service>vprn>auto-bind-tunnel
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures the resolution mode in the automatic binding of a VPRN service to tunnels to MP-BGP peers.
Parameters
- any
Keyword that enables the binding to any supported tunnel type in the VPRN context following the TTM preference.
- filter
Keyword that enables the binding to the subset of tunnel types configured under resolution-filter.
- disabled
Keyword that disables the automatic binding of a VPRN service to tunnels to MP-BGP peers.
resolution-filter
Syntax
resolution-filter
Context
config>service>vprn>auto-bind-tunnel
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
Commands in this context configure the subset of tunnel types that can be used in the resolution of VPRN prefixes within the automatic binding of VPRN services to tunnels to MP-BGP peers.
The following tunnel types are supported in a VPRN context: RSVP, LDP, and segment routing (SR). The BGP tunnel type is not explicitly configured and is therefore implicit. It is always preferred over any other tunnel type enabled in the auto-bind-tunnel context.
ldp
Syntax
[no] ldp
Context
config>service>vprn>auto-bind-tunnel>res-filter
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies the use of LDP tunnel types for the resolution of VPRN prefixes within the automatic binding of VPRN services to tunnels to MP-BGP peers.
When ldp is specified, BGP searches for an LDP LSP with a FEC prefix corresponding to the address of the BGP next hop.
The no form of this command disables the use of LDP tunnel types for the resolution of VPRN prefixes within the automatic binding of VPRN services to tunnels to MP-BGP peers.
Default
no ldp
rsvp
Syntax
[no] rsvp
Context
config>service>vprn>auto-bind-tunnel>res-filter
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies the use of RSVP tunnel types for the resolution of VPRN prefixes within the automatic binding of VPRN services to tunnels to MP-BGP peers.
When rsvp is specified, BGP searches for the best metric RSVP LSP to the address of the BGP next hop. This address can correspond to the system interface or to another loopback used by the BGP instance on the remote node. The LSP metric is provided by MPLS in the tunnel table. In the case of multiple RSVP LSPs with the same lowest metric, BGP selects the LSP with the lowest tunnel-id.
The no form of this command disables the use of RSVP tunnel types for the resolution of VPRN prefixes within the automatic binding of VPRN service to tunnels to MP-BGP peers.
Default
no rsvp
sr-isis
Syntax
[no] sr-isis
Context
config>service>vprn>auto-bind-tunnel>res-filter
Platforms
7210 SAS-Mxp, 7210 SAS-Sx/S 1/10GE (standalone mode), and 7210 SAS-Sx 10/100GE (standalone mode)
Description
This command configures the use of SR-ISIS tunnel types for the resolution of VPRN prefixes within the automatic binding of VPRN service to tunnels to MP-BGP peers.
When this command is specified, an SR tunnel to the BGP next hop is selected in the TTM from the lowest numbered IS-IS instance.
The no form of this command disables the use of SR-ISIS tunnel types for the resolution of VPRN prefixes within the automatic binding of VPRN service to tunnels to MP-BGP peers.
Default
no sr-isis
sr-ospf
Syntax
[no] sr-ospf
Context
config>service>vprn>auto-bind-tunnel>res-filter
Platforms
7210 SAS-Mxp, 7210 SAS-Sx/S 1/10GE (standalone mode), and 7210 SAS-Sx 10/100GE (standalone mode)
Description
This command configures the use of SR-OSPF tunnel types for the resolution of VPRN prefixes within the automatic binding of VPRN service to tunnels to MP-BGP peers.
When sr-ospf is specified, an SR tunnel to the BGP next hop is selected in the TTM from the lowest numbered OSPF instance.
The no form of this command disables the use of SR-OSPF tunnel types for the resolution of VPRN prefixes within the automatic binding of VPRN service to tunnels to MP-BGP peers.
Default
no sr-ospf
autonomous-system
Syntax
autonomous-system as-number
no autonomous-system
Context
config>service>vprn
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command defines the autonomous system (AS) to be used by this VPN routing/forwarding (VRF).
The no form of this command removes the defined AS from this VPRN context.
Default
no autonomous-system
Parameters
- as-number
Specifies the AS number for the VPRN service.
enable-bgp-vpn-backup
Syntax
enable-bgp-vpn-backup [ipv4] [ipv6]
no enable-bgp-vpn-backup
Context
config>service>vprn
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command enables only imported BGP-VPN routes from the remote PE to be considered when selecting the primary and backup paths. This command is required to support fast failover of ingress traffic from one remote PE to another remote PE.
7210 SAS platforms do not consider multiple paths learned from CE BGP peers when selecting primary and backup paths to reach the CE.
Default
no enable-bgp-vpn-backup
Parameters
- ipv4
Keyword that allows BGP-VPN routes to be used as backup paths for IPv4 prefixes.
- ipv6
Keyword that allows BGP-VPN routes to be used as backup paths for IPv6 prefixes.
vpls
Syntax
vpls service-name
Context
config>service
config>service>ies>if
config>service>vprn>if
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command, in the IP interface context, is used to bind the IP interface to the specified service name.
The system does not attempt to resolve the provided service name until the IP interface is placed into the administratively up state (no shutdown). When the IP interface is administratively up, the system scans the available VPLS services that have the allow-ip-int-binding flag set for a VPLS service associated with the name. If the service name is bound to the service name when the IP interface is already in the administratively up state, the system immediately attempts to resolve the specific name.
If a VPLS service is found associated with the name and has the allow-ip-int-binding flag set, the IP interface is attached to the VPLS service, allowing routing to and from the service virtual ports when the IP interface is operational.
A VPLS service associated with the specified name that does not have the allow-ip-int-binding flag set, or a non-VPLS service associated with the name, is ignored and is not attached to the IP interface.
If the service name is applied to a VPLS service after the service name is bound to an IP interface and the VPLS service allow-ip-int-binding flag is set at the time the name is applied, the VPLS service is automatically resolved to the IP interface if the interface is administratively up or when the interface is placed in the administratively up state.
If the service name is applied to a VPLS service without the allow-ip-int-binding flag set, the system does not attempt to resolve the applied service name to an existing IP interface bound to the name. To rectify this condition, the flag must first be set, and then the IP interface must enter or reenter the administratively up state.
While the specified service name may be assigned to only one service context in the system, it is possible to bind the same service name to more than one IP interface. If two or more IP interfaces are bound to the same service name, the first IP interface to enter the administratively up state (if currently administratively down) or to reenter the administratively up state (if currently administratively up) when a VPLS service is configured with the name and has the allow-ip-int-binding flag set is attached to the VPLS service. Only one IP interface is allowed to attach to a VPLS service context. No error is generated for the remaining non-attached IP interfaces using the service name.
When an IP interface is attached to a VPLS service, the name associated with the service cannot be removed or changed until the IP interface name binding is removed. Also, the allow-ip-int-binding flag cannot be removed until the attached IP interface is unbound from the service name. Unbinding the service name from the IP interface causes the IP interface to detach from the VPLS service context. The IP interface may then be bound to another service name, or a SAP or SDP binding may be created for the interface using the SAP or spoke-SDP commands on the interface.
Parameters
- service-name
Specifies the service name that the system attempts to resolve to an allow-ip-int-binding enabled VPLS service associated with the name. This parameter is required when using the IP interface vpls command. The specified name is expressed as an ASCII string comprised of up to 32 characters. It does not need to already be associated with a service and the system does not check to ensure that multiple IP interfaces are not bound to the same name.
interface
Syntax
interface ip-int-name
no interface ip-int-name
Context
config>service>ies
config>service>vprn
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command configures a logical IP routing interface for a VPRN. When created, attributes such as an IP address and Service Access Point (SAP) can be associated with the IP interface.
The interface command, under the context of services, is used to create and maintain IP routing interfaces within VPRN service IDs. The interface command can be executed in the context of an IES service ID. The IP interface created is associated with the service core network routing instance and default routing.
Interface names are case sensitive and must be unique within the group of defined IP interfaces defined for config service vprn interface (that is, the network core router instance). Interface names must not be in the dotted-decimal notation of an IP address. For example, the name ‟1.1.1.1” is not allowed but ‟int-1.1.1.1” is allowed. Show commands for router interfaces use either interface names or the IP addresses. Use unique IP address values and IP address names to maintain clarity. It could be unclear if the same IP address and IP address name values are used. Although not recommended, duplicate interface names can exist in different router instances.
When a new name is entered, a new logical router interface is created. When an existing interface name is entered, the user enters the router interface context for editing and configuration.
By default, there are no default IP interface names defined within the system. All VPRN IP interfaces must be explicitly defined. Interfaces are created in an enabled state.
The no form of this command removes the IP interface and all the associated configuration. The interface must be administratively shut down before issuing the no interface command.
For IES services, the IP interface must be shut down before the SAP on that interface may be removed.
Parameters
- ip-int-name
Specifies the name of the IP interface. Interface names must be unique within the group of defined IP interfaces for config router interface and config service vprn interface commands. An interface name cannot be in the form of an IP address. Interface names can be from 1 to 32 alphanumeric characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.
If ip-int-name already exists within the service ID, the context is changed to maintain that IP interface. If ip-int-name already exists within another service ID, an error occurs, and the context is not changed to that IP interface. If ip-int-name does not exist, the interface is created and context is changed to that interface for further command processing.
ingress
Syntax
ingress
Context
config>service>ies>if>vpls
config>service>vprn>if>vlps
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
Commands in this context define the VPLS routed ip-filter-id optional filter overrides.
enable-table-classification
Syntax
[no] enable-table-classification
Context
config>service>vprn>if>vpls>ingress
Platforms
7210 SAS-Mxp.
Description
This command enables and disables the use of IP DSCP table-based classification to assign forwarding class (FC) and profile on a per-interface ingress basis.
The match-criteria configured in the service ingress policy, which require CAM resources, are ignored. Only meters from the service ingress policy are used (and the meters still require CAM resources). If an IP DSCP classification policy is configured in the VPLS SAP ingress policy, it is not used to assign FC and profile.
The no form of this command disables table-based classification. When disabled, the IP ingress packets within a VPLS service attached to the IP interface use the SAP ingress QoS policy applied to the virtual port used by the packets, when defined.
Default
no enable-table-classification
routed-override-qos-policy
Syntax
routed-override-qos-policy policy-id
no routed-override-qos-policy
Context
config>service>vprn>if>vpls>ingress
Platforms
7210 SAS-Mxp.
Description
This command configures an IP DSCP classification policy that is applied to all ingress packets entering the VPLS service. The DSCP classification policy overrides any existing SAP ingress QoS policy applied to SAPs for packets associated with the routing IP interface. The routed override QoS policy is optional, and when it is not defined or removed, the IP routed packets use the existing SAP ingress QoS policy configured on the VPLS virtual port.
The no form of this command removes the IP DSCP classification policy from the ingress IP interface. When removed, the IP ingress routed packets within a VPLS service attached to the IP interface use the SAP ingress QoS policy applied to the virtual port used by the packets, when defined.
Default
no routed-override-qos-policy
Parameters
- policy-id
Specifies the ID for the routed override QoS policy. Allowed values are an integer that corresponds to an IP DSCP classification policy previously created in the configure>qos>dscp-classification context.
v4-routed-override-filter
Syntax
v4-routed-override-filter ip-filter-id
no v4-routed-override-filter
Context
config>service>ies>if>vpls>ingress
config>service>vprn>if>vpls>ingress
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command specifies an IP filter ID that is applied to all ingress packets entering the VPLS service. The filter overrides any existing ingress IP filter applied to SAPs or SDP bindings for packets associated with the routing IP interface. The override filter is optional, and when it is not defined or is removed, the IP routed packets use the existing ingress IP filter on the VPLS virtual port.
The no form of this command is used to remove the IP routed override filter from the ingress IP interface. When removed, the IP ingress routed packets within a VPLS service attached to the IP interface use the IP ingress filter applied to the packets virtual port, when defined.
Parameters
- ip-filter-id
Specifies the ID for the IP filter policy. Allowed values are an integer that corresponds to an IP filter policy previously created in the configure>filter>ip-filter context.
igmp
Syntax
igmp
Context
config>service>vprn
Platforms
7210 SAS-T (network operating mode), 7210 SAS-Mxp
Description
Commands in this context configure IGMP parameters.
interface
Syntax
interface ip-int-name
no interface
Context
config>service>vprn>igmp
Platforms
7210 SAS-T, 7210 SAS-Mxp
Description
This command configures IGMP interface parameters.
Parameters
- ip-int-name
Specifies the name of the IP interface. Interface names can be from 1 to 32 alphanumeric characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.
import
Syntax
import policy-name
no import
Context
config>service>vprn>igmp>if
Platforms
7210 SAS-T (network operating mode), 7210 SAS-Mxp
Description
This command imports a policy to filter IGMP packets.
The no form of this command removes the policy association from the IGMP instance.
Default
no import
Parameters
- policy-name
Specifies the import route policy name. Allowed values are any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.
The specified names must already be defined.
disable-router-alert-check
Syntax
disable-router-alert-check
no disable-router-alert-check
Context
config>service>vprn>igmp>if
Platforms
7210 SAS-T (network operating mode), 7210 SAS-Mxp
Description
This command enables the IGMP router alert check option.
The no form of this command disables the router alert check.
max-sources
Syntax
max-sources sources
no max-sources
Context
config>service>vprn>igmp>if
Platforms
7210 SAS-T (network operating mode), 7210 SAS-Mxp
Description
This command specifies the maximum number of sources for which IGMP can have local receiver information, based on received IGMP reports on this interface. When this configuration is changed dynamically to a value lower than the currently accepted number of sources, the sources that are already accepted are not deleted. Only new sources are not allowed.
Parameters
- sources
Specifies the maximum number of sources for this interface.
max-groups
Syntax
max-groups value
no max-groups
Context
config>service>vprn>igmp>if
Platforms
7210 SAS-T (network operating mode), 7210 SAS-Mxp
Description
This command specifies the maximum number of groups for which IGMP can have local receiver information based on received IGMP reports on this interface. When this configuration is changed dynamically to a value lower than the currently accepted number of groups, the groups that are already accepted are not deleted. Only new groups are not allowed. By default, there is no limit to the number of groups.
Default
0
Parameters
- value
Specifies the maximum number of groups for this interface.
static
Syntax
static
Context
config>service>vprn>igmp>if
Platforms
7210 SAS-T (network operating mode), 7210 SAS-Mxp
Description
This command tests forwarding on an interface without a receiver host. When enabled, data is forwarded to an interface without receiving membership reports from host members.
group
Syntax
[no] group grp-ip-address
Context
config>service>vprn>igmp>if>static
Platforms
7210 SAS-T (network operating mode), 7210 SAS-Mxp
Description
This command adds a static multicast group either as a (*,G) or one or more (S,G) records. Use IGMP static group memberships to test multicast forwarding without a receiver host. When IGMP static groups are enabled, data is forwarded to an interface without receiving membership reports from host members.
When static IGMP group entries on point-to-point links that connect routers to a rendezvous point (RP) are configured, the static IGMP group entries do not generate join messages toward the RP.
Parameters
- grp-ip-address
Specifies an IGMP multicast group address that receives data on an interface. The IP address must be unique for each static group. The address must be in dotted-decimal notation.
source
Syntax
[no] source ip-address
Context
config>service>vprn>igmp>if>static>group
Platforms
7210 SAS-T (network operating mode), 7210 SAS-Mxp
Description
This command specifies the source address of the multicast group, which is an IPv4 unicast address. By specifying the source address, a multicast receiver host signals to the router that the multicast group only receives multicast traffic from this specific source.
The source command and the specification of individual sources for the same group are mutually exclusive.
The source command, in combination with the group command, is used to create a specific (S,G) static group entry.
The no form of this command removes the source from the configuration.
Parameters
- ip-address
Specifies the IPv4 unicast address.
starg
Syntax
[no] starg
Context
config>service>vprn>igmp>if>static>group
Platforms
7210 SAS-T (network operating mode), 7210 SAS-Mxp
Description
This command adds a static (*,G) entry. This command can be enabled only if no existing source addresses for this group are specified.
The no form of this command removes the starg entry from the configuration.
subnet-check
Syntax
[no] subnet-check
Context
config>service>vprn>igmp>if
Platforms
7210 SAS-T (network operating mode), 7210 SAS-Mxp
Description
This command enables subnet checking for IGMP messages received on this interface. All IGMP packets with a source address that is not in the local subnet are dropped.
Default
enabled
version
Syntax
version version
no version
Context
config>service>vprn>igmp>if
Platforms
7210 SAS-T (network operating mode), 7210 SAS-Mxp
Description
This command specifies the IGMP version. If routers run different versions of IGMP, they negotiate the lowest common version of IGMP that is supported by hosts on their subnet and operate in that version. For IGMP to function correctly, all routers on a LAN should be configured to run the same version of IGMP on that LAN.
For IGMPv3, a multicast router that is also a group member performs both parts of IGMPv3, receiving and responding to its own IGMP message transmissions as well as those of its neighbors.
Default
3
Parameters
- version
Specifies the IGMP version number.
query-interval
Syntax
query-interval seconds
no query-interval
Context
config>service>vprn>igmp
Platforms
7210 SAS-T (network operating mode), 7210 SAS-Mxp
Description
This command configures the frequency that the querier router transmits general host-query messages. The host-query messages solicit group membership information which are sent to the all-systems multicast group address, 224.0.0.1.
Default
125
Parameters
- seconds
Specifies the time frequency, in seconds, that the router transmits general host-query messages.
query-last-member-interval
Syntax
query-last-member-interval seconds
Context
config>service>vprn>igmp
Platforms
7210 SAS-T (network operating mode), 7210 SAS-Mxp
Description
This command configures the frequency at which the querier sends group-specific query messages, including messages sent in response to leave-group messages. The shorter the interval, the faster the detection of the loss of the last member of a group.
Default
1
Parameters
- seconds
Specifies the frequency, in seconds, at which query messages are sent.
query-response-interval
Syntax
query-response-interval seconds
Context
config>service>vprn>igmp
Platforms
7210 SAS-T (network operating mode), 7210 SAS-Mxp
Description
This command configures how long the querier router waits to receive a response to a host-query message from a host.
Default
10
Parameters
- seconds
Specifies the length of time to wait to receive a response to the host-query message from the host.
robust-count
Syntax
robust-count robust-count
no robust-count
Context
config>service>vprn>igmp
Platforms
7210 SAS-T (network operating mode), 7210 SAS-Mxp
Description
This command configures the robust count. The robust-count parameter allows adjusting for the expected packet loss on a subnet. If a subnet anticipates losses, the robust-count can be increased.
Default
2
Parameters
- robust-count
Specifies the robust count value.
ssm-translate
Syntax
igmp
Context
config>service>vprn>igmp
config>service>vprn>igmp>if
Platforms
7210 SAS-T (network operating mode), 7210 SAS-Mxp
Description
This command configures group ranges that are translated to SSM (S,G) entries. If the static entry needs to be created, it must be translated from an IGMPv1 or IGMPv2 request to a Source Specific Multicast (SSM) join request. An SSM translate source can be added only when the starg command is not enabled. An error message is generated when attempting to configure the source command while starg command is enabled.
grp-range
Syntax
[no] grp-range start end
Context
config>service>vprn>igmp>ssm-translate
config>service>vprn>igmp>if>ssm-translate
Platforms
7210 SAS-T (network operating mode), 7210 SAS-Mxp
Description
This command configures group ranges that are translated to SSM (S,G) entries.
Parameters
- start
Specifies an IP address for the start of the group range.
- end
Specifies an IP address for the end of the group range. This value should always be greater than or equal to the value of the start value.
source
Syntax
[no] source ip-address
Context
config>service>vprn>igmp>ssm-translate
config>service>vprn>igmp>if>ssm-translate
Platforms
7210 SAS-T (network operating mode), 7210 SAS-Mxp
Description
This command specifies the source IP address for the group range. Whenever a (*,G) report is received in the range specified by grp-range start and end parameters, it is translated to an (S,G) report with the value of this object as the source address.
Parameters
- ip-address
Specifies the IP address that is sending data.
maximum-ipv6-routes
Syntax
maximum-ipv6-routes number [log-only] [threshold percent]
no maximum-ipv6-routes
Context
config>service>vprn
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the maximum number of remote IPv6 routes that can be held within a VRF context. Local, host, static, and aggregate routes are not counted.
The VPRN service ID must be in a shutdown state before the maximum-ipv6-routes command parameters can be modified.
If the log-only keyword is not specified, and the maximum-ipv6-routes value is set below the existing number of routes in a VRF, the offending RIP peer (if applicable) is brought down (but the VPRN instance remains up). BGP peering remains up, but the exceeding BGP routes are not added to the VRF.
The maximum route threshold can dynamically change to increase the number of supported routes, even when the maximum is already reached. Protocols resubmit the routes that were initially rejected.
The no form of this command disables any limit on the number of routes within a VRF context. Issue the no form of this command only when the VPRN instance is shut down.
Default
0 or disabled
Parameters
- number
Specifies an integer that specifies the maximum number of routes to be held in a VRF context.
- log-only
Specifies that if the maximum limit is reached, the event only is logged. The log-only keyword does not disable the learning of new routes.
- threshold percent
Specifies the percentage at which a warning log message and SNMP trap should be set. There are two warning levels: mid-level and high-level. A mid-level warning occurs when the threshold percent value is reached, and a high-level warning occurs at the halfway level between the maximum number of IPv6 routes and the percent value ([max + mid] / 2).
maximum-routes
Syntax
maximum-routes number [log-only] [threshold percent]
no maximum-routes
Context
config>service>vprn
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the maximum number of remote routes that can be held within a VRF context. Local, host, static, and aggregate routes are not counted.
The VPRN service ID must be in a shutdown state before maximum-routes command parameters can be modified.
If the log-only parameter is not specified and the maximum-routes value is set below the existing number of routes in a VRF, the offending RIP peer (if applicable) is brought down (but the VPRN instance remains up). BGP peering remains up, but the exceeding BGP routes are not added to the VRF.
The maximum route threshold can dynamically change to increase the number of supported routes even when the maximum has already been reached. Protocols resubmit the routes that were initially rejected.
The no form of this command disables any limit on the number of routes within a VRF context. Issue the no form of this command only when the VPRN instance is shut down.
Default
0 or disabled
Parameters
- number
Specifies the maximum number of routes to be held in a VRF context.
- log-only
Specifies that if the maximum limit is reached, only log the event. The log-only keyword does not disable the learning of new routes.
- threshold percent
Specifies the percentage at which a warning log message and SNMP trap should be set. There are two warning levels: mid-level and high-level. A mid-level warning occurs when the threshold percent value is reached, and a high-level warning occurs at the halfway level between the maximum number of routes and the percent value ([max + mid] / 2).
route-distinguisher
Syntax
route-distinguisher [ip-address:number | asn:number]
no route-distinguisher
Context
config>service>vprn
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command sets the identifier attached to routes the VPN belongs to. Each routing instance must have a unique route distinguisher (within the carrier domain) associated with it. A route distinguisher must be defined for a VPRN to be operationally active.
Default
no route-distinguisher
Parameters
- ip-address:number
Specifies the IP address in dotted-decimal notation. The assigned number must not be greater than 65535.
- asn:number
Specifies the AS number 2-byte value less than or equal to 65535. The assigned number can be any 32-bit unsigned integer value.
router-id
Syntax
router-id ip-address
no router-id
Context
config>service>vprn
config>service>vprn>bgp
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command sets the router ID for a specific VPRN context.
If neither the router ID nor system interface are defined, the router ID from the base router context is inherited.
The no form of this command removes the router ID definition from the specific VPRN context.
Default
no router-id
Parameters
- ip-address
Specifies the IP address in dotted-decimal notation.
service-name
Syntax
service-name service-name
no service-name
Context
config>service>vprn
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures an optional service name, up to 64 characters, which adds a name identifier to a specific service to use in configuration references and in show commands throughout the system. This helps the service provider/administrator to identify and manage services within the 7210 SAS platforms.
All services are required to assign a service ID to initially create a service. However, either the service ID or the service name can be used to identify and reference a specific service when it is initially created.
Parameters
- service-name
Specifies a unique service name to identify the service. Service names may not begin with an integer (0 to 9).
sgt-qos
Syntax
sgt-qos
Context
config>service>vprn
Platforms
7210 SAS-Mxp
Description
Commands in this context configure DSCP/dot1p re-marking for select self-generated traffic.
application
Syntax
application dscp-app-name dscp {dscp-value | dscp-name}
application dot1p-app-name dot1p dot1p-priority
no application {dscp-app-name | dot1p-app-name}
Context
config>service>vprn>sgt-qos
Platforms
7210 SAS-Mxp
Description
This command configures DSCP/dot1p re-marking for self-generated application traffic. When an application is configured using this command, the specified DSCP name/value is used for all packets generated by this application within the router instance it is configured. The instances can be base router, VPRN service, or management.
Using the value configured in this command:
Sets the DSCP bits in the IP packet
Maps to the FC
Based on this FC, the egress QoS policy sets the Ethernet 802.1p and MPLS EXP bits. This includes ARP and IS-IS packets that, due to their nature, do not carry DSCP bits.
The DSCP value in the egress IP header is as configured in this command.
Only one DSCP name/value can be configured per application. If multiple entries are configured, the subsequent entry overrides the previously configured entry.
The no form of this command reverts to the default value.
Parameters
- dscp-app-name
Specifies the DSCP application name.
- dscp-value
Specifies a value when this packet egresses the respective egress policy should provide the mapping for the DSCP value to either LSP-EXP bits or IEEE 802.1p (dot1p) bits as appropriate otherwise the default mapping applies.
- dscp-name
Specifies the DSCP name.
- dot1p-priority
Specifies the dot1p priority.
- dot1p-app-name
Specifies the dot1p application name.
dscp
Syntax
dscp dscp-name fc fc-name
no dscp dscp-name
Context
config>service>vprn>sgt-qos
Platforms
7210 SAS-Mxp
Description
This command creates a mapping between the DiffServ Code Point (DSCP) of the self-generated traffic and the forwarding class.
Self-generated traffic for configured applications that matches the specified DSCP are assigned to the corresponding forwarding class. Multiple commands can be entered to define the association of some or all 64 DSCPs to a forwarding class.
All DSCP names that define a DSCP value must be explicitly defined.
The no form of this command removes the DSCP-to-forwarding class association.
Parameters
- dscp-name
Specifies the name of the DSCP to be associated with the forwarding class. A DiffServ code point can only be specified by its name and only an existing DiffServ code point can be specified. The software provides names for the well known code points.
- fc fc-name
Specifies the forwarding class name. Applications and protocols that are configured under the dscp command use the configured IP DSCP value.
snmp-community
Syntax
snmp-community community-name [version SNMP-version]
no snmp-community [community-name]
Context
config>service>vprn
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command sets the SNMP community name to be used with the associated VPRN instance.
If an SNMP community name is not specified, SNMP access is not allowed.
The no form of this command removes the SNMP community name from the specific VPRN context.
Parameters
- community-name
Specifies one or more SNMP community names.
- version SNMP-version
Specifies the SNMP version.
source-address
Syntax
source-address
Context
config>service>vprn
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
Commands in this context specify the source address and application that should be used in all unsolicited packets.
application
Syntax
application app [ip-int-name | ip-address]
no application app
Context
config>service>vprn>source-address
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command specifies the source address and application.
Parameters
- app
Specifies the application name.
- ip-int-name | ip-address
Specifies the name of the IP interface or IP address. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.
static-route
Syntax
[no] static-route {ip-prefix/prefix-length | ip-prefix netmask} [preference preference] [metric metric] [tag tag] [enable | disable] {next-hop ip-int-name | ip-address | ipsec-tunnel ipsec-tunnel-name} [bfd-enable | {cpe-check cpe-ip-address [interval seconds] [drop-count count] [log]}]
[no] static-route {ip-prefix/prefix-length | ip-prefix netmask} [preference preference] [metric metric] [tag tag] [enable | disable] indirect ip-address [cpe-check cpe-ip-address [interval seconds][drop-count count] [log]]
[no] static-route {ip-prefix/prefix-length | ip-prefix netmask} [preference preference] [metric metric] [tag tag] [enable | disable] black-hole
Context
config>service>vprn
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command creates static route entries within the associated router instance. When configuring a static route, either next-hop, indirect or black-hole must be configured.
The no form of this command deletes the static route entry. If a static route needs to be removed when multiple static routes exist to the same destination, as many parameters to uniquely identify the static route must be entered.
If a CPE connectivity check target address is already being used as the target address in a different static route, cpe-check parameters must match. If they do not, the new configuration command are rejected.
If a static-route command is issued with no cpe-check target but the destination prefix/netmask and next-hop matches a static route that did have an associated cpe-check, the cpe-check test is removed from the associated static route.
Parameters
- ip-prefix
Specifies the destination address of the aggregate route in dotted-decimal notation.
- netmask
Specifies the subnet mask in dotted-decimal notation.
- ip-int-name
Specifies the name of the IP interface. Interface names must be unique within the group of defined IP interfaces for config router interface and config service ies interface commands. An interface name cannot be in the form of an IP address. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed with
- ip-address
Specifies the IP address of the IP interface. The ip-addr portion of the address command specifies the IP host address that is used by the IP interface within the subnet. This address must be unique within the subnet and specified in dotted-decimal notation.
- enable
Static routes can be administratively enabled or disabled. Use the enable parameter to re-enable a disabled static route. To enable a static route, it must be uniquely identified by the IP address, mask, and any other parameter that is required to identify the exact static route.
The administrative state is maintained in the configuration file.
- disable
Static routes can be administratively enabled or disabled. Use the disable parameter to disable a static route while maintaining the static route in the configuration. To enable a static route, it must be uniquely identified by the IP address, mask, and any other parameter that is required to identify the exact static route.
The administrative state is maintained in the configuration file.
- interval seconds
Specifies the interval between ICMP pings to the target IP address.
- drop-count count
Specifies the number of consecutive ping-replies that must be missed to declare the CPE down and to de-active the associated static route.
- log
This optional parameter enables the ability to log transitions between active and in-active based on the CPE connectivity check. Events should be sent to the system log, syslog and SNMP traps.
- next-hop [ip-address | ip-int-name]
Specifies the directly connected next hop IP address used to reach the destination. If the next hop is over an unnumbered interface, the ip-int-name of the unnumbered interface (on this node) can be configured.
The next-hop keyword and the indirect or black-hole keywords are mutually exclusive. If an identical command is entered (with the exception of either the indirect or black-hole parameters), this static route is replaced with the newly entered command, and unless specified, the respective defaults for preference and metric are applied.
The ip-addr configured here can be either on the network side or the access side on this node. This address must be associated with a network directly connected to a network configured on this node.
- ipsec-tunnel ipsec-tunnel-name
Specifies an IPSec tunnel name up to 32 characters.
- indirect ip-address
Specifies that the route is indirect and specifies the next hop IP address used to reach the destination.
The configured ip-addr is not directly connected to a network configured on this node. The destination can be reachable via multiple paths. The static route remains valid as long as the address configured as the indirect address remains a valid entry in the routing table. Indirect static routes cannot use an ip-prefix/mask to another indirect static route.
The indirect keyword and the next-hop or black-hole keywords are mutually exclusive. If an identical command is entered (with the exception of either the next-hop or black-hole parameters), this static route is replaced with the newly entered command and unless specified the respective defaults for preference and metric are applied.
The ip-addr configured can be either on the network or the access side and is at least one hop away from this node.
- black-hole
Specifies a blackhole route, meaning that if the destination address on a packet matches this static route it is silently discarded.
The black-hole keyword is mutually exclusive with either the next-hop or indirect keywords. If an identical command is entered, with exception of either the next-hop or indirect parameters, the static route is replaced with the new command, and unless specified, the respective defaults for preference and metric are applied.
- preference preference
Specifies the preference of this static route (as opposed to the routes from different sources such as BGP or OSPF), expressed as a decimal integer. When modifying the preference value of an existing static route, unless specified, the metric does not change.
If multiple routes are learned with an identical preference using the same protocol, the lowest cost route is used. If multiple routes are learned with an identical preference using the same protocol and the costs (metrics) are equal, the decision of which route to use is determined by the configuration of the ECMP command.
- metric metric
Specifies the cost metric for the static route, expressed as a decimal integer. This value is used when importing this static route into other protocols such as OSPF. This value is also used to determine the static route to install in the forwarding table: When modifying the metrics of an existing static route, unless specified, the preference does not change.
If there are multiple static routes with the same preference but unequal metrics, the lower cost (metric) route is installed. If there are multiple static routes with equal preference and metrics, ECMP rules apply. If there are multiple routes with unequal preferences, the lower preference route is installed.
- tag
Adds a 32-bit integer tag to the static route. The tag is used in route policies to control distribution of the route into other protocols.
- bfd-enable
Associates the state of the static route to a BFD session between the local system and the configured nexthop. This keyword cannot be configured if the nexthop is indirect or a blackhole keywords are specified.
NOTE: For more information about the protocols and platforms that support BFD, see the 7210 SAS-Mxp, R6, R12, S, Sx, T Router Configuration Guide.
- cpe-check target-ip-address
Specifies the IP address of the target CPE device. ICMP pings are sent to this target IP address. This parameter must be configured to enable the CPE connectivity feature for the associated static route. The target-ip-address cannot be in the same subnet as the static route subnet to avoid possible circular references. This option is mutually exclusive with BFD support on a specific static route.
vrf-export
Syntax
vrf-export policy [policy...]
no vrf-export
Context
config>service>vprn
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command specifies the export policies to control routes exported from the local VPN routing/forwarding (VRF) to other VRFs on the same or remote PE routers (via MP-BGP).
The no form of this command removes all route policy names from the export list.
Parameters
- policy
Specifies the route policy statement name.
vrf-import
Syntax
vrf-import policy [policy...]
no vrf-import
Context
config>service>vprn
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command sets the import policies to control routes imported to the local VPN routing/ forwarding (VRF) from other VRFs on the same or remote PE routers (via MP-BGP). BGP-VPN routes imported with a vrf-import policy use the BGP preference value of 170 when imported from remote PE routers, or retain the protocol preference value of the exported route when imported from other VRFs on the same router, unless the preference is changed by the policy.
The no form of this command removes all route policy names from the import list.
Parameters
- policy
Specifies the route policy statement name.
vrf-target
Syntax
vrf-target {ext-community | export ext-community | import ext-community}
no vrf-target
Context
config>service>vprn
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command facilitates a simplified method to configure the route target to be added to advertised routes or compared against received routes from other VRFs on the same or remote PE routers (via MP-BGP).
BGP-VPN routes imported with a vrf-target statement use the BGP preference value of 170 when imported from remote PE routers, or retain the protocol preference value of the exported route when imported from other VRFs in the same router.
Specified vrf-import or vrf-export policies override the vrf-target policy.
The no form of this command removes the vrf-target.
Default
no vrf-target
Parameters
- ext-comm
Specifies an extended BGP community in the type:x:y format. The value x can be an integer or IP address. The type can be the target or origin. x and y are 16-bit integers.
- import ext-community
Specifies communities allowed to be accepted from remote PE neighbors.
- export ext-community
Specifies communities allowed to be sent to remote PE neighbors.
Multicast VPN commands
mvpn
Syntax
mvpn
Context
config>service>vprn
Platforms
7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)
Description
Commands in this context configure MVPN-related parameters for the IP VPN.
auto-discovery
Syntax
[no] auto-discovery [default]
Context
config>service>vprn>mvpn
Platforms
7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)
Description
This command enables MVPN membership auto-discovery through BGP. When auto-discovery is enabled, PIM peering on the inclusive provider tunnel is disabled.
The no form of this command disables MVPN membership auto-discovery through BGP.
Default
enabled
Parameters
- default
Enables AD route exchange based on format defined in draft-ietf-l3vpn-2547bis-mcast-10.
c-mcast-signaling
Syntax
c-mcast-signaling bgp
no c-mcast-signaling
Context
config>service>vprn>mvpn
Platforms
7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)
Description
This command specifies BGP or PIM, for PE-to-PE signaling of CE multicast states.
Changes may only be made to this command when the mvpn node is shutdown.
The no form of this command reverts it back to the default.
Default
mcast-signaling bgp
Parameters
- bgp
Specifies to use BGP for PE-to-PE signaling of CE multicast states. Auto-discovery must be enabled.
intersite-shared
Syntax
intersite-shared
no intersite-shared
Context
config>service>vprn>mvpn
Platforms
7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)
Description
This command specifies whether to use inter-site shared C-trees.
Default
intersite-shared
mdt-type
Syntax
mdt-type {sender-receiver | sender-only | receiver-only}
no mdt-type
Context
config>service>vprn>mvpn
Platforms
7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)
Description
This command restricts MVPN instances per PE node to a specific role. By default, the MVPN instance on a specific PE node assumes the role of sender and receiver. This creates a mesh of MDT/PMSI across all PE nodes from this PE.
This command provides an option to configure either a sender-only or receiver-only mode per PE node. Restricting the PE node to a specific role prevents the creation of full mesh of MDT/PMSI across all participating PE nodes in the MVPN instance.
The auto-rp-discovery command cannot be enabled together with the mdt-type sender-only, mdt-type receiver-only, or wildcard-spmsi configurations.
The no form of this command reverts to the default value.
Default
mdt-type sender-receiver
Parameters
- sender-receiver
Keyword to connect both senders and receivers to the PE node for MVPN.
- sender-only
Keyword to connect only senders to the PE node for MVPN.
- receiver-only
Keyword to connect only receivers to the PE node for MVPN.
provider-tunnel
Syntax
provider-tunnel
Context
config>service>vprn>mvpn
Platforms
7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)
Description
Commands in this context configure tunnel parameters for the MVPN.
inclusive
Syntax
inclusive
Context
config>service>vprn>mvpn>pt
Platforms
7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)
Description
Commands in this context specify inclusive provider tunnels
bsr
Syntax
bsr {unicast | spmsi}
no bsr
Context
config>service>vprn>mvpn>pt>inclusive
Platforms
7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)
Description
This command configures the type of bootstrap router (BSR) signaling used.
The no form of this command restores the default.
Default
no bsr
Parameters
- unicast
Keyword to send or forward BSR PDUs using unicast PDUs (default).
- spmsi
Keyword to send or forward BSR PDUs using S-PMSI full mesh.
mldp
Syntax
mldp
no mldp
Context
config>service>vprn>mvpn>provider-tunnel>inclusive
config>service>vprn>mvpn>provider-tunnel>selective
Platforms
7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)
Description
This command enables the use of mLDP LSP for the provider tunnel.
Default
no mldp
shutdown
Syntax
shutdown
no shutdown
Context
config>service>vprn>mvpn>provider-tunnel>inclusive>mldp
config>service>vprn>mvpn>provider-tunnel>selective>mldp
Platforms
7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)
Description
This command administratively disables and enables the use of mLDP LSP for the provider tunnel.
Default
no shutdown
rsvp
Syntax
rsvp
no rsvp
Context
config>service>vprn>mvpn>pt>inclusive
config>service>vprn>mvpn>pt>selective
Platforms
7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)
Description
This command enables use of P2MP RSVP as the inclusive or selective provider tunnel
The no form of this command removes the rsvp context, including all the statements in the context.
Default
no rsvp
lsp-template
Syntax
lsp-template lsp-template
no lsp-template
Context
config>service>vprn>mvpn>pt>inclusive>rsvp
config>service>vprn>mvpn>pt>exclusive>rsvp
Platforms
7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)
Description
This command configures the use of an automatically created P2MP LSP as the inclusive or selective provider tunnel. The P2MP LSP is signaled using the parameters specified in the template, such as bandwidth constraints.
The no form of the command removes the configuration.
Default
no lsp-template
Parameters
- lsp-template
Specifies the LSP template name, up to 32 characters.
shutdown
Syntax
shutdown
no shutdown
Context
config>service>vprn>mvpn>pt>inclusive>rsvp
config>service>vprn>mvpn>pt>selective>rsvp
Platforms
7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)
Description
This command administratively disables the use of RSVP P2MP LSP for the inclusive or selective provider tunnel.
The no form of this command administratively enables the use of RSVP P2MP LSP for the provider tunnel.
Default
no shutdown
wildcard-spmsi
Syntax
wildcard-spmsi
no wildcard-spmsi
Context
config>service>vprn>mvpn>pt>inclusive
Platforms
7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)
Description
This command enables RFC 6625 (C-*, C-*) S-PMSI functionality for NG-MVPN. When enabled, (C-*, C-*) S-PMSI is used instead of I-PMSI for this MVPN. Wildcard S-PMSI uses the I-PMSI LSP template.
The auto-rp-discovery command cannot be enabled together with mdt-type sender-only or mdt-type receiver-only, or wildcard-spmsi configurations.
The no form of this command disables the (C-*, C-*) S-PMSI functionality.
Default
no wildcard-spmsi
selective
Syntax
selective
Context
config>service>vprn>mvpn>provider-tunnel
Platforms
7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)
Description
Commands in this context specify selective provider tunnel parameters.
data-delay-interval
Syntax
data-delay-interval value
no data-delay-interval
Context
config>service>vprn>mvpn>provider-tunnel>selective
Platforms
7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)
Description
This command specifies the interval, in seconds, before a PE router connected to the source switches traffic from the inclusive provider tunnel to the selective provider tunnel.
The no form of this command reverts the value to the default.
Default
data-delay-interval 3
Parameters
- value
Specifies the data delay interval, in seconds.
data-threshold
Syntax
data-threshold {c-grp-ip-addr/mask | c-grp-ip-addr netmask}
no data-threshold {c-grp-ip-addr/mask | c-grp-ip-addr netmask}
Context
config>service>vprn>mvpn>provider-tunnel>selective
Platforms
7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)
Description
This command provides an option to the user to specify the group range for which a switch from the inclusive provider tunnel to the selective provider tunnel for C-(S,G) must be triggered. This command provides an option to use selective provide tunnel, independent of the multicast data rate (that is, there is no rate-threshold configuration required). For C-(S,G) groups specified with this command, the selective provider tunnel is used.
For C-(S,G) groups not configured with the data-threshold command, the inclusive provider tunnel is used.
Multiple statements are allowed in the configuration to specify multiple group ranges.
The no form of this command removes the values from the configuration.
Parameters
- c-grp-ip-addr/mask | c-grp-ip-addr netmask
Specifies an IPv4 multicast group address and mask or network mask.
maximum-p2mp-spmsi
Syntax
[no] maximum-p2mp-spmsi
Context
config>service>vprn>mvpn>provider-tunnel>selective
Platforms
7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)
Description
This command specifies the maximum number of RSVP P2MP or LDP P2MP S-PMSI tunnels for the mVPN. When the limit is reached, no more RSVP P2MP S-PMSI or LDP P2MP S-PMSI is created and traffic over the data-threshold stays on I-PMSI.
Default
maximum-p2mp-spmi 10
Parameters
- number
Specifies the maximum number of RSVP P2MP or LDP P2MP S-PMSI tunnel for the mVPN.
umh-selection
Syntax
umh-selection highest-ip
no umh-selection
Context
config>service>vprn>mvpn
Platforms
7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)
Description
This command specifies which UMH selection mechanism to use, highest IP address. The no form of this command resets it back to default.
Default
umh-selection highest-ip
vrf-export
Syntax
vrf-export {unicast | policy-name [policy-name...(up to 15 max)]}
no vrf-export
Context
config>service>vprn>mvpn
Platforms
7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)
Description
This command specifies the export policy (up to 15) to control MVPN routes exported from the local VRF to other VRFs on the same or remote PE routers.
Default
vrf-export unicast
Parameters
- unicast
Specifies to use unicast VRF export policy for the MVPN.
- policy
Specifies a route policy name.
vrf-import
Syntax
vrf-import {unicast | policy-name [policy-name...(up to 15 max)]}
no vrf-import
Context
config>service>vprn>mvpn
Platforms
7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)
Description
This command specifies the import policy (up to 15) to control MVPN routes imported to the local VRF from other VRFs on the same or remote PE routers.
Default
vrf-import unicast
Parameters
- unicast
Specifies to use a unicast VRF import policy for the MVPN.
- policy
Specifies a route policy name.
vrf-target
Syntax
vrf-target {unicast | ext-community | export unicast | ext-community | import unicast | ext-community}
no vrf-target
Context
config>service>vprn>mvpn
Platforms
7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)
Description
This command specifies the route target to be added to the advertised routes or compared against the received routes from other VRFs on the same or remote PE routers. vrf-import or vrf-export policies override the vrf-target policy.
The no form of this command removes the vrf-target.
Default
no vrf-target
Parameters
- unicast
Specifies to use unicast vrf-target ext-community for the multicast VPN.
- ext-comm
Specifies an extended BGP community in the type:x:y format. The value x can be an integer or IP address. The type can be the target or origin. x and y are 16-bit integers.
- import ext-community
Specifies communities allowed to be accepted from remote PE neighbors.
- export ext-community
Specifies communities allowed to be sent to remote PE neighbors.
export
Syntax
export {unicast | ext-community}
Context
config>service>vprn>mvpn>vrf-target
Platforms
7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)
Description
This command specifies communities to be sent to peers.
Parameters
- unicast
Specifies the use of unicast vrf-target ext-community for the multicast VPN.
- ext-community
Specifies an extended BGP community in the type:x:y format. The value x can be an integer or IP address. The type can be the target or origin. x and y are 16-bit integers.
import
Syntax
import {unicast | ext-community}
Context
config>service>vprn>mvpn>vrf-target
Platforms
7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)
Description
This command specifies communities to be accepted from peers.
Parameters
- unicast
Specifies that a unicast vrf-target ext-community is used for the multicast VPN.
- ext-community
Specifies an extended BGP community in the type:x:y format. The value x can be an integer or IP address. The type can be the target or origin. x and y are 16-bit integers.
SDP commands
spoke-sdp
Syntax
[no] spoke-sdp sdp-id
Context
config>service>vprn
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command binds a service to an existing Service Distribution Point (SDP). The SDP defines the transport tunnel to which this VPRN service is bound.
The SDP has an operational state that determines the operational state of the SDP within the service. For example, if the SDP is administratively or operationally down, the SDP for the service is down.
The SDP must already exist in the config>service>sdp context before it can be associated with a VPRN service. If the sdp sdp-id is not already configured, an error message is generated. If the sdp-id exists, a binding between the specific sdp-id and the service is created.
SDPs must be explicitly associated and bound to a service to allow far-end 7210 SAS devices can participate in the service.
The no form of this command removes the SDP binding from the service; the SDP configuration is not affected. When the SDP binding is removed, no packets are forwarded to the far-end router.
Default
no sdp-id is bound to a service
Special Cases
- VPRN
Several SDPs can be bound to a VPRN service. Each SDP must be destined to a different 7210 SAS router. If two sdp-id bindings terminate on the same 7210 SAS, an error occurs and the second SDP binding is rejected.
Parameters
- sdp-id
Specifies the SDP identifier.
- vc-id
Specifies the virtual circuit identifier.
Interface commands
interface
Syntax
interface ip-int-name
no interface ip-int-name
Context
config>service>vprn
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command creates a logical IP routing interface for a VPRN. When created, attributes like an IP address and SAP can be associated with the IP interface.
The interface command, under the context of services, is used to create and maintain IP routing interfaces within VPRN service IDs. The interface command can be executed in the context of an VPRN service ID. The IP interface created is associated with the service core network routing instance and default routing table. The typical use for IP interfaces created in this manner is for subscriber Internet access.
Interface names are case sensitive and must be unique within the group of defined IP interfaces defined for config router interface and config service vprn interface. Interface names must not be in the dotted-decimal notation of an IP address. For example, the name ‟1.1.1.1” is not allowed, but ‟int-1.1.1.1” is allowed. Show commands for router interfaces use either interface names or the IP addresses. Use unique IP address values and IP address names to maintain clarity. It could be unclear to the user if the same IP address and IP address name values are used. Although not recommended, duplicate interface names can exist in different router instances.
The available IP address space for local subnets and routes is controlled with the config router service-prefix command. The service-prefix command administers the allowed subnets that can be defined on service IP interfaces. It also controls the prefixes that may be learned or statically defined with the service IP interface as the egress interface. This allows segmenting the IP address space into config router and config service domains.
When a new name is entered, a new logical router interface is created. When an existing interface name is entered, the user enters the router interface context for editing and configuration.
By default, there are no default IP interface names defined within the system. All VPRN IP interfaces must be explicitly defined. Interfaces are created in an enabled state.
The no form of this command removes IP the interface and all the associated configuration. The interface must be administratively shutdown before issuing the no interface command.
For VPRN services, the IP interface must be shutdown before the SAP on that interface may be removed. VPRN services do not have the shutdown command in the SAP CLI context. VPRN service SAPs rely on the interface status to enable and disable them.
Parameters
- ip-int-name
Specifies the name of the IP interface. Interface names must be unique within the group of defined IP interfaces for config router interface and config service vprn interface commands. An interface name cannot be in the form of an IP address. Interface names can be from 1 to 32 alphanumeric characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.
If ip-int-name already exists within the service ID, the context is changed to maintain that IP interface. If ip-int-name already exists within another service ID or is an IP interface defined within the config router commands, an error occurs and the context is not changed to that IP interface. If ip-int-name does not exist, the interface is created and context is changed to that interface for further command processing.
address
Syntax
address {ip-address/mask | ip-address netmask} [broadcast all-ones | host-ones]
no address
Context
config>service>vprn>if
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command assigns an IP address, IP subnet, and broadcast address format to a VPRN IP router interface. Only one IP address can be associated with an IP interface.
An IP address must be assigned to each VPRN IP interface. An IP address and a mask are used together to create a local IP prefix. The defined IP prefix must be unique within the context of the routing instance. It cannot overlap with other existing IP prefixes defined as local subnets on other IP interfaces in the same routing context within the 7210 SAS.
The local subnet that the address command defines must be part of the services address space within the routing context using the config router service-prefix command. The default is to disallow the complete address space to services. When a portion of the address space is allocated as a service prefix, that portion can be made unavailable for IP interfaces defined within the config router interface CLI context for network core connectivity with the exclude option in the config router service-prefix command.
The IP address for the interface can be entered in either CIDR (Classless Inter-Domain Routing) or traditional dotted-decimal notation. The show commands display CIDR notation and is stored in configuration files.
By default, no IP address or subnet association exists on an IP interface until it is explicitly created.
The no form of this command removes the IP address assignment from the IP interface. When the no address command is entered, the interface becomes operationally down.
Address |
Admin state |
Oper state |
---|---|---|
No address |
up |
down |
No address |
down |
down |
1.1.1.1 |
up |
up |
1.1.1.1 |
down |
down |
The operational state is a read-only variable. The address and admin states are the only controlling variables and can be set independently. If an address is assigned to an interface that is in an administratively up state, it becomes operationally up and the protocol interfaces and the MPLS LSPs associated with that IP interface are reinitialized.
Parameters
- ip-address
Specifies the IP address of the IP interface. The ip-address portion of the address command specifies the IP host address that is used by the IP interface within the subnet. This address must be unique within the subnet and specified in dotted-decimal notation. Allowed values are IP addresses in the range 1.0.0.0 – 223.255.255.255 (with support of /31 subnets).
- /
The forward slash is a parameter delimiter and separates the ip-address portion of the IP address from the mask that defines the scope of the local subnet. No spaces are allowed between the ip-address, the ‟/” and the mask-length parameter. If a forward slash is not immediately following the ip-address, a dotted-decimal mask must follow the prefix. The IPv6-prefix is x:x:x:x:x:x:x:x (eight 16-bit pieces) x:x:x:x:x:x:d.d.d.d, where x: [0 to FFFF]H, d: [0 to 255]D and the ipv6-prefix-length is 0 to 128.
- mask
Specifies the subnet mask length when the IP prefix is specified in CIDR notation. When the IP prefix is specified in CIDR notation, a forward slash (/) separates the ip-address from the mask-length parameter. The mask length parameter indicates the number of bits used for the network portion of the IP address; the remainder of the IP address is used to determine the host portion of the IP address.
- netmask
Specifies the subnet mask in dotted-decimal notation. When the IP prefix is not specified in CIDR notation, a space separates the ip-address from a traditional dotted-decimal mask. The mask parameter indicates the complete mask that is used in a logical ‛AND’ function to derive the local subnet of the IP address. Allowed values are dotted-decimal addresses in the range 128.0.0.0 to 255.255.255.254. A mask of 255.255.255.255 is reserved for system IP addresses.
- broadcast
The optional broadcast parameter overrides the default broadcast address used by the IP interface when sourcing IP broadcasts on the IP interface. If no broadcast format is specified for the IP address, the default value is host-ones which indicates a subnet broadcast address. Use this parameter to change the broadcast address to all-ones or revert back to a broadcast address of host-ones.
The broadcast format on an IP interface can be specified when the IP address is assigned or changed.
This parameter does not affect the type of broadcasts that can be received by the IP interface. A host sending either the local broadcast (all-ones) or the valid subnet broadcast address (host-ones) is received by the IP interface.
- all-ones
The all-ones keyword following the broadcast parameter specifies that the broadcast address used by the IP interface for this IP address is 255.255.255.255, also known as the local broadcast.
- host-ones
The host-ones keyword following the broadcast parameter specifies that the broadcast address used by the IP interface for this IP address is the subnet broadcast address. This is an IP address that corresponds to the local subnet described by the ip-address and the mask-length or mask with all the host bits set to binary one. This is the default broadcast address used by an IP interface.
The broadcast parameter within the address command does not have a negate feature, which is usually used to revert a parameter to the default value. To change the broadcast type to host-ones after being changed to all-ones, the address command must be executed with the broadcast parameter defined.
allow-directed-broadcasts
Syntax
[no] allow-directed-broadcasts
Context
config>service>vprn>if
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command controls the forwarding of directed broadcasts out of the IP interface.
A directed broadcast is a packet received on a local router interface destined for the subnet broadcast address on another IP interface. The allow-directed-broadcasts command on an IP interface enables or disables the transmission of packets destined to the subnet broadcast address of the egress IP interface.
When enabled, a frame destined to the local subnet on this IP interface is sent as a subnet broadcast out this interface. Care should be exercised when allowing directed broadcasts as it is a well-known mechanism used for denial-of-service attacks.
When disabled, directed broadcast packets discarded at this egress IP interface are counted in the normal discard counters for the egress SAP.
By default, directed broadcasts are not allowed and are discarded at this egress IP interface.
The no form of this command disables the forwarding of directed broadcasts out of the IP interface.
Default
no allow-directed-broadcasts
bfd
Syntax
bfd transmit-interval [receive receive-interval] [multiplier multiplier] [echo-receive echo-interval]
no bfd
Context
config>service>vprn>if
config>service>ies>if
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the BFD parameters for the associated IP interface. If no parameters are defined, the default value is used.
The multiplier specifies the number of consecutive BFD messages that must be missed from the peer before the BFD session state is changed to down and the upper level protocols (OSPF, IS-IS, BGP) are notified of the fault.
Note: See the 7210 SAS-Mxp, R6, R12, S, Sx, T Router Configuration Guide for information about the list of routing and MPLS protocols and features that use BFD for protection on 7210 SAS platforms.
The no form of this command removes BFD from the associated IGP protocol adjacency.
Default
no bfd
Parameters
- transmit-interval
Specifies the transmit interval for the BFD session.
- receive receive-interval
Specifies the receive interval for the BFD session.
- multiplier multiplier
Specifies the multiplier for the BFD session.
- echo-receive echo-interval
Specifies the minimum echo receive interval, in milliseconds, for the BFD session.
cflowd-parameters
Syntax
cflowd-parameters
Context
config>service>vprn>interface
Platforms
7210 SAS-Mxp and 7210 SAS-Sx/S 1/10GE (standalone)
Description
Commands in this context configure traffic sampling for the interface.
sampling
Syntax
sampling {unicast|multicast} type {interface} [direction {ingress-only}]
no sampling {unicast|multicast}
Context
config>service>vprn>interface>cflowd-parameters
Platforms
7210 SAS-Mxp and 7210 SAS-Sx/S 1/10GE (standalone)
Description
This command enables traffic sampling for the interface. See ‟Configuration Notes” in the 7210 SAS-Mxp, R6, R12, S, Sx, T Router Configuration Guide for more information.
The no form of this command disables traffic sampling for the interface.
Default
no sampling
Parameters
- unicast
Keyword to enable unicast sampling.
- multicast
Keyword to enable multicast sampling.
- type
Keyword to configure the cflowd sampling type.
- interface
Keyword to configure interface cflowd sampling type.
- direction
keyword to configure the direction of the cflowd analysis.
- ingress-only
Keyword to configure the ingress direction only for cflowd analysis.
dhcp6-relay
Syntax
[no] dhcp6-relay
Context
config>service>vprn>if>ipv6
Platforms
7210 SAS-Mxp
Description
This command enables DHCPv6 relay for the interface.
The no form of this command disables DHCPv6 relay.
option
Syntax
[no] option
Context
config>service>vprn>if>ipv6>dhcp6-relay
Platforms
7210 SAS-Mxp
Description
This command configures DHCPv6 relay information options.
The no form of this command disables DHCPv6 relay information options.
interface-id
Syntax
interface-id
interface-id ascii-tuple
interface-id ifindex
interface-id sap-id
interface-id string
no interface-id
Context
config>service>vprn>if>ipv6>dhcp6-relay>option
Platforms
7210 SAS-Mxp
Description
This command send interface ID options in the DHCPv6 relay packet.
The no form of this command disables the sending of interface ID options in the DHCPv6 relay packet.
Parameters
- ascii-tuple
Specifies the use of the ASCII-encoded concatenated tuple, which consists of the access-node-identifier, service-id, and interface-name, separated by ‟|”.
- ifindex
Specifies the use of the interface index. Display the interface index of a router interface by using the show router if detail command.
- sap-id
Specifies the use of the SAP identifier.
- string
Specifies a string of up to 32 characters, composed of printable, seven-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.
remote-id
Syntax
[no] remote-id
Context
config>service>vprn>if>ipv6>dhcp6-relay>option
Platforms
7210 SAS-Mxp
Description
This command sends the remote ID option in the DHCPv6 relay packet. The client DHCP Unique Identifier (DUID) is used as the remote ID.
The no form of this command disables the sending of the remote ID option in the DHCPv6 relay packet.
server
Syntax
[no] server ipv6z-address
Context
config>service>vprn>if>ipv6>dhcp6-relay
Platforms
7210 SAS-Mxp
Description
This command configures an IPv6 address to the DHCPv6 server used to send the relay packets to.
The no form of this command disables the specified IPv6 address.
Parameters
- ipv6z-address
Specifies the IPv6 address of the DHCPv6 server. A maximum of eight addresses can be configured.
source-address
Syntax
[no] source-address ipv6-address
Context
config>service>vprn>if>ipv6>dhcp6-relay
Platforms
7210 SAS-Mxp
Description
This command assigns the source IPv6 address of the DHCPv6 relay messages.
The no form of this command disables the specified IPv6 address.
Parameters
- ipv6-address
Specifies the source IPv6 address of the DHCPv6 relay messages.
local-proxy-arp
Syntax
[no] local-proxy-arp
Context
config>service>vprn>if
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command enables local proxy ARP on an IP interface. When this command is enabled, the system responds with its own MAC address to all ARP requests for IP addresses belonging to the subnet, and therefore becomes the forwarding point for all traffic between hosts in that subnet.
When this command is enabled, ICMP redirects on the ports associated with the service are automatically blocked.
Default
no local-proxy-arp
loopback
Syntax
[no] loopback
Context
config>service>vprn>if
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command specifies that the associated interface is a loopback interface that has no associated physical interface. As a result, the associated interface cannot be bound to a SAP.
When using mtrace/mstat in an L3 VPN context, the configuration for the VPRN should have a loopback address configured that has the same address as the system address of the core instance (BGP next-hop).
proxy-arp-policy
Syntax
[no] proxy-arp-policy policy-name [policy-name...(up to 5 max)]
Context
config>service>vprn>if
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command enables a proxy ARP policy for the interface.
The no form of this command disables the proxy ARP capability.
Default
no proxy-arp
Parameters
- policy-name
Specifies the export route policy name. Allowed values are any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.
remote-proxy-arp
Syntax
[no] remote-proxy-arp
Context
config>service>vprn>if
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command enables remote proxy ARP on the interface.
Remote proxy ARP is similar to proxy ARP. It allows the router to answer an ARP request on an interface for a subnet that is not provisioned on that interface. This allows the router to forward to the other subnet on behalf of the requester. To distinguish remote proxy ARP from local proxy ARP, local proxy ARP performs a similar function but only when the requested IP is on the receiving interface.
secondary
Syntax
secondary {ip-address/mask | ip-address netmask} [broadcast {all-ones | host-ones}] [igp-inhibit]
no secondary {ip-address/mask | ip-address netmask}
Context
config>service>vprn>if
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command assigns up to 64 secondary IP addresses to the interface, including the primary IP address. Each address can be configured in an IP address, IP subnet, or broadcast address format.
Parameters
- ip-address
Specifies the IP address of the IP interface. The ip-address portion of the address command specifies the IP host address that is used by the IP interface within the subnet. This address must be unique within the subnet and specified in dotted-decimal notation.
- /
The forward slash is a parameter delimiter that separates the ip-address portion of the IP address from the mask that defines the scope of the local subnet. No spaces are allowed between the ip-address, the "/" and the mask parameter. If a forward slash does not immediately follow the ip-address, a dotted-decimal netmask must follow the prefix.
- mask
Specifies the subnet mask length when the IP prefix is specified in CIDR notation. When the IP prefix is specified in CIDR notation, a forward slash (/) separates the ip-address from the mask parameter. The mask parameter indicates the number of bits used for the network portion of the IP address; the remainder of the IP address is used to determine the host portion of the IP address. Allowed values are integers in the range 1 to 32. A mask length of 32 is reserved for system IP addresses.
- netmask
Specifies the subnet mask in dotted-decimal notation. When the IP prefix is not specified in CIDR notation, a space separates the ip-address from a traditional dotted-decimal mask. The netmask parameter indicates the complete mask that is used in a logical 'AND' function to derive the local subnet of the IP address. A netmask of 255.255.255.255 is reserved for system IP addresses.
- broadcast {all-ones | host-ones}
The optional broadcast parameter overrides the default broadcast address used by the IP interface when sourcing IP broadcasts on the IP interface. If no broadcast format is specified for the IP address, the default value is host-ones, which indicates a subnet broadcast address. Use this parameter to change the broadcast address to all-ones or revert to a broadcast address of host-ones.
The broadcast parameter within the address command does not have a negate feature, which is usually used to revert a parameter to the default value. To change the broadcast type to host-ones after being configured as all-ones, the address command must be executed with the broadcast parameter defined. The broadcast format on an IP interface can be specified when the IP address is assigned or changed.
This parameter does not affect the type of broadcasts that can be received by the IP interface. A host sending either the local broadcast (all-ones) or the valid subnet broadcast address (host-ones) is received by the IP interface
- igp-inhibit
Specifies that the secondary IP address should not be recognized as a local interface by the running IGP.
static-arp
Syntax
static-arp ip-address ieee-address
no static-arp ip-address [ieee-address]
static-arp [ieee-addr] unnumbered
no static-arp ieee-addr unnumbered
Context
config>service>vprn>if
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures a static address resolution protocol (ARP) entry associating a subscriber IP address with a MAC address for the core router instance. This static ARP appears in the core routing ARP table. A static ARP can only be configured if it exists on the network attached to the IP interface. If an entry for a particular IP address already exists and a new MAC address is configured for the IP address, the existing MAC address is replaced with the new MAC address.
When the unnumbered keyword is used, this command configures a static ARP entry associating an unnumbered interface with a MAC address for the core router instance. This static ARP appears in the core routing ARP table. A static ARP can only be configured if it exists on the network attached to the unnumbered interface.
If an entry for a particular unnumbered interface already exists and a new MAC address is configured for the interface, the existing MAC address is replaced with the new MAC address.
The no form of this command removes a static ARP entry.
Parameters
- ip-address
Specifies the IP address for the static ARP in IP address dotted-decimal notation.
- ieee-address
Specifies the 48-bit MAC address for the static ARP in the form aa:bb:cc:dd:ee:ff or aa-bb-cc-dd-ee-ff where aa, bb, cc, dd, ee and ff are hexadecimal numbers. Allowed values are any non-broadcast, non-multicast MAC and non-IEEE reserved MAC addresses.
- unnumbered
Specifies the static ARP MAC for an unnumbered interface. Unnumbered interfaces support dynamic ARP. When this command is configured, it overrides any dynamic ARP.
Router advertisement commands
router-advertisement
Syntax
[no] router-advertisement
Context
config>service>vprn
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures router advertisement properties. By default, it is disabled for all IPv6 enabled interfaces.
The no form of this command disables all IPv6 interfaces. However, the no interface interface-name command disables a specific interface.
Default
disabled
interface
Syntax
[no] interface ip-int-name
Context
config>service>vprn>router-advertisement
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures router advertisement properties on a specific interface. The interface must already exist in the config>router>interface context.
Default
No interfaces are configured.
Parameters
- ip-int-name
Specifies the interface name. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.
current-hop-limit
Syntax
current-hop-limit number
no current-hop-limit
Context
config>service>vprn>router-advert>if
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the current-hop-limit in the router advertisement messages. It informs the nodes on the subnet about the hop-limit when originating IPv6 packets.
Default
64
Parameters
- number
Specifies the hop limit number.
managed-configuration
Syntax
[no] managed-configuration
Context
config>service>vprn>router-advert>if
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command sets the managed address configuration flag. This flag indicates that DHCPv6 is available for address configuration in addition to any address autoconfigured using stateless address autoconfiguration.
Default
no managed-configuration
max-advertisement-interval
Syntax
[no] max-advertisement-interval seconds
Context
config>service>vprn>router-advert>if
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the maximum interval between sending router advertisement messages.
Default
600
Parameters
- seconds
Specifies the maximum interval in seconds between sending router advertisement messages.
min-advertisement-interval
Syntax
[no] min-advertisement-interval seconds
Context
config>service>vprn>router-advert>if
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the minimum interval between sending ICMPv6 neighbor discovery router advertisement messages.
Default
200
Parameters
- seconds
Specifies the minimum interval in seconds between sending ICMPv6 neighbor discovery router advertisement messages.
mtu
Syntax
[no] mtu mtu-bytes
Context
config>service>vprn>router-advert>if
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the MTU for the nodes to use to send packets on the link.
Default
no mtu
Parameters
- mtu-bytes
Specifies the MTU for the nodes to use to send packets on the link.
other-stateful-configuration
Syntax
[no] other-stateful-configuration
Context
config>service>vprn>router-advert>if
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command sets the "Other configuration" flag. This flag indicates that DHCPv6lite is available for autoconfiguration of other (non-address) information, such as DNS-related information or information about other servers in the network.
Default
no other-stateful-configuration
prefix
Syntax
[no] prefix [ipv6-prefix/prefix-length]
Context
config>service>vprn>router-advert>if
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures an IPv6 prefix in the router advertisement messages. To support multiple IPv6 prefixes, use multiple prefix statements. No prefix is advertised until explicitly configured using prefix statements.
Parameters
- ip-prefix
Specifies the IP prefix for prefix list entry in dotted-decimal notation.
- prefix-length
Specifies a route must match the most significant bits and have a prefix length.
autonomous
Syntax
[no] autonomous
Context
config>service>vprn>router-advert>if>prefix
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command specifies whether the prefix can be used for stateless address autoconfiguration.
Default
enabled
on-link
Syntax
[no] on-link
Context
config>service>vprn>router-advert>if>prefix
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command specifies whether the prefix can be used for onlink determination.
Default
enabled
preferred-lifetime
Syntax
[no] preferred-lifetime {seconds | infinite}
Context
config>service>vprn>router-advert>if
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the remaining length of time in seconds that this prefix continues to be preferred, such as, time until deprecation. The address generated from a deprecated prefix should not be used as a source address in new communications, but packets received on such an interface are processed as expected.
Default
604800
Parameters
- seconds
Specifies the remaining length of time in seconds that this prefix continues to be preferred.
- infinite
Specifies that the prefix is always preferred. A value of 4,294,967,295 represents infinity.
valid-lifetime
Syntax
valid-lifetime {seconds | infinite}
Context
config>service>vprn>router-advert>if
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command specifies the length of time in seconds that the prefix is valid for the purpose of on-link determination. A value of all one bits (0xffffffff) represents infinity.
The address generated from an invalidated prefix should not appear as the destination or source address of a packet.
Default
2592000
Parameters
- seconds
Specifies the remaining length of time, in seconds, that this prefix continues to be valid.
- infinite
Specifies that the prefix is always valid. A value of 4,294,967,295 represents infinity.
reachable-time
Syntax
reachable-time milli-seconds
no reachable-time
Context
config>service>vprn>router-advert>if
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures how long this router should be considered reachable by other nodes on the link after receiving a reachability confirmation.
Default
no reachable-time
Parameters
- milli-seconds
Specifies the length of time in milliseconds the router should be considered reachable.
retransmit-time
Syntax
retransmit-timer milli-seconds
no retransmit-timer
Context
config>service>vprn>router-advert>if
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the retransmission frequency of neighbor solicitation messages.
Default
no retransmit-time
Parameters
- milli-seconds
Specifies in milliseconds how often the retransmission should occur.
router-lifetime
Syntax
router-lifetime seconds
no router-lifetime
Context
config>service>vprn>router-advert>if
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command sets the router lifetime.
Default
1800
Parameters
- seconds
Specifies the length of time, in seconds, (relative to the time the packet is sent) that the prefix is valid for route determination.
ip-mtu
Syntax
ip-mtu octets
no ip-mtu
Context
config>service>vprn>if
Platforms
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
Description
This command configures the maximum IP transmit unit (packet) for the interface.
The MTU that is advertised from the VPRN size is:
MINIMUM((SdpOperPathMtu - EtherHeaderSize), (Configured ip-mtu))
By default (for Ethernet network interface) if no ip-mtu is configured, the packet size is (1568 - 14) = 1554.
The no form of this command reverts to the default value.
Default
no ip-mtu
Parameters
- octets
Specifies the number of octets in the IP-MTU.
Interface ICMP commands
icmp
Syntax
icmp
Context
config>service>vprn>if
config>service>vprn>sub-if>grp-if
config>service>vprn>nw-if
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures Internet Control Message Protocol (ICMP) parameters on a VPRN service.
mask-reply
Syntax
[no] mask-reply
Context
config>service>vprn>if>icmp
config>service>vprn>sub-if>grp-if>icmp
config>service>vprn>nw-if>icmp#
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command enables responses to Internet Control Message Protocol (ICMP) mask requests on the router interface.
If a local node sends an ICMP mask request to the router interface, the mask-reply command configures the router interface to reply to the request.
By default, the router instance replies to mask requests.
The no form of this command disables replies to ICMP mask requests on the router interface.
Default
mask-reply
redirects
Syntax
redirects [number seconds]
no redirects
Context
config>service>vprn>if>icmp
config>service>vprn>sub-if>grp-if>icmp
config>service>vprn>nw-if>icmp#
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the rate for Internet Control Message Protocol (ICMP) redirect messages issued on the router interface.
When routes are not optimal on this router and another router on the same subnetwork has a better route, the router can issue an ICMP redirect to alert the sending node that a better route is available.
The rate at which ICMP redirects is issued can be controlled with the optional number and seconds parameters by indicating the maximum number of redirect messages that can be issued on the interface for a specific time interval.
By default, generation of ICMP redirect messages is enabled at a maximum rate of 100 per 10 second time interval.
The no form of this command disables the generation of icmp redirects on the router interface.
Default
redirects 100 10
Parameters
- number
Specifies the maximum number of ICMP redirect messages to send. This parameter must be specified with the seconds parameter.
- seconds
Specifies the time frame in seconds used to limit the seconds of ICMP redirect messages that can be issued.
ttl-expired
Syntax
ttl-expired number seconds
no ttl-expired
Context
config>service>vprn>if>icmp
config>service>vprn>sub-if>grp-if>icmp
config>service>vprn>nw-if>icmp#
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the rate Internet Control Message Protocol (ICMP) TTL expired messages are issued by the IP interface.
By default, generation of ICMP TTL expired messages is enabled at a maximum rate of 100 per 10 second time interval.
The no form of this command disables the limiting the rate of TTL expired messages on the router interface.
Default
ttl-expired 100 10
Parameters
- number
Specifies the maximum number of ICMP TTL expired messages to send, expressed as a decimal integer. This parameter must be specified with the seconds parameter.
- seconds
Specifies the time frame in seconds used to limit the number of ICMP TTL expired messages that can be issued, expressed as a decimal integer.
unreachables
Syntax
unreachables [number seconds]
no unreachables
Context
config>service>vprn>if>icmp
config>service>vprn>sub-if>grp-if>icmp
config>service>vprn>nw-if>icmp#
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command enables and configures the rate for ICMP host and network destination unreachable messages issued on the router interface.
The rate at which ICMP unreachables is issued can be controlled with the optional number and seconds parameters by indicating the maximum number of destination unreachable messages which can be issued on the interface for a specific time interval.
By default, generation of ICMP destination unreachable messages is enabled at a maximum rate of 10 per 10 second time interval.
The no form of this command disables the generation of icmp destination unreachable messages on the router interface.
Default
unreachables 100 10
Parameters
- number
Specifies the maximum number of ICMP unreachable messages to send. This parameter must be specified with the seconds parameter.
- seconds
Specifies the time frame in seconds used to limit the number of ICMP unreachable messages that can be issued.
Interface SAP commands
sap
Syntax
sap sap-id [create]
no sap sap-id
Context
config>service>vprn>if
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command creates a SAP within a service. A SAP is a combination of port and encapsulation parameters which identifies the SAP on the interface and within the 7210 SAS. Each SAP must be unique.
All SAPs must be explicitly created. If no SAPs are created within a service or on an IP interface, a SAP does not exist on that object.
Enter an existing SAP without the create keyword to edit SAP parameters. The SAP is owned by the service in which it was created.
A SAP can only be associated with a single service. A SAP can only be defined on a port that has been configured as an access port using the config interface port-type port-id mode access command.
If a port is shutdown, all SAPs on that port become operationally down. When a service is shutdown, SAPs for the service are not displayed as operationally down although all traffic traversing the service is discarded. The operational state of a SAP is relative to the operational state of the port on which the SAP is defined.
The no form of this command deletes the SAP with the specified port. When a SAP is deleted, all configuration parameters for the SAP are also deleted.
Default
No SAPs are defined.
Special Cases
- VPRN
A VPRN SAP must be defined on an Ethernet interface.
sap ipsec-id.private | public:tag — This parameter associates an IPSec group SAP with this interface. This is the public side for an IPSec tunnel. Tunnels referencing this IPSec group in the private side may be created if their local IP is in the subnet of the interface subnet and the routing context specified matches with the one of the interface.
This context provides a SAP to the tunnel. The operator may associate an ingress and egress QoS policies as well as filters and virtual scheduling contexts. Internally, this creates an Ethernet SAP that is used to send and receive encrypted traffic to and from the MDA. Multiple tunnels can be associated with this SAP. The ‟tag” is a dot1q value. The operator may see it as an identifier. The range is limited to 1 to 4094.
Parameters
- sap-id
Specifies the physical port identifier portion of the SAP definition. See Common CLI command descriptions for command syntax.
- create
Keyword used to create a SAP instance.
tod-suite
Syntax
tod-suite tod-suite-name
no tod-suite
Context
config>service>vprn>if>sap
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command applies a time-based policy (filter or QoS policy) to the SAP. The suite name must already exist in the config>cron context.
Default
no tod-suite
Parameters
- tod-suite-name
Specifies collection of policies (ACLs, QoS) including time-ranges that define the full or partial behavior of a SAP or a subscriber. The suite can be applied to more than one SAP.
accounting-policy
Syntax
accounting-policy acct-policy-id
no accounting-policy
Context
config>service>vprn>if>sap
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command creates the accounting policy context that can be applied to an interface SAP or interface SAP spoke-SDP.
An accounting policy must be defined before it can be associated with a SAP. If the policy-id does not exist, an error message is generated.
A maximum of one accounting policy can be associated with a SAP at one time. Accounting policies are configured in the config>log context.
The no form of this command removes the accounting policy association from the SAP, and the accounting policy reverts to the default.
Default
Default accounting policy.
Parameters
- acct-policy-id
Specifies the accounting policy-id as configured in the config>log>accounting-policy context.
collect-stats
Syntax
[no] collect-stats
Context
config>service>vprn>if>sap
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command enables accounting and statistical data collection for either an interface SAP or interface SAP spoke-SDP, or network port. When applying accounting policies the data, by default, is collected in the appropriate records and written to the designated billing file.
When the no collect-stats command is issued the statistics are still accumulated by the IOM cards. However, the CPU does not obtain the results and write them to the billing file. If a subsequent collect-stats command is issued, the counters written to the billing file include all the traffic while the no collect-stats command was in effect.
Default
no collect-stats
arp-timeout
Syntax
arp-timeout seconds
no arp-timeout
Context
config>service>vprn>if
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the minimum time in seconds an ARP entry learned on the IP interface is stored in the ARP table. ARP entries are automatically refreshed when an ARP request or gratuitous ARP is seen from an IP host, otherwise, the ARP entry is aged from the ARP table. If arp-timeout is set to a value of zero seconds, ARP aging is disabled.
The no form of this command restores arp-timeout to the default value.
Default
14400 seconds
Parameters
- seconds
Specifies the minimum number of seconds a learned ARP entry is stored in the ARP table, expressed as a decimal integer. A value of zero specifies that the timer is inoperative and learned ARP entries is not aged.
delayed-enable
Syntax
delayed-enable seconds [init-only]
no delayed-enable
Context
config>service>vprn>if
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command delays making the interface operational by the specified number of seconds.
In environments with many subscribers, it can take time to synchronize the subscriber state between peers when the subscriber-interface is enabled (perhaps, after a reboot). To ensure that the state has time to be synchronized, the delayed-enable timer can be specified. The optional parameter init-only can be added to use this timer only after a reboot.
Default
no delayed-enable
Parameters
- seconds
Specifies the number of seconds to delay before the interface is operational.
- init-only
Delays the initialization of the subscriber-interface to give the rest of the system time to complete necessary tasks such as allowing routing protocols to converge and to allow MCS to sync the subscriber information. The delay only occurs immediately after a reboot.
Interface SAP filter and QoS policy commands
egress
Syntax
egress
Context
config>service>vprn>if>sap
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
Commands in this context configure egress SAP Quality of Service (QoS) policies and filter policies.
If no sap-egress QoS policy is defined, the system default sap-egress QoS policy is used for egress processing. If no egress filter is defined, no filtering is performed.
ingress
Syntax
ingress
Context
config>service>vprn>if>sap
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
Commands in this context configure ingress SAP Quality of Service (QoS) policies and filter policies.
If no SAP ingress QoS policy is defined, the system default SAP ingress QoS policy is used for ingress processing. If no ingress filter is defined, no filtering is performed.
aggregate-meter-rate
Syntax
aggregate-meter-rate rate-in-kbps [burst burst-in-kbits]
no aggregate-meter-rate
Context
config>service>vprn>if>sap>ingress
Platforms
Supported on all 7210 SAS platforms as described in this document, excluding platforms configured in the access-uplink operating mode; not supported on 7210 SAS-Sx 10/100GE
Description
This command allows the user to configure the SAP aggregate policer. The rate of the SAP aggregate policer must be specified by the user. The user can optionally specify the burst size for the SAP aggregate policer. The aggregate policer monitors the traffic on different FCs and determines the destination of the packet. The packet is either forwarded to an identified profile or dropped.
The sum of CIR of the individual FCs configured under the SAP cannot exceed the PIR rate configured for the SAP. Though the 7210 SAS software does not block this configuration, it is not recommended for use.
The following table provides information about the final disposition of the packet based on the operating rate of the per FC policer and the per SAP aggregate policer.
Per FC meter operating rate |
Per FC assigned color |
SAP aggregate meter operating rate |
SAP aggregate meter color |
Final packet color |
---|---|---|---|---|
Within CIR |
Green |
Within PIR |
Green |
Green or In-profile |
Within CIR1 |
Green |
Above PIR |
Red |
Green or In-profile |
Above CIR, Within PIR |
Yellow |
Within PIR |
Green |
Yellow or Out-of-Profile |
Above CIR, Within PIR |
Yellow |
Above PIR |
Red |
Red or Dropped |
Above PIR |
Red |
Within PIR |
Green |
Red or Dropped |
Above PIR |
Red |
Above PIR |
Red |
Red or Dropped |
When the SAP aggregate policer is configured, per FC policer can be only configured in ‟trtcm2” mode (RFC 4115).
The meter modes ‟srtcm” and ‟trtcm1” are used in the absence of an aggregate meter.
The SAP ingress meter counters increment the packet or octet counts based on the final disposition of the packet.
If ingress Frame-based accounting is used, the SAP aggregate meter rate accounts for the Ethernet frame overhead. The system accounts for 12 bytes of IFG and 8 bytes of start delimiter.
The no form of this command removes the aggregate policer from use.
Default
no aggregate-meter-rate
Parameters
- rate-in-kbps
Specifies the rate in kilobits per second.
- burst burst-in-kilobits
Specifies the burst size for the policer in kilobits. The burst size cannot be configured without configuring the rate.
filter
Syntax
filter [ip [ip-filter-id | ipv6 ipv6-filter-id]]
filter [mac mac-filter-id]
no filter [ip [ip-filter-id | ipv6 ipv6-filter-id]]
no filter [mac mac-filter-id]
no filter
Context
config>service>vprn>if>sap>egress
config>service>vprn>if>sap>ingress
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command associates an IP filter policy with an ingress or egress Service Access Point (SAP) or IP interface. Filter policies control the forwarding and dropping of packets based on IP matching criteria.
SAP egress QoS policies are only supported on the 7210 SAS-Mxp.
The ip-filter-id must already be defined before the filter command is executed. If the filter policy does not exist, the operation fails and an error message is returned.
In general, filters applied to SAPs (ingress or egress) apply to all packets on the SAP. One exception is non-IP packets are not applied to IP match criteria, so the default action in the filter policy applies to these packets.
The no form of this command removes any configured filter ID association with the SAP or IP interface. The filter ID is not removed from the system unless the scope of the created filter is set to local.
Parameters
- ip ip-filter-id
Specifies IP filter policy. The filter ID must already exist within the created IP filters.
- ipv6 ipv6-filter-id
Specifies the IPv6 filter policy. The filter ID must already exist within the created IPv6 filters.
- mac mac-filter-id
Specifies the MAC filter policy. The specified filter ID must already exist within the created MAC filters. The filter policy must already exist within the created MAC filters.
qos
Syntax
qos policy-id
qos policy-id [enable-table-classification] (for 7210 SAS-Mxp only)
no qos
Context
config>service>vprn>if>sap>egress
config>service>vprn>if>sap>ingress
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command associates a Quality of Service (QoS) policy with an ingress or egress Service Access Point (SAP) or IP interface. QoS ingress and egress policies are important for the enforcement of SLA agreements. The policy ID must be defined before associating the policy with a SAP or IP interface. If the policy-id does not exist, an error is returned.
The qos command only allows ingress policies to be associated on SAP or IP interface ingress, and only allows egress policies on SAP or IP interface egress. Attempts to associate a QoS policy of the wrong type returns an error.
Only one ingress and one egress QoS policy can be associated with a SAP or IP interface at one time. Attempts to associate a second policy of same or different type replaces the earlier one with the new policy.
SAP egress QoS policies are only supported on the 7210 SAS-Mxp.
On the 7210 SAS-Mxp (ingress), using the enable-table-classification keyword enables the use of IP DSCP tables to assign FC and profile on a per-SAP ingress basis. The match-criteria configured in the service ingress policy, which require CAM resources, are ignored. Only meters from the service ingress policy are used (and the meters still require CAM resources). The IP DSCP classification policy configured in the SAP ingress policy is used to assign FC and profile. The default FC is assigned from the SAP ingress policy.
On the 7210 SAS-Mxp, when the interface is associated with RVPLS, the behavior of the qos command is affected. See the config>service>vprn>if>vpls> ingress>enable-table-classification and routed-override-qos-policy commands for more information about classification behavior for RVPLS.
The no form of this command removes the QoS policy association from the SAP or IP interface, and the QoS policy reverts to the default.
Default
No specific QoS policy is associated with the SAP or IP interface for ingress or egress, so the default QoS policy is used.
Parameters
- policy-id
Specifies the ingress/egress policy ID to associate with SAP or IP interface on ingress/egress. The policy ID must already exist.
- enable-table-classification
Enables the use of table-based classification instead of CAM-based classification at SAP ingress. The FC and profile are taken from the IP DSCP classification policy configured in the ingress policy, along with the meters from the SAP ingress policy. Match-criteria entries in the SAP ingress policy are ignored.
Interface VRRP commands
ipv6
Syntax
ipv6
Context
config>service>vprn>if
Platforms
7210 SAS-Mxp
Description
Commands in this context configure VPRN IPv6 parameters.
vrrp
Syntax
vrrp virtual-router-id [owner]
no vrrp virtual-router-id
Context
config>service>vprn>if
config>service>vprn>if>ipv6 (7210 SAS-Mxp only)
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command creates or edits a Virtual Router ID (VRID) on the service IP interface. A VRID is internally represented in conjunction with the IP interface name. This allows the VRID to be used on multiple IP interfaces while representing different virtual router instances.
Two VRRP nodes can be defined on an IP interface. One, both, or none may be defined as owner. The nodal context of vrrp virtual-router-id is used to define the configuration parameters for the VRID.
The no form of this command removes the specified VRID from the IP interface. This terminates VRRP participation for the virtual router and deletes all references to the VRID. The VRID does not need to be shutdown to remove the virtual router instance.
Parameters
- virtual-router-id
Specifies a new virtual router ID or one that can be modified on the IP interface.
authentication-key
Syntax
authentication-key [authentication-key | hash-key] [hash | hash2]
no authentication-key
Context
config>service>vprn>if>vrrp
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command, within the vrrp virtual-router-id context, assigns a simple text password authentication key to generate master VRRP advertisement messages and validate received VRRP advertisement messages.
The authentication-key command is one of the few commands not affected by the presence of the owner keyword. If simple text password authentication is not required, this command is not required. If the command is re-executed with a different password key defined, the new key is used immediately. If a no authentication-key command is executed, the password authentication key is restored to the default value. The authentication-key command may be executed at any time, altering the simple text password used when authentication-type password authentication method is used by the virtual router instance. The authentication-type password command does not need to be executed before defining the authentication-key command.
To change the current in-use password key on multiple virtual router instances:
Identify the current master
Shutdown the virtual router instance on all backups
Execute the authentication-key command on the master to change the password key
Execute the authentication-key command and no shutdown command on each backup key
The no form of this command restores the default null string to the value of key.
Default
No default. The authentication data field contains the value 0 in all 16 octets.
Parameters
- authentication-key
Specifies the simple text password used when VRRP Authentication Type 1 is enabled on the virtual router instance. Type 1 uses a string eight octets long that is inserted into all transmitted VRRP advertisement messages and compared against all received VRRP advertisement messages. The authentication data fields are used to transmit the key.
The key parameter is expressed as a string consisting of up to eight alpha-numeric characters. Spaces must be contained in quotation marks ( ‟ ” ). The quotation marks are not considered part of the string.
The string is case sensitive and is left-justified in the VRRP advertisement message authentication data fields. The first field contains the first four characters with the first octet (starting with IETF RFC bit position 0) containing the first character. The second field holds the fifth through eighth characters. Any unspecified portion of the authentication data field is padded with the value 0 in the corresponding octet.
- hash-key
The hash key. The key can be any combination of ASCII characters up to 22 characters (encrypted). If spaces are used in the string, enclose the entire string in quotation marks (‟ ”).
This is useful when a user must configure the parameter, but, for security purposes, the actual unencrypted key value is not provided.
- hash
Specifies the key is entered in an encrypted form. If the hash parameter is not used, the key is assumed to be in a non-encrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash parameter specified.
- hash2
Specifies the key is entered in a more complex encrypted form. If the hash2 parameter is not used, the less encrypted hash form is assumed.
best-path-selection
Syntax
best-path-selection
Context
config>service>vprn>bgp
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
Commands in this context configure path selection.
always-compare-med
Syntax
always-compare-med {zero | infinity}
no always-compare-med strict-as {zero | infinity}
no always-compare-med
Context
config>service>vprn>bgp>best-path-selection
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the comparison of BGP routes based on the MED attribute. The default behavior of 7210 SAS (equivalent to the no form of this command) is to only compare two routes on the basis of MED if they have the same neighbor AS (the first non-confed AS in the received AS_PATH attribute). Also by default, a route without a MED attribute is handled the same as though it had a MED attribute with the value 0. The always-compare-med command without the strict-as keyword allows MED to be compared even if the paths have a different neighbor AS; in this case, if neither zero or infinity is specified, the zero option is inferred, meaning a route without a MED is handled the same as though it had a MED attribute with the value 0. When the strict-as keyword is present, MED is only compared between paths from the same neighbor AS, and in this case, zero or infinity is mandatory and tells BGP how to interpret paths without a MED attribute.
Default
no always-compare-med
Parameters
- zero
Specifies that for routes learned without a MED attribute that a zero (0) value is used in the MED comparison. The routes with the lowest metric are the most preferred.
- infinity
Specifies for routes learned without a MED attribute that a value of infinity (2^32-1) is used in the MED comparison. This in effect makes these routes the least desirable.
- strict-as
Specifies BGP paths to be compared even with different neighbor AS.
as-path-ignore
Syntax
as-path-ignore [ipv4] [ipv6]
no as-path-ignore
Context
config>service>vprn>bgp>best-path-selection
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command determines whether the AS path is used to determine the best BGP route.
If this option is present, the AS paths of incoming routes are not used in the route selection process.
The no form of this command removes the parameter from the configuration.
Default
no as-path-ignore
Parameters
- ipv4
Specifies that the AS-path length is ignored for all IPv4 routes.
- ipv6
Specifies that the length AS-path is ignored for all IPv6 VPRN routes.
ignore-nh-metric
Syntax
ignore-nh-metric
no ignore-nh-metric
Context
config>service>vprn>bgp>best-path-selection
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command instructs BGP to disregard the resolved distance to the BGP next-hop in its decision process for selecting the best route to a destination. When configured in the config>router>bgp>best-path-selection context, this command applies to the comparison of two BGP routes with the same NLRI learned from base router BGP peers. When configured in the config>service>vprn context, this command applies to the comparison of two BGP-VPN routes for the same IP prefix imported into the VPRN from the base router BGP instance. When configured in the config>service>vprn>bgp>best-path-selection context, this command applies to the comparison of two BGP routes for the same IP prefix learned from VPRN BGP peers.
The no form of this command restores the default behavior whereby BGP factors distance to the next-hop into its decision process.
Default
no ignore-nh-metric
ignore-router-id
Syntax
ignore-router-id
no ignore-router-id
Context
config>service>vprn>bgp>best-path-selection
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command ensures that when the current best path to a destination is learned from eBGP peer X with BGP identifier x, and a new path is received from eBGP peer Y with BGP identifier y, the best path remains unchanged if the new path is equivalent to the current best path up to the BGP identifier comparison – even if y is less than x.
The no form of this command restores the default behavior of selecting the route with the lowest BGP identifier (y) as best.
Default
no ignore-router-id
backup
Syntax
[no] backup ip-address
Context
config>service>vprn>if>vrrp
config>service>vprn>if>ipv6>vrrp (7210 SAS-Mxp only)
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures virtual router IP addresses for the interface.
bfd-enable
Syntax
[no] bfd-enable [service-id] interface interface-name dst-ip ip-address
Context
config>service>vprn>if>vrrp
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command assigns a bi-directional forwarding (BFD) session, providing a heart-beat mechanism for the VRRP instance. There can only be one BFD session assigned to a specified VRRP instance, but multiple VRRP instances can use the same BFD session. If the specified interface is configured with centralized BFD, the BFD transmit and receive intervals must be 300 ms or longer.
BFD controls the state of the associated interface. By enabling BFD on a protocol interface, the state of the protocol interface is tied to the state of the BFD session between the local node and the remote node. The parameters used for the BFD session are configured using the BFD command under the IP interface. The virtual router initiates the BFD session after the specified interface is configured with BFD.
Parameters
- service-id
Specifies the service ID of the interface that is running BFD.
- interface-name
Specifies the name of the interface that is running BFD.
- ip-address
Specifies the destination address to be used for the BFD session.
init-delay
Syntax
init-delay seconds
no init-delay
Context
config>service>vprn>if>vrrp
config>service>vprn>if>ipv6>vrrp (7210 SAS-Mxp only)
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures a VRRP initialization delay timer.
Default
no init-delay
Parameters
- seconds
Specifies the initialization delay timer, in seconds, for VRRP.
master-int-inherit
Syntax
[no] master-int-inherit
Context
config>service>vprn>if>vrrp
config>service>vprn>if>ipv6>vrrp (7210 SAS-Mxp only)
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command allows the master instance to dictate the master down timer (non-owner context only).
Default
no master-int-inherit
message-interval
Syntax
message-interval {[seconds] [milliseconds milliseconds]}
no message-interval
Context
config>service>vprn>if
config>service>vprn>if>ipv6>vrrp (7210 SAS-Mxp only)
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command sets the advertisement timer and indirectly sets the master down timer on the virtual router instance. The message-interval setting must be the same for all virtual routers participating as a virtual router. Any VRRP advertisement message received with an Advertisement Interval field different from the virtual router instance configured message-interval value is silently discarded.
The message-interval command is available in both non-owner and owner vrrp virtual-router-id nodal contexts. If the message-interval command is not executed, the default message interval of 1 second is used.
The no form of this command restores the default message interval value of 1 second to the virtual router instance.
Parameters
- seconds
Specifies the number of seconds that transpire before the advertisement timer expires.
- milliseconds milliseconds
Specifies the time interval, in milliseconds, between sending advertisement messages. This parameter is not supported on single-slot chassis.
ping-reply
Syntax
[no] ping-reply
Context
config>service>vprn>if>vrrp
config>service>vprn>if>ipv6>vrrp (7210 SAS-Mxp only)
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command enables the non-owner master to reply to ICMP echo requests directed at the virtual router instances IP addresses. The ping request can be received on any routed interface.
Ping must not have been disabled at the management security level (either on the parental IP interface or based on the Ping source host address). When ping-reply is not enabled, ICMP echo requests to non-owner master virtual IP addresses are silently discarded.
Non-owner backup virtual routers never respond to ICMP echo requests regardless of the setting of ping-reply configuration.
The ping-reply command is only available in non-owner vrrp virtual-router-id nodal context. If the ping-reply command is not executed, ICMP echo requests to the virtual router instance IP addresses are silently discarded.
The no form of this command restores the default operation of discarding all ICMP echo request messages destined to the non-owner virtual router instance IP addresses.
Default
no ping-reply
policy
Syntax
policy vrrp-policy-id
no policy
Context
config>service>vprn>if>vrrp
config>service>vprn>if>ipv6>vrrp (7210 SAS-Mxp only)
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command associates a VRRP priority control policy with the virtual router instance (non-owner context only).
Parameters
- vrrp-policy-id
Specifies a VRRP priority control policy.
preempt
Syntax
preempt
no preempt
Context
config>service>vprn>if>vrrp
config>service>vprn>if>ipv6>vrrp (7210 SAS-Mxp only)
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command overrides an existing non-owner master to the virtual router instance. Enabling preempt mode is recommended for correct operation of the base-priority and vrrp-policy-id definitions on the virtual router instance. If the virtual router cannot preempt an existing non-owner master, the affect of the dynamic changing of the in-use priority is greatly diminished.
The preempt command is only available in the non-owner vrrp virtual-router-id nodal context. The owner may not be preempted due to the fact that the priority of non-owners can never be higher than the owner. The owner always preempts all other virtual routers when it is available.
Non-owner virtual router instances only preempt when preempt is set and the current master has an in-use message priority value less than the virtual router instances in-use priority.
A master non-owner virtual router only allows itself to be preempted when the incoming VRRP Advertisement message Priority field value is one of the following:
Greater than the virtual router in-use priority value
Equal to the in-use priority value and the source IP address (primary IP address) is greater than the virtual router instance primary IP address
The no form of this command prevents a non-owner virtual router instance from preempting another, less desirable virtual router. Use the preempt command to restore the default mode.
Default
preempt
priority
Syntax
priority priority
no priority
Context
config>service>vprn>if>vrrp
config>service>vprn>if>ipv6>vrrp (7210 SAS-Mxp only)
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command provides configures a specific priority value to the virtual router instance. In conjunction with an optional policy command, the base-priority is used to derive the in-use priority of the virtual router instance.
The priority command is only available in the non-owner vrrp virtual-router-id nodal context. The priority of owner virtual router instances is permanently set to 255 and cannot be changed. For non-owner virtual router instances, if the priority command is not executed, the base-priority is set to 100.
The no form of this command restores the default value of 100 to base-priority.
Parameters
- base-priority
Specifies the base priority used by the virtual router instance. If a VRRP priority control policy is not also defined, the base-priority is the in-use priority for the virtual router instance.
ssh-reply
Syntax
[no] ssh-reply
Context
config>service>vprn>if>vrrp
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command enables the non-owner master to reply to SSH Requests directed at the virtual router instance IP addresses. The SSH request can be received on any routed interface. SSH must not have been disabled at the management security level (either on the parental IP interface or based on the SSH source host address). Correct login and CLI command authentication is still enforced.
When ssh-reply is not enabled, SSH packets to non-owner master virtual IP addresses are silently discarded. Non-owner backup virtual routers never respond to SSH regardless of the ssh-reply configuration.
The ssh-reply command is only available in non-owner vrrp virtual-router-id nodal context. If the ssh-reply command is not executed, SSH packets to the virtual router instance IP addresses are silently discarded.
The no form of this command restores the default operation of discarding all SSH packets destined to the non-owner virtual router instance IP addresses.
Default
no ssh-reply
standby-forwarding
Syntax
[no] standby-forwarding
Context
config>service>vprn>if>vrrp
config>service>vprn>if>ipv6>vrrp (7210 SAS-Mxp only)
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command allows the forwarding of packets by a standby router.
The no form of this command specifies that a standby router should not forward traffic sent to virtual router's MAC address. However, the standby router should forward traffic sent to the standby router real MAC address.
Default
no standby-forwarding
telnet-reply
Syntax
[no] telnet-reply
Context
config>service>vprn>if>vrrp
config>service>vprn>if>ipv6>vrrp (7210 SAS-Mxp only)
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command enables the non-owner master to reply to TCP port 23 Telnet Requests directed at the virtual router instance IP addresses. The Telnet request can be received on any routed interface. Telnet must not have been disabled at the management security level (either on the parental IP interface or based on the Telnet source host address). Correct login and CLI command authentication is still enforced.
When telnet-reply is not enabled, TCP port 23 Telnet packets to non-owner master virtual IP addresses are silently discarded.
Non-owner backup virtual routers never respond to Telnet Requests regardless of the telnet-reply configuration.
The telnet-reply command is only available in non-owner VRRP nodal context. If the telnet-reply command is not executed, Telnet packets to the virtual router instance IP addresses are silently discarded.
The no form of this command restores the default operation of discarding all Telnet packets destined to the non-owner virtual router instance IP addresses.
Default
no telnet-reply
traceroute-reply
Syntax
[no] traceroute-reply
Context
config>service>vprn>if>vrrp
config>service>vprn>if>ipv6>vrrp (7210 SAS-Mxp only)
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command is valid only if the VRRP virtual router instance associated with this entry is a non-owner.
When this command is enabled, a non-owner master can reply to traceroute requests directed to the virtual router instance IP addresses.
A non-owner backup virtual router never responds to such traceroute requests regardless of the trace-route-reply status.
Default
no traceroute-reply
PIM commands
pim
Syntax
[no] pim
Context
config>service>vprn
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command configures a Protocol Independent Multicast (PIM) instance in the VPRN service. When an PIM instance is created, the protocol is enabled. PIM is used for multicast routing within the network. Devices in the network can receive the multicast feed requested and non-participating routers can be pruned. The supports PIM sparse mode (PIM-SM).
The no form of this command deletes the PIM protocol instance removing all associated configuration parameters.
import
Syntax
import {join-policy | register-policy} [policy-name [.. policy-name] policy-name...up to 5 max]
no import {join-policy | register-policy}
Context
config>service>vprn>pim
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command specifies the import route policy to be used for determining which routes are accepted from peers. Route policies are configured in the config>router>policy-options context. When an import policy is not specified, BGP routes are accepted by default.
The no form of this command removes the policy association from the IGMP instance.
Default
no import join-policy
no import register-policy
Parameters
- join-policy
Filters PIM join messages which prevents unwanted multicast streams from traversing the network.
- register-policy
Filters register messages. PIM register filters prevent register messages from being processed by the RP. This filter can only be defined on an RP. When a match is found, the RP immediately sends back a register-stop message.
- policy-name
Specifies the route policy name. Allowed values are any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes. Route policies are configured in the config>router>policy-options context.
interface
Syntax
[no] interface ip-int-name
Context
config>service>vprn>pim
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command enables PIM on an interface and enables the context to configure interface-specific parameters. By default interfaces are activated in PIM based on the apply-to command, and do not have to be configured on an individual basis unless the default values must be changed.
The no form of this command deletes the PIM interface configuration for this interface. If the no command parameter is configured, the no interface form must be saved in the configuration to avoid automatic (re)creation after the next no is executed as part of a reboot.
The shutdown command can be used to disable an interface without removing the configuration for the interface.
Default
Interfaces are activated in PIM based on the apply-to command.
Parameters
- ip-int-name
Specifies the interface name. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.
assert-period
Syntax
assert-period assert-period
no assert-period
Context
config>service>vprn>pim>if
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command configures the period in seconds for periodic refreshes of PIM Assert messages on an interface.
The no form of this command reverts to the default.
Default
60
Parameters
- assert-period
Specifies the period, in seconds, for periodic refreshes of PIM Assert messages on an interface.
bfd-enable
Syntax
[no] bfd-enable [ipv4]
Context
config>service>vprn>pim>if
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command enables the use of bidirectional forwarding (BFD) to control the state of the associated protocol interface. By enabling BFD on a specific protocol interface, the state of the protocol interface is tied to the state of the BFD session between the local node and the remote node. The parameters used for the BFD are set via the BFD command under the IP interface.
For more information about the protocols and platforms that support BFD, see the 7210 SAS-Mxp, R6, R12, S, Sx, T Router Configuration Guide.
The no form of this command removes BFD from the associated IGP protocol adjacency.
Default
no bfd-enable
bsm-check-rtr-alert
Syntax
[no] bsm-check-rtr-alert
Context
config>service>vprn>pim>if
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command enables the checking of router alert option in the bootstrap messages received on this interface.
Default
no bsm-check-rtr-alert
hello-interval
Syntax
hello-interval hello-interval
no hello-interval
Context
config>service>vprn>pim>if
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command configures the frequency at which PIM Hello messages are transmitted on this interface.
The no form of this command reverts to the default value.
Default
30
Parameters
- hello-interval
Specifies the hello interval in seconds. A 0 (zero) value disables the sending of hello messages.
hello-multiplier
Syntax
hello-multiplier deci-units
no hello-multiplier
Context
config>service>vprn>pim>if
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command configures the multiplier to determine the hold time for a PIM neighbor.
The hello-multiplier in conjunction with the hello-interval determines the holdtime for a PIM neighbor.
Parameters
- deci-units
Specifies the value, specified in multiples of 0.1, for the formula used to calculate the hello-holdtime based on the hello-multiplier:
(hello-interval * hello-multiplier) / 10
This allows the PIMv2 default timeout of 3.5 seconds to be supported.
improved-assert
Syntax
[no] improved-assert
Context
config>service>vprn>pim>if
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command enables improved assert processing on this interface. The PIM assert process establishes a forwarder for a LAN and requires interaction between the control and forwarding planes.
The assert process is started when data is received on an outgoing interface. This could impact performance if data is continuously received on an outgoing interface.
When enabled, the PIM assert process is done entirely on the control-plane with no interaction between the control and forwarding plane.
Default
enabled
instant-prune-echo
Syntax
[no] instant-prune-echo
Context
config>service>vprn>pim>if
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command enables PIM router to echo the PIM prune message received from a downstream router. It is typically used in a multi-access broadcast network (for example: Ethernet LAN) to reduce the probability of loss of PIM prune messages.
Default
no instant-prune-echo
max-groups
Syntax
max-groups value
no max-groups
Context
config>service>vprn>pim>if
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command configures the maximum number of groups for which PIM can have downstream state based on received PIM Joins on this interface. This does not include IGMP local receivers on the interface. When this configuration is changed dynamically to a value lower than the currently accepted number of groups, the groups that are already accepted are not deleted. Only new groups are not allowed. When this object has a value of 0, there is no limit to the number of groups.
Parameters
- value
Specifies the maximum number of groups for this interface.
multicast-senders
Syntax
multicast-senders {auto | always | never}
no multicast-senders
Context
config>service>vprn>pim>if
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command configures the way subnet matching is done for incoming data packets on this interface. An IP multicast sender is a user entity to be authenticated in a receiving host.
Parameters
- auto
Specifies that subnet matching is automatically performed for incoming data packets on this interface.
- always
Specifies that subnet matching is always performed for incoming data packets on this interface.
- never
Specifies that subnet matching is never performed for incoming data packets on this interface.
priority
Syntax
priority dr-priority
no priority
Context
config>service>vprn>pim>if
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command sets the priority value to become the rendezvous point (RP) that is included in bootstrap messages sent by the router. The RP is sometimes called the bootstrap router. The priority command indicates whether the router is eligible to be a bootstrap router.
The no form of this command disqualifies the router to participate in the bootstrap election.
The default value means the router is the least likely to become the designated router.
Default
1
Parameters
- dr-priority
Specifies the priority to become the designated router. The higher the value, the higher the priority.
sticky-dr
Syntax
sticky-dr [priority dr-priority]
no sticky-dr
Context
config>service>vprn>pim>if
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command enables sticky-dr operation on this interface. When enabled, the priority in PIM hellos sent on this interface when elected as the Designated Router (DR) is modified to the value configured in dr-priority. This is done to avoid the delays in forwarding caused by DR recovery, when switching back to the old DR on a LAN when it comes back up.
By enabling sticky-dr, this interface continues to act as the DR for the LAN even after the old DR comes back up.
The no form of this command disables sticky-dr operation on this interface.
Default
disabled
Parameters
- priority dr-priority
Sets the DR priority to be sent in PIM Hello messages following the election of that interface as the DR, when sticky-dr operation is enabled.
three-way-hello
Syntax
three-way-hello
no three-way-hello
Context
config>service>vprn>pim>if
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command configures the compatibility mode for enabling the three-way hello.
tracking-support
Syntax
[no] tracking-support
Context
config>service>vprn>pim>if
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command sets the T bit in the LAN Prune Delay option of the Hello Message. This indicates the router's capability to disable Join message suppression.
Default
no tracking-support
non-dr-attract-traffic
Syntax
[no] non-dr-attract-traffic
Context
config>service>vprn>pim
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command specifies whether the router should ignore the designated router state and attract traffic even when it is not the designated router.
An operator can configure an interface (router or IES or VPRN interfaces) to IGMP and PIM. The interface IGMP state is synchronized to the backup node if it is associated with the redundant peer port. The interface can be configured to use PIM which causes multicast streams to be sent to the elected DR only. The DR is also the router sending traffic to the DSLAM. Because it may be required to attract traffic to both routers a flag non-dr-attract-trafffic can be used in the PIM context to have the router ignore the DR state and attract traffic when not DR. Note that while using this flag the router may not send the stream down to the DSLAM while not DR.
When enabled, the designated router state is ignored. When disabled, no non-dr-attract-traffic, the designated router value is honored.
Default
no non-dr-attract-traffic
rp
Syntax
rp
Context
config>service>vprn>pim
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command enables access to the context to configure the rendezvous point (RP) of a PIM protocol instance.
A Nokia PIM router acting as an RP must respond to a PIM register message specifying an SSM multicast group address by sending to the first hop router stop register messages. It does not build an (S, G) shortest path tree toward the first hop router. An SSM multicast group address can be either from the SSM default range of 232/8 or from a multicast group address range that was explicitly configured for SSM.
Default
rp enabled when PIM is enabled.
anycast
Syntax
[no] anycast rp-ip-address
Context
config>service>vprn>pim>rp
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command configures a PIM anycast protocol instance for the RP being configured. Anycast enables fast convergence when a PIM RP router fails by allowing receivers and sources to rendezvous at the closest RP.
The no form of this command removes the anycast instance from the configuration.
Parameters
- rp-ip-address
Specifies the loopback IP address shared by all routes that form the RP set for this anycast instance. Only a single address can be configured. If another anycast command is entered with an address, the old address is replaced with the new address. If no ip-address is entered, the command is simply used to enter the anycast CLI level.
rp-set-peer
Syntax
[no] rp-set-peer ip-address
Context
config>service>vprn>pim>rp>anycast
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command configures a peer in the anycast rp-set. The address identifies the address used by the other node as the RP candidacy address for the same multicast group address range as configured on this node.
This is a manual procedure. Caution should be taken to produce a consistent configuration of an RP-set for a specific multicast group address range. The priority should be identical on each node and be a higher value than any other configured RP candidate that is not a member of this rp-set.
Although there is no set maximum of addresses that can be configured in an rp-set, up to 15 multicast addresses is recommended.
The no form of this command removes an entry from the list.
Parameters
- ip-address
Specifies the address used by the other node as the RP candidacy address for the same multicast group address range as configured on this node.
bootstrap-export
Syntax
bootstrap-export policy-name [policy-name... up to five]
no bootstrap-export
Context
config>service>vprn>pim>rp
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command exports policies to control the flow of bootstrap messages from the RP. Up to five policies can be defined.
The no form of this command removes the specified policy names from the configuration.
Parameters
- policy-name
Specifies the policy name. The policy statement must already be configured in the config>router>policy-options context.
bootstrap-import
Syntax
bootstrap-import policy-name [policy-name... up to 5 max]
no bootstrap-import policy-name [policy-name... up to 5 max]
Context
config>service>vprn>pim>rp
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command imports policies to control the flow of bootstrap messages into the RP. Up to five policies can be defined.
The no form of this command removes the specified policy names from the configuration.
Parameters
- policy-name
Specifies the policy name. The policy statement must already be configured in the config>router>policy-options context.
bsr-candidate
Syntax
bsr-candidate
Context
config>service>vprn>pim>rp
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
Commands in this context configure a local rendezvous point (RP) of a PIM protocol instance.
Default
Enabled when PIM is enabled.
address
Syntax
[no] address ip-address
Context
config>service>vprn>pim>rp>bsr-candidate
config>service>vprn>pim>rp>rp-candidate
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command configures a static bootstrap or rendezvous point (RP) as long as the source is not directly attached to this router.
The no form of this command removes the static RP from the configuration.
Default
No IP address is specified.
Parameters
- ip-address
Specifies the static IP address of the RP. The ip-address portion of the address command specifies the IP host address that is used by the IP interface within the subnet. This address must be unique within the subnet and specified in dotted-decimal notation.
hash-mask-len
Syntax
hash-mask-len hash-mask-length
no hash-mask-len
Context
config>service>vprn>pim>rp>bsr-candidate
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command is used to configure the length of a mask that is to be combined with the group address before the hash function is called. All groups with the same hash map to the same RP. For example, if this value is 24, only the first 24 bits of the group addresses matter. This mechanism is used to map one group or multiple groups to an RP.
Parameters
- hash-mask-length
The hash mask length.
priority
Syntax
priority bootstrap-priority
Context
config>service>vprn>pim>rp>bsr-candidate
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command defines the priority used to become the rendezvous point (RP) . The higher the priority value the more likely that this router becomes the RP. If there is a tie, the router with the highest IP address is elected.
Parameters
- bootstrap-priority
The priority to become the bootstrap router.
rp-candidate
Syntax
rp-candidate
Context
config>service>vprn>pim>rp
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
Commands in this context configure the candidate rendezvous point (RP) parameters.
Default
Enabled when PIM is enabled.
group-range
Syntax
[no] group-range {grp-ip-address/mask | grp-ip-address [netmask]}
Context
config>service>vprn>pim>rp>rp-candidate
config>service>vprn>pim>ssm
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command configures the group address or range of group addresses for which this router can be the rendezvous point (RP).
The no form of this command removes the group address or range of group addresses for which this router can be the RP from the configuration.
Parameters
- group-ip-address
Specifies the addresses or address ranges that this router can be an RP.
- mask
Specifies the address mask with the address to define a range of addresses.
- netmask
Specifies the subnet mask in dotted-decimal notation.
holdtime
Syntax
holdtime holdtime
no holdtime holdtime
Context
config>service>vprn>pim>rp>rp-candidate
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command to defines the length of time neighboring routers consider this router to be up.
The no form of this command reverts to the default value.
Default
150
Parameters
- holdtime
Specifies the length of time, in seconds, that neighbor should consider the sending router to be operational.
priority
Syntax
priority priority
no priority priority
Context
config>router>pim>rp>local
config>service>vprn>pim>rp>rp-candidate
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command defines the priority used to become the rendezvous point (RP). The higher the priority value, the more likely that this router becomes the RP.
The no form of this command reverts to the default value.
Default
1
Parameters
- priority
Specifies the priority to become the designated router. The higher the value the more likely the router becomes the RP.
static
Syntax
static
Context
config>service>vprn>pim>rp
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command enables access to the context to configure a static rendezvous point (RP) of a PIM-SM protocol instance.
address
Syntax
[no] address ip-address
Context
config>service>vprn>pim>rp>static
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command configures the static rendezvous point (RP) address.
The override option specifies that dynamically learned RPs have less priority this static entry, by default dynamic learned RPs take preference over static configured RPs.
The no form of this command removes the static RP entry from the configuration.
group-prefix
Syntax
[no] group-prefix {grp-ip-address/mask | grp-ip-address netmask}
Context
config>service>vprn>pim>rp>static
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command defines a range of multicast-ip-addresses for which a certain RP is applicable.
The no form of this command removes the criterion.
Parameters
- grp-ip-address
Specifies the multicast IP address.
- mask
Specifies the mask of the multicast-ip-address.
- netmask
Specifies the subnet mask in dotted-decimal notation.
override
Syntax
[no] override
Context
config>service>vprn>pim>rp>static
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command changes the precedence of static RP over dyanamically learned Rendezvous Point (RP).
When enabled, the static group-to-RP mappings take precedence over the dynamically learned mappings.
Default
no override
spt-switchover-threshold
Syntax
spt-switchover-threshold {grp-ip-address/mask | grp-ip-address netmask} spt-threshold
no spt-switchover-threshold {grp-ip-address/mask | grp-ip-address netmask}
Context
config>service>vprn>pim
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command configures a shortest path tree (SPT tree) switchover threshold for a group prefix.
Parameters
- grp-ip-address
Specifies the multicast group address.
- mask
Specifies the mask of the multicast-ip-address.
- netmask
Specifies the subnet mask in dotted-decimal notation.
- spt-threshold
Specifies the configured threshold in kilo-bits per second(kbps) for the group to which this (S,G) belongs. For a group G configured with a threshold, switchover to SPT for an (S,G) is attempted only if the (S,G)'s rate exceeds this configured threshold.
ssm-assert-compatible-mode
Syntax
ssm-assert-compatible-mode [enable | disable]
Context
config>service>vprn>pim
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command specifies whether SSM assert is enabled in compatibility mode for this PIM protocol instance. When enabled for SSM groups, PIM considers the SPT bit to be implicitly set to compute the value of CouldAssert (S,G,I) as defined in RFC 4601, Protocol Independent Multicast - Sparse Mode (PIM-SM): Protocol Specification (Revised). When disabled, for SSM groups, PIM does not assume the SPT bit to be set. The SPT bit is set by the Update_SPTbit(S,G,iif) macro defined in RFC 4601.
Default
disable
Parameters
- enable
Enables SSM assert in compatibility mode for this PIM protocol instance.
- disable
Disables SSM assert in compatibility mode for this PIM protocol instance.
ssm-default-range-disable
Syntax
ssm-default-range-disable ipv4
Context
config>service>vprn>pim
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command specifies whether to disable the use of default range (232/8) for SSM so that it can be used by ASM to process (*,G). When enabled, the use of default range is disabled for SSM and it can be used by ASM. When disabled, the SSM default range is enabled.
Default
disable
ssm-groups
Syntax
[no] ssm-groups
Context
config>service>vprn
Platforms
7210 SAS-T (network operating mode) and 7210 SAS-Mxp
Description
This command configures a source-specific multicast (SSM) configuration instance.
Counter mode commands
statistics
Syntax
statistics
Context
config>service>vprn>if>sap
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
Commands in this context configure the counters associated with SAP ingress.
ingress
Syntax
ingress
Context
config>service>vprn>if>sap>statistics
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
Commands in this context configure the ingress SAP statistics counter.
counter-mode
Syntax
counter-mode {in-out-profile-count | forward-drop-count}
Context
config>service>vprn>if>sap>statistics>ingress
Platforms
7210 SAS-T (network operating mode), 7210 SAS-Mxp, and 7210 SAS-Sx/S 1/10GE (standalone and standalone-VC), and 7210 SAS-Sx 10/100GE
Description
This command sets the counter mode for the counters associated with sap ingress meters or policers. A pair of counters is available with each meter. These counters count different events based on the counter mode value.
The counter mode can be changed if an accounting policy is associated with a SAP. If the counter mode is changed, the counters associated with the meter are reset and the counts are cleared. If an accounting policy is in use when the counter-mode is changed, a new record is written into the current accounting file.
Execute the following sequence of commands on the specified SAP to ensure that the correct statistics are collected when the counter-mode is changed:
Execute the command config>service>vprn>interface>sap>no collect-stats, to disable writing of accounting records for the SAP.
Change the counter-mode to the desired option, execute the command config>service>vprn>interface>sap>statistics>ingress>counter-mode {in-out-profile-count | forward-drop-count}.
Execute the command config>service>vprn>interface>sap>collect-stats, to enable writing of accounting records for the SAP.
The no form of this command restores the counter mode to the default value.
Default
in-out-profile-count
Parameters
- in-out-profile-count
If the counter mode is specified as in-out-profile-count, one counter counts the total in-profile packets and octets received on ingress of a SAP and another counts the total out-of-profile packets and octets received on ingress of a SAP. A packet is determined to be in-profile or out-of-profile based on the meter rate parameters configured. A packet is dropped by the policer if it exceeds the configured PIR rate. Dropped counts are not maintained in hardware when this mode is used. It is obtained by subtracting the sum of in-profile count and out-of-profile count from the total SAP ingress received count and displayed.
- forward-drop-count
If the counter mode is specified as forward-drop-count, one counter counts the forwarded packets and octets received on ingress of a SAP and another counts the dropped packets. The forwarded count is the sum of in-profile and out-of-profile packets/octets received on SAP ingress. The dropped count is count of packets/octets dropped by the policer. A packet is determined to be in-profile or out-of-profile based on the meter rate parameters configured. A packet is dropped by the policer if it exceeds the configured PIR rate. The in-profile count and out-of-profile count is not individually available when operating in this mode.
BGP commands
bgp
Syntax
[no] bgp
Context
config>service>vprn
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command enables the BGP protocol with the VPRN service.
The no form of this command disables the BGP protocol from the specific VPRN service.
Default
no bgp
advertise-inactive
Syntax
[no] advertise-inactive
Context
config>service>vprn>bgp
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command enables or disables the advertising of inactive BGP routers to other BGP peers.
By default, BGP only advertises BGP routes to other BGP peers if a specific BGP route is chosen by the route table manager as the most preferred route within the system and is active in the forwarding plane. This command allows system administrators to advertise a BGP route even though it is not the most preferred route within the system for a specific destination.
Default
no advertise-inactive
aggregator-id-zero
Syntax
[no] aggregator-id-zero
Context
config>service>vprn>bgp
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command sets the router ID in the BGP aggregator path attribute to zero when BGP aggregates routes. This prevents different routers within an AS from creating aggregate routes that contain different AS paths.
When BGP is aggregating routes, it adds the aggregator path attribute to the BGP update messages. By default, BGP adds the AS number and router ID to the aggregator path attribute.
When this command is enabled, BGP adds the router ID to the aggregator path attribute. This command is used at the group level to revert to the value defined under the global level, while this command is used at the neighbor level to revert to the value defined under the group level.
The no form of this command used at the global level reverts to default where BGP adds the AS number and router ID to the aggregator path attribute.
The no form of this command used at the group level reverts to the value defined at the group level.
The no form of this command used at the neighbor level reverts to the value defined at the group level.
Default
no aggregator-id-zero
always-compare-med
Syntax
always-compare-med {zero | infinity}
no always-compare-med
Context
config>service>vprn>bgp
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command specifies how the Multi-Exit Discriminator (MED) path attribute is used in the BGP route selection process. The MED attribute is always used in the route selection process regardless of the peer AS that advertised the route. This parameter determines what MED value is inserted in the RIB-IN. If this parameter is not configured, only the MEDs of routes that have the same peer ASs are compared.
The no form of this command removes the parameter from the configuration.
Default
no always-compare-med
Parameters
- zero
Specifies that for routes learned without a MED attribute that a zero (0) value is used in the MED comparison. The routes with the lowest metric are the most preferred.
- infinity
Specifies for routes learned without a MED attribute that a value of infinity (4294967295) is used in the MED comparison. This in effect makes these routes the least desirable.
as-path-ignore
Syntax
[no] as-path-ignore
Context
config>service>vprn>bgp
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command determines whether the AS path is used to determine the best BGP route.
If this option is present, the AS paths of incoming routes are not used in the route selection process.
The no form of this command removes the parameter from the configuration.
Default
no as-path-ignore
as-override
Syntax
[no] as-override
Context
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command replaces all instances of the peer's AS number with the local AS number in a BGP route's AS_PATH.
This command breaks the BGP's loop detection mechanism. It should be used carefully.
Default
not enabled
authentication-key
Syntax
authentication-key [authentication-key | hash-key] [hash | hash2]
no authentication-key
Context
config>service>vprn>bgp
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the BGP authentication key.
Authentication is performed between neighboring routers before setting up the BGP session by verifying the password. Authentication is performed using the MD-5 message-based digest. The authentication key can be any combination of letters or numbers from 1 to 16.
The no form of this command removes the authentication password from the configuration and effectively disables authentication.
Default
Authentication is disabled and the authentication password is empty.
Parameters
- authentication-key
Specifies the authentication key. The key can be any combination of ASCII characters up to 255 characters (unencrypted). If spaces are used in the string, enclose the entire string in quotation marks (‟ ”).
- hash-key
Specifies the hash key. The key can be any combination of ASCII characters up to 342 characters (encrypted). If spaces are used in the string, enclose the entire string in quotation marks (‟ ”).
This is useful when a user must configure the parameter, but, for security purposes, the actual unencrypted key value is not provided.
- hash
Specifies the key is entered in an encrypted form. If the hash parameter is not used, the key is assumed to be in a non-encrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash parameter specified.
- hash2
Specifies the key is entered in a more complex encrypted form. If the hash2 parameter is not used, the less encrypted hash form is assumed.
auth-keychain
Syntax
auth-keychain name
Context
config>service>vprn>bgp
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the BGP authentication key for all peers.
The keychain allows the rollover of authentication keys during the lifetime of a session.
Default
no auth-keychain
Parameters
- name
Specifies the name of an existing keychain, up to 32 characters, to use for the specified TCP session or sessions.
backup-path
Syntax
[no] backup-path [ipv4] [ipv6]
Context
config>service>vprn>bgp
Platforms
7210 SAS-T, 7210 SAS-Sx/S 1/10GE (standalone and standalone-VC), 7210 SAS-Sx 10/100GE, and 7210 SAS-Mxp.
Description
This command enables the computation and use of a backup path for IPv4 and IPv6 BGP-learned prefixes belonging to the base router or a particular VPRN. Multiple paths must be received for a prefix to take advantage of this feature. When a prefix has a backup path and its primary paths fail the affected traffic is rapidly diverted to the backup path without waiting for control plane re-convergence to occur. When many prefixes share the same primary paths, and in some cases also the same backup path, the time to failover traffic to the backup path is independent of the number of prefixes.
By default, IPv4 and IPv6 prefixes do not have a backup path installed in the IOM.
Default
no backup-path
Parameters
- ipv4
Enables the use of a backup path for BGP-learned unlabeled IPv4 prefixes.
- ipv6
Enables the use of a backup path for BGP-learned unlabeled IPv6 prefixes.
connect-retry
Syntax
connect-retry seconds
no connect-retry
Context
config>service>vprn>bgp
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the BGP connect retry timer value in seconds.
When this timer expires, BGP tries to reconnect to the configured peer. This configuration parameter can be set at three levels: global level (applies to all peers), peer-group level (applies to all peers in group) or neighbor level (only applies to specified peer). The most specific value is used.
The no form of this command used at the global level reverts to the default value.
The no form of this command used at the group level reverts to the value defined at the global level.
The no form of this command used at the neighbor level reverts to the value defined at the group level.
Default
120
Parameters
- seconds
The BGP Connect Retry timer value, in seconds, expressed as a decimal integer.
damping
Syntax
[no] damping
Context
config>service>vprn>bgp
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command enables BGP route damping for learned routes which are defined within the route policy. Use damping to reduce the number of update messages sent between BGP peers and reduce the load on peers without affecting the route convergence time for stable routes. Damping parameters are set via route policy definition.
The no form of this command used at the global level disables route damping.
The no form of this command used at the group level reverts to the value defined at the global level.
The no form of this command used at the neighbor level reverts to the value defined at the group level.
When damping is enabled and the route policy does not specify a damping profile, the default damping profile is used. This profile is always present and consists of the following parameters:
Half-life: |
15 minutes |
Max-suppress: |
60 minutes |
Suppress-threshold: |
3000 |
Reuse-threshold |
750 |
Default
no damping
disable-4byte-asn
Syntax
[no] disable-4byte-asn
Context
config>service>vprn>bgp
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command disables the use of 4-byte AS numbers. It can be configured at all 3 level of the hierarchy so it can be specified down to the per peer basis.
If this command is enabled 4-byte AS number support should not be negotiated with the associated remote peers.
The no form of this command resets the behavior to the default which is to enable the use of 4-byte AS number.
disable-capability-negotiation
Syntax
[no] disable-capability-negotiation
Context
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command disables the exchange of capabilities. When this command is enabled and after the peering is flapped, any new capabilities are not negotiated and strictly support IPv4 routing exchanges with that peer.
The no form of this command removes this command from the configuration and restores the normal behavior.
Default
no disable-capability-negotiation
disable-capability-negotiation
Syntax
[no] disable-capability-negotiation
Context
config>service>vprn>bgp
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command disables the exchange of capabilities. When command is enabled and after the peering is flapped, any new capabilities are not negotiated and strictly support IPv4 routing exchanges with that peer.
The no form of this command removes this command from the configuration and restores the normal behavior.
Default
no disable-capability-negotiation
disable-communities
Syntax
disable-communities [standard] [extended]
no disable-communities
Context
config>service>vprn>bgp
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures BGP to disable sending communities.
Parameters
- standard
Specifies standard communities that existed before VPRNs or 2547.
- extended
Specifies BGP communities used were expanded after the concept of 2547 was introduced, to include handling the VRF target.
disable-fast-external-failover
Syntax
[no] disable-fast-external-failover
Context
config>service>vprn>bgp
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures BGP fast external failover.
enable-peer-tracking
Syntax
[no] enable-peer-tracking
Context
config>service>vprn>bgp
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command enables BGP peer tracking.
Default
no enable-peer-tracking
export
Syntax
export policy [policy...]
no export
Context
config>service>vprn>bgp
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command specifies the export policies to be used to control routes advertised to BGP neighbors.
When multiple policy names are specified, the policies are evaluated in the order they are specified. A maximum of five (5) policy names can be configured. The first policy that matches is applied.
Note that if a non-existent route policy is applied to a VPRN instance, the CLI generates a warning message. This message is only generated at an interactive CLI session and the route policy association is made. No warning message is generated when a non-existent route policy is applied to a VPRN instance in a configuration file or when SNMP is used.
The no form of this command removes all route policy names from the export list.
Default
no export
Parameters
- policy
Specifies a route policy statement name.
family
Syntax
family [ipv4] [ipv6]
no family
Context
config>service>vprn>bgp
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the IP family capability.
The no form of this command reverts to the default.
Default
no family
Parameters
- ipv4
Specifies IPv4 support.
- ipv6
Specifies IPv6 support.
group
Syntax
group name [dynamic-peer]
no group
Context
config>service>vprn>bgp
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures a BGP peer group.
The no form of this command deletes the specified peer group and all configurations associated with the peer group. The group must be shutdown before it can be deleted.
Parameters
- name
Specifies the peer group name. Allowed values is a string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.
- dynamic-peer
Specifies that the specific BGP group is used by BGP peers created dynamically based on subscriber-hosts pointing to corresponding BGP peering policy. There can be only one BGP group with this flag set in any specific VPRN. No BGP neighbors can be manually configured in a BGP group with this flag set.
neighbor
Syntax
[no] neighbor ip-address
Context
config>service>vprn>bgp>group
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command creates a BGP peer/neighbor instance within the context of the BGP group.
This command can be issued repeatedly to create multiple peers and their associated configuration.
The no form of this command removes the specified neighbor and the entire configuration associated with the neighbor. The neighbor must be administratively shutdown before attempting to delete it. If the neighbor is not shutdown, the command does not result in any action except a warning message on the console indicating that neighbor is still administratively up.
Parameters
- ip-address
Specifies the IP address of the BGP peer router in dotted-decimal notation.
family
Syntax
family [ipv4] [ipv6]
no family
Context
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command specifies the address family or families to be supported over BGP peerings in the base router. This command is additive so issuing the family command adds the specified address family to the list.
The no form of this command removes the specified address family from the associated BGP peerings. If an address family is not specified, reset the supported address family back to the default.
Default
ipv4
Parameters
- ipv4
Specifies support for IPv4 routing information.
- ipv6
Specifies support for IPv6 routing information.
hold-time
Syntax
hold-time seconds [strict]
no hold-time
Context
config>service>vprn>bgp
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the BGP hold time, expressed in seconds.
The BGP hold time specifies the maximum time BGP waits between successive messages (either keepalive or update) from its peer, before closing the connection. This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in group) or neighbor level (only applies to specified peer). The most specific value is used.
Even though the router OS implementation allows setting the keepalive time separately, the configured keepalive timer is overridden by the hold-time value under the following circumstances:
If the specified hold-time is less than the configured keepalive time, the operational keepalive time is set to a third of the hold-time; the configured keepalive time is not changed.
If the hold-time is set to zero, the operational value of the keepalive time is set to zero; the configured keepalive time is not changed. This means that the connection with the peer is up permanently and no keepalive packets are sent to the peer.
The no form of this command used at the global level reverts to the default value.
The no form of this command used at the group level reverts to the value defined at the global level.
The no form of this command used at the neighbor level reverts to the value defined at the group level.
Default
90
Parameters
- seconds
The hold-time, in seconds, expressed as a decimal integer. A value of 0 indicates the connection to the peer is up permanently.
- strict
Specifies the advertised BGP hold-time from the far-end BGP peer must be greater than or equal to the specified value.
import
Syntax
import policy [policy...]
no import
Context
config>service>vprn>bgp
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command specifies the import policies to be used to control routes advertised to BGP neighbors. Route policies are configured in the config>router>policy-options context. When multiple policy names are specified, the policies are evaluated in the order they are specified. A maximum of five (5) policy names can be specified. The first policy that matches is applied.
The no form of this command removes all route policy names from the import list.
Default
no import
Parameters
- policy
Specifies aroute policy statement name.
keepalive
Syntax
keepalive seconds
no keepalive
Context
config>service>vprn>bgp
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the BGP keepalive timer. A keepalive message is sent every time this timer expires. The seconds parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in peer-group) or neighbor level (only applies to specified peer). The most specific value is used.
The keepalive value is generally one-third of the hold-time interval. Even though the OS implementation allows the keepalive value and the hold-time interval to be independently set, under the following circumstances, the configured keepalive value is overridden by the hold-time value:
If the specified keepalive value is greater than the configured hold-time, the specified value is ignored, and the keepalive is set to one third of the current hold-time value.
If the specified hold-time interval is less than the configured keepalive value, the keepalive value is reset to one third of the specified hold-time interval.
If the hold-time interval is set to zero, the configured value of the keepalive value is ignored. This means that the connection with the peer is up permanently and no keepalive packets are sent to the peer.
The no form of this command used at the global level reverts to the default value.
The no form of this command used at the group level reverts to the value defined at the global level.
The no form of this command used at the neighbor level reverts to the value defined at the group level.
Default
30
Parameters
- seconds
The keepalive timer, in seconds, expressed as a decimal integer.
local-address
Syntax
local-address ip-address
no local-address
Context
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
Configures the local IP address used by the group or neighbor when communicating with BGP peers.
Outgoing connections use the local-address as the source of the TCP connection when initiating connections with a peer.
When a local address is not specified, the 7210 SAS uses the system IP address when communicating with iBGP peers and uses the interface address for directly connected eBGP peers. This command is used at the neighbor level to revert to the value defined under the group level.
The no form of this command removes the configured local-address for BGP.
The no form of this command used at the group level reverts to the value defined at the global level.
The no form of this command used at the neighbor level reverts to the value defined at the group level.
Parameters
- no local-address
Specifies the router ID is used when communicating with iBGP peers and the interface address is used for directly connected eBGP peers.
- ip-address
Specifies the local address expressed in dotted-decimal notation. Allowed values are a valid routable IP address on the router, either an interface or system IP address.
local-as
Syntax
local-as as-number [private]
no local-as
Context
config>service>vprn>bgp
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures a BGP virtual autonomous system (AS) number.
In addition to the AS number configured for BGP in the config>router>autonomous-system context, a virtual (local) AS number is configured.The virtual AS number is added to the as-path message before the router AS number makes the virtual AS the second AS in the as-path.
This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in peer-group) or neighbor level (only applies to specified peer). Therefore, by specifying this at each neighbor level, it is possible to have a separate as-number per eBGP session.
When a command is entered multiple times for the same AS, the last command entered is used in the configuration. The private attribute can be added or removed dynamically by reissuing the command.
Changing the local AS at the global level in an active BGP instance causes the BGP instance to restart with the new local AS number. Changing the local AS at the global level in an active BGP instance causes BGP to reestablish the peer relationships with all peers in the group with the new local AS number. Changing the local AS at the neighbor level in an active BGP instance causes BGP to reestablish the peer relationship with the new local AS number.
This is an optional command and can be used in the following circumstance:
Provider router P is moved from AS1 to AS2. The customer router that is connected to P, however, is configured to belong to AS1. To avoid reconfiguring the customer router, the local-as value on router P can be set to AS1. Therefore, router P adds AS1 to the as-path message for routes it advertises to the customer router.
The no form of this command used at the global level removes any virtual AS number configured.
The no form of this command used at the group level reverts to the value defined at the global level.
The no form of this command used at the neighbor level reverts to the value defined at the group level.
Default
no local-as
Parameters
- as-number
Specifies the virtual autonomous system number, expressed as a decimal integer.
- private
Specifies the local-as is hidden in paths learned from the peering.
local-preference
Syntax
local-preference local-preference
no local-preference
Context
config>service>vprn>bgp
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command sets the BGP local-preference attribute in incoming routes if not specified and configures the default value for the attribute. This value is used if the BGP route arrives from a BGP peer without the local-preference integer set.
The specified value can be overridden by any value set via a route policy. This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in peer-group) or neighbor level (only applies to specified peer). The most specific value is used.
The no form of this command at the global level specifies that incoming routes with local-preference set are not overridden and routes arriving without local-preference set are interpreted as if the route had local-preference value of 100.
The no form of this command used at the group level reverts to the value defined at the global level.
The no form of this command used at the neighbor level reverts to the value defined at the group level.
The default of no-local-preference does not override the local-preference value set in arriving routes and analyze routes without local preference with value of 100.
Default
no local-preference
Parameters
- local-preference
Specifies the local preference value to be used as the override value, expressed as a decimal integer.
loop-detect
Syntax
loop-detect {drop-peer | discard-route | ignore-loop | off}
no loop-detect
Context
config>service>vprn>bgp
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures how the BGP peer session handles loop detection in the AS path.
This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in peer-group) or neighbor level (only applies to specified peer). The most specific value is used.
Note that dynamic configuration changes of loop-detect are not recognized.
The no form of this command used at the global level reverts to default, which is loop-detect ignore-loop.
The no form of this command used at the group level reverts to the value defined at the global level.
The no form of this command used at the neighbor level reverts to the value defined at the group level.
Default
loop-detect ignore-loop
Parameters
- drop-peer
Sends a notification to the remote peer and drops the session.
- discard-route
Discards routes received with loops in the AS path.
- ignore-loop
Ignores routes with loops in the AS path but maintains peering.
- off
Disables loop detection.
med-out
Syntax
med-out {number | igp-cost}
no med-out
Context
config>service>vprn>bgp
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command enables advertising the Multi-Exit Discriminator (MED) and assigns the value used for the path attribute for the MED advertised to BGP peers if the MED is not already set.
The specified value can be overridden by any value set via a route policy.
This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in peer-group) or neighbor level (only applies to specified peer). The most specific value is used.
The no form of this command used at the global level reverts to default where the MED is not advertised.
The no form of this command used at the group level reverts to the value defined at the global level.
The no form of this command used at the neighbor level reverts to the value defined at the group level.
Default
no med-out
Parameters
- number
Specifies the MED path attribute value, expressed as a decimal integer.
- igp-cost
Specifies the MED is set to the IGP cost of the specific IP prefix.
min-as-origination
Syntax
min-as-origination seconds
no min-as-origination
Context
config>service>vprn>bgp
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the minimum interval, in seconds, at which a path attribute, originated by the local router, can be advertised to a peer.
This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in peer-group) or neighbor level (only applies to specified peer). The most specific value is used.
The no form of this command used at the global level reverts to default.
The no form of this command used at the group level reverts to the value defined at the global level.
The no form of this command used at the neighbor level reverts to the value defined at the group level.
Default
15
Parameters
- seconds
Specifies the minimum path attribute advertising interval, in seconds, expressed as a decimal integer.
min-route-advertisement
Syntax
min-route-advertisement seconds
no min-route-advertisement
Context
config>service>vprn>bgp
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the minimum interval, in seconds, at which a prefix can be advertised to a peer.
This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in peer-group) or neighbor level (only applies to specified peer). The most specific value is used.
The no form of this command reverts to default values.
Default
30
Parameters
- seconds
The minimum route advertising interval, in seconds, expressed as a decimal integer.
multihop
Syntax
multihop ttl-value
no multihop
Context
config>service>vprn>bgp
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the Time To Live (TTL) value entered in the IP header of packets sent to an eBGP peer multiple hops away.
This parameter is meaningful only when configuring eBGP peers. It is ignored if set for an iBGP peer.
The no form of this command is used to convey to the BGP instance that the eBGP peers are directly connected.
The no form of this command reverts to default values.
Default
1 — eBGP peers are directly connected.
64 — iBGP
Parameters
- ttl-value
Specifies the TTL value, expressed as a decimal integer.
next-hop-self
Syntax
[no] next-hop-self
Context
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the group or neighbor to always set the NEXTHOP path attribute to its own physical interface when advertising to a peer.
This is primarily used to avoid third-party route advertisements when connected to a multi-access network.
The no form of this command used at the group level allows third-party route advertisements in a multi-access network.
The no form of this command used at the neighbor level reverts to the value defined at the group level.
The default means that third-party route advertisements are allowed.
Default
no next-hop-self
peer-as
Syntax
peer-as as-number
Context
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the autonomous system number for the remote peer. The peer AS number must be configured for each configured peer.
For eBGP peers, the peer AS number configured must be different from the autonomous system number configured for this router under the global level, because the peer is in a different autonomous system than this router.
For iBGP peers, the peer AS number must be the same as the autonomous system number of this router configured under the global level.
This is a required command for each configured peer. This may be configured under the group level for all neighbors in a particular group.
Default
No AS numbers are defined.
Parameters
- as-number
The autonomous system number, expressed as a decimal integer.
preference
Syntax
[no] preference preference
Context
config>service>vprn>bgp
config>service>vprn>bgp>group
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the route preference for routes learned from the configured peers.
This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in peer-group) or neighbor level (only applies to specified peer). The most specific value is used.
The lower the preference the higher the chance of the route being the active route. The OS assigns BGP routes highest default preference compared to routes that are direct, static or learned via MPLS or OSPF.
The no form of this command used at the global level reverts to default value.
The no form of this command used at the group level reverts to the value defined at the global level.
The no form of this command used at the neighbor level reverts to the value defined at the group level.
Default
170
Parameters
- preference
Specifies the route preference, expressed as a decimal integer.
path-mtu-discovery
Syntax
[no] path-mtu-discovery
Context
config>router>bgp
config>router>bgp>group
config>router>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command enables path MTU discovery for the associated TCP connections. In doing so, the MTU for the associated TCP session is initially set to the egress interface MTU. The DF bit is also set so that if a router along the path of the TCP connection cannot handle a packet of a particular size without fragmenting, it sends back an ICMP message to set the path MTU for the specific session to a lower value that can be forwarded without fragmenting.
The no form of this command disables path MTU discovery.
Default
no path-mtu-discovery
prefix-limit
Syntax
prefix-limit limit [log-only] [threshold percent]
no prefix-limit
Context
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the maximum number of routes BGP can learn from a peer.
When the number of routes reaches a certain percentage (default is 90% of this limit), an SNMP trap is sent. When the limit is exceeded, the BGP peering is dropped and disabled.
The no form of this command removes the prefix-limit.
Default
no prefix-limit
Parameters
- limit
Specifies the number of routes that can be learned from a peer, expressed as a decimal integer.
- log-only
Enables the warning message to be sent at the specified threshold percentage, and also when the limit is exceeded. However, the BGP peering is not dropped.
- percent
Specifies the threshold value (as a percentage) that triggers a warning message to be sent. The default value is 90%.
rapid-withdrawal
Syntax
[no] rapid-withdrawal
Context
config>service>vprn>bgp
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command disables the delay (Minimum Route Advertisement) on sending BGP withdrawals. Normal route withdrawals may be delayed up to the minimum route advertisement to allow for efficient packing of BGP updates.
The no form of this command removes this command from the configuration and returns withdrawal processing to the normal behavior.
Default
no rapid-withdrawal
remove-private
Syntax
[no] remove-private
Context
config>service>vprn>bgp
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command allows private AS numbers to be removed from the AS path before advertising them to BGP peers.
When the remove-private parameter is set at the global level, it applies to all peers regardless of group or neighbor configuration. When the parameter is set at the group level, it applies to all peers in the group regardless of the neighbor configuration.
The software recognizes the set of AS numbers that are defined by IANA as private. These are AS numbers in the range 64512 through 65535, inclusive.
The no form of this command used at the global level reverts to default value.
The no form of this command used at the group level reverts to the value defined at the global level. The no form of this command used at the neighbor level reverts to the value defined at the group level.
Default
no remove-private — Private AS numbers are included in the AS path attribute.
type
Syntax
[no] type {internal | external}
Context
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command designates the BGP peer as type internal or external.
The type of internal indicates the peer is an iBGP peer while the type of external indicates that the peer is an eBGP peer.
By default, the software derives the type of neighbor based on the local AS specified. If the local AS specified is the same as the AS of the router, the peer is considered internal. If the local AS is different, the peer is considered external.
The no form of this command used at the group level reverts to the default value.
The no form of this command used at the neighbor level reverts to the value defined at the group level.
Default
no type — Type of neighbor is derived on the local AS specified.
Parameters
- internal
Configures the peer as internal.
- external
Configures the peer as external.
ttl-security
Syntax
ttl-security min-ttl-value
no ttl-security
Context
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures TTL security parameters for incoming packets.
Parameters
- min-ttl-value
Specifies the minimum TTL value for an incoming BGP packet.
OSPF commands
ospf
Syntax
[no] ospf
Context
config>service>vprn
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command enables access to the context to enable an OSPF protocol instance.
When an OSPF instance is created, the protocol is enabled. To start or suspend execution of the OSPF protocol without affecting the configuration, use the no shutdown command.
The no form of this command deletes the OSPF protocol instance removing all associated configuration parameters.
Default
no ospf
area
Syntax
[no] area area-id
Context
config>service>vprn>ospf
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command creates the context to configure an OSPF area. An area is a collection of network segments within an AS that have been administratively grouped together. The area ID can be specified in dotted-decimal notation or as a 32-bit decimal integer.
The no form of this command deletes the specified area from the configuration. Deleting the area also removes the OSPF configuration of all the interfaces, virtual-links, sham-links, address-ranges, and so on that are currently assigned to this area.
Default
no area
Parameters
- area-id
Specifies the OSPF area ID expressed in dotted-decimal notation or as a 32-bit decimal integer.
area-range
Syntax
area-range ip-prefix/prefix-length [advertise | not-advertise]
no area-range ip-prefix/mask
no area-range ip-prefix/mask
Context
config>service>vprn>ospf>area
ospf>service>vprn>nssa
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command creates ranges of addresses on an Area Border Router (ABR) for the purpose of route summarization or suppression. When a range is created, the range is configured to be advertised or not advertised into other areas. Multiple range commands may be used to summarize or hide different ranges. In the case of overlapping ranges, the most specific range command applies.
ABRs send summary link advertisements to describe routes to other areas. To minimize the number of advertisements that are flooded, you can summarize a range of IP addresses and send reachability information about these addresses in an LSA.
The no form of this command deletes the range (non) advertisement.
Default
no area-range
Special Cases
- NSSA Context
In the NSSA context, the option specifies that the range applies to external routes (via type-7 LSAs) learned within the NSSA when the routes are advertised to other areas as type-5 LSAs.
- Area Context
If this command is not entered under the NSSA context, the range applies to summary LSAs even if the area is an NSSA.
Parameters
- ipv6-prefix/prefix-length
Specifies the IP prefix in dotted-decimal notation for the range used by the ABR to advertise that summarizes the area into another area.
- mask
Specifies the subnet mask for the range expressed as a decimal integer mask length or in dotted-decimal notation.
- advertise | not-advertise
Specifies whether to advertise the summarized range of addresses into other areas. The advertise keyword indicates the range is advertised, and the keyword not-advertise indicates the range is not advertised.
The default is advertise.
blackhole-aggregate
Syntax
[no] blackhole-aggregate
Context
config>service>vprn>ospf>area
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command installs a low priority blackhole route for the entire aggregate. Existing routes that make up the aggregate have a higher priority and only the components of the range for which no route exists are blackholed.
It is possible that when performing area aggregation, addresses may be included in the range for which no actual route exists. This can cause routing loops. To avoid this problem configure the blackhole aggregate option.
The no form of this command removes this option.
Default
blackhole-aggregate
interface
Syntax
[no] interface ip-int-name [secondary]
Context
config>service>vprn>ospf>area
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command creates a context to configure an OSPF interface.
By default interfaces are not activated in any interior gateway protocol such as OSPF unless explicitly configured.
The no form of this command deletes the OSPF interface configuration for this interface. The shutdown command in the config>router>ospf>interface context can be used to disable an interface without removing the configuration for the interface.
Default
no interface
Parameters
- ip-int-name
Specifies the IP interface name. Interface names must be unique within the group of defined IP interfaces for config router interface and config service vprn interface commands. An interface name cannot be in the form of an IP address. Interface names can be any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.
If the IP interface name does not exist or does not have an IP address configured an error message is returned.
If the IP interface exists in a different area it is moved to this area.
- secondary
Allows multiple secondary adjacencies to be established over a single IP interface.
sham-link
Syntax
sham-link ip-int-name ip-address
Context
config>service>vprn>ospf>area
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command is similar to a virtual link with the exception that metric must be included to distinguish the cost between the MPLS-VPRN link and the backdoor.
Parameters
- ip-int-name
Specifies the local interface name used for the sham-link. This is a mandatory parameter and interface names must be unique within the group of defined IP interfaces for config>router>interface, config>service>ies>interface and config>service>vprn>interface commands. An interface name cannot be in the form of an IP address. Interface names can be any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters, the entire string must be enclosed within double quotes. If the IP interface name does not exist or does not have an IP address configured, an error message is returned.
- ip-address
Specifies the IP address of the SHAM-link neighbor in IP address dotted-decimal notation. This parameter is the remote peer of the sham link IP address used to set up the SHAM link. This is a mandatory parameter and must be a valid IP address.
advertise-subnet
Syntax
[no] advertise-subnet
Context
config>service>vprn>ospf>area>if
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command enables advertising point-to-point interfaces as subnet routes (network number and mask). When disabled, point-to-point interfaces are advertised as host routes.
This command is not valid in the OSPF3 context.
The no form of this command disables advertising point-to-point interfaces as subnet routes meaning they are advertised as host routes.
Default
advertise-subnet
authentication-key
Syntax
authentication-key [authentication-key | hash-key] [hash | hash2]
no authentication-key
Context
config>service>vprn>ospf>area>if
config>service>vprn>ospf>area>virtual-link
config>service>vprn>ospf>area>sham-link
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the password used by the OSPF interface or virtual-link to send and receive OSPF protocol packets on the interface when simple password authentication is configured.
Note that this command is not valid in the OSPF3 context.
All neighboring routers must use the same type of authentication and password for correct protocol communication. If the authentication-type is configured as password, this key must be configured.
The no form of this command removes the authentication key.
Default
no authentication-key
Parameters
- authentication-key
Specifies the authentication key. The key can be any combination of ASCII characters up to 8 characters (unencrypted). If spaces are used in the string, enclose the entire string in quotation marks (‟ ”).
- hash-key
Specifies the hash key. The key can be any combination of ASCII characters up to 22 characters (encrypted). If spaces are used in the string, enclose the entire string in quotation marks (‟ ”).
This is useful when a user must configure the parameter, but, for security purposes, the actual unencrypted key value is not provided.
- hash
Specifies that the key is entered in an encrypted form. If the hash parameter is not used, the key is assumed to be in a non-encrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash parameter specified.
- hash2
Specifies the key is entered in a more complex encrypted form. If the hash2 parameter is not used, the less encrypted hash form is assumed.
authentication-type
Syntax
authentication-type {password | message-digest}
no authentication-type
Context
config>service>vprn>ospf>area>if
config>service>vprn>ospf>area>virtual-link
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command enables authentication and specifies the type of authentication to be used on the OSPF interface, virtual-link, and sham-link.
Note that this command is not valid in the OSPF3 context.
Both simple password and message-digest authentication are supported.
The no form of this command disables authentication on the interface.
Default
no authentication
Parameters
- password
Enables simple password (plain text) authentication. If authentication is enabled and no authentication type is specified in the command, simple password authentication is enabled.
- message-digest
Enables message digest MD5 authentication in accordance with RFC1321. If this option is configured, at least one message-digest-key must be configured
bfd-enable
Syntax
bfd-enable [remain-down-on-failure]
no bfd-enable
Context
config>service>vprn>ospf>area>if
config>service>vprn>ospf>area>virtual-link
config>service>vprn>ospf>area>sham-link
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command enables the use of bidirectional forwarding (BFD) to control the state of the associated protocol interface. By enabling BFD on a specific protocol interface, the state of the protocol interface is tied to the state of the BFD session between the local node and the remote node. The parameters used for the BFD are set via the BFD command under the IP interface.
BFD is not supported for IPv6 interfaces.
For more information about the protocols and platforms that support BFD, see the 7210 SAS-Mxp, R6, R12, S, Sx, T Router Configuration Guide.
The no form of this command removes BFD from the associated IGP protocol adjacency.
Default
no bfd-enable
Parameters
- remain-down-on-failure
Forces adjacency down on BFD failure.
dead-interval
Syntax
dead-interval seconds
no dead-interval
Context
config>service>vprn>ospf>area>if
config>service>vprn>ospf>area>virtual-link
config>service>vprn>ospf>area>sham-link
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the time, in seconds, that OSPF waits before declaring a neighbor router down. If no hello packets are received from a neighbor for the duration of the dead interval, the router is assumed to be down. The minimum interval must be two times the hello interval.
The no form of this command reverts to the default value.
Default
40
Special Cases
- OSPF Interface
If the dead-interval configured applies to an interface, all nodes on the subnet must have the same dead interval.
- Virtual Link
If the dead-interval configured applies to a virtual link, the interval on both termination points of the virtual link must have the same dead interval.
Sham-link — If the dead-interval configured applies to a sham-link, the interval on both endpoints of the sham-link must have the same dead interval.
Parameters
- seconds
Specifies the dead interval, in seconds, expressed as a decimal integer.
hello-interval
Syntax
hello-interval seconds
no hello-interval
Context
config>service>vprn>ospf>area>if
config>service>vprn>ospf>area>virtual-link
config>service>vprn>ospf>area>sham-link
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the interval between OSPF hellos issued on the interface, virtual link, or sham-link.
The hello interval, in combination with the dead-interval, is used to establish and maintain the adjacency. Use this parameter to edit the frequency that hello packets are sent.
Reducing the interval, in combination with an appropriate reduction in the associated dead-interval, allows for faster detection of link and/or router failures at the cost of higher processing costs.
The no form of this command reverts to the default value.
Default
hello-interval 10
Special Cases
- OSPF Interface
If the hello-interval configured applies to an interface, all nodes on the subnet must have the same hello interval.
- Virtual Link
If the hello-interval configured applies to a virtual link, the interval on both termination points of the virtual link must have the same hello interval.
- Sham Link
If the hello-interval configured applies to a sham-link, the interval on both endpoints of the sham-link must have the same hello interval
Parameters
- seconds
Specifies the hello interval, in seconds, expressed as a decimal integer.
interface-type
Syntax
interface-type {broadcast | point-to-point}
no interface-type
Context
config>service>vprn>ospf>area>if
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the interface type to be either broadcast or point-to-point.
Use this command to set the interface type of an Ethernet link to point-to-point to avoid having to carry the broadcast adjacency maintenance overhead if the Ethernet link provided the link is used as a point-to-point.
If the interface type is not known at the time the interface is added to OSPF and subsequently the IP interface is bound (or moved) to a different interface type, this command must be entered manually.
The no form of this command reverts to the default value.
Default
point-to-point — If the physical interface is SONET.
broadcast — If the physical interface is Ethernet or unknown.
Special Cases
- Virtual-Link
A virtual link is always regarded as a point-to-point interface and not configurable.
Parameters
- broadcast
Configures the interface to maintain this link as a broadcast network. To significantly improve adjacency forming and network convergence, a network should be configured as point-to-point if only two routers are connected, even if the network is a broadcast media such as Ethernet.
- point-to-point
Configures the interface to maintain this link as a point-to-point link.
message-digest-key
Syntax
message-digest-key keyid md5 [key | hash-key] [hash]
no message-digest-key keyid
Context
config>service>vprn>ospf>area>if
config>service>vprn>ospf>area>virtual-link
config>service>vprn>ospf>area>sham-link
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures a message digest key when MD5 authentication is enabled on the interface, virtual-link or sham-link. Multiple message digest keys can be configured.
Note that this command is not valid in the OSPF3 context.
The no form of this command removes the message digest key identified by the key-id.
Parameters
- keyid
Specifies the keyid expressed as a decimal integer.
- md5 key
Specifies the MD5 key. The key can be any alphanumeric string up to 16 characters.
- md5 hash-key
Specifies the MD5 hash key. The key can be any combination of ASCII characters up to 32 characters (encrypted). If spaces are used in the string, enclose the entire string in quotation marks (‟ ”).
This is useful when a user must configure the parameter, but, for security purposes, the actual unencrypted key value is not provided.
- hash
Specifies that the key is entered in an encrypted form. If the hash parameter is not used, the key is assumed to be in a non-encrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash parameter specified.
metric
Syntax
metric metric
no metric
Context
config>service>vprn>ospf>area>if
config>service>vprn>ospf>area>sham-link
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures an explicit route cost metric for the OSPF interface that overrides the metrics calculated based on the speed of the underlying link.
The no form of this command deletes the manually configured interface metric, so the interface uses the computed metric based on the reference-bandwidth command setting and the speed of the underlying link.
Default
no metric
Parameters
- metric
Specifies the metric to be applied to the interface expressed as a decimal integer.
mtu
Syntax
mtu bytes
no mtu
Context
config>service>vprn>ospf>area>if
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the OSPF packet size used on this interface. If this parameter is not configured OSPF derives the MTU value from the MTU configured (default or explicitly) in the config>port>ethernet context.
If this parameter is configured, the smaller value between the value configured here and the MTU configured (default or explicitly) in a previously-mentioned context is used.
To determine the actual packet size add 14 bytes for an Ethernet packet and 18 bytes for a tagged Ethernet packet to the size of the OSPF (IP) packet MTU configured in this command.
The no form of this command reverts to the default, which uses the value derived from the MTU configured in the config>port context.
Default
no mtu
Parameters
- bytes
Specifies the MTU to be used by OSPF for this logical interface in bytes.
passive
Syntax
[no] passive
Context
config>service>vprn>ospf>area>if
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command adds the passive property to the OSPF interface where passive interfaces are advertised as OSPF interfaces but do not run the OSPF protocol.
By default, only interface addresses that are configured for OSPF are advertised as OSPF interfaces. The passive parameter allows an interface to be advertised as an OSPF interface without running the OSPF protocol.
While in passive mode, the interface ignores ingress OSPF protocol packets and does not transmit any OSPF protocol packets.
By default, service interfaces defined in the config>router>service-prefix context are passive. All other interfaces are not passive.
The no form of this command removes the passive property from the OSPF interface.
priority
Syntax
priority number
no priority
Context
config>service>vprn>ospf>area>if
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the priority of the OSPF interface that is used an election of the designated router on the subnet.
This command is only used if the interface is of type broadcast. The router with the highest priority interface becomes the designated router. A router with priority 0 is not eligible to be Designated Router or Backup Designated Router.
The no form of this command reverts the interface priority to the default value.
Default
priority 1
Parameters
- number
Specifies the interface priority expressed as a decimal integer. A value of 0 indicates the router is not eligible to be the Designated Router of Backup Designated Router on the interface subnet.
retransmit-interval
Syntax
retransmit-interval seconds
no retransmit-interval
Context
config>service>vprn>ospf>area>if
config>service>vprn>ospf>area>virtual-link
config>service>vprn>ospf>area>sham-link
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command specifies the length of time, in seconds, that OSPF waits before retransmitting an unacknowledged link state advertisement (LSA) to an OSPF neighbor.
The value should be longer than the expected round trip delay between any two routers on the attached network. When the retransmit-interval expires and no acknowledgment has been received, the LSA is retransmitted.
The no form of this command reverts to the default value.
Default
retransmit-interval 5
Parameters
- seconds
Specifies the retransmit interval in seconds expressed as a decimal integer.
transit-delay
Syntax
transit-delay seconds
no transit-delay
Context
config>service>vprn>ospf>area>if
config>service>vprn>ospf>area>virtual-link
config>service>vprn>ospf>area>sham-link
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the estimated time, in seconds, that it takes to transmit a link state advertisement (LSA) on the interface or virtual link or sham-link.
The no form of this command reverts to the default delay time.
Default
transit-delay 1
Parameters
- seconds
Specifies the transit delay in seconds expressed as a decimal integer.
nssa
Syntax
[no] nssa
Context
config>service>vprn>ospf>area
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command creates the context to configure an OSPF Not So Stubby Area (NSSA) and adds/removes the NSSA designation from the area.
NSSAs are similar to stub areas in that no external routes are imported into the area from other OSPF areas. The major difference between a stub area and an NSSA is an NSSA has the capability to flood external routes that it learns throughout its area and via an ABR to the entire OSPF domain.
Existing virtual links of a non-stub or NSSA area are removed when the designation is changed to NSSA or stub.
An area can be designated as stub or NSSA but never both at the same time.
By default, an area is not configured as an NSSA area.
The no form of this command removes the NSSA designation and configuration context from the area.
Default
no nssa
originate-default-route
Syntax
originate-default-route [type-7]
no originate-default-route
Context
config>service>vprn>ospf>area>nssa
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command enables the generation of a default route and its LSA type (3 or 7) into a Not So Stubby Area (NSSA) by an NSSA Area Border Router (ABR).
When configuring an NSSA with no summaries, the ABR injects a type 3 LSA default route into the NSSA area. Some older implementations expect a type 7 LSA default route.
The no form of this command disables origination of a default route.
Default
no originate-default-route
Parameters
- type-7
Specifies a type 7 LSA should be used for the default route.
Configure this parameter to inject a type-7 LSA default route instead the type 3 LSA into the NSSA configured with no summaries. To revert to a type 3 LSA, enter originate-default-route without the type-7 parameter.
redistribute-external
Syntax
[no] redistribute-external
Context
config>service>vprn>ospf>area>nssa
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command enables the redistribution of external routes into the Not So Stubby Area (NSSA) or an NSSA area border router (ABR) that is exporting the routes into non-NSSA areas.
NSSA are similar to stub areas in that no external routes are imported into the area from other OSPF areas. The major difference between a stub area and an NSSA is that the NSSA has the capability to flood external routes that it learns (providing it is an ASBR) throughout its area and via an Area Border Router to the entire OSPF domain.
The no form of this command disables the default behavior to automatically redistribute external routes into the NSSA area from the NSSA ABR.
Default
redistribute-external
summaries
Syntax
[no] summaries
Context
config>service>vprn>ospf>area>nssa
config>service>vprn>ospf>area>stub
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command enables sending summary (type 3) advertisements into a stub area or Not So Stubby Area (NSSA) on an Area Border Router (ABR). This parameter is particularly useful to reduce the size of the routing and Link State Database (LSDB) tables within the stub or nssa area. By default, summary route advertisements are sent into the stub area or NSSA.
The no form of this command disables sending summary route advertisements and, for stub areas, only the default route is advertised by the ABR.
Default
summaries
stub
Syntax
[no] stub
Context
config>service>vprn>ospf>area
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command enables access to the context to configure an OSPF stub area and adds/removes the stub designation from the area. External routing information is not flooded into stub areas. All routers in the stub area must be configured with the stub command. An OSPF area cannot be both an NSSA and a stub area. Existing virtual links of a non-stub area or NSSA are removed when its designation is changed to NSSA or STUB.
By default, an area is not a stub area.
The no form of this command removes the stub designation and configuration context from the area.
Default
no stub
default-metric
Syntax
default-metric metric
no default-metric
Context
config>service>vprn>ospf>area>stub
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the metric used by the area border router (ABR) for the default route into a stub area. The default metric should only be configured on an ABR of a stub area. An ABR generates a default route if the area is a stub area.
The no form of this command reverts to the default value.
Default
default-metric 1
Parameters
- metric
Specifies the metric expressed as a decimal integer for the default route cost to be advertised into the stub area.
virtual-link
Syntax
[no] virtual-link router-id transit-area area-id
Context
config>service>vprn>ospf>area
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures a virtual link to connect area border routers to the backbone via a virtual link. The backbone area (area 0.0.0.0) must be contiguous and all other areas must be connected to the backbone area. If it is not practical to connect an area to the backbone (see area 0.0.0.2 in OSPF areas), the area border routers (routers 1 and 2 in OSPF areas) must be connected via a virtual link. The two area border routers form a point-to-point like adjacency across the transit area (area 0.0.0.1 in OSPF areas). A virtual link can only be configured while in the area 0.0.0.0 context.
The router-id specified in this command must be associated with the virtual neighbor. The transit area cannot be a stub area or a Not So Stubby Area (NSSA).
The no form of this command deletes the virtual link.
Parameters
- router-id
Specifies the router ID of the virtual neighbor in IP address dotted-decimal notation.
- transit-area area-id
Specifies the area-id specified identifies the transit area that links the backbone area with the area that has no physical connection with the backbone.
The OSPF backbone area, area 0.0.0.0, must be contiguous and all other areas must be connected to the backbone area. The backbone distributes routing information between areas. If it is not practical to connect an area to the backbone (see Area 0.0.0.5 in the following figure), the area border routers (such as routers Y and Z) must be connected via a virtual link. The two area border routers form a point-to-point-like adjacency across the transit area (see Area 0.0.0.4).
compatible-rfc1583
Syntax
[no] compatible-rfc1583
Context
config>service>vprn>ospf
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command enables OSPF summary and external route calculations in compliance with RFC1583 and earlier RFCs.
RFC1583 and earlier RFCs use a different method to calculate summary and external route costs. To avoid routing loops, all routers in an OSPF domain should perform the same calculation method.
Although it would be favorable to require all routers to run a more current compliance level, this command allows the router to use obsolete methods of calculation.
The no form of this command enables the post-RFC1583 method of summary and external route calculation.
Default
compatible-rfc1583
export
Syntax
export policy-name [policy-name…]
no export
Context
config>service>vprn>ospf
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command associates export route policies to determine which routes are exported from the route table to OSPF. Export polices are only in effect if OSPF is configured as an ASBR.
If no export policy is specified, non-OSPF routes are not exported from the routing table manager to OSPF.
If multiple policy names are specified, the policies are evaluated in the order they are specified. The first policy that matches is applied. If multiple export commands are issued, the last command entered overrides the previous command. A maximum of five policy names can be specified.
The no form of this command removes all policies from the configuration.
Default
no export
Parameters
- policy-name
Specifies the export route policy name. Allowed values are any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.
The specified names must already be defined.
external-db-overflow
Syntax
external-db-overflow limit interval
no external-db-overflow
Context
config>service>vprn>ospf
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command enables limits on the number of non-default AS-external-LSA entries that can be stored in the LSDB and specifies a wait timer before processing these after the limit is exceeded.
The limit value specifies the maximum number of non-default AS-external-LSA entries that can be stored in the link-state database (LSDB). Placing a limit on the non-default AS-external-LSAs in the LSDB protects the router from receiving an excessive number of external routes that consume excessive memory or CPU resources. If the number of routes reach or exceed the limit, the table is in an overflow state. When in an overflow state, the router does not originate any new AS-external-LSAs. In fact, it withdraws all the self-originated non-default external LSAs.
The interval specifies the amount of time to wait after an overflow state before regenerating and processing non-default AS-external-LSAs. The waiting period acts like a dampening period preventing the router from continuously running Shortest Path First (SPF) calculations caused by the excessive number of non-default AS-external LSAs.
The external-db-overflow must be set identically on all routers attached to any regular OSPF area. OSPF stub areas and not-so-stubby areas (NSSAs) are excluded.
The no form of this command disables limiting the number of non-default AS-external-LSA entries.
Default
no external-db-overflow
Parameters
- limit
Specifies the maximum number of non-default AS-external-LSA entries that can be stored in the LSDB before going into an overflow state expressed as a decimal integer.
- interval
Specifies the number of seconds after entering an overflow state before attempting to process non-default AS-external-LSAs expressed as a decimal integer.
external-preference
Syntax
external-preference preference
no external-preference
Context
config>service>vprn>ospf
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the preference for OSPF external routes.
A route can be learned by the router from different protocols in which case the costs are not comparable; when this occurs the preference is used to decide which route is used.
Different protocols should not be configured with the same preference, if this occurs the tiebreaker is per the default preference table as defined in the following table. If multiple routes are learned with an identical preference using the same protocol, the lowest cost route is used.
If multiple routes are learned with an identical preference using the same protocol and the costs (metrics) are equal, the decision of what route to use is determined by the configuration of the config>router>ecmp command.
The no form of this command reverts to the default value.
Default
external-preference 150
Parameters
- preference
Specifies the preference for external routes expressed as a decimal integer.
Route Type
Preference
Configurable
Direct attached
0
No
Static routes
5
Yes
OSPF internal
10
Yes
IS-IS level 1 internal
15
Yes
IS-IS level 2 internal
18
Yes
RIP
100
Yes
OSPF external
150
Yes
IS-IS level 1 external
160
Yes
IS-IS level 2 external
165
Yes
BGP
170
Yes
Note:
Preference for OSPF internal routes is configured with the preference command.
ignore-dn-bit
Syntax
[no] ignore-dn-bit
Context
config>service>vprn>ospf
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command specifies whether to ignore the DN bit for OSPF LSA packets for this instance of OSPF on the router. When enabled, the DN bit for OSPF LSA packets are ignored. When disabled, the DN bit is not ignored for OSPF LSA packets.
import
Syntax
import policy-name [policy-name...(up to 5 max)]
no import
Context
config>service>vprn>ospf
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command specifies the import route policy to be used to determine which routes are accepted from peers. Route policies are configured in the config>router>policy-options context.
This configuration can be set at three levels: global level (applies to all peers), group level (applies to all peers in peer-group) or neighbor level (only applies to specified peer). The most specific level is used.
When multiple policy names are specified, the policies are evaluated in the order they are specified. A maximum of five (5) policy names can be specified. The first policy that matches is applied.
When multiple import commands are issued, the last command entered overrides the previous command.
The no form of this command removes the policy association. To remove the association of all policies, use no import without any arguments.
Default
no import
Parameters
- policy-name
Specifies the route policy name. Allowed values are any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes. Route policies are configured in the config>router>policy-options context.
overload
Syntax
overload [timeout seconds]
no overload
Context
config>service>vprn>ospf
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command changes the overload state of the local router so that it appears to be overloaded. When overload is enabled, the router can participate in OSPF routing, but is not used for transit traffic. Traffic destined to directly attached interfaces continue to reach the router.
To put the IGP in an overload state enter a timeout value. The IGP enters the overload state until the timeout timer expires or a no overload command is executed.
If the overload command is encountered during the execution of an overload-on-boot command, this command takes precedence. This could occur as a result of a saved configuration file where both parameters are saved. When the file is saved by the system the overload-on-boot command is saved after the overload command.
The no form of this command returns to the default. When the no overload command is executed, the overload state is terminated regardless the reason the protocol entered overload state.
Default
no overload
Parameters
- timeout seconds
Specifies the number of seconds to reset overloading.
overload-include-stub
Syntax
[no] overload-include-stub
Context
config>service>vprn>ospf
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures whether the OSPF stub networks should be advertised with a maximum metric value when the system goes into overload state for any reason. When enabled, the system uses the maximum metric value. When this command is enabled and the router is in overload, all stub interfaces, including loopback and system interfaces, are advertised at the maximum metric.
Default
no overload-include-stub
overload-on-boot
Syntax
overload-on-boot [timeout seconds]
no overload
Context
config>service>vprn>ospf
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the IGP upon bootup in the overload state until one of the following events occur:
The timeout timer expires.
A manual override of the current overload state is entered with the no overload command.
When the router is in an overload state, the router is used only if there is no other router to reach the destination.
The no overload command does not affect the overload-on-boot function.
The no form of this command removes the overload-on-boot functionality from the configuration.
Default
no overload-on-boot
Parameters
- timeout seconds
Specifies the number of seconds to reset overloading.
preference
Syntax
preference preference
no preference
Context
config>service>vprn>ospf
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the preference for OSPF internal routes.
A route can be learned by the router from different protocols in which case the costs are not comparable, when this occurs the preference is used to decide to which route is used.
Different protocols should not be configured with the same preference, if this occurs the tiebreaker is per the default preference table as defined in the following table. If multiple routes are learned with an identical preference using the same protocol, the lowest cost route is used.
If multiple routes are learned with an identical preference using the same protocol and the costs (metrics) are equal, the decision of what route to use is determined by the configuration of the config router ecmp command.
The no form of this command reverts to the default value.
Default
preference 10
Parameters
- preference
Specifies the preference for internal routes expressed as a decimal integer. The following table lists the defaults for different route types.
Table 3. Route type preference defaults Route type
Preference
Configurable
Direct attached
0
No
Static routes
5
Yes
OSPF internal
10
Yes1
IS-IS level 1 internal
15
Yes
IS-IS level 2 internal
18
Yes
RIP
100
Yes
OSPF external
150
Yes
IS-IS level 1 external
160
Yes
IS-IS level 2 external
165
Yes
BGP
170
Yes
1 Preference for OSPF internal routes is configured with the preference command.
reference-bandwidth
Syntax
reference-bandwidth reference-bandwidth
no reference-bandwidth
Context
config>service>vprn>ospf
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command configures the reference bandwidth in kilobits per second (Kbps) that provides the reference for the default costing of interfaces based on their underlying link speed.
The default interface cost is calculated as follows:
cost = reference-bandwidth / bandwidth
The default reference-bandwidth is 100,000,000 Kbps or 100 Gbps, so the default auto-cost metrics for various link speeds are as as follows:
10 Mbs link default cost of 10000
100 Mbs link default cost of 1000
1 Gbps link default cost of 100
10 Gbps link default cost of 10
The reference-bandwidth command assigns a default cost to the interface based on the interface speed. To override this default cost on a particular interface, use the metric metric command in the config>router>ospf>area>interface ip-int-name context.
The no form of this command reverts the reference-bandwidth to the default value.
Default
reference-bandwidth 100000000
Parameters
- reference-bandwidth
Specifies the reference bandwidth in kilobits per second expressed as a decimal integer.
super-backbone
Syntax
[no] super-backbone
Context
config>service>vprn>ospf
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command specifies whether CE-PE functionality is required or not. The OSPF super backbone indicates the type of the LSA generated as a result of routes redistributed into OSPF. When enabled, the redistributed routes are injected as summary, external or NSSA LSAs. When disabled, the redistributed routes are injected as either external or NSSA LSAs only.
Default
no super-backbone
suppress-dn-bit
Syntax
[no] suppress-dn-bit
Context
config>service>vprn>ospf
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command specifies whether to suppress the setting of the DN bit for OSPF LSA packets generated by this instance of OSPF on the router. When enabled, the DN bit for OSPF LSA packets generated by this instance of the OSPF router is not set. When disabled, this instance of the OSPF router follows the normal procedure to determine whether to set the DN bit.
Default
no suppress-dn-bit
timers
Syntax
timers
Context
config>service>vprn>ospf
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
Commands in this context configure of OSPF timers. Timers control the delay between receipt of a link state advertisement (LSA) requiring a Dijkstra (Shortest Path First (SPF)) calculation and the minimum time between successive SPF calculations.
Changing the timers affect CPU utilization and network reconvergence times. Lower values reduce convergence time but increase CPU utilization. Higher values reduce CPU utilization but increase reconvergence time.
spf-wait
Syntax
spf-wait max-spf-wait [spf-initial-wait [spf-second-wait]]
no spf-wait
Context
config>service>vprn>ospf>timers
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command defines the maximum interval between two consecutive SPF calculations in milliseconds. Timers that determine when to initiate the first, second, and subsequent SPF calculations after a topology change occurs can be controlled with this command.
Subsequent SPF runs (if required) occur at exponentially increasing intervals of the spf-second-wait interval. For example, if the spf-second-wait interval is 1000, the next SPF runs after 2000 milliseconds, and the next SPF runs after 4000 milliseconds, and so on, until it reaches the spf-wait value. The SPF interval stays at the spf-wait value until there are no more SPF runs scheduled in that interval. After a full interval without any SPF runs, the SPF interval drops back to spf-initial-wait.
The timer must be entered in increments of 100 milliseconds. Values entered that do not match this requirement are rejected.
The no form of this command reverts to the default value.
Default
no spf-wait
Parameters
- max-spf-wait
Specifies the maximum interval in milliseconds between two consecutive SPF calculations.
- spf-initial-wait
Specifies the initial SPF calculation delay in milliseconds after a topology change.
- spf-second-wait
Specifies the hold time in milliseconds between the first and second SPF calculation.
vpn-domain
Syntax
vpn-domain [type {0005 | 0105 | 0205 | 8005}] id id
no vpn-domain
Context
config>service>vprn>ospf
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command specifies type of the extended community attribute exchanged using BGP to carry the OSPF VPN domain ID. This applies to VPRN instances of OSPF only. An attempt to modify the value of this object results in an inconsistent value error when it is not a VPRN instance. The parameters are mandatory and can be entered in either order.
Default
no vpn-domain
Parameters
- id
Specifies the OSPF VPN domain in the ‟xxxx.xxxx.xxxx” format. This is exchanged using BGP in the extended community attribute associated with a prefix. This object applies to VPRN instances of OSPF only.
- type
Specifies the type of the extended community attribute exchanged using BGP to carry the OSPF VPN domain ID.
vpn-tag
Syntax
vpn-tag vpn-tag
no vpn-tag
Context
config>service>vprn>ospf
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command specifies the route tag for an OSPF VPN on a PE router. This field is set in the tag field of the OSPF external LSAs generated by the PE. This is mainly used to prevent routing loops. This applies to VPRN instances of OSPF only. An attempt to modify the value of this object results in an inconsistent value error when it is not a VPRN instance.
Default
vpn-tag 0
lsa-arrival
Syntax
lsa-arrival lsa-arrival-time
no lsa-arrival
Context
config>service>vprn>ospf>timers
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This parameter defines the minimum delay that must pass between receipt of the same Link State Advertisements (LSAs) arriving from neighbors. It is recommended that the neighbors configured lsa-generate lsa-second-wait interval is equal or greater than the lsa-arrival timer configured here.
Use the no form of this command to return to the default.
Default
no lsa-arrival
Parameters
- lsa-arrival-time
Specifies the timer in milliseconds. Values entered that do not match this requirement are rejected.
lsa-generate
Syntax
lsa-generate max-lsa-wait [lsa-initial-wait [lsa-second-wait]]
no lsa-generate-interval
Context
config>service>vprn>ospf>timers
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This parameter customizes the throttling of OSPF LSA-generation. Timers that determine when to generate the first, second, and subsequent LSAs can be controlled with this command. Subsequent LSAs are generated at increasing intervals of the lsa-second-wait timer until a maximum value is reached. Configuring the lsa-arrival interval to equal or less than the lsa-second-wait interval configured in the lsa-generate command is recommended.
The no form of this command returns to the default.
Default
no lsa-generate
Parameters
- max-lsa-wait
Specifies the maximum interval, in milliseconds, between two consecutive ocurrences of an LSA being generated.
The timer must be entered as either 1 or in millisecond increments. Values entered that do not match this requirement are rejected.
Show commands
egress-label
Syntax
egress-label start-label [end-label]
Context
show>service
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command display services using the range of egress labels.
If only the mandatory start-label parameter is specified, only services using the specified label are displayed.
If both start-label and end-label parameters are specified, the services using the range of labels X where start-label <= X <= end-label are displayed.
Use the show router ldp bindings command to display dynamic labels.
Parameters
- start-label
Specifies the starting egress label value for which to display services using the label range. If only egress-label1 is specified, services only using egress-label1 are displayed.
- end-label
Specifies the ending egress label value for which to display services using the label range.
Output
The following output is an example of service egress label information, and Output fields: egress label describes the output fields.
Sample output*A:ALA-12# show service egress-label 0 10000
==============================================================================
Martini Service Labels
==============================================================================
Svc Id Sdp Id Type I.Lbl E.Lbl
------------------------------------------------------------------------------
1 10:1 Mesh 0 0
1 20:1 Mesh 0 0
1 30:1 Mesh 0 0
1 100:1 Mesh 0 0
...
1 107:1 Mesh 0 0
1 108:1 Mesh 0 0
1 300:1 Mesh 0 0
1 301:1 Mesh 0 0
1 302:1 Mesh 0 0
1 400:1 Mesh 0 0
1 500:2 Spok 131070 2001
1 501:1 Mesh 131069 2000
100 300:100 Spok 0 0
200 301:200 Spok 0 0
300 302:300 Spok 0 0
400 400:400 Spok 0 0
------------------------------------------------------------------------------
Number of Bindings Found : 23
==============================================================================
*A:ALA-12#
Label |
Description |
---|---|
Svc Id |
The ID that identifies a service. |
Sdp Id |
The ID that identifies an SDP. |
Type |
Indicates whether the SDP binding is a spoke or a mesh. |
I. Lbl |
The VC label used by the far-end device to send packets to this device in this service by the SDP. |
E. Lbl |
The VC label used by this device to send packets to the far-end device in this service by the SDP. |
Number of bindings found |
The total number of SDP bindings that exist within the specified egress label range. |
ingress-label
Syntax
ingress-label start-label [end-label]
Context
show>service
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command displays services using the range of ingress labels.
If only the mandatory start-label parameter is specified, only services using the specified label are displayed.
If both start-label and end-label parameters are specified, the services using the range of labels X where start-label <= X <= end-label are displayed.
Use the show router vprn-service-id ldp bindings command to display dynamic labels.
Parameters
- start-label
Specifies the starting ingress label value for which to display services using the label range. If only start-label is specified, services only using start-label are displayed.
- end-label
Specifies the ending ingress label value for which to display services using the label range.
Output
The following output is an example of service ingress label information, and Output fields: ingress label describes the output fields.
Sample output*A:ALA-12# show service ingress-label 0
==============================================================================
Martini Service Labels
==============================================================================
Svc Id Sdp Id Type I.Lbl E.Lbl
------------------------------------------------------------------------------
1 10:1 Mesh 0 0
1 20:1 Mesh 0 0
1 30:1 Mesh 0 0
1 50:1 Mesh 0 0
1 100:1 Mesh 0 0
1 101:1 Mesh 0 0
1 102:1 Mesh 0 0
1 103:1 Mesh 0 0
1 104:1 Mesh 0 0
1 105:1 Mesh 0 0
1 106:1 Mesh 0 0
1 107:1 Mesh 0 0
1 108:1 Mesh 0 0
1 300:1 Mesh 0 0
1 301:1 Mesh 0 0
1 302:1 Mesh 0 0
1 400:1 Mesh 0 0
100 300:100 Spok 0 0
200 301:200 Spok 0 0
300 302:300 Spok 0 0
400 400:400 Spok 0 0
------------------------------------------------------------------------------
Number of Bindings Found : 21
------------------------------------------------------------------------------
*A:ALA-12#
Label |
Description |
---|---|
Svc ID |
The service identifier. |
SDP Id |
The SDP identifier. |
Type |
Indicates whether the SDP is a spoke or a mesh. |
I.Lbl |
The ingress label used by the far-end device to send packets to this device in this service by the SDP. |
E.Lbl |
The egress label used by this device to send packets to the far-end device in this service by the SDP. |
Number of Bindings Found |
The number of SDP bindings within the label range specified. |
sap-using
Syntax
sap-using [sap sap-id]
sap-using interface [ip-address | ip-int-name]
sap-using [ingress | egress] filter filter-id
sap-using [ingress | egress] qos-policy qos-policy-id
Context
show>service
Platforms
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode.
Description
This command displays SAP information.
If no optional parameters are specified, the command displays a summary of all defined SAPs.
The optional parameters restrict output to only SAPs matching the specified properties.
Parameters
- sap-id
Specifies the physical port identifier portion of the SAP definition. See Common CLI command descriptions for command syntax.
- interface
Specifies matching SAPs with the specified IP interface. This parameter can be used on 7210 SAS platforms operating in access-uplink mode only if the specified interface is configured within an IES context.
- ip-address
Specifies the IP address of the interface for which to display matching SAPs. This parameter can be used on 7210 SAS platforms operating in access-uplink mode only if the specified interface is configured within an IES context.
- ip-int-name
Specifies the IP interface name for which to display matching SAPs. This parameter can be used on 7210 SAS platforms operating in access-uplink mode only if the specified interface is configured within an IES context.
- ingress
Specifies matching an ingress policy.
- egress
Specifies matching an egress policy.
- qos-policy qos-policy-id
Specifies the ingress or egress QoS Policy ID for which to display matching SAPs.
- filter filter-id
Specifies the ingress or egress filter policy ID for which to display matching SAPs.
Output
The following output is an example of service SAP information, and Output fields: SAP-using describes the output fields.
Sample output*A:ALA-12# show service sap-using sap 1/1
==============================================================================
Service Access Points
==============================================================================
PortId SvcId SapMTU I.QoS I.Mac/IP E.QoS E.Mac/IP A.Pol Adm Opr
------------------------------------------------------------------------------
1/1/7:0 1 1518 10 8 10 none none Up Up
1/1/11:0 100 1514 1 none 1 none none Down Down
1/1/7:300 300 1518 10 none 10 none 1000 Up Up
------------------------------------------------------------------------------
Number of SAPs : 3
------------------------------------------------------------------------------
*A:ALA-12#
Label |
Description |
---|---|
Port ID |
The ID of the access port where the SAP is defined. |
Svc ID |
The service identifier. |
SapMTU |
The SAP MTU value. |
I.QoS |
The SAP ingress QoS policy number specified on the ingress SAP. |
I.MAC/IP |
The MAC or IP filter policy ID applied to the ingress SAP. |
E.QoS |
The SAP egress QoS policy number specified on the egress SAP. |
E.Mac/IP |
The MAC or IP filter policy ID applied to the egress SAP |
A.Pol |
The accounting policy ID assigned to the SAP. |
Adm |
The desired state of the SAP. |
Opr |
The actual state of the SAP. |
sdp
Syntax
sdp [sdp-id | far-end ip-address] [detail | keep-alive-history]
Context
show>service
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command displays SDP information.
If no optional parameters are specified, a summary SDP output for all SDPs is displayed.
Parameters
- sdp-id
Specifies the SDP ID for which to display information.
- far-end ip-address
Displays only SDPs matching with the specified far-end IP address.
- detail
Displays detailed SDP information.
- keep-alive-history
Displays the last fifty SDP keepalive events for the SDP.
Output
The following output is an example of SDP information, and Output fields: SDP describes the output fields.
Sample output*A:ALA-12# show service sdp
==============================================================================
Services: Service Destination Points
==============================================================================
SdpId Adm MTU Opr MTU IP address Adm Opr Deliver Signal
------------------------------------------------------------------------------
10 4462 4462 10.20.1.3 Up Dn NotReady MPLS TLDP
40 4462 1534 10.20.1.20 Up Up MPLS TLDP
------------------------------------------------------------------------------
Number of SDPs : 5
==============================================================================
*A:ALA-12#
*A:ALA-12# show service sdp 8
==============================================================================
Service Destination Point (Sdp Id : 8)
==============================================================================
SdpId Adm MTU Opr MTU IP address Adm Opr Deliver Signal
------------------------------------------------------------------------------
8 4462 4462 10.10.10.104 Up Dn NotReady MPLS TLDP
==============================================================================
Service Destination Point (Sdp Id : 8) Details
-------------------------------------------------------------------------------
Sdp Id 8 -(10.10.10.104)
-------------------------------------------------------------------------------
Description : MPLS-10.10.10.104
SDP Id : 8
Admin Path MTU : 0 Oper Path MTU : 0
Far End : 10.10.10.104 Delivery : MPLS
Admin State : Up Oper State : Down
Flags : SignalingSessDown TransportTunnDown
Signaling : TLDP VLAN VC Etype : 0x8100
Last Status Change : 02/01/2007 09:11:39 Adv. MTU Over. : No
Last Mgmt Change : 02/01/2007 09:11:46
KeepAlive Information :
Admin State : Disabled Oper State : Disabled
Hello Time : 10 Hello Msg Len : 0
Hello Timeout : 5 Unmatched Replies : 0
Max Drop Count : 3 Hold Down Time : 10
Tx Hello Msgs : 0 Rx Hello Msgs : 0
Associated LSP LIST :
Lsp Name : to-104
Admin State : Up Oper State : Down
Time Since Last Tran*: 01d07h36m
===============================================================================
* indicates that the corresponding row element may have been truncated.
*A:ALA-12#
Label |
Description |
---|---|
SDP Id |
The SDP identifier. |
Adm MTU |
Specifies the largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented. |
Opr MTU |
Specifies the actual largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented. |
IP address |
Specifies the IP address of the remote end of the MPLS tunnel defined by this SDP. |
Adm Admin State |
Specifies the state of the SDP. |
Opr Oper State |
Specifies the operating state of the SDP. |
Flags |
Specifies all the conditions that affect the operating status of this SDP. |
Signal Signaling |
Specifies the signaling protocol used to obtain the ingress and egress labels used in frames transmitted and received on the SDP. |
Last Status Change |
Specifies the time of the most recent operating status change to this SDP. |
Last Mgmt Change |
Specifies the time of the most recent management-initiated change to this SDP. |
Number of SDPs |
Specifies the total number of SDPs displayed according to the criteria specified. |
Hello Time |
Specifies how often the SDP echo request messages are transmitted on this SDP. |
Deliver Delivered |
Specifies the type of delivery used by the SDP: MPLS. |
Number of SDPs |
Specifies the total number of SDPs displayed according to the criteria specified. |
Hello Time |
Specifies how often the SDP echo request messages are transmitted on this SDP. |
Hello Msg Len |
Specifies the length of the SDP echo request messages transmitted on this SDP. |
Hello Timeout |
Specifies the number of seconds to wait for an SDP echo response message before declaring a timeout. |
Unmatched Replies |
Specifies the number of SDP unmatched message replies. |
Max Drop Count |
Specifies the maximum number of consecutive SDP echo request messages that can be unacknowledged before the keepalive protocol reports a fault. |
Hold Down Time |
Specifies the maximum number of consecutive SDP echo request messages that can be unacknowledged before the keepalive protocol reports a fault. |
TX Hello Msgs |
Specifies the number of SDP echo request messages transmitted since the keepalive was administratively enabled or the counter was cleared. |
Rx Hello Msgs |
Specifies the number of SDP echo request messages received since the keepalive was administratively enabled or the counter was cleared. |
Associated LSP List |
When the SDP type is MPLS, a list of LSPs used to reach the far-end router displays. All the LSPs in the list must terminate at the IP address specified in the far end field. |
sdp-using
Syntax
sdp-using [sdp-id[:vc-id] | far-end ip-address]
Context
show>service
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command displays services using SDP or far-end address options.
Parameters
- sdp-id
Displays only services bound to the specified SDP ID.
- vc-id
Specifies the virtual circuit identifier.
- far-end ip-address
Displays only services matching with the specified far-end IP address.
Output
The following output is an example of service SDP information, and Output Fields: SDP-using describes the output fields.
Sample output*A:ALA-1# show service sdp-using 300
===============================================================================
Service Destination Point (Sdp Id : 300)
===============================================================================
SvcId SdpId Type Far End Opr State I.Label E.Label
-------------------------------------------------------------------------------
1 300:1 Mesh 10.0.0.13 Up 131071 131071
2 300:2 Spok 10.0.0.13 Up 131070 131070
100 300:100 Mesh 10.0.0.13 Up 131069 131069
101 300:101 Mesh 10.0.0.13 Up 131068 131068
102 300:102 Mesh 10.0.0.13 Up 131067 131067
-------------------------------------------------------------------------------
Number of SDPs : 5
-------------------------------------------------------------------------------
*A:ALA-1#
A:ALA-48# show service sdp-using
===============================================================================
SDP Using
===============================================================================
SvcId SdpId Type Far End Opr State I.Label E.Label
-------------------------------------------------------------------------------
3 2:3 Spok 10.20.1.2 Up n/a n/a
103 3:103 Spok 10.20.1.3 Up 131067 131068
103 4:103 Spok 10.20.1.2 Up 131065 131069
105 3:105 Spok 10.20.1.3 Up 131066 131067
-------------------------------------------------------------------------------
Number of SDPs : 4
-------------------------------------------------------------------------------
A:ALA-48
Label |
Description |
---|---|
Svc ID |
The service identifier. |
Sdp ID |
The SDP identifier. |
Type |
Type of SDP: spoke or mesh. |
Far End |
The far end address of the SDP. |
Oper State |
The operational state of the service. |
Ingress Label |
The label used by the far-end device to send packets to this device in this service by this SDP. |
Egress Label |
The label used by this device to send packets to the far-end device in this service by this SDP. |
service-using
Syntax
service-using [epipe] [ies] [vpls] [vprn][sdp sdp-id] [customer customer-id]
Context
show>service
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command displays the services matching certain usage properties.
If no optional parameters are specified, all services defined on the system are displayed.
Parameters
- epipe
Displays matching Epipe services.
- ies
Displays matching IES instances.
- vpls
Displays matching VPLS instances.
- vprn
Displays matching VPRN services. This parameter is not supported on 7210 SAS platforms operating in access-uplink mode.
- sdp sdp-id
Displays only services bound to the specified SDP ID.
- customer customer-id
Displays services only associated with the specified customer ID.
Output
The following output is an example of service information, and Output Fields: Service-using describes the output fields.
Sample output*A:ALA-12# show service service-using customer 10
==============================================================================
Services
==============================================================================
ServiceId Type Adm Opr CustomerId Last Mgmt Change
------------------------------------------------------------------------------
1 VPLS Up Up 10 09/05/2006 13:24:15
100 IES Up Up 10 09/05/2006 13:24:15
300 Epipe Up Up 10 09/05/2006 13:24:15
900 VPRN Up Up 2 11/04/2006 04:55:12
------------------------------------------------------------------------------
Matching Services : 4
==============================================================================
*A:ALA-12#
*A:ALA-12# show service service-using epipe
===============================================================================
Services [epipe]
===============================================================================
ServiceId Type Adm Opr CustomerId Last Mgmt Change
-------------------------------------------------------------------------------
6 Epipe Up Up 6 06/22/2006 23:05:58
7 Epipe Up Up 6 06/22/2006 23:05:58
8 Epipe Up Up 3 06/22/2006 23:05:58
103 Epipe Up Up 6 06/22/2006 23:05:58
-------------------------------------------------------------------------------
Matching Services : 4
===============================================================================
*A:ALA-12#
A:de14# show service service-using
===============================================================================
Services
===============================================================================
ServiceId Type Adm Opr CustomerId Last Mgmt Change
-------------------------------------------------------------------------------
1 uVPLS Up Up 1 10/26/2006 15:44:57
2 Epipe Up Down 1 10/26/2006 15:44:57
10 mVPLS Down Down 1 10/26/2006 15:44:57
11 mVPLS Down Down 1 10/26/2006 15:44:57
100 mVPLS Up Up 1 10/26/2006 15:44:57
101 mVPLS Up Up 1 10/26/2006 15:44:57
102 mVPLS Up Up 1 10/26/2006 15:44:57
999 uVPLS Down Down 1 10/26/2006 16:14:33
-------------------------------------------------------------------------------
Matching Services : 8
-------------------------------------------------------------------------------
A:de14#
Label |
Description |
---|---|
Service Id |
The service identifier. |
Type |
Specifies the service type configured for the service ID. |
Adm |
The desired state of the service. |
Opr |
The operating state of the service. |
CustomerID |
The ID of the customer who owns this service. |
Last Mgmt Change |
The date and time of the most recent management-initiated change to this service. |
id
Syntax
id service-id {all | arp | base | fdb | labels | mfib | sap | sdp | split-horizon-group | stp}
Context
show>service
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command displays information for a particular service-id.
Parameters
- service-id
Specifies the unique service identification number that identifies the service in the service domain.
- all
Display detailed information about the service.
- arp
Display ARP entries for the service.
- base
Display basic service information.
- fdb
Display FDB entries.
- interface
Display service interfaces.
- labels
Display labels being used by this service.
- sap
Display SAPs associated to the service.
- sdp
Display SDPs associated with the service. This parameter is not supported on 7210 SAS platforms operating in access-uplink mode.
- split-horizon-group
Display split horizon group information.
- stp
Display STP information.
all
Syntax
all
Context
show>service>id
Platforms
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
Description
This command displays detailed information for all aspects of the service.
Output
The following output is an example of detailed service information, and Output fields: service ID All describes the output fields.
Sample output*A:7210SAS>show>service>id# all
===============================================================================
Service Detailed Information
===============================================================================
Service Id : 1 Vpn Id : 0
Service Type : Epipe
Description : (Not Specified)
Customer Id : 1
Last Status Change: 02/12/2002 23:51:07
Last Mgmt Change : 02/12/2002 23:50:18
Admin State : Up Oper State : Up
SAP Count : 2
Uplink Type: : L2
SAP Type: : Any Customer vlan: : n/a
-------------------------------------------------------------------------------
Service Access Points
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
SAP 1/1/9:600.*
-------------------------------------------------------------------------------
Service Id : 1
SAP : 1/1/9:600.* Encap : qinq
QinQ Dot1p : Default
Description : (Not Specified)
Admin State : Up Oper State : Up
Flags : None
Last Status Change : 02/12/2002 23:51:06
Last Mgmt Change : 02/12/2002 23:50:18
Dot1Q Ethertype : 0x8100 QinQ Ethertype : 0x8100
Admin MTU : 9212 Oper MTU : 9212
Ingr IP Fltr-Id : n/a Egr IP Fltr-Id : n/a
Ingr Mac Fltr-Id : n/a Egr Mac Fltr-Id : n/a
Ingr IPv6 Fltr-Id : n/a Egr IPv6 Fltr-Id : n/a
tod-suite : None
Endpoint : N/A
Acct. Pol : None Collect Stats : Disabled
-------------------------------------------------------------------------------
QOS
-------------------------------------------------------------------------------
Ingress qos-policy : n/a
-------------------------------------------------------------------------------
Aggregate Policer
-------------------------------------------------------------------------------
rate : n/a burst : n/a
-------------------------------------------------------------------------------
Ingress QoS Classifier Usage
-------------------------------------------------------------------------------
Classifiers Allocated: 2 Meters Allocated : 1
Classifiers Used : 1 Meters Used : 1
-------------------------------------------------------------------------------
Sap Statistics
-------------------------------------------------------------------------------
Packets Octets
Ingress Stats: 0 0
Egress Stats: 26941105 18014193523
Extra-Tag Drop Stats: n/a n/a
-------------------------------------------------------------------------------
SAP 1/1/12:90
-------------------------------------------------------------------------------
Service Id : 1
SAP : 1/1/12:90 Encap : q-tag
Description : (Not Specified)
Admin State : Up Oper State : Up
Flags : None
Last Status Change : 02/12/2002 23:51:07
Last Mgmt Change : 02/13/2002 00:05:46
Dot1Q Ethertype : 0x8100 QinQ Ethertype : 0x8100
Loopback Mode : Internal No-svc-port used : 1/1/25
Loopback Src Addr : 00:00:01:00:02:00
Loopback Dst Addr : 00:00:01:00:03:00
Admin MTU : 1518 Oper MTU : 1518
Ingr IP Fltr-Id : n/a Egr IP Fltr-Id : n/a
Ingr Mac Fltr-Id : n/a Egr Mac Fltr-Id : n/a
Ingr IPv6 Fltr-Id : n/a Egr IPv6 Fltr-Id : n/a
tod-suite : None
Endpoint : N/A
Acct. Pol : None Collect Stats : Disabled
-------------------------------------------------------------------------------
QOS
-------------------------------------------------------------------------------
Ingress qos-policy : 1
-------------------------------------------------------------------------------
Aggregate Policer
-------------------------------------------------------------------------------
rate : n/a burst : n/a
-------------------------------------------------------------------------------
Ingress QoS Classifier Usage
-------------------------------------------------------------------------------
Classifiers Allocated: 2 Meters Allocated : 1
Classifiers Used : 1 Meters Used : 1
-------------------------------------------------------------------------------
Sap Statistics
-------------------------------------------------------------------------------
Packets Octets
Ingress Stats: 26940595 18013850572
Egress Stats: 0 0
Ingress Drop Stats: 0 0
Extra-Tag Drop Stats: n/a n/a
-------------------------------------------------------------------------------
Sap per Meter stats (in/out counter mode)
-------------------------------------------------------------------------------
Packets Octets
Ingress Meter 1
For. InProf : 8 4265
For. OutProf : 26941156 18014224039
-------------------------------------------------------------------------------
Service Endpoints
-------------------------------------------------------------------------------
No Endpoints found.
===============================================================================
*A:7210SAS>show>service>id#
Label |
Description |
---|---|
Service Detailed Information |
|
Service Id |
The service identifier. |
VPN Id |
The number which identifies the VPN. |
Customer Id |
The customer identifier. |
Last Status Change |
The date and time of the most recent change in the administrative or operating status of the service. |
Last Mgmt Change |
The date and time of the most recent management-initiated change to this customer. |
Admin State |
The current administrative state. |
Oper State |
The current operational state. |
Route Dist. |
Displays the route distribution number. |
AS Number |
Displays the autonomous system number. |
Router Id |
Displays the router ID for this service. |
Auto Bind |
Specifies the automatic binding type for the SDP assigned to this service. |
Vrf Target |
Specifies the VRF target applied to this service. |
Vrf Import |
Specifies the VRF import policy applied to this service. |
Vrf Export |
Specifies the VRF export policy applied to this service. |
Description |
Generic information about the service. |
SAP Count |
The number of SAPs specified for this service. |
SDP Bind Count |
The number of SDPs bound to this service. |
Split Horizon Group |
Name of the split horizon group for this service. |
Description |
Description of the split horizon group. |
Last Changed |
The date and time of the most recent management-initiated change to this split horizon group. |
Service Destination Points (SDPs) |
|
SDP Id |
The SDP identifier. |
Type |
Indicates whether this Service SDP binding is a spoke or a mesh. |
Admin Path MTU |
The desired largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented. |
Oper Path MTU |
The actual largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented. |
Delivery |
Specifies the type of delivery used by the SDP: MPLS. |
Admin State |
The administrative state of this SDP. |
Oper State |
The operational state of this SDP. |
Ingress Label |
The label used by the far-end device to send packets to this device in this service by this SDP. |
Egress Label |
The label used by this device to send packets to the far-end device in this service by this SDP. |
Ingress Filter |
The ID of the ingress filter policy. |
Egress Filter |
The ID of the egress filter policy. |
Far End |
Specifies the IP address of the remote end of the MPLS tunnel defined by this SDP. |
Last Changed |
The date and time of the most recent change to this customer. |
Signaling |
Specifies the signaling protocol used to obtain the ingress and egress labels used in frames transmitted and received on this SDP. |
Admin State |
Specifies the operating status of the keepalive protocol. |
Oper State |
The current status of the keepalive protocol. |
Hello Time |
Specifies how often the SDP echo request messages are transmitted on this SDP. |
Hello Msg Len |
Specifies the length of the SDP echo request messages transmitted on this SDP. |
Max Drop Count |
Specifies the maximum number of consecutive SDP echo request messages that can be unacknowledged before the keepalive protocol reports a fault. |
Hold Down Time |
Specifies the amount of time to wait before the keepalive operating status is eligible to enter the alive state. |
SDP Delivery Mechanism |
When the SDP type is MPLS, a list of LSPs used to reach the far-end router displays. All the LSPs in the list must terminate at the IP address specified in the far end field. |
Max Drop Count |
Specifies the maximum number of consecutive SDP echo request messages that can be unacknowledged before the keepalive protocol reports a fault. |
Number of SDPs |
The total number SDPs applied to this service ID. |
Service Access Points |
|
Service Id |
The service identifier. |
Port Id |
The ID of the access port where this SAP is defined. |
Description |
Generic information about the SAP. |
Admin State |
The desired state of the SAP. |
Oper State |
The operating state of the SAP. |
Last Changed |
The date and time of the last change. |
Admin MTU |
The desired largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented. |
Oper MTU |
The actual largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented. |
Ingress qos-policy |
The SAP ingress QoS policy ID. |
Acct. Pol |
Indicates the accounting policy applied to the SAP. |
Collect Stats |
Specifies whether accounting statistics are collected on the SAP. |
Spoke SDPs |
|
Managed by Service |
Specifies the service-id of the management VPLS managing this spoke-SDP. |
Managed by Spoke |
Specifies the sap-id inside the management VPLS managing this spoke-SDP. |
Prune state |
Specifies the STP state inherited from the management VPLS. |
Peer Pw Bits |
Indicates the bits set by the LDP peer when there is a fault on its side of the pseudowire. LAC failures occur on the SAP that has been configured on the pipe service, PSN bits are set by SDP-binding failures on the pipe service. The pwNotForwarding bit is set when none of the preceding failures apply, such as an MTU mismatch failure. This value is only applicable if the peer is using the pseudowire status signalling method to indicate faults. pwNotForwarding — Pseudowire not forwarding lacIngressFault Local — Attachment circuit RX fault lacEgresssFault Local — Attachment circuit TX fault psnIngressFault Local — PSN-facing PW RX fault psnEgressFault Local — PSN-facing PW TX fault pwFwdingStandby — Pseudowire in standby mode |
Max IPv4 Routes |
Maximum IPv4 routes configured for use with the service. |
Last Changed |
The date and time of the most recent management-initiated change. |
Dot1Q Ethertype |
The Dot1q ethertype in use by the SAP. |
Ingr IP Fltr-Id |
The policy ID of the IP filter applied at ingress. |
Ingr Mac Fltr-Id |
The policy ID of the MAC filter applied at ingress. |
Egr IP Fltr-Id |
The policy ID of the IP filter applied at egress. |
Egr Mac Fltr-Id |
The policy ID of the MAC filter applied at egress. |
tod-suite |
The TOD suite applied for use by this SAP. |
rate |
Specifies the SAP aggregate rate configured for the aggregate policer/meter used by this SAP. |
burst |
Specifies the burst to be used with SAP aggregate policer/meter used by this SAP. |
Classifiers Allocated |
Number of SAP ingress QoS resources allocated for use by this SAP. |
Classifiers Used |
Number of SAP ingress QoS resources in use by this SAP. |
Meters Allocated |
Number of SAP ingress meter resources allocated for use by this SAP. This is set to half the number of classifiers allocated to this SAP. |
Meters Used |
Number of SAP ingress meters in use. |
Ingress Stats |
The number of received packets/octets for this SAP. |
Egress Stats |
The number of packets/octets forwarded out of this SAP. |
Ingress Drop Stats |
Number of packets/octets dropped by the system. |
Extra-Tag Drop Stats |
Number of packets received with the count of VLAN tags exceeding the count of VLAN tags implied by the SAP encapsulation. |
Ingress Meter 1 |
The index of the ingress QoS meter of this SAP. |
For. InProf |
Number of in-profile packets/octets received on this SAP. |
For. OutProf |
Number of out-of-profile packets/octets received on this SAP. |
If Name |
IP interface name assigned by user. |
Protocols |
Protocols enabled for use on this interface. |
Oper (v4/v6) |
Operational status of this interface for IPv4 and IPv6. |
IP Addr/mask |
IPv4 address and Mask assigned to this interface. |
Address Type |
Whether the address is a primary or secondary address. |
Broadcast Address |
Type of broadcast address used. It can be host-ones or all-ones. |
If Index |
The interface Index assigned by the system. It is used with SNMP IfTable. |
Virt. If Index |
The interface index assigned by the system. It is used with SNMP. |
Last Oper Chg |
Timestamp associated with the last operational change. |
Global If Index |
This is the system wide Interface index allotted by the system. |
If Type |
Network — The IP interface is a network/core IP interface. Service — The IP interface is a service IP interface. |
SNTP B.Cast |
Specifies whether SNTP broadcast client mode is enabled or disabled. |
Arp Timeout |
Specifies the timeout for an ARP entry learned on the interface. |
IP Oper MTU |
The actual largest service frame size (in octets) that can be transmitted through the port to the far-end router, without requiring the packet to be fragmented. |
LdpSyncTimer |
Specifies the value used for IGP-LDP synchronization. |
Redirects |
Specifies the rate for ICMP redirect messages. |
Unreachables |
Specifies the rate for ICMP unreachable messages. |
TTL Expired |
Specifies the rate for ICMP TTL messages. |
MAC Address |
Specifies the 48-bit IEEE 802.3 MAC address. |
arp
Syntax
arp [ip-address] | [mac ieee-address] | [sap sap-id] | [interface ip-int-name] [sdp sdp-id:vc-id] [summary]
Context
show>service>id
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
Displays the ARP table for the IES instance.
Parameters
- ip-address
Displays only ARP entries in the ARP table with the specified IP address.
- mac ieee-address
Displays only ARP entries in the ARP table with the specified 48-bit MAC address. The MAC address can be expressed in the form aa:bb:cc:dd:ee:ff or aa-bb-cc-dd-ee-ff where aa, bb, cc, dd, ee and ff are hexadecimal numbers.
- sap sap-id
Displays SAP information for the specified SAP ID. See Common CLI command descriptions for command syntax.
- sdp-id:vc-id
Displays SDP information for the specified SDP ID and VC ID. This parameter is not supported on 7210 SAS platforms operating in access-uplink mode.
- port id
Specifies matching service ARP entries associated with the specified IP interface.
- ip-address
Specifies the IP address of the interface for which to display matching ARP entries.
- ip-int-name
Specifies the IP interface name for which to display matching ARPs.
Output
The following output is an example of ARP information, and Output fields: ARP describes the output fields.
Sample output*A:ALA-12# show service id 2 arp
==============================================================================
ARP Table
==============================================================================
IP Address MAC Address Type Age Interface Port
------------------------------------------------------------------------------
10.11.1.1 00:03:fa:00:08:22 Other 00:00:00 ies-100-10.11.1 1/1/11:0
==============================================================================
*A:ALA-12#
Label |
Description |
---|---|
Service ID |
The service ID number. |
MAC |
The specified MAC address |
Source-Identifier |
The location the MAC is defined. |
Type |
Static FDB entries created by management. |
Learned Dynamic entries created by the learning process. |
|
OAM Entries created by the OAM process. |
|
Age |
The time elapsed since the service was enabled. |
Interface |
The interface applied to the service. |
Port |
The port where the SAP is applied. |
base
Syntax
base
Context
show>service>id
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command displays basic information about the service ID including service type, description, SAPs and SDPs.
SDP information is not displayed for 7210 SAS platforms operating in access-uplink mode.
Output
The following outputs are examples of basic service information, and the associated tables describes the output fields.
Sample output*A:ALA-12# show service id 1 base
===============================================================================
Service Basic Information
===============================================================================
Service Id : 1 Vpn Id : 0
Service Type : VPRN
Customer Id : 1
Last Status Change: 02/01/2007 09:11:39
Last Mgmt Change : 02/01/2007 09:11:46
Admin State : Up Oper State : Down
Route Dist. : 10001:1
AS Number : 10000 Router Id : 10.10.10.103
ECMP : Enabled ECMP Max Routes : 8
Max Routes : No Limit Auto Bind : LDP
Vrf Target : target:10001:1
Vrf Import : vrfImpPolCust1
Vrf Export : vrfExpPolCust1
SAP Count : 1 SDP Bind Count : 18
------------------------------------------------------------------------------
Service Access & Destination Points
------------------------------------------------------------------------------
Identifier Type AdmMTU OprMTU Adm Opr
------------------------------------------------------------------------------
sap:1/1/7:0 q-tag 1518 1518 Up Up
sdp:10:1 M(10.20.1.3) TLDP 4462 4462 Up TLDP Down
sdp:20:1 M(10.20.1.4) TLDP 4462 4462 Up TLDP Down
sdp:30:1 M(10.20.1.5) TLDP 4462 4462 Up TLDP Down
sdp:40:1 M(10.20.1.20) TLDP 1534 4462 Up Up
sdp:200:1 M(10.20.1.30) TLDP 1514 4462 Up Up
sdp:300:1 M(10.20.1.31) TLDP 4462 4462 Up TLDP Down
sdp:500:1 M(10.20.1.50) TLDP 4462 4462 Up TLDP Down
==============================================================================
*A:ALA-12#
Label |
Description |
---|---|
Service Id |
The service identifier |
Vpn Id |
Specifies the VPN ID assigned to the service. |
Service Type |
Specifies the type of service |
Description |
Generic information about the service |
Customer Id |
The customer identifier |
Last Mgmt Change |
The date and time of the most recent management-initiated change to this customer |
Adm |
The desired state of the service |
Oper |
The operating state of the service |
Mtu |
The largest frame size (in octets) that the service can handle. |
Def. Mesh VC Id |
This object is only valid in services that accept mesh SDP bindings It is used to validate the VC ID portion of each mesh SDP binding defined in the service |
SAP Count |
The number of SAPs defined on the service |
SDP Bind Count |
The number of SDPs bound to the service |
Identifier |
Specifies the service access (SAP) and destination (SDP) points |
Type |
Specifies the signaling protocol used to obtain the ingress and egress labels used in frames transmitted and received on the SDP |
AdmMTU |
Specifies the desired largest service frame size (in octets) that can be transmitted through this SDP to the far-end ESR, without requiring the packet to be fragmented |
OprMTU |
Specifies the actual largest service frame size (in octets) that can be transmitted through this SDP to the far-end ESR, without requiring the packet to be fragmented |
Opr |
The operating state of the SDP |
*A:7210SAS>show>service>id# show service id 1 base
===============================================================================
Service Basic Information
===============================================================================
Service Id : 1 Vpn Id : 0
Service Type : VPRN
Name : (Not Specified)
Description : Default Description For VPRN ID 1
Customer Id : 1
Last Status Change: 01/08/2000 22:57:35
Last Mgmt Change : 01/08/2000 22:57:35
Admin State : Up Oper State : Up
Route Dist. : 100:1 VPRN Type : regular
AS Number : 100 Router Id : 1.1.1.1
ECMP : Enabled ECMP Max Routes : 1
Max IPv4 Routes : No Limit Auto Bind : MPLS
Max IPv6 Routes : No Limit
Ignore NH Metric : Disabled
Hash Label : Disabled
Vrf Target : target:200:1
Vrf Import : None
Vrf Export : None
MVPN Vrf Target : None
MVPN Vrf Import : None
MVPN Vrf Export : None
Label mode : vrf
BGP VPN Backup : ipv4 ipv6
SAP Count : 1 SDP Bind Count : 3
-------------------------------------------------------------------------------
Service Access & Destination Points
-------------------------------------------------------------------------------
Identifier Type AdmMTU OprMTU Adm Opr
-------------------------------------------------------------------------------
sap:1/1/2:1 q-tag 9212 9212 Up Up
sdp:1002:1 S(2.2.2.2) Spok 0 9186 Up Up
sdp:1003:1 S(3.3.3.3) Spok 0 9186 Up Up
sdp:1004:1 S(4.4.4.4) Spok 0 9186 Up Up
===============================================================================
*A:7210SAS>show>service>id#
Label |
Description |
---|---|
Service Id |
The service identifier |
Service Type |
The type of service: VPRN |
Name |
The service name |
Description |
Generic information about the service |
Customer Id |
The customer identifier |
Last Status Change |
The date and time of the most recent status change to this service |
Last Mgmt Change |
The date and time of the most recent management-initiated change to this service |
Admin State |
The desired state of the service |
Oper State |
The operating state of the service |
Route Dist. |
The largest frame size (in octets) that the service can handle |
VPRN Type |
Only valid in services that accept mesh SDP bindings. It validates the VC ID portion of each mesh SDP binding defined in the service. |
AS Number |
The autonomous system number |
Router ID |
The router ID for this service |
ECMP |
Displays equal cost multipath information |
ECMP Max Routes |
The maximum number of routes that can be received from the neighbors in the group or for the specific neighbor |
Max IPv4 Routes |
The maximum number of routes that can be used for path sharing |
Auto Bind |
The automatic binding type for the SDP assigned to this service |
Max IPv6 Routes |
Not applicable |
Vrf Target |
The route target in the VRF applied to this service |
Vrf Import |
The VRF import policy applied to this service |
Vrf Export |
The VRF export policy applied to this service |
MVPN Vrf Target |
The route target in the MVPN VRF applied to this service |
MVPN Vrf Import |
The MVPN VRF import policy applied to this service |
MVPN Vrf Export |
The MVPN VRF export policy applied to this service |
SAP Count |
The number of SAPs defined on the service |
SDP Bind Count |
The number of SDPs bound to the service |
Service Access and Destination Points |
|
Identifier |
The service access (SAP) and destination (SDP) points |
Type |
The signaling protocol used to obtain the ingress and egress labels used in frames transmitted and received on the SDP |
AdmMTU |
The desired largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented |
OprMTU |
The actual largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented |
Adm |
The administrative state of the SAP or SDP |
Opr |
The operating state of the SAP or SDP |
statistics
Syntax
statistics [sap sap-id] (network and access-uplink mode)
statistics [sdp sdp-id:vc-id] (network mode)
statistics [interface interface-name] (access-uplink mode for IES)
Context
show>service>id>dhcp
Platforms
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
Description
This command displays DHCP statistics information.
Parameters
- sap-id
Specifies the physical port identifier portion of the SAP definition. See Common CLI command descriptions for the command syntax.
- sdp-id
Specifies the SDP identifier.
- vc-id
Specifies the virtual circuit ID on the SDP ID for which to display information.
- interface interface-name
Displays information for the specified IP interface.
Output
The following output is an example of DHCP statistics, and Output Fields: DHCP statistics describes the output fields.
Sample outputA:sim1# show service id 11 dhcp statistics
================================================================
DHCP Global Statistics, service 11
================================================================
Rx Packets : 32
Tx Packets : 12
Rx Malformed Packets : 0
Rx Untrusted Packets : 0
Client Packets Discarded : 0
Client Packets Relayed : 11
Client Packets Snooped : 21
Server Packets Discarded : 0
Server Packets Relayed : 0
Server Packets Snooped : 0
================================================================
A:sim1#
Label |
Description |
---|---|
Received Packets |
The number of packets received from the DHCP clients. |
Transmitted Packets |
The number of packets transmitted to the DHCP clients. |
Received Malformed Packets |
The number of corrupted/invalid packets received from the DHCP clients. |
Received Untrusted Packets |
The number of untrusted packets received from the DHCP clients. In this case, a frame is dropped due to the client sending a DHCP packet with Option 82 filled in before ‟trust” is set under the DHCP interface command. |
Client Packets Discarded |
The number of packets received from the DHCP clients that were discarded. |
Client Packets Relayed |
The number of packets received from the DHCP clients that were forwarded. |
Client Packets Snooped |
The number of packets received from the DHCP clients that were snooped. |
Server Packets Discarded |
The number of packets received from the DHCP server that were discarded. |
Server Packets Relayed |
The number of packets received from the DHCP server that were forwarded. |
Server Packets Snooped |
The number of packets received from the DHCP server that were snooped. |
interface
Syntax
interface [ip-address | ip-int-name] [detail]
Context
show>service>id
Platforms
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode with IES
Description
This command displays information for the IP interfaces associated with the service.
If no optional parameters are specified, a summary of all IP interfaces associated to the service are displayed.
Parameters
- ip-address
The IP address of the interface for which to display information.
- ip-int-name
The IP interface name for which to display information.
- detail
Displays detailed IP interface information.
Output
The following output is an example of service interface information, and Output Fields: Interface describes the output fields.
Sample output*A:ALA-12# show service id 321 interface
===============================================================================
Interface Table
===============================================================================
Interface-Name Type IP-Address Adm Opr Type
-------------------------------------------------------------------------------
test Pri 10.11.1.1/24 Up Up IES
-------------------------------------------------------------------------------
Interfaces : 1
===============================================================================
*A:ALA-12#
A:ALA-49# show service id 88 interface detail
===============================================================================
Interface Table
===============================================================================
Interface
-------------------------------------------------------------------------------
If Name : Sector A
Admin State : Up Oper State : Down
Protocols : None
IP Addr/mask : Not Assigned
-------------------------------------------------------------------------------
Details
-------------------------------------------------------------------------------
Description :
If Index : 26 Virt. If Index : 26
SAP Id : 71/1/1.2.2
TOS Marking : Untrusted If Type : IES
SNTP B.Cast : False IES ID : 88
MAC Address : Not configured. Arp Timeout : 14400
IP MTU : 1500 ICMP Mask Reply : True
Arp Populate : Disabled
Cflowd : None
Proxy ARP Details
Proxy ARP : Enabled Local Proxy ARP : Disabled
Policies : ProxyARP
DHCP Details
Admin State : Up Lease Populate : 0
Action : Keep Trusted : Disabled
ICMP Details
Redirects : Number - 100 Time (seconds) - 10
Unreachables : Number - 100 Time (seconds) - 10
TTL Expired : Number - 100 Time (seconds) - 10
-------------------------------------------------------------------------------
Interface
-------------------------------------------------------------------------------
If Name : test
Admin State : Up Oper State : Down
Protocols : None
IP Addr/mask : Not Assigned
-------------------------------------------------------------------------------
Details
-------------------------------------------------------------------------------
Description :
If Index : 27 Virt. If Index : 27
SAP Id : 101/1/2:0
TOS Marking : Untrusted If Type : IES
SNTP B.Cast : False IES ID : 88
MAC Address : Not configured. Arp Timeout : 14400
Arp Populate : Disabled
Proxy ARP Details
Proxy ARP : Disabled Local Proxy ARP : Disabled
ICMP Details
Redirects : Number - 100 Time (seconds) - 10
Unreachables : Number - 100 Time (seconds) - 10
TTL Expired : Number - 100 Time (seconds) - 10
-------------------------------------------------------------------------------
Interfaces : 2
===============================================================================
A:ALA-49#
Label |
Description |
---|---|
Interface-Name |
The name used to refer to the interface. |
Type |
Specifies the interface type. |
IP-Address |
Specifies the IP address/IP subnet/broadcast address of the interface. |
Adm |
The desired state of the interface. |
Opr |
The operating state of the interface. |
Interface |
|
If Name |
The name used to refer to the interface. |
Admin State |
The desired state of the interface. |
Oper State |
The operating state of the interface. |
IP Addr/mask |
Specifies the IP address/IP subnet/broadcast address of the interface. |
Details |
|
If Index |
The index corresponding to this interface. The primary index is 1. For example, all interfaces are defined in the Base virtual router context. |
If Type |
Specifies the interface type. |
Port Id |
Specifies the SAP port ID. |
SNTP B.Cast |
Specifies whether SNTP broadcast client mode is enabled or disabled. |
Arp Timeout |
Specifies the timeout for an ARP entry learned on the interface. |
MAC Address |
Specifies the 48-bit IEEE 802.3 MAC address. |
ICMP Mask Reply |
Specifies whether ICMP mask reply is enabled or disabled. |
ICMP Details |
|
Redirects |
Specifies the rate for ICMP redirect messages. |
Unreachables |
Specifies the rate for ICMP unreachable messages. |
TTL Expired |
Specifies the rate for ICMP TTL messages. |
sap
Syntax
sap sap-id [detail]]
Context
show>service>id
Platforms
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
Description
This command displays information for the SAPs associated with the service.
If no optional parameters are specified, a summary of all associated SAPs is displayed.
Parameters
- sap-id
Specifies the ID that displays SAPs for the service. See Common CLI command descriptions for command syntax.
- detail
Displays detailed information for the SAP.
Output
The following output is an example of service SAP information, and Output Fields: service ID SAP describes the output fields.
Sample output*A:ALA-12# show service id 321 sap 1/1/4:0
===============================================================================
Service Access Points(SAP)
===============================================================================
Service Id : 321
SAP : 1/1/4:0 Encap : q-tag
Dot1Q Ethertype : 0x8100 QinQ Ethertype : 0x8100
Admin State : Up Oper State : Down
Flags : PortOperDown
SapIngressQoSMismatch
Last Status Change : 02/03/2007 12:58:37
Last Mgmt Change : 02/03/2007 12:59:10
Admin MTU : 1518 Oper MTU : 1518
Ingress qos-policy : 100 Egress qos-policy : 1
Ingress Filter-Id : n/a Egress Filter-Id : n/a
Multi Svc Site : None
Acct. Pol : None Collect Stats : Disabled
===============================================================================
*A:ALA-12#
*A:ALA-12# show service id 321 sap 1/1/4:0 detail
===============================================================================
Service Access Points(SAP)
===============================================================================
Service Id : 321
SAP : 1/1/4:0 Encap : q-tag
Dot1Q Ethertype : 0x8100 QinQ Ethertype : 0x8100
Admin State : Up Oper State : Down
Flags : PortOperDown
SapIngressQoSMismatch
Last Status Change : 02/03/2007 12:58:37
Last Mgmt Change : 02/03/2007 12:59:10
Admin MTU : 1518 Oper MTU : 1518
Ingress qos-policy : 100 Egress qos-policy : 1
Ingress Filter-Id : n/a Egress Filter-Id : n/a
Multi Svc Site : None
Acct. Pol : None Collect Stats : Disabled
-------------------------------------------------------------------------------
Sap Statistics
-------------------------------------------------------------------------------
Packets Octets
Forwarding Engine Stats
Dropped : 0 0
Off. HiPrio : 0 0
Off. LowPrio : 0 0
Off. Uncolor : 0 0
Queueing Stats(Egress QoS Policy 1)
Dro. InProf : 0 0
Dro. OutProf : 0 0
For. InProf : 0 0
For. OutProf : 0 0
-------------------------------------------------------------------------------
=============================================================================
*A:ALA-12#
*A:dut-a>config>log# /show service id 100 sap 1/1/22:100 sap-stats
===============================================================================
Service Access Points(SAP)
===============================================================================
Service Id : 100
SAP : 1/1/22:100 Encap : q-tag
Description : (Not Specified)
Admin State : Up Oper State : Up
Flags : None
Last Status Change : 02/17/2016 10:24:49
Last Mgmt Change : 02/17/2016 10:24:46
-------------------------------------------------------------------------------
Ingress QoS Classifier Usage
-------------------------------------------------------------------------------
Classifiers Allocated: 2 Meters Allocated : 1
Classifiers Used : 1 Meters Used : 1
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Sap Statistics
-------------------------------------------------------------------------------
Packets Octets
Ingress Stats: 0 0
Egress Stats: 76990984 116872316748
Ingress Drop Stats: 0 0
Extra-Tag Drop Stats: n/a n/a
-------------------------------------------------------------------------------
Sap per Meter stats (in/out counter mode)
-------------------------------------------------------------------------------
Packets Octets
Ingress Meter 1
For. InProf : 0 0
For. OutProf : 0 0
-------------------------------------------------------------------------------
Egr sap agg-meter stats
-------------------------------------------------------------------------------
Packets Octets
Drop : 385943060 73232696583
Forward : 74671326 14168884298
-------------------------------------------------------------------------------
===============================================================================
*A:dut-a>
Label |
Description |
---|---|
Service Id |
The service identifier. |
SAP |
The SAP and qtag. |
Encap |
The encapsulation type of the SAP. |
Ethertype |
Specifies an Ethernet type II Ethertype value. |
Admin State |
The administrative state of the SAP. |
Oper State |
The operating state of the SAP. |
Flags |
Specifies the conditions that affect the operating status of this SAP. Display output includes: ServiceAdminDown, SapAdminDown, InterfaceAdminDown, PortOperDown, PortMTUTooSmall, L2OperDown, SapIngressQoSMismatch, SapEgressQoSMismatch,RelearnLimitExceeded, RxProtSrcMac, ParentIfAdminDown, TodResourceUnavail, TodMssResourceUnavail, SapParamMismatch, ServiceMTUTooSmall, SapIngressNamedPoolMismatch, SapEgressNamedPoolMismatch, NoSapEpipeRingNode. |
Last Status Change |
Specifies the time of the most recent operating status change to this SAP |
Last Mgmt Change |
Specifies the time of the most recent management-initiated change to this SAP. |
Admin MTU |
The desired largest service frame size (in octets) that can be transmitted through the SAP to the far-end router, without requiring the packet to be fragmented. |
Oper MTU |
The actual largest service frame size (in octets) that can be transmitted through the SAP to the far-end router, without requiring the packet to be fragmented. |
Ingress qos-policy |
The ingress QoS policy ID assigned to the SAP. |
Egress qos-policy |
The egress QoS policy ID assigned to the SAP. |
Ingress Filter-Id |
The ingress filter policy ID assigned to the SAP. |
Table-based |
Indicates the use of table-based resource classification: Enabled (table-based) or Disabled (CAM-based) |
Egress Filter-Id |
The egress filter policy ID assigned to the SAP. |
Acct. Pol |
The accounting policy ID assigned to the SAP. |
Collect Stats |
Specifies whether collect stats is enabled. |
Dropped |
The number of packets and octets dropped due to SAP state, ingress MAC or IP filter, same segment discard, bad checksum, and so on. |
Off. HiPrio |
The number of high priority packets and octets, as determined by the SAP ingress QoS policy, offered by the Pchip to the Qchip. |
Off. LowPrio |
The number of low priority packets and octets, as determined by the SAP ingress QoS policy, offered by the Pchip to the Qchip. |
Off. Uncolor |
The number of uncolored packets and octets, as determined by the SAP ingress QoS policy, offered by the Pchip to the Qchip. |
Dro. HiPrio |
The number of high priority packets and octets, as determined by the SAP ingress QoS policy, dropped by the Qchip due to: MBS exceeded, buffer pool limit exceeded, and so on. |
Dro. LowPrio |
The number of low priority packets and octets, as determined by the SAP ingress QoS policy, dropped by the Qchip due to: MBS exceeded, buffer pool limit exceeded, and so on. |
For. InProf |
The number of in-profile packets and octets (rate below CIR) forwarded by the ingress Qchip. |
For. OutProf |
The number of out-of-profile packets and octets discarded by the egress Qchip due to MBS exceeded, buffer pool limit exceeded, and so on. |
Dro. InProf |
The number of in-profile packets and octets discarded by the egress Qchip due to MBS exceeded, buffer pool limit exceeded, and so on. |
Dro. OutProf |
The number of out-of-profile packets and octets discarded by the egress Qchip due to MBS exceeded, buffer pool limit exceeded, and so on. |
For. InProf |
The number of in-profile packets and octets (rate below CIR) forwarded by the egress Qchip. |
For. OutProf |
The number of out-of-profile packets and octets (rate above CIR) forwarded by the egress Qchip. |
Ingress TD Profile |
The profile ID applied to the ingress SAP. |
Egress TD Profile |
The profile ID applied to the egress SAP. |
Alarm Cell Handling |
The indication that OAM cells are being processed. |
AAL-5 Encap |
The AAL-5 encapsulation type. |
sdp
Syntax
sdp [sdp-id | far-end ip-addr] [detail]
Context
show>service>id
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command displays information for the SDPs associated with the service. If no optional parameters are specified, a summary of all associated SDPs is displayed.
Parameters
- sdp-id
Displays only information for the specified SDP ID.
- far-end ip-addr
Displays only SDPs matching with the specified far-end IP address.
- detail
Displays detailed SDP information.
Output
The following output is an example of service SDP information, and Output Fields: service ID SDP describes the output fields.
Sample outputA:Dut-A# show service id 1 sdp detail
===============================================================================
Services: Service Destination Points Details
===============================================================================
Sdp Id 1:1 -(10.20.1.2)
-------------------------------------------------------------------------------
Description : Default sdp description
SDP Id : 1:1 Type : Spoke
VC Type : Ether VC Tag : n/a
Admin Path MTU : 0 Oper Path MTU : 9186
Far End : 10.20.1.2 Delivery : MPLS
Admin State : Up Oper State : Up
Acct. Pol : None Collect Stats : Disabled
Ingress Label : 2048 Egress Label : 2048
Ing mac Fltr : n/a Egr mac Fltr : n/a
Ing ip Fltr : n/a Egr ip Fltr : n/a
Ing ipv6 Fltr : n/a Egr ipv6 Fltr : n/a
Admin ControlWord : Not Preferred Oper ControlWord : False
Last Status Change : 05/31/2007 00:45:43 Signaling : None
Last Mgmt Change : 05/31/2007 00:45:43
Class Fwding State : Up
Flags : None
Peer Pw Bits : None
Peer Fault Ip : None
Peer Vccv CV Bits : None
Peer Vccv CC Bits : None
Max Nbr of MAC Addr: No Limit Total MAC Addr : 0
Learned MAC Addr : 0 Static MAC Addr : 0
MAC Learning : Enabled Discard Unkwn Srce: Disabled
MAC Aging : Enabled
L2PT Termination : Disabled BPDU Translation : Disabled
MAC Pinning : Disabled
KeepAlive Information :
Admin State : Disabled Oper State : Disabled
Hello Time : 10 Hello Msg Len : 0
Max Drop Count : 3 Hold Down Time : 10
Statistics :
I. Fwd. Pkts. : 0 I. Dro. Pkts. : 0
I. Fwd. Octs. : 0 I. Dro. Octs. : 0
E. Fwd. Pkts. : 0 E. Fwd. Octets : 0
MCAC Policy Name :
MCAC Max Unconst BW: no limit MCAC Max Mand BW : no limit
MCAC In use Mand BW: 0 MCAC Avail Mand BW: unlimited
MCAC In use Opnl BW: 0 MCAC Avail Opnl BW: unlimited
Associated LSP LIST :
Lsp Name : A_B_1
Admin State : Up Oper State : Up
Time Since Last Tr*: 00h26m35s
Lsp Name : A_B_2
Admin State : Up Oper State : Up
Time Since Last Tr*: 00h26m35s
Lsp Name : A_B_3
Admin State : Up Oper State : Up
Time Since Last Tr*: 00h26m34s
Lsp Name : A_B_4
Admin State : Up Oper State : Up
Time Since Last Tr*: 00h26m34s
Lsp Name : A_B_5
Admin State : Up Oper State : Up
Time Since Last Tr*: 00h26m34s
Lsp Name : A_B_6
Admin State : Up Oper State : Up
Time Since Last Tr*: 00h26m34s
Lsp Name : A_B_7
Admin State : Up Oper State : Up
Time Since Last Tr*: 00h26m34s
Lsp Name : A_B_8
Admin State : Up Oper State : Up
Time Since Last Tr*: 00h26m35s
Lsp Name : A_B_9
Admin State : Up Oper State : Up
Time Since Last Tr*: 00h26m34s
Lsp Name : A_B_10
Admin State : Up Oper State : Up
Time Since Last Tr*: 00h26m34s
-------------------------------------------------------------------------------
Class-based forwarding :
-------------------------------------------------------------------------------
Class forwarding : enabled
Default LSP : A_B_10 Multicast LSP : A_B_9
===============================================================================
FC Mapping Table
===============================================================================
FC Name LSP Name
-------------------------------------------------------------------------------
af A_B_3
be A_B_1
ef A_B_6
h1 A_B_7
h2 A_B_5
l1 A_B_4
l2 A_B_2
nc A_B_8
===============================================================================
Stp Service Destination Point specifics
-------------------------------------------------------------------------------
Mac Move : Blockable
Stp Admin State : Up Stp Oper State : Down
Core Connectivity : Down
Port Role : N/A Port State : Forwarding
Port Number : 2049 Port Priority : 128
Port Path Cost : 10 Auto Edge : Enabled
Admin Edge : Disabled Oper Edge : N/A
Link Type : Pt-pt BPDU Encap : Dot1d
Root Guard : Disabled Active Protocol : N/A
Last BPDU from : N/A
Designated Bridge : N/A Designated Port Id: 0
Fwd Transitions : 0 Bad BPDUs rcvd : 0
Cfg BPDUs rcvd : 0 Cfg BPDUs tx : 0
TCN BPDUs rcvd : 0 TCN BPDUs tx : 0
RST BPDUs rcvd : 0 RST BPDUs tx : 0
-------------------------------------------------------------------------------
Number of SDPs : 1
-------------------------------------------------------------------------------
* indicates that the corresponding row element may have been truncated.
-------------------------------------------------------------------------------
A:Dut-A#
Label |
Description |
---|---|
Sdp Id |
The SDP identifier. |
Type |
Indicates whether the SDP is a spoke or a mesh. |
Split Horizon Group |
Name of the split horizon group that the SDP belongs to. |
VC Type |
Displays the VC type: ether or vlan. |
VC Tag |
Displays the explicit dot1Q value used when encapsulating to the SDP far end. |
I. Lbl |
The VC label used by the far-end device to send packets to this device in this service by the SDP. |
Admin Path MTU |
The operating path MTU of the SDP is equal to the admin path MTU (when one is set) or the dynamically computed tunnel MTU, when no admin path MTU is set (the default case.) |
Oper Path MTU |
The actual largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented. |
Far End |
Specifies the IP address of the remote end of the MPLS tunnel defined by this SDP. |
Delivery |
Specifies the type of delivery used by the SDP: MPLS. |
Admin State |
The administrative state of this SDP. |
Oper State |
The operational state of this SDP. |
Ingress Label |
The label used by the far-end device to send packets to this device in this service by this SDP. |
Egress Label |
The label used by this device to send packets to the far-end device in this service by the SDP. |
Last Changed |
The date and time of the most recent change to the SDP. |
Signaling |
Specifies the signaling protocol used to obtain the ingress and egress labels used in frames transmitted and received on this SDP. |
Admin State |
The administrative state of the keepalive process. |
Oper State |
he operational state of the keepalive process. |
Hello Time |
Specifies how often the SDP echo request messages are transmitted on this SDP. |
Max Drop Count |
Specifies the maximum number of consecutive SDP echo request messages that can be unacknowledged before the keepalive protocol reports a fault. |
Hello Msg Len |
Specifies the length of the SDP echo request messages transmitted on this SDP. |
Hold Down Time |
Specifies the amount of time to wait before the keepalive operating status is eligible to enter the alive state. |
I. Fwd. Pkts. |
Specifies the number of forwarded ingress packets. |
I. Dro. Pkts. |
Specifies the number of dropped ingress packets. |
E. Fwd. Pkts. |
Specifies the number of forwarded egress packets. |
Associated LSP List |
When the SDP type is MPLS, a list of LSPs used to reach the far-end router displays. All the LSPs in the list must terminate at the IP address specified in the far end field. |
aggregate
Syntax
aggregate [active]
Context
show>router
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command displays aggregated routes.
Parameters
- active
This keyword filters out inactive aggregates.
Output
The following output is an example of aggregate route information, and Output Fields: Aggregate describes the output fields.
Sample output*A:ALA-12# show router 3 aggregate
==============================================================================
Aggregates (Service: 3)
==============================================================================
Prefix Summary AS Set Aggr AS Aggr IP-Address State
------------------------------------------------------------------------------
------------------------------------------------------------------------------
No. of Aggregates: 0
-----------------------------------------------------------
*A:ALA-12#
Label |
Description |
---|---|
Prefix |
Displays the destination address of the aggregate route in dotted decimal notation. |
Summary |
Specifies whether the aggregate or more specific components are advertised. |
AS Set |
Displays an aggregate where the path advertised for the route consists of all elements contained in all paths that are being summarized. |
Aggr AS |
Displays the aggregator path attribute to the aggregate route. |
Aggr IP-Address |
The IP address of the aggregated route. |
State |
The operational state of the aggregated route. |
No. of Aggregates |
The total number of aggregated routes. |
arp
Syntax
arp [ip-address | ip-int-name | mac ieee-mac-addr]
Context
show>router
Platforms
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode with IES
Description
This command displays the router ARP table sorted by IP address.
If no command line options are specified, all ARP entries are displayed.
Parameters
- ip-addr
Only displays ARP entries associated with the specified IP address.
- ip-int-name
Only displays ARP entries associated with the specified IP interface name.
- macieee-mac-addr
Only displays ARP entries associated with the specified MAC address.
Output
The following output is an example of router ARP information, and Output fields: ARP describes the output fields.
Sample output*A:ALA-12# show router 3 arp
===============================================================================
ARP Table (Service: 3)
===============================================================================
IP Address MAC Address Expiry Type Interface
-------------------------------------------------------------------------------
10.10.10.103 04:67:ff:00:00:01 00h00m00s Oth system
10.10.4.3 00:00:00:00:00:00 00h00m00s Oth ALA-1-2
10.10.5.3 00:00:00:00:00:00 00h00m00s Oth ALA-1-3
10.10.7.3 00:00:00:00:00:00 00h00m00s Oth ALA-1-5
10.10.0.16 00:00:00:00:00:00 00h00m00s Oth bozo
10.10.3.3 00:00:00:00:00:00 00h00m00s Oth gizmo
10.10.2.3 00:00:00:00:00:00 00h00m00s Oth hobo
10.10.1.17 00:00:00:00:00:00 00h00m00s Oth int-cflowd
10.0.0.92 00:00:00:00:00:00 04h00m00s Dyn to-104
10.0.0.103 04:67:01:01:00:01 00h00m00s Oth[I] to-104
10.0.0.104 04:68:01:01:00:01 03h59m49s Dyn[I] to-104
10.10.36.2 00:00:00:00:00:00 00h00m00s Oth tuesday
192.168.2.98 00:03:47:c8:b4:86 00h14m37s Dyn[I] management
192.168.2.103 00:03:47:dc:98:1d 00h00m00s Oth[I] management
-------------------------------------------------------------------------------
No. of ARP Entries: 14
===============================================================================
*A:ALA-12#
*A:ALA-12# show router 3 arp 10.10.0.3
===============================================================================
ARP Table
===============================================================================
IP Address MAC Address Expiry Type Interface
-------------------------------------------------------------------------------
10.10.0.3 04:5d:ff:00:00:00 00:00:00 Oth system
===============================================================================
*A:ALA-12#
*A:ALA-12# show router 3 arp to-ser1
===============================================================================
ARP Table
===============================================================================
IP Address MAC Address Expiry Type Interface
-------------------------------------------------------------------------------
10.10.13.1 04:5b:01:01:00:02 03:53:09 Dyn to-ser1
===============================================================================
*A:ALA-12#
Label |
Description |
---|---|
IP Address |
The IP address of the ARP entry. |
MAC Address |
The MAC address of the ARP entry. |
Expiry |
The age of the ARP entry. |
Type |
Dyn The ARP entry is a dynamic ARP entry. |
Inv The ARP entry is an inactive static ARP entry (invalid). |
|
Oth The ARP entry is a local or system ARP entry. |
|
Sta The ARP entry is an active static ARP entry. |
|
Interface |
The IP interface name associated with the ARP entry. |
No. of ARP Entries |
The number of ARP entries displayed in the list. |
damping
Syntax
damping [ip-prefix/mask | ip-address] [detail]
damping [damp-type] [detail]
Context
show>router>bgp
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command displays BGP routes with have been dampened due to route flapping. This command can be entered with or without a route parameter.
When the keyword detail is included, more detailed information displays.
When only the command is entered (without any parameters included except detail), all dampened routes are listed.
When a parameter is specified, the matching routes are listed.
When a decayed, history, or suppressed keyword is specified, only those types of dampened routes are listed.
Parameters
- ip-prefix/mask
Displays damping information for the specified IP prefix and mask length.
- ip-address
Displays damping entry for the best match route for the specified IP address.
- damp-type
Displays damping type for the specified IP address.
- decayed
Displays damping entries that are decayed but are not suppressed.
- history
Displays damping entries that are withdrawn but have history.
- suppressed
Displays damping entries suppressed because of route damping.
- detail
Displays detailed information.
Output
The following output is an example of BGP damping, and Output fields: damping describes the output fields.
Sample output*A:ALA-12# show router 3 bgp damping
==============================================================================
BGP Router ID : 10.0.0.14 AS : 65206 Local AS : 65206
==============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
Origin codes : i - IGP, e - EGP, ? - incomplete, - best
==============================================================================
BGP Damped Routes
==============================================================================
Flag Network From Reuse AS-Path
------------------------------------------------------------------------------
ud*i 10.149.7.0/24 10.0.28.1 00h00m00s 60203 65001 19855 3356
1239 22406
si 10.155.6.0/23 10.0.28.1 00h43m41s 60203 65001 19855 3356
2914 7459
si 10.155.8.0/22 10.0.28.1 00h38m31s 60203 65001 19855 3356
2914 7459
si 10.155.12.0/22 10.0.28.1 00h35m41s 60203 65001 19855 3356
2914 7459
si 10.155.22.0/23 10.0.28.1 00h35m41s 60203 65001 19855 3356
2914 7459
si 10.155.24.0/22 10.0.28.1 00h35m41s 60203 65001 19855 3356
2914 7459
si 10.155.28.0/22 10.0.28.1 00h34m31s 60203 65001 19855 3356
2914 7459
si 10.155.40.0/21 10.0.28.1 00h28m24s 60203 65001 19855 3356
7911 7459
si 10.155.48.0/20 10.0.28.1 00h28m24s 60203 65001 19855 3356
7911 7459
ud*i 10.8.140.0/24 10.0.28.1 00h00m00s 60203 65001 19855 3356
4637 17447
ud*i 10.8.141.0/24 10.0.28.1 00h00m00s 60203 65001 19855 3356
4637 17447
ud*i 10.9.0.0/18 10.0.28.1 00h00m00s 60203 65001 19855 3356
3561 9658 6163
. . .
ud*i 10.213.184.0/23 10.0.28.1 00h00m00s 60203 65001 19855 3356
6774 6774 9154
------------------------------------------------------------------------------
*A:ALA-12#
*A:ALA-12# show router 3 bgp damping detail
==============================================================================
BGP Router ID : 10.0.0.14 AS : 65206 Local AS : 65206
==============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * -
valid
Origin codes : i - IGP, e - EGP, ? - incomplete, - best
==============================================================================
BGP Damped Routes
==============================================================================
------------------------------------------------------------------------------
Network : 10.149.7.0/24
------------------------------------------------------------------------------
Network : 10.149.7.0/24 Peer : 10.0.28.1
NextHop : 10.0.28.1 Reuse time : 00h00m00s
Peer AS : 60203 Peer Router-Id : 10.32.27.203
Local Pref : none
Age : 00h22m09s Last update : 02d00h58m
FOM Present : 738 FOM Last upd. : 2039
Number of Flaps : 2 Flags : ud*i
Path : 60203 65001 19855 3356 1239 22406
Applied Policy : default-damping-profile
------------------------------------------------------------------------------
Network : 10.142.48.0/20
------------------------------------------------------------------------------
Network : 10.142.48.0/20 Peer : 10.0.28.1
NextHop : 10.0.28.1 Reuse time : 00h00m00s
Peer AS : 60203 Peer Router-Id : 10.32.27.203
Local Pref : none
Age : 00h00m38s Last update : 02d01h20m
FOM Present : 2011 FOM Last upd. : 2023
Number of Flaps : 2 Flags : ud*i
Path : 60203 65001 19855 3356 3561 5551 1889
Applied Policy : default-damping-profile
------------------------------------------------------------------------------
Network : 10.200.128.0/19
------------------------------------------------------------------------------
Network : 10.200.128.0/19 Peer : 10.0.28.1
NextHop : 10.0.28.1 Reuse time : 00h00m00s
Peer AS : 60203 Peer Router-Id : 10.32.27.203
Local Pref : none
Age : 00h00m38s Last update : 02d01h20m
FOM Present : 2011 FOM Last upd. : 2023
Number of Flaps : 2 Flags : ud*i
Path : 60203 65001 19855 1299 702 1889
Applied Policy : default-damping-profile
------------------------------------------------------------------------------
Network : 10.203.192.0/18
-------------------------------------------------------------------------------
Network : 10.203.192.0/18 Peer : 10.0.28.1
NextHop : 10.0.28.1 Reuse time : 00h00m00s
Peer AS : 60203 Peer Router-Id : 10.32.27.203
Local Pref : none
Age : 00h00m07s Last update : 02d01h20m
FOM Present : 1018 FOM Last upd. : 1024
Number of Flaps : 1 Flags : ud*i
Path : 60203 65001 19855 1299 702 1889
Applied Policy : default-damping-profile
------------------------------------------------------------------------------
*A:ALA-12#
*A:ALA-12# show router 3 bgp damping 10.203.192.0/18 detail
==============================================================================
BGP Router ID : 10.0.0.14 AS : 65206 Local AS : 65206
==============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
Origin codes : i - IGP, e - EGP, ? - incomplete, - best
==============================================================================
BGP Damped Routes 10.203.192.0/18
==============================================================================
Network : 10.203.192.0/18
------------------------------------------------------------------------------
Network : 10.203.192.0/18 Peer : 10.0.28.1
NextHop : 10.0.28.1 Reuse time : 00h00m00s
Peer AS : 60203 Peer Router-Id : 10.32.27.203
Local Pref : none
Age : 00h00m42s Last update : 02d01h20m
FOM Present : 2003 FOM Last upd. : 2025
Number of Flaps : 2 Flags : ud*i
Path : 60203 65001 19855 3356 702 1889
Applied Policy : default-damping-profile
------------------------------------------------------------------------------
Paths : 1
==============================================================================
*A:ALA-12#
*A:ALA-12# show router 3 bgp damping suppressed detail
==============================================================================
BGP Router ID : 10.0.0.14 AS : 65206 Local AS : 65206
==============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
Origin codes : i - IGP, e - EGP, ? - incomplete, - best
==============================================================================
BGP Damped Routes (Suppressed)
==============================================================================
Network : 10.142.48.0/20
------------------------------------------------------------------------------
Network : 10.142.48.0/20 Peer : 10.0.28.1
NextHop : 10.0.28.1 Reuse time : 00h29m22s
Peer AS : 60203 Peer Router-Id : 10.32.27.203
Local Pref : none
Age : 00h01m28s Last update : 02d01h20m
FOM Present : 2936 FOM Last upd. : 3001
Number of Flaps : 3 Flags : si
Path : 60203 65001 19855 3356 702 1889
Applied Policy : default-damping-profile
------------------------------------------------------------------------------
Network : 10.200.128.0/19
------------------------------------------------------------------------------
Network : 10.200.128.0/19 Peer : 10.0.28.1
NextHop : 10.0.28.1 Reuse time : 00h29m22s
Peer AS : 60203 Peer Router-Id : 10.32.27.203
Local Pref : none
Age : 00h01m28s Last update : 02d01h20m
FOM Present : 2936 FOM Last upd. : 3001
Number of Flaps : 3 Flags : si
Path : 60203 65001 19855 3356 702 1889
Applied Policy : default-damping-profile
------------------------------------------------------------------------------
Network : 10.203.240.0/20
------------------------------------------------------------------------------
Network : 10.203.240.0/20 Peer : 10.0.28.1
NextHop : 10.0.28.1 Reuse time : 00h29m22s
Peer AS : 60203 Peer Router-Id : 10.32.27.203
Local Pref : none
Age : 00h01m28s Last update : 02d01h20m
FOM Present : 2936 FOM Last upd. : 3001
Number of Flaps : 3 Flags : si
Path : 60203 65001 19855 3356 702 1889
Applied Policy : default-damping-profile
------------------------------------------------------------------------------
Network : 10.206.0.0/17
------------------------------------------------------------------------------
Network : 10.206.0.0/17 Peer : 10.0.28.1
NextHop : 10.0.28.1 Reuse time : 00h29m22s
Peer AS : 60203 Peer Router-Id : 10.32.27.203
Local Pref : none
Age : 00h01m28s Last update : 02d01h20m
FOM Present : 2936 FOM Last upd. : 3001
Number of Flaps : 3 Flags : si
Path : 60203 65001 19855 3356 702 1889
Applied Policy : default-damping-profile
------------------------------------------------------------------------------
*A:ALA-12#
Label |
Description |
---|---|
BGP Router ID |
The local BGP router ID. |
AS |
The configured autonomous system number. |
Local AS |
The configured or inherited local AS for the specified peer group. If not configured, it is the same value as the AS. |
Network |
Route IP prefix and mask length for the route. |
Flags |
Legend: Status codes: u- used, s-suppressed, h-history, d-decayed, *-valid. If a * is not present, the status is invalid. Origin codes: i-IGP, e-EGP, ?-incomplete, >-best |
Network |
The IP prefix and mask length for the route. |
From |
The originator ID path attribute value. |
Reuse time |
The time when a suppressed route can be used again. |
AS Path |
The BGP AS path for the route. |
Peer |
The router ID of the advertising router. |
NextHop |
BGP nexthop for the route. |
Peer AS |
The autonomous system number of the advertising router. |
Peer Router-Id |
The router ID of the advertising router. |
Local Pref |
BGP local preference path attribute for the route. |
Age |
The time elapsed since the service was enabled. |
Last update |
The time when BGP was updated last in second/minute/hour (SS:MM:HH) format. |
FOM Present |
The current Figure of Merit (FOM) value. |
Number of Flaps |
The number of flaps in the neighbor connection. |
Reuse time |
The time when the route can be reused. |
Path |
The BGP AS path for the route. |
Applied Policy |
The applied route policy name. |
group
Syntax
group [name] [detail]
Context
show>router>bgp
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command displays group information for a BGP peer group. This command can be entered with or without parameters.
When this command is entered without a group name, information about all peer groups displays.
When the command is issued with a specific group name, information only pertaining to that specific peer group displays.
The ‛State’ field displays the BGP group operational state. Other valid states are:
Up - BGP global process is configured and running.
Down - BGP global process is administratively shutdown and not running.
Disabled - BGP global process is operationally disabled. The process must be restarted by the operator.
Parameters
- name
Displays information for the BGP group specified.
- detail
Displays detailed information.
Output
The following output is an example of BGP group information, and Output fields: group describes the output fields.
Sample output*A:ALA-12# show router 3 bgp group
===============================================================================
BGP Groups
===============================================================================
Group : To_AS_40000
-------------------------------------------------------------------------------
Description : Not Available
Group Type : No Type State : Up
Peer AS : 40000 Local AS : 65206
Local Address : n/a Loop Detect : Ignore
Export Policy : direct2bgp
Hold Time : 90 Keep Alive : 30
Cluster Id : None Client Reflect : Enabled
NLRI : Unicast Preference : 170
List of Peers
- 10.0.0.1 : To_Jukebox
- 10.0.0.12 : Not Available
- 10.0.0.13 : Not Available
- 10.0.0.14 : To_ALA-1
- 10.0.0.15 : To_H-215
Total Peers : 5 Established : 2
===============================================================================
*A:ALA-12#
Label |
Description |
---|---|
Group |
BGP group name |
Group Type |
No Type Peer type not configured. |
External Peer type configured as external BGP peers. |
|
Internal Peer type configured as internal BGP peers. |
|
State |
Disabled The BGP peer group has been operationally disabled. |
Down The BGP peer group is operationally inactive. |
|
Up The BGP peer group is operationally active. |
|
Peer AS |
The configured or inherited peer AS for the specified peer group. |
Local AS |
The configured or inherited local AS for the specified peer group. |
Local Address |
The configured or inherited local address for originating peering for the specified peer group. |
Loop Detect |
The configured or inherited loop detect setting for the specified peer group. |
Connect Retry |
The configured or inherited connect retry timer value. |
Authentication |
|
None No authentication is configured. |
|
MD5 MD5 authentication is configured. |
|
Local Pref |
The configured or inherited local preference value. |
MED Out |
The configured or inherited MED value assigned to advertised routes without a MED attribute. |
Min Route Advt. |
The minimum amount of time that must pass between route updates for the same IP prefix. |
Min AS Originate |
The minimum amount of time that must pass between updates for a route originated by the local router. |
Multihop |
The maximum number of router hops a BGP connection can traverse. |
Multipath |
The configured or inherited multipath value, determining the maximum number of ECMP routes BGP can advertise to the RTM. |
Prefix Limit |
No Limit No route limit assigned to the BGP peer group. |
1 - 4294967295 The maximum number of routes BGP can learn from a peer. |
|
Passive |
Disabled BGP attempts to establish BGP connections with neighbors in the specified peer group. |
Enabled BGP does not actively attempt to establish BGP connections with neighbors in the specified peer group. |
|
Next Hop Self |
Disabled BGP is not configured to send only its own IP address as the BGP nexthop in route updates to neighbors in the peer group. |
Enabled BGP sends only its own IP address as the BGP nexthop in route updates to neighbors in the specified peer group. |
|
Aggregator ID 0 |
Disabled BGP is not configured to set the aggregator ID to 0.0.0.0 in all originated route aggregates sent to the neighbor in the peer group. |
Enabled BGP is configured to set the aggregator ID to 0.0.0.0 in all originated route aggregates sent to the neighbor in the peer group. |
|
Remove Private |
Disabled BGP does not remove all private AS numbers from the AS path attribute in updates sent to the neighbor in the peer group. |
Enabled BGP removes all private AS numbers from the AS path attribute in updates sent to the neighbor in the peer group. |
|
Damping |
Disabled The peer group is configured not to dampen route flaps. |
Enabled The peer group is configured to dampen route flaps. |
|
Export Policy |
The configured export policies for the peer group. |
Import Policy |
The configured import policies for the peer group. |
Hold Time |
The configured hold time setting. |
Keep Alive |
The configured keepalive setting. |
Cluster Id |
None No cluster ID has been configured. |
Client Reflect |
Disabled The BGP route reflector does not reflect routes to this neighbor. |
Enabled The BGP route reflector is configured to reflect routes to this neighbor. |
|
NLRI |
The type of NLRI information that the specified peer group can accept. |
Unicast IPv4 unicast routing information can be carried. |
|
Preference |
The configured route preference value for the peer group. |
List of Peers |
A list of BGP peers configured under the peer group. |
Total Peers |
The total number of peers configured under the peer group. |
Established |
The total number of peers that are in an established state. |
neighbor
Syntax
neighbor [ip-address [[family family] filter1]]
neighbor [as-number [[family family] filter2]]
Context
show>router>bgp
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command displays BGP neighbor information. This command can be entered with or without any parameters.
When this command is issued without any parameters, information about all BGP peers displays.
When the command is issued with a specific IP address or AS number, information regarding only that specific peer or peers with the same AS display.
When either received-routes or advertised-routes is specified, the routes received from or sent to the specified peer is listed (see second output example). Note: This information is not available by SNMP.
When either history or suppressed is specified, the routes learned from those peers that either have a history or are suppressed (respectively) are listed.
The ‛State’ field displays the BGP peer protocol state. In additional to the standard protocol states, this field can also display the ‛Disabled’ operational state which indicates the peer is operationally disabled and must be restarted by the operator.
Parameters
- ip-addr
Displays the BGP neighbor with the specified IP address.
- family family
Specifies the type of routing information to be distributed by the BGP instance.
- filter1
Specifies route criteria.
- filter2
Specifies route criteria.
Output
The following outputs are examples of BGP neighbor information, and the associated tables describe the output fields.
-
Sample output for Received routes, Output fields: neighbor received routes
-
Sample output — Add-path, Output fields: show neighbor add-path
*A:ALA-12# show router 3 bgp neighbor
===============================================================================
BGP Neighbor
===============================================================================
-------------------------------------------------------------------------------
Peer : 10.0.0.15 Group : To_AS_40000
-------------------------------------------------------------------------------
Peer AS : 65205
Peer Address : 10.0.0.15 Peer Port : 0
Local AS : 65206
Local Address : 10.0.0.16 Local Port : 0
Peer Type : External
State : Active Last State : Connect
Last Event : openFail
Last Error : Hold Timer Expire
Hold Time : 90 Keep Alive : 30
Active Hold Time : 0 Active Keep Alive: 0
Cluster Id : None
Preference : 170 Num of Flaps : 0
Recd. Prefixes : 0 Active Prefixes : 0
Recd. Paths : 0 Suppressed Paths : 0
Input Queue : 0 Output Queue : 0
i/p Messages : 0 o/p Messages : 0
i/p Octets : 0 o/p Octets : 0
i/p Updates : 0 o/p Updates : 0
Export Policy : direct2bgp
===============================================================================
*A:ALA-12#
*A:ALA-12# show router 3 bgp neighbor detail
===============================================================================
BGP Neighbor (detail)
===============================================================================
-------------------------------------------------------------------------------
Peer : 10.0.0.15 Group : To_AS_40000
-------------------------------------------------------------------------------
Peer AS : 65205
Peer Address : 10.0.0.15 Peer Port : 0
Local AS : 65206
Local Address : 10.0.0.16 Local Port : 0
Peer Type : External
State : Active Last State : Connect
Last Event : openFail
Last Error : Hold Timer Expire
Connect Retry : 20 Local Pref. : 100
Min Route Advt. : 30 Min AS Orig. : 15
Multipath : 1 Multihop : 5
Damping : Disabled Loop Detect : Ignore
MED Out : No MED Out Authentication : None
Next Hop Self : Disabled AggregatorID Zero: Disabled
Remove Private : Disabled Passive : Disabled
Prefix Limit : No Limit
Hold Time : 90 Keep Alive : 30
Active Hold Time : 0 Active Keep Alive: 0
Cluster Id : None Client Reflect : Enabled
Preference : 170 Num of Flaps : 0
Recd. Prefixes : 0 Active Prefixes : 0
Recd. Paths : 0 Suppressed Paths : 0
Input Queue : 0 Output Queue : 0
i/p Messages : 0 o/p Messages : 0
i/p Octets : 0 o/p Octets : 0
i/p Updates : 0 o/p Updates : 0
Export Policy : direct2bgp
===============================================================================
*A:ALA-12#
Label |
Description |
---|---|
Peer |
The IP address of the configured BGP peer. |
Group |
The BGP peer group to which this peer is assigned. |
Peer AS |
The configured or inherited peer AS for the peer group. |
Peer Address |
The configured address for the BGP peer. |
Peer Port |
The TCP port number used on the far-end system. |
Local AS |
The configured or inherited local AS for the peer group. |
Local Address |
The configured or inherited local address for originating peering for the peer group. |
Local Port |
The TCP port number used on the local system. |
Peer Type |
External Peer type configured as external BGP peers. Internal Peer type configured as internal BGP peers. |
State |
Idle The BGP peer is not accepting connections. Active BGP is listening for and accepting TCP connections from this peer. Connect BGP is attempting to establish a TCP connection from this peer. Open Sent BGP has sent an OPEN message to the peer and is waiting for an OPEN message from the peer. Open Confirm BGP has received a valid OPEN message from the peer and is awaiting a KEEPALIVE or NOTIFICATION. Established BGP has successfully established a peering and is exchanging routing information. |
Last State |
Idle The BGP peer is not accepting connections. Active BGP is listening for and accepting TCP connections from this peer. Connect BGP is attempting to establish a TCP connection with this peer. Connect BGP is attempting to establish a TCP connections from this peer. Open Sent BGP has sent an OPEN message to the peer and is waiting for an OPEN message from the peer. Open Confirm BGP has received a valid OPEN message from the peer and is awaiting a KEEPALIVE or NOTIFICATION. Open Confirm BGP has received a valid OPEN message from the peer and is awaiting a KEEPALIVE or NOTIFICATION. |
Last Event |
start BGP has initialized the BGP neighbor. stop BGP has disabled the BGP neighbor. open BGP transport connection opened. close BGP transport connection closed. openFail BGP transport connection failed to open. error BGP transport connection error. connectRetry Connect retry timer expired. holdTime Hold time timer expired. keepAlive Keepalive timer expired. recvOpen Receive an OPEN message. revKeepalive Receive an KEEPALIVE message. recvUpdate Receive an UPDATE message. recvNotify Receive an NOTIFICATION message. None No events have occurred. |
Last Error |
Displays the last BGP error and sub-code to occur on the BGP neighbor. |
Connect Retry |
The configured or inherited connect retry timer value. |
Local Pref. |
The configured or inherited local preference value. |
Min Route Advt. |
The minimum amount of time that must pass between route updates for the same IP prefix. |
Min AS Originate |
The minimum amount of time that must pass between updates for a route originated by the local router. |
Multihop |
The maximum number of router hops a BGP connection can traverse. |
Multipath |
The configured or inherited multipath value, determining the maximum number of ECMP routes BGP can advertise to the RTM. |
Damping |
Disabled BGP neighbor is configured not to dampen route flaps. Enabled BGP neighbor is configured to dampen route flaps. |
Loop Detect |
Ignore The BGP neighbor is configured to ignore routes with an AS loop. Drop The BGP neighbor is configured to drop the BGP peering if an AS loop is detected. Off AS loop detection is disabled for the neighbor. |
MED Out |
The configured or inherited MED value assigned to advertised routes without a MED attribute. |
Authentication |
None No authentication is configured. MD5 MD5 authentication is configured. |
Next Hop Self |
Disabled BGP is not configured to send only its own IP address as the BGP nexthop in route updates to the specified neighbor. Enabled BGP sends only its own IP address as the BGP next hop in route updates to the neighbor. |
AggregatorID Zero |
Disabled The BGP Neighbor is not configured to set the aggregator ID to 0.0.0.0 in all originated route aggregates. Enabled The BGP Neighbor is configured to set the aggregator ID to 0.0.0.0 in all originated route aggregates. |
Remove Private |
Disabled BGP does not remove all private AS numbers from the AS path attribute, in updates sent to the specified neighbor. Enabled BGP does remove all private AS numbers from the AS path attribute, in updates sent to the specified neighbor. |
Passive |
Disabled BGP actively attempts to establish a BGP connection with the specified neighbor. Enabled BGP does not actively attempt to establish a BGP connection with the specified neighbor. |
Prefix Limit |
No Limit No route limit assigned to the BGP peer group. 1 - 4294967295 The maximum number of routes BGP can learn from a peer. |
Hold Time |
The configured hold time setting. |
Keep Alive |
The configured keepalive setting. |
Active Hold Time |
The negotiated hold time, if the BGP neighbor is in an established state. |
Active Keep Alive |
The negotiated keepalive time, if the BGP neighbor is in an established state. |
Cluster Id |
The configured route reflector cluster ID. None No cluster ID has been configured |
Client Reflect |
Disabled The BGP route reflector is configured not to reflect routes to this neighbor. Enabled The BGP route reflector is configured to reflect routes to this neighbor. |
Preference |
The configured route preference value for the peer group. |
Num of Flaps |
The number of flaps in the neighbor connection. |
Recd. Prefixes |
The number of routes received from the BGP neighbor. |
Active Prefixes |
The number of routes received from the BGP neighbor and active in the forwarding table. |
Recd. Paths |
The number of unique sets of path attributes received from the BGP neighbor. |
Suppressed Paths |
The number of unique sets of path attributes received from the BGP neighbor and suppressed due to route damping. |
Input Queue |
The number of BGP messages to be processed. |
Output Queue |
The number of BGP messages to be transmitted. |
i/p Messages |
Total number of packets received from the BGP neighbor. |
o/p Messages |
Total number of packets sent to the BGP neighbor. |
i/p Octets |
Total number of octets received from the BGP neighbor. |
o/p Octets |
Total number of octets sent to the BGP neighbor. |
i/p Updates |
Total number of BGP updates received from the BGP neighbor. |
o/p Updates |
Total number of BGP updates sent to the BGP neighbor. |
Export Policy |
The configured export policies for the peer group. |
Import Policy |
The configured import policies for the peer group. |
*A:ALA-12# show router 3 bgp neighbor 10.0.0.16 received-routes
==============================================================================
BGP Router ID : 10.0.0.16 AS : 65206 Local AS : 65206
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
Origin codes : i - IGP, e - EGP, ? - incomplete, > - best
===============================================================================
BGP Neighbor
===============================================================================
Flag Network Nexthop LocalPref MED As-Path
-------------------------------------------------------------------------------
? 10.0.0.16/32 10.0.0.16 100 none No As-Path
? 10.0.6.0/24 10.0.0.16 100 none No As-Path
? 10.0.8.0/24 10.0.0.16 100 none No As-Path
? 10.0.12.0/24 10.0.0.16 100 none No As-Path
? 10.0.13.0/24 10.0.0.16 100 none No As-Path
? 10.0.204.0/24 10.0.0.16 100 none No As-Path
===============================================================================
*A:ALA-12#
Label |
Description |
---|---|
BGP Router ID |
The local BGP router ID |
AS |
The configured autonomous system number |
Local AS |
The configured local AS setting If not configured, it is the same value as the AS |
Flag |
u - used s - suppressed h - history d - decayed * - valid i - igp ? - incomplete > - best |
Network |
Route IP prefix and mask length for the route |
Next Hop |
BGP nexthop for the route |
LocalPref |
BGP local preference path attribute for the route |
MED |
BGP Multi-Exit Discriminator (MED) path attribute for the route |
AS Path |
The BGP AS path for the route |
*A:7210SAS# show router bgp neighbor 2.2.2.2
===============================================================================
BGP Neighbor
===============================================================================
-------------------------------------------------------------------------------
Peer : 10.2.2.2
Group : toPE
-------------------------------------------------------------------------------
Peer AS : 100 Peer Port : 50854
Peer Address : 10.2.2.2
Local AS : 100 Local Port : 179
Local Address : 10.1.1.1
Peer Type : Internal
State : Established Last State : Established
Last Event : recvKeepAlive
Last Error : Cease (Connection Collision Resolution)
Local Family : IPv4 VPN-IPv4 IPv6 VPN-IPv6
Remote Family : IPv4 VPN-IPv4 IPv6 VPN-IPv6
Hold Time : 90 Keep Alive : 30
Min Hold Time : 0
Active Hold Time : 90 Active Keep Alive : 30
Cluster Id : None
Preference : 170 Num of Update Flaps : 0
Recd. Paths : 0
IPv4 Recd. Prefixes : 0 IPv4 Active Prefixes : 0
IPv4 Suppressed Pfxs : 0 VPN-IPv4 Suppr. Pfxs : 0
VPN-IPv4 Recd. Pfxs : 0 VPN-IPv4 Active Pfxs : 0
Mc IPv4 Recd. Pfxs. : 0 Mc IPv4 Active Pfxs. : 0
Mc IPv4 Suppr. Pfxs : 0 IPv6 Suppressed Pfxs : 0
IPv6 Recd. Prefixes : 0 IPv6 Active Prefixes : 0
VPN-IPv6 Recd. Pfxs : 0 VPN-IPv6 Active Pfxs : 0
VPN-IPv6 Suppr. Pfxs : 0 L2-VPN Suppr. Pfxs : 0
L2-VPN Recd. Pfxs : 0 L2-VPN Active Pfxs : 0
MVPN-IPv4 Suppr. Pfxs: 0 MVPN-IPv4 Recd. Pfxs : 0
MVPN-IPv4 Active Pfxs: 0 MDT-SAFI Suppr. Pfxs : 0
MDT-SAFI Recd. Pfxs : 0 MDT-SAFI Active Pfxs : 0
FLOW-IPV4-SAFI Suppr*: 0 FLOW-IPV4-SAFI Recd.*: 0
FLOW-IPV4-SAFI Activ*: 0 Rte-Tgt Suppr. Pfxs : 0
Rte-Tgt Recd. Pfxs : 0 Rte-Tgt Active Pfxs : 0
Backup IPv4 Pfxs : 0 Backup IPv6 Pfxs : 0
Mc Vpn Ipv4 Recd. Pf*: 0 Mc Vpn Ipv4 Active P*: 0
Backup Vpn IPv4 Pfxs : 0 Backup Vpn IPv6 Pfxs : 0
Input Queue : 0 Output Queue : 0
i/p Messages : 9042 o/p Messages : 65
i/p Octets : 111 o/p Octets : 278
i/p Updates : 0 o/p Updates : 0
TTL Security : Disabled Min TTL Value : n/a
Graceful Restart : Disabled Stale Routes Time : n/a
Advertise Inactive : Disabled Peer Tracking : Disabled
Advertise Label : ipv4 ipv6
Auth key chain : n/a
Disable Cap Nego : Disabled Bfd Enabled : Enabled
Flowspec Validate : Disabled Default Route Tgt : Disabled
L2 VPN Cisco Interop : Disabled
Local Capability : RtRefresh MPBGP 4byte ASN
Remote Capability : RtRefresh MPBGP 4byte ASN
Local AddPath Capabi*: Send - VPN-IPv4 (1) VPN-IPv6 (4)
: Receive - VPN-IPv6
Remote AddPath Capab*: Send - VPN-IPv6
: Receive - VPN-IPv4 VPN-IPv6
Import Policy : None Specified / Inherited
Export Policy : P1
-------------------------------------------------------------------------------
Neighbors : 1
===============================================================================
* indicates that the corresponding row element may have been truncated.
*A:7210SAS#
Label |
Description |
---|---|
Peer |
The IP address of the configured BGP peer |
Group |
The BGP peer group to which this peer is assigned |
Peer AS |
The configured or inherited peer AS for the peer group |
Peer Address |
The configured address for the BGP peer |
Peer Port |
The TCP port number used on the far-end system |
Local AS |
The configured or inherited local AS for the peer group |
Local Address |
The configured or inherited local address for originating peering for the peer group |
Local Port |
The TCP port number used on the local system |
Peer Type |
External - peer type configured as external BGP peers Internal - peer type configured as internal BGP peers |
State |
Idle - the BGP peer is not accepting connections (Shutdown) is also displayed if the peer is administratively disabled Active - BGP is listening for and accepting TCP connections from this peer Connect - BGP is attempting to establish a TCP connection with this peer Open Sent - BGP has sent an OPEN message to the peer and is waiting for an OPEN message from the peer Open Confirm - BGP has received a valid OPEN message from the peer and is awaiting a KEEPALIVE or NOTIFICATION Established - BGP has successfully established a peering session and is exchanging routing information |
Last State |
Idle - the BGP peer is not accepting connections Active - BGP is listening for and accepting TCP connections from this peer Connect - BGP is attempting to establish a TCP connections with this peer Open Sent - BGP has sent an OPEN message to the peer and is waiting for an OPEN message from the peer Open Confirm - BGP has received a valid OPEN message from the peer and is awaiting a KEEPALIVE or NOTIFICATION |
Last Event |
start - BGP has initialized the BGP neighbor stop - BGP has disabled the BGP neighbor open - BGP transport connection is opened close - BGP transport connection is closed openFail - BGP transport connection failed to open error - BGP transport connection error connectRetry - the connect retry timer expired holdTime - the hold time timer expired keepAlive - the keepalive timer expired recvOpen - BGP has received an OPEN message revKeepalive - BGP has received a KEEPALIVE message recvUpdate - BGP has received an UPDATE message recvNotify - BGP has received a NOTIFICATION message None - no events have occurred |
Last Error |
The last BGP error and subcode to occur on the BGP neighbor |
Local Family |
The configured local family value |
Remote Family |
The configured remote family value |
Hold Time |
The configured hold-time setting |
Keep Alive |
The configured keepalive setting |
Min Hold Time |
The configured minimum hold-time setting |
Active Hold Time |
The negotiated hold time, if the BGP neighbor is in an established state |
Active Keep Alive |
The negotiated keepalive time, if the BGP neighbor is in an established state |
Cluster Id |
The configured route reflector cluster ID None - no cluster ID is configured |
Preference |
The configured route preference value for the peer group |
Num of Flaps |
The number of route flaps in the neighbor connection |
Recd. Prefixes |
The number of routes received from the BGP neighbor |
Recd. Paths |
The number of unique sets of path attributes received from the BGP neighbor |
IPv4 Recd. Prefixes |
The number of unique sets of IPv4 path attributes received from the BGP neighbor |
IPv4 Active Prefixes |
The number of IPv4 routes received from the BGP neighbor and active in the forwarding table |
IPv4 Suppressed Pfxs |
The number of unique sets of IPv4 path attributes received from the BGP neighbor and suppressed due to route damping |
VPN-IPv4 Suppr. Pfxs |
The number of unique sets of VPN-IPv4 path attributes received from the BGP neighbor and suppressed due to route damping |
VPN-IPv4 Recd. Pfxs |
The number of unique sets of VPN-IPv4 path attributes received from the BGP neighbor |
VPN-IPv4 Active Pfxs |
The number of VPN-IPv4 routes received from the BGP neighbor and active in the forwarding table |
IPv6 Recd. Prefixes |
The number of unique sets of IPv6 path attributes received from the BGP neighbor |
IPv6 Active Prefixes |
The number of IPv6 routes received from the BGP neighbor and active in the forwarding table |
VPN-IPv6 Recd. Pfxs |
The number of unique sets of VPN-IPv6 path attributes received from the BGP neighbor |
VPN-IPv6 Active Pfxs |
The number of VPN-IPv6 routes received from the BGP neighbor and active in the forwarding table |
VPN-IPv6 Suppr. Pfxs |
The number of unique sets of VPN-IPv6 path attributes received from the BGP neighbor and suppressed due to route damping |
Backup IPv4 Pfxs |
The number of BGP Fast Reroute backup path IPv4 prefixes |
Backup IPv6 Pfxs |
The number of BGP Fast Reroute backup path IPv6 prefixes |
Backup Vpn IPv4 Pfxs |
The number of BGP Fast Reroute backup path VPN IPv4 prefixes |
Backup Vpn IPv6 Pfxs |
The number of BGP Fast Reroute backup path VPN IPv6 prefixes |
Input Queue |
The number of BGP messages to be processed |
Output Queue |
The number of BGP messages to be transmitted |
i/p Messages |
The total number of packets received from the BGP neighbor |
o/p Messages |
The total number of packets sent to the BGP neighbor |
i/p Octets |
The total number of octets received from the BGP neighbor |
o/p Octets |
The total number of octets sent to the BGP neighbor |
i/p Updates |
The total number of updates received from the BGP neighbor |
o/p Updates |
The total number of updates sent to the BGP neighbor |
TTL Security |
Enabled - TTL security is enabled Disabled - TTL security is disabled |
Min TTL Value |
The minimum TTL value configured for the peer |
Graceful Restart |
The state of graceful restart |
Stale Routes Time |
The length of time that stale routes are kept in the route table |
Advertise Inactive |
The state of advertising inactive BGP routes to other BGP peers (enabled or disabled) |
Peer Tracking |
The state of tracking a neighbor IP address in the routing table for a BGP session |
Advertise Label |
Indicates the enabled address family for supporting RFC 3107 BGP label capability |
Auth key chain |
The value for the authentication key chain |
Bfd Enabled |
Enabled - BFD is enabled Disabled - BFD is disabled |
Local Capability |
The capability of the local BGP speaker; for example, route refresh, MP-BGP, ORF |
Remote Capability |
The capability of the remote BGP peer; for example, route refresh, MP-BGP, ORF |
Local AddPath Capabi* |
The state of the local BGP add-paths capabilities The add-paths capability allows the router to send and receive multiple paths per prefix to or from a peer |
Remote AddPath Capab* |
The state of the remote BGP add-paths capabilities |
Import Policy |
The configured import policies for the peer group |
Export Policy |
The configured export policies for the peer group |
paths
Syntax
paths
Context
show>router>bgp
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command displays a summary of BGP path attributes.
Output
The following output is an example of BGP path information, and Output fields: paths describes the output fields.
Sample output*A:ALA-12# show router 3 bgp paths
==============================================================================
BGP Router ID : 10.0.0.14 AS : 65206 Local AS : 65206
==============================================================================
BGP Paths
------------------------------------------------------------------------------
Path: 60203 65001 19855 3356 15412
------------------------------------------------------------------------------
Origin : IGP Next Hop : 10.0.28.1
MED : 60203 Local Preference : none
Refs : 4 ASes : 5
Segments : 1
Flags : EBGP-learned
Aggregator : 15412 62.216.140.1
------------------------------------------------------------------------------
Path: 60203 65001 19855 3356 1 1236 1236 1236 1236
------------------------------------------------------------------------------
Origin : IGP Next Hop : 10.0.28.1
MED : 60203 Local Preference : none
Refs : 2 ASes : 9
Segments : 1
Flags : EBGP-learned
------------------------------------------------------------------------------
*A:ALA-12#
Label |
Description |
---|---|
BGP Router ID |
The local BGP router ID. |
AS |
The configured autonomous system number. |
Local AS |
The configured local AS setting. If not configured, the value is the same as the AS. |
Path |
The AS path attribute. |
Origin |
EGP The NLRI is learned by an EGP protocol. |
IGP The NLRI is interior to the originating AS. |
|
INCOMPLETE NLRI was learned another way. |
|
Next Hop |
The advertised BGP nexthop. |
MED |
The Multi-Exit Discriminator value. |
Local Preference |
The local preference value. |
Refs |
The number of routes using a specified set of path attributes. |
ASes |
The number of autonomous system numbers in the AS path attribute. |
Segments |
The number of segments in the AS path attribute. |
Flags |
eBGP-learned Path attributes learned by an eBGP peering. |
iBGP-Learned Path attributes learned by an iBGP peering. |
|
Aggregator |
The route aggregator ID. |
Community |
The BGP community attribute list. |
Originator ID |
The originator ID path attribute value. |
Cluster List |
The route reflector cluster list. |
routes
Syntax
routes [family family] [prefix [detail | longer]]
routes [family family] [prefix [hunt | brief]]
routes [family family] [community comm-id]
routes [family family] [aspath-regex reg-ex1]
routes [family family] [ipv6-prefix[/prefix-length] [detail | longer] | [hunt [brief]]]
Context
show>router>bgp
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command displays BGP route information.
When this command is issued without any parameters, the entire BGP routing table is displayed.
When this command is issued with an IP prefix/mask or IP address, the best match for the parameter is displayed.
Parameters
- family family
Specifies the type of routing information to be distributed by the BGP instance.
- prefix
Specifies the type of routing information to display.
- filter
Specifies route criteria.
- aspath-regex ‟reg-exp”
Displays all routes with an AS path matching the specified regular expression reg-exp.
- community comm.-id
Displays all routes with the specified BGP community.
Output
The following output is an example of BGP route information, and Output fields: routes describes the output fields.
Sample output*A:ALA-12>config>router>bgp# show router 3 bgp routes family ipv4
==============================================================================
BGP Router ID : 10.10.10.103 AS : 200 Local AS : 200
==============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
Origin codes : i - IGP, e - EGP, ? - incomplete, > - best
==============================================================================
BGP Routes
==============================================================================
Flag Network Nexthop LocalPref MED
VPN Label As-Path
------------------------------------------------------------------------------
No Matching Entries Found
==============================================================================
*A:ALA-12>config>router>bgp#
A:SR-12# show router bgp routes 10.0.0.0/31 hunt
===============================================================================
BGP Router ID : 10.20.1.1 AS : 100Local AS : 100
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
Origin codes : i - IGP, e - EGP, ? - incomplete, > - best
===============================================================================
BGP Routes
===============================================================================
RIB In Entries
-------------------------------------------------------------------------------
Network : 10.0.0.0/31
Nexthop : 10.20.1.2
Route Dist. : 10.20.1.2:1VPN Label: 131070
From : 10.20.1.2
Res. Nexthop : 10.10.1.2
Local Pref. : 100Interface Name: to-sr7
Aggregator AS : noneAggregator: none
Atomic Aggr. : Not AtomicMED: none
Community : target:10.20.1.2:1
Cluster : No Cluster Members
Originator Id : NonePeer Router Id: 10.20.1.2
Flags : Used Valid Best IGP
AS-Path : No As-Path
VPRN Imported : 1 2 10 12
-------------------------------------------------------------------------------
RIB Out Entries
-------------------------------------------------------------------------------
Routes : 1
===============================================================================
A:SR-12#
Label |
Description |
---|---|
BGP Router ID |
The local BGP router ID. |
AS |
The configured autonomous system number. |
Local AS |
The configured local AS setting, if not configured it is the same as the system AS. |
Network |
The IP prefix and mask length. |
Nexthop |
The BGP nexthop. |
From |
The advertising BGP neighbor IP address. |
Res. Nexthop |
The resolved nexthop. |
Local Pref. |
The local preference value. |
Flag |
u used |
s suppressed |
|
h history |
|
d decayed |
|
* valid |
|
i igp |
|
e egp |
|
? incomplete |
|
> best |
|
Aggregator AS |
The aggregator AS value. none No aggregator AS attributes are present. |
Aggregator |
The aggregator attribute value. none no Aggregator attributes are present. |
Atomic Aggr. |
Atomic The atomic aggregator flag is set. |
Not Atomic The atomic aggregator flag is not set. |
|
MED |
The MED metric value. none No MED metric is present. |
Community |
The BGP community attribute list. |
Cluster |
The route reflector cluster list. |
Originator Id |
The originator ID path attribute value. |
none The originator ID attribute is not present. |
|
Peer Router Id |
The router ID of the advertising router. |
AS-Path |
The BGP AS path attribute. |
VPRN Imported |
Displays the VPRNs where a particular BGP-VPN received route has been imported and installed. |
summary
Syntax
summary [all]
Context
show>router>bgp
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command displays a summary of BGP neighbor information.
If confederations are not configured, that portion of the output does not display.
The ‟State” field displays the global BGP operational state. The valid values are:
Up — BGP global process is configured and running.
Down — BGP global process is administratively shutdown and not running.
Disabled — BGP global process is operationally disabled. The process must be restarted by the operator.
For example, if a BGP peer is operationally disabled, the state in the summary table shows the state ‛Disabled’.
Parameters
- all
Displays BGP peers in all instances.
Output
The following output is an example of summary BGP information, and Output fields: BGP summary describes the output fields.
Sample output*A:ALA-12# show router 3 bgp summary
===============================================================================
BGP Router ID : 10.0.0.14 AS : 65206 Local AS : 65206
===============================================================================
BGP Admin State : Up BGP Oper State : Up
Confederation AS : 40000
Member Confederations : 65205 65206 65207 65208
Number of Peer Groups : 2 Number of Peers : 7
Total BGP Active Routes : 86689 Total BGP Routes : 116999
Total BGP Paths : 35860 Total Path Memory : 2749476
Total Supressed Routes : 0 Total History Routes : 0
Total Decayed Routes : 0
===============================================================================
BGP Summary
===============================================================================
Neighbor AS PktRcvd PktSent InQ OutQ Up/Down State|Recv/Actv/Sent
-------------------------------------------------------------------------------
10.0.0.1 65206 5 21849 0 0 00h01m29s 32/0/86683
10.0.0.12 65206 0 0 0 0 00h01m29s Active
10.0.0.13 65206 5 10545 0 50 00h01m29s 6/0/86683
10.0.0.15 65205 0 0 0 0 00h01m29s Active
10.0.0.16 65206 5 9636 0 50 00h01m29s 6/0/86683
10.0.27.1 2 0 0 0 0 00h01m29s Active
10.0.28.1 60203 22512 15 0 0 00h01m29s 116955/86689/9
===============================================================================
*A:ALA-12#
Label |
Description |
---|---|
BGP Router ID |
The local BGP router ID. |
AS |
The configured autonomous system number. |
Local AS |
The configured local AS setting, if not configured it is the same as the system AS. |
BGP Admin State |
Down BGP is administratively disabled. |
Up BGP is administratively enabled. |
|
BGP Oper State |
Down BGP is operationally disabled. |
Up BGP is operationally enabled. |
|
Confederation AS |
The configured confederation AS. |
Member Confederations |
The configured members of the BGP confederation. |
Number of Peer Groups |
The total number of configured BGP peer groups. |
Number of Peers |
The total number of configured BGP peers. |
Total BGP Active Routes |
The total number of BGP routes used in the forwarding table. |
Total BGP Routes |
The total number of BGP routes learned from BGP peers. |
Total BGP Paths |
The total number of unique sets of BGP path attributes learned from BGP peers. |
Total Path Memory |
Total amount of memory used to store the path attributes. |
Total Suppressed Routes |
Total number of suppressed routes due to route damping. |
Total History Routes |
Total number of routes with history due to route damping. |
Total Decayed Routes |
Total number of decayed routes due to route damping. |
Neighbor |
BGP neighbor address. |
AS (Neighbor) |
BGP neighbor autonomous system number. |
PktRcvd |
Total number of packets received from the BGP neighbor. |
PktSent |
Total number of packets sent to the BGP neighbor. |
InQ |
The number of BGP messages to be processed. |
OutQ |
The number of BGP messages to be transmitted. |
Up/Down |
The amount of time that the BGP neighbor has either been established or not established depending on its current state. |
State|Recv/Actv/Sent |
The BGP neighbor current state (if not established) or the number of received routes, active routes and sent routes (if established). |
interface
Syntax
interface [{[ip-address | ip-int-name][detail]} | summary]
Context
show>router
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command displays the router IP interface table sorted by interface index.
Parameters
- ip-address
Displays the interface information associated with the specified IP address.
- ip-int-name
Displays the interface information associated with the specified IP interface name.
- detail
Displays detailed IP interface information.
- summary
Displays summary IP interface information for the router.
Output
The following outputs are examples of router interface information, and the associated tables describe the output fields.
*A:7210SAS>show>router interface i1 detail
===============================================================================
Interface Table (Router: Base)
===============================================================================
-------------------------------------------------------------------------------
Interface
-------------------------------------------------------------------------------
If Name : i1
Admin State : Up Oper (v4/v6) : Down/--
Protocols : None
IP Addr/mask : Not Assigned
-------------------------------------------------------------------------------
Details
-------------------------------------------------------------------------------
Description : (Not Specified)
If Index : 2 Virt. If Index : 2
Last Oper Chg: 03/07/2001 01:47:29 Global If Index : 127
Port Id : 1/1/1
TOS Marking : Trusted If Type : Network
Egress Filter: none Ingress Filter : none
Egr IPv6 Flt : none Ingr IPv6 Flt : none
SNTP B.Cast : False QoS Policy : 2
Queue-group : None
MAC Address : 00:25:ba:0d:27:32 Arp Timeout : 14400
IP Oper MTU : 9198
LdpSyncTimer : None Strip-Label : Disabled
uRPF Chk : disabled
uRPF Fail By*: 0 uRPF Chk Fail Pk*: 0
ICMP Details
Redirects : Number - 100 Time (seconds) - 10
Unreachables : Number - 100 Time (seconds) - 10
TTL Expired : Number - 100 Time (seconds) - 10
===============================================================================
Meter Statistics
===============================================================================
-------------------------------------------------------------------------------
Packets Octets
-------------------------------------------------------------------------------
Ingress Meter 1 (Unicast)
For. InProf : 0 0
For. OutProf : 0 0
Ingress Meter 9 (Multipoint)
For. InProf : 0 0
For. OutProf : 0 0
===============================================================================
===============================================================================
* indicates that the corresponding row element may have been truncated.
*A:7210SAS>show>router#
Label |
Description |
---|---|
Interface-Name |
The IP interface name. |
Type |
n/a No IP address has been assigned to the IP interface, so the IP address type is not applicable. |
Pri The IP address for the IP interface is the Primary address on the IP interface. |
|
Sec The IP address for the IP interface is a secondary address on the IP interface. |
|
IP-Address |
The IP address and subnet mask length of the IP interface. n/a — Indicates no IP address has been assigned to the IP interface. |
Adm |
Down The IP interface is administratively disabled. |
Up The IP interface is administratively enabled. |
|
Opr |
Down The IP interface is operationally disabled. |
Up The IP interface is operationally enabled. |
|
Mode |
Network The IP interface is a network/core IP interface. |
Service The IP interface is a service IP interface. |
*A:ALA-12# show router 3 interface detail
==============================================================================
Interface Table
==============================================================================
Interface
------------------------------------------------------------------------------
If Name : to-ser1
Admin State : Up Oper State : Up
IP Addr/mask : 10.10.13.3/24 Address Type : Primary
IGP Inhibit : Disabled Broadcast Address: Host-ones
IP Addr/mask : 10.200.0.1/16 Address Type : Secondary
IGP Inhibit : Enabled Broadcast Address: Host-ones
------------------------------------------------------------------------------
Details
------------------------------------------------------------------------------
If Index : 2
Port Id : 1/1/2 If Type : Network
Egress Filter: none Ingress Filter : 100
QoS Policy : 1 SNTP Broadcast : False
MAC Address : 04:5d:01:01:00:02 Arp Timeout : 14400
ICMP Details
Redirects : Disabled
Unreachables : Number - 100 Time (seconds) - 10
TTL Expired : Number - 100 Time (seconds) - 10
==============================================================================
*A:ALA-12#
Label |
Description |
---|---|
If Name |
The IP interface name. |
Admin State |
Down The IP interface is administratively disabled. |
Up The IP interface is administratively enabled. |
|
Oper State |
Down The IP interface is operationally disabled. |
Up The IP interface is operationally disabled. |
|
IP Addr/mask |
The IP address and subnet mask length of the IP interface. Not Assigned - indicates no IP address has been assigned to the IP interface |
Address Type |
Primary The IP address for the IP interface is the Primary address on the IP interface. |
Secondary The IP address for the IP interface is a Secondary address on the IP interface. |
|
IGP Inhibit |
Disabled The secondary IP address on the interface is recognized as a local interface by the IGP. |
Enabled The secondary IP address on the interface is not recognized as a local interface by the IGP. |
|
Broadcast Address |
All-ones The broadcast format on the IP interface is all ones. |
Host-ones The broadcast format on the IP interface is host ones. |
|
If Index |
The interface index of the IP router interface. |
If Type |
Network The IP interface is a network/core IP interface. |
Service The IP interface is a service IP interface. |
|
Port Id |
The port ID of the IP interface. |
Egress Filter |
The egress IP filter policy ID associated with the IP interface. none Indicates no egress filter policy is associated with the interface. |
Ingress Filter |
The ingress IP filter policy ID associated with the IP interface. none Indicates no ingress filter policy is associated with the interface. |
QoS Policy |
The QoS policy ID associated with the IP interface. |
SNTP Broadcast |
False Receipt of SNTP broadcasts on the IP interface is disabled. |
True Receipt of SNTP broadcasts on the IP interface is enabled. |
|
MAC Address |
The MAC address of the IP interface. |
Arp Timeout |
The ARP timeout for the interface, in seconds, which is the time an ARP entry is maintained in the ARP cache without being refreshed. |
ICMP Mask Reply |
False The IP interface does not reply to a received ICMP mask request. |
True The IP interface replies to a received ICMP mask request. |
|
Redirects |
Specifies the maximum number of ICMP redirect messages the IP interface issues in a specific period of time (Time (seconds)). Disabled Indicates the IP interface does not generate ICMP redirect messages. |
Unreachables |
Specifies the maximum number of ICMP destination unreachable messages the IP interface issues in a specific period of time. Disabled Indicates that the IP interface does not generate ICMP destination unreachable messages. |
TTL Expired |
The maximum number (Number) of ICMP TTL expired messages the IP interface issues in a specific period of time (Time (seconds)). Disabled Indicates that the IP interface does not generate ICMP TTL expired messages. |
*A:ALA-12# show router 3 interface summary
===============================================================================
Router Summary (Interfaces)
===============================================================================
Instance Router Name Interfaces Admin-Up Oper-Up
-------------------------------------------------------------------------------
1 Base 7 7 5
===============================================================================
*A:ALA-12#
Label |
Description |
---|---|
Instance |
The router instance number. |
Router Name |
The name of the router instance. |
Interfaces |
The number of IP interfaces in the router instance. |
mvpn
Syntax
mvpn
Context
show>router
Platforms
7210 SAS-T, 7210 SAS-Mxp, and 7210 SAS-Sx/S 1/10GE (standalone and standalone-VC)
Description
This command displays Multicast VPN related information. The router instance must be specified using the show router command.
Output
The following output is an example of multicast VPN information, and Output fields: MVPN describes the output fields.
Sample output*A:Dut-y# show router 10 mvpn
===============================================================================
MVPN 10 configuration data
===============================================================================
signaling : Bgp auto-discovery : Default
UMH Selection : Highest-Ip intersite-shared : Enabled
vrf-import : N/A
vrf-export : N/A
vrf-target : unicast
C-Mcast Import RT : target:16.16.16.16:3
ipmsi : ldp
i-pmsi P2MP AdmSt : Up
spmsi : ldp
s-pmsi P2MP AdmSt : Up
max-p2mp-spmsi : 251
data-delay-interval: 3 seconds
enable-asm-mdt : N/A
data-threshold : 224.0.0.0/4 --> 1 kbps
===============================================================================
*A:Dut-y#
Label |
Description |
---|---|
signaling |
Displays the signaling type. |
UMH Selection |
Displays the UMH selection method. |
vrf-import |
Displays the VRF import policy in use. |
vrf-export |
Displays the VRF export policy in use. |
vrf-target |
Displays the VRF target. |
C-Mcast Import RT |
Displays the c-multicast import router PE system address or loopback address. This address is common for all VPNs on the PE. |
ipmsi |
Displays the signaling protocol used to setup the I-PMSI tree transport tunnel. |
i-pmsi P2MP AdmSt |
Displays I-PMSI P2MP administrative state. |
spmsi |
Displays signaling protocol used to setup the S-PMSI tree transport tunnel. |
s-pmsi P2MP AdmSt |
Displays the S-PMSI P2MP administrative state. |
max-p2mp-spmsi |
Displays the maximum number of P2MP S-PMSIs. |
data-delay-interval |
Displays the interval, in seconds, before a PE router connected to the source switches traffic from the inclusive provider tunnel to the selective provider tunnel. |
enable-asm-mdt |
Displays whether ASM MDT is enabled. |
data-threshold |
Displays the data threshold. |
mvpn-list
Syntax
mvpn-list [type type] [auto-discovery auto-discovery] [signalling signalling] [group group]
Context
show>router
Platforms
7210 SAS-T, 7210 SAS-Mxp, and 7210 SAS-Sx/S 1/10GE (standalone and standalone-VC)
Description
This command displays Multicast VPN list related information.
Parameters
- type
Specifies the MVPN type.
- auto-discovery
Specifies the auto-discovery mode.
- signalling
Specifies the signaling type.
- group
Specifies the group address.
Output
The following output is an example of multicast VPN list information, and Output Fields: MVPN list describes the output fields.
Sample output
*A:Dut-y# show router mvpn-list
===============================================================================
MVPN List
===============================================================================
VprnID Sig A-D iPmsi/sPmsi GroupAddr/Lsp-Template (S,G)/(*,G)
-------------------------------------------------------------------------------
10 Bgp Default Mldp/Mldp N/A 512/0
20 Bgp Default Mldp/Mldp N/A 512/0
30 Bgp Default None/None N/A 0/0
-------------------------------------------------------------------------------
Total PIM I-PMSI tunnels : 0
Total RSVP I-PMSI tunnels : 0
Total MLDP I-PMSI tunnels : 2
Total PIM TX S-PMSI tunnels : 0
Total RSVP TX S-PMSI tunnels : 0
Total MLDP TX S-PMSI tunnels : 502
Total PIM RX S-PMSI tunnels : 0
Total RSVP RX S-PMSI tunnels : 0
Total MLDP RX S-PMSI tunnels : 0
Total (S,G) : 1024
Total (*,G) : 0
Total Mvpns : 3
Sig = Signal Pim-a = pim-asm Pim-s = pim-ssm A-D = Auto-Discovery
===============================================================================
*A:Dut-y#
Label |
Description |
---|---|
Total PIM I-PMSI tunnels |
Displays the total number of PIM I-PMSI tunnels. |
Total RSVP I-PMSI tunnels |
Displays the total number of RSVP I-PMSI tunnels. |
Total MLDP I-PMSI tunnels |
Displays the total number of MLDP I-PMSI tunnels. |
Total PIM TX I-PMSI tunnels |
Displays the total number of PIM I-PMSI transmit tunnels. |
Total RSVP TX I-PMSI tunnels |
Displays the total number of RSVP I-PMSI transmit tunnels. |
Total MLDP TX I-PMSI tunnels |
Displays the total number of MLDP I-PMSI transmit tunnels. |
Total PIM RX I-PMSI tunnels |
Displays the total number of PIM I-PMSI receive tunnels. |
Total RSVP RX I-PMSI tunnels |
Displays the total number of RSVP I-PMSI receive tunnels. |
Total MLDP RX I-PMSI tunnels |
Displays the total number of MLDP I-PMSI receive tunnels. |
Total (S,G) |
Displays the total number of (S,G) multicast groups. |
Total (*,G) |
Displays the total number of (*,G) multicast groups. |
Total Mvpns |
Displays the total number of MVPNs. |
route-table
Syntax
route-table [ip-prefix [/mask] [longer] | [protocol protocol] | [summary]]
Context
show>router
Platforms
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
Description
This command displays the active routes in the routing table.
If no command line arguments are specified, all routes are displayed, sorted by prefix.
Parameters
- ip-prefix[/mask]
Displays routes only matching the specified ip-prefix and optional mask.
- longer
Displays routes matching the ip-prefix/mask and routes with longer masks.
- protocol protocol
Displays routes learned from the specified protocol.
- summary
Displays a route table summary information.
Output
The following output is an example of route table information, and Output Fields: Router Table describes the output fields.
Sample output*A:ALA-12# show router 3 route-table
==============================================================================
Route Table
==============================================================================
Dest Address Next Hop Type Protocol Age Metric Pref
------------------------------------------------------------------------------
10.10.0.1/32 10.10.13.1 Remote OSPF 65844 1001 10
10.10.0.2/32 10.10.13.1 Remote OSPF 65844 2001 10
10.10.0.3/32 0.0.0.0 Local Local 1329261 0 0
10.10.0.4/32 10.10.34.4 Remote OSPF 3523 1001 10
10.10.0.5/32 10.10.35.5 Remote OSPF 1084022 1001 10
10.10.12.0/24 10.10.13.1 Remote OSPF 65844 2000 10
10.10.13.0/24 0.0.0.0 Local Local 65859 0 0
10.10.15.0/24 10.10.13.1 Remote OSPF 58836 2000 10
10.10.24.0/24 10.10.34.4 Remote OSPF 3523 2000 10
10.10.25.0/24 10.10.35.5 Remote OSPF 399059 2000 10
10.10.34.0/24 0.0.0.0 Local Local 3543 0 0
10.10.35.0/24 0.0.0.0 Local Local 1329259 0 0
10.10.45.0/24 10.10.34.4 Remote OSPF 3523 2000 10
10.200.0.0/16 0.0.0.0 Local Local 4513 0 0
192.168.0.0/20 0.0.0.0 Local Local 1329264 0 0
192.168.254.0/24 0.0.0.0 Remote Static 11 1 5
------------------------------------------------------------------------------
*A:ALA-12#
*A:ALA-12# show router 3 route-table 10.10.0.4
===============================================================================
Route Table
==============================================================================
Dest Address Next Hop Type Protocol Age Metric Pref
------------------------------------------------------------------------------
10.10.0.4/32 10.10.34.4 Remote OSPF 3523 1001 10
------------------------------------------------------------------------------
*A:ALA-12#
*A:ALA-12# show router 3 route-table 10.10.0.4/32 longer
==============================================================================
Route Table
==============================================================================
Dest Address Next Hop Type Protocol Age Metric Pref
------------------------------------------------------------------------------
10.10.0.4/32 10.10.34.4 Remote OSPF 3523 1001 10
------------------------------------------------------------------------------
No. of Routes: 1
==============================================================================
+ : indicates that the route matches on a longer prefix
*A:ALA-12#
*A:ALA-12# show router 3 route-table protocol ospf
==============================================================================
Route Table
==============================================================================
Dest Address Next Hop Type Protocol Age Metric Pref
------------------------------------------------------------------------------
10.10.0.1/32 10.10.13.1 Remote OSPF 65844 1001 10
10.10.0.2/32 10.10.13.1 Remote OSPF 65844 2001 10
10.10.0.4/32 10.10.34.4 Remote OSPF 3523 1001 10
10.10.0.5/32 10.10.35.5 Remote OSPF 1084022 1001 10
10.10.12.0/24 10.10.13.1 Remote OSPF 65844 2000 10
10.10.15.0/24 10.10.13.1 Remote OSPF 58836 2000 10
10.10.24.0/24 10.10.34.4 Remote OSPF 3523 2000 10
10.10.25.0/24 10.10.35.5 Remote OSPF 399059 2000 10
10.10.45.0/24 10.10.34.4 Remote OSPF 3523 2000 10
-------------------------------------------------------------------------------
*A:ALA-12#
*A:ALA-12# show router 3 route-table summary
===============================================================================
Route Table Summary
===============================================================================
Active Available
-------------------------------------------------------------------------------
Static 1 1
Direct 6 6
BGP 0 0
OSPF 9 9
ISIS 0 0
RIP 0 0
Aggregate 0 0
-------------------------------------------------------------------------------
Total 15 15
===============================================================================
*A:ALA-12#
Label |
Description |
---|---|
Dest Address |
The route destination address and mask. |
Next Hop |
The next hop IP address for the route destination. |
Type |
Local The route is a local route. |
Remote The route is a remote route. |
|
Protocol |
The protocol through which the route was learned. |
Age |
The route age in seconds for the route. |
Metric |
The route metric value for the route. |
Pref |
The route preference value for the route. |
No. of Routes: |
The number of routes displayed in the list. |
static-arp
Syntax
static-arp [ip-address | ip-int-name | mac ieee-mac-addr]
Context
show>router
Platforms
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
Description
This command displays the router static ARP table sorted by IP address.
If no options are present, all ARP entries are displayed.
Parameters
- ip-address
Displays static ARP entries associated with the specified IP address.
- ip-int-name
Displays static ARP entries associated with the specified IP interface name.
- mac ieee-mac-addr
Displays static ARP entries associated with the specified MAC address.
Output
The following output is an example of static ARP information, and Output Fields: Static ARP describes the output fields.
Sample output*A:ALA-12# show router 3 static-arp
==============================================================================
ARP Table
==============================================================================
IP Address MAC Address Age Type Interface
------------------------------------------------------------------------------
10.200.0.253 00:00:5a:40:00:01 00:00:00 Sta to-ser1
10.200.1.1 00:00:5a:01:00:33 00:00:00 Inv to-ser1a
------------------------------------------------------------------------------
No. of ARP Entries: 2
==============================================================================
*A:ALA-12#
*A:ALA-12# show router 3 static-arp 10.200.1.1
==============================================================================
ARP Table
==============================================================================
IP Address MAC Address Age Type Interface
------------------------------------------------------------------------------
10.200.1.1 00:00:5a:01:00:33 00:00:00 Inv to-ser1 a
===============================================================================
*A:ALA-12#
*A:ALA-12# show router 3 static-arp to-ser1
==============================================================================
ARP Table
==============================================================================
IP Address MAC Address Age Type Interface
------------------------------------------------------------------------------
10.200.0.253 00:00:5a:40:00:01 00:00:00 Sta to-ser1
===============================================================================
S*A:ALA-12#
*A:ALA-12# show router 3 static-arp mac 00:00:5a:40:00:01
==============================================================================
ARP Table
==============================================================================
IP Address MAC Address Age Type Interface
-------------------------------------------------------------------------------
10.200.0.253 00:00:5a:40:00:01 00:00:00 Sta to-ser1
==============================================================================
*A:ALA-12#
Label |
Description |
---|---|
IP Address |
The IP address of the static ARP entry. |
MAC Address |
The MAC address of the static ARP entry. |
Age |
The age of the ARP entry. Static ARPs always have 00:00:00 for the age. |
Type |
Inv The ARP entry is an inactive static ARP entry (invalid). |
Sta The ARP entry is an active static ARP entry. |
|
Interface |
The IP interface name associated with the ARP entry. |
No. of ARP Entries |
The number of ARP entries displayed in the list. |
static-route
Syntax
static-route [ip-prefix /mask] | [preference preference] | [next-hop ip-addr | tag tag] [detail]
Context
show>router
Platforms
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
Description
This command displays the static entries in the routing table.
If no options are present. all static routes are displayed sorted by prefix.
Parameters
- ip-prefix /mask
Displays static routes only matching the specified ip-prefix and mask.
- preference preference
Displays static routes with the specified route preference.
- next-hop ip-addr
Displays static routes with the specified next hop IP address.
- detail
Displays detailed information about the static route.
- tag
Displays the tag used to add a 32-bit integer tag to the static route. The tag is used in route policies to control distribution of the route into other protocols.
Output
The following output is an example of static route information, and Output Fields: Static Route describes the output fields.
Sample output*A:ALA-12# show router 3 static-route
==============================================================================
Route Table
==============================================================================
IP Addr/mask Pref Metric Type Nexthop Interface Active
------------------------------------------------------------------------------
192.168.250.0/24 5 1 ID 10.200.10.1 to-ser1 Y
192.168.252.0/24 5 1 NH 10.10.0.254 n/a N
192.168.253.0/24 5 1 NH to-ser1 n/a N
192.168.253.0/24 5 1 NH 10.10.0.254 n/a N
192.168.254.0/24 4 1 BH black-hole n/a Y
==============================================================================
*A:ALA-12#
*A:ALA-12# show router 3 static-route 192.168.250.0/24
==============================================================================
Route Table
==============================================================================
IP Addr/mask Pref Metric Type Nexthop Interface Active
------------------------------------------------------------------------------
192.168.250.0/24 5 1 ID 10.200.10.1 to-ser1 Y
==============================================================================
*A:ALA-12#
*A:ALA-12# show router 3 static-route preference 4
=============================================================================
Route Table
==============================================================================
IP Addr/mask Pref Metric Type Nexthop Interface Active
------------------------------------------------------------------------------
192.168.254.0/24 4 1 BH black-hole n/a Y
==============================================================================
*A:ALA-12#
*A:ALA-12# show router 3 static-route next-hop 10.10.0.254
==============================================================================
Route Table
==============================================================================
IP Addr/mask Pref Metric Type Nexthop Interface Active
------------------------------------------------------------------------------
192.168.253.0/24 5 1 NH 10.10.0.254 n/a N
=============================================================================
*A:ALA-12#
*A:Dut-B# show router static-route
===============================================================================
Static Route Table (Router: Base) Family: IPv4
===============================================================================
Prefix Tag Met Pref Type Act
Next Hop Interface
-------------------------------------------------------------------------------
10.2.3.4/32 0 1 5 NH Y
10.11.25.6
ip-10.11.25.5_base_to_cpe_static
10.11.15.0/24 0 1 5 NH Y
10.11.25.6
ip-10.11.25.5_base_to_cpe_static
-------------------------------------------------------------------------------
No. of Static Routes: 2
===============================================================================
*A:Dut-B# show router static-route detail
==============================================================================
Static Route Table (Router: Base) Family: IPv4
==============================================================================
Network : 10.2.3.4/32
Nexthop : 10.11.25.6
Type : Nexthop Nexthop Type : IP
Interface : ip-10.11.25.5_base_to_cpe_stat* Active : Y
Metric : 1 Preference : 5
Admin State : Up Tag : 0
BFD : disabled
CPE-check : enabled State : n/a
Target : 10.11.18.6
Interval : 1 Drop Count : 3
Log : N
CPE Host Up Time : 0d 00:00:02
CPE Echo Req Tx : 3 CPE Echo Reply Rx : 3
CPE Up Trans : 1 CPE Down Trans : 0
CPE TTL : 2
------------------------------------------------------------------------------
Network : 10.11.15.0/24
Nexthop : 10.11.25.6
Type : Nexthop Nexthop Type : IP
Interface : ip-10.11.25.5_base_to_cpe_stat* Active : Y
Metric : 1 Preference : 5
Admin State : Up Tag : 0
BFD : disabled
CPE-check : disabled
------------------------------------------------------------------------------
No. of Static Routes: 2
==============================================================================
Label |
Description |
---|---|
IP Addr/mask |
The static route destination address and mask. |
Pref |
The route preference value for the static route. |
Metric |
The route metric value for the static route. |
Type |
BH The static route is a blackhole route. The Nexthop for this type of route is black hole. |
ID The static route is an indirect route, where the nexthop for this type of route is the non-directly connected next hop. |
|
NH The route is a static route with a directly connected next hop. The Nexthop for this type of route is either the next hop IP address or an egress IP interface name. |
|
Next Hop |
The next hop for the static route destination. |
Interface |
The egress IP interface name for the static route. n/a indicates there is no current egress interface because the static route is inactive or a blackhole route. |
Active |
N The static route is inactive; for example, the static route is disabled or the next hop IP interface is down. |
Y The static route is active. |
|
No. of Routes: |
The number of routes displayed in the list. |
tunnel-table
Syntax
tunnel-table [ip-address[/mask] [protocol protocol | sdp sdp-id]
tunnel-table [summary]
Context
show>router
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command displays tunnel table information.
When the auto-bind command is used when configuring a VPRN service, it means the MP-BGP NH resolution is referring to core routing instance for IP reachability. For a VPRN service this object specifies the lookup to be used by the routing instance if no SDP to the destination exists.
Parameters
- ip-address[/mask]
Displays the specified tunnel table destination IP address and mask.
- protocol protocol
Displays LDP protocol information.
- sdp sdp-id
Displays information pertaining to the specified SDP.
- summary
Displays summary tunnel table information.
Output
The following output is an example of tunnel table information, and Output Fields: Tunnel Table describes the output fields.
Sample output
*A:ALA-12>config>service# show router 3 tunnel-table summary
=============================================================================
Tunnel Table Summary (Router: Base)
=============================================================================
Active Available
------------------------------------------------------------------------------
LDP 1 1
SDP 1 1
==============================================================================
*A:ALA-12>config>service#
Label |
Description |
---|---|
Destination |
The route destination address and mask. |
Owner |
Specifies the tunnel owner. |
Encap |
Specifies the tunnel encapsulation type. |
Tunnel ID |
Specifies the tunnel (SDP) identifier. |
Pref |
Specifies the route preference for routes learned from the configured peers. |
Nexthop |
The next hop for the route destination. |
Metric |
The route metric value for the route. |
Clear commands
arp-host
Syntax
arp-host
arp-host {mac ieee-address | sap sap-id | ip-address ip-address[/mask]}
arp-host [port port-id] [inter-dest-id intermediate-destination-id | no-inter-dest-id]
arp-host statistics [sap sap-id | interface interface-name]
Context
clear>service>id
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command clears ARP host data.
forwarding-table
Syntax
forwarding-table [slot-number]
Context
clear>router
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command clears the route table on the specified IOM with the route table.
If the slot number is not specified, the command forces the route table to be recalculated.
Parameters
- slot-number
Clears the specified IOM slot.
interface
Syntax
interface [ip-int-name | ip-addr] [icmp]
Context
clear>router
Platforms
Supported on all 7210 SAS platforms as described in this document
Description
This command clears IP interface statistics.
If no IP interface is specified either by IP interface name or IP address, the command performs the clear operation on all IP interfaces.
Parameters
- ip-int-name | ip-addr
Specifies the IP interface name or IP interface address.
- icmp
Specifies to reset the ICMP statistics for the IP interfaces used for ICMP rate limit.
damping
Syntax
damping [[ip-prefix/mask] [neighbor ip-address]] | [group name]
Context
clear>router>bgp
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command clears or resets the route damping information for received routes.
Parameters
- ip-prefix/mask
Clears damping information for entries that match the IP prefix and mask length.
- neighbor ip-address
Clears damping information for entries received from the BGP neighbor.
- group name
Clears damping information for entries received from any BGP neighbors in the peer group.
flap-statistics
Syntax
flap-statistics [[ip-prefix/mask] [neighbor ip-addr]] | [group group-name] | [regex reg-exp] | [policy policy-name]
Context
clear>router>bgp
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command clears route flap statistics.
Parameters
- ip-prefix/mask
Clears route flap statistics for entries that match the specified IP prefix and mask length.
- neighbor ip-addr
Clears route flap statistics for entries received from the specified BGP neighbor.
- group group-name
Clears route flap statistics for entries received from any BGP neighbors in the specified peer group.
- regex reg-exp
Clears route flap statistics for all entries which have the regular expression and the AS path that matches the regular expression.
- policy policy-name
Clears route flap statistics for entries that match the specified route policy.
neighbor
Syntax
neighbor {ip-addr | as as-number | external | all} [soft | soft-inbound | statistics]
Context
clear>router>bgp
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command resets the specified BGP peer or peers. This can cause existing BGP connections to be shutdown and restarted.
Parameters
- ip-addr
Resets the BGP neighbor with the specified IP address.
- as as-number
Resets all BGP neighbors with the specified peer AS.
- external
Resets all eBGP neighbors.
- all
Resets all BGP neighbors.
- soft
The specified BGP neighbors reevaluates all routes in the Local-RIB against the configured export policies.
- soft-inbound
The specified BGP neighbors reevaluates all routes in the RIB-In against the configured import policies.
- statistics
The BGP neighbor statistics.
protocol
Syntax
protocol
Context
clear>router>bgp
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command resets the entire BGP protocol. If the AS number was previously changed, the BGP AS number does not inherit the new value.
id
Syntax
id service-id
Context
clear>service
clear>service>statistics
Platforms
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
Description
This command clears commands for a specific service.
Parameters
- service-id
The ID that uniquely identifies a service.
sap
Syntax
sap sap-id {all | counters | stp}
Context
clear>service>statistics
Platforms
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
Description
This command clears SAP statistics for a SAP.
Parameters
- sap-id
Specifies the physical port identifier portion of the SAP definition. See Common CLI command descriptions for command syntax.
spoke-sdp
Syntax
spoke-sdp sdp-id:vc-id ingress-vc-label
Context
clear>service>id
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command clears and resets the spoke-SDP bindings for the service.
Parameters
- sdp-id
Specifies the spoke-SDP ID to be reset.
- vc-id
Specifies the virtual circuit ID on the SDP ID to be reset.
sdp
Syntax
sdp sdp-id keep-alive
Context
clear>service>statistics
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command clears keepalive statistics associated with the SDP ID.
Parameters
- sdp-id
Specifies the SDP ID for which to clear keepalive statistics.
counters
Syntax
counters
Context
clear>service>statistics>id
Platforms
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
Description
This command clears all traffic queue counters associated with the service ID.
spoke-sdp
Syntax
spoke-sdp sdp-id[:vc-id] {all | counters | stp}
Context
clear>service>statistics>id
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command clears statistics for the spoke-SDP bound to the service.
Parameters
- sdp-id
Specifies the spoke-SDP ID for which to clear statistics.
- vc-id
Specifies the virtual circuit ID on the SDP ID to be reset.
- all
Clears all queue statistics and STP statistics associated with the SDP.
- counters
Clears all queue statistics associated with the SDP.
- stp
Clears all STP statistics associated with the SDP.
stp
Syntax
stp
Context
clear>service>statistics>id
Platforms
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
Description
This command clears all spanning tree statistics for the service ID.
Debug commands
id
Syntax
[no] id service-id
Context
debug>service
Platforms
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
Description
This command debugs commands for a specific service.
The no form of this command disables debugging.
Parameters
- service-id
Specifies the ID that uniquely identifies a service.
sap
Syntax
[no] sap sap-id
Context
debug>service>id
debug>service>stp
Platforms
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
Description
This command enables STP debugging for a specific SAP.
The no form of this command disables debugging.
Parameters
- sap-id
Specifies the physical port identifier portion of the SAP definition. See Common CLI command descriptions for command syntax.
sdp
Syntax
[no] sdp sdp-id:vc-id
Context
debug>service>id
Platforms
Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode
Description
This command enables STP debugging for a specific SDP.
The no form of this command disables debugging.
event-type
Syntax
[no] event-type {config-change | svc-oper-status-change | sap-oper-status-change | sdpbind-oper-status-change}
Context
debug>service>id
Platforms
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
Description
This command enables debugging for a particular event type.
The no form of this command disables debugging.
The sdpbind-oper-status-change parameter is not supported on 7210 SAS platforms operating in access-uplink mode.
event-type
Syntax
[no] event-type {config-change | oper-status-change}
Context
debug>service>id>sap
Platforms
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
Description
This command enables debugging for a particular event type.
The no form of this command disables debugging.
stp
Syntax
[no] stp
Context
debug>service>id
Platforms
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
Description
This command enables the context for debugging STP.
The no form of this command disables debugging.
all-events
Syntax
all-events
Context
debug>service>id>stp
Platforms
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
Description
This command enables STP debugging for all events.
The no form of this command disables debugging.
bpdu
Syntax
[no] bpdu
Context
debug>service>stp
Platforms
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
Description
This command enables STP debugging for received and transmitted BPDUs.
The no form of this command disables debugging.
core-connectivity
Syntax
[no] core-connectivity
Context
debug>service>stp
Platforms
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
Description
This command enables STP debugging for core connectivity.
The no form of this command disables debugging.
exception
Syntax
[no] exception
Context
debug>service>stp
Platforms
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
Description
This command enables STP debugging for exceptions.
The no form of this command disables debugging.
fsm-state-changes
Syntax
[no] fsm-state-changes
Context
debug>service>stp
Platforms
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
Description
This command enables STP debugging for FSM state changes.
The no form of this command disables debugging.
fsm-timers
Syntax
[no] fsm-timers
Context
debug>service>stp
Platforms
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
Description
This command enables STP debugging for FSM timer changes.
The no form of this command disables debugging.
port-role
Syntax
[no] port-role
Context
debug>service>stp
Platforms
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
Description
This command enables STP debugging for changes in port roles.
The no form of this command disables debugging.
port-state
Syntax
[no] port-state
Context
debug>service>stp
Platforms
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
Description
This command enables STP debugging for port states.
The no form of this command disables debugging.