Virtual Private Routed Network service

This chapter provides information about the Virtual Private Routed Network (VPN) service and implementation notes.VPRN services are supported only in network mode. It is not supported in access-uplink mode.

VPRN service overview

RFC2547b is an extension to the original RFC 2547, which describes a method of distributing routing information and forwarding data to provide a Layer 3 Virtual Private Network (VPN) service to end customers.

Each Virtual Private Routed Network (VPRN) consists of a set of customer sites connected to one or more PE routers. Each associated PE router maintains a separate IP forwarding table for each VPRN. Additionally, the PE routers exchange the routing information configured or learned from all customer sites via MP-BGP peering. Each route exchanged via the MP-BGP protocol includes a Route Distinguisher (RD), which identifies the VPRN association.

The service provider uses BGP to exchange the routes of a particular VPN among the PE routers that are attached to that VPN. This is done in a way which ensures that routes from different VPNs remain distinct and separate, even if two VPNs have an overlapping address space. The PE routers distribute routes from other CE routers in that VPN to the CE routers in a particular VPN. Because the CE routers do not peer with each other there is no overlay visible to the VPN routing algorithm.

When BGP distributes a VPN route, it also distributes an MPLS label for that route. On an SR-series, the label distributed with a VPN route depends on the configured label-mode of the VPRN that is originating the route

Before a customer data packet travels across the service provider's backbone, it is encapsulated with the MPLS label that corresponds, in the customer's VPN, to the route which best matches the packet's destination address. The MPLS packet is further encapsulated with either another MPLS label header, so that it gets tunneled across the backbone to the correct PE router. Each route exchanged by the MP-BGP protocol includes a route distinguisher (RD), which identifies the VPRN association. Therefore the backbone core routers do not need to know the VPN routes. The following figure shows a VPRN network diagram.

Figure 1. Virtual Private Routed Network
Note:

VPRN services are only supported on 7210 SAS platforms operating in network mode.

Routing prerequisites

RFC2547bis requires the following features:

  • multi-protocol extensions

  • extended BGP community support

  • BGP capability negotiation

  • parameters defined in RFC 2918

Tunneling protocol options are as follows:

  • Label Distribution Protocol (LDP)

  • MPLS RSVP-TE tunnels

BGP support

BGP is used with BGP extensions mentioned in Routing prerequisites to distribute VPRN routing information across the service provider network.

BGP was initially designed to distribute IPv4 routing information. Therefore, multi-protocol extensions and the use of a VPN-IPv4 address were created to extend BGP ability to carry overlapping routing information. A VPN-IPv4 address is a 12-byte value consisting of the 8-byte route distinguisher (RD) and the 4-byte IPv4 IP address prefix. The RD must be unique within the scope of the VPRN. This allows the IP address prefixes within different VRFs to overlap.

A VPN-IPv6 address is a 24-byte value consisting of the 8-byte RD and 16-byte IPv6 address prefix. Service providers typically assign one or a small number of RDs per VPN service network-wide.

Route distinguishers

The route distinguisher (RD) is an 8-byte value consisting of 2 major fields, the Type field and value field, as shown in the following figure. The type field determines how the value field should be interpreted. The 7210 SAS implementation supports the three (3) type values as defined in the Internet draft.

Figure 2. Route distinguisher

The three Type values are:

  • Type 0: Value Field - Administrator subfield (2 bytes)

    Assigned number subfield (4 bytes)

    The administrator field must contain an ASN (using private AS numbers is discouraged). The Assigned field contains a number assigned by the service provider.

  • Type 1: Value Field - Administrator subfield (4 bytes)

    Assigned number subfield (2 bytes)

    The administrator field must contain an IP address (using private IP address space is discouraged). The Assigned field contains a number assigned by the service provider.

  • Type 2: Value Field - Administrator subfield (4 bytes)

    Assigned number subfield (2 bytes)

    The administrator field must contain a 4-byte ASN (using private AS numbers is discouraged). The Assigned field contains a number assigned by the service provider.

Route reflector

Per RFC2547bis the use of Route Reflectors is supported in the service provider core. Multiple sets of route reflectors can be used for different types of BGP routes, including IPv4 and VPN-IPv6. 7210 can only be used a route reflector client. It cannot be used as a route reflector ("server").

Customer Edge to Provider Edge route exchange

Routing information between the Customer Edge (CE) and Provider Edge (PE) can be exchanged by the following methods:

  • Static Routes (with both IPv4 and IPv6)

  • E-BGP (with both IPv4 and IPv6 VPNs)

  • OSPF (v2 IPv4)

Each protocol provides controls to limit the number of routes learned from each CE router.

Route redistribution

Routing information learned from the CE-to-PE routing protocols and configured static routes should be injected in the associated local VPN routing/forwarding (VRF). In the case of dynamic routing protocols, there may be protocol specific route policies that modify or reject certain routes before they are injected into the local VRF.

Route redistribution from the local VRF to CE-to-PE routing protocols is to be controlled via the route policies in each routing protocol instance, in the same manner that is used by the base router instance.

The advertisement or redistribution of routing information from the local VRF to or from the MP-BGP instance is specified per VRF and is controlled by VRF route target associations or by VRF route policies.

VPN-IP routes imported into a VPRN, have the protocol type bgp-vpn to denote that it is an VPRN route. This can be used within the route policy match criteria.

CPE connectivity check

Static routes are used within many IES and VPRN services. Unlike dynamic routing protocols, there is no way to change the state of routes based on availability information for the associated CPE. CPE connectivity check adds flexibility so that unavailable destinations will be removed from the VPRN routing tables dynamically and minimize wasted bandwidth.

Directly connected IP target and Multiple hops to IP target show static routes.

Figure 3. Directly connected IP target
Figure 4. Multiple hops to IP target

The availability of the far-end static route is monitored through periodic polling. The polling period is configured. If the poll fails a specified number of sequential polls, the static route is marked as inactive.

Either ICMP ping or unicast ARP mechanism can be used to test the connectivity. ICMP ping is preferred.

If the connectivity check fails and the static route is de-activated, the 7210 SAS router will continue to send polls and reactivate any routes that are restored.

Constrained Route Distribution

This section describes constrained route distribution or RT constraint (RTC).

Constrained VPN route distribution based on route targets

The RTC is a mechanism allows a router to advertise route target membership information to its BGP peers to indicate interest in receiving only VPN routes tagged with specific route target extended communities. After receiving this information, peers restrict the advertised VPN routes to only those requested, which minimizes the control plane load in terms of protocol traffic and possibly routing information base (RIB) memory.

MP-BGP carries the route target membership information, using an address family identifier (AFI) value of 1 and subsequent address family identifier (SAFI) value of 132. For two routers to exchange RT membership network layer reachability information (NLRI), they must advertise the corresponding AFI/SAFI to each other during capability negotiation. MP-BGP allows RT membership NLRI to be propagated, loop-free, within an AS and between ASs using well-known BGP route selection and advertisement rules.

Outbound route filtering (ORF) can also be used for RT-based route filtering, but ORF messages have a limited scope of distribution (to direct peers or neighbors), and, therefore, do not automatically create pruned inter-cluster and inter-AS route distribution trees.

Configuring the route target address family

RTC is supported only by the base router BGP instance. When the family command at the bgp, group or neighbor CLI context includes the route-target keyword, the RTC capability is negotiated with the associated set of eBGP and iBGP peers.

ORF is mutually exclusive with RTC on a specific BGP session. The CLI will not attempt to block this configuration, but if both capabilities are enabled on a session, the ORF capability is not included in the OPEN message sent to the peer.

Originating RT constraint routes

When the base router has one or more RTC peers (BGP peers with which the RTC capability has been successfully negotiated), one RTC route is created for each RT extended community imported into a locally-configured Layer-2 VPN or Layer-3 VPN service. These imported route targets are configured in the following contexts:

  • config>service>vpls>bgp

  • config>service>vprn

  • config>service>vprn>mvpn

Note:

See the 7210 SAS-Mxp, R6, R12, S, Sx, T Routing Protocols Guide for more information about BGP address families that support RTC.

By default, these RTC routes are automatically advertised to all RTC peers, without the need for an export policy to explicitly accept them. Each RTC route has a prefix, prefix length, and path attributes. The prefix value is the concatenation of the origin AS (a 4-byte value representing the 2- or 4-octet AS of the originating router, as configured using the configure router autonomous-system command) and 0 or 16 to 64 bits of a route target extended community encoded in one of the following formats: 2-octet AS specific extended community, IPv4 address specific extended community, or 4-octet AS specific extended community.

A router may be configured to send the default RTC route to any RTC peer using the new default-route-target group or neighbor CLI command. The default RTC route is a special type of RTC route that has zero prefix length. Sending the default RTC route to a peer conveys a request to receive all VPN routes (regardless of route target extended community) from that peer. The default RTC route is typically advertised by a route reflector to its clients. The advertisement of the default RTC route to a peer does not suppress other, more specific, RTC routes from being sent to that peer.

Receiving and re-advertising RT constraint routes

All received RTC routes that are deemed valid are stored in the RIB-IN. An RTC route is considered invalid and treated as withdrawn if any of the following conditions apply:

  • The prefix length is 1 to 31.

  • The prefix length is 33 to 47.

  • The prefix length is 48 to 96 and the 16 most-significant bits are not 0x0002, 0x0102, or 0x0202.

If multiple RTC routes are received for the same prefix value, standard BGP best path selection procedures are used to determine the best of these routes.

The best RTC route per prefix is re-advertised to RTC peers based on the following rules:

  • The best path for a default RTC route (prefix length 0, origin AS only with prefix length 32, or origin AS plus 16 bits of an RT type with prefix length 48) is never propagated to another peer.

  • A PE with only iBGP RTC peers that is neither a route reflector nor an AS boundary router (ASBR) does not re-advertise the best RTC route to any RTC peer because of standard iBGP split horizon rules.

  • A route reflector that receives its best RTC route for a prefix from a client peer re-advertises that route (subject to export policies) to all of its client and non-client iBGP peers (including the originator), per standard RR operation. When the route is re-advertised to client peers, the RR sets the ORIGINATOR_ID to its own router ID and modifies the NEXT_HOP to be its local address for the sessions (for example, system IP).

  • A route reflector that receives its best RTC route for a prefix from a non-client peer re-advertises that route (subject to export policies) to all of its client peers, per standard RR operation. If the RR has a non-best path for the prefix from any of its clients, it advertises the best of the client-advertised paths to all non-client peers.

  • An ASBR that is neither a PE nor a route reflector that receives its best RTC route for a prefix from an iBGP peer re-advertises that route (subject to export policies) to its eBGP peers. It modifies the NEXT_HOP and AS_PATH of the re-advertised route per standard BGP rules. The aggregation of RTC routes is not supported.

  • An ASBR that is neither a PE nor a route reflector that receives its best RTC route for a prefix from an eBGP peer re-advertises that route (subject to export policies) to its eBGP and iBGP peers. When re-advertised routes are sent to eBGP peers, the ASBR modifies the NEXT_HOP and AS_PATH per standard BGP rules. The aggregation of RTC routes is not supported.

Note:

These advertisement rules do not handle hierarchical RR topologies properly. This is a limitation of the current RT constraint standard.

Using RT constraint routes

In general (ignoring iBGP-to-iBGP rules, add-path, best-external, and so on), the best VPN route for every prefix/NLRI in the RIB is sent to every peer supporting the VPN address family, but export policies may be used to prevent the advertisement of some prefix/NLRIs to specific peers. These export policies may be configured statically or created dynamically based on use of ORF or RTC with a peer. ORF and RTC are mutually exclusive on a session.

When RTC is configured on a session that also supports VPN address families using route targets (vpn-ipv4, vpn-ipv6, and so on), the advertisement of the VPN routes is affected as follows:

  • When the session comes up, the advertisement of the VPN routes is delayed briefly to allow RTC routes to be received from the peer.

  • After the initial delay, the received RTC routes are analyzed and acted upon. If S1 is the set of routes previously advertised to the peer and S2 is the set of routes that should be advertised based on the most recent received RTC routes, the following applies:

    • The set of routes in S1 but not in S2 should be withdrawn immediately (subject to the minimum route advertisement interval (MRAI)).

    • The set of routes in S2 but not in S1 should be advertised immediately (subject to MRAI).

  • If a default RTC route is received from a peer P1, the VPN routes that are advertised to P1 are the set that:

    • are eligible for advertisement to P1 per BGP route advertisement rules

    • have not been rejected by manually configured export policies

    • have not been advertised to the peer

    Note:

    This applies whether P1 advertised the best route for the default RTC prefix.

In this context, a default RTC route is any of the following:

  • a route with NLRI length = zero

  • a route with NLRI value = origin AS and NLRI length = 32

  • a route with NLRI value = {origin AS+0x0002 | origin AS+0x0102 | origin AS+0x0202} and NLRI length = 48

    • If an RTC route for prefix A (origin-AS = A1, RT = A2/n, n > 48) is received from an iBGP peer I1 in autonomous system A1, the VPN routes that are advertised to I1 is the set that:

      • are eligible for advertisement to I1 per BGP route advertisement rules

      • have not been rejected by manually configured export policies

      • carry at least one route target extended community with value A2 in the n most significant bits

      • have not been advertised to the peer

      Note:

      This applies whether I1 advertised the best route for A.

    • If the best RTC route for a prefix A (origin-AS = A1, RT = A2/n, n > 48) is received from an IBGP peer I1 in autonomous system B, the VPN routes that are advertised to I1 is the set that:

      • are eligible for advertisement to I1 per BGP route advertisement rules

      • have not been rejected by manually configured export policies

      • carry at least one route target extended community with value A2 in the n most significant bits

      • have not been advertised to the peer

      Note:

      This applies only if I1 advertised the best route for A.

    • If the best RTC route for a prefix A (origin-AS = A1, RT = A2/n, n > 48) is received from an eBGP peer E1, the VPN routes that are advertised to E1 is the set that:

      • are eligible for advertisement to E1 per BGP route advertisement rules

      • have not been rejected by manually configured export policies

      • carry at least one route target extended community with value A2 in the n most significant bits

      • have not been advertised to the peer

      Note:

      This applies only if E1 advertised the best route for A.

BGP fast reroute in a VPRN

BGP fast reroute is a feature that brings together indirection techniques in the forwarding plane and precomputation of BGP backup paths in the control plane to support fast reroute of BGP traffic around unreachable/failed next-hops. In a VPRN context BGP fast reroute is supported using VPN-IPv4 and VPN-IPv6 VPN routes. The supported VPRN scenarios are described in the following table.

Table 1. BGP fast reroute scenarios (VPRN context)

Ingress packet

Primary route

Backup route

Prefix independent convergence

IPv4 (ingress PE)

VPN-IPv4 route with next-hop A resolved by a LDP, RSVP, or BGP tunnel

VPN-IPv4 route with next-hop A resolved by a LDP, RSVP, or BGP tunnel

Yes

IPv6 (ingress PE)

VPN-IPv6 route with next-hop A resolved by a LDP, RSVP, or BGP tunnel

VPN-IPv6 route with next-hop B resolved by a LDP, RSVP, or BGP tunnel

Yes

BGP fast reroute in a VPRN configuration

Configuring the config>service>vprn>enable-bgp-vpn-backup command causes only imported BGP-VPN routes to be considered when selecting the primary and backup paths.

This command is required to support fast failover of ingress traffic from one remote PE to another remote PE.

Note:

7210 SAS platforms do not support BGP backup path commands that are used to enable consideration of multiple paths learned from CE BGP peers when selecting primary and backup paths to reach the CE.

VPRN features

This section describes VPRN features and special capabilities or considerations as they relate to VPRN services.

IP interfaces

VPRN customer IP interfaces can be configured with most of the same options found on the core IP interfaces.

The advanced configuration options supported are:

  • DHCPv4 and DHCPv6 relay

  • VRRP

  • Secondary IP addresses

  • ICMP options

Configuration options found on core IP interfaces that are not supported on VPRN IP interfaces are:

  • NTP broadcast receipt

DHCP and DHCPv6

Note:

Unless otherwise stated, DHCP is equivalent to ‟DHCP for IPv4,” or DHCPv4.

The DHCP protocol is used to communicate network information and configuration parameters from a DHCP server to a DHCP-aware client. DHCP is based on the BOOTP protocol, with additional configuration options and the capability to allocate dynamic network addresses. DHCP devices are also capable of handling BOOTP messages.

A DHCP client is an IP-capable device (typically a computer or base station) that uses DHCP to obtain configuration parameters, such as a network address. A DHCP server is an Internet host or router that returns configuration parameters to DHCP clients. A DHCP relay agent is a host or router that passes DHCP messages between clients and servers.

DHCPv6 is not based on, and does not use, the BOOTP protocol.

Service providers use the DHCP protocol to assign IP addresses and provide other configuration parameters.

IP routers do not forward broadcast or multicast packets, which may suggest that the DHCP client and server must reside on the same IP network segment. However, this configuration is not required because when the 7210 SAS is acting as a DHCP relay agent, it processes these DHCP broadcast or multicast packets and relays them to a preconfigured DHCP server. As a result, DHCP clients and servers do not need to reside on the same IP network segment.

For DHCP relay, the 7210 SAS supports a maximum of eight DHCP servers for each VPRN or IES instance and eight DHCP servers for each node.

For DHCPv6 relay, the 7210 SAS supports a maximum of eight DHCPv6 servers for each VPRN instance and eight DHCPv6 servers for each node.

DHCP relay and DHCPv6 relay

The 7210 SAS provides DHCP relay agent services and DHCPv6 relay agent services for DHCP clients. DHCP is used for IPv4 network addresses and DHCPv6 is used for IPv6 network addresses. Both DHCP and DHCPv6 are known as stateful protocols because they use dedicated servers to maintain parameter information.

In the stateful autoconfiguration model, hosts obtain interface addresses and configuration information and parameters from a server. The server maintains a database that tracks which addresses are assigned to which hosts.

Note:

The 7210 SAS acts as a relay agent for DHCP and DHCPv6 requests and responses. DHCPv6 functionality is only supported on VPRN access IP interfaces.

DHCP relay

The 7210 SAS provides DHCP relay agent services for DHCP clients.

Service providers use the DHCP protocol to assign IP addresses and provide other configuration parameters. The DHCP protocol requires the client to transmit a request packet with a destination broadcast address of 255.255.255.255, which is processed by the DHCP server.

When the 7210 SAS is acting as a DHCP relay agent, it processes DHCP broadcast packets and relays them to a preconfigured DHCP server, ensuring that DHCP clients and servers do not need to reside on the same network segment.

DHCP offer messages are not dropped if they contain a giaddr that does not match the local configured subnets on the DHCP relay interface.

DHCP options

DHCP options are codes that the 7210 SAS inserts in packets being forwarded from a DHCP client to a DHCP server. Some options have additional information stored in suboptions.

The 7210 SAS supports the Relay Agent Information Option 82, as described in RFC 3046. The following suboptions are supported:

  • circuit ID

  • remote ID

  • vendor-specific options

DHCPv6 Relay
Note:

DHCPv6 relay is only supported on 7210 SAS-Mxp.

DHCPv6 relay operation is similar to DHCP in that servers send configuration parameters, such as IPv6 network addresses, to IPv6 nodes; however, DHCPv6 relay is not based on the DHCP or BOOTP protocol. DHCPv6 can be used instead of, or in conjunction with, stateless autoconfiguration.

DHCPv6 uses IPv6 methods of addressing, especially the use of reserved, link-local scoped multicast addresses. DHCPv6 clients transmit messages to these reserved addresses, allowing messages to be sent without the client knowing the address of any DHCP server. This transmission allows efficient communication even before a client is assigned an IP address. When a client has an address and knows the identity of a server, the client can communicate with the server directly using unicast addressing.

The DHCPv6 protocol requires the client to transmit a request packet with a destination multicast address of ff02::1:2 (which addresses all DHCP servers and relay agents on the local network segment) that is processed by the DHCP server.

Similar to DHCP address allocation, if a client needs to obtain an IPv6 address and other configuration parameters, it sends a Solicit message to locate a DHCPv6 server, then requests an address assignment and other configuration information from the server. Servers that meet the requirements of the client respond with an Advertise message. The client chooses one of the servers and sends a Request message; the server sends back a Reply message with the confirmed IPv6 address and configuration information.

If the client already has an IPv6 address, either assigned manually or obtained in another way, the client only needs to obtain configuration information. In this case, exchanges are done using a two-message process. The client sends a Request message for only configuration information. A DHCPv6 server that has configuration information for the client sends back a Reply message with the information.

The 7210 SAS supports the DHCPv6 relay agent option in the same way that it supports the DHCP relay agent option: when the 7210 SAS is acting as a DHCPv6 relay agent, it relays messages between clients and servers that are not connected to the same link.

The DHCP relay agent uses one of its interfaces as an IP source address in the DHCP relay-forward message. The DHCPv6 server uses the same source IP address as the destination IP address in the DHCP relay-reply message. There are restrictions for the source IP address used by the DHCP relay agent, which depend on whether the relay agent is a few hops away or is directly connected.

In the case where the relay agent is a few hops away from the DHCPv6 server, the source address used by the relay agent must not fall under the subnet or prefix range configured on the IP interface on which the client is connected. For example, the loopback interface address of the DHCP relay agent can be used instead. To forward the DHCPv6 relay-reply message back to the relay agent, add a static route for the relay agent source IP address.

In the case where the relay agent is directly connected, there are two options. In the first option, the relay agent use the address of the directly connected interface as the relay-forward source address, and no additional configuration is required for the DHCP server to forward the relay-reply message back to the relay-agent. The other option is to use an interface address on the relay agent that does not fall under the subnet or prefix range configured on the IP interface on which the client is connected. Similar to the scenario where the relay-agent is a few hops away, a static route is required to forward the DHCP relay-reply message back to the relay agent.

DHCPv6 options

DHCPv6 options are codes that the 7210 SAS inserts in packets being forwarded from a DHCPv6 client to a DHCPv6 server. DHCPv6 supports interface ID and remote ID options, as described in RFC 3315, Dynamic Host Configuration Protocol for IPv6 (DHCPV6) and RFC 4649, DHCPv6 Relay Agent Remote-ID Option.

SAPs

IPv6 support for VPRN IP interfaces

Note:

IPv6 VPRN IP interfaces are supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode.

VPRN IPv6 access interfaces are allowed to be configured to provide IPv6 VPN connectivity to customers.

IPv4 and IPv6 route table lookup entries are shared. Before adding routes for IPv6 destinations, route entries in the routed lookup table needs to be allocated for IPv6 addresses. This can be done using the CLI config system resource-profile router max-ipv6-routes command. This command allocates route entries for /64 IPv6 prefix route lookups. The system does not allocate any IPv6 route entries by default and user needs to allocate some resources before using IPv6. For the command to take effect the node must be rebooted after making the change. For more information, see the following example and see the 7210 SAS-Mxp, R6, R12, S, Sx, T Basic System Configuration Guide.

A separate route table (or a block in the route table) is used for IPv6 /128-bit prefix route lookup. A limited amount of IPv6 /128 prefixes route lookup entries is supported. The software enables lookups in this table by default (that is no user configuration is required to enable Ipv6 /128-bit route lookup).

In addition, the number IP subnets can be configured by the user using the configure system resource-profile router max-ip-subnets command. Suitable defaults are assigned to this parameter. Users can increase the number of subnets if they plan to add more IPv6 addresses for eachIPv6 interface.

Following features and restrictions is applicable for IPv6 VPRN IP interfaces:

  • PE-CE routing - static routing and EBGP is supported

  • A limited amount of IPv6 /128 prefixes route lookup entries is supported on 7210 SAS platforms.

  • VRRP for VPRN IPv6 interfaces is not supported.

Encapsulations

The following SAP encapsulations are supported on the 7210 SAS VPRN service:

  • Ethernet null

  • Ethernet dot1q

  • QinQ

  • LAG

QoS policies

When applied to a VPRN SAP, service ingress QoS policies creates the unicast meter defined in the policy. QoS policies only create the unicast meters defined in the policy if PIM is not configured on the associated IP interface, if PIM is configured, the multipoint meters are applied as well.

For 7210 SAS-Sx/S 1/10GE, 7210 SAS-Sx 10/100GE, and 7210 SAS-T (network mode) (with VPRN services), access egress policies are available for use on access ports. On 7210 SAS-Mxp Service egress QoS policies are supported.

Both Layer 2 (dot1p only) and Layer 3 criteria can be used in the QoS policies for traffic classification in an VPRN.

Filter policies

Ingress and egress IPv4 and IPv6 filter policies can be applied to VPRN SAPs.

CPU QoS for VPRN interfaces

Traffic bound to CPU received on VPRN access interfaces are policed/rate-limited and queued into CPU queues. The software allocates a policer per IP application or a set of IP applications, for rate-limiting CPU bound IP traffic from all VPRN access SAPs. The policers CIR/PIR values are set to appropriate values based on feature scaling and these values are not user configurable. The software allocates a set of queues for CPU bound IP traffic from all VPRN access SAPs. The queues are either shared by a set of IP applications or in some cases allocated to an IP application. The queues are shaped to appropriate rate based on feature scaling. The shaper rate is not user configurable.

Note:

  • The instance of queues and policers used for traffic received on network port IP interfaces is different for traffic received from access port IP interfaces. Additionally, the network CPU queues are accorded higher priority than the access CPU queues. This is done to provide better security and mitigate the risk of access traffic affecting network traffic.

  • The 7210 SAS-Mxp allows the user to configure the IP differentiated services code point (DSCP) value for self-generated traffic. On the 7210 SAS-T, 7210 SAS-Sx/S 1/10GE, and 7210 SAS-Sx 10/100GE, IP DSCP marking of self-generated traffic is not user-configurable and is assigned by software.

CE to PE routing protocols

The 7210 SAS VPRN supports the following CE to PE routing protocols:

  • eBGP (for both IPv4 and IPv6)

  • static with both IPv4 and IPv6)

  • OSPF v2 (IPv4)

PE to PE tunneling mechanisms

The 7210 SAS supports multiple mechanisms to provide transport tunnels for the forwarding of traffic between PE routers within the 2547bis network.

The 7210 SAS VPRN implementation supports the use of:

  • RSVP-TE protocol to create tunnel LSP's between PE routers

  • LDP protocol to create tunnel LSP's between PE routers

These transport tunnel mechanisms provide the flexibility to use dynamically created LSPs, where the ‟autobind” feature is used to automatically bind service tunnels, and there is the ability to provide specific VPN services with their own transport tunnels by explicitly binding SDPs, if required. When the auto-bind-tunnel command is used, all services traverse the same LSPs and do not allow alternate tunneling mechanisms or the ability to configure sets of LSPs with bandwidth reservations for specific customers, as is available with explicit SDPs for the service.

Per-VRF route limiting

The 7210 SAS allows setting the maximum number of routes that can be accepted in the VRF for a VPRN service. There are options to specify a percentage threshold at which to generate an event to indicate that the VRF table is nearly full, and an option to disable additional route learning when the VRF is full or only generate an event.

Exporting MP-BGP VPN routes

To reduce the number of MP-BGP VPN tunnels in a group of IP/MPLS PE routers that are part of the same L3 VPN instance, a hierarchy can be established by reexporting the VPN IP routes on a PE aggregation router (which can be an ABR node). In the case of VPRN service labels, reexporting VPN IP routes reduces the required MPLS FIB resources to the scale available on smaller access routers.

Use the config>service>vprn>allow-export-bgp-vpn command to configure the feature. This command enables the vrf-export and vrf-target export functions to include BGP-VPN routes that are installed in the VPRN route table.

When a route is installed in the VPRN route table, the route is exported as a new VPN-IP route to an MP-IBGP peer only; that is, the route is accepted by the VRF export policy but may be rejected by a BGP export policy. Assuming that the export policies have simple accept and reject actions, the new VPN-IP route is the same as the original VPN-IP route, except in the following cases:

  • The RD is changed to the value of the advertising VPRN.

  • The BGP next-hop is changed to a local address of the PE.

  • The label value is changed to the per-VRF label value of the advertising VPRN.

Configuration guidelines

The following configuration guidelines apply to this feature:

  • You must shut down and restart the VPRN context for any changes to the allow-export-bgp-vpn command to take effect.

  • You must configure the VPRN service with a loopback IP interface for the command to take effect.

  • SAPs cannot be configured in a VPRN service in which the allow-export-bgp-vpn command is enabled.

Spoke-SDPs

Spoke-SDP termination into a Layer 3 service is not supported on 7210 SAS platforms.

Using OSPF in IP-VPNs

Note:

OSPF used as a PE-CE routing protocol is supported only for IPv4 VPNs.

Using OSPF as a CE to PE routing protocol allows OSPF that is currently running as the IGP routing protocol to migrate to an IP-VPN backbone without changing the IGP routing protocol, introducing BGP as the CE-PE or relying on static routes for the distribution of routes into the service providers IP-VPN. The following features are supported:

  • Advertisement/redistribution of BGP-VPN routes as summary (type 3) LSAs flooded to CE neighbors of the VPRN OSPF instance. This occurs if the OSPF route type (in the OSPF route type BGP extended community attribute carried with the VPN route) is not external (or NSSA) and the locally configured domain-id matches the domain-id carried in the OSPF domain ID BGP extended community attribute carried with the VPN route.

  • OSPF sham links. A sham link is a logical PE-to-PE unnumbered point-to-point interface that essentially rides over the PE-to-PE transport tunnel. A sham link can be associated with any area and can therefore appear as an intra-area link to CE routers attached to different PEs in the VPN.

Service label mode of a VPRN

The 7210 SAS allocates one unique (platform-wide) service label per VRF. All VPN-IP routes exported by the PE from a particular VPRN service with that configuration have the same service label. When the PE receives a terminating MPLS packet, the service label value determines the VRF to which the packet belongs. A lookup of the IP packet DA in the forwarding table of the selected VRF determines the next-hop interface.

Multicast in IP-VPN applications

Note:

Multicast in IP-VPN services using NG-MVPN mechanisms is supported on the 7210 SAS-T, 7210 SAS-Mxp, 7210 SAS-Sx 1/10GE operating in the standalone mode, and 7210 SAS-S 1/10GE operating in the standalone-VC mode.

Applications for this feature include enterprise customers implementing a VPRN solution for their WAN networking needs, customer applications including stock-ticker information, financial institutions for stock and other types of trading data, and video delivery systems.

The following figure shows an example of multicast in an IP-VPN application. The provider domain encompasses the core routers (1 through 4) and the edge routers (5 through 10). The various IP-VPN customers each have their own multicast domain, VPN-1 (CE routers 12, 13, and 16) and VPN-2 (CE Routers 11, 14, 15, 17, and 18). In this VPRN example, the VPN-1 data generated by the customer behind router 16 is multicast only by PE router 9 to PE routers 6 and 7 for delivery to CE routers 12 and 13 respectively. Data for VPN-2 generated by the customer behind router 15 is forwarded by PE router 8 to PE routers 5, 7, and 10 for delivery to CE routers 18, 11, 14, and 17 respectively.

Figure 5. Multicast in IP-VPN applications

The demarcation of these domains is in the PE router (routers 5 through 10). The PE router participates in both the customer multicast domain and the provider multicast domain. The customer CE routers are limited to a multicast adjacency with the multicast instance on the PE created to support that specific customer IP-VPN. This way, customers are isolated from the provider core multicast domain and other customer multicast domains while the provider core routers only participate in the provider multicast domain and are isolated from all customer multicast domains.

The PE router for a specific customer multicast domain becomes adjacent to the CE routers attached to that PE and to all other PE routers that participate in the IP-VPN (or customer) multicast domain. This is achieved by the PE router, which encapsulates the customer multicast control data and multicast streams inside the provider multicast packets. These encapsulated packets are forwarded only to the PE routers that are participating in the same MVPN domain and are part of the same customer VPRN. This prunes the distribution of the multicast control and data traffic to the PE routers that do not participate in the customer multicast domain.

Multicast protocols supported in the provider network

An MVPN is defined by two sets of sites: the sender sites set and receiver sites set, with the following properties:

  • Hosts within the sender sites set could originate multicast traffic for receivers in the receiver sites set.

  • Receivers not in the receiver sites set should not be able to receive this traffic.

  • Hosts within the receiver sites set could receive multicast traffic originated by any host in the sender sites set.

  • Hosts within the receiver sites set should not be able to receive multicast traffic originated by any host that is not in the sender sites set.

A site could be both in the sender sites set and receiver sites set, which implies that hosts within such a site could both originate and receive multicast traffic. An extreme case is when the sender sites set is the same as the receiver sites set, in which case all sites could originate and receive multicast traffic from each other.

Sites within a specific MVPN can only be within the same organizations, which implies that an MVPN can be an intranet. A specific site may be in more than one MVPN, which implies that MVPNs may overlap. Not all sites of a specific MVPN have to be connected to the same service provider, which implies that an MVPN can span multiple service providers.

Another way to look at MVPN is to say that an MVPN is defined by a set of administrative policies. These policies determine the sender sites set and receiver site set. These policies are established by MVPN customers, but implemented by MVPN service providers using the existing BGP/MPLS VPN mechanisms, such as route targets, with extensions, as necessary.

MVPN Using BGP control plane

The 7210 SAS supports next generation MVPN with MLDP and RSVP P2MP provider tunnels.

The Nokia implementation supports the following features:

  • MVPN is supported on the 7210 SAS-T, 7210 SAS-Mxp, 7210 SAS-Sx 1/10GE operating in standalone mode, and 7210 SAS-S 1/10GE operating in standalone-VC mode.

  • MVPN membership auto-discovery using BGP is supported.

  • PE-PE transmission of C-multicast routing using BGP is supported.

  • IPv4 is supported.

  • Inter-AS MVPN with option A is supported. This does not require any additional control or data plane implementations.

MVPN membership auto-discovery using BGP

BGP-based auto-discovery (AD) is performed by using a multicast VPN address family. Any PE router that attaches to an MVPN must issue a BGP update message containing an NLRI in this address family, along with a specific set of attributes.

The PE router uses route targets to specify MVPN route import and export. The route target may be the same as the one used for the corresponding unicast VPN, or it may be different. The PE router can specify separate import route targets for sender sites and receiver sites for a specific MVPN.

The route distinguisher (RD) that is used for the corresponding unicast VPN can also be used for the MVPN.

When BGP AD is enabled, PIM peering on the I-PMSI is disabled, so no PIM hellos are sent on the I-PMSI. C-tree to P-tunnel bindings are also discovered using BGP S-PMSI AD routes, instead of PIM join TLVs.

For example, if AD is disabled, the c-mcast-signaling bgp command fails and the following error message displays:

C-multicast signaling in BGP requires auto-discovery to be enabled

AD is enabled by default on the 7210 SAS-T, 7210 SAS-Mxp, 7210 SAS-Sx 10/100GE operating in standalone mode, and 7210 SAS-S 1/10GE operating in standalone-VC mode.

If c-mcast-signaling is set to bgp, the no auto-discovery command fails and the following error message displays:

C-multicast signaling in BGP requires auto-discovery to be enabled

When c-mcast-signaling is set to bgp, S-PMSI AD is always enabled (configuration is ignored).

Provider tunnel support

The following provider tunnels are supported:

  • mLDP inclusive provider tunnel

  • mLDP selective provider tunnel

  • RSVP P2MP LSPs inclusive provider tunnel

  • RSVP P2MP LSPs selective provider tunnel

Inter-AS VPRNs

Inter-AS IP-VPN services have been driven by the popularity of IP services and service provider expansion beyond the borders of a single Autonomous System (AS) or the requirement for IP VPN services to cross the AS boundaries of multiple providers. Three options for supporting inter-AS IP-VPNs are described in RFC 4364, BGP/MPLS IP Virtual Private Networks (VPNs).

Note:

7210 SAS platforms support only Option-A and Option-C. Option-B is not supported and is included in this description only for completeness.

The first option, referred to as Option-A (shown in the following figure), is considered inherent in any implementation. This method uses a back-to-back connection between separate VPRN instances in each AS. As a result, each VPRN instance views the inter-AS connection as an external interface to a remote VPRN customer site. The back-to-back VRF connections between the ASBR nodes require individual sub-interfaces, one per VRF.

Figure 6. Inter-AS Option-A: VRF-to-VRF model

The second option, referred to as Option-B (shown in the following figure), relies heavily on the AS Boundary Routers (ASBRs) as the interface between the autonomous systems. This approach enhances the scalability of the eBGP VRF-to-VRF solution by eliminating the need for per-VPRN configuration on the ASBRs. However it requires that the ASBRs provide a control plan and forwarding plane connection between the autonomous systems. The ASBRs are connected to the PE nodes in its local autonomous system using iBGP either directly or through route reflectors. This means the ASBRs receive all the VPRN information and will forward these VPRN updates, VPN-IPV4, to all its EBGP peers, ASBRs, using itself as the next-hop. It also changes the label associated with the route. This means the ASBRs must maintain an associate mapping of labels received and labels issued for those routes. The peer ASBRs will in turn forward those updates to all local IBGP peers.

Figure 7. Inter-AS Option-B

This form of inter-AS VPRNs does not require instances of the VPRN to be created on the ASBR, as in option-A, as a result there is less management overhead. This is also the most common form of Inter-AS VPRNs used between different service providers as all routes advertised between autonomous systems can be controlled by route policies on the ASBRs.

The third option, referred to as Option-C (shown in the following figure), allows for a higher scale of VPRNs across AS boundaries but also expands the trust model between ASNs. As a result this model is typically used within a single company that may have multiple ASNs for various reasons.

This model differs from Option-B, in that in Option-B all direct knowledge of the remote AS is contained and limited to the ASBR. As a result, in option-B the ASBR performs all necessary mapping functions and the PE routers do not need perform any additional functions then in a non-Inter-AS VPRN.

Figure 8. Option C example

With Option-C, knowledge from the remote AS is distributed throughout the local AS. This distribution allows for higher scalability but also requires all PEs and ASBRs involved in the Inter-AS VPRNs to participate in the exchange of inter-AS routing information.

In Option-C, the ASBRs distribute reachability information for remote PE system IP addresses only. This is done between the ASBRs by exchanging MP-eBGP labeled routes, using RFC 3107, Carrying Label Information in BGP-4.

Distribution of VPRN routing information is handled by either direct MP-BGP peering between PEs in the different ASNs or more likely by one or more route reflectors in ASN.

Configuring a VPRN service with CLI

This section provides information to configure Virtual Private Routed Network (VPRN) services using the command line interface.

Basic configuration

The following fields require specific input (there are no defaults) to configure a basic VPRN service:

VPRN service configuration

*A:ALA-1>config>service>vprn# info
----------------------------------------------
            vrf-import "vrfImpPolCust1"
            vrf-export "vrfExpPolCust1"

            autonomous-system 10000
            route-distinguisher 10001:1
            auto-bind ldp
            vrf-target target:10001:1
            interface "to-ce1" create
                address 10.1.0.1/24

                exit
                sap 1/1/10:1 create
                    ingress
                        qos 100
                    exit
                        filter ip 10
                    exit
                exit


                exit
            exit
            static-route 10.5.0.0/24 next-hop 10.1.1.2
            bgp
                router-id 10.0.0.1
                group "to-cel"
                    export "vprnBgpExpPolCust1"
                    peer-as 65101
                    neighbor 10.1.1.2
                    exit
                exit
            exit

            no shutdown
----------------------------------------------
*A:ALA-1>config>service>vprn#

Common configuration tasks

This section provides a brief overview of the tasks that must be performed to configure a VPRN service and provides the CLI commands:


  1. Associate a VPRN service with a customer ID.


  2. Define an autonomous system (optional).


  3. Define a route distinguisher (mandatory).


  4. Define VRF route-target associations or VRF import/export policies.


  5. Create an interface.


  6. Define SAP parameters on the interface:

    • Select nodes and ports.

    • Optional - select QoS policies other than the default (configured in config>qos context)

    • Optional - select filter policies (configured in config>filter context)

    • Optional - select accounting policy (configured in config>log context)


  7. Define BGP parameters (optional):

    BGP must be enabled in the config>router>bgp context.


  8. Enable the service.

Configuring VPRN components

Creating a VPRN service

Use the following CLI syntax to create a VRPN service. A route distinguisher must be defined in order for VPRN to be operationally active.

config>service# vprn service-id [customer customer-id]
    route-distinguisher [ip-address:number1 | asn:number2]
    description description-string
    no shutdown
VPRN service configuration
*A:ALA-1>config>service# info
----------------------------------------------
...
        vprn 1 customer 1 create
            route-distinguisher 10001:0
no shutdown
        exit
...
----------------------------------------------
*A:ALA-1>config>service>vprn# 

Configuring global VPRN parameters

See VPRN services command reference for CLI syntax to configure VPRN parameters.

VPRN service with configured parameters
*A:ALA-1>config>service# info
----------------------------------------------
...
        vprn 1 customer 1 create
            vrf-import "vrfImpPolCust1"
            vrf-export "vrfExpPolCust1"
            autonomous-system 10000
            route-distinguisher 10001:1

            exit
            no shutdown
        exit
...
----------------------------------------------
*A:ALA-1>config>service# 
Configuring Router Interfaces

See the 7210 SAS-Mxp, R6, R12, S, Sx, T Router Configuration Guide for command descriptions and syntax information to configure router interfaces.

Router interface configuration
ALA48>config>router# info
#------------------------------------------
echo "IP Configuration"
#------------------------------------------
...
        interface "if1"
            address 10.2.2.1/24

        exit
        interface "if2"
            address 10.49.1.46/24
            port 1/1/34
        exit
        interface "if3"
            address 10.11.11.1/24

        exit
...
#------------------------------------------
ALA48>config>router# 
Configuring VPRN protocols - BGP

The autonomous system number and router ID configured in the VPRN context only applies to that particular service.

The minimal parameters that should be configured for a VPRN BGP instance are:

  • Specify an autonomous system number for the router. See Configuring global VPRN parameters.

  • Specify a router ID - Note that if a new or different router ID value is entered in the BGP context, then the new values takes precedence and overwrites the VPRN-level router ID. See Configuring global VPRN parameters.

  • Specify a VPRN BGP peer group.

  • Specify a VPRN BGP neighbor with which to peer.

  • Specify a VPRN BGP peer-AS that is associated with the preceding peer.

VPRN BGP is administratively enabled upon creation. Minimally, to enable VPRN BGP in a VPRN instance, you must associate an autonomous system number and router ID for the VPRN service, create a peer group, neighbor, and associate a peer ASN. There are no default VPRN BGP groups or neighbors. Each VPRN BGP group and neighbor must be explicitly configured.

All parameters configured for VPRN BGP are applied to the group and are inherited by each peer, but a group parameter can be overridden on a specific basis. VPRN BGP command hierarchy consists of three levels:

  • the global level

  • the group level

  • the neighbor level

For example:

config>service>vprn>bgp#        (global level)
        group                      (group level)
                neighbor         (neighbor level)

Note that the local-address must be explicitly configured if two systems have multiple BGP peer sessions between them for the session to be established.

For more information about the BGP protocol, see the 7210 SAS-Mxp, R6, R12, S, Sx, T Router Configuration Guide.

Configuring VPRN BGP group and neighbor parameters

A group is a collection of related VPRN BGP peers. The group name should be a descriptive name for the group. Follow your group, name, and ID naming conventions for consistency and to help when troubleshooting faults.

All parameters configured for a peer group are applied to the group and are inherited by each peer (neighbor), but a group parameter can be overridden on a specific neighbor-level basis.

After a group name is created and options are configured, neighbors can be added within the same autonomous system to create IBGP connections or neighbors in different autonomous systems to create EBGP peers. All parameters configured for the peer group level are applied to each neighbor, but a group parameter can be overridden on a specific neighbor basis.

VPRN BGP CLI syntax

Use the syntax to configure VPRN BGP parameters (BGP configuration commands).

VPRN BGP configuration
*A:ALA-1>config>service# info 
----------------------------------------------
...
        vprn 1 customer 1 create
            vrf-import "vrfImpPolCust1"
            vrf-export "vrfExpPolCust1"

            autonomous-system 10000
            route-distinguisher 10001:1
            auto-bind ldp
            vrf-target target:10001:1
            interface "to-ce1" create
                address 10.1.0.1/24
                sap 1/1/10:1 create
                    ingress
                        
                        qos 100
                    exit
                        
                        filter ip 6
                    exit
                exit
            exit
            static-route 10.5.0.0/24 next-hop 10.1.1.2
            bgp
                router-id 10.0.0.1
                group "to-cel"
                    export "vprnBgpExpPolCust1"
                    peer-as 65101
                    neighbor 10.1.1.2
                    exit
                exit
            exit
            spoke-sdp 2 create
            exit
            no shutdown
        exit
...
----------------------------------------------
*A:ALA-1>config>service#
Configuring a VPRN interface

Interface names associate an IP address to the interface, and then associate the IP interface with a physical port. The logical interface can associate attributes like an IP address, port, Link Aggregation Group (LAG) or the system.

There are no default interfaces.

Note that you can configure a VPRN interface as a loopback interface by issuing the loopback command instead of the sap sap-id command. The loopback flag cannot be set on an interface where a SAP is already defined and a SAP cannot be defined on a loopback interface.

When using mtrace/mstat in a Layer 3 VPN context then the configuration for the VPRN should have a loopback address configured which has the same address as the core instance's system address (BGP next-hop).

See OSPF configuration commands (IPv4 only) for CLI commands and syntax.

VPRN interface configuration output
*A:7210 SAS>config>service>vprn>if# info detail
----------------------------------------------
                no description
                no address
                no mac
                arp-timeout 14400
                no allow-directed-broadcasts
                icmp
                    mask-reply
                    redirects 100 10
                    unreachables 100 10
                    ttl-expired 100 10
                exit
                no arp-populate
                dhcp
                    shutdown
                    no description
                    proxy-server
                        shutdown
                        no emulated-server
                        no lease-time
                    exit
                    no option
                    no server
                    no trusted
                    no lease-populate
                    no gi-address
                    no relay-plain-bootp
                    no use-arp
                exit
                no authentication-policy
                no ip-mtu
                no host-connectivity-verify
                no delayed-enable
                no bfd
                ipcp
                    no peer-ip-address
                    no dns
                exit
                no proxy-arp-policy
                no local-proxy-arp
                no remote-proxy-arp
                no shutdown
----------------------------------------------
*A:7210 SAS>config>service>vprn>if#
Configuring a VPRN interface SAP

A SAP is a combination of a port and encapsulation parameters which identifies the service access point on the interface and within the 7210 SAS. Each SAP must be unique within a router. A SAP cannot be defined if the interface loopback command is enabled.

When configuring VPRN interface SAP parameters, a default QoS policy is applied to each ingress and egress SAP. Additional QoS policies and scheduler policies must be configured in the config>qos context. Filter policies are configured in the config>filter context and must be explicitly applied to a SAP. There are no default filter policies.

VPRN interface SAP configuration output
*A:ALA-1>config>service# info
----------------------------------------------
...
        vprn 1 customer 1 create
            vrf-import "vrfImpPolCust1"
            vrf-export "vrfExpPolCust1"

            autonomous-system 10000
            route-distinguisher 10001:1
            auto-bind ldp
            vrf-target target:10001:1
            interface "to-ce1" create
                address 10.1.0.1/24
                sap 1/1/10:1 create
                    ingress
                        
                        qos 100
                    exit
                       
                        filter ip 6
                    exit
                exit
            exit
            static-route 10.5.0.0/24 next-hop 10.1.1.2
            spoke-sdp 2 create
            exit
            no shutdown
        exit
...
----------------------------------------------
*A:ALA-1>config>service#

Configuring VPRN protocols - OSPF

In a VPRN interface, each VPN routing instance is isolated from any other VPN routing instance, and from the routing used across the backbone. OSPF can be run with any VPRN, independently of the routing protocols used in other VPRNs, or in the backbone itself. For more information about the OSPF protocol, see the 7210 SAS-Mxp, R6, R12, S, Sx, T Routing Protocols Guide.

config>service>vprn>ospf#

VPRN OSPF CLI syntax

The following is a sample output of the VPRN OSPF previous configuration.

A:duta>config>service>vprn# info
----------------------------------------------
            router-id 10.10.10.1
            autonomous-system 100
            route-distinguisher 65510:1
            auto-bind ldp
            vrf-target target:65520:1
            interface "to-ixia-1" create
                address 10.1.1.1/24
                sap 1/1/9:1 create
                exit
            exit
            interface "to-ixia-2" create
                address 10.1.2.1/24
                sap 1/1/9:12 create
                exit
            exit
            ospf
                super-backbone
                vpn-domain 0005 0000.0000.0001
                export "from_mbgp_to_ospf"
                area 0.0.0.0
                    interface "to-ixia-2"
                        mtu 1500
                        no shutdown
                    exit
                    sham-link "to-ixia-1" 10.1.1.1
                    exit
                    sham-link "to-ixia-1" 10.11.1.1
                    exit
                exit
            exit
            no shutdown
----------------------------------------------
A:duta>config>service>vprn#

For more information about the OSPF protocol, see the 7210 SAS-Mxp, R6, R12, S, Sx, T Routing Protocols Guide.

Service management tasks

This section describes the service management tasks.

Modifying VPRN service parameters

Use the CLI syntax to modify VPRN parameters (VPRN services command reference).

The following is a sample VPRN service configuration output.

*A:ALA-1>config>service# info
----------------------------------------------
...
          vprn 1 customer 1 create
            shutdown
            vrf-import "vrfImpPolCust1"
            vrf-export "vrfExpPolCust1"

            maximum-routes 2000
            autonomous-system 10000
            route-distinguisher 10001:1
            interface "to-ce1" create
                address 10.1.1.1/24
                sap 1/1/10:1 create
                exit
            exit
            static-route 10.5.0.0/24 next-hop 10.1.1.2
            bgp
                router-id 10.0.0.1
                group "to-ce1"
                    export "vprnBgpExpPolCust1"
                    peer-as 65101
                    neighbor 10.1.1.2
                    exit
                exit
            exit
            spoke-sdp 2 create
            exit
        exit
...
----------------------------------------------
*A:ALA-1>config>service>vprn#

Deleting a VPRN service

An VPRN service cannot be deleted until SAPs and interfaces are shut down and deleted. If protocols or a spoke-SDP are defined, they must be shut down and removed from the configuration as well.

Use the following syntax to delete a VPRN service.

config>service#
    [no] vprn service-id [customer customer-id]
    shutdown
    [no]interfaceip-int-name
        shutdown
        [no]sap sap-id]
    [no] bgp
        shutdown
    [no] spoke-sdp sdp-id 
        [no] shutdown

Disabling a VPRN service

Use the following syntax to shut down a VPRN service without deleting any service parameters.

config>service#
    vprn service-id [customer customer-id]
    shutdown
Example:
config>service# vprn 1
    config>service>vprn# shutdown
    config>service>vprn# exit
*A:ALA-1>config>service# info
----------------------------------------------
...
        vprn 1 customer 1 create
            shutdown
            vrf-import "vrfImpPolCust1"
            vrf-export "vrfExpPolCust1"

            autonomous-system 10000
            route-distinguisher 10001:1
            auto-bind ldp
            vrf-target target:10001:1
            interface "to-ce1" create
                address 10.1.0.1/24
                sap 1/1/10:1 create
                    ingress
                        
                        qos 100
                    exit
                         filter ip 6
                    exit
                exit
            exit
            static-route 10.5.0.0/24 next-hop 10.1.1.2
            bgp
                router-id 10.0.0.1
                group "to-cel"
                    export "vprnBgpExpPolCust1"
                    peer-as 65101
                    neighbor 10.1.1.2
                    exit
                exit
            exit

            spoke-sdp 2 create
            exit
        exit
...
----------------------------------------------
*A:ALA-1>config>service#

Re-enabling a VPRN service

Use the following syntax to re-enable a VPRN service that was shut down.

config>service#
    vprn service-id [customer customer-id]
    no shutdown

VPRN services command reference

Command hierarchies

VPRN configuration commands

VPRN service configuration commands
config
    - service
        - vprn service-id [customer customer-id]
        - no vprn service-id
            - [no] allow-export-bgp-vpn
            - auto-bind-tunnel
                - resolution {any | filter | disabled}
                - resolution-filter
                    - [no] ldp
                    - [no] rsvp
                    - [no] sr-isis
                    - [no] sr-ospf
            - autonomous-system as-number
            - no autonomous-system
            - description description-string
            - no description
            - enable-bgp-vpn-backup [ipv4] [ipv6]
            - no enable-bgp-vpn-backup
            - maximum-ipv6-routes number [log-only] [threshold percent]
            - no maximum-ipv6-routes
            - maximum-routes number [log-only] [threshold percent]
            - no maximum-routes
            - route-distinguisher [ip-address:number1 | asn:number2]
            - no route-distinguisher
            - router-id ip-address
            - no router-id
            - sgt-qos
                - application dscp-app-name dscp {dscp-value | dscp-name}
                - application dot1p-app-name dot1p dot1p-priority
                - no application {dscp-app-name | dot1p-app-name}
                - dscp dscp-name fc fc-name
                - no dscp dscp-name
            - [no] shutdown
            - snmp-community community-name [version SNMP-version]
            - no snmp-community community-name
            - source-address
                - application app [ip-int-name | ip-address]
                - no application app
Spoke-SDP commands
config
    - service
        - vprn
            - [no] spoke-sdp sdp-id
                - description description-string
                - no description
                - [no] shutdown
            - [no] static-route {ip-prefix/prefix-length | ip-prefix netmask} [preference preference] [metric metric] [tag tag] [enable | disable] {next-hop ip-int-name | ip-address | ipsec-tunnel ipsec-tunnel-name} [bfd-enable | {cpe-check cpe-ip-address [interval seconds] [drop-count count] [log]}] {prefix-list prefix-list-name [all | none]}]
            - [no] static-route {ip-prefix/prefix-length | ip-prefix netmask} [preference preference] [metric metric] [tag tag] [enable | disable] indirect ip-address [cpe-check cpe-ip-address [interval seconds][drop-count count] [log]] {prefix-list prefix-list-name [all | none]}]
            - [no] static-route {ip-prefix/prefix-length | ip-prefix netmask} [preference preference] [metric metric] [tag tag] [enable | disable] black-hole {prefix-list prefix-list-name [all | none]}]
            - vrf-export policy-name [policy-name ... (up to 5 max)]
            - no vrf-export
            - vrf-import policy-name [policy-name ... (up to 5 max)]
            - no vrf-import
            - vrf-target {ext-comm | {[export ext-comm][import ext-comm]}}
            - no vrf-target
            - [no] shutdown
IGMP commands
config 
    - service
        - vprn service-id [customer customer-id]
        - no vprn service-id
            - igmp
                - [no] interface ip-int-name
                    - disable-router-alert-check
                    - no disable-router-alert-check
                    - import policy-name
                    - no import 
                    - max-groups value
                    - no max-groups
                    - max-sources sources
                    - no max-sources
                    - [no] shutdown
                    - ssm-translate 
                        - [no] grp-range start end
                            - [no] source ip-address
                    - static
                        - [no] group grp-ip-address
                        - [no] source ip-address
                        - [no] starg
                    - [no subnet-check
                    - version version
                    - no version
                - [no] query-interval 
                - query-interval seconds
                - [no] query-last-member-interval 
                - query-last-member-interval seconds
                - [no] query-response-interval 
                - query-response-interval seconds
                - [no] robust-count 
                - robust-count robust-count
                - [no] shutdown
                - ssm-translate 
                    - [no] grp-range start end
                        - [no] source ip-address
Multicast VPN commands
Note:

Multicast VPN commands are only supported on the 7210 SAS-Mxp, 7210 SAS-T (network operating mode), and 7210 SAS-Sx/S 1/10GE (operating in standalone and standalone-VC mode).

config 
    - service
        - vprn service-id [customer customer-id]
        - no vprn service-id
            - mvpn
                - [no] auto-discovery [default]
                - c-mcast-signaling {bgp}
                - no c-mcast-signaling
                - [no] intersite-shared
                - mdt-type {sender-receiver | sender-only | receiver-only}
                - no mdt-type
                - provider-tunnel
                    - inclusive
                        - bsr {unicast | spmsi}
                        - no bsr 
                        - [no] mldp
                            - [no] shutdown
                        - [no] rsvp 
                            - lsp-template lsp-template
                            -  no lsp-template
                            - [no] shutdown
                        - [no] wildcard-spmsi
                    - selective
                        - data-delay-interval value
                        - no data-delay-interval
                        - data-threshold {c-grp-ip-addr/mask | c-grp-ip-addr netmask} 
                        - no data-threshold {c-grp-ip-addr/mask | c-grp-ip-addr netmask}
                        - maximum-p2mp-spmsi range
                        - no maximum-p2mp-spmsi
                        - [no] mldp
                            - [no] shutdown
                        - [no] rsvp
                            - lsp-template lsp-template
                            - no lsp-template
                            - no shutdown
                - umh-selection {highest-ip}
                - no umh-selection
                - vrf-export {unicast | policy-name [policy-name...(up to 15 max)]}
                - no vrf-export
                - vrf-import {unicast | policy-name [policy-name...(up to 15 max)]}
                - no vrf-import
                - vrf-target {unicast | ext-community | export unicast | ext-community | import unicast | ext-community}
                - no vrf-target
                    - export {unicast | ext-community}
                    - import {unicast | ext-community}
Interface commands
config 
    - service
        - vprn service-id [customer customer-id]
        - no vprn service-id
            - [no] interface ip-int-name
                - address {ip-address/mask | ipaddress netmask} [broadcast all-ones | host-ones]
                - no address 
                - [no] allow-directed-broadcasts
                - arp-timeout [seconds]
                - no arp-timeout 
                - bfd transmit-interval [receive receive-interval] [multiplier multiplier][echo-receive echo-interval] 
                - no bfd
                - cflowd-parameters
                    - sampling {unicast|multicast} type {interface} [direction {ingress-only}]
                    - no sampling {unicast|multicast}
                - delayed-enable seconds
                - no delayed-enable
                - dhcp
                    - description description-string
                    - no description
                    - gi-address ip-address [src-ip-addr]
                    - no gi-address 
                    - [no] option
                        - action {replace | drop | keep}
                        - no action
                        - [no] circuit-id [ascii-tuple | ifindex | sap-id | vlan-ascii-tuple]
                        - [no] remote-id [mac | string string]
                        - [no] vendor-specific-option
                            - [no] client-mac-address
                            - [no] sap-id
                            - [no] service-id
                            - string text
                            - no string
                            - [no] system-id
                    - no relay-plain-bootp
                    - relay-plain-bootp
                    - no server
                    - server server1 [server2 ... (up to 8 max)]
                    - [no] shutdown
                    - [no] trusted
                - description description-string
                - no description [description-string]
                - icmp 
                    - [no] mask-reply 
                    - redirects number seconds
                    - no redirects [number seconds]
                    - ttl-expired number seconds
                    - no ttl-expired [number seconds]
                    - unreachables number seconds
                    - no unreachables [number seconds]
                - ip-mtu octets 
                - no ip-mtu
                - ipv6
                - no ipv6
                    - [no] address ipv6-address/prefix-length [eui-64] [preferred]
                    - [no] dhcp6-relay
                        - description description-string
                        - no description
                        - [no] option
                            - interface-id
                            - interface-id ascii-tuple
                            - interface-id ifindex
                            - interface-id sap-id
                            - interface-id string
                            - no interface-id
                            - [no] remote-id
                        - [no] server ipv6z-address
                        - [no] shutdown
                        - [no] source-address ipv6-address
                    - icmp6
                        - [no] packet-too-big number seconds
                        - [no] param-problem number seconds
                        - [no] redirects number seconds
                        - [no] time-exceeded number seconds
                        - [no] unreachables number seconds
                    - [no] link-local-address ipv6-address [preferred]
                    - [no] local-proxy-nd
                    - [no] neighbor ipv6-address mac-address
                    - [no] proxy-nd-policy policy-name [policy-name ... (up to 5 max)]
                - [no] local-proxy-arp
                - [no] loopback
                - [no] proxy-arp-policy policy-name [policy-name ... (up to 5 max)]
                - proxy-arp-policy ieee-address
                - no proxy-arp-policy
                - [no] remote-proxy-arp
                - secondary {ip-address/mask | ip-address netmask} [broadcast {all-ones | host-ones}] [igp-inhibit]
                - no secondary {ip-address/mask | ip-address netmask}
                - static-arp ip-address ieee-address
                - no static-arp ip-address [ieee-address]
                - static-arp ieee-addr unnumbered 
                - no static-arp [ieee-addr] unnumbered
                - [no] shutdown
                - [no] vrrp virtual-router-id
Interface VRRP commands
Note:

  • Interface VRRP commands support IPv6 addresses on 7210 SAS-Mxp only.

  • Interface VRRP commands are only supported on 7210 SAS platforms operating in network mode.

config 
    - service
        - vprn service-id [customer customer-id]
        - no vprn service-id
            - interface ip-int-name
                - ipv6
                    - vrrp virtual-router-id [owner]
                    - no vrrp virtual-router-id 
                        - [no] backup ip-address
                        - init-delay seconds
                        - no init-delay
                        - [no] master-int-inherit
                        - message-interval {[seconds] [milliseconds milliseconds]}
                        - no message-interval
                        - [no] ping-reply
                        - policy vrrp-policy-id
                        - no policy
                        - [no] preempt
                        - priority priority
                        - no priority
                        - [no] shutdown
                        - [no] standby-forwarding
                        - [no] telnet-reply
                        - [no] traceroute-reply
                - vrrp virtual-router-id [owner]
                - no vrrp virtual-router-id 
                    - authentication-key {authentication-key | hash-key} [hash | hash2]
                    - no authentication-key
                    - [no] backup ip-address
                    - [no] bfd-enable [service-id] interface interface-name dst-ip ip-address
                    - init-delay seconds
                    - no init-delay
                    - [no] master-int-inherit
                    - message-interval {[seconds] [milliseconds milliseconds]}
                    - no message-interval
                    - [no] ping-reply
                    - policy vrrp-policy-id
                    - no policy
                    - [no] preempt
                    - priority priority
                    - no priority
                    - [no] shutdown
                    - [no] ssh-reply
                    - [no] standby-forwarding
                    - [no] telnet-reply
                    - [no] traceroute-reply
Interface SAP commands
config 
    - service
        - vprn service-id [customer customer-id] [create] 
        - no vprn service-id
            - [no] interface ip-int-name [create] [tunnel]
                - [no] sap sap-id [create]
                    - accounting-policy acct-policy-id
                    - no accounting-policy [acct-policy-id]
                    - [no] collect-stats
                    - description description-string
                    - no description [description-string]
                    - ingress
                        - meter-override
                            - meter meter-id [create]
                            - no meter meter-id
                                - adaptation-rule [pir adaptation-rule] [cir adaptation-rule]
                                - cbs size [kbits | bytes | kbytes] 
                                - no cbs
                                - mbs size [kbits | bytes | kbytes] 
                                - no mbs
                                - mode mode 
                                - no mode
                                - rate cir cir-rate [pir pir-rate]
                    - [no] shutdown
                    - statistics
                        - ingress
                            - counter-mode {in-out-profile-count | forward-drop-count}
VPRN SAP QoS and filter commands (for 7210 SAS-T, 7210 SAS-Sx/S 1/10GE, and 7210 SAS-Sx 10/100GE)
config 
    - service
        - vprn service-id [customer customer-id] [create] 
        - no vprn service-id
            - [no] interface ip-int-name [create] [tunnel]
                - [no] sap sap-id 
                    - egress 
                        - aggregate-meter-rate rate-in-kbps [burst burst-in-kbits] [enable-stats] 
                        - no aggregate-meter-rate 
                        - filter ip ip-filter-id
                        - filter ipv6 ipv6 -filter-id 
                        - no filter [ip ip-filter-id] [ipv6 ipv6 -filter-id] 
                        - qos policy-id 
                        - no qos
                    - ingress 
                        - aggregate-meter-rate rate-in-kbps [burst burst-in-kbits] 
                        - no aggregate-meter-rate
                        - filter ip ip-filter-id
                        - filter [ipv6 ipv6-filter-id] 
                        - no filter [ip ip-filter-id] [ipv6 ipv6-filter-id] 
                        - qos policy-id 
                        - no qos
VPRN SAP QoS and filter commands (for 7210 SAS-Mxp)
config 
    - service
        - vprn service-id [customer customer-id] [create] 
        - no vprn service-id
            - [no] interface ip-int-name [create] [tunnel]
                - [no] sap sap-id 
                    - egress 
                        - agg-rate-limit agg-rate 
                        - no agg-rate-limit
                        - filter [ip ip-filter-id]
                        - filter [ipv6 ipv6 -filter-id] 
                        - filter [mac mac-filter-id] 
                        - no filter [ip ip-filter-id] [ipv6 ipv6 -filter-id] [mac mac-filter-id]
                        - qos policy-id 
                        - no qos
                    - ingress 
                        - aggregate-meter-rate rate-in-kbps [burst burst-in-kbits] 
                        - no aggregate-meter-rate 
                        - filter [ip ip-filter-id]
                        - filter [ipv6 ipv6-filter-id] 
                        - filter [mac mac-filter-id]
                        - no filter [ip ip-filter-id] [ipv6 ipv6-filter-id] [mac mac-filter-id]
                        - qos policy-id [enable-table-classification] 
                        - no qos
BGP configuration commands
config 
    - service
        - vprn service-id [customer customer-id]
        - no vprn service-id
            - [no] bgp 
                - [no] advertise-inactive
                - [no] aggregator-id-zero 
                - always-compare-med {zero | infinity} 
                - no always-compare-med
                - [no] as-path-ignore 
                - auth-keychain name
                - authentication-key [authentication-key | hash-key] [hash | hash2]
                - no authentication-key
                - [no] backup-path [ipv4] [ipv6] 
                - best-path-selection
                    - always-compare-med {zero | infinity}
                    - always-compare-med strict-as {zero | infinity}
                    - no always-compare-med
                    - as-path-ignore [ipv4] [ipv6]
                    - no as-path-ignore
                    - ignore-nh-metric
                    - no ignore-nh-metric
                    - ignore-router-id
                    - no ignore-router-id
                - [no] connect-retry seconds
                - [no] damping
                - description description-string
                - no description
                - [no] disable-4byte-asn
                - disable-capability-negotiation
                - no disable-capability-negotiation
                - disable-communities [standard] [extended]
                - no disable-communities
                - [no] disable-fast-external-failover
                - [no] enable-peer-tracking
                - export policy-name [policy-name...(up to 5 max)]
                - no export
                - family [ipv4] [ipv6]
                - no family
                - hold-time seconds [strict]
                - no hold-time
                - import policy-name [policy-name...(up to 5 max)]
                - no import
                - keepalive seconds
                - no keepalive
                - local-preference ip-address
                - no local-preference
                - local-as
                - local-as as-number [private]
                - no local-as
                - local-preference local-preference
                - no local-preference
                - loop-detect {drop-peer | discard-route | ignore-loop | off}
                - no loop-detect
                - med-out {number | igp-cost}
                - no med-out
                - min-as-origination seconds
                - no min-as-origination
                - min-route-advertisement seconds
                - no min-route-advertisement
                - multihop ttl-value
                - no multihop
                - next-hop-self
                - no next-hop-self
                - preference preference
                - no preference
                - peer-as as number
                - no peer-as
                - [no] path-mtu-discovery
                - [no] rapid-withdrawal
                - [no] remove-private
                - router-id ip-address
                - no router-id
                - [no] shutdown
                - [no] group name [dynamic-peer]
                    - [no] advertise-inactive
                    - [no] aggregator-id-zero
                    - [no] as-override
                    - auth-keychain name
                    - authentication-key [authentication-key | hash-key] [hash | hash2]
                    - no authentication-key
                    - connect-retry seconds
                    - no connect-retry
                    - [no] damping
                    - description description-string
                    - no description
                    - [no] disable-4byte-asn
                    - disable-communities [standard] [extended]
                    - no disable-communities
                    - [no] disable-fast-external-failover 
                    - [no] enable-peer-tracking
                    - export policy-name [policy-name...(up to 5 max)]
                    - no export
                    - family [ipv4] [ipv6]
                    - no family
                    - hold-time seconds [strict]
                    - no hold-time
                    - import policy-name [policy-name...(up to 5 max)]
                    - no import
                    - keepalive seconds
                    - no keepalive
                    - local-address ip-address
                    - no local-address
                    - local-as as-number [private]
                    - no local-as
                    - local-preference local-preference
                    - no local-preference
                    - loop-detect {drop-peer | discard-route | ignore-loop | off}
                    - no loop-detect
                    - med-out {number | igp-cost}
                    - no med-out
                    - min-as-origination seconds
                    - no min-as-origination
                    - min-route-advertisement seconds
                    - no min-route-advertisement
                    - multihop ttl-value
                    - no multihop
                    - [no] next-hop-self
                    - peer-as as-number
                    - no peer-as
                    - preference preference
                    - no preference
                    - [no] path-mtu-discovery
                    - prefix-limit limit [log-only] [threshold percent]
                    - no prefix-limit
                    - [no] remove-private
                    - [no] shutdown
                    - ttl-security min-ttl-value
                    - no ttl-security
                    - type {internal | external}
                    - no type
                    - [no] neighbor ip-address
                        - [no] advertise-inactive
                        - [no] aggregator-id-zero
                        - [no] as-override
                        - auth-keychain name
                        - authentication-key [authentication-key | hash-key] [hash | hash2]
                        - no authentication-key
                        - connect-retry seconds
                        - no connect-retry
                        - [no] damping
                        - description description-string
                        - no description
                        - [no] disable-4byte-asn 
                        - disable-communities [standard] [extended]
                        - no disable-communities
                        - [no] disable-fast-external-failover
                        - [no] enable-peer-tracking
                        - export policy-name [policy-name...(up to 5 max)]
                        - no export
                        - family [ipv4] [ipv6]
                        - no family
                        - hold-time seconds [strict]
                        - no hold-time
                        - import policy-name [policy-name...(up to 5 max)]
                        - no import
                        - keepalive seconds
                        - no keepalive
                        - local-address ip-address
                        - no local-address
                        - local-as as-number [private]
                        - no local-as
                        - local-preference local-preference
                        - no local-preference
                        - loop-detect {drop-peer | discard-route | ignore-loop | off}
                        - no loop-detect
                        - med-out {number | igp-cost}
                        - no med-out
                        - min-as-origination seconds
                        - no min-as-origination
                        - min-route-advertisement seconds
                        - no min-route-advertisement
                        - multihop ttl-value
                        - no multihop
                        - [no] next-hop-self
                        - peer-as as-number
                        - no peer-as
                        - preference preference
                        - no preference
                        - [no] path-mtu-discovery
                        - prefix-limit limit [log-only] [threshold percent]
                        - no prefix-limit
                        - [no] remove-private
                        - [no] shutdown
                        - ttl-security min-ttl-value
                        - no ttl-security
                        - type {internal | external}
                        - no type
Router advertisement commands
config 
    - service
        - vprn service-id [customer customer-id]
        - no vprn service-id
            - [no]router-advertisement
                - [no] interface ip-int-name
                    - current-hop-limit number
                    - no current-hop-limit
                    - [no] managed-configuration 
                    - max-advertisement-interval seconds
                    - no max-advertisement-interval
                    - min-advertisement-interval seconds
                    - no min-advertisement-interval
                    - mtu mtu-bytes
                    - no mtu
                    - [no] other-stateful-configuration
                    - prefix
                        - [no] autonomous
                        - [no] on-link
                        - preferred-lifetime {seconds | infinite}
                        - no preferred-lifetime
                        - valid-lifetime{seconds | infinite}
                        - no valid-lifetime
                    - reachable-time milli-seconds
                    - no reachable-time
                    - retransmit-time milli-seconds
                    - no retransmit-time
                    - router-lifetime seconds
                    - no router-lifetime
                    - [no] shutdown
OSPF configuration commands (IPv4 only)
Note:

OSPF configuration commands only support IPv4 addresses.

config 
    - service
        - vprn service-id [customer customer-id]
        - no vprn service-id
            - [no] ospf
                - [no] area area-id
                    - area-range ip-prefix/mask [advertise | not-advertise]
                    - no area-range ip-prefix/mask
                    - [no] blackhole-aggregate
                    - [no] interface ip-int-name [secondary]
                        - [no] advertise-subnet
                        - authentication-key [authentication-key | hash-key] [hash | hash2]
                        - no authentication-key
                        - authentication-type {password | message-digest}
                        - no authentication-type
                        - bfd-enable [remain-down-on-failure]
                        - no bfd-enable
                        - dead-interval seconds
                        - no dead-interval
                        - hello-interval seconds
                        - no hello-interval
                        - interface-type {broadcast | point-to-point}
                        - no interface-type
                        - message-digest-key key-id md5 [key | hash-key] [hash | hash2]
                        - no message-digest-key key-id
                        - metric metric
                        - no metric
                        - mtu bytes
                        - no mtu
                        - [no] passive
                        - priority number
                        - no priority
                        - retransmit-interval seconds
                        - no retransmit-interval
                        - [no] shutdown
                        - transit-delay seconds
                        - no transit-delay
                    - [no] nssa
                        - area-range ip-prefix/mask [advertise | not-advertise]
                        - no area-range ip-prefix/mask
                        - originate-default-route [type-7]
                        - no originate-default-route 
                        - [no] redistribute-external
                        - [no] summaries
                    - [no] sham-link ip-int-name ip-address
                        - authentication-key [authentication-key | hash-key] [hash | hash2]
                        - no authentication-key
                        - authentication-type {password | message-digest}
                        - no authentication-type
                        - dead-interval seconds
                        - no dead-interval
                        - hello-interval seconds
                        - no hello-interval
                        - message-digest-key key-id md5 [key | hash-key] [hash | hash2]
                        - no message-digest-key key-id
                        - metric metric
                        - no metric
                        - retransmit-interval seconds
                        - no retransmit-interval
                        - [no] shutdown
                        - transit-delay seconds
                        - no transit-delay
                    - [no] stub
                        - default-metric metric
                        - no default-metric
                        - [no] summaries
                    - [no] virtual-link router-id transit-area area-id
                        - authentication-key [authentication-key | hash-key] [hash | hash2]
                        - no authentication-key
                        - authentication-type {password | message-digest}
                        - no authentication-type
                        - dead-interval seconds
                        - no dead-interval
                        - hello-interval seconds
                        - no hello-interval
                        - message-digest-key key-id md5 [key | hash-key] [hash | hash2]
                        - no message-digest-key key-id
                        - retransmit-interval seconds
                        - no retransmit-interval
                        - [no] shutdown
                        - transit-delay seconds
                        - no transit-delay
                - [no] compatible-rfc1583
                - export policy-name [policy-name...(up to 5 max)]
                - no export
                - external-db-overflow limit seconds
                - no external-db-overflow
                - external-preference preference
                - no external-preference
                - [no] ignore-dn-bit 
                - import policy-name [policy-name...(up to 5 max)]
                - no import policy-name [policy-name...(up to 5 max)]
                - overload [timeout seconds]
                - no overload
                - [no] overload-include-stub
                - overload-on-boot [timeout seconds]
                - no overload-on-boot
                - preference preference
                - no preference
                - reference-bandwidth bandwidth-in-kbps
                - no reference-bandwidth
                - router-id ip-address
                - no router-id
                - [no] shutdown
                - [no] super-backbone
                - [no] suppress-dn-bit
                - timers
                    - [no] lsa-arrival lsa-arrival-time
                    - [no] lsa-generate max-lsa-wait [lsa-initial-wait [lsa-second-wait]]
                    - [no] spf-wait max-spf-wait [spf-initial-wait [spf-second-wait]] 
                - vpn-domain id {0005 | 0105 | 0205 | 8005}
                - no vpn-domain
                - vpn-tag vpn-tag
                - no vpn-tag 
PIM configuration commands (for 7210 SAS-T (network operating mode) and 7210 SAS-Mxp)
config 
    - service
        - vprn
            - [no] pim
                - import {join-policy | register-policy} [policy-name [.. policy-name ..(up to 5 max)]
                - no import {join-policy | register-policy} 
                - [no] interface ip-int-name
                    - assert-period assert-period
                    - no assert-period 
                    - [no] bfd-enable [ipv4]
                    - [no] bsm-check-rtr-alert
                    - hello-interval hello-interval
                    - no hello-interval 
                    - hello-multiplier deci-units
                    - no hello-multiplier
                    - [no] improved-assert
                    - instant-prune-echo
                    - no instant-prune-echo
                    - max-groups value
                    - no max-groups
                    - multicast-senders {auto | always | never}
                    - no multicast-senders
                    - priority dr-priority
                    - no priority
                    - [no] shutdown
                    - sticky-dr [priority dr-priority]
                    - no sticky-dr
                    - three-way-hello 
                    - no three-way-hello
                    - [no] tracking-support
                - [no] non-dr-attract-traffic
                - rp
                    - [no] anycast rp-ip-address
                        - [no] rp-set-peer ip-address
                    - bootstrap-export policy-name [policy-name ... (up to 5 max)]
                    - no bootstrap-export
                    - bootstrap-import policy-name [policy-name ... (up to 5 max)]
                    - no bootstrap-import
                    - bsr-candidate
                        - address ip-address
                        - no address
                        - hash-mask-len hash-mask-length
                        - no hash-mask-len
                        - priority bootstrap-priority
                        - no priority
                        - [no] shutdown
                    - rp-candidate
                        - address ip-address
                        - no address
                        - [no] group-range {grp-ip-address/mask | grp-ip-address [netmask]}
                        - holdtime holdtime
                        - no holdtime 
                        - priority priority
                        - no priority
                        - [no] shutdown
                    - static
                        - [no] address ip-address
                            - [no] group-prefix {grp-ip-address/mask | grp-ip-address netmask}
                            - [no] override
                - [no] shutdown
                - spt-switchover-threshold {grp-ip-address/mask | grp-ip-address netmask} spt-threshold
                - no spt-switchover-threshold {grp-ip-address/mask | grp-ip-address netmask} spt-threshold
                - ssm-assert-compatible-mode [enable | disable]
                - ssm-default-range-disable ipv4
                - [no] ssm-groups
                    - [no] group-range {grp-ip-address/mask | grp-ip-address netmask}

Show commands

show
    - service
        - egress-label start-label [end-label]
        - ingress-label start-label [[end-label]
        - id service-id
            - all
            - base
            - dhcp
                - statistics [sap sap-id] [interface interface-name]
                - summary [interface interface-name | saps]
            - sap [sap-id [detail]]
            - sdp [sdp-id | far-end ip-address] [detail]
        - labels
        - sap-using [sap sap-id]
        - sap-using interface [ip-address | ip-int-name]
        - sap-using [ingress | egress] filter filter-id
        - sap-using [ingress | qos-policy qos-policy-id
        - sdp-using [sdp-id | far-end ip-address] [detail | keep-alive-history]
        - sdp-using [sdp-id[:vc-id] 
        - service-using [vprn] [sdp sdp-id] [customer customer-id]
show
    - router [vprn-service-id]
        - aggregate [family] [active]
        - arp [ip-int-name | ip-address[/mask] | macieee-mac address | summary] [local | dynamic | static | managed]
        - bgp
            - auth-keychain [keychain]
            - damping [ip-prefix[/prefix-length]] [decayed | history | suppressed] [detail] [ipv4]
            - damping [ip-prefix[/prefix-length]] [decayed | history | suppressed] [detail] vpn-ipv4
            - group [name] [detail] inter-as-label
            - neighbor [ip-address [detail]
            - neighbor [as-number [detail]
            - neighbor [ip-address [[family family] filter1] [filter3]]
            - neighbor [as-number [[family family] filter2]]
            - next-hop [family] [ip-address [detail]]
            - paths
            - routes [family family] [prefix [detail | longer]]
            - routes [family family] [prefix [hunt | brief]]
            - routes [family family] [community comm-id]
            - routes [family family] [aspath-regex reg-ex1]
            - routes [family] [ipv6-prefix[/prefix-length] [detail | longer] | [hunt [brief]]]
            - summary [all]
        - interface [{[ip-address | ip-int-name] [detail]} | summary [family family] [neighbor ip-address]
        - mvpn
        - mvpn-list [type type] [auto-discovery auto-discovery] [signalling signalling] [group group] 
        - route-table [family][ip-address[/prefix-length] [longer | exact]] | [protocol protocol-name] | [summary] 
        - sgt-qos               (See Note) 
            - application 
            - dscp-map 
        - static-arp [ip-address | ip-int-name | mac ieee-mac-address]
        - static-route [ip-prefix /mask] | [preference preference] | [next-hop ip-address | tag tag] [detail]
        - tunnel-table [ip-address[/mask] [protocol protocol | sdp sdp-id]
        - tunnel-table [summary]
Note:

For descriptions of the show router sgt-qos commands, refer to the 7210 SAS-Mxp, R6, R12, S, Sx, T Quality of Service Guide, ‟Network QoS Policy Command Reference, Show Commands (for 7210 SAS-Mxp)”.

Clear commands

clear
    - router
        - bgp
            - damping [{prefix/mask [neighbor ip-address]} | {group name}]
            - flap-statistics [[ip-prefix/mask] [neighbor ip-address]] | [group group-name] | [regex reg-exp] | [policy policy-name]
            - neighbor {ip-address | as as-number | external | all} [soft | soft-inbound | statistics]
            - protocol
        - forwarding-table [slot-number]
        - interface [ip-int-name | ip-address] [icmp] [statistics]
clear
    - service
        - id service-id
            - spoke-sdp sdp-id:vc-id ingress-vc-label
        - statistics
            - sap sap-id {all | counters | stp}
            - sdp sdp-id keep-alive
            - id service-id
                - counters
                - spoke-sdp sdp-id:vc-id {all | counters | stp}
                - spoke-sdp

Command descriptions

VPRN service configuration commands

Generic commands
description
Syntax

description description-string

no description

Context

config>service>vprn>bgp

config>service>vprn

config>service>vprn>if

config>service>vprn>if>sap

config>service>vprn>if>ipv6 (only supported on the 7210 SAS-Mxp)

config>service>vprn>if>ipv6>dhcp6-relay (only supported on the 7210 SAS-Mxp)

config>service>vprn>bgp

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document

Description

This command creates a text description stored in the configuration file for a configuration context.

The no form of this command removes the string from the configuration.

Parameters
description-string

Specifies the description character string. Allowed values are any string up to 80 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.

shutdown
Syntax

[no] shutdown

Context

config>service>vprn

config>service>vprn>if

config>service>vprn>if>sap

config>service>vprn>if>ipv6 (only supported on the 7210 SAS-Mxp)

config>service>vprn>if>ipv6>dhcp6-relay (only supported on the 7210 SAS-Mxp)

config>service>vprn>bgp

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

config>service>vprn>spoke-sdp

config>service>vprn>if>vrrp

config>service>vprn>if>ipv6>vrrp

config>service>vprn>if>dhcp

config>service>vprn>if>ipv6>dhcp

config>service>vprn>if>ipv6>ospf

config>service>vprn>if>ipv6>pim

config>service>vprn>if>ipv6>igmp

Platforms

Supported on all 7210 SAS platforms as described in this document

Description

This command administratively disables an entity. When disabled, an entity does not change, reset, or remove any configuration settings or statistics.

The operational state of the entity is disabled, as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted.

Default administrative states for services and service entities is described as follows in Special Cases.

The no form of this command places the entity into an administratively enabled state.

If the AS number was previously changed, the BGP AS number inherits the new value.

Special Cases
Service Admin State

Bindings to an SDP within the service are put into the out-of-service state when the service is shut down. While the service is shut down, all customer packets are dropped and counted as discards for billing and debugging purposes.

A service is regarded as operational providing that one IP Interface SAP and one SDP is operational.

VPRN BGP

Disables the BGP instance on the specific IP interface. Routes learned from a neighbor that is shut down are immediately removed from the BGP database and RTM. If BGP is globally shut down, all group and neighbor interfaces are operationally shut down. If a BGP group is shut down, all member neighbor interfaces are shutdown operationally. If a BGP neighbor is shut down, only that neighbor interface is operationally shutdown.

VRRP Protocol Handling

On all 7210 SAS platforms, VRRP is created in the no shutdown state.

On the 7210 SAS-Mxp, the protocol is handled as follows.

The configure service vprn if vrrp command instantiates the protocol in the no shutdown state, and resources are allocated to enable the node to process the protocol.

To deallocate resources, you must issue the configure service vprn if vrrp shutdown and configure service vprn if no vrrp commands to allow the node to start up correctly after the reboot. It is not sufficient to only issue a configure service vprn if vrrp shutdown command.

Resources for VRRP are allocated when the VRRP context is enabled, either in the base routing instance or the VPRN service instance. Resources are deallocated when the configuration of the last VRRP context under either base routing instances or VPRN service is removed or shutdown.

VRRPv3 Protocol Handling

On all 7210 SAS platforms, VRRPv3 is created in the no shutdown state.

On the 7210 SAS-Mxp, the protocol is handled as follows.

The configure service vprn if ipv6 vrrp command instantiates the protocol in the no shutdown state, and resources are allocated to enable the node to process the protocol.

To deallocate resources, you must issue the configure service vprn if ipv6 vrrp shutdown and configure service vprn if ipv6 no vrrp commands to allow the node to start up correctly after the reboot. It is not sufficient to only issue the configure service vprn if ipv6 vrrp shutdown command.

The resources for VRRPv3 are allocated when the VRRPv3 context is enabled either in the base routing instance or the VPRN service instance. Resources are deallocated when the configuration of the last VRRPv3 context under either base routing instances or VPRN service is removed or shutdown.

BGP Protocol Handling

On all 7210 SAS platforms, BGP is created in the no shutdown state.

On the 7210 SAS-Mxp, the protocol is handled as follows.

The configure service vprn bgp command instantiates the protocol in the no shutdown state, and resources are allocated to enable the node to process the protocol.

To deallocate resources, you must issue the configure service vprn bgp shutdown and configure service vprn no bgp commands to allow the node to start up correctly after the reboot. It is not sufficient to only issue a configure service vprn bgp shutdown command.

Resources for BGP are allocated when the BGP context is enabled either in the base routing instance or the VPRN service. Resources are deallocated when the configuration of the last BGP context under either the base routing instance or VPRN service instance is removed and shutdown.

IGMP Protocol Handling

On all 7210 SAS platforms, IGMP is created in the no shutdown state.

On the 7210 SAS-Mxp, the protocol is handled as follows.

The configure service vprn igmp command instantiates the protocol in the no shutdown state, and resources are allocated to enable the node to process the protocol.

To deallocate resources, you must issue the configure service vprn igmp shutdown and configure service vprn no igmp commands to allow the node to start up correctly after the reboot. It is not sufficient to issue only the configure service vprn igmp shutdown command.

Resources for IGMP are allocated when the IGMP protocol is enabled, either in the base routing instance or the VPRN service instance. Resources are deallocated when the configuration of the last IGMP context under either base routing instances or VPRN service is removed or shutdown.

PIM Protocol Handling

On all 7210 SAS platforms, PIM is created in the no shutdown state.

On the 7210 SAS-Mxp, the protocol is handled as follows.

The configure service vprn pim command instantiates the protocol in the no shutdown state and resources are allocated to enable the node to process the protocol.

To deallocate resources, you must issue the configure service vprn pim shutdown and configure service vprn no pim commands to allow the node to start up correctly after the reboot. It is not sufficient to issue only the configure service vprn pim shutdown command.

Resources for PIM are allocated when the PIM protocol is enabled, either in the base routing instance or the VPRN service instance. Resources are deallocated when the configuration of the last PIM context under either base routing instances or VPRN service is removed or shutdown.

OSPFv2 Protocol Handling

On all 7210 SAS platforms, OSPFv2 is created in the no shutdown state.

On the 7210 SAS-Mxp, the protocol is handled as follows.

The configure service vprn ospf command instantiates the protocol in the no shutdown state, and resources are allocated to enable the node to process the protocol.

To deallocate resource, you must issue the configure service vprn ospf shutdown and configure service vprn no ospf commands to allow the node to start up correctly after the reboot. It is not sufficient to issue only the configure service vprn ospf shutdown command.

Resources for OSPF are allocated when the OSPF protocol is enabled, either in the base routing instance or the VPRN service instance. Resources are deallocated when the configuration of the last OSPF context under either base routing instances or VPRN service is removed or shutdown

DHCP Protocol Handling for 7210 SAS-Mxp

When the no shutdown command is issued in the configure>service>vprn>if>dhcp context under the first IPv4 interface configured, in either the base routing instance or VPRN service instance, resources are allocated to enable the node to process the protocol.

The resources are deallocated when you issue the configure service vprn if dhcp shutdown command for the last IPv4 interface configured, in either the base routing instance or VPRN service instance enabled to use DHCP relay (IPv4).

DHCP6-RELAY Protocol Handling for 7210 SAS-Mxp

When the no shutdown command is issued in the configure>service>vprn>if>ipv6>dhcp6-relay context under the first IPv6 interface configured in any VPRN service, resources are allocated to enable processing of the protocol by the node.

The resources are deallocated when you issue the configure service vprn if ipv6 dhcp6-relay shutdown command for the last IPv6 interface configured in either the base routing instance or VPRN service instance enabled to use DHCP6 relay.

Global commands
vprn
Syntax

vprn service-id [customer customer-id] [create]

no vprn service-id

Context

config>service

Platforms

Supported on all 7210 SAS platforms as described in this document

Description

This command creates or edits a Virtual Private Routed Network (VPRN) service instance.

If the service-id does not exist, a context for the service is created. If the service-id exists, the context for editing the service is entered.

VPRN services allow the creation of customer-facing IP interfaces in the same routing instance used for service network core routing connectivity. VPRN services require that the IP addressing scheme used by the subscriber must be unique between it and other addressing schemes used by the provider and potentially the entire Internet.

IP interfaces defined within the context of an VPRN service ID must have a SAP created as the access point to the subscriber network.

When a service is created, the customer keyword and customer-id must be specified to associate the service with a customer. The customer-id must already exist, having been created using the customer command in the service context. When a service is created with a customer association, it is not possible to edit the customer association. The service must be deleted and recreated with a new customer association.

When a service is created, the use of the customer customer-id is optional to navigate into the service configuration context. Attempting to edit a service with the incorrect customer-id results in an error.

Multiple VPRN services are created to separate customer-owned IP interfaces. More than one VPRN service can be created for a single customer ID. More than one IP interface can be created within a single VPRN service ID. All IP interfaces created within an VPRN service ID belong to the same customer.

The no form of this command deletes the VPRN service instance with the specified service-id. The service cannot be deleted until all the IP interfaces and all routing protocol configurations defined within the service ID have been shut down and deleted.

Parameters
service-id

Specifies the service ID number identifying the service in the service domain. This ID must be unique to this service and may not be used for any other service of any type. The service-id must be the same number used for every 7210 SAS on which this service is defined.

Values

service-id: 1 to 2147483648

svc-name: 64 characters maximum

customer customer-id

Specifies an existing customer ID number to be associated with the service. This parameter is required on service creation and is optional for service editing or deleting.

Values

1 to 2147483647

allow-export-bgp-vpn
Syntax

[no] allow-export-bgp-vpn

Context

config>service>vprn

Platforms

7210 SAS-Mxp

Description

This command causes the vrf-export and vrf-target commands to include BGP-VPN routes installed in the VPRN route table. These routes are usually not readvertisable as VPN-IP routes because of split horizon.

When a BGP-VPN route is reexported, the route distinguisher and label values are rewritten according to the configuration of the reexporting VPRN.

Note:

  • This command requires the VPRN context to be shut down and restarted for changes to take effect.

  • This command can be configured only with VPRN loopback interfaces.

Caution:

Ensure that routing updates do not loop back to the source when this command is used, otherwise the routes could become unstable.

The no form of this command reverts to the default value.

Default

no allow-export-bgp-vpn

auto-bind-tunnel
Syntax

auto-bind-tunnel

Context

config>service>vprn

Platforms

Supported on all 7210 SAS platforms as described in this document

Description

Commands in this context configure automatic binding of a VPRN service using tunnels to MP-BGP peers.

The user must configure the resolution option to enable auto-bind resolution to tunnels in the TTM. If the resolution option is explicitly set to disabled, auto-binding to tunnels is removed.

If the resolution is set to any, any supported tunnel type in a VPRN context is selected following the TTM preference. If one or more explicit tunnel types are specified using the resolution-filter option, only these tunnel types are selected again following the TTM preference.

The user must set the resolution command to filter to activate the list of tunnel types configured under resolution-filter.

When an explicit SDP to a BGP next hop is configured in a VPRN service (using the configure service vprn spoke-sdp command), it overrides the auto-bind-tunnel selection for that BGP next hop only. There is no support for reverting automatically to the auto-bind-tunnel selection if the explicit SDP goes down. The user must delete the explicit spoke-SDP in the VPRN service context to resume using the auto-bind-tunnel selection for the BGP next hop.

resolution
Syntax

resolution {any | filter | disabled}

Context

config>service>vprn>auto-bind-tunnel

Platforms

Supported on all 7210 SAS platforms as described in this document

Description

This command configures the resolution mode in the automatic binding of a VPRN service to tunnels to MP-BGP peers.

Parameters
any

Keyword that enables the binding to any supported tunnel type in the VPRN context following the TTM preference.

filter

Keyword that enables the binding to the subset of tunnel types configured under resolution-filter.

disabled

Keyword that disables the automatic binding of a VPRN service to tunnels to MP-BGP peers.

resolution-filter
Syntax

resolution-filter

Context

config>service>vprn>auto-bind-tunnel

Platforms

Supported on all 7210 SAS platforms as described in this document

Description

Commands in this context configure the subset of tunnel types that can be used in the resolution of VPRN prefixes within the automatic binding of VPRN services to tunnels to MP-BGP peers.

The following tunnel types are supported in a VPRN context: RSVP, LDP, and segment routing (SR). The BGP tunnel type is not explicitly configured and is therefore implicit. It is always preferred over any other tunnel type enabled in the auto-bind-tunnel context.

ldp
Syntax

[no] ldp

Context

config>service>vprn>auto-bind-tunnel>res-filter

Platforms

Supported on all 7210 SAS platforms as described in this document

Description

This command specifies the use of LDP tunnel types for the resolution of VPRN prefixes within the automatic binding of VPRN services to tunnels to MP-BGP peers.

When ldp is specified, BGP searches for an LDP LSP with a FEC prefix corresponding to the address of the BGP next hop.

The no form of this command disables the use of LDP tunnel types for the resolution of VPRN prefixes within the automatic binding of VPRN services to tunnels to MP-BGP peers.

Default

no ldp

rsvp
Syntax

[no] rsvp

Context

config>service>vprn>auto-bind-tunnel>res-filter

Platforms

Supported on all 7210 SAS platforms as described in this document

Description

This command specifies the use of RSVP tunnel types for the resolution of VPRN prefixes within the automatic binding of VPRN services to tunnels to MP-BGP peers.

When rsvp is specified, BGP searches for the best metric RSVP LSP to the address of the BGP next hop. This address can correspond to the system interface or to another loopback used by the BGP instance on the remote node. The LSP metric is provided by MPLS in the tunnel table. In the case of multiple RSVP LSPs with the same lowest metric, BGP selects the LSP with the lowest tunnel-id.

The no form of this command disables the use of RSVP tunnel types for the resolution of VPRN prefixes within the automatic binding of VPRN service to tunnels to MP-BGP peers.

Default

no rsvp

sr-isis
Syntax

[no] sr-isis

Context

config>service>vprn>auto-bind-tunnel>res-filter

Platforms

7210 SAS-Mxp, 7210 SAS-Sx/S 1/10GE (standalone mode), and 7210 SAS-Sx 10/100GE (standalone mode)

Description

This command configures the use of SR-ISIS tunnel types for the resolution of VPRN prefixes within the automatic binding of VPRN service to tunnels to MP-BGP peers.

When this command is specified, an SR tunnel to the BGP next hop is selected in the TTM from the lowest numbered IS-IS instance.

The no form of this command disables the use of SR-ISIS tunnel types for the resolution of VPRN prefixes within the automatic binding of VPRN service to tunnels to MP-BGP peers.

Default

no sr-isis

sr-ospf
Syntax

[no] sr-ospf

Context

config>service>vprn>auto-bind-tunnel>res-filter

Platforms

7210 SAS-Mxp, 7210 SAS-Sx/S 1/10GE (standalone mode), and 7210 SAS-Sx 10/100GE (standalone mode)

Description

This command configures the use of SR-OSPF tunnel types for the resolution of VPRN prefixes within the automatic binding of VPRN service to tunnels to MP-BGP peers.

When sr-ospf is specified, an SR tunnel to the BGP next hop is selected in the TTM from the lowest numbered OSPF instance.

The no form of this command disables the use of SR-OSPF tunnel types for the resolution of VPRN prefixes within the automatic binding of VPRN service to tunnels to MP-BGP peers.

Default

no sr-ospf

autonomous-system
Syntax

autonomous-system as-number

no autonomous-system

Context

config>service>vprn

Platforms

Supported on all 7210 SAS platforms as described in this document

Description

This command defines the autonomous system (AS) to be used by this VPN routing/forwarding (VRF).

The no form of this command removes the defined AS from this VPRN context.

Default

no autonomous-system

Parameters
as-number

Specifies the AS number for the VPRN service.

Values

1 to 4294967295

enable-bgp-vpn-backup
Syntax

enable-bgp-vpn-backup [ipv4] [ipv6]

no enable-bgp-vpn-backup

Context

config>service>vprn

Platforms

Supported on all 7210 SAS platforms as described in this document

Description

This command enables only imported BGP-VPN routes from the remote PE to be considered when selecting the primary and backup paths. This command is required to support fast failover of ingress traffic from one remote PE to another remote PE.

Note:

7210 SAS platforms do not consider multiple paths learned from CE BGP peers when selecting primary and backup paths to reach the CE.

Default

no enable-bgp-vpn-backup

Parameters
ipv4

Keyword that allows BGP-VPN routes to be used as backup paths for IPv4 prefixes.

ipv6

Keyword that allows BGP-VPN routes to be used as backup paths for IPv6 prefixes.

vpls
Syntax

vpls service-name

Context

config>service

config>service>ies>if

config>service>vprn>if

Platforms

Supported on all 7210 SAS platforms as described in this document

Description

This command, in the IP interface context, is used to bind the IP interface to the specified service name.

The system does not attempt to resolve the provided service name until the IP interface is placed into the administratively up state (no shutdown). When the IP interface is administratively up, the system scans the available VPLS services that have the allow-ip-int-binding flag set for a VPLS service associated with the name. If the service name is bound to the service name when the IP interface is already in the administratively up state, the system immediately attempts to resolve the specific name.

If a VPLS service is found associated with the name and has the allow-ip-int-binding flag set, the IP interface is attached to the VPLS service, allowing routing to and from the service virtual ports when the IP interface is operational.

A VPLS service associated with the specified name that does not have the allow-ip-int-binding flag set, or a non-VPLS service associated with the name, is ignored and is not attached to the IP interface.

If the service name is applied to a VPLS service after the service name is bound to an IP interface and the VPLS service allow-ip-int-binding flag is set at the time the name is applied, the VPLS service is automatically resolved to the IP interface if the interface is administratively up or when the interface is placed in the administratively up state.

If the service name is applied to a VPLS service without the allow-ip-int-binding flag set, the system does not attempt to resolve the applied service name to an existing IP interface bound to the name. To rectify this condition, the flag must first be set, and then the IP interface must enter or reenter the administratively up state.

While the specified service name may be assigned to only one service context in the system, it is possible to bind the same service name to more than one IP interface. If two or more IP interfaces are bound to the same service name, the first IP interface to enter the administratively up state (if currently administratively down) or to reenter the administratively up state (if currently administratively up) when a VPLS service is configured with the name and has the allow-ip-int-binding flag set is attached to the VPLS service. Only one IP interface is allowed to attach to a VPLS service context. No error is generated for the remaining non-attached IP interfaces using the service name.

When an IP interface is attached to a VPLS service, the name associated with the service cannot be removed or changed until the IP interface name binding is removed. Also, the allow-ip-int-binding flag cannot be removed until the attached IP interface is unbound from the service name. Unbinding the service name from the IP interface causes the IP interface to detach from the VPLS service context. The IP interface may then be bound to another service name, or a SAP or SDP binding may be created for the interface using the SAP or spoke-SDP commands on the interface.

Parameters
service-name

Specifies the service name that the system attempts to resolve to an allow-ip-int-binding enabled VPLS service associated with the name. This parameter is required when using the IP interface vpls command. The specified name is expressed as an ASCII string comprised of up to 32 characters. It does not need to already be associated with a service and the system does not check to ensure that multiple IP interfaces are not bound to the same name.

interface
Syntax

interface ip-int-name

no interface ip-int-name

Context

config>service>ies

config>service>vprn

Platforms

Supported on all 7210 SAS platforms as described in this document

Description

This command configures a logical IP routing interface for a VPRN. When created, attributes such as an IP address and Service Access Point (SAP) can be associated with the IP interface.

The interface command, under the context of services, is used to create and maintain IP routing interfaces within VPRN service IDs. The interface command can be executed in the context of an IES service ID. The IP interface created is associated with the service core network routing instance and default routing.

Interface names are case sensitive and must be unique within the group of defined IP interfaces defined for config service vprn interface (that is, the network core router instance). Interface names must not be in the dotted-decimal notation of an IP address. For example, the name ‟1.1.1.1” is not allowed but ‟int-1.1.1.1” is allowed. Show commands for router interfaces use either interface names or the IP addresses. Use unique IP address values and IP address names to maintain clarity. It could be unclear if the same IP address and IP address name values are used. Although not recommended, duplicate interface names can exist in different router instances.

When a new name is entered, a new logical router interface is created. When an existing interface name is entered, the user enters the router interface context for editing and configuration.

By default, there are no default IP interface names defined within the system. All VPRN IP interfaces must be explicitly defined. Interfaces are created in an enabled state.

The no form of this command removes the IP interface and all the associated configuration. The interface must be administratively shut down before issuing the no interface command.

For IES services, the IP interface must be shut down before the SAP on that interface may be removed.

Parameters
ip-int-name

Specifies the name of the IP interface. Interface names must be unique within the group of defined IP interfaces for config router interface and config service vprn interface commands. An interface name cannot be in the form of an IP address. Interface names can be from 1 to 32 alphanumeric characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.

If ip-int-name already exists within the service ID, the context is changed to maintain that IP interface. If ip-int-name already exists within another service ID, an error occurs, and the context is not changed to that IP interface. If ip-int-name does not exist, the interface is created and context is changed to that interface for further command processing.

ingress
Syntax

ingress

Context

config>service>ies>if>vpls

config>service>vprn>if>vlps

Platforms

Supported on all 7210 SAS platforms as described in this document

Description

Commands in this context define the VPLS routed ip-filter-id optional filter overrides.

enable-table-classification
Syntax

[no] enable-table-classification

Context

config>service>vprn>if>vpls>ingress

Platforms

7210 SAS-Mxp.

Description

This command enables and disables the use of IP DSCP table-based classification to assign forwarding class (FC) and profile on a per-interface ingress basis.

The match-criteria configured in the service ingress policy, which require CAM resources, are ignored. Only meters from the service ingress policy are used (and the meters still require CAM resources). If an IP DSCP classification policy is configured in the VPLS SAP ingress policy, it is not used to assign FC and profile.

The no form of this command disables table-based classification. When disabled, the IP ingress packets within a VPLS service attached to the IP interface use the SAP ingress QoS policy applied to the virtual port used by the packets, when defined.

Default

no enable-table-classification

routed-override-qos-policy
Syntax

routed-override-qos-policy policy-id

no routed-override-qos-policy

Context

config>service>vprn>if>vpls>ingress

Platforms

7210 SAS-Mxp.

Description

This command configures an IP DSCP classification policy that is applied to all ingress packets entering the VPLS service. The DSCP classification policy overrides any existing SAP ingress QoS policy applied to SAPs for packets associated with the routing IP interface. The routed override QoS policy is optional, and when it is not defined or removed, the IP routed packets use the existing SAP ingress QoS policy configured on the VPLS virtual port.

The no form of this command removes the IP DSCP classification policy from the ingress IP interface. When removed, the IP ingress routed packets within a VPLS service attached to the IP interface use the SAP ingress QoS policy applied to the virtual port used by the packets, when defined.

Default

no routed-override-qos-policy

Parameters
policy-id

Specifies the ID for the routed override QoS policy. Allowed values are an integer that corresponds to an IP DSCP classification policy previously created in the configure>qos>dscp-classification context.

Values

1 to 65535

v4-routed-override-filter
Syntax

v4-routed-override-filter ip-filter-id

no v4-routed-override-filter

Context

config>service>ies>if>vpls>ingress

config>service>vprn>if>vpls>ingress

Platforms

Supported on all 7210 SAS platforms as described in this document

Description

This command specifies an IP filter ID that is applied to all ingress packets entering the VPLS service. The filter overrides any existing ingress IP filter applied to SAPs or SDP bindings for packets associated with the routing IP interface. The override filter is optional, and when it is not defined or is removed, the IP routed packets use the existing ingress IP filter on the VPLS virtual port.

The no form of this command is used to remove the IP routed override filter from the ingress IP interface. When removed, the IP ingress routed packets within a VPLS service attached to the IP interface use the IP ingress filter applied to the packets virtual port, when defined.

Parameters
ip-filter-id

Specifies the ID for the IP filter policy. Allowed values are an integer that corresponds to an IP filter policy previously created in the configure>filter>ip-filter context.

Values

1 to 65535

igmp
Syntax

igmp

Context

config>service>vprn

Platforms

7210 SAS-T (network operating mode), 7210 SAS-Mxp

Description

Commands in this context configure IGMP parameters.

interface
Syntax

interface ip-int-name

no interface

Context

config>service>vprn>igmp

Platforms

7210 SAS-T, 7210 SAS-Mxp

Description

This command configures IGMP interface parameters.

Parameters
ip-int-name

Specifies the name of the IP interface. Interface names can be from 1 to 32 alphanumeric characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.

import
Syntax

import policy-name

no import

Context

config>service>vprn>igmp>if

Platforms

7210 SAS-T (network operating mode), 7210 SAS-Mxp

Description

This command imports a policy to filter IGMP packets.

The no form of this command removes the policy association from the IGMP instance.

Default

no import

Parameters
policy-name

Specifies the import route policy name. Allowed values are any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.

The specified names must already be defined.

disable-router-alert-check
Syntax

disable-router-alert-check

no disable-router-alert-check

Context

config>service>vprn>igmp>if

Platforms

7210 SAS-T (network operating mode), 7210 SAS-Mxp

Description

This command enables the IGMP router alert check option.

The no form of this command disables the router alert check.

max-sources
Syntax

max-sources sources

no max-sources

Context

config>service>vprn>igmp>if

Platforms

7210 SAS-T (network operating mode), 7210 SAS-Mxp

Description

This command specifies the maximum number of sources for which IGMP can have local receiver information, based on received IGMP reports on this interface. When this configuration is changed dynamically to a value lower than the currently accepted number of sources, the sources that are already accepted are not deleted. Only new sources are not allowed.

Parameters
sources

Specifies the maximum number of sources for this interface.

Values

1 to 1000

max-groups
Syntax

max-groups value

no max-groups

Context

config>service>vprn>igmp>if

Platforms

7210 SAS-T (network operating mode), 7210 SAS-Mxp

Description

This command specifies the maximum number of groups for which IGMP can have local receiver information based on received IGMP reports on this interface. When this configuration is changed dynamically to a value lower than the currently accepted number of groups, the groups that are already accepted are not deleted. Only new groups are not allowed. By default, there is no limit to the number of groups.

Default

0

Parameters
value

Specifies the maximum number of groups for this interface.

Values

1 to 1000

static
Syntax

static

Context

config>service>vprn>igmp>if

Platforms

7210 SAS-T (network operating mode), 7210 SAS-Mxp

Description

This command tests forwarding on an interface without a receiver host. When enabled, data is forwarded to an interface without receiving membership reports from host members.

group
Syntax

[no] group grp-ip-address

Context

config>service>vprn>igmp>if>static

Platforms

7210 SAS-T (network operating mode), 7210 SAS-Mxp

Description

This command adds a static multicast group either as a (*,G) or one or more (S,G) records. Use IGMP static group memberships to test multicast forwarding without a receiver host. When IGMP static groups are enabled, data is forwarded to an interface without receiving membership reports from host members.

When static IGMP group entries on point-to-point links that connect routers to a rendezvous point (RP) are configured, the static IGMP group entries do not generate join messages toward the RP.

Parameters
grp-ip-address

Specifies an IGMP multicast group address that receives data on an interface. The IP address must be unique for each static group. The address must be in dotted-decimal notation.

source
Syntax

[no] source ip-address

Context

config>service>vprn>igmp>if>static>group

Platforms

7210 SAS-T (network operating mode), 7210 SAS-Mxp

Description

This command specifies the source address of the multicast group, which is an IPv4 unicast address. By specifying the source address, a multicast receiver host signals to the router that the multicast group only receives multicast traffic from this specific source.

The source command and the specification of individual sources for the same group are mutually exclusive.

The source command, in combination with the group command, is used to create a specific (S,G) static group entry.

The no form of this command removes the source from the configuration.

Parameters
ip-address

Specifies the IPv4 unicast address.

Values

a.b.c.d

starg
Syntax

[no] starg

Context

config>service>vprn>igmp>if>static>group

Platforms

7210 SAS-T (network operating mode), 7210 SAS-Mxp

Description

This command adds a static (*,G) entry. This command can be enabled only if no existing source addresses for this group are specified.

The no form of this command removes the starg entry from the configuration.

subnet-check
Syntax

[no] subnet-check

Context

config>service>vprn>igmp>if

Platforms

7210 SAS-T (network operating mode), 7210 SAS-Mxp

Description

This command enables subnet checking for IGMP messages received on this interface. All IGMP packets with a source address that is not in the local subnet are dropped.

Default

enabled

version
Syntax

version version

no version

Context

config>service>vprn>igmp>if

Platforms

7210 SAS-T (network operating mode), 7210 SAS-Mxp

Description

This command specifies the IGMP version. If routers run different versions of IGMP, they negotiate the lowest common version of IGMP that is supported by hosts on their subnet and operate in that version. For IGMP to function correctly, all routers on a LAN should be configured to run the same version of IGMP on that LAN.

For IGMPv3, a multicast router that is also a group member performs both parts of IGMPv3, receiving and responding to its own IGMP message transmissions as well as those of its neighbors.

Default

3

Parameters
version

Specifies the IGMP version number.

Values

1, 2, 3

query-interval
Syntax

query-interval seconds

no query-interval

Context

config>service>vprn>igmp

Platforms

7210 SAS-T (network operating mode), 7210 SAS-Mxp

Description

This command configures the frequency that the querier router transmits general host-query messages. The host-query messages solicit group membership information which are sent to the all-systems multicast group address, 224.0.0.1.

Default

125

Parameters
seconds

Specifies the time frequency, in seconds, that the router transmits general host-query messages.

Values

2 to 1024

query-last-member-interval
Syntax

query-last-member-interval seconds

Context

config>service>vprn>igmp

Platforms

7210 SAS-T (network operating mode), 7210 SAS-Mxp

Description

This command configures the frequency at which the querier sends group-specific query messages, including messages sent in response to leave-group messages. The shorter the interval, the faster the detection of the loss of the last member of a group.

Default

1

Parameters
seconds

Specifies the frequency, in seconds, at which query messages are sent.

Values

1 to 1024

query-response-interval
Syntax

query-response-interval seconds

Context

config>service>vprn>igmp

Platforms

7210 SAS-T (network operating mode), 7210 SAS-Mxp

Description

This command configures how long the querier router waits to receive a response to a host-query message from a host.

Default

10

Parameters
seconds

Specifies the length of time to wait to receive a response to the host-query message from the host.

Values

1 to 1023

robust-count
Syntax

robust-count robust-count

no robust-count

Context

config>service>vprn>igmp

Platforms

7210 SAS-T (network operating mode), 7210 SAS-Mxp

Description

This command configures the robust count. The robust-count parameter allows adjusting for the expected packet loss on a subnet. If a subnet anticipates losses, the robust-count can be increased.

Default

2

Parameters
robust-count

Specifies the robust count value.

Values

2 to 10

ssm-translate
Syntax

igmp

Context

config>service>vprn>igmp

config>service>vprn>igmp>if

Platforms

7210 SAS-T (network operating mode), 7210 SAS-Mxp

Description

This command configures group ranges that are translated to SSM (S,G) entries. If the static entry needs to be created, it must be translated from an IGMPv1 or IGMPv2 request to a Source Specific Multicast (SSM) join request. An SSM translate source can be added only when the starg command is not enabled. An error message is generated when attempting to configure the source command while starg command is enabled.

grp-range
Syntax

[no] grp-range start end

Context

config>service>vprn>igmp>ssm-translate

config>service>vprn>igmp>if>ssm-translate

Platforms

7210 SAS-T (network operating mode), 7210 SAS-Mxp

Description

This command configures group ranges that are translated to SSM (S,G) entries.

Parameters
start

Specifies an IP address for the start of the group range.

end

Specifies an IP address for the end of the group range. This value should always be greater than or equal to the value of the start value.

source
Syntax

[no] source ip-address

Context

config>service>vprn>igmp>ssm-translate

config>service>vprn>igmp>if>ssm-translate

Platforms

7210 SAS-T (network operating mode), 7210 SAS-Mxp

Description

This command specifies the source IP address for the group range. Whenever a (*,G) report is received in the range specified by grp-range start and end parameters, it is translated to an (S,G) report with the value of this object as the source address.

Parameters
ip-address

Specifies the IP address that is sending data.

maximum-ipv6-routes
Syntax

maximum-ipv6-routes number [log-only] [threshold percent]

no maximum-ipv6-routes

Context

config>service>vprn

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the maximum number of remote IPv6 routes that can be held within a VRF context. Local, host, static, and aggregate routes are not counted.

The VPRN service ID must be in a shutdown state before the maximum-ipv6-routes command parameters can be modified.

If the log-only keyword is not specified, and the maximum-ipv6-routes value is set below the existing number of routes in a VRF, the offending RIP peer (if applicable) is brought down (but the VPRN instance remains up). BGP peering remains up, but the exceeding BGP routes are not added to the VRF.

The maximum route threshold can dynamically change to increase the number of supported routes, even when the maximum is already reached. Protocols resubmit the routes that were initially rejected.

The no form of this command disables any limit on the number of routes within a VRF context. Issue the no form of this command only when the VPRN instance is shut down.

Default

0 or disabled

Parameters
number

Specifies an integer that specifies the maximum number of routes to be held in a VRF context.

Values

1 to 2147483647

log-only

Specifies that if the maximum limit is reached, the event only is logged. The log-only keyword does not disable the learning of new routes.

threshold percent

Specifies the percentage at which a warning log message and SNMP trap should be set. There are two warning levels: mid-level and high-level. A mid-level warning occurs when the threshold percent value is reached, and a high-level warning occurs at the halfway level between the maximum number of IPv6 routes and the percent value ([max + mid] / 2).

Values

0 to 100

maximum-routes
Syntax

maximum-routes number [log-only] [threshold percent]

no maximum-routes

Context

config>service>vprn

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the maximum number of remote routes that can be held within a VRF context. Local, host, static, and aggregate routes are not counted.

The VPRN service ID must be in a shutdown state before maximum-routes command parameters can be modified.

If the log-only parameter is not specified and the maximum-routes value is set below the existing number of routes in a VRF, the offending RIP peer (if applicable) is brought down (but the VPRN instance remains up). BGP peering remains up, but the exceeding BGP routes are not added to the VRF.

The maximum route threshold can dynamically change to increase the number of supported routes even when the maximum has already been reached. Protocols resubmit the routes that were initially rejected.

The no form of this command disables any limit on the number of routes within a VRF context. Issue the no form of this command only when the VPRN instance is shut down.

Default

0 or disabled

Parameters
number

Specifies the maximum number of routes to be held in a VRF context.

Values

1 to 2147483647

log-only

Specifies that if the maximum limit is reached, only log the event. The log-only keyword does not disable the learning of new routes.

threshold percent

Specifies the percentage at which a warning log message and SNMP trap should be set. There are two warning levels: mid-level and high-level. A mid-level warning occurs when the threshold percent value is reached, and a high-level warning occurs at the halfway level between the maximum number of routes and the percent value ([max + mid] / 2).

Values

0 to 100

route-distinguisher
Syntax

route-distinguisher [ip-address:number | asn:number]

no route-distinguisher

Context

config>service>vprn

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command sets the identifier attached to routes the VPN belongs to. Each routing instance must have a unique route distinguisher (within the carrier domain) associated with it. A route distinguisher must be defined for a VPRN to be operationally active.

Default

no route-distinguisher

Parameters
ip-address:number

Specifies the IP address in dotted-decimal notation. The assigned number must not be greater than 65535.

asn:number

Specifies the AS number 2-byte value less than or equal to 65535. The assigned number can be any 32-bit unsigned integer value.

router-id
Syntax

router-id ip-address

no router-id

Context

config>service>vprn

config>service>vprn>bgp

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command sets the router ID for a specific VPRN context.

If neither the router ID nor system interface are defined, the router ID from the base router context is inherited.

The no form of this command removes the router ID definition from the specific VPRN context.

Default

no router-id

Parameters
ip-address

Specifies the IP address in dotted-decimal notation.

service-name
Syntax

service-name service-name

no service-name

Context

config>service>vprn

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures an optional service name, up to 64 characters, which adds a name identifier to a specific service to use in configuration references and in show commands throughout the system. This helps the service provider/administrator to identify and manage services within the 7210 SAS platforms.

All services are required to assign a service ID to initially create a service. However, either the service ID or the service name can be used to identify and reference a specific service when it is initially created.

Parameters
service-name

Specifies a unique service name to identify the service. Service names may not begin with an integer (0 to 9).

sgt-qos
Syntax

sgt-qos

Context

config>service>vprn

Platforms

7210 SAS-Mxp

Description

Commands in this context configure DSCP/dot1p re-marking for select self-generated traffic.

application
Syntax

application dscp-app-name dscp {dscp-value | dscp-name}

application dot1p-app-name dot1p dot1p-priority

no application {dscp-app-name | dot1p-app-name}

Context

config>service>vprn>sgt-qos

Platforms

7210 SAS-Mxp

Description

This command configures DSCP/dot1p re-marking for self-generated application traffic. When an application is configured using this command, the specified DSCP name/value is used for all packets generated by this application within the router instance it is configured. The instances can be base router, VPRN service, or management.

Using the value configured in this command:

  • Sets the DSCP bits in the IP packet

  • Maps to the FC

  • Based on this FC, the egress QoS policy sets the Ethernet 802.1p and MPLS EXP bits. This includes ARP and IS-IS packets that, due to their nature, do not carry DSCP bits.

  • The DSCP value in the egress IP header is as configured in this command.

Only one DSCP name/value can be configured per application. If multiple entries are configured, the subsequent entry overrides the previously configured entry.

The no form of this command reverts to the default value.

Parameters
dscp-app-name

Specifies the DSCP application name.

Values

bgp, icmp, igmp, ndis, ospf, pim, ssh, telnet, traceroute, vrrp, arp

dscp-value

Specifies a value when this packet egresses the respective egress policy should provide the mapping for the DSCP value to either LSP-EXP bits or IEEE 802.1p (dot1p) bits as appropriate otherwise the default mapping applies.

Values

0 to 63

dscp-name

Specifies the DSCP name.

Values

none, be, ef, cp1, cp2, cp3, cp4, cp5, cp6, cp7, cp9, cs1, cs2, cs3, cs4, cs5, nc1, nc2, af11, af12, af13, af21, af22, af23, af31, af32, af33, af41, af42, af43, cp11, cp13, cp15, cp17, cp19, cp21, cp23, cp25, cp27, cp29, cp31, cp33, cp35, cp37, cp39, cp41, cp42, cp43, cp44, cp45, cp47, cp49, cp50, cp51, cp52, cp53, cp54, cp55, cp57, cp58, cp59, cp60, cp61, cp62, cp63

dot1p-priority

Specifies the dot1p priority.

Values

none, or 0 to 7

dot1p-app-name

Specifies the dot1p application name.

Values

arp, isis

dscp
Syntax

dscp dscp-name fc fc-name

no dscp dscp-name

Context

config>service>vprn>sgt-qos

Platforms

7210 SAS-Mxp

Description

This command creates a mapping between the DiffServ Code Point (DSCP) of the self-generated traffic and the forwarding class.

Self-generated traffic for configured applications that matches the specified DSCP are assigned to the corresponding forwarding class. Multiple commands can be entered to define the association of some or all 64 DSCPs to a forwarding class.

All DSCP names that define a DSCP value must be explicitly defined.

The no form of this command removes the DSCP-to-forwarding class association.

Parameters
dscp-name

Specifies the name of the DSCP to be associated with the forwarding class. A DiffServ code point can only be specified by its name and only an existing DiffServ code point can be specified. The software provides names for the well known code points.

Values

be, ef, cp1, cp2, cp3, cp4, cp5, cp6, cp7, cp9, cs1, cs2, cs3, cs4, cs5, nc1, nc2, af11, af12, af13, af21, af22, af23, af31, af32, af33, af41, af42, af43, cp11, cp13, cp15, cp17, cp19, cp21, cp23, cp25, cp27, cp29, cp31, cp33, cp35, cp37, cp39, cp41, cp42, cp43, cp44, cp45, cp47, cp49, cp50, cp51, cp52, cp53, cp54, cp55, cp57, cp58, cp59, cp60, cp61, cp62, cp63

fc fc-name

Specifies the forwarding class name. Applications and protocols that are configured under the dscp command use the configured IP DSCP value.

Values

be, l2, af, l1, h2, ef, h1, nc

snmp-community
Syntax

snmp-community community-name [version SNMP-version]

no snmp-community [community-name]

Context

config>service>vprn

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command sets the SNMP community name to be used with the associated VPRN instance.

If an SNMP community name is not specified, SNMP access is not allowed.

The no form of this command removes the SNMP community name from the specific VPRN context.

Parameters
community-name

Specifies one or more SNMP community names.

version SNMP-version

Specifies the SNMP version.

Values

v1, v2c, both

source-address
Syntax

source-address

Context

config>service>vprn

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

Commands in this context specify the source address and application that should be used in all unsolicited packets.

application
Syntax

application app [ip-int-name | ip-address]

no application app

Context

config>service>vprn>source-address

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command specifies the source address and application.

Parameters
app

Specifies the application name.

Values

telnet, ssh, traceroute, ping

ip-int-name | ip-address

Specifies the name of the IP interface or IP address. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.

static-route
Syntax

[no] static-route {ip-prefix/prefix-length | ip-prefix netmask} [preference preference] [metric metric] [tag tag] [enable | disable] {next-hop ip-int-name | ip-address | ipsec-tunnel ipsec-tunnel-name} [bfd-enable | {cpe-check cpe-ip-address [interval seconds] [drop-count count] [log]}]

[no] static-route {ip-prefix/prefix-length | ip-prefix netmask} [preference preference] [metric metric] [tag tag] [enable | disable] indirect ip-address [cpe-check cpe-ip-address [interval seconds][drop-count count] [log]]

[no] static-route {ip-prefix/prefix-length | ip-prefix netmask} [preference preference] [metric metric] [tag tag] [enable | disable] black-hole

Context

config>service>vprn

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command creates static route entries within the associated router instance. When configuring a static route, either next-hop, indirect or black-hole must be configured.

The no form of this command deletes the static route entry. If a static route needs to be removed when multiple static routes exist to the same destination, as many parameters to uniquely identify the static route must be entered.

If a CPE connectivity check target address is already being used as the target address in a different static route, cpe-check parameters must match. If they do not, the new configuration command are rejected.

If a static-route command is issued with no cpe-check target but the destination prefix/netmask and next-hop matches a static route that did have an associated cpe-check, the cpe-check test is removed from the associated static route.

Parameters
ip-prefix

Specifies the destination address of the aggregate route in dotted-decimal notation.

Values

ipv4-prefix

a.b.c.d (host bits must be 0)

ipv4-prefix-length

0 to 32

ipv6-prefix

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x:

[0 to FFFF]H

d:

[0 to 255]D

ipv6-prefix-length

0 to 128

netmask

Specifies the subnet mask in dotted-decimal notation.

Values

a.b.c.d (network bits all 1 and host bits all 0)

ip-int-name

Specifies the name of the IP interface. Interface names must be unique within the group of defined IP interfaces for config router interface and config service ies interface commands. An interface name cannot be in the form of an IP address. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed with

ip-address

Specifies the IP address of the IP interface. The ip-addr portion of the address command specifies the IP host address that is used by the IP interface within the subnet. This address must be unique within the subnet and specified in dotted-decimal notation.

Values

ipv4-address a.b.c.d (host bits must be 0)

enable

Static routes can be administratively enabled or disabled. Use the enable parameter to re-enable a disabled static route. To enable a static route, it must be uniquely identified by the IP address, mask, and any other parameter that is required to identify the exact static route.

The administrative state is maintained in the configuration file.

Default

enable

disable

Static routes can be administratively enabled or disabled. Use the disable parameter to disable a static route while maintaining the static route in the configuration. To enable a static route, it must be uniquely identified by the IP address, mask, and any other parameter that is required to identify the exact static route.

The administrative state is maintained in the configuration file.

Default

enable

interval seconds

Specifies the interval between ICMP pings to the target IP address.

Values

1 to 255 seconds

Default

1 seconds

drop-count count

Specifies the number of consecutive ping-replies that must be missed to declare the CPE down and to de-active the associated static route.

Values

Value range: 1 to 255

Default

3

log

This optional parameter enables the ability to log transitions between active and in-active based on the CPE connectivity check. Events should be sent to the system log, syslog and SNMP traps.

next-hop [ip-address | ip-int-name]

Specifies the directly connected next hop IP address used to reach the destination. If the next hop is over an unnumbered interface, the ip-int-name of the unnumbered interface (on this node) can be configured.

The next-hop keyword and the indirect or black-hole keywords are mutually exclusive. If an identical command is entered (with the exception of either the indirect or black-hole parameters), this static route is replaced with the newly entered command, and unless specified, the respective defaults for preference and metric are applied.

The ip-addr configured here can be either on the network side or the access side on this node. This address must be associated with a network directly connected to a network configured on this node.

ipsec-tunnel ipsec-tunnel-name

Specifies an IPSec tunnel name up to 32 characters.

indirect ip-address

Specifies that the route is indirect and specifies the next hop IP address used to reach the destination.

The configured ip-addr is not directly connected to a network configured on this node. The destination can be reachable via multiple paths. The static route remains valid as long as the address configured as the indirect address remains a valid entry in the routing table. Indirect static routes cannot use an ip-prefix/mask to another indirect static route.

The indirect keyword and the next-hop or black-hole keywords are mutually exclusive. If an identical command is entered (with the exception of either the next-hop or black-hole parameters), this static route is replaced with the newly entered command and unless specified the respective defaults for preference and metric are applied.

The ip-addr configured can be either on the network or the access side and is at least one hop away from this node.

black-hole

Specifies a blackhole route, meaning that if the destination address on a packet matches this static route it is silently discarded.

The black-hole keyword is mutually exclusive with either the next-hop or indirect keywords. If an identical command is entered, with exception of either the next-hop or indirect parameters, the static route is replaced with the new command, and unless specified, the respective defaults for preference and metric are applied.

preference preference

Specifies the preference of this static route (as opposed to the routes from different sources such as BGP or OSPF), expressed as a decimal integer. When modifying the preference value of an existing static route, unless specified, the metric does not change.

If multiple routes are learned with an identical preference using the same protocol, the lowest cost route is used. If multiple routes are learned with an identical preference using the same protocol and the costs (metrics) are equal, the decision of which route to use is determined by the configuration of the ECMP command.

Values

1 to 255

Default

5

metric metric

Specifies the cost metric for the static route, expressed as a decimal integer. This value is used when importing this static route into other protocols such as OSPF. This value is also used to determine the static route to install in the forwarding table: When modifying the metrics of an existing static route, unless specified, the preference does not change.

If there are multiple static routes with the same preference but unequal metrics, the lower cost (metric) route is installed. If there are multiple static routes with equal preference and metrics, ECMP rules apply. If there are multiple routes with unequal preferences, the lower preference route is installed.

Values

0 to 65535

Default

1

tag

Adds a 32-bit integer tag to the static route. The tag is used in route policies to control distribution of the route into other protocols.

Values

1 to 4294967295

bfd-enable

Associates the state of the static route to a BFD session between the local system and the configured nexthop. This keyword cannot be configured if the nexthop is indirect or a blackhole keywords are specified.

NOTE: For more information about the protocols and platforms that support BFD, see the 7210 SAS-Mxp, R6, R12, S, Sx, T Router Configuration Guide.

cpe-check target-ip-address

Specifies the IP address of the target CPE device. ICMP pings are sent to this target IP address. This parameter must be configured to enable the CPE connectivity feature for the associated static route. The target-ip-address cannot be in the same subnet as the static route subnet to avoid possible circular references. This option is mutually exclusive with BFD support on a specific static route.

Default

no cpe-check enabled

vrf-export
Syntax

vrf-export policy [policy...]

no vrf-export

Context

config>service>vprn

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command specifies the export policies to control routes exported from the local VPN routing/forwarding (VRF) to other VRFs on the same or remote PE routers (via MP-BGP).

The no form of this command removes all route policy names from the export list.

Parameters
policy

Specifies the route policy statement name.

vrf-import
Syntax

vrf-import policy [policy...]

no vrf-import

Context

config>service>vprn

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command sets the import policies to control routes imported to the local VPN routing/ forwarding (VRF) from other VRFs on the same or remote PE routers (via MP-BGP). BGP-VPN routes imported with a vrf-import policy use the BGP preference value of 170 when imported from remote PE routers, or retain the protocol preference value of the exported route when imported from other VRFs on the same router, unless the preference is changed by the policy.

The no form of this command removes all route policy names from the import list.

Parameters
policy

Specifies the route policy statement name.

vrf-target
Syntax

vrf-target {ext-community | export ext-community | import ext-community}

no vrf-target

Context

config>service>vprn

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command facilitates a simplified method to configure the route target to be added to advertised routes or compared against received routes from other VRFs on the same or remote PE routers (via MP-BGP).

BGP-VPN routes imported with a vrf-target statement use the BGP preference value of 170 when imported from remote PE routers, or retain the protocol preference value of the exported route when imported from other VRFs in the same router.

Specified vrf-import or vrf-export policies override the vrf-target policy.

The no form of this command removes the vrf-target.

Default

no vrf-target

Parameters
ext-comm

Specifies an extended BGP community in the type:x:y format. The value x can be an integer or IP address. The type can be the target or origin. x and y are 16-bit integers.

Values

ip-addr:comm-val | 2byte-asnumber:ext-comm-val | 4byte-asnumber:comm-val

where:

ip-addr — IP address in the form a.b.c.d.

comm-val — 0 to 65535

2byte-asnumber — 0 to 65535

ext-comm-val — 0 to 4294967295

4byte-asnumber — 0 to 4294967295

import ext-community

Specifies communities allowed to be accepted from remote PE neighbors.

export ext-community

Specifies communities allowed to be sent to remote PE neighbors.

Multicast VPN commands
mvpn
Syntax

mvpn

Context

config>service>vprn

Platforms

7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)

Description

Commands in this context configure MVPN-related parameters for the IP VPN.

auto-discovery
Syntax

[no] auto-discovery [default]

Context

config>service>vprn>mvpn

Platforms

7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)

Description

This command enables MVPN membership auto-discovery through BGP. When auto-discovery is enabled, PIM peering on the inclusive provider tunnel is disabled.

The no form of this command disables MVPN membership auto-discovery through BGP.

Default

enabled

Parameters
default

Enables AD route exchange based on format defined in draft-ietf-l3vpn-2547bis-mcast-10.

c-mcast-signaling
Syntax

c-mcast-signaling bgp

no c-mcast-signaling

Context

config>service>vprn>mvpn

Platforms

7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)

Description

This command specifies BGP or PIM, for PE-to-PE signaling of CE multicast states.

Changes may only be made to this command when the mvpn node is shutdown.

The no form of this command reverts it back to the default.

Default

mcast-signaling bgp

Parameters
bgp

Specifies to use BGP for PE-to-PE signaling of CE multicast states. Auto-discovery must be enabled.

intersite-shared
Syntax

intersite-shared

no intersite-shared

Context

config>service>vprn>mvpn

Platforms

7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)

Description

This command specifies whether to use inter-site shared C-trees.

Default

intersite-shared

mdt-type
Syntax

mdt-type {sender-receiver | sender-only | receiver-only}

no mdt-type

Context

config>service>vprn>mvpn

Platforms

7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)

Description

This command restricts MVPN instances per PE node to a specific role. By default, the MVPN instance on a specific PE node assumes the role of sender and receiver. This creates a mesh of MDT/PMSI across all PE nodes from this PE.

This command provides an option to configure either a sender-only or receiver-only mode per PE node. Restricting the PE node to a specific role prevents the creation of full mesh of MDT/PMSI across all participating PE nodes in the MVPN instance.

The auto-rp-discovery command cannot be enabled together with the mdt-type sender-only, mdt-type receiver-only, or wildcard-spmsi configurations.

The no form of this command reverts to the default value.

Default

mdt-type sender-receiver

Parameters
sender-receiver

Keyword to connect both senders and receivers to the PE node for MVPN.

sender-only

Keyword to connect only senders to the PE node for MVPN.

receiver-only

Keyword to connect only receivers to the PE node for MVPN.

provider-tunnel
Syntax

provider-tunnel

Context

config>service>vprn>mvpn

Platforms

7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)

Description

Commands in this context configure tunnel parameters for the MVPN.

inclusive
Syntax

inclusive

Context

config>service>vprn>mvpn>pt

Platforms

7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)

Description

Commands in this context specify inclusive provider tunnels

bsr
Syntax

bsr {unicast | spmsi}

no bsr

Context

config>service>vprn>mvpn>pt>inclusive

Platforms

7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)

Description

This command configures the type of bootstrap router (BSR) signaling used.

The no form of this command restores the default.

Default

no bsr

Parameters
unicast

Keyword to send or forward BSR PDUs using unicast PDUs (default).

spmsi

Keyword to send or forward BSR PDUs using S-PMSI full mesh.

mldp
Syntax

mldp

no mldp

Context

config>service>vprn>mvpn>provider-tunnel>inclusive

config>service>vprn>mvpn>provider-tunnel>selective

Platforms

7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)

Description

This command enables the use of mLDP LSP for the provider tunnel.

Default

no mldp

shutdown
Syntax

shutdown

no shutdown

Context

config>service>vprn>mvpn>provider-tunnel>inclusive>mldp

config>service>vprn>mvpn>provider-tunnel>selective>mldp

Platforms

7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)

Description

This command administratively disables and enables the use of mLDP LSP for the provider tunnel.

Default

no shutdown

rsvp
Syntax

rsvp

no rsvp

Context

config>service>vprn>mvpn>pt>inclusive

config>service>vprn>mvpn>pt>selective

Platforms

7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)

Description

This command enables use of P2MP RSVP as the inclusive or selective provider tunnel

The no form of this command removes the rsvp context, including all the statements in the context.

Default

no rsvp

lsp-template
Syntax

lsp-template lsp-template

no lsp-template

Context

config>service>vprn>mvpn>pt>inclusive>rsvp

config>service>vprn>mvpn>pt>exclusive>rsvp

Platforms

7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)

Description

This command configures the use of an automatically created P2MP LSP as the inclusive or selective provider tunnel. The P2MP LSP is signaled using the parameters specified in the template, such as bandwidth constraints.

The no form of the command removes the configuration.

Default

no lsp-template

Parameters
lsp-template

Specifies the LSP template name, up to 32 characters.

shutdown
Syntax

shutdown

no shutdown

Context

config>service>vprn>mvpn>pt>inclusive>rsvp

config>service>vprn>mvpn>pt>selective>rsvp

Platforms

7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)

Description

This command administratively disables the use of RSVP P2MP LSP for the inclusive or selective provider tunnel.

The no form of this command administratively enables the use of RSVP P2MP LSP for the provider tunnel.

Default

no shutdown

wildcard-spmsi
Syntax

wildcard-spmsi

no wildcard-spmsi

Context

config>service>vprn>mvpn>pt>inclusive

Platforms

7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)

Description

This command enables RFC 6625 (C-*, C-*) S-PMSI functionality for NG-MVPN. When enabled, (C-*, C-*) S-PMSI is used instead of I-PMSI for this MVPN. Wildcard S-PMSI uses the I-PMSI LSP template.

The auto-rp-discovery command cannot be enabled together with mdt-type sender-only or mdt-type receiver-only, or wildcard-spmsi configurations.

The no form of this command disables the (C-*, C-*) S-PMSI functionality.

Default

no wildcard-spmsi

selective
Syntax

selective

Context

config>service>vprn>mvpn>provider-tunnel

Platforms

7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)

Description

Commands in this context specify selective provider tunnel parameters.

data-delay-interval
Syntax

data-delay-interval value

no data-delay-interval

Context

config>service>vprn>mvpn>provider-tunnel>selective

Platforms

7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)

Description

This command specifies the interval, in seconds, before a PE router connected to the source switches traffic from the inclusive provider tunnel to the selective provider tunnel.

The no form of this command reverts the value to the default.

Default

data-delay-interval 3

Parameters
value

Specifies the data delay interval, in seconds.

Values

3 to 180

data-threshold
Syntax

data-threshold {c-grp-ip-addr/mask | c-grp-ip-addr netmask}

no data-threshold {c-grp-ip-addr/mask | c-grp-ip-addr netmask}

Context

config>service>vprn>mvpn>provider-tunnel>selective

Platforms

7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)

Description

This command provides an option to the user to specify the group range for which a switch from the inclusive provider tunnel to the selective provider tunnel for C-(S,G) must be triggered. This command provides an option to use selective provide tunnel, independent of the multicast data rate (that is, there is no rate-threshold configuration required). For C-(S,G) groups specified with this command, the selective provider tunnel is used.

Note:

For C-(S,G) groups not configured with the data-threshold command, the inclusive provider tunnel is used.

Multiple statements are allowed in the configuration to specify multiple group ranges.

The no form of this command removes the values from the configuration.

Parameters
c-grp-ip-addr/mask | c-grp-ip-addr netmask

Specifies an IPv4 multicast group address and mask or network mask.

Values

c-grp-ip-addr

multicast group address a.b.c.d

mask

4 to 32

netmask

a.b.c.d (network bits all 1 and host bits all 0)

maximum-p2mp-spmsi
Syntax

[no] maximum-p2mp-spmsi

Context

config>service>vprn>mvpn>provider-tunnel>selective

Platforms

7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)

Description

This command specifies the maximum number of RSVP P2MP or LDP P2MP S-PMSI tunnels for the mVPN. When the limit is reached, no more RSVP P2MP S-PMSI or LDP P2MP S-PMSI is created and traffic over the data-threshold stays on I-PMSI.

Default

maximum-p2mp-spmi 10

Parameters
number

Specifies the maximum number of RSVP P2MP or LDP P2MP S-PMSI tunnel for the mVPN.

Values

1 to 510

umh-selection
Syntax

umh-selection highest-ip

no umh-selection

Context

config>service>vprn>mvpn

Platforms

7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)

Description

This command specifies which UMH selection mechanism to use, highest IP address. The no form of this command resets it back to default.

Default

umh-selection highest-ip

vrf-export
Syntax

vrf-export {unicast | policy-name [policy-name...(up to 15 max)]}

no vrf-export

Context

config>service>vprn>mvpn

Platforms

7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)

Description

This command specifies the export policy (up to 15) to control MVPN routes exported from the local VRF to other VRFs on the same or remote PE routers.

Default

vrf-export unicast

Parameters
unicast

Specifies to use unicast VRF export policy for the MVPN.

policy

Specifies a route policy name.

vrf-import
Syntax

vrf-import {unicast | policy-name [policy-name...(up to 15 max)]}

no vrf-import

Context

config>service>vprn>mvpn

Platforms

7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)

Description

This command specifies the import policy (up to 15) to control MVPN routes imported to the local VRF from other VRFs on the same or remote PE routers.

Default

vrf-import unicast

Parameters
unicast

Specifies to use a unicast VRF import policy for the MVPN.

policy

Specifies a route policy name.

vrf-target
Syntax

vrf-target {unicast | ext-community | export unicast | ext-community | import unicast | ext-community}

no vrf-target

Context

config>service>vprn>mvpn

Platforms

7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)

Description

This command specifies the route target to be added to the advertised routes or compared against the received routes from other VRFs on the same or remote PE routers. vrf-import or vrf-export policies override the vrf-target policy.

The no form of this command removes the vrf-target.

Default

no vrf-target

Parameters
unicast

Specifies to use unicast vrf-target ext-community for the multicast VPN.

ext-comm

Specifies an extended BGP community in the type:x:y format. The value x can be an integer or IP address. The type can be the target or origin. x and y are 16-bit integers.

Values

ip-addr:comm-val | 2byte-asnumber:ext-comm-val | 4byte-asnumber:comm-val

where:

ip-addr — IP address in the form a.b.c.d.

comm-val — 0 to 65535

2byte-asnumber — 1 to 65535

ext-comm-val — 0 to 4294967295

4byte-asnumber — 0 to 4294967295

import ext-community

Specifies communities allowed to be accepted from remote PE neighbors.

export ext-community

Specifies communities allowed to be sent to remote PE neighbors.

export
Syntax

export {unicast | ext-community}

Context

config>service>vprn>mvpn>vrf-target

Platforms

7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)

Description

This command specifies communities to be sent to peers.

Parameters
unicast

Specifies the use of unicast vrf-target ext-community for the multicast VPN.

ext-community

Specifies an extended BGP community in the type:x:y format. The value x can be an integer or IP address. The type can be the target or origin. x and y are 16-bit integers.

Values

ip-addr:comm-val | 2byte-asnumber:ext-comm-val | 4byte-asnumber:comm-val

where:

ip-addr — IP address in the form a.b.c.d.

comm-val — 0 to 65535

2byte-asnumber — 1 to 65535

ext-comm-val — 0 to 4294967295

4byte-asnumber — 0 to 4294967295

import
Syntax

import {unicast | ext-community}

Context

config>service>vprn>mvpn>vrf-target

Platforms

7210 SAS-Mxp, 7210 SAS-T (network mode), and 7210 SAS-Sx/S 1/10GE (standalone mode and standalone-VC mode)

Description

This command specifies communities to be accepted from peers.

Parameters
unicast

Specifies that a unicast vrf-target ext-community is used for the multicast VPN.

ext-community

Specifies an extended BGP community in the type:x:y format. The value x can be an integer or IP address. The type can be the target or origin. x and y are 16-bit integers.

Values

ip-addr:comm-val | 2byte-asnumber:ext-comm-val | 4byte-asnumber:comm-val

where:

ip-addr — IP address in the form a.b.c.d.

comm-val — 0 to 65535

2byte-asnumber — 1 to 65535

ext-comm-val — 0 to 4294967295

4byte-asnumber — 0 to 4294967295

SDP commands
spoke-sdp
Syntax

[no] spoke-sdp sdp-id

Context

config>service>vprn

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command binds a service to an existing Service Distribution Point (SDP). The SDP defines the transport tunnel to which this VPRN service is bound.

The SDP has an operational state that determines the operational state of the SDP within the service. For example, if the SDP is administratively or operationally down, the SDP for the service is down.

The SDP must already exist in the config>service>sdp context before it can be associated with a VPRN service. If the sdp sdp-id is not already configured, an error message is generated. If the sdp-id exists, a binding between the specific sdp-id and the service is created.

SDPs must be explicitly associated and bound to a service to allow far-end 7210 SAS devices can participate in the service.

The no form of this command removes the SDP binding from the service; the SDP configuration is not affected. When the SDP binding is removed, no packets are forwarded to the far-end router.

Default

no sdp-id is bound to a service

Special Cases
VPRN

Several SDPs can be bound to a VPRN service. Each SDP must be destined to a different 7210 SAS router. If two sdp-id bindings terminate on the same 7210 SAS, an error occurs and the second SDP binding is rejected.

Parameters
sdp-id

Specifies the SDP identifier.

Values

1 to 17407

vc-id

Specifies the virtual circuit identifier.

Values

1 to 4294967295

Interface commands
interface
Syntax

interface ip-int-name

no interface ip-int-name

Context

config>service>vprn

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command creates a logical IP routing interface for a VPRN. When created, attributes like an IP address and SAP can be associated with the IP interface.

The interface command, under the context of services, is used to create and maintain IP routing interfaces within VPRN service IDs. The interface command can be executed in the context of an VPRN service ID. The IP interface created is associated with the service core network routing instance and default routing table. The typical use for IP interfaces created in this manner is for subscriber Internet access.

Interface names are case sensitive and must be unique within the group of defined IP interfaces defined for config router interface and config service vprn interface. Interface names must not be in the dotted-decimal notation of an IP address. For example, the name ‟1.1.1.1” is not allowed, but ‟int-1.1.1.1” is allowed. Show commands for router interfaces use either interface names or the IP addresses. Use unique IP address values and IP address names to maintain clarity. It could be unclear to the user if the same IP address and IP address name values are used. Although not recommended, duplicate interface names can exist in different router instances.

The available IP address space for local subnets and routes is controlled with the config router service-prefix command. The service-prefix command administers the allowed subnets that can be defined on service IP interfaces. It also controls the prefixes that may be learned or statically defined with the service IP interface as the egress interface. This allows segmenting the IP address space into config router and config service domains.

When a new name is entered, a new logical router interface is created. When an existing interface name is entered, the user enters the router interface context for editing and configuration.

By default, there are no default IP interface names defined within the system. All VPRN IP interfaces must be explicitly defined. Interfaces are created in an enabled state.

The no form of this command removes IP the interface and all the associated configuration. The interface must be administratively shutdown before issuing the no interface command.

For VPRN services, the IP interface must be shutdown before the SAP on that interface may be removed. VPRN services do not have the shutdown command in the SAP CLI context. VPRN service SAPs rely on the interface status to enable and disable them.

Parameters
ip-int-name

Specifies the name of the IP interface. Interface names must be unique within the group of defined IP interfaces for config router interface and config service vprn interface commands. An interface name cannot be in the form of an IP address. Interface names can be from 1 to 32 alphanumeric characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.

If ip-int-name already exists within the service ID, the context is changed to maintain that IP interface. If ip-int-name already exists within another service ID or is an IP interface defined within the config router commands, an error occurs and the context is not changed to that IP interface. If ip-int-name does not exist, the interface is created and context is changed to that interface for further command processing.

address
Syntax

address {ip-address/mask | ip-address netmask} [broadcast all-ones | host-ones]

no address

Context

config>service>vprn>if

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command assigns an IP address, IP subnet, and broadcast address format to a VPRN IP router interface. Only one IP address can be associated with an IP interface.

An IP address must be assigned to each VPRN IP interface. An IP address and a mask are used together to create a local IP prefix. The defined IP prefix must be unique within the context of the routing instance. It cannot overlap with other existing IP prefixes defined as local subnets on other IP interfaces in the same routing context within the 7210 SAS.

The local subnet that the address command defines must be part of the services address space within the routing context using the config router service-prefix command. The default is to disallow the complete address space to services. When a portion of the address space is allocated as a service prefix, that portion can be made unavailable for IP interfaces defined within the config router interface CLI context for network core connectivity with the exclude option in the config router service-prefix command.

The IP address for the interface can be entered in either CIDR (Classless Inter-Domain Routing) or traditional dotted-decimal notation. The show commands display CIDR notation and is stored in configuration files.

By default, no IP address or subnet association exists on an IP interface until it is explicitly created.

The no form of this command removes the IP address assignment from the IP interface. When the no address command is entered, the interface becomes operationally down.

Address

Admin state

Oper state

No address

up

down

No address

down

down

1.1.1.1

up

up

1.1.1.1

down

down

The operational state is a read-only variable. The address and admin states are the only controlling variables and can be set independently. If an address is assigned to an interface that is in an administratively up state, it becomes operationally up and the protocol interfaces and the MPLS LSPs associated with that IP interface are reinitialized.

Parameters
ip-address

Specifies the IP address of the IP interface. The ip-address portion of the address command specifies the IP host address that is used by the IP interface within the subnet. This address must be unique within the subnet and specified in dotted-decimal notation. Allowed values are IP addresses in the range 1.0.0.0 – 223.255.255.255 (with support of /31 subnets).

Values

a.b.c.d (no multicast/broadcast address)

/

The forward slash is a parameter delimiter and separates the ip-address portion of the IP address from the mask that defines the scope of the local subnet. No spaces are allowed between the ip-address, the ‟/” and the mask-length parameter. If a forward slash is not immediately following the ip-address, a dotted-decimal mask must follow the prefix. The IPv6-prefix is x:x:x:x:x:x:x:x (eight 16-bit pieces) x:x:x:x:x:x:d.d.d.d, where x: [0 to FFFF]H, d: [0 to 255]D and the ipv6-prefix-length is 0 to 128.

mask

Specifies the subnet mask length when the IP prefix is specified in CIDR notation. When the IP prefix is specified in CIDR notation, a forward slash (/) separates the ip-address from the mask-length parameter. The mask length parameter indicates the number of bits used for the network portion of the IP address; the remainder of the IP address is used to determine the host portion of the IP address.

Values

0 to 32

netmask

Specifies the subnet mask in dotted-decimal notation. When the IP prefix is not specified in CIDR notation, a space separates the ip-address from a traditional dotted-decimal mask. The mask parameter indicates the complete mask that is used in a logical ‛AND’ function to derive the local subnet of the IP address. Allowed values are dotted-decimal addresses in the range 128.0.0.0 to 255.255.255.254. A mask of 255.255.255.255 is reserved for system IP addresses.

Values

a.b.c.d (network bits all 1 and host bits all 0)

broadcast

The optional broadcast parameter overrides the default broadcast address used by the IP interface when sourcing IP broadcasts on the IP interface. If no broadcast format is specified for the IP address, the default value is host-ones which indicates a subnet broadcast address. Use this parameter to change the broadcast address to all-ones or revert back to a broadcast address of host-ones.

The broadcast format on an IP interface can be specified when the IP address is assigned or changed.

This parameter does not affect the type of broadcasts that can be received by the IP interface. A host sending either the local broadcast (all-ones) or the valid subnet broadcast address (host-ones) is received by the IP interface.

Default

host-ones

all-ones

The all-ones keyword following the broadcast parameter specifies that the broadcast address used by the IP interface for this IP address is 255.255.255.255, also known as the local broadcast.

host-ones

The host-ones keyword following the broadcast parameter specifies that the broadcast address used by the IP interface for this IP address is the subnet broadcast address. This is an IP address that corresponds to the local subnet described by the ip-address and the mask-length or mask with all the host bits set to binary one. This is the default broadcast address used by an IP interface.

The broadcast parameter within the address command does not have a negate feature, which is usually used to revert a parameter to the default value. To change the broadcast type to host-ones after being changed to all-ones, the address command must be executed with the broadcast parameter defined.

allow-directed-broadcasts
Syntax

[no] allow-directed-broadcasts

Context

config>service>vprn>if

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command controls the forwarding of directed broadcasts out of the IP interface.

A directed broadcast is a packet received on a local router interface destined for the subnet broadcast address on another IP interface. The allow-directed-broadcasts command on an IP interface enables or disables the transmission of packets destined to the subnet broadcast address of the egress IP interface.

When enabled, a frame destined to the local subnet on this IP interface is sent as a subnet broadcast out this interface. Care should be exercised when allowing directed broadcasts as it is a well-known mechanism used for denial-of-service attacks.

When disabled, directed broadcast packets discarded at this egress IP interface are counted in the normal discard counters for the egress SAP.

By default, directed broadcasts are not allowed and are discarded at this egress IP interface.

The no form of this command disables the forwarding of directed broadcasts out of the IP interface.

Default

no allow-directed-broadcasts

bfd
Syntax

bfd transmit-interval [receive receive-interval] [multiplier multiplier] [echo-receive echo-interval]

no bfd

Context

config>service>vprn>if

config>service>ies>if

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the BFD parameters for the associated IP interface. If no parameters are defined, the default value is used.

The multiplier specifies the number of consecutive BFD messages that must be missed from the peer before the BFD session state is changed to down and the upper level protocols (OSPF, IS-IS, BGP) are notified of the fault.

Note: See the 7210 SAS-Mxp, R6, R12, S, Sx, T Router Configuration Guide for information about the list of routing and MPLS protocols and features that use BFD for protection on 7210 SAS platforms.

The no form of this command removes BFD from the associated IGP protocol adjacency.

Default

no bfd

Parameters
transmit-interval

Specifies the transmit interval for the BFD session.

Values

10 to 100000

Default

100

receive receive-interval

Specifies the receive interval for the BFD session.

Values

10 to 100000

Default

100

multiplier multiplier

Specifies the multiplier for the BFD session.

Values

3 to 20

Default

3

echo-receive echo-interval

Specifies the minimum echo receive interval, in milliseconds, for the BFD session.

Values

100 to 100000

Default

100

cflowd-parameters
Syntax

cflowd-parameters

Context

config>service>vprn>interface

Platforms

7210 SAS-Mxp and 7210 SAS-Sx/S 1/10GE (standalone)

Description

Commands in this context configure traffic sampling for the interface.

sampling
Syntax

sampling {unicast|multicast} type {interface} [direction {ingress-only}]

no sampling {unicast|multicast}

Context

config>service>vprn>interface>cflowd-parameters

Platforms

7210 SAS-Mxp and 7210 SAS-Sx/S 1/10GE (standalone)

Description

This command enables traffic sampling for the interface. See ‟Configuration Notes” in the 7210 SAS-Mxp, R6, R12, S, Sx, T Router Configuration Guide for more information.

The no form of this command disables traffic sampling for the interface.

Default

no sampling

Parameters
unicast

Keyword to enable unicast sampling.

multicast

Keyword to enable multicast sampling.

type

Keyword to configure the cflowd sampling type.

interface

Keyword to configure interface cflowd sampling type.

direction

keyword to configure the direction of the cflowd analysis.

ingress-only

Keyword to configure the ingress direction only for cflowd analysis.

dhcp6-relay
Syntax

[no] dhcp6-relay

Context

config>service>vprn>if>ipv6

Platforms

7210 SAS-Mxp

Description

This command enables DHCPv6 relay for the interface.

The no form of this command disables DHCPv6 relay.

option
Syntax

[no] option

Context

config>service>vprn>if>ipv6>dhcp6-relay

Platforms

7210 SAS-Mxp

Description

This command configures DHCPv6 relay information options.

The no form of this command disables DHCPv6 relay information options.

interface-id
Syntax

interface-id

interface-id ascii-tuple

interface-id ifindex

interface-id sap-id

interface-id string

no interface-id

Context

config>service>vprn>if>ipv6>dhcp6-relay>option

Platforms

7210 SAS-Mxp

Description

This command send interface ID options in the DHCPv6 relay packet.

The no form of this command disables the sending of interface ID options in the DHCPv6 relay packet.

Parameters
ascii-tuple

Specifies the use of the ASCII-encoded concatenated tuple, which consists of the access-node-identifier, service-id, and interface-name, separated by ‟|”.

ifindex

Specifies the use of the interface index. Display the interface index of a router interface by using the show router if detail command.

sap-id

Specifies the use of the SAP identifier.

string

Specifies a string of up to 32 characters, composed of printable, seven-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.

remote-id
Syntax

[no] remote-id

Context

config>service>vprn>if>ipv6>dhcp6-relay>option

Platforms

7210 SAS-Mxp

Description

This command sends the remote ID option in the DHCPv6 relay packet. The client DHCP Unique Identifier (DUID) is used as the remote ID.

The no form of this command disables the sending of the remote ID option in the DHCPv6 relay packet.

server
Syntax

[no] server ipv6z-address

Context

config>service>vprn>if>ipv6>dhcp6-relay

Platforms

7210 SAS-Mxp

Description

This command configures an IPv6 address to the DHCPv6 server used to send the relay packets to.

The no form of this command disables the specified IPv6 address.

Parameters
ipv6z-address

Specifies the IPv6 address of the DHCPv6 server. A maximum of eight addresses can be configured.

Values

ipv6z-address x:x:x:x:x:x:x:x [-interface]

  • x:x:x:x:x:x:d.d.d.d [-interface]
  • x: [0 to FFFF]H
  • d: [0 to 255]D
  • interface: 32 characters maximum,
  • mandatory for link local addresses
source-address
Syntax

[no] source-address ipv6-address

Context

config>service>vprn>if>ipv6>dhcp6-relay

Platforms

7210 SAS-Mxp

Description

This command assigns the source IPv6 address of the DHCPv6 relay messages.

The no form of this command disables the specified IPv6 address.

Parameters
ipv6-address

Specifies the source IPv6 address of the DHCPv6 relay messages.

Values

ipv6-address x:x:x:x:x:x:x:x (eight 16-bit pieces)

  • x:x:x:x:x:x:d.d.d.d
  • x: [0 to FFFF]H
  • d: [0 to 255]D
local-proxy-arp
Syntax

[no] local-proxy-arp

Context

config>service>vprn>if

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command enables local proxy ARP on an IP interface. When this command is enabled, the system responds with its own MAC address to all ARP requests for IP addresses belonging to the subnet, and therefore becomes the forwarding point for all traffic between hosts in that subnet.

When this command is enabled, ICMP redirects on the ports associated with the service are automatically blocked.

Default

no local-proxy-arp

loopback
Syntax

[no] loopback

Context

config>service>vprn>if

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command specifies that the associated interface is a loopback interface that has no associated physical interface. As a result, the associated interface cannot be bound to a SAP.

When using mtrace/mstat in an L3 VPN context, the configuration for the VPRN should have a loopback address configured that has the same address as the system address of the core instance (BGP next-hop).

proxy-arp-policy
Syntax

[no] proxy-arp-policy policy-name [policy-name...(up to 5 max)]

Context

config>service>vprn>if

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command enables a proxy ARP policy for the interface.

The no form of this command disables the proxy ARP capability.

Default

no proxy-arp

Parameters
policy-name

Specifies the export route policy name. Allowed values are any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.

remote-proxy-arp
Syntax

[no] remote-proxy-arp

Context

config>service>vprn>if

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command enables remote proxy ARP on the interface.

Remote proxy ARP is similar to proxy ARP. It allows the router to answer an ARP request on an interface for a subnet that is not provisioned on that interface. This allows the router to forward to the other subnet on behalf of the requester. To distinguish remote proxy ARP from local proxy ARP, local proxy ARP performs a similar function but only when the requested IP is on the receiving interface.

secondary
Syntax

secondary {ip-address/mask | ip-address netmask} [broadcast {all-ones | host-ones}] [igp-inhibit]

no secondary {ip-address/mask | ip-address netmask}

Context

config>service>vprn>if

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command assigns up to 64 secondary IP addresses to the interface, including the primary IP address. Each address can be configured in an IP address, IP subnet, or broadcast address format.

Parameters
ip-address

Specifies the IP address of the IP interface. The ip-address portion of the address command specifies the IP host address that is used by the IP interface within the subnet. This address must be unique within the subnet and specified in dotted-decimal notation.

Values

a.b.c.d

/

The forward slash is a parameter delimiter that separates the ip-address portion of the IP address from the mask that defines the scope of the local subnet. No spaces are allowed between the ip-address, the "/" and the mask parameter. If a forward slash does not immediately follow the ip-address, a dotted-decimal netmask must follow the prefix.

mask

Specifies the subnet mask length when the IP prefix is specified in CIDR notation. When the IP prefix is specified in CIDR notation, a forward slash (/) separates the ip-address from the mask parameter. The mask parameter indicates the number of bits used for the network portion of the IP address; the remainder of the IP address is used to determine the host portion of the IP address. Allowed values are integers in the range 1 to 32. A mask length of 32 is reserved for system IP addresses.

Values

1 to 32

netmask

Specifies the subnet mask in dotted-decimal notation. When the IP prefix is not specified in CIDR notation, a space separates the ip-address from a traditional dotted-decimal mask. The netmask parameter indicates the complete mask that is used in a logical 'AND' function to derive the local subnet of the IP address. A netmask of 255.255.255.255 is reserved for system IP addresses.

Values

a.b.c.d (network bits all 0 and host bits all 1)

broadcast {all-ones | host-ones}

The optional broadcast parameter overrides the default broadcast address used by the IP interface when sourcing IP broadcasts on the IP interface. If no broadcast format is specified for the IP address, the default value is host-ones, which indicates a subnet broadcast address. Use this parameter to change the broadcast address to all-ones or revert to a broadcast address of host-ones.

The broadcast parameter within the address command does not have a negate feature, which is usually used to revert a parameter to the default value. To change the broadcast type to host-ones after being configured as all-ones, the address command must be executed with the broadcast parameter defined. The broadcast format on an IP interface can be specified when the IP address is assigned or changed.

This parameter does not affect the type of broadcasts that can be received by the IP interface. A host sending either the local broadcast (all-ones) or the valid subnet broadcast address (host-ones) is received by the IP interface

Values

all-ones — Specifies that the broadcast address used by the IP interface for this IP address is 255.255.255.255, also known as the local broadcast.

host-ones — Specifies that the broadcast address used by the IP interface for this IP address is the subnet broadcast address. This is an IP address that corresponds to the local subnet described by the ip-address and mask or netmask with all of the host bits set to binary 1. This is the default broadcast address used by an IP interface.

Default

host-ones

igp-inhibit

Specifies that the secondary IP address should not be recognized as a local interface by the running IGP.

static-arp
Syntax

static-arp ip-address ieee-address

no static-arp ip-address [ieee-address]

static-arp [ieee-addr] unnumbered

no static-arp ieee-addr unnumbered

Context

config>service>vprn>if

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures a static address resolution protocol (ARP) entry associating a subscriber IP address with a MAC address for the core router instance. This static ARP appears in the core routing ARP table. A static ARP can only be configured if it exists on the network attached to the IP interface. If an entry for a particular IP address already exists and a new MAC address is configured for the IP address, the existing MAC address is replaced with the new MAC address.

When the unnumbered keyword is used, this command configures a static ARP entry associating an unnumbered interface with a MAC address for the core router instance. This static ARP appears in the core routing ARP table. A static ARP can only be configured if it exists on the network attached to the unnumbered interface.

If an entry for a particular unnumbered interface already exists and a new MAC address is configured for the interface, the existing MAC address is replaced with the new MAC address.

The no form of this command removes a static ARP entry.

Parameters
ip-address

Specifies the IP address for the static ARP in IP address dotted-decimal notation.

ieee-address

Specifies the 48-bit MAC address for the static ARP in the form aa:bb:cc:dd:ee:ff or aa-bb-cc-dd-ee-ff where aa, bb, cc, dd, ee and ff are hexadecimal numbers. Allowed values are any non-broadcast, non-multicast MAC and non-IEEE reserved MAC addresses.

unnumbered

Specifies the static ARP MAC for an unnumbered interface. Unnumbered interfaces support dynamic ARP. When this command is configured, it overrides any dynamic ARP.

Router advertisement commands
router-advertisement
Syntax

[no] router-advertisement

Context

config>service>vprn

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures router advertisement properties. By default, it is disabled for all IPv6 enabled interfaces.

The no form of this command disables all IPv6 interfaces. However, the no interface interface-name command disables a specific interface.

Default

disabled

interface
Syntax

[no] interface ip-int-name

Context

config>service>vprn>router-advertisement

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures router advertisement properties on a specific interface. The interface must already exist in the config>router>interface context.

Default

No interfaces are configured.

Parameters
ip-int-name

Specifies the interface name. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.

current-hop-limit
Syntax

current-hop-limit number

no current-hop-limit

Context

config>service>vprn>router-advert>if

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the current-hop-limit in the router advertisement messages. It informs the nodes on the subnet about the hop-limit when originating IPv6 packets.

Default

64

Parameters
number

Specifies the hop limit number.

Values

0 to 255. A value of zero means there is an unspecified number of hops.

managed-configuration
Syntax

[no] managed-configuration

Context

config>service>vprn>router-advert>if

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command sets the managed address configuration flag. This flag indicates that DHCPv6 is available for address configuration in addition to any address autoconfigured using stateless address autoconfiguration.

Default

no managed-configuration

max-advertisement-interval
Syntax

[no] max-advertisement-interval seconds

Context

config>service>vprn>router-advert>if

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the maximum interval between sending router advertisement messages.

Default

600

Parameters
seconds

Specifies the maximum interval in seconds between sending router advertisement messages.

Values

4 to 1800

min-advertisement-interval
Syntax

[no] min-advertisement-interval seconds

Context

config>service>vprn>router-advert>if

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the minimum interval between sending ICMPv6 neighbor discovery router advertisement messages.

Default

200

Parameters
seconds

Specifies the minimum interval in seconds between sending ICMPv6 neighbor discovery router advertisement messages.

Values

3 to 1350

mtu
Syntax

[no] mtu mtu-bytes

Context

config>service>vprn>router-advert>if

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the MTU for the nodes to use to send packets on the link.

Default

no mtu

Parameters
mtu-bytes

Specifies the MTU for the nodes to use to send packets on the link.

Values

1280 to 9212

other-stateful-configuration
Syntax

[no] other-stateful-configuration

Context

config>service>vprn>router-advert>if

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command sets the "Other configuration" flag. This flag indicates that DHCPv6lite is available for autoconfiguration of other (non-address) information, such as DNS-related information or information about other servers in the network.

Default

no other-stateful-configuration

prefix
Syntax

[no] prefix [ipv6-prefix/prefix-length]

Context

config>service>vprn>router-advert>if

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures an IPv6 prefix in the router advertisement messages. To support multiple IPv6 prefixes, use multiple prefix statements. No prefix is advertised until explicitly configured using prefix statements.

Parameters
ip-prefix

Specifies the IP prefix for prefix list entry in dotted-decimal notation.

Values

ipv4-prefix

a.b.c.d (host bits must be 0)

ipv4-prefix-length

0 to 32

ipv6-prefix

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x:

[0 — FFFF]H

d:

[0 — 255]D

ipv6-prefix-length

0 to 128

prefix-length

Specifies a route must match the most significant bits and have a prefix length.

Values

1 to 128

autonomous
Syntax

[no] autonomous

Context

config>service>vprn>router-advert>if>prefix

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command specifies whether the prefix can be used for stateless address autoconfiguration.

Default

enabled

on-link
Syntax

[no] on-link

Context

config>service>vprn>router-advert>if>prefix

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command specifies whether the prefix can be used for onlink determination.

Default

enabled

preferred-lifetime
Syntax

[no] preferred-lifetime {seconds | infinite}

Context

config>service>vprn>router-advert>if

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the remaining length of time in seconds that this prefix continues to be preferred, such as, time until deprecation. The address generated from a deprecated prefix should not be used as a source address in new communications, but packets received on such an interface are processed as expected.

Default

604800

Parameters
seconds

Specifies the remaining length of time in seconds that this prefix continues to be preferred.

infinite

Specifies that the prefix is always preferred. A value of 4,294,967,295 represents infinity.

valid-lifetime
Syntax

valid-lifetime {seconds | infinite}

Context

config>service>vprn>router-advert>if

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command specifies the length of time in seconds that the prefix is valid for the purpose of on-link determination. A value of all one bits (0xffffffff) represents infinity.

The address generated from an invalidated prefix should not appear as the destination or source address of a packet.

Default

2592000

Parameters
seconds

Specifies the remaining length of time, in seconds, that this prefix continues to be valid.

infinite

Specifies that the prefix is always valid. A value of 4,294,967,295 represents infinity.

reachable-time
Syntax

reachable-time milli-seconds

no reachable-time

Context

config>service>vprn>router-advert>if

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures how long this router should be considered reachable by other nodes on the link after receiving a reachability confirmation.

Default

no reachable-time

Parameters
milli-seconds

Specifies the length of time in milliseconds the router should be considered reachable.

Values

0 to 3600000

retransmit-time
Syntax

retransmit-timer milli-seconds

no retransmit-timer

Context

config>service>vprn>router-advert>if

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the retransmission frequency of neighbor solicitation messages.

Default

no retransmit-time

Parameters
milli-seconds

Specifies in milliseconds how often the retransmission should occur.

Values

0 to 1800000

router-lifetime
Syntax

router-lifetime seconds

no router-lifetime

Context

config>service>vprn>router-advert>if

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command sets the router lifetime.

Default

1800

Parameters
seconds

Specifies the length of time, in seconds, (relative to the time the packet is sent) that the prefix is valid for route determination.

Values

0, 4 to 9000 seconds. 0 means that the router is not a default router on this link.

ip-mtu
Syntax

ip-mtu octets

no ip-mtu

Context

config>service>vprn>if

Platforms

Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode

Description

This command configures the maximum IP transmit unit (packet) for the interface.

The MTU that is advertised from the VPRN size is:

MINIMUM((SdpOperPathMtu - EtherHeaderSize), (Configured ip-mtu))

By default (for Ethernet network interface) if no ip-mtu is configured, the packet size is (1568 - 14) = 1554.

The no form of this command reverts to the default value.

Default

no ip-mtu

Parameters
octets

Specifies the number of octets in the IP-MTU.

Values

512 to 9000

Interface ICMP commands
icmp
Syntax

icmp

Context

config>service>vprn>if

config>service>vprn>sub-if>grp-if

config>service>vprn>nw-if

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures Internet Control Message Protocol (ICMP) parameters on a VPRN service.

mask-reply
Syntax

[no] mask-reply

Context

config>service>vprn>if>icmp

config>service>vprn>sub-if>grp-if>icmp

config>service>vprn>nw-if>icmp#

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command enables responses to Internet Control Message Protocol (ICMP) mask requests on the router interface.

If a local node sends an ICMP mask request to the router interface, the mask-reply command configures the router interface to reply to the request.

By default, the router instance replies to mask requests.

The no form of this command disables replies to ICMP mask requests on the router interface.

Default

mask-reply

redirects
Syntax

redirects [number seconds]

no redirects

Context

config>service>vprn>if>icmp

config>service>vprn>sub-if>grp-if>icmp

config>service>vprn>nw-if>icmp#

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the rate for Internet Control Message Protocol (ICMP) redirect messages issued on the router interface.

When routes are not optimal on this router and another router on the same subnetwork has a better route, the router can issue an ICMP redirect to alert the sending node that a better route is available.

The rate at which ICMP redirects is issued can be controlled with the optional number and seconds parameters by indicating the maximum number of redirect messages that can be issued on the interface for a specific time interval.

By default, generation of ICMP redirect messages is enabled at a maximum rate of 100 per 10 second time interval.

The no form of this command disables the generation of icmp redirects on the router interface.

Default

redirects 100 10

Parameters
number

Specifies the maximum number of ICMP redirect messages to send. This parameter must be specified with the seconds parameter.

Values

10 to 1000

seconds

Specifies the time frame in seconds used to limit the seconds of ICMP redirect messages that can be issued.

Values

1 to 60

ttl-expired
Syntax

ttl-expired number seconds

no ttl-expired

Context

config>service>vprn>if>icmp

config>service>vprn>sub-if>grp-if>icmp

config>service>vprn>nw-if>icmp#

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the rate Internet Control Message Protocol (ICMP) TTL expired messages are issued by the IP interface.

By default, generation of ICMP TTL expired messages is enabled at a maximum rate of 100 per 10 second time interval.

The no form of this command disables the limiting the rate of TTL expired messages on the router interface.

Default

ttl-expired 100 10

Parameters
number

Specifies the maximum number of ICMP TTL expired messages to send, expressed as a decimal integer. This parameter must be specified with the seconds parameter.

Values

10 to 1000

seconds

Specifies the time frame in seconds used to limit the number of ICMP TTL expired messages that can be issued, expressed as a decimal integer.

Values

1 to 60

unreachables
Syntax

unreachables [number seconds]

no unreachables

Context

config>service>vprn>if>icmp

config>service>vprn>sub-if>grp-if>icmp

config>service>vprn>nw-if>icmp#

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command enables and configures the rate for ICMP host and network destination unreachable messages issued on the router interface.

The rate at which ICMP unreachables is issued can be controlled with the optional number and seconds parameters by indicating the maximum number of destination unreachable messages which can be issued on the interface for a specific time interval.

By default, generation of ICMP destination unreachable messages is enabled at a maximum rate of 10 per 10 second time interval.

The no form of this command disables the generation of icmp destination unreachable messages on the router interface.

Default

unreachables 100 10

Parameters
number

Specifies the maximum number of ICMP unreachable messages to send. This parameter must be specified with the seconds parameter.

Values

10 to 1000

seconds

Specifies the time frame in seconds used to limit the number of ICMP unreachable messages that can be issued.

Values

1 to 60

Interface SAP commands
sap
Syntax

sap sap-id [create]

no sap sap-id

Context

config>service>vprn>if

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command creates a SAP within a service. A SAP is a combination of port and encapsulation parameters which identifies the SAP on the interface and within the 7210 SAS. Each SAP must be unique.

All SAPs must be explicitly created. If no SAPs are created within a service or on an IP interface, a SAP does not exist on that object.

Enter an existing SAP without the create keyword to edit SAP parameters. The SAP is owned by the service in which it was created.

A SAP can only be associated with a single service. A SAP can only be defined on a port that has been configured as an access port using the config interface port-type port-id mode access command.

If a port is shutdown, all SAPs on that port become operationally down. When a service is shutdown, SAPs for the service are not displayed as operationally down although all traffic traversing the service is discarded. The operational state of a SAP is relative to the operational state of the port on which the SAP is defined.

The no form of this command deletes the SAP with the specified port. When a SAP is deleted, all configuration parameters for the SAP are also deleted.

Default

No SAPs are defined.

Special Cases
VPRN

A VPRN SAP must be defined on an Ethernet interface.

sap ipsec-id.private | public:tag — This parameter associates an IPSec group SAP with this interface. This is the public side for an IPSec tunnel. Tunnels referencing this IPSec group in the private side may be created if their local IP is in the subnet of the interface subnet and the routing context specified matches with the one of the interface.

This context provides a SAP to the tunnel. The operator may associate an ingress and egress QoS policies as well as filters and virtual scheduling contexts. Internally, this creates an Ethernet SAP that is used to send and receive encrypted traffic to and from the MDA. Multiple tunnels can be associated with this SAP. The ‟tag” is a dot1q value. The operator may see it as an identifier. The range is limited to 1 to 4094.

Parameters
sap-id

Specifies the physical port identifier portion of the SAP definition. See Common CLI command descriptions for command syntax.

create

Keyword used to create a SAP instance.

tod-suite
Syntax

tod-suite tod-suite-name

no tod-suite

Context

config>service>vprn>if>sap

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command applies a time-based policy (filter or QoS policy) to the SAP. The suite name must already exist in the config>cron context.

Default

no tod-suite

Parameters
tod-suite-name

Specifies collection of policies (ACLs, QoS) including time-ranges that define the full or partial behavior of a SAP or a subscriber. The suite can be applied to more than one SAP.

accounting-policy
Syntax

accounting-policy acct-policy-id

no accounting-policy

Context

config>service>vprn>if>sap

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command creates the accounting policy context that can be applied to an interface SAP or interface SAP spoke-SDP.

An accounting policy must be defined before it can be associated with a SAP. If the policy-id does not exist, an error message is generated.

A maximum of one accounting policy can be associated with a SAP at one time. Accounting policies are configured in the config>log context.

The no form of this command removes the accounting policy association from the SAP, and the accounting policy reverts to the default.

Default

Default accounting policy.

Parameters
acct-policy-id

Specifies the accounting policy-id as configured in the config>log>accounting-policy context.

Values

1 to 99

collect-stats
Syntax

[no] collect-stats

Context

config>service>vprn>if>sap

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command enables accounting and statistical data collection for either an interface SAP or interface SAP spoke-SDP, or network port. When applying accounting policies the data, by default, is collected in the appropriate records and written to the designated billing file.

When the no collect-stats command is issued the statistics are still accumulated by the IOM cards. However, the CPU does not obtain the results and write them to the billing file. If a subsequent collect-stats command is issued, the counters written to the billing file include all the traffic while the no collect-stats command was in effect.

Default

no collect-stats

arp-timeout
Syntax

arp-timeout seconds

no arp-timeout

Context

config>service>vprn>if

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the minimum time in seconds an ARP entry learned on the IP interface is stored in the ARP table. ARP entries are automatically refreshed when an ARP request or gratuitous ARP is seen from an IP host, otherwise, the ARP entry is aged from the ARP table. If arp-timeout is set to a value of zero seconds, ARP aging is disabled.

The no form of this command restores arp-timeout to the default value.

Default

14400 seconds

Parameters
seconds

Specifies the minimum number of seconds a learned ARP entry is stored in the ARP table, expressed as a decimal integer. A value of zero specifies that the timer is inoperative and learned ARP entries is not aged.

Values

0 to 65535

delayed-enable
Syntax

delayed-enable seconds [init-only]

no delayed-enable

Context

config>service>vprn>if

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command delays making the interface operational by the specified number of seconds.

In environments with many subscribers, it can take time to synchronize the subscriber state between peers when the subscriber-interface is enabled (perhaps, after a reboot). To ensure that the state has time to be synchronized, the delayed-enable timer can be specified. The optional parameter init-only can be added to use this timer only after a reboot.

Default

no delayed-enable

Parameters
seconds

Specifies the number of seconds to delay before the interface is operational.

Values

1 to 1200

init-only

Delays the initialization of the subscriber-interface to give the rest of the system time to complete necessary tasks such as allowing routing protocols to converge and to allow MCS to sync the subscriber information. The delay only occurs immediately after a reboot.

Interface SAP filter and QoS policy commands
egress
Syntax

egress

Context

config>service>vprn>if>sap

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

Commands in this context configure egress SAP Quality of Service (QoS) policies and filter policies.

If no sap-egress QoS policy is defined, the system default sap-egress QoS policy is used for egress processing. If no egress filter is defined, no filtering is performed.

ingress
Syntax

ingress

Context

config>service>vprn>if>sap

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

Commands in this context configure ingress SAP Quality of Service (QoS) policies and filter policies.

If no SAP ingress QoS policy is defined, the system default SAP ingress QoS policy is used for ingress processing. If no ingress filter is defined, no filtering is performed.

aggregate-meter-rate
Syntax

aggregate-meter-rate rate-in-kbps [burst burst-in-kbits]

no aggregate-meter-rate

Context

config>service>vprn>if>sap>ingress

Platforms

Supported on all 7210 SAS platforms as described in this document, excluding platforms configured in the access-uplink operating mode; not supported on 7210 SAS-Sx 10/100GE

Description

This command allows the user to configure the SAP aggregate policer. The rate of the SAP aggregate policer must be specified by the user. The user can optionally specify the burst size for the SAP aggregate policer. The aggregate policer monitors the traffic on different FCs and determines the destination of the packet. The packet is either forwarded to an identified profile or dropped.

Note:

The sum of CIR of the individual FCs configured under the SAP cannot exceed the PIR rate configured for the SAP. Though the 7210 SAS software does not block this configuration, it is not recommended for use.

The following table provides information about the final disposition of the packet based on the operating rate of the per FC policer and the per SAP aggregate policer.

Table 2. Final disposition of the packet based on per-FC and per-SAP policer or meter

Per FC meter operating rate

Per FC assigned color

SAP aggregate meter operating rate

SAP aggregate meter color

Final packet color

Within CIR

Green

Within PIR

Green

Green or

In-profile

Within CIR1

Green

Above PIR

Red

Green or

In-profile

Above CIR, Within PIR

Yellow

Within PIR

Green

Yellow or

Out-of-Profile

Above CIR, Within PIR

Yellow

Above PIR

Red

Red or

Dropped

Above PIR

Red

Within PIR

Green

Red or

Dropped

Above PIR

Red

Above PIR

Red

Red or

Dropped

1 This row is not recommended for use. For more information about this, see the Note in the aggregate-meter-rate description.

When the SAP aggregate policer is configured, per FC policer can be only configured in ‟trtcm2” mode (RFC 4115).

Note:

The meter modes ‟srtcm” and ‟trtcm1” are used in the absence of an aggregate meter.

The SAP ingress meter counters increment the packet or octet counts based on the final disposition of the packet.

If ingress Frame-based accounting is used, the SAP aggregate meter rate accounts for the Ethernet frame overhead. The system accounts for 12 bytes of IFG and 8 bytes of start delimiter.

The no form of this command removes the aggregate policer from use.

Default

no aggregate-meter-rate

Parameters
rate-in-kbps

Specifies the rate in kilobits per second.

Values

01 to 20000000, max

Default

max

burst burst-in-kilobits

Specifies the burst size for the policer in kilobits. The burst size cannot be configured without configuring the rate.

Values

4 to 2146959

Default

512

filter
Syntax

filter [ip [ip-filter-id | ipv6 ipv6-filter-id]]

filter [mac mac-filter-id]

no filter [ip [ip-filter-id | ipv6 ipv6-filter-id]]

no filter [mac mac-filter-id]

no filter

Context

config>service>vprn>if>sap>egress

config>service>vprn>if>sap>ingress

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command associates an IP filter policy with an ingress or egress Service Access Point (SAP) or IP interface. Filter policies control the forwarding and dropping of packets based on IP matching criteria.

Note:

SAP egress QoS policies are only supported on the 7210 SAS-Mxp.

The ip-filter-id must already be defined before the filter command is executed. If the filter policy does not exist, the operation fails and an error message is returned.

In general, filters applied to SAPs (ingress or egress) apply to all packets on the SAP. One exception is non-IP packets are not applied to IP match criteria, so the default action in the filter policy applies to these packets.

The no form of this command removes any configured filter ID association with the SAP or IP interface. The filter ID is not removed from the system unless the scope of the created filter is set to local.

Parameters
ip ip-filter-id

Specifies IP filter policy. The filter ID must already exist within the created IP filters.

Values

1 to 65535

ipv6 ipv6-filter-id

Specifies the IPv6 filter policy. The filter ID must already exist within the created IPv6 filters.

Values

1 to 65535

mac mac-filter-id

Specifies the MAC filter policy. The specified filter ID must already exist within the created MAC filters. The filter policy must already exist within the created MAC filters.

Values

1to 65535

qos
Syntax

qos policy-id

qos policy-id [enable-table-classification] (for 7210 SAS-Mxp only)

no qos

Context

config>service>vprn>if>sap>egress

config>service>vprn>if>sap>ingress

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command associates a Quality of Service (QoS) policy with an ingress or egress Service Access Point (SAP) or IP interface. QoS ingress and egress policies are important for the enforcement of SLA agreements. The policy ID must be defined before associating the policy with a SAP or IP interface. If the policy-id does not exist, an error is returned.

The qos command only allows ingress policies to be associated on SAP or IP interface ingress, and only allows egress policies on SAP or IP interface egress. Attempts to associate a QoS policy of the wrong type returns an error.

Only one ingress and one egress QoS policy can be associated with a SAP or IP interface at one time. Attempts to associate a second policy of same or different type replaces the earlier one with the new policy.

Note:

SAP egress QoS policies are only supported on the 7210 SAS-Mxp.

On the 7210 SAS-Mxp (ingress), using the enable-table-classification keyword enables the use of IP DSCP tables to assign FC and profile on a per-SAP ingress basis. The match-criteria configured in the service ingress policy, which require CAM resources, are ignored. Only meters from the service ingress policy are used (and the meters still require CAM resources). The IP DSCP classification policy configured in the SAP ingress policy is used to assign FC and profile. The default FC is assigned from the SAP ingress policy.

Note:

On the 7210 SAS-Mxp, when the interface is associated with RVPLS, the behavior of the qos command is affected. See the config>service>vprn>if>vpls> ingress>enable-table-classification and routed-override-qos-policy commands for more information about classification behavior for RVPLS.

The no form of this command removes the QoS policy association from the SAP or IP interface, and the QoS policy reverts to the default.

Default

No specific QoS policy is associated with the SAP or IP interface for ingress or egress, so the default QoS policy is used.

Parameters
policy-id

Specifies the ingress/egress policy ID to associate with SAP or IP interface on ingress/egress. The policy ID must already exist.

Values

1 to 65535

enable-table-classification

Enables the use of table-based classification instead of CAM-based classification at SAP ingress. The FC and profile are taken from the IP DSCP classification policy configured in the ingress policy, along with the meters from the SAP ingress policy. Match-criteria entries in the SAP ingress policy are ignored.

Interface VRRP commands
ipv6
Syntax

ipv6

Context

config>service>vprn>if

Platforms

7210 SAS-Mxp

Description

Commands in this context configure VPRN IPv6 parameters.

vrrp
Syntax

vrrp virtual-router-id [owner]

no vrrp virtual-router-id

Context

config>service>vprn>if

config>service>vprn>if>ipv6 (7210 SAS-Mxp only)

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command creates or edits a Virtual Router ID (VRID) on the service IP interface. A VRID is internally represented in conjunction with the IP interface name. This allows the VRID to be used on multiple IP interfaces while representing different virtual router instances.

Two VRRP nodes can be defined on an IP interface. One, both, or none may be defined as owner. The nodal context of vrrp virtual-router-id is used to define the configuration parameters for the VRID.

The no form of this command removes the specified VRID from the IP interface. This terminates VRRP participation for the virtual router and deletes all references to the VRID. The VRID does not need to be shutdown to remove the virtual router instance.

Parameters
virtual-router-id

Specifies a new virtual router ID or one that can be modified on the IP interface.

Values

1 to 255

authentication-key
Syntax

authentication-key [authentication-key | hash-key] [hash | hash2]

no authentication-key

Context

config>service>vprn>if>vrrp

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command, within the vrrp virtual-router-id context, assigns a simple text password authentication key to generate master VRRP advertisement messages and validate received VRRP advertisement messages.

The authentication-key command is one of the few commands not affected by the presence of the owner keyword. If simple text password authentication is not required, this command is not required. If the command is re-executed with a different password key defined, the new key is used immediately. If a no authentication-key command is executed, the password authentication key is restored to the default value. The authentication-key command may be executed at any time, altering the simple text password used when authentication-type password authentication method is used by the virtual router instance. The authentication-type password command does not need to be executed before defining the authentication-key command.

To change the current in-use password key on multiple virtual router instances:

  • Identify the current master

  • Shutdown the virtual router instance on all backups

  • Execute the authentication-key command on the master to change the password key

  • Execute the authentication-key command and no shutdown command on each backup key

The no form of this command restores the default null string to the value of key.

Default

No default. The authentication data field contains the value 0 in all 16 octets.

Parameters
authentication-key

Specifies the simple text password used when VRRP Authentication Type 1 is enabled on the virtual router instance. Type 1 uses a string eight octets long that is inserted into all transmitted VRRP advertisement messages and compared against all received VRRP advertisement messages. The authentication data fields are used to transmit the key.

The key parameter is expressed as a string consisting of up to eight alpha-numeric characters. Spaces must be contained in quotation marks ( ‟ ” ). The quotation marks are not considered part of the string.

The string is case sensitive and is left-justified in the VRRP advertisement message authentication data fields. The first field contains the first four characters with the first octet (starting with IETF RFC bit position 0) containing the first character. The second field holds the fifth through eighth characters. Any unspecified portion of the authentication data field is padded with the value 0 in the corresponding octet.

Values

Any 7-bit printable ASCII character.

Exceptions:

Double quote

(")

ASCII 34

Carriage Return

ASCII 13

Line Feed

ASCII 10

Tab

ASCII 9

Backspace

ASCII 8

hash-key

The hash key. The key can be any combination of ASCII characters up to 22 characters (encrypted). If spaces are used in the string, enclose the entire string in quotation marks (‟ ”).

This is useful when a user must configure the parameter, but, for security purposes, the actual unencrypted key value is not provided.

hash

Specifies the key is entered in an encrypted form. If the hash parameter is not used, the key is assumed to be in a non-encrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash parameter specified.

hash2

Specifies the key is entered in a more complex encrypted form. If the hash2 parameter is not used, the less encrypted hash form is assumed.

best-path-selection
Syntax

best-path-selection

Context

config>service>vprn>bgp

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

Commands in this context configure path selection.

always-compare-med
Syntax

always-compare-med {zero | infinity}

no always-compare-med strict-as {zero | infinity}

no always-compare-med

Context

config>service>vprn>bgp>best-path-selection

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the comparison of BGP routes based on the MED attribute. The default behavior of 7210 SAS (equivalent to the no form of this command) is to only compare two routes on the basis of MED if they have the same neighbor AS (the first non-confed AS in the received AS_PATH attribute). Also by default, a route without a MED attribute is handled the same as though it had a MED attribute with the value 0. The always-compare-med command without the strict-as keyword allows MED to be compared even if the paths have a different neighbor AS; in this case, if neither zero or infinity is specified, the zero option is inferred, meaning a route without a MED is handled the same as though it had a MED attribute with the value 0. When the strict-as keyword is present, MED is only compared between paths from the same neighbor AS, and in this case, zero or infinity is mandatory and tells BGP how to interpret paths without a MED attribute.

Default

no always-compare-med

Parameters
zero

Specifies that for routes learned without a MED attribute that a zero (0) value is used in the MED comparison. The routes with the lowest metric are the most preferred.

infinity

Specifies for routes learned without a MED attribute that a value of infinity (2^32-1) is used in the MED comparison. This in effect makes these routes the least desirable.

strict-as

Specifies BGP paths to be compared even with different neighbor AS.

as-path-ignore
Syntax

as-path-ignore [ipv4] [ipv6]

no as-path-ignore

Context

config>service>vprn>bgp>best-path-selection

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command determines whether the AS path is used to determine the best BGP route.

If this option is present, the AS paths of incoming routes are not used in the route selection process.

The no form of this command removes the parameter from the configuration.

Default

no as-path-ignore

Parameters
ipv4

Specifies that the AS-path length is ignored for all IPv4 routes.

ipv6

Specifies that the length AS-path is ignored for all IPv6 VPRN routes.

ignore-nh-metric
Syntax

ignore-nh-metric

no ignore-nh-metric

Context

config>service>vprn>bgp>best-path-selection

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command instructs BGP to disregard the resolved distance to the BGP next-hop in its decision process for selecting the best route to a destination. When configured in the config>router>bgp>best-path-selection context, this command applies to the comparison of two BGP routes with the same NLRI learned from base router BGP peers. When configured in the config>service>vprn context, this command applies to the comparison of two BGP-VPN routes for the same IP prefix imported into the VPRN from the base router BGP instance. When configured in the config>service>vprn>bgp>best-path-selection context, this command applies to the comparison of two BGP routes for the same IP prefix learned from VPRN BGP peers.

The no form of this command restores the default behavior whereby BGP factors distance to the next-hop into its decision process.

Default

no ignore-nh-metric

ignore-router-id
Syntax

ignore-router-id

no ignore-router-id

Context

config>service>vprn>bgp>best-path-selection

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command ensures that when the current best path to a destination is learned from eBGP peer X with BGP identifier x, and a new path is received from eBGP peer Y with BGP identifier y, the best path remains unchanged if the new path is equivalent to the current best path up to the BGP identifier comparison – even if y is less than x.

The no form of this command restores the default behavior of selecting the route with the lowest BGP identifier (y) as best.

Default

no ignore-router-id

backup
Syntax

[no] backup ip-address

Context

config>service>vprn>if>vrrp

config>service>vprn>if>ipv6>vrrp (7210 SAS-Mxp only)

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures virtual router IP addresses for the interface.

bfd-enable
Syntax

[no] bfd-enable [service-id] interface interface-name dst-ip ip-address

Context

config>service>vprn>if>vrrp

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command assigns a bi-directional forwarding (BFD) session, providing a heart-beat mechanism for the VRRP instance. There can only be one BFD session assigned to a specified VRRP instance, but multiple VRRP instances can use the same BFD session. If the specified interface is configured with centralized BFD, the BFD transmit and receive intervals must be 300 ms or longer.

BFD controls the state of the associated interface. By enabling BFD on a protocol interface, the state of the protocol interface is tied to the state of the BFD session between the local node and the remote node. The parameters used for the BFD session are configured using the BFD command under the IP interface. The virtual router initiates the BFD session after the specified interface is configured with BFD.

Parameters
service-id

Specifies the service ID of the interface that is running BFD.

Values

service-id — 1 to 2147483648

svc-name — Specifies an existing service name up to 64 characters in length.

interface-name

Specifies the name of the interface that is running BFD.

ip-address

Specifies the destination address to be used for the BFD session.

init-delay
Syntax

init-delay seconds

no init-delay

Context

config>service>vprn>if>vrrp

config>service>vprn>if>ipv6>vrrp (7210 SAS-Mxp only)

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures a VRRP initialization delay timer.

Default

no init-delay

Parameters
seconds

Specifies the initialization delay timer, in seconds, for VRRP.

Values

1 to 65535

master-int-inherit
Syntax

[no] master-int-inherit

Context

config>service>vprn>if>vrrp

config>service>vprn>if>ipv6>vrrp (7210 SAS-Mxp only)

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command allows the master instance to dictate the master down timer (non-owner context only).

Default

no master-int-inherit

message-interval
Syntax

message-interval {[seconds] [milliseconds milliseconds]}

no message-interval

Context

config>service>vprn>if

config>service>vprn>if>ipv6>vrrp (7210 SAS-Mxp only)

Platforms

Supported on all 7210 SAS platforms as described in this document

Description

This command sets the advertisement timer and indirectly sets the master down timer on the virtual router instance. The message-interval setting must be the same for all virtual routers participating as a virtual router. Any VRRP advertisement message received with an Advertisement Interval field different from the virtual router instance configured message-interval value is silently discarded.

The message-interval command is available in both non-owner and owner vrrp virtual-router-id nodal contexts. If the message-interval command is not executed, the default message interval of 1 second is used.

The no form of this command restores the default message interval value of 1 second to the virtual router instance.

Parameters
seconds

Specifies the number of seconds that transpire before the advertisement timer expires.

Values

1 to 255

Default

1

milliseconds milliseconds

Specifies the time interval, in milliseconds, between sending advertisement messages. This parameter is not supported on single-slot chassis.

Values

100 to 900

ping-reply
Syntax

[no] ping-reply

Context

config>service>vprn>if>vrrp

config>service>vprn>if>ipv6>vrrp (7210 SAS-Mxp only)

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command enables the non-owner master to reply to ICMP echo requests directed at the virtual router instances IP addresses. The ping request can be received on any routed interface.

Ping must not have been disabled at the management security level (either on the parental IP interface or based on the Ping source host address). When ping-reply is not enabled, ICMP echo requests to non-owner master virtual IP addresses are silently discarded.

Non-owner backup virtual routers never respond to ICMP echo requests regardless of the setting of ping-reply configuration.

The ping-reply command is only available in non-owner vrrp virtual-router-id nodal context. If the ping-reply command is not executed, ICMP echo requests to the virtual router instance IP addresses are silently discarded.

The no form of this command restores the default operation of discarding all ICMP echo request messages destined to the non-owner virtual router instance IP addresses.

Default

no ping-reply

policy
Syntax

policy vrrp-policy-id

no policy

Context

config>service>vprn>if>vrrp

config>service>vprn>if>ipv6>vrrp (7210 SAS-Mxp only)

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command associates a VRRP priority control policy with the virtual router instance (non-owner context only).

Parameters
vrrp-policy-id

Specifies a VRRP priority control policy.

Values

1 to 9999

preempt
Syntax

preempt

no preempt

Context

config>service>vprn>if>vrrp

config>service>vprn>if>ipv6>vrrp (7210 SAS-Mxp only)

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command overrides an existing non-owner master to the virtual router instance. Enabling preempt mode is recommended for correct operation of the base-priority and vrrp-policy-id definitions on the virtual router instance. If the virtual router cannot preempt an existing non-owner master, the affect of the dynamic changing of the in-use priority is greatly diminished.

The preempt command is only available in the non-owner vrrp virtual-router-id nodal context. The owner may not be preempted due to the fact that the priority of non-owners can never be higher than the owner. The owner always preempts all other virtual routers when it is available.

Non-owner virtual router instances only preempt when preempt is set and the current master has an in-use message priority value less than the virtual router instances in-use priority.

A master non-owner virtual router only allows itself to be preempted when the incoming VRRP Advertisement message Priority field value is one of the following:

  • Greater than the virtual router in-use priority value

  • Equal to the in-use priority value and the source IP address (primary IP address) is greater than the virtual router instance primary IP address

The no form of this command prevents a non-owner virtual router instance from preempting another, less desirable virtual router. Use the preempt command to restore the default mode.

Default

preempt

priority
Syntax

priority priority

no priority

Context

config>service>vprn>if>vrrp

config>service>vprn>if>ipv6>vrrp (7210 SAS-Mxp only)

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command provides configures a specific priority value to the virtual router instance. In conjunction with an optional policy command, the base-priority is used to derive the in-use priority of the virtual router instance.

The priority command is only available in the non-owner vrrp virtual-router-id nodal context. The priority of owner virtual router instances is permanently set to 255 and cannot be changed. For non-owner virtual router instances, if the priority command is not executed, the base-priority is set to 100.

The no form of this command restores the default value of 100 to base-priority.

Parameters
base-priority

Specifies the base priority used by the virtual router instance. If a VRRP priority control policy is not also defined, the base-priority is the in-use priority for the virtual router instance.

Values

1 to 254

Default

100

ssh-reply
Syntax

[no] ssh-reply

Context

config>service>vprn>if>vrrp

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command enables the non-owner master to reply to SSH Requests directed at the virtual router instance IP addresses. The SSH request can be received on any routed interface. SSH must not have been disabled at the management security level (either on the parental IP interface or based on the SSH source host address). Correct login and CLI command authentication is still enforced.

When ssh-reply is not enabled, SSH packets to non-owner master virtual IP addresses are silently discarded. Non-owner backup virtual routers never respond to SSH regardless of the ssh-reply configuration.

The ssh-reply command is only available in non-owner vrrp virtual-router-id nodal context. If the ssh-reply command is not executed, SSH packets to the virtual router instance IP addresses are silently discarded.

The no form of this command restores the default operation of discarding all SSH packets destined to the non-owner virtual router instance IP addresses.

Default

no ssh-reply

standby-forwarding
Syntax

[no] standby-forwarding

Context

config>service>vprn>if>vrrp

config>service>vprn>if>ipv6>vrrp (7210 SAS-Mxp only)

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command allows the forwarding of packets by a standby router.

The no form of this command specifies that a standby router should not forward traffic sent to virtual router's MAC address. However, the standby router should forward traffic sent to the standby router real MAC address.

Default

no standby-forwarding

telnet-reply
Syntax

[no] telnet-reply

Context

config>service>vprn>if>vrrp

config>service>vprn>if>ipv6>vrrp (7210 SAS-Mxp only)

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command enables the non-owner master to reply to TCP port 23 Telnet Requests directed at the virtual router instance IP addresses. The Telnet request can be received on any routed interface. Telnet must not have been disabled at the management security level (either on the parental IP interface or based on the Telnet source host address). Correct login and CLI command authentication is still enforced.

When telnet-reply is not enabled, TCP port 23 Telnet packets to non-owner master virtual IP addresses are silently discarded.

Non-owner backup virtual routers never respond to Telnet Requests regardless of the telnet-reply configuration.

The telnet-reply command is only available in non-owner VRRP nodal context. If the telnet-reply command is not executed, Telnet packets to the virtual router instance IP addresses are silently discarded.

The no form of this command restores the default operation of discarding all Telnet packets destined to the non-owner virtual router instance IP addresses.

Default

no telnet-reply

traceroute-reply
Syntax

[no] traceroute-reply

Context

config>service>vprn>if>vrrp

config>service>vprn>if>ipv6>vrrp (7210 SAS-Mxp only)

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command is valid only if the VRRP virtual router instance associated with this entry is a non-owner.

When this command is enabled, a non-owner master can reply to traceroute requests directed to the virtual router instance IP addresses.

A non-owner backup virtual router never responds to such traceroute requests regardless of the trace-route-reply status.

Default

no traceroute-reply

PIM commands
pim
Syntax

[no] pim

Context

config>service>vprn

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command configures a Protocol Independent Multicast (PIM) instance in the VPRN service. When an PIM instance is created, the protocol is enabled. PIM is used for multicast routing within the network. Devices in the network can receive the multicast feed requested and non-participating routers can be pruned. The supports PIM sparse mode (PIM-SM).

The no form of this command deletes the PIM protocol instance removing all associated configuration parameters.

import
Syntax

import {join-policy | register-policy} [policy-name [.. policy-name] policy-name...up to 5 max]

no import {join-policy | register-policy}

Context

config>service>vprn>pim

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command specifies the import route policy to be used for determining which routes are accepted from peers. Route policies are configured in the config>router>policy-options context. When an import policy is not specified, BGP routes are accepted by default.

The no form of this command removes the policy association from the IGMP instance.

Default

no import join-policy

no import register-policy

Parameters
join-policy

Filters PIM join messages which prevents unwanted multicast streams from traversing the network.

register-policy

Filters register messages. PIM register filters prevent register messages from being processed by the RP. This filter can only be defined on an RP. When a match is found, the RP immediately sends back a register-stop message.

policy-name

Specifies the route policy name. Allowed values are any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes. Route policies are configured in the config>router>policy-options context.

interface
Syntax

[no] interface ip-int-name

Context

config>service>vprn>pim

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command enables PIM on an interface and enables the context to configure interface-specific parameters. By default interfaces are activated in PIM based on the apply-to command, and do not have to be configured on an individual basis unless the default values must be changed.

The no form of this command deletes the PIM interface configuration for this interface. If the no command parameter is configured, the no interface form must be saved in the configuration to avoid automatic (re)creation after the next no is executed as part of a reboot.

The shutdown command can be used to disable an interface without removing the configuration for the interface.

Default

Interfaces are activated in PIM based on the apply-to command.

Parameters
ip-int-name

Specifies the interface name. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.

assert-period
Syntax

assert-period assert-period

no assert-period

Context

config>service>vprn>pim>if

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command configures the period in seconds for periodic refreshes of PIM Assert messages on an interface.

The no form of this command reverts to the default.

Default

60

Parameters
assert-period

Specifies the period, in seconds, for periodic refreshes of PIM Assert messages on an interface.

Values

1 to 300

bfd-enable
Syntax

[no] bfd-enable [ipv4]

Context

config>service>vprn>pim>if

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command enables the use of bidirectional forwarding (BFD) to control the state of the associated protocol interface. By enabling BFD on a specific protocol interface, the state of the protocol interface is tied to the state of the BFD session between the local node and the remote node. The parameters used for the BFD are set via the BFD command under the IP interface.

For more information about the protocols and platforms that support BFD, see the 7210 SAS-Mxp, R6, R12, S, Sx, T Router Configuration Guide.

The no form of this command removes BFD from the associated IGP protocol adjacency.

Default

no bfd-enable

bsm-check-rtr-alert
Syntax

[no] bsm-check-rtr-alert

Context

config>service>vprn>pim>if

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command enables the checking of router alert option in the bootstrap messages received on this interface.

Default

no bsm-check-rtr-alert

hello-interval
Syntax

hello-interval hello-interval

no hello-interval

Context

config>service>vprn>pim>if

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command configures the frequency at which PIM Hello messages are transmitted on this interface.

The no form of this command reverts to the default value.

Default

30

Parameters
hello-interval

Specifies the hello interval in seconds. A 0 (zero) value disables the sending of hello messages.

Values

0 to 255 seconds

hello-multiplier
Syntax

hello-multiplier deci-units

no hello-multiplier

Context

config>service>vprn>pim>if

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command configures the multiplier to determine the hold time for a PIM neighbor.

The hello-multiplier in conjunction with the hello-interval determines the holdtime for a PIM neighbor.

Parameters
deci-units

Specifies the value, specified in multiples of 0.1, for the formula used to calculate the hello-holdtime based on the hello-multiplier:

(hello-interval * hello-multiplier) / 10

This allows the PIMv2 default timeout of 3.5 seconds to be supported.

Values

20 to 100

Default

35

improved-assert
Syntax

[no] improved-assert

Context

config>service>vprn>pim>if

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command enables improved assert processing on this interface. The PIM assert process establishes a forwarder for a LAN and requires interaction between the control and forwarding planes.

The assert process is started when data is received on an outgoing interface. This could impact performance if data is continuously received on an outgoing interface.

When enabled, the PIM assert process is done entirely on the control-plane with no interaction between the control and forwarding plane.

Default

enabled

instant-prune-echo
Syntax

[no] instant-prune-echo

Context

config>service>vprn>pim>if

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command enables PIM router to echo the PIM prune message received from a downstream router. It is typically used in a multi-access broadcast network (for example: Ethernet LAN) to reduce the probability of loss of PIM prune messages.

Default

no instant-prune-echo

max-groups
Syntax

max-groups value

no max-groups

Context

config>service>vprn>pim>if

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command configures the maximum number of groups for which PIM can have downstream state based on received PIM Joins on this interface. This does not include IGMP local receivers on the interface. When this configuration is changed dynamically to a value lower than the currently accepted number of groups, the groups that are already accepted are not deleted. Only new groups are not allowed. When this object has a value of 0, there is no limit to the number of groups.

Parameters
value

Specifies the maximum number of groups for this interface.

Values

1 to 16000

multicast-senders
Syntax

multicast-senders {auto | always | never}

no multicast-senders

Context

config>service>vprn>pim>if

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command configures the way subnet matching is done for incoming data packets on this interface. An IP multicast sender is a user entity to be authenticated in a receiving host.

Parameters
auto

Specifies that subnet matching is automatically performed for incoming data packets on this interface.

always

Specifies that subnet matching is always performed for incoming data packets on this interface.

never

Specifies that subnet matching is never performed for incoming data packets on this interface.

priority
Syntax

priority dr-priority

no priority

Context

config>service>vprn>pim>if

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command sets the priority value to become the rendezvous point (RP) that is included in bootstrap messages sent by the router. The RP is sometimes called the bootstrap router. The priority command indicates whether the router is eligible to be a bootstrap router.

The no form of this command disqualifies the router to participate in the bootstrap election.

The default value means the router is the least likely to become the designated router.

Default

1

Parameters
dr-priority

Specifies the priority to become the designated router. The higher the value, the higher the priority.

Values

1 to 4294967295

sticky-dr
Syntax

sticky-dr [priority dr-priority]

no sticky-dr

Context

config>service>vprn>pim>if

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command enables sticky-dr operation on this interface. When enabled, the priority in PIM hellos sent on this interface when elected as the Designated Router (DR) is modified to the value configured in dr-priority. This is done to avoid the delays in forwarding caused by DR recovery, when switching back to the old DR on a LAN when it comes back up.

By enabling sticky-dr, this interface continues to act as the DR for the LAN even after the old DR comes back up.

The no form of this command disables sticky-dr operation on this interface.

Default

disabled

Parameters
priority dr-priority

Sets the DR priority to be sent in PIM Hello messages following the election of that interface as the DR, when sticky-dr operation is enabled.

Values

1 to 4294967295

three-way-hello
Syntax

three-way-hello

no three-way-hello

Context

config>service>vprn>pim>if

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command configures the compatibility mode for enabling the three-way hello.

tracking-support
Syntax

[no] tracking-support

Context

config>service>vprn>pim>if

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command sets the T bit in the LAN Prune Delay option of the Hello Message. This indicates the router's capability to disable Join message suppression.

Default

no tracking-support

non-dr-attract-traffic
Syntax

[no] non-dr-attract-traffic

Context

config>service>vprn>pim

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command specifies whether the router should ignore the designated router state and attract traffic even when it is not the designated router.

An operator can configure an interface (router or IES or VPRN interfaces) to IGMP and PIM. The interface IGMP state is synchronized to the backup node if it is associated with the redundant peer port. The interface can be configured to use PIM which causes multicast streams to be sent to the elected DR only. The DR is also the router sending traffic to the DSLAM. Because it may be required to attract traffic to both routers a flag non-dr-attract-trafffic can be used in the PIM context to have the router ignore the DR state and attract traffic when not DR. Note that while using this flag the router may not send the stream down to the DSLAM while not DR.

When enabled, the designated router state is ignored. When disabled, no non-dr-attract-traffic, the designated router value is honored.

Default

no non-dr-attract-traffic

rp
Syntax

rp

Context

config>service>vprn>pim

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command enables access to the context to configure the rendezvous point (RP) of a PIM protocol instance.

A Nokia PIM router acting as an RP must respond to a PIM register message specifying an SSM multicast group address by sending to the first hop router stop register messages. It does not build an (S, G) shortest path tree toward the first hop router. An SSM multicast group address can be either from the SSM default range of 232/8 or from a multicast group address range that was explicitly configured for SSM.

Default

rp enabled when PIM is enabled.

anycast
Syntax

[no] anycast rp-ip-address

Context

config>service>vprn>pim>rp

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command configures a PIM anycast protocol instance for the RP being configured. Anycast enables fast convergence when a PIM RP router fails by allowing receivers and sources to rendezvous at the closest RP.

The no form of this command removes the anycast instance from the configuration.

Parameters
rp-ip-address

Specifies the loopback IP address shared by all routes that form the RP set for this anycast instance. Only a single address can be configured. If another anycast command is entered with an address, the old address is replaced with the new address. If no ip-address is entered, the command is simply used to enter the anycast CLI level.

Values

Any valid loopback address configured on the node.

rp-set-peer
Syntax

[no] rp-set-peer ip-address

Context

config>service>vprn>pim>rp>anycast

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command configures a peer in the anycast rp-set. The address identifies the address used by the other node as the RP candidacy address for the same multicast group address range as configured on this node.

This is a manual procedure. Caution should be taken to produce a consistent configuration of an RP-set for a specific multicast group address range. The priority should be identical on each node and be a higher value than any other configured RP candidate that is not a member of this rp-set.

Although there is no set maximum of addresses that can be configured in an rp-set, up to 15 multicast addresses is recommended.

The no form of this command removes an entry from the list.

Parameters
ip-address

Specifies the address used by the other node as the RP candidacy address for the same multicast group address range as configured on this node.

bootstrap-export
Syntax

bootstrap-export policy-name [policy-name... up to five]

no bootstrap-export

Context

config>service>vprn>pim>rp

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command exports policies to control the flow of bootstrap messages from the RP. Up to five policies can be defined.

The no form of this command removes the specified policy names from the configuration.

Parameters
policy-name

Specifies the policy name. The policy statement must already be configured in the config>router>policy-options context.

bootstrap-import
Syntax

bootstrap-import policy-name [policy-name... up to 5 max]

no bootstrap-import policy-name [policy-name... up to 5 max]

Context

config>service>vprn>pim>rp

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command imports policies to control the flow of bootstrap messages into the RP. Up to five policies can be defined.

The no form of this command removes the specified policy names from the configuration.

Parameters
policy-name

Specifies the policy name. The policy statement must already be configured in the config>router>policy-options context.

bsr-candidate
Syntax

bsr-candidate

Context

config>service>vprn>pim>rp

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

Commands in this context configure a local rendezvous point (RP) of a PIM protocol instance.

Default

Enabled when PIM is enabled.

address
Syntax

[no] address ip-address

Context

config>service>vprn>pim>rp>bsr-candidate

config>service>vprn>pim>rp>rp-candidate

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command configures a static bootstrap or rendezvous point (RP) as long as the source is not directly attached to this router.

The no form of this command removes the static RP from the configuration.

Default

No IP address is specified.

Parameters
ip-address

Specifies the static IP address of the RP. The ip-address portion of the address command specifies the IP host address that is used by the IP interface within the subnet. This address must be unique within the subnet and specified in dotted-decimal notation.

Values

a.b.c.d

hash-mask-len
Syntax

hash-mask-len hash-mask-length

no hash-mask-len

Context

config>service>vprn>pim>rp>bsr-candidate

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command is used to configure the length of a mask that is to be combined with the group address before the hash function is called. All groups with the same hash map to the same RP. For example, if this value is 24, only the first 24 bits of the group addresses matter. This mechanism is used to map one group or multiple groups to an RP.

Parameters
hash-mask-length

The hash mask length.

Values

0 to 32

priority
Syntax

priority bootstrap-priority

Context

config>service>vprn>pim>rp>bsr-candidate

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command defines the priority used to become the rendezvous point (RP) . The higher the priority value the more likely that this router becomes the RP. If there is a tie, the router with the highest IP address is elected.

Parameters
bootstrap-priority

The priority to become the bootstrap router.

Values

0 to 255

Default

0 (the router is not eligible to be the bootstrap router)

rp-candidate
Syntax

rp-candidate

Context

config>service>vprn>pim>rp

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

Commands in this context configure the candidate rendezvous point (RP) parameters.

Default

Enabled when PIM is enabled.

group-range
Syntax

[no] group-range {grp-ip-address/mask | grp-ip-address [netmask]}

Context

config>service>vprn>pim>rp>rp-candidate

config>service>vprn>pim>ssm

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command configures the group address or range of group addresses for which this router can be the rendezvous point (RP).

The no form of this command removes the group address or range of group addresses for which this router can be the RP from the configuration.

Parameters
group-ip-address

Specifies the addresses or address ranges that this router can be an RP.

mask

Specifies the address mask with the address to define a range of addresses.

netmask

Specifies the subnet mask in dotted-decimal notation.

Values

a.b.c.d (network bits all 1 and host bits all 0)

holdtime
Syntax

holdtime holdtime

no holdtime holdtime

Context

config>service>vprn>pim>rp>rp-candidate

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command to defines the length of time neighboring routers consider this router to be up.

The no form of this command reverts to the default value.

Default

150

Parameters
holdtime

Specifies the length of time, in seconds, that neighbor should consider the sending router to be operational.

Values

0 to 255

priority
Syntax

priority priority

no priority priority

Context

config>router>pim>rp>local

config>service>vprn>pim>rp>rp-candidate

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command defines the priority used to become the rendezvous point (RP). The higher the priority value, the more likely that this router becomes the RP.

The no form of this command reverts to the default value.

Default

1

Parameters
priority

Specifies the priority to become the designated router. The higher the value the more likely the router becomes the RP.

Values

0 to 255

static
Syntax

static

Context

config>service>vprn>pim>rp

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command enables access to the context to configure a static rendezvous point (RP) of a PIM-SM protocol instance.

address
Syntax

[no] address ip-address

Context

config>service>vprn>pim>rp>static

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command configures the static rendezvous point (RP) address.

The override option specifies that dynamically learned RPs have less priority this static entry, by default dynamic learned RPs take preference over static configured RPs.

The no form of this command removes the static RP entry from the configuration.

group-prefix
Syntax

[no] group-prefix {grp-ip-address/mask | grp-ip-address netmask}

Context

config>service>vprn>pim>rp>static

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command defines a range of multicast-ip-addresses for which a certain RP is applicable.

The no form of this command removes the criterion.

Parameters
grp-ip-address

Specifies the multicast IP address.

mask

Specifies the mask of the multicast-ip-address.

Values

4 to 32

netmask

Specifies the subnet mask in dotted-decimal notation.

Values

a.b.c.d (network bits all 1 and host bits all 0)

override
Syntax

[no] override

Context

config>service>vprn>pim>rp>static

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command changes the precedence of static RP over dyanamically learned Rendezvous Point (RP).

When enabled, the static group-to-RP mappings take precedence over the dynamically learned mappings.

Default

no override

spt-switchover-threshold
Syntax

spt-switchover-threshold {grp-ip-address/mask | grp-ip-address netmask} spt-threshold

no spt-switchover-threshold {grp-ip-address/mask | grp-ip-address netmask}

Context

config>service>vprn>pim

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command configures a shortest path tree (SPT tree) switchover threshold for a group prefix.

Parameters
grp-ip-address

Specifies the multicast group address.

mask

Specifies the mask of the multicast-ip-address.

Values

4 to 32

netmask

Specifies the subnet mask in dotted-decimal notation.

Values

0.0.0.0 to 255.255.255.255 (network bits all 1 and host bits all 0)

spt-threshold

Specifies the configured threshold in kilo-bits per second(kbps) for the group to which this (S,G) belongs. For a group G configured with a threshold, switchover to SPT for an (S,G) is attempted only if the (S,G)'s rate exceeds this configured threshold.

ssm-assert-compatible-mode
Syntax

ssm-assert-compatible-mode [enable | disable]

Context

config>service>vprn>pim

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command specifies whether SSM assert is enabled in compatibility mode for this PIM protocol instance. When enabled for SSM groups, PIM considers the SPT bit to be implicitly set to compute the value of CouldAssert (S,G,I) as defined in RFC 4601, Protocol Independent Multicast - Sparse Mode (PIM-SM): Protocol Specification (Revised). When disabled, for SSM groups, PIM does not assume the SPT bit to be set. The SPT bit is set by the Update_SPTbit(S,G,iif) macro defined in RFC 4601.

Default

disable

Parameters
enable

Enables SSM assert in compatibility mode for this PIM protocol instance.

disable

Disables SSM assert in compatibility mode for this PIM protocol instance.

ssm-default-range-disable
Syntax

ssm-default-range-disable ipv4

Context

config>service>vprn>pim

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command specifies whether to disable the use of default range (232/8) for SSM so that it can be used by ASM to process (*,G). When enabled, the use of default range is disabled for SSM and it can be used by ASM. When disabled, the SSM default range is enabled.

Default

disable

ssm-groups
Syntax

[no] ssm-groups

Context

config>service>vprn

Platforms

7210 SAS-T (network operating mode) and 7210 SAS-Mxp

Description

This command configures a source-specific multicast (SSM) configuration instance.

Counter mode commands
statistics
Syntax

statistics

Context

config>service>vprn>if>sap

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

Commands in this context configure the counters associated with SAP ingress.

ingress
Syntax

ingress

Context

config>service>vprn>if>sap>statistics

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

Commands in this context configure the ingress SAP statistics counter.

counter-mode
Syntax

counter-mode {in-out-profile-count | forward-drop-count}

Context

config>service>vprn>if>sap>statistics>ingress

Platforms

7210 SAS-T (network operating mode), 7210 SAS-Mxp, and 7210 SAS-Sx/S 1/10GE (standalone and standalone-VC), and 7210 SAS-Sx 10/100GE

Description

This command sets the counter mode for the counters associated with sap ingress meters or policers. A pair of counters is available with each meter. These counters count different events based on the counter mode value.

Note:

The counter mode can be changed if an accounting policy is associated with a SAP. If the counter mode is changed, the counters associated with the meter are reset and the counts are cleared. If an accounting policy is in use when the counter-mode is changed, a new record is written into the current accounting file.

Execute the following sequence of commands on the specified SAP to ensure that the correct statistics are collected when the counter-mode is changed:

  1. Execute the command config>service>vprn>interface>sap>no collect-stats, to disable writing of accounting records for the SAP.

  2. Change the counter-mode to the desired option, execute the command config>service>vprn>interface>sap>statistics>ingress>counter-mode {in-out-profile-count | forward-drop-count}.

  3. Execute the command config>service>vprn>interface>sap>collect-stats, to enable writing of accounting records for the SAP.

The no form of this command restores the counter mode to the default value.

Default

in-out-profile-count

Parameters
in-out-profile-count

If the counter mode is specified as in-out-profile-count, one counter counts the total in-profile packets and octets received on ingress of a SAP and another counts the total out-of-profile packets and octets received on ingress of a SAP. A packet is determined to be in-profile or out-of-profile based on the meter rate parameters configured. A packet is dropped by the policer if it exceeds the configured PIR rate. Dropped counts are not maintained in hardware when this mode is used. It is obtained by subtracting the sum of in-profile count and out-of-profile count from the total SAP ingress received count and displayed.

forward-drop-count

If the counter mode is specified as forward-drop-count, one counter counts the forwarded packets and octets received on ingress of a SAP and another counts the dropped packets. The forwarded count is the sum of in-profile and out-of-profile packets/octets received on SAP ingress. The dropped count is count of packets/octets dropped by the policer. A packet is determined to be in-profile or out-of-profile based on the meter rate parameters configured. A packet is dropped by the policer if it exceeds the configured PIR rate. The in-profile count and out-of-profile count is not individually available when operating in this mode.

BGP commands
bgp
Syntax

[no] bgp

Context

config>service>vprn

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command enables the BGP protocol with the VPRN service.

The no form of this command disables the BGP protocol from the specific VPRN service.

Default

no bgp

advertise-inactive
Syntax

[no] advertise-inactive

Context

config>service>vprn>bgp

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command enables or disables the advertising of inactive BGP routers to other BGP peers.

By default, BGP only advertises BGP routes to other BGP peers if a specific BGP route is chosen by the route table manager as the most preferred route within the system and is active in the forwarding plane. This command allows system administrators to advertise a BGP route even though it is not the most preferred route within the system for a specific destination.

Default

no advertise-inactive

aggregator-id-zero
Syntax

[no] aggregator-id-zero

Context

config>service>vprn>bgp

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command sets the router ID in the BGP aggregator path attribute to zero when BGP aggregates routes. This prevents different routers within an AS from creating aggregate routes that contain different AS paths.

When BGP is aggregating routes, it adds the aggregator path attribute to the BGP update messages. By default, BGP adds the AS number and router ID to the aggregator path attribute.

When this command is enabled, BGP adds the router ID to the aggregator path attribute. This command is used at the group level to revert to the value defined under the global level, while this command is used at the neighbor level to revert to the value defined under the group level.

The no form of this command used at the global level reverts to default where BGP adds the AS number and router ID to the aggregator path attribute.

The no form of this command used at the group level reverts to the value defined at the group level.

The no form of this command used at the neighbor level reverts to the value defined at the group level.

Default

no aggregator-id-zero

always-compare-med
Syntax

always-compare-med {zero | infinity}

no always-compare-med

Context

config>service>vprn>bgp

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command specifies how the Multi-Exit Discriminator (MED) path attribute is used in the BGP route selection process. The MED attribute is always used in the route selection process regardless of the peer AS that advertised the route. This parameter determines what MED value is inserted in the RIB-IN. If this parameter is not configured, only the MEDs of routes that have the same peer ASs are compared.

The no form of this command removes the parameter from the configuration.

Default

no always-compare-med

Parameters
zero

Specifies that for routes learned without a MED attribute that a zero (0) value is used in the MED comparison. The routes with the lowest metric are the most preferred.

infinity

Specifies for routes learned without a MED attribute that a value of infinity (4294967295) is used in the MED comparison. This in effect makes these routes the least desirable.

as-path-ignore
Syntax

[no] as-path-ignore

Context

config>service>vprn>bgp

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command determines whether the AS path is used to determine the best BGP route.

If this option is present, the AS paths of incoming routes are not used in the route selection process.

The no form of this command removes the parameter from the configuration.

Default

no as-path-ignore

as-override
Syntax

[no] as-override

Context

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command replaces all instances of the peer's AS number with the local AS number in a BGP route's AS_PATH.

This command breaks the BGP's loop detection mechanism. It should be used carefully.

Default

not enabled

authentication-key
Syntax

authentication-key [authentication-key | hash-key] [hash | hash2]

no authentication-key

Context

config>service>vprn>bgp

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the BGP authentication key.

Authentication is performed between neighboring routers before setting up the BGP session by verifying the password. Authentication is performed using the MD-5 message-based digest. The authentication key can be any combination of letters or numbers from 1 to 16.

The no form of this command removes the authentication password from the configuration and effectively disables authentication.

Default

Authentication is disabled and the authentication password is empty.

Parameters
authentication-key

Specifies the authentication key. The key can be any combination of ASCII characters up to 255 characters (unencrypted). If spaces are used in the string, enclose the entire string in quotation marks (‟ ”).

hash-key

Specifies the hash key. The key can be any combination of ASCII characters up to 342 characters (encrypted). If spaces are used in the string, enclose the entire string in quotation marks (‟ ”).

This is useful when a user must configure the parameter, but, for security purposes, the actual unencrypted key value is not provided.

hash

Specifies the key is entered in an encrypted form. If the hash parameter is not used, the key is assumed to be in a non-encrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash parameter specified.

hash2

Specifies the key is entered in a more complex encrypted form. If the hash2 parameter is not used, the less encrypted hash form is assumed.

auth-keychain
Syntax

auth-keychain name

Context

config>service>vprn>bgp

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the BGP authentication key for all peers.

The keychain allows the rollover of authentication keys during the lifetime of a session.

Default

no auth-keychain

Parameters
name

Specifies the name of an existing keychain, up to 32 characters, to use for the specified TCP session or sessions.

backup-path
Syntax

[no] backup-path [ipv4] [ipv6]

Context

config>service>vprn>bgp

Platforms

7210 SAS-T, 7210 SAS-Sx/S 1/10GE (standalone and standalone-VC), 7210 SAS-Sx 10/100GE, and 7210 SAS-Mxp.

Description

This command enables the computation and use of a backup path for IPv4 and IPv6 BGP-learned prefixes belonging to the base router or a particular VPRN. Multiple paths must be received for a prefix to take advantage of this feature. When a prefix has a backup path and its primary paths fail the affected traffic is rapidly diverted to the backup path without waiting for control plane re-convergence to occur. When many prefixes share the same primary paths, and in some cases also the same backup path, the time to failover traffic to the backup path is independent of the number of prefixes.

By default, IPv4 and IPv6 prefixes do not have a backup path installed in the IOM.

Default

no backup-path

Parameters
ipv4

Enables the use of a backup path for BGP-learned unlabeled IPv4 prefixes.

ipv6

Enables the use of a backup path for BGP-learned unlabeled IPv6 prefixes.

connect-retry
Syntax

connect-retry seconds

no connect-retry

Context

config>service>vprn>bgp

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the BGP connect retry timer value in seconds.

When this timer expires, BGP tries to reconnect to the configured peer. This configuration parameter can be set at three levels: global level (applies to all peers), peer-group level (applies to all peers in group) or neighbor level (only applies to specified peer). The most specific value is used.

The no form of this command used at the global level reverts to the default value.

The no form of this command used at the group level reverts to the value defined at the global level.

The no form of this command used at the neighbor level reverts to the value defined at the group level.

Default

120

Parameters
seconds

The BGP Connect Retry timer value, in seconds, expressed as a decimal integer.

Values

1 to 65535

damping
Syntax

[no] damping

Context

config>service>vprn>bgp

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command enables BGP route damping for learned routes which are defined within the route policy. Use damping to reduce the number of update messages sent between BGP peers and reduce the load on peers without affecting the route convergence time for stable routes. Damping parameters are set via route policy definition.

The no form of this command used at the global level disables route damping.

The no form of this command used at the group level reverts to the value defined at the global level.

The no form of this command used at the neighbor level reverts to the value defined at the group level.

When damping is enabled and the route policy does not specify a damping profile, the default damping profile is used. This profile is always present and consists of the following parameters:

Half-life:

15 minutes

Max-suppress:

60 minutes

Suppress-threshold:

3000

Reuse-threshold

750

Default

no damping

disable-4byte-asn
Syntax

[no] disable-4byte-asn

Context

config>service>vprn>bgp

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command disables the use of 4-byte AS numbers. It can be configured at all 3 level of the hierarchy so it can be specified down to the per peer basis.

If this command is enabled 4-byte AS number support should not be negotiated with the associated remote peers.

The no form of this command resets the behavior to the default which is to enable the use of 4-byte AS number.

disable-capability-negotiation
Syntax

[no] disable-capability-negotiation

Context

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command disables the exchange of capabilities. When this command is enabled and after the peering is flapped, any new capabilities are not negotiated and strictly support IPv4 routing exchanges with that peer.

The no form of this command removes this command from the configuration and restores the normal behavior.

Default

no disable-capability-negotiation

disable-capability-negotiation
Syntax

[no] disable-capability-negotiation

Context

config>service>vprn>bgp

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command disables the exchange of capabilities. When command is enabled and after the peering is flapped, any new capabilities are not negotiated and strictly support IPv4 routing exchanges with that peer.

The no form of this command removes this command from the configuration and restores the normal behavior.

Default

no disable-capability-negotiation

disable-communities
Syntax

disable-communities [standard] [extended]

no disable-communities

Context

config>service>vprn>bgp

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures BGP to disable sending communities.

Parameters
standard

Specifies standard communities that existed before VPRNs or 2547.

extended

Specifies BGP communities used were expanded after the concept of 2547 was introduced, to include handling the VRF target.

disable-fast-external-failover
Syntax

[no] disable-fast-external-failover

Context

config>service>vprn>bgp

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures BGP fast external failover.

enable-peer-tracking
Syntax

[no] enable-peer-tracking

Context

config>service>vprn>bgp

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command enables BGP peer tracking.

Default

no enable-peer-tracking

export
Syntax

export policy [policy...]

no export

Context

config>service>vprn>bgp

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command specifies the export policies to be used to control routes advertised to BGP neighbors.

When multiple policy names are specified, the policies are evaluated in the order they are specified. A maximum of five (5) policy names can be configured. The first policy that matches is applied.

Note that if a non-existent route policy is applied to a VPRN instance, the CLI generates a warning message. This message is only generated at an interactive CLI session and the route policy association is made. No warning message is generated when a non-existent route policy is applied to a VPRN instance in a configuration file or when SNMP is used.

The no form of this command removes all route policy names from the export list.

Default

no export

Parameters
policy

Specifies a route policy statement name.

family
Syntax

family [ipv4] [ipv6]

no family

Context

config>service>vprn>bgp

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the IP family capability.

The no form of this command reverts to the default.

Default

no family

Parameters
ipv4

Specifies IPv4 support.

ipv6

Specifies IPv6 support.

group
Syntax

group name [dynamic-peer]

no group

Context

config>service>vprn>bgp

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures a BGP peer group.

The no form of this command deletes the specified peer group and all configurations associated with the peer group. The group must be shutdown before it can be deleted.

Parameters
name

Specifies the peer group name. Allowed values is a string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.

dynamic-peer

Specifies that the specific BGP group is used by BGP peers created dynamically based on subscriber-hosts pointing to corresponding BGP peering policy. There can be only one BGP group with this flag set in any specific VPRN. No BGP neighbors can be manually configured in a BGP group with this flag set.

Default

disabled

neighbor
Syntax

[no] neighbor ip-address

Context

config>service>vprn>bgp>group

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command creates a BGP peer/neighbor instance within the context of the BGP group.

This command can be issued repeatedly to create multiple peers and their associated configuration.

The no form of this command removes the specified neighbor and the entire configuration associated with the neighbor. The neighbor must be administratively shutdown before attempting to delete it. If the neighbor is not shutdown, the command does not result in any action except a warning message on the console indicating that neighbor is still administratively up.

Parameters
ip-address

Specifies the IP address of the BGP peer router in dotted-decimal notation.

Values

ipv4-address : a.b.c.d

family
Syntax

family [ipv4] [ipv6]

no family

Context

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command specifies the address family or families to be supported over BGP peerings in the base router. This command is additive so issuing the family command adds the specified address family to the list.

The no form of this command removes the specified address family from the associated BGP peerings. If an address family is not specified, reset the supported address family back to the default.

Default

ipv4

Parameters
ipv4

Specifies support for IPv4 routing information.

ipv6

Specifies support for IPv6 routing information.

hold-time
Syntax

hold-time seconds [strict]

no hold-time

Context

config>service>vprn>bgp

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the BGP hold time, expressed in seconds.

The BGP hold time specifies the maximum time BGP waits between successive messages (either keepalive or update) from its peer, before closing the connection. This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in group) or neighbor level (only applies to specified peer). The most specific value is used.

Even though the router OS implementation allows setting the keepalive time separately, the configured keepalive timer is overridden by the hold-time value under the following circumstances:

  1. If the specified hold-time is less than the configured keepalive time, the operational keepalive time is set to a third of the hold-time; the configured keepalive time is not changed.

  2. If the hold-time is set to zero, the operational value of the keepalive time is set to zero; the configured keepalive time is not changed. This means that the connection with the peer is up permanently and no keepalive packets are sent to the peer.

The no form of this command used at the global level reverts to the default value.

The no form of this command used at the group level reverts to the value defined at the global level.

The no form of this command used at the neighbor level reverts to the value defined at the group level.

Default

90

Parameters
seconds

The hold-time, in seconds, expressed as a decimal integer. A value of 0 indicates the connection to the peer is up permanently.

Values

0, 3 to 65535

strict

Specifies the advertised BGP hold-time from the far-end BGP peer must be greater than or equal to the specified value.

import
Syntax

import policy [policy...]

no import

Context

config>service>vprn>bgp

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command specifies the import policies to be used to control routes advertised to BGP neighbors. Route policies are configured in the config>router>policy-options context. When multiple policy names are specified, the policies are evaluated in the order they are specified. A maximum of five (5) policy names can be specified. The first policy that matches is applied.

The no form of this command removes all route policy names from the import list.

Default

no import

Parameters
policy

Specifies aroute policy statement name.

keepalive
Syntax

keepalive seconds

no keepalive

Context

config>service>vprn>bgp

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the BGP keepalive timer. A keepalive message is sent every time this timer expires. The seconds parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in peer-group) or neighbor level (only applies to specified peer). The most specific value is used.

The keepalive value is generally one-third of the hold-time interval. Even though the OS implementation allows the keepalive value and the hold-time interval to be independently set, under the following circumstances, the configured keepalive value is overridden by the hold-time value:

If the specified keepalive value is greater than the configured hold-time, the specified value is ignored, and the keepalive is set to one third of the current hold-time value.

If the specified hold-time interval is less than the configured keepalive value, the keepalive value is reset to one third of the specified hold-time interval.

If the hold-time interval is set to zero, the configured value of the keepalive value is ignored. This means that the connection with the peer is up permanently and no keepalive packets are sent to the peer.

The no form of this command used at the global level reverts to the default value.

The no form of this command used at the group level reverts to the value defined at the global level.

The no form of this command used at the neighbor level reverts to the value defined at the group level.

Default

30

Parameters
seconds

The keepalive timer, in seconds, expressed as a decimal integer.

Values

0 to 21845

local-address
Syntax

local-address ip-address

no local-address

Context

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

Configures the local IP address used by the group or neighbor when communicating with BGP peers.

Outgoing connections use the local-address as the source of the TCP connection when initiating connections with a peer.

When a local address is not specified, the 7210 SAS uses the system IP address when communicating with iBGP peers and uses the interface address for directly connected eBGP peers. This command is used at the neighbor level to revert to the value defined under the group level.

The no form of this command removes the configured local-address for BGP.

The no form of this command used at the group level reverts to the value defined at the global level.

The no form of this command used at the neighbor level reverts to the value defined at the group level.

Parameters
no local-address

Specifies the router ID is used when communicating with iBGP peers and the interface address is used for directly connected eBGP peers.

ip-address

Specifies the local address expressed in dotted-decimal notation. Allowed values are a valid routable IP address on the router, either an interface or system IP address.

local-as
Syntax

local-as as-number [private]

no local-as

Context

config>service>vprn>bgp

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures a BGP virtual autonomous system (AS) number.

In addition to the AS number configured for BGP in the config>router>autonomous-system context, a virtual (local) AS number is configured.The virtual AS number is added to the as-path message before the router AS number makes the virtual AS the second AS in the as-path.

This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in peer-group) or neighbor level (only applies to specified peer). Therefore, by specifying this at each neighbor level, it is possible to have a separate as-number per eBGP session.

When a command is entered multiple times for the same AS, the last command entered is used in the configuration. The private attribute can be added or removed dynamically by reissuing the command.

Changing the local AS at the global level in an active BGP instance causes the BGP instance to restart with the new local AS number. Changing the local AS at the global level in an active BGP instance causes BGP to reestablish the peer relationships with all peers in the group with the new local AS number. Changing the local AS at the neighbor level in an active BGP instance causes BGP to reestablish the peer relationship with the new local AS number.

This is an optional command and can be used in the following circumstance:

Provider router P is moved from AS1 to AS2. The customer router that is connected to P, however, is configured to belong to AS1. To avoid reconfiguring the customer router, the local-as value on router P can be set to AS1. Therefore, router P adds AS1 to the as-path message for routes it advertises to the customer router.

The no form of this command used at the global level removes any virtual AS number configured.

The no form of this command used at the group level reverts to the value defined at the global level.

The no form of this command used at the neighbor level reverts to the value defined at the group level.

Default

no local-as

Parameters
as-number

Specifies the virtual autonomous system number, expressed as a decimal integer.

Values

1 to 65535

private

Specifies the local-as is hidden in paths learned from the peering.

local-preference
Syntax

local-preference local-preference

no local-preference

Context

config>service>vprn>bgp

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command sets the BGP local-preference attribute in incoming routes if not specified and configures the default value for the attribute. This value is used if the BGP route arrives from a BGP peer without the local-preference integer set.

The specified value can be overridden by any value set via a route policy. This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in peer-group) or neighbor level (only applies to specified peer). The most specific value is used.

The no form of this command at the global level specifies that incoming routes with local-preference set are not overridden and routes arriving without local-preference set are interpreted as if the route had local-preference value of 100.

The no form of this command used at the group level reverts to the value defined at the global level.

The no form of this command used at the neighbor level reverts to the value defined at the group level.

The default of no-local-preference does not override the local-preference value set in arriving routes and analyze routes without local preference with value of 100.

Default

no local-preference

Parameters
local-preference

Specifies the local preference value to be used as the override value, expressed as a decimal integer.

Values

0 to 4294967295

loop-detect
Syntax

loop-detect {drop-peer | discard-route | ignore-loop | off}

no loop-detect

Context

config>service>vprn>bgp

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures how the BGP peer session handles loop detection in the AS path.

This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in peer-group) or neighbor level (only applies to specified peer). The most specific value is used.

Note that dynamic configuration changes of loop-detect are not recognized.

The no form of this command used at the global level reverts to default, which is loop-detect ignore-loop.

The no form of this command used at the group level reverts to the value defined at the global level.

The no form of this command used at the neighbor level reverts to the value defined at the group level.

Default

loop-detect ignore-loop

Parameters
drop-peer

Sends a notification to the remote peer and drops the session.

discard-route

Discards routes received with loops in the AS path.

ignore-loop

Ignores routes with loops in the AS path but maintains peering.

off

Disables loop detection.

med-out
Syntax

med-out {number | igp-cost}

no med-out

Context

config>service>vprn>bgp

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command enables advertising the Multi-Exit Discriminator (MED) and assigns the value used for the path attribute for the MED advertised to BGP peers if the MED is not already set.

The specified value can be overridden by any value set via a route policy.

This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in peer-group) or neighbor level (only applies to specified peer). The most specific value is used.

The no form of this command used at the global level reverts to default where the MED is not advertised.

The no form of this command used at the group level reverts to the value defined at the global level.

The no form of this command used at the neighbor level reverts to the value defined at the group level.

Default

no med-out

Parameters
number

Specifies the MED path attribute value, expressed as a decimal integer.

Values

0 to 4294967295

igp-cost

Specifies the MED is set to the IGP cost of the specific IP prefix.

min-as-origination
Syntax

min-as-origination seconds

no min-as-origination

Context

config>service>vprn>bgp

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the minimum interval, in seconds, at which a path attribute, originated by the local router, can be advertised to a peer.

This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in peer-group) or neighbor level (only applies to specified peer). The most specific value is used.

The no form of this command used at the global level reverts to default.

The no form of this command used at the group level reverts to the value defined at the global level.

The no form of this command used at the neighbor level reverts to the value defined at the group level.

Default

15

Parameters
seconds

Specifies the minimum path attribute advertising interval, in seconds, expressed as a decimal integer.

Values

2 to 255

min-route-advertisement
Syntax

min-route-advertisement seconds

no min-route-advertisement

Context

config>service>vprn>bgp

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the minimum interval, in seconds, at which a prefix can be advertised to a peer.

This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in peer-group) or neighbor level (only applies to specified peer). The most specific value is used.

The no form of this command reverts to default values.

Default

30

Parameters
seconds

The minimum route advertising interval, in seconds, expressed as a decimal integer.

Values

1 to 255

multihop
Syntax

multihop ttl-value

no multihop

Context

config>service>vprn>bgp

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the Time To Live (TTL) value entered in the IP header of packets sent to an eBGP peer multiple hops away.

This parameter is meaningful only when configuring eBGP peers. It is ignored if set for an iBGP peer.

The no form of this command is used to convey to the BGP instance that the eBGP peers are directly connected.

The no form of this command reverts to default values.

Default

1 — eBGP peers are directly connected.

64 — iBGP

Parameters
ttl-value

Specifies the TTL value, expressed as a decimal integer.

Values

1 to 255

next-hop-self
Syntax

[no] next-hop-self

Context

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the group or neighbor to always set the NEXTHOP path attribute to its own physical interface when advertising to a peer.

This is primarily used to avoid third-party route advertisements when connected to a multi-access network.

The no form of this command used at the group level allows third-party route advertisements in a multi-access network.

The no form of this command used at the neighbor level reverts to the value defined at the group level.

The default means that third-party route advertisements are allowed.

Default

no next-hop-self

peer-as
Syntax

peer-as as-number

Context

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the autonomous system number for the remote peer. The peer AS number must be configured for each configured peer.

For eBGP peers, the peer AS number configured must be different from the autonomous system number configured for this router under the global level, because the peer is in a different autonomous system than this router.

For iBGP peers, the peer AS number must be the same as the autonomous system number of this router configured under the global level.

This is a required command for each configured peer. This may be configured under the group level for all neighbors in a particular group.

Default

No AS numbers are defined.

Parameters
as-number

The autonomous system number, expressed as a decimal integer.

Values

1 to 65535

preference
Syntax

[no] preference preference

Context

config>service>vprn>bgp

config>service>vprn>bgp>group

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the route preference for routes learned from the configured peers.

This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in peer-group) or neighbor level (only applies to specified peer). The most specific value is used.

The lower the preference the higher the chance of the route being the active route. The OS assigns BGP routes highest default preference compared to routes that are direct, static or learned via MPLS or OSPF.

The no form of this command used at the global level reverts to default value.

The no form of this command used at the group level reverts to the value defined at the global level.

The no form of this command used at the neighbor level reverts to the value defined at the group level.

Default

170

Parameters
preference

Specifies the route preference, expressed as a decimal integer.

Values

1 to 255

path-mtu-discovery
Syntax

[no] path-mtu-discovery

Context

config>router>bgp

config>router>bgp>group

config>router>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command enables path MTU discovery for the associated TCP connections. In doing so, the MTU for the associated TCP session is initially set to the egress interface MTU. The DF bit is also set so that if a router along the path of the TCP connection cannot handle a packet of a particular size without fragmenting, it sends back an ICMP message to set the path MTU for the specific session to a lower value that can be forwarded without fragmenting.

The no form of this command disables path MTU discovery.

Default

no path-mtu-discovery

prefix-limit
Syntax

prefix-limit limit [log-only] [threshold percent]

no prefix-limit

Context

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the maximum number of routes BGP can learn from a peer.

When the number of routes reaches a certain percentage (default is 90% of this limit), an SNMP trap is sent. When the limit is exceeded, the BGP peering is dropped and disabled.

The no form of this command removes the prefix-limit.

Default

no prefix-limit

Parameters
limit

Specifies the number of routes that can be learned from a peer, expressed as a decimal integer.

Values

1 to 4294967295

log-only

Enables the warning message to be sent at the specified threshold percentage, and also when the limit is exceeded. However, the BGP peering is not dropped.

percent

Specifies the threshold value (as a percentage) that triggers a warning message to be sent. The default value is 90%.

rapid-withdrawal
Syntax

[no] rapid-withdrawal

Context

config>service>vprn>bgp

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command disables the delay (Minimum Route Advertisement) on sending BGP withdrawals. Normal route withdrawals may be delayed up to the minimum route advertisement to allow for efficient packing of BGP updates.

The no form of this command removes this command from the configuration and returns withdrawal processing to the normal behavior.

Default

no rapid-withdrawal

remove-private
Syntax

[no] remove-private

Context

config>service>vprn>bgp

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command allows private AS numbers to be removed from the AS path before advertising them to BGP peers.

When the remove-private parameter is set at the global level, it applies to all peers regardless of group or neighbor configuration. When the parameter is set at the group level, it applies to all peers in the group regardless of the neighbor configuration.

The software recognizes the set of AS numbers that are defined by IANA as private. These are AS numbers in the range 64512 through 65535, inclusive.

The no form of this command used at the global level reverts to default value.

The no form of this command used at the group level reverts to the value defined at the global level. The no form of this command used at the neighbor level reverts to the value defined at the group level.

Default

no remove-private — Private AS numbers are included in the AS path attribute.

type
Syntax

[no] type {internal | external}

Context

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command designates the BGP peer as type internal or external.

The type of internal indicates the peer is an iBGP peer while the type of external indicates that the peer is an eBGP peer.

By default, the software derives the type of neighbor based on the local AS specified. If the local AS specified is the same as the AS of the router, the peer is considered internal. If the local AS is different, the peer is considered external.

The no form of this command used at the group level reverts to the default value.

The no form of this command used at the neighbor level reverts to the value defined at the group level.

Default

no type — Type of neighbor is derived on the local AS specified.

Parameters
internal

Configures the peer as internal.

external

Configures the peer as external.

ttl-security
Syntax

ttl-security min-ttl-value

no ttl-security

Context

config>service>vprn>bgp>group

config>service>vprn>bgp>group>neighbor

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures TTL security parameters for incoming packets.

Parameters
min-ttl-value

Specifies the minimum TTL value for an incoming BGP packet.

Values

1 to 255

Default

1

OSPF commands
ospf
Syntax

[no] ospf

Context

config>service>vprn

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command enables access to the context to enable an OSPF protocol instance.

When an OSPF instance is created, the protocol is enabled. To start or suspend execution of the OSPF protocol without affecting the configuration, use the no shutdown command.

The no form of this command deletes the OSPF protocol instance removing all associated configuration parameters.

Default

no ospf

area
Syntax

[no] area area-id

Context

config>service>vprn>ospf

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command creates the context to configure an OSPF area. An area is a collection of network segments within an AS that have been administratively grouped together. The area ID can be specified in dotted-decimal notation or as a 32-bit decimal integer.

The no form of this command deletes the specified area from the configuration. Deleting the area also removes the OSPF configuration of all the interfaces, virtual-links, sham-links, address-ranges, and so on that are currently assigned to this area.

Default

no area

Parameters
area-id

Specifies the OSPF area ID expressed in dotted-decimal notation or as a 32-bit decimal integer.

Values

a.b.c.d (dotted-decimal)

0 to 4294967295 (decimal integer)

area-range
Syntax

area-range ip-prefix/prefix-length [advertise | not-advertise]

no area-range ip-prefix/mask

no area-range ip-prefix/mask

Context

config>service>vprn>ospf>area

ospf>service>vprn>nssa

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command creates ranges of addresses on an Area Border Router (ABR) for the purpose of route summarization or suppression. When a range is created, the range is configured to be advertised or not advertised into other areas. Multiple range commands may be used to summarize or hide different ranges. In the case of overlapping ranges, the most specific range command applies.

ABRs send summary link advertisements to describe routes to other areas. To minimize the number of advertisements that are flooded, you can summarize a range of IP addresses and send reachability information about these addresses in an LSA.

The no form of this command deletes the range (non) advertisement.

Default

no area-range

Special Cases
NSSA Context

In the NSSA context, the option specifies that the range applies to external routes (via type-7 LSAs) learned within the NSSA when the routes are advertised to other areas as type-5 LSAs.

Area Context

If this command is not entered under the NSSA context, the range applies to summary LSAs even if the area is an NSSA.

Parameters
ipv6-prefix/prefix-length

Specifies the IP prefix in dotted-decimal notation for the range used by the ABR to advertise that summarizes the area into another area.

Values

ipv6-prefix - x:x:x:x:x:x:x:x (eight 16-bit pieces)

  • x:x:x:x:x:x:d.d.d.d
  • x [0..FFFF]H
  • d [0..255]D
  • prefix-length - [0..128]
mask

Specifies the subnet mask for the range expressed as a decimal integer mask length or in dotted-decimal notation.

Values

0 to 32 (mask length), a.b.c.d (dotted-decimal)

advertise | not-advertise

Specifies whether to advertise the summarized range of addresses into other areas. The advertise keyword indicates the range is advertised, and the keyword not-advertise indicates the range is not advertised.

The default is advertise.

blackhole-aggregate
Syntax

[no] blackhole-aggregate

Context

config>service>vprn>ospf>area

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command installs a low priority blackhole route for the entire aggregate. Existing routes that make up the aggregate have a higher priority and only the components of the range for which no route exists are blackholed.

It is possible that when performing area aggregation, addresses may be included in the range for which no actual route exists. This can cause routing loops. To avoid this problem configure the blackhole aggregate option.

The no form of this command removes this option.

Default

blackhole-aggregate

interface
Syntax

[no] interface ip-int-name [secondary]

Context

config>service>vprn>ospf>area

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command creates a context to configure an OSPF interface.

By default interfaces are not activated in any interior gateway protocol such as OSPF unless explicitly configured.

The no form of this command deletes the OSPF interface configuration for this interface. The shutdown command in the config>router>ospf>interface context can be used to disable an interface without removing the configuration for the interface.

Default

no interface

Parameters
ip-int-name

Specifies the IP interface name. Interface names must be unique within the group of defined IP interfaces for config router interface and config service vprn interface commands. An interface name cannot be in the form of an IP address. Interface names can be any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.

If the IP interface name does not exist or does not have an IP address configured an error message is returned.

If the IP interface exists in a different area it is moved to this area.

secondary

Allows multiple secondary adjacencies to be established over a single IP interface.

sham-link
Syntax

sham-link ip-int-name ip-address

Context

config>service>vprn>ospf>area

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command is similar to a virtual link with the exception that metric must be included to distinguish the cost between the MPLS-VPRN link and the backdoor.

Parameters
ip-int-name

Specifies the local interface name used for the sham-link. This is a mandatory parameter and interface names must be unique within the group of defined IP interfaces for config>router>interface, config>service>ies>interface and config>service>vprn>interface commands. An interface name cannot be in the form of an IP address. Interface names can be any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters, the entire string must be enclosed within double quotes. If the IP interface name does not exist or does not have an IP address configured, an error message is returned.

ip-address

Specifies the IP address of the SHAM-link neighbor in IP address dotted-decimal notation. This parameter is the remote peer of the sham link IP address used to set up the SHAM link. This is a mandatory parameter and must be a valid IP address.

advertise-subnet
Syntax

[no] advertise-subnet

Context

config>service>vprn>ospf>area>if

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command enables advertising point-to-point interfaces as subnet routes (network number and mask). When disabled, point-to-point interfaces are advertised as host routes.

Note:

This command is not valid in the OSPF3 context.

The no form of this command disables advertising point-to-point interfaces as subnet routes meaning they are advertised as host routes.

Default

advertise-subnet

authentication-key
Syntax

authentication-key [authentication-key | hash-key] [hash | hash2]

no authentication-key

Context

config>service>vprn>ospf>area>if

config>service>vprn>ospf>area>virtual-link

config>service>vprn>ospf>area>sham-link

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the password used by the OSPF interface or virtual-link to send and receive OSPF protocol packets on the interface when simple password authentication is configured.

Note that this command is not valid in the OSPF3 context.

All neighboring routers must use the same type of authentication and password for correct protocol communication. If the authentication-type is configured as password, this key must be configured.

The no form of this command removes the authentication key.

Default

no authentication-key

Parameters
authentication-key

Specifies the authentication key. The key can be any combination of ASCII characters up to 8 characters (unencrypted). If spaces are used in the string, enclose the entire string in quotation marks (‟ ”).

hash-key

Specifies the hash key. The key can be any combination of ASCII characters up to 22 characters (encrypted). If spaces are used in the string, enclose the entire string in quotation marks (‟ ”).

This is useful when a user must configure the parameter, but, for security purposes, the actual unencrypted key value is not provided.

hash

Specifies that the key is entered in an encrypted form. If the hash parameter is not used, the key is assumed to be in a non-encrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash parameter specified.

hash2

Specifies the key is entered in a more complex encrypted form. If the hash2 parameter is not used, the less encrypted hash form is assumed.

authentication-type
Syntax

authentication-type {password | message-digest}

no authentication-type

Context

config>service>vprn>ospf>area>if

config>service>vprn>ospf>area>virtual-link

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command enables authentication and specifies the type of authentication to be used on the OSPF interface, virtual-link, and sham-link.

Note that this command is not valid in the OSPF3 context.

Both simple password and message-digest authentication are supported.

The no form of this command disables authentication on the interface.

Default

no authentication

Parameters
password

Enables simple password (plain text) authentication. If authentication is enabled and no authentication type is specified in the command, simple password authentication is enabled.

message-digest

Enables message digest MD5 authentication in accordance with RFC1321. If this option is configured, at least one message-digest-key must be configured

bfd-enable
Syntax

bfd-enable [remain-down-on-failure]

no bfd-enable

Context

config>service>vprn>ospf>area>if

config>service>vprn>ospf>area>virtual-link

config>service>vprn>ospf>area>sham-link

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command enables the use of bidirectional forwarding (BFD) to control the state of the associated protocol interface. By enabling BFD on a specific protocol interface, the state of the protocol interface is tied to the state of the BFD session between the local node and the remote node. The parameters used for the BFD are set via the BFD command under the IP interface.

Note:

  • BFD is not supported for IPv6 interfaces.

  • For more information about the protocols and platforms that support BFD, see the 7210 SAS-Mxp, R6, R12, S, Sx, T Router Configuration Guide.

The no form of this command removes BFD from the associated IGP protocol adjacency.

Default

no bfd-enable

Parameters
remain-down-on-failure

Forces adjacency down on BFD failure.

dead-interval
Syntax

dead-interval seconds

no dead-interval

Context

config>service>vprn>ospf>area>if

config>service>vprn>ospf>area>virtual-link

config>service>vprn>ospf>area>sham-link

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the time, in seconds, that OSPF waits before declaring a neighbor router down. If no hello packets are received from a neighbor for the duration of the dead interval, the router is assumed to be down. The minimum interval must be two times the hello interval.

The no form of this command reverts to the default value.

Default

40

Special Cases
OSPF Interface

If the dead-interval configured applies to an interface, all nodes on the subnet must have the same dead interval.

Virtual Link

If the dead-interval configured applies to a virtual link, the interval on both termination points of the virtual link must have the same dead interval.

Sham-link — If the dead-interval configured applies to a sham-link, the interval on both endpoints of the sham-link must have the same dead interval.

Parameters
seconds

Specifies the dead interval, in seconds, expressed as a decimal integer.

Values

2 to 2147483647

hello-interval
Syntax

hello-interval seconds

no hello-interval

Context

config>service>vprn>ospf>area>if

config>service>vprn>ospf>area>virtual-link

config>service>vprn>ospf>area>sham-link

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the interval between OSPF hellos issued on the interface, virtual link, or sham-link.

The hello interval, in combination with the dead-interval, is used to establish and maintain the adjacency. Use this parameter to edit the frequency that hello packets are sent.

Reducing the interval, in combination with an appropriate reduction in the associated dead-interval, allows for faster detection of link and/or router failures at the cost of higher processing costs.

The no form of this command reverts to the default value.

Default

hello-interval 10

Special Cases
OSPF Interface

If the hello-interval configured applies to an interface, all nodes on the subnet must have the same hello interval.

Virtual Link

If the hello-interval configured applies to a virtual link, the interval on both termination points of the virtual link must have the same hello interval.

Sham Link

If the hello-interval configured applies to a sham-link, the interval on both endpoints of the sham-link must have the same hello interval

Parameters
seconds

Specifies the hello interval, in seconds, expressed as a decimal integer.

Values

1 to 65535

interface-type
Syntax

interface-type {broadcast | point-to-point}

no interface-type

Context

config>service>vprn>ospf>area>if

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the interface type to be either broadcast or point-to-point.

Use this command to set the interface type of an Ethernet link to point-to-point to avoid having to carry the broadcast adjacency maintenance overhead if the Ethernet link provided the link is used as a point-to-point.

If the interface type is not known at the time the interface is added to OSPF and subsequently the IP interface is bound (or moved) to a different interface type, this command must be entered manually.

The no form of this command reverts to the default value.

Default

point-to-point — If the physical interface is SONET.

broadcast — If the physical interface is Ethernet or unknown.

Special Cases
Virtual-Link

A virtual link is always regarded as a point-to-point interface and not configurable.

Parameters
broadcast

Configures the interface to maintain this link as a broadcast network. To significantly improve adjacency forming and network convergence, a network should be configured as point-to-point if only two routers are connected, even if the network is a broadcast media such as Ethernet.

point-to-point

Configures the interface to maintain this link as a point-to-point link.

message-digest-key
Syntax

message-digest-key keyid md5 [key | hash-key] [hash]

no message-digest-key keyid

Context

config>service>vprn>ospf>area>if

config>service>vprn>ospf>area>virtual-link

config>service>vprn>ospf>area>sham-link

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures a message digest key when MD5 authentication is enabled on the interface, virtual-link or sham-link. Multiple message digest keys can be configured.

Note that this command is not valid in the OSPF3 context.

The no form of this command removes the message digest key identified by the key-id.

Parameters
keyid

Specifies the keyid expressed as a decimal integer.

Values

1 to 255

md5 key

Specifies the MD5 key. The key can be any alphanumeric string up to 16 characters.

md5 hash-key

Specifies the MD5 hash key. The key can be any combination of ASCII characters up to 32 characters (encrypted). If spaces are used in the string, enclose the entire string in quotation marks (‟ ”).

This is useful when a user must configure the parameter, but, for security purposes, the actual unencrypted key value is not provided.

hash

Specifies that the key is entered in an encrypted form. If the hash parameter is not used, the key is assumed to be in a non-encrypted, clear text form. For security, all keys are stored in encrypted form in the configuration file with the hash parameter specified.

metric
Syntax

metric metric

no metric

Context

config>service>vprn>ospf>area>if

config>service>vprn>ospf>area>sham-link

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures an explicit route cost metric for the OSPF interface that overrides the metrics calculated based on the speed of the underlying link.

The no form of this command deletes the manually configured interface metric, so the interface uses the computed metric based on the reference-bandwidth command setting and the speed of the underlying link.

Default

no metric

Parameters
metric

Specifies the metric to be applied to the interface expressed as a decimal integer.

Values

1 to 65535

mtu
Syntax

mtu bytes

no mtu

Context

config>service>vprn>ospf>area>if

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the OSPF packet size used on this interface. If this parameter is not configured OSPF derives the MTU value from the MTU configured (default or explicitly) in the config>port>ethernet context.

If this parameter is configured, the smaller value between the value configured here and the MTU configured (default or explicitly) in a previously-mentioned context is used.

To determine the actual packet size add 14 bytes for an Ethernet packet and 18 bytes for a tagged Ethernet packet to the size of the OSPF (IP) packet MTU configured in this command.

The no form of this command reverts to the default, which uses the value derived from the MTU configured in the config>port context.

Default

no mtu

Parameters
bytes

Specifies the MTU to be used by OSPF for this logical interface in bytes.

Values

512 to 9198 (9212-14) (Depends on the physical media)

passive
Syntax

[no] passive

Context

config>service>vprn>ospf>area>if

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command adds the passive property to the OSPF interface where passive interfaces are advertised as OSPF interfaces but do not run the OSPF protocol.

By default, only interface addresses that are configured for OSPF are advertised as OSPF interfaces. The passive parameter allows an interface to be advertised as an OSPF interface without running the OSPF protocol.

While in passive mode, the interface ignores ingress OSPF protocol packets and does not transmit any OSPF protocol packets.

By default, service interfaces defined in the config>router>service-prefix context are passive. All other interfaces are not passive.

The no form of this command removes the passive property from the OSPF interface.

priority
Syntax

priority number

no priority

Context

config>service>vprn>ospf>area>if

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the priority of the OSPF interface that is used an election of the designated router on the subnet.

This command is only used if the interface is of type broadcast. The router with the highest priority interface becomes the designated router. A router with priority 0 is not eligible to be Designated Router or Backup Designated Router.

The no form of this command reverts the interface priority to the default value.

Default

priority 1

Parameters
number

Specifies the interface priority expressed as a decimal integer. A value of 0 indicates the router is not eligible to be the Designated Router of Backup Designated Router on the interface subnet.

Values

0 to 255

retransmit-interval
Syntax

retransmit-interval seconds

no retransmit-interval

Context

config>service>vprn>ospf>area>if

config>service>vprn>ospf>area>virtual-link

config>service>vprn>ospf>area>sham-link

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command specifies the length of time, in seconds, that OSPF waits before retransmitting an unacknowledged link state advertisement (LSA) to an OSPF neighbor.

The value should be longer than the expected round trip delay between any two routers on the attached network. When the retransmit-interval expires and no acknowledgment has been received, the LSA is retransmitted.

The no form of this command reverts to the default value.

Default

retransmit-interval 5

Parameters
seconds

Specifies the retransmit interval in seconds expressed as a decimal integer.

Values

1 to 3600

transit-delay
Syntax

transit-delay seconds

no transit-delay

Context

config>service>vprn>ospf>area>if

config>service>vprn>ospf>area>virtual-link

config>service>vprn>ospf>area>sham-link

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the estimated time, in seconds, that it takes to transmit a link state advertisement (LSA) on the interface or virtual link or sham-link.

The no form of this command reverts to the default delay time.

Default

transit-delay 1

Parameters
seconds

Specifies the transit delay in seconds expressed as a decimal integer.

Values

0 to 3600

nssa
Syntax

[no] nssa

Context

config>service>vprn>ospf>area

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command creates the context to configure an OSPF Not So Stubby Area (NSSA) and adds/removes the NSSA designation from the area.

NSSAs are similar to stub areas in that no external routes are imported into the area from other OSPF areas. The major difference between a stub area and an NSSA is an NSSA has the capability to flood external routes that it learns throughout its area and via an ABR to the entire OSPF domain.

Existing virtual links of a non-stub or NSSA area are removed when the designation is changed to NSSA or stub.

An area can be designated as stub or NSSA but never both at the same time.

By default, an area is not configured as an NSSA area.

The no form of this command removes the NSSA designation and configuration context from the area.

Default

no nssa

originate-default-route
Syntax

originate-default-route [type-7]

no originate-default-route

Context

config>service>vprn>ospf>area>nssa

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command enables the generation of a default route and its LSA type (3 or 7) into a Not So Stubby Area (NSSA) by an NSSA Area Border Router (ABR).

When configuring an NSSA with no summaries, the ABR injects a type 3 LSA default route into the NSSA area. Some older implementations expect a type 7 LSA default route.

The no form of this command disables origination of a default route.

Default

no originate-default-route

Parameters
type-7

Specifies a type 7 LSA should be used for the default route.

Configure this parameter to inject a type-7 LSA default route instead the type 3 LSA into the NSSA configured with no summaries. To revert to a type 3 LSA, enter originate-default-route without the type-7 parameter.

Default

Type 3 LSA for the default route.

redistribute-external
Syntax

[no] redistribute-external

Context

config>service>vprn>ospf>area>nssa

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command enables the redistribution of external routes into the Not So Stubby Area (NSSA) or an NSSA area border router (ABR) that is exporting the routes into non-NSSA areas.

NSSA are similar to stub areas in that no external routes are imported into the area from other OSPF areas. The major difference between a stub area and an NSSA is that the NSSA has the capability to flood external routes that it learns (providing it is an ASBR) throughout its area and via an Area Border Router to the entire OSPF domain.

The no form of this command disables the default behavior to automatically redistribute external routes into the NSSA area from the NSSA ABR.

Default

redistribute-external

summaries
Syntax

[no] summaries

Context

config>service>vprn>ospf>area>nssa

config>service>vprn>ospf>area>stub

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command enables sending summary (type 3) advertisements into a stub area or Not So Stubby Area (NSSA) on an Area Border Router (ABR). This parameter is particularly useful to reduce the size of the routing and Link State Database (LSDB) tables within the stub or nssa area. By default, summary route advertisements are sent into the stub area or NSSA.

The no form of this command disables sending summary route advertisements and, for stub areas, only the default route is advertised by the ABR.

Default

summaries

stub
Syntax

[no] stub

Context

config>service>vprn>ospf>area

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command enables access to the context to configure an OSPF stub area and adds/removes the stub designation from the area. External routing information is not flooded into stub areas. All routers in the stub area must be configured with the stub command. An OSPF area cannot be both an NSSA and a stub area. Existing virtual links of a non-stub area or NSSA are removed when its designation is changed to NSSA or STUB.

By default, an area is not a stub area.

The no form of this command removes the stub designation and configuration context from the area.

Default

no stub

default-metric
Syntax

default-metric metric

no default-metric

Context

config>service>vprn>ospf>area>stub

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the metric used by the area border router (ABR) for the default route into a stub area. The default metric should only be configured on an ABR of a stub area. An ABR generates a default route if the area is a stub area.

The no form of this command reverts to the default value.

Default

default-metric 1

Parameters
metric

Specifies the metric expressed as a decimal integer for the default route cost to be advertised into the stub area.

Values

1 to 16777215

virtual-link
Syntax

[no] virtual-link router-id transit-area area-id

Context

config>service>vprn>ospf>area

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures a virtual link to connect area border routers to the backbone via a virtual link. The backbone area (area 0.0.0.0) must be contiguous and all other areas must be connected to the backbone area. If it is not practical to connect an area to the backbone (see area 0.0.0.2 in OSPF areas), the area border routers (routers 1 and 2 in OSPF areas) must be connected via a virtual link. The two area border routers form a point-to-point like adjacency across the transit area (area 0.0.0.1 in OSPF areas). A virtual link can only be configured while in the area 0.0.0.0 context.

The router-id specified in this command must be associated with the virtual neighbor. The transit area cannot be a stub area or a Not So Stubby Area (NSSA).

The no form of this command deletes the virtual link.

Parameters
router-id

Specifies the router ID of the virtual neighbor in IP address dotted-decimal notation.

transit-area area-id

Specifies the area-id specified identifies the transit area that links the backbone area with the area that has no physical connection with the backbone.

The OSPF backbone area, area 0.0.0.0, must be contiguous and all other areas must be connected to the backbone area. The backbone distributes routing information between areas. If it is not practical to connect an area to the backbone (see Area 0.0.0.5 in the following figure), the area border routers (such as routers Y and Z) must be connected via a virtual link. The two area border routers form a point-to-point-like adjacency across the transit area (see Area 0.0.0.4).

Figure 9. OSPF areas
compatible-rfc1583
Syntax

[no] compatible-rfc1583

Context

config>service>vprn>ospf

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command enables OSPF summary and external route calculations in compliance with RFC1583 and earlier RFCs.

RFC1583 and earlier RFCs use a different method to calculate summary and external route costs. To avoid routing loops, all routers in an OSPF domain should perform the same calculation method.

Although it would be favorable to require all routers to run a more current compliance level, this command allows the router to use obsolete methods of calculation.

The no form of this command enables the post-RFC1583 method of summary and external route calculation.

Default

compatible-rfc1583

export
Syntax

export policy-name [policy-name…]

no export

Context

config>service>vprn>ospf

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command associates export route policies to determine which routes are exported from the route table to OSPF. Export polices are only in effect if OSPF is configured as an ASBR.

If no export policy is specified, non-OSPF routes are not exported from the routing table manager to OSPF.

If multiple policy names are specified, the policies are evaluated in the order they are specified. The first policy that matches is applied. If multiple export commands are issued, the last command entered overrides the previous command. A maximum of five policy names can be specified.

The no form of this command removes all policies from the configuration.

Default

no export

Parameters
policy-name

Specifies the export route policy name. Allowed values are any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.

The specified names must already be defined.

external-db-overflow
Syntax

external-db-overflow limit interval

no external-db-overflow

Context

config>service>vprn>ospf

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command enables limits on the number of non-default AS-external-LSA entries that can be stored in the LSDB and specifies a wait timer before processing these after the limit is exceeded.

The limit value specifies the maximum number of non-default AS-external-LSA entries that can be stored in the link-state database (LSDB). Placing a limit on the non-default AS-external-LSAs in the LSDB protects the router from receiving an excessive number of external routes that consume excessive memory or CPU resources. If the number of routes reach or exceed the limit, the table is in an overflow state. When in an overflow state, the router does not originate any new AS-external-LSAs. In fact, it withdraws all the self-originated non-default external LSAs.

The interval specifies the amount of time to wait after an overflow state before regenerating and processing non-default AS-external-LSAs. The waiting period acts like a dampening period preventing the router from continuously running Shortest Path First (SPF) calculations caused by the excessive number of non-default AS-external LSAs.

The external-db-overflow must be set identically on all routers attached to any regular OSPF area. OSPF stub areas and not-so-stubby areas (NSSAs) are excluded.

The no form of this command disables limiting the number of non-default AS-external-LSA entries.

Default

no external-db-overflow

Parameters
limit

Specifies the maximum number of non-default AS-external-LSA entries that can be stored in the LSDB before going into an overflow state expressed as a decimal integer.

Values

-1 to 2147483647

interval

Specifies the number of seconds after entering an overflow state before attempting to process non-default AS-external-LSAs expressed as a decimal integer.

Values

0 to 2147483647

external-preference
Syntax

external-preference preference

no external-preference

Context

config>service>vprn>ospf

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the preference for OSPF external routes.

A route can be learned by the router from different protocols in which case the costs are not comparable; when this occurs the preference is used to decide which route is used.

Different protocols should not be configured with the same preference, if this occurs the tiebreaker is per the default preference table as defined in the following table. If multiple routes are learned with an identical preference using the same protocol, the lowest cost route is used.

If multiple routes are learned with an identical preference using the same protocol and the costs (metrics) are equal, the decision of what route to use is determined by the configuration of the config>router>ecmp command.

The no form of this command reverts to the default value.

Default

external-preference 150

Parameters
preference

Specifies the preference for external routes expressed as a decimal integer.

Route Type

Preference

Configurable

Direct attached

0

No

Static routes

5

Yes

OSPF internal

10

Yes

IS-IS level 1 internal

15

Yes

IS-IS level 2 internal

18

Yes

RIP

100

Yes

OSPF external

150

Yes

IS-IS level 1 external

160

Yes

IS-IS level 2 external

165

Yes

BGP

170

Yes

Note:

  1. Preference for OSPF internal routes is configured with the preference command.

Values

1 to 255

ignore-dn-bit
Syntax

[no] ignore-dn-bit

Context

config>service>vprn>ospf

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command specifies whether to ignore the DN bit for OSPF LSA packets for this instance of OSPF on the router. When enabled, the DN bit for OSPF LSA packets are ignored. When disabled, the DN bit is not ignored for OSPF LSA packets.

import
Syntax

import policy-name [policy-name...(up to 5 max)]

no import

Context

config>service>vprn>ospf

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command specifies the import route policy to be used to determine which routes are accepted from peers. Route policies are configured in the config>router>policy-options context.

This configuration can be set at three levels: global level (applies to all peers), group level (applies to all peers in peer-group) or neighbor level (only applies to specified peer). The most specific level is used.

When multiple policy names are specified, the policies are evaluated in the order they are specified. A maximum of five (5) policy names can be specified. The first policy that matches is applied.

When multiple import commands are issued, the last command entered overrides the previous command.

The no form of this command removes the policy association. To remove the association of all policies, use no import without any arguments.

Default

no import

Parameters
policy-name

Specifies the route policy name. Allowed values are any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes. Route policies are configured in the config>router>policy-options context.

overload
Syntax

overload [timeout seconds]

no overload

Context

config>service>vprn>ospf

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command changes the overload state of the local router so that it appears to be overloaded. When overload is enabled, the router can participate in OSPF routing, but is not used for transit traffic. Traffic destined to directly attached interfaces continue to reach the router.

To put the IGP in an overload state enter a timeout value. The IGP enters the overload state until the timeout timer expires or a no overload command is executed.

If the overload command is encountered during the execution of an overload-on-boot command, this command takes precedence. This could occur as a result of a saved configuration file where both parameters are saved. When the file is saved by the system the overload-on-boot command is saved after the overload command.

The no form of this command returns to the default. When the no overload command is executed, the overload state is terminated regardless the reason the protocol entered overload state.

Default

no overload

Parameters
timeout seconds

Specifies the number of seconds to reset overloading.

Values

60 to1800

Default

60

overload-include-stub
Syntax

[no] overload-include-stub

Context

config>service>vprn>ospf

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures whether the OSPF stub networks should be advertised with a maximum metric value when the system goes into overload state for any reason. When enabled, the system uses the maximum metric value. When this command is enabled and the router is in overload, all stub interfaces, including loopback and system interfaces, are advertised at the maximum metric.

Default

no overload-include-stub

overload-on-boot
Syntax

overload-on-boot [timeout seconds]

no overload

Context

config>service>vprn>ospf

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the IGP upon bootup in the overload state until one of the following events occur:

  • The timeout timer expires.

  • A manual override of the current overload state is entered with the no overload command.

When the router is in an overload state, the router is used only if there is no other router to reach the destination.

The no overload command does not affect the overload-on-boot function.

The no form of this command removes the overload-on-boot functionality from the configuration.

Default

no overload-on-boot

Parameters
timeout seconds

Specifies the number of seconds to reset overloading.

Values

60 to1800

Default

60

preference
Syntax

preference preference

no preference

Context

config>service>vprn>ospf

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the preference for OSPF internal routes.

A route can be learned by the router from different protocols in which case the costs are not comparable, when this occurs the preference is used to decide to which route is used.

Different protocols should not be configured with the same preference, if this occurs the tiebreaker is per the default preference table as defined in the following table. If multiple routes are learned with an identical preference using the same protocol, the lowest cost route is used.

If multiple routes are learned with an identical preference using the same protocol and the costs (metrics) are equal, the decision of what route to use is determined by the configuration of the config router ecmp command.

The no form of this command reverts to the default value.

Default

preference 10

Parameters
preference

Specifies the preference for internal routes expressed as a decimal integer. The following table lists the defaults for different route types.

Table 3. Route type preference defaults

Route type

Preference

Configurable

Direct attached

0

No

Static routes

5

Yes

OSPF internal

10

Yes1

IS-IS level 1 internal

15

Yes

IS-IS level 2 internal

18

Yes

RIP

100

Yes

OSPF external

150

Yes

IS-IS level 1 external

160

Yes

IS-IS level 2 external

165

Yes

BGP

170

Yes

1 Preference for OSPF internal routes is configured with the preference command.
Values

1 to 255

reference-bandwidth
Syntax

reference-bandwidth reference-bandwidth

no reference-bandwidth

Context

config>service>vprn>ospf

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command configures the reference bandwidth in kilobits per second (Kbps) that provides the reference for the default costing of interfaces based on their underlying link speed.

The default interface cost is calculated as follows:

cost = reference-bandwidth / bandwidth

The default reference-bandwidth is 100,000,000 Kbps or 100 Gbps, so the default auto-cost metrics for various link speeds are as as follows:

  • 10 Mbs link default cost of 10000

  • 100 Mbs link default cost of 1000

  • 1 Gbps link default cost of 100

  • 10 Gbps link default cost of 10

The reference-bandwidth command assigns a default cost to the interface based on the interface speed. To override this default cost on a particular interface, use the metric metric command in the config>router>ospf>area>interface ip-int-name context.

The no form of this command reverts the reference-bandwidth to the default value.

Default

reference-bandwidth 100000000

Parameters
reference-bandwidth

Specifies the reference bandwidth in kilobits per second expressed as a decimal integer.

Values

1 to 1000000000

super-backbone
Syntax

[no] super-backbone

Context

config>service>vprn>ospf

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command specifies whether CE-PE functionality is required or not. The OSPF super backbone indicates the type of the LSA generated as a result of routes redistributed into OSPF. When enabled, the redistributed routes are injected as summary, external or NSSA LSAs. When disabled, the redistributed routes are injected as either external or NSSA LSAs only.

Default

no super-backbone

suppress-dn-bit
Syntax

[no] suppress-dn-bit

Context

config>service>vprn>ospf

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command specifies whether to suppress the setting of the DN bit for OSPF LSA packets generated by this instance of OSPF on the router. When enabled, the DN bit for OSPF LSA packets generated by this instance of the OSPF router is not set. When disabled, this instance of the OSPF router follows the normal procedure to determine whether to set the DN bit.

Default

no suppress-dn-bit

timers
Syntax

timers

Context

config>service>vprn>ospf

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

Commands in this context configure of OSPF timers. Timers control the delay between receipt of a link state advertisement (LSA) requiring a Dijkstra (Shortest Path First (SPF)) calculation and the minimum time between successive SPF calculations.

Changing the timers affect CPU utilization and network reconvergence times. Lower values reduce convergence time but increase CPU utilization. Higher values reduce CPU utilization but increase reconvergence time.

spf-wait
Syntax

spf-wait max-spf-wait [spf-initial-wait [spf-second-wait]]

no spf-wait

Context

config>service>vprn>ospf>timers

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command defines the maximum interval between two consecutive SPF calculations in milliseconds. Timers that determine when to initiate the first, second, and subsequent SPF calculations after a topology change occurs can be controlled with this command.

Subsequent SPF runs (if required) occur at exponentially increasing intervals of the spf-second-wait interval. For example, if the spf-second-wait interval is 1000, the next SPF runs after 2000 milliseconds, and the next SPF runs after 4000 milliseconds, and so on, until it reaches the spf-wait value. The SPF interval stays at the spf-wait value until there are no more SPF runs scheduled in that interval. After a full interval without any SPF runs, the SPF interval drops back to spf-initial-wait.

The timer must be entered in increments of 100 milliseconds. Values entered that do not match this requirement are rejected.

The no form of this command reverts to the default value.

Default

no spf-wait

Parameters
max-spf-wait

Specifies the maximum interval in milliseconds between two consecutive SPF calculations.

Values

1 to 120000

Default

1000

spf-initial-wait

Specifies the initial SPF calculation delay in milliseconds after a topology change.

Values

10 to 100000

Default

1000

spf-second-wait

Specifies the hold time in milliseconds between the first and second SPF calculation.

Values

10 to 100000

Default

1000

vpn-domain
Syntax

vpn-domain [type {0005 | 0105 | 0205 | 8005}] id id

no vpn-domain

Context

config>service>vprn>ospf

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command specifies type of the extended community attribute exchanged using BGP to carry the OSPF VPN domain ID. This applies to VPRN instances of OSPF only. An attempt to modify the value of this object results in an inconsistent value error when it is not a VPRN instance. The parameters are mandatory and can be entered in either order.

Default

no vpn-domain

Parameters
id

Specifies the OSPF VPN domain in the ‟xxxx.xxxx.xxxx” format. This is exchanged using BGP in the extended community attribute associated with a prefix. This object applies to VPRN instances of OSPF only.

type

Specifies the type of the extended community attribute exchanged using BGP to carry the OSPF VPN domain ID.

Values

0005, 0105, 0205, 8005

vpn-tag
Syntax

vpn-tag vpn-tag

no vpn-tag

Context

config>service>vprn>ospf

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command specifies the route tag for an OSPF VPN on a PE router. This field is set in the tag field of the OSPF external LSAs generated by the PE. This is mainly used to prevent routing loops. This applies to VPRN instances of OSPF only. An attempt to modify the value of this object results in an inconsistent value error when it is not a VPRN instance.

Default

vpn-tag 0

lsa-arrival
Syntax

lsa-arrival lsa-arrival-time

no lsa-arrival

Context

config>service>vprn>ospf>timers

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This parameter defines the minimum delay that must pass between receipt of the same Link State Advertisements (LSAs) arriving from neighbors. It is recommended that the neighbors configured lsa-generate lsa-second-wait interval is equal or greater than the lsa-arrival timer configured here.

Use the no form of this command to return to the default.

Default

no lsa-arrival

Parameters
lsa-arrival-time

Specifies the timer in milliseconds. Values entered that do not match this requirement are rejected.

Values

0 to 600000

lsa-generate
Syntax

lsa-generate max-lsa-wait [lsa-initial-wait [lsa-second-wait]]

no lsa-generate-interval

Context

config>service>vprn>ospf>timers

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This parameter customizes the throttling of OSPF LSA-generation. Timers that determine when to generate the first, second, and subsequent LSAs can be controlled with this command. Subsequent LSAs are generated at increasing intervals of the lsa-second-wait timer until a maximum value is reached. Configuring the lsa-arrival interval to equal or less than the lsa-second-wait interval configured in the lsa-generate command is recommended.

The no form of this command returns to the default.

Default

no lsa-generate

Parameters
max-lsa-wait

Specifies the maximum interval, in milliseconds, between two consecutive ocurrences of an LSA being generated.

The timer must be entered as either 1 or in millisecond increments. Values entered that do not match this requirement are rejected.

Values

1 to 600000

Show commands

egress-label
Syntax

egress-label start-label [end-label]

Context

show>service

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command display services using the range of egress labels.

If only the mandatory start-label parameter is specified, only services using the specified label are displayed.

If both start-label and end-label parameters are specified, the services using the range of labels X where start-label <= X <= end-label are displayed.

Use the show router ldp bindings command to display dynamic labels.

Parameters
start-label

Specifies the starting egress label value for which to display services using the label range. If only egress-label1 is specified, services only using egress-label1 are displayed.

Values

0 | 2048 to 131071

end-label

Specifies the ending egress label value for which to display services using the label range.

Values

2049 to 131071

Default

The egress-label1 value.

Output

The following output is an example of service egress label information, and Output fields: egress label describes the output fields.

Sample output
*A:ALA-12# show service egress-label 0 10000
==============================================================================
Martini Service Labels                                                         
==============================================================================
Svc Id     Sdp Id             Type I.Lbl        E.Lbl                          
------------------------------------------------------------------------------
1          10:1               Mesh 0            0                              
1          20:1               Mesh 0            0                              
1          30:1               Mesh 0            0                              
1          100:1              Mesh 0            0                              
...
1          107:1              Mesh 0            0                              
1          108:1              Mesh 0            0                              
1          300:1              Mesh 0            0                              
1          301:1              Mesh 0            0                              
1          302:1              Mesh 0            0                              
1          400:1              Mesh 0            0                              
1          500:2              Spok 131070       2001                           
1          501:1              Mesh 131069       2000                           
100        300:100            Spok 0            0                              
200        301:200            Spok 0            0                              
300        302:300            Spok 0            0                              
400        400:400            Spok 0            0                              
------------------------------------------------------------------------------
Number of Bindings Found : 23                                                  
==============================================================================
*A:ALA-12#
Table 4. Output fields: egress label

Label

Description

Svc Id

The ID that identifies a service.

Sdp Id

The ID that identifies an SDP.

Type

Indicates whether the SDP binding is a spoke or a mesh.

I. Lbl

The VC label used by the far-end device to send packets to this device in this service by the SDP.

E. Lbl

The VC label used by this device to send packets to the far-end device in this service by the SDP.

Number of bindings found

The total number of SDP bindings that exist within the specified egress label range.

ingress-label
Syntax

ingress-label start-label [end-label]

Context

show>service

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command displays services using the range of ingress labels.

If only the mandatory start-label parameter is specified, only services using the specified label are displayed.

If both start-label and end-label parameters are specified, the services using the range of labels X where start-label <= X <= end-label are displayed.

Use the show router vprn-service-id ldp bindings command to display dynamic labels.

Parameters
start-label

Specifies the starting ingress label value for which to display services using the label range. If only start-label is specified, services only using start-label are displayed.

Values

0, 2048 to 131071

end-label

Specifies the ending ingress label value for which to display services using the label range.

Values

2048 to 131071

Default

The start-label value.

Output

The following output is an example of service ingress label information, and Output fields: ingress label describes the output fields.

Sample output
*A:ALA-12# show service ingress-label 0
==============================================================================
Martini Service Labels                                                         
==============================================================================
Svc Id     Sdp Id             Type I.Lbl        E.Lbl                          
------------------------------------------------------------------------------
1          10:1               Mesh 0            0                              
1          20:1               Mesh 0            0                              
1          30:1               Mesh 0            0                              
1          50:1               Mesh 0            0                              
1          100:1              Mesh 0            0                              
1          101:1              Mesh 0            0                              
1          102:1              Mesh 0            0                              
1          103:1              Mesh 0            0                              
1          104:1              Mesh 0            0                              
1          105:1              Mesh 0            0                              
1          106:1              Mesh 0            0                              
1          107:1              Mesh 0            0                              
1          108:1              Mesh 0            0                              
1          300:1              Mesh 0            0                              
1          301:1              Mesh 0            0                              
1          302:1              Mesh 0            0                              
1          400:1              Mesh 0            0                              
100        300:100            Spok 0            0                              
200        301:200            Spok 0            0                              
300        302:300            Spok 0            0                              
400        400:400            Spok 0            0                              
------------------------------------------------------------------------------
Number of Bindings Found : 21
------------------------------------------------------------------------------
*A:ALA-12# 
Table 5. Output fields: ingress label

Label

Description

Svc ID

The service identifier.

SDP Id

The SDP identifier.

Type

Indicates whether the SDP is a spoke or a mesh.

I.Lbl

The ingress label used by the far-end device to send packets to this device in this service by the SDP.

E.Lbl

The egress label used by this device to send packets to the far-end device in this service by the SDP.

Number of Bindings Found

The number of SDP bindings within the label range specified.

sap-using
Syntax

sap-using [sap sap-id]

sap-using interface [ip-address | ip-int-name]

sap-using [ingress | egress] filter filter-id

sap-using [ingress | egress] qos-policy qos-policy-id

Context

show>service

Platforms

Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode.

Description

This command displays SAP information.

If no optional parameters are specified, the command displays a summary of all defined SAPs.

The optional parameters restrict output to only SAPs matching the specified properties.

Parameters
sap-id

Specifies the physical port identifier portion of the SAP definition. See Common CLI command descriptions for command syntax.

interface

Specifies matching SAPs with the specified IP interface. This parameter can be used on 7210 SAS platforms operating in access-uplink mode only if the specified interface is configured within an IES context.

ip-address

Specifies the IP address of the interface for which to display matching SAPs. This parameter can be used on 7210 SAS platforms operating in access-uplink mode only if the specified interface is configured within an IES context.

Values

a.b.c.d

ip-int-name

Specifies the IP interface name for which to display matching SAPs. This parameter can be used on 7210 SAS platforms operating in access-uplink mode only if the specified interface is configured within an IES context.

ingress

Specifies matching an ingress policy.

egress

Specifies matching an egress policy.

qos-policy qos-policy-id

Specifies the ingress or egress QoS Policy ID for which to display matching SAPs.

Values

1 to 65535

filter filter-id

Specifies the ingress or egress filter policy ID for which to display matching SAPs.

Values

1 to 65535

Output

The following output is an example of service SAP information, and Output fields: SAP-using describes the output fields.

Sample output
*A:ALA-12# show service sap-using sap 1/1
==============================================================================
Service Access Points                                                         
==============================================================================
PortId         SvcId      SapMTU I.QoS I.Mac/IP E.QoS E.Mac/IP A.Pol  Adm  Opr 
------------------------------------------------------------------------------
1/1/7:0        1          1518   10    8        10    none     none   Up   Up  
1/1/11:0       100        1514   1     none     1     none     none   Down Down
1/1/7:300      300        1518   10    none     10    none     1000   Up   Up  
------------------------------------------------------------------------------
Number of SAPs : 3                                                             
------------------------------------------------------------------------------
*A:ALA-12# 
Table 6. Output fields: SAP-using

Label

Description

Port ID

The ID of the access port where the SAP is defined.

Svc ID

The service identifier.

SapMTU

The SAP MTU value.

I.QoS

The SAP ingress QoS policy number specified on the ingress SAP.

I.MAC/IP

The MAC or IP filter policy ID applied to the ingress SAP.

E.QoS

The SAP egress QoS policy number specified on the egress SAP.

E.Mac/IP

The MAC or IP filter policy ID applied to the egress SAP

A.Pol

The accounting policy ID assigned to the SAP.

Adm

The desired state of the SAP.

Opr

The actual state of the SAP.

sdp
Syntax

sdp [sdp-id | far-end ip-address] [detail | keep-alive-history]

Context

show>service

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command displays SDP information.

If no optional parameters are specified, a summary SDP output for all SDPs is displayed.

Parameters
sdp-id

Specifies the SDP ID for which to display information.

Values

1 to 17407

Default

All SDPs.

far-end ip-address

Displays only SDPs matching with the specified far-end IP address.

Default

SDPs with any far-end IP address.

detail

Displays detailed SDP information.

Default

SDP summary output.

keep-alive-history

Displays the last fifty SDP keepalive events for the SDP.

Default

SDP summary output.

Output

The following output is an example of SDP information, and Output fields: SDP describes the output fields.

Sample output
*A:ALA-12# show service sdp
==============================================================================
Services: Service Destination Points                                          
==============================================================================
SdpId    Adm MTU   Opr MTU   IP address       Adm  Opr         Deliver Signal  
------------------------------------------------------------------------------
10       4462      4462      10.20.1.3        Up   Dn NotReady MPLS    TLDP    
40       4462      1534      10.20.1.20       Up   Up          MPLS    TLDP    
------------------------------------------------------------------------------
Number of SDPs : 5                                                            
==============================================================================
*A:ALA-12# 

*A:ALA-12# show service sdp 8
==============================================================================
Service Destination Point (Sdp Id : 8)
==============================================================================
SdpId    Adm MTU   Opr MTU   IP address       Adm  Opr         Deliver Signal
------------------------------------------------------------------------------
8        4462      4462      10.10.10.104     Up   Dn NotReady MPLS    TLDP
==============================================================================
Service Destination Point (Sdp Id : 8) Details
-------------------------------------------------------------------------------
 Sdp Id 8  -(10.10.10.104)
-------------------------------------------------------------------------------
Description           : MPLS-10.10.10.104
SDP Id               : 8
Admin Path MTU       : 0                     Oper Path MTU      : 0
Far End              : 10.10.10.104          Delivery           : MPLS
Admin State          : Up                    Oper State         : Down
Flags                : SignalingSessDown TransportTunnDown
Signaling            : TLDP                  VLAN VC Etype      : 0x8100
Last Status Change   : 02/01/2007 09:11:39   Adv. MTU Over.     : No
Last Mgmt Change     : 02/01/2007 09:11:46

KeepAlive Information :
Admin State          : Disabled              Oper State         : Disabled
Hello Time           : 10                    Hello Msg Len      : 0
Hello Timeout        : 5                     Unmatched Replies  : 0
Max Drop Count       : 3                     Hold Down Time     : 10
Tx Hello Msgs        : 0                     Rx Hello Msgs      : 0

Associated LSP LIST :
Lsp Name             : to-104
Admin State          : Up                    Oper State         : Down
Time Since Last Tran*: 01d07h36m
===============================================================================
* indicates that the corresponding row element may have been truncated.
*A:ALA-12#
Table 7. Output fields: SDP

Label

Description

SDP Id

The SDP identifier.

Adm MTU

Specifies the largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented.

Opr MTU

Specifies the actual largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented.

IP address

Specifies the IP address of the remote end of the MPLS tunnel defined by this SDP.

Adm

Admin State

Specifies the state of the SDP.

Opr

Oper State

Specifies the operating state of the SDP.

Flags

Specifies all the conditions that affect the operating status of this SDP.

Signal

Signaling

Specifies the signaling protocol used to obtain the ingress and egress labels used in frames transmitted and received on the SDP.

Last Status Change

Specifies the time of the most recent operating status change to this

SDP.

Last Mgmt Change

Specifies the time of the most recent management-initiated change to this SDP.

Number of SDPs

Specifies the total number of SDPs displayed according to the criteria specified.

Hello Time

Specifies how often the SDP echo request messages are transmitted on this SDP.

Deliver

Delivered

Specifies the type of delivery used by the SDP: MPLS.

Number of SDPs

Specifies the total number of SDPs displayed according to the criteria specified.

Hello Time

Specifies how often the SDP echo request messages are transmitted on this SDP.

Hello Msg Len

Specifies the length of the SDP echo request messages transmitted on this SDP.

Hello Timeout

Specifies the number of seconds to wait for an SDP echo response message before declaring a timeout.

Unmatched Replies

Specifies the number of SDP unmatched message replies.

Max Drop Count

Specifies the maximum number of consecutive SDP echo request messages that can be unacknowledged before the keepalive protocol reports a fault.

Hold Down Time

Specifies the maximum number of consecutive SDP echo request messages that can be unacknowledged before the keepalive protocol reports a fault.

TX Hello Msgs

Specifies the number of SDP echo request messages transmitted since the keepalive was administratively enabled or the counter was cleared.

Rx Hello Msgs

Specifies the number of SDP echo request messages received since the keepalive was administratively enabled or the counter was cleared.

Associated LSP List

When the SDP type is MPLS, a list of LSPs used to reach the far-end router displays. All the LSPs in the list must terminate at the IP address specified in the far end field.

sdp-using
Syntax

sdp-using [sdp-id[:vc-id] | far-end ip-address]

Context

show>service

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command displays services using SDP or far-end address options.

Parameters
sdp-id

Displays only services bound to the specified SDP ID.

Values

1 to 17407

vc-id

Specifies the virtual circuit identifier.

Values

1 to 4294967295

far-end ip-address

Displays only services matching with the specified far-end IP address.

Default

Services with any far-end IP address.

Output

The following output is an example of service SDP information, and Output Fields: SDP-using describes the output fields.

Sample output
*A:ALA-1# show service sdp-using 300
===============================================================================
Service Destination Point (Sdp Id : 300)
===============================================================================
SvcId       SdpId               Type Far End        Opr State I.Label  E.Label
-------------------------------------------------------------------------------
1           300:1               Mesh 10.0.0.13      Up        131071   131071
2           300:2               Spok 10.0.0.13      Up        131070   131070
100         300:100             Mesh 10.0.0.13      Up        131069   131069
101         300:101             Mesh 10.0.0.13      Up        131068   131068
102         300:102             Mesh 10.0.0.13      Up        131067   131067
-------------------------------------------------------------------------------
Number of SDPs : 5
-------------------------------------------------------------------------------
*A:ALA-1#


A:ALA-48# show service sdp-using 
===============================================================================
SDP Using
===============================================================================
SvcId       SdpId               Type Far End        Opr State I.Label  E.Label 
-------------------------------------------------------------------------------
3           2:3                 Spok 10.20.1.2      Up        n/a      n/a     
103         3:103               Spok 10.20.1.3      Up        131067   131068  
103         4:103               Spok 10.20.1.2      Up        131065   131069
105         3:105               Spok 10.20.1.3      Up        131066   131067  
-------------------------------------------------------------------------------
Number of SDPs : 4
-------------------------------------------------------------------------------
A:ALA-48
Table 8. Output Fields: SDP-using

Label

Description

Svc ID

The service identifier.

Sdp ID

The SDP identifier.

Type

Type of SDP: spoke or mesh.

Far End

The far end address of the SDP.

Oper State

The operational state of the service.

Ingress Label

The label used by the far-end device to send packets to this device in this service by this SDP.

Egress Label

The label used by this device to send packets to the far-end device in this service by this SDP.

service-using
Syntax

service-using [epipe] [ies] [vpls] [vprn][sdp sdp-id] [customer customer-id]

Context

show>service

Platforms

Supported on all 7210 SAS platforms as described in this document

Description

This command displays the services matching certain usage properties.

If no optional parameters are specified, all services defined on the system are displayed.

Parameters
epipe

Displays matching Epipe services.

ies

Displays matching IES instances.

vpls

Displays matching VPLS instances.

vprn

Displays matching VPRN services. This parameter is not supported on 7210 SAS platforms operating in access-uplink mode.

sdp sdp-id

Displays only services bound to the specified SDP ID.

Values

1 to 17407

Default

Services bound to any SDP ID.

customer customer-id

Displays services only associated with the specified customer ID.

Values

1 to 2147483647

Default

Services associated with an customer.

Output

The following output is an example of service information, and Output Fields: Service-using describes the output fields.

Sample output
*A:ALA-12# show service service-using customer 10
==============================================================================
Services
==============================================================================
ServiceId    Type      Adm    Opr        CustomerId        Last Mgmt Change
------------------------------------------------------------------------------
1            VPLS      Up     Up         10                09/05/2006 13:24:15
100          IES       Up     Up         10                09/05/2006 13:24:15
300          Epipe     Up     Up         10                09/05/2006 13:24:15
900          VPRN      Up     Up         2                 11/04/2006 04:55:12
------------------------------------------------------------------------------
Matching Services : 4
==============================================================================
*A:ALA-12#

*A:ALA-12# show service service-using epipe
===============================================================================
Services [epipe]
===============================================================================
ServiceId    Type      Adm    Opr        CustomerId        Last Mgmt Change
-------------------------------------------------------------------------------
6            Epipe     Up     Up         6                 06/22/2006 23:05:58
7            Epipe     Up     Up         6                 06/22/2006 23:05:58
8            Epipe     Up     Up         3                 06/22/2006 23:05:58
103          Epipe     Up     Up         6                 06/22/2006 23:05:58
-------------------------------------------------------------------------------
Matching Services : 4
===============================================================================
*A:ALA-12#


A:de14# show service service-using
===============================================================================
Services
===============================================================================
ServiceId    Type      Adm    Opr        CustomerId        Last Mgmt Change
-------------------------------------------------------------------------------
1            uVPLS     Up     Up         1                 10/26/2006 15:44:57
2            Epipe     Up     Down       1                 10/26/2006 15:44:57
10           mVPLS     Down   Down       1                 10/26/2006 15:44:57
11           mVPLS     Down   Down       1                 10/26/2006 15:44:57
100          mVPLS     Up     Up         1                 10/26/2006 15:44:57
101          mVPLS     Up     Up         1                 10/26/2006 15:44:57
102          mVPLS     Up     Up         1                 10/26/2006 15:44:57
999          uVPLS     Down   Down       1                 10/26/2006 16:14:33
-------------------------------------------------------------------------------
Matching Services : 8
-------------------------------------------------------------------------------
A:de14#
Table 9. Output Fields: Service-using

Label

Description

Service Id

The service identifier.

Type

Specifies the service type configured for the service ID.

Adm

The desired state of the service.

Opr

The operating state of the service.

CustomerID

The ID of the customer who owns this service.

Last Mgmt Change

The date and time of the most recent management-initiated change to this service.

id
Syntax

id service-id {all | arp | base | fdb | labels | mfib | sap | sdp | split-horizon-group | stp}

Context

show>service

Platforms

Supported on all 7210 SAS platforms as described in this document

Description

This command displays information for a particular service-id.

Parameters
service-id

Specifies the unique service identification number that identifies the service in the service domain.

all

Display detailed information about the service.

arp

Display ARP entries for the service.

base

Display basic service information.

fdb

Display FDB entries.

interface

Display service interfaces.

labels

Display labels being used by this service.

sap

Display SAPs associated to the service.

sdp

Display SDPs associated with the service. This parameter is not supported on 7210 SAS platforms operating in access-uplink mode.

split-horizon-group

Display split horizon group information.

stp

Display STP information.

all
Syntax

all

Context

show>service>id

Platforms

Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode

Description

This command displays detailed information for all aspects of the service.

Output

The following output is an example of detailed service information, and Output fields: service ID All describes the output fields.

Sample output
*A:7210SAS>show>service>id# all

===============================================================================
Service Detailed Information
===============================================================================
Service Id        : 1                   Vpn Id            : 0
Service Type      : Epipe
Description       : (Not Specified)
Customer Id       : 1
Last Status Change: 02/12/2002 23:51:07
Last Mgmt Change  : 02/12/2002 23:50:18
Admin State       : Up                  Oper State        : Up
SAP Count         : 2
Uplink Type:      : L2
SAP Type:         : Any                 Customer vlan:    : n/a
-------------------------------------------------------------------------------
Service Access Points
-------------------------------------------------------------------------------

-------------------------------------------------------------------------------
SAP 1/1/9:600.*
-------------------------------------------------------------------------------
Service Id         : 1
SAP                : 1/1/9:600.*              Encap             : qinq
QinQ Dot1p         : Default
Description        : (Not Specified)
Admin State        : Up                       Oper State        : Up
Flags              : None
Last Status Change : 02/12/2002 23:51:06
Last Mgmt Change   : 02/12/2002 23:50:18
Dot1Q Ethertype    : 0x8100                   QinQ Ethertype    : 0x8100

Admin MTU          : 9212                     Oper MTU          : 9212
Ingr IP Fltr-Id    : n/a                      Egr IP Fltr-Id    : n/a
Ingr Mac Fltr-Id   : n/a                      Egr Mac Fltr-Id   : n/a
Ingr IPv6 Fltr-Id  : n/a                      Egr IPv6 Fltr-Id  : n/a
tod-suite          : None
Endpoint           : N/A

Acct. Pol          : None                     Collect Stats     : Disabled


-------------------------------------------------------------------------------
QOS
-------------------------------------------------------------------------------
Ingress qos-policy : n/a
-------------------------------------------------------------------------------
Aggregate Policer
-------------------------------------------------------------------------------
rate               : n/a                      burst             : n/a
-------------------------------------------------------------------------------
Ingress QoS Classifier Usage
-------------------------------------------------------------------------------
Classifiers Allocated: 2                     Meters Allocated   : 1
Classifiers Used     : 1                     Meters Used        : 1
-------------------------------------------------------------------------------
Sap Statistics
-------------------------------------------------------------------------------
                        Packets                 Octets
Ingress Stats:          0                       0
Egress Stats:           26941105                18014193523

Extra-Tag Drop Stats:   n/a                     n/a

-------------------------------------------------------------------------------
SAP 1/1/12:90
-------------------------------------------------------------------------------
Service Id         : 1
SAP                : 1/1/12:90                Encap             : q-tag
Description        : (Not Specified)
Admin State        : Up                       Oper State        : Up
Flags              : None
Last Status Change : 02/12/2002 23:51:07
Last Mgmt Change   : 02/13/2002 00:05:46
Dot1Q Ethertype    : 0x8100                   QinQ Ethertype    : 0x8100
Loopback Mode      : Internal                 No-svc-port used  : 1/1/25
Loopback Src Addr  : 00:00:01:00:02:00
Loopback Dst Addr  : 00:00:01:00:03:00

Admin MTU          : 1518                     Oper MTU          : 1518
Ingr IP Fltr-Id    : n/a                      Egr IP Fltr-Id    : n/a
Ingr Mac Fltr-Id   : n/a                      Egr Mac Fltr-Id   : n/a
Ingr IPv6 Fltr-Id  : n/a                      Egr IPv6 Fltr-Id  : n/a
tod-suite          : None
Endpoint           : N/A

Acct. Pol          : None                     Collect Stats     : Disabled


-------------------------------------------------------------------------------
QOS
-------------------------------------------------------------------------------
Ingress qos-policy : 1
-------------------------------------------------------------------------------
Aggregate Policer
-------------------------------------------------------------------------------
rate               : n/a                      burst             : n/a
-------------------------------------------------------------------------------
Ingress QoS Classifier Usage
-------------------------------------------------------------------------------
Classifiers Allocated: 2                     Meters Allocated   : 1
Classifiers Used     : 1                     Meters Used        : 1
-------------------------------------------------------------------------------
Sap Statistics
-------------------------------------------------------------------------------
                        Packets                 Octets
Ingress Stats:          26940595                18013850572
Egress Stats:           0                       0
Ingress Drop Stats:     0                       0

Extra-Tag Drop Stats:   n/a                     n/a
-------------------------------------------------------------------------------
Sap per Meter stats (in/out counter mode)
-------------------------------------------------------------------------------
                        Packets                 Octets

Ingress Meter 1
For. InProf           : 8                       4265
For. OutProf          : 26941156                18014224039

-------------------------------------------------------------------------------
Service Endpoints
-------------------------------------------------------------------------------
No Endpoints found.
===============================================================================
*A:7210SAS>show>service>id#
Table 10. Output fields: service ID All

Label

Description

Service Detailed Information

Service Id

The service identifier.

VPN Id

The number which identifies the VPN.

Customer Id

The customer identifier.

Last Status Change

The date and time of the most recent change in the administrative or operating status of the service.

Last Mgmt Change

The date and time of the most recent management-initiated change to this customer.

Admin State

The current administrative state.

Oper State

The current operational state.

Route Dist.

Displays the route distribution number.

AS Number

Displays the autonomous system number.

Router Id

Displays the router ID for this service.

Auto Bind

Specifies the automatic binding type for the SDP assigned to this service.

Vrf Target

Specifies the VRF target applied to this service.

Vrf Import

Specifies the VRF import policy applied to this service.

Vrf Export

Specifies the VRF export policy applied to this service.

Description

Generic information about the service.

SAP Count

The number of SAPs specified for this service.

SDP Bind Count

The number of SDPs bound to this service.

Split Horizon Group

Name of the split horizon group for this service.

Description

Description of the split horizon group.

Last Changed

The date and time of the most recent management-initiated change to this split horizon group.

Service Destination Points (SDPs)

SDP Id

The SDP identifier.

Type

Indicates whether this Service SDP binding is a spoke or a mesh.

Admin Path MTU

The desired largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented.

Oper Path MTU

The actual largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented.

Delivery

Specifies the type of delivery used by the SDP: MPLS.

Admin State

The administrative state of this SDP.

Oper State

The operational state of this SDP.

Ingress Label

The label used by the far-end device to send packets to this device in this service by this SDP.

Egress Label

The label used by this device to send packets to the far-end device in this service by this SDP.

Ingress Filter

The ID of the ingress filter policy.

Egress Filter

The ID of the egress filter policy.

Far End

Specifies the IP address of the remote end of the MPLS tunnel defined by this SDP.

Last Changed

The date and time of the most recent change to this customer.

Signaling

Specifies the signaling protocol used to obtain the ingress and egress labels used in frames transmitted and received on this SDP.

Admin State

Specifies the operating status of the keepalive protocol.

Oper State

The current status of the keepalive protocol.

Hello Time

Specifies how often the SDP echo request messages are transmitted on this SDP.

Hello Msg Len

Specifies the length of the SDP echo request messages transmitted on this SDP.

Max Drop Count

Specifies the maximum number of consecutive SDP echo request messages that can be unacknowledged before the keepalive protocol reports a fault.

Hold Down Time

Specifies the amount of time to wait before the keepalive operating status is eligible to enter the alive state.

SDP Delivery Mechanism

When the SDP type is MPLS, a list of LSPs used to reach the far-end router displays. All the LSPs in the list must terminate at the IP address specified in the far end field.

Max Drop Count

Specifies the maximum number of consecutive SDP echo request messages that can be unacknowledged before the keepalive protocol reports a fault.

Number of SDPs

The total number SDPs applied to this service ID.

Service Access Points

Service Id

The service identifier.

Port Id

The ID of the access port where this SAP is defined.

Description

Generic information about the SAP.

Admin State

The desired state of the SAP.

Oper State

The operating state of the SAP.

Last Changed

The date and time of the last change.

Admin MTU

The desired largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented.

Oper MTU

The actual largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented.

Ingress qos-policy

The SAP ingress QoS policy ID.

Acct. Pol

Indicates the accounting policy applied to the SAP.

Collect Stats

Specifies whether accounting statistics are collected on the SAP.

Spoke SDPs

Managed by Service

Specifies the service-id of the management VPLS managing this spoke-SDP.

Managed by Spoke

Specifies the sap-id inside the management VPLS managing this spoke-SDP.

Prune state

Specifies the STP state inherited from the management VPLS.

Peer Pw Bits

Indicates the bits set by the LDP peer when there is a fault on its side of the pseudowire. LAC failures occur on the SAP that has been configured on the pipe service, PSN bits are set by SDP-binding failures on the pipe service. The pwNotForwarding bit is set when none of the preceding failures apply, such as an MTU mismatch failure. This value is only applicable if the peer is using the pseudowire status signalling method to indicate faults.

pwNotForwarding — Pseudowire not forwarding

lacIngressFault Local — Attachment circuit RX fault

lacEgresssFault Local — Attachment circuit TX fault

psnIngressFault Local — PSN-facing PW RX fault

psnEgressFault Local — PSN-facing PW TX fault

pwFwdingStandby — Pseudowire in standby mode

Max IPv4 Routes

Maximum IPv4 routes configured for use with the service.

Last Changed

The date and time of the most recent management-initiated change.

Dot1Q Ethertype

The Dot1q ethertype in use by the SAP.

Ingr IP Fltr-Id

The policy ID of the IP filter applied at ingress.

Ingr Mac Fltr-Id

The policy ID of the MAC filter applied at ingress.

Egr IP Fltr-Id

The policy ID of the IP filter applied at egress.

Egr Mac Fltr-Id

The policy ID of the MAC filter applied at egress.

tod-suite

The TOD suite applied for use by this SAP.

rate

Specifies the SAP aggregate rate configured for the aggregate policer/meter used by this SAP.

burst

Specifies the burst to be used with SAP aggregate policer/meter used by this SAP.

Classifiers Allocated

Number of SAP ingress QoS resources allocated for use by this SAP.

Classifiers Used

Number of SAP ingress QoS resources in use by this SAP.

Meters Allocated

Number of SAP ingress meter resources allocated for use by this SAP. This is set to half the number of classifiers allocated to this SAP.

Meters Used

Number of SAP ingress meters in use.

Ingress Stats

The number of received packets/octets for this SAP.

Egress Stats

The number of packets/octets forwarded out of this SAP.

Ingress Drop Stats

Number of packets/octets dropped by the system.

Extra-Tag Drop Stats

Number of packets received with the count of VLAN tags exceeding the count of VLAN tags implied by the SAP encapsulation.

Ingress Meter 1

The index of the ingress QoS meter of this SAP.

For. InProf

Number of in-profile packets/octets received on this SAP.

For. OutProf

Number of out-of-profile packets/octets received on this SAP.

If Name

IP interface name assigned by user.

Protocols

Protocols enabled for use on this interface.

Oper (v4/v6)

Operational status of this interface for IPv4 and IPv6.

IP Addr/mask

IPv4 address and Mask assigned to this interface.

Address Type

Whether the address is a primary or secondary address.

Broadcast Address

Type of broadcast address used. It can be host-ones or all-ones.

If Index

The interface Index assigned by the system. It is used with SNMP IfTable.

Virt. If Index

The interface index assigned by the system. It is used with SNMP.

Last Oper Chg

Timestamp associated with the last operational change.

Global If Index

This is the system wide Interface index allotted by the system.

If Type

Network — The IP interface is a network/core IP interface.

Service — The IP interface is a service IP interface.

SNTP B.Cast

Specifies whether SNTP broadcast client mode is enabled or disabled.

Arp Timeout

Specifies the timeout for an ARP entry learned on the interface.

IP Oper MTU

The actual largest service frame size (in octets) that can be transmitted through the port to the far-end router, without requiring the packet to be fragmented.

LdpSyncTimer

Specifies the value used for IGP-LDP synchronization.

Redirects

Specifies the rate for ICMP redirect messages.

Unreachables

Specifies the rate for ICMP unreachable messages.

TTL Expired

Specifies the rate for ICMP TTL messages.

MAC Address

Specifies the 48-bit IEEE 802.3 MAC address.

arp
Syntax

arp [ip-address] | [mac ieee-address] | [sap sap-id] | [interface ip-int-name] [sdp sdp-id:vc-id] [summary]

Context

show>service>id

Platforms

Supported on all 7210 SAS platforms as described in this document

Description

Displays the ARP table for the IES instance.

Parameters
ip-address

Displays only ARP entries in the ARP table with the specified IP address.

Default

All IP addresses.

mac ieee-address

Displays only ARP entries in the ARP table with the specified 48-bit MAC address. The MAC address can be expressed in the form aa:bb:cc:dd:ee:ff or aa-bb-cc-dd-ee-ff where aa, bb, cc, dd, ee and ff are hexadecimal numbers.

Default

All MAC addresses.

sap sap-id

Displays SAP information for the specified SAP ID. See Common CLI command descriptions for command syntax.

sdp-id:vc-id

Displays SDP information for the specified SDP ID and VC ID. This parameter is not supported on 7210 SAS platforms operating in access-uplink mode.

port id

Specifies matching service ARP entries associated with the specified IP interface.

ip-address

Specifies the IP address of the interface for which to display matching ARP entries.

Values

a.b.c.d

ip-int-name

Specifies the IP interface name for which to display matching ARPs.

Output

The following output is an example of ARP information, and Output fields: ARP describes the output fields.

Sample output
*A:ALA-12# show service id 2 arp
==============================================================================
ARP Table                                                                      
==============================================================================
IP Address      MAC Address       Type    Age       Interface         Port     
------------------------------------------------------------------------------
10.11.1.1      00:03:fa:00:08:22 Other   00:00:00  ies-100-10.11.1  1/1/11:0 
==============================================================================
*A:ALA-12# 
Table 11. Output fields: ARP

Label

Description

Service ID

The service ID number.

MAC

The specified MAC address

Source-Identifier

The location the MAC is defined.

Type

Static

FDB entries created by management.

Learned

Dynamic entries created by the learning process.

OAM

Entries created by the OAM process.

Age

The time elapsed since the service was enabled.

Interface

The interface applied to the service.

Port

The port where the SAP is applied.

base
Syntax

base

Context

show>service>id

Platforms

Supported on all 7210 SAS platforms as described in this document

Description

This command displays basic information about the service ID including service type, description, SAPs and SDPs.

Note:

SDP information is not displayed for 7210 SAS platforms operating in access-uplink mode.

Output

The following outputs are examples of basic service information, and the associated tables describes the output fields.

Sample output
*A:ALA-12# show service id 1 base
===============================================================================
Service Basic Information
===============================================================================
Service Id        : 1                   Vpn Id            : 0
Service Type      : VPRN
Customer Id       : 1
Last Status Change: 02/01/2007 09:11:39
Last Mgmt Change  : 02/01/2007 09:11:46
Admin State       : Up                  Oper State        : Down
Route Dist.       : 10001:1
AS Number         : 10000               Router Id         : 10.10.10.103
ECMP              : Enabled             ECMP Max Routes   : 8
Max Routes        : No Limit            Auto Bind         : LDP
Vrf Target        : target:10001:1
Vrf Import        : vrfImpPolCust1
Vrf Export        : vrfExpPolCust1
SAP Count         : 1                   SDP Bind Count    : 18                 
------------------------------------------------------------------------------
Service Access & Destination Points                                            
------------------------------------------------------------------------------
Identifier                       Type         AdmMTU  OprMTU  Adm     Opr      
------------------------------------------------------------------------------
sap:1/1/7:0                      q-tag        1518    1518    Up      Up       
sdp:10:1 M(10.20.1.3)            TLDP         4462    4462    Up      TLDP Down
sdp:20:1 M(10.20.1.4)            TLDP         4462    4462    Up      TLDP Down
sdp:30:1 M(10.20.1.5)            TLDP         4462    4462    Up      TLDP Down
sdp:40:1 M(10.20.1.20)           TLDP         1534    4462    Up      Up       
sdp:200:1 M(10.20.1.30)          TLDP         1514    4462    Up      Up       
sdp:300:1 M(10.20.1.31)          TLDP         4462    4462    Up      TLDP Down
sdp:500:1 M(10.20.1.50)          TLDP         4462    4462    Up      TLDP Down
==============================================================================
*A:ALA-12# 
Table 12. Output fields: base

Label

Description

Service Id

The service identifier

Vpn Id

Specifies the VPN ID assigned to the service.

Service Type

Specifies the type of service

Description

Generic information about the service

Customer Id

The customer identifier

Last Mgmt Change

The date and time of the most recent management-initiated change to this customer

Adm

The desired state of the service

Oper

The operating state of the service

Mtu

The largest frame size (in octets) that the service can handle.

Def. Mesh VC Id

This object is only valid in services that accept mesh SDP bindings

It is used to validate the VC ID portion of each mesh SDP binding defined in the service

SAP Count

The number of SAPs defined on the service

SDP Bind Count

The number of SDPs bound to the service

Identifier

Specifies the service access (SAP) and destination (SDP) points

Type

Specifies the signaling protocol used to obtain the ingress and egress labels used in frames transmitted and received on the SDP

AdmMTU

Specifies the desired largest service frame size (in octets) that can be transmitted through this SDP to the far-end ESR, without requiring the packet to be fragmented

OprMTU

Specifies the actual largest service frame size (in octets) that can be transmitted through this SDP to the far-end ESR, without requiring the packet to be fragmented

Opr

The operating state of the SDP

Sample output — BGP PIC
*A:7210SAS>show>service>id# show  service id 1 base 

===============================================================================
Service Basic Information
===============================================================================
Service Id        : 1                   Vpn Id            : 0
Service Type      : VPRN                
Name              : (Not Specified)
Description       : Default Description For VPRN ID 1
Customer Id       : 1                   
Last Status Change: 01/08/2000 22:57:35 
Last Mgmt Change  : 01/08/2000 22:57:35 
Admin State       : Up                  Oper State        : Up

Route Dist.       : 100:1               VPRN Type         : regular
AS Number         : 100                 Router Id         : 1.1.1.1
ECMP              : Enabled             ECMP Max Routes   : 1
Max IPv4 Routes   : No Limit            Auto Bind         : MPLS
Max IPv6 Routes   : No Limit            
Ignore NH Metric  : Disabled            
Hash Label        : Disabled            
Vrf Target        : target:200:1        
Vrf Import        : None                
Vrf Export        : None                
MVPN Vrf Target   : None                
MVPN Vrf Import   : None                
MVPN Vrf Export   : None                
Label mode        : vrf                 
BGP VPN Backup    : ipv4 ipv6           
 
SAP Count         : 1                   SDP Bind Count    : 3

-------------------------------------------------------------------------------
Service Access & Destination Points
-------------------------------------------------------------------------------
Identifier                               Type         AdmMTU  OprMTU  Adm  Opr
-------------------------------------------------------------------------------
sap:1/1/2:1                              q-tag        9212    9212    Up   Up
sdp:1002:1 S(2.2.2.2)                    Spok         0       9186    Up   Up
sdp:1003:1 S(3.3.3.3)                    Spok         0       9186    Up   Up
sdp:1004:1 S(4.4.4.4)                    Spok         0       9186    Up   Up
===============================================================================
*A:7210SAS>show>service>id# 
Table 13. Output Fields: ID base BGP PIC

Label

Description

Service Id

The service identifier

Service Type

The type of service: VPRN

Name

The service name

Description

Generic information about the service

Customer Id

The customer identifier

Last Status Change

The date and time of the most recent status change to this service

Last Mgmt Change

The date and time of the most recent management-initiated change to this service

Admin State

The desired state of the service

Oper State

The operating state of the service

Route Dist.

The largest frame size (in octets) that the service can handle

VPRN Type

Only valid in services that accept mesh SDP bindings. It validates the VC ID portion of each mesh SDP binding defined in the service.

AS Number

The autonomous system number

Router ID

The router ID for this service

ECMP

Displays equal cost multipath information

ECMP Max Routes

The maximum number of routes that can be received from the neighbors in the group or for the specific neighbor

Max IPv4 Routes

The maximum number of routes that can be used for path sharing

Auto Bind

The automatic binding type for the SDP assigned to this service

Max IPv6 Routes

Not applicable

Vrf Target

The route target in the VRF applied to this service

Vrf Import

The VRF import policy applied to this service

Vrf Export

The VRF export policy applied to this service

MVPN Vrf Target

The route target in the MVPN VRF applied to this service

MVPN Vrf Import

The MVPN VRF import policy applied to this service

MVPN Vrf Export

The MVPN VRF export policy applied to this service

SAP Count

The number of SAPs defined on the service

SDP Bind Count

The number of SDPs bound to the service

Service Access and Destination Points

Identifier

The service access (SAP) and destination (SDP) points

Type

The signaling protocol used to obtain the ingress and egress labels used in frames transmitted and received on the SDP

AdmMTU

The desired largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented

OprMTU

The actual largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented

Adm

The administrative state of the SAP or SDP

Opr

The operating state of the SAP or SDP

statistics
Syntax

statistics [sap sap-id] (network and access-uplink mode)

statistics [sdp sdp-id:vc-id] (network mode)

statistics [interface interface-name] (access-uplink mode for IES)

Context

show>service>id>dhcp

Platforms

Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode

Description

This command displays DHCP statistics information.

Parameters
sap-id

Specifies the physical port identifier portion of the SAP definition. See Common CLI command descriptions for the command syntax.

sdp-id

Specifies the SDP identifier.

Values

1 to 17407

vc-id

Specifies the virtual circuit ID on the SDP ID for which to display information.

Values

1 to 4294967295

interface interface-name

Displays information for the specified IP interface.

Output

The following output is an example of DHCP statistics, and Output Fields: DHCP statistics describes the output fields.

Sample output
A:sim1# show service id 11 dhcp statistics
================================================================
DHCP Global Statistics, service 11
================================================================
Rx Packets                        : 32                         
Tx Packets                        : 12                         
Rx Malformed Packets              : 0                          
Rx Untrusted Packets              : 0                          
Client Packets Discarded          : 0                          
Client Packets Relayed            : 11                         
Client Packets Snooped            : 21                         
Server Packets Discarded          : 0                          
Server Packets Relayed            : 0                          
Server Packets Snooped            : 0                          
================================================================
A:sim1#
Table 14. Output Fields: DHCP statistics

Label

Description

Received Packets

The number of packets received from the DHCP clients.

Transmitted Packets

The number of packets transmitted to the DHCP clients.

Received Malformed Packets

The number of corrupted/invalid packets received from the DHCP clients.

Received Untrusted Packets

The number of untrusted packets received from the DHCP clients. In this case, a frame is dropped due to the client sending a DHCP packet with Option 82 filled in before ‟trust” is set under the DHCP interface command.

Client Packets Discarded

The number of packets received from the DHCP clients that were discarded.

Client Packets Relayed

The number of packets received from the DHCP clients that were forwarded.

Client Packets Snooped

The number of packets received from the DHCP clients that were snooped.

Server Packets Discarded

The number of packets received from the DHCP server that were discarded.

Server Packets Relayed

The number of packets received from the DHCP server that were forwarded.

Server Packets Snooped

The number of packets received from the DHCP server that were snooped.

interface
Syntax

interface [ip-address | ip-int-name] [detail]

Context

show>service>id

Platforms

Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode with IES

Description

This command displays information for the IP interfaces associated with the service.

If no optional parameters are specified, a summary of all IP interfaces associated to the service are displayed.

Parameters
ip-address

The IP address of the interface for which to display information.

Values

a.b.c.d

ip-int-name

The IP interface name for which to display information.

detail

Displays detailed IP interface information.

Default

IP interface summary output.

Output

The following output is an example of service interface information, and Output Fields: Interface describes the output fields.

Sample output
*A:ALA-12# show service id 321 interface
===============================================================================
Interface Table
===============================================================================
Interface-Name                   Type IP-Address         Adm    Opr  Type
-------------------------------------------------------------------------------
test                             Pri  10.11.1.1/24       Up     Up   IES
-------------------------------------------------------------------------------
Interfaces : 1
===============================================================================
*A:ALA-12#


A:ALA-49# show service id 88 interface detail
===============================================================================
Interface Table
===============================================================================
Interface
-------------------------------------------------------------------------------
If Name      : Sector A
Admin State  : Up                               Oper State       : Down
Protocols    : None

IP Addr/mask : Not Assigned
-------------------------------------------------------------------------------
Details
-------------------------------------------------------------------------------
Description  :
If Index     : 26                               Virt. If Index   : 26
SAP Id       : 71/1/1.2.2
TOS Marking  : Untrusted                        If Type          : IES
SNTP B.Cast  : False                            IES ID           : 88
MAC Address  : Not configured.                  Arp Timeout      : 14400
IP MTU       : 1500                             ICMP Mask Reply  : True
Arp Populate : Disabled
Cflowd       : None

Proxy ARP Details
Proxy ARP    : Enabled                          Local Proxy ARP  : Disabled
Policies     : ProxyARP

DHCP Details
Admin State  : Up                               Lease Populate   : 0
Action       : Keep                             Trusted          : Disabled
ICMP Details
Redirects    : Number - 100                     Time (seconds)   - 10
Unreachables : Number - 100                     Time (seconds)   - 10
TTL Expired  : Number - 100                     Time (seconds)   - 10
-------------------------------------------------------------------------------
Interface
-------------------------------------------------------------------------------
If Name      : test
Admin State  : Up                               Oper State       : Down
Protocols    : None
IP Addr/mask : Not Assigned
-------------------------------------------------------------------------------
Details
-------------------------------------------------------------------------------
Description  :
If Index     : 27                               Virt. If Index   : 27
SAP Id       : 101/1/2:0
TOS Marking  : Untrusted                        If Type          : IES
SNTP B.Cast  : False                            IES ID           : 88
MAC Address  : Not configured.                  Arp Timeout      : 14400
Arp Populate : Disabled

Proxy ARP Details
Proxy ARP    : Disabled                         Local Proxy ARP  : Disabled

ICMP Details
Redirects    : Number - 100                     Time (seconds)   - 10
Unreachables : Number - 100                     Time (seconds)   - 10
TTL Expired  : Number - 100                     Time (seconds)   - 10
-------------------------------------------------------------------------------
Interfaces : 2
===============================================================================
A:ALA-49#
Table 15. Output Fields: Interface

Label

Description

Interface-Name

The name used to refer to the interface.

Type

Specifies the interface type.

IP-Address

Specifies the IP address/IP subnet/broadcast address of the interface.

Adm

The desired state of the interface.

Opr

The operating state of the interface.

Interface

If Name

The name used to refer to the interface.

Admin State

The desired state of the interface.

Oper State

The operating state of the interface.

IP Addr/mask

Specifies the IP address/IP subnet/broadcast address of the interface.

Details

If Index

The index corresponding to this interface. The primary index is 1. For example, all interfaces are defined in the Base virtual router context.

If Type

Specifies the interface type.

Port Id

Specifies the SAP port ID.

SNTP B.Cast

Specifies whether SNTP broadcast client mode is enabled or disabled.

Arp Timeout

Specifies the timeout for an ARP entry learned on the

interface.

MAC Address

Specifies the 48-bit IEEE 802.3 MAC address.

ICMP Mask Reply

Specifies whether ICMP mask reply is enabled or disabled.

ICMP Details

Redirects

Specifies the rate for ICMP redirect messages.

Unreachables

Specifies the rate for ICMP unreachable messages.

TTL Expired

Specifies the rate for ICMP TTL messages.

sap
Syntax

sap sap-id [detail]]

Context

show>service>id

Platforms

Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode

Description

This command displays information for the SAPs associated with the service.

If no optional parameters are specified, a summary of all associated SAPs is displayed.

Parameters
sap-id

Specifies the ID that displays SAPs for the service. See Common CLI command descriptions for command syntax.

detail

Displays detailed information for the SAP.

Output

The following output is an example of service SAP information, and Output Fields: service ID SAP describes the output fields.

Sample output
*A:ALA-12# show service id 321 sap 1/1/4:0
===============================================================================
Service Access Points(SAP)
===============================================================================
Service Id         : 321
SAP                : 1/1/4:0                 Encap             : q-tag
Dot1Q Ethertype    : 0x8100                   QinQ Ethertype    : 0x8100
Admin State        : Up                       Oper State        : Down
Flags              : PortOperDown
                     SapIngressQoSMismatch
Last Status Change : 02/03/2007 12:58:37
Last Mgmt Change   : 02/03/2007 12:59:10
Admin MTU          : 1518                     Oper MTU          : 1518
Ingress qos-policy : 100                      Egress qos-policy : 1
Ingress Filter-Id  : n/a                      Egress Filter-Id  : n/a
Multi Svc Site     : None
Acct. Pol          : None                     Collect Stats     : Disabled
===============================================================================
*A:ALA-12# 


*A:ALA-12# show service id 321 sap 1/1/4:0 detail
===============================================================================
Service Access Points(SAP)
===============================================================================
Service Id         : 321
SAP                : 1/1/4:0                 Encap             : q-tag
Dot1Q Ethertype    : 0x8100                   QinQ Ethertype    : 0x8100

Admin State        : Up                       Oper State        : Down
Flags              : PortOperDown
                     SapIngressQoSMismatch
Last Status Change : 02/03/2007 12:58:37
Last Mgmt Change   : 02/03/2007 12:59:10
Admin MTU          : 1518                     Oper MTU          : 1518
Ingress qos-policy : 100                      Egress qos-policy : 1
Ingress Filter-Id  : n/a                      Egress Filter-Id  : n/a
Multi Svc Site     : None
Acct. Pol          : None                     Collect Stats     : Disabled
-------------------------------------------------------------------------------
Sap Statistics
-------------------------------------------------------------------------------
                        Packets                 Octets
Forwarding Engine Stats
Dropped               : 0                       0
Off. HiPrio           : 0                       0
Off. LowPrio          : 0                       0
Off. Uncolor          : 0                       0
Queueing Stats(Egress QoS Policy 1)
Dro. InProf           : 0                       0
Dro. OutProf          : 0                       0
For. InProf           : 0                       0
For. OutProf          : 0                       0
-------------------------------------------------------------------------------

=============================================================================
*A:ALA-12#

*A:dut-a>config>log# /show service id 100 sap 1/1/22:100 sap-stats 

===============================================================================
Service Access Points(SAP)
===============================================================================
Service Id         : 100                      
SAP                : 1/1/22:100               Encap             : q-tag
Description        : (Not Specified)
Admin State        : Up                       Oper State        : Up
Flags              : None
Last Status Change : 02/17/2016 10:24:49      
Last Mgmt Change   : 02/17/2016 10:24:46      

-------------------------------------------------------------------------------
Ingress QoS Classifier Usage
-------------------------------------------------------------------------------
Classifiers Allocated: 2                     Meters Allocated   : 1
Classifiers Used     : 1                     Meters Used        : 1
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
Sap Statistics
-------------------------------------------------------------------------------
                        Packets                 Octets
Ingress Stats:          0                       0                        
Egress Stats:           76990984                116872316748             
Ingress Drop Stats:     0                       0                        
 
Extra-Tag Drop Stats:   n/a                     n/a                      
-------------------------------------------------------------------------------
Sap per Meter stats (in/out counter mode)
-------------------------------------------------------------------------------
                        Packets                 Octets

Ingress Meter 1
For. InProf           : 0                       0                        
For. OutProf          : 0                       0                        
-------------------------------------------------------------------------------
Egr sap agg-meter stats
-------------------------------------------------------------------------------
                        Packets                 Octets
Drop           :        385943060               73232696583              
Forward        :        74671326                14168884298              
-------------------------------------------------------------------------------
===============================================================================
*A:dut-a>

Table 16. Output Fields: service ID SAP

Label

Description

Service Id

The service identifier.

SAP

The SAP and qtag.

Encap

The encapsulation type of the SAP.

Ethertype

Specifies an Ethernet type II Ethertype value.

Admin State

The administrative state of the SAP.

Oper State

The operating state of the SAP.

Flags

Specifies the conditions that affect the operating status of this SAP.

Display output includes: ServiceAdminDown, SapAdminDown, InterfaceAdminDown, PortOperDown, PortMTUTooSmall, L2OperDown, SapIngressQoSMismatch, SapEgressQoSMismatch,RelearnLimitExceeded, RxProtSrcMac, ParentIfAdminDown, TodResourceUnavail, TodMssResourceUnavail, SapParamMismatch, ServiceMTUTooSmall, SapIngressNamedPoolMismatch, SapEgressNamedPoolMismatch, NoSapEpipeRingNode.

Last Status Change

Specifies the time of the most recent operating status change to this SAP

Last Mgmt Change

Specifies the time of the most recent management-initiated change to this SAP.

Admin MTU

The desired largest service frame size (in octets) that can be transmitted through the SAP to the far-end router, without requiring the packet to be fragmented.

Oper MTU

The actual largest service frame size (in octets) that can be transmitted through the SAP to the far-end router, without requiring the packet to be fragmented.

Ingress qos-policy

The ingress QoS policy ID assigned to the SAP.

Egress qos-policy

The egress QoS policy ID assigned to the SAP.

Ingress Filter-Id

The ingress filter policy ID assigned to the SAP.

Table-based

Indicates the use of table-based resource classification: Enabled (table-based) or Disabled (CAM-based)

Egress Filter-Id

The egress filter policy ID assigned to the SAP.

Acct. Pol

The accounting policy ID assigned to the SAP.

Collect Stats

Specifies whether collect stats is enabled.

Dropped

The number of packets and octets dropped due to SAP state, ingress MAC or IP filter, same segment discard, bad checksum, and so on.

Off. HiPrio

The number of high priority packets and octets, as determined by the SAP ingress QoS policy, offered by the Pchip to the Qchip.

Off. LowPrio

The number of low priority packets and octets, as determined by the SAP ingress QoS policy, offered by the Pchip to the Qchip.

Off. Uncolor

The number of uncolored packets and octets, as determined by the SAP ingress QoS policy, offered by the Pchip to the Qchip.

Dro. HiPrio

The number of high priority packets and octets, as determined by the SAP ingress QoS policy, dropped by the Qchip due to: MBS exceeded, buffer pool limit exceeded, and so on.

Dro. LowPrio

The number of low priority packets and octets, as determined by the SAP ingress QoS policy, dropped by the Qchip due to: MBS exceeded, buffer pool limit exceeded, and so on.

For. InProf

The number of in-profile packets and octets (rate below CIR) forwarded by the ingress Qchip.

For. OutProf

The number of out-of-profile packets and octets discarded by the egress Qchip due to MBS exceeded, buffer pool limit exceeded, and so on.

Dro. InProf

The number of in-profile packets and octets discarded by the egress Qchip due to MBS exceeded, buffer pool limit exceeded, and so on.

Dro. OutProf

The number of out-of-profile packets and octets discarded by the egress Qchip due to MBS exceeded, buffer pool limit exceeded, and so on.

For. InProf

The number of in-profile packets and octets (rate below CIR) forwarded by the egress Qchip.

For. OutProf

The number of out-of-profile packets and octets (rate above CIR) forwarded by the egress Qchip.

Ingress TD Profile

The profile ID applied to the ingress SAP.

Egress TD Profile

The profile ID applied to the egress SAP.

Alarm Cell Handling

The indication that OAM cells are being processed.

AAL-5 Encap

The AAL-5 encapsulation type.

sdp
Syntax

sdp [sdp-id | far-end ip-addr] [detail]

Context

show>service>id

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command displays information for the SDPs associated with the service. If no optional parameters are specified, a summary of all associated SDPs is displayed.

Parameters
sdp-id

Displays only information for the specified SDP ID.

Values

1 to 17407

Default

All SDPs.

far-end ip-addr

Displays only SDPs matching with the specified far-end IP address.

Default

SDPs with any far-end IP address.

detail

Displays detailed SDP information.

Output

The following output is an example of service SDP information, and Output Fields: service ID SDP describes the output fields.

Sample output
A:Dut-A# show service id 1 sdp detail 
===============================================================================
Services: Service Destination Points Details 
===============================================================================
 Sdp Id 1:1  -(10.20.1.2)  
-------------------------------------------------------------------------------
Description     : Default sdp description
SDP Id             : 1:1                      Type              : Spoke        
VC Type            : Ether                    VC Tag            : n/a          
Admin Path MTU     : 0                        Oper Path MTU     : 9186         
Far End            : 10.20.1.2                Delivery          : MPLS         
 
Admin State        : Up                       Oper State        : Up           
Acct. Pol          : None                     Collect Stats     : Disabled     
Ingress Label      : 2048                     Egress Label      : 2048         
Ing mac Fltr       : n/a                      Egr mac Fltr      : n/a          
Ing ip Fltr        : n/a                      Egr ip Fltr       : n/a          
Ing ipv6 Fltr      : n/a                      Egr ipv6 Fltr     : n/a          
Admin ControlWord  : Not Preferred            Oper ControlWord  : False        
Last Status Change : 05/31/2007 00:45:43      Signaling         : None         
Last Mgmt Change   : 05/31/2007 00:45:43                                       
Class Fwding State : Up                                                        
Flags              : None
Peer Pw Bits       : None
Peer Fault Ip      : None                                                      
Peer Vccv CV Bits  : None
Peer Vccv CC Bits  : None
Max Nbr of MAC Addr: No Limit                 Total MAC Addr    : 0            
Learned MAC Addr   : 0                        Static MAC Addr   : 0            
 
MAC Learning       : Enabled                  Discard Unkwn Srce: Disabled     
MAC Aging          : Enabled                                                   
L2PT Termination   : Disabled                 BPDU Translation  : Disabled     
MAC Pinning        : Disabled                                                  
 
KeepAlive Information :
Admin State        : Disabled                 Oper State        : Disabled     
Hello Time         : 10                       Hello Msg Len     : 0            
Max Drop Count     : 3                        Hold Down Time    : 10           
 
Statistics            :
I. Fwd. Pkts.      : 0                        I. Dro. Pkts.     : 0            
I. Fwd. Octs.      : 0                        I. Dro. Octs.     : 0            
E. Fwd. Pkts.      : 0                        E. Fwd. Octets    : 0            
MCAC Policy Name   :                                                           
MCAC Max Unconst BW: no limit                 MCAC Max Mand BW  : no limit     
MCAC In use Mand BW: 0                        MCAC Avail Mand BW: unlimited    
MCAC In use Opnl BW: 0                        MCAC Avail Opnl BW: unlimited    
 
Associated LSP LIST :
Lsp Name           : A_B_1                                                     
Admin State        : Up                       Oper State        : Up           
Time Since Last Tr*: 00h26m35s                                                 
 
Lsp Name           : A_B_2                                                     
Admin State        : Up                       Oper State        : Up           
Time Since Last Tr*: 00h26m35s                                                 
 
Lsp Name           : A_B_3                                                     
Admin State        : Up                       Oper State        : Up           
Time Since Last Tr*: 00h26m34s                                                 
 
Lsp Name           : A_B_4                                                     
Admin State        : Up                       Oper State        : Up           
Time Since Last Tr*: 00h26m34s                                                 
 
Lsp Name           : A_B_5                                                     
Admin State        : Up                       Oper State        : Up           
Time Since Last Tr*: 00h26m34s                                                 
 
Lsp Name           : A_B_6                                                     
Admin State        : Up                       Oper State        : Up           
Time Since Last Tr*: 00h26m34s                                                 
 
Lsp Name           : A_B_7                                                     
Admin State        : Up                       Oper State        : Up           
Time Since Last Tr*: 00h26m34s                                                 
 
Lsp Name           : A_B_8                                                     
Admin State        : Up                       Oper State        : Up           
Time Since Last Tr*: 00h26m35s                                                 
 
Lsp Name           : A_B_9                                                     
Admin State        : Up                       Oper State        : Up           
Time Since Last Tr*: 00h26m34s                                                 
 
Lsp Name           : A_B_10                                                    
Admin State        : Up                       Oper State        : Up           
Time Since Last Tr*: 00h26m34s 
-------------------------------------------------------------------------------
Class-based forwarding :
-------------------------------------------------------------------------------
Class forwarding   : enabled                                                   
Default LSP        : A_B_10                   Multicast LSP     : A_B_9 
===============================================================================
FC Mapping Table
===============================================================================
FC Name             LSP Name                                                   
-------------------------------------------------------------------------------
af                  A_B_3                                                      
be                  A_B_1                                                      
ef                  A_B_6                                                      
h1                  A_B_7                                                      
h2                  A_B_5                                                      
l1                  A_B_4                                                      
l2                  A_B_2                                                      
nc                  A_B_8                                                      
===============================================================================
Stp Service Destination Point specifics
-------------------------------------------------------------------------------
Mac Move           : Blockable                                                 
Stp Admin State    : Up                       Stp Oper State    : Down         
Core Connectivity  : Down                                                      
Port Role          : N/A                      Port State        : Forwarding   
Port Number        : 2049                     Port Priority     : 128          
Port Path Cost     : 10                       Auto Edge         : Enabled      
Admin Edge         : Disabled                 Oper Edge         : N/A          
Link Type          : Pt-pt                    BPDU Encap        : Dot1d        
Root Guard         : Disabled                 Active Protocol   : N/A          
Last BPDU from     : N/A                                                       
Designated Bridge  : N/A                      Designated Port Id: 0            
 
Fwd Transitions    : 0                        Bad BPDUs rcvd    : 0            
Cfg BPDUs rcvd     : 0                        Cfg BPDUs tx      : 0            
TCN BPDUs rcvd     : 0                        TCN BPDUs tx      : 0            
RST BPDUs rcvd     : 0                        RST BPDUs tx      : 0            
-------------------------------------------------------------------------------
Number of SDPs : 1
-------------------------------------------------------------------------------
* indicates that the corresponding row element may have been truncated.
-------------------------------------------------------------------------------
A:Dut-A# 
Table 17. Output Fields: service ID SDP

Label

Description

Sdp Id

The SDP identifier.

Type

Indicates whether the SDP is a spoke or a mesh.

Split Horizon Group

Name of the split horizon group that the SDP belongs to.

VC Type

Displays the VC type: ether or vlan.

VC Tag

Displays the explicit dot1Q value used when encapsulating to the SDP far end.

I. Lbl

The VC label used by the far-end device to send packets to this device in this service by the SDP.

Admin Path MTU

The operating path MTU of the SDP is equal to the admin path MTU (when one is set) or the dynamically computed tunnel MTU, when no admin path MTU is set (the default case.)

Oper Path MTU

The actual largest service frame size (in octets) that can be transmitted through this SDP to the far-end router, without requiring the packet to be fragmented.

Far End

Specifies the IP address of the remote end of the MPLS tunnel defined by this SDP.

Delivery

Specifies the type of delivery used by the SDP: MPLS.

Admin State

The administrative state of this SDP.

Oper State

The operational state of this SDP.

Ingress Label

The label used by the far-end device to send packets to this device in this service by this SDP.

Egress Label

The label used by this device to send packets to the far-end device in this service by the SDP.

Last Changed

The date and time of the most recent change to the SDP.

Signaling

Specifies the signaling protocol used to obtain the ingress and egress labels used in frames transmitted and received on this SDP.

Admin State

The administrative state of the keepalive process.

Oper State

he operational state of the keepalive process.

Hello Time

Specifies how often the SDP echo request messages are transmitted on this SDP.

Max Drop Count

Specifies the maximum number of consecutive SDP echo request messages that can be unacknowledged before the keepalive protocol reports a fault.

Hello Msg Len

Specifies the length of the SDP echo request messages transmitted on this SDP.

Hold Down Time

Specifies the amount of time to wait before the keepalive operating status is eligible to enter the alive state.

I. Fwd. Pkts.

Specifies the number of forwarded ingress packets.

I. Dro. Pkts.

Specifies the number of dropped ingress packets.

E. Fwd. Pkts.

Specifies the number of forwarded egress packets.

Associated LSP List

When the SDP type is MPLS, a list of LSPs used to reach the far-end router displays. All the LSPs in the list must terminate at the IP address specified in the far end field.

aggregate
Syntax

aggregate [active]

Context

show>router

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command displays aggregated routes.

Parameters
active

This keyword filters out inactive aggregates.

Output

The following output is an example of aggregate route information, and Output Fields: Aggregate describes the output fields.

Sample output
*A:ALA-12# show router 3 aggregate
==============================================================================
Aggregates (Service: 3)
==============================================================================
Prefix                Summary  AS Set   Aggr AS     Aggr IP-Address   State
------------------------------------------------------------------------------
------------------------------------------------------------------------------
No. of Aggregates: 0
-----------------------------------------------------------
*A:ALA-12#
Table 18. Output Fields: Aggregate

Label

Description

Prefix

Displays the destination address of the aggregate route in dotted decimal notation.

Summary

Specifies whether the aggregate or more specific components are advertised.

AS Set

Displays an aggregate where the path advertised for the route consists of all elements contained in all paths that are being summarized.

Aggr AS

Displays the aggregator path attribute to the aggregate route.

Aggr IP-Address

The IP address of the aggregated route.

State

The operational state of the aggregated route.

No. of Aggregates

The total number of aggregated routes.

arp
Syntax

arp [ip-address | ip-int-name | mac ieee-mac-addr]

Context

show>router

Platforms

Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode with IES

Description

This command displays the router ARP table sorted by IP address.

If no command line options are specified, all ARP entries are displayed.

Parameters
ip-addr

Only displays ARP entries associated with the specified IP address.

ip-int-name

Only displays ARP entries associated with the specified IP interface name.

macieee-mac-addr

Only displays ARP entries associated with the specified MAC address.

Output

The following output is an example of router ARP information, and Output fields: ARP describes the output fields.

Sample output
*A:ALA-12# show router 3 arp
===============================================================================
ARP Table (Service: 3)
===============================================================================
IP Address      MAC Address       Expiry    Type   Interface
-------------------------------------------------------------------------------
10.10.10.103    04:67:ff:00:00:01 00h00m00s Oth    system
10.10.4.3       00:00:00:00:00:00 00h00m00s Oth    ALA-1-2
10.10.5.3       00:00:00:00:00:00 00h00m00s Oth    ALA-1-3
10.10.7.3       00:00:00:00:00:00 00h00m00s Oth    ALA-1-5
10.10.0.16      00:00:00:00:00:00 00h00m00s Oth    bozo
10.10.3.3       00:00:00:00:00:00 00h00m00s Oth    gizmo
10.10.2.3       00:00:00:00:00:00 00h00m00s Oth    hobo
10.10.1.17      00:00:00:00:00:00 00h00m00s Oth    int-cflowd
10.0.0.92       00:00:00:00:00:00 04h00m00s Dyn    to-104
10.0.0.103      04:67:01:01:00:01 00h00m00s Oth[I] to-104
10.0.0.104      04:68:01:01:00:01 03h59m49s Dyn[I] to-104
10.10.36.2      00:00:00:00:00:00 00h00m00s Oth    tuesday
192.168.2.98    00:03:47:c8:b4:86 00h14m37s Dyn[I] management
192.168.2.103   00:03:47:dc:98:1d 00h00m00s Oth[I] management
-------------------------------------------------------------------------------
No. of ARP Entries: 14
===============================================================================
*A:ALA-12# 


*A:ALA-12# show router 3 arp 10.10.0.3
===============================================================================
ARP Table                                                                      
===============================================================================
IP Address      MAC Address       Expiry    Type   Interface
-------------------------------------------------------------------------------
10.10.0.3       04:5d:ff:00:00:00 00:00:00  Oth    system                         
===============================================================================
*A:ALA-12#


*A:ALA-12# show router 3 arp to-ser1
===============================================================================
ARP Table                                                                      
===============================================================================
IP Address      MAC Address       Expiry    Type   Interface
-------------------------------------------------------------------------------
10.10.13.1      04:5b:01:01:00:02 03:53:09  Dyn    to-ser1                        
===============================================================================
*A:ALA-12#
Table 19. Output fields: ARP

Label

Description

IP Address

The IP address of the ARP entry.

MAC Address

The MAC address of the ARP entry.

Expiry

The age of the ARP entry.

Type

Dyn

The ARP entry is a dynamic ARP entry.

Inv

The ARP entry is an inactive static ARP entry (invalid).

Oth

The ARP entry is a local or system ARP entry.

Sta

The ARP entry is an active static ARP entry.

Interface

The IP interface name associated with the ARP entry.

No. of ARP Entries

The number of ARP entries displayed in the list.

damping
Syntax

damping [ip-prefix/mask | ip-address] [detail]

damping [damp-type] [detail]

Context

show>router>bgp

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command displays BGP routes with have been dampened due to route flapping. This command can be entered with or without a route parameter.

When the keyword detail is included, more detailed information displays.

When only the command is entered (without any parameters included except detail), all dampened routes are listed.

When a parameter is specified, the matching routes are listed.

When a decayed, history, or suppressed keyword is specified, only those types of dampened routes are listed.

Parameters
ip-prefix/mask

Displays damping information for the specified IP prefix and mask length.

ip-address

Displays damping entry for the best match route for the specified IP address.

damp-type

Displays damping type for the specified IP address.

decayed

Displays damping entries that are decayed but are not suppressed.

history

Displays damping entries that are withdrawn but have history.

suppressed

Displays damping entries suppressed because of route damping.

detail

Displays detailed information.

Output

The following output is an example of BGP damping, and Output fields: damping describes the output fields.

Sample output
*A:ALA-12# show router 3 bgp damping 
==============================================================================
  BGP Router ID : 10.0.0.14         AS : 65206   Local AS : 65206
==============================================================================
  Legend -
  Status codes  : u - used, s - suppressed, h - history, d - decayed, * - valid
  Origin codes  : i - IGP, e - EGP, ? - incomplete,  - best
==============================================================================
BGP Damped Routes
==============================================================================
Flag  Network            From            Reuse       AS-Path 
------------------------------------------------------------------------------
ud*i  10.149.7.0/24      10.0.28.1       00h00m00s   60203 65001 19855 3356
                                                      1239  22406 
si    10.155.6.0/23      10.0.28.1       00h43m41s   60203 65001 19855 3356
                                                      2914  7459 
si    10.155.8.0/22      10.0.28.1       00h38m31s   60203 65001 19855 3356
                                                      2914  7459 
si    10.155.12.0/22     10.0.28.1       00h35m41s   60203 65001 19855 3356
                                                      2914  7459 
si    10.155.22.0/23     10.0.28.1       00h35m41s   60203 65001 19855 3356
                                                      2914  7459 
si    10.155.24.0/22     10.0.28.1       00h35m41s   60203 65001 19855 3356
                                                      2914  7459 
si    10.155.28.0/22     10.0.28.1       00h34m31s   60203 65001 19855 3356
                                                      2914  7459 
si    10.155.40.0/21     10.0.28.1       00h28m24s   60203 65001 19855 3356
                                                      7911  7459 
si    10.155.48.0/20     10.0.28.1       00h28m24s   60203 65001 19855 3356
                                                      7911  7459 
ud*i  10.8.140.0/24      10.0.28.1       00h00m00s   60203 65001 19855 3356
                                                      4637  17447 
ud*i  10.8.141.0/24      10.0.28.1       00h00m00s   60203 65001 19855 3356
                                                      4637  17447 
ud*i  10.9.0.0/18        10.0.28.1       00h00m00s   60203 65001 19855 3356
                                                      3561  9658  6163 
. . .
ud*i  10.213.184.0/23    10.0.28.1       00h00m00s   60203 65001 19855 3356
                                                      6774  6774  9154 
------------------------------------------------------------------------------
*A:ALA-12#


*A:ALA-12# show router 3 bgp damping detail 
==============================================================================
  BGP Router ID : 10.0.0.14         AS : 65206   Local AS : 65206
==============================================================================
  Legend -
  Status codes  : u - used, s - suppressed, h - history, d - decayed, * - 
 valid
  Origin codes  : i - IGP, e - EGP, ? - incomplete,  - best
==============================================================================
BGP Damped Routes
==============================================================================
------------------------------------------------------------------------------
Network : 10.149.7.0/24
------------------------------------------------------------------------------
Network          : 10.149.7.0/24        Peer             : 10.0.28.1
NextHop          : 10.0.28.1            Reuse time       : 00h00m00s
Peer AS          : 60203                Peer Router-Id   : 10.32.27.203
Local Pref       : none
Age              : 00h22m09s            Last update      : 02d00h58m
FOM Present      : 738                  FOM Last upd.    : 2039
Number of Flaps  : 2                    Flags            : ud*i
Path             : 60203 65001 19855 3356  1239  22406
Applied Policy   : default-damping-profile
------------------------------------------------------------------------------
Network : 10.142.48.0/20
------------------------------------------------------------------------------
Network          : 10.142.48.0/20       Peer             : 10.0.28.1
NextHop          : 10.0.28.1            Reuse time       : 00h00m00s
Peer AS          : 60203                Peer Router-Id   : 10.32.27.203
Local Pref       : none
Age              : 00h00m38s            Last update      : 02d01h20m
FOM Present      : 2011                 FOM Last upd.    : 2023
Number of Flaps  : 2                    Flags            : ud*i
Path             : 60203 65001 19855 3356  3561  5551  1889
Applied Policy   : default-damping-profile
------------------------------------------------------------------------------
Network : 10.200.128.0/19
------------------------------------------------------------------------------
Network          : 10.200.128.0/19      Peer             : 10.0.28.1
NextHop          : 10.0.28.1            Reuse time       : 00h00m00s
Peer AS          : 60203                Peer Router-Id   : 10.32.27.203
Local Pref       : none
Age              : 00h00m38s            Last update      : 02d01h20m
FOM Present      : 2011                 FOM Last upd.    : 2023
Number of Flaps  : 2                    Flags            : ud*i
Path             : 60203 65001 19855 1299  702   1889
Applied Policy   : default-damping-profile
------------------------------------------------------------------------------
Network : 10.203.192.0/18
-------------------------------------------------------------------------------
Network          : 10.203.192.0/18      Peer             : 10.0.28.1
NextHop          : 10.0.28.1            Reuse time       : 00h00m00s
Peer AS          : 60203                Peer Router-Id   : 10.32.27.203
Local Pref       : none
Age              : 00h00m07s            Last update      : 02d01h20m
FOM Present      : 1018                 FOM Last upd.    : 1024
Number of Flaps  : 1                    Flags            : ud*i
Path             : 60203 65001 19855 1299  702   1889
Applied Policy   : default-damping-profile
------------------------------------------------------------------------------
*A:ALA-12#


*A:ALA-12# show router 3 bgp damping 10.203.192.0/18 detail
==============================================================================
  BGP Router ID : 10.0.0.14         AS : 65206   Local AS : 65206
==============================================================================
  Legend -
  Status codes  : u - used, s - suppressed, h - history, d - decayed, * - valid
  Origin codes  : i - IGP, e - EGP, ? - incomplete,  - best
==============================================================================
BGP Damped Routes 10.203.192.0/18
==============================================================================
Network : 10.203.192.0/18
------------------------------------------------------------------------------
Network          : 10.203.192.0/18      Peer             : 10.0.28.1
NextHop          : 10.0.28.1            Reuse time       : 00h00m00s
Peer AS          : 60203                Peer Router-Id   : 10.32.27.203
Local Pref       : none
Age              : 00h00m42s            Last update      : 02d01h20m
FOM Present      : 2003                 FOM Last upd.    : 2025
Number of Flaps  : 2                    Flags            : ud*i
Path             : 60203 65001 19855 3356  702   1889
Applied Policy   : default-damping-profile
------------------------------------------------------------------------------
Paths : 1
==============================================================================
*A:ALA-12#
*A:ALA-12# show router 3 bgp damping suppressed detail      
==============================================================================
  BGP Router ID : 10.0.0.14         AS : 65206   Local AS : 65206
==============================================================================
  Legend -
  Status codes  : u - used, s - suppressed, h - history, d - decayed, * - valid
  Origin codes  : i - IGP, e - EGP, ? - incomplete,  - best
==============================================================================
BGP Damped Routes (Suppressed)
==============================================================================
Network : 10.142.48.0/20
------------------------------------------------------------------------------
Network          : 10.142.48.0/20       Peer             : 10.0.28.1
NextHop          : 10.0.28.1            Reuse time       : 00h29m22s
Peer AS          : 60203                Peer Router-Id   : 10.32.27.203
Local Pref       : none
Age              : 00h01m28s            Last update      : 02d01h20m
FOM Present      : 2936                 FOM Last upd.    : 3001
Number of Flaps  : 3                    Flags            : si
Path             : 60203 65001 19855 3356  702   1889
Applied Policy   : default-damping-profile
------------------------------------------------------------------------------
Network : 10.200.128.0/19
------------------------------------------------------------------------------
Network          : 10.200.128.0/19      Peer             : 10.0.28.1
NextHop          : 10.0.28.1            Reuse time       : 00h29m22s
Peer AS          : 60203                Peer Router-Id   : 10.32.27.203
Local Pref       : none
Age              : 00h01m28s            Last update      : 02d01h20m
FOM Present      : 2936                 FOM Last upd.    : 3001
Number of Flaps  : 3                    Flags            : si
Path             : 60203 65001 19855 3356  702   1889
Applied Policy   : default-damping-profile
------------------------------------------------------------------------------
Network : 10.203.240.0/20
------------------------------------------------------------------------------
Network          : 10.203.240.0/20      Peer             : 10.0.28.1
NextHop          : 10.0.28.1            Reuse time       : 00h29m22s
Peer AS          : 60203                Peer Router-Id   : 10.32.27.203
Local Pref       : none
Age              : 00h01m28s            Last update      : 02d01h20m
FOM Present      : 2936                 FOM Last upd.    : 3001
Number of Flaps  : 3                    Flags            : si
Path             : 60203 65001 19855 3356  702   1889
Applied Policy   : default-damping-profile
------------------------------------------------------------------------------
Network : 10.206.0.0/17
------------------------------------------------------------------------------
Network          : 10.206.0.0/17        Peer             : 10.0.28.1
NextHop          : 10.0.28.1            Reuse time       : 00h29m22s
Peer AS          : 60203                Peer Router-Id   : 10.32.27.203
Local Pref       : none
Age              : 00h01m28s            Last update      : 02d01h20m
FOM Present      : 2936                 FOM Last upd.    : 3001
Number of Flaps  : 3                    Flags            : si
Path             : 60203 65001 19855 3356  702   1889
Applied Policy   : default-damping-profile
------------------------------------------------------------------------------
*A:ALA-12#

Table 20. Output fields: damping

Label

Description

BGP Router ID

The local BGP router ID.

AS

The configured autonomous system number.

Local AS

The configured or inherited local AS for the specified peer group. If not configured, it is the same value as the AS.

Network

Route IP prefix and mask length for the route.

Flags

Legend:

Status codes: u- used, s-suppressed, h-history, d-decayed, *-valid. If a * is not present, the status is invalid.

Origin codes: i-IGP, e-EGP, ?-incomplete, >-best

Network

The IP prefix and mask length for the route.

From

The originator ID path attribute value.

Reuse time

The time when a suppressed route can be used again.

AS Path

The BGP AS path for the route.

Peer

The router ID of the advertising router.

NextHop

BGP nexthop for the route.

Peer AS

The autonomous system number of the advertising router.

Peer Router-Id

The router ID of the advertising router.

Local Pref

BGP local preference path attribute for the route.

Age

The time elapsed since the service was enabled.

Last update

The time when BGP was updated last in second/minute/hour (SS:MM:HH) format.

FOM Present

The current Figure of Merit (FOM) value.

Number of Flaps

The number of flaps in the neighbor connection.

Reuse time

The time when the route can be reused.

Path

The BGP AS path for the route.

Applied Policy

The applied route policy name.

group
Syntax

group [name] [detail]

Context

show>router>bgp

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command displays group information for a BGP peer group. This command can be entered with or without parameters.

When this command is entered without a group name, information about all peer groups displays.

When the command is issued with a specific group name, information only pertaining to that specific peer group displays.

The ‛State’ field displays the BGP group operational state. Other valid states are:

Up - BGP global process is configured and running.

Down - BGP global process is administratively shutdown and not running.

Disabled - BGP global process is operationally disabled. The process must be restarted by the operator.

Parameters
name

Displays information for the BGP group specified.

detail

Displays detailed information.

Output

The following output is an example of BGP group information, and Output fields: group describes the output fields.

Sample output
*A:ALA-12# show router 3 bgp group
===============================================================================
BGP Groups 
===============================================================================
Group            : To_AS_40000                     
-------------------------------------------------------------------------------
Description      : Not Available
Group Type       : No Type              State            : Up                  
Peer AS          : 40000                Local AS         : 65206               
Local Address    : n/a                  Loop Detect      : Ignore              
Export Policy    : direct2bgp                                                 
Hold Time        : 90                   Keep Alive       : 30                  
Cluster Id       : None                 Client Reflect   : Enabled             
NLRI             : Unicast              Preference       : 170                 
 
List of Peers
- 10.0.0.1       : To_Jukebox
- 10.0.0.12      : Not Available
- 10.0.0.13      : Not Available
- 10.0.0.14      : To_ALA-1
- 10.0.0.15      : To_H-215
Total Peers      : 5                    Established      : 2                   
===============================================================================
*A:ALA-12#
Table 21. Output fields: group

Label

Description

Group

BGP group name

Group Type

No Type

Peer type not configured.

External

Peer type configured as external BGP peers.

Internal

Peer type configured as internal BGP peers.

State

Disabled

The BGP peer group has been operationally disabled.

Down

The BGP peer group is operationally inactive.

Up

The BGP peer group is operationally active.

Peer AS

The configured or inherited peer AS for the specified peer group.

Local AS

The configured or inherited local AS for the specified peer group.

Local Address

The configured or inherited local address for originating peering for the specified peer group.

Loop Detect

The configured or inherited loop detect setting for the specified peer group.

Connect Retry

The configured or inherited connect retry timer value.

Authentication

None

No authentication is configured.

MD5

MD5 authentication is configured.

Local Pref

The configured or inherited local preference value.

MED Out

The configured or inherited MED value assigned to advertised routes without a MED attribute.

Min Route Advt.

The minimum amount of time that must pass between route updates for the same IP prefix.

Min AS Originate

The minimum amount of time that must pass between updates for a route originated by the local router.

Multihop

The maximum number of router hops a BGP connection can traverse.

Multipath

The configured or inherited multipath value, determining the maximum number of ECMP routes BGP can advertise to the RTM.

Prefix Limit

No Limit

No route limit assigned to the BGP peer group.

1 - 4294967295

The maximum number of routes BGP can learn from a peer.

Passive

Disabled

BGP attempts to establish BGP connections with neighbors in the specified peer group.

Enabled

BGP does not actively attempt to establish BGP connections with neighbors in the specified peer group.

Next Hop Self

Disabled

BGP is not configured to send only its own IP address as the BGP nexthop in route updates to neighbors in the peer group.

Enabled

BGP sends only its own IP address as the BGP nexthop in route updates to neighbors in the specified peer group.

Aggregator ID 0

Disabled

BGP is not configured to set the aggregator ID to 0.0.0.0 in all originated route aggregates sent to the neighbor in the peer group.

Enabled

BGP is configured to set the aggregator ID to 0.0.0.0 in all originated route aggregates sent to the neighbor in the peer group.

Remove Private

Disabled

BGP does not remove all private AS numbers from the AS path attribute in updates sent to the neighbor in the peer group.

Enabled

BGP removes all private AS numbers from the AS path attribute in updates sent to the neighbor in the peer group.

Damping

Disabled

The peer group is configured not to dampen route flaps.

Enabled

The peer group is configured to dampen route flaps.

Export Policy

The configured export policies for the peer group.

Import Policy

The configured import policies for the peer group.

Hold Time

The configured hold time setting.

Keep Alive

The configured keepalive setting.

Cluster Id

None

No cluster ID has been configured.

Client Reflect

Disabled

The BGP route reflector does not reflect routes to this neighbor.

Enabled

The BGP route reflector is configured to reflect routes to this neighbor.

NLRI

The type of NLRI information that the specified peer group can accept.

Unicast

IPv4 unicast routing information can be carried.

Preference

The configured route preference value for the peer group.

List of Peers

A list of BGP peers configured under the peer group.

Total Peers

The total number of peers configured under the peer group.

Established

The total number of peers that are in an established state.

neighbor
Syntax

neighbor [ip-address [[family family] filter1]]

neighbor [as-number [[family family] filter2]]

Context

show>router>bgp

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command displays BGP neighbor information. This command can be entered with or without any parameters.

When this command is issued without any parameters, information about all BGP peers displays.

When the command is issued with a specific IP address or AS number, information regarding only that specific peer or peers with the same AS display.

When either received-routes or advertised-routes is specified, the routes received from or sent to the specified peer is listed (see second output example). Note: This information is not available by SNMP.

When either history or suppressed is specified, the routes learned from those peers that either have a history or are suppressed (respectively) are listed.

The ‛State’ field displays the BGP peer protocol state. In additional to the standard protocol states, this field can also display the ‛Disabled’ operational state which indicates the peer is operationally disabled and must be restarted by the operator.

Parameters
ip-addr

Displays the BGP neighbor with the specified IP address.

family family

Specifies the type of routing information to be distributed by the BGP instance.

Values

ipv4 | vpn-ipv4 | ipv6 | vpn-ipv6 | l2-vpn | ms-pw

filter1

Specifies route criteria.

Values

received-routes, advertised-routes, history, suppressed, detail

filter2

Specifies route criteria.

Values

history, suppressed, detail

Output

The following outputs are examples of BGP neighbor information, and the associated tables describe the output fields.

Sample output
*A:ALA-12# show router 3 bgp neighbor
===============================================================================
BGP Neighbor
===============================================================================
-------------------------------------------------------------------------------
Peer : 10.0.0.15         Group : To_AS_40000
-------------------------------------------------------------------------------
Peer AS          : 65205                                                        
Peer Address     : 10.0.0.15            Peer Port        : 0                   
Local AS         : 65206                                                        
Local Address    : 10.0.0.16            Local Port       : 0                   
Peer Type        : External                                                     
State            : Active               Last State       : Connect             
Last Event       : openFail                                                     
Last Error       : Hold Timer Expire
Hold Time        : 90                   Keep Alive       : 30                  
Active Hold Time : 0                    Active Keep Alive: 0                   
Cluster Id       : None                                                         
Preference       : 170                  Num of Flaps     : 0                   
Recd. Prefixes   : 0                    Active Prefixes  : 0                   
Recd. Paths      : 0                    Suppressed Paths : 0                   
Input Queue      : 0                    Output Queue     : 0                   
i/p Messages     : 0                    o/p Messages     : 0                   
i/p Octets       : 0                    o/p Octets       : 0                   
i/p Updates      : 0                    o/p Updates      : 0                   
Export Policy    : direct2bgp 
===============================================================================
*A:ALA-12#


*A:ALA-12# show router 3 bgp neighbor detail
===============================================================================
BGP Neighbor (detail)
===============================================================================
-------------------------------------------------------------------------------
Peer : 10.0.0.15         Group : To_AS_40000
-------------------------------------------------------------------------------
Peer AS          : 65205                                                        
Peer Address     : 10.0.0.15            Peer Port        : 0                   
Local AS         : 65206                                                        
Local Address    : 10.0.0.16            Local Port       : 0                   
Peer Type        : External                                                     
State            : Active               Last State       : Connect             
Last Event       : openFail                                                     
Last Error       : Hold Timer Expire
Connect Retry    : 20                   Local Pref.      : 100                 
Min Route Advt.  : 30                   Min AS Orig.     : 15                  
Multipath        : 1                    Multihop         : 5                   
Damping          : Disabled             Loop Detect      : Ignore              
MED Out          : No MED Out           Authentication   : None                
Next Hop Self    : Disabled             AggregatorID Zero: Disabled            
Remove Private   : Disabled             Passive          : Disabled            
Prefix Limit     : No Limit                                                     
Hold Time        : 90                   Keep Alive       : 30                  
Active Hold Time : 0                    Active Keep Alive: 0                   
Cluster Id       : None                 Client Reflect   : Enabled             
Preference       : 170                  Num of Flaps     : 0                   
Recd. Prefixes   : 0                    Active Prefixes  : 0                   
Recd. Paths      : 0                    Suppressed Paths : 0                   
Input Queue      : 0                    Output Queue     : 0                   
i/p Messages     : 0                    o/p Messages     : 0                   
i/p Octets       : 0                    o/p Octets       : 0                   
i/p Updates      : 0                    o/p Updates      : 0                   
Export Policy    : direct2bgp                                                 
 
===============================================================================
*A:ALA-12#
Table 22. Output fields: neighbor

Label

Description

Peer

The IP address of the configured BGP peer.

Group

The BGP peer group to which this peer is assigned.

Peer AS

The configured or inherited peer AS for the peer group.

Peer Address

The configured address for the BGP peer.

Peer Port

The TCP port number used on the far-end system.

Local AS

The configured or inherited local AS for the peer group.

Local Address

The configured or inherited local address for originating peering for the peer group.

Local Port

The TCP port number used on the local system.

Peer Type

External

Peer type configured as external BGP peers.

Internal

Peer type configured as internal BGP peers.

State

Idle

The BGP peer is not accepting connections.

Active

BGP is listening for and accepting TCP connections from this peer.

Connect

BGP is attempting to establish a TCP connection from this peer.

Open Sent

BGP has sent an OPEN message to the peer and is waiting for an OPEN message from the peer.

Open Confirm

BGP has received a valid OPEN message from the peer and is awaiting a KEEPALIVE or NOTIFICATION.

Established

BGP has successfully established a peering and is exchanging routing information.

Last State

Idle

The BGP peer is not accepting connections.

Active

BGP is listening for and accepting TCP connections from this peer.

Connect

BGP is attempting to establish a TCP connection with this peer.

Connect

BGP is attempting to establish a TCP connections from this peer.

Open Sent

BGP has sent an OPEN message to the peer and is waiting for an OPEN message from the peer.

Open Confirm

BGP has received a valid OPEN message from the peer and is awaiting a KEEPALIVE or NOTIFICATION.

Open Confirm

BGP has received a valid OPEN message from the peer and is awaiting a KEEPALIVE or NOTIFICATION.

Last Event

start

BGP has initialized the BGP neighbor.

stop

BGP has disabled the BGP neighbor.

open

BGP transport connection opened.

close

BGP transport connection closed.

openFail

BGP transport connection failed to open.

error

BGP transport connection error.

connectRetry

Connect retry timer expired.

holdTime

Hold time timer expired.

keepAlive

Keepalive timer expired.

recvOpen

Receive an OPEN message.

revKeepalive

Receive an KEEPALIVE message.

recvUpdate

Receive an UPDATE message.

recvNotify

Receive an NOTIFICATION message.

None

No events have occurred.

Last Error

Displays the last BGP error and sub-code to occur on the BGP neighbor.

Connect Retry

The configured or inherited connect retry timer value.

Local Pref.

The configured or inherited local preference value.

Min Route Advt.

The minimum amount of time that must pass between route updates for the same IP prefix.

Min AS Originate

The minimum amount of time that must pass between updates for a route originated by the local router.

Multihop

The maximum number of router hops a BGP connection can traverse.

Multipath

The configured or inherited multipath value, determining the maximum number of ECMP routes BGP can advertise to the RTM.

Damping

Disabled

BGP neighbor is configured not to dampen route flaps.

Enabled

BGP neighbor is configured to dampen route flaps.

Loop Detect

Ignore

The BGP neighbor is configured to ignore routes with an AS loop.

Drop

The BGP neighbor is configured to drop the BGP peering if an AS loop is detected.

Off

AS loop detection is disabled for the neighbor.

MED Out

The configured or inherited MED value assigned to advertised routes without a MED attribute.

Authentication

None

No authentication is configured.

MD5

MD5 authentication is configured.

Next Hop Self

Disabled

BGP is not configured to send only its own IP address as the BGP nexthop in route updates to the specified neighbor.

Enabled

BGP sends only its own IP address as the BGP next hop in route updates to the neighbor.

AggregatorID Zero

Disabled

The BGP Neighbor is not configured to set the aggregator ID to 0.0.0.0 in all originated route aggregates.

Enabled

The BGP Neighbor is configured to set the aggregator ID to 0.0.0.0 in all originated route aggregates.

Remove Private

Disabled

BGP does not remove all private AS numbers from the AS path attribute, in updates sent to the specified neighbor.

Enabled

BGP does remove all private AS numbers from the AS path attribute, in updates sent to the specified neighbor.

Passive

Disabled

BGP actively attempts to establish a BGP connection with the specified neighbor.

Enabled

BGP does not actively attempt to establish a BGP connection with the specified neighbor.

Prefix Limit

No Limit

No route limit assigned to the BGP peer group.

1 - 4294967295

The maximum number of routes BGP can learn from a peer.

Hold Time

The configured hold time setting.

Keep Alive

The configured keepalive setting.

Active Hold Time

The negotiated hold time, if the BGP neighbor is in an established state.

Active Keep Alive

The negotiated keepalive time, if the BGP neighbor is in an established state.

Cluster Id

The configured route reflector cluster ID.

None

No cluster ID has been configured

Client Reflect

Disabled

The BGP route reflector is configured not to reflect routes to this neighbor.

Enabled

The BGP route reflector is configured to reflect routes to this neighbor.

Preference

The configured route preference value for the peer group.

Num of Flaps

The number of flaps in the neighbor connection.

Recd. Prefixes

The number of routes received from the BGP neighbor.

Active Prefixes

The number of routes received from the BGP neighbor and active in the forwarding table.

Recd. Paths

The number of unique sets of path attributes received from the BGP neighbor.

Suppressed Paths

The number of unique sets of path attributes received from the BGP neighbor and suppressed due to route damping.

Input Queue

The number of BGP messages to be processed.

Output Queue

The number of BGP messages to be transmitted.

i/p Messages

Total number of packets received from the BGP neighbor.

o/p Messages

Total number of packets sent to the BGP neighbor.

i/p Octets

Total number of octets received from the BGP neighbor.

o/p Octets

Total number of octets sent to the BGP neighbor.

i/p Updates

Total number of BGP updates received from the BGP neighbor.

o/p Updates

Total number of BGP updates sent to the BGP neighbor.

Export Policy

The configured export policies for the peer group.

Import Policy

The configured import policies for the peer group.

Sample output for Received routes
*A:ALA-12# show router 3 bgp neighbor 10.0.0.16 received-routes
==============================================================================
 BGP Router ID : 10.0.0.16         AS : 65206   Local AS : 65206 
===============================================================================
 Legend -
 Status codes  : u - used, s - suppressed, h - history, d - decayed, * - valid
 Origin codes  : i - IGP, e - EGP, ? - incomplete, > - best
===============================================================================
BGP Neighbor
===============================================================================
Flag  Network            Nexthop         LocalPref  MED        As-Path          
-------------------------------------------------------------------------------
?     10.0.0.16/32       10.0.0.16       100        none       No As-Path      
?     10.0.6.0/24        10.0.0.16       100        none       No As-Path      
?     10.0.8.0/24        10.0.0.16       100        none       No As-Path      
?     10.0.12.0/24       10.0.0.16       100        none       No As-Path      
?     10.0.13.0/24       10.0.0.16       100        none       No As-Path      
?     10.0.204.0/24      10.0.0.16       100        none       No As-Path      
===============================================================================
*A:ALA-12#
Table 23. Output fields: neighbor received routes

Label

Description

BGP Router ID

The local BGP router ID

AS

The configured autonomous system number

Local AS

The configured local AS setting

If not configured, it is the same value as the AS

Flag

u - used

s - suppressed

h - history

d - decayed

* - valid

i - igp

? - incomplete

> - best

Network

Route IP prefix and mask length for the route

Next Hop

BGP nexthop for the route

LocalPref

BGP local preference path attribute for the route

MED

BGP Multi-Exit Discriminator (MED) path attribute for the route

AS Path

The BGP AS path for the route

Sample output — Add-path
*A:7210SAS# show  router bgp neighbor 2.2.2.2 

===============================================================================
BGP Neighbor
===============================================================================
-------------------------------------------------------------------------------
Peer  : 10.2.2.2
Group : toPE
-------------------------------------------------------------------------------
Peer AS              : 100              Peer Port            : 50854
Peer Address         : 10.2.2.2
Local AS             : 100              Local Port           : 179  
Local Address        : 10.1.1.1
Peer Type            : Internal         
State                : Established      Last State           : Established
Last Event           : recvKeepAlive    
Last Error           : Cease (Connection Collision Resolution)
Local Family         : IPv4 VPN-IPv4 IPv6 VPN-IPv6
Remote Family        : IPv4 VPN-IPv4 IPv6 VPN-IPv6
Hold Time            : 90               Keep Alive           : 30   
Min Hold Time        : 0                
Active Hold Time     : 90               Active Keep Alive    : 30   
Cluster Id           : None             
Preference           : 170              Num of Update Flaps  : 0    
Recd. Paths          : 0                
IPv4 Recd. Prefixes  : 0                IPv4 Active Prefixes : 0    
IPv4 Suppressed Pfxs : 0                VPN-IPv4 Suppr. Pfxs : 0    
VPN-IPv4 Recd. Pfxs  : 0                VPN-IPv4 Active Pfxs : 0    
Mc IPv4 Recd. Pfxs.  : 0                Mc IPv4 Active Pfxs. : 0    
Mc IPv4 Suppr. Pfxs  : 0                IPv6 Suppressed Pfxs : 0    
IPv6 Recd. Prefixes  : 0                IPv6 Active Prefixes : 0    
VPN-IPv6 Recd. Pfxs  : 0                VPN-IPv6 Active Pfxs : 0    
VPN-IPv6 Suppr. Pfxs : 0                L2-VPN Suppr. Pfxs   : 0    
L2-VPN Recd. Pfxs    : 0                L2-VPN Active Pfxs   : 0    
MVPN-IPv4 Suppr. Pfxs: 0                MVPN-IPv4 Recd. Pfxs : 0    
MVPN-IPv4 Active Pfxs: 0                MDT-SAFI Suppr. Pfxs : 0    
MDT-SAFI Recd. Pfxs  : 0                MDT-SAFI Active Pfxs : 0    
FLOW-IPV4-SAFI Suppr*: 0                FLOW-IPV4-SAFI Recd.*: 0    
FLOW-IPV4-SAFI Activ*: 0                Rte-Tgt Suppr. Pfxs  : 0    
Rte-Tgt Recd. Pfxs   : 0                Rte-Tgt Active Pfxs  : 0    
Backup IPv4 Pfxs     : 0                Backup IPv6 Pfxs     : 0    
Mc Vpn Ipv4 Recd. Pf*: 0                Mc Vpn Ipv4 Active P*: 0    
Backup Vpn IPv4 Pfxs : 0                Backup Vpn IPv6 Pfxs : 0    
Input Queue          : 0                Output Queue         : 0    
i/p Messages         : 9042             o/p Messages         : 65   
i/p Octets           : 111              o/p Octets           : 278
i/p Updates          : 0                o/p Updates          : 0    
TTL Security         : Disabled         Min TTL Value        : n/a
Graceful Restart     : Disabled         Stale Routes Time    : n/a
Advertise Inactive   : Disabled         Peer Tracking        : Disabled
Advertise Label      : ipv4 ipv6 
Auth key chain       : n/a
Disable Cap Nego     : Disabled         Bfd Enabled          : Enabled
Flowspec Validate    : Disabled         Default Route Tgt    : Disabled
L2 VPN Cisco Interop : Disabled         
Local Capability     : RtRefresh MPBGP 4byte ASN 
Remote Capability    : RtRefresh MPBGP 4byte ASN 
Local AddPath Capabi*: Send - VPN-IPv4 (1) VPN-IPv6 (4)
                     : Receive - VPN-IPv6 
Remote AddPath Capab*: Send - VPN-IPv6 
                     : Receive - VPN-IPv4 VPN-IPv6 
Import Policy        : None Specified / Inherited
Export Policy        : P1                                                      
 
-------------------------------------------------------------------------------
Neighbors : 1
===============================================================================
* indicates that the corresponding row element may have been truncated.
*A:7210SAS#
Table 24. Output fields: show neighbor add-path

Label

Description

Peer

The IP address of the configured BGP peer

Group

The BGP peer group to which this peer is assigned

Peer AS

The configured or inherited peer AS for the peer group

Peer Address

The configured address for the BGP peer

Peer Port

The TCP port number used on the far-end system

Local AS

The configured or inherited local AS for the peer group

Local Address

The configured or inherited local address for originating peering for the peer group

Local Port

The TCP port number used on the local system

Peer Type

External - peer type configured as external BGP peers

Internal - peer type configured as internal BGP peers

State

Idle - the BGP peer is not accepting connections

(Shutdown) is also displayed if the peer is administratively disabled

Active - BGP is listening for and accepting TCP connections from this peer

Connect - BGP is attempting to establish a TCP connection with this peer

Open Sent - BGP has sent an OPEN message to the peer and is waiting for an OPEN message from the peer

Open Confirm - BGP has received a valid OPEN message from the peer and is awaiting a KEEPALIVE or NOTIFICATION

Established - BGP has successfully established a peering session and is exchanging routing information

Last State

Idle - the BGP peer is not accepting connections

Active - BGP is listening for and accepting TCP connections from this peer

Connect - BGP is attempting to establish a TCP connections with this peer

Open Sent - BGP has sent an OPEN message to the peer and is waiting for an OPEN message from the peer

Open Confirm - BGP has received a valid OPEN message from the peer and is awaiting a KEEPALIVE or NOTIFICATION

Last Event

start - BGP has initialized the BGP neighbor

stop - BGP has disabled the BGP neighbor

open - BGP transport connection is opened

close - BGP transport connection is closed

openFail - BGP transport connection failed to open

error - BGP transport connection error

connectRetry - the connect retry timer expired

holdTime - the hold time timer expired

keepAlive - the keepalive timer expired

recvOpen - BGP has received an OPEN message

revKeepalive - BGP has received a KEEPALIVE message

recvUpdate - BGP has received an UPDATE message

recvNotify - BGP has received a NOTIFICATION message

None - no events have occurred

Last Error

The last BGP error and subcode to occur on the BGP neighbor

Local Family

The configured local family value

Remote Family

The configured remote family value

Hold Time

The configured hold-time setting

Keep Alive

The configured keepalive setting

Min Hold Time

The configured minimum hold-time setting

Active Hold Time

The negotiated hold time, if the BGP neighbor is in an established state

Active Keep Alive

The negotiated keepalive time, if the BGP neighbor is in an established state

Cluster Id

The configured route reflector cluster ID

None - no cluster ID is configured

Preference

The configured route preference value for the peer group

Num of Flaps

The number of route flaps in the neighbor connection

Recd. Prefixes

The number of routes received from the BGP neighbor

Recd. Paths

The number of unique sets of path attributes received from the BGP neighbor

IPv4 Recd. Prefixes

The number of unique sets of IPv4 path attributes received from the BGP neighbor

IPv4 Active Prefixes

The number of IPv4 routes received from the BGP neighbor and active in the forwarding table

IPv4 Suppressed Pfxs

The number of unique sets of IPv4 path attributes received from the BGP neighbor and suppressed due to route damping

VPN-IPv4 Suppr. Pfxs

The number of unique sets of VPN-IPv4 path attributes received from the BGP neighbor and suppressed due to route damping

VPN-IPv4 Recd. Pfxs

The number of unique sets of VPN-IPv4 path attributes received from the BGP neighbor

VPN-IPv4 Active Pfxs

The number of VPN-IPv4 routes received from the BGP neighbor and active in the forwarding table

IPv6 Recd. Prefixes

The number of unique sets of IPv6 path attributes received from the BGP neighbor

IPv6 Active Prefixes

The number of IPv6 routes received from the BGP neighbor and active in the forwarding table

VPN-IPv6 Recd. Pfxs

The number of unique sets of VPN-IPv6 path attributes received from the BGP neighbor

VPN-IPv6 Active Pfxs

The number of VPN-IPv6 routes received from the BGP neighbor and active in the forwarding table

VPN-IPv6 Suppr. Pfxs

The number of unique sets of VPN-IPv6 path attributes received from the BGP neighbor and suppressed due to route damping

Backup IPv4 Pfxs

The number of BGP Fast Reroute backup path IPv4 prefixes

Backup IPv6 Pfxs

The number of BGP Fast Reroute backup path IPv6 prefixes

Backup Vpn IPv4 Pfxs

The number of BGP Fast Reroute backup path VPN IPv4 prefixes

Backup Vpn IPv6 Pfxs

The number of BGP Fast Reroute backup path VPN IPv6 prefixes

Input Queue

The number of BGP messages to be processed

Output Queue

The number of BGP messages to be transmitted

i/p Messages

The total number of packets received from the BGP neighbor

o/p Messages

The total number of packets sent to the BGP neighbor

i/p Octets

The total number of octets received from the BGP neighbor

o/p Octets

The total number of octets sent to the BGP neighbor

i/p Updates

The total number of updates received from the BGP neighbor

o/p Updates

The total number of updates sent to the BGP neighbor

TTL Security

Enabled - TTL security is enabled

Disabled - TTL security is disabled

Min TTL Value

The minimum TTL value configured for the peer

Graceful Restart

The state of graceful restart

Stale Routes Time

The length of time that stale routes are kept in the route table

Advertise Inactive

The state of advertising inactive BGP routes to other BGP peers (enabled or disabled)

Peer Tracking

The state of tracking a neighbor IP address in the routing table for a BGP session

Advertise Label

Indicates the enabled address family for supporting RFC 3107 BGP label capability

Auth key chain

The value for the authentication key chain

Bfd Enabled

Enabled - BFD is enabled

Disabled - BFD is disabled

Local Capability

The capability of the local BGP speaker; for example, route refresh, MP-BGP, ORF

Remote Capability

The capability of the remote BGP peer; for example, route refresh, MP-BGP, ORF

Local AddPath Capabi*

The state of the local BGP add-paths capabilities

The add-paths capability allows the router to send and receive multiple paths per prefix to or from a peer

Remote AddPath Capab*

The state of the remote BGP add-paths capabilities

Import Policy

The configured import policies for the peer group

Export Policy

The configured export policies for the peer group

paths
Syntax

paths

Context

show>router>bgp

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command displays a summary of BGP path attributes.

Output

The following output is an example of BGP path information, and Output fields: paths describes the output fields.

Sample output
*A:ALA-12# show router 3 bgp paths
==============================================================================
 BGP Router ID : 10.0.0.14         AS : 65206   Local AS : 65206 
==============================================================================
BGP Paths
------------------------------------------------------------------------------
Path: 60203 65001 19855 3356  15412 
------------------------------------------------------------------------------
Origin           : IGP                  Next Hop         : 10.0.28.1           
MED              : 60203                Local Preference : none                
Refs             : 4                    ASes             : 5                   
Segments         : 1                                                           
Flags            : EBGP-learned
Aggregator       : 15412  62.216.140.1
------------------------------------------------------------------------------
Path: 60203 65001 19855 3356  1     1236  1236  1236  1236  
------------------------------------------------------------------------------
Origin           : IGP                  Next Hop         : 10.0.28.1           
MED              : 60203                Local Preference : none                
Refs             : 2                    ASes             : 9                   
Segments         : 1                                                           
Flags            : EBGP-learned
------------------------------------------------------------------------------
*A:ALA-12# 

Table 25. Output fields: paths

Label

Description

BGP Router ID

The local BGP router ID.

AS

The configured autonomous system number.

Local AS

The configured local AS setting. If not configured, the value is the same as the AS.

Path

The AS path attribute.

Origin

EGP

The NLRI is learned by an EGP protocol.

IGP

The NLRI is interior to the originating AS.

INCOMPLETE

NLRI was learned another way.

Next Hop

The advertised BGP nexthop.

MED

The Multi-Exit Discriminator value.

Local Preference

The local preference value.

Refs

The number of routes using a specified set of path attributes.

ASes

The number of autonomous system numbers in the AS path attribute.

Segments

The number of segments in the AS path attribute.

Flags

eBGP-learned

Path attributes learned by an eBGP peering.

iBGP-Learned

Path attributes learned by an iBGP peering.

Aggregator

The route aggregator ID.

Community

The BGP community attribute list.

Originator ID

The originator ID path attribute value.

Cluster List

The route reflector cluster list.

routes
Syntax

routes [family family] [prefix [detail | longer]]

routes [family family] [prefix [hunt | brief]]

routes [family family] [community comm-id]

routes [family family] [aspath-regex reg-ex1]

routes [family family] [ipv6-prefix[/prefix-length] [detail | longer] | [hunt [brief]]]

Context

show>router>bgp

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command displays BGP route information.

When this command is issued without any parameters, the entire BGP routing table is displayed.

When this command is issued with an IP prefix/mask or IP address, the best match for the parameter is displayed.

Parameters
family family

Specifies the type of routing information to be distributed by the BGP instance.

Values

ipv4 — Displays only those BGP peers that have the IPv4 family enable and not those capable of exchanging IP-VPN routes. vpn-ipv4 — Displays the BGP peers that are IP-VPN capable. ipv6 — Displays the BGP peers that are IPv6 capable. mcast-ipv4 — Displays the BGP peers that are mcast-ipv4 capable.

prefix

Specifies the type of routing information to display.

Values

rd|[rd:]ip-address[/mask]

rd

{ip-address:number1

as-number1:number2

as-number2:number3}

number1

1 to 65535

as-number1

1 to 65535

number2

0 to 4294967295

as-number2

1 to 4294967295

number3

0 to 65535

ip-address

a.b.c.d

mask

0 to 32

filter

Specifies route criteria.

Values

hunt Displays entries for the specified route in the RIB-In, RIB-Out, and RTM.

longer Displays the specified route and subsets of the route.

detail Display the longer, more detailed version of the output.

aspath-regex ‟reg-exp

Displays all routes with an AS path matching the specified regular expression reg-exp.

community comm.-id

Displays all routes with the specified BGP community.

Values

[as-number1:comm-val1 | ext-comm | well-known-comm]

ext-comm

type:{ip-address:comm-val1 | as-number1:comm-val2 | as- number2:comm-val1}

as-number1

0..65535

comm-val1

0..65535

type

keywords: target, origin

ip-address

a.b.c.d

comm-val2

0 to 4294967295

as-number2

0 to 4294967295

well-known-comm no-export, no-export-subconfed, no-advertise

Output

The following output is an example of BGP route information, and Output fields: routes describes the output fields.

Sample output
*A:ALA-12>config>router>bgp# show router 3 bgp routes family ipv4
==============================================================================
 BGP Router ID : 10.10.10.103      AS : 200     Local AS : 200
==============================================================================
 Legend -
 Status codes  : u - used, s - suppressed, h - history, d - decayed, * - valid
 Origin codes  : i - IGP, e - EGP, ? - incomplete, > - best
==============================================================================
BGP Routes
==============================================================================
Flag  Network                             Nexthop         LocalPref  MED
      VPN Label                           As-Path
------------------------------------------------------------------------------
No Matching Entries Found
==============================================================================
*A:ALA-12>config>router>bgp# 

A:SR-12# show router bgp routes 10.0.0.0/31 hunt 
===============================================================================
 BGP Router ID : 10.20.1.1   AS : 100Local AS : 100 
===============================================================================
 Legend -
 Status codes  : u - used, s - suppressed, h - history, d - decayed, * - valid
 Origin codes  : i - IGP, e - EGP, ? - incomplete, > - best
===============================================================================
BGP Routes
===============================================================================
RIB In Entries
-------------------------------------------------------------------------------
Network        : 10.0.0.0/31
Nexthop        : 10.20.1.2
Route Dist.    : 10.20.1.2:1VPN Label: 131070 
From       : 10.20.1.2
Res. Nexthop   : 10.10.1.2
Local Pref.    : 100Interface Name: to-sr7 
Aggregator AS  : noneAggregator: none 
Atomic Aggr.   : Not AtomicMED: none
Community      : target:10.20.1.2:1
Cluster        : No Cluster Members
Originator Id  : NonePeer Router Id: 10.20.1.2
Flags       : Used  Valid  Best  IGP  
AS-Path        : No As-Path
VPRN Imported  : 1 2 10 12
-------------------------------------------------------------------------------
RIB Out Entries
-------------------------------------------------------------------------------
Routes : 1
===============================================================================
A:SR-12# 
Table 26. Output fields: routes

Label

Description

BGP Router ID

The local BGP router ID.

AS

The configured autonomous system number.

Local AS

The configured local AS setting, if not configured it is the same as the system AS.

Network

The IP prefix and mask length.

Nexthop

The BGP nexthop.

From

The advertising BGP neighbor IP address.

Res. Nexthop

The resolved nexthop.

Local Pref.

The local preference value.

Flag

u

used

s

suppressed

h

history

d

decayed

*

valid

i

igp

e

egp

?

incomplete

>

best

Aggregator AS

The aggregator AS value.

none

No aggregator AS attributes are present.

Aggregator

The aggregator attribute value.

none

no Aggregator attributes are present.

Atomic Aggr.

Atomic

The atomic aggregator flag is set.

Not Atomic

The atomic aggregator flag is not set.

MED

The MED metric value.

none

No MED metric is present.

Community

The BGP community attribute list.

Cluster

The route reflector cluster list.

Originator Id

The originator ID path attribute value.

none

The originator ID attribute is not present.

Peer Router Id

The router ID of the advertising router.

AS-Path

The BGP AS path attribute.

VPRN Imported

Displays the VPRNs where a particular BGP-VPN received route has been imported and installed.

summary
Syntax

summary [all]

Context

show>router>bgp

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command displays a summary of BGP neighbor information.

If confederations are not configured, that portion of the output does not display.

The ‟State” field displays the global BGP operational state. The valid values are:

Up — BGP global process is configured and running.

Down — BGP global process is administratively shutdown and not running.

Disabled — BGP global process is operationally disabled. The process must be restarted by the operator.

For example, if a BGP peer is operationally disabled, the state in the summary table shows the state ‛Disabled’.

Parameters
all

Displays BGP peers in all instances.

Output

The following output is an example of summary BGP information, and Output fields: BGP summary describes the output fields.

Sample output
*A:ALA-12# show router 3 bgp summary
===============================================================================
 BGP Router ID : 10.0.0.14         AS : 65206   Local AS : 65206 
===============================================================================
 BGP Admin State         : Up            BGP Oper State       : Up
 Confederation AS        : 40000
 Member Confederations   : 65205 65206 65207 65208
 
 Number of Peer Groups   : 2             Number of Peers      : 7         
 Total BGP Active Routes : 86689         Total BGP Routes     : 116999    
 Total BGP Paths         : 35860         Total Path Memory    : 2749476   
 Total Supressed Routes  : 0             Total History Routes : 0         
 Total Decayed Routes    : 0         
===============================================================================
BGP Summary
===============================================================================
Neighbor           AS PktRcvd PktSent InQ OutQ   Up/Down State|Recv/Actv/Sent   
-------------------------------------------------------------------------------
10.0.0.1        65206       5   21849   0    0 00h01m29s 32/0/86683            
10.0.0.12       65206       0       0   0    0 00h01m29s Active                
10.0.0.13       65206       5   10545   0   50 00h01m29s 6/0/86683             
10.0.0.15       65205       0       0   0    0 00h01m29s Active                
10.0.0.16       65206       5    9636   0   50 00h01m29s 6/0/86683             
10.0.27.1           2       0       0   0    0 00h01m29s Active                
10.0.28.1       60203   22512      15   0    0 00h01m29s 116955/86689/9        
===============================================================================
*A:ALA-12#
Table 27. Output fields: BGP summary

Label

Description

BGP Router ID

The local BGP router ID.

AS

The configured autonomous system number.

Local AS

The configured local AS setting, if not configured it is the same as the system AS.

BGP Admin State

Down

BGP is administratively disabled.

Up

BGP is administratively enabled.

BGP Oper State

Down

BGP is operationally disabled.

Up

BGP is operationally enabled.

Confederation AS

The configured confederation AS.

Member Confederations

The configured members of the BGP confederation.

Number of Peer Groups

The total number of configured BGP peer groups.

Number of Peers

The total number of configured BGP peers.

Total BGP Active Routes

The total number of BGP routes used in the forwarding table.

Total BGP Routes

The total number of BGP routes learned from BGP peers.

Total BGP Paths

The total number of unique sets of BGP path attributes learned from BGP peers.

Total Path Memory

Total amount of memory used to store the path attributes.

Total Suppressed Routes

Total number of suppressed routes due to route damping.

Total History Routes

Total number of routes with history due to route damping.

Total Decayed Routes

Total number of decayed routes due to route damping.

Neighbor

BGP neighbor address.

AS

(Neighbor)

BGP neighbor autonomous system number.

PktRcvd

Total number of packets received from the BGP neighbor.

PktSent

Total number of packets sent to the BGP neighbor.

InQ

The number of BGP messages to be processed.

OutQ

The number of BGP messages to be transmitted.

Up/Down

The amount of time that the BGP neighbor has either been established or not established depending on its current state.

State|Recv/Actv/Sent

The BGP neighbor current state (if not established) or the number of received routes, active routes and sent routes (if established).

interface
Syntax

interface [{[ip-address | ip-int-name][detail]} | summary]

Context

show>router

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command displays the router IP interface table sorted by interface index.

Parameters
ip-address

Displays the interface information associated with the specified IP address.

ip-int-name

Displays the interface information associated with the specified IP interface name.

detail

Displays detailed IP interface information.

summary

Displays summary IP interface information for the router.

Output

The following outputs are examples of router interface information, and the associated tables describe the output fields.

Sample output — Standard
*A:7210SAS>show>router interface i1 detail

===============================================================================
Interface Table (Router: Base)
===============================================================================

-------------------------------------------------------------------------------
Interface
-------------------------------------------------------------------------------
If Name      : i1
Admin State  : Up                               Oper (v4/v6)     : Down/--
Protocols    : None

IP Addr/mask : Not Assigned
-------------------------------------------------------------------------------
Details
-------------------------------------------------------------------------------
Description  : (Not Specified)
If Index     : 2                                Virt. If Index   : 2
Last Oper Chg: 03/07/2001 01:47:29              Global If Index  : 127
Port Id      : 1/1/1
TOS Marking  : Trusted                          If Type          : Network
Egress Filter: none                             Ingress Filter   : none
Egr IPv6 Flt : none                             Ingr IPv6 Flt    : none
SNTP B.Cast  : False                            QoS Policy       : 2
Queue-group  : None
MAC Address  : 00:25:ba:0d:27:32                Arp Timeout      : 14400
IP Oper MTU  : 9198
LdpSyncTimer : None                             Strip-Label      : Disabled
uRPF Chk     : disabled
uRPF Fail By*: 0                                uRPF Chk Fail Pk*: 0

ICMP Details
Redirects    : Number - 100                     Time (seconds)   - 10
Unreachables : Number - 100                     Time (seconds)   - 10
TTL Expired  : Number - 100                     Time (seconds)   - 10

===============================================================================
Meter Statistics
===============================================================================

-------------------------------------------------------------------------------
                        Packets                 Octets
-------------------------------------------------------------------------------
Ingress Meter 1 (Unicast)
For. InProf           : 0                       0
For. OutProf          : 0                       0
Ingress Meter 9 (Multipoint)
For. InProf           : 0                       0
For. OutProf          : 0                       0
===============================================================================
===============================================================================
* indicates that the corresponding row element may have been truncated.
*A:7210SAS>show>router#
Table 28. Output fields: interface

Label

Description

Interface-Name

The IP interface name.

Type

n/a

No IP address has been assigned to the IP interface, so the IP address type is not applicable.

Pri

The IP address for the IP interface is the Primary address on the IP interface.

Sec

The IP address for the IP interface is a secondary address on the IP interface.

IP-Address

The IP address and subnet mask length of the IP interface.

n/a — Indicates no IP address has been assigned to the IP interface.

Adm

Down

The IP interface is administratively disabled.

Up

The IP interface is administratively enabled.

Opr

Down

The IP interface is operationally disabled.

Up

The IP interface is operationally enabled.

Mode

Network

The IP interface is a network/core IP interface.

Service

The IP interface is a service IP interface.

Sample output — Detailed
*A:ALA-12# show router 3 interface detail
==============================================================================
Interface Table                                                                
==============================================================================
Interface                                                                      
------------------------------------------------------------------------------
If Name      : to-ser1                                                         
Admin State  : Up                               Oper State       : Up          
                                                                               
IP Addr/mask : 10.10.13.3/24                    Address Type     : Primary     
IGP Inhibit  : Disabled                         Broadcast Address: Host-ones   
                                                                               
IP Addr/mask : 10.200.0.1/16                    Address Type     : Secondary   
IGP Inhibit  : Enabled                          Broadcast Address: Host-ones   
------------------------------------------------------------------------------
Details                                                                        
------------------------------------------------------------------------------
If Index     : 2                                                               
Port Id     : 1/1/2                             If Type          : Network     
Egress Filter: none                             Ingress Filter   : 100         
QoS Policy   : 1                                SNTP Broadcast   : False       
MAC Address  : 04:5d:01:01:00:02                Arp Timeout      : 14400       

ICMP Details                                                                   
Redirects    : Disabled                                                        
Unreachables : Number - 100                    Time (seconds)   - 10           
TTL Expired  : Number - 100                    Time (seconds)   - 10           
==============================================================================
*A:ALA-12# 

Table 29. Output fields: interface detail

Label

Description

If Name

The IP interface name.

Admin State

Down

The IP interface is administratively disabled.

Up

The IP interface is administratively enabled.

Oper State

Down

The IP interface is operationally disabled.

Up

The IP interface is operationally disabled.

IP Addr/mask

The IP address and subnet mask length of the IP interface.

Not Assigned - indicates no IP address has been assigned to the IP interface

Address Type

Primary

The IP address for the IP interface is the Primary address on the IP interface.

Secondary

The IP address for the IP interface is a Secondary address on the IP interface.

IGP Inhibit

Disabled

The secondary IP address on the interface is recognized as a local interface by the IGP.

Enabled

The secondary IP address on the interface is not recognized as a local interface by the IGP.

Broadcast Address

All-ones

The broadcast format on the IP interface is all ones.

Host-ones

The broadcast format on the IP interface is host ones.

If Index

The interface index of the IP router interface.

If Type

Network

The IP interface is a network/core IP interface.

Service

The IP interface is a service IP interface.

Port Id

The port ID of the IP interface.

Egress Filter

The egress IP filter policy ID associated with the IP interface.

none

Indicates no egress filter policy is associated with the interface.

Ingress Filter

The ingress IP filter policy ID associated with the IP interface.

none

Indicates no ingress filter policy is associated with the interface.

QoS Policy

The QoS policy ID associated with the IP interface.

SNTP Broadcast

False

Receipt of SNTP broadcasts on the IP interface is disabled.

True

Receipt of SNTP broadcasts on the IP interface is enabled.

MAC Address

The MAC address of the IP interface.

Arp Timeout

The ARP timeout for the interface, in seconds, which is the time an ARP entry is maintained in the ARP cache without being refreshed.

ICMP Mask Reply

False

The IP interface does not reply to a received ICMP mask request.

True

The IP interface replies to a received ICMP mask request.

Redirects

Specifies the maximum number of ICMP redirect messages the IP interface issues in a specific period of time (Time (seconds)).

Disabled

Indicates the IP interface does not generate ICMP redirect messages.

Unreachables

Specifies the maximum number of ICMP destination unreachable messages the IP interface issues in a specific period of time.

Disabled

Indicates that the IP interface does not generate ICMP destination unreachable messages.

TTL Expired

The maximum number (Number) of ICMP TTL expired messages the IP interface issues in a specific period of time (Time (seconds)).

Disabled

Indicates that the IP interface does not generate ICMP TTL expired messages.

Sample output — Summary
*A:ALA-12# show router 3 interface summary
===============================================================================
Router Summary (Interfaces)                                                    
===============================================================================
Instance  Router Name                       Interfaces    Admin-Up   Oper-Up   
-------------------------------------------------------------------------------
1         Base                              7             7          5         
===============================================================================
*A:ALA-12# 
Table 30. Output fields: interface summary

Label

Description

Instance

The router instance number.

Router Name

The name of the router instance.

Interfaces

The number of IP interfaces in the router instance.

mvpn
Syntax

mvpn

Context

show>router

Platforms

7210 SAS-T, 7210 SAS-Mxp, and 7210 SAS-Sx/S 1/10GE (standalone and standalone-VC)

Description

This command displays Multicast VPN related information. The router instance must be specified using the show router command.

Output

The following output is an example of multicast VPN information, and Output fields: MVPN describes the output fields.

Sample output
*A:Dut-y# show router 10 mvpn 

===============================================================================
MVPN 10 configuration data
===============================================================================
signaling : Bgp auto-discovery : Default
UMH Selection : Highest-Ip intersite-shared : Enabled
vrf-import : N/A
vrf-export : N/A
vrf-target : unicast
C-Mcast Import RT : target:16.16.16.16:3
 
ipmsi : ldp
i-pmsi P2MP AdmSt : Up 
 
spmsi : ldp
s-pmsi P2MP AdmSt : Up 
max-p2mp-spmsi : 251 
data-delay-interval: 3 seconds 
enable-asm-mdt : N/A 
data-threshold : 224.0.0.0/4 --> 1 kbps
 
===============================================================================
*A:Dut-y# 
Table 31. Output fields: MVPN

Label

Description

signaling

Displays the signaling type.

UMH Selection

Displays the UMH selection method.

vrf-import

Displays the VRF import policy in use.

vrf-export

Displays the VRF export policy in use.

vrf-target

Displays the VRF target.

C-Mcast Import RT

Displays the c-multicast import router PE system address or loopback address. This address is common for all VPNs on the PE.

ipmsi

Displays the signaling protocol used to setup the I-PMSI tree transport tunnel.

i-pmsi P2MP AdmSt

Displays I-PMSI P2MP administrative state.

spmsi

Displays signaling protocol used to setup the S-PMSI tree transport tunnel.

s-pmsi P2MP AdmSt

Displays the S-PMSI P2MP administrative state.

max-p2mp-spmsi

Displays the maximum number of P2MP S-PMSIs.

data-delay-interval

Displays the interval, in seconds, before a PE router connected to the source switches traffic from the inclusive provider tunnel to the selective provider tunnel.

enable-asm-mdt

Displays whether ASM MDT is enabled.

data-threshold

Displays the data threshold.

mvpn-list
Syntax

mvpn-list [type type] [auto-discovery auto-discovery] [signalling signalling] [group group]

Context

show>router

Platforms

7210 SAS-T, 7210 SAS-Mxp, and 7210 SAS-Sx/S 1/10GE (standalone and standalone-VC)

Description

This command displays Multicast VPN list related information.

Parameters
type

Specifies the MVPN type.

Values

pim, rsvp, ldp

auto-discovery

Specifies the auto-discovery mode.

Values

none, default, mdt-safi

signalling

Specifies the signaling type.

Values

bgp, pim

group

Specifies the group address.

Values

grp-address

Output

The following output is an example of multicast VPN list information, and Output Fields: MVPN list describes the output fields.

Sample output
 
*A:Dut-y# show router mvpn-list 

===============================================================================
MVPN List
===============================================================================
VprnID Sig A-D iPmsi/sPmsi GroupAddr/Lsp-Template (S,G)/(*,G)
-------------------------------------------------------------------------------
10 Bgp Default Mldp/Mldp N/A 512/0
20 Bgp Default Mldp/Mldp N/A 512/0
30 Bgp Default None/None N/A 0/0
-------------------------------------------------------------------------------
Total PIM I-PMSI tunnels : 0
Total RSVP I-PMSI tunnels : 0
Total MLDP I-PMSI tunnels : 2
Total PIM TX S-PMSI tunnels : 0
Total RSVP TX S-PMSI tunnels : 0
Total MLDP TX S-PMSI tunnels : 502
Total PIM RX S-PMSI tunnels : 0
Total RSVP RX S-PMSI tunnels : 0
Total MLDP RX S-PMSI tunnels : 0
Total (S,G) : 1024
Total (*,G) : 0
Total Mvpns : 3
Sig = Signal Pim-a = pim-asm Pim-s = pim-ssm A-D = Auto-Discovery
===============================================================================
*A:Dut-y# 
Table 32. Output Fields: MVPN list

Label

Description

Total PIM I-PMSI tunnels

Displays the total number of PIM I-PMSI tunnels.

Total RSVP I-PMSI tunnels

Displays the total number of RSVP I-PMSI tunnels.

Total MLDP I-PMSI tunnels

Displays the total number of MLDP I-PMSI tunnels.

Total PIM TX I-PMSI tunnels

Displays the total number of PIM I-PMSI transmit tunnels.

Total RSVP TX I-PMSI tunnels

Displays the total number of RSVP I-PMSI transmit tunnels.

Total MLDP TX I-PMSI tunnels

Displays the total number of MLDP I-PMSI transmit tunnels.

Total PIM RX I-PMSI tunnels

Displays the total number of PIM I-PMSI receive tunnels.

Total RSVP RX I-PMSI tunnels

Displays the total number of RSVP I-PMSI receive tunnels.

Total MLDP RX I-PMSI tunnels

Displays the total number of MLDP I-PMSI receive tunnels.

Total (S,G)

Displays the total number of (S,G) multicast groups.

Total (*,G)

Displays the total number of (*,G) multicast groups.

Total Mvpns

Displays the total number of MVPNs.

route-table
Syntax

route-table [ip-prefix [/mask] [longer] | [protocol protocol] | [summary]]

Context

show>router

Platforms

Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode

Description

This command displays the active routes in the routing table.

If no command line arguments are specified, all routes are displayed, sorted by prefix.

Parameters
ip-prefix[/mask]

Displays routes only matching the specified ip-prefix and optional mask.

longer

Displays routes matching the ip-prefix/mask and routes with longer masks.

protocol protocol

Displays routes learned from the specified protocol.

Values

bgp, isis, local, ospf, rip, static, aggregate

summary

Displays a route table summary information.

Output

The following output is an example of route table information, and Output Fields: Router Table describes the output fields.

Sample output
*A:ALA-12# show router 3 route-table
==============================================================================
Route Table                                                                    
==============================================================================
Dest Address       Next Hop        Type    Protocol    Age       Metric  Pref  
------------------------------------------------------------------------------
10.10.0.1/32       10.10.13.1      Remote  OSPF        65844     1001    10    
10.10.0.2/32       10.10.13.1      Remote  OSPF        65844     2001    10    
10.10.0.3/32       0.0.0.0         Local   Local       1329261   0       0     
10.10.0.4/32       10.10.34.4      Remote  OSPF        3523      1001    10    
10.10.0.5/32       10.10.35.5      Remote  OSPF        1084022   1001    10    
10.10.12.0/24      10.10.13.1      Remote  OSPF        65844     2000    10    
10.10.13.0/24      0.0.0.0         Local   Local       65859     0       0     
10.10.15.0/24      10.10.13.1      Remote  OSPF        58836     2000    10    
10.10.24.0/24      10.10.34.4      Remote  OSPF        3523      2000    10    
10.10.25.0/24      10.10.35.5      Remote  OSPF        399059    2000    10    
10.10.34.0/24      0.0.0.0         Local   Local       3543      0       0     
10.10.35.0/24      0.0.0.0         Local   Local       1329259   0       0     
10.10.45.0/24      10.10.34.4      Remote  OSPF        3523      2000    10    
10.200.0.0/16      0.0.0.0         Local   Local       4513      0       0     
192.168.0.0/20     0.0.0.0         Local   Local       1329264   0       0     
192.168.254.0/24   0.0.0.0         Remote  Static      11        1       5     
------------------------------------------------------------------------------
*A:ALA-12# 


*A:ALA-12# show router 3 route-table 10.10.0.4
===============================================================================
Route Table                                                                    
==============================================================================
Dest Address       Next Hop        Type    Protocol    Age       Metric  Pref  
------------------------------------------------------------------------------
10.10.0.4/32       10.10.34.4      Remote  OSPF        3523      1001    10    
------------------------------------------------------------------------------
*A:ALA-12# 


*A:ALA-12# show router 3 route-table 10.10.0.4/32 longer
==============================================================================
Route Table                                                                    
==============================================================================
Dest Address       Next Hop        Type    Protocol    Age       Metric  Pref  
------------------------------------------------------------------------------
10.10.0.4/32       10.10.34.4      Remote  OSPF        3523      1001    10    
------------------------------------------------------------------------------
No. of Routes: 1
==============================================================================
+ : indicates that the route matches on a longer prefix
*A:ALA-12# 


*A:ALA-12# show router 3 route-table protocol ospf
==============================================================================
Route Table                                                                    
==============================================================================
Dest Address       Next Hop        Type    Protocol    Age       Metric  Pref  
------------------------------------------------------------------------------
10.10.0.1/32       10.10.13.1      Remote  OSPF        65844     1001    10    
10.10.0.2/32       10.10.13.1      Remote  OSPF        65844     2001    10    
10.10.0.4/32       10.10.34.4      Remote  OSPF        3523      1001    10    
10.10.0.5/32       10.10.35.5      Remote  OSPF        1084022   1001    10    
10.10.12.0/24      10.10.13.1      Remote  OSPF        65844     2000    10    
10.10.15.0/24      10.10.13.1      Remote  OSPF        58836     2000    10    
10.10.24.0/24      10.10.34.4      Remote  OSPF        3523      2000    10    
10.10.25.0/24      10.10.35.5      Remote  OSPF        399059    2000    10    
10.10.45.0/24      10.10.34.4      Remote  OSPF        3523      2000    10    
-------------------------------------------------------------------------------
*A:ALA-12# 


*A:ALA-12# show router 3 route-table summary
===============================================================================
Route Table Summary                                                            
===============================================================================
                              Active                   Available               
-------------------------------------------------------------------------------
Static                        1                        1                       
Direct                        6                        6                       
BGP                           0                        0                       
OSPF                          9                        9                       
ISIS                          0                        0                       
RIP                           0                        0                       
Aggregate                     0                        0                       
-------------------------------------------------------------------------------
Total                         15                       15                      
===============================================================================
*A:ALA-12# 
Table 33. Output Fields: Router Table

Label

Description

Dest Address

The route destination address and mask.

Next Hop

The next hop IP address for the route destination.

Type

Local

The route is a local route.

Remote

The route is a remote route.

Protocol

The protocol through which the route was learned.

Age

The route age in seconds for the route.

Metric

The route metric value for the route.

Pref

The route preference value for the route.

No. of Routes:

The number of routes displayed in the list.

static-arp
Syntax

static-arp [ip-address | ip-int-name | mac ieee-mac-addr]

Context

show>router

Platforms

Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode

Description

This command displays the router static ARP table sorted by IP address.

If no options are present, all ARP entries are displayed.

Parameters
ip-address

Displays static ARP entries associated with the specified IP address.

ip-int-name

Displays static ARP entries associated with the specified IP interface name.

mac ieee-mac-addr

Displays static ARP entries associated with the specified MAC address.

Output

The following output is an example of static ARP information, and Output Fields: Static ARP describes the output fields.

Sample output
*A:ALA-12# show router 3 static-arp
==============================================================================
ARP Table                                                                      
==============================================================================
IP Address      MAC Address       Age      Type Interface                      
------------------------------------------------------------------------------
10.200.0.253    00:00:5a:40:00:01 00:00:00 Sta  to-ser1                        
10.200.1.1      00:00:5a:01:00:33 00:00:00 Inv  to-ser1a
------------------------------------------------------------------------------
No. of ARP Entries: 2
==============================================================================
*A:ALA-12#


*A:ALA-12# show router 3 static-arp 10.200.1.1
==============================================================================
ARP Table                                                                      
==============================================================================
IP Address    MAC Address        Age     Type Interface 
------------------------------------------------------------------------------
10.200.1.1      00:00:5a:01:00:33  00:00:00 Inv   to-ser1  a
===============================================================================
*A:ALA-12#

*A:ALA-12# show router 3 static-arp to-ser1
==============================================================================
ARP Table                                                                      
==============================================================================
IP Address    MAC Address       Age      Type Interface                      
------------------------------------------------------------------------------
10.200.0.253  00:00:5a:40:00:01 00:00:00 Sta  to-ser1
===============================================================================
S*A:ALA-12# 

*A:ALA-12# show router 3 static-arp mac 00:00:5a:40:00:01
==============================================================================
ARP Table                                                                      
==============================================================================
IP Address    MAC Address       Age      Type Interface 
-------------------------------------------------------------------------------
10.200.0.253  00:00:5a:40:00:01 00:00:00 Sta  to-ser1
==============================================================================
*A:ALA-12# 
Table 34. Output Fields: Static ARP

Label

Description

IP Address

The IP address of the static ARP entry.

MAC Address

The MAC address of the static ARP entry.

Age

The age of the ARP entry. Static ARPs always have 00:00:00 for the age.

Type

Inv

The ARP entry is an inactive static ARP entry (invalid).

Sta

The ARP entry is an active static ARP entry.

Interface

The IP interface name associated with the ARP entry.

No. of ARP Entries

The number of ARP entries displayed in the list.

static-route
Syntax

static-route [ip-prefix /mask] | [preference preference] | [next-hop ip-addr | tag tag] [detail]

Context

show>router

Platforms

Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode

Description

This command displays the static entries in the routing table.

If no options are present. all static routes are displayed sorted by prefix.

Parameters
ip-prefix /mask

Displays static routes only matching the specified ip-prefix and mask.

preference preference

Displays static routes with the specified route preference.

Values

0 to 65535

next-hop ip-addr

Displays static routes with the specified next hop IP address.

detail

Displays detailed information about the static route.

tag

Displays the tag used to add a 32-bit integer tag to the static route. The tag is used in route policies to control distribution of the route into other protocols.

Values

1 to 4294967295

Output

The following output is an example of static route information, and Output Fields: Static Route describes the output fields.

Sample output
*A:ALA-12# show router 3 static-route
==============================================================================
Route Table                                                                     
==============================================================================
IP Addr/mask       Pref Metric Type Nexthop              Interface       Active 
------------------------------------------------------------------------------
192.168.250.0/24   5    1      ID   10.200.10.1          to-ser1         Y 
192.168.252.0/24   5    1      NH   10.10.0.254          n/a             N 
192.168.253.0/24   5    1      NH   to-ser1              n/a             N 
192.168.253.0/24   5    1      NH   10.10.0.254          n/a             N 
192.168.254.0/24   4    1      BH   black-hole           n/a             Y
==============================================================================
*A:ALA-12# 


*A:ALA-12# show router 3 static-route 192.168.250.0/24
==============================================================================
Route Table                                                                     
==============================================================================
IP Addr/mask       Pref Metric Type Nexthop              Interface       Active 
------------------------------------------------------------------------------
192.168.250.0/24   5    1      ID   10.200.10.1          to-ser1         Y
==============================================================================
*A:ALA-12# 


*A:ALA-12# show router 3 static-route preference 4
============================================================================= 
Route Table                                                                     
==============================================================================
IP Addr/mask       Pref Metric Type Nexthop              Interface       Active 
------------------------------------------------------------------------------
192.168.254.0/24   4    1      BH   black-hole           n/a             Y
==============================================================================
*A:ALA-12# 


*A:ALA-12# show router 3 static-route next-hop 10.10.0.254
==============================================================================
Route Table                                                                     
==============================================================================
IP Addr/mask       Pref Metric Type Nexthop              Interface       Active 
------------------------------------------------------------------------------
192.168.253.0/24   5    1      NH   10.10.0.254          n/a             N
============================================================================= 
*A:ALA-12# 

*A:Dut-B# show router static-route
 
===============================================================================
Static Route Table (Router: Base)  Family: IPv4
===============================================================================
Prefix                                        Tag         Met    Pref Type Act
   Next Hop                                    Interface
-------------------------------------------------------------------------------
10.2.3.4/32                                    0           1      5    NH   Y
   10.11.25.6
ip-10.11.25.5_base_to_cpe_static
10.11.15.0/24                                 0           1      5    NH   Y
   10.11.25.6
ip-10.11.25.5_base_to_cpe_static
-------------------------------------------------------------------------------
No. of Static Routes: 2
===============================================================================


*A:Dut-B# show router static-route detail
==============================================================================
Static Route Table (Router: Base)  Family: IPv4
==============================================================================
Network          : 10.2.3.4/32
Nexthop          : 10.11.25.6
Type             : Nexthop                         Nexthop Type      : IP
Interface        : ip-10.11.25.5_base_to_cpe_stat* Active            : Y
Metric           : 1                               Preference        : 5
Admin  State     : Up                              Tag               : 0
BFD              : disabled
CPE-check        : enabled                         State             : n/a
Target           : 10.11.18.6
Interval         : 1                               Drop Count        : 3
Log              : N
CPE Host Up Time : 0d 00:00:02
CPE Echo Req Tx  : 3                               CPE Echo Reply Rx : 3
CPE Up Trans     : 1                               CPE Down Trans    : 0
CPE TTL          : 2
------------------------------------------------------------------------------
Network          : 10.11.15.0/24
Nexthop          : 10.11.25.6
Type             : Nexthop                         Nexthop Type      : IP
Interface        : ip-10.11.25.5_base_to_cpe_stat* Active            : Y
Metric           : 1                               Preference        : 5
Admin  State     : Up                              Tag               : 0
BFD              : disabled
CPE-check        : disabled
------------------------------------------------------------------------------
No. of Static Routes: 2
 
==============================================================================
Table 35. Output Fields: Static Route

Label

Description

IP Addr/mask

The static route destination address and mask.

Pref

The route preference value for the static route.

Metric

The route metric value for the static route.

Type

BH

The static route is a blackhole route. The Nexthop for this type of route is black hole.

ID

The static route is an indirect route, where the nexthop for this type of route is the non-directly connected next hop.

NH

The route is a static route with a directly connected next hop. The Nexthop for this type of route is either the next hop IP address or an egress IP interface name.

Next Hop

The next hop for the static route destination.

Interface

The egress IP interface name for the static route.

n/a

indicates there is no current egress interface because the static route is inactive or a blackhole route.

Active

N

The static route is inactive; for example, the static route is disabled or the next hop IP interface is down.

Y

The static route is active.

No. of Routes:

The number of routes displayed in the list.

tunnel-table
Syntax

tunnel-table [ip-address[/mask] [protocol protocol | sdp sdp-id]

tunnel-table [summary]

Context

show>router

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command displays tunnel table information.

When the auto-bind command is used when configuring a VPRN service, it means the MP-BGP NH resolution is referring to core routing instance for IP reachability. For a VPRN service this object specifies the lookup to be used by the routing instance if no SDP to the destination exists.

Parameters
ip-address[/mask]

Displays the specified tunnel table destination IP address and mask.

protocol protocol

Displays LDP protocol information.

sdp sdp-id

Displays information pertaining to the specified SDP.

summary

Displays summary tunnel table information.

Output

The following output is an example of tunnel table information, and Output Fields: Tunnel Table describes the output fields.

Sample output

*A:ALA-12>config>service#  show router 3 tunnel-table summary
=============================================================================
Tunnel Table Summary (Router: Base)
=============================================================================
                              Active                   Available
------------------------------------------------------------------------------
LDP                           1                        1
SDP                           1                        1
==============================================================================
*A:ALA-12>config>service# 
Table 36. Output Fields: Tunnel Table

Label

Description

Destination

The route destination address and mask.

Owner

Specifies the tunnel owner.

Encap

Specifies the tunnel encapsulation type.

Tunnel ID

Specifies the tunnel (SDP) identifier.

Pref

Specifies the route preference for routes learned from the configured peers.

Nexthop

The next hop for the route destination.

Metric

The route metric value for the route.

Clear commands

arp-host
Syntax

arp-host

arp-host {mac ieee-address | sap sap-id | ip-address ip-address[/mask]}

arp-host [port port-id] [inter-dest-id intermediate-destination-id | no-inter-dest-id]

arp-host statistics [sap sap-id | interface interface-name]

Context

clear>service>id

Platforms

Supported on all 7210 SAS platforms as described in this document

Description

This command clears ARP host data.

forwarding-table
Syntax

forwarding-table [slot-number]

Context

clear>router

Platforms

Supported on all 7210 SAS platforms as described in this document

Description

This command clears the route table on the specified IOM with the route table.

If the slot number is not specified, the command forces the route table to be recalculated.

Parameters
slot-number

Clears the specified IOM slot.

Values

1 - 10 (depending on chassis model)

Default

all IOMs

interface
Syntax

interface [ip-int-name | ip-addr] [icmp]

Context

clear>router

Platforms

Supported on all 7210 SAS platforms as described in this document

Description

This command clears IP interface statistics.

If no IP interface is specified either by IP interface name or IP address, the command performs the clear operation on all IP interfaces.

Parameters
ip-int-name | ip-addr

Specifies the IP interface name or IP interface address.

Default

All IP interfaces.

icmp

Specifies to reset the ICMP statistics for the IP interfaces used for ICMP rate limit.

damping
Syntax

damping [[ip-prefix/mask] [neighbor ip-address]] | [group name]

Context

clear>router>bgp

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command clears or resets the route damping information for received routes.

Parameters
ip-prefix/mask

Clears damping information for entries that match the IP prefix and mask length.

neighbor ip-address

Clears damping information for entries received from the BGP neighbor.

group name

Clears damping information for entries received from any BGP neighbors in the peer group.

flap-statistics
Syntax

flap-statistics [[ip-prefix/mask] [neighbor ip-addr]] | [group group-name] | [regex reg-exp] | [policy policy-name]

Context

clear>router>bgp

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command clears route flap statistics.

Parameters
ip-prefix/mask

Clears route flap statistics for entries that match the specified IP prefix and mask length.

neighbor ip-addr

Clears route flap statistics for entries received from the specified BGP neighbor.

group group-name

Clears route flap statistics for entries received from any BGP neighbors in the specified peer group.

regex reg-exp

Clears route flap statistics for all entries which have the regular expression and the AS path that matches the regular expression.

policy policy-name

Clears route flap statistics for entries that match the specified route policy.

neighbor
Syntax

neighbor {ip-addr | as as-number | external | all} [soft | soft-inbound | statistics]

Context

clear>router>bgp

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command resets the specified BGP peer or peers. This can cause existing BGP connections to be shutdown and restarted.

Parameters
ip-addr

Resets the BGP neighbor with the specified IP address.

as as-number

Resets all BGP neighbors with the specified peer AS.

external

Resets all eBGP neighbors.

all

Resets all BGP neighbors.

soft

The specified BGP neighbors reevaluates all routes in the Local-RIB against the configured export policies.

soft-inbound

The specified BGP neighbors reevaluates all routes in the RIB-In against the configured import policies.

statistics

The BGP neighbor statistics.

protocol
Syntax

protocol

Context

clear>router>bgp

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command resets the entire BGP protocol. If the AS number was previously changed, the BGP AS number does not inherit the new value.

id
Syntax

id service-id

Context

clear>service

clear>service>statistics

Platforms

Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode

Description

This command clears commands for a specific service.

Parameters
service-id

The ID that uniquely identifies a service.

Values

1 to 2147483648

sap
Syntax

sap sap-id {all | counters | stp}

Context

clear>service>statistics

Platforms

Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode

Description

This command clears SAP statistics for a SAP.

Parameters
sap-id

Specifies the physical port identifier portion of the SAP definition. See Common CLI command descriptions for command syntax.

spoke-sdp
Syntax

spoke-sdp sdp-id:vc-id ingress-vc-label

Context

clear>service>id

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command clears and resets the spoke-SDP bindings for the service.

Parameters
sdp-id

Specifies the spoke-SDP ID to be reset.

Values

1 to 17407

vc-id

Specifies the virtual circuit ID on the SDP ID to be reset.

Values

1 to 4294967295

sdp
Syntax

sdp sdp-id keep-alive

Context

clear>service>statistics

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command clears keepalive statistics associated with the SDP ID.

Parameters
sdp-id

Specifies the SDP ID for which to clear keepalive statistics.

Values

1 to 17407

counters
Syntax

counters

Context

clear>service>statistics>id

Platforms

Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode

Description

This command clears all traffic queue counters associated with the service ID.

spoke-sdp
Syntax

spoke-sdp sdp-id[:vc-id] {all | counters | stp}

Context

clear>service>statistics>id

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command clears statistics for the spoke-SDP bound to the service.

Parameters
sdp-id

Specifies the spoke-SDP ID for which to clear statistics.

Values

1 to 17407

vc-id

Specifies the virtual circuit ID on the SDP ID to be reset.

Values

1 to 4294967295

all

Clears all queue statistics and STP statistics associated with the SDP.

counters

Clears all queue statistics associated with the SDP.

stp

Clears all STP statistics associated with the SDP.

stp
Syntax

stp

Context

clear>service>statistics>id

Platforms

Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode

Description

This command clears all spanning tree statistics for the service ID.

Debug commands

id
Syntax

[no] id service-id

Context

debug>service

Platforms

Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode

Description

This command debugs commands for a specific service.

The no form of this command disables debugging.

Parameters
service-id

Specifies the ID that uniquely identifies a service.

sap
Syntax

[no] sap sap-id

Context

debug>service>id

debug>service>stp

Platforms

Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode

Description

This command enables STP debugging for a specific SAP.

The no form of this command disables debugging.

Parameters
sap-id

Specifies the physical port identifier portion of the SAP definition. See Common CLI command descriptions for command syntax.

sdp
Syntax

[no] sdp sdp-id:vc-id

Context

debug>service>id

Platforms

Supported on all 7210 SAS platforms as described in this document, except those operating in access-uplink mode

Description

This command enables STP debugging for a specific SDP.

The no form of this command disables debugging.

event-type
Syntax

[no] event-type {config-change | svc-oper-status-change | sap-oper-status-change | sdpbind-oper-status-change}

Context

debug>service>id

Platforms

Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode

Description

This command enables debugging for a particular event type.

The no form of this command disables debugging.

Note:

The sdpbind-oper-status-change parameter is not supported on 7210 SAS platforms operating in access-uplink mode.

event-type
Syntax

[no] event-type {config-change | oper-status-change}

Context

debug>service>id>sap

Platforms

Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode

Description

This command enables debugging for a particular event type.

The no form of this command disables debugging.

stp
Syntax

[no] stp

Context

debug>service>id

Platforms

Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode

Description

This command enables the context for debugging STP.

The no form of this command disables debugging.

all-events
Syntax

all-events

Context

debug>service>id>stp

Platforms

Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode

Description

This command enables STP debugging for all events.

The no form of this command disables debugging.

bpdu
Syntax

[no] bpdu

Context

debug>service>stp

Platforms

Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode

Description

This command enables STP debugging for received and transmitted BPDUs.

The no form of this command disables debugging.

core-connectivity
Syntax

[no] core-connectivity

Context

debug>service>stp

Platforms

Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode

Description

This command enables STP debugging for core connectivity.

The no form of this command disables debugging.

exception
Syntax

[no] exception

Context

debug>service>stp

Platforms

Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode

Description

This command enables STP debugging for exceptions.

The no form of this command disables debugging.

fsm-state-changes
Syntax

[no] fsm-state-changes

Context

debug>service>stp

Platforms

Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode

Description

This command enables STP debugging for FSM state changes.

The no form of this command disables debugging.

fsm-timers
Syntax

[no] fsm-timers

Context

debug>service>stp

Platforms

Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode

Description

This command enables STP debugging for FSM timer changes.

The no form of this command disables debugging.

port-role
Syntax

[no] port-role

Context

debug>service>stp

Platforms

Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode

Description

This command enables STP debugging for changes in port roles.

The no form of this command disables debugging.

port-state
Syntax

[no] port-state

Context

debug>service>stp

Platforms

Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode

Description

This command enables STP debugging for port states.

The no form of this command disables debugging.