v Commands

Context

[Tree] (config>service>ies>if>vpls>egress v4-routed-override-filter)

Full Context

configure service ies interface vpls egress v4-routed-override-filter

Description

This command configures an IPv4 filter ID that are applied to packets egressing the IES R-VPLS interface. The filter overrides existing egress IPv4 filter applied to VPLS service endpoints such as SAPs or SDPs, if configured.

The no form of this command removes the IPv4 routed override filter from the egress IES R-VPLS interface. When removed, egress IPv4 packets will use the IPv4 egress filter applied to the VPLS endpoint, if configured.

Parameters

ip-filter-id

Specifies the IP filter ID. This parameter is required when executing the v4-routed-override-filter command. The specified filter ID must exist as an IPv4 filter within the system or the override command fails.

Platforms

All

Context

[Tree] (config>service>ies>if>vpls>ingress v4-routed-override-filter)

Full Context

configure service ies interface vpls ingress v4-routed-override-filter

Description

This command configures an IPv4 filter ID that is applied to all ingress packets entering the VPLS or I-VPLS service. The filter overrides any existing ingress IPv4 filter applied to SAPs or SDP bindings for packets associated with the routing IP interface. The override filter is optional and when it is not defined or it is removed. The IPv4 routed packets use any existing ingress IPv4 filter on the VPLS virtual port.

The no form of this command removes the IPv4 routed override filter from the ingress IP interface. When removed, the IPv4 ingress routed packets within a VPLS service attached to the IP interface use the IPv4 ingress filter applied to the packets virtual port, when defined.

Parameters

ip-filter-id

Specifies the IP filter ID. This parameter is required when executing the v4-routed-override-filter command. The specified filter ID must exist as an IPv4 filter within the system or the override command fails.

Platforms

All

Context

[Tree] (config>service>vprn>if>vpls>egress v4-routed-override-filter)

Full Context

configure service vprn interface vpls egress v4-routed-override-filter

Description

This command configures an IPv4 filter ID that is applied to packets egressing the VPRN R-VPLS interface. The filter overrides the existing egress IPv4 filter applied to VPLS service endpoints such as SAPs or SDPs, if configured.

The no form of this command removes the IPv4 routed override filter from the egress VPRN R-VPLS interface. When removed, egress IPv4 packets will use the IPv4 egress filter applied to VPLS endpoint, if configured.

Parameters

ip-filter-id

Specifies the IP filter ID. This parameter is required when executing the v4- routed-override-filter command. The specified filter ID must exist as an IPv4 filter within the system or the override command fails.

Platforms

All

Context

[Tree] (config>service>vprn>if>vpls>ingress v4-routed-override-filter)

Full Context

configure service vprn interface vpls ingress v4-routed-override-filter

Description

This command configures an IPv4 filter ID that is applied to all ingress packets entering the VPLS service. The filter overrides any existing ingress IPv4 filter applied to SAPs or SDP bindings for packets associated with the routing IP interface. The override filter is optional and when it is not defined or it is removed, the IPv4 routed packet’s will use the any existing ingress IPv4 filter on the VPLS virtual port.

The no form of this command removes the IPv4 routed override filter from the ingress IP interface. When removed, the IPv4 ingress routed packets within a VPLS service attached to the IP interface will use the IPv4 ingress filter applied to the packets virtual port, when defined.

Parameters

ip-filter-id

Specifies the IP filter ID. This parameter is required when executing the v4-routed-override-filter command. The specified filter ID must exist as an IPv4 filter within the system or the override command fails.

Platforms

All

Context

[Tree] (config>subscr-mgmt>acct-plcy>include-radius-attribute v6-aggregate-stats)

Full Context

configure subscriber-mgmt radius-accounting-policy include-radius-attribute v6-aggregate-stats

Description

This command enables reporting of IPv6 aggregated forwarded octet and packet counters using RADIUS VSAs. Disabled by default. It requires stat-mode v4-v6 for policers and queues for which the IPv6 aggregate forwarded packets should be counted.

The no form of this command reverts to the default.

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>service>nat>map-domain>ip-fragmentation v6-frag-header)

Full Context

configure service nat map-domain ip-fragmentation v6-frag-header

Description

This command enables and disables the insertion of the fragmentation header in an IPv6 packet when translating non-fragmented IPv4 packet with DF=0. This option is disabled by default and the size of the IPv6 packet is reduced by 8 bytes.

Default

no v6-frag-header

Platforms

VSR

Context

[Tree] (config>service>ies>if>vpls>egress v6-routed-override-filter)

Full Context

configure service ies interface vpls egress v6-routed-override-filter

Description

This command configures an IPv6 filter ID that is applied to packets egressing the IES R-VPLS interface. The filter overrides existing egress IPv6 filter applied to VPLS service endpoints such as SAPs or SDPs, if configured.

The no form of this command removes the IPv4 routed override filter from the egress IES R-VPLS interface. When removed, egress IPv6 routed packets uses the IPv6 egress filter applied to VPLS endpoint, if configured

Parameters

ipv6-filter-id

Specifies the IPv6 filter ID. This parameter is required when executing the v6-routed-override-filter command. The specified filter ID must exist as an IPv6 filter within the system or the override command fails.

Platforms

All

Context

[Tree] (config>service>ies>if>vpls>ingress v6-routed-override-filter)

Full Context

configure service ies interface vpls ingress v6-routed-override-filter

Description

This command configures an IPv6 filter ID that is applied to all ingress packets entering the VPLS or I-VPLS service. The filter overrides any existing ingress IPv6 filter applied to SAPs or SDP bindings for packets associated with the routing IP interface. The override filter is optional and when it is not defined or it is removed, the IPv6 routed packets use any existing ingress IPv6 filter on the VPLS virtual port.

The no v6-routed-override-filter command is used to remove the IPv6 routed override filter from the ingress IP interface. When removed, the IPv6 ingress routed packets within a VPLS service attached to the IP interface will use the IPv6 ingress filter applied to the packet’s virtual port, when defined.

Parameters

ipv6-filter-id

Specifies the IPv6 filter ID. This parameter is required when executing the v6-routed-override-filter command. The specified filter ID must exist as an IPv6 filter within the system or the override command fails.

Platforms

All

Context

[Tree] (config>service>vprn>if>vpls>egress v6-routed-override-filter)

Full Context

configure service vprn interface vpls egress v6-routed-override-filter

Description

This command configures an IPv6 filter ID that is applied to packets egressing the VPRN R-VPLS interface. The filter overrides existing egress IPv6 filter applied to VPLS service endpoints such as SAPs or SDPs, if configured.

The no form of the command removes the IPv4 routed override filter from the egress VPRN R-VPLS interface. When removed, egress IPv6 packets will use the IPv6 egress filter applied to the VPLS endpoint, if configured.

Parameters

ipv6-filter-id

Specifies the IPv6 filter ID. This parameter is required when executing the v6-routed-override-filter command. The specified filter ID must exist as an IPv6 filter within the system or the override command fails.

Platforms

All

Context

[Tree] (config>service>vprn>if>vpls>ingress v6-routed-override-filter)

Full Context

configure service vprn interface vpls ingress v6-routed-override-filter

Description

This command configures an IPv6 filter ID that is applied to all ingress packets entering the VPLS service. The filter overrides any existing ingress IPv6 filter applied to SAPs or SDP bindings for packets associated with the routing IP interface. The override filter is optional and when it is not defined or it is removed, the IPv6 routed packets use the any existing ingress IPv6 filter on the VPLS virtual port.

The no form of the command removes the IPv6 routed override filter from the ingress IP interface. When removed, the IPv6 ingress routed packets within a VPLS service attached to the IP interface uses the IPv6 ingress filter applied to the packet’s virtual port, when defined.

Parameters

ipv6-filter-id

Specifies the IPv6 filter ID. This parameter is required when executing the v6-routed-override-filter command. The specified filter ID must exist as an IPv6 filter within the system or the override command fails.

Platforms

All

Context

[Tree] (config>service>ies>sub-if>grp-if>ipv6>dhcp6>relay>lease-split valid-lifetime)

[Tree] (config>service>vprn>sub-if>ipv6>dhcp6>relay>lease-split valid-lifetime)

[Tree] (config>service>ies>sub-if>ipv6>dhcp6>relay>lease-split valid-lifetime)

[Tree] (config>service>vprn>sub-if>grp-if>ipv6>dhcp6>relay>lease-split valid-lifetime)

Full Context

configure service ies subscriber-interface group-interface ipv6 dhcp6 relay lease-split valid-lifetime

configure service vprn subscriber-interface ipv6 dhcp6 relay lease-split valid-lifetime

configure service ies subscriber-interface ipv6 dhcp6 relay lease-split valid-lifetime

configure service vprn subscriber-interface group-interface ipv6 dhcp6 relay lease-split valid-lifetime

Description

This command configures the DHCPv6 lease split valid lifetime (short lease time). DHCPv6 lease split is active when enabled and for all IA_NA and IA_PD options in the transaction the configured lease split valid lifetime (short lease time) is less than or equal to the renew time T1 committed by the server (long renew time) or 50 percent of the preferred lifetime committed by the server when T1 committed by the server equals zero.

The no form of this command reverts to the default value.

Default

valid-lifetime hrs 1

Parameters

[days days] [hrs hours] [min minutes] [sec seconds]

Specifies the valid lifetime values

Values

days:	0 to 3650
hours:	0 to 23
minutes:	0 to 59
seconds	0 to 59

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>service>vprn>sub-if>grp-if>ipv6>dhcp6>proxy-server valid-lifetime)

[Tree] (config>subscr-mgmt>loc-user-db>ppp>host>ipv6-lease-times valid-lifetime)

[Tree] (config>service>ies>sub-if>grp-if>ipv6>dhcp6>proxy-server valid-lifetime)

[Tree] (config>subscr-mgmt>loc-user-db>ipoe>host>ipv6-lease-times valid-lifetime)

Full Context

configure service vprn subscriber-interface group-interface ipv6 dhcp6 proxy-server valid-lifetime

configure subscriber-mgmt local-user-db ppp host ipv6-lease-times valid-lifetime

configure service ies subscriber-interface group-interface ipv6 dhcp6 proxy-server valid-lifetime

configure subscriber-mgmt local-user-db ipoe host ipv6-lease-times valid-lifetime

Description

This command configured valid-lifetime for DHCPv6 lease (address/prefix).

The valid lifetime is the length of time an address/prefix remains in the valid state (for example, the time until invalidation). The valid lifetime must be greater than or equal to the preferred lifetime. When the valid lifetime expires, the address/prefix becomes invalid and must not be used in communications. RFC 2461, sec 6.2.1 recommends default value of 30 days.

Each address/prefix assigned to the client has associated preferred and valid lifetimes specified by the address assignment authority (DHCP server, RADIUS, ESM). To request an extension of the lifetimes assigned to an address, the client sends a Renew message to the addressing authority. The addressing authority sends a Reply message to the client with the new lifetimes, allowing the client to continue to use the address/prefix without interruption.

The lifetimes are transmitted from the addressing authority to the client in the IA option on the top level (not the address or prefix level).

The no form of this command reverts to the default.

Default

valid-lifetime days 1

Parameters

infinite

Specifies that the valid lifetime is infinite.

Values

days:	0 to 49710
hours:	0 to 23
minutes:	0 to 59
seconds	0 to 59

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>router>dhcp6>server>pool>prefix valid-lifetime)

[Tree] (config>service>vprn>dhcp6>local-dhcp-server>pool>prefix valid-lifetime)

Full Context

configure router dhcp6 local-dhcp-server pool prefix valid-lifetime

configure service vprn dhcp6 local-dhcp-server pool prefix valid-lifetime

Description

This command configures the valid lifetime for the IPv6 prefix or address in the option.

The no form of this command reverts to the default.

Default

valid-lifetime days 1

Parameters

infinite

Sets the valid lifetime to infinite value.

valid-lifetime

Specifies the valid lifetime

Values

days days	0 to 49710
hrs hours	0 to 23
min minutes	0 to 59
sec seconds	0 to 5

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>router>dhcp6>server>defaults valid-lifetime)

Full Context

configure router dhcp6 local-dhcp-server defaults valid-lifetime

Description

This command configures the valid lifetime.

The no form of this command reverts to the default.

Default

valid-lifetime days 1

Parameters

valid-lifetime

Specifies the valid lifetime for a prefix to remain valid.

Values

days:	0 to 3650
hours:	0 to 23
minutes:	0 to 59
seconds	0 to 59

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>subscr-mgmt>rtr-adv>pfx-opt>stateless valid-lifetime)

[Tree] (config>subscr-mgmt>rtr-adv>pfx-opt>stateful valid-lifetime)

Full Context

configure subscriber-mgmt router-advertisement-policy prefix-options stateless valid-lifetime

configure subscriber-mgmt router-advertisement-policy prefix-options stateful valid-lifetime

Description

This command specifies the time for this prefix to remain valid.

The no form of this command reverts to the default.

Default

valid-lifetime 86400

Parameters

seconds

Specifies the time, in seconds, for the prefix to remain preferred.

Values

0, 900 to 86400

infinite

Specifies that the time never expires.

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>service>ies>if>ipv6>dhcp6>pfx-delegate>prefix valid-lifetime)

Full Context

configure service ies interface ipv6 dhcp6-server prefix-delegation prefix valid-lifetime

Description

This command configures the time, in seconds, that the prefix is valid.

The no form of this command reverts to the default value.

Default

valid-lifetime 2592000 (30 days)

Parameters

seconds

Specifies the time, in seconds, that this prefix remains valid.

Values

1 to 4294967294

infinite

Specifies that this prefix remains valid infinitely. The value 4294967295 is interpreted as infinite.

Platforms

All

Context

[Tree] (config>service>ies>sub-if>grp-if>ipv6>rtr-adv>pfx-opt valid-lifetime)

[Tree] (config>service>ies>sub-if>ipv6>rtr-adv>pfx-opt valid-lifetime)

[Tree] (config>service>vprn>sub-if>ipv6>rtr-adv>pfx-opt valid-lifetime)

[Tree] (config>service>vprn>sub-if>grp-if>ipv6>rtr-adv>pfx-opt valid-lifetime)

Full Context

configure service ies subscriber-interface group-interface ipv6 router-advertisements prefix-options valid-lifetime

configure service ies subscriber-interface ipv6 router-advertisements prefix-options valid-lifetime

configure service vprn subscriber-interface ipv6 router-advertisements prefix-options valid-lifetime

configure service vprn subscriber-interface group-interface ipv6 router-advertisements prefix-options valid-lifetime

Description

This command specifies the remaining time for this prefix to be valid for the purpose of on-link determination.

The no form of this command reverts to the default.

Default

valid-lifetime 86400

Parameters

seconds

Specifies the time for the prefix to remain valid on this interface in seconds.

Values

0 to 4294967295

infinite

Specifies that the remaining time will never expire. The value 4294967295 is interpreted as infinite.

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>service>vprn>router-advert>if valid-lifetime)

Full Context

configure service vprn router-advert interface valid-lifetime

Description

This command specifies the length of time in seconds that the prefix is valid for the purpose of on-link determination. A value of all one bits (0xffffffff) represents infinity.

The address generated from an invalidated prefix should not appear as the destination or source address of a packet.

Default

valid-lifetime 2592000

Parameters

seconds

Specifies the remaining length of time in seconds that this prefix will continue to be valid.

Values

0 to 429496729

infinite

Specifies that the prefix will always be valid. A value of 4,294,967,295 represents infinity.

Context

[Tree] (config>router>router-advert>if>prefix valid-lifetime)

Full Context

configure router router-advertisement interface prefix valid-lifetime

Description

This command specifies the length of time in seconds that the prefix is valid for the purpose of on-link determination. A value of all one bits (0xffffffff) represents infinity.

The address generated from an invalidated prefix should not appear as the destination or source address of a packet.

Default

valid-lifetime 2592000

Parameters

seconds

Specifies the remaining length of time in seconds that this prefix will continue to be valid.

infinite

Specifies that the prefix will always be valid. A value of 4,294,967,295 represents infinity.

Platforms

All

Context

[Tree] (admin>system>license validate)

Full Context

admin system license validate

Description

This command performs a validation on the license file pointed to by the command line argument. A validation ensures that the license is compatible with the current state of the target system but it does not change the existing license. Aspects that can cause a failure in the validation include:

• The license file was created for a different target system. The UUID encoded into the file must match that defined by the specific hardware platform.

• The license file does not include license information for the release of software currently running on the system.

• The current date/time reported to system is outside the validity period encoded in the license.

• The system is currently using a hardware upgrade license that is not included in the new file being validated.

Parameters

file-url

Specifies the file URL location to read the license file.

Values

local-url, remote-url

Note:

IPv6 addresses apply only to 7750 SR and 7950 XRS.

Platforms

All

Context

[Tree] (configure>system>security>profile>netconf>base-op-authorization validate)

Full Context

configure system security profile netconf base-op-authorization validate

Description

This command enables the NETCONF validate operation.

The no form of this command disables the operation.

Default

no validate

Platforms

All

Context

[Tree] (config>service>vprn>bgp>flowspec validate-dest-prefix)

Full Context

configure service vprn bgp flowspec validate-dest-prefix

Description

This command enables or disables validation of received IPv4 and IPv6 FlowSpec routes that contain a destination-prefix subcomponent.

A FlowSpec route with a destination-prefix subcomponent is considered invalid if both of the following are true:

• it was originated outside the local AS of the receiving BGP router

• the neighbor AS of the FlowSpec route does not match the neighbor AS of the best match BGP (unicast) route for the destination prefix or the neighbor AS of any longer match BGP (unicast) route for the destination prefix

An invalid route is retained in the BGP but it is not used for filtering traffic or propagated to other BGP routers.

The no form of this command disables the validation procedure based on destination-prefix.

Default

no validate-dest-prefix

Platforms

All

Context

[Tree] (config>router>bgp>flowspec validate-dest-prefix)

Full Context

configure router bgp flowspec validate-dest-prefix

Description

This command enables or disables validation of received IPv4 and IPv6 FlowSpec routes that contain a destination-prefix subcomponent.

A FlowSpec route with a destination-prefix subcomponent is considered invalid if both of the following are true:

• it was originated outside the local AS of the receiving BGP router

• the neighbor AS of the FlowSpec route does not match the neighbor AS of the best match BGP (unicast) route for the destination prefix or the neighbor AS of any longer match BGP (unicast) route for the destination prefix

An invalid route is retained in the BGP but it is not used for filtering traffic or propagated to other BGP routers.

The no form of this command disables the validation procedure based on destination-prefix.

Default

no validate-dest-prefix

Platforms

All

Context

[Tree] (config>app-assure>group>statistics>tca>gtp-filter validate-gtp-tunnels)

Full Context

configure application-assurance group statistics threshold-crossing-alert gtp-filter validate-gtp-tunnels

Description

This command configures a TCA for the counter capturing drops due to the validation of GTP tunnel check. A validate-gtp-tunnels drop TCA can be created for traffic generated from the subscriber side of AA (from-sub) or for traffic generated from the network toward the AA subscriber (to-sub). The create keyword is mandatory when creating a validate-gtp-tunnels TCA.

Parameters

direction

Specifies the traffic direction.

Values

from-sub, to-sub

create

Keyword used to create the TCA.

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>app-assure>group>gtp>gtp-fltr>gtp-tunnel-database validate-gtp-tunnels)

Full Context

configure application-assurance group gtp gtp-filter gtp-tunnel-database validate-gtp-tunnels

Description

This command configures GTP tunnel validation. This allows for validation of TEIDs and is a prerequisite for sequence checking and UE IP address validation. This command applies only when AA GTP FW is deployed on S8/S5/Gp/Gn interfaces.

The gtpc-inspection command must be enabled before using this command.

The no form of this command disables GTP tunnel validation.

Default

no validate-gtp-tunnels

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>service>vprn>static-route-entry>next-hop validate-next-hop)

Full Context

configure service vprn static-route-entry next-hop validate-next-hop

Description

This optional command tracks the state of the next hop in the IPv4 ARP cache or IPv6 Neighbor Cache. When the next hop is not reachable and is removed from the ARP or Neighbor Cache, the next hop will no longer be considered valid and the associated static route state removed from the active route-table.

When the next hop is reachable again and present in the ARP/Neighbor Cache, the static route is considered valid and is subject to being placed into the active route-table.

Default

no validate-next-hop

Platforms

All

Context

[Tree] (config>router>static-route-entry>next-hop validate-next-hop)

Full Context

configure router static-route-entry next-hop validate-next-hop

Description

This optional command tracks the state of the next-hop in the IPv4 ARP cache or IPv6 Neighbor Cache. When the next-hop is not reachable and is removed from the ARP or Neighbor Cache, the next-hop will no longer be considered valid and the associated static-route state removed from the active route-table.

When the next-hop is reachable again and present in the ARP/Neighbor Cache, the static route is considered valid and is subject to being placed into the active route-table.

Default

no validate-next-hop

Platforms

All

Context

[Tree] (config>service>vprn>bgp>flowspec validate-redirect-ip)

Full Context

configure service vprn bgp flowspec validate-redirect-ip

Description

This command enables procedures to validate the redirect-to-IPv4 action attached to FlowSpec-IPv4 routes received by the BGP instance.

The SR OS FlowSpec implementation supports the redirect-to-IPv4 action encoded as an IPv4-address-specific BGP extended community.

When this command is configured, a FlowSpec-IPv4 route is considered invalid and not installed as a filter rule if the FlowSpec-IPv4 route is deemed to have originated in a different AS than the IP route that resolves the redirection IPv4 address. The originating AS of a flow-spec route is determined from its AS path.

The no form of this command disables the check described above.

Default

no validate-redirect-ip

Platforms

All

Context

[Tree] (config>router>bgp>flowspec validate-redirect-ip)

Full Context

configure router bgp flowspec validate-redirect-ip

Description

This command enables procedures to validate the redirect-to-IPv4 action attached to FlowSpec IPv4 routes received by the BGP instance.

The SR OS FlowSpec implementation supports the redirect-to-IPv4 action encoded as an IPv4-address-specific BGP extended community.

When this command is configured, a FlowSpec IPv4 route is considered invalid and not installed as a filter rule if the FlowSpec IPv4 route is deemed to have originated in a different AS than the IP route that resolves the redirection IPv4 address. The originating AS of a FlowSpec route is determined from its AS path.

The no form of this command disables the check described above.

Default

no validate-redirect-ip

Platforms

All

Context

[Tree] (config>app-assure>group>statistics>tca>gtp-filter validate-sequence-number)

Full Context

configure application-assurance group statistics threshold-crossing-alert gtp-filter validate-sequence-number

Description

This command configures a TCA for the counter capturing drops due to the GTP filter invalid GTP sequence number. A validate-sequence-number drop TCA can be created for traffic generated from the subscriber side of AA (from-sub) or for traffic generated from the network toward the AA subscriber (to-sub). The create keyword is mandatory when creating a validate-sequence-number TCA.

Parameters

direction

Specifies the traffic direction.

Values

from-sub, to-sub

create

Keyword used to create the TCA.

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>app-assure>group>gtp>gtp-fltr>gtp-tunnel-database validate-sequence-number)

Full Context

configure application-assurance group gtp gtp-filter gtp-tunnel-database validate-sequence-number

Description

This command configures GTP sequence number checking. GTP packets that fail the sequence number check are discarded.

The validate-gtp-tunnels command must be enabled before using this command.

The no form of this command disables GTP sequence number checking.

Default

no validate-sequence-number

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>app-assure>group>gtp>gtp-fltr>gtp-tunnel-database validate-source-ip-addr)

Full Context

configure application-assurance group gtp gtp-filter gtp-tunnel-database validate-source-ip-addr

Description

This command configures the checking for spoofed or invalid UE IP addresses. Upstream GTP packets that contain invalid UE IP addresses are discarded. When a packet is dropped due to source-ip-address ‟invalid source IP add”, the statistics counter is updated.

The validate-gtp-tunnels command must be enabled before using this command.

The no form of this command disables the checking for spoofed or invalid UE IP addresses.

Default

no validate-source-ip-addr

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>app-assure>group>statistics>tca>gtp-filter validate-src-ip-addr)

Full Context

configure application-assurance group statistics threshold-crossing-alert gtp-filter validate-src-ip-addr

Description

This command configures a TCA for the counter capturing drops due to the GTP filter anti-spoofing of the UE IP address check. A validate-src-ip-addr drop TCA can be created for traffic generated from the subscriber side of AA (from-sub). The create keyword is mandatory when creating a validate-src-ip-addr TCA.

Parameters

direction

Specifies the traffic direction.

Values

from-sub

create

Keyword used to create the TCA.

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>subscr-mgmt>diam-appl-plcy>gy>efh>interim-c validity-time)

Full Context

configure subscriber-mgmt diameter-application-policy gy extended-failure-handling interim-credit validity-time

Description

This command configures the validity time for the interim credit allocated to rating groups of a Diameter Gy session when Extended Failure Handling (EFH) is active. When either the allocated interim credit is consumed or the validity time expires, a new attempt is made to establish a Diameter Gy session with the Online Charging Server (OCS).The validity time applies to all interim credit allocated via the config>subscr-mgmt>diam-appl-plcy application-policy-name>gy>extended-failure-handling>interim-credit>volume and config>subscr -mgmt>category-map category-map-name>category category-name>default-credit CLI commands.

A validity time value of 0 (zero) disables the validity time for the assigned interim credit.

The no form of this command resets the value to the default value.

Default

validity-time 1800

Parameters

seconds

Specifies the validity time, in seconds, applicable to the interim credit.

Values

0 to 4294967295

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>service>system>bgp-evpn>eth-seg>service-carving>manual>preference value)

Full Context

configure service system bgp-evpn ethernet-segment service-carving manual preference value

Description

This command modifies the default preference value used for the PE in the ES. An ES shutdown is not required to modify this value during maintenance operations.

Default

value 32767

Parameters

value

Determines the preference value used in the preference-based DF election algorithm.

Values

0 to 65535

Platforms

All

Context

[Tree] (conf>router>segment-routing>srv6>ms-locator>un value)

Full Context

configure router segment-routing segment-routing-v6 micro-segment-locator un value

Description

This command configures the function value for uN. This draws the Nth value (where N = function-value) of the global micro-SID range (0 excluded) to form a unique uN micro SID. The configured value must be a unique network-wide permicro-SID block.

Parameters

function-value

Specifies the function value for uN.

Values

1 to 1048575

Platforms

7450 ESS, 7750 SR, 7750 SR-s, 7950 XRS, VSR

Context

[Tree] (config>app-assure>group>policy>aso>char value)

Full Context

configure application-assurance group policy app-service-options characteristic value

Description

This command configures a characteristic value.

The no form of this command removes the value for the characteristic.

Parameters

value-name

Specifies a string of up to 32 characters uniquely identifying this characteristic value.

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>service>vprn>sub-if>grp-if>ipv6>dhcp6>relay>asel>pref-opt value)

[Tree] (config>service>ies>sub-if>grp-if>ipv6>dhcp6>relay>asel>pref-opt value)

[Tree] (config>service>vprn>sub-if>ipv6>dhcp6>relay>asel>pref-opt value)

Full Context

configure service vprn subscriber-interface group-interface ipv6 dhcp6 relay advertise-selection preference-option value

configure service ies subscriber-interface group-interface ipv6 dhcp6 relay advertise-selection preference-option value

configure service vprn subscriber-interface ipv6 dhcp6 relay advertise-selection preference-option value

Description

This command configures the default preference option value. A DHCPv6 preference option with specified value is inserted in the DHCPv6 advertise message for DHCPv6 clients for which no per DHCPv6 server or per client-mac solicit delay or preference option value is configured.

The no form of this command removes the configuration.

Parameters

value

Specifies the default preference option value.

Values

0 to 255

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>service>vprn>sub-if>grp-if>ipv6>dhcp6>relay>asel>clnt-mac>pref-opt value)

[Tree] (config>service>vprn>sub-if>ipv6>dhcp6>relay>asel>clnt-mac>pref-opt value)

[Tree] (config>service>ies>sub-if>grp-if>ipv6>dhcp6>relay>asel>clnt-mac>pref-opt value)

Full Context

configure service vprn subscriber-interface group-interface ipv6 dhcp6 relay advertise-selection client-mac preference-option value

configure service vprn subscriber-interface ipv6 dhcp6 relay advertise-selection client-mac preference-option value

configure service ies subscriber-interface group-interface ipv6 dhcp6 relay advertise-selection client-mac preference-option value

Description

This command configures the preference option value for DHCPv6 clients with an odd or an even source MAC address. A DHCPv6 preference option with specified value is inserted in the DHCPv6 advertise message for these DHCPv6 clients.

The no form of this command removes the configuration.

Parameters

value

Specifies the preference option value for DHCPv6 clients with an odd or an even source MAC address.

Values

0 to 255

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>service>ies>sub-if>grp-if>ipv6>dhcp6>relay>asel>srvr>pref-opt value)

[Tree] (config>service>vprn>sub-if>grp-if>ipv6>dhcp6>relay>asel>srvr>pref-opt value)

[Tree] (config>service>vprn>sub-if>ipv6>dhcp6>relay>asel>srvr>pref-opt value)

Full Context

configure service ies subscriber-interface group-interface ipv6 dhcp6 relay advertise-selection server preference-option value

configure service vprn subscriber-interface group-interface ipv6 dhcp6 relay advertise-selection server preference-option value

configure service vprn subscriber-interface ipv6 dhcp6 relay advertise-selection server preference-option value

Description

This command configures the preference option value. A DHCPv6 preference option with specified value is inserted in the DHCPv6 advertise message from the server.

The no form of this command removes the configuration.

Parameters

value

Specifies the preference option value for DHCPv6 advertise messages from the server.

Values

0 to 255

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>subscr-mgmt>isa-svc-chain vas-filter)

Full Context

configure subscriber-mgmt isa-service-chaining vas-filter

Description

This command configures a Value Added Service filter.

The no form of this command removes the VAS filter name from the configuration.

Default

This command configures a value added service (VAS) filter that can be associated to an L2-aware NAT host, and is matched on the NAT ISA to select flows for a host that needs to be steered to remote value-added services.

Parameters

name

Specifies a VAS filter name, up to 32 characters.

create

Keyword used to create the VAS filter instance. The create keyword requirement can be enabled or disabled in the environment>create context.

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>service>ies>if vas-if-type)

Full Context

configure service ies interface vas-if-type

Description

This command configures the type of a Value Added Service (VAS) facing interface. To change the vas-if-type, the shutdown command is required. The vas-if-type and loopback commands are mutually exclusive.

The no form of this command removes the VAS interface type configuration.

Default

no vas-if-type

Parameters

to-from-access

Used when two separate (to-from-access and to-from-network) interfaces are used for VAS connectivity. For service chaining, traffic arriving from access interfaces (upstream) is redirected to a PBR target reachable over this interface for upstream VAS processing. Downstream traffic after VAS processing must arrive on this interface, so that the traffic is subject to regular routing but is not subject to AA divert, nor egress subscriber PBR.

to-from-network

Used when two separate (to-from-access and to-from-network) interfaces are used for VAS connectivity. For service chaining, traffic arriving from network interfaces (downstream) is redirected to a PBR target reachable over this interface for downstream VAS processing. Upstream traffic after VAS processing must arrive on this interface, so that regular routing can be applied.

to-from-both

Used when a single interface is used for VAS connectivity (no local-to-local traffic). For service chaining, both traffic arriving from access interfaces and from network interfaces is redirected to a PBR target reachable over this interface for upstream/downstream VAS processing. Traffic after VAS processing must arrive on this interface, so that the traffic is subject to regular routing but is not subject to AA divert, nor egress subscriber PBR.

Platforms

All

Context

[Tree] (config>service>vprn>if vas-if-type)

Full Context

configure service vprn interface vas-if-type

Description

This command configures the type of a Value Added Service (VAS) facing interface. To change the vas-if-type, the shutdown command is required. The vas-if-type and loopback commands are mutually exclusive.

The no form of this command removes the VAS interface type configuration.

Default

no vas-if-type

Parameters

to-from-access

Used when two separate (to-from-access and to-from-network) interfaces are used for VAS connectivity. For service chaining, traffic arriving from access interfaces (upstream) is redirected to a PBR target reachable over this interface for upstream VAS processing. Downstream traffic after VAS processing must arrive on this interface, so that the traffic is subject to regular routing but is not subject to AA divert, nor egress subscriber PBR.

to-from-network

Used when two separate (to-from-access and to-from-network) interfaces are used for VAS connectivity. For service chaining, traffic arriving from network interfaces (downstream) is redirected to a PBR target reachable over this interface for downstream VAS processing. Upstream traffic after VAS processing must arrive on this interface, so that regular routing can be applied.

to-from-both

Used when a single interface is used for VAS connectivity (no local-to-local traffic). For service chaining, both traffic arriving from access and from network is redirected to a PBR target reachable over this interface for upstream/downstream VAS processing. Traffic after VAS processing must arrive on this interface, so that the traffic is subject to regular routing but is not subject to AA divert, nor egress subscriber PBR.

Platforms

All

Context

[Tree] (config>router>if vas-if-type)

Full Context

configure router interface vas-if-type

Description

This command configures the type of a Value Added Service (VAS) facing interface. To change the vas-if-type, the shutdown command is required. The vas-if-type and loopback commands are mutually exclusive.

The no form of this command removes the VAS interface type configuration.

Default

no vas-if-type

Parameters

to-from-access

Used when two separate (to-from-access and to-from-network) interfaces are used for VAS connectivity. For service chaining, traffic arriving from access interfaces (upstream) is redirected to a PBR target reachable over this interface for upstream VAS processing. Downstream traffic after VAS processing must arrive on this interface, so that the traffic is subject to regular routing but is not subject to AA divert, nor egress subscriber PBR.

to-from-network

Used when two separate (to-from-access and to-from-network) interfaces are used for VAS connectivity. For service chaining, traffic arriving from network interfaces (downstream) is redirected to a PBR target reachable over this interface for downstream VAS processing. Upstream traffic after VAS processing must arrive on this interface, so that regular routing can be applied.

to-from-both

Used when a single interface is used for VAS connectivity (no local-to-local traffic). For service chaining, both traffic arriving from access interfaces and from network interfaces is redirected to a PBR target reachable over this interface for upstream/downstream VAS processing. Traffic after VAS processing must arrive on this interface, so that the traffic is subject to regular routing but is not subject to AA divert, nor to egress subscriber PBR.

Platforms

All

Context

[Tree] (config>service>vpls>sap>l2tpv3-session vc-id)

[Tree] (config>service>epipe>sap>l2tpv3-session vc-id)

Full Context

configure service vpls sap l2tpv3-session vc-id

configure service epipe sap l2tpv3-session vc-id

Description

This command specifies the VC-ID for the L2TPv3 session.

The no form of this command deletes the VC-ID configuration.

Parameters

vc-id

Specifies the VC-ID, up to 64 characters.

Values

1 to 4294967295

Platforms

All

Context

[Tree] (config>service>system>bgp-evpn>ethernet-segment vc-id-range)

Full Context

configure service system bgp-evpn ethernet-segment vc-id-range

Description

This command determines the VC-IDs associated with the virtual Ethernet Segment on a specific SDP based on the following considerations:

• VC-IDs for manual spoke-SDP and BGP-AD are included in the range.

• Th mesh-sdp VC-IDs are not allowed on a SDP used by a virtual ES.

• A maximum of 8 ranges are allowed.

• A range can be comprised of a single VC-ID.

• A vc-id-range can be comprised of a single VC-ID.

• Shutting down the ES is not required prior to making changes.

The no form of the command removes the configured range. Only the first VC-ID value is required to remove the range.

Parameters

vc-id

Specifies the VC-ID. When configuring a range of VC-IDs (and not a single value), the value of the second VC-ID must be greater than the first VC-ID.

Values

1 to 4294967295

Platforms

All

Context

[Tree] (config>service>vprn>red-if>spoke-sdp>egress vc-label)

[Tree] (config>service>vprn>if>spoke-sdp>egress vc-label)

Full Context

configure service vprn redundant-interface spoke-sdp egress vc-label

configure service vprn interface spoke-sdp egress vc-label

Description

This command configures the egress VC label.

Parameters

vc-label

A VC egress value that indicates a specific connection.

Values

16 to 1048575

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

• configure service vprn redundant-interface spoke-sdp egress vc-label

All

• configure service vprn interface spoke-sdp egress vc-label

Context

[Tree] (config>service>vprn>if>spoke-sdp>ingress vc-label)

[Tree] (config>service>vprn>red-if>spoke-sdp>ingress vc-label)

Full Context

configure service vprn interface spoke-sdp ingress vc-label

configure service vprn redundant-interface spoke-sdp ingress vc-label

Description

This command configures the ingress VC label.

Parameters

vc-label

A VC ingress value that indicates a specific connection.

Values

2048 to 18431

Platforms

All

• configure service vprn interface spoke-sdp ingress vc-label

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

• configure service vprn redundant-interface spoke-sdp ingress vc-label

Context

[Tree] (config>service>vpls>mesh-sdp>egress vc-label)

[Tree] (config>service>vpls>spoke-sdp>egress vc-label)

[Tree] (config>service>ies>red-if>spoke-sdp>egress vc-label)

[Tree] (config>service>ies>if>spoke-sdp>egress vc-label)

Full Context

configure service vpls mesh-sdp egress vc-label

configure service vpls spoke-sdp egress vc-label

configure service ies redundant-interface spoke-sdp egress vc-label

configure service ies interface spoke-sdp egress vc-label

Description

This command configures the static MPLS VC label used by this device to send packets to the far-end device in this service via this SDP.

Parameters

egress-vc-label

Specifies a VC egress value that indicates a specific connection.

Values

16 to 1048575

Platforms

All

• configure service ies interface spoke-sdp egress vc-label
• configure service vpls spoke-sdp egress vc-label
• configure service vpls mesh-sdp egress vc-label

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

• configure service ies redundant-interface spoke-sdp egress vc-label

Context

[Tree] (config>service>vpls>mesh-sdp>ingress vc-label)

[Tree] (config>service>ies>red-if>spoke-sdp>ingress vc-label)

[Tree] (config>service>vpls>spoke-sdp>ingress vc-label)

[Tree] (config>service>ies>if>spoke-sdp>ingress vc-label)

Full Context

configure service vpls mesh-sdp ingress vc-label

configure service ies redundant-interface spoke-sdp ingress vc-label

configure service vpls spoke-sdp ingress vc-label

configure service ies interface spoke-sdp ingress vc-label

Description

This command configures the static MPLS VC label used by the far-end device to send packets to this device in this service via this SDP.

Parameters

ingress-vc-label

A VC ingress value that indicates a specific connection.

Values

2048 to 18431

Platforms

All

• configure service vpls spoke-sdp ingress vc-label
• configure service vpls mesh-sdp ingress vc-label
• configure service ies interface spoke-sdp ingress vc-label

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

• configure service ies redundant-interface spoke-sdp ingress vc-label

Context

[Tree] (config>service>cpipe>spoke-sdp>ingress vc-label)

[Tree] (config>service>apipe>spoke-sdp>egress vc-label)

[Tree] (config>service>fpipe>spoke-sdp>ingress vc-label)

[Tree] (config>service>fpipe>spoke-sdp>egress vc-label)

[Tree] (config>service>apipe>spoke-sdp>ingress vc-label)

[Tree] (config>service>ipipe>spoke-sdp>egress vc-label)

[Tree] (config>service>cpipe>spoke-sdp>egress vc-label)

[Tree] (config>service>ipipe>spoke-sdp>ingress vc-label)

Full Context

configure service cpipe spoke-sdp ingress vc-label

configure service apipe spoke-sdp egress vc-label

configure service fpipe spoke-sdp ingress vc-label

configure service fpipe spoke-sdp egress vc-label

configure service apipe spoke-sdp ingress vc-label

configure service ipipe spoke-sdp egress vc-label

configure service cpipe spoke-sdp egress vc-label

configure service ipipe spoke-sdp ingress vc-label

Description

This command configures the egress and ingress VC label.

The actual maximum value that can be configured is limited by the config>router>mpls-labels>static-label-range command.

Parameters

vc-label

A VC egress value that indicates a specific connection.

Values

for egress: 16 to 1048575

Values

for ingress: 32 to 18431

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, 7950 XRS

• configure service cpipe spoke-sdp ingress vc-label
• configure service cpipe spoke-sdp egress vc-label
• configure service fpipe spoke-sdp ingress vc-label
• configure service fpipe spoke-sdp egress vc-label

7450 ESS, 7750 SR-7/12/12e, 7750 SR-a, 7750 SR-e, 7950 XRS

• configure service apipe spoke-sdp ingress vc-label
• configure service apipe spoke-sdp egress vc-label

All

• configure service ipipe spoke-sdp ingress vc-label
• configure service ipipe spoke-sdp egress vc-label

Context

[Tree] (config>service>ies>aarp-interface>spoke-sdp>ingress vc-label)

[Tree] (config>service>ies>aarp-interface>spoke-sdp>egress vc-label)

Full Context

configure service ies aarp-interface spoke-sdp ingress vc-label

configure service ies aarp-interface spoke-sdp egress vc-label

Description

This command configures the egress and ingress VC label.

The no version of this command removes the VC label.

Parameters

vc-label

Specifies a VC egress value that indicates a specific connection.

Values

egress: 16 to 1048575

ingress: 32 to 18431

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>service>vprn>aarp-interface>spoke-sdp>ingress vc-label)

[Tree] (config>service>vprn>aarp-interface>spoke-sdp>egress vc-label)

Full Context

configure service vprn aarp-interface spoke-sdp ingress vc-label

configure service vprn aarp-interface spoke-sdp egress vc-label

Description

This command configures the egress and ingress VC label.

The no version of this command removes the VC label.

Parameters

vc-label

A VC egress value that indicates a specific connection.

Values

egress: 16 to 1048575

ingress: 32 to 18431

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>mirror>mirror-dest>spoke-sdp>egress vc-label)

[Tree] (config>mirror>mirror-dest>remote-src>spoke-sdp>egress vc-label)

Full Context

configure mirror mirror-dest spoke-sdp egress vc-label

configure mirror mirror-dest remote-source spoke-sdp egress vc-label

Description

This command configures the spoke SDP egress VC label.

The no form of this command removes the egress VC label value from the configuration.

Parameters

egress-vc-label

Specifies a VC egress value that indicates a specific connection.

Values

16 to 1048575

Platforms

All

Context

[Tree] (config>service>vprn>ipmirrorif>spoke-sdp vc-label)

[Tree] (config>mirror>mirror-dest>remote-src>spoke-sdp>ingress vc-label)

[Tree] (config>mirror>mirror-dest>spoke-sdp>ingress vc-label)

Full Context

configure service vprn ipmirrorif spoke-sdp vc-label

configure mirror mirror-dest remote-source spoke-sdp ingress vc-label

configure mirror mirror-dest spoke-sdp ingress vc-label

Description

This command configures the spoke SDP ingress VC label.

Parameters

vc-label

Specifies the VC ingress value that indicates a specific connection.

Values

32 to 18431

Platforms

All

• configure mirror mirror-dest remote-source spoke-sdp ingress vc-label

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, 7950 XRS

• configure mirror mirror-dest spoke-sdp ingress vc-label

Context

[Tree] (config>service>sdp>binding>pw-port>egress vc-label)

Full Context

configure service sdp binding pw-port egress vc-label

Description

This command configures the egress VC label for the PW representing the PW-port.

Default

no vc-label

Parameters

vc-label

Specifies the VC egress value that indicates a specific connection.

Values

16 to 1048575

Platforms

All

Context

[Tree] (config>service>sdp>binding>pw-port>ingress vc-label)

Full Context

configure service sdp binding pw-port ingress vc-label

Description

This command configures the ingress VC label used for the PW representing the PW port.

Note that the maximum value of the vc-label that may be configured is limited by the config>router>mpls-labels>static-label-range command.

Default

no vc-label

Parameters

vc-label

Specifies a VC ingress value that indicates a specific connection.

Values

32 to 18431

Platforms

All

Context

[Tree] (config>service>sdp>binding>pw-port vc-type)

Full Context

configure service sdp binding pw-port vc-type

Description

This command sets the forwarding mode for the pseudowire port. The vc-type is signaled to the peer, and must be configured consistently on both ends of the pseudowire. vc-type VLAN is only configurable with dot1q encapsulation on the pseudowire port. The tag with vc-type vlan only has significance for transport, and is not used for service delineation or ESM. The top (provider tag) is stripped while forwarding out of the pseudowire, and a configured vlan-tag (for vc-type vlan) is inserted when forwarding into the pseudowire. With vc-type ether, the tags if present (max 2), are transparently preserved when forwarding in our out of the pseudowire.

The no form of the command reverts to the default value.

Default

vc-type ether

Parameters

ether

Specifies ether as the virtual circuit (VC) associated with the SDP binding.

vlan

Specifies vlan as the virtual circuit (VC) associated with the SDP binding.

Platforms

All

Context

[Tree] (config>service>pw-template vc-type)

Full Context

configure service pw-template vc-type

Description

This command overrides the default VC type signaled for the binding to the far end SDP. The VC type is a 15 bit-quantity containing a value which represents the type of VC. The actual signaling of the VC type depends on the signaling parameter defined for the SDP. If signaling is disabled, the vc-type command can still be used to define the dot1q value expected by the far-end provider equipment. A change of the bindings VC type causes the binding to signal the new VC type to the far end when signaling is enabled. VC types are derived according to IETF draft-martini-l2circuit-trans-mpls.

• The VC type value for Ethernet is 0x0005.

• The VC type value for an Ethernet VLAN is 0x0004.

Parameters

ether

Defines the VC type as Ethernet. The ethernet and vlan keywords are mutually exclusive. When the VC type is not defined then the default is Ethernet for spoke SDP bindings. Defining Ethernet is the same as executing no vc-type and restores the default VC type for the spoke SDP binding. (hex 5)

vlan

Defines the VC type as VLAN. The top VLAN tag, if a VLAN tag is present, is stripped from traffic received on the pseudowire, and a vlan-tag is inserted when forwarding into the pseudowire. The ethernet and vlan keywords are mutually exclusive. When the VC type is not defined then the default is Ethernet for spoke SDP bindings.

Note:

The system expects a symmetrical configuration with its peer, specifically it expects to remove the same number of VLAN tags from received traffic as it adds to transmitted traffic. As some of the related configuration parameters are local and not communicated in the signaling plane, an asymmetrical behavior cannot always be detected and so cannot be blocked. Consequently, protocol extractions will not necessarily function for asymmetrical configurations as they would with a symmetrical configurations resulting in an unexpected operation.

Platforms

All

Context

[Tree] (oam vccv-ping)

[Tree] (config>saa>test>type vccv-ping)

Full Context

oam vccv-ping

configure saa test type vccv-ping

Description

This command configures a Virtual Circuit Connectivity Verification (VCCV) ping test. A vccv-ping test checks connectivity of a VLL inband. It checks to verify that the destination (target) PE is the egress for the Layer 2 FEC. It provides for a cross-check between the dataplane and the control plane. It is inband which means that the vccv-ping message is sent using the same encapsulation and along the same path as user packets in that VLL. The vccv-ping test is the equivalent of the lsp-ping test for a VLL service. The vccv-ping reuses an lsp-ping message format and can be used to test a VLL configured over both an MPLS and a GRE SDP.

Note that VCCV ping can be initiated on T-PE or S-PE. If initiated on the S-PE, the reply-mode parameter must be used with the ip-routed value The ping from the T-PE can have either values or can be omitted, in which case the default value is used.

If a VCCV ping is initiated from T-PE to neighboring a S-PE (one segment only), then it is sufficient to only use the spoke-sdp-fec-id parameter. However, if the ping is across two or more segments, at least the spoke-sdp-fec-id, src-ip-address ip-addr, dst-ip-address ip-addr, ttl vc-label-ttl parameters are used where:

• The src-ip-address is system IP address of the router preceding the destination router.

• The vc-label-ttl parameter must have a value equal or higher than the number of pseudowire segments.

Note that VCCV ping is a multi-segment pseudowire. For a single-hop pseudowire, only the peer VCCV CC bit of the control word is advertised when the control word is enabled on the pseudowire.

VCCV ping on multi-segment pseudowires require that the control word be enabled in all segments of the VLL. If the control word is not enabled on a spoke SDP, it is signaled peer VCCV CC bits to the far end, consequently the vccv-ping cannot be successfully initiated on that specific spoke SDP.

If the saii-type-2 and taii-type-2 parameters are specified by the user of this command for a FEC129 pseudowire, then these values are used by the vccv-ping echo request message instead of the saii and taii of the spoke-sdp indexed by the spoke-sdp-fec parameter, or any saii and taii received in a switching point TLV for the pseudowire. Furthermore, the user must enter the saii and taii in accordance with the direction of the pseudowire as seen from the node on which the vccv-ping command is executed. However, the values of the saii and taii sent in the echo request message are swapped with respect to the user-entered values to match the order in the installed FEC on the targeted node. The output of the command for FEC129 type 2 pseudowire reflects the order of the saii and taii stored on the targeted node.

This command, when used with the static option, configures a Virtual Circuit Connectivity Verification (VCCV) ping test for static MPLS-TP pseudowires used in a VLL service. It checks to verify that the destination (target) PE is the egress for the Static PW FEC. It provides for a cross-check between the dataplane and the configuration. The vccv-ping static command reuses an lsp-ping message format and can be used to test an MPLS-TP pseudowire VLL configured over an MPLS SDP. VCCV Ping for MPLS-TP pseudowires always uses the VCCV control word (associated channel header) with either an IPv4 channel type (0x0021) or on-demand CV message channel type (0x0025).

Note that vccv-ping static can only be initiated on a T-PE. Both the echo request and reply messages are send using the same, in-band, encapsulation. If the target-fec-type option is not specified, then the target FEC stack contains a static PW FEC TLV. The contents of this TLV are populated based on the source node ID, source global ID, and destination global ID and destination node ID in the vccv-ping command (or taken from the pseudowire context if omitted from the command).

The target-fec-type option allows the user to test a segment of a MS-PW that does not have the same FEC type as the local segment from the T-PE where the vccv-ping command is issued. This is applicable for performing VCCV ping on an MS-PW comprised of static PW FEC segments and dynamically signaled PW ID FEC segments.

The timestamp format to be sent, and to be expected when received in a PDU, is as configured by the config>test-oam>mpls-time-stamp-format command. If RFC 4379 (obsoleted by RFC 8029) is selected, then the timestamp is in seconds and microseconds since 1900, otherwise it is in seconds and microseconds since 1970.

Parameters

sdp-id:vc-id

Specifies that if a FEC 128 PW is tested, then its VC ID must be indicated with this parameter. The VC ID needs to exist on the local router and the far-end peer needs to indicate that it supports VCCV to allow the user to send vccv-ping message.

Values

sdp-id: 1 to 32767

vc-id: 1 to 4294967295

reply-mode {ip-routed | control-channel}

Indicates to the far end, the method to send the reply message. The option ip-routed indicates an out-of-band reply mode using the vccv control channel. The option control-channel indicates an in-band reply mode using the vccv control channel.

Default

control-channel

src-ip-address ip-addr

Specifies the source IP address.

Values

a.b.c.d

dst-ip-address ip-addr

Specifies the destination IP address.

Values

a.b.c.d

src-ip-address ip-addr

Specifies the source IP address.

Values

a.b.c.d

pw-id

Specifies the pseudowire ID to be used for performing a VCCV ping operation. The pseudowire ID is a non-zero 32-bit connection ID required by the FEC 128, as defined in RFC 8029, Detecting Multi-Protocol Label Switched (MPLS) Data Plane Failures.

Values

1 to 4294967295

target-fec-type

Specifies the FEC type for a remote PW segment targeted by a VCCV Ping echo request. This parameter is used if VCCV Ping is used along a MS-PW where a static MPLS-TP PW segment using the static PW FEC is switched to a T-LDP signaled segment using the PW ID FEC (FEC128), or vice versa, thus requiring the user to explicitly specify a target FEC that is different from the local segment FEC.

Values

pw-id-fec — Indicates that FEC element for the remote target PW

00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 segment is of type PW ID (FEC128).

static-pw-fec — Indicates that FEC element for the remote target PW segment is of type Static PW FEC.

attachment-group-identifier

Specifies the attachment group identifier for the target FEC. This parameter is only valid in combination with the target-fec-type static-pw-fec.

Values

0 to 4294967295

pw-path-id-saii global-id:node-id:ac-id

Specifies the SAII of the target FEC. This parameter is only valid in combination with the target-fec-type static-pw-fec.

global-id — Specifies the global ID of the SAII of the targeted static PW FEC element.
Values	0 to 4294967295
node-id — Specifies the node-id on far end T-PE that the pseudowire being tested is associated with.
Values	ipv4-formatted address: a.b.c.d 1 to 4294967295
ac-id — Specifies an unsigned integer representing a locally unique SAII for the pseudowire being tested at the far end T-PE.
Values	1 to 4294967295

pw-path-id-taii global-id:node-id:ac-id

Specifies the SAII of the target FEC. This parameter is only valid in combination with the target-fec-type static-pw-fec.

global-id — Specifies the global ID of the SAII of the targeted static PW FEC element.
Values	0 to 4294967295
node-id — Specifies the node-id on far end T-PE that the pseudowire being tested is associated with.
Values	ipv4-formatted address: a.b.c.d 1 to 4294967295
ac-id — Specifies an unsigned integer representing a locally unique SAII for the pseudowire being tested at the far end T-PE.
Values	1 to 4294967295

saii-type2 global-id:prefix:ac-id

Specifies that if a FEC129 AII Type 2 pseudowire is tested, then the source attachment individual identifier (SAII) must be indicated. The saii-type2 parameter is mutually exclusive with sdp-id:vc-id.

taii-type2 global-id:prefix:ac-id

Specifies that if a FEC129 AII Type 2 pseudowire is tested, then the target attachment individual identifier (TAII) must be indicated. The taii-type2 parameter is mutually exclusive with sdp-id:vc-id.

global-id — Specifies the global ID of the far end T-PE of the FEC129 pseudowire.
Values	0 to 4294967295
Default	0
node-id — Specifies the node-id on far end T-PE that the pseudowire being tested is associated with.
Values	ipv4-formatted address: a.b.c.d 1 to 4294967295
ac-id — Specifies an unsigned integer representing a locally unique TAII for the pseudowire being tested at the far end T-PE.
Values	1 to 4294967295

spoke-sdp-fec-id

Specifies that if a FEC 129 PW is tested, then its spoke-sdp-fec-id must be indicated with this parameter. The spoke-sdp-fec-id must already exist on the local router and the far-end peer must indicate that it supports VCCV to allow the user to send vccv-ping message.

spoke-sdp-fec is mutually exclusive with the sdp-id:vc-id parameter.

Values

1 to 4294967295

assoc-channel {ipv4 | non-ip}

Specifies the associated channel encapsulation format to use for the VCCV ping echo request and echo reply packet for a PW that uses the static PW FEC. An associated channel type of ipv4 must be used if a vccv-ping is performed to a remote segment of a different FEC type.

Values

ipv4 – IPv4 encapsulation in an IPv4 pseudowire associated channel (channel type 0x0021)

non-ip –MPLS-TP encapsulation without UDP/IP headers, in pseudowire associated channel using channel type 0x025.

Default

non-ip

global-id

Specifies the MPLS-TP global ID for the far end node of the pseudowire under test. If this is not entered, then the dest-global-id is taken from the pseudowire context.

Values

0 to 4294967295

Default

0

node-id

Specifies the MPLS-TP node ID of the far end node for the pseudowire under test. If this is not entered, then the dest-global-id is taken from the pseudowire context.

Values

ipv4-formatted address: a.b.c.d

1 to 4294967295

Default

0

sender-src-address ip-addr

Specifies the 4-octet IPv4 address of the node originating the VCCV Ping echo request. This parameter is only valid in combination with the target-fec-type pw-id-fec.

Values

a.b.c.d

remote-dst-address ip-addr

Specifies the 4-octet IPv4 address of the far end node that is a target of the VCCV Ping echo request. This parameter is only valid in combination with the target-fec-type pw-id-fec.

Values

a.b.c.d

pw-type

Specifies the PW type value of the PW segment targeted on the far end node. This field must be included to populate the PW type field of the PW ID FEC in the FEC static TLV, when the far end FEC type is different form the local FEC type and the target-fec-type pw-id-fec.

Values

atm-cell (=3), atm-sdu (=2), atm-vcc (=9), atm-vpc (=10), cesopsn (=21), cesopsn-cas (=23), ether (=5), satop-e1 (=17), satop-t1 (=18), 1 to 65535

send-count

Specifies the number of messages to send, expressed as a decimal integer. The count parameter is used to override the default number of message requests sent. Each message request must either time out or receive a reply before the next message request is sent. The message interval value must have expired before the next message request is sent.

Values

1 to 100

Default

1

fc-name

Specifies the fc parameter be used to indicate the forwarding class of the MPLS echo request packets. The actual forwarding class encoding is controlled by the network egress LSP-EXP mappings.

The LSP-EXP mappings on the receive network interface controls the mapping back to the internal forwarding class used by the far-end 7750 SR that receives the message request. The egress mappings of the egress network interface on the far-end router controls the forwarding class markings on the return reply message. The LSP-EXP mappings on the receive network interface controls the mapping of the message reply at the originating SR.

Values

be, l2, af, l1, h2, ef, h1, nc

Default

be

The ToS byte is not modified. vccv-ping Request Packet and Behavior summarizes this behavior.

Table 1. vccv-ping Request Packet and Behavior

CPM (sender node)	Echo request packet: packet {tos=1, fc1, profile1} fc1 and profile1 are as entered by user in OAM command or default values tos1 as per mapping of {fc1, profile1} to IP precedence in network egress QoS policy of outgoing interface
Outgoing interface (sender node)	Echo request packet: packet queued as {fc1, profile1} ToS field=tos1 not remarked EXP=exp1, as per mapping of {fc1, profile1} to EXP in network egress QoS policy of outgoing interface
Incoming interface (responder node)	Echo request packet: packet {tos1, exp1} exp1 mapped to {fc2, profile2} as per classification in network QoS policy of incoming interface
CPM (responder node)	Echo reply packet: packet {tos=1, fc2, profile2}
Outgoing interface (responder node)	Echo reply packet: packet queued as {fc2, profile2} ToS filed= tos1 not remarked (reply inband or out-of-band) EXP=exp2, if reply is inband, remarked as per mapping of {fc2, profile2} to EXP in network egress QoS policy of outgoing interface
Incoming interface (sender node)	Echo reply packet: packet {tos1, exp2} exp2 mapped to {fc1, profile1} as per classification in network QoS policy of incoming interface

profile {in | out}

Specifies the profile state of the MPLS echo request encapsulation.

Default

out

interval

Specifies the time, in seconds, used to override the default request message send interval and defines the minimum amount of time that must expire before the next message request is sent.

If the interval is set to 1 second, and the timeout value is set to 10 seconds, then the maximum time between message requests is 10 seconds and the minimum is 1 second. This depends upon the receipt of a message reply corresponding to the outstanding message request.

Values

1 to 10

Default

1

octets

Specifies the size, in octets, expressed as a decimal integer, of the MPLS echo request packet, including the IP header but not the label stack. The request pay-load is padded with zeros to the specified size. Note that an OAM command is not failed if the user entered a size lower than the minimum required to build the packet for the echo request message. The payload is automatically padded to meet the minimum size.

Values

1 to 9786

Default

1

timeout

Specifies the time, in seconds, used to override the default timeout value and is the amount of time that the router waits for a message reply after sending the message request. Upon the expiration of message time out, the requesting router assumes that the message response is not received. A request timeout message is displayed by the CLI for each message request sent that expires. Any response received after the request times out is silently discarded.

Values

1 to 10

Default

5

vc-label-ttl

Specifies the time-to-live value for the vc-label of the echo request message. The outer label TTL is still set to the default of 255 regardless of this value.

Values

1 to 255

Default

1

Platforms

All

Output

The following output is an example of VCCV ping information.

Ping TPE to SPE on a LDP/GRE tunnel
===================================

*A:Dut-B# oam vccv-ping 3:1 
VCCV-PING 3:1 88 bytes MPLS payload
Seq=1, send from intf toSPE1-D-8 to NH 12.1.8.2
       reply from 4.4.4.4 via Control Channel
       udp-data-len=56 rtt=0.689ms rc=8 (DSRtrMatchLabel)

---- VCCV PING 3:1 Statistics ----
1 packets sent, 1 packets received, 0.00% packet loss
round-trip min = 0.689ms, avg = 0.689ms, max = 0.689ms, stddev = 0.000ms


Ping TPE to SPE on a RSVP tunnel
================================

A:Dut-C# oam vccv-ping 5:1 
VCCV-PING 5:1 88 bytes MPLS payload
Seq=1, send from intf toSPE2-E-5 to NH 12.3.5.1
       send from lsp toSPE2-E-5
       reply from 5.5.5.5 via Control Channel
       udp-data-len=56 rtt=1.50ms rc=8 (DSRtrMatchLabel)

---- VCCV PING 5:1 Statistics ----
1 packets sent, 1 packets received, 0.00% packet loss
round-trip min = 1.50ms, avg = 1.50ms, max = 1.50ms, stddev = 0.000ms


Ping TPE to TPE over multisegment pseudowire
============================================
*A:Dut-C# oam vccv-ping 5:1 src-ip-address 4.4.4.4 dst-ip-address 2.2.2.2 pw-
id 1 ttl 3 
VCCV-PING 5:1 88 bytes MPLS payload
Seq=1, send from intf toSPE2-E-5 to NH 12.3.5.1
       send from lsp toSPE2-E-5
       reply from 2.2.2.2 via Control Channel
       udp-data-len=32 rtt=2.50ms rc=3 (EgressRtr)

---- VCCV PING 5:1 Statistics ----
1 packets sent, 1 packets received, 0.00% packet loss
round-trip min = 2.50ms, avg = 2.50ms, max = 2.50ms, stddev = 0.000ms


Ping SPE to TPE (over LDP tunnel)
==================================

Single segment:
---------------

*A:Dut-D# oam vccv-ping 3:1 reply-mode ip-routed 
VCCV-PING 3:1 88 bytes MPLS payload
Seq=1, send from intf toTPE1-B-8 to NH 12.1.8.1
       reply from 2.2.2.2 via IP
       udp-data-len=32 rtt=1.66ms rc=3 (EgressRtr)

---- VCCV PING 3:1 Statistics ----
1 packets sent, 1 packets received, 0.00% packet loss
round-trip min = 1.66ms, avg = 1.66ms, max = 1.66ms, stddev = 0.000ms


Multisegment:
-------------
*A:Dut-D>config>router#  oam vccv-ping 4:200 src-ip-address 5.5.5.5 dst-ip-
address 3.3.3.3 pw-id 1 ttl 2 reply-mode ip-routed 
VCCV-PING 4:200 88 bytes MPLS payload
Seq=1, send from intf toSPE2-E-5 to NH 12.2.5.2
       reply from 3.3.3.3 via IP
       udp-data-len=32 rtt=3.76ms rc=3 (EgressRtr)

---- VCCV PING 4:200 Statistics ----
1 packets sent, 1 packets received, 0.00% packet loss
round-trip min = 3.76ms, avg = 3.76ms, max = 3.76ms, stddev = 0.000ms


Ping SPE to SPE
===============
*A:Dut-D# oam vccv-ping 4:200 reply-mode ip-routed 
VCCV-PING 4:200 88 bytes MPLS payload
Seq=1, send from intf toSPE2-E-5 to NH 12.2.5.2
       reply from 5.5.5.5 via IP
       udp-data-len=56 rtt=1.77ms rc=8 (DSRtrMatchLabel)

---- VCCV PING 4:200 Statistics ----
1 packets sent, 1 packets received, 0.00% packet loss
round-trip min = 1.77ms, avg = 1.77ms, max = 1.77ms, stddev = 0.000ms

Context

[Tree] (oam vccv-trace)

[Tree] (config>saa>test>type vccv-trace)

Full Context

oam vccv-trace

configure saa test type vccv-trace

Description

This command configures a Virtual Circuit Connectivity Verification (VCCV) automated trace test. The automated VCCV-trace can trace the entire path of a PW with a single command issued at the T-PE or at an S-PE. This is equivalent to LSP-Trace and is an iterative process by which the source T-PE or S-PE node sends successive VCCV-Ping messages with incrementing the TTL value, starting from TTL=1. In each iteration, the T-PE builds the MPLS echo request message in a way like VCCV-Ping. The first message with TTL=1 has the next-hop S-PE T-LDP session source address in the Remote PE Address field in the PW FEC TLV. Each S-PE which terminates and processes the message includes in the MPLS echo reply message the FEC 128 TLV corresponding the PW segment to its downstream node. The source T-PE or S-PE node can then build the next echo reply message with TTL=2 to test the next-next hop for the MS-PW. It copies the FEC TLV it received in the echo reply message into the new echo request message. The process is terminated when the reply is from the egress T-PE or when a time out occurs.

The user can specify to display the result of the VCCV-trace for a fewer number of PW segments of the end-to-end MS-PW path. In this case, the min-ttl and max-ttl parameters are configured accordingly. However, the T-PE/S-PE node still probes all hops up to min-ttl to correctly build the FEC of the desired subset of segments.

Note that if the saii-type-2 and taii-type-2 parameters are specified this command for a FEC129 pseudowire, then these values are used by the vccv-ping echo request message instead of the saii and taii of the spoke SDP indexed by the spoke-sdp-fec parameter, or any saii and taii received in a switching point TLV for the pseudowire. Furthermore, the use must enter the saii and taii in accordance with the direction of pseudowire as seen from the node on which the vccv-trace command is executed. However, the values of the saii and taii sent in the echo request message are swapped with respect to the user-entered values to match the order in the installed FEC on the targeted node. The output of the command for a FEC129 type 2 pseudowire reflects the order of the saii and taii stored on the targeted node.

This command, when used with the static option, configures a VCCV-automated trace test for static MPLS-TP pseudowires used in a VLL service. VCCV trace for MPLS-TP pseudowires always uses the VCCV control word (associated channel header) with either an IPv4 channel type (0x0021) or on-demand CV message channel type (0x0025).

Note that vccv-trace static can only be initiated on a T-PE. Both the echo request and reply messages are send using the same, in-band, encapsulation. The target FEC stack contains a static PW FEC TLV. The contents of this TLV are populated based on the source Node ID, source global ID, and destination global ID and destination node ID taken from the pseudowire context.

The target-fec-type option allows the user to perform a vccv-trace to a segment of a MS-PW that does not have the same FEC type as the local segment from the T-PE where the vccv-trace command is issued. This is applicable for performing VCCV ping on an MS-PW comprised of static PW FEC segments and dynamically signaled PW ID FEC segments.

Parameters

sdp-id:vc-id

Specifies that if a FEC 128 PW is being tested, then its VC ID must be indicated with this parameter. The VC ID needs to exist on the local router and the far-end peer needs to indicate that it supports VCCV to allow the user to send vccv-ping message.

Values

sdp-id: 1 to 32767

vc-id: 1 to 4294967295

reply-mode {ip-routed | control-channel}

Indicates to the far end, the method to send the reply message. The option ip-routed indicates an out-of-band reply mode using the vccv control channel. The option control-channel indicates an in-band reply mode using the vccv control channel.

Default

control-channel

target-fec-type

Specifies the FEC type for a remote PW segment targeted by a VCCV Ping echo request. This parameter is used if VCCV Ping is used along a MS-PW where a static MPLS-TP PW segment using the static PW FEC is switched to a T-LDP signaled segment using the PW ID FEC (FEC128), or vice versa, thus requiring the user to explicitly specify a target FEC that is different from the local segment FEC.

Values

pw-id-fec — Indicates that FEC element for the remote target PW segment is of type PW ID (FEC128).

static-pw-fec — Indicates that FEC element for the remote target PW segment is of type Static PW FEC.

attachment-group-identifier

Specifies the attachment group identifier for the target FEC. This parameter is only valid in combination with the target-fec-type static-pw-fec.

Values

0 to 4,294,967,295

pw-path-id-saii global-id:node-id:ac-id

Specifies the SAII of the target FEC. This parameter is only valid in combination with the target-fec-type static-pw-fec.

global-id — Specifies the global ID of the SAII of the targeted static PW FEC element.
Values	0 to 4294967295
Default	0
node-id — Specifies the node ID on far end T-PE that the pseudowire being tested is associated with.
Values	ipv4-formatted address: a.b.c.d 1 to 4294967295
ac-id — Specifies an unsigned integer representing a locally unique SAII for the pseudowire being tested at the far end T-PE.
Values	1 to 4294967295

pw-path-id-taii global-id:node-id:ac-id

Specifies the SAII of the target FEC. This parameter is only valid in combination with the target-fec-type static-pw-fec.

global-id — Specifies the global ID of the SAII of the targeted static PW FEC element.
Values	0 to 4294967295
Default	0
node-id — Specifies the node ID of the far-end T-PE that the pseudowire being tested is associated with.
Values	ipv4-formatted address: a.b.c.d 1 to 4294967295
ac-id — Specifies an unsigned integer representing a locally unique SAII for the pseudowire being tested at the far end T-PE.
Values	1 to 4294967295

saii-type2 global-id:prefix:ac-id

If a FEC129 AII Type 2 pseudowire is being tested, then the source attachment individual identifier (SAII) must be indicated.

The saii-type2 parameter is mutually exclusive with the sdp-id:vc-id parameter.

global-id — Specifies the global ID of this T-PE node.
Values	1 to 4294967295
prefix — Specifies the prefix on this T-PE node that the spoke SDP is associated with.
ac-id — Specifies an unsigned integer representing a locally unique identifier for the spoke SDP.
Values	1 to 4294967295

taii-type2 global-id:prefix:ac-id

Specifies that if a FEC129 AII Type 2 pseudowire is being tested, then the target attachment individual identifier (TAII) must be indicated. The taii-type2 parameter is mutually exclusive with sdp-id:vc-id.

global-id — Specifies the global ID of the far end T-PE of the FEC129 pseudowire.
Values	0 to 4294967295
node-id — Specifies the node ID on far end T-PE that the pseudowire being tested is associated with.
Values	ipv4-formatted address: a.b.c.d 1 to 4294967295
ac-id — Specifies an unsigned integer representing a locally unique TAII for the pseudowire being tested at the far end T-PE.
Values	1 to 4294967295

spoke-sdp-fec-id

Specifies that if a FEC 129 PW is being tested, then its spoke-sdp-fec-id must be indicated with this parameter. The spoke-sdp-fec-id needs to exist on the local router and the far-end peer needs to indicate that it supports VCCV to allow the user to send vccv-ping message.

spoke-sdp-fec is mutually exclusive with the sdp-id:vc-id parameter.

Values

1 to 4294967295

assoc-channel {ipv4 | non-ip}

Specifies the associated channel encapsulation format to use for the VCCV trace echo request and echo reply packet for a PW that uses the static PW FEC. An associated channel type of ipv4 must be used if a vccv-ping is performed to a remote segment of a different FEC type.

Values

ipv4 – IPv4 encapsulation in an IPv4 pseudowire associated channel (channel type 0x0021)

non-ip – MPLS-TP encapsulation without UDP/IP headers, in pseudowire associated channel using channel type 0x025.

Default

non-ip

src-ip-address ipv4-address

Specifies the 4-octet IPv4 address of the source node.

Values

a.b.c.d

sender-src-address ipv4-address

Specifies the 4-octet IPv4 address of the node originating the VCCV trace.

Values

a.b.c.d

remote-dst-address ipv4-address

Specifies the 4-octet IPv4 address of the far end node that is a target of the VCCV Ping echo request. This parameter is only valid in combination with the target-fec-type pw-id-fec.

Values

a.b.c.d

pw-id

Specifies the pseudowire ID to be used for performing a VCCV ping operation. The pseudowire ID is a non-zero 32-bit connection ID required by the FEC 128, as defined in RFC 8029, Detecting Multi-Protocol Label Switched (MPLS) Data Plane Failures.

Values

1 to 4294967295

pw-type

Specifies the PW type of the PW segment targeted on the far end node. This field must be included to populate the PW type field of the PW ID FEC in the FEC static TLV, when the far end FEC type is different form the local FEC type and the target-fec-type is pw-id-fec.

Values

atm-cell (=3), atm-sdu (=2), atm-vcc (=9), atm-vpc (=10), cesopsn (=21), cesopsn-cas (=23), ether (=5), satop-e1 (=17), satop-t1 (=18), 1 to 65535

fc-name

Specifies the FC and profile parameters are used to indicate the forwarding class of the VCCV trace echo request packets. The actual forwarding class encoding is controlled by the network egress LSP-EXP mappings.

The LSP-EXP mappings on the receive network interface controls the mapping back to the internal forwarding class used by the far-end router that receives the message request. The egress mappings of the egress network interface on the far-end router controls the forwarding class markings on the return reply message. The LSP-EXP mappings on the receive network interface controls the mapping of the message reply at the originating router.

Values

be, l2, af, l1, h2, ef, h1, nc

Default

be

When an MPLS echo request packet is generated in CPM and is forwarded to the outgoing interface, the packet is queued in the egress network queue corresponding to the specified FC and profile parameter values. The marking of the packet's EXP is dictated by the LSP-EXP mappings on the outgoing interface. When the MPLS echo request packet is received on the responding node, The FC and profile parameter values are dictated by the LSP-EXP mappings of the incoming interface.

When an MPLS echo reply packet is generated in CPM and is forwarded to the outgoing interface, the packet is queued in the egress network queue corresponding to the FC and profile parameter values determined by the classification of the echo request packet, which is being replied to, at the incoming interface. The marking of the packet's EXP is dictated by the LSP-EXP mappings on the outgoing interface.

The ToS byte is not modified. vccv trace Request Packet and Behavior summarizes this behavior.

Table 2. vccv trace Request Packet and Behavior

CPM (sender node)	Echo request packet: packet {tos=1, fc1, profile1} fc1 and profile1 are as entered by user in OAM command or default values tos1 as per mapping of {fc1, profile1} to IP precedence in network egress QoS policy of outgoing interface
Outgoing interface (sender node)	Echo request packet: packet queued as {fc1, profile1} ToS field=tos1 not remarked EXP=exp1, as per mapping of {fc1, profile1} to EXP in network egress QoS policy of outgoing interface
Incoming interface (responder node)	Echo request packet: packet {tos1, exp1} exp1 mapped to {fc2, profile2} as per classification in network QoS policy of incoming interface
CPM (responder node)	Echo reply packet: packet{tos=1, fc2, profile2}
Outgoing interface (responder node)	Echo reply packet: packet queued as {fc2, profile2} ToS filed= tos1 not remarked (reply inband or out-of-band) EXP=exp2, if reply is inband, remarked as per mapping of {fc2, profile2} to EXP in network egress QoS policy of outgoing interface
Incoming interface (sender node)	Echo reply packet: packet {tos1, exp2} exp2 mapped to {fc1, profile1} as per classification in network QoS policy of incoming interface

profile {in | out}

Specifies the profile state of the VCCV trace echo request packet.

Default

out

interval-value

Specifies the interval parameter in seconds, expressed as a decimal integer. This parameter is used to override the default request message send interval and defines the minimum amount of time that must expire before the next message request is sent.

If the interval is set to 1 second, and the timeout value is set to 10 seconds, then the maximum time between message requests is 10 seconds and the minimum is 1 second. This depends upon the receipt of a message reply corresponding to the outstanding message request.

Values

1 to 255

Default

1

no-response-count

Specifies the maximum number of consecutive VCCV trace echo requests, expressed as a decimal integer that do not receive a reply before the trace operation fails for a given TTL value.

Values

1 to 255

Default

5

max-vc-label-ttl

Specifies the TTL value for the VC label of the echo request message for the last hop of the MS-PW for which the results are to be displayed. This is expressed as a decimal integer. The outer label TTL is still set to the default regardless of the value of the VC label.

Values

1 to 255

Default

8

min-vc-label-ttl

Specifies the TTL value for the VC label of the echo request message for the first hop of the MS-PW for which the results are to be displayed. This is expressed as a decimal integer. Note that the outer label TTL is still set to the default regardless of the value of the VC label.

Values

1 to 255

Default

1

probe-count

Specifies the number of VCCV trace echo request messages to send per TTL value.

Values

1 to 10

Default

1

octets

Specifies the size in octets, expressed as a decimal integer, of the MPLS echo request packet, including the IP header but not the label stack. The request pay-load is padded with zeros to the specified size. An OAM command is not failed if the user enters a size lower than the minimum required to build the packet for the echo request message. The payload is automatically padded to meet the minimum size.

Values

1 to 9786

Default

1

timeout-value

Specifies the timeout parameter, in seconds, expressed as a decimal integer. This value is used to override the default timeout value and is the amount of time that the router waits for a message reply after sending the message request. Upon the expiration of the message time out, the requesting router assumes that the message response are not received. A request timeout message is displayed by the CLI for each message request sent that expires. Any response received after the request times out is silently discarded.

Values

1 to 60

Default

3

Platforms

All

Output

*A:138.120.214.60# oam vccv-trace 1:33
>>>>>>> 22.10.R1
VCCV-TRACE 1:33  with 88 bytes of MPLS payload
1  1.1.63.63  rtt<10ms rc=8(DSRtrMatchLabel)
2  1.1.62.62  rtt<10ms rc=8(DSRtrMatchLabel)
3  1.1.61.61  rtt<10ms rc=3(EgressRtr)

Trace with detail:

*A:138.120.214.60>oam vccv-trace 1:33 detail
 
VCCV-TRACE 1:33  with 88 bytes of MPLS payload
1  1.1.63.63  rtt<10ms rc=8(DSRtrMatchLabel)
   Next segment: VcId=34 VcType=AAL5SDU Source=1.1.63.63 Remote=1.1.62.62
2  1.1.62.62  rtt<10ms rc=8(DSRtrMatchLabel)
   Next segment: VcId=35 VcType=AAL5SDU Source=1.1.62.62 Remote=1.1.61.61
3  1.1.61.61  rtt<10ms rc=3(EgressRtr)
SAA:
 
*A:multisim3>config>saa# info
----------------------------------------------
        test "vt1"
            shutdown
            type
                vccv-trace 1:2 fc "af" profile in timeout 2 interval 3 size 200
min-ttl 2 max-ttl 5 max-fail 2 probe-count 3
            exit
        exit
..
----------------------------------------------
*A:multisim3>config>saa# 

Context

[Tree] (config>service>epipe>bgp-vpws>remote-ve-name ve-id)

[Tree] (config>service>epipe>bgp-vpws>ve-name ve-id)

Full Context

configure service epipe bgp-vpws remote-ve-name ve-id

configure service epipe bgp-vpws ve-name ve-id

Description

This command configures a ve-id for either the local VPWS instance when configured under the ve-name, or for the remote VPWS instance when configured under the remote-ve-name.

A single ve-id can be configured per ve-name or remote-ve-name. The ve-id can be changed without shutting down the VPWS instance. When the ve-name ve-id changes, BGP withdraws the previously advertised route and sends a route-refresh to all the peers which would result in reception of all the remote routes again. The old PWs are removed and new ones are instantiated for the new ve-id value.

When the remote-ve-name ve-id changes, BGP withdraws the previously advertised route and send a new update matching the new ve-id. The old pseudowires are removed and new ones are instantiated for the new ve-id value.

NLRIs received whose advertised ve-id does not match the list of ve-ids configured under the remote ve-id will not have a spoke SDP binding auto-created but will remain in the BGP routing table but not in the Layer 2 route table. A change in the locally configured ve-ids may result in auto-sdp-bindings either being deleted or created, based on the new matching results.

Each ve-id configured within a service must be unique.

The no form of this command removes the configured ve-id. It can be used just when the BGP VPWS status is shutdown. The no shutdown command cannot be used if there is no ve-id configured.

Default

no ve-id

Parameters

value

A two bytes identifier that represents the local or remote VPWS instance and is advertised through the BGP NLRI.

Values

1 to 65535

Platforms

All

Context

[Tree] (config>service>vpls>bgp-vpls>ve-name ve-id)

Full Context

configure service vpls bgp-vpls ve-name ve-id

Description

This command configures a ve-id. Just one ve-id can be configured per BGP VPLS instance. The VE-ID can be changed without shutting down the VPLS Instance. When the VE-ID changes, BGP is withdrawing its own previously advertised routes and sending a route-refresh to all the peers which would result in reception of all the remote routes again. The old pseudowires are removed and new ones are instantiated for the new VE-ID value.

The no form of this command removes the configured ve-id. It can be used just when the BGP VPLS status is shutdown. The no shutdown command cannot be used if there is no ve-id configured.

Default

no ve-id

Parameters

value

Specifies a two-byte identifier that represents the local instance in a VPLS and is advertised through the BGP NLRI. Must be lower or equal with the max-ve-id.

Values

1 to 65535

Platforms

All

Context

[Tree] (config>service>epipe>bgp-vpws ve-name)

Full Context

configure service epipe bgp-vpws ve-name

Description

This command configures the name of the local VPWS instance in this service.

The no form of this command removes the ve-name.

Parameters

name

Specifies a site name up to 32 characters in length.

Platforms

All

Context

[Tree] (config>service>vpls>bgp-vpls ve-name)

Full Context

configure service vpls bgp-vpls ve-name

Description

This command creates or edits a ve-name. Just one ve-name can be created per BGP VPLS instance.

The no form of this command removes the configured ve-name from the bgp vpls node. It can be used only when the BGP VPLS status is shutdown. The no shutdown command cannot be used if there is no ve-name configured.

Default

no ve-name

Parameters

name

Specifies the A character string to identify the VPLS Edge instance up to 32 characters in length

Platforms

All

Context

[Tree] (config>system>ned>profile vendor-id)

Full Context

configure system network-element-discovery profile vendor-id

Description

This command configures the vendor ID to be advertised.

The no form of this command reverts to the default value.

Default

vendor-id "Nokia"

Parameters

vendor-id

Specifies the vendor ID to be advertised with the profile, up to 255 characters.

Platforms

All

Context

[Tree] (config>subscr-mgmt>msap-policy>vpls-only-sap-parameters>dhcp>option vendor-specific-option)

[Tree] (config>service>ies>sub-if>dhcp vendor-specific-option)

[Tree] (config>service>vpls>sap>dhcp>option vendor-specific-option)

[Tree] (config>service>ies>sub-if>grp-if>dhcp>option vendor-specific-option)

[Tree] (config>service>vprn>if>dhcp>option vendor-specific-option)

[Tree] (config>service>ies>if>dhcp>option vendor-specific-option)

[Tree] (config>service>vprn>sub-if>grp-if>dhcp>option vendor-specific-option)

Full Context

configure subscriber-mgmt msap-policy vpls-only-sap-parameters dhcp option vendor-specific-option

configure service ies subscriber-interface dhcp vendor-specific-option

configure service vpls sap dhcp option vendor-specific-option

configure service ies subscriber-interface group-interface dhcp option vendor-specific-option

configure service vprn interface dhcp option vendor-specific-option

configure service ies interface dhcp option vendor-specific-option

configure service vprn subscriber-interface group-interface dhcp option vendor-specific-option

Description

This command enables the Nokia vendor-specific sub-option of the DHCP relay packet.

The no form of this command reverts to the default.

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

• configure service ies subscriber-interface dhcp vendor-specific-option
• configure service ies subscriber-interface group-interface dhcp option vendor-specific-option
• configure service vprn subscriber-interface group-interface dhcp option vendor-specific-option
• configure subscriber-mgmt msap-policy vpls-only-sap-parameters dhcp option vendor-specific-option

All

• configure service vprn interface dhcp option vendor-specific-option
• configure service ies interface dhcp option vendor-specific-option
• configure service vpls sap dhcp option vendor-specific-option

Context

[Tree] (config>router>if>dhcp>option vendor-specific-option)

Full Context

configure router interface dhcp option vendor-specific-option

Description

This command configures the Nokia vendor specific suboption of the DHCP relay packet.

Platforms

All

Context

[Tree] (config>aaa>diam-peer-plcy vendor-support)

[Tree] (config>subscr-mgmt>diam-appl-plcy>gy vendor-support)

Full Context

configure aaa diameter-peer-policy vendor-support

configure subscriber-mgmt diameter-application-policy gy vendor-support

Description

In a diameter peer policy, this command specifies the vendor support announced in the capability exchange. In a Gy diameter application policy, this command specifies the vendor specific attributes for the user sessions.

The no form of this command reverts to the default value.

Default

vendor-support three-gpp

Parameters

three-gpp

Specifies the 3GPP diameter policy vendor type.

vodafone

Specifies the vodafone diameter policy vendor type.

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>subscr-mgmt>igmp-policy version)

Full Context

configure subscriber-mgmt igmp-policy version

Description

This command configures the version of IGMP.

The no form of this command reverts to the default value.

Default

version 3

Parameters

version

Specifies the IGMP version.

Values

1, 2 or 3

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>subscr-mgmt>msap-policy>vpls-only-sap-parameters>igmp-snp version)

Full Context

configure subscriber-mgmt msap-policy vpls-only-sap-parameters igmp-snooping version

Description

This command specifies the version of IGMP which is running on an MSAP. This object can be used to configure a router capable of running either value. For IGMP to function correctly, all routers on a LAN must be configured to run the same version of IGMP on that LAN.

When the send-query command is configured, all type of queries generated are of the configured version. If a report of a version higher than the configured version is received, the report gets dropped and a new ‟wrong version” counter is incremented.

If the send-query command is not configured, the version command has no effect. The version used on that SAP or SDP is the version of the querier. This implies that, for example, when there is a v2 querier, a v3 group or group-source specific query when a host wants to leave a certain group will never be sent.

Default

version 3

Parameters

version

Specifies the IGMP version.

Values

1, 2, 3

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>subscr-mgmt>mld-policy version)

Full Context

configure subscriber-mgmt mld-policy version

Description

This command configures the MLD version.

The no form of this command reverts to the default.

Default

version 2

Parameters

version

Specifies the MLD version.

Values

1, 2

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>router>wpp>portals>portal version)

[Tree] (config>service>vprn>wpp>portals>portal version)

Full Context

configure router wpp portals portal version

configure service vprn wpp portals portal version

Description

This command configure the protocol version that is expected by the WPP portal.

The no form of this command reverts to the default.

Default

version 1

Parameters

version

Specifies the protocol version.

Values

1, 2

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>port>ml-bundle>ima version)

Full Context

configure port multilink-bundle ima version

Description

This command configures the IMA version for the multilink bundle group. If there is a version mismatch between this IMA group and the far end IMA group, the IMA group becomes operationally down. Automatic version changing is not supported. To change the IMA version, all member links must be removed from the group first.

Default

version 1-1

Parameters

IMA-version

Specifies the IMA version for this group.

Values

1-0: IMA version 1-0 1-1: IMA version 1-1

Platforms

7450 ESS, 7750 SR-7/12/12e

Context

[Tree] (config>service>vpls>spoke-sdp>igmp-snooping version)

[Tree] (config>service>vpls>mesh-sdp>igmp-snooping version)

[Tree] (config>service>vpls>sap>igmp-snooping version)

[Tree] (config>service>vpls>sap>mld-snooping version)

[Tree] (config>service>vpls>mesh-sdp>mld-snooping version)

[Tree] (config>service>vpls>spoke-sdp>mld-snooping version)

Full Context

configure service vpls spoke-sdp igmp-snooping version

configure service vpls mesh-sdp igmp-snooping version

configure service vpls sap igmp-snooping version

configure service vpls sap mld-snooping version

configure service vpls mesh-sdp mld-snooping version

configure service vpls spoke-sdp mld-snooping version

Description

This command specifies the version of IGMP or MLD which is running on this SAP or SDP. This object can be used to configure a router capable of running either value. For IGMP or MLD to function correctly, all routers on a LAN must be configured to run the same version of IGMP or MLD on that LAN.

When the send-query command is configured, all type of queries generate ourselves are of the configured version. If a report of a version higher than the configured version is received, the report gets dropped and a new ‟wrong version” counter is incremented.

If the send-query command is not configured, the version command has no effect. The version used on that SAP or SDP is the version of the querier. This implies that, for example, when there is a v2 querier, a v3 group or group-source specific query when a host wants to leave a certain group will never be sent.

Parameters

version

Specifies the IGMP or MLD version

Values

1, 2, 3

Platforms

All

Context

[Tree] (config>service>vprn>igmp>grp-if version)

Full Context

configure service vprn igmp group-interface version

Description

This command configures the version of IGMP.

The no form of this command removes the version.

Parameters

version

Specifies the IGMP version.

Values

1, 2, or 3

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>service>vprn>igmp>if version)

Full Context

configure service vprn igmp interface version

Description

This command specifies the IGMP version. If routers run different versions of IGMP, they will negotiate the lowest common version of IGMP that is supported by hosts on their subnet and operate in that version. For IGMP to function correctly, all routers on a LAN should be configured to run the same version of IGMP on that LAN.

For IGMPv3, a multicast router that is also a group member performs both parts of IGMPv3, receiving and responding to its own IGMP message transmissions as well as those of its neighbors.

Default

version 3

Parameters

version

Specifies the IGMP version number.

Values

1, 2, 3

Platforms

All

Context

[Tree] (config>service>vprn>mld>if version)

Full Context

configure service vprn mld interface version

Description

This command specifies the MLD version. If routers run different versions, they will negotiate the lowest common version of MLD that is supported by hosts on their subnet and operate in that version. For MLD to function correctly, all routers on a LAN should be configured to run the same version of MLD on that LAN.

Default

version 2

Parameters

version

Specifies the MLD version number.

Values

1, 2

Platforms

All

Context

[Tree] (config>service>nat>pcp-server-policy version)

Full Context

configure service nat pcp-server-policy version

Description

This command configures the accepted protocol version range.

Default

version minimum 1 maximum 1

Parameters

minimum

Specifies the minimum protocol version supported by the PCP servers using this PCP policy.

Values

1 to 255

maximum

Specifies the maximum protocol version supported by the PCP servers using this PCP policy.

Values

1 to 255

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>router>igmp>if version)

[Tree] (config>router>igmp>group-interface version)

Full Context

configure router igmp interface version

configure router igmp group-interface version

Description

This command specifies the IGMP version. If routers run different versions of IGMP, they will negotiate the lowest common version of IGMP that is supported by hosts on their subnet and operate in that version. For IGMP to function correctly, all routers on a LAN should be configured to run the same version of IGMP on that LAN.

For IGMPv3, a multicast router that is also a group member performs both parts of IGMPv3, receiving and responding to its own IGMP message transmissions as well as those of its neighbors.

Default

version 3

Parameters

version

Specifies the IGMP version number.

Values

1, 2, 3

Platforms

All

• configure router igmp interface version

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

• configure router igmp group-interface version

Context

[Tree] (config>router>mld>group-interface version)

[Tree] (config>router>mld>interface version)

Full Context

configure router mld group-interface version

configure router mld interface version

Description

This command specifies the MLD version. If routers run different versions of MLD, they will negotiate the lowest common version of MLD that is supported by hosts on their subnet and operate in that version. For MLD to function correctly, all routers on a LAN should be configured to run the same version of MLD on that LAN.

Default

version 2

Parameters

version

Specifies the MLD version number.

Values

1, 2

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

• configure router mld group-interface version

All

• configure router mld interface version

Context

[Tree] (config>service>pw-template>igmp-snooping version)

Full Context

configure service pw-template igmp-snooping version

Description

This command specifies the version of IGMP. This object can be used to configure a router capable of running either value. For IGMP to function correctly, all routers on a LAN must be configured to run the same version of IGMP on that LAN.

When the send-query command is configured, all type of queries generated are of the configured version. If a report of a version higher than the configured version is received, the report gets dropped and a new ‟wrong version” counter is incremented.

If the send-query command is not configured, the version command has no effect. The version used on that SAP or SDP is the version of the querier. This implies that, for example, when there is a v2 querier, a v3 group or group-source specific query when a host wants to leave a certain group will never be sent.

Default

version 3

Parameters

version

Specifies the IGMP version.

Values

1, 2, 3

Platforms

All

Context

[Tree] (file version)

Full Context

file version

Description

This command displays the version of an SR OS *.tim image file.

Parameters

file-url

Specifies the file name of the target file.

Values

local-url	[cflash-id/][file-path]
	up to 200 characters, including cflash-id
	directory length up to 99 characters each
remote-url	[{ftp://| tftp://}login:pswd@remote-locn/ [file-path]
	up to 247 characters
	directory length 199 characters each
remote-locn	[hostname | ipv4-address | ipv6-address]
ipv4-address	a.b.c.d
ipv6-address	x:x:x:x:x:x:x:x[-interface]
	x:x:x:x:x:x:d.d.d.d[-interface]
	x - [0 to FFFF]H
	d - [0 to 255]D
	interface - up to 32 characters, for link local addresses
cflash-id	cf1:, cf1-A:, cf1-B:

check

Validates the SR OS *.tim image file.

Platforms

All

Output

The following output is an example of SR OS version information.

A:Redundancy>file cf3:\ # version  ftp://test:1234@192.0.2.79/usr/global/images/6.1/R4/cpm.tim
TiMOS-C-6.1.R4 for 7750
Thu Oct 30 14:21:09 PDT 2018 by builder in /relx.1/b1/Rx/panos/main
A:Redundancy>file cf3:\ # version check ftp://test:1234@192.0.2.79/usr/global/
images/6.1/R4/cpm.tim 
TiMOS-C-6.1.R4 for 7750
Thu Oct 30 14:21:09 PDT 2018 by builder in /relx.1/b1/Rx/panos/main
Validation successful
A:Redundancy>file cf3:\ #

Context

[Tree] (config>system>security>ssh version)

Full Context

configure system security ssh version

Description

This command configures the SSH protocol version that is supported by the SSH server.

The no form of this command removes the SSH version from the configuration.

Parameters

ssh-version

Specifies the SSH version.

Values

1 —This option is blocked and silently ignored.

2 — Specifies that the SSH server accepts connections from clients supporting SSH protocol version 2.

1-2 — Specifies that the SSH server accepts connections from clients supporting SSH protocol version 2. Version 1 is no longer supported.

Note:

Values ‟1” and ‟1-2” are not permitted in FIPS-140-2 mode.

Default

2

Platforms

All

Context

[Tree] (file vi)

Full Context

file vi

Description

Edit files with the text editor. For more information, refer to ‟Text Editor” in the 7450 ESS, 7750 SR, 7950 XRS, and VSR Basic System Configuration Guide.

Parameters

local-url

Specifies the local source file or directory.

Values

[cflash-id/]file-path

cflash-id: cf1:, cf2:, cf3:

Platforms

All

Context

[Tree] (config>mcast-mgmt>mcast-info-plcy>bundle>channel>video>analyzer>alarms vid-pid-absent)

[Tree] (config>mcast-mgmt>mcast-info-plcy>bundle>channel>source-override>video>analyzer>alarms vid-pid-absent)

[Tree] (config>mcast-mgmt>mcast-info-plcy>bundle>video>analyzer>alarms vid-pid-absent)

Full Context

configure mcast-management multicast-info-policy bundle channel video analyzer alarms vid-pid-absent

configure mcast-management multicast-info-policy bundle channel source-override video analyzer alarms vid-pid-absent

configure mcast-management multicast-info-policy bundle video analyzer alarms vid-pid-absent

Description

This command configures the analyzer to check for a VID PID within the specified time interval.

Default

no vid-pid-absent

Parameters

milli-seconds

Specifies the time, in milliseconds, for which to check for a VID PID.

Values

100 to 5000

Platforms

7450 ESS, 7750 SR-1, 7750 SR-7/12/12e, 7750 SR-1s, 7750 SR-2s, 7750 SR-7s, 7750 SR-14s

Context

[Tree] (config>mcast-mgmt>mcast-info-plcy>bundle video)

[Tree] (config>mcast-mgmt>mcast-info-plcy>bundle>channel video)

[Tree] (config>mcast-mgmt>mcast-info-plcy>bundle>channel>source-override video)

Full Context

configure mcast-management multicast-info-policy bundle video

configure mcast-management multicast-info-policy bundle channel video

configure mcast-management multicast-info-policy bundle channel source-override video

Description

Commands in this context configure video parameters.

Platforms

7450 ESS, 7750 SR-1, 7750 SR-7/12/12e, 7750 SR-1s, 7750 SR-2s, 7750 SR-7s, 7750 SR-14s

Context

[Tree] (config>isa video-group)

Full Context

configure isa video-group

Description

This command configures an ISA video group.

Parameters

video-group-id

Specifies a video group ID.

Values

1 to 4

create

Keyword required when first creating the configuration context. Once the context is created, one can navigate into the context without the create keyword.

Platforms

7450 ESS, 7750 SR-1, 7750 SR-7/12/12e, 7750 SR-1s, 7750 SR-2s, 7750 SR-7s, 7750 SR-14s

Context

[Tree] (config>mcast-mgmt>mcast-info-plcy>bundle>video video-group)

[Tree] (config>mcast-mgmt>mcast-info-plcy>bundle>channel>source-override>video video-group)

[Tree] (config>mcast-mgmt>mcast-info-plcy>bundle>channel>video video-group)

Full Context

configure mcast-management multicast-info-policy bundle video video-group

configure mcast-management multicast-info-policy bundle channel source-override video video-group

configure mcast-management multicast-info-policy bundle channel video video-group

Description

This command assigns a video group ID to the channel.

Parameters

video-group-id

specifies the identifier for this video group. The video group must have been configured in the config>isa context.

Values

1 to 4

disable

Explicitly disables the video group within the policy.

Platforms

7450 ESS, 7750 SR-1, 7750 SR-7/12/12e, 7750 SR-1s, 7750 SR-2s, 7750 SR-7s, 7750 SR-14s

Context

[Tree] (config>mcast-mgmt>mcast-info-plcy>video-policy video-interface)

Full Context

configure mcast-management multicast-info-policy video-policy video-interface

Description

This command creates a video interface policy context that correlates to the IP address assigned for a video interface. This interface is created in a subscriber service to which the multicast information policy is assigned. If the specified IP address does not correlate to a video interface ip address, the parameters defined within this context have no effect.

The no form of the command deletes the video interface policy context.

Parameters

ip-address

The IP address of a video interface provisioned within the context of a service to which the Multicast Information Policy is assigned. If the IP address does not match the IP address assigned to a video interface, the parameters defined within this context have no effect.

create

Mandatory keyword needed when creating a new video interface within the video policy.

Platforms

7450 ESS, 7750 SR-1, 7750 SR-7/12/12e, 7750 SR-1s, 7750 SR-2s, 7750 SR-7s, 7750 SR-14s

Context

[Tree] (config>service>vprn video-interface)

[Tree] (config>service>vpls video-interface)

[Tree] (config>service>ies video-interface)

Full Context

configure service vprn video-interface

configure service vpls video-interface

configure service ies video-interface

Description

This command creates a video interface within the service. The video interface and associated IP addresses are the addresses to which clients within the service will send requests. The video interface must be associated with an ISA group using the video-sap command and have IP addresses for it to be functional.

The no form of the command deletes the video interface. The video interface must be administratively shut down before issuing the no video-interface command.

Parameters

ip-int-name

Specifies the name of the video interface, up to 32 characters. An interface name cannot be in the form of an IP address. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.

create

This keyword is mandatory when creating a video interface.

Platforms

7450 ESS, 7750 SR-1, 7750 SR-7/12/12e, 7750 SR-1s, 7750 SR-2s, 7750 SR-7s, 7750 SR-14s

Context

[Tree] (debug>service>id video-interface)

Full Context

debug service id video-interface

Description

This command enables debugging for video interfaces.

The no form of the command disables the video interface debugging.

Parameters

video-ip-int-name

Specifies the video interface name.

Platforms

7450 ESS, 7750 SR-1, 7750 SR-7/12/12e, 7750 SR-1s, 7750 SR-2s, 7750 SR-7s, 7750 SR-14s

Context

[Tree] (config>mcast-mgmt>mcast-info-plcy video-policy)

Full Context

configure mcast-management multicast-info-policy video-policy

Description

Commands in this context configure video interfaces and video services.

Platforms

7450 ESS, 7750 SR-1, 7750 SR-7/12/12e, 7750 SR-1s, 7750 SR-2s, 7750 SR-7s, 7750 SR-14s

Context

[Tree] (config>service>vprn>video-interface video-sap)

[Tree] (config>service>ies>video-interface video-sap)

[Tree] (config>service>vpls>video-interface video-sap)

Full Context

configure service vprn video-interface video-sap

configure service ies video-interface video-sap

configure service vpls video-interface video-sap

Description

This command configures a service video interface association with a video group.

The no form of the command removes the video group association.

Parameters

video-group-id

Specifies the video group ID number.

Values

1 to 4

Platforms

7450 ESS, 7750 SR-1, 7750 SR-7/12/12e, 7750 SR-1s, 7750 SR-2s, 7750 SR-7s, 7750 SR-14s

Context

[Tree] (config>app-assure>group>cflowd>rtp-perf video-template)

Full Context

configure application-assurance group cflowd rtp-performance video-template

Description

Commands in this context configure the video template for cflowd fields.

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (candidate view)

Full Context

candidate view

Description

This command displays the candidate configuration along with line numbers that can be used for editing the candidate configuration.

Parameters

line

Displays the candidate configuration starting at the point indicated by the following options (the display is not limited to the current CLI context/branch).

Values

line, offset, first, edit-point, last
	line	absolute line number
	offset	relative line number to current edit point. Prefixed with '+' or '-'
	first	keyword - first line
	edit-point	keyword - current edit point
	last	keyword - last line that is not 'exit'

Platforms

All

Context

[Tree] (admin>rollback view)

Full Context

admin rollback view

Description

This command displays the checkpoint.

Parameters

latest-rb

Specifies the most recently created rollback checkpoint (corresponds to the file-url.rb rollback checkpoint file).

checkpoint-id

Indicates rollback checkpoint file to be viewed. Checkpoint-id of 1 corresponds to the file-url.rb.1 rollback checkpoint file. The higher the id, the older the checkpoint. Max is the highest rollback checkpoint supported or configured.

Values

1 to 9

rescue

Displays the rescue configuration.

Platforms

All

Context

[Tree] (admin view)

Full Context

admin view

Description

The context to configure administrative system viewing parameters. Only authorized users can execute the commands in the admin context.

Parameters

bootup-cfg

Specifies the bootup configuration.

active-cfg

Specifies current running configuration.

candidate-cfg

Specifies candidate configuration.

latest-rb

Specifies the latest configuration.

checkpoint-id

Specifies a specific checkpoint file configuration.

Values

1 to 9

rescue

Specifies a rescue checkpoint configuration.

Platforms

All

Context

[Tree] (config>system>security>snmp view)

Full Context

configure system security snmp view

Description

This command configures a view. Views control the accessibility of a MIB object within the configured MIB view and subtree. Object identifiers (OIDs) uniquely identify MIB objects in the subtree. OIDs are organized hierarchically with specific values assigned by different organizations.

Once the subtree (OID) is identified, a mask can be created to select the portions of the subtree to be included or excluded for access using this particular view. See the mask command.

The view(s) configured with this command can subsequently be used in read, write, and notify commands which are used to assign specific access group permissions to created views and assigned to particular access groups.

Multiple subtrees can be added or removed from a view name to tailor a view to the requirements of the user access group.

A subtree statement matches (covers) any OID that is a descendant of the specified OID value. For example, the subtree 1.3.6.1 matches 1.3.6.1.x (for any value of x), 1.3.6.1.x.y (for any values of x & y), and so on.

Subtrees that are not covered by view statements are not accessible in the view.

Per RFC 2575, View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP), each MIB view is defined by two sets of view subtrees, the included view subtrees, and the excluded view subtrees (see the included and excluded parameters of the mask command). Every such view subtree, both the included and the excluded ones, are defined in this table. To determine if a particular object instance is in a particular MIB view, compare the object instance’s OID with each of the MIB view’s active entries in this table. If none match, then the object instance is not in the MIB view. If one or more match, then the object instance is included in, or excluded from, the MIB view according to the value of vacmViewTreeFamilyType in the entry whose value of vacmViewTreeFamilySubtree has the most sub-identifiers.

The no view view-name command removes a view and all subtrees.

The no view view-name subtree oid-value removes a sub-tree from the view name.

Parameters

view-name

Specifies a view name, up to 32 characters.

oid-value

Specifies the object identifier (OID) value for the view-name. This value, for example, 1.3.6.1.6.3.11.2.1, combined with the mask and include and exclude statements, configures the access available in the view.

It is possible to have a view with different subtrees with their own masks and include and exclude statements. This allows for customizing visibility and write capabilities to specific user requirements.

Platforms

All

Context

[Tree] (config>subscr-mgmt>wlan-gw virtual-chassis-identifier)

Full Context

configure subscriber-mgmt wlan-gw virtual-chassis-identifier

Description

This command specifies a virtual chassis identifier that can link two wlan-gws together.

The no form of this command removes the dual-homing-key.

Parameters

dual-homing-key

Specifies the name of the dual homing key, up to 16 characters.

Platforms

7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>service>vprn>ospf3>area virtual-link)

[Tree] (config>service>vprn>ospf>area virtual-link)

Full Context

configure service vprn ospf3 area virtual-link

configure service vprn ospf area virtual-link

Description

This command configures a virtual link to connect area border routers to the backbone via a virtual link.

The router-id specified in this command must be associated with the virtual neighbor. The transit area cannot be a stub area or a Not So Stubby Area (NSSA).

The no form of this command deletes the virtual link.

Default

No virtual link is defined.

Parameters

router-id

The router ID of the virtual neighbor in IP address dotted decimal notation.

transit-area area-id

The area-id specified identifies the transit area that links the backbone area with the area that has no physical connection with the backbone.

Platforms

All

Context

[Tree] (config>router>ospf3>area virtual-link)

[Tree] (config>router>ospf>area virtual-link)

Full Context

configure router ospf3 area virtual-link

configure router ospf area virtual-link

Description

This command configures a virtual link to connect area border routers to the backbone via a virtual link.

The router-id specified in this command must be associated with the virtual neighbor. The transit area cannot be a stub area or a Not So Stubby Area (NSSA).

The no form of this command deletes the virtual link.

By default, no virtual link is defined.

Default

no virtual-link

Parameters

router-id

Specifies the router ID of the virtual neighbor in IP address dotted decimal notation.

area-id

Specifies the area-id that identifies the transit area that links the backbone area with the area that has no physical connection with the backbone.

Platforms

All

Context

[Tree] (debug>router>ospf virtual-neighbor)

[Tree] (debug>router>ospf3 virtual-neighbor)

Full Context

debug router ospf virtual-neighbor

debug router ospf3 virtual-neighbor

Description

This command enables debugging for an OSPF virtual neighbor.

Parameters

router-id

Specifies the router ID of the virtual neighbor.

Platforms

All

Context

[Tree] (config>card virtual-scheduler-adjustment)

Full Context

configure card virtual-scheduler-adjustment

Description

Commands in this context configure the virtual scheduler processing on the card. This is only applicable to queues and to policers parented to a scheduler.

Platforms

All

Context

[Tree] (config>service>vprn>sub-if>dhcp virtual-subnet)

[Tree] (config>service>ies>sub-if>dhcp virtual-subnet)

Full Context

configure service vprn subscriber-interface dhcp virtual-subnet

configure service ies subscriber-interface dhcp virtual-subnet

Description

This command enables a virtual-subnet for DHCPv4 hosts under the subscriber interface. With this command configured, the system will snoop and record the default router address in the DHCP ACK message for the DHCPv4 ESM host. The system could answer ping or traceroute request even if the default router address is not configured on the subscriber-interface.

The no form of this command reverts to the default.

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>redundancy>mc>peer>mcr>l3ring>node>cv vlan)

Full Context

configure redundancy multi-chassis peer mc-ring l3-ring ring-node connectivity-verify vlan

Description

This command specifies the VLAN tag of the SAP used for ring-node connectivity verification of this ring node. It is only meaningful if the value of is not zero.

The no form of this command reverts to the default.

Parameters

vlan-encap

Specifies the node cc VLAN IP.

Platforms

All

Context

[Tree] (config>subscr-mgmt>wlan-gw>ue-query vlan)

Full Context

configure subscriber-mgmt wlan-gw ue-query vlan

Description

This command enables matching on UEs, based on the VLAN tag within the tunnel, which typically used to indicate an SSID.

The no form of this command disables matching on the VLAN.

Default

no vlan

Parameters

tag

Specifies the VLAN tag.

Values

0 to 4096

Platforms

7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>service>ies>sub-if>grp-if>wlan-gw>retailer vlan)

[Tree] (config>service>vprn>sub-if>grp-if>wlan-gw>retailer vlan)

Full Context

configure service ies subscriber-interface group-interface wlan-gw retailer vlan

configure service vprn subscriber-interface group-interface wlan-gw retailer vlan

Description

This command creates a mapping from a range of VLANs (appearing in the wlan-gw encapsulated Layer 2 frame) to a retail service ID.

The no form of this command removes the parameters from the configuration.

Parameters

start

Specifies the start VLAN tag of this range.

Values

0 to 4095

end

Specifies the end VLAN tag of this range.

Values

0 to 4095

retail-svc-id service-id

Specifies the identifier of the retail service to be used by default of a value in the retail service map of this interface.

Values

1 to 2147483650

svc-name: up to 64 characters

Context

[Tree] (config>redundancy>mc>peer>mcr>node>cv vlan)

Full Context

configure redundancy multi-chassis peer mc-ring ring ring-node connectivity-verify vlan

Description

This command specifies the VLAN tag used for the Ring-node Connectivity Verification of this ring node. It is only meaningful if the value of service ID is not zero. A zero value means that no VLAN tag is configured.

Default

no vlan

Parameters

vlan-encap

Specifies the VLAN tag.

Values

vlan-encap:	dot1q	qtag, *
	qinq	qtag1.qtag2, qtag1.*, 0.*
	qtag	0 to 4094
	qtag1	1 to 4094
	qtag2	0 to 4094

Platforms

All

Context

[Tree] (cfg>eth-cfm>domain>assoc>bridge vlan)

Full Context

configure eth-cfm domain association bridge-identifier vlan

Description

This command configures the bridge identifier primary VLAN ID. This is informational only, and no verification is done to ensure MEPs on this association are on the configured VLAN.

The no form of this command reverts to the default value.

Default

no vlan

Parameters

vlan-id

Specifies a VLAN ID monitored by MA.

Values

1 to 4094

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, 7950 XRS

Context

[Tree] (config>app-assure>group>evt-log>syslog vlan-id)

Full Context

configure application-assurance group event-log syslog vlan-id

Description

This command configures the service port VLAN ID to be used by application assurance to inject the syslog events inband. This VLAN ID needs also to be configured for application assurance interface.

Default

no vlan-id

Parameters

service-port-vlan-id

Specifies the service port VLAN identifier.

Values

1 to 4094

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>app-assure>group>http-redirect>captive-redirect vlan-id)

Full Context

configure application-assurance group http-redirect captive-redirect vlan-id

Description

This command configures the VLAN ID for captive redirect. Captive redirect uses the provisioned VLAN ID to send the HTTP response to subscribers; therefore this VLAN ID must be properly assigned in the same VPN as the subscriber.

Parameters

service-port-vlan-id

Specifies the VLAN ID.

Values

1 to 4094

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>app-assure>group>url-filter>icap vlan-id)

Full Context

configure application-assurance group url-filter icap vlan-id

Description

This command configures the VLAN ID on which the ISA-AA is expected to be emitting traffic mapping to a pre-configured aa-interface.

Default

no vlan-id

Parameters

service-port-vlan-id

Specifies the VLAN ID.

Values

1 to 4094

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>app-assure>group>url-filter>web-service vlan-id)

Full Context

configure application-assurance group url-filter web-service vlan-id

Description

This command configures the VLAN ID on which the AA ISA emits the traffic mapping to a preconfigured AA interface.

The no form of this command removes the VLAN ID configuration.

Default

no vlan-id

Parameters

vlan-id

Specifies the VLAN ID to connect to the web service.

Values

1 to 4094

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (debug>oam>build-packet>packet>field-override>header>dot1q vlan-id)

[Tree] (config>test-oam>build-packet>header>dot1q vlan-id)

Full Context

debug oam build-packet packet field-override header dot1q vlan-id

configure test-oam build-packet header dot1q vlan-id

Description

This command defines the Dot1Q VLAN ID to be used in the test Dot1Q header.

The no form of this command removes the VLAN ID value.

Parameters

vlan-id

Specifies the Dot1Q VLAN ID to be used in the test Dot1Q header.

Values

0 to 4095

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, 7950 XRS

Context

[Tree] (config>app-assure>group>cflowd>dir-exp vlan-id)

Full Context

configure application-assurance group cflowd direct-export vlan-id

Description

This command configures the VLAN ID on which the ISA-AA is expected to be emitting traffic.

The no form of this command removes the VLAN ID from the configuration.

Default

no vlan-id

Parameters

service-port-vlan-id

Specifies the VLAN ID of the service port.

Values

1 to 4094

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>service>ies>sub-if>grp-if>wlan-gw>ranges>range>authentication vlan-mismatch-timeout)

[Tree] (config>service>vprn>sub-if>grp-if>wlan-gw>ranges>range>authentication vlan-mismatch-timeout)

Full Context

configure service ies subscriber-interface group-interface wlan-gw vlan-tag-ranges range authentication vlan-mismatch-timeout

configure service vprn subscriber-interface group-interface wlan-gw vlan-tag-ranges range authentication vlan-mismatch-timeout

Description

This command configures the timeout value for the RADIUS proxy cache if a packet is received with a non-matching VLAN tag. The new timeout value is the lesser of the vlan-mismatch-timeout value and the currently remaining proxy cache timeout value.

The no form of this command disables the timeout behavior. The cache timeout value will remain unchanged.

Parameters

seconds

Specifies the timeout value for the RADIUS proxy cache, in seconds.

Values

5 to 60

Platforms

7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>service>vpls>stp>mst-instance vlan-range)

Full Context

configure service vpls stp mst-instance vlan-range

Description

This command specifies a range of VLANs associated with a certain mst-instance. This range applies to all SAPs of the M-VPLS.

Every VLAN range that is not assigned within any of the created config>service>vpls>stp mst-instance is automatically assigned to mst-instance 0. This instance is automatically maintained by the software and cannot be modified. Changing the VLAN range value can be performed only when the specified mst-instance is shutdown.

The no form of this command removes the vlan-range from the specified config>service>vpls>stp mst-instance.

Parameters

vlan-range

The first VLAN range specifies the left-bound (i.e., minimum value) of a range of VLANs that are associated with the M-VPLS SAP. This value must be smaller than (or equal to) the second VLAN range value. The second VLAN range specifies the right-bound (i.e., maximum value) of a range of VLANs that are associated with the M-VPLS SAP.

Values

1 to 4094 to 1 to 4094

Platforms

All

Context

[Tree] (config>connection-profile-vlan vlan-range)

Full Context

configure connection-profile-vlan vlan-range

Description

This command allows the user to configure different ranges in the connection-profile-vlan. The ranges have the following characteristics:

• Ranges can contain a single VID or start-and-end values. When the to-vid is not specified, the end vid value is the same as the start vid value.

• On the fly addition/removal of ranges is allowed.

• When removing an entry, the no vlan-range vid to vid must be configured by the user.

• Multiple ranges are allowed under the same connection-profile-vlan. No VLAN values should overlap within the same connection-profile-vlan.

• The index for connection-profile and connection-profile-vlan must be unique between the two. For example, if connection-profile 100 is present, then connection-profile-vlan 100 is disallowed.

Each connection-profile-vlan must be explicitly configured.

Parameters

from

Specifies the beginning of the vlan-range associated to the connection-profile-vlan.

Values

1 to 4094

to

Specifies the end of the vlan-range associated to the connection-profile-vlan. If not specified, the vlan-range is comprised of only the from VLAN ID.

Values

1 to 4094

Platforms

All

Context

[Tree] (config>service>ies>sub-if>grp-if>wlan-gw vlan-tag-ranges)

[Tree] (config>service>vprn>sub-if>grp-if>wlan-gw vlan-tag-ranges)

Full Context

configure service ies subscriber-interface group-interface wlan-gw vlan-tag-ranges

configure service vprn subscriber-interface group-interface wlan-gw vlan-tag-ranges

Description

Commands in this context configure VLAN-to-retail-map parameters to map dot1q tags to the retail service ID. The WIFI AP inserts a dot1Q tag in the Layer 2 frame within the GRE tunnel to indicate the retail service provider for the subscriber.

Platforms

7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>service>vpls>sap>ingress vlan-translation)

[Tree] (config>service>epipe>sap>ingress vlan-translation)

Full Context

configure service vpls sap ingress vlan-translation

configure service epipe sap ingress vlan-translation

Description

This command configures ingress VLAN translation. If enabled with an explicit VLAN value, the preserved VLAN ID is overwritten with this value. This setting is applicable to dot1q encapsulated ports. If enabled with the copy-outer keyword, the outer VLAN ID is copied to inner position on QinQ encapsulated ports. The feature is not supported on:

• Dot1q saps

• QinQ saps with qinq-vlan-translation

• Connection profile VLAN SAPs if the copy-outer option is configured

The no version of the command disables VLAN translation.

Default

no vlan-translation

Parameters

vlan-id

Specifies the VLAN id.

Values

0 to 4094

copy-outer

Specifies to use the outer VLAN id.

Platforms

All

Context

[Tree] (config>service>sdp vlan-vc-etype)

Full Context

configure service sdp vlan-vc-etype

Description

This command configures the VLAN VC EtherType.

The no form of this command returns the value to the default.

Default

no vlan-vc-etype

Parameters

ethernet-type

Specifies a valid VLAN etype identifier.

Values

0x0600 to 0xffff

Platforms

All

Context

[Tree] (config>service>vpls>mesh-sdp vlan-vc-tag)

[Tree] (config>service>vpls>spoke-sdp vlan-vc-tag)

Full Context

configure service vpls mesh-sdp vlan-vc-tag

configure service vpls spoke-sdp vlan-vc-tag

Description

This command specifies an explicit dot1q value used when encapsulating to the SDP far end. When signaling is enabled between the near and far end, the configured dot1q tag can be overridden by a received TLV specifying the dot1q value expected by the far end. This signaled value must be stored as the remote signaled dot1q value for the binding. The provisioned local dot1q tag must be stored as the administrative dot1q value for the binding.

When the dot1q tag is not defined, the default value of zero is stored as the administrative dot1q value. Setting the value to zero is equivalent to not specifying the value.

The no form of this command disables the command.

Default

no vlan-vc-tag

Parameters

vlan-id

Specifies a valid VLAN identifier to bind an 802.1Q VLAN tag ID.

Values

0 to 4094

Platforms

All

Context

[Tree] (config>service>sdp>binding>pw-port vlan-vc-tag)

Full Context

configure service sdp binding pw-port vlan-vc-tag

Description

This command sets tag relevant for vc-type vlan mode. This tag is inserted in traffic forwarded into the pseudowire.

The no form of the command reverts to the default value.

Default

no vlan-vc-tag

Parameters

vlan-id

Specifies the VLAN ID value.

Values

0 to 4094

Platforms

All

Context

[Tree] (config>service>epipe>spoke-sdp vlan-vc-tag)

Full Context

configure service epipe spoke-sdp vlan-vc-tag

Description

This command specifies an explicit dot1q value used when encapsulating to the SDP far end. When signaling is enabled between the near and far end, the configured dot1q tag can be overridden by a received TLV specifying the dot1q value expected by the far end. This signaled value must be stored as the remote signaled dot1q value for the binding. The provisioned local dot1q tag must be stored as the administrative dot1q value for the binding.

When the dot1q tag is not defined, the default value of zero is stored as the administrative dot1q value. Setting the value to zero is equivalent to not specifying the value.

The no form of this command disables the command.

Default

no vlan-vc-tag

Parameters

tag

Specifies a valid VLAN identifier to bind an 802.1Q VLAN tag ID.

Values

0 to 4094

Platforms

All

Context

[Tree] (config>service>pw-template vlan-vc-tag)

Full Context

configure service pw-template vlan-vc-tag

Description

This command specifies an explicit dot1q value used when encapsulating to the SDP far end. When signaling is enabled between the near and far end, the configured dot1q tag can be overridden by a received TLV specifying the dot1q value expected by the far end. This signaled value must be stored as the remote signaled dot1q value for the binding. The provisioned local dot1q tag must be stored as the administrative dot1q value for the binding.

When the dot1q tag is not defined, the default value of zero is stored as the administrative dot1q value. Setting the value to zero is equivalent to not specifying the value.

The no form of this command disables the command.

Default

no vlan-vc-tag

Parameters

vlan-id

Specifies a valid VLAN identifier to bind an 802.1Q VLAN tag ID.

Values

0 to 4094

Platforms

All

Context

[Tree] (config>esa vm)

Full Context

configure esa vm

Description

This command configures or creates an ESA-VM instance.

The no form of this command removes the ESA-VM from the system.

Parameters

vm-id

Specifies the VM identifier.

Values

1 to 4

create

Mandatory keyword used when creating an ESA-VM in the config context

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s

Context

[Tree] (config>isa>aa-grp vm-traffic-distribution-by-ip)

Full Context

configure isa application-assurance-group vm-traffic-distribution-by-ip

Description

This command enables the distribution of packets by IP address across virtual CPUs of a data plane VM. This allows support for AA subscribers whose bandwidth exceeds the processing throughput of a single vCPU.

The no form of this command enables traffic distribution by AA subscriber.

Default

no vm-traffic-distribution-by-ip

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>isa>aa-grp vm-traffic-distribution-by-teid)

Full Context

configure isa application-assurance-group vm-traffic-distribution-by-teid

Description

This command configures AA in VSR mode to load-balance traffic across different VM cores using TEID. Load-balancing is required when VSR is deployed on 3GPP S5/S8 (Gn/Gp) interfaces to provide GTP firewalling.

The no form of this command disables load-balancing of the traffic across the VM cores.

Default

no vm-traffic-distribution-by-teid

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>esa>vm vm-type)

Full Context

configure esa vm vm-type

Description

This command configures the type of ESA-VM instance.

The no form of this command removes the specified VM type.

Parameters

vm-type

Specifies the VM type.

Values

aa — Specifies Application Assurance feature support.

bb — Specifies broadband feature support, such as NAT.

tunnel — Specifies tunnel feature support, such as IPsec tunnels.

video — Specifies video feature support, such as FCC and RET (for 7750 SR and 7750 SR-12e only).

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s

Context

[Tree] (config>service>vpls>eth-cfm>spoke-sdp vmep-filter)

[Tree] (config>service>vpls>eth-cfm>sap vmep-filter)

[Tree] (config>service>vpls>eth-cfm>mesh-sdp vmep-filter)

Full Context

configure service vpls eth-cfm spoke-sdp vmep-filter

configure service vpls eth-cfm sap vmep-filter

configure service vpls eth-cfm mesh-sdp vmep-filter

Description

Suppress eth-cfm PDUs based on level lower than or equal to configured Virtual MEP. This command is not supported under a B-VPLS context. This will also delete any MIP configured on the SAP or Spoke-SDP.

The no form of this command reverts to the default values.

Default

no vmep-filter

Context

[Tree] (config>app-assure>group>cflowd>rtp-perf voice-template)

Full Context

configure application-assurance group cflowd rtp-performance voice-template

Description

Commands in this context configure the voice template for cflowd fields.

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>subscr-mgmt>diam-appl-plcy>gy>efh>interim-c volume)

Full Context

configure subscriber-mgmt diameter-application-policy gy extended-failure-handling interim-credit volume

Description

This command configures the default volume interim credit that is allocated to all rating groups of a Diameter Gy session when Extended Failure Handling (EFH) is active and for which no default credit is configured at the category map category level.

The no form of this command resets the value to the default value.

Default

volume 500 megabytes

Parameters

credits

Specifies the amount of volume credit that is allocated by default to all rating groups of a Diameter Gy session when EFH is active.

Values

1 to 4294967295

bytes | kilobytes | megabytes | gigabytes

Specifies whether credits are in bytes, kilobytes, megabytes, or gigabytes.

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>app-assure>group>cflowd volume)

Full Context

configure application-assurance group cflowd volume

Description

This command configures the cflowd volume export.

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>service>ies>sub-if>grp-if>wlan-gw>ranges>range>dsm volume-quota-direction)

[Tree] (config>service>vprn>sub-if>grp-if>wlan-gw>ranges>range>dsm volume-quota-direction)

Full Context

configure service ies subscriber-interface group-interface wlan-gw vlan-tag-ranges range distributed-sub-mgmt volume-quota-direction

configure service vprn subscriber-interface group-interface wlan-gw vlan-tag-ranges range distributed-sub-mgmt volume-quota-direction

Description

This command specifies whether volume quota is applied in the egress (downstream), ingress (upstream), or both directions. Configuration changes apply only to new DSM UEs and not to existing UEs.

Parameters

both

Enforces the volume quota on the packets ingressing and egressing the WLAN-GW combined.

ingress

Enforces the volume quota on packets ingressing the WLAN-GW from the UE (upstream).

egress

Enforces the volume quota on packets egressing the WLAN-GW to the UE (downstream).

Platforms

7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>subscr-mgmt>sub-prof volume-stats-type)

Full Context

configure subscriber-mgmt sub-profile volume-stats-type

Description

This command enables the reporting of Layer 3 (IP) based subscriber host volume accounting data.

By default, subscriber host volume accounting data includes Layer 2 header octets and can be configured to include a fixed packet byte offset or last-mile encapsulation overhead.

The no form of this command reverts to the default.

Default

volume-stats-type default

Parameters

default

Specifies that the subscriber host volume accounting data is reported including the Layer 2 header octets and optional delta’s introduced by configuration (for example: packet byte offset, last mile aware shaping, and so on).

ip

Specifies that the subscriber host volume accounting data reporting is based on Layer 3 (IP) packet sizes. This includes subscriber host ingress/egress queue and policer stats in snmp, CLI show commands, RADIUS and XML accounting, and Diameter Gx usage monitoring. RADIUS and Diameter (DCCA) based credit control volume quota are interpreted as Layer 3 (IP).

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>service vpls)

Full Context

configure service vpls

Description

This command creates or edits a Virtual Private LAN Services (VPLS) instance. The vpls command is used to create or maintain a VPLS service. If the service-id does not exist, a context for the service is created. If the service-id exists, the context for editing the service is entered.

A VPLS service connects multiple customer sites together acting like a zero-hop, Layer 2 switched domain. A VPLS is always a logical full mesh.

When a service is created, the create keyword must be specified if the create command is enabled in the environment context. When creating a service, you must enter the customer keyword and specify a customer-id to associate the service with a customer. The customer-id must already exist, having been created using the customer command in the service context. The customer-id must already exist having been created using the customer command in the service context. Once a service has been created with a customer association, it is not possible to edit the customer association. The service must be deleted and re-created with a new customer association.

To create a management VPLS on the 7450 ESS, the m-vpls keyword must be specified. See section Hierarchical VPLS Redundancy for an introduction to the concept of management VPLS.

Once a service is created, the use of the customer customer-id is optional for navigating into the service configuration context. Attempting to edit a service with the incorrect customer-id specified will result in an error.

More than one VPLS service may be created for a single customer ID.

By default, no VPLS instances exist until they are explicitly created.

The no form of this command deletes the VPLS service instance with the specified service-id. The service cannot be deleted until all SAPs and SDPs defined within the service ID have been shut down and deleted, and the service has been shut down.

Parameters

service-id

Specifies unique service identification number identifying the service in the service domain. This ID must be unique to this service and may not be used for any other service of any type. The service-id must be the same number used for every router on which this service is defined.

Values

service-id: 1 to 2147483647

svc-name: 64 characters maximum

customer customer-id

Specifies the customer ID number to be associated with the service. This parameter is required on service creation and optional for service editing or deleting.

Values

1 to 2147483647

vpn vpn-id

Specifies the VPN ID number which allows you to identify virtual private networks (VPNs) by a VPN identification number

Values

1 to 2147483647

Default

null (0)

create

Keyword used to create the service ID. The create keyword requirement can be enabled/disabled in the environment>create context.

m-vpls

Specifies a management VPLS

e-tree

Specifies a VPLS service as an E-Tree VPLS. E-Tree VPLS services have root and leaf attachment circuit (AC) and root leaf tag SAPs/SDP bindings for E-Tree interconnection. The access root AC SAP behaves as a SAP in non-E-tree VPLS services. The leaf AC SAP communicates only with root-connected services. Leaf and root AC SAPs behave externally the same as SAPs in non-E-Tree VPLS services.

The root AC SDP bind behaves as an SDP bind in non-E-tree VPLS services. The leaf AC SDP bind communicates only with root-connected services.

In the E-Tree VPLS, the root AC SAP/SDP bindings can communicate with other root and leaf AC SAP/SDP bind services locally and remotely. Root-originated traffic is marked internally with a root indication and the root is tagged externally on tag SAP/SDP binds. The leaf AC SAP/SDP bindings can communicate with other root SAP/SDP bindings locally and remotely. Leaf-originated traffic is marked internally with a leaf indication and tagged externally on leaf tag SAP/SDP bindings.

Any number of root or leaf AC SAPs can be used, up to the configured SAP limits in the E-Tree VPLS.

Network-side root leaf tag SAPs use additional SAP resources. These tag SAPs used two tags; one for root and one for leaf. Network-side tag SDPs use a hard coded tag of 1 for root and 2 for leaf. AC SDP bindings are designated as root or leaf SDP bindings but carry no tags marking traffic on the egress frames.

The E-Tree SAP type must be specified when the SAP is created. To change the SAP type, the SAP must be removed and recreated.

b-vpls | i-vpls

Creates a backbone-vpls or ISID-vpls

name name

Configures an optional service name identifier, up to 64 characters, to a given service. This service name can then be used in configuration references, display, and show commands throughout the system. A defined service name can help the service provider or administrator to identify and manage services within the SR OS platforms.

To create a service, you must assign a service ID; however, after it is created, either the service ID or the service name can be used to identify and reference a service.

If a name is not specified at creation time, then SR OS assigns a string version of the service-id as the name.

Platforms

All

Context

[Tree] (config>service>ies>if vpls)

Full Context

configure service ies interface vpls

Description

The vpls command, within the IP interface context, is used to bind the IP interface to the specified service name (VPLS or I-VPLS).

The system does not attempt to resolve the service name provided until the IP interface is placed into the administratively up state (no shutdown). Once the IP interface is administratively up, the system will scan the available VPLS services that have the allow-ip-int-bind flag set for a VPLS service associated with the name. If the service name is bound to the service name when the IP interface is already in the administratively up state, the system will immediately attempt to resolve the given name.

If a VPLS service is found associated with the name and with the allow-ip-int-bind flag set, the IP interface is attached to the VPLS service allowing routing to and from the service virtual ports once the IP interface is operational.

A VPLS service associated with the specified name that does not have the allow-ip-int-bind flag set or a non-VPLS service associated with the name is ignored and will not be attached to the IP interface.

If the service name is applied to a VPLS service after the service name is bound to an IP interface and the VPLS service allow-ip-int-bind flag is set at the time the name is applied, the VPLS service is automatically resolved to the IP interface if the interface is administratively up or when the interface is placed in the administratively up state.

If the service name is applied to a VPLS service without the allow-ip-int-bind flag set, the system will not attempt to resolve the applied service name to an existing IP interface bound to the name. To rectify this condition, the flag must first be set and then the IP interface must enter or reenter the administratively up state.

While the specified service name may be assigned to only one service context in the system, it is possible to bind the same service name to more than one IP interface. If two or more IP interfaces are bound to the same service name, the first IP interface to enter the administratively up state (if currently administratively down) or to reenter the administratively up state (if currently administratively up) when a VPLS service is configured with the name and has the allow-ip-int-bind flag set is attached to the VPLS service. Only one IP interface is allowed to attach to a VPLS service context. No error is generated for the remaining non-attached IP interfaces using the service name.

Once an IP interface is attached to a VPLS service, the name associated with the service cannot be removed or changed until the IP interface name binding is removed. Also, the allow-ip-int-bind flag cannot be removed until the attached IP interface is unbound from the service name.

Unbinding the service name from the IP interface causes the IP interface to detach from the VPLS service context. The IP interface may then be bound to another service name or a SAP or SDP binding may be created for the interface using the sap or spoke-sdp commands on the interface.

VPRN Hardware Dependency

When a service name is bound to a VPRN IP interface, all SAPs associated with the VPRN service must be on hardware based on the FlexPath2 forwarding plane. Currently, these include the IOM3-XP and the various IMM modules. If any SAPs are associated with the wrong hardware type, the service name binding to the VPRN IP interface fails. Once an IP interface within the VPRN service is bound to a service name, attempting to create a SAP on excluded hardware fails.

IP Interface MTU and Fragmentation

A VPLS service is affected by two MTU values; port MTUs and the VPLS service MTU. The MTU on each physical port defines the largest Layer 2 packet (including all DLC headers and CRC) that may be transmitted out a port. The VPLS itself has a service level MTU that defines the largest packet supported by the service. This MTU does not include the local encapsulation overhead for each port (QinQ, Dot1Q, TopQ or SDP service delineation fields and headers) but does include the remainder of the packet. As virtual ports are created in the system, the virtual port cannot become operational unless the configured port MTU minus the virtual port service delineation overhead is greater than or equal to the configured VPLS service MTU. Thus, an operational virtual port is ensured to support the largest packet traversing the VPLS service. The service delineation overhead on each Layer 2 packet is removed before forwarding into a VPLS service. VPLS services do not support fragmentation and must discard any Layer 2 packet larger than the service MTU after the service delineation overhead is removed.

IP interfaces have a configurable up MTU that defines the largest packet that may egress the IP interface without being fragmented. This MTU encompasses the IP portion of the packet and does not include any of the egress DLC header or CRC. This MTU does not affect the size of the largest ingress packet on the IP interface. If the egress IP portion of the packet is larger than the IP interface MTU and the IP header do not fragment flag is not set, the packet is fragmented into smaller packets that will not exceed the configured MTU size. If the do not fragment bit is set, the packet is silently discarded at egress when it exceeds the IP MTU.

When the IP interface is bound to a VPLS service, the IP MTU must be at least 18 bytes less than the VPLS service MTU. This allows for the addition of the minimal Ethernet encapsulation overhead; 6 bytes for the DA, 6 bytes for the SA, 2 bytes for the Etype and 4 bytes for the trailing CRC. Any remaining egress virtual port overhead (Dot1P, Dot1Q, QinQ, TopQ or SDP) required above the minimum is known to be less than the egress ports MTU since the virtual port would not be operational otherwise.

If the IP interface IP MTU value is too large based on the VPLS service MTU, the IP interface will enter the operationally down state until either the IP MTU is adequately lowered or the VPLS service MTU is sufficiently increased.

The no form of this command on the IP interface is used to remove the service name binding from the IP interface. If the service name has been resolved to a VPLS service context and the IP interface has been attached to the VPLS service, the IP interface will also be detached from the VPLS service.

Parameters

service-name

The service-name parameter is required when using the IP interface vpls command and specifies the service name that the system will attempt to resolve to an allow-ip-int-bind enabled VPLS service associated with the name. The specified name is expressed as an ASCII string comprised of up to 32 characters. It does not need to already be associated with a service and the system does not check to ensure that multiple IP interfaces are not bound to the same name.

Platforms

All

Context

[Tree] (config>subscr-mgmt>shcv-policy vpls)

Full Context

configure subscriber-mgmt shcv-policy vpls

Description

Commands in this context configure SHCV behavior in VPLS services. Refer to the 7450 ESS, 7750 SR, 7950 XRS, and VSR Layer 2 Services and EVPN Guide: VLL, VPLS, PBB, and EVPN for VPLS service command syntax and descriptions.

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>service>vpls vpls-group)

Full Context

configure service vpls vpls-group

Description

This command defines a vpls-group index. Multiple vpls-group commands can be specified to allow the use of different VPLS and SAP templates for different ranges of service ids. A vpls-group can be deleted only in shutdown state. Multiple commands under different vpls-group ids can be issued and can be in progress at the same time.

Default

no vpls-group

Parameters

vpls-group-id

Specifies the ID associated with the VPLS group

Values

1 to 4094

Platforms

All

Context

[Tree] (config>service>vpls>bgp-ad vpls-id)

Full Context

configure service vpls bgp-ad vpls-id

Description

This command configures the VPLS ID component that is signaled in one of the extended community attributes (ext-comm).

Values and format (6 bytes, other 2 bytes of type-subtype is automatically generated)

Parameters

vpls-id

Specifies a globally unique VPLS ID for BGP auto-discovery in this VPLS service

Values

vpls-id: <ip-addr:comm-val>| <as-number:ext-comm-val>

ip-addr: a.b.c.d

comm-val: [0 to 65535]

as-number: [1 to 65535]

ext-comm-val: [0 to 4294967295]

Platforms

All

Context

[Tree] (config>subscr-mgmt>msap-policy vpls-only-sap-parameters)

Full Context

configure subscriber-mgmt msap-policy vpls-only-sap-parameters

Description

Commands in this context configure MSAP VPLS properties.

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>service>template vpls-sap-template)

Full Context

configure service template vpls-sap-template

Description

This is the command used to create a SAP template to be used in a vpls-template. Only certain existing VPLS SAP attributes can be changed in the vpls-sap-template, not in the instantiated VPLS SAP

The following SAP attributes are set in the instantiated saps (no configuration allowed):

description: ‟Sap <sap-id> controlled by MVRP service <svc id>” – auto generated

shutdown: no shutdown

Parameters

name/id

Specifies the name in ASCII or the template ID

Values

1 to 2147483647

Platforms

All

Context

[Tree] (config>service>template vpls-template)

Full Context

configure service template vpls-template

Description

This command is used to create a vpls-template to be used to auto-instantiate a range of VPLS services. Only certain existing VPLS attributes specified in the command reference section can be changed in the vpls-template, not in the instantiated VPLS. The following attributes are automatically set in the instantiated VPLSs (no template configuration necessary) and the operator cannot change these values.

vpn-id: none

description: ‟Service <svc id> auto-generated by control VPLS <svc-id>”

service-name: ‟Service <svc id>” (Auto-generated)

shutdown: no shutdown

Following existing attributes can be set by the user in the instantiated VPLSs:

[no] sap

All the other VPLS attributes are not supported.

Parameters

name/id

Specifies the name in ASCII or the template ID

Values

name: ASCII string

Values

ID: [1 to 2147483647]

Platforms

All

Context

[Tree] (config>service>vpls>vpls-group vpls-template-binding)

Full Context

configure service vpls vpls-group vpls-template-binding

Description

This command configures the binding to a VPLS template to be used to instantiate pre-provisioned data VPLS using as input variables the service IDs generated by the vid-range command.

The no form of this command removes the binding and deletes the related VPLS instances. The command will fail if any of the affected VPLS instances have either a provisioned SAP or an active MVRP declaration/registration or if the related vpls-group id is in no shutdown state. Any changes to the vpls-template-binding require the vpls-group to be in shutdown state.

Default

no vpls-template-binding

Parameters

name/id

Specifies the name or the ID of the VPLS template

Values

1 to 1024

Platforms

All