u Commands
ua
ua
Syntax
[no] ua function-value
Context
[Tree] (config>router>segment-routing>srv6>inst>ms-loc>func ua)
Full Context
configure router segment-routing segment-routing-v6 base-routing-instance micro-segment-locator function ua
Description
Commands in this context configure the attributes of the uA micro-SID function associated with a P2P interface. The uA micro-SID function encodes the behavior of an adjacency SID.
The range of allowed configurable values is [1, max-entries]. This draws the Nth value (where N = function-value) of the local micro-SID range [1024*global-sid-entries, 2^sid-length – 1] to form a uA micro-SID.
Static micro-SID values range in [1024*global-sid-entries, 1024*global-sid-entries + max-entries – 1].
A static function value can be configured for each combination of SRH mode and protection type.
For a specified interface, the static function value associated with the same combination of protection type and SRH mode overrides any corresponding automatically allocated function value (ua-auto-allocate command configuration).
If more than one value is configured for an interface and combination of SRH mode and protection type, they are all advertised in IS-IS.
When used in remote TI-LFA repair tunnel programming, IS-IS uses rules to select one uA value from the multiple values received in IS-IS link advertisements.
The values assigned to loopback and system interfaces are not advertised in IS-IS.
The uA micro-SID functions for adjacencies over broadcast interfaces are always automatically allocated based on the configuration of the following command:
configure router segment-routing segment-routing-v6 base-routing-instance micro-segment-locator function ua-auto-allocate
The no form of this command removes the function value from the configuration.
Parameters
- function-value
-
Specifies the SRv6 uA function.
Platforms
7450 ESS, 7750 SR, 7750 SR-s, 7950 XRS, VSR
ua-auto-allocate
ua-auto-allocate
Syntax
[no] ua-auto-allocate srh-mode srh-mode protection protection
Context
[Tree] (config>router>segment-routing>srv6>inst>ms-loc>func ua-auto-allocate)
Full Context
configure router segment-routing segment-routing-v6 base-routing-instance micro-segment-locator function ua-auto-allocate
Description
This command configures a list entry for the automatic allocation of the uA micro-SID function for all adjacencies over all network interfaces on the router (P2P and broadcast interfaces).
Auto-allocated uA function value (N) is drawn by the system from the following range [max-entries + 1, 2^sid-length – 1024*global-sid-entries] and the effective micro-SID value is the Nth value of the local micro SID range [1024*global-sid-entries, 2^sid-length – 1]. Dynamic micro-SID values range in [1024*global-sid-entries + max-entries, 2^sid-length – 1].
A list entry is a combination of the protection type and the SRH mode. Any combinations in addition to the maximum number of entries supported by this command must be allocated statically for each P2P interface. The maximum number of entries in this list is two.
When no list entries are configured, no uA function values are automatically allocated by default for a micro-segment locator.
Any change to this list causes a re-allocation of new function values to all interfaces on the router that results in flooding them to the network and triggers a new SPF in all routers.
The no form of this command removes the function value from the configuration.
Parameters
- srh-mode
-
Specifies the SRH mode for the SID.
- protection
-
Specifies whether the adjacency SID is protected.
Platforms
7450 ESS, 7750 SR, 7750 SR-s, 7950 XRS, VSR
udp
udp
Syntax
[no] udp
Context
[Tree] (config>service>epipe>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter udp)
[Tree] (config>service>vpls>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter udp)
[Tree] (config>service>vprn>bgp-ipvpn>mpls>auto-bind-tunnel>resolution-filter udp)
[Tree] (config>service>vprn>bgp-evpn>mpls>auto-bind-tunnel>resolution-filter udp)
Full Context
configure service epipe bgp-evpn mpls auto-bind-tunnel resolution-filter udp
configure service vpls bgp-evpn mpls auto-bind-tunnel resolution-filter udp
configure service vprn bgp-ipvpn mpls auto-bind-tunnel resolution-filter udp
configure service vprn bgp-evpn mpls auto-bind-tunnel resolution-filter udp
Description
This command selects the MPLS-over-UDP tunnel type programmed in TTM.
The udp value instructs BGP EVPN to search for a UDP LSP to the address of the BGP next hop.
The no form of this command removes the selected MPLS-over-UDP tunnel type.
Default
no udp
Platforms
All
udp
Syntax
udp [hrs hours] [min minutes] [sec seconds]
no udp
Context
[Tree] (config>service>nat>up-nat-policy>timeouts udp)
[Tree] (config>service>nat>nat-policy>timeouts udp)
[Tree] (config>service>nat>firewall-policy>timeouts udp)
Full Context
configure service nat up-nat-policy timeouts udp
configure service nat nat-policy timeouts udp
configure service nat firewall-policy timeouts udp
Description
This command configures the UDP mapping timeout.
Default
udp min 5
Parameters
- hours
-
Specifies the timeout hours field.
- minutes
-
Specifies the timeout minutes field.
- seconds
-
Specifies the timeout seconds field.
Platforms
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
- configure service nat nat-policy timeouts udp
- configure service nat up-nat-policy timeouts udp
7750 SR, 7750 SR-e, 7750 SR-s, VSR
- configure service nat firewall-policy timeouts udp
udp
Syntax
udp src udp-port dest udp-port
no udp
Context
[Tree] (config>mirror>mirror-dest>encap>layer-3-encap>gateway udp)
Full Context
configure mirror mirror-dest encap layer-3-encap gateway udp
Description
This command configures the source UDP port and destination UDP port to use in the UDP header part of the routable LI encapsulation.
Parameters
- udp-port
-
Specifies source UDP port.
Platforms
All
udp
Syntax
udp
Context
[Tree] (config>test-oam>build-packet>header udp)
[Tree] (debug>oam>build-packet>packet>field-override>header udp)
Full Context
configure test-oam build-packet header udp
debug oam build-packet packet field-override header udp
Description
This command creates a UDP header and enables the context to define the associated parameters.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, 7950 XRS
udp
Syntax
[no] udp
Context
[Tree] (config>router>bgp>next-hop-resolution>labeled-routes>transport-tunnel>family>resolution-filter udp)
Full Context
configure router bgp next-hop-resolution labeled-routes transport-tunnel family resolution-filter udp
Description
This command selects UDP tunnel in TTM for next-hop resolution.
Platforms
All
udp-dns
udp-dns
Syntax
udp-dns [hrs hours] [min minutes] [sec seconds]
no udp-dns
Context
[Tree] (config>service>nat>up-nat-policy>timeouts udp-dns)
[Tree] (config>service>nat>firewall-policy>timeouts udp-dns)
[Tree] (config>service>nat>nat-policy>timeouts udp-dns)
Full Context
configure service nat up-nat-policy timeouts udp-dns
configure service nat firewall-policy timeouts udp-dns
configure service nat nat-policy timeouts udp-dns
Description
This command configures the timeout applied to a UDP session with destination port 53.
Default
udp-dns sec 15
Parameters
- hours
-
Specifies the timeout hours field.
- minutes
-
Specifies the timeout minutes field.
- seconds
-
Specifies the timeout seconds field.
Platforms
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
- configure service nat up-nat-policy timeouts udp-dns
- configure service nat nat-policy timeouts udp-dns
7750 SR, 7750 SR-e, 7750 SR-s, VSR
- configure service nat firewall-policy timeouts udp-dns
udp-dst
udp-dst
Syntax
udp-dst udp-port
no udp-dst
Context
[Tree] (config>li>mirror-dest-template>layer-3-encap udp-dst)
Full Context
configure li mirror-dest-template layer-3-encap udp-dst
Description
This command configures the destination UDP port to be used in the UDP header of the routable LI encapsulation.
Parameters
- udp-port
-
Specifies the destination UDP port.
Platforms
All
udp-dst-port
udp-dst-port
Syntax
udp-dst-port port
no udp-dst-port
Context
[Tree] (config>mcast-mgmt>mcast-rprt-dest udp-dst-port)
Full Context
configure mcast-management mcast-reporting-dest udp-dst-port
Description
This command specifies the UDP destination port of the external node to which IGMP events are exported.
The no form of this command reverts to the default.
Parameters
- port
-
Specifies the UDP port to send multicast reports.
Platforms
All
udp-inbound-refresh
udp-inbound-refresh
Syntax
[no] udp-inbound-refresh
Context
[Tree] (config>service>nat>nat-policy udp-inbound-refresh)
[Tree] (config>service>nat>firewall-policy udp-inbound-refresh)
[Tree] (config>service>nat>up-nat-policy udp-inbound-refresh)
Full Context
configure service nat nat-policy udp-inbound-refresh
configure service nat firewall-policy udp-inbound-refresh
configure service nat up-nat-policy udp-inbound-refresh
Description
This command enables UDP session timeout extended on inbound traffic.
The no form of the command disables UDP session timeout extended on inbound traffic.
Default
no udp-inbound-refresh
Platforms
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
- configure service nat nat-policy udp-inbound-refresh
- configure service nat up-nat-policy udp-inbound-refresh
7750 SR, 7750 SR-e, 7750 SR-s, VSR
- configure service nat firewall-policy udp-inbound-refresh
udp-initial
udp-initial
Syntax
udp-initial [min minutes] [sec seconds]
no udp-initial
Context
[Tree] (config>service>nat>nat-policy>timeouts udp-initial)
[Tree] (config>service>nat>firewall-policy>timeouts udp-initial)
[Tree] (config>service>nat>up-nat-policy>timeouts udp-initial)
Full Context
configure service nat nat-policy timeouts udp-initial
configure service nat firewall-policy timeouts udp-initial
configure service nat up-nat-policy timeouts udp-initial
Description
This command configures the UDP mapping timeout applied to new sessions.
Default
udp-initial sec 15
Parameters
- minutes
-
Specifies the timeout minutes field.
- seconds
-
Specifies the timeout seconds field.
Platforms
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
- configure service nat nat-policy timeouts udp-initial
- configure service nat up-nat-policy timeouts udp-initial
7750 SR, 7750 SR-e, 7750 SR-s, VSR
- configure service nat firewall-policy timeouts udp-initial
udp-port
udp-port
Syntax
udp-port udp-port-number
Context
[Tree] (config>service>vprn>mtrace2 udp-port)
[Tree] (config>router>mtrace2 udp-port)
Full Context
configure service vprn mtrace2 udp-port
configure router mtrace2 udp-port
Description
This command specifies the destination and listening port for the mtrace2 command. When it is configured, this command generates Mtrace2 packets with the configured UDP port, and also listens on the same port for any incoming Mtrace2 packets.
Port 33435 is the IANA-assigned port for Mtrace2. On several operating systems (for example, Linux OS, SR OS), this port is also used by traceroute. On SR OS, if port 33435 is configured as the Mtrace2 port, SR OS does not respond to traceroute on this port.
Default
5000
Parameters
- udp-port-number
-
Specifies the UDP port for the test.
Platforms
All
udp-protocols
udp-protocols
Syntax
udp-protocols protocol-set
Context
[Tree] (config>app-assure>group>tether-detect>ttl-mon udp-protocols)
Full Context
configure application-assurance group tethering-detection ttl-monitoring udp-protocols
Description
This command configures whether AA analyzes all UDP traffic or only traffic from standard applications that generate consistent TTL values. Configuring AA to analyze only standard UDP traffic is recommended.
Default
udp-protocols standard
Parameters
- protocol-set
-
Specifies the scope of analysis for UDP traffic.
Platforms
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
udp-return-object
udp-return-object
Syntax
udp-return-object ip-address
no udp-return-object
Context
[Tree] (config>oam-pm>session>mpls>lsp>rsvp udp-return-object)
[Tree] (config>oam-pm>session>mpls>lsp>rsvp-auto udp-return-object)
Full Context
configure oam-pm session mpls lsp rsvp udp-return-object
configure oam-pm session mpls lsp rsvp-auto udp-return-object
Description
This command configures the destination IP address used by the far end of the test to send a test response. The UDP port in the UDP-Return Object is set to 64353 for MPLS DM PDUs.
RSVP tunnels are unidirectional and must include a configured local address for the responder can route the response back by the IP control plane. If the configuration is absent, the DN test fails to activate. If the configured IP address is not a local address, the command fails.
The no form of this command removes the udp-return-object IP address.
Parameters
- ip-address
-
Specifies the destination IP.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, 7950 XRS
udp-src
udp-src
Syntax
udp-src udp-port
no udp-src
Context
[Tree] (config>li>mirror-dest-template>layer-3-encap udp-src)
Full Context
configure li mirror-dest-template layer-3-encap udp-src
Description
This command configures the source UDP port to be used in the UDP header of the routable LI encapsulation.
Parameters
- udp-port
-
Specifies the source UDP port.
Platforms
All
udt2m
udt2m
Syntax
udt2m [function-value]
no udt2m
Context
[Tree] (config>service>vpls>srv6>ms-locator>function udt2m)
Full Context
configure service vpls segment-routing-v6 micro-segment-locator function udt2m
Description
This command configures the SRv6 uDT2M behavior and function value that is associated with the SRv6 instance in the service. This means that decapsulation and table lookup for IPv6 prefixes occurs in the VPLS service.
The range of allowed configurables values is [1, max-entries]. This draws the Nth value (where N = function-value) of the local micro-SID range [1024*global-sid-entries, 2^sid-length – 1] to form a uDT2M micro-SID. Static micro-SID values range in [1024*global-sid-entries, 1024*global-sid-entries + max-entries – 1].
If no value is configured, the system draws a function value (N) from the following range [max-entries + 1, 2^sid-length – 1024*global-sid-entries] and the effective micro-SID value is the Nth value of the local micro-SID range [1024*global-sid-entries, 2^sid-length – 1]. Dynamic micro-SID values range in [1024*global-sid-entries + max-entries, 2^sid-length – 1].
The no form of this command removes the function behavior and value from the configuration.
Parameters
- function-value
-
Specifies the SRv6 micro-segment uDT2M function value.
Platforms
7450 ESS, 7750 SR, 7750 SR-s, 7950 XRS, VSR
udt2u
udt2u
Syntax
udt2u [function-value]
no udt2u
Context
[Tree] (config>service>vpls>srv6>ms-locator>function udt2u)
Full Context
configure service vpls segment-routing-v6 micro-segment-locator function udt2u
Description
This command configures the SRv6 uDT2U behavior and function value that is associated with the SRv6 instance in the service. This means that decapsulation and table lookup for IPv6 prefixes occurs in the VPLS service.
The range of allowed configurables values is [1, max-entries]. This draws the Nth value (where N = function-value) of the local micro-SID range [1024*global-sid-entries, 2^sid-length – 1] to form a uDT2U micro-SID. Static micro-SID values range in [1024*global-sid-entries, 1024*global-sid-entries + max-entries – 1].
If no value is configured, the system draws a function value (N) from the following range [max-entries + 1, 2^sid-length – 1024*global-sid-entries] and the effective micro-SID value is the Nth value of the local micro-SID range [1024*global-sid-entries, 2^sid-length – 1]. Dynamic micro-SID values range in [1024*global-sid-entries + max-entries, 2^sid-length – 1].
The no form of this command removes the function behavior and value from the configuration.
Parameters
- function-value
-
Specifies the SRv6 micro-segment uDT2U function value.
Platforms
7450 ESS, 7750 SR, 7750 SR-s, 7950 XRS, VSR
udt4
udt4
Syntax
udt4 [function-value]
no udt4
Context
[Tree] (config>router>segment-routing>srv6>inst>ms-loc>func udt4)
Full Context
configure router segment-routing segment-routing-v6 base-routing-instance micro-segment-locator function udt4
Description
This command configures the SRv6 micro-segment uDT4 behavior and function value associated with the base routing instance. This implies that decapsulation and table lookup for IPv4 prefixes occurs in the base routing table. These prefixes can be static routes or routes advertised in BGP.
The range of allowed configurables values is [1, max-entries]. This draws the Nth value (where N = function-value) of the local micro-SID range [1024*global-sid-entries, 2^sid-length – 1] to form a uDT4 micro-SID. Static micro-SID values range in [1024*global-sid-entries, 1024*global-sid-entries + max-entries – 1].
When unconfigured, the system draws a function value (N) from the following range [max-entries + 1, 2^sid-length – 1024*global-sid-entries] and the effective micro-SID value is the Nth value of the local micro-SID range [1024*global-sid-entries, 2^sid-length – 1]. Dynamic micro-SID values range in [1024*global-sid-entries + max-entries, 2^sid-length – 1].
The no form of this command removes the function behavior and value from the configuration.
Parameters
- function-value
-
Specifies the SRv6 micro-segment uDT4 function value.
Platforms
7450 ESS, 7750 SR, 7750 SR-s, 7950 XRS, VSR
udt4
Syntax
udt4 [function-value]
no udt4
Context
[Tree] (config>service>vprn>srv6>ms-locator>function udt4)
Full Context
configure service vprn segment-routing-v6 micro-segment-locator function udt4
Description
This command configures the SRv6 uDT4 behavior and function value that is associated with the SRv6 instance in the service. This implies that decapsulation and table lookup for IPv4 prefixes occurs in the VPRN.
The range of allowed configurables values is [1, max-entries]. This draws the Nth value (where N = function-value) of the local micro-SID range [1024*global-sid-entries, 2^sid-length – 1] to form a uDT4 micro-SID. Static micro-SID values range in [1024*global-sid-entries, 1024*global-sid-entries + max-entries – 1].
If no value is configured, the system draws a function value (N) from the following range [max-entries + 1, 2^sid-length – 1024*global-sid-entries] and the effective micro-SID value is the Nth value of the local micro-SID range [1024*global-sid-entries, 2^sid-length – 1]. Dynamic micro-SID values range in [1024*global-sid-entries + max-entries, 2^sid-length – 1].
The no form of this command removes the function behavior and value from the configuration.
Parameters
- function-value
-
Specifies the SRv6 micro-segment uDT4 function value.
Platforms
7450 ESS, 7750 SR, 7750 SR-s, 7950 XRS, VSR
udt46
udt46
Syntax
udt46 [function-value]
no udt46
Context
[Tree] (config>router>segment-routing>srv6>inst>ms-loc>func udt46)
Full Context
configure router segment-routing segment-routing-v6 base-routing-instance micro-segment-locator function udt46
Description
This command configures the SRv6 micro-segment uDT46 behavior and function value associated with the base routing instance. This implies that decapsulation and table lookup for IPv4 prefixes occurs in the base routing table. These prefixes can be static routes or routes advertised in BGP.
The range of allowed configurables values is [1, max-entries]. This draws the Nth value (where N = function-value) of the local micro-SID range [1024*global-sid-entries, 2^sid-length – 1] to form a uDT46 micro-SID. Static micro-SID values range in [1024*global-sid-entries, 1024*global-sid-entries + max-entries – 1].
When unconfigured, the system draws a function value (N) from the following range [max-entries + 1, 2^sid-length – 1024*global-sid-entries] and the effective micro-SID value is the Nth value of the local micro-SID range [1024*global-sid-entries, 2^sid-length – 1]. Dynamic micro-SID values range in [1024*global-sid-entries + max-entries, 2^sid-length – 1].
The no form of this command removes the function behavior and value from the configuration.
Parameters
- function-value
-
Specifies the SRv6 micro-segment uDT46 function value.
Platforms
7450 ESS, 7750 SR, 7750 SR-s, 7950 XRS, VSR
udt46
Syntax
udt46 [function-value]
no udt46
Context
[Tree] (config>service>vprn>srv6>ms-locator>function udt46)
Full Context
configure service vprn segment-routing-v6 micro-segment-locator function udt46
Description
This command configures the SRv6 uDT46 behavior and function value that is associated with the SRv6 instance in the service. This implies that decapsulation and table lookup for IPv4 and IPv6 prefixes occurs in the VPRN.
The range of allowed configurables values is [1, max-entries]. This draws the Nth value (where N = function-value) of the local micro-SID range [1024*global-sid-entries, 2^sid-length – 1] to form a uDT46 micro-SID. Static micro-SID values range in [1024*global-sid-entries, 1024*global-sid-entries + max-entries – 1].
If no value is configured, the system draws a function value (N) from the following range [max-entries + 1, 2^sid-length – 1024*global-sid-entries] and the effective micro-SID value is the Nth value of the local micro-SID range [1024*global-sid-entries, 2^sid-length – 1]. Dynamic micro-SID values range in [1024*global-sid-entries + max-entries, 2^sid-length – 1].
The no form of this command removes the function behavior and value from the configuration.
Parameters
- function-value
-
Specifies the SRv6 micro-segment uDT46 function value.
Platforms
7450 ESS, 7750 SR, 7750 SR-s, 7950 XRS, VSR
udt6
udt6
Syntax
udt6 [function-value]
no udt6
Context
[Tree] (config>router>segment-routing>srv6>inst>ms-loc>func udt6)
Full Context
configure router segment-routing segment-routing-v6 base-routing-instance micro-segment-locator function udt6
Description
This command configures the SRv6 micro-segment uDT6 behavior and function value associated with the base routing instance. This implies that decapsulation and table lookup for IPv4 prefixes occurs in the base routing table. These prefixes can be static routes or routes advertised in BGP.
The range of allowed configurables values is [1, max-entries]. This draws the Nth value (where N = function-value) of the local micro-SID range [1024*global-sid-entries, 2^sid-length – 1] to form a uDT6 micro-SID. Static micro-SID values range in [1024*global-sid-entries, 1024*global-sid-entries + max-entries – 1].
When unconfigured, the system draws a function value (N) from the following range [max-entries + 1, 2^sid-length – 1024*global-sid-entries] and the effective micro-SID value is the Nth value of the local micro-SID range [1024*global-sid-entries, 2^sid-length – 1]. Dynamic micro-SID values range in [1024*global-sid-entries + max-entries, 2^sid-length – 1].
The no form of this command removes the function behavior and value from the configuration.
Parameters
- function-value
-
Specifies the SRv6 micro-segment uDT6 function value.
Platforms
7450 ESS, 7750 SR, 7750 SR-s, 7950 XRS, VSR
udt6
Syntax
udt6 [function-value]
no udt6
Context
[Tree] (config>service>vprn>srv6>ms-locator>function udt6)
Full Context
configure service vprn segment-routing-v6 micro-segment-locator function udt6
Description
This command configures the SRv6 uDT6 behavior and function value that is associated with the SRv6 instance in the service. This implies that decapsulation and table lookup for IPv6 prefixes occurs in the VPRN.
The range of allowed configurables values is [1, max-entries]. This draws the Nth value (where N = function-value) of the local micro SID range [1024*global-sid-entries, 2^sid-length – 1] to form a uDT6 micro-SID. Static micro-SID values range in [1024*global-sid-entries, 1024*global-sid-entries + max-entries – 1].
If no value is configured, the system draws a function value (N) from the following range [max-entries + 1, 2^sid-length – 1024*global-sid-entries] and the effective micro-SID value is the Nth value of the local micro-SID range [1024*global-sid-entries, 2^sid-length – 1]. Dynamic micro-SID values range in [1024*global-sid-entries + max-entries, 2^sid-length – 1].
The no form of this command removes the function behavior and value from the configuration.
Parameters
- function-value
-
Specifies the SRv6 micro-segment uDT6 function value.
Platforms
7450 ESS, 7750 SR, 7750 SR-s, 7950 XRS, VSR
udx2
udx2
Syntax
udx2 [function-value]
no udx2
Context
[Tree] (config>service>epipe>srv6>ms-locator>function udx2)
Full Context
configure service epipe segment-routing-v6 micro-segment-locator function udx2
Description
This command configures the SRv6 micro-segment uDX2 behavior and function value that is associated with the SRv6 instance in the service. This means that decapsulation and cross-connect to the egress SAP occurs in the Epipe service.
The range of allowed configurables values is [1, max-entries]. This draws the Nth value (where N = function-value) of the local micro-SID range [1024*global-sid-entries, 2^sid-length – 1] to form a uDX2 micro-SID. Static micro-SID values range in [1024*global-sid-entries, 1024*global-sid-entries + max-entries – 1].
If no value is configured, the system draws a function value (N) from the following range [max-entries + 1, 2^sid-length – 1024*global-sid-entries] and the effective micro-SID value is the Nth value of the local micro-SID range [1024*global-sid-entries, 2^sid-length – 1]. Dynamic micro-SID values range in [1024*global-sid-entries + max-entries, 2^sid-length – 1].
The no form of this command removes the function behavior and value from the configuration.
Parameters
- function-value
-
Specifies the SRv6 micro-segment uDX2 function value.
Platforms
7450 ESS, 7750 SR, 7750 SR-s, 7950 XRS, VSR
ue
ue
Syntax
ue ieee-address [profile trace-profile-name]
no ue ieee-address
Context
[Tree] (debug>call-trace>wlan-gw ue)
Full Context
debug call-trace wlan-gw ue
Description
This command starts tracing the UE with the specified MAC address. The trace is started with default parameters or optionally parameters specified in the trace-profile.
The no form of this command stops the trace and make sure no new traces are started.
Parameters
- ieee-address
-
Displays information about the MAC address of this UE.
- trace-profile-name
-
Specifies the name of a configured trace profile.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
ue-creation-type
ue-creation-type
Syntax
[no] ue-creation-type
Context
[Tree] (config>aaa>isa-radius-plcy>acct-include-attributes ue-creation-type)
Full Context
configure aaa isa-radius-policy acct-include-attributes ue-creation-type
Description
This command enables including the Alc-Wlan-Ue-Creation-Type.
Default
no ue-creation-type
Platforms
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
ue-query
ue-query
Syntax
ue-query query-id [name name] [create]
no ue-query query-id
Context
[Tree] (config>subscr-mgmt>wlan-gw ue-query)
Full Context
configure subscriber-mgmt wlan-gw ue-query
Description
This command creates a UE query where filter criteria over WLAN-GW ISA UEs are defined. This query can later be used to retrieve state of the UEs matching the configured criteria.
The no form of this command removes the query.
Parameters
- query-id
-
Specifies the ID assigned to a query.
- name
-
Specifies the name assigned to a query, up to 32 characters.
- create
-
Creates a UE query.
Platforms
7750 SR, 7750 SR-e, 7750 SR-s, VSR
ue-state
ue-state
Syntax
[no] ue-state
Context
[Tree] (config>subscr-mgmt>wlan-gw>tunnel-query ue-state)
Full Context
configure subscriber-mgmt wlan-gw tunnel-query ue-state
Description
This command enables matching on a specific UE state. Multiple states can be provisioned. If no UE state specifier is configured, UE state matching is disabled (all UEs match).
This match criteria can be combined with minimum and maximum match criteria, which will then apply only to UEs of the specified state.
Platforms
7750 SR, 7750 SR-e, 7750 SR-s, VSR
uli
uli
Syntax
[no] uli
Context
[Tree] (config>subscr-mgmt>auth-plcy>include-radius-attribute uli)
Full Context
configure subscriber-mgmt authentication-policy include-radius-attribute uli
Description
This command enables the inclusion of the User Location Information in AAA protocols as signaled in the incoming GTP setup message.
The no form of this command disables the inclusion of the attribute.
Platforms
7750 SR, 7750 SR-e, 7750 SR-s, VSR
uli
Syntax
[no] uli
Context
[Tree] (config>subscr-mgmt>acct-plcy>include-radius-attribute uli)
Full Context
configure subscriber-mgmt radius-accounting-policy include-radius-attribute uli
Description
This command, in case of ESM over GTP access, includes the ULI VSA in accounting. This VSA contains the last VSA as received via GTP. Use the configure subscriber-mgmt radius-accounting-policy triggered-updates gtp-change uli-change command to trigger an interim accounting update whenever ULI changes.
The no form of this command disables inclusion of the ULI VSA.
Default
no uli
Platforms
7750 SR, 7750 SR-e, 7750 SR-s, VSR
uli-change
uli-change
Syntax
[no] uli-change
Context
[Tree] (config>subscr-mgmt>acct-plcy>triggered-updates>gc uli-change)
Full Context
configure subscriber-mgmt radius-accounting-policy triggered-updates gtp-change uli-change
Description
This command configures the router to send an interim accounting update when a user location change is detected.
The no form of the command configures the router not to send an interim accounting update when a user location change is detected.
Default
no uli-change
Platforms
7750 SR, 7750 SR-e, 7750 SR-s, VSR
umh-pe
umh-pe
Syntax
umh-pe ip-address standby ip-address
no umh-pe ip-address
Context
[Tree] (config>service>vprn>mvpn>umh-pe-backup umh-pe)
Full Context
configure service vprn mvpn umh-pe-backup umh-pe
Description
This command assigns a standby PE to each primary PE that must be selected as an alternative PE in case the UFD session on tunnel from primary PE is detected down. Standby for a PE cannot be modified without shutting down the MVPN instance.
If a primary PE is not assigned a standby PE then the UMH selection would fall back to the default method.
Platforms
All
umh-pe-backup
umh-pe-backup
Syntax
umh-pe-backup
Context
[Tree] (config>service>vprn>mvpn umh-pe-backup)
Full Context
configure service vprn mvpn umh-pe-backup
Description
This command enables context to configure primary and standby upstream PE association for the MVPN.
Platforms
All
umh-rate-monitoring
umh-rate-monitoring
Syntax
umh-rate-monitoring
Context
[Tree] (config>service>vprn>mvpn>pt>selective umh-rate-monitoring)
[Tree] (config>service>vprn>mvpn>pt>inclusive umh-rate-monitoring)
Full Context
configure service vprn mvpn provider-tunnel selective umh-rate-monitoring
configure service vprn mvpn provider-tunnel inclusive umh-rate-monitoring
Description
Commands in this context configure bandwidth monitoring for UMH redundancy.
Platforms
All
umh-selection
umh-selection
Syntax
umh-selection {highest-ip | hash-based | tunnel-status | unicast-rt-pref}
no umh-selection
Context
[Tree] (config>service>vprn>mvpn umh-selection)
Full Context
configure service vprn mvpn umh-selection
Description
This command specifies which UMH selection mechanism to use, highest IP address, hash based or provider tunnel status.
The no form of this command resets it back to default.
Default
umh-selection highest-ip
Parameters
- highest-ip
-
Specifies that the highest next-hop IP address is selected as UMH. The RTM may have just one next-hop to the source, but highest-ip uses all of the next-hops available to BGP that appear in the BGP database.
- hash-based
-
Specifies that the UMH selection is based on hash-based procedures set out in RFC6513, section 5.1.3. The RTM may have just one next-hop to the source, but hash-based uses all of the next-hops available to BGP that appear in the BGP database.
- tunnel-status
-
Specifies that UMH selection is based on the state of the tunnel as well as the available unicast routes through the tunnel. Not supported for IPv6.
- unicast-rt-pref
-
When selected, best unicast route will decide which UMH is chosen. All PE routers shall prefer the same route to the UMH for the UMH selection criterion (for example BGP path selection criteria must not influence one PE to choose different UMH from another PE).
Platforms
All
un
un
Syntax
un
Context
[Tree] (conf>router>segment-routing>srv6>micro-segment-locator un)
Full Context
configure router segment-routing segment-routing-v6 micro-segment-locator un
Description
Commands in this context configure parameters associated with the uN function.
Platforms
7450 ESS, 7750 SR, 7750 SR-s, 7950 XRS, VSR
unavailability-event
unavailability-event
Syntax
unavailability-event {forward | backward | aggregate} threshold raise-threshold [clear clear-threshold]
no unavailability-event {forward | backward | aggregate}
Context
[Tree] (config>oam-pm>session>ethernet>lmm>loss-events unavailability-event)
[Tree] (config>oam-pm>session>ip>twamp-light>loss-events unavailability-event)
[Tree] (config>oam-pm>session>ethernet>slm>loss-events unavailability-event)
Full Context
configure oam-pm session ethernet lmm loss-events unavailability-event
configure oam-pm session ip twamp-light loss-events unavailability-event
configure oam-pm session ethernet slm loss-events unavailability-event
Description
This command sets the threshold to be applied to the overall count of the unavailability indicators, not transitions, per configured direction. This value is compared to the 32 bit unavailability counter specific to the direction which tracks the number of individual delta-ts that have been recorded as unavailable. The aggregate is a function of summing forward and backward. This value is only used as a threshold mechanism and is not part of the stored statistics. If the optional clear clear-threshold parameter is not specified, the traffic crossing alarm is stateless. Stateless means the state is not carried forward to other measurement intervals. Each measurement interval is analyzed independently and regardless of any previous window. Each unique event can only be raised once within measurement interval. If the optional clear clear-threshold parameter is specified, the traffic crossing alarm uses stateful behavior. Stateful means each unique previous event state is carried forward to following measurement intervals. If a threshold crossing event is raised another is raised until a measurement interval completes and the clear threshold has not been exceeded. A clear event is raised under that condition.
The no form of this command removes the event threshold for frame loss ratio. The direction must be included with the no command.
Default
no unavailability-event forward
no unavailability-event backward
no unavailability-event aggregate
Parameters
- forward
-
Specifies the threshold is applied to the forward direction count.
- backward
-
Specifies the threshold is applied to the backward direction count.
- aggregate
-
Specifies the threshold is applied to the aggregate count (sum of forward and backward).
- raise-threshold
-
Specifies a numerical value compared to the unavailability counter that is the rising threshold that determines when the event is to be generated, when value reached.
- clear-threshold
-
Specifies an optional value used for stateful behavior that allows the operator to configure a percentage of loss value lower than the rising percentage to indicate when the clear event should be generated.
Platforms
All
- configure oam-pm session ethernet slm loss-events unavailability-event
- configure oam-pm session ethernet lmm loss-events unavailability-event
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, 7950 XRS
- configure oam-pm session ip twamp-light loss-events unavailability-event
uncoloured-octets-offered-count
uncoloured-octets-offered-count
Syntax
[no] uncoloured-packets-offered-count
Context
[Tree] (config>subscr-mgmt>acct-plcy>cr>ref-queue>i-counters uncoloured-octets-offered-count)
[Tree] (config>subscr-mgmt>acct-plcy>cr>queue>i-counters uncoloured-octets-offered-count)
Full Context
configure subscriber-mgmt radius-accounting-policy custom-record ref-queue i-counters uncoloured-octets-offered-count
configure subscriber-mgmt radius-accounting-policy custom-record queue i-counters uncoloured-octets-offered-count
Description
This command includes the uncoloured octets offered in the count.
The no form of this command excludes the uncoloured octets offered in the count.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
uncoloured-octets-offered-count
Syntax
[no] uncoloured-octets-offered-count
Context
[Tree] (config>log>acct-policy>cr>ref-policer>e-counters uncoloured-octets-offered-count)
[Tree] (config>log>acct-policy>cr>policer>e-counters uncoloured-octets-offered-count)
Full Context
configure log accounting-policy custom-record ref-policer e-counters uncoloured-octets-offered-count
configure log accounting-policy custom-record policer e-counters uncoloured-octets-offered-count
Description
This command includes the uncoloured octets offered count.
The no form of this command excludes the uncoloured octets offered count.
Default
no uncoloured-octets-offered-count
Platforms
All
uncoloured-octets-offered-count
Syntax
[no] uncoloured-packets-offered-count
Context
[Tree] (config>log>acct-policy>cr>ref-queue>i-counters uncoloured-octets-offered-count)
[Tree] (config>log>acct-policy>cr>policer>i-counters uncoloured-octets-offered-count)
[Tree] (config>log>acct-policy>cr>queue>i-counters uncoloured-octets-offered-count)
[Tree] (config>log>acct-policy>cr>ref-policer>i-counters uncoloured-octets-offered-count)
Full Context
configure log accounting-policy custom-record ref-queue i-counters uncoloured-octets-offered-count
configure log accounting-policy custom-record policer i-counters uncoloured-octets-offered-count
configure log accounting-policy custom-record queue i-counters uncoloured-octets-offered-count
configure log accounting-policy custom-record ref-policer i-counters uncoloured-octets-offered-count
Description
This command includes the uncoloured octets offered in the count.
The no form of this command excludes the uncoloured octets offered in the count.
Default
no uncoloured-octets-offered-count
Platforms
All
uncoloured-packets-offered-count
uncoloured-packets-offered-count
Syntax
[no] uncoloured-packets-offered-count
Context
[Tree] (config>subscr-mgmt>acct-plcy>cr>ref-queue>i-counters uncoloured-packets-offered-count)
[Tree] (config>subscr-mgmt>acct-plcy>cr>queue>i-counters uncoloured-packets-offered-count)
Full Context
configure subscriber-mgmt radius-accounting-policy custom-record ref-queue i-counters uncoloured-packets-offered-count
configure subscriber-mgmt radius-accounting-policy custom-record queue i-counters uncoloured-packets-offered-count
Description
This command includes the uncoloured packets offered count.
The no form of this command excludes the uncoloured packets offered count.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
uncoloured-packets-offered-count
Syntax
[no] uncoloured-packets-offered-count
Context
[Tree] (config>log>acct-policy>cr>ref-policer>e-counters uncoloured-packets-offered-count)
[Tree] (config>log>acct-policy>cr>policer>e-counters uncoloured-packets-offered-count)
Full Context
configure log accounting-policy custom-record ref-policer e-counters uncoloured-packets-offered-count
configure log accounting-policy custom-record policer e-counters uncoloured-packets-offered-count
Description
This command includes the uncoloured packets offered count.
The no form of this command excludes the uncoloured packets offered count.
Default
no uncoloured-packets-offered-count
Platforms
All
uncoloured-packets-offered-count
Syntax
[no] uncoloured-packets-offered-count
Context
[Tree] (config>log>acct-policy>cr>queue>i-counters uncoloured-packets-offered-count)
[Tree] (config>log>acct-policy>cr>policer>i-counters uncoloured-packets-offered-count)
[Tree] (config>log>acct-policy>cr>ref-queue>i-counters uncoloured-packets-offered-count)
[Tree] (config>log>acct-policy>cr>ref-policer>i-counters uncoloured-packets-offered-count)
Full Context
configure log accounting-policy custom-record queue i-counters uncoloured-packets-offered-count
configure log accounting-policy custom-record policer i-counters uncoloured-packets-offered-count
configure log accounting-policy custom-record ref-queue i-counters uncoloured-packets-offered-count
configure log accounting-policy custom-record ref-policer i-counters uncoloured-packets-offered-count
Description
This command includes the uncolored packets offered count.
The no form of this command excludes the uncoloured packets offered count.
Default
no uncoloured-packets-offered-count
Platforms
All
uncommitted-changes-indicator
uncommitted-changes-indicator
Syntax
[no] uncommitted-changes-indicator
Context
[Tree] (config>system>management-interface>cli>md-cli>environment>prompt uncommitted-changes-indicator)
Full Context
configure system management-interface cli md-cli environment prompt uncommitted-changes-indicator
Description
This command displays the change indicator.
The no form of this command suppresses the change indicator.
Default
uncommitted-changes-indicator
Platforms
All
unconstrained-bw
unconstrained-bw
Syntax
unconstrained-bw bandwidth mandatory-bw mandatory-bw
no unconstrained-bw
Context
[Tree] (config>subscr-mgmt>sub-mcac-plcy unconstrained-bw)
[Tree] (config>subscr-mgmt>msap-policy>vpls-only>igmp-snp>mcac unconstrained-bw)
Full Context
configure subscriber-mgmt sub-mcac-policy unconstrained-bw
configure subscriber-mgmt msap-policy vpls-only-sap-parameters igmp-snooping mcac unconstrained-bw
Description
This command configures the bandwidth for the interface or subscriber's multicast CAC policy traffic. When disabled (no unconstrained-bw), there is no checking of bandwidth constraints on the interface or subscriber level. When enabled and a policy is defined, enforcement is performed. The allocated bandwidth for optional channels should not exceed the unconstrained-bw minus the mandatory-bw and the mandatory channels have to stay below the specified value for the mandatory-bw. After this interface and subscriber check, the bundle checks are performed.
The no form of this command reverts to the default.
Parameters
- bandwidth
-
Specifies bandwidth assigned for interface's MCAC policy traffic, in kilobits per second (kb/s).
- mandatory-bw
-
Specifies the bandwidth pre-reserved for all the mandatory channels on a given interface in kilobits per second (kb/s).
If the bandwidth value is 0, no mandatory channels are allowed. If the value of bandwidth is '-1', then all mandatory and optional channels are allowed.
If the value of mandatory-bw is equal to the value of bandwidth, then all the unconstrained bandwidth on a given interface is allocated to mandatory channels configured through multicast CAC policy on that interface and no optional groups (channels) are allowed.
The value of mandatory-bw should always be less than or equal to that of bandwidth, An attempt to set the value of mandatory-bw greater than that of bandwidth, will result in inconsistent value error.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s
- configure subscriber-mgmt sub-mcac-policy unconstrained-bw
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
- configure subscriber-mgmt msap-policy vpls-only-sap-parameters igmp-snooping mcac unconstrained-bw
unconstrained-bw
Syntax
unconstrained-bw bandwidth mandatory-bw mandatory-bw
no unconstrained-bw
Context
[Tree] (config>service>vpls>sap>mld-snooping>mcac unconstrained-bw)
[Tree] (config>service>vpls>mesh-sdp>mld-snooping>mcac unconstrained-bw)
[Tree] (config>service>vpls>spoke-sdp>igmp-snooping>mcac unconstrained-bw)
[Tree] (config>service>vpls>spoke-sdp>mld-snooping>mcac unconstrained-bw)
[Tree] (config>service>vpls>mesh-sdp>igmp-snooping>mcac unconstrained-bw)
[Tree] (config>service>vpls>sap>igmp-snooping>mcac unconstrained-bw)
Full Context
configure service vpls sap mld-snooping mcac unconstrained-bw
configure service vpls mesh-sdp mld-snooping mcac unconstrained-bw
configure service vpls spoke-sdp igmp-snooping mcac unconstrained-bw
configure service vpls spoke-sdp mld-snooping mcac unconstrained-bw
configure service vpls mesh-sdp igmp-snooping mcac unconstrained-bw
configure service vpls sap igmp-snooping mcac unconstrained-bw
Description
This command configures the bandwidth for the interface's multicast CAC policy traffic. When disabled (no unconstrained-bw) there will be no checking of bandwidth constraints on the interface level. When enabled and a policy is defined, enforcement is performed. The allocated bandwidth for optional channels should not exceed the unconstrained-bw minus the mandatory-bw and the mandatory channels have to stay below the specified value for the mandatory-bw. After this interface check, the bundle checks are performed.
Parameters
- bandwidth
-
The bandwidth assigned for interface's MCAC policy traffic, in kilobits per second (kb/s)
- mandatory-bw mandatory-bw
-
Specifies the bandwidth pre-reserved for all the mandatory channels on a specified interface in kilobits per second (kb/s)
If the bandwidth value is 0, no mandatory channels are allowed. If bandwidth is not configured, then all mandatory and optional channels are allowed.
If the value of mandatory-bw is equal to the value of bandwidth, then all the unconstrained bandwidth on a specified interface is allocated to mandatory channels configured through multicast CAC policy on that interface and no optional groups (channels) are allowed.
The value of mandatory-bw should always be less than or equal to that of bandwidth, An attempt to set the value of mandatory-bw greater than that of bandwidth, will result in inconsistent value error.
Platforms
All
unconstrained-bw
Syntax
unconstrained-bw bandwidth mandatory-bw mandatory-bw
no unconstrained-bw
Context
[Tree] (config>service>vprn>mld>if>mcac unconstrained-bw)
[Tree] (config>service>vprn>igmp>if>mcac unconstrained-bw)
[Tree] (config>service>vprn>pim>if>mcac unconstrained-bw)
[Tree] (config>service>vprn>igmp>grp-if>mcac unconstrained-bw)
[Tree] (config>service>vprn>mld>grp-if>mcac unconstrained-bw)
Full Context
configure service vprn mld interface mcac unconstrained-bw
configure service vprn igmp interface mcac unconstrained-bw
configure service vprn pim interface mcac unconstrained-bw
configure service vprn igmp group-interface mcac unconstrained-bw
configure service vprn mld group-interface mcac unconstrained-bw
Description
This command configures the bandwidth for the interface's multicast CAC policy traffic. When disabled (no unconstrained-bw) there will be no checking of bandwidth constraints on the interface level. When enabled and a policy is defined, enforcement is performed. The allocated bandwidth for optional channels should not exceed the unconstrained-bw minus the mandatory-bw and the mandatory channels have to stay below the specified value for the mandatory-bw. After this interface check, the bundle checks are performed.
Parameters
- bandwidth
-
The bandwidth assigned for the interface’s MCAC policy traffic in kb/s.
- mandatory-bw mandatory-bw
-
Specifies the bandwidth pre-reserved for all the mandatory channels on a given interface, in kb/s.
If the bandwidth value is 0, no mandatory channels are allowed. If bandwidth is not configured, then all mandatory and optional channels are allowed.
If the value of mandatory-bw is equal to the value of bandwidth, then all the unconstrained bandwidth on a given interface is allocated to mandatory channels configured through multicast CAC policy on that interface and no optional groups (channels) are allowed.
The value of mandatory-bw should always be less than or equal to that of bandwidth, An attempt to set the value of mandatory-bw greater than that of bandwidth, will result in inconsistent value error.
Platforms
All
- configure service vprn pim interface mcac unconstrained-bw
- configure service vprn mld interface mcac unconstrained-bw
- configure service vprn igmp interface mcac unconstrained-bw
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
- configure service vprn mld group-interface mcac unconstrained-bw
- configure service vprn igmp group-interface mcac unconstrained-bw
unconstrained-bw
Syntax
unconstrained-bw bandwidth mandatory-bw mandatory-bw
no unconstrained-bw
Context
[Tree] (config>router>mcac>if-policy unconstrained-bw)
[Tree] (config>router>igmp>interface>mcac unconstrained-bw)
[Tree] (config>router>pim>interface>mcac unconstrained-bw)
[Tree] (config>router>mld>interface>mcac unconstrained-bw)
[Tree] (config>router>mld>grp-if>mcac unconstrained-bw)
[Tree] (config>router>igmp>grp-if>mcac unconstrained-bw)
Full Context
configure router mcac if-policy unconstrained-bw
configure router igmp interface mcac unconstrained-bw
configure router pim interface mcac unconstrained-bw
configure router mld interface mcac unconstrained-bw
configure router mld group-interface mcac unconstrained-bw
configure router igmp group-interface mcac unconstrained-bw
Description
This command enables MCAC (or HMCAC) function on the corresponding level (subscriber, group-interface or redirected interface). When MCAC (or HMCAC) is enabled and a channel definition policy is referenced, admission control is performed. The allocated bandwidth for optional channels should not exceed the unconstrained-bw minus the mandatory-bw. The mandatory channels have to stay below the specified value for the mandatory-bw.
In HMCAC, the subscriber is checked first against its bandwidth limits followed by the check on the redirected interface or the group-interface against the bandwidth limits defined there.
In case that redirection is enabled and HMCAC enabled, the channel definition policy must be referenced under the redirected interface level. If it is referenced under the group-interface level, it will be ignored.
Subscriber MCAC (only subscriber is checked for available resources) is supported only with direct subscriber replication (no redirection). In this case the channel definition policy must be referenced under the group-interface.
If the redirection is enabled but the policy is referenced only under the group-interface, no admission control is executed (HMCAC or MCAC).
The no form of this command removes the values from the configuration.
Default
no unconstrained-bw
Parameters
- bandwidth
-
Specifies the unconstrained bandwidth in kb/s for the MCAC policy.
- mandatory-bw
-
Specifies the mandatory bandwidth in kb/s for the MCAC policy.
Platforms
All
- configure router mld interface mcac unconstrained-bw
- configure router mcac if-policy unconstrained-bw
- configure router igmp interface mcac unconstrained-bw
- configure router pim interface mcac unconstrained-bw
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
- configure router mld group-interface mcac unconstrained-bw
- configure router igmp group-interface mcac unconstrained-bw
unconsumed-agg-rate
unconsumed-agg-rate
Syntax
unconsumed-agg-rate percent percent-of-unconsumed-agg-rate
no unconsumed-agg-rate
Context
[Tree] (config>qos>adv-config-policy>child-control>bandwidth-distribution>above-offered-allowance unconsumed-agg-rate)
Full Context
configure qos adv-config-policy child-control bandwidth-distribution above-offered-allowance unconsumed-agg-rate
Description
This command configures the percentage of the unconsumed aggregate rate that can be given to a queue at the end of an H-QoS below CIR pass and above CIR pass. This command is only applicable when the port scheduler is configured to use the above-offered-allowance-control algorithm, otherwise it is ignored.
The no form of this command reverts the unconsumed-agg-rate percent to its default value.
Default
unconsumed-agg-rate 100.00
Parameters
- percent-of-unconsumed-agg-rate
-
Specifies the percentage of the unconsumed aggregate rate that can be given to a queue.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, 7950 XRS
unconsumed-higher-tier-rate
unconsumed-higher-tier-rate
Syntax
unconsumed-higher-tier-rate percent percent-of-unconsumed-higher-tier-rate
no unconsumed-higher-tier-rate
Context
[Tree] (config>qos>adv-config-policy>child-control>bandwidth-distribution>above-offered-allowance unconsumed-higher-tier-rate)
Full Context
configure qos adv-config-policy child-control bandwidth-distribution above-offered-allowance unconsumed-higher-tier-rate
Description
This command configures the percentage of the unconsumed higher tier rate that can be given to a queue at the end of an H-QoS below CIR pass and above CIR pass. Higher tier refers to the Vport aggregate rate and port scheduler level, group, and maximum rates.
This command is only applicable when the port scheduler is configured to use the above-offered-allowance-control algorithm, otherwise it is ignored.
The no form of this command reverts the unconsumed-higher-tier-rate percent to its default value.
Default
unconsumed-higher-tier-rate 100.00
Parameters
- percent-of-unconsumed-higher-tier-rate
-
Specifies the percentage of the unconsumed higher tier rate that can be given to a queue.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, 7950 XRS
underflow-limit
underflow-limit
Syntax
underflow-limit number threshold percent [bw bandwidth-in-mbps]
no underflow-limit
Context
[Tree] (config>router>mpls>lsp-template>auto-bandwidth underflow-limit)
[Tree] (config>router>mpls>lsp>auto-bandwidth underflow-limit)
Full Context
configure router mpls lsp-template auto-bandwidth underflow-limit
configure router mpls lsp auto-bandwidth underflow-limit
Description
This command configures underflow-triggered auto-bandwidth adjustment. An underflow auto-bandwidth adjustment can occur any time during the adjust-interval; it is triggered when the number of consecutive underflow samples reaches the threshold N configured as part of this command. The new bandwidth of the LSP after a successful underflow adjustment is the maximum data rate observed in the last N consecutive underflow samples.
A sample interval is counted as an underflow if the average data rate during the sample interval is lower than the currently reserved bandwidth by at least the thresholds configured as part of this command.
The no form of this command disables underflow-triggered automatic bandwidth adjustment.
Default
no underflow-limit
Parameters
- number
-
Specifies the number of consecutive underflow samples that triggers an underflow auto-bandwidth adjustment attempt.
- percent
-
Specifies the minimum difference between the current bandwidth of the LSP and the sampled data rate, expressed as a percentage of the current bandwidth, for counting an underflow sample.
- bandwidth-in-mbps
-
Specifies the minimum difference between the current bandwidth of the LSP and the sampled data rate, expressed as an absolute bandwidth (Mb/s) relative to the current bandwidth, for counting an underflow sample.
Platforms
All
undet-availability-event
undet-availability-event
Syntax
undet-availability-event {forward | backward | aggregate} threshold raise-threshold [clear clear-threshold]
no undet-availability-event {forward | backward | aggregate}
Context
[Tree] (config>oam-pm>session>ip>twamp-light>loss-events undet-availability-event)
[Tree] (config>oam-pm>session>ethernet>slm>loss-events undet-availability-event)
[Tree] (config>oam-pm>session>ethernet>lmm>loss-events undet-availability-event)
Full Context
configure oam-pm session ip twamp-light loss-events undet-availability-event
configure oam-pm session ethernet slm loss-events undet-availability-event
configure oam-pm session ethernet lmm loss-events undet-availability-event
Description
This command sets the threshold to be applied to the overall count of the undetermined availability indicators, not transitions, per configured direction. This value is compared to the 32 bit unavailability counter specific to the direction which tracks the number of individual delta-ts that have been recorded as undetermined available. The aggregate is a function of summing forward and backward. This value is only used as a threshold mechanism and is not part of the stored statistics. If the optional clear clear-threshold parameter is not specified, the traffic crossing alarm is stateless. Stateless means the state is not carried forward to other measurement intervals. Each measurement interval is analyzed independently and regardless of any previous window. Each unique event can only be raised once within measurement interval. If the optional clear clear-threshold parameter is specified, the traffic crossing alarm uses stateful behavior. Stateful means each unique previous event state is carried forward to following measurement intervals. If a threshold crossing event is raised another is raised until a measurement interval completes and the clear threshold has not been exceeded. A clear event is raised under that condition.
The no form of this command removes the event threshold for frame loss ratio. The direction must be included with the no command.
Default
no undet-availability-event forward
no undet-availability-event backward
no undet-availability-event aggregate
Parameters
- forward
-
Specifies the threshold is applied to the forward direction count.
- backward
-
Specifies the threshold is applied to the backward direction count.
- aggregate
-
Specifies the threshold is applied to the aggregate count (sum of forward and backward).
- raise-threshold
-
Specifies the rising threshold that determines when the event is to be generated, when value reached.
- clear-threshold
-
Specifies an optional value used for stateful behavior that allows the operator to configure a percentage of loss value lower than the rising percentage to indicate when the clear event should be generated.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, 7950 XRS
- configure oam-pm session ip twamp-light loss-events undet-availability-event
All
- configure oam-pm session ethernet slm loss-events undet-availability-event
- configure oam-pm session ethernet lmm loss-events undet-availability-event
undet-unavailability-event
undet-unavailability-event
Syntax
undet-unavailability-event {forward | backward | aggregate} threshold raise-threshold [clear clear-threshold]
no undet-unavailability-event {forward | backward | aggregate}
Context
[Tree] (config>oam-pm>session>ethernet>slm>loss-events undet-unavailability-event)
[Tree] (config>oam-pm>session>ip>twamp-light>loss-events undet-unavailability-event)
[Tree] (config>oam-pm>session>ethernet>lmm>loss-events undet-unavailability-event)
Full Context
configure oam-pm session ethernet slm loss-events undet-unavailability-event
configure oam-pm session ip twamp-light loss-events undet-unavailability-event
configure oam-pm session ethernet lmm loss-events undet-unavailability-event
Description
This command sets the threshold to be applied to the overall count of the undetermined unavailability indicators, not transitions, per configured direction. This value is compared to the 32 bit unavailability counter specific to the direction which tracks the number of individual delta-ts that have been recorded as undetermined unavailable. The aggregate is a function of summing forward and backward. This value is only used as a threshold mechanism and is not part of the stored statistics. If the clear clear-threshold parameter is not specified the traffic crossing alarm is stateless. Stateless means the state is not carried forward to other measurement intervals. Each measurement interval is analyzed independently and without regard to any previous window. Each unique event can only be raised once within measurement interval. If the optional clear threshold is specified the traffic crossing alarm uses stateful behavior. Stateful means each unique previous event state is carried forward to following measurement intervals. If a threshold crossing event is raised another is not raised until a measurement interval completes and the clear threshold has not been exceeded. A clear event is raised under that condition.
The no form of this command removes the event threshold for frame loss ratio. The direction must be included with the no command.
Default
no undet-unavailable-event forward
no undet-unavailable-event backward
no undet-unavailable-event aggregate
Parameters
- forward
-
Specifies the threshold is applied to the forward direction count.
- backward
-
Specifies the threshold is applied to the backward direction count.
- aggregate
-
Specifies the threshold is applied to the aggregate count (sum of forward and backward).
- raise-threshold
-
Specifies the rising threshold that determines when the event is to be generated, when value reached.
- clear-threshold
-
Specifies an optional value used for stateful behavior that allows the operator to configure a percentage of loss value lower than the rising percentage to indicate when the clear event should be generated.
Platforms
All
- configure oam-pm session ethernet lmm loss-events undet-unavailability-event
- configure oam-pm session ethernet slm loss-events undet-unavailability-event
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, 7950 XRS
- configure oam-pm session ip twamp-light loss-events undet-unavailability-event
undo
undo
Syntax
undo [count]
Context
[Tree] (candidate undo)
Full Context
candidate undo
Description
This command removes the most recent change(s) done to the candidate. The changes can be reapplied using the redo command. All undo or redo history is lost when the operator exits the edit-cfg mode. Undo can not be used to recover a candidate that has been discarded with candidate discard.
An undo command is blocked if another user has made changes in the same CLI branches that would be impacted during the undo.
Parameters
- count
-
Specifies the number of previous changes to remove.
Platforms
All
uni
uni
Syntax
uni
Context
[Tree] (config>system>security>keychain>direction uni)
Full Context
configure system security keychain direction uni
Description
This command configures keys for send or receive stream directions.
Platforms
All
unicast-address
unicast-address
Syntax
[no] unicast-address ip-address
Context
[Tree] (config>service>vprn>rip>group>neighbor unicast-address)
Full Context
configure service vprn rip group neighbor unicast-address
Description
This command configures the unicast IPv4 address, RIP updates messages will be sent to if the RIP send command is set to send unicast.
Multiple unicast-address entries can be configured, in which case unicast messages will be sent to each configured unicast IPv4 address.
The no form of this command deletes the specified IPv4 unicast address from the configuration.
Parameters
- ip-address
-
Specifies the unicast IPv4 address in a.b.c.d format.
Platforms
All
unicast-address
Syntax
[no] unicast-address ipv6-address
Context
[Tree] (config>service>vprn>ripng>group>neighbor unicast-address)
Full Context
configure service vprn ripng group neighbor unicast-address
Description
This command configures the unicast IPv6 address, RIPng updates messages will be sent to if the RIPng send command is set to send unicast.
Multiple unicast-address entries can be configured, in which case unicast messages will be sent to each configured unicast IPv6 address.
The no form of this command deletes the specified IPv6 unicast address from the configuration.
Parameters
- ipv6-address
-
Specifies the unicast IPv6 address.
Platforms
All
unicast-address
Syntax
[no] unicast-address ipv6-address
Context
[Tree] (config>router>ripng>group>neighbor unicast-address)
[Tree] (config>router>rip>group>neighbor unicast-address)
Full Context
configure router ripng group neighbor unicast-address
configure router rip group neighbor unicast-address
Description
This command configures the unicast IPv6 address that RIP and RIPng update messages will be sent to if the send command is set to send unicast.
Multiple unicast-address entries can be configured, in which case unicast messages will be sent to each configured unicast IPv6 address.
The no form of the command deletes the specified IPv6 unicast address from the configuration.
Parameters
- ipv6-address
-
Specifies the IPv6 unicast address to which unicast RIP or RIPng updates should be sent.
Platforms
All
unicast-import-disable
unicast-import-disable
Syntax
[no] unicast-import-disable [ipv4]
[no] unicast-import-disable [ipv6]
[no] unicast-import-disable [both]
Context
[Tree] (config>service>vprn>isis unicast-import-disable)
Full Context
configure service vprn isis unicast-import-disable
Description
This command allows one IGP to import its routes into RPF RTM while another IGP imports routes only into the unicast RTM. Import policies can redistribute routes from an IGP protocol into the RPF RTM (the multicast routing table). By default, the IGP routes will not be imported into RPF RTM as such an import policy must be explicitly configured.
Default
no unicast-import-disable
Parameters
- ipv4
-
Allows importation of IPv4 routes only.
- ipv6
-
Allows importation of IPv6 routes only.
- both
-
Allows importation of both IPv4 and IPv6 routes.
Platforms
All
unicast-import-disable
Syntax
[no] unicast-import-disable
Context
[Tree] (config>service>vprn>ospf unicast-import-disable)
Full Context
configure service vprn ospf unicast-import-disable
Description
This command allows one IGP to import its routes into RPF RTM while another IGP imports routes only into the unicast RTM.
Import policies can redistribute routes from an IGP protocol into the RPF RTM (the multicast routing table). By default, the IGP routes will not be imported into RPF RTM as such an import policy must be explicitly configured
Default
no unicast-import-disable
Platforms
All
unicast-import-disable
Syntax
[no] unicast-import-disable [ipv4]
[no] unicast-import-disable [ipv6]
[no] unicast-import-disable [both]
Context
[Tree] (config>router>isis unicast-import-disable)
Full Context
configure router isis unicast-import-disable
Description
This command allows one IGP to import its routes into RPF RTM while another IGP imports routes only into the unicast RTM.
Import policies can redistribute routes from an IGP protocol into the RPF RTM (the multicast routing table). By default, the IGP routes are not imported into RPF RTM, thus, an import policy must be explicitly configured.
Default
no unicast-import-disable both
Parameters
- ipv4
-
Allows importation of IPv4 routes only.
- ipv6
-
Allows importation of IPv6 routes only.
- both
-
Allows importation of both IPv4 and IPv6 routes.
Platforms
All
unicast-import-disable
Syntax
[no] unicast-import-disable
Context
[Tree] (config>router>ospf3 unicast-import-disable)
[Tree] (config>router>ospf unicast-import-disable)
Full Context
configure router ospf3 unicast-import-disable
configure router ospf unicast-import-disable
Description
This command allows one IGP to import its routes into RPF RTM while another IGP imports routes only into the unicast RTM. Import policies can redistribute routes from an IGP protocol into the RPF RTM (the multicast routing table). By default, the IGP routes are not imported into RPF RTM as such an import policy must be explicitly configured.
Default
no unicast-import-disable
Platforms
All
unicast-rt-test
unicast-rt-test
Syntax
[no] unicast-rt-test
Context
[Tree] (config>filter>redirect-policy>dest unicast-rt-test)
Full Context
configure filter redirect-policy destination unicast-rt-test
Description
This command configures a unicast route test for this destination. A destination is eligible for redirect if a valid unicast route to that destination exists in the routing instance specified by config>filter>redirect-policy>router. The unicast route test is mutually exclusive with other redirect-policy test types.
The test cannot be configured if no router is configured for this redirect policy.
The no form of the command disables the test.
Default
no unicast-rt-test
Platforms
All
unidirectional-measurement
unidirectional-measurement
Syntax
unidirectional-measurement measurement-type
Context
[Tree] (config>test-oam>link-meas>template unidirectional-measurement)
Full Context
configure test-oam link-measurement measurement-template unidirectional-measurement
Description
This command specifies the method used to compute the unidirectional delay value.
Default
unidirectional-measurement derived
Parameters
- measurement-type
-
Specifies the method to compute a unidirectional delay measurement.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, 7950 XRS
unique-sid-per-sap
unique-sid-per-sap
Syntax
unique-sid-per-sap [per-msap]
no unique-sid-per-sap
Context
[Tree] (config>subscr-mgmt>ppp-policy unique-sid-per-sap)
Full Context
configure subscriber-mgmt ppp-policy unique-sid-per-sap
Description
This command assigns a unique session ID to each PPPoE session active on a single SAP.
On a capture SAP, a unique session ID is assigned per capture SAP: multiple sessions that are active on the same or different MSAP have a unique session ID per capture SAP.
With the optional parameter per-msap, a unique session ID is assigned per MSAP:
-
multiple sessions that are active on the same MSAP have a unique session ID per MSAP
-
multiple sessions that are active on different MSAPs are not guaranteed to have a unique session ID
The session ID range is 1 to 8191.
By default, all PPPoE sessions with a different client MAC address and active on a given SAP or MSAP have a session ID of 1 (sid-allocation sequential) or a random value in the range 1 to 8191 (sid-allocation random).
The no form of this command reverts to the default.
Parameters
- per-msap
-
Assigns a unique session ID for PPPoE sessions that are active on the same MSAP. This parameter has no effect on regular SAPs.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
unknown-arp-request-flood-evpn
unknown-arp-request-flood-evpn
Syntax
[no] unknown-arp-request-flood-evpn
Context
[Tree] (config>service>vpls>proxy-arp unknown-arp-request-flood-evpn)
Full Context
configure service vpls proxy-arp unknown-arp-request-flood-evpn
Description
This command controls whether unknown ARP-requests are flooded into the EVPN network. By default, the system floods ARP-requests, including EVPN (with source squelching), if there is no active proxy-arp entry for the requested IP.
The no form of the command will only flood to local SAPs/SDP-bindings and not to EVPN destinations.
Default
unknown-arp-request-flood-evpn
Platforms
All
unknown-mac-route
unknown-mac-route
Syntax
[no] unknown-mac-route
Context
[Tree] (config>service>vpls>bgp-evpn unknown-mac-route)
Full Context
configure service vpls bgp-evpn unknown-mac-route
Description
This command enables the advertisement of the unknown-mac-route in BGP. This will be coded in an EVPN MAC route where the MAC address is zero and the MAC address length 48. By using this unknown-mac-route advertisement, the user may decide to optionally turn off the advertisement of MAC addresses learned from SAPs and SDP-bindings, hence reducing the control plane overhead and the size of the FDB tables in the data center. All the receiving NVEs supporting this concept will send any unknown-unicast packet to the owner of the unknown-mac-route, as opposed to flooding the unknown-unicast traffic to all other nodes part of the same VPLS. Although the 7750 SR, 7450 ESS, or 7950 XRS can be configured to generate and advertise the unknown-mac-route, the router will never honor the unknown-mac-route and will flood to the vpls flood list when an unknown-unicast packet arrives to an ingress SAP/SDP-binding.
Use of the unknown-mac-route is only supported for BGP-EVPN VXLAN.
Default
no unknown-mac-route
Platforms
All
unknown-message-rate
unknown-message-rate
Syntax
unknown-message-rate integer
no unknown-message-rate
Context
[Tree] (config>router>pcep>pcc unknown-message-rate)
[Tree] (config>router>pcep>pce unknown-message-rate)
Full Context
configure router pcep pcc unknown-message-rate
configure router pcep pce unknown-message-rate
Description
This command configures the maximum rate of unknown messages which can be received on a PCEP session.
When the rate of received unrecognized or unknown messages reaches the configured limit, the PCEP speaker closes the session to the peer.
The no form of the command returns the unknown message rate to the default value.
Default
unknown-message-rate 10
Parameters
- integer
-
the rate of unknown messages, in messages per minute
Platforms
All
- configure router pcep pcc unknown-message-rate
VSR-NRC
- configure router pcep pce unknown-message-rate
unknown-ns-flood-evpn
unknown-ns-flood-evpn
Syntax
[no] unknown-ns-flood-evpn
Context
[Tree] (config>service>vpls>proxy-nd unknown-ns-flood-evpn)
Full Context
configure service vpls proxy-nd unknown-ns-flood-evpn
Description
This command controls whether unknown Neighbor Solicitation messages are flooded into the EVPN network. By default, the system floods NS (with source squelching) to SAPs/SDP-bindings including EVPN, if there is no active proxy-nd entry for the requested IPv6.
The no form of the command will only flood to local SAPs/SDP-bindings but not to EVPN destinations.
Default
unknown-ns-flood-evpn
Platforms
All
unknown-policer
unknown-policer
Syntax
unknown-policer policer-id [fp-redirect-group]
no unknown-policer
Context
[Tree] (config>qos>sap-ingress>fc unknown-policer)
Full Context
configure qos sap-ingress fc unknown-policer
Description
Within a sap-ingress QoS policy forwarding class context, the unknown-policer command is used to map packets that match the forwarding class and are considered unknown in nature to the specified policer-id. The specified policer-id must already exist within the sap-ingress QoS policy. While the system is determining the forwarding class of a packet, it is also looking up its forwarding destination based on the ingress service type and the service instance forwarding records. If the service type is VPLS and the destination MAC address is unicast, but the MAC has not been learned and populated within the VPLS services FDB, the packet is classified into the unknown forwarding type.
Unknown forwarding type packets are mapped to either an ingress multipoint queue (using the unknown queue-id or unknown queue-id group ingress-queue-group commands) or an ingress policer (unknown-policer policer-id). The unknown and unknown-policer commands within the forwarding class context are mutually exclusive. By default, the unknown forwarding type is mapped to the SAP ingress default multipoint queue. If the unknown-policer policer-id command is executed, any previous policer mapping or queue mapping for the unknown forwarding type within the forwarding class is overridden if the policer mapping is successful.
A policer defined within the sap-ingress policy is not actually created on an ingress SAP or a subscriber using an sla-profile where the policy is applied until at least one forwarding type (unicast, broadcast, unknown, or multicast) from one of the forwarding classes is mapped to the policer. If insufficient policer resources exist to create the policer for a SAP or subscriber or multiservice site, or ingress policing is not supported on the port associated with the SAP or subscriber or multiservice site, the initial forwarding class forwarding type mapping will fail.
The unknown-policer command is ignored for instances of the policer applied to SAPs or subscribers’ multiservice site where unknown packets are not supported.
When the unknown forwarding type within a forwarding class is mapped to a policer, the unknown packets classified to the subclasses within the forwarding class are also mapped to the policer.
The no form of this command is used to restore the mapping of the unknown forwarding type within the forwarding class to the default multipoint queue. If all forwarding class forwarding types had been removed from the default multipoint queue, the queue will not exist on the SAPs or subscriber or multiservice site associated with the QoS policy and the no broadcast-policer command will cause the system to attempt to create the default multipoint queue on each object. If the system cannot create the queue on each instance, the no unknown-policer command will fail and the unknown forwarding type within the forwarding class will continue its mapping to the existing policer-id. If the no unknown-policer command results in a policer without any current mappings, the policer will be removed from the SAPs and subscribers associated with the QoS policy. All statistics associated with the policer on each SAP and subscriber will be lost.
Parameters
- policer-id
-
When the forwarding class unknown-policer command is executed, a valid policer-id must be specified. The parameter policer-id references a policer-id that has already been created within the sap-ingress QoS policy.
- fp-redirect-group
-
Redirects a forwarding class to a forwarding plane queue-group as specified in a SAP QoS policy.
Platforms
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, 7950 XRS, VSR
unknown-protocol
unknown-protocol
Syntax
unknown-protocol [hrs hours] [min minutes] [sec seconds]
no unknown-protocol
Context
[Tree] (config>service>nat>firewall-policy>timeouts unknown-protocol)
Full Context
configure service nat firewall-policy timeouts unknown-protocol
Description
This command configures the timeout interval for unknown protocol mappings.
The no form of the command reverts the timeout interval to the default of 5 minutes.
Default
unknown-protocol min 5
Parameters
- hours
-
Specifies the number of hours in the unknown protocol mapping timeout interval.
- minutes
-
Specifies the number of minutes in the unknown protocol mapping timeout interval.
- seconds
-
Specifies the number of seconds in the unknown protocol mapping timeout interval.
Platforms
7750 SR, 7750 SR-e, 7750 SR-s, VSR
unknown-protocols
unknown-protocols
Syntax
unknown-protocols
Context
[Tree] (config>service>nat>firewall-policy unknown-protocols)
Full Context
configure service nat firewall-policy unknown-protocols
Description
Commands in this context configure the treatment of flows of unknown Layer 4 protocols, which are protocols that cannot be natively handled by the system.
Platforms
7750 SR, 7750 SR-e, 7750 SR-s, VSR
unknown-queue
unknown-queue
Syntax
unknown-queue queue-id [group queue-group-name]
no unknown-queue
Context
[Tree] (config>qos>sap-ingress>fc unknown-queue)
Full Context
configure qos sap-ingress fc unknown-queue
Description
This command overrides the default unknown unicast forwarding type queue mapping for fc fc-name. The specified queue-id must exist within the policy as a multipoint queue before the mapping can be made. When the forwarding class mapping is executed, all unknown traffic on a SAP using this policy is forwarded using the queue-id.
The unknown forwarding type usually tracks the multicast forwarding type definition. This command overrides that default behavior.
The no form of this command sets the unknown forwarding type queue-id back to the default of tracking the multicast forwarding type queue mapping.
Parameters
- queue-id
-
Specifies an existing multipoint queue defined in the config>qos>sap-ingress context.
- group queue-group-name
-
This optional parameter is used to redirect the forwarding type within the forwarding class to the specified queue-id within the queue-group-name. When the policy is applied, all packets matching the forwarding class and forwarding type will be redirected to the queue within the specified queue group. The queue-group-name are configured in the config>qos>queue-group-templates egress and ingress contexts.
Platforms
All
unknown-queue
Syntax
unknown-queue queue-id
no unknown-queue
Context
[Tree] (config>qos>shared-queue>fc unknown-queue)
Full Context
configure qos shared-queue fc unknown-queue
Description
This command configures the unknown unicast forwarding type queue mapping for fc fc-name. The specified queue-id must exist within the policy as a multipoint queue before the mapping can be made. When the forwarding class mapping is executed, all unknown traffic on a SAP using this policy is forwarded using the queue-id.
The unknown forwarding type usually tracks the multicast forwarding type definition. This command overrides that default behavior.
The no form of this command sets the unknown forwarding type queue-id back to the default of tracking the multicast forwarding type queue mapping.
Parameters
- queue-id
-
The queue-id must be an existing, multipoint queue defined in the config>qos>sap-ingress context policer-output-queues profile. For the 7950 XRS, this is not configurable in the policer-output-queues profile.
Platforms
All
unnumbered
unnumbered
Syntax
unnumbered [ip-int-name | ip-address]
no unnumbered
Context
[Tree] (config>service>ies>sub-if unnumbered)
[Tree] (config>service>vprn>sub-if unnumbered)
Full Context
configure service ies subscriber-interface unnumbered
configure service vprn subscriber-interface unnumbered
Description
This command can be configured only for subscriber interfaces that do not have an IPv4 address explicitly configured and is therefore operationally in a DOWN state. By configuring this command, the subscriber interface borrows the IPv4 address from the referenced interface (directly or indirectly via IP address) that must be operationally UP and located in the same routing instance as the subscriber interface. This allows the subscriber interface to be operationally UP and consequently allow forwarding of the subscriber traffic.
Such interface is referred as unnumbered interface, since it does not have explicitly configured a unique IP address. Subscriber hosts under the unnumbered subscriber interface are installed in the fib as /32 hosts.
Without this command the subscriber interface is operationally DOWN and subscriber-host instantiation is not possible.
This command is mutually exclusive with the allow-unmatched-subnets command under the same CLI hierarchy.
The operation of IPv6 host is not affected by this command.
The no form of this command reverts to the default.
Parameters
- ip-int-name
-
Specifies the interface name from which an IPv4 address is borrowed.
- ip-address
-
Specifies the IP address from an optionally up interface that is used for subscriber interface.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
unnumbered
Syntax
unnumbered [ip-int-name | ip-address]
no unnumbered
Context
[Tree] (config>service>ies>sub-if unnumbered)
[Tree] (config>service>vprn>sub-if unnumbered)
Full Context
configure service ies subscriber-interface unnumbered
configure service vprn subscriber-interface unnumbered
Description
This command can be configured only for subscriber interfaces that do not have an IPv4 address explicitly configured and is therefore operationally in a DOWN state. By configuring this command, the subscriber interface borrows the IPv4 address from the referenced interface (directly or indirectly via IP address) that must be operationally UP and located in the same routing instance as the subscriber interface. This allows the subscriber interface to be operationally UP and consequently allow forwarding of the subscriber traffic.
Such interface is referred as unnumbered interface, since it does not have explicitly configured a unique IP address. Subscriber hosts under the unnumbered subscriber interface are installed in the fib as /32 hosts.
Without this command the subscriber interface is operationally DOWN and subscriber-host instantiation is not possible.
This command is mutually exclusive with the allow-unmatched-subnets command under the same CLI hierarchy.
The operation of IPv6 host is not affected by this command.
The no form of this command reverts to the default.
Parameters
- ip-int-name
-
Specifies the interface name from which an IPv4 address is borrowed.
- ip-address
-
Specifies the IP address from an optionally up interface that is used for subscriber interface.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
unnumbered
Syntax
unnumbered [ip-int-name | ip-address]
no unnumbered
Context
[Tree] (config>service>vpls>interface unnumbered)
Full Context
configure service vpls interface unnumbered
Description
This command configures the interface as an unnumbered interface.
Parameters
- ip-int-name
-
Specifies the name of the IP interface. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes
- ip-address
-
Specifies an IP address which must be a valid address of another interface
Platforms
All
unnumbered
Syntax
unnumbered [ip-int-name | ip-address]
no unnumbered
Context
[Tree] (config>service>vpls>interface unnumbered)
Full Context
configure service vpls interface unnumbered
Description
This command configures the interface as an unnumbered interface.
Parameters
- ip-int-name
-
Specifies the name of the IP interface. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes
- ip-address
-
Specifies an IP address which must be a valid address of another interface
Platforms
All
unnumbered
Syntax
unnumbered {ip-int-name | ip-address}
no unnumbered
Context
[Tree] (config>service>ies>if unnumbered)
Full Context
configure service ies interface unnumbered
Description
This command configures the interface as an unnumbered interface. Unnumbered IP interfaces are supported on a SONET/SDH access port with the PPP, ATM, Frame Relay, cisco-HDLC encapsulation. It is not supported on access ports that do not carry IP traffic, but are used for native TDM circuit emulation.
Parameters
- ip-int-name
-
Specifies the name of an IP interface. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.
- ip-address
-
Specifies an IP address.
Platforms
All
unnumbered
Syntax
unnumbered {ip-int-name | ip-address}
no unnumbered
Context
[Tree] (config>service>ies>if unnumbered)
Full Context
configure service ies interface unnumbered
Description
This command configures the interface as an unnumbered interface. Unnumbered IP interfaces are supported on a SONET/SDH access port with the PPP, ATM, Frame Relay, cisco-HDLC encapsulation. It is not supported on access ports that do not carry IP traffic, but are used for native TDM circuit emulation.
Parameters
- ip-int-name
-
Specifies the name of an IP interface. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed within double quotes.
- ip-address
-
Specifies an IP address.
Platforms
All
unnumbered
Syntax
unnumbered [ip-int-name | ip-address]
no unnumbered
Context
[Tree] (config>service>vprn>if unnumbered)
[Tree] (config>service>vprn>nw-if unnumbered)
Full Context
configure service vprn interface unnumbered
configure service vprn nw-if unnumbered
Description
This command configures the interface as an unnumbered interface. An unnumbered IP interface is supported on a SONET/SDH access port with the PPP, ATM, Frame Relay, cisco-HDLC encapsulation. It is not supported on access ports that do not carry IP traffic, but are used for native TDM circuit emulation.
Parameters
- ip-int-name
-
Specifies the name of an IP interface. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed between double quotes.
- ip-address
-
Specifies an IP address.
Platforms
All
unnumbered
Syntax
unnumbered [ip-int-name | ip-address]
no unnumbered
Context
[Tree] (config>service>vprn>if unnumbered)
[Tree] (config>service>vprn>nw-if unnumbered)
Full Context
configure service vprn interface unnumbered
configure service vprn nw-if unnumbered
Description
This command configures the interface as an unnumbered interface. An unnumbered IP interface is supported on a SONET/SDH access port with the PPP, ATM, Frame Relay, cisco-HDLC encapsulation. It is not supported on access ports that do not carry IP traffic, but are used for native TDM circuit emulation.
Parameters
- ip-int-name
-
Specifies the name of an IP interface. If the string contains special characters (#, $, spaces, and so on), the entire string must be enclosed between double quotes.
- ip-address
-
Specifies an IP address.
Platforms
All
unnumbered
Syntax
unnumbered [{ip-int-name | ip-address}]
no unnumbered
Context
[Tree] (config>router>if unnumbered)
Full Context
configure router interface unnumbered
Description
This command sets an IP interface as an unnumbered interface and specifies the IP address to be used for the interface.
To conserve IP addresses, unnumbered interfaces can be configured. The address used when generating packets on this interface is the ip-addr parameter configured.
An error message will be generated if an unnumbered interface is configured, and an IP address already exists on this interface.
The no form of this command removes the IP address from the interface, effectively removing the unnumbered property. The interface must be shutdown before no unnumbered is issued to delete the IP address from the interface, or an error message will be generated.
Default
no unnumbered
Parameters
- ip-int-name | ip-address
-
Optional. Specifies the IP address or IP interface name to associate with the unnumbered IP interface in dotted decimal notation. The configured IP address must exist on this node. It is recommended to use the system IP address as it is not associated with a specific interface and is therefore always reachable. The system IP address is the default if no ip-addr or ip-int-name is configured.
Platforms
All
unnumbered-source-ip
unnumbered-source-ip
Syntax
unnumbered-source-ip {ip-address}
no unnumbered-source-ip
Context
[Tree] (config>subscr-mgmt>shcv-policy>layer-3 unnumbered-source-ip)
Full Context
configure subscriber-mgmt shcv-policy layer-3 unnumbered-source-ip
Description
This command configures the source IPv4 address (also known as the sender IP address) used in SHCV ARP requests for unnumbered hosts. When unconfigured, 0.0.0.0 is used as the source IPv4 address in SHCV ARP requests.
The no form of this command removes the IPv4 address from Layer 3.
Parameters
- ip-address
-
Specifies the unicast IPv4 address to be used as the source address in SHCV ARP requests for unnumbered hosts.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
unreachables
unreachables
Syntax
unreachables [number seconds]
no unreachables[number seconds]
Context
[Tree] (config>service>vprn>if>icmp unreachables)
[Tree] (config>service>ies>if>icmp unreachables)
[Tree] (config>service>vprn>nw-if>icmp unreachables)
[Tree] (config>service>vprn>sub-if>grp-if>icmp unreachables)
[Tree] (config>service>ies>sub-if>grp-if>icmp unreachables)
[Tree] (config>service>vprn>if>ipv6>icmp6 unreachables)
Full Context
configure service vprn interface icmp unreachables
configure service ies interface icmp unreachables
configure service vprn network-interface icmp unreachables
configure service vprn subscriber-interface group-interface icmp unreachables
configure service ies subscriber-interface group-interface icmp unreachables
configure service vprn interface ipv6 icmp6 unreachables
Description
This command configures the rate for ICMP host and network destination unreachable messages issued on the router interface.
The unreachables command enables the generation of ICMP destination unreachables on the router interface. The rate at which ICMP unreachables is issued can be controlled with the optional number and seconds parameters by indicating the maximum number of destination unreachable messages which can be issued on the interface for a given time interval.
By default, generation of ICMP destination unreachables messages is enabled at a maximum rate of 100 per 10 second time interval.
The no form of this command disables the generation of ICMP destination unreachable messages on the router interface and reverts to the default values.
Default
unreachables 100 10
Parameters
- number
-
Specifies the maximum number of ICMP unreachable messages to send. This parameter must be specified with the seconds parameter.
- seconds
-
Specifies the time frame, in seconds, used to limit the number of ICMP unreachable messages that can be issued.
Platforms
All
- configure service ies interface icmp unreachables
- configure service vprn interface ipv6 icmp6 unreachables
- configure service vprn network-interface icmp unreachables
- configure service vprn interface icmp unreachables
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
- configure service vprn subscriber-interface group-interface icmp unreachables
- configure service ies subscriber-interface group-interface icmp unreachables
unreachables
Syntax
unreachables [number seconds]
no unreachables
Context
[Tree] (config>service>ies>if>ipv6>icmp6 unreachables)
Full Context
configure service ies interface ipv6 icmp6 unreachables
Description
This command specifies that ICMPv6 host and network unreachable messages are generated by this interface.
When disabled, ICMPv6 host and network unreachable messages are not sent.
The no form of this command reverts to the default.
Default
unreachables 100 10
Parameters
- number
-
Specifies the number of destination unreachable ICMPv6 messages are issued in the time frame specified by the seconds parameter.
- seconds
-
Specifies the time frame, in seconds, that is used to limit the number of destination unreachable ICMPv6 messages to be issued.
Platforms
All
unreachables
Syntax
unreachables [number number] [seconds seconds]
no unreachables
Context
[Tree] (config>subscr-mgmt>git>ipv4>icmp unreachables)
Full Context
configure subscriber-mgmt group-interface-template ipv4 icmp unreachables
Description
This command configures the generation of ICMP destination unreachable messages on the router interface. The rate at which ICMP unreachable messages are issued can be controlled with the optional number and seconds parameters, which indicate the maximum number of destination unreachable messages that can be issued on the interface for a given time interval.
By default, generation of ICMP destination unreachables messages is enabled at a maximum rate of 100 per 10 second time interval.
The no form of this command disables the generation of ICMP destination unreachable messages on the router interface.
Default
unreachables number 100 seconds 10
Parameters
- number
-
Specifies the maximum number of ICMP unreachable messages sent. This parameter must be specified with the seconds parameter.
- seconds
-
Specifies the time frame, in seconds, used to limit the number of ICMP unreachable messages that can be issued.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
unreachables
Syntax
unreachables [number seconds]
no unreachables
Context
[Tree] (config>router>if>icmp unreachables)
Full Context
configure router interface icmp unreachables
Description
This command enables and configures the rate for ICMP host and network destination unreachable messages issued on the router interface.
The unreachables command enables the generation of ICMP destination unreachables on the router interface. The rate at which ICMP unreachables is issued can be controlled with the optional number and seconds parameters by indicating the maximum number of destination unreachable messages that can be issued on the interface for a given time interval.
By default, generation of ICMP destination unreachables messages is enabled at a maximum rate of 100 per 10 second time interval.
The no form of this command disables the generation of ICMP destination unreachables on the router interface.
Default
unreachables 100 10 — Maximum of 100 unreachable messages in 10 seconds.
Parameters
- number
-
The maximum number of ICMP unreachable messages to send, expressed as a decimal integer. The seconds parameter must also be specified.
- seconds
-
The time frame, in seconds, used to limit the number of ICMP unreachable messages that can be issued, expressed as a decimal integer.
Platforms
All
unreachables
Syntax
unreachables [number seconds]
no unreachables
Context
[Tree] (config>router>if>ipv6>icmp6 unreachables)
Full Context
configure router interface ipv6 icmp6 unreachables
Description
This command configures the rate for ICMPv6 unreachable messages. When enabled, ICMPv6 host and network unreachable messages are generated by this interface.
The no form of this command disables the generation of ICMPv6 host and network unreachable messages by this interface.
Default
unreachables 100 10 (when IPv6 is enabled on the interface)
Parameters
- number
-
Determines the number destination unreachable ICMPv6 messages to issue in the time frame specified in seconds parameter.
- seconds
-
Sets the time frame, in seconds, to limit the number of destination unreachable ICMPv6 messages issued per time frame.
Platforms
All
untrusted
untrusted
Syntax
untrusted [default-forwarding default-forwarding]
no untrusted
Context
[Tree] (config>router>if untrusted)
Full Context
configure router interface untrusted
Description
This command configures the state of untrusted for a network IP interface.
The untrusted state identifies the participating interfaces in the label security feature for prefixes of a VPN family at an inter-AS boundary. The router supports a maximum of 15 network interfaces that can participate in this feature.
The user normally applies this command to an inter-AS interface. PIP keeps track of the untrusted status of each interface. In the data path, such an interface causes the default forwarding to be set to the default-forwarding value.
For backward compatibility reasons, the interface default-forwarding is set to the forward value; this means that labeled packets are checked in the normal way against the table of programmed ILMs to decide if they should be dropped or forwarded in a GRT, a VRF, or a L2 service context.
If the user sets the default-forwarding value to drop, all labeled packets received on that interface are automatically dropped.
This command sets the default behavior for an untrusted interface in the data path and for all ILMs. When enabling the label security for VPN IPv4 or VPN IPv6 prefixes, BGP programs the data path to provide an exception to the normal way of forwarding handling away from the default for those VPRN ILMs.
The no form of this command returns the interface into the default state of trusted.
Default
no untrusted
Parameters
- default-forwarding
-
Specifies the default forwarding behavior of labeled packets received on this interface.
Platforms
All
unzip
unzip
Syntax
unzip source-file-url [dest-file-url] list
unzip source-file-url dest-file-url [create-destination] [force]
Context
[Tree] (file unzip)
Full Context
file unzip
Description
This command expands the contents of a ZIP file to the local file system. Any file that is zipped using the store, deflate, or zip64 compression methods can be unzipped. The source ZIP file location can be a locally installed solid-state storage device or a remote FTP or TFTP server. Files can only be unzipped to the active CPM.
Parameters
- source-file-url, dest-file-url
-
Specifies the source or destination file URL.
- create-destination
-
Specifies that a non-existent directory structure that is explicitly entered as the destination file URL is created as part of the unzip operation. This parameter is required to create new directories.
- list
-
Lists the content of the ZIP file without performing the unzip operation.
- force
-
Overwrites without prompting, any file or directory contained within the ZIP file that already exists in the destination URL. This keyword does not automatically create new directories explicitly specified by dest-file-url. To create these directories, use the create-destination flag.
Platforms
All
up
up
Syntax
up ip seconds
no up ip
up ipv6 seconds
no up ipv6
Context
[Tree] (config>service>vprn>nw-if>hold-time up)
[Tree] (config>service>ies>if>hold-time up)
[Tree] (config>service>vprn>sub-if>hold-time up)
[Tree] (config>service>vprn>if>hold-time up)
[Tree] (config>service>vpls>if>hold-time up)
[Tree] (config>service>vprn>red-if>hold-time up)
[Tree] (config>service>ies>red-if>hold-time up)
[Tree] (config>service>ies>sub-if>hold-time up)
Full Context
configure service vprn network-interface hold-time up
configure service ies interface hold-time up
configure service vprn subscriber-interface hold-time up
configure service vprn interface hold-time up
configure service vpls interface hold-time up
configure service vprn redundant-interface hold-time up
configure service ies redundant-interface hold-time up
configure service ies subscriber-interface hold-time up
Description
This command causes a delay in the deactivation of the associated IP interface by the specified number of seconds. The delay is invoked whenever the system attempts to bring the associated IP interface down.
The no form of this command removes the command from the active configuration and removes the delay in deactivating the associated IP interface. If the configuration is removed during a delay period, the currently running delay will continue until it expires.
Default
no up ip
Parameters
- seconds
-
The time delay, in seconds, to make the interface operational.
Platforms
All
- configure service vpls interface hold-time up
- configure service ies interface hold-time up
- configure service vprn network-interface hold-time up
- configure service vprn interface hold-time up
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
- configure service vprn redundant-interface hold-time up
- configure service vprn subscriber-interface hold-time up
- configure service ies subscriber-interface hold-time up
- configure service ies redundant-interface hold-time up
up-link
up-link
Syntax
up-link gbr rate mbr rate
no up-link
Context
[Tree] (config>subscr-mgmt>gtp>peer-profile>ggsn>qos up-link)
[Tree] (config>subscr-mgmt>gtp>peer-profile>pgw>qos up-link)
[Tree] (config>subscr-mgmt>gtp>peer-profile>mme>qos up-link)
Full Context
configure subscriber-mgmt gtp peer-profile ggsn qos up-link
configure subscriber-mgmt gtp peer-profile pgw qos up-link
configure subscriber-mgmt gtp peer-profile mme qos up-link
Description
This command configures the up-link bitrate in kb/s to be used in the GTP messages.
The no form of this command reverts to the default.
Default
up-link gbr 5000 mbr 5000 - for ggsn
up-link gbr 0 mbr 0 - for mme and pgw
Parameters
- gbr rate
-
Specifies the uplink Guaranteed Bit Rate (GBR) to be used in the GTP messages as QOS IE (GTPv1) or Bearer QOS (GTPv2).
- mbr rate
-
Specifies the uplink Maximum Bit Rate (MBR) to be used in the GTP messages as QOS IE (GTPv1) or Bearer QOS (GTPv2).
Platforms
7750 SR, 7750 SR-e, 7750 SR-s, VSR
up-nat-policy
up-nat-policy
Syntax
up-nat-policy name [ create]
Context
[Tree] (config>service>nat up-nat-policy)
Full Context
configure service nat up-nat-policy
Description
This command creates a NAT policy template for BNG CUPS UPF. This template is instantiated for a set of subscribers sharing in a NAT pool. The policy includes parameters that define the BNG CUPS UPF NAT behavior, such as, but not limited to, the following:
-
ALGs
-
filtering mode
-
watermarks
-
ports and NAT flow limits
-
priority NAT flows
-
protocol timers
When the BNG CPF does not receive the NAT policy template, a default template takes effect if it is configured on the BNG UPF. The name of the default NAT policy template on the BNG UPF must equal default.
Parameters
- create
-
Keyword required to create a new NAT policy for BNG CUPS UPF.
- name
-
Specifies the UP NAT policy name, up to 32 characters. The name default has a special meaning representing the default NAT policy template. The system uses the default template when the BNG CPF does not receive a more specific name when the subscriber is instantiated.
Platforms
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
up-resiliency
up-resiliency
Syntax
up-resiliency
Context
[Tree] (config>subscr-mgmt up-resiliency)
Full Context
configure subscriber-mgmt up-resiliency
Description
Commands in this context configure the inter-UPF resiliency in a CUPS system.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
up-resiliency
Syntax
up-resiliency
Context
[Tree] (config>service>vprn>subscriber-mgmt up-resiliency)
[Tree] (config>service>vpls>sap>pfcp up-resiliency)
[Tree] (config>service>ies>subscriber-mgmt up-resiliency)
Full Context
configure service vprn subscriber-mgmt up-resiliency
configure service vpls sap pfcp up-resiliency
configure service ies subscriber-mgmt up-resiliency
Description
Commands in this context configure inter-UPF resiliency service parameters.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
up-threshold
up-threshold
Syntax
up-threshold percent-change [bw absolute-change]
Context
[Tree] (config>router>rsvp>dbw-accounting up-threshold)
Full Context
configure router rsvp dbw-accounting up-threshold
Description
This command sets the minimum change (in percent of the latest advertised value) above which an increase in MRLB (IS-IS TE sub-TLV 10) or MRB (OSPF TE sub-TLV 7) triggers an IGP-TE update. This configuration only applies to a change in MRLB or MRB caused by dark bandwidth. Other events affecting MRLB or MRB (such as the change of the subscription factor or the loss of link in a LAG over which the RSVP interface is defined) trigger an immediate TE update, regardless of the importance of the impact.
Optionally, the threshold can also be expressed as an absolute value. In this case, the evaluation of the change is made using the percent change and the absolute change. An IGP-TE update is sent if both of these thresholds are crossed. Changing this parameter in the course of dark bandwidth accounting does not affect the accounting cycle.
Default
up-threshold 0
Parameters
- percent-change
-
Specifies the minimum increase in MRLB/MRB, expressed in percent.
- absolute-change
-
Specifies the minimum increase in MRLB/MRB, expressed in Mb/s.
Platforms
7750 SR, 7750 SR-s, 7950 XRS, VSR
update
update
Syntax
update [neighbor ip-address | group name]
no update
Context
[Tree] (debug>router>bgp update)
Full Context
debug router bgp update
Description
This command decodes and logs all sent and received update messages in the debug log.
The no form of this command disables debugging.
Parameters
- neighbor ip-address
-
Debugs only events affecting the specified BGP neighbor.
- group name
-
Debugs only events affecting the specified peer group name, up to 64 characters, and associated neighbors.
Platforms
All
Output
Use the following command to display debug router BGP update information.
Sample Outputdebug router bgp update
17 2022/05/04 17:39:07.566 UTC MINOR: DEBUG #2001 Base Peer 1: 192.0.2.4
"Peer 1: 192.0.2.4: UPDATE
Peer 1: 192.0.2.4 - Received BGP UPDATE:
Withdrawn Length = 0
Total Path Attr Length = 76
Flag: 0x90 Type: 14 Len: 32 Multiprotocol Reachable NLRI:
Address Family L2VPN
NextHop len 4 NextHop 192.0.2.4
[VPLS/VPWS] preflen 21, veid: 4, vbo: 5, vbs: 1, label-base: 524252, RD
192.0.2.4:801, csv: 0x00000000, type 1, len 1,
Flag: 0x40 Type: 1 Len: 1 Origin: 0
Flag: 0x40 Type: 2 Len: 0 AS Path:
Flag: 0x80 Type: 4 Len: 4 MED: 0
Flag: 0x40 Type: 5 Len: 4 Local Preference: 100
Flag: 0xc0 Type: 16 Len: 16 Extended Community:
target:64500:801
l2-vpn/vrf-imp:Encap=5: Flags=-TRC: MTU=1514: PREF=0
158 2022/05/10 08:05:21.767 UTC MINOR: DEBUG #2001 Base Peer 1: 2001:db8::2
"Peer 1: 2001:db8::2: UPDATE
Peer 1: 2001:db8::2 - Send BGP UPDATE:
Withdrawn Length = 0
Total Path Attr Length = 81
Flag: 0x90 Type: 14 Len: 36 Multiprotocol Reachable NLRI:
Address Family EVPN
NextHop len 4 NextHop 192.0.2.5
Type: EVPN-AD Len: 25 RD: 192.0.2.5:201 ESI: ESI-0, tag: 5 Label: 838804
8 (Raw Label: 0x7ffdd0) PathId:
Flag: 0x40 Type: 1 Len: 1 Origin: 0
Flag: 0x40 Type: 2 Len: 0 AS Path:
Flag: 0x40 Type: 5 Len: 4 Local Preference: 100
Flag: 0xc0 Type: 16 Len: 24 Extended Community:
target:64500:201
l2-attribute:MTU: 1514 C: 1 F: 1 P: 0 B: 0
bgp-tunnel-encap:MPLS
"
367 2022/05/10 08:04:47.560 UTC MINOR: DEBUG #2001 Base Peer 1: 2001:db8::5
"Peer 1: 2001:db8::5: UPDATE
Peer 1: 2001:db8::5 - Send BGP UPDATE:
Withdrawn Length = 0
Total Path Attr Length = 77
Flag: 0x90 Type: 14 Len: 28 Multiprotocol Reachable NLRI:
Address Family EVPN
NextHop len 4 NextHop 192.0.2.2
Type: EVPN-INCL-MCAST Len: 17 RD: 192.0.2.2:500, tag: 0, orig_addr len:
32, orig_addr: 192.0.2.2
Flag: 0x40 Type: 1 Len: 1 Origin: 0
Flag: 0x40 Type: 2 Len: 0 AS Path:
Flag: 0x40 Type: 5 Len: 4 Local Preference: 100
Flag: 0xc0 Type: 16 Len: 16 Extended Community:
target:64500:500
l2-attribute:MTU: 1514 C: 1 F: 1 P: 0 B: 0
bgp-tunnel-encap:MPLS
Flag: 0xc0 Type: 22 Len: 9 PMSI:
Tunnel-type Ingress Replication (6)
Flags: (0x0)[Type: None BM: 0 U: 0 Leaf: not required]
MPLS Label 8388512
Tunnel-Endpoint 192.0.2.2
update-fault-tolerance
update-fault-tolerance
Syntax
[no] update-fault-tolerance
Context
[Tree] (config>service>vprn>bgp>error-handling update-fault-tolerance)
[Tree] (config>service>vprn>bgp>group>neighbor>error-handling update-fault-tolerance)
[Tree] (config>service>vprn>bgp>group>error-handling update-fault-tolerance)
Full Context
configure service vprn bgp error-handling update-fault-tolerance
configure service vprn bgp group neighbor error-handling update-fault-tolerance
configure service vprn bgp group error-handling update-fault-tolerance
Description
This command enables treat-as-withdraw and other similarly non-disruptive approaches for handling a wide range of UPDATE message errors, as long as there are no length errors that prevent all of the NLRI fields from being correctly identified and parsed.
Default
no update-fault-tolerance
Platforms
All
update-fault-tolerance
Syntax
[no] update-fault-tolerance
Context
[Tree] (config>router>bgp>group>neighbor>error-handling update-fault-tolerance)
[Tree] (config>router>bgp>group>error-handling update-fault-tolerance)
[Tree] (config>router>bgp>error-handling update-fault-tolerance)
Full Context
configure router bgp group neighbor error-handling update-fault-tolerance
configure router bgp group error-handling update-fault-tolerance
configure router bgp error-handling update-fault-tolerance
Description
This command enables treat-as-withdraw and other similarly non-disruptive approaches for handling a wide range of UPDATE message errors, as long as there are no length errors that prevent all of the NLRI fields from being correctly identified and parsed.
Default
no update-fault-tolerance
Platforms
All
update-interval
update-interval
Syntax
update-interval [hrs hours] [min minutes] [days days]
no update-interval
Context
[Tree] (config>service>dynsvc>acct-2 update-interval)
[Tree] (config>service>dynsvc>acct-1 update-interval)
Full Context
configure service dynamic-services dynamic-services-policy accounting-2 update-interval
configure service dynamic-services dynamic-services-policy accounting-1 update-interval
Description
This command specifies the interval between each RADIUS Accounting Interim-Update message (minimum 5 minutes; maximum 180 days).
The no form of this command disables the sending of Accounting Interim-Update messages.
A RADIUS specified Accounting Interim Interval overrides the CLI configured value.
Default
no update-interval (do not send Accounting Interim-Update messages)
Parameters
- hrs
-
specifies the interval in hours.
- min
-
Specifies the interval in minutes.
- days
-
specifies the interval in days.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
update-interval
Syntax
update-interval [hrs hours] [min minutes] [days days]
no update-interval
Context
[Tree] (config>service>dynsvc>ladb>user>idx>acct update-interval)
Full Context
configure service dynamic-services local-auth-db user-name index accounting update-interval
Description
This command specifies the time between each dynamic data service accounting interim update for this accounting destination. This command overrides the local configured value in the dynamic services policy.
The no form of this command disables the generation of interim accounting updates to this destination.
The minimum update interval is 5 minutes.
Parameters
- hours
-
Specifies the interval in hours.
- minutes
-
Specifies the interval in minutes.
- days
-
Specifies the interval in days.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
update-interval
Syntax
update-interval minutes
no update-interval
Context
[Tree] (config>subscr-mgmt>acct-plcy update-interval)
Full Context
configure subscriber-mgmt radius-accounting-policy update-interval
Description
This command specifies the interval at which accounting data of subscriber hosts is updated in a RADIUS Accounting Interim-Update message. Requires interim-update to be enabled when specifying the accounting mode in the radius accounting policy.
A RADIUS specified interim interval (attribute [85] Acct-Interim-Interval) overrides the CLI configured value.
The no form of this command reverts to the default.
Parameters
- minutes
-
Specifies the interval, in minutes, at which accounting data of subscriber hosts is updated.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
update-interval
Syntax
update-interval minutes [jitter seconds]
no update-interval
Context
[Tree] (config>ipsec>rad-acct-plcy update-interval)
Full Context
configure ipsec radius-accounting-policy update-interval
Description
This command enables the system to send RADIUS interim-update packets for IKEv2 remote-access tunnels. The RADIUS attributes in the interim-update packet are the same as acct-start. The value of the Acct-status-type in the interim-update message is 3.
Default
update-interval 10
Parameters
- minutes
-
Specifies the interval in minutes.
- seconds
-
Specifies the jitter as the number of seconds when the system sends each interim-update packet.
Platforms
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
update-interval
Syntax
update-interval seconds
Context
[Tree] (config>test-oam>link-meas>template>twl>ipv6-dest-disc update-interval)
Full Context
configure test-oam link-measurement measurement-template twamp-light ipv6-destination-discovery update-interval
Description
This command configures the transmission frequency used to maintain the peer address. IPv6 discovery packets are generated to ensure that the peer address has not changed. After the discovery-timer expires or a peer is discovered during the discovery-timer phase the value of update-interval is used to continue to monitor the address of the peer. When set to zero, maintaining the peer address is disabled after the initial discovery phase. If the peer has not been discovered during that phase, disabling and enabling the IPv6 protocol can be used to restart the discovery process.
Default
update-interval 600
Parameters
- seconds
-
Specifies the frequency used for probe packets once discovery-timer expires.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, 7950 XRS
update-interval-jitter
update-interval-jitter
Syntax
update-interval-jitter absolute seconds
no update-interval-jitter
Context
[Tree] (config>service>dynsvc>acct-2 update-interval-jitter)
[Tree] (config>service>dynsvc>acct-1 update-interval-jitter)
Full Context
configure service dynamic-services dynamic-services-policy accounting-2 update-interval-jitter
configure service dynamic-services dynamic-services-policy accounting-1 update-interval-jitter
Description
This command specifies the absolute maximum random delay introduced on the update interval between two RADIUS Accounting Interim Update messages. The effective maximum random delay value is the minimum of the configured absolute jitter value and 10% of the configured update-interval.
A value of zero sends the accounting interim update message without introducing an additional random delay.
The no form of this command sets the default to 10% of the configured update-interval.
Default
no update-interval-jitter (10% of the configured update-interval)
Parameters
- seconds
-
Specifies the absolute maximum jitter value in seconds.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
update-interval-jitter
Syntax
update-interval-jitter absolute seconds
no update-interval-jitter
Context
[Tree] (config>subscr-mgmt>acct-plcy update-interval-jitter)
Full Context
configure subscriber-mgmt radius-accounting-policy update-interval-jitter
Description
This command specifies the absolute maximum random delay introduced on the update interval between two accounting interim update messages. The effective maximum random delay value is the minimum of the configured absolute jitter value and 10% of the configured update-interval.
A value of zero will send the accounting interim update message without introducing an additional random delay.
The no form of this command sets the default to 10% of the configured update-interval.
Parameters
- seconds
-
Specifies the absolute maximum jitter value in seconds.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
update-timer
update-timer
Syntax
update-timer seconds
no update-timer
Context
[Tree] (config>router>rsvp>te-threshold-update update-timer)
Full Context
configure router rsvp te-threshold-update update-timer
Description
This command is to control timer-based IGP TE updates. Timer-based IGP updates can be enabled by specifying a non-zero time value. Default value of update-timer is 0.
The no form of this command should reset update-timer to the default value and disable timer-based IGP update.
Default
no update-timer
Parameters
- seconds
-
Specifies the time in seconds.
Platforms
All
updated-error-handling
updated-error-handling
Syntax
[no] updated-error-handling
Context
[Tree] (config>service>vprn>bgp>group updated-error-handling)
[Tree] (config>service>vprn>bgp>group>neighbor updated-error-handling)
Full Context
configure service vprn bgp group updated-error-handling
configure service vprn bgp group neighbor updated-error-handling
Description
This command controls whether SR OS utilizes the new neighbor-complete bit when processing optional transitive path attributes and advertising them to the associated BGP neighbor.
This command also control if SR OS utilizes the error handling mechanism for optional-transitive path attributes.
Default
no updated-error-handling
Platforms
All
updates
updates
Syntax
[no] updates [neighbor ip-int-name | ip-address]
Context
[Tree] (debug>router>rip updates)
Full Context
debug router rip updates
Description
This command enables debugging for RIP updates.
Parameters
- ip-int-name | ip-address
-
Debugs the RIP updates sent on the neighbor IP address or interface.
Platforms
All
updates
Syntax
[no] updates [neighbor ip-int-name | ipv6-address]
Context
[Tree] (debug>router>ripng updates)
Full Context
debug router ripng updates
Description
This command enables debugging for RIP updates.
Parameters
- ip-int-name| ipv6-address
-
Debugs the RIP updates sent on the neighbor IP address or interface.
Platforms
All
upf-data-endpoint
upf-data-endpoint
Syntax
upf-data-endpoint interface interface-name fpe fep-id
no upf-data-endpoint
Context
[Tree] (config>service>vprn>gtp upf-data-endpoint)
[Tree] (config>router>gtp upf-data-endpoint)
Full Context
configure service vprn gtp upf-data-endpoint
configure router gtp upf-data-endpoint
Description
This command configures the GTP - User Plane (GTP-U) endpoint used by BNG CUPS FWA sessions.
The no form of the command disables GTP-U termination for BNG CUPS FWA sessions.
Default
no upf-data-endpoint
Parameters
- interface-name
-
Specifies an interface name on which GTP-U packets terminate. The name must start with a letter and can be up to 32 characters.
- fpe-id
-
Specifies the forwarding path extension (FPE) ID used to encapsulate and decapsulate GTP-U traffic.
Platforms
7750 SR, 7750 SR-e, 7750 SR-s, VSR
upgrade
upgrade
Syntax
upgrade index path upgrade-name
no upgrade index
Context
[Tree] (config>card>xiom upgrade)
[Tree] (config>card upgrade)
[Tree] (config>card>mda upgrade)
Full Context
configure card xiom upgrade
configure card upgrade
configure card mda upgrade
Description
This command assigns a license level upgrade to the card, XIOM, or XMA. There can be multiple upgrades applied to a card, XIOM, or XMA. The first upgrade must use index 1 and then next index 2 and so on. Also, when removing upgrades, the largest index must be removed first and then the next largest removed and so on.
The path indicates the starting level and the new level that will apply due to the upgrade. For example, "cr1200g-cr1600g" can be applied to an XMA that is currently at the cr1200g level and after application of the upgrade, the operational level of the XMA shall be cr1600g.
There must be an upgrade license available for the path specified. Available upgrades can be checked using the show licensing entitlements command.
Some upgrades require a hard reset of the card or MDA to take effect. In general, this is required when the Full Duplex bandwidth is being changed.
Parameters
- index
-
Specifies the order of the upgrade.
- upgrade-name
-
Specifies the upgrade name to be applied, up to 32 characters.
Platforms
7750 SR-1s, 7750 SR-2s, 7750 SR-7s, 7750 SR-14s
- configure card xiom upgrade
7450 ESS, 7750 SR, 7750 SR-1se
- configure card upgrade
7750 SR-1s, 7750 SR-2s, 7750 SR-2se, 7750 SR-7s, 7750 SR-14s, 7950 XRS
- configure card mda upgrade
upgrade
Syntax
upgrade
Context
[Tree] (admin>app-assure upgrade)
Full Context
admin application-assurance upgrade
Description
Use this command to load a new isa-aa.tim file as part of a router-independent signature upgrade. An AA ISA reboot is required.
Platforms
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
uplink
uplink
Syntax
[no] uplink
Context
[Tree] (config>service>vprn>gtp uplink)
[Tree] (config>router>gtp uplink)
Full Context
configure service vprn gtp uplink
configure router gtp uplink
Description
This command enables GTP configuration related to a GTP uplink using the Gn, S2a, or S2b interface.
Platforms
7750 SR, 7750 SR-e, 7750 SR-s, VSR
uplink
Syntax
uplink arbiter arbiter-name
uplink policer policer-id
uplink queue queue-id
uplink scheduler scheduler-name
no uplink
Context
[Tree] (config>subscr-mgmt>gtp>apn-policy>apn>ambr-qos-mapping uplink)
Full Context
configure subscriber-mgmt gtp apn-policy apn ambr-qos-mapping uplink
Description
When enabled, the uplink rate in the APN-AMBR IE in an incoming GTP message is interpreted as a rate override for the specified ingress QoS object. For queues and policers, the PIR is overridden.
This override uses standard SR OS QoS overrides. Therefore, a subsequent Gx/RADIUS-based override removes this override.
The no form of this command disables the override mechanism.
Default
no uplink
Parameters
- arbiter-name
-
Specifies the name of the arbiter to be overridden, up to 32 characters.
- policer-id
-
Specifies the ID of the policer to be overridden.
- queue-id
-
Specifies the ID of the queue to be overridden.
- scheduler-name
-
Specifies the name of the scheduler to be overridden, up to 32 characters.
Platforms
7750 SR, 7750 SR-e, 7750 SR-s, VSR
uplink
Syntax
uplink port-id
uplink system-default
uplink none
Context
[Tree] (config>system>satellite>port-template>port uplink)
Full Context
configure system satellite port-template port uplink
Description
This command configures the uplink association to be used for the associated satellite port.
Parameters
- port-id
-
Specifies the satellite physical port ID. This must use the format slot/mda/port. All satellites have a single slot and a single MDA, so these values will always be 1. For example, port 10 would be specified as 1/1/10.
- system-default
-
Specifies that the uplink association is returned to the system default.
- none
-
Clears the uplink association.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, 7950 XRS
uplink-forwarding-while-standby
uplink-forwarding-while-standby
Syntax
[no] uplink-forwarding-while-standby
Context
[Tree] (config>subscr-mgmt>up-resiliency>fsg-template uplink-forwarding-while-standby)
Full Context
configure subscriber-mgmt up-resiliency fate-sharing-group-template uplink-forwarding-while-standby
Description
This command allows a standby BNG UPF to forward uplink traffic. To prevent the possibility of packet replication towards the network, this command should only be enabled if the access network is provisioned not to replicate unicast packets to the BNG UPF.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
uplink-initial-wait
uplink-initial-wait
Syntax
uplink-initial-wait seconds
Context
[Tree] (config>subscr-mgmt>vrgw>brg>brg-profile uplink-initial-wait)
Full Context
configure subscriber-mgmt vrgw brg brg-profile uplink-initial-wait
Description
This command specifies how long to wait for the uplink to fully establish when using a non-routed uplink such as a PPPoE client. During this initial wait time, setup of devices in the home is blocked.
After the timer expires, if an uplink was successful on only one of two IP stacks, devices continue to be configured with the successful IP stack. Control plane message for the failed IP stack are dropped.
Default
uplink-initial-wait 30
Parameters
- seconds
-
Specifies the timeout in seconds.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
uplink-mbr-gbr
uplink-mbr-gbr
Syntax
uplink-mbr-gbr arbiter arbiter-name
uplink-mbr-gbr policer policer-id
uplink-mbr-gbr queue queue-id
uplink-mbr-gbr scheduler scheduler-name
no uplink-mbr-gbr
Context
[Tree] (config>subscr-mgmt>sla-prof>pfcp>seq uplink-mbr-gbr)
Full Context
configure subscriber-mgmt sla-profile pfcp-mappings session-qer uplink-mbr-gbr
Description
This command configures the uplink MBR/GBR to QoS override mapping.
The no form of the command disables the uplink MBR/GBR mapping.
Default
no uplink-mbr-gbr
Parameters
- arbiter-name
-
Specifies the arbiter target of the MBR/GBR override. The arbiter name can be up to 32 characters.
- policer-id
-
Specifies the policer ID target of the MBR/GBR override.
- queue-id
-
Specifies the queue ID target of the MBR/GBR override.
- scheduler-name
-
Specifies the scheduler name target of the MBR/GBR override. The scheduler name can be up to 32 characters.
Platforms
7750 SR, 7750 SR-e, 7750 SR-s, VSR
upnp
upnp
Syntax
upnp
Context
[Tree] (config>service upnp)
Full Context
configure service upnp
Description
Commands in this context configure UPnP parameters.
Platforms
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
upnp-mappings
upnp-mappings
Syntax
upnp-mappings [upnp-mappings]
no upnp-mappings
Context
[Tree] (config>isa>wlan-gw-group>nat>session-limits upnp-mappings)
Full Context
configure isa wlan-gw-group nat session-limits upnp-mappings
Description
This command limits the number of Universal Plug 'n Play mappings per member
The no form of this command reverts to the default value.
Default
upnp-mappings 524288
Parameters
- upnp-mappings
-
specifies, for each MDA in this ISA group, the maximum number of Universal Plug 'n Play (UPnP) mappings.
Platforms
7750 SR, 7750 SR-e, 7750 SR-s, VSR
upnp-mappings
Syntax
upnp-mappings limit no upnp-mappings
Context
[Tree] (config>isa>nat-group>session-limits upnp-mappings)
Full Context
configure isa nat-group session-limits upnp-mappings
Description
This command specifies the maximum number of UPnP mappings per ISA.
Default
524288
Parameters
- limit
-
Specifies the maximum number of UPnP mappings.
Platforms
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
upnp-policy
upnp-policy
Syntax
upnp-policy policy-name [create]
no upnp-policy policy-name
Context
[Tree] (config>service>upnp upnp-policy)
Full Context
configure service upnp upnp-policy
Description
This command creates a new upnp-policy or enters the configuration context of an existing upnp-policy.
The no form of the command removes the upnp-policy policy-name from the configuration.
Parameters
- policy-name
-
Specifies the name of the UPnP policy up to 32 characters.
Platforms
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
upnp-policy
Syntax
upnp-policy policy-name
no upnp-policy
Context
[Tree] (config>subscr-mgmt>sub-prof upnp-policy)
Full Context
configure subscriber-mgmt sub-profile upnp-policy
Description
This command enables UPnP IGD services for the subscriber. All ESM hosts of the subscriber could use the UPnP protocol to create port mapping. This feature only support L2-Aware NAT host.
UPnP parameters are defined in the referenced upnp-policy configured in the config> service>upnp context.
Default
no upnp-policy
Parameters
- policy-name
-
Specifies the UPnP policy associated with this subscriber profile up to 32 characters.
Platforms
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
upstream-ip-filter
upstream-ip-filter
Syntax
upstream-ip-filter filter-id
no upstream-ip-filter
Context
[Tree] (config>router>nat>outside upstream-ip-filter)
[Tree] (config>service>vprn>nat>outside upstream-ip-filter)
Full Context
configure router nat outside upstream-ip-filter
configure service vprn nat outside upstream-ip-filter
Description
This command configures the ip-filter for upstream traffic. This filter is applied to the upstream traffic after the NAT function and before it enters the outside virtual router instance; it is useful for traffic that bypasses the ingress filters applied in the inside virtual router instance, such as DS-Lite traffic.
Default
no upstream-ip-filter
Parameters
- filter-id
-
Specifies the identifier of an IP filter.
Platforms
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
upstream-ipv6-filter
upstream-ipv6-filter
Syntax
upstream-ipv6-filter filter-id
no upstream-ipv6-filter
Context
[Tree] (config>router>nat>outside upstream-ipv6-filter)
[Tree] (config>service>vprn>nat>outside upstream-ipv6-filter)
Full Context
configure router nat outside upstream-ipv6-filter
configure service vprn nat outside upstream-ipv6-filter
Description
This command configures the ipv6-filter for upstream traffic. This filter is applied to the upstream traffic after the NAT function and before it enters the outside virtual router instance. This is useful for shared v6 filters that apply to all v6 DSM hosts.
Default
no upstream-ipv6-filter
Parameters
- filter-id
-
Specifies the identifier of an ipv6-filter.
Platforms
7750 SR, 7750 SR-e, 7750 SR-s, VSR
url
url
Syntax
url rdr-url-sting
no url
Context
[Tree] (config>subscr-mgmt>http-rdr-plcy url)
Full Context
configure subscriber-mgmt http-redirect-policy url
Description
This command configures the HTTP URL to re-direct the matching traffic to. It also can specify inclusion of original URL, MAC address and IP address of the subscriber in the redirect URL.
Parameters
- rdr-url-sting
-
Specifies the URL to redirect to.
Platforms
7750 SR, 7750 SR-e, 7750 SR-s, VSR
url
Syntax
url url-string [service-id service-id]
url url-string [service-name service-name]
no url
Context
[Tree] (config>system>security>pki>ca-profile>cmpv2 url)
Full Context
configure system security pki ca-profile cmpv2 url
Description
This command specifies HTTP URL of the CMPv2 server. The URL must be unique across all configured ca-profiles.
The URL will be resolved by the DNS server configured (if configured) in the corresponding router context.
If the service-id is 0 or omitted, then system will try to resolve the FQDN via DNS server configured in bof.cfg. After resolution, the system will connect to the address in management routing instance first, then base routing instance.
If the service is VPRN, then the system only allows HTTP ports 80 and 8080.
Default
no url
Parameters
- url-string
-
Specifies the HTTP URL of the CMPv2 server up to 180 characters.
- service-id service-id
-
Specifies the service instance that used to reach CMPv2 server.
Platforms
All
url
Syntax
url url
no url
Context
[Tree] (config>system>security>pki>ca-prof>auto-crl-update>crl-urls>url-entry url)
Full Context
configure system security pki ca-profile auto-crl-update crl-urls url-entry url
Description
This command specifies the HTTP URL of the CRL file for the url-entry. The system supports both IPv4 and IPv6 HTTP connections.
The URL must point to a DER encoded CRL.
Default
no url
Parameters
- url
-
Specifies the URL, which specifies the location, where an updated CRL can be downloaded from.
Platforms
All
url
Syntax
url url-string [service-id service-id]
url url-string [service-name service-name]
no url
Context
[Tree] (config>system>security>pki>ca-profile>cmp2 url)
Full Context
configure system security pki ca-profile cmp2 url
Description
This command specifies HTTP URL of the CMPv2 server. The URL must be unique across all configured ca-profiles.
The URL will be resolved by the DNS server configured (if configured) in the corresponding router context.
If the service-id is 0 or omitted, then system will try to resolve the FQDN via DNS server configured in bof.cfg. After resolution, the system will connect to the address in management routing instance first, then base routing instance.
If the service is VPRN, then the system only allows HTTP ports 80 and 8080.
Parameters
- url-string
-
Specifies the HTTP URL of the CMPv2 server, up to 180 characters.
- service-id service-id
-
Specifies the service instance that used to reach CMPv2 server.
This variant of this command is only supported in 'classic' configuration-mode (configure system management-interface configuration-mode classic). The url url-string service-name service-name variant can be used in all configuration modes.
- service-name service-name
-
Identifies the service, up to 64 characters.
url-entry
url-entry
Syntax
url-entry entry-id [ create]
no url-entry entry-id
Context
[Tree] (config>system>security>pki>ca-prof>auto-crl-update>crl-urls url-entry)
Full Context
configure system security pki ca-profile auto-crl-update crl-urls url-entry
Description
This command creates a new crl-url entry with the create parameter, or enters an existing url-entry configuration context without create parameter.
The no form of this command removes the specified entry.
Parameters
- entry-id
-
Specifies a URL configured on this system.
- create
-
Creates an auto URL entry.
Platforms
All
url-filter
url-filter
Syntax
url-filter url-filter-name [characteristic characteristic-name]
no url-filter
Context
[Tree] (config>app-assure>group>aqp>entry>action url-filter)
Full Context
configure application-assurance group app-qos-policy entry action url-filter
Description
This command configures a url-filter action for flows matching this entry.
Parameters
- url-filter-name
-
Specifies the name of the url-filter policy.
- characteristic-name
-
Specifies the name of the characteristic.
url-filter
Syntax
url-filter url-filter-name [create]
no url-filter url-filter-name
Context
[Tree] (config>app-assure>group url-filter)
Full Context
configure application-assurance group url-filter
Description
This command configures a URL filter action for flows of a specific type matching this entry.
If no URL filters are specified then no URL filters will be evaluated.
Parameters
- url-filter-name
-
Specifies the Application-Assurance URL filter that will be evaluated.
Platforms
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
url-list
url-list
Syntax
url-list url-list-name [create]
no url-list url-list-name
Context
[Tree] (config>app-assure>group url-list)
Full Context
configure application-assurance group url-list
Description
This command configures a url-list object. The url-list points to a file containing a list of URLs located on the system Compact Flash. The url-list is then referenced in a url-filter object in order to filter and redirect subscribers when a URL from this file is accessed.
The no form of this command removes the url-list object.
Parameters
- url-list-name
-
Specify the Application-Assurance url-list
- create
-
Keyword used to create the URL list.
Platforms
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
url-list
Syntax
url-list url-list-name upgrade
Context
[Tree] (admin>app-assure>group url-list)
Full Context
admin application-assurance group url-list
Description
This command upgrades the URL list.
Parameters
- url-list-name
-
Specifies the application assurance URL list, up to 32 characters.
Platforms
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
urpf-check
urpf-check
Syntax
[no] urpf-check
Context
[Tree] (config>service>ies>if urpf-check)
[Tree] (config>service>vprn>nw-if urpf-check)
[Tree] (config>service>vprn>sub-if>grp-if urpf-check)
[Tree] (config>service>vprn>if urpf-check)
[Tree] (config>service>ies>if>ipv6 urpf-check)
[Tree] (config>service>ies>sub-if>grp-if>ipv6 urpf-check)
[Tree] (config>service>vprn>if>ipv6 urpf-check)
Full Context
configure service ies interface urpf-check
configure service vprn network-interface urpf-check
configure service vprn subscriber-interface group-interface urpf-check
configure service vprn interface urpf-check
configure service ies interface ipv6 urpf-check
configure service ies subscriber-interface group-interface ipv6 urpf-check
configure service vprn interface ipv6 urpf-check
Description
This command enables unicast RPF (uRPF) check on this interface.
The no form of this command disables unicast RPF (uRPF) Check on this interface.
Default
no urpf-check
Platforms
All
- configure service vprn interface ipv6 urpf-check
- configure service ies interface urpf-check
- configure service vprn network-interface urpf-check
- configure service vprn interface urpf-check
- configure service ies interface ipv6 urpf-check
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
- configure service ies subscriber-interface group-interface ipv6 urpf-check
- configure service vprn subscriber-interface group-interface urpf-check
urpf-check
Syntax
[no] urpf-check
Context
[Tree] (config>subscr-mgmt>git>ipv4 urpf-check)
Full Context
configure subscriber-mgmt group-interface-template ipv4 urpf-check
Description
This command enables the uRPF check on this interface.
The no form of this command disables the uRPF check on this interface.
Default
no urpf-check
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
urpf-check
Syntax
urpf-check
no urpf-check
Context
[Tree] (config>service>vprn>network>ingress urpf-check)
Full Context
configure service vprn network ingress urpf-check
Description
This command enables the unicast RPF (uRPF) check of network ingress traffic to include traffic associated with the VPRN if the incoming network interface is configured with the urpf-selected-vprns command
If the command is not configured, then traffic associated with this VPRN that arrives on a network interface with urpf-selected-vprns configured bypasses the uRPF checking options specified for that network interface.
Default
no urpf-check
Platforms
All
urpf-check
Syntax
[no] urpf-check
Context
[Tree] (config>router>if urpf-check)
[Tree] (config>router>if>ipv6 urpf-check)
Full Context
configure router interface urpf-check
configure router interface ipv6 urpf-check
Description
This command enables unicast RPF (uRPF) Check on this interface.
The no form of this command disables unicast RPF (uRPF) Check on this interface.
Platforms
All
urpf-selected-vprns
urpf-selected-vprns
Syntax
[no] urpf-selected-vprns
Context
[Tree] (config>router>if urpf-selected-vprns)
Full Context
configure router interface urpf-selected-vprns
Description
This command enables uRPF checking of incoming traffic on the network interface for the following packets.
-
Packets associated with the global routing table (base router) context.
-
Packets associated with VPRNs that have enabled the uRPF check using the config>service>vprn>network> ingress>urpf-check command.
If the command is not configured, the default action is to perform uRPF checks for all ingress traffic on the network interface (associated with the base router and all VPRNs) based on the IPv4 and IPv6 urpf-check configuration options of the network interface.
Default
no urpf-selected-vprns
Platforms
All
usage-monitoring
usage-monitoring
Syntax
[no] usage-monitoring
Context
[Tree] (config>app-assure>group>statistics>aa-sub usage-monitoring)
Full Context
configure application-assurance group statistics aa-sub usage-monitoring
Description
This command enables Gx usage monitoring the given AA group/partition. It can only be enabled if there is enough usage monitoring resources for all existing subs. Once disabled, all monitoring instances for AA subscribers are silently removed (no PCRF notifications) and all subsequent AA Gx usage monitoring messages are ignored.
Default
no usage-monitoring.
Platforms
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
use-arp
use-arp
Syntax
[no] use-arp
Context
[Tree] (config>service>vprn>if>dhcp use-arp)
[Tree] (config>service>ies>if>dhcp use-arp)
Full Context
configure service vprn interface dhcp use-arp
configure service ies interface dhcp use-arp
Description
This command enables the use of ARP to determine the destination hardware address.
The no form of this command disables the use of ARP to determine the destination hardware address.
Platforms
All
use-bgp-routes
use-bgp-routes
Syntax
[no] use-bgp-routes
Context
[Tree] (config>service>vprn>bgp>next-hop-res use-bgp-routes)
Full Context
configure service vprn bgp next-hop-resolution use-bgp-routes
Description
This command enables the use of BGP routes to resolve BGP next hops. When this command is enabled, any unlabeled IPv4 or IPv6 BGP route received from a VPRN BGP peer becomes resolvable by up to four other BGP routes in order to resolve the route to a VPRN IP interface.
This command also allows unlabeled IPv4 or IPv6 BGP routes leaked from the GRT with unresolved next hops (in the GRT) to be resolvable by BGP-VPN routes (of the VPRN).
The no form of this command reverts to the default behavior. By default, a VPRN BGP route is not resolvable by another VPRN BGP route or by a BGP-VPN route.
Default
no use-bgp-routes
Platforms
All
use-bgp-routes
Syntax
[no] use-bgp-routes
Context
[Tree] (config>router>bgp>next-hop-res use-bgp-routes)
Full Context
configure router bgp next-hop-resolution use-bgp-routes
Description
This command specifies whether to use BGP routes to recursively resolve the BGP next-hop of unlabeled IPv4 and unlabeled IPv6 routes. Up to four levels of recursion are supported.
The no form of this command reverts to the default behavior. By default, a BGP route is not resolvable by another BGP route.
Default
no use-bgp-routes
Platforms
All
use-bgp-routes
Syntax
use-bgp-routes
Context
[Tree] (config>router>bgp>next-hop-res>lbl-routes use-bgp-routes)
Full Context
configure router bgp next-hop-resolution labeled-routes use-bgp-routes
Description
Commands in this context configure labeled route options for next-hop resolution.
Platforms
All
use-broadcast-address
use-broadcast-address
Syntax
[no] use-broadcast-address
Context
[Tree] (config>port>ethernet>dwl use-broadcast-address)
Full Context
configure port ethernet down-when-looped use-broadcast-address
Description
This command specifies whether or not the down when looped destination MAC address is the broadcast address, or the local port MAC address, as specified in the port's MAC address.
Platforms
All
use-broadcast-mac
use-broadcast-mac
Syntax
[no] use-broadcast-mac
Context
[Tree] (config>service>ipipe>sap use-broadcast-mac)
Full Context
configure service ipipe sap use-broadcast-mac
Description
This command enables the user of a of broadcast MAC on SAP.
An Ipipe VLL service with the command enabled forwards unicast IP packets using the broadcast MAC address until the ARP cache is populated with a valid entry for the CE IP and MAC addresses.
The no form of this command enables the user of a of broadcast MAC on SAP.
Default
no use-broadcast-mac
Platforms
All
use-def-mcast
use-def-mcast
Syntax
[no] use-def-mcast
Context
[Tree] (config>service>vpls>isid-policy>entry use-def-mcast)
Full Context
configure service vpls isid-policy entry use-def-mcast
Description
The use-def-mcast option prevents local installation of the ISIDs in the range in the MFIB and uses the default multicast tree instead for a B-VPLS. In a node that does not have I-VPLS or static-isids, this command prevents the building of an MFIB entry for this ISID when received in a SPBM TLV and allows the broadcast of ISID based traffic on the default multicast tree. If an isid-policy exists, the core nodes can have this policy to prevent connectivity problems when some nodes are advertising an ISID and others are not. In a I-VPLS service if the customer MAC (C-MAC) is unknown, a frame will have the Multicast DA for an ISID (PBB-OUI + ISID) flooded on the default multicast tree and not pruned.
Default
no use-def-mcast
Platforms
All
use-default-template
use-default-template
Syntax
[no] use-default-template
Context
[Tree] (config>service>vprn>aaa>rmt-srv>tacplus use-default-template)
[Tree] (config>service>vprn>aaa>remote-servers>radius use-default-template)
Full Context
configure service vprn aaa remote-servers tacplus use-default-template
configure service vprn aaa remote-servers radius use-default-template
Description
This command specifies whether the RADIUS default user template is actively applied to the RADIUS user if no VSAs are returned with the auth-accept from the RADIUS server. When enabled, the radius_default user-template is actively applied if no VSAs are returned with the auth-accept from the RADIUS server and radius authorization is enabled.
The no form of this command disables the use of the RADIUS default template.
Default
no use-default-template
Platforms
All
use-default-template
Syntax
[no] use-default-template
Context
[Tree] (config>system>security>tacplus use-default-template)
Full Context
configure system security tacplus use-default-template
Description
This command specifies whether the user-template tacplus_default is actively applied to the TACACS+ user. When enabled, some parameters of the user-template tacplus_default are actively applied to all users that authenticate via TACACS+. See the user-template tacplus_default command for more details.
When disabled, the parameters of the template are not applied to TACACS+ users, and TACACS+ users can not connect to an SR OS router since the user access parameters are not available. In this case, TACACS+ can only be used for accounting.
Default
use-default-template
Platforms
All
use-default-template
Syntax
[no] use-default-template
Context
[Tree] (config>system>security>radius use-default-template)
Full Context
configure system security radius use-default-template
Description
This command specifies whether the RADIUS default user template is actively applied to the RADIUS user if no VSAs are returned with the auth-accept from the RADIUS server. When enabled, the radius_default user-template is actively applied if no VSAs are returned with the auth-accept from the RADIUS server and radius authorization is enabled.
The no form of this command disables the use of the RADIUS default template.
Default
no use-default-template
Platforms
All
use-default-template
Syntax
[no] use-default-template
Context
[Tree] (config>system>security>ldap use-default-template)
Full Context
configure system security ldap use-default-template
Description
This command specifies whether or not the default template is to be actively applied to LDAP users.
Default
use-default-template
Platforms
All
use-direct-map-as-default
use-direct-map-as-default
Syntax
[no] use-direct-map-as-default
Context
[Tree] (config>subscr-mgmt>sub-ident-pol>app-profile-map use-direct-map-as-default)
Full Context
configure subscriber-mgmt sub-ident-policy app-profile-map use-direct-map-as-default
Description
This command enables direct mapping of application profile as default. With this flag, a script returned string is used as the named profile. If the named profiled cannot be found, the default profile is used.
The no form of this command disables the direct mapping.
Platforms
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
use-direct-map-as-default
Syntax
[no] use-direct-map-as-default
Context
[Tree] (config>subscr-mgmt>sub-ident-pol>sla-profile-map use-direct-map-as-default)
[Tree] (config>subscr-mgmt>sub-prof>sla-prof-map use-direct-map-as-default)
[Tree] (config>subscr-mgmt>sub-ident-pol>sub-profile-map use-direct-map-as-default)
Full Context
configure subscriber-mgmt sub-ident-policy sla-profile-map use-direct-map-as-default
configure subscriber-mgmt sub-profile sla-profile-map use-direct-map-as-default
configure subscriber-mgmt sub-ident-policy sub-profile-map use-direct-map-as-default
Description
This command enables direct mapping of the profiles as default. With this flag, a string returned in authentication is used as the named profile. If the named profiled cannot be found, the default profile is used.
The no form of this command disables direct mapping.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
use-es-bmac
use-es-bmac
Syntax
[no] use-es-bmac
Context
[Tree] (config>service>vpls>pbb use-es-bmac)
Full Context
configure service vpls pbb use-es-bmac
Description
This command is only supported in B-VPLS instances where BGP-EVPN is enabled and controls the source B-MAC used by the system for packets coming from the SAP or spoke-SDPs when they belong to an EVPN Ethernet-Segment.
If enabled, the system will use a source B-MAC derived from the source-bmac (high order four bytes) and the least significant two bytes configured in config>service>system>bgp-evpn>eth-seg>source-bmac-lsb for all the packets coming from the local ethernet-segment.
If no use-es-bmac is configured, the system will use the regular source-bmac (provided by the config>service>vpls>pbb>source-bmac command, or the chassis bmac if the source-bmac is not configured).
Default
no use-es-bmac
Platforms
All
use-gi-address
use-gi-address
Syntax
use-gi-address [scope scope]
Context
[Tree] (config>router>dhcp>server use-gi-address)
[Tree] (config>service>vprn>dhcp>server use-gi-address)
Full Context
configure router dhcp local-dhcp-server use-gi-address
configure service vprn dhcp local-dhcp-server use-gi-address
Description
This command enables the use of gi-address matching. If the gi-address flag is enabled, a pool can be used even if a subnets is not found. If the local-user-db-name is not used, the gi-address flag is used and addresses are handed out by GI only. If a user must be blocked from getting an address the server maps to a local user database and configures the user with no address.
A pool can include multiple subnets. Since the GI is shared by multiple subnets in a subscriber interface the pool may provide IP addresses from any of the subnets included when the GI is matched to any of its subnets. This allows a pool to be created that represents a sub-int.
The no form of the reverts to the default.
Parameters
- scope
-
Specifies if addresses are handed out for a certain subnet where the gi-address belongs to only or for all subnets part of the pool.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
use-global-sampling-rate
use-global-sampling-rate
Syntax
[no] use-global-sampling-rate
Context
[Tree] (config>mirror>mirror-dest use-global-sampling-rate)
Full Context
configure mirror mirror-dest use-global-sampling-rate
Description
This command configures each mirror destination service to use the global sampling rate, which allows a single high-rate sampling rate for the entire system.
The no form of this command disables use of the global sampling rate for the mirror destination service. Disabling the global sampling rate causes each mirror destination to mirror either at the full rate (all packets) or to mirror at the mirror destination sampling rate if the sampling rate is specified under the sampling-rate command.Default
no use-global-sampling-rate
Platforms
All
use-ingress-l2tp-dscp
use-ingress-l2tp-dscp
Syntax
[no] use-ingress-l2tp-dscp
Context
[Tree] (config>subscr-mgmt>sla-prof>egress use-ingress-l2tp-dscp)
Full Context
configure subscriber-mgmt sla-profile egress use-ingress-l2tp-dscp
Description
This command enables the use of the DSCP marking taken from the L2TP header received on an L2TP Access Concentrator (LAC) for egress classification for the subscriber host using the associated sla-profile.
This command is ignored if the ingress packet is not identified as an L2TP packet.
The no form of this command reverts to the default.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
use-lag-port-weight
use-lag-port-weight
Syntax
[no] use-lag-port-weight
Context
[Tree] (config>subscr-mgmt>msap-policy>vpls-only>igmp-snp>mcac>mc-constraints use-lag-port-weight)
Full Context
configure subscriber-mgmt msap-policy vpls-only-sap-parameters igmp-snooping mcac mc-constraints use-lag-port-weight
Description
This command enables port weight to be used when determining available bandwidth per level when LAG ports go down/come up. The command is required for proper operation on mixed port-speed LAGs and can be used for non-mixed port-speed LAGs as well.
The no form of this command reverts to the default.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
use-lag-port-weight
Syntax
use-lag-port-weight
no use-lag-port-weight
Context
[Tree] (config>service>vpls>sap>igmp-snooping>mcac>mc-constraints use-lag-port-weight)
Full Context
configure service vpls sap igmp-snooping mcac mc-constraints use-lag-port-weight
Description
This command enables port weight to be used when determining available bandwidth per level when LAG ports go down/come up. The command is required for correct operation on mixed port-speed LAGs and can be used for non-mixed port-speed LAGs as well.
Default
no use-lag-port-weight — The port number is used when determining available BW per level when LAG ports go down/come up.
Platforms
All
use-lag-port-weight
Syntax
[no] use-lag-port-weight
Context
[Tree] (config>service>vprn>mld>if>mcac>mc-constraints use-lag-port-weight)
[Tree] (config>service>vprn>igmp>if>mcac>mc-constraints use-lag-port-weight)
[Tree] (config>service>vprn>pim>if>mcac>mc-constraints use-lag-port-weight)
Full Context
configure service vprn mld interface mcac mc-constraints use-lag-port-weight
configure service vprn igmp interface mcac mc-constraints use-lag-port-weight
configure service vprn pim interface mcac mc-constraints use-lag-port-weight
Description
This command enables the port weight to be used when determining available bandwidth per level when LAG ports go down or come up. This command is required for proper operation on mixed port-speed LAGs and can also be used for non-mixed port-speed LAGs. The port number is used when determining available the bandwidth per level when LAG ports go down or come up.
Default
no use-lag-port-weight
Platforms
All
use-lag-port-weight
Syntax
[no] use-lag-port-weight
Context
[Tree] (config>router>mld>interface>mcac>mc-constraints use-lag-port-weight)
[Tree] (config>router>mcac>policy>bundle>mc-constraints use-lag-port-weight)
[Tree] (config>router>igmp>interface>mcac>mc-constraints use-lag-port-weight)
[Tree] (config>router>pim>interface>mcac>mc-constraints use-lag-port-weight)
Full Context
configure router mld interface mcac mc-constraints use-lag-port-weight
configure router mcac policy bundle mc-constraints use-lag-port-weight
configure router igmp interface mcac mc-constraints use-lag-port-weight
configure router pim interface mcac mc-constraints use-lag-port-weight
Description
This command enables port weight to be used when determining available bandwidth per level when LAG ports go down/come up. The command is required for proper operation on mixed port-speed LAGs and can be used for non-mixed port-speed LAGs as well.
The port number is used when determining available BW per level when LAG ports go down/come up.
The no form of this command disables the port weight.
Default
no use-lag-port-weight
Platforms
All
use-last-adj-bw
use-last-adj-bw
Syntax
[no] use-last-adj-bw
Context
[Tree] (config>router>mpls>lsp>auto-bandwidth use-last-adj-bw)
Full Context
configure router mpls lsp auto-bandwidth use-last-adj-bw
Description
This command enables the carryover of the last adjusted bandwidth from the previous path to the new path, whether primary or secondary, when the LSP switches between paths. It also creates a context for the configuration of the retry limit for secondary paths.
The no form of this command disables the carryover of the last adjusted bandwidth from the previous path to the new path.
Default
no use-last-adj-bw
Platforms
All
use-link-address
use-link-address
Syntax
use-link-address [scope scope]
no use-link-address
Context
[Tree] (config>router>dhcp6>server use-link-address)
[Tree] (config>service>vprn>dhcp6>server use-link-address)
Full Context
configure router dhcp6 local-dhcp-server use-link-address
configure service vprn dhcp6 local-dhcp-server use-link-address
Description
This command configures the local pool selection for IPv6 address or prefix assignment for the configured link-address under relay configuration. The selected pool will contain a prefix covering the link-address. The scope option defines the scope for the match. With scope subnet, the prefix or address selection is limited to the prefix in the pool that covers the link-address. With scope pool, all the prefixes in the selected pool are eligible for assignment.
The no form of the reverts to the default.
Default
scope subnet
Parameters
- scope
-
Specifies the scope of the IP address selection.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
use-outside-ip-address
use-outside-ip-address
Syntax
[no] use-outside-ip-address
Context
[Tree] (config>li use-outside-ip-address)
Full Context
configure li use-outside-ip-address
Description
This command enables LI to be performed on an L2-Aware NAT subscriber after NAT. The LI traffic will contain the subscriber’s outside public IP address instead of the default private IP address.
The no form of this command disables the use of the outside public IP address for the L2-Aware NAT subscriber.
Platforms
All
use-pool-from-client
use-pool-from-client
Syntax
use-pool-from-client delimiter delimiter
use-pool-from-client
no use-pool-from-client
Context
[Tree] (config>router>dhcp>server use-pool-from-client)
[Tree] (config>service>vprn>dhcp>server use-pool-from-client)
Full Context
configure router dhcp local-dhcp-server use-pool-from-client
configure service vprn dhcp local-dhcp-server use-pool-from-client
Description
This command enables the use of the pool indicated by DHCP client. When enabled, the IP address pool to be used by this server is the pool is indicated by the vendor-specific sub-option 13 of the DHCP option 82. When disabled or if there is no sub-option 13 in the DHCP message, the pool selection falls back to the use-gi-address configuration.
The no form of this command disables the use of the pool indicated by DHCP client.
Parameters
- delimiter
-
A single ASCII character specifies the delimiter of separating primary and secondary pool names in Option82 VSO.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
use-sap-bmac
use-sap-bmac
Syntax
[no] use-sap-bmac
Context
[Tree] (config>service>vpls>pbb use-sap-bmac)
Full Context
configure service vpls pbb use-sap-bmac
Description
This command enables on a per BVPLS basis the use of source B-MACs allocated to multi-homed SAPs (assigned to an MC-LAG) in the related IVPLS or Epipe service. The command will fail if the value of the source-bmac assigned to the BVPLS is the hardware (chassis) B-MAC. That is, the source-bmac must be a configured one.
Default
no use-sap-bmac
Platforms
All
use-sdp-bmac
use-sdp-bmac
Syntax
[no] use-sdp-bmac
Context
[Tree] (config>service>epipe>spoke-sdp use-sdp-bmac)
Full Context
configure service epipe spoke-sdp use-sdp-bmac
Description
This command indicates that this spoke SDP is expected to be part of a redundant pseudowire connected to a PBB Epipe service. Enabling this parameter will cause traffic forwarded from this spoke SDP into the B-VPLS domain to use a virtual backbone MAC as its source MAC address when both this, and the control pseudowire, are in the active state on this BEB. This virtual backbone MAC is derived from the SDP source-bmac-lsb configuration.
This command will fail when configuring it under a spoke SDP within a PBB-Epipe that is connected to a B-VPLS with mac-notification enabled.
Default
no use-sdp-bmac
Platforms
All
use-virtual-mac
use-virtual-mac
Syntax
[no] use-virtual-mac
Context
[Tree] (config>service>vprn>router-advert>if use-virtual-mac)
Full Context
configure service vprn router-advertisement interface use-virtual-mac
Description
This command enables sending router advertisement messages using the VRRP virtual MAC address, provided that the virtual router is currently the master.
If the virtual router is not the master, no router advertisement messages are sent.
The no form of this command disables sending router advertisement messages.
Default
no use-virtual-mac
Platforms
All
use-virtual-mac
Syntax
[no] use-virtual-mac
Context
[Tree] (config>router>router-advert>if use-virtual-mac)
Full Context
configure router router-advertisement interface use-virtual-mac
Description
This command enables sending router advertisement messages using the VRRP virtual MAC address, provided that the virtual router is currently the master.
If the virtual router is not the master, no router advertisement messages are sent.
The no form of this command disables sending router advertisement messages.
Default
no use-virtual-mac
Platforms
All
use-vrtr-if-index
use-vrtr-if-index
Syntax
[no] use-vrtr-if-index
Context
[Tree] (config>cflowd use-vrtr-if-index)
Full Context
configure cflowd use-vrtr-if-index
Description
This command is used to export flow data using interface indexes (ifIndex values), which can be used directly as the index into the IF-MIB tables for retrieving interface statistics. Specifically, if this command is enabled, the ingressInterface (ID=10) and egressInterface (ID= 14) fields in IP flow templates used to export the flow data to cflowd version 9 and version 10 collectors will be populated with the IF-MIB ifIndex of that interface. In addition, for version 10 templates, two fields are available in the IP flow templates to specify the virtual router ID associated with the ingress and egress interfaces.
The no form of this command removes the command from the active configuration and causes cflowd to return to the default behavior of populating the ingress and egress interface ID with the global IF index IDs.
Default
no use-vrtr-if-index
Platforms
All
user
user
Syntax
[no] user user-name
Context
[Tree] (config>system>security user)
Full Context
configure system security user
Description
This command creates a local user and a context to edit the user configuration.
If a new user-name is entered, the user is created. When an existing user-name is specified, the user parameters can be edited.
When creating a new user and then entering the info command, the system displays a password in the output. This is expected behavior in the hash2 scenario. However, when using that user name, there will be no password required. The user can login to the system and then <ENTER> at the password prompt, the user will be logged in.
Unless an administrator explicitly changes the password, it will be null. The hashed value displayed uses the username and null password field, so when the username is changed, the displayed hashed value will change.
The no form of this command deletes the user and all configuration data. Users cannot delete themselves.
Parameters
- user-name
-
Specifies the name of the user up to 32 characters.
Platforms
All
user-db
user-db
Syntax
user-db local-user-db-name
no user-db
Context
[Tree] (config>subscr-mgmt>loc-user-db>ppp>host user-db)
Full Context
configure subscriber-mgmt local-user-db ppp host user-db
Description
This command specifies local user database for PPP PAP/CHAP access.
With this configuration, system will access the specified DB again during PPP PAP/CHAP phase.
This configuration only becomes effective when system is accessing parent DB during PPPoE discovery phase.
The no form of this command removes the name from the configuration.
Parameters
- local-user-db-name
-
Specifies the name of the local user database for PAP/CHAP access.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
user-db
Syntax
user-db local-user-db-name
no user-db
Context
[Tree] (config>service>vprn>sub-if>grp-if>pppoe user-db)
[Tree] (config>service>ies>sub-if>grp-if>pppoe user-db)
Full Context
configure service vprn subscriber-interface group-interface pppoe user-db
configure service ies subscriber-interface group-interface pppoe user-db
Description
This command configures the local user database to use for PPP PAP/CHAP authentication.
The no form of this command reverts to the default.
Parameters
- local-user-db-name
-
Specifies the local user database name, up to 32 characters.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
user-db
Syntax
user-db local-user-db-name [create]
no user-db
Context
[Tree] (config>service>vprn>sub-if>grp-if>ipv6>dhcp6 user-db)
[Tree] (config>service>vprn>sub-if>grp-if>dhcp6 user-db)
[Tree] (config>service>ies>sub-if>grp-if>dhcp6 user-db)
[Tree] (config>service>ies>sub-if>grp-if>ipv6>dhcp6 user-db)
[Tree] (config>service>ies>sub-if>grp-if>dhcp user-db)
[Tree] (config>service>vprn>sub-if>grp-if>dhcp user-db)
[Tree] (config>router>dhcp>server user-db)
Full Context
configure service vprn subscriber-interface group-interface ipv6 dhcp6 user-db
configure service vprn subscriber-interface group-interface dhcp6 user-db
configure service ies subscriber-interface group-interface dhcp6 user-db
configure service ies subscriber-interface group-interface ipv6 dhcp6 user-db
configure service ies subscriber-interface group-interface dhcp user-db
configure service vprn subscriber-interface group-interface dhcp user-db
configure router dhcp local-dhcp-server user-db
Description
This command configures a local user database for authentication.
The no form of this command reverts to the default.
Parameters
- local-user-db-name
-
Specifies the name of a user database, up to 32 characters.
- create
-
Keyword used to create the user database. The create keyword requirement can be enabled or disabled in the environment>create context.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
user-db
Syntax
user-db local-user-db-name
no user-db
Context
[Tree] (config>service>ies>if>ipv6>dhcp6-relay user-db)
[Tree] (config>service>vprn>if>ipv6>dhcp6-relay user-db)
Full Context
configure service ies interface ipv6 dhcp6-relay user-db
configure service vprn interface ipv6 dhcp6-relay user-db
Description
This command enables access to the LUDB for DHCPv6 messages under a routed interface. The name of this LUDB must match the name of the LUDB configured by the config>sub-gmt>local-user-db command.
The no form of this command reverts to the default.
Parameters
- local-user-db-name
-
Specifies the name of the local user database, up to 32 characters.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
user-db
Syntax
user-db local-user-database-name
no user-db
Context
[Tree] (config>subscr-mgmt>gtp>apn-policy>apn user-db)
Full Context
configure subscriber-mgmt gtp apn-policy apn user-db
Description
This command configures the LUDB with which the GTP connection is authenticated.
The no form of this command removes the user database for authentication with this APN. Only new session setups are affected.
Default
no user-db
Parameters
- local-user-database-name
-
Specifies the name of the LUDB to be used, up to 32 characters.
Platforms
7750 SR, 7750 SR-e, 7750 SR-s, VSR
user-db
Syntax
user-db local-user-db-name
no user-db
Context
[Tree] (config>router>l2tp>group>ppp user-db)
[Tree] (config>service>vprn>l2tp>group>tunnel>ppp user-db)
[Tree] (config>router>l2tp>group>tunnel>ppp user-db)
[Tree] (config>service>vprn>l2tp>group>ppp user-db)
Full Context
configure router l2tp group ppp user-db
configure service vprn l2tp group tunnel ppp user-db
configure router l2tp group tunnel ppp user-db
configure service vprn l2tp group ppp user-db
Description
This command configures the local user database to use for PPP PAP/CHAP authentication.
Default
no user-db
Parameters
- local-user-db-name
-
Specifies the local user database name, up to 32 characters.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
user-db
Syntax
user-db local-user-db-name
no user-db
Context
[Tree] (config>service>ies>sub-if>grp-if>wpp user-db)
[Tree] (config>service>vprn>sub-if>grp-if>wpp user-db)
Full Context
configure service ies subscriber-interface group-interface wpp user-db
configure service vprn subscriber-interface group-interface wpp user-db
Description
This command configures the user database.
If configured, the values configured under grp-if will only be used if there is no corresponding value returned from LUDB lookup.
This command specifies the LUDB system use to lookup while creating initial host before WPP authentication. LUDB could return WPP attributes such as portal name, initial-sla-profile, initial-sub-profile, and so on LUDB is configured in config>subscr-mgmt>local-user-db context.
The no form of this command reverts to the default.
Parameters
- local-user-db-name
-
Specifies the Local User Database name up to 32 characters.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
user-db
Syntax
[no] user-db
Context
[Tree] (config>service>ies>sub-if>grp-if>ipv6>rtr-sol user-db)
Full Context
configure service ies subscriber-interface group-interface ipv6 router-solicit user-db
Description
This command enables the use of the local-user-database for authentication.
The no form of this command reverts to the default.
Parameters
- local-user-db-name
-
Specifies the name of the local-user-database to authenticate the router-solicit. The local-user-database can also return a static prefix or a pool name for address assignment.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
user-db
Syntax
user-db local-user-db-name
no user-db
Context
[Tree] (config>service>ies>sub-if>grp-if>ipoe-session user-db)
[Tree] (config>service>vprn>sub-if>grp-if>ipoe-session user-db)
[Tree] (config>service>vpls>sap>ipoe-session user-db)
Full Context
configure service ies subscriber-interface group-interface ipoe-session user-db
configure service vprn subscriber-interface group-interface ipoe-session user-db
configure service vpls sap ipoe-session user-db
Description
This command configures the local user database to use for IPoE session authentication.
When configured on a capture SAP, the group interface must have the same local user database configured.
On a wlan-gw group interface, the no form of this command indicates that the user database is picked from the following sources in the order shown:
-
dhcp
-
ipv6>dhcp6
-
ipv6>router-solicit
If no user database can be found in any of these locations, processing continues as if no user database was configured. This behavior is for backwards compatibility reasons only; when using a LUDB, it should be explicitly added to the IPoE session configuration.
The no form of this command reverts to the default.
Parameters
- local-user-db-name
-
Specifies the local user database name up to 32 characters.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
user-db
Syntax
user-db name
no user-db
Context
[Tree] (config>li>x-interfaces user-db)
Full Context
configure li x-interfaces user-db
Description
This command configures the location of the data-trigger host for the LIC.
The no form of this command reverts to the default.
Parameters
- name
-
Specifies the local user database name, up to 32 characters.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, 7950 XRS
user-equipment-info
user-equipment-info
Syntax
user-equipment-info [type ue-info-type]
no user-equipment-info
Context
[Tree] (config>subscr-mgmt>diam-appl-plcy>gy>include-avp user-equipment-info)
[Tree] (config>subscr-mgmt>diam-appl-plcy>gx>include-avp user-equipment-info)
Full Context
configure subscriber-mgmt diameter-application-policy gy include-avp user-equipment-info
configure subscriber-mgmt diameter-application-policy gx include-avp user-equipment-info
Description
This command includes the user-equipment-info in CCR messages.
The no form of this command resets the command to the default setting.
Default
user-equipment-info type mac
Parameters
- ue-into-type
-
Specifies what is included in the Diameter User-Equipment-Info attribute if included in Diameter Gx messages.
Platforms
7750 SR, 7750 SR-e, 7750 SR-s, VSR
- configure subscriber-mgmt diameter-application-policy gy include-avp user-equipment-info
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
- configure subscriber-mgmt diameter-application-policy gx include-avp user-equipment-info
user-ident
user-ident
Syntax
user-ident user-ident
no user-ident
Context
[Tree] (config>service>vprn>sub-if>grp-if>ipv6>dhcp6 user-ident)
[Tree] (config>service>ies>sub-if>grp-if>ipv6>dhcp6 user-ident)
Full Context
configure service vprn subscriber-interface group-interface ipv6 dhcp6 user-ident
configure service ies subscriber-interface group-interface ipv6 dhcp6 user-ident
Description
This feature is only applicable when DHCPv6-snooping is enabled. The Ethernet header MAC address on DHCPv6 is used as the default key host identification. This command allows addition the keys for identifying the DHCPv6 host. The interface-id can be included in addition to the MAC key to further differentiate each DHCPv6 host.
The no form of this command reverts to the default.
Default
user-ident mac
Parameters
- user-ident
-
Specifies the DHCP6 user-identification for this interface.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
user-ident
Syntax
user-ident user-ident
no user-ident
Context
[Tree] (config>service>vprn>dhcp>server user-ident)
[Tree] (config>router>dhcp>server user-ident)
Full Context
configure service vprn dhcp local-dhcp-server user-ident
configure router dhcp local-dhcp-server user-ident
Description
This command configures the user identification method for the DHCPv4 server.
The no form of the reverts to the default.
Default
user-ident mac-circuit-id
Parameters
- user-ident
-
Specifies the user identification method
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
user-ident
Syntax
user-ident user-ident
no user-ident
Context
[Tree] (config>router>dhcp6>server user-ident)
[Tree] (config>service>vprn>dhcp6>server user-ident)
Full Context
configure router dhcp6 local-dhcp-server user-ident
configure service vprn dhcp6 local-dhcp-server user-ident
Description
This command configures the keys for identification of the DHCPv6 lease being held in the lease-database (for configured period after lease timeout). Subscriber requesting a lease via DHCPv6 that matches an existing lease based on this configured key is handed the matched prefix or address. This allows address and prefix "stickiness” for DHCPv6 assigned prefixes (IA_NA or PD).
The no form of the reverts to the default.
Default
user-ident duid
Parameters
- user-ident
-
Specifies the user identification method.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
user-location-info
user-location-info
Syntax
[no] user-location-info
Context
[Tree] (config>subscr-mgmt>diam-appl-plcy>gx>include-avp user-location-info)
[Tree] (config>subscr-mgmt>diam-appl-plcy>nasreq>include-avp user-location-info)
Full Context
configure subscriber-mgmt diameter-application-policy gx include-avp user-location-info
configure subscriber-mgmt diameter-application-policy nasreq include-avp user-location-info
Description
This command enables the inclusion of the 3GPP-User-Location-Information AVP as signaled in the incoming GTP setup message.
The no form of this command disables the inclusion of the AVP.
Platforms
7750 SR, 7750 SR-e, 7750 SR-s, VSR
user-name
user-name
Syntax
user-name name [create]
no user-name name
Context
[Tree] (config>service>dynsvc>ladb user-name)
Full Context
configure service dynamic-services local-auth-db user-name
Description
This command creates a user name entry in the local authentication database. The user name entry is used to match with the user name of a local authenticated dynamic service data trigger. The user name of a dynamic service data trigger is fixed to the sap-id. When matched, the corresponding authentication data is used to set up the dynamic data services.
The no form of this command removes the user name entry from the local authentication database configuration.
Parameters
- name
-
Specifies the user name entry name, up to 64 characters.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
user-name
Syntax
[no] user-name
Context
[Tree] (config>subscr-mgmt>acct-plcy>include-radius-attribute user-name)
Full Context
configure subscriber-mgmt radius-accounting-policy include-radius-attribute user-name
Description
This command enables the inclusion of the user-name attribute.
The no form of this command disables the inclusion of the user-name attribute.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
user-name
Syntax
user-name user-name
no user-name
Context
[Tree] (config>aaa>radius-srv-plcy>servers>health-check>test-account user-name)
Full Context
configure aaa radius-server-policy servers health-check test-account user-name
Description
This command specifies the username that the test account will use to send its access requests to probe the RADIUS servers.
The no form of this command removes the username from the test-account configuration.
Parameters
- user-name
-
Specifies the probing username, up to 64 characters.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
user-name
Syntax
[no] user-name
Context
[Tree] (config>aaa>isa-radius-plcy>acct-include-attributes user-name)
Full Context
configure aaa isa-radius-policy acct-include-attributes user-name
Description
This command enables the inclusion of user name attributes.
The no form of the command excludes user name attributes.
Default
no user-name
Platforms
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
user-name-format
user-name-format
Syntax
user-name-format format [mac-format mac-format]
user-name-format format append [domain-name] [mac-format mac-format]
user-name-format format append domain-name
user-name-format format default-domain domain-name [mac-format mac-format]
user-name-format format replace domain-name [mac-format mac-format]
user-name-format format strip [mac-format mac-format]
no user-name-format
Context
[Tree] (config>subscr-mgmt>auth-policy user-name-format)
Full Context
configure subscriber-mgmt authentication-policy user-name-format
Description
This command defines the format of the "user-name” field in the session authentication request sent to the RADIUS server.
The no form of this command switches to the default format, mac.
Default
By default, the MAC source address of the DHCPv4 DISCOVER or DCHPv6 SOLICIT message is used in the user-name field.
Parameters
- format
-
Specifies the user name format in RADIUS message.
- mac-format
-
Specifies how a MAC address is represented when contacting a RADIUS server. This is only used while the value of is equal to the DHCP client vendor options and if the MAC address is used by default of the DHCP client vendor options.
Examples:
ab:
00:0c:f1:99:85:b8 7xxx style
XY-
00-0C-F1-99-85-B8 IEEE canonical style
mmmm.
0002.03aa.abff Cisco style
- append
-
Specifies the data type which is an enumerated integer that indicates what needs to be appended to the user-name sent to the RADIUS server.
- domain
-
Specifies to user the domain name. In some instances it is desired to add a domain only to usernames which have omitted the domain (@domain). In these instances a default-domain can be appended to usernames which lack a @domain.
- append
-
Adds a "@” delimiter and the specified string after the PAP/CHAP username. No allowance is made for the presence of an existing domain or @ delimited.
- replace
-
Replaces the character-string after the "@” delimiter with the string specified.
- strip
-
Removes all characters after and including the "@” delimiter.
For example:
Command: append String: domainA-1.com PAP/CHAP User: someuser Resulting User: someuser@domainA-1.com Command: append String: domainA-1.com PAP/CHAP User: someuser@existing-domain.net Resulting User: someuser@existing-domain.net@domainA-1.com Command: strip String: PAP/CHAP User: someuser@existing-domain.net Resulting User: someuser Command: replace String: domainA-1.com PAP/CHAP User: someuser@existing-domain.net Resulting User: someuser@domainA-1.com Command: default-domain String: domainA-1.com PAP/CHAP User: someuser@existing-domain.net Resulting User: someuser@existing-domain.net Command: default-domain String: domainA-1.com PAP/CHAP User: someuser Resulting User: someuser@domainA-1.com
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
user-name-format
Syntax
user-name-format format
no user-name-format
Context
[Tree] (config>subscr-mgmt>diam-appl-plcy>nasreq user-name-format)
Full Context
configure subscriber-mgmt diameter-application-policy nasreq user-name-format
Description
This command defines the format of the User-Name AVP value in Diameter NASREQ AA-Requests for IPoE hosts.
The no form of this command reverts to the default.
Parameters
- format
-
Specifies the format of the User-Name AVP value.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
user-name-format
Syntax
user-name-format user-name-format [mac-format mac-format]
no user-name-format
Context
[Tree] (config>aaa>isa-radius-plcy user-name-format)
Full Context
configure aaa isa-radius-policy user-name-format
Description
This command defines the format of the user-name field in the session authentication request sent to the RADIUS server. For authentication of IPv6 triggers (ICMPv6, DHCPv6, IPv6 data-trigger) the user-name format will always fall back to mac only.
The no form of the command switches to the default format, mac.
Default
user-name-format mac mac-format alu (the MAC source address of the DHCP DISCOVER message is used in the user-name field)
Parameters
- user-name-format
-
Specifies the user name format in RADIUS message.
- mac-format
-
Specifies how a MAC address is represented when contacting a RADIUS server. This is only used while the value of is equal to the DHCP client vendor options and if the MAC address is used by default of the DHCP client vendor options.
Examples:
ab:
00:0c:f1:99:85:b8 Nokia 7xxx style
XY-
00-0C-F1-99-85-B8 IEEE canonical style
mmmm.
0002.03aa.abff Cisco style
Platforms
7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR
user-name-operation
user-name-operation
Syntax
user-name-operation operation [domain domain-name]
no user-name-operation
Context
[Tree] (config>subscr-mgmt>diam-appl-plcy>nasreq user-name-operation)
Full Context
configure subscriber-mgmt diameter-application-policy nasreq user-name-operation
Description
This command enables domain name manipulation of the user name, such as append, strip, replace or add as default.
For IPoE, this command only applies when user-name-format is configured to dhcp-client-vendor-opts.
The no form of this command reverts to the default.
Parameters
- operation
-
Specifies the user name manipulations with respect to domain name values.
- domain-name
-
Specifies the domain name string to be used in the specified operation, up to 128 characters.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
user-srlg-db
user-srlg-db
Syntax
user-srlg-db [enable | disable]
Context
[Tree] (config>router>mpls user-srlg-db)
Full Context
configure router mpls user-srlg-db
Description
This command enables the use of CSPF by the user SRLG database. When the MPLS module makes a request to CSPF for the computation of an SRLG secondary path, CSPF will query the local SRLG and compute a path after pruning links that are members of the SRLG IDs of the associated primary path. When MPLS makes a request to CSPF for an FRR bypass or detour path to associate with the primary path, CSPF queries the user SRLG database and computes a path after pruning links that are members of the SRLG IDs of the PLR outgoing interface.
If an interface was not entered into the user SRLG database, it is assumed that it does not have any SRLG membership. CSPF will not query the TE database for IGP advertised interface SRLG information.
The disable keyword disables the use of the user SRLG database. CSPF will then resume queries into the TE database for SRLG membership information. The user SRLG database is maintained.
Default
user-srlg-db disable
Platforms
All
user-template
user-template
Syntax
user-template {tacplus_default | radius_default | ldap-default}
Context
[Tree] (config>system>security user-template)
Full Context
configure system security user-template
Description
This command configures default security user template parameters.
Parameters
- tacplus_default
-
Specifies the default TACACS+ user template. All parameters of the tacplus_default template except the "profile” are actively applied to all TACACS+ users if tacplus use-default-template is enabled. The profile parameter is used for AAA command authorization if TACACS+ authorization is disabled, or if the TACACS+ server does not return a priv-lvl for a user when use-priv-lvl is enabled under tacplus authorization. See the tacplus authorization command for more details.
- radius_default
-
Specifies the default RADIUS user template. The radius_default template is actively applied to a RADIUS user if radius authorization is enabled, radius use-default-template is enabled, and no VSAs are returned with the auth-accept from the RADIUS server.
- ldap_default
-
Specifies the default LDAP user template.
Platforms
All
username
username
Syntax
username user-name
username user-name no-domain
username user-name domain-only
no username
Context
[Tree] (config>subscr-mgmt>loc-user-db>ppp>host>host-ident username)
Full Context
configure subscriber-mgmt local-user-db ppp host host-identification username
Description
This command specifies the PPPoE username to match for a host lookup. When no-domain or domain-only is specified, the username "user[@domain]" is converted to a user and a domain entity by splitting it on the first @-sign before matching on the specific entity.
This command is only used when username is configured as one of the match-list parameters.
The no form of this command removes the username from the configuration.
Parameters
- username
-
Specifies the user name, up to 253 characters, of this host. For example, "jane@nokia.com”.
- no-domain
-
Only the user user part of the username is specified and used for matching. For example "jane".
- domain-only
-
Only the domain part of the username is specified and used for matching, for example, nokia.com.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
username
Syntax
[no] username username
Context
[Tree] (debug>service>id>ppp username)
Full Context
debug service id ppp username
Description
This command enable PPP debug for the specified username. since not all PPP packets contain username, so a MAC debug filter is created automatically when system sees a PPP packet contain the specified username.
Multiple username filters can be specified in the same debug command.
The no form of this command disables debugging.
Parameters
- user-name
-
Specifies the PPP username.
Platforms
7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR
usm-community
usm-community
Syntax
usm-community community-string [hash | hash2 | custom] group group-name [src-access-list list-name]
no usm-community community-string [hash | hash2 | custom]
Context
[Tree] (config>system>security>snmp usm-community)
Full Context
configure system security snmp usm-community
Description
This command is used to associate a community string with an SNMPv3 access group and its view. The access granted with a community string is restricted to the scope of the configured group.
Nokia’s SR OS implementation of SNMP uses SNMPv3. In order to implement SNMPv1 and SNMPv2c configurations, several access groups are predefined. In order to implement SNMP with security features (Version 3), security models, security levels, and USM communities must be explicitly configured. Optionally, additional views which specify more specific OIDs (MIB objects in the subtree) can be configured.
The no form of this command removes a community string.
Parameters
- community-string
-
Specifies the SNMPv1/SNMPv2c community string to determine the SNMPv3 access permissions to be used. Allowed values are any string up to 32 characters, composed of printable, 7-bit ASCII characters. If the string contains special characters (for example, #, $, spaces), the entire string must be enclosed within double quotes.
- group
-
Specifies the group that governs the access rights of this community string. This group must be configured first in the config>system>security>snmp> access group context. Nokia does not recommend associating a usm-community with an SNMP access group that is configured with the li (lawful intercept) context.
- list-name
-
Specifies the usm-community to reference a specific src-access-list that will be used to validate the source IP address of all received SNMP requests that use this usm-community. Multiple community, usm-community, or vprn snmp community instances can reference the same src-access-list.
Platforms
All
util-stats-interval
util-stats-interval
Syntax
util-stats-interval seconds
Context
[Tree] (config>port>ethernet util-stats-interval)
Full Context
configure port ethernet util-stats-interval
Description
This command configures the interval used to calculate the utilization statistics.
Port utilization statistics are only available for physical Ethernet ports on a host system. These statistics are not available for the following:
-
Ethernet ports on an Ethernet satellite
-
Ethernet ports on a VSR
-
PXC ports
-
vsm-cca-xp ports
Parameters
- seconds
-
Specifies the size of the interval, in seconds.
Platforms
All