e Commands – Part III

Context

[Tree] (config>log event-control)

Full Context

configure log event-control

Description

This command is used to specify that a particular event or all events associated with an application is either generated or suppressed.

Events are generated by an application and contain an event number and description explaining the cause of the event. Each event has a default designation which directs it to be generated or suppressed.

Events are generated with a default severity level that can be modified by using the severity-level option.

Events that are suppressed by default are typically used for debugging purposes. Events are suppressed at the time the application requests the event’s generation. No event log entry is generated regardless of the destination. While this feature can save processor resources, there may be a negative effect on the ability to troubleshoot problems if the logging entries are squelched. In reverse, indiscriminate application may cause excessive overhead.

The rate of event generation can be throttled by using the throttle parameter.

The no form of this command reverts the parameters to the default setting for events for the application or a specific event within the application. The severity, generate, suppress, and throttle options will also be reset to the initial values.

Default

Each event has a set of default settings. To display a list of all events and the current configuration use the event-control command.

Parameters

application-id

The application whose events are affected by this event control filter.

Values

A valid application name. Use the show log applications command to display a list of valid application names. Examples of valid applications are bgp, chassis, efm_oam, filter, security, system, and vrrp.

event-name

To generate, suppress, or revert to default for a single event, enter the specific event short name up to 32 characters. If no event name is specified, the command applies to all events in the application. To display a list of all event short names use the event-control command.

event-number

To generate, suppress, or revert to default for a single event, enter the specific number. If no event number is specified, the command applies to all events in the application.

Values

0 to 4294967295

generate

Specifies that logger event is created when this event occurs. The generate keyword can be used with two optional parameters, severity-level and throttle.

Default

generate

severity-level

An ASCII string representing the severity level to associate with the specified generated events

Default

The system-assigned severity name

Values

cleared, indeterminate, critical, major, minor, warning

throttle

Specifies whether or not events of this type will be throttled. By default, event throttling is on for most event types.

suppress

This keyword indicates that the specified events will not be logged. If the suppress keyword is not specified then the events are generated by default. For example on the 7750 SR, event-control bgp suppress will suppress all BGP events. If a log event is a raising event for a Facility Alarm, and the associated Facility Alarm is raised, then changing the log event to suppress clears the associated Facility Alarm.

Default

generate

specific-throttle-rate events-limit

The log event throttling rate can be configured independently for each log event using this keyword. This specific-throttle-rate overrides the globally configured throttle rate (config>log>throttle-rate) for the specific log event.

Values

1 to 20000

interval seconds

Specifies the number of seconds that the specific throttling intervals lasts.

Values

1 to 1200

disable-specific-throttle

Specifies to disable the specific-throttle-rate.

repeat

Specifies that the log event should be repeated every minute until the underlying condition is cleared. Only supported for the following log events: BGP tBgpMaxNgPfxLmtThresholdReached and PORT tmnxEqPortEtherCrcAlarm (for degrade threshold only)

Platforms

All

Context

[Tree] (config>log event-damping)

Full Context

configure log event-damping

Description

This command allows the user to set the event damping algorithm to suppress QoS or filter change events.

The no form of this command removes the event damping algorithm.

Platforms

All

Context

[Tree] (config>log>event-trigger>event>trigger-entry event-handler)

Full Context

configure log event-trigger event trigger-entry event-handler

Description

This command configures the event handler to be used for this trigger entry.

The no form of this command removes the event handler configuration.

Parameters

event-handler

Specifies the name of the event handler, up to 32 characters.

Platforms

All

Context

[Tree] (config>system>security>cli-script>authorization event-handler)

Full Context

configure system security cli-script authorization event-handler

Description

Commands in this context configure authorization for the Event Handling System (EHS). EHS allows user-controlled programmatic exception handling by allowing a CLI script to be executed upon the detection of a log event.

Platforms

All

Context

[Tree] (config>log event-handling)

Full Context

configure log event-handling

Description

Commands in this context configure event handling within the Event Handler System (EHS).

Platforms

All

Context

[Tree] (config>app-assure>group event-log)

Full Context

configure application-assurance group event-log

Description

This command configures an event log.

Parameters

event-log-name

Specifies the name of the event log.

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>app-assure>group>tcp-validate event-log)

Full Context

configure application-assurance group tcp-validate event-log

Description

This command enables logging of traffic dropped by TCP validation.

The no form of this command disables logging of traffic dropped by TCP validation.

Default

no event-log

Parameters

event-log-name

Specifies the name of the event log up to 32 characters.

all

Logs all dropped traffic. Using the all option allows the operator to capture all discards made by the TCP validation policy, including those related to:

• packets that were received after an RST and discarded

• packets received before TCP session establishment (before SYN) and discarded

Without the all option, discards related to these cases are not captured in any event log.

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>app-assure>group>gtp event-log)

[Tree] (config>app-assure>group>gtp>gtp-filter event-log)

Full Context

configure application-assurance group gtp event-log

configure application-assurance group gtp gtp-filter event-log

Description

This command allows AA to treat traffic on UDP port number 2152 as GTP-u. Without further specifying any other parameters within this GTP context, AA performs basic GTP-u header sanity checks and discards packets that are malformed. This GTP context allows the operator to configure various GTP filters (maximum of 128 GTP filters).

Default

no event-log

Parameters

event-log-name

Specifies the event log name to be used to log discards due to GTP-u basic header sanity checks.

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>app-assure>group>sctp-filter event-log)

Full Context

configure application-assurance group sctp-filter event-log

Description

This command configures an event log for packets dropped by the SCTP filter.

Default

no event-log

Parameters

event-log-name

Specifies the event log name to be used.

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>oam-pm>session>meas-intvl event-mon)

Full Context

configure oam-pm session meas-interval event-mon

Description

This command enables the different threshold events on a specific measurement interval. Only one measurement interval with a configured OAM PM session can have events enabled using the no shutdown command.

Platforms

All

Context

[Tree] (config>port>ethernet>efm-oam>link-mon>errored-frame-seconds event-notification)

[Tree] (config>port>ethernet>efm-oam>link-mon>errored-frame event-notification)

[Tree] (config>port>ethernet>efm-oam>link-mon>errored-frame-period event-notification)

Full Context

configure port ethernet efm-oam link-monitoring errored-frame-seconds event-notification

configure port ethernet efm-oam link-monitoring errored-frame event-notification

configure port ethernet efm-oam link-monitoring errored-frame-period event-notification

Description

Allows the frame error sf-threshold crossing events to transmit the Event Notification OAMPDU with the specific Link Event TLV information. The Event Notification OAM PDU will only be generated when the initial sf-threshold is reached. No subsequent notification will be sent until the event that triggered until the event is manually cleared. The burst parameter under the local-sf-action will determine the number of Event Notification OAMPDUs to generate when the event occurs. The reception of the event notification will be processed regardless of this parameter.

The no version of this command will disable the transmission of the Event Notification OAMPDU for this event type.

Default

event-notification

Platforms

All

Context

[Tree] (config>port>ethernet>efm-oam>link-mon>errored-symbols event-notification)

Full Context

configure port ethernet efm-oam link-monitoring errored-symbols event-notification

Description

This command allows the symbol error event threshold crossing actions to transmit the Event Notification OAM PDU with the specific Link Event TLV information. The Event Notification OAM PDU will only be generated on the initial sf-threshold is reached. No subsequent notification will be sent until the event that triggered the notification clears, through manual intervention or a window where the configured sd-threshold is not reached. The burst parameter under the local-sf-action will determine the number of Event Notification OAM PDUs to generate when the event occurs. The reception of the event notification will be processed regardless of this parameter.

The no version of this command will disable the transmission of the Event Notification OAM PDU for this event type.

Default

event-notification

Platforms

All

Context

[Tree] (config>port>ethernet>efm-oam>peer-rdi-rx event-notification)

Full Context

configure port ethernet efm-oam peer-rdi-rx event-notification

Description

This command defines how to react to the reception of event TLVs contained in the Event Notification OAMPDU. The event TLVs contained in the event notification OAMPDU will be analyzed to determine if the peer has crossed the error threshold for the window. The analysis does not consider any local signal degrades or signal failure threshold. The analysis is based solely on the information receive form the peer. The analysis is performed on all event TLVs contained in the Event Notification OAMPDU without regard for support of a specific error counters or local configuration of any thresholds. In the case of symbol errors only, a threshold below the error rate can be used to return the port to service.

Default

event-notification local-port-action log-only

Parameters

local-port-action

Defines whether or not the local port will be affected when the Event Notification OAM PDU is received from a peer based on the threshold computation for the included TLVs.

log-only

Keyword that prevents the port from being affected when the local peer receives an Event Notification OAM PDU. The event will be logged but the port will remain operational.

out-of-service

Keyword that causes the port to enter a non-operation down state with a port state of link up. The error will be logged upon reception of Event Notification. The port will not be available to service data but will continue to carry Link OAM traffic to ensure the link is monitored. All this assumes the error threshold exceeds the error rate in the TLV.

Platforms

All

Context

[Tree] (config>port>ethernet>efm-oam>link-mon>local-sf-action event-notification-burst)

Full Context

configure port ethernet efm-oam link-monitoring local-sf-action event-notification-burst

Description

This command defines the number of the Event Notification OAM PDU to be send to the peer if the local signal failure threshold (sf-threshold) has been reached. The sending of the Event Notification OAMPDU is configured under the individual monitors.

Interactions: The sf-thresh threshold will trigger these actions.

Parameters

packets

Specifies the number of Event Notification OAM PDUs to send to a peer when the signal failure threshold has been reached.

Values

1 to 5

Platforms

All

Context

[Tree] (config>log event-trigger)

Full Context

configure log event-trigger

Description

Commands in this context configure log events as triggers for Event Handling System (EHS) handlers.

Platforms

All

Context

[Tree] (debug>service>id>sap event-type)

Full Context

debug service id sap event-type

Description

This command enables a particular debugging event type.

The no form of this command disables the event type debugging.

Parameters

arp

Displays ARP events.

config-change

Debugs configuration change events.

oper-status-change

Debugs service operational status changes.

neighbor-discovery

Displays the status of IPv6 neighbor discovery for the sap or the spoke-sdp for the 7450 ESS or 7750 SR only.

Platforms

All

Output

The following output is an example of event-type information.

A:bksim180# debug service id 1000 sap 1/7/1 event-type arp 
DEBUG OUTPUT show on CLI is as follows:
3 2008/11/17 18:13:24.35 UTC MINOR: DEBUG #2001 Base Service 1000 SAP 
1/7/1 "Service 1000 SAP 1/7/1: 
RX: ARP_REQUEST (0x0001)
hwType     : 0x0001
prType     : 0x0800
hwLength   : 0x06
prLength   : 0x04
srcMac     : 8c:c7:01:07:00:03
destMac    : 00:00:00:00:00:00
srcIp      : 10.1.1.2
destIp     : 10.1.1.1
"

4 2008/11/17 18:13:24.35 UTC MINOR: DEBUG #2001 Base Service 1000 
SAP 1/7/1 "Service 1000 SAP 1/7/1: 
TX: ARP_RESPONSE (0x0002)
hwType     : 0x0001
prType     : 0x0800
hwLength   : 0x06
prLength   : 0x04
srcMac     : 00:03:0a:0a:0a:0a
destMac    : 8c:c7:01:07:00:03
srcIp      : 10.1.1.1
destIp     : 10.1.1.2
"

Context

[Tree] (debug>service>id>sdp event-type)

Full Context

debug service id sdp event-type

Description

This command enables a particular debugging event type.

The no form of this command disables the event type debugging.

Parameters

config-change

Debugs configuration change events.

oper-status-change

Debugs service operational status changes.

neighbor-discovery

Displays the status of IPv6 neighbor discovery for the sap or the spoke-sdp for the 7450 ESS or 7750 SR only.

control-channel-status

Debugs control channel status events.

Platforms

All

Context

[Tree] (debug>service>id event-type)

Full Context

debug service id event-type

Description

This command enables a particular debugging event type. The no form of this command disables the event type debugging.

Parameters

config-change

Debugs configuration change events

svc-oper-status-change

Debugs service operational status changes

sap-oper-status-change

Debugs SAP operational status changes

sdpbind-oper-status-change

Debugs SDP operational status changes

Platforms

All

Context

[Tree] (config>call-trace-trace-profile events)

Full Context

configure call-trace trace-profile events

Description

This command configures whether captured traces include events that occurred on the SR OS router, such as mobility and idle-timeout.

Default

events none

Parameters

none

Specifies that no events is traced.

public-only

Specifies that only events that are readable by everyone is traced.

all

Specifies that all events is traced, including events that are encrypted for use by customer support only. Encrypted events are not readable by end-users.

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (debug>router>srrp events)

Full Context

debug router srrp events

Description

This command enables debugging for SRRP packets.

The no form of this command disables debugging.

Platforms

All

Context

[Tree] (debug>router>vrrp events)

Full Context

debug router vrrp events

Description

This command enables debugging for VRRP events.

The no form of the command disables debugging.

Parameters

ip-int-name

Displays the specified interface name.

virtual-router-id

Displays the specified VRID.

ipv6

Debugs the specified IPv6 VRRP interface.

Platforms

All

Context

[Tree] (debug>router>bgp events)

Full Context

debug router bgp events

Description

This command logs all events changing the state of a BGP peer.

The no form of this command disables the debugging.

Parameters

neighbor ip-address

Debugs only events affecting the specified BGP neighbor.

Values

ipv4-address:

• a.b.c.d (host bits must be 0)

ipv6-address:

• x:x:x:x:x:x:x:x [-interface] (eight 16-bit pieces)

• x:x:x:x:x:x:d.d.d.d [-interface]

• x: [0 to FFFF]H

• d: [0 to 255]D

• interface: up to 32 characters for link local addresses

group name

Debugs only events affecting the specified peer group name, up to 64 characters, and associated neighbors.

Platforms

All

Context

[Tree] (debug>router>bmp events)

Full Context

debug router bmp events

Description

This command enables debugging for all BMP events.

The no form of the command disables debugging for all BMP events.

Parameters

station-name

Specifies the station name of the BMP monitoring station, up to 32 characters.

Platforms

All

Context

[Tree] (debug>router>rip events)

Full Context

debug router rip events

Description

This command enables debugging for RIP events.

Parameters

ip-int-name | ip-address

Debugs the RIP events sent on the neighbor IP address or interface.

Platforms

All

Context

[Tree] (debug>router>ripng events)

Full Context

debug router ripng events

Description

This command enables debugging for RIPng events.

Parameters

ip-int-name

Debugs the RIPng events sent on the neighbor IP interface.

Platforms

All

Context

[Tree] (config>service>epipe>bgp-evpn evi)

[Tree] (config>service>vpls>bgp-evpn evi)

Full Context

configure service epipe bgp-evpn evi

configure service vpls bgp-evpn evi

Description

This command allows the configuration of a 2-byte EVPN instance (EVI) unique in the system. It is used for the service-carving algorithm for multi-homing and auto-deriving route target and route distinguishers.

If not specified, the value is zero and no route distinguisher or route targets are auto-derived from it. If the evi value is specified and no other route-distinguisher or route-target is configured in the service, the following rules apply:

• the route distinguisher is derived from <system_ip>:evi

• the route target is derived from <autonomous-system>:evi

If VSI import and export policies are configured, the route target must be configured in the policies and those values take preference over the auto-derived route targets. If bgp-ad>vpls-id and bgp-evpn>evi are both configured on the same service, the VPLS ID auto-derived route target or route distinguisher takes precedence over the values auto-derived from the EVI. The operational route target for a service is displayed in the show service id bgp command.

The no form of this command sets the EVI value back to zero.

Parameters

value

Specifies the EVPN instance.

Values

1 to 16777215

Platforms

All

Context

[Tree] (config>service>system>bgp-evpn>eth-seg>service-carving>manual evi)

Full Context

configure service system bgp-evpn ethernet-segment service-carving manual evi

Description

This command configures the EVI ranges for which the PE is the primary Designated Forwarder, or uses the lowest preference algorithm.

There are two service-carving manual algorithms for DF election:

• manual non-preference

  A preference command is not configured for this algorithm. The primary PE for the configured EVIs is determined by the EVI range. The manual non-preference algorithm only supports two PEs in the Ethernet Segment

• manual preference-based

  If a preference command is configured, the algorithm uses the configured value to determine the DF election. For EVIs not defined in the range, the highest-preference algorithm is used. For configured EVIs, the lowest-preference algorithm is used.

The no form of this command removes the PE from the primary Designated Forwarder role for the range, or sets the preference algorithm back to highest preference.

Parameters

start

Specifies the initial EVI value of the range.

Values

1 to 65535

to

Specifies the end EVI value of the range. If not configured, only the individual start value is considered.

Values

1 to 16777215

Platforms

All

Context

[Tree] (config>service>vprn>bgp-evpn>mpls evi)

[Tree] (config>service>vprn>bgp-evpn>srv6 evi)

Full Context

configure service vprn bgp-evpn mpls evi

configure service vprn bgp-evpn segment-routing-v6 evi

Description

This command configures a 2-byte EVPN instance (EVI) unique in the system.

The router uses the EVI to identify the BGP EVPN instance in a VPRN (for the EVPN-IFL model) or an R-VPLS (for the EVPN-IFF model) that is associated with the Layer 3 Ethernet Segment (ES), for the purpose of IP Aliasing. This configuration is required on the PEs attached to the ES as well as on the remote PEs that need to create ES destinations to the multihoming Layer 3 ES.

The no form of this command removes the EVI value.

Default

no evi

Parameters

value

Specifies the EVPN instance.

Values

1 to 16777215

Platforms

All

• configure service vprn bgp-evpn mpls evi

7450 ESS, 7750 SR, 7750 SR-s, 7950 XRS, VSR

• configure service vprn bgp-evpn segment-routing-v6 evi

Context

[Tree] (config>service>system>bgp-evpn>eth-seg evi)

Full Context

configure service system bgp-evpn ethernet-segment evi

Description

Commands in this context configure the EVI range associated with the VPRN next hop.

Platforms

All

Context

[Tree] (config>service>vprn>bgp-evpn>vxlan evi)

Full Context

configure service vprn bgp-evpn vxlan evi

Description

This command configures the EVI that identifies the BGP EVPN instance in a VPRN (for the EVPN-IFL model) or an R-VPLS (for the EVPN-IFF model) that is associated with the Layer 3 Ethernet segment. This configuration is required on the PEs attached to the Ethernet segment and on the remote PEs that need to create ES destinations to the multihoming (MH) Layer 3 Ethernet segment.

The no form of this command removes the EVI value.

Default

no evi

Parameters

value

Specifies the EVPN instance.

Values

1 to 16777215

Platforms

7750 SR-1, 7750 SR-s

Context

[Tree] (config>service>system>bgp-evpn>eth-seg>evi evi-range)

Full Context

configure service system bgp-evpn ethernet-segment evi evi-range

Description

This command configures the EVI starting range value.

The no form of this command removes the EVI range.

Parameters

start

Specifies the EVPN start value associated to the VPRN next hop.

Values

1 to 16777215

Platforms

All

Context

[Tree] (config>service>vpls>bgp-evpn>vxlan evi-three-byte-auto-rt)

[Tree] (config>service>vpls>bgp-evpn>mpls evi-three-byte-auto-rt)

[Tree] (config>service>epipe>bgp-evpn>mpls evi-three-byte-auto-rt)

[Tree] (config>service>vpls>bgp-evpn>srv6 evi-three-byte-auto-rt)

[Tree] (config>service>epipe>bgp-evpn>srv6 evi-three-byte-auto-rt)

[Tree] (config>service>epipe>bgp-evpn>vxlan evi-three-byte-auto-rt)

Full Context

configure service vpls bgp-evpn vxlan evi-three-byte-auto-rt

configure service vpls bgp-evpn mpls evi-three-byte-auto-rt

configure service epipe bgp-evpn mpls evi-three-byte-auto-rt

configure service vpls bgp-evpn segment-routing-v6 evi-three-byte-auto-rt

configure service epipe bgp-evpn segment-routing-v6 evi-three-byte-auto-rt

configure service epipe bgp-evpn vxlan evi-three-byte-auto-rt

Description

This command specifies that the BGP-EVPN instance import and export route target is auto-derived as described in RFC 8365 (Global-Administrator:A/Type/D-ID/Service-ID).

Where:

• Global Administrator — is the configured 2-octet AS Number. If the configured ASN exceeds the 2 byte limit, the low order 16-bit value will be taken.

• A=0 (for auto-derivation)

• Type=4 (EVI-based route target)

• D-ID= [1..2] — encodes the BGP instance. This allows the auto-derivation of different route targets in multi-instance services. The value is inherited from the corresponding BGP instance.

• Service ID= 3-octet EVI

The no form of this command disallows the derivation of the route target.

Default

no evi-three-byte-auto-rt

Platforms

All

• configure service vpls bgp-evpn mpls evi-three-byte-auto-rt
• configure service epipe bgp-evpn vxlan evi-three-byte-auto-rt
• configure service epipe bgp-evpn mpls evi-three-byte-auto-rt
• configure service vpls bgp-evpn vxlan evi-three-byte-auto-rt

7450 ESS, 7750 SR, 7750 SR-s, 7950 XRS, VSR

• configure service epipe bgp-evpn segment-routing-v6 evi-three-byte-auto-rt
• configure service vpls bgp-evpn segment-routing-v6 evi-three-byte-auto-rt

Context

[Tree] (config>subscr-mgmt>isa-svc-chain evpn)

Full Context

configure subscriber-mgmt isa-service-chaining evpn

Description

This command configures the import mode for the service chaining EVPN service. The import-mode controls the EPVN route types that are imported by the EVPN system.

The no form of this command removes the configuration parameters.

Parameters

service-id

Specifies the service ID of the EVPN.

Values

1 to 2147483647

import-mode

Specifies the import mode of the EVPN.

Values

bridged — The specified EVPN instance imports EVPN route type-2 and type-1 from the peer.

routed — The specified EVPN instance imports EVPN type-1, type-2 and type-5 routes from the peer. Also, the EVPN instance can be configured to export EVPN type-5 routes for NAT pools to the peer.

none — The specified EVPN instance does not import any EVPN routes from the peer but can be configured with NAT pools that are exported to the peer in EVPN type-5 routes.

create

Keyword used to create the EVPN service instance. The create keyword requirement can be enabled or disabled in the environment>create context.

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>router>bgp>group>add-paths evpn)

[Tree] (config>router>bgp>add-paths evpn)

[Tree] (config>router>bgp>group>neighbor>add-paths evpn)

Full Context

configure router bgp group add-paths evpn

configure router bgp add-paths evpn

configure router bgp group neighbor add-paths evpn

Description

This command configures the Add-Paths capability for EVPN routes.

The no form of this command disables Add-Paths support for EVPN routes. This causes sessions that are established using Add-Paths for EVPN to go down and come back up without the Add-Paths capability.

Default

no evpn

Parameters

send-limit

Specifies the maximum number of EVPN paths to send.

Values

1 to 16, none, multipaths

receive

Keyword used to allow multiple EVPN paths per prefix from a peer.

none

Keyword used to specify that the router does not negotiate to receive multiple unlabeled unicast routes per EVPN prefix.

Platforms

All

Context

[Tree] (config>service>ies>if>vpls evpn)

[Tree] (config>service>vprn>if>vpls evpn)

Full Context

configure service ies interface vpls evpn

configure service vprn interface vpls evpn

Description

Commands in this context configure EVPN parameters.

Platforms

All

Context

[Tree] (config>router>ldp>import-pmsi-routes evpn)

Full Context

configure router ldp import-pmsi-routes evpn

Description

This command specifies that the SR OS is to cache inter-as EVPN PMSI AD routes for option B.

The no form of this command disables caching of EVPN PMSI AD routes. The default is disabled, however when an upgrade from a software load that does not supports this command is performed, this command will be enabled after the upgrade.

This command is not enabled if the user is using an older configuration file.

Default

no evpn

Platforms

All

Context

[Tree] (config>service>system>bgp-evpn evpn-etree-leaf-label)

Full Context

configure service system bgp-evpn evpn-etree-leaf-label

Description

This command enables EVPN Ethernet-Tree (E-Tree) VPLS services on the router (not B-VPLS). It allocates an E-Tree leaf label for the Provider Edge (PE) device and configures the ILM entry.

The command ensures that in-flight traffic can perform an ILM entry lookup at any time, and avoid the discards during shutdown or no shutdown services (or at least reduce the timing window so that it does not occur during normal operation or configuration).

The E-Tree leaf label can optionally be statically configured with a value. The label value must be in the static label range of the system.

The no form of this command removes the value from the configuration.

Default

no evpn-etree-leaf-label

Parameters

32..524256

Specifies the E-Tree leaf label

Values

32 to 524256

Platforms

All

Context

[Tree] (config>service>vprn>bgp-evpn>mpls evpn-link-bandwidth)

[Tree] (config>service>vprn>bgp-evpn>srv6 evpn-link-bandwidth)

[Tree] (config>service>vprn>bgp>group evpn-link-bandwidth)

[Tree] (config>service>vprn>bgp>group>neighbor evpn-link-bandwidth)

Full Context

configure service vprn bgp-evpn mpls evpn-link-bandwidth

configure service vprn bgp-evpn segment-routing-v6 evpn-link-bandwidth

configure service vprn bgp group evpn-link-bandwidth

configure service vprn bgp group neighbor evpn-link-bandwidth

Description

Commands in these contexts configure the EVPN link bandwidth.

Platforms

All

• configure service vprn bgp-evpn mpls evpn-link-bandwidth
• configure service vprn bgp group neighbor evpn-link-bandwidth
• configure service vprn bgp group evpn-link-bandwidth

7450 ESS, 7750 SR, 7750 SR-s, 7950 XRS, VSR

• configure service vprn bgp-evpn segment-routing-v6 evpn-link-bandwidth

Context

[Tree] (config>service>vprn>bgp-evpn>vxlan evpn-link-bandwidth)

Full Context

configure service vprn bgp-evpn vxlan evpn-link-bandwidth

Description

Commands in this context configure the EVPN link bandwidth.

Platforms

7750 SR-1, 7750 SR-s

Context

[Tree] (config>service>vpls>bind evpn-mcast-gateway)

Full Context

configure service vpls allow-ip-int-bind evpn-mcast-gateway

Description

Commands in this context configure the EVPN multicast gateway.

The no form of this command sets the PE back to a non-EVPN multicast gateway.

Parameters

create

Keyword used to create an EVPN multicast gateway.

Platforms

All

Context

[Tree] (debug>service>id>igmp-snooping evpn-mpls)

Full Context

debug service id igmp-snooping evpn-mpls

Description

This command shows IGMP packets for EVPN-MPLS destinations. The no form of this command disables the debugging for EVPN-MPLS destinations

Platforms

All

Context

[Tree] (config>service>vpls>proxy-nd evpn-nd-advertise)

Full Context

configure service vpls proxy-nd evpn-nd-advertise

Description

This command enables the advertisement of static or dynamic entries that are learned as host, router, or host and router, (only one option is possible in a specified service). It also determines the R flag (host or router) when sending Neighbor Advertisement (NA) messages for existing EVPN entries in the proxy-ND table.

The router-host command option is only possible when the ARP/ND extended community is advertised along with the MAC/IP routes. It determines that both host and router (dynamic and static) entries are advertised in MAC/IP routes, with an indication whether the entry is host or router in the R flag. These EVPN entries are installed as host or router entries depending on the R flag of the route, and NA messages for them are sent with the proper host or router indication.

configure service vpls proxy-nd shutdown

Default

evpn-nd-advertise router

Parameters

host

Enables the advertisement of static or dynamic entries that are learned as host.

router

Enables the advertisement of static or dynamic entries that are learned as routers.

router-host

Enables the advertisement of static or dynamic entries that are learned as router or host.

Platforms

All

Context

[Tree] (config>service>vpls>mld-snooping evpn-proxy)

[Tree] (config>service>vpls>igmp-snooping evpn-proxy)

Full Context

configure service vpls mld-snooping evpn-proxy

configure service vpls igmp-snooping evpn-proxy

Description

This command enables EVPN proxy for IGMP and MLD snooping.

This no form of this command disables EVPN proxy for IGMP and MLD snooping.

Platforms

All

Context

[Tree] (config>service>vpls>proxy-nd evpn-route-tag)

[Tree] (config>service>vpls>proxy-arp evpn-route-tag)

Full Context

configure service vpls proxy-nd evpn-route-tag

configure service vpls proxy-arp evpn-route-tag

Description

This command configures a local route tag that can be used on export policies to match MAC/IP routes generated by the proxy-ARP or proxy-ND module. For example, if a new active dynamic proxy-ARP entry is added to the proxy-ARP table and evpn-route-tag is 10, an export policy that matches on tag 10 and adds a site-of-origin community SOO-1, allows the router to advertise the MAC/IP route for the proxy-ARP entry with community SOO-1.

The no form of this command removes the route tag for the generated EVPN MAC/IP routes.

Parameters

tag

Specifies the route tag, in either decimal or hexadecimal form.

Values

1 to 255

Platforms

All

Context

[Tree] (config>service>vprn>if>vpls evpn-tunnel)

Full Context

configure service vprn interface vpls evpn-tunnel

Description

This command sets the evpn-tunnel mode for the attached R-VPLS. When enabled for an IPv4 interface, no IPv4 address is required under the same interface. When enabled on an IPv6 interface, the ipv6-gateway-address parameter can be configured as ip or mac.

When configured as evpn-tunnel ipv6-gateway-address ip or simply evpn-tunnel, then:

• on transmission, the router populates the GW IP field of the route type 5 with a Link-Local-Address (LLA) if an explicit global IPv6 address is not configured. Otherwise, the configured IPv6 address is used.

• on reception of routes type 5 for IPv6 prefixes, only routes with non-zero GW IP are processed; the rest of the routes will be treated-as-withdraw.

When configured as evpn-tunnel ipv6-gateway-address mac, then:

• on transmission, the router sends routes type 5 with zero GW IP field, and a MAC extended community of the router, containing the VPRN interface MAC.

• on reception of IPv6 prefix routes, only routes with zero GW IP and non-zero router's MAC are processed; the rest of the routes will be treated-as-withdraw.

The supplementary-broadcast-domain option instructs the data path to exclude EVPN destinations in the Layer 3 lookup for packets coming from an RVPLS SAP and configures the entire set of VPRN as well as attached RVPLS services in OISM mode. Only one SBD RVPLS can exist in a given VPRN. In order to add or remove the supplementary-broadcast-domain option, the entire evpn-tunnel command must first be removed.

The configuration of evpn-tunnel without options is equivalent to the ipv6-gateway-address ip option.

The no form of this command disables the evpn-tunnel mode.

Default

no evpn-tunnel

Parameters

ipv6-gateway-address

Indicates whether the IPv6 Prefix route uses a GW IP or a GW MAC as gateway.

Values

ip, mac

supplementary-broadcast-domain

Specifies to use the EVPN tunnel as a Supplementary Broadcast Domain (SBD). The SBD is used in EVPN OISM to advertise the SMET routes and receive the multicast traffic on egress PEs that are not attached to the source R-VPLS service.

Platforms

All

Context

[Tree] (config>router>policy-options>policy-statement>entry>from evpn-type)

Full Context

configure router policy-options policy-statement entry from evpn-type

Description

This command matches BGP routes based on the EVPN route type. The route types supported in SR OS are the following:

• Type 1 or Auto-Discovery Ethernet Tag route, including both the AD per-ES and AD per-EVI routes Type 2 or MAC/IP route

• Type 2 or MAC/IP route

• Type 3 or IMET route, including Multicast Ethernet Tag

• Type 4 or ES (Ethernet Segment) route Type 5 of IP-prefix route, including IPv4 and IPv6 prefixes

• Type 6 or Selective Multicast Ethernet Tag route, including IPv4 and IPv6 multicast groups

• Type 7 or Multicast Join Synch route, including IPv4 and IPv6 multicast group

• Type 8 or Multicast Leave Synch route, including IPv4 and IPv6 multicast groups

The no form of this command removes the evpn-type matching.

Parameters

name

Specifies the EVPN route type.

Values

1 to 8

Platforms

All

Context

[Tree] (config>qos>sap-egress>queue>drop-tail exceed)

Full Context

configure qos sap-egress queue drop-tail exceed

Description

Commands in this context configure the queue exceed drop tail parameters. The exceed drop tail defines the queue depth beyond which exceed-profile packets will not be accepted into the queue and will be discarded.

Platforms

All

Context

[Tree] (cfg>qos>qgrps>egr>qgrp>queue>drop-tail exceed)

Full Context

configure qos queue-group-templates egress queue-group queue drop-tail exceed

Description

Commands in this context configure the queue exceed drop-tail parameters. The exceed drop tail defines the queue depth beyond which exceed-profile packets will not be accepted into the queue and will be discarded.

Platforms

All

Context

[Tree] (config>sys>security>dist-cpu-protection>policy>local-monitoring-policer exceed-action)

Full Context

configure system security dist-cpu-protection policy local-monitoring-policer exceed-action

Description

This command controls the action performed upon the extracted control packets when the configured policer rates are exceeded.

Default

exceed-action none

Parameters

discard

Discards packets that are nonconforming.

low-priority

Marks packets that are nonconforming as low-priority (discard eligible or out-profile). If there is congestion in the control plane of the SR OS then unmarked (green, hi-prio or in-profile) control packets are given preferential treatment.

none

no hold-down

Platforms

All

Context

[Tree] (config>sys>security>dist-cpu-protection>policy>protocol>dynamic-parameters exceed-action)

[Tree] (config>sys>security>dist-cpu-protection>policy>static-policer exceed-action)

Full Context

configure system security dist-cpu-protection policy protocol dynamic-parameters exceed-action

configure system security dist-cpu-protection policy static-policer exceed-action

Description

This command controls the action performed upon the extracted control packets when the configured policer rates are exceeded.

Default

exceed-action none

Parameters

discard

Discards packets that are nonconforming.

low-priority

Marks packets that are nonconforming as low-priority (for example, discard eligible or out-profile). If there is congestion in the control plane of the SR OS then unmarked (for example, green, hi-prio or in-profile) control packets are given preferential treatment.

hold-down seconds

When this optional parameter is specified, it causes the following "hold-down” behavior.

When the SR OS software detects that an enforcement policer has marked or discarded one or more packets (software may detect this some time after the packets are actually discarded), and an optional hold-down seconds value has been specified for the exceed-action, then the policer will be set into a "mark-all” or "drop-all” mode that cause the following:

• the policer state to be updated as normal

• all packets to be marked (if the action is "low-priority”) or dropped (action = discard) regardless of the results of the policing decisions/actions/state.

The hold-down is cleared after approximately the configured time in seconds after it was set. The hold-down seconds option should be selected for protocols that receive more than one packet in a complete handshake/negotiation (for example, DHCP, PPP). hold-down is not applicable to a local monitoring policer. The "detection-time” will only start after any hold-down is complete. During the hold-down (and the detection-time), the policer is considered as in an "exceed” state. The policer may re-enter the hold-down state if an exceed packet is detected during the detection-time countdown.

Configuring the indefinite parameter value will cause hold down to remain in place until the operator clears it manually using a tools command (tools perform security dist-cpu-protection release-hold-down) or removes the dist-cpu-protection policy from the object.

Configuring the none parameter value will disable hold down.

Values

1 to 10080, indefinite, none

Platforms

All

Context

[Tree] (config>log>acct-policy>cr>ref-policer>e-counters exceed-profile-octets-discarded-count)

[Tree] (config>log>acct-policy>cr>policer>e-counters exceed-profile-octets-discarded-count)

Full Context

configure log accounting-policy custom-record ref-policer e-counters exceed-profile-octets-discarded-count

configure log accounting-policy custom-record policer e-counters exceed-profile-octets-discarded-count

Description

This command includes the exceed profile octets discarded count.

The no form of this command excludes the exceed profile octets discarded count.

Default

no exceed-profile-octets-discarded-count

Platforms

All

Context

[Tree] (config>log>acct-policy>cr>policer>e-counters exceed-profile-octets-forwarded-count)

[Tree] (config>log>acct-policy>cr>ref-policer>e-counters exceed-profile-octets-forwarded-count)

Full Context

configure log accounting-policy custom-record policer e-counters exceed-profile-octets-forwarded-count

configure log accounting-policy custom-record ref-policer e-counters exceed-profile-octets-forwarded-count

Description

This command includes the exceed profile octets forwarded count.

The no form of this command excludes the exceed profile octets forwarded count.

Default

no exceed-profile-octets-forwarded-count

Platforms

All

Context

[Tree] (config>log>acct-policy>cr>policer>e-counters exceed-profile-octets-offered-count)

[Tree] (config>log>acct-policy>cr>ref-policer>e-counters exceed-profile-octets-offered-count)

Full Context

configure log accounting-policy custom-record policer e-counters exceed-profile-octets-offered-count

configure log accounting-policy custom-record ref-policer e-counters exceed-profile-octets-offered-count

Description

This command includes the exceed profile octets offered count.

The no form of this command excludes the exceed profile octets offered count.

Default

no exceed-profile-octets-offered-count

Platforms

All

Context

[Tree] (config>log>acct-policy>cr>ref-policer>e-counters exceed-profile-packets-discarded-count)

[Tree] (config>log>acct-policy>cr>policer>e-counters exceed-profile-packets-discarded-count)

Full Context

configure log accounting-policy custom-record ref-policer e-counters exceed-profile-packets-discarded-count

configure log accounting-policy custom-record policer e-counters exceed-profile-packets-discarded-count

Description

This command includes the exceed profile packets discarded count.

The no form of this command excludes the exceed profile packets discarded count.

Default

no exceed-profile-packets-discarded-count

Platforms

All

Context

[Tree] (config>log>acct-policy>cr>policer>e-counters exceed-profile-packets-forwarded-count)

[Tree] (config>log>acct-policy>cr>ref-policer>e-counters exceed-profile-packets-forwarded-count)

Full Context

configure log accounting-policy custom-record policer e-counters exceed-profile-packets-forwarded-count

configure log accounting-policy custom-record ref-policer e-counters exceed-profile-packets-forwarded-count

Description

This command includes the exceed profile packets forwarded count.

The no form of this command excludes the exceed profile packets forwarded count.

Default

no exceed-profile-packets-forwarded-count

Platforms

All

Context

[Tree] (config>log>acct-policy>cr>ref-policer>e-counters exceed-profile-packets-offered-count)

[Tree] (config>log>acct-policy>cr>policer>e-counters exceed-profile-packets-offered-count)

Full Context

configure log accounting-policy custom-record ref-policer e-counters exceed-profile-packets-offered-count

configure log accounting-policy custom-record policer e-counters exceed-profile-packets-offered-count

Description

This command includes the exceed profile packets offered count.

The no form of this command excludes the exceed profile packets offered count.

Default

no exceed-profile-packets-offered-count

Platforms

All

Context

[Tree] (config>qos>slope-policy exceed-slope)

Full Context

configure qos slope-policy exceed-slope

Description

The exceed-slope context contains the commands and parameters for defining the exceed Random Early Detection (RED) slope graph. Each egress buffer pool supports an exceed RED slope for managing access to the shared portion of the buffer pool for exceed-profile packets.

The exceed-slope parameters can be changed at any time and the affected buffer pool exceed RED slopes are adjusted appropriately.

The no form of this command restores the exceed slope configuration commands to the default values. If the leaf commands within exceed-slope are set to the default parameters, the exceed-slope node will not appear in save config and show config output unless the detail parameter is present.

Platforms

All

Context

[Tree] (debug>service>id>stp exception)

Full Context

debug service id stp exception

Description

This command enables STP debugging for exceptions.

The no form of the command disables debugging.

Platforms

All

Context

[Tree] (config>service>vprn>isis>loopfree-alternates exclude)

Full Context

configure service vprn isis loopfree-alternates exclude

Description

This command excludes from LFA SPF calculation prefixes that match a prefix entry or a tag entry in a prefix policy.

The user can exclude an interface in IS-IS or OSPF, an OSPF area, or an IS-IS level from the LFA SPF.

If a prefix is excluded from LFA, then it will not be included in LFA calculation regardless of its priority. The prefix tag will, however, be used in the main SPF.

The default action of the exclude command, when not explicitly specified by the user in the prefix policy, is a "reject”. Thus, regardless of whether the user has explicitly added the statement "default-action reject” to the prefix policy, a prefix that does not match any entry in the policy is accepted into LFA SPF.

The no form of this command deletes the exclude prefix policy.

Default

no exclude

Platforms

All

Context

[Tree] (config>service>vprn>ospf3>loopfree-alternates exclude)

[Tree] (config>service>vprn>ospf>loopfree-alternates exclude)

Full Context

configure service vprn ospf3 loopfree-alternates exclude

configure service vprn ospf loopfree-alternates exclude

Description

This command excludes from LFA SPF calculation prefixes that match a prefix entry or a tag entry in a prefix policy.

The implementation already allows the user to exclude an interface in IS-IS or OSPF, an OSPF area, or an IS-IS level from the LFA SPF.

If a prefix is excluded from LFA, then it will not be included in LFA calculation regardless of its priority. The prefix tag will, however, be used in the main SPF.

The default action of the exclude command, when not explicitly specified by the user in the prefix policy, is a "reject”. Thus, regardless if the user did or did not explicitly add the statement "default-action reject” to the prefix policy, a prefix that did not match any entry in the policy will be accepted into LFA SPF.

The no form of this command deletes the exclude prefix policy.

Default

no exclude

Platforms

All

Context

[Tree] (config>router>mpls>lsp-template exclude)

[Tree] (config>router>mpls>lsp>primary exclude)

[Tree] (config>router>mpls>lsp exclude)

[Tree] (config>router>mpls>lsp>primary-p2mp-instance exclude)

[Tree] (config>router>mpls>lsp>secondary exclude)

Full Context

configure router mpls lsp-template exclude

configure router mpls lsp primary exclude

configure router mpls lsp exclude

configure router mpls lsp primary-p2mp-instance exclude

configure router mpls lsp secondary exclude

Description

This command specifies the admin groups to be excluded when an LSP is set up. Up to five groups per operation can be specified, up to 32 maximum. The admin groups are defined in the config>router>if-attribute>admin-group context.

The config>router>mpls>lsp>primary-p2mp-instance>exclude command is not supported on the 7450 ESS.

Use the no form of this command to remove the exclude command.

Default

no exclude

Parameters

group-name

Specifies the existing group-name to be excluded when an LSP is set up.

Platforms

All

Context

[Tree] (config>router>admin-tags>route-admin-tag-policy exclude)

Full Context

configure router admin-tags route-admin-tag-policy exclude

Description

This configures an admin tag to be excluded when matching a route against an LSP.

Up to eight exclusion statements are supported per policy.

The no form of this command removes the admin tag from the exclude statement.

Parameters

tag

Specifies the value of the admin tag, up to 32 characters.

Platforms

All

Context

[Tree] (config>router>fad>flex-algo exclude)

Full Context

configure router flexible-algorithm-definitions flex-algo exclude

Description

Commands in this context configure administrative groups that will be excluded from the flexible algorithm topology graph.

If the defined FAD includes administrative groups link in its exclude list, the specified links are excluded from the topology graph.

Platforms

All

Context

[Tree] (config>router>isis>loopfree-alternates exclude)

Full Context

configure router isis loopfree-alternates exclude

Description

Commands in this context configure a prefix policy for excluding specific prefixes in the LFA calculation by ISIS or OSPF.

Platforms

All

Context

[Tree] (config>router>ospf>loopfree-alternates exclude)

[Tree] (config>router>ospf3>loopfree-alternates exclude)

Full Context

configure router ospf loopfree-alternates exclude

configure router ospf3 loopfree-alternates exclude

Description

Commands in this context configure a prefix policy for excluding specific prefixes in the LFA calculation by ISIS or OSPF.

Platforms

All

Context

[Tree] (config>router>dhcp>server>pool>subnet exclude-addresses)

[Tree] (config>service>vprn>dhcp>server>pool>subnet exclude-addresses)

Full Context

configure router dhcp local-dhcp-server pool subnet exclude-addresses

configure service vprn dhcp local-dhcp-server pool subnet exclude-addresses

Description

This command specifies a range of IP addresses that excluded from the pool of IP addresses in this subnet.

The no form of the removes the parameters from the configuration.

Parameters

start-ip-address

Specifies the start address of this range to exclude. This address must be unique within the subnet and specified in dotted decimal notation. Allowed values are IP addresses in the range 1.0.0.0 – 223.255.255.255 (with support of /31 subnets).

Values

a.b.c.d

end-ip-address

Specifies the end address of this range to exclude. This address must be unique within the subnet and specified in dotted decimal notation. Allowed values are IP addresses in the range 1.0.0.0 – 223.255.255.255 (with support of /31 subnets).

Values

a.b.c.d

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>router>l2tp exclude-avps)

[Tree] (config>service>vprn>l2tp exclude-avps)

Full Context

configure router l2tp exclude-avps

configure service vprn l2tp exclude-avps

Description

This command configures the L2TP AVPs to exclude.

Default

no exclude-avps

Parameters

calling-number

Specifies to exclude the AVP calling-number.

initial-rx-lcp-conf-req

Specifies to exclude the AVP initial-rx-lcp-conf-req.

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>oam-pm>bin-group>bin-type exclude-from-avg)

Full Context

configure oam-pm bin-group bin-type exclude-from-avg

Description

This optional command allows the results from probes that map to the specified bins within the bin type to be excluded from the average calculation. Individual counters are incremented in the bin, but the average is not affected by the value of the excluded delay metric for the individual probes in this bin. The bin group does not allow this command to be added, modified, or deleted when a test is actively referencing the bin group. Sessions that reference the bin group must have the bin group and tests shut down before changes can be made.

The no form of this command removes the exclusion, and all bins are included in the average calculation.

Default

no exclude-from-avg forward

no exclude-from-avg backward

no exclude-from-avg round-trip

Parameters

forward

Specifies the forward direction bin.

backward

Specifies the backward direction bin.

round-trip

Specifies the round-trip direction bin.

bin-numbers

Specifies the bin numbers to be excluded from the average calculation. The values typically represent, but are not restricted to, the highest and lowest configured bins in order to eliminate outlying results that are not representative of network performance.

A hyphen can be entered between bin numbers to include a continuous sequence of bins; for example, entering 7-9 would specify bins 7, 8, and 9. Commas can be entered between bin numbers to include separate or non-continuous bins; for example, entering 0,8,9 would specify bins 0, 8, and 9. Both hyphens and commas can be used in this manner in the same configuration; for example, entering 0,7-9 would include bins 0, 7, 8, and 9. All bin numbers specified as part of this command must be configured. If a specified bin does not exist, the command fails.

Values

0 to 9

Platforms

All

Context

[Tree] (config>router>route-next-hop-policy>template exclude-group)

Full Context

configure router route-next-hop-policy template exclude-group

Description

This command configures the admin group constraint into the route next-hop policy template.

Each group is entered individually. The include-group statement instructs the LFA SPF selection algorithm to pick up a subset of LFA next-hops among the links that belong to one or more of the specified admin groups. A link that does not belong to at least one of the admin-groups is excluded. However, a link can still be selected if it belongs to one of the groups in an include-group statement but also belongs to other groups that are not part of any include-group statement in the route next-hop policy.

The pref option is used to provide a relative preference for the admin group to select. A lower preference value means that LFA SPF will first attempt to select an LFA backup next-hop that is a member of the corresponding admin group. If none is found, then the admin group with the next highest preference value is evaluated. If no preference is configured for a given admin group name, then it is supposed to be the least preferred, that is, numerically the highest preference value.

When evaluating multiple include-group statements within the same preference, any link that belongs to one or more of the included admin groups can be selected as an LFA next-hop. There is no relative preference based on how many of those included admin groups the link is a member of.

The exclude-group statement simply prunes all links belonging to the specified admin group before making the LFA backup next-hop selection for a prefix.

If the same group name is part of both include and exclude statements, the exclude statement will win. It other words, the exclude statement can be viewed as having an implicit preference value of zero (0).

The admin-group criteria are applied before running the LFA next-hop selection algorithm.

The no form deletes the admin group constraint from the route next-hop policy template.

Parameters

ip-admin-group-name

Specifies the name of the group, up to 32 characters.

Platforms

All

Context

[Tree] (config>port>ethernet>dot1x>macsec exclude-mac-policy)

Full Context

configure port ethernet dot1x macsec exclude-mac-policy

Description

This command specifies the MAC policy to be excluded from MACsec encryption.

The no form of this command removes the policy from the MACsec and allows all destination MAC addresses.

Default

no exclude-mac-policy

Parameters

mac-policy-id

Specifies the MAC policy to exclude from the configuration.

Values

0 to 4294967295

Platforms

All

Context

[Tree] (config>router>mpls>lsp exclude-node)

Full Context

configure router mpls lsp exclude-node

Description

This command enables the option to include XRO object in the bypass LSP PATH message object. The exclude-node option is required for manual bypass LSP with XRO to FRR protect ABR node in a multi-vendor network deployment. This command must be configured on the PLR node that protects the ABR node. The ABR node IP address must be configured as exclude-node.

Default

no exclude-node

Platforms

All

Context

[Tree] (config>router>dhcp6>server>pool exclude-prefix)

[Tree] (config>service>vprn>dhcp6>server>pool exclude-prefix)

Full Context

configure router dhcp6 local-dhcp-server pool exclude-prefix

configure service vprn dhcp6 local-dhcp-server pool exclude-prefix

Description

This command defines a prefix that to be excluded from available prefix in the pool for DHCP6. The typical use case is to exclude the interface address.

• A held lease is deleted if it got excluded by an exclude prefix.

• An exclude range can never exclude only a part of an existing lease. If for example a /63 PD is assigned, an exclude of /64 which belongs to this /63 cannot be configured.

• A single exclude prefix can never exclude a whole include prefix.

• When applying or removing an exclude prefix, the threshold stats are adjusted to reflect the actual address space and its usage.

The no form of this command removes the prefix that is to be excluded from available prefix in the pool.

Parameters

ipv6-prefix/prefix-length

Specifies an IPv6 prefix and prefix length.

Values

ipv6-prefix	x:x:x:x:x:x:x:x (eight 16-bit pieces)
		x:x:x:x:x:x:d.d.d.d
		x - [0 to FFFF]H
		d - [0 to 255]D
	prefix-length	0 to 128

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>port>ethernet>dot1x>macsec exclude-protocol)

Full Context

configure port ethernet dot1x macsec exclude-protocol

Description

Specifies protocols whose packets are not secured using Media Access Control Security (MACsec) when MACsec is enabled on a port.

When this option is enabled in a connectivity association that is attached to an interface, MACsec is not enabled for all packets of the specified protocols that are sent and received on the link.

When this option is enabled on a port where MACsec is configured, packets of the specified protocols are sent and accepted in cleartext.

The no form of this command secures the packets of the specified protocol.

Default

no exclude-protocol

Parameters

protocol-name

Specifies the protocol name.

Values

cdp, lacp, lldp, eapol-start, efm-oam, eth-cfm, ptp, ubfd

Platforms

All

Context

[Tree] (config>app-assure>group>statistics>aa-sub exclude-tcp-retrans)

Full Context

configure application-assurance group statistics aa-sub exclude-tcp-retrans

Description

This command is to only to EPC. When enabled, TCP errors and retransmission packets are not counted for the purpose of CBC. This setting has no impact on app/app-group aggregate AA stats.

Default

no exclude-tcp-retrans

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>router>policy-options exclusive-lock-time)

Full Context

configure router policy-options exclusive-lock-time

Description

This command specifies the inactivity timer for the exclusive lock time for policy editing. When a session is idle for greater than this time, the lock is removed and the configuration changes is aborted.

Default

exclusive-lock-time 300

Parameters

seconds

Specifies the duration the session with exclusive lock may be inactive.

Values

Values: 1 to 3600

Platforms

All

Context

[Tree] (exec)

Full Context

exec

Description

This command executes the contents of a text file as if they were CLI commands entered at the console.

exec commands do not have no versions.

Related Commands:

boot-bad-exec: Use this command to configure a URL for a CLI script to exec following a failed configuration boot.

boot-good-exec: Use this command to configure a URL for a CLI script to exec following a successful configuration boot.

stdin can be used as the source of commands for the exec command. When stdin is used as the exec command input, the command list is terminated with <Ctrl-C>, "EOF<Return>” or "eof_string<Return>”.

If an error occurs entering an exec file sourced from stdin, all commands after the command returning the error will be silently ignored. The exec command will indicate the command error line number when the stdin input is terminated with an end-of-file input.

Example:

Assume the test.cfg file has the following commands:

echo $(1)

echo $(2)

echo $(3)

Enter the following command:

exec test.cfg –arguments 10 20 30

The output from this command will be:

10
20
30

Parameters

-echo

Echoes the contents of the exec file to the session screen as it executes.

Default

echo disabled

-syntax

Performs a syntax check of the file without executing the commands. Syntax checking will be able to find invalid commands and keywords, but it will not be able to validate erroneous user- supplied parameters.

Default

execute file commands

file-name

Specifies the text file with CLI commands to execute, up to 256 characters.

eof-marker-string

Specifies the ASCII printable string used to indicate the end of the exec file when stdin is used as the exec file source. <Ctrl-C> and "EOF” can always be used to terminate an exec file sourced from stdin up to 254 characters.

Default

EOF

-argument

Specifies up to five arguments, each up to 256 characters.

Platforms

All

Context

[Tree] (debug>dynsvc>scripts>inst>event executed-cmd)

[Tree] (debug>dynsvc>scripts>script>event executed-cmd)

[Tree] (debug>dynsvc>scripts>event executed-cmd)

Full Context

debug dynamic-services scripts instance event executed-cmd

debug dynamic-services scripts script event executed-cmd

debug dynamic-services scripts event executed-cmd

Description

This command enables/disables the generation of a specific dynamic data service script debugging event output: executed-cmd.

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>subscr-mgmt>cat-map>category exhausted-credit-service-level)

Full Context

configure subscriber-mgmt category-map category exhausted-credit-service-level

Description

Commands in this context configure the exhausted credit service level.

The no form of this command reverts to the default.

Default

exhausted-credit-service-level

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (exit)

Full Context

exit

Description

This command returns to the context from which the current level was entered. For example, to navigate to the current level on a context by context basis, then the exit command only moves the cursor back one level.

A:ALA-1# configure
A:ALA-1>config# router
A:ALA-1>config>router# ospf
A:ALA-1>config>router>ospf# exit
A:ALA-1>config>router# exit
A:ALA-1>config# exit

When navigating to the current level by entering a command string, the exit command returns the cursor to the context in which the command was initially entered.

A:ALA-1# configure router ospf
A:ALA-1>config>router>ospf# exit
A:ALA-1#

The exit all command moves the cursor all the way back to the root level.

A:ALA-1# configure
A:ALA-1>config# router
A:ALA-1>config>router# ospf
A:ALA-1>config>router>ospf# exit all
A:ALA-1#

Parameters

all

Exits back to the root CLI context.

Platforms

All

Context

[Tree] (config>port>otu>pm-tti expected)

Full Context

configure port otu pm-tti expected

Description

This command allows the user to configure the expected RX trail trace identifier (TTI) for path monitoring (PM) in the ODU overhead. This identifier can be a string or a non-printable sequence of bytes. The length of the string or sequence of bytes cannot exceed 64 bytes. This trace should match the far-end port’s PM trace. When this trace does not match the received PM trace, the ODU-TIM alarm will be reported if enabled.

Default

Blank (all zeros)

Parameters

auto-generated

Sets the default.

identifier

Sets the PM TTI to the string provided by the user. If the string is less than 64 bytes, the remaining bytes will be set to 0. Up to 64 byte strings can be specified in a single statement.

byte-string

[byte1 byte2 to byte64]. Sets the PM TTI to the sequence of bytes provided by the user. If the user provides less than 64 bytes, the remaining bytes will be set to 0.

use-rx

Copies the received pm-tti to the expected either as a string or a sequence of bytes depending on the received pm-tti data.

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, 7950 XRS

Context

[Tree] (config>port>otu>psi-payload expected)

Full Context

configure port otu psi-payload expected

Description

This command allows the user to configure the expected received payload type value in byte 0 of the Payload structure identifier (PSI) of the OPU overhead. When this values does not match the received value, the OPU-PLM alarm will be reported if it is enabled.

Default

3 for 10GE-LAN/WAN or OC192 with OTU encapsulation; 5 for GFP framed 10GE-LAN with OTU encapsulation.

Parameters

auto

Sets the expected value to the standard value in the payload type field.

byte

Specifies the expected received payload type value in bytes.

Values

[00 to FF] Hexadecimal notation

Default

00

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, 7950 XRS

Context

[Tree] (config>port>otu>sm-tti expected)

Full Context

configure port otu sm-tti expected

Description

This command enables the user to configure the expected RX Trail Trace Identifier (TTI) for Section Monitoring (SM) in the OTU overhead. This identifier can be a string or a non-printable sequence of bytes. The length of the string or sequence of bytes cannot exceed 64 bytes. This trace should match the expected far-end port’s SM trace. When this trace does not match the received SM trace, the OTU-TIM alarm will be reported if enabled.

Default

Blank (all zeros)

Parameters

auto-generated

Sets the default.

identifier

Sets the PM TTI to the string provided by the user. If the string is less than 64 bytes, the remaining bytes will be set to 0. Up to 64 byte strings can be specified in a single statement.

byte-string

[byte1 byte2 to byte64]. Sets the PM TTI to the sequence of bytes provided by the user. If the user provides less than 64 bytes, the remaining bytes will be set to 0.

use-rx

Copies the received pm-tti to the expected either as a string or a sequence of bytes depending on the received pm-tti data.

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, 7950 XRS

Context

[Tree] (config>app-assure>group>tether-detect>sngl-dev expected-ttl)

Full Context

configure application-assurance group tethering-detection single-device expected-ttl

Description

This command configures the expected TTL values for single-device tethering detection.

Parameters

ttl-value

Specifies an expected TTL traffic value from host devices.

Values

1 to 255

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>system>script-control>script-policy expire-time)

Full Context

configure system script-control script-policy expire-time

Description

This command is used to configure the maximum amount of time to keep the run history status entry from a script run.

Default

expire-time 3600

Parameters

seconds

Specifies the time to keep the run history status entry, in seconds.

Values

0 to 21474836

Default

3600 (1 hour)

forever

Specifies to keep the run history status entry indefinitely.

Platforms

All

Context

[Tree] (config>subscr-mgmt>msap-policy>igmp-host-tracking expiry-time)

Full Context

configure subscriber-mgmt msap-policy igmp-host-tracking expiry-time

Description

This command configures the time that the system continues to track inactive hosts.

The no form of this command removes the values from the configuration.

Parameters

expiry-time

Specifies the time, in seconds, that this system continues to track an inactive host.

Values

1 to 65535

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>service>vprn>sub-if>grp-if>sap>igmp-trk expiry-time)

Full Context

configure service vprn subscriber-interface group-interface sap igmp-host-tracking expiry-time

Description

This command configures the time that the system continues to track inactive hosts.

The no form of this command removes the values from the configuration.

Parameters

expiry-time

Specifies the time, in seconds, that this system continues to track an inactive host.

Values

1 to 65535

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>service>vpls>sap>igmp-host-tracking expiry-time)

[Tree] (config>service>vpls>igmp-host-tracking expiry-time)

Full Context

configure service vpls sap igmp-host-tracking expiry-time

configure service vpls igmp-host-tracking expiry-time

Description

This command configures the time that the system continues to track inactive hosts.

The no form of this command removes the values from the configuration.

Default

no expiry-time

Parameters

expiry-time

Specifies the time, in seconds, that this system continues to track an inactive host

Values

1 to 65535

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>service>ies>igmp-host-tracking expiry-time)

[Tree] (config>service>ies>sub-if>grp-if>sap>igmp-host-tracking expiry-time)

Full Context

configure service ies igmp-host-tracking expiry-time

configure service ies subscriber-interface group-interface sap igmp-host-tracking expiry-time

Description

This command configures the time that the system continues to track inactive hosts.

The no form of this command removes the values from the configuration.

Default

no expiry-time

Parameters

expiry-time

Specifies the time, in seconds, that this system continues to track an inactive host.

Values

1 to 65535

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>service>vprn>igmp-trk expiry-time)

[Tree] (config>service>vprn>sap>igmp-trk expiry-time)

Full Context

configure service vprn igmp-host-tracking expiry-time

configure service vprn sap igmp-trk expiry-time

Description

This command configures the time that the system continues to track inactive hosts.

The no form of this command removes the values from the configuration.

Default

no expiry-time

Parameters

expiry-time

Specifies the time, in seconds, that this system continues to track an inactive host.

Values

1 to 65535

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>mcast-mgmt>mcast-info-plcy>bundle>source-override explicit-sf-path)

[Tree] (config>mcast-mgmt>mcast-info-plcy>bundle>channel explicit-sf-path)

Full Context

configure mcast-management multicast-info-policy bundle source-override explicit-sf-path

configure mcast-management multicast-info-policy bundle channel explicit-sf-path

Description

This command defines an explicit ingress switch fabric multicast path assigned to a multicast channel. When defined, the channel is setup with the explicit path as its inactive path. When an explicit path is not defined, all multicast channels are initialized on the secondary path and when they start to consume bandwidth, they are moved to the appropriate path based on the channel attributes and path limitations. Explicit path channels are not allowed to move from their defined path.

The explicit-sf-path command in the bundle context defines the initial path for all channels associated with the bundle unless the channel has an overriding explicit-sw-path defined in the channel context. The channel context may also be overridden by the explicit-sf-path command in the source-override context. The channel and source-override explicit-sf-path settings default to null (undefined) and have no effect unless explicitly set.

The no form of this command restores default path association behavior (dynamic or null depending on the context).

Parameters

primary

The primary and secondary keywords are mutually exclusive to one another. One keyword must be specified when executing the explicit-sf-path command. The primary keyword specifies that the primary ingress multicast path should be used as the explicit path for the channel.

secondary

The primary and secondary keywords are mutually exclusive to one another. One keyword must be specified when executing the explicit-sf-path command. The secondary keyword specifies that the secondary ingress multicast path should be used as the explicit path for the channel.

Override sequence — The channel setting overrides the bundle setting. The source-override setting overrides the channel and bundle settings.

Platforms

7450 ESS, 7750 SR-1x-48D, 7750 SR-1x-92S, 7750 SR-7/12/12e, 7750 SR-s, 7950 XRS, VSR

Context

[Tree] (config>subscriber-mgmt explicit-subscriber-map)

Full Context

configure subscriber-mgmt explicit-subscriber-map

Description

This command configures an explicit subscriber mapping.

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>system>login-control exponential-backoff)

Full Context

configure system login-control exponential-backoff

Description

This command enables the exponential-backoff of the login prompt. The exponential-backoff command is used to deter dictionary attacks, when a malicious user can gain access to the CLI by using a script to try admin with any conceivable password.

The no form of this command disables exponential-backoff.

Default

no exponential-backoff

Platforms

All

Context

[Tree] (config>router>mpls exponential-backoff-retry)

Full Context

configure router mpls exponential-backoff-retry

Description

This command enables the use of an exponential back-off timer when re-trying an LSP. When an LSP path establishment attempt fails, the path is put into retry procedures and a new attempt will be performed at the expiry of the user-configurable retry timer (config>router>mpls>lsp>retry-timer). By default, the retry time is constant for every attempt. The exponential back-off timer procedures will double the value of the user configured retry timer value at every failure of the attempt to adjust to the potential network congestion that caused the failure. An LSP establishment fails if no Resv message was received and the Path message retry timer expired or a PathErr message was received before the timer expired.

Platforms

All

Context

[Tree] (config>subscr-mgmt>isa-svc-chain>evpn export)

Full Context

configure subscriber-mgmt isa-service-chaining evpn export

Description

Commands in this context configure information related to the export of EVPN BGP routes related to service chaining.

The no form of this command disables exporting EVPN BGP routes related to service chaining

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>subscr-mgmt>bgp-prng-plcy export)

Full Context

configure subscriber-mgmt bgp-peering-policy export

Description

This command specifies the export policies to be used to control routes advertised to BGP neighbors.

When multiple policy names are specified, the policies are evaluated in the order they are specified. A maximum of five (5) policy names can be configured. The first policy that matches is applied.

The no form of this command removes all route policy names from the export list.

Default

no export — BGP advertises routes from other BGP routes but does not advertise any routes from other protocols unless directed by an export policy.

Parameters

policy

Specifies a route policy statement name, up to 32 characters.

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>service>ies>sub-if>wlan-gw>redundancy export)

Full Context

configure service ies subscriber-interface wlan-gw redundancy export

Description

This command specifies an IPv4 route (prefix/length) per subscriber-interface to be exported (announced) to indicate liveness of the subscriber-interface on the WLAN-GW. This route is the one that is monitored in routing by the peer WLAN-GW to decide its state with respect.

The no form of this command reverts to the default.

Parameters

ip-prefix/length

Specifies the IP prefix and length.

Values

ip-prefix:a.b.c.d

ip-prefix-length: 0 to 32

Platforms

7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>service>vprn>bgp>group>neighbor export)

[Tree] (config>service>vprn>bgp export)

[Tree] (config>service>vprn>bgp>group export)

Full Context

configure service vprn bgp group neighbor export

configure service vprn bgp export

configure service vprn bgp group export

Description

This command is used to specify route policies that control how outbound routes transmitted to certain peers are handled. Route policies are configured in the config>router>policy-options context.

This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in a peer-group) or neighbor level (only applies to the specified peer). The most specific level is used.

The export command can reference up to 15 objects, where each object is either a policy logical expression or the name of a single policy. The objects are evaluated in the specified order to determine the modifications of each route and the final action to accept or reject the route.

Only one of the 15 objects referenced by the export command can be a policy logical expression consisting of policy names (enclosed in square brackets) and logical operators (AND, OR, NOT). The first of the 15 objects has a maximum length of 255 characters while the remaining 14 objects have a maximum length of 64 characters each.

When multiple export commands are issued, the last command entered overrides the previous command.

When an export policy is not specified, BGP-learned routes are advertised by default; non-BGP routes are not advertised.

The no form of this command removes the policy association.

Default

no export

Parameters

plcy-or-long-expr

Specifies the route policy name, up to 64 characters in length, or a policy logical expression, up to 255 characters in length.

plcy-or-expr

Specifies the route policy name, up to 64 characters in length, or a policy logical expression, up to 255 characters in length.

Platforms

All

Context

[Tree] (config>service>vprn>isis export)

Full Context

configure service vprn isis export

Description

This command configures export routing policies that determine the routes exported from the routing table to IS-IS.

If no export policy is defined, non IS-IS routes are not exported from the routing table manager to IS-IS.

If multiple policy names are specified, the policies are evaluated in the order they are specified. The first policy that matches is applied. If multiple export commands are issued, the last command entered overrides the previous command. A maximum of five policy names can be specified.

If an aggregate command is also configured in the config>router context, then the aggregation is applied before the export policy is applied.

Routing policies are created in the config>router>policy-options context.

The no form of this command removes the specified policy-name or all policies from the configuration if no policy-name is specified.

Default

no export — No export policy name is specified.

Parameters

policy-name

The export policy name. Up to five policy-name arguments can be specified.

Platforms

All

Context

[Tree] (config>service>vprn>msdp>peer export)

[Tree] (config>service>vprn>msdp>group export)

[Tree] (config>service>vprn>msdp export)

[Tree] (config>service>vprn>msdp>group>peer export)

Full Context

configure service vprn msdp peer export

configure service vprn msdp group export

configure service vprn msdp export

configure service vprn msdp group peer export

Description

This command specifies the policies to export source active state from the source active list into Multicast Source Discovery Protocol (MSDP).

If multiple policy names are specified, the policies are evaluated in the order they are specified. The first policy that matches is applied. If multiple export commands are issued, the last command entered will override the previous command. A maximum of five policy names can be specified.

The no form of this command removes all policies from the configuration.

Default

no export

Parameters

policy-name

Specifies the export policy name, up to 32 characters. Up to five policy-name arguments can be specified.

If you configure an export policy at the global level, each individual peer inherits the global policy. If you configure an export policy at the group level, each individual peer in a group inherits the group’s policy. If you configure an export policy at the peer level, then policy only applies to the peer where it is configured.

Platforms

All

Context

[Tree] (config>service>vprn>mvpn>vrf-target export)

Full Context

configure service vprn mvpn vrf-target export

Description

This command specifies communities to be sent to peers.

Parameters

unicast

Specifies to use unicast vrf-target ext-community for the multicast VPN.

ext-comm

An extended BGP community in the type:x:y format. The value x can be an integer or IP address. The type can be the target or origin. x and y are 16-bit integers.

Values

target:{ip-address:comm-val | 2byte-asnumber:ext-comm-val | 4byte-asnumber:comm-val}
	ip-address:	a.b.c.d
	comm-val:	0 to 65535
	2byte-asnumber:	1 to 65535
	4byte-asnumber	0 to 4294967295

Platforms

All

Context

[Tree] (config>service>vprn>nat>outside>pool>redundancy export)

Full Context

configure service vprn nat outside pool redundancy export

Description

This command installs the export route in the routing table for active NAT pools.

Once the export route is in the routing table, it can be advertised in the network via a routing protocol. NAT pools in the standby or disabled state will not advertise the export route.

A NAT pool becomes active when it becomes operationally UP, and there is no monitoring route (which is also the export route from the peer) present in the routing node (as received from the network). The pool will transition into standby state in case that the monitoring route (or export route from the peer) is already present in the routing table. In other words, the monitoring route is already advertised as an export route from the peering node with active NAT pool.

The export route can be advertised only from:

• The active lead pool.

• Active pool for which fate-sharing is disabled.

Default

no export

Parameters

ip-prefix/length

Specifies the IP prefix and length.

Syntax:

ip-prefix/length:	ip-prefix	a.b.c.d
	ip-prefix-length	0 to 32

Values

0, 4, 16

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>service>vprn>ospf>area export)

[Tree] (config>service>vprn>ospf3>area export)

Full Context

configure service vprn ospf area export

configure service vprn ospf3 area export

Description

This command configures ABR export policies to filter OSPFv2 Type 3 Summary-LSAs or OSPFv3 Inter-Area-Prefix-LSA between areas, in to only permit the export of specified routes into an area.

This command cannot be used in OSPF area 0.

The no form of this command reverts to the default value.

Default

no export

Parameters

policy-name

Specifies the export route policy name. A maximum of five policy names may be specified. Allowed values are any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, ?, space), enclose the entire string in double quotes.

The specified policy names must be predefined and already exist in the system.

Platforms

All

Context

[Tree] (config>service>vprn>ospf3 export)

[Tree] (config>service>vprn>ospf export)

Full Context

configure service vprn ospf3 export

configure service vprn ospf export

Description

This command associates export route policies to determine which routes are exported from the route table to OSPF. Export polices are only in effect if OSPF is configured as an ASBR.

If no export policy is specified, non-OSPF routes are not exported from the routing table manager to OSPF.

If multiple policy names are specified, the policies are evaluated in the order they are specified. The first policy that matches is applied. If multiple export commands are issued, the last command entered will override the previous command. A maximum of five policy names can be specified.

The no form of this command removes all policies from the configuration.

Default

no export — No export route policies specified.

Parameters

policy-name

Specifies the export route policy name. Allowed values are any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, ?, space), the entire string must be enclosed between double quotes.

The specified policy name(s) must be predefined and already exist in the system.

Platforms

All

Context

[Tree] (config>service>vprn>ripng>group>neighbor export)

[Tree] (config>service>vprn>ripng>group export)

[Tree] (config>service>vprn>rip>group>neighbor export)

[Tree] (config>service>vprn>ripng export)

[Tree] (config>service>vprn>rip>group export)

[Tree] (config>service>vprn>rip export)

Full Context

configure service vprn ripng group neighbor export

configure service vprn ripng group export

configure service vprn rip group neighbor export

configure service vprn ripng export

configure service vprn rip group export

configure service vprn rip export

Description

This command specifies the export route policies used to determine routes that are exported to RIP. If no export policy is specified, non-RIP routes will not be exported from the routing table manager to RIP; RIP-learned routes will be exported to RIP neighbors.

If multiple policy names are specified, the policies are evaluated in the order they are specified. The first policy that matches is applied. If multiple export commands are issued, the last command entered will override the previous command. A maximum of five policy names can be specified.

The no form of this command removes all policies from the configuration.

Default

no export

Parameters

policy-name

The export route policy name. Allowed values are any string up to 32 characters in length and composed of printable, 7-bit ASCII characters. If the string contains special characters (#, ?, space), the string must be enclosed between double quotes. The specified names must already be defined.

Platforms

All

Context

[Tree] (config>router>ldp export)

Full Context

configure router ldp export

Description

This command specifies the export route policies used to determine which routes are exported to LDP. Policies are configured in the config>router>policy-options context.

If no export policy is specified, non-LDP routes will not be exported from the routing table manager to LDP. LDP-learned routes will be exported to LDP neighbors. Present implementation of export policy (outbound filtering) can be used "only” to add FECs for label propagation. The export policy does not control propagation of FECs that an LSR receives from its neighbors.

If multiple policy names are specified, the policies are evaluated in the order they are specified. The first policy that matches is applied. If multiple export commands are issued, the last command entered will override the previous command. A maximum of 5 policy names can be specified.

The no form of this command removes all policies from the configuration.

Default

no export — No export route policies specified.

Parameters

policy-name

Specifies up to five export route policy name. Allowed values are any string up to 32 characters long composed of printable, 7-bit ASCII characters. If the string contains special characters (#, ?, space), the entire string must be enclosed within double quotes.

The specified name(s) must already be defined.

Platforms

All

Context

[Tree] (config>router>nat>outside>pool>redundancy export)

Full Context

configure router nat outside pool redundancy export

Description

This command configures the route to export to the peer. While the export prefix is configured and the value of the object tmnxNatPlLsnRedActive is equal to true, the system exports this prefix in the realm of the virtual router instance associated with this pool; to the NAT redundancy peer, the presence of this prefix is an indication that the Large Scale NAT function in this virtual router instance is active; hence, the export prefix of this system is the monitor prefix of the peer.

The export prefix must be different from the monitor prefix.

Default

no export

Parameters

ip-prefix/length

Specifies the IP address and length of the prefix to be exported.

Values

ip-prefix:	a.b.c.d
ip-prefix-length:	0 to 32

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>router>msdp>group export)

[Tree] (config>router>msdp>peer export)

[Tree] (config>router>msdp export)

[Tree] (config>router>msdp>group>peer export)

Full Context

configure router msdp group export

configure router msdp peer export

configure router msdp export

configure router msdp group peer export

Description

This command specifies the policies to export SA states from the SA list into MSDP.

If multiple policy names are specified, the router evaluates the policies in the order they are specified, and applies the first policy that matches. If multiple export commands are issued, the last command entered overrides the previous command.

If an export policy is configured at the global level, each individual peer inherits the global policy. If an export policy is configured at the group level, each individual peer in a group inherits the group’s policy. If an export policy is configured at the peer level, the policy only applies to the peer where it is configured.

The no form of this command applies no export policies and all SA entries are announced.

Default

no export

Parameters

policy-name

Specifies the export policy name, up to 32 characters. A maximum of five policy names can be specified.

Platforms

All

Context

[Tree] (admin>certificate export)

Full Context

admin certificate export

Description

This command performs certificate operations.

Parameters

url-string

Specifies the local CF card url of the file.

Values

url-string	<local-url> [up to 99 characters]
local-url	<cflash-id>/<file-path>
cflash-id	cf1: | cf2: | cf3:

type

Specifies the type of input file.

Values

cert, key, crl

format

Specifies the format of output file.

Values

pkcs10, pkcs12, pkcs7-der, pkcs7-pem, pem, der

Platforms

All

Context

[Tree] (config>router>bgp>group>neighbor export)

[Tree] (config>router>bgp export)

[Tree] (config>router>bgp>group export)

Full Context

configure router bgp group neighbor export

configure router bgp export

configure router bgp group export

Description

This command specifies route policies that control the handling of outbound routes transmitted to all peers. Route policies are configured in the config>router>policy-options context.

This configuration parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in peer-group) or neighbor level (only applies to specified peer). The most specific level is used.

The export command can reference up to 15 objects, where each object is either a policy logical expression or the name of a single policy. The objects are evaluated in the specified order to determine the modifications of each route and the final action to accept or reject the route.

Only one of the 15 objects referenced by the command can be a policy logical expression consisting of policy names (enclosed in square brackets) and logical operators (AND, OR, NOT). The first of the 15 objects has a maximum length of 255 characters; the remaining 14 objects have a maximum length of 64 characters each.

When multiple export commands are issued, the last command entered overrides the previous command.

When an export policy is not specified, BGP-learned routes are advertised by default and non-BGP routes are not advertised.

The no form of this command removes the policy association.

Default

no export

Parameters

plcy-or-long-expr

Specifies the route policy name (up to 64 characters) or a policy logical expression (up to 255 characters long). Allowed values are any string up to 255 characters long composed of printable, 7-bit ASCII characters. If the string contains special characters (#, ?, space), the entire string must be enclosed within double quotes.

plcy-or-expr

Specifies up to 14 route policy names (up to 64 characters each) or a policy logical expression (up to 64 characters long). Allowed values are any string up to 64 characters long composed of printable, 7-bit ASCII characters. If the string contains special characters (#, ?, space), the entire string must be enclosed within double quotes.

Platforms

All

Context

[Tree] (config>router>isis export)

Full Context

configure router isis export

Description

This command configures export routing policies that determine the routes exported from the routing table to IS-IS.

If no export policy is defined, non IS-IS routes are not exported from the routing table manager to IS-IS.

If multiple policy names are specified, the policies are evaluated in the order they are specified. The first policy that matches is applied. If multiple export commands are issued, the last command entered overrides the previous command. A maximum of five policy names can be specified.

If an aggregate command is also configured in the config>router context, then the aggregation is applied before the export policy is applied.

Routing policies are created in the config>router>policy-options context.

The no form of this command removes the specified policy-name or all policies from the configuration if no policy-name is specified.

Parameters

policy-name

Specifies up to five export policy names.

Platforms

All

Context

[Tree] (config>router>ospf3 export)

[Tree] (config>router>ospf export)

Full Context

configure router ospf3 export

configure router ospf export

Description

This command associates export route policies to determine which routes are exported from the route table to OSPF. Export polices are only in effect if OSPF is configured as an ASBR.

If no export policy is specified, non-OSPF routes are not exported from the routing table manager to OSPF.

If multiple policy names are specified, the policies are evaluated in the order they are specified. The first policy that matches is applied. If multiple export commands are issued, the last command entered will override the previous command. A maximum of five policy names can be specified.

The no form of this command removes all policies from the configuration.

Default

no export

Parameters

policy-name

Specifies up to 5 export route policy names. Allowed values are any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, ?, space), the entire string must be enclosed within double quotes. The specified names must already be defined.

Platforms

All

Context

[Tree] (config>router>ospf>area export)

[Tree] (config>router>ospf3>area export)

Full Context

configure router ospf area export

configure router ospf3 area export

Description

This command configures ABR export policies to filter OSPFv2 Type 3 Summary-LSAs or OSPFv3 Inter-Area-Prefix-LSA between areas, in order to only permit the specified routes from being exported into an area.

This command cannot be used in OSPF area 0.

The no form of this command reverts to the default value.

Default

no export

Parameters

policy-name

Specifies up to five export route policy names. Allowed values are any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, ?, space), the entire string must be enclosed within double quotes. The specified names must already be defined.

Platforms

All

Context

[Tree] (config>router>ripng>group export)

[Tree] (config>router>ripng>group>neighbor export)

[Tree] (config>router>rip export)

[Tree] (config>router>rip>group export)

[Tree] (config>router>rip>group>neighbor export)

[Tree] (config>router>ripng export)

Full Context

configure router ripng group export

configure router ripng group neighbor export

configure router rip export

configure router rip group export

configure router rip group neighbor export

configure router ripng export

Description

This command specifies the export route policies used to determine which routes are exported to RIP.

If no export policy is specified, non-RIP routes will not be exported from the routing table manager to RIP. RIP-learned routes will be exported to RIP neighbors.

If multiple policy names are specified, the policies are evaluated in the order they are specified. The first policy that matches is applied. If multiple export commands are issued, the last command entered will override the previous command. A maximum of five policy names can be specified.

The no form of the command removes all policies from the configuration.

Default

no export

Parameters

policy-name

Specifies up to five export route policy names. Allowed values are any string up to 32 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and so on.), the entire string must be enclosed within double quotes.

The specified names must already be defined.

Platforms

All

Context

[Tree] (config>service>vprn>bgp-ipvpn>attribute-set export)

Full Context

configure service vprn bgp-ipvpn attribute-set export

Description

This command configures the router to add an ATTR_SET path attribute to all VPN-IP routes that come from the VRF export of BGP routes advertised by PE-CE peers of the VPRN. This attribute contains an exact copy of all BGP path attributes (post-import policy) of the PE-CE BGP route, excluding the NEXT_HOP, MP_REACH, and MP_UNREACH attributes, as well as the AS4_PATH or AS4_AGGREGATOR attributes. The origin AS in the ATTR_SET encodes the ASN (or confederation ID, if configured) of the exporting VPRN service. Neither the VRF export policy nor a regular BGP export policy is allowed to modify the contents of the ATTR_SET.

The no form of this command configures the router to not add an ATTR_SET path attribute to VPN-IP routes exported by the VPRN. Nokia recommends using the no form of this command, unless there is a requirement for the VPRN to deliver an independent domain Layer 3 VPN service.

Default

no export

Platforms

All

Context

[Tree] (config>router>ldp>session-params>peer export-addresses)

Full Context

configure router ldp session-parameters peer export-addresses

Description

This command specifies the export prefix policy to local addresses advertised to this peer.

Policies are configured in the config>router>policy-options context. A maximum of five policy names can be specified.

The no form of this command removes the policy from the configuration.

Parameters

policy-name

Specifies up to five export-prefix route policy names. Allowed values are any string up to 32 characters long composed of printable, 7-bit ASCII characters excluding double quotes. If the string contains spaces, use double quotes to delimit the start and end of the string. The specified name(s) must already be defined.

Platforms

All

Context

[Tree] (config>cflowd>collector export-filter)

Full Context

configure cflowd collector export-filter

Description

This command creates the CLI context to specify cflowd data filters. These filters allow the administrator to control which flows are sent or are not sent to an associated cflowd collector.

Platforms

All

Context

[Tree] (config>service>vprn>grt-lookup export-grt)

Full Context

configure service vprn grt-lookup export-grt

Description

This command uses the route policy to determine which routes are exported from the VRF to the GRT along with all the forwarding information. These entries are marked as BGP-VPN routes in the GRT. For proper routing to occur from the GRT to the VRF, the routes must be in the GRT.

Default

no export-grt

Parameters

plcy-or-long-expr

Specifies the route policy name, up to 64 characters, or a policy logical expression, up to 255 characters.

plcy-or-expr

Specifies the route policy name (up to 64 characters) or a policy logical expression (up to 255 characters). Up to four policy names or logical expressions can be specified in a single statement.

Platforms

All

Context

[Tree] (config>service>vprn>subscriber-interface export-host-routes)

[Tree] (config>service>ies>subscriber-interface export-host-routes)

Full Context

configure service vprn subscriber-interface export-host-routes

configure service ies subscriber-interface export-host-routes

Description

This command controls the export of subscriber management host routes from a retail service to the corresponding forwarding wholesale VPRN service.

By default, subscriber management host routes are not exported.

The presence of retail subscriber management host routes in the wholesale VPRN service is required for downstream traffic forwarding in multi-chassis redundancy scenarios with a redundant interface and when the retail subscriber subnets are not leaked in the wholesale VPRN service (allow-unmatching-subnets or unnumbered retail subscriber interface).

This command fails if the subscriber interface is not associated with a forwarding wholesale service subscriber interface or if the subscriber interface is not configured to support address allocation outside the provisioned subnets (allow-unmatching-subnets or unnumbered subscriber interface).

The no form of this command reverts to the default.

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>app-assure>group>policy>application export-id)

[Tree] (config>app-assure>group>policy>app-grp export-id)

[Tree] (config>app-assure>group>policy>application>charging-group export-id)

Full Context

configure application-assurance group policy application export-id

configure application-assurance group policy app-group export-id

configure application-assurance group policy application charging-group export-id

Description

This command assigns an export-id value to a charging group app-group or application to be used for accounting export identification in RADIUS accounting. This ID is encoded in the top 2 bytes of the RADIUS accounting VSA to identify which charging group the counter value represents.

If no export-id is assigned, that counter cannot be added to the aa-sub stats RADIUS export-type. Once a charging group index is referenced, it cannot be deleted without removing the reference.

The no form of this command removes the export-id from the configuration.

Default

no export-id

Parameters

export-id

Specifies an integer that identifies an export-id.

Values

1 to 255

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>service>vprn export-inactive-bgp)

Full Context

configure service vprn export-inactive-bgp

Description

This command allows the preferred BGP route learned by a VPRN to be exported as the VPN route, even when if it is inactive in the route table because a preferred BGP VPRN route from another PE is present. This overrides the default state in which the VPRN cannot export an inactive BGP route.

For the BGP route to be exported, the VRF export policy must accept it.

This command applies to both MPLS VPN and SRv6 VPN routes. In SRv6 VPN routes the advertised instruction is an End.DT, while in MPLS VPN routes the advertised label is a per-next-hop label.

This "best-external” type of route advertisement is useful in active/standby multi-homing scenarios because it ensures that all PEs know about the backup path provided by the standby PE.

Default

no export-inactive-bgp

Platforms

All

Context

[Tree] (config>service>vprn export-inactive-bgp-enhanced)

Full Context

configure service vprn export-inactive-bgp-enhanced

Description

This command configures the router to allow a BGP route that is inactive (because a better non-BGP route for the same prefix is present) to be exportable as a VPN-IP route.

A BGP route learned from a VPRN BGP peer is exportable as a VPN-IP route, only if it is the best route for the prefix and is installed in the route table of the VPRN. If the export-inactive-bgp command is enabled in the VPRN configuration, this rule is relaxed, and the best inactive VPRN BGP route is exportable as a VPN-IP route, provided that the active installed route for the prefix is an imported VPN-IP route.

The rule described in the preceding paragraph can be relaxed even further by enabling this command. When this command is enabled, the best inactive VPRN BGP route (best amongst all routes received from all CEs) is exportable as a VPN-IP route, regardless of the route type of the active installed route.

The configuration of this command overrides the export-inactive-bgp command. If this command is already enabled, do not enable the export-inactive-bgp command.

The no form of this command disables the router from allowing an inactive BGP route in the presence of a better non-BGP route to be exportable as a VPN-IP route.

Default

no export-inactive-bgp-enhanced

Platforms

All

Context

[Tree] (config>service>vprn>ospf export-limit)

[Tree] (config>service>vprn>grt-lookup export-limit)

[Tree] (config>service>vprn>ospf3 export-limit)

Full Context

configure service vprn ospf export-limit

configure service vprn grt-lookup export-limit

configure service vprn ospf3 export-limit

Description

This command limits the total number of routes exported from the VRF to the GRT. Configuring export-limit 0 disables the maximum limit for routes exported from the VRF to the GRT.

The no form of this command sets the export-limit to a default of five (5).

Default

export-limit 5

Parameters

num-routes

Specifies the maximum number of routes that can be exported. Configuring a num-routes value in a range of 1 to 1000 limits the number of routes to the specified value.

Values

0 to 1000

Platforms

All

Context

[Tree] (config>service>vprn>ripng export-limit)

[Tree] (config>service>vprn>rip export-limit)

Full Context

configure service vprn ripng export-limit

configure service vprn rip export-limit

Description

This command configures the maximum number of routes (prefixes) that can be exported into RIP from the route table.

The no form of this command removes the parameters from the configuration.

Default

no export-limit

Parameters

number

Specifies the maximum number of routes (prefixes) that can be exported into RIP from the route table.

Values

1 to 4294967295

log percentage

Specifies the percentage of the export-limit, at which a warning log message and SNMP notification would be sent.

Values

1 to 100

Platforms

All

Context

[Tree] (config>service>vprn>isis export-limit)

Full Context

configure service vprn isis export-limit

Description

This command configures the maximum number of routes (prefixes) that can be exported into IS-IS from the route table for the VPRN instance.

The no form of this command removes the parameters from the configuration.

Default

no export-limit - The export limit for routes or prefixes is disabled.

Parameters

number

Specifies the maximum number of routes (prefixes) that can be exported into RIP from the route table.

Values

1 to 4294967295

log percentage

Specifies the percentage of the export-limit, at which a warning log message and SNMP notification would be sent.

Values

1 to 100

Platforms

All

Context

[Tree] (config>router>isis export-limit)

Full Context

configure router isis export-limit

Description

This command configures the maximum number of routes (prefixes) that can be exported into IS-IS from the route table. After the maximum is reached, a warning log message is sent and additional routes are ignored.

The no form of this command removes the parameters from the configuration.

Parameters

number

Specifies the maximum number of routes (prefixes) that can be exported into RIP from the route table.

Values

1 to 4294967295

percentage

Specifies the percentage of the export-limit, at which a warning log message and SNMP notification would be sent.

Values

1 to 100

Platforms

All

Context

[Tree] (config>router>ospf export-limit)

[Tree] (config>router>ospf3 export-limit)

Full Context

configure router ospf export-limit

configure router ospf3 export-limit

Description

This command configures the maximum number of routes (prefixes) that can be exported into OSPF from the route table. After the maximum is reached, a warning log message is sent and additional routes are ignored.

The no form of this command removes the parameters from the configuration.

Default

no export-limit

Parameters

number

Specifies the maximum number of routes (prefixes) that can be exported into OSPF from the route table.

Values

1 to 4294967295

percentage

Specifies the percentage of the export-limit, at which a warning log message and SNMP notification would be sent.

Values

1 to 100

Platforms

All

Context

[Tree] (config>router>rip export-limit)

[Tree] (config>router>ripng export-limit)

Full Context

configure router rip export-limit

configure router ripng export-limit

Description

This command configures the maximum number of routes (prefixes) that can be exported into RIP from the route table.

The no form of the command removes the parameters from the configuration.

Default

no export-limit

Parameters

number

Specifies the maximum number of routes (prefixes) that can be exported into RIP from the route table.

Values

1 to 4294967295

percentage

Specifies the percentage of the export-limit, at which a warning log message and SNMP notification would be sent.

Values

1 to 100

Platforms

All

Context

[Tree] (config>cflowd export-mode)

Full Context

configure cflowd export-mode

Description

This command can be used to control how exports are generated by the cflowd process. The default behavior is for flow data to be exported automatically based on the active and inactive time-out values. The alternative mode is manual in which case flow data is only exported when the command "tools perform cflowd manual-export” is issued. The only exception is if the cflowd cache overflows, in which case the normal automatic export process is used.

Default

export-mode automatic

Parameters

automatic

cflowd flow data is automatically generated.

manual

cflowd flow data is exported only when manually triggered.

Platforms

All

Context

[Tree] (configure>app-assure>group>cflowd export-override)

Full Context

configure application-assurance group cflowd export-override

Description

This command configures the AA sub-type used in cflowd record export. The cflowd stats exported to the cflowd collector to look identical to when AA is on the type of system defined by the mode. The following cflowd export fields are affected:

1. cflowd export observation point (field 138), the mode will be derived from the export-override category that is selected.

2. cflowd export AA_Subscriber_Type (field 12) modified as configured, using existing field types.

3. cflowd interface name is used as the sub-ID field, optionally modified to use the export-override mode prefix as a global identifier.

All AA cflowd record types are affected by export-override. To change any of the export-override or prefix, cflowd must be shutdown first. When the export-override is set back to default (no export-override) the prefix is set back to the default.

The no form of this command removes the export override.

Default

no export-override

Parameters

mode

The type of system emulated by stats export.

Values

mobile(mobile gateway mode, cflowd field 138 = 2)

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>router>ldp>session-params>peer export-prefixes)

Full Context

configure router ldp session-parameters peer export-prefixes

Description

This command specifies the export route policy used to determine which prefixes received from other LDP and T-LDP peers are re-distributed to this LDP peer via the LDP/T-LDP session to this peer. A prefix that is filtered out (deny) is not exported. A prefix that is filtered in (accept) will be exported.

If no export policy is specified, all FEC prefixes learned will be exported to this LDP peer. This policy is applied in addition to the global LDP policy and targeted session policy.

Policies are configured in the config>router>policy-options context. A maximum of five policy names can be specified. Peer address has to be the peer LSR-ID address.

The no form of this command removes the policy from the configuration.

Default

no export-prefixes - no export route policy is specified

Parameters

policy-name

Specifies up to five export-prefix route policy names. Allowed values are any string up to 32 characters long composed of printable, 7-bit ASCII characters excluding double quotes. If the string contains spaces, use double quotes to delimit the start and end of the string. The specified name(s) must already be defined.

Platforms

All

Context

[Tree] (config>router>ldp>targeted-session export-prefixes)

Full Context

configure router ldp targeted-session export-prefixes

Description

This command specifies the export route policy used to determine which FEC prefix label bindings are exported from a targeted LDP session. A route that is filtered out (deny) will not be exported. A route that is filtered in (accept) will be exported.

If no export policy is specified, all bindings learned through a targeted LDP session will be exported to all targeted LDP peers. This policy is applied in addition to the global LDP policy.

Policies are configured in the config>router>policy-options context. A maximum of five policy names can be specified.

The no form of this command removes the policy from the configuration.

Parameters

policy-name

Specifies up to five export policy names. Allowed values are any string up to 32 characters long composed of printable, 7-bit ASCII characters. If the string contains special characters (#, ?, space), the entire string must be enclosed within double quotes.

Platforms

All

Context

[Tree] (config>router>ldp export-tunnel-table)

Full Context

configure router ldp export-tunnel-table

Description

This command enables exports BGP label route and SR tunnels from the TTM into LDP for the purpose of stitching an LDP FEC to a BGP or SR tunnel for the same destination prefix.

To enable route stitching between LDP and BGP, separately configure tunnel table route export policies in both protocols and enable the advertisement of RFC 8277, Using BGP to Bind MPLS Labels to Address Prefixes, formatted labeled routes for prefixes learned from LDP FECs.

The BGP route export policy instructs BGP to listen to LDP route entries in the CPM Tunnel Table. If a /32 LDP FEC prefix matches an entry in the export policy, BGP originates a BGP labeled route, stitches it to the LDP FEC, and re-distributes the BGP labeled route to its Interior Border Gateway Protocol (IBGP) neighbors.

Using the following commands to add LDP FEC prefixes with the from protocol ldp statement in the existing BGP export policy configuration at the global level, peer-group level, or peer level:

• config>router>bgp>export policy-name

• config>router>bgp>group>export policy-name

• config>router>bgp>group>neighbor>export policy-name

To indicate to BGP to evaluate the entries with the from protocol ldp statement in the export policy when applied to a specific BGP neighbor, use commands:

• config>router>bgp>group>neighbor>family label-ipv4 and

• config>router>bgp>group>neighbor>advertise-ldp-prefix

Without the latter configuration, only core IPv4 routes learned from RTM are advertised as BGP labeled routes to the neighbor. No stitching of LDP FEC to the BGP labeled route will be performed for this neighbor even if the same prefix was learned from LDP.

The LDP tunnel table route export policy instructs LDP to listen to BGP route entries in the CPM Tunnel Table. If a /32 BGP labeled route matches a prefix entry in the export policy, LDP originates an LDP FEC for the prefix, stitches it to the BGP labeled route, and re-distributes the LDP FEC to its IBGP neighbors.

The user can add BGP labeled route prefixes with the from protocol bgp statement in the configuration of the LDP tunnel table export policy. The from protocol statement is applied only when the protocol value is ldp. Policy entries with protocol values of rsvp, bgp, or any value other than ldp are ignored at the time the policy is applied to LDP.

In the LDP-to-SR data path direction, LDP listens to SR tunnel entries in the TTM. The user can restrict the export of SR tunnels to LDP from a specific prefix list. The user can also restrict the export to a specific IGP instance by optionally specifying the instance ID in the "from protocol” statement. The statement has an effect only when the protocol value is isis or bgp. Policy entries with any other protocol value are ignored at the time the policy is applied. If the user configures multiple from protocol statements in the same policy or does not include the from protocol statement but adds a default action of accept, then LDP will follow the TTM selection rules to select a tunnel to which it will stitch the LDP ILM:

1. LDP selects the tunnel from the lowest TTM preference protocol.

2. If two or more of IS-IS or OSPF protocol instances and BGP protocol have the same preference, then LDP selects the protocol using the default TTM protocol preference.

3. Within the same IGP protocol, LDP selects the lowest instance ID.

If an LDP FEC primary next-hop cannot be resolved using an RTM route and a SR tunnel of type SR-ISIS to the same destination prefix matches a prefix entry in the export policy, LDP programs an LDP ILM and stitches it to the SR node-SID tunnel endpoint. LDP also originates an FEC for the prefix and re-distributes it to its LDP peers. When an LDP FEC is stitched to a SR tunnel, packets forwarded benefit from the protection of the LFA/remote LFA backup next-hop of the SR tunnel.

When resolving a FEC, LDP will prefer RTM over TTM when both resolutions are possible. That is, swapping the LDP ILM to a LDP NHLFE is preferred over stitching it to an SR tunnel endpoint.

Nokia recommends that the user should enable the bfd-enable option on the interfaces in LDP, IGP instance, and BGP contexts to speed up failure detection and activation of the SR LFA/remote-LFA backup next-hop or the BGP backup, depending on the stitching operation.

This feature is limited to IPv4 /32 prefixes in LDP, BGP and SR.

The no form of this command disables the export of BGP and SR tunnels to LDP.

Default

no export-tunnel-table

Parameters

policy-name

Specifies up to five export-tunnel-table route policy names. Allowed values are any string up to 32 characters long composed of printable, 7-bit ASCII characters excluding double quotes. If the string contains spaces, use double quotes to delimit the start and end of the string. The specified name(s) must already be defined.

Platforms

All

Context

[Tree] (config>router>isis>segment-routing export-tunnel-table)

Full Context

configure router isis segment-routing export-tunnel-table

Description

This command exports the LDP tunnels to an IGP instance for the purpose of stitching a SR tunnel to a LDP FEC for the same destination IPv4 /32 prefix.

In the SR-to-LDP data path direction, the SR mapping server provides a global policy for the prefixes corresponding to the LDP FECs the SR stitches to.

When this command is enabled in the segment-routing context of an IGP instance, IGP listens to LDP tunnel entries in the TTM. Whenever a LDP tunnel destination matches a prefix for which IGP received a prefix-SID sub-TLV from a mapping server, it instructs the SR module to program the SR ILM and to stitch it to the LDP tunnel endpoint. The LDP FEC can be resolved via a static route, a IS-IS instance, or an OSPF instance.

When an SR tunnel is stitched to a LDP FEC, packets forwarded will benefit from the protection of the LFA backup next-hop of the LDP FEC.

When resolving a node SID, IGP will prefer resolution of prefix SID received in a IP Reach TLV over a prefix SID received via the mapping server. That is, swapping the SR ILM to a SR NHLFE is preferred over stitching it to a LDP tunnel endpoint.

Nokia recommends that the user should enable the bfd-enable option on the interfaces in both LDP and IGP instance contexts to speed up the failure detection and the activation of the LFA/remote-LFA backup next-hop in either direction of the stitching.

This feature is limited to IPv4 /32 prefixes in both LDP and SR.

The no form of this command disables the exporting of LDP tunnels to the IGP instance.

Default

no export-tunnel-table

Parameters

ldp

Exports LDP tunnels from the tunnel table into an IGP instance.

Platforms

All

Context

[Tree] (config>router>ospf>segm-rtng export-tunnel-table)

Full Context

configure router ospf segment-routing export-tunnel-table

Description

This command enables exporting, to an IGP instance, the LDP tunnels for the purpose of stitching a SR tunnel to a LDP FEC for the same destination IPv4 /32 prefix.

In the SR-to-LDP data path direction, the SR mapping server provides a global policy for the prefixes corresponding to the LDP FECs that the SR stitches to.

When this command is enabled in the segment-routing context of an IGP instance, IGP listens to LDP tunnel entries in the TTM. Whenever a LDP tunnel destination matches a prefix for which IGP received a prefix-SID sub-TLV from a mapping server, it instructs the SR module to program the SR ILM and to stitch it to the LDP tunnel endpoint. The LDP FEC can be resolved via a static route, a IS-IS instance, or an OSPF instance.

When an SR tunnel is stitched to a LDP FEC, packets forwarded will benefit from the protection of the LFA backup next hop of the LDP FEC.

When resolving a node SID, IGP will prefer resolution of prefix SID received in a IP Reach TLV over a prefix SID received via the mapping server. In other words, the swapping of the SR ILM to a SR NHLFE is preferred over stitching it to a LDP tunnel endpoint.

It is recommended to enable the bfd-enable option on the interfaces in both LDP and IGP instance contexts, to speed up the failure detection and the activation of the LFA/remote-LFA backup next hop in either direction of the stitching.

This feature is limited to IPv4 /32 prefixes in both LDP and SR.

The no form of this command disables the exporting of LDP tunnels to the IGP instance.

Platforms

All

Context

[Tree] (config>service>vprn>grt-lookup export-v6-limit)

Full Context

configure service vprn grt-lookup export-v6-limit

Description

This command limits the total number of IPv6 routes exported from the VPRN to the GRT. Configuring export-v6-limit 0 disables the maximum limit for IPv6 routes exported from the VPRN to the GRT.

The no form of this command sets the export-limit to a default of 5.

Default

export-v6-limit 5

Parameters

num-routes

Specifies the maximum number of IPv6 routes that can be exported. Configuring a num-routes value in a range of 1 to 1000 limits the number of IPv6 routes to the specified value.

Values

0 to 1000

Platforms

All

Context

[Tree] (config>app-assure>group>policy>app-filter>entry expression)

Full Context

configure application-assurance group policy app-filter entry expression

Description

This command configures string values to use in the application definition.

Parameters

expr-index

Specifies an index value which represents expression substrings.

Values

1 to 4

expr-type

Represents a type (and thereby the expression substring).

http-host — Matches the string against the HTTP Host field or TLS Server Name Indicator (SNI).

http-uri — Matches the string against the HTTP URI field.

http-referer — Matches the string against the HTTP Referer field.

http-user-agent — Matches the string against the HTTP User Agent field.

sip-ua — Matches the string against the SIP UA field.

sip-uri — Matches the string against the SIP URI field.

sip-mt — Matches the string against the SIP MT field.

citrix-app — Matches the string against the Citrix app field.

h323-product-id — Matches the string against the h323-product-id field.

tls-cert-subj-org-name — Matches the TLS Certificate Subject Organization Name substring.

tls-cert-subj-common-name — Matches the TLS Certificate Subject Common Name substring.

rtsp-host — Matches the Real Time Streaming Protocol (RTSP) substring host.

rtsp-uri — Matches the RTSP URI substring.

rtsp-ua — Matches the RTSP UA substring.

rtmp-page-host — Matches against the RTMP Page Host field

rtmp-page-uri — Matches against the RTMP Page URI field

rtmp-swf-host — Matches against the RTMP Swf Host field

rtmp-swf-uri — Matches against the RTMP Swf URI field

dns-domain-name — Matches the string against the DNS Name field.

eq

Specifies the equal to comparison operator to match the specified HTTP string.

neq

Specifies the not equal to comparison operator to match the specified HTTP string.

expr-string

Specifies an expression string, up to 64 characters, used to define a pattern match. Denotes a printable ASCII substring used as input to an application assurance filter match criteria object.

The following syntax is permitted within the substring to define the pattern match criteria:

^<substring>* - matches when <substring> is at the beginning of the object.

*<substring>* - matches when <substring> is at any place within the object.

*<substring>$ - matches when <substring> is at the end of the object.

^<substring>$ - matches when <substring> is the entire object.

* - matches zero to many of any character. A single wildcard as infix in the expression is allowed.

\. - matches any single character

\d - matches any single decimal digit [0-9]

\I - forces case sensitivity (by default, the expression match are case insensitive), the \I can be specified anywhere between

the leading [^*] and trailing [$*]

\* - matches the asterisk character

Rules for <substring> characters:

<substring> must contain printable ASCII characters.

<substring> must not contain the "double quote” character or the " ” (space) character on its own.

<substring> match is case in sensitive by default.

<substring> must not include any regular expression meta-characters other than "*", "\I", "\.", "\*" and "\d".

The "\” (slash) character is used as an ESCAPE sequence. The following ESCAPE sequences are permitted within the <substring>:

Character to match <substring> input

Hexadecimal Octet YY \xYY

A <substring> that uses the '\' (backslash) ESCAPE character which is not followed by a "\” or "\x” and a 2-digit hex octet is not valid.

Operational notes:

• When matching a TCP flow against HTTP-string based applications, the HTTP header fields are collected from the first HTTP request (for example a GET or a POST) for a given TCP flow. The collected strings are then evaluated against each HTTP flow created within the given TCP flow to determine whether a given HTTP flow matches the application. By not specifying a protocol, the HTTP expressions are matched against all protocols in the HTTP family. By specifying a specific HTTP protocol (for example, http_video) the expression match can be constrained to a subset of the HTTP protocols.

• To uniquely identify a SIP-based application a protocol match is not required in the app-filter entry with the SIP expression. The SIP expression match is performed against any protocol in the SIP family (such as sip and rtp_sip). By specifying a specific SIP protocol (like rtp_sip) the expression match can be constrained to a subset of the SIP protocols.

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>app-assure>group>policy>custom-protocol expression)

Full Context

configure application-assurance group policy custom-protocol expression

Description

This command configures an expression string value for pattern-based custom protocols match. A flow matches a custom protocol if the specified string is found at an offset of a TCP/UDP of the first payload packet.

Options:

• client-to-server — A pattern will be matched against a flow from a TCP client.

• server-to-client — A pattern will be matched against a flow from a TCP server.

• any – A pattern will be matched against a TCP/UDP flow in any direction (towards or from AA subscriber)

The no form of this command deletes a specified string expression from the definition.

Parameters

expr-index

Specifies the expression substring index.

Values

1

expr-string

Denotes a printable ASCII string, up to 16 characters, used to define a custom protocol match. Rules for expr-string characters:

• Must contain printable ASCII characters.

• Must not contain the "double quote” character or the " ” (space) character on its own.

• Match is case sensitive.

• Must not include any regular expression meta-characters.

The "\” (slash) character is used as an ESCAPE sequence. The following ESCAPE sequences are permitted within the expr-string:

Character to match expr-string input

Hexadecimal Octet YY \xYY

An expr-string that uses the '\' (backslash) ESCAPE character which is not followed by a "\” or "\x” and a 2-digit hex octet is not valid.

offset payload-octet-offset

specifies the offset (in octets) into the protocol payload, where the expr-string match criteria will start.

Values

0 to 127

direction direction

Specifies the protocol direction to match against to resolve to a custom protocol.

Values

client-to-server, server-to-client, any

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (debug>app-assure>group>http-host>filter expression)

Full Context

debug application-assurance group http-host-recorder filter expression

Description

This command configures the recorder filter expressions.

Parameters

expr-index

Specifies the expression index value.

Values

1 to 4

expr-type

Specifies the expression type.

Values

http-host

expr-string

Specifies the HTTP host filter expression string.

Values

format *<expression>$ (33 chars max)

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>router>policy-options>as-path expression)

Full Context

configure router policy-options as-path expression

Description

This command configures a route policy AS path regular expression statement to use in the route policy entries.

An AS path in a BGP route matches an AS path regular expression, if the path matches the pattern of the regular expression. A regular expression incorporates terms and operators that use the terms. An individual AS number is an elementary term in the AS path regular expression. More complex terms can be built from elementary terms. The following are key operators supported by SR OS:

• .

• *

• ?

• {n}

• {m,n}

• {m, }

To reverse the match criteria when specifying a list of ranges or single values using square brackets, use the non-match operator (^) before the elements within the square brackets.

The no form of this command deletes the AS path regular expression statement.

Parameters

regular-expression

The AS path regular expression. Allowed values are any string up to 255 characters long composed of printable, 7-bit ASCII characters. If the string contains special characters (#, ?, space), the entire string must be enclosed within double quotes. Policy parameters must start and end with at signs (@); for example, "@variable@”.

null

The AS path expressed as an empty regular expression string.

Platforms

All

Context

[Tree] (config>router>policy-options>community expression)

Full Context

configure router policy-options community expression

Description

This command creates a logical expression to match a route policy community.

The no form of this command deletes the logical expression.

Default

no expression

Parameters

expression expression

Specifies a logical expression containing terms and operators. It can contain sub-expressions enclosed in round brackets.

Values

up to 900 characters

<expression> is one of the following: <expression> {AND| OR} <expression> [NOT] ( <expression> ) [NOT] <comm-id>

For example:

from community expression "[community list A] OR ([community list B] AND [community list C])"

exact

All the communities indicated by the expression must be present in the route in order for a match to occur.

Platforms

All

Context

[Tree] (config>app-assure>group>url-list expression-match)

Full Context

configure application-assurance group url-list expression-match

Description

This command configures a URL list that contains hostnames with wildcards.

The no form of this command removes the URL list containing hostnames with wildcards.

Default

no expression-match

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>filter>ipv6-filter>entry>action extended-action)

[Tree] (config>filter>ip-filter>entry>action extended-action)

Full Context

configure filter ipv6-filter entry action extended-action

configure filter ip-filter entry action extended-action

Description

Commands in this context configure an extended action for a filter entry's PBR action (configured under config>filter>ip-filter>entry>action and config>filter>ipv6-filter>entry>action contexts). The extended action is executed in addition to the configured PBR action.

The no form of the command removes the extended action.

Default

no extended-action

Platforms

All

Context

[Tree] (config>subscr-mgmt>diam-appl-plcy>gx>features extended-bw)

Full Context

configure subscriber-mgmt diameter-application-policy gx features extended-bw

Description

This command specifies whether extended bandwidth AVPs are supported. Extended bandwidth AVPs are capable of supporting bandwidth values greater than (2³² - 1) b/s. The extended AVPs allow bitrates in kb/s and are as follows:

• Extended-GBR-DL (AVP code 2850)

• Extended-GBR-UL (AVP code 2851)

• Extended-Max-Requested-BW-DL (AVP code 554)

• Extended-Max-Requested-BW-UL (AVP code 555)

• Extended-APN-AMBR-DL (AVP code 2848)

• Extended-APN-AMBR-UL (AVP code 2849)

The no form of this command disables the extended bandwidth AVP support.

Default

no extended-bw

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>router>bgp>group>neighbor>outbound-route-filtering extended-community)

[Tree] (config>router>bgp>outbound-route-filtering extended-community)

[Tree] (config>router>bgp>group>outbound-route-filtering extended-community)

Full Context

configure router bgp group neighbor outbound-route-filtering extended-community

configure router bgp outbound-route-filtering extended-community

configure router bgp group outbound-route-filtering extended-community

Description

The extended-community command opens the configuration tree for sending or accepting extended-community based BGP filters.

For the no version of the command to work, all sub-commands (send-orf, accept-orf) must be removed first.

Default

no extended-community

Platforms

All

Context

[Tree] (config>subscr-mgmt>diam-appl-plcy>gy extended-failure-handling)

Full Context

configure subscriber-mgmt diameter-application-policy gy extended-failure-handling

Description

Commands in this context configure Extended Failure Handling (EFH), a mechanism to establish a new Diameter Gy session with the Online Charging Server (OCS) after Credit Control Failure Handling (CCFH) CONTINUE is triggered.

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>router>ospf3 extended-lsa)

Full Context

configure router ospf3 extended-lsa

Description

This command configures the use of extended LSA format in OSPFv3, as described in draft-ietf-ospf-ospfv3-lsa-extend.

Prior to this feature, SR OS used the fixed format LSA to carry the prefix and link information as described in RFC 5340, OSPF for IPv6. The fixed format is not extensible and the TLV format of the extended LSA must be used.

With this feature, the default mode of operation for OSPFv3 is referred to as sparse mode, meaning that the router will always advertise the fixed format for existing LSAs and will add the TLV-based extended LSA only when it needs to advertise new sub-TLVs. This mode of operation is similar to the way OSPFv2 advertises the segment routing information. It sends the prefix in the original fixed-format prefix LSA and then follows with the extended prefix TLV which is sent in an extended prefix opaque LSA containing the prefix SID sub-TLV.

The extended-lsa only value enables the full extended LSA mode. This causes all existing and new LSAs to use the extended LSA format.

The OSPFv3 instance must first be shut down before the user can change the mode of operation since the protocol must flush all LSAs and re-establish all adjacencies.

The no form of this command at the OSPFv3 instance level reverts the OSPFv3 instance to the default sparse mode of operation.

Default

extended-lsa sparse

Parameters

sparse

Enables the sparse mode of operation in an OSPFv3 instance.

only

Enables the full extended LSA mode of operation in an OSPFv3 instance.

Platforms

All

Context

[Tree] (config>router>ospf3>area extended-lsa)

Full Context

configure router ospf3 area extended-lsa

Description

This command configures the use of extended LSA format in a OSPFv3 area as described in draft-ietf-ospf-ospfv3-lsa-extend.

By default, the area inherits the instance-level configuration. The latter defaults to the sparse mode of operation. The extended-lsa only value enables the full extended LSA mode, which causes all existing and new LSAs to use the extended LSA format.

The OSPFv3 instance must first be shut down before the user can change the mode of operation since the protocol must flush all LSAs and reestablish all adjacencies.

The no form of this command at the area level returns the area to the default mode of inheriting the mode from the OSPFv3 instance level.

Default

extended-lsa inherit

Parameters

inherit

Configures the area to inherit the mode of operation enabled at the OSPFv3 instance level.

only

Enables the full extended LSA mode of operation in an OSPFv3 area.

Platforms

All

Context

[Tree] (config>service>vprn>bgp extended-nh-encoding)

[Tree] (config>service>vprn>bgp>group>neighbor extended-nh-encoding)

[Tree] (config>service>vprn>bgp>group extended-nh-encoding)

Full Context

configure service vprn bgp extended-nh-encoding

configure service vprn bgp group neighbor extended-nh-encoding

configure service vprn bgp group extended-nh-encoding

Description

This command configures BGP to advertise (at session OPEN) the capability to receive IPv4 or IPv4 routes with IPv4 or IPv6 next hops from the VPRN BGP peers included in the scope of the command. These peers should not send these routes unless they receive the capability. If the SR OS router receives an IPv4 route from a peer to which it did not advertise the necessary capability, the UPDATE message will be considered malformed and causes either a session reset or treat as withdraw behavior depending on the error handling settings.

The no form of this command causes the sending of an extended NH encoding BGP capability to the associated BGP peers to be inherited from a higher configuration level or disabled (if configured at the BGP level).

Default

no extended-nh-encoding

Parameters

ipv4

Specifies that the command should be applied to unlabeled unicast IPv4 routes.

Platforms

All

Context

[Tree] (config>router>bgp>group extended-nh-encoding)

[Tree] (config>router>bgp>group>neighbor extended-nh-encoding)

[Tree] (config>router>bgp extended-nh-encoding)

Full Context

configure router bgp group extended-nh-encoding

configure router bgp group neighbor extended-nh-encoding

configure router bgp extended-nh-encoding

Description

This command configures BGP to advertise (at session OPEN) the capability to receive label IPv4, VPN IPv4 routes, or IPv6 next hops from the peers. These peers should not send such routes unless they receive notification of this capability. If the SR OS router receives a label IPv4 or VPN IPv4 route from a peer to which it did not advertise the necessary capability, the UPDATE message will be considered malformed and this will cause either session reset or treat-as-withdraw behavior depending on the error handling settings.

The no form of this command causes the sending of an extended NH encoding BGP capability to the associated BGP peers to be inherited from a higher configuration level or disabled (if configured at the BGP level).

Default

no extended-nh-encoding

Parameters

label-ipv4

Instructs BGP to advertise an extended NH encoding capability for NLRI AFI=1, NLRI SAFI=4, and next-hop AFI=2.

vpn-ipv4

Instructs BGP to advertise an extended NH encoding capability for NLRI AFI=1, NLRI SAFI=128, and next-hop AFI=2.

ipv4

Instructs BGP to advertise an extended NH encoding capability for NLRI AFI=1, NLRI SAFI=1 and next-hop AFI=2.

Platforms

All

Context

[Tree] (config>ipsec>ipsec-transform extended-sequence-number)

Full Context

configure ipsec ipsec-transform extended-sequence-number

Description

This command enables 64-bit extended sequence numbering support. This numbering is used for high throughput CHILD_SA to avoid frequent rekeying caused by sequence numbering wrap around.

The no form of this command disables extended sequence numbering support. Only 32-bit sequence numbering is supported.

Default

no extended-seq-number

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>mcast-mgmt>mcast-info-plcy>video-policy>video-if extended-unicast)

Full Context

configure mcast-management multicast-info-policy video-policy video-interface extended-unicast

Description

This command delays video unicast from switching over to multicast for 5 minutes. The unicast session can be extended further by sending an RTCP extension request, which resets the 5-minute timer. This is ideal for services that require unicast video and end devices that require extended time to switch over from unicast to multicast.

The no form of this command disables extended unicast. The unicast session switches over to multicast 1.5 seconds after the IGMP request is sent. Most Fast Channel Change deployments do not require a time extension.

Default

no extended-unicast

Platforms

7450 ESS, 7750 SR, 7750 SR-s

Context

[Tree] (config>service>ies>sub-if>grp-if>wlan-gw>ranges>range>extensions extension)

Full Context

configure service ies subscriber-interface group-interface wlan-gw vlan-tag-ranges range extensions extension

Description

This command configures an additional VLAN range extension that is used for matching. Any traffic within the extension range is considered part of the same VLAN range for purposes of intra-SSID mobility.

Parameters

start [0 to 4095]

Specifies the start of the VLAN extension range

Values

0 to 4095

end[0 to 4095]

Specifies the end of VLAN extension range

Values

0 to 4095

Platforms

7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>service>ies>sub-if>grp-if>wlan-gw>ranges>range extensions)

Full Context

configure service ies subscriber-interface group-interface wlan-gw vlan-tag-ranges range extensions

Description

This command enables VLAN range extensions on this VLAN tag range.

The no form of the command disables VLAN extensions.

Default

no extensions

Platforms

7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>router>policy-options>policy-statement>entry>from external)

Full Context

configure router policy-options policy-statement entry from external

Description

This command specifies the external route matching criteria for the entry.

Default

no external

Platforms

All

Context

[Tree] (config>router>nat>outside>pool external-assignment)

[Tree] (config>service>vprn>nat>outside>pool external-assignment)

Full Context

configure router nat outside pool external-assignment

configure service vprn nat outside pool external-assignment

Description

This command enables external allocation of L2-Aware NAT outside IP addresses from the pool.

The no form of the command disables the allocation.

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Context

[Tree] (config>service>vprn>ospf3 external-db-overflow)

[Tree] (config>service>vprn>ospf external-db-overflow)

Full Context

configure service vprn ospf3 external-db-overflow

configure service vprn ospf external-db-overflow

Description

This command enables limits on the number of non-default AS-external-LSA entries that can be stored in the LSDB and specifies a wait timer before processing these after the limit is exceeded.

The limit value specifies the maximum number of non-default AS-external-LSA entries that can be stored in the link-state database (LSDB). Placing a limit on the non-default AS-external-LSAs in the LSDB protects the router from receiving an excessive number of external routes that consume excessive memory or CPU resources. If the number of routes reach or exceed the limit, the table is in an overflow state. When in an overflow state, the router does not originate any new AS-external-LSAs and it withdraws all self-originated non-default external LSAs.

The interval specifies the amount of time to wait after an overflow state before regenerating and processing non-default AS-external-LSAs. The waiting period acts like a dampening period, which prevents the router from continuously running Shortest Path First (SPF) calculations caused by the excessive number of non-default AS-external LSAs.

The external-db-overflow must be set identically on all routers attached to any regular OSPF area. OSPF stub areas and not-so-stubby areas (NSSAs) are excluded.

The no form of this command disables limiting the number of non-default AS-external-LSA entries.

Default

no external-db-overflow — No limit on non-default AS-external-LSA entries.

Parameters

limit

The maximum number of non-default AS-external-LSA entries that can be stored in the LSDB before going into an overflow state expressed as a decimal integer.

Values

-1 to 2147483647

Note:

Setting a value of -1 is equivalent to no external-db-overflow.

interval

The number of seconds after entering an overflow state before attempting to process non-default AS-external-LSAs expressed as a decimal integer.

Values

0 to 2147483647

Platforms

All

Context

[Tree] (config>router>ospf3 external-db-overflow)

[Tree] (config>router>ospf external-db-overflow)

Full Context

configure router ospf3 external-db-overflow

configure router ospf external-db-overflow

Description

This command enables limits on the number of non-default AS-external-LSA entries that can be stored in the LSDB and specifies a wait timer before processing these after the limit is exceeded.

The limit value specifies the maximum number of non-default AS-external-LSA entries that can be stored in the link-state database (LSDB). Placing a limit on the non-default AS-external-LSAs in the LSDB protects the router from receiving an excessive number of external routes that consume excessive memory or CPU resources. If the number of routes reach or exceed the limit, the table is in an overflow state. When in an overflow state, the router will not originate any new AS-external-LSAs. In fact, it withdraws all the self-originated non-default external LSAs.

The interval specifies the amount of time to wait after an overflow state before regenerating and processing non-default AS-external-LSAs. The waiting period acts like a dampening period preventing the router from continuously running Shortest Path First (SPF) calculations caused by the excessive number of non-default AS-external LSAs.

The external-db-overflow must be set identically on all routers attached to any regular OSPF area. OSPF stub areas and not-so-stubby areas (NSSAs) are excluded.

The no form of this command disables limiting the number of non-default AS-external-LSA entries.

Default

no external-db-overflow

Parameters

limit

Specifies the maximum number of non-default AS-external-LSA entries that can be stored in the LSDB before going into an overflow state expressed as a decimal integer.

Values

0 to 2147483647

interval

The number of seconds after entering an overflow state before attempting to process non-default AS-external-LSAs expressed as a decimal integer.

Values

0 to 2147483647

Platforms

All

Context

[Tree] (config>service>vprn>isis>level external-preference)

Full Context

configure service vprn isis level external-preference

Description

This command configures the external route preference for the IS-IS level.

The external-preference command configures the preference level of either IS-IS level 1 or IS-IS level 2 external routes. By default, the preferences are as listed in the table below.

A route can be learned by the router by different protocols, in which case, the costs are not comparable. When this occurs, the preference decides the route to use.

Different protocols should not be configured with the same preference, if this occurs the tiebreaker is dependent on the default preference table. If multiple routes are learned with an identical preference using the same protocol, the lowest cost route is used. If multiple routes are learned with an identical preference using the same protocol and the costs (metrics) are equal, then the decision of the route to use is determined by the configuration of the ecmp in the config>router context.

Default

Default preferences are listed in Default Preferences.

Note:

1. Internal preferences are changed using the preference command in the config>router>isis>level level-number context.

Parameters

preference

The preference for external routes at this level as expressed.

Values

1 to 255

Platforms

All

Context

[Tree] (config>service>vprn>ospf external-preference)

[Tree] (config>service>vprn>ospf3 external-preference)

Full Context

configure service vprn ospf external-preference

configure service vprn ospf3 external-preference

Description

This command configures the preference for OSPF external routes.

A route can be learned by the router from different protocols, in which case the costs are not comparable. If this occurs, preference is used to decide which route is used.

Different protocols should not be configured with the same preference. If this occurs, the tiebreaker is per the default preference table as defined in Default External Route Preferences . If multiple routes are learned with an identical preference using the same protocol, the lowest cost route is used.

If multiple routes are learned with an identical preference using the same protocol and the costs (metrics) are equal, the decision of which route to use is determined by the configuration of the ecmp in the config>router context.

The no form of this command reverts to the default value.

Default

external-preference 150 — OSPF external routes have a default preference of 150.

Parameters

preference

The preference for external routes expressed as a decimal integer.

Values

1 to 255

Platforms

All

Context

[Tree] (config>router>isis>level external-preference)

Full Context

configure router isis level external-preference

Description

This command configures the external route preference for the IS-IS level.

The external-preference command configures the preference level of either IS-IS level 1 or IS-IS level 2 external routes. By default, the preferences are as listed in the table below.

A route can be learned by the router by different protocols, in which case, the costs are not comparable. When this occurs, the preference decides the route to use.

Different protocols should not be configured with the same preference, if this occurs the tiebreaker is dependent on the default preference table. If multiple routes are learned with an identical preference using the same protocol, the lowest cost route is used. If multiple routes are learned with an identical preference using the same protocol and the costs (metrics) are equal, then the decision of the route to use is determined by the configuration of the ecmp in the config>router context.

The no form of this command reverts to the default value.

Default

external-preference (Level 1) — 160

external-preference (Level 2) — 165

Parameters

preference

Specifies the preference for external routes at this level as expressed.

Default preferences are listed in the following table.

Table 3. Default External Route Preferences

Route Type	Preference	Configurable
Direct attached	0	—
Static-route	5	Yes
OSPF internal routes	10	—
IS-IS Level 1 internal	15	Yes2
IS-IS Level 2 internal	18	Yes2
OSPF external	150	Yes
IS-IS Level 1 external	160	Yes
IS-IS Level 2 external	165	Yes
BGP	170	Yes

¹ Internal preferences are changed using the preference command in the config>router>isis>level level-number context.

Values

1 to 255

Platforms

All

Context

[Tree] (config>router>ospf external-preference)

[Tree] (config>router>ospf3 external-preference)

Full Context

configure router ospf external-preference

configure router ospf3 external-preference

Description

This command configures the preference for OSPF external routes.

A route can be learned by the router from different protocols, in which case, the costs are not comparable. When this occurs, the preference is used to decide which route will be used.

Different protocols should not be configured with the same preference, if this occurs the tiebreaker is per the default preference table as defined in Route Preference Defaults by Route Type . If multiple routes are learned with an identical preference using the same protocol, the lowest cost route is used.

If multiple routes are learned with an identical preference using the same protocol and the costs (metrics) are equal, then the decision of what route to use is determined by the configuration of the ecmp in the config>router context.

The no form of this command reverts to the default value.

Default

external-preference 150

Parameters

preference

Specifies the preference for external routes expressed as a decimal integer. Defaults for different route types are listed in Route Preference Defaults by Route Type .

Table 4. Route Preference Defaults by Route Type

Route Type	Preference	Configurable
Direct attached	0	No
Static routes	5	Yes
OSPF internal	10	Yes3
IS-IS level 1 internal	15	Yes
IS-IS level 2 internal	18	Yes
RIP	100	Yes
OSPF external	150	Yes
IS-IS level 1 external	160	Yes
IS-IS level 2 external	165	Yes
BGP	170	Yes

¹ Preference for OSPF internal routes is configured with the preference command.

Values

1 to 255

Platforms

All

Context

[Tree] (config>service>vprn>if external-reference)

[Tree] (config>router>if external-reference)

Full Context

configure service vprn interface external-reference

configure router interface external-reference

Description

Commands in this context configure the external reference used to map a Nokia vendor-specific configuration and the OpenConfig state.

Platforms

7450 ESS, 7750 SR, 7750 SR-a, 7750 SR-e, 7750 SR-s, 7950 XRS

Context

[Tree] (debug>router>pim extranet)

Full Context

debug router pim extranet

Description

This command enables debugging for extranet PIM.

The no form of this command disables PIM extranet debugging.

Parameters

detail

Debugs detailed extranet PIM information.

Platforms

All