Services are created in the administratively down (shutdown) state. When a
no shutdown command is entered, the service becomes administratively up and then tries to enter the operationally up state. Default administrative states for services and service entities is described below in Special Cases.
The no form of this command places the entity into an administratively enabled state.
This command disables the BGP or RIP instance on the given IP interface. Routes learned from a neighbor that is shutdown are immediately removed from the BGP or RIP database and RTM. If BGP or RIP is globally shutdown, then all RIP group and neighbor interfaces are shutdown operationally. If a BGP or RIP group is shutdown, all member neighbor interfaces are shutdown operationally. If a BGP or RIP neighbor is shutdown, just that neighbor interface is operationally shutdown.
The description command associates a text string with a configuration context to help identify the content in the configuration file.
The no form of this command removes the string from the configuration.
vprn service-id [customer
customer-id] [create]
If the service-id does not exist, a context for the service is created. If the
service-id exists, the context for editing the service is entered.
When a service is created, the customer keyword and
customer-id must be specified and associates the service with a customer. The
customer-id must already exist having been created using the customer command in the service context. When a service is created with a customer association, it is not possible to edit the customer association. The service must be deleted and re-created with a new customer association.
When a service is created, the use of the customer customer-id is optional to navigate into the service configuration context. If attempting to edit a service with the incorrect
customer-id results in an error.
The no form of the command deletes the VPRN service instance with the specified
service-id. The service cannot be deleted until all the IP interfaces and all routing protocol configurations defined within the service ID have been shutdown and deleted.
|
Values
|
service-id: 1 — 2147483648 svc-name: 64 characters maximum
|
aggregate ip-prefix/ip-prefix-length [summary-only
] [as-set
] [aggregator
as-number:ip-address] [black-hole
] [community
comm-id] [description
description]
aggregate ip-prefix/ip-prefix-length [summary-only
] [as-set
] [aggregator
as-number:ip-address] [community
comm-id] [indirect
ip-address] [description
description]
The no form of the command removes the aggregate.
To remove the summary-only option, enter the same aggregate command without the
summary-only parameter.
|
Values
|
ipv4-prefix a.b.c.d
ipv6-prefix x:x:x:x:x:x:x:x
x:x:x:x:x:x:d.d.d.d
x: [0 — FFFF]H
d: [0 — 255]D
|
The auto-bind-tunnel node is simply a context to configure the binding of VPRN routes to tunnels. The user must configure the
resolution option to enable auto-bind resolution to tunnels in TTM. If the
resolution option is explicitly set to
disabled, the auto-binding to tunnel is removed.
If resolution is set to
any, any supported tunnel type in VPRN context will be selected following TTM preference. If one or more explicit tunnel types are specified using the
resolution-filter option, then only these tunnel types will be selected again following the TTM preference.
The ldp value instructs BGP to search for an LDP LSP with a FEC prefix corresponding to the address of the BGP next-hop.
The rsvp value instructs BGP to search for the best metric RSVP LSP to the address of the BGP next-hop. This address can correspond to the system interface or to another loopback used by the BGP instance on the remote node. The LSP metric is provided by MPLS in the tunnel table. In the case of multiple RSVP LSPs with the same lowest metric, BGP selects the LSP with the lowest tunnel-id.
When the sr-isis (
sr-ospf) value is enabled, a SR tunnel to the BGP next-hop is selected in the TTM from the lowest numbered ISIS (OSPF) instance.
The user must set resolution to
filter to activate the list of tunnel-types configured under
resolution-filter.
When an explicit SDP to a BGP next-hop is configured in a VPRN service (configure>service>vprn>spoke-sdp), it overrides the
auto-bind-tunnel selection for that BGP next-hop only. There is no support for reverting automatically to the
auto-bind-tunnel selection if the explicit SDP goes down. The user must delete the explicit spoke-sdp in the VPRN service context to resume using the
auto-bind-tunnel selection for the BGP next-hop.
The no form of the command removes the defined AS from this VPRN context.
[no
] backup-path [ipv4] [ipv6]
The no form of the command removes the Carrier Supporting Carrier capability from a VPRN.
confederation confed-as-num members
as-number [as-number…(up to 15 max)]
The no form of the command deletes the specified member AS from the confederation. When members are not specified in the no statement, the entire list is removed and confederations is disabled. When the last member of the list is removed, confederations is disabled.
The no form of the command disables DNS for this service.
The no form of the command reverts to the default.
The no form of the command reverts to the default.
The no form of the command removes the primary DNS server from the configuration.
no primary-dns — No primary DNS server is configured.
The no form of the command removes the secondary DNS server from the configuration.
no secondary-dns — No secondary DNS server is configured.
The no form of the command removes the tertiary DNS server from the configuration.
no tertiary-dns — No tertiary DNS server is configured.
The no form of the command disables ECMP path sharing. If ECMP is disabled and multiple routes are available at the best preference and equal cost, the newly updated route is used.
export-grt policy-name [policy-name ...(up to 5 max)]
The no form of the command sets the export-limit to a default of five (5).
The no form of the command sets the export-limit to a default of 5.
[no
] allow-local-management
static-route {ip-prefix/prefix-length |
ip-prefix netmask} [preference
preference] [metric
metric] [enable|disable
] grt
[no
] dynamic-topology-discover
The no form of this command disables the feature.
The no form of this command disables the feature.
|
Values
|
be, cp1, cp2, cp3, cp4, cp5, cp6, cp7, cs1, cp9, af11, cp11, af12, cp13, af13, cp15, cs2, cp17, af21, cp19, af22, cp21, af23, cp23, cs3, cp25, af31, cp27, af32, cp29, af33, cp31, cs4, cp33, af41, cp35, af42, cp37, af43, cp39, cs5, cp41, cp42, cp43, cp44, cp45, ef, cp47, nc1, cp49, cp50, cp51, cp52, cp53, cp54, cp55, nc2, cp57, cp58, cp59, cp60, cp61, cp62, cp63
|
The no form of the command disables IGMP.
[no
] group-interface
ip-int-name
[no
] group-interface fwd-service
service-id ip-int-name
The no form of the command reverts to the default.
[no
] disable-router-alert-check
The no form of the command disables the router alert check.
The no form of the command removes the value.
The no form of the command
If the bandwidth value is 0, no mandatory channels are allowed. If
bandwith is not configured, then all mandatory and optional channels are allowed.
If the value of mandatory-bw is equal to the value of
bandwidth, then all the unconstrained bandwidth on a given interface is allocated to mandatory channels configured through multicast CAC policy on that interface and no optional groups (channels) are allowed.
The value of mandatory-bw should always be less than or equal to that of
bandwidth, An attempt to set the value of
mandatory-bw greater than that of
bandwidth, will result in inconsistent value error.
The no form of the command removes the IP address.
The no form of the command disable the IGMP traffic from known hosts only
The no form of the command disables local subnet checking for IGMP.
The no form of the command
The no form of the command removes the IP address.
This command imports a policy to filter IGMP packets. The no form of the command removes the policy association from the IGMP instance.
no import — No import policy specified.
level level-id bw
bandwidth
This command configures the bandwidth for the interface's multicast CAC policy traffic. When disabled (no unconstrained-bw) there will be no checking of bandwidth constraints on the interface level. When enabled and a policy is defined, enforcement is performed. The allocated bandwidth for optional channels should not exceed the
unconstrained-bw minus the
mandatory-bw and the mandatory channels have to stay below the specified value for the
mandatory-bw. After this interface check, the bundle checks are performed.
If the bandwidth value is 0, no mandatory channels are allowed. If
bandwith is not configured, then all mandatory and optional channels are allowed.
If the value of mandatory-bw is equal to the value of
bandwidth, then all the unconstrained bandwidth on a given interface is allocated to mandatory channels configured through multicast CAC policy on that interface and no optional groups (channels) are allowed.
The value of mandatory-bw should always be less than or equal to that of
bandwidth, An attempt to set the value of
mandatory-bw greater than that of
bandwidth, will result in inconsistent value error.
[no
] group
grp-ip-address
The source command is mutually exclusive with the specification of individual sources for the same group.
Use the no form of the command to remove the source from the configuration.
Use the no form of the command to remove the starg entry from the configuration.
The no form of the command removes the values from the configuration.
The no form of the command removes the values from the configuration.
The no form of the command removes the values from the configuration.
The no form of the command reverts to the default.
The no form of the command sets the mode to the default mode of service label per VRF.
If the log-only parameter is not specified and the maximum-routes value is set below the existing number of routes in a VRF, then the offending RIP peer (if applicable) is brought down (but the VPRN instance remains up). BGP peering will remain up but the exceeding BGP routes will not be added to the VRF.
The no form of the command disables any limit on the number of routes within a VRF context. Issue the
no form of the command only when the VPRN instance is shutdown.
If the log-only parameter is not specified and the maximum-routes value is set below the existing number of routes in a VRF, then the offending RIP peer (if applicable) is brought down (but the VPRN instance remains up). BGP peering will remain up but the exceeding BGP routes will not be added to the VRF.
The no form of the command disables any limit on the number of routes within a VRF context. Issue the
no form of the command only when the VPRN instance is shutdown.
The no form of the command disables the limit of multicast routes within a VRF context. Issue the
no form of the command only when the VPRN instance is shutdown.
no filter [ip
ip-filter-id] [ipv6
ipv6-filter-id]
The no form of the command removes an IPv4, IPv6, or both filters.
The no form of the command deletes the specified peer.
The log-sync-interval cannot be changed unless the peer is shutdown.
For g8275dot1-2014, this parameter sets the value of the localPriority associated with the Announce messages received from external clocks (
ptp>peer or
ptp>port), or the local clock (
ptp). See G.8275.1 for more detailed information.
Alternatively, the auto-rd option allows the system to automatically generate a Route Distinguisher (RD) based on the
bgp-auto-rd-range command configured at the service level.
When configuring the router ID in the base instance of OSPF it overrides the router ID configured in the config>router context. The default value for the base instance is inherited from the configuration in the
config>router context. If the router ID in the
config>router context is not configured, the following applies:
This is a required command when configuring multiple instances and the instance being configured is not the base instance.
To force the new router ID to be used, issue the shutdown and
no shutdown commands for the instance, or reboot the entire router.
The no form of the command removes the router ID definition from the given VPRN context.
application dscp-app-name dscp
{dscp-value | dscp-name}
The no form of this command reverts back to the default value.
|
Values
|
ldp, rsvp, bgp, rip, msdp, pim, ptp, ospf, igmp, mld, telnet, tftp, ftp, ssh, snmp, snmp-notification, syslog, icmp, traceroute, tacplus, dns, ntp, radius, cflowd, dhcp, bootp, ndis, vrrp, srrp
|
|
Values
|
none, be, ef, cp1, cp2, cp3, cp4, cp5, cp6, cp7, cp9, cs1, cs2, cs3, cs4, cs5, nc1, nc2, af11, af12, af13, af21, af22, af23, af31, af32, af33, af41, af42, af43, cp11, cp13, cp15, cp17, cp19, cp21, cp23, cp25, cp27, cp29, cp31, cp33, cp35, cp37, cp39, cp41, cp42, cp43, cp44, cp45, cp47, cp49, cp50, cp51, cp52, cp53, cp54, cp55, cp57, cp58, cp59, cp60, cp61, cp62, cp63
|
dscp dscp-name fc
fc-name
The no form of this command removes the DiffServ code point to forwarding class association. The default-action then applies to that code point value.
|
Values
|
be, ef, cp1, cp2, cp3, cp4, cp5, cp6, cp7, cp9, cs1, cs2, cs3, cs4, cs5, nc1, nc2, af11, af12, af13, af21, af22, af23, af31, af32, af33, af41, af42, af43, cp11, cp13, cp15, cp17, cp19, cp21, cp23, cp25, cp27, cp29, cp31, cp33, cp35, cp37, cp39, cp41, cp42, cp43, cp44, cp45, cp47, cp49, cp50, cp51, cp52, cp53, cp54, cp55, cp57, cp58, cp59, cp60, cp61, cp62, cp63
|
The no form of this command configures the router to not set overload if an SFM fails.
community community-name [hash | hash2] [access-permissions] [version
SNMP-version] [src-access-list list-name]
The no form of the command removes the SNMP community name from the given VPRN context.
|
Values
|
r — Grants only read access to MIB objects. Creates an association of the community-name with the snmp-vprn-ro access group. rw — Grants read and write access to MIB objects. Creates an association of the community-name with the snmp-vprn access group.
|
Configures the community to reference a specific
src-access-list (created under
configure system security snmp), which will be used to validate the source IP address of all received SNMP requests that use this
community. Multiple
community (vprn or base router) and
usm-
community instances can reference the same
src-access-list.
|
Values
|
cflowd, dns, ftp, ntp, ping, ptp, radius, snmptrap, sntp, ssh, syslog, tacplus, telnet, traceroute, mcreporter, icmp-error
|
|
Values
|
cflowd, dns, ftp, ntp, ping, radius, snmptrap, syslog, tacplus, telnet, traceroute, icmp6-error
|
[no
] static-route
{ip-prefix/prefix-length | ip-prefix netmask} [preference
preference] [metric
metric] [tag
tag] [community
comm-id] [enable
| disable
] {next-hop
ip-int-name | ip-address [mcast-family
] | ipsec-tunnel
ipsec-tunnel-name} [bfd-enable
| {cpe-check
cpe-ip-address [interval
seconds] [drop-count
count] [padding-size
padding-size] [log
]}]
[no
] static-route
{ip-prefix/prefix-length | ip-prefix netmask} [preference
preference] [metric
metric] [tag
tag] [community
comm-id] [enable
| disable
] indirect
ip-address [cpe-check
cpe-ip-address [interval
seconds][drop-count
count] [padding-size
padding-size] [log
]]
[no]
static-route {
ip-prefix/prefix-length |
ip-prefix netmask} [
preference preference] [
metric metric] [
tag tag] [
community comm-id] [
enable |
disable]
black-hole [
mcast-family]
The IP address of the IP interface. The ip-addr portion of the
address command specifies the IP host address that will be used by the IP interface within the subnet. This address must be unique within the subnet and specified in dotted decimal notation.
|
Values
|
ipv4-address a.b.c.d (host bits must be 0) ipv6-address x:x:x:x:x:x:x:x[-interface] x:x:x:x:x:x:d.d.d.d[-interface] x: [0..FFFF]H d: [0..255]D interface: 32 characters maximum, mandatory for link local addresses
|
Static routes can be administratively enabled or disabled. Use the disable parameter to disable a static route while maintaining the static route in the configuration. In order to enable a static route, it must be uniquely identified by the IP address, mask, and any other parameter that is required to identify the exact static route.
The next-hop keyword and the
indirect or
black-hole keywords are mutually exclusive. If an identical command is entered (with the exception of either the
indirect or
black-hole parameters), then this static route will be replaced with the newly entered command, and unless specified, the respective defaults for preference and metric will be applied.
The ip-addr configured here can be either on the network side or the access side on this node. This address must be associated with a network directly connected to a network configured on this node.
The configured ip-addr is not directly connected to a network configured on this node. The destination can be reachable via multiple paths. The static route remains valid as long as the address configured as the indirect address remains a valid entry in the routing table. Indirect static routes cannot use an ip-prefix/mask to another indirect static route.
The indirect keyword and the
next-hop or
black-hole keywords are mutually exclusive. If an identical command is entered (with the exception of either the
next-hop or
black-hole parameters), then this static route will be replaced with the newly entered command and unless specified the respective defaults for preference and metric will be applied.
The ip-addr configured can be either on the network or the access side and is normally at least one hop away from this node.
The black-hole keyword is mutually exclusive with either the
next-hop or
indirect keywords. If an identical command is entered, with exception of either the
next-hop or
indirect parameters, then the static route is replaced with the new command, and unless specified, the respective defaults for
preference and
metric are applied.
type [hub
|spoke
| subscriber-split-horizon
]
The no form of the command removes all route policy names from the export list.
None —
No routes are exported from the VRF by default.
The no form of the command removes all route policy names from the import list
None —
No routes are accepted into the VRF by default.
vrf-target {ext-community
| export
ext-community | import
ext-community}
Specified vrf-import or
vrf-export policies override the
vrf-target policy.
An extended BGP community in the type:
x:
y format. The value
x can be an integer or IP address. The
type can be the target or origin.
x and
y are 16-bit integers.
The no form of the command returns the value to
never allow AVP hiding.
The no form of the command reverts to the default
never value.
The no form of the command removes the value from the configuration.
[no
] ipcp-subnet-negotiation
group tunnel-group-name [create
]
The no form of the command returns the value to
never allow AVP hiding.
The no form of the command reverts to the default
never value.
The no form of the command removes the value from the configuration.
The no form of the command removes the interval from the configuration.
Enter the no form of the command to maintain a persistent tunnel.
The no form of the command removes the idle timeout from the configuration.
The no form of the command removes thename from the configuration.
The no form of the command removes the value from the configuration.
The no form of the command removes the value from the configuration.
keepalive seconds [hold-up-multiplier
multiplier]
[no
] proxy-authentication
The no form of the command removes the parameter of the configuration and indicates that the value on group level will be taken.
The no form of the command removes the parameter from the configuration and indicates that the value on group level will be taken.
The no form of the command removes the IP address from the tunnel configuration.
The no form of the command removes the preference value from the tunnel configuration.
peer ip-address tag
sync-tag-name
DHCP leases can be synchronized per DHCP server of DHCP pool. The pair of synchronizing servers or pools is identified by a tag. The synchronization information is carried over the Multi-Chassis Synchronization (MCS) link between the two peers. MCS link is a logical link (IP, or MPLS).
[no
] startup-wait-time
[min
minutes] [sec
seconds]
The no form of the command disables ignore-rapid-commit.
[days days][
hrs hours] [
min minutes] [
sec seconds]
The no form of the command disables the sending of forcerenew messages.
The no form of the command returns the value to the default.
The no form of the command returns the value to the default.
The no form of the command reverts to the default.
The no form of the command returns the value to the default.
custom-option option-number address
ip-address [ip-address...(up to 4 max)] (DHCP only)
custom-option option-number address
ipv6-address [ipv6-address...(up to 4 max)] (DHCP6 only
)
The no form of the removes the option from the configuration.
dns-server ip-address [ip-address...(up to 4 max)](DHCP only
)
dns-server ipv6-address [ipv6-address...(up to 4 max)] (DHCP6 only
)
The no form of the command removes the name from the configuration.
renew-timer [days
days][hrs
hours] [min
minutes] [sec
seconds]
rebind-timer [days
days][hrs
hours] [min
minutes] [sec
seconds]
[days days][
hrs hours] [
min minutes] [
sec seconds]
prefix ipv6-address/prefix-length [failover
{local
| remote | access-driven
}] [pd
] [wan-host
] [create
]
The no form of the command reverts to the default.
The no form of the command reverts to the default.
The no form of the command removes the time from the configuration.
The no form of the command removes the time from the configuration.
lease-time [days
days] [hrs
hours] [min
minutes] [sec
seconds]
The no form of the command removes the lease time parameters from the configuration.
subnet {ip-address/mask | ip-address netmask} [create
]
no subnet {ip-address/mask | ip-address netmask}
address-range start-ip-address end-ip-address [failover {local | remote | access-driven}]
no address-range
start-ip-address end-ip-address
The no form of the command means the subnet is active and new leases can be assigned from it.
[no
] exclude-addresses
start-ip-address [end-ip-address]
The no form of the command removes the address(es) from the configuration.
The no form of the command removes the address from the configuration.
[no
] use-pool-from-client
The no form of the command indicates that the pool selection is specified by the value of
use-gi-address setting.
Filters are configured in the filter filter-id context and then applied to a log in the
log-id log-id context. Only events for the configured log source streams destined to the log ID where the filter is applied are filtered.
The no form of the command removes the filter association from log IDs which causes those logs to forward all events.
When multiple default-action commands are entered, the last command overwrites the previous command.
The no form of the command reverts the default action to the default value (forward).
This command is used to create or edit an event filter entry. Multiple entries may be created using unique entry-id numbers. The TiMOS implementation exits the filter on the first match found and executes the action in accordance with the action command.
The no form of the command removes the specified entry from the event filter. Entries removed from the event filter are immediately removed from all log-id’s where the filter is applied.
This command specifies a drop or forward action associated with the filter entry. If neither drop nor
forward is specified, the
default-action will be used for traffic that conforms to the match criteria. This could be considered a No-Op filter entry used to explicitly exit a set of filter entries without modifying previous actions.
The no form of the command removes the specified
action statement.
Use the application command to display a list of the valid applications.
The no form of the command removes the match criteria for the
entry-id.
The no form of the command removes the application as a match criterion.
no application — No application match criterion is specified.
|
Values
|
port, ppp, rip, route_policy, rsvp, security, snmp, stp, svcmgr, system, user, vrrp, vrtr
|
message {eq | neq
} pattern pattern [regexp
]
The no form of the command removes messages as a match criterion.
Specifies the type of string comparison to use to determine if the log event matches the value of message command parameters. When the
regexp keyword is not specified, the default matching algorithm used is a basic substring match.
number {eq | neq | lt | lte | gt | gte
} event-id
Only one number command can be entered per event filter entry. The latest
number command overwrites the previous command.
The no form of the command removes the event number as a match criterion.
severity {eq | neq | lt | lte | gt | gte
} severity-level
The no form of the command removes the severity match criterion.
no severity — No severity level match criterion is specified.
The no form of the command removes the subject match criterion.
no subject — No subject match criterion specified.
When regexp keyword is not specified, the
subject command string is matched exactly by the event filter.
The log-id context is used to direct events, alarms/traps, and debug information to respective destinations.
Before an event can be associated with this log-id, the from command identifying the source of the event must be configured.
Only one destination can be specified for a log-id. The destination of an event stream can be an in-memory buffer, console, session, snmp-trap-group, syslog, or file.
Use the event-control command to suppress the generation of events, alarms, and traps for all log destinations.
The no form of the command deletes the log destination ID from the configuration.
The source of the data stream must be specified in the from command prior to configuring the destination with the
to command.
The to command cannot be modified or re-entered. If the destination or maximum size of an SNMP or memory log needs to be modified, the log ID must be removed and then re-created.
The size parameter defines the number of events stored in this memory log.
The source of the data stream must be specified in the from command prior to configuring the destination with the
to command.
The to command cannot be modified or re-entered. If the destination or maximum size of an SNMP or memory log needs to be modified, the log ID must be removed and then re-created.
One or more source streams must be specified. The source of the data stream must be identified using the from command before you can configure the destination using the
to command. The
from command can identify multiple source streams in a single statement (for example:
from main change debug-trace).
Only one from command may be entered for a single
log-id. If multiple
from commands are configured, then the last command entered overwrites the previous
from command.
The no form of the command removes all previously configured source streams.
A valid syslog-id must have the target syslog host address configured.
The syslog ID configured in the configure/service/vprn context has a local VPRN scope and only needs to be unique within the specific VPRN instance. The same ID can be reused under a different VPRN service or in the global log context under
config>log.
This parameter is mandatory. If no address is configured, syslog data cannot be forwarded to the syslog target host.
Only one address can be associated with a syslog-id. If multiple addresses are entered, the last address entered overwrites the previous address.
The no form of the command removes the syslog target host IP address.
no address — There is no syslog target host IP address defined for the syslog ID.
If multiple facilities need to be generated for a single syslog target host, then multiple log-id entries must be created, each with its own filter criteria to select the events to be sent to the syslog target host with a given facility code.
The no form of the command reverts to the default value.
local7 — syslog entries are sent with the local7 facility code.
|
Values
|
kernel, user, mail, systemd, auth, syslogd, printer, netnews, uucp, cron, authpriv, ftp, ntp, logaudit, logalert, cron2, local0, local1, local2, local3, local4, local5, local6, local7
|
RFC3164, The BSD syslog Protocol, allows a alphanumeric string (tag) to be prepended to the content of every log message sent to the syslog host. This alphanumeric string can, for example, be used to identify the node that generates the log entry. The software appends a colon (:) and a space to the string and it is inserted in the syslog message after the date stamp and before the syslog message content.
The no form of the command removes the log prefix string.
The no form of the command reverts to the default value.
Only one port can be configured. If multiple port commands are entered, the last entered port overwrites the previously entered ports.
The no form of the command reverts to default value.
[no
] snmp-trap-group
log-id
To suppress the generation of all alarms and traps see the event-control command. To suppress alarms and traps that are sent to this log-id, see the
filter command. Once alarms and traps are generated they can be directed to one or more SNMP trap groups. Logger events that can be forwarded as SNMP traps are always defined on the main event source.
The no form of the command deletes the SNMP trap group.
The log ID value of a log configured in the log-id context. Alarms and traps cannot be sent to the trap receivers until a valid
log-id exists.
trap-target name [address ip-address] [port port] [snmpv1
| snmpv2c
| snmpv3
] notify-community
communityName | snmpv3SecurityName [security-level
{no-auth-no-privacy
| auth-no-privacy
| privacy
}] [replay]
The trap-target command is used to add/remove a trap receiver from an
snmp-trap-group. The operational parameters specified in the command include:
A single snmp-trap-group log-id can have multiple trap-receivers. Each trap receiver can have different operational parameters.
Note that if the same trap-target name port port parameter value is specified in more than one SNMP trap group, each trap destination should be configured with a different
notify-community value. This allows a trap receiving an application, such as NMS, to reconcile a separate event sequence number stream for each router event log when multiple event logs are directed to the same IP address and port destination.
The no form of the command removes the SNMP trap receiver from the SNMP trap group.
|
Values
|
ipv4-address a.b.c.d (host bits must be 0)
ipv6-address x:x:x:x:x:x:x:x[-interface] x:x:x:x:x:x:d.d.d.d[-interface] x: [0..FFFF]H d: [0..255]D interface: 32 characters maximum, mandatory for link local addresses
|
The keyword snmpv1 selects the SNMP version 1 format. When specifying
snmpv1, the
notify-community must be configured for the proper SNMP community string that the trap receiver expects to be present in alarms and traps messages. If the SNMP version is changed from
snmpv3 to
snmpv1, then the
notify-community parameter must be changed to reflect the community string rather than the
security-name that is used by
snmpv3.
The keyword snmpv2c selects the SNMP version 2c format. When specifying
snmpv2c, the
notify-community must be configured for the proper SNMP community string that the trap receiver expects to be present in alarms and traps messages. If the SNMP version is changed from
snmpv3 to
snmpv2c, then the
notify-community parameter must be changed to reflect the community string rather than the
security-name that is used by
snmpv3.
The keyword snmpv3 selects the SNMP version 3 format. When specifying
snmpv3, the
notify-community must be configured for the SNMP
security-name. If the SNMP version is changed from
snmpv1 or
snmpv2c to
snmpv3, then the
notify-community parameter must be changed to reflect the
security-name rather than the community string used by
snmpv1 or
snmpv2c.
Specifies the community string for snmpv1 or
snmpv2c or the
snmpv3 security-name. If no
notify-community is configured, then no alarms nor traps will be issued for the trap destination. If the SNMP version is modified, the
notify-community must be changed to the proper form for the SNMP version.
The security-name as defined in the config>system>security>user context for SNMP v3. The
security-name can be an ASCII string up to 31 characters in length.
The keyword no-auth-no-privacy specifies no authentication and no privacy (encryption) are required.
The keyword auth-no-privacy specifies authentication is required but no privacy (encryption) is required. When this option is configured the
security-name must be configured for
authentication.
The keyword privacy specifies both authentication and privacy (encryption) is required. When this option is configured the
security-name must be configured for
authentication and
privacy.
[default
| mdt-safi
] [source-address
ip-address]
The no form of the command disables MVPN membership auto-discovery through BGP.
This command allows optionally to specify a source-address - an IP address to be used by Rosen M-VPN for core diversity non-default IGP instances (not using system IP). Two unique IP addresses for all MVPNs are supported. For instances using default System IP, source address configuration should not be specified to avoid consuming one of the addresses.
Explicitly defined source-address allows GRE-encapsulated Rosen MVPN multicast traffic (Default and Data MDT) to originate from a configured IP address, so the source IP address of the GRE packets won't be the default system IP address.
The no form of the command reverts it back to the default.
mdt-type {sender-receiver |
sender-only |
receiver-only}
The no version of this command restores the default (sender-receiver).
src-prefix ip-address/mask [ip-address/mask …up to 8 maximum]
The no form of the command deletes specified prefix from the list.
src-prefix ipv6-ip-address/prefix-length [ipv6-address/prefix-length …up to 8 maximum]
no ipv6-ip-address/prefix-length
The no form of the command deletes specified prefix from the list
[no
] core-mvpn
service-id
group-prefix ip-address/mask [ip-address/mask...(upto 8 max)][starg
]
The no form of the command deletes specified prefix from the list, or removes mapping of all prefixes if group-prefix any was specified.
pim {asm
| ssm
} grp-ip-address
The no form of the command removes the pim context including the statements under the context.
The no form of this command reverts to the default value.
The no form of the command reverts the value to the default.
The no form of the command disables improved assert procedure.
This command enables the context for specifying RSVP P2MP LSP for the provider tunnel. The no form of the command removes the rsvp context including all the statements in the context.
[no
] auto-discovery-disable
This command requires the c-mcast-signaling parameter to be set to PIM.
The no form of the command enables multicast VPN membership auto-discovery through BGP.
data-threshold {c-grp-ip-addr/mask | c-grp-ip-addr netmask} s-pmsi-threshold
[pe-threshold-add
pe-threshold-add] [pe-threshold-delete
pe-threshold-delete]
data-threshold c-grp-ipv6-addr/prefix-length s-pmsi-threshold [pe-threshold-add
pe-threshold-add] [pe-threshold-delete
pe-threshold-delete]
The no form of the command removes the values from the configuration.
|
Values
|
c-grp-ip-addr : multicast group address a.b.c.d mask [4..32] netmask : a.b.c.d (network bits all 1 and host bits all 0) s-pmsi-threshold : [1..4294967294](threshold in kbps) c-grp-ipv6-addr : multicast ipv6-address x:x:x:x:x:x:x:x (eight 16-bit pieces) x:x:x:x:x:x:d.d.d.d x [0..FFFF]H d [0..255]D prefix-length [1..128] pe-threshold-add : [1..65535], if never specified, 65535 is used (add threshold always met) pe-threshold-delete : [2..65535], if never specified, 65535 is used (delete threshold never met)
|
[no
] join-tlv-packing-disable
[no
] pim-asm
{grp-ip-address/mask | grp-ip-address netmask}
pim-ssm {grp-ip-address/mask | grp-ip-address netmask}
umh-pe ip-address standby
ip-address
umh-selection {highest-ip
|hash-based
|tunnel-status
|unicast-rt-pref
}
The no form of the command resets it back to default.
vrf-export {unicast
| policy-name [policy-name...(up to 16 max)]}
vrf-import {unicast
| policy-name [policy-name...(up to 16 max)]}
vrf-target {unicast
| ext-community | export unicast
| ext-community | import unicast
| ext-community}
The no form of the command removes the vrf-target.
An extended BGP community in the type:
x:
y format. The value
x can be an integer or IP address. The
type can be the target or origin.
x and
y are 16-bit integers.
|
Values
|
target:{ip-address: comm-val | 2byte-asnumber:ext-comm-val| 4byte-asnumber:comm-val} ip-address: a.b.c.d comm-val: 0 — 65535 2byte-asnumber: 1 — 65535 4byte-asnumber 0 — 4294967295
|
export {unicast
| ext-community}
An extended BGP community in the type:
x:
y format. The value
x can be an integer or IP address. The
type can be the target or origin.
x and
y are 16-bit integers.
|
Values
|
target:{ip-address: comm-val | 2byte-asnumber:ext-comm-val| 4byte-asnumber:comm-val} ip-address: a.b.c.d comm-val: 0 — 65535 2byte-asnumber: 1 — 65535 4byte-asnumber 0 — 4294967295
|
import {unicast
| ext-community}
An extended BGP community in the type:
x:
y format. The value
x can be an integer or IP address. The
type can be the target or origin.
x and
y are 16-bit integers.
|
Values
|
target:{ip-address: comm-val | 2byte-asnumber:ext-comm-val| 4byte-asnumber:comm-val} ip-address: a.b.c.d comm-val: 0 — 65535 2byte-asnumber: 1 — 65535 4byte-asnumber 0 — 4294967295
|
[no
] authentication-check
When authentication-check is enabled, NTP PDUs are authenticated on receipt. However, mismatches cause a counter to be increased, one counter for type and one for key-id, one for type, value mismatches. These counters are visible in a show command.
The no form of this command allows authentication mismatches to be accepted; the counters however are maintained.
The no form of the command removes the authentication key.
broadcast {interface
ip-int-name} [key-id
key-id] [version
version] [ttl
ttl]
The no form of this command removes the address from the configuration.
[no
] redundant-interface
ip-int-name
address {ip-address/mask | ip-address netmask} [remote-ip
ip-address]
The SDP must already be defined in the config>service>sdp context in order to associate an SDP with a VPRN service. If the
sdp sdp-id is not already configured, an error message is generated. If the
sdp-id does exist, a binding between that
sdp-id and the service is created.
The no form of this command removes the SDP binding from the service. The SDP configuration is not affected; only the binding of the SDP to a service. Once removed, no packets are forwarded to the far-end router.
No sdp-id is bound to a service.
Several SDPs can be bound to a VPRN service. Each SDP must be destined to a different router. If two sdp-id bindings terminate on the same router, an error occurs and the second SDP binding is rejected.
[no
] control-channel-status
The no form of this command removes control channel status signaling from a spoke-SDP. It can only be removed if control channel status is shut down.
request-timer timer1 retry-timer
timer2 timeout-multiplier
multiplier
The pw-path-id is only configurable if all of the following is true:
The no form of the command deletes the PW path ID.
spoke-sdp sdp-id [:vc-id] vc-type {ether
|ipipe
} [create
]
The SDP must already be defined in the config>service>sdp context in order to associate an SDP with a service. If the
sdp sdp-id is not already configured, an error message is generated. If the
sdp-id does exist, a binding between that
sdp-id and the service is created.
The no form of this command removes the SDP binding from the service. The SDP configuration is not affected; only the binding of the SDP to a service. Once removed, no packets are forwarded to the far-end router.
The no form of this command disables the use of the hash label.
qos network-policy-id fp-redirect-group
queue-group-name instance
instance-id
|
b
|
a queue-group policer followed by the per-FP ingress shared queues referred to as policer-output-queues if the ingress context of the network IP interface from which the packet is received is redirected to a queue-group (csc-policing). The only exceptions to this behavior are for packets received from a IES/VPRN spoke interface and from an R-VPLS spoke-SPD, which is forwarded to the R-VPLS IP interface. In these two cases, the ingress network shared queue for the packet FC defined in the network-queue policy applied to the ingress of the MDA/FP is used.
|
The no version of this command removes the redirection of the pseudowire to the queue-group.
no filter [ip
ip-filter-id] [ipv6
ipv6-filter-id]
The no form of this command removes any configured filter ID association with the SAP or IP interface. The filter ID itself is not removed from the system unless the scope of the created filter is set to local. To avoid deletion of the filter ID and only break the association with the service object, use scope command within the filter definition to change the scope to local or global. The default scope of a filter is local.
qos network-policy-id port-redirect-group
queue-group-name [instance
instance-id]
The no version of this command removes the redirection of the pseudowire to the queue-group.
This optional parameter specifies that the queue-group-name will be used for all egress forwarding class redirections within the network QoS policy ID. The specified
queue-group-name must exist as a port egress queue group on the port associated with the IP interface.
The interface command, under the context of services, is used to create and maintain IP routing interfaces within VPRN service IDs. The
interface command can be executed in the context of an VPRN service ID. The IP interface created is associated with the service core network routing instance and default routing table. The typical use for IP interfaces created in this manner is for internet access.
Interface names are case sensitive and must be unique within the group of defined IP interfaces defined for config router interface and
config service vprn interface. Interface names must not be in the dotted decimal notation of an IP address. For example, the name “1.1.1.1” is not allowed, but “int-1.1.1.1” is allowed. Show commands for router interfaces use either interface names or the IP addresses. Use unique IP address values and IP address names to maintain clarity. It could be unclear to the user if the same IP address and IP address name values are used. Although not recommended, duplicate interface names can exist in different router instances.
The available IP address space for local subnets and routes is controlled with the config router service-prefix command. The
service-prefix command administers the allowed subnets that can be defined on service IP interfaces. It also controls the prefixes that may be learned or statically defined with the service IP interface as the egress interface. This allows segmenting the IP address space into
config router and
config service domains.
The no form of this command removes IP the interface and all the associated configuration. The interface must be administratively shutdown before issuing the
no interface command.
If ip-int-name already exists within the service ID, the context will be changed to maintain that IP interface. If
ip-int-name already exists within another service ID or is an IP interface defined within the
config router commands, an error will occur and context will not be changed to that IP interface. If
ip-int-name does not exist, the interface is created and context is changed to that interface for further command processing.
[no
] active-cpm-protocols
address {ip-address/mask|ip-address netmask} [broadcast all-ones | host-ones] [track-srrp srrp-instance]
The local subnet that the address command defines must be part of the services address space within the routing context using the
config router service-prefix command. The default is to disallow the complete address space to services. Once a portion of the address space is allocated as a service prefix, that portion can be made unavailable for IP interfaces defined within the
config router interface CLI context for network core connectivity with the
exclude option in the
config router service-prefix command.
Use the no form of this command to remove the IP address assignment from the IP interface. When the
no address command is entered, the interface becomes operationally down.
The IP address of the IP interface. The ip-address portion of the
address command specifies the IP host address that will be used by the IP interface within the subnet. This address must be unique within the subnet and specified in dotted decimal notation. Allowed values are IP addresses in the range 1.0.0.0 – 223.255.255.255 (with support of /31 subnets).
The forward slash is a parameter delimiter and separates the ip-address portion of the IP address from the mask that defines the scope of the local subnet. No spaces are allowed between the
ip-address, the “
/” and the
mask-length parameter. If a forward slash is not immediately following the
ip-address, a dotted decimal mask must follow the prefix.
The optional broadcast parameter overrides the default broadcast address used by the IP interface when sourcing IP broadcasts on the IP interface. If no broadcast format is specified for the IP address, the default value is
host-ones which indictates a subnet broadcast address. Use this parameter to change the broadcast address to
all-ones or revert back to a broadcast address of
host-ones.
The all-ones keyword following the
broadcast parameter specifies the broadcast address used by the IP interface for this IP address will be 255.255.255.255, also known as the local broadcast.
The host-ones keyword following the
broadcast parameter specifies that the broadcast address used by the IP interface for this IP address will be the subnet broadcast address. This is an IP address that corresponds to the local subnet described by the
ip-address and the
mask-length or
mask with all the host bits set to binary one. This is the default broadcast address used by an IP interface.
The broadcast parameter within the
address command does not have a negate feature, which is usually used to revert a parameter to the default value. To change the
broadcast type to
host-ones after being changed to
all-ones, the
address command must be executed with the
broadcast parameter defined.
[no
] allow-directed-broadcasts
A directed broadcast is a packet received on a local router interface destined for the subnet broadcast address on another IP interface. The allow-directed-broadcasts command on an IP interface enables or disables the transmission of packets destined to the subnet broadcast address of the egress IP interface.
The no form of this command disables the forwarding of directed broadcasts out of the IP interface.
no allow-directed-broadcasts — Directed broadcasts are dropped.
bfd transmit-interval [receive
receive-interval] [multiplier
multiplier] [echo-receive echo-interval] [type
cpm-np
]
The no form of the command removes BFD from the associated IGP protocol adjacency.
Important notes: On the 7750 SR and , the
transmit-interval, receive receive-interval, and echo-receive echo-interval values can only be modified to a value less than 100 when:
|
1.
|
The type cpm-np option is explicitly configured.
|
To remove the type cpm-np option, re-issue the
bfd command without specifying the
type parameter.
cflowd is used for network planning and traffic engineering, capacity planning, security, application and user profiling, performance monitoring, usage-based billing, and SLA measurement.
At a minimum, the sampling command must be configured within this context in order to enable cflowd sampling, otherwise traffic sampling will not occur.
config>service>vprn>if>cflowd-parameters
If cflowd is enabled without either egress-only or
both specified or with the
ingress-only keyword specified, then only ingress sampling will be enabled on the associated IP interface.
The no form of the command disables the associated type of traffic sampling on the associated interface.
Specifies that the sampling command will control the sampling of unicast traffic on the associated interface/SAP.
Specifies that the sampling command will control the sampling of multicast traffic on the associated interface/SAP.
The no form of the command removes CPU protection policy association from the interface, resulting in no default rate limiting of control packets.
The configuration of no cpu-protection returns the interface/SAP to the default policies as shown above.
The configuration of no cpu-protection returns the interface/SAP to the default policies as shown above.
The no form of the command turns off
dad-disable on the interface.
The no form of the command removes the command from the active configuration and removes the delay in activating the associated IP interface. If the configuration is removed during a delay period, the currently running delay will continue until it expires.
no dns [ip-address] [secondary
ip-address]
The no form of the command deletes either the specified primary DNS address, secondary DNS address or both addresses from the IPCP extension peer-ip-address configuration.
The no form of the command deletes the IPCP extension peer-ip-address configuration.
address ipv6-address/mask [eui-64
] [preferred
]
When the eui-64 keyword is specified, a complete IPv6 address from the supplied prefix and 64-bit interface identifier is formed. The 64-bit interface identifier is derived from MAC address on Ethernet interfaces. For interfaces without a MAC address, for example ATM interfaces, the Base MAC address of the chassis is used.
The no form of the command removes the
neighbor-limit.
This command specifies whether to include the source address or destination address or both in the LAG/ECMP hash on IP interfaces. Additionally, when l4-load-balancing is enabled, the command also applies to the inclusion of source/destination port in the hash inputs.
The no form of this command includes both source and destination parameters.
The no form disables the SPI function.
[no
] mac
ieee-mac-address
The no form of this command returns the MAC address of the IP interface to the default value.
The no form of the command removes the association from the configuration.
[no
] proxy-arp-policy
policy-name [policy-name...(up to 5 max)]
If the optional destination parameter is specified and the destination address of an incoming IP packet matches a route with QoS information the packet is classified to the fc and priority associated with that route, overriding the fc and priority/profile determined from the sap-ingress or network qos policy associated with the IP interface. If the destination address of the incoming packet matches a route with no QoS information the fc and priority of the packet remain as determined by the sap-ingress or network QoS policy.
If the optional source parameter is specified and the source address of an incoming IP packet matches a route with QoS information the packet is classified to the fc and priority associated with that route, overriding the fc and priority/profile determined from the sap-ingress or network qos policy associated with the IP interface. If the source address of the incoming packet matches a route with no QoS information the fc and priority of the packet remain as determined by the sap-ingress or network QoS policy.
If neither the optional source or
destination parameter is present, then the default is
destination address matching.
The no form of the command reverts to the default.
secondary {ip-address/mask | ip-address netmask} [broadcast all-ones
| host-ones
] [igp-inhibit
]
The IP address of the IP interface. The ip-address portion of the
address command specifies the IP host address that will be used by the IP interface within the subnet. This address must be unique within the subnet and specified in dotted decimal notation. Allowed values are IP addresses in the range 1.0.0.0 – 223.255.255.255 (with support of /31 subnets).
The optional broadcast parameter overrides the default broadcast address used by the IP interface when sourcing IP broadcasts on the IP interface. If no broadcast format is specified for the IP address, the default value is
host-ones which indictates a subnet broadcast address. Use this parameter to change the broadcast address to
all-ones or revert back to a broadcast address of
host-ones.
The all-ones keyword following the
broadcast parameter specifies the broadcast address used by the IP interface for this IP address will be 255.255.255.255, also known as the local broadcast.
The host-ones keyword following the
broadcast parameter specifies that the broadcast address used by the IP interface for this IP address will be the subnet broadcast address. This is an IP address that corresponds to the local subnet described by the
ip-address and the
mask-length or
mask with all the host bits set to binary one. This is the default used by an IP interface.
The
broadcast parameter within the
address command does not have a negate feature, which is usually used to revert a parameter to the default value. To change the
broadcast type to
host-ones after being changed to
all-ones, the
address command must be executed with the
broadcast parameter defined.
The optional igp-inhibit parameter signals that the given secondary IP interface should not be recognized as a local interface by the running IGP. For OSPF and IS-IS, this means that the specified secondary IP interfaces will not be injected and used as passive interfaces and will not be advertised as internal IP interfaces into the IGP’s link state database. For RIP, this means that these secondary IP interfaces will not source RIP updates.
The no form of this command removes a static ARP entry.
The no form removes the strip-label command.
The no form of the command reverts to the default and disabled SeND.
[no
] allow-unsecured-msgs
The no form of the command disables accepting unsecured messages.
The no form of the command removes the stale-time value.
The no form of the command removes the static value and allows the TCP MSS value to be calculated based on the IP MTU value by subtracting the base IP and TCP header lengths from the IP MTU value (tcp_mss = ip_mtu – 40).
The no tos-marking-state command is used to restore the trusted state to a network IP interface. This is equivalent to executing the tos-marking-state trusted command.
Specifies that all egress network IP interfaces will remark IP packets received on the network interface according to the egress marking definitions on each network interface.
[no
] allow-unmatching-prefixes
[no
] allow-unmatching-prefixes
The no form of the command disables DHCPv6 relay information options.
The no form of the command disables the sending of interface ID options in the DHCPv6 relay packet
The no form of the command disables the sending of remote ID option in the DHCPv6 relay packet.
[no
] router-advertisements
[no
] managed-configuration
[no
] other-stateful-configuration
[no
] delegated-prefix-length
prefix-length
prefix ipv6-address/prefix-length [pd
] [wan-host
]
[no
] private-retail-subnets
If the retail VPRN is of the type hub, this attribute is mandatory. Then, it will be enabled by default and it will not be possible to deconfigure it.
qos network-policy-id port-redirect-group
queue-group-name egress-instance
instance-id fp- redirect-group
queue-group-name ingress-instance
instance-id
The no form of the command removes the network QoS policy association from the network IP interface, and the QoS policy reverts to the default.
The no form of the command disables unicast RPF (uRPF) Check on this interface.
vas-if-type {to-from-access
| to-from-network
| to-from-both
}
The no form of the command removes VAS interface type configuration.
mode {strict
| loose | strict-no-ecmp
}
The no form of the command reverts to the default (strict) mode.
In loose mode, uRPF checks whether incoming packet has source address with a corresponding prefix in the routing table. However, the loose mode does not check whether the interface expects to receive a packet with a specific source address prefix. This object is valid only when
urpf-check is enabled.
The no form of the command removes the server client type from the configuration.
action {replace
| drop
| keep
}
This command configures the processing required when the SR-Series router receives a DHCP request that already has a Relay Agent Information Option (Option 82) field in the packet.
The no form of this command returns the system to the default value.
Per RFC 3046, DHCP Relay Agent Information Option , section 2.1.1,
Reforwarded DHCP requests, the default is to keep the existing information intact. The exception to this is if the giaddr of the received packet is the same as the ingress address on the router. In that case the packet is dropped and an error is logged.
circuit-id [ascii-tuple
| ifindex
| sap-id
| vlan-ascii-tuple
]
When enabled, the router sends the interface index (If Index) in the circuit-id suboption of the DHCP packet. The If Index of a router interface can be displayed using the command
show>router>interface>detail. This option specifies data that must be unique to the router that is relaying the circuit.
If disabled, the circuit-id suboption of the DHCP packet will be left empty.
The no form of this command returns the system to the default.
The no form of the command disables neighbor resolution.
When the match-circuit-id command is enabled we use this as part of the key to guarantee correctness in our lookup. This is really only needed when we are dealing with an IP aware DSLAM that proxies the client hardware MAC address.
The no form of this command returns the system to the default.
The no form of the command disables the option.
When enabled, the router sends the MAC address of the remote end (typically the DHCP client) in the remote-id suboption of the DHCP packet. This command identifies the host at the other end of the circuit. If disabled, the
remote-id suboption of the DHCP packet will be left empty.
The no form of this command returns the system to the default.
[no
] vendor-specific-option
The no form of the command disables the sending of the MAC address in the Alcatel-Lucent vendor specific suboption of the DHCP relay packet.
The no form of the command disables the feature.
The no form of the command disables the sending.
The no form of the command disables the sending.
The no form of the command disables the sending of the SAP ID in the Alcatel-Lucent vendor specific suboption of the DHCP relay packet.
The no form of the command disables the sending of the service ID in the Alcatel-Lucent vendor specific suboption of the DHCP relay packet.
The no form of the command returns the default value.
The no form of this command reverts to the default setting. The local proxy server will not become operational without a specified emulated server address.
lease-time [days
days] [hrs
hours] [min
minutes] [sec
seconds] [radius-override
]
server server1 [server2...(up to 8 max)]
This command specifies a list of servers where requests will be forwarded. The list of servers can entered as either IP addresses or fully qualified domain names. There must be at least one server specified for DHCP relay to work. If there are multiple servers then the request is forwarded to all of the servers in the list. There can be a maximum of 8 DHCP servers configured.
The flood command is applicable only in the VPLS case. There is a scenario with VPLS where the VPLS node only wants to add Option 82 information to the DHCP request to provider per-subscriber information, but it does not do full DHCP relay. In this case, the server is set to "flood". This means the DHCP request is still a broadcast and is sent through the VPLS domain. A node running at L3 further upstream then can perform the full L3 DHCP relay function.
The no form of the command disables the relaying of plain BOOTP packets.
The no form of the command disables snooping.
According to RFC 3046, DHCP Relay Agent Information Option, a DHCP request where the giaddr is 0.0.0.0 and which contains a Option 82 field in the packet, should be discarded, unless it arrives on a "trusted" circuit.
If trusted mode is enabled on an IP interface, the relay agent (the SR-Series) will modify the request's giaddr to be equal to the ingress interface and forward the request.
The no form of this command returns the system to the default.
The no form of the command disables the use of ARP to determine the destination heardware address
The no form of the command removes the value from the configuration.
The no form of this command includes both source and destination parameters.
[no
] enable-ingress-stats
[no
] enable-mac-accounting
The no form of the command disables MAC accounting functionality on this interface.
host-connectivity-verify [source
{vrrp
| interface
}] [interval
interval] [action
{remove
| alarm
}] [timeout
retry-timeout] [retry-count
count]
host-connectivity-verify [interval
interval] [action
{remove
| alarm
}] [timeout
retry-timeout] [retry-count
count] [family
family]
Specifies the source to be used for generation of subscriber host connectivity verification packets. The
interface keyword forces the use of the interface mac and ip addresses. Note that there are up to 16 possible subnets on a given interface, therefore subscriber host connectivity verification tool will use always an address of the subnet to which the given host is pertaining. In case of group-interfaces. one of the parent subscriber-interface subnets (depending on host's address) will be used.
If a local node sends an ICMP mask request to the router interface, the mask-reply command configures the router interface to reply to the request.
The no form of this command disables replies to ICMP mask requests on the router interface.
mask-reply — Reply to ICMP mask requests.
The redirects command enables the generation of ICMP redirects on the router interface. The rate at which ICMP redirects is issued can be controlled with the optional
number and
seconds parameters by indicating the maximum number of redirect messages that can be issued on the interface for a given time interval.
The no form of this command disables the generation of icmp redirects on the router interface.
redirects 100 10 — Maximum of 100 redirect messages in 10 seconds.
The no form of this command disables the limiting the rate of TTL expired messages on the router interface.
The unreachables command enables the generation of ICMP destination unreachables on the router interface. The rate at which ICMP unreachables is issued can be controlled with the optional
number and
seconds parameters by indicating the maximum number of destination unreachable messages which can be issued on the interface for a given time interval.
The no form of this command disables the generation of icmp destination unreachable messages on the router interface.
If a local node sends an ICMP mask request to the router interface, the mask-reply command configures the router interface to reply to the request.
The no form of this command disables replies to ICMP mask requests on the router interface.
mask-reply — Reply to ICMP mask requests.
The redirects command enables the generation of ICMP redirects on the router interface. The rate at which ICMP redirects is issued can be controlled with the optional
number and
seconds parameters by indicating the maximum number of redirect messages that can be issued on the interface for a given time interval.
The no form of this command disables the generation of icmp redirects on the router interface.
redirects 100 10 — Maximum of 100 redirect messages in 10 seconds.
The no form of this command disables the limiting the rate of TTL expired messages on the router interface.
The unreachables command enables the generation of ICMP destination unreachables on the router interface. The rate at which ICMP unreachables is issued can be controlled with the optional
number and
seconds parameters by indicating the maximum number of destination unreachable messages which can be issued on the interface for a given time interval.
The no form of this command disables the generation of icmp destination unreachable messages on the router interface.
[no
] router-advertisement
The no form of the command disables all IPv6 interface. However, the
no interface interface-name command disables a specific interface.
The no form of the command disables configuration of DNS information for Stateless Address Auto-Configuration (SLAAC) hosts.
The no form of the command disables the RDNSS option in router advertisements.
[no
] interface
ip-int-name
[no
] managed-configuration
[no
] max-advertisement-interval
seconds
[no
] min-advertisement-interval
seconds
Specify the MTU for the nodes to use to send packets on the link.
[no
] other-stateful-configuration
[no
] prefix
[ipv6-prefix/prefix-length]
[no
] preferred-lifetime
{seconds | infinite
}
The no form of the command disables sending router advertisement messages.
[no
] destination-prefix
ip-prefix/length
[no] address
ipv6-address
The no form of the command removes the value from the configuration.
The no form of the command reverts the default.
The no form of the command reverts the default.
[no
] address
ip-address/mask
pool nat-pool-name [nat-group
nat-group-id type
pool-type [no-allocate
] [create
]
Syntax: ip-prefix/length : ip-prefix a.b.c.d
ip-prefix-length 0 — 32
Syntax: ip-prefix/length : ip-prefix a.b.c.d
ip-prefix-length 0 — 32
Use the no form of the command to remove the subscriber interface.
[no
] address
{ip-address/mask|ip-address netmask} [gw-ip-address
ip-address] [populate-host-routes
] [track-srrp
srrp-instance [holdup-time
msecs]]
Defining an SRRP gateway IP address on a subscriber subnet is not optional when the subnet is associated with a group IP interface with SRRP enabled. Enabling SRRP (no shutdown) will fail if one or more subscriber subnets do not have an SRRP gateway IP address defined. Creating a new subscriber subnet without an SRRP gateway IP address defined will fail when the subscriber subnet is associated with a group IP interface with an active SRRP instance. Once SRRP is enabled on a group interface, the SRRP instance will manage the ARP response and routing behavior for all subscriber hosts reachable through the group IP interface.
[no
] allow-unmatching-subnets
[no
] group-interface
ip-int-name
The no form of the command disables the feature.
If an authentication policy is also configured, pppoe-access-method must be set to none in this authentication policy to use the local user database (in that case RADIUS authentication will not be used for PPPoE hosts).
If a local node sends an ICMP mask request to the router interface, the mask-reply command configures the router interface to reply to the request.
The no form of this command disables replies to ICMP mask requests on the router interface.
mask-reply — Reply to ICMP mask requests.
The redirects command enables the generation of ICMP redirects on the router interface. The rate at which ICMP redirects is issued can be controlled with the optional
number and
seconds parameters by indicating the maximum number of redirect messages that can be issued on the interface for a given time interval.
The no form of this command disables the generation of icmp redirects on the router interface.
redirects 100 10 — Maximum of 100 redirect messages in 10 seconds.
The no form of this command disables the limiting the rate of TTL expired messages on the router interface.
Each single operation of the admin-group command allows a maximum of five (5) groups to be specified at a time. However, a maximum of 32 groups can be added to a given interface through multiple operations. Once an admin group is bound to one or more interface, its value cannot be changed until all bindings are removed.
The no form of this command deletes one or more of the admin-group memberships of an interface. The user can also delete all memberships of an interface by not specifying a group name.
srlg-group group-name [group-name...(up to 5 max)
]
An interface can belong to up to 64 SRLG groups. However, each single operation of the srlg-group command allows a maximum of five (5) groups to be specified at a time. Once an SRLG group is bound to one or more interface, its value cannot be changed until all bindings are removed.
It should be noted that only the SRLGs bound to an MPLS interface are advertised area-wide in TE link TLVs and sub-TLVs when the traffic-engineering option is enabled in IS-IS or OSPF. IES and VPRN interfaces do not have their attributes advertised in TE TLVs.
The no form of this command deletes one or more of the SRLG memberships of an interface. The user can also delete all memberships of an interface by not specifying a group name.
The unreachables command enables the generation of ICMP destination unreachables on the router interface. The rate at which ICMP unreachables is issued can be controlled with the optional
number and
seconds parameters by indicating the maximum number of destination unreachable messages which can be issued on the interface for a given time interval.
The no form of this command disables the generation of icmp destination unreachable messages on the router interface.
The no form of the command returns the associated IP interfaces MTU to its default value, which is calculated, based on the port MTU setting. (For Ethernet ports this will typically be 1554.)
The no form of the command removes the LAG id from the configuration.
All SAPs must be explicitly created. If no SAPs are created within a service or on an IP interface, a SAP will not exist on that object.
Enter an existing SAP without the create keyword to edit SAP parameters. The SAP is owned by the service in which it was created.
A SAP can only be associated with a single service. A SAP can only be defined on a port that has been configured as an access port using the
config interface port-type port-id mode access command. Channelized TDM ports are always access ports.
If a port is shutdown, all SAPs on that port become operationally down. When a service is shutdown, SAPs for the service are not displayed as operationally down although all traffic traversing the service will be discarded. The operational state of a SAP is relative to the operational state of the port on which the SAP is defined.
The no form of this command deletes the SAP with the specified port. When a SAP is deleted, all configuration parameters for the SAP will also be deleted. The
no form of the command cuases the ptp-h-assist to be disabled.
sap ipsec-
id.
private |
public:
tag — This parameter associates an IPSec group SAP with this interface. This is the public side for an IPSec tunnel. Tunnels referencing this IPSec group in the private side may be created if their local IP is in the subnet of the interface subnet and the routing context specified matches with the one of the interface.
The port-id must reference a valid port type. When the
port-id parameter represents SONET/SDH and TDM channels the port ID must include the channel ID. A period “.” separates the physical port from the
channel-id. The port must be configured as an access port.
The no form of the command removes the association.
|
Values
|
dual-homed — the primary dual homed aa-subscriber side service point of an aarp instance, only supported for IES and VPRN SAP and spoke-sdp dual-homed-secondary — One of the secondary dual homed aa-subscriber side service points of an aarp instance, only supported for IES and VPRN SAP and spoke-sdp.
|
The no form of the command removes the association of the policy to the service.
The no form of this command removes the accounting policy association from the SAP, and the acccounting policy reverts to the default.
When the no collect-stats command is issued the statistics are still accumulated by the IOM cards. However, the CPU will not obtain the results and write them to the billing file. If a subsequent
collect-stats command is issued then the counters written to the billing file include all the traffic while the
no collect-stats command was in effect.
cpu-protection policy-id [mac-monitoring] | [eth-cfm-monitoring [aggregate][car]]
The no form of the command removes the association of the CPU protection policy from the associated interface and reverts to the default policy values.
The no form of the command removes the values from the configuration.
This command configures the primary destination IPv4 or IPv6 address to use for an IP tunnel. This configuration applies to the outer IP header of the encapsulated packets. The source address,
remote-ip address and
backup-remote-ip address of a tunnel must all belong to the same address family (IPv4 or IPv6). When the remote-ip address contains an IPv6 address it must be a global unicast address.
This command configures the alternate destination IPv4 or IPv6 address to use for an IP tunnel. This destination address is used only if the primary destination configured with the remote-ip command is unreachable in the delivery service. The source address, remote-ip address and backup-remote-ip address of a tunnel must all belong to the same address family (IPv4 or IPv6). When the backup-remote-ip address contains an IPv6 address it must be a global unicast address.
This command configures RFC 2684, Multiprotocol Encapsulation over ATM AAL5, encapsulation for an ATM PVCC delimited SAP. This command specifies the data encapsulation for an ATM PVCC delimited SAP. The definition also references the ATM Forum LAN Emulation specification.
Ingress traffic that does not match the configured encapsulation will be dropped.
|
Values
|
aal5snap-routed — Routed encapsulation for LLC encapsulated circuit (LLC/SNAP precedes protocol datagram) as defined in RFC 2684. aal5mux-ip — Routed IP encapsulation for VC multiplexed circuit as defined in RFC 2684. aal5snap-bridged — Bridged encapsulation for LLC encapsulated circuit (LLC/SNAP precedes protocol datagram) as defined in RFC 2684. aal5mux-bridged-eth-nofcs — Bridged IP encapsulation for VC multiplexed circuit as defined in RFC 2684.
|
The no form of the command reverts the traffic descriptor to the default traffic descriptor profile.
The no command disables alarm-cells functionality for a PVCC. When alarm-cells functionality is disabled, a PVCC’s operational status is no longer affected by a PVCC’s OAM state changes due to AIS/RDI processing (note that when alarm-cells is disabled, a PVCC will change operational status to UP due to alarm-cell processing) and RDI cells are not generated as result of the PVCC going into AIS or RDI state. The PVCC’s OAM status, however, will record OAM faults as described above.
The no form of the command sets the value back to the default.
The no form of the command disables anti-spoof filtering on the SAP.
arp-limit limit [log-only] [threshold
percent]
The no form of the command removes the
arp-limit.
This command enables populating static and dynamic hosts into the system ARP cache. When enabled, the host’s IP address and MAC address are placed in the system ARP cache as a managed entry. Static hosts must be defined on the interface using the host command. Dynamic hosts are enabled on the system through enabling lease-populate in the IP interface DHCP context. In the event that both a static host and a dynamic host share the same IP and MAC address, the system’s ARP cache retains the host information until both the static and dynamic information are removed. Both static and dynamic hosts override static ARP entries. Static ARP entries are marked as inactive when they conflict with static or dynamic hosts and will be repopulated once all static and dynamic host information for the IP address are removed. Since static ARP entries are not possible when static subscriber hosts are defined or when DHCP lease state table population is enabled, conflict between static ARP entries and the arp-populate function is not an issue.
The arp-populate command will fail if an existing static subscriber host on the SAP does not have both MAC and IP addresses specified.
Once arp-populate is enabled, creating a static subscriber host on the SAP without both an IP address and MAC address will fail.
arp-populate can only be enabled on VPRN interfaces supporting Ethernet encapsulation.
Use the no form of the command to disable ARP cache population functions for static and dynamic hosts on the interface. All static and dynamic host information in the systems ARP cache will be removed. Any existing static ARP entries previously inactive due to static or dynamic hosts will be populated in the system ARP cache.
When arp-populate is enabled, the system will not send out ARP Requests for hosts that are not in the ARP cache. Only statically configured and DHCP learned hosts are reachable through an IP interface with arp-populate enabled.
The no form of this command removes the command from the active configuration and returns the ARP retry timer to its default value of 5 seconds.
The no form of this command restores
arp-timeout to the default value.
The no form of this command removes the policy name from the group interface configuration.
This command enables the inclusion of the calling-station-id attribute in RADIUS authentication requests and RADIUS accounting messages. The value inserted is set at the SAP level. If no value is set at the SAP level, an empty string is included.
[no
] host
{[ip
ip-address [mac
ieee-address]} [subscriber
sub-ident-string] [sub-profile
sub-profile-name] [sla-profile
sla-profile-name]
no host {[ip
ip-address] [mac
ieee-address]}
Static hosts may exist on the SAP even with anti-spoof and arp-populate (VPRN) features disabled. When enabled, each feature has different requirements for static hosts.
The no form of the command removes a static entry from the system. The specified
ip address and
mac address must match the host’s exact IP and MAC addresses as defined when it was created. When a static host is removed from the SAP, the affect of its removal on the anti-spoof filter, ARP cache or the VPLS forwarding database is also evaluated.
|
•
|
For VPRN SAPs with arp-reply-agent enabled with the optional sub-ident parameter, the static subscriber host’s sub-ident-string is used to determine whether an ARP request received on the SAP is sourced from a host belonging to the same subscriber as the destination host. When both the destination and source hosts from the ARP request are known on the SAP and the subscriber identifications do not match, the ARP request may be forwarded to the rest of the VPRN destinations.
|
If sub-ident is not enabled on the SAP arp-reply-agent, subscriber identification matching is not performed on ARP requests received on the SAP.
The no form of the command disables the use of FRF12 headers.
The no form of the command reverts to the default.
config>service>vprn>if>sap>frame-relay>frf.12
The no form of this command restores the default mode of operation.
The no form of the command removes IPv4 flowspec filtering from an IP interface.
The no form of the command removes IPv6 flowspec filtering from an IP interface.
The no form of the command deletes the backup-destination address from the GRE tunnel configuration.
The no form of the command deletes the delivery-service from the GRE tunnel configuration.
|
Values
|
be, cp1, cp2, cp3, cp4, cp5, cp6, cp7, cs1, cp9, af11, cp11, af12, cp13, af13, cp15, cs2, cp17, af21, cp19, af22, cp21, af23, cp23, cs3, cp25, af31, cp27, af32, cp29, af33, cp31, cs4, cp33, af41, cp35, af42, cp37, af43, cp39, cs5, cp41, cp42, cp43, cp44, cp45, ef, cp47, nc1, cp49, cp50, cp51, cp52, cp53, cp54, cp55, nc2, cp57, cp58, cp59, cp60, cp61, cp62, cp63
|
The no form of the command deletes the source address from the GRE tunnel configuration. The tunnel must be administratively shutdown before issuing the
no source command.
The no form of the command deletes the destination address from the GRE tunnel configuration.
[no
] limit-unused-bandwidth
[no
] queue-frame-based-accounting
This command defines a maximum total rate for all egress queues on a service SAP or multi-service site. The agg-rate-limit command is mutually exclusive with the egress scheduler policy. When an egress scheduler policy is defined, the agg-rate-limit command will fail. If the agg-rate-limit command is specified, an attempt to bind a scheduler-policy to the SAP or multi-service site will fail.
The no form of the command removes the aggregate rate limit from the SAP or multi-service site.
The filter command is used to associate a filter policy with a specified
ip-filter-id with an ingress or egress SAP. The
ip-filter-id must already be defined before the
filter command is executed. If the filter policy does not exist, the operation will fail and an error message returned.
The no form of this command removes any configured filter ID association with the SAP or IP interface. The filter ID itself is not removed from the system unless the scope of the created filter is set to local. To avoid deletion of the filter ID and only break the association with the service object, use
scope command within the filter definition to change the scope to
local or
global. The default scope of a filter is
local.
The no form of the command removes flowspec filtering from an IP interface.
The no form of the command removes flowspec filtering from an IP interface.
[no
] hsmda-queue-override
config>service>vprn>if>sap>egress>hsmda-queue-overider
config>service>vprn>if>sap>egress>hsmda-queue-overider
config>service>vprn>if>sap>egress>hsmda-queue-overider
config>service>vprn>if>sap>egress>hsmda-queue-overider>queue
The no form of the command returns the weight value for the queue to the default value.
config>service>vprn>if>sap>egress>hsmda-queue-overider
config>service>vprn>if>sap>egress>hsmda-queue-overider
The match-qinq-dot1p command allows the top or bottom PBits to be used when evaluating the applied sap-ingress QoS policy’s Dot1P entries. The
top and
bottom keywords specify which position should be evaluated for QinQ encapsulated packets.
The no form of the command restores the default dot1p evaluation behavior for the SAP.
no match-qinq-dot1p - No filtering based on p-bits.
top
or bottom
must be specified to override the default QinQ dot1p behavior.
When enabled (the encapsulation type of the access port where this SAP is defined as qinq), the qinq-mark-top-only command specifies which P-bits/DEI bitto mark during packet egress. When disabled, both set of P-bits/DEI bit are marked. When the enabled, only the P-bits/DEI bit in the top Q-tag are marked.
qos policy-id [port-redirect-group
queue-group-name instance
instance-id]
The no form of this command removes the QoS policy association from the SAP, and the QoS policy reverts to the default.
qos policy-id [shared-queuing
| multipoint-shared
] fp-redirect-group queue-group-name instance instance-id
This keyword specifies that this queue-id is for multipoint forwarded traffic only. This queue-id can only be explicitly mapped to the forwarding class multicast, broadcast, or unknown unicast ingress traffic. Attempting to map forwarding class unicast traffic to a multipoint queue generates an error; no changes are made to the current unicast traffic queue mapping.
A queue must be created as multipoint. The multipoint designator cannot be defined after the queue is created. If an attempt is made to modify the command to include the multipoint keyword, an error is generated and the command will not execute.
The multipoint keyword can be entered in the command line on a pre-existing multipoint queue to edit queue-id parameters.
scheduler-policy scheduler-policy-name
The no form of this command removes the configured ingress or egress scheduler policy from the multi-service customer site. When the policy is removed, the schedulers created due to the policy are removed also making them unavailable for the ingress SAP queues associated with the customer site. Queues that lose their parent scheduler association are deemed to be orphaned and are no longer subject to a virtual scheduler. The SAPs that have ingress queues reliant on the removed schedulers enter into an operational state depicting the orphaned status of one or more queues. When the
no scheduler-policy command is executed, the customer site ingress or egress node will not contain an applied scheduler policy.
The scheduler-policy-name parameter applies an existing scheduler policy that was created in the
config>qos>scheduler-policy scheduler-policy-name context to create the hierarchy of ingress or egress virtual schedulers. The scheduler names defined within the policy are created and made available to any ingress or egress queues created on associated SAPs.
config>service>vprn>if>sap>ipsec-gw>cert
config>service>vprn>if>sap>ipsec-gw>cert
config>service>vprn>if>sap>ipsec-gw>cert
|
Values
|
service-id: 1 — 2147483648 svc-name: Specifies an existing service name up to 64 characters in length.
|
The no form of this command reverts the SAP/network interface to use per-flow, service or link hash as configured for the service/LAG.
This command creates a new customer site or edits an existing customer site with the customer-site-name parameter. A customer site is an anchor point to create an ingress and egress virtual scheduler hierarchy. When a site is created, it must be assigned to a chassis slot or port. When scheduler policies are defined for ingress and egress, the scheduler names contained in each policy are created according to the parameters defined in the policy. Multi-service customer sites exist for the sole purpose of creating a virtual scheduler hierarchy and making it available to queues on multiple Service Access Points (SAPs).
Each customer site must have a unique name within the context of the customer. If customer-site-name already exists for the customer ID, the CLI context changes to that site name for the purpose of editing the site scheduler policies or assignment. Any modifications made to an existing site will affect all SAPs associated with the site. Changing a scheduler policy association may cause new schedulers to be created and existing queues on the SAPs to no longer be orphaned. Existing schedulers on the site may cease to exist, causing queues relying on that scheduler to be orphaned.
If the customer-site-name does not exist, it is assumed that an attempt is being made to create a site of that name in the customer ID context. The success of the command execution depends on the following:
|
•
|
The customer-site-name is valid.
|
|
•
|
The create keyword is included in the command line syntax (if the system requires it).
|
If the customer-site-name is invalid, a syntax error occurs; the command will not execute and the CLI context will not change.
sla-profile sla-profile-name
route {ip-prefix/length | ip-prefix netmask} [create
]
no route {ip-prefix/length | ip-prefix netmask}
The no form of the command removes the respective route. Per default, there are no managed-routes configured.
config>service>vprn>if>sap>egress>queue-override>queue
config>service>vprn>if>sap>ingress>queue-override>queue
The no form of the command removes any explicitly defined constraints used to derive the operational CIR and PIR created by the application of the policy. When a specific
adaptation-rule is removed, the default constraints for
rate and
cir apply.
The pir parameter defines the constraints enforced when adapting the PIR rate defined within the
queue queue-id rate command. The
pir parameter requires a qualifier that defines the constraint used when deriving the operational PIR for the queue. When the
rate command is not specified, the default applies.
The cir parameter defines the constraints enforced when adapting the CIR rate defined within the
queue queue-id rate command. The
cir parameter requires a qualifier that defines the constraint used when deriving the operational CIR for the queue. When the
cir parameter is not specified, the default constraint applies.
|
Values
|
max — The max (maximum) keyword is mutually exclusive with the min and closest options. When max is defined, the operational PIR for the queue will be equal to or less than the administrative rate specified using the rate command.
|
min — The
min (minimum) keyword is mutually exclusive with the
max and
closest options. When
min is defined, the operational PIR for the queue will be equal to or greater than the administrative rate specified using the
rate command.
closest — The
closest parameter is mutually exclusive with the
min and
max parameter. When
closest is defined, the operational PIR for the queue will be the rate closest to the rate specified using the
rate command.
This command configures the average frame overhead to define the average percentage that the offered load to a queue will expand during the frame encapsulation process before sending traffic on-the-wire. While the avg-frame-overhead value may be defined on any queue, it is only used by the system for queues that egress a Sonet or SDH port or channel. Queues operating on egress Ethernet ports automatically calculate the frame encapsulation overhead based on a 20 byte per packet rule (8 bytes for preamble and 12 bytes for Inter-Frame Gap).
The no form of this command restores the average frame overhead parameter for the queue to the default value of 0 percent. When set to 0, the system uses the packet based queue statistics for calculating port scheduler priority bandwidth allocation. If the no avg-frame-overhead command is executed in a queue-override queue id context, the avg-frame-overhead setting for the queue within the sap-egress QoS policy takes effect.
config>service>vprn>if>sap>egress>queue-override>queue
config>service>vprn>if>sap>ingress>queue-override>queue
The no form of this command returns the CBS size to the default value.
config>service>vprn>if>sap>egress>queue-override>queue
config>service>vprn>if>sap>ingress>queue-override>queue
This command can be used to override specific attributes of the specified queue’s high-prio-only parameters. The high-prio-only command configures the percentage of buffer space for the queue, used exclusively by high priority packets.
The defined high-prio-only value cannot be greater than the MBS size of the queue. Attempting to change the MBS to a value smaller than the high priority reserve will generate an error and fail execution. Attempting to set the
high-prio-only value larger than the current MBS size will also result in an error and fail execution.
The no form of this command restores the default high priority reserved size.
The percent parameter is the percentage reserved for high priority traffic on the queue. If a value of 10KBytes is desired, enter the value 10. A value of 0 specifies that none of the MBS of the queue will be reserved for high priority traffic. This does not affect RED slope operation for packets attempting to be queued.
mbs {size-in-kbytes | default
}
config>service>vprn>if>sap>egress>queue-override>queue
The no form of this command returns the MBS size assigned to the queue.
For sap>egress>queue-override>queue:
For sap>egress>hsmda-queue-override>queue:
mbs {size-in-kbytes | default
}
config>service>vprn>if>sap>ingress>queue-override>queue
The no form of this command
returns the MBS size assigned to the queue to the value.
rate pir-rate [cir
cir-rate]
config>service>vprn>if>sap>egress>queue-override>queue
config>service>vprn>if>sap>ingress>queue-override>queue
The CIR can be used by the queue’s parent commands cir-level and
cir-weight parameters to define the amount of bandwidth considered to be committed for the child queue during bandwidth allocation by the parent scheduler.
The rate command can be executed at any time, altering the PIR and CIR rates for all queues created through the association of the SAP egress QoS policy with the
queue-id.
The no form of the command returns all queues created with the
queue-id by association with the QoS policy to the default PIR and CIR parameters (
max, 0).
The max default specifies the amount of bandwidth in kilobits per second (thousand bits per second). The
max value is mutually exclusive to the
pir-rate value.
The cir parameter overrides the default administrative CIR used by the queue. When the
rate command is executed, a CIR setting is optional. When the
rate command has not been executed or the
cir parameter is not explicitly specified, the default CIR (0) is assumed.
Fractional values are not allowed and must be given as a positive integer. The
sum keyword specifies that the CIR be used as the summed CIR values of the children schedulers or queues.
config>service>vprn>if>sap>egress>hsmda-queue-overide>queue
The rate command can be executed at any time, altering the PIR rates for all queues created through the association of the SAP egress QoS policy with the
queue-id.
The no form of the command returns all queues created with the
queue-id by association with the QoS policy to the default PIR parameters (
max, 0).
Each scheduler must have a unique name within the context of the scheduler policy; however the same name can be reused in multiple scheduler policies. If scheduler-name already exists within the policy tier level (regardless of the inclusion of the keyword create), the context changes to that scheduler name for the purpose of editing the scheduler parameters. Modifications made to an existing scheduler are executed on all instantiated schedulers created through association with the policy of the edited scheduler. This can cause queues or schedulers to become orphaned (invalid parent association) and adversely affect the ability of the system to enforce service level agreements (SLAs).
If the scheduler-name exists within the policy on a different tier (regardless of the inclusion of the keyword create), an error occurs and the current CLI context will not change.
If the scheduler-name does not exist in this or another tier within the scheduler policy, it is assumed that an attempt is being made to create a scheduler of that name. The success of the command execution is dependent on the following:
|
3.
|
The create keyword is entered with the command if the system is configured to require it (enabled in the environment create command).
|
parent [weight
weight] [cir-weight
cir-weight]
Weight defines the relative weight of this scheduler in comparison to other child schedulers and queues at the same strict
level defined by the level parameter in the applied scheduler olicy. Within the level, all weight values from active children at that level are summed and the ratio of each active child’s weight to the total is used to distribute the available bandwidth at that level. A weight is considered to be active when the queue or scheduler the weight pertains to has not reached its maximum rate and still has packets to transmit.
A 0 (zero) weight value signifies that the child scheduler will receive bandwidth only after bandwidth is distributed to all other non-zero weighted children in the strict level.
The cir-weight keyword defines the relative weight of this scheduler in comparison to other child schedulers and queues at the same
cir-level defined by the
cir-level parameter in the applied scheduler policy. Within the strict
cir-level, all
cir-weight values from active children at that level are summed and the ratio of each active child’s
cir-weight to the total is used to distribute the available bandwidth at that level. A
cir-weight is considered to be active when the queue or scheduler that the
cir-weight pertains to has not reached the CIR and still has packets to transmit.
A 0 (zero)
cir-weight value signifies that the child scheduler will receive bandwidth only after bandwidth is distributed to all other non-zero weighted children in the strict cir-level.
rate pir-rate [cir
cir-rate]
This command can be used to override specific attributes of the specified scheduler rate. The
rate command defines the maximum bandwidth that the scheduler can offer its child queues or schedulers. The maximum rate is limited to the amount of bandwidth the scheduler can receive from its parent scheduler. If the scheduler has no parent, the maximum rate is assumed to be the amount available to the scheduler. When a parent is associated with the scheduler, the CIR parameter provides the amount of bandwidth to be considered during the parent scheduler’s ‘within CIR’ distribution phase.
When a scheduler is defined without specifying a rate, the default rate is max. If the scheduler is a root scheduler (no parent defined), the default maximum rate must be changed to an explicit value. Without this explicit value, the scheduler will assume that an infinite amount of bandwidth is available and allow all child queues and schedulers to operate at their maximum rates.
The no form of this command returns all queues created with this
queue-id by association with the QoS policy to the default PIR and CIR parameters.
The pir parameter accepts a step multiplier value that specifies the multiplier used to determine the PIR rate at which the queue will operate. A value of 0 to 100000000 or the keyword
max or
sum is accepted. Any other value will result in an error without modifying the current PIR rate.
The cir parameter accepts a step-multiplier value that specifies the multiplier used to determine the CIR rate at which the queue will operate. A value of 0 to 250 or the keyword max is accepted. Any other value will result in an error without modifying the current CIR rate.
The vpls command, within the IP interface context, is used to bind the IP interface to the specified service name.
The system does not attempt to resolve the service name provided until the IP interface is placed into the administratively up state (no shutdown). Once the IP interface is administratively up, the system will scan the available VPLS services that have the
allow-ip-int-bind flag set for a VPLS service associated with the name. If the service name is bound to the service name when the IP interface is already in the administratively up state, the system will immediately attempt to resolve the given name.
The no form of the command on the IP interface is used to remove the service name binding from the IP interface. If the service name has been resolved to a VPLS service context and the IP interface has been attached to the VPLS service, the IP interface will also be detached from the VPLS service.
The no form of the command is used to remove the IPv4 routed override filter from the ingress IP interface. When removed, the IPv4 ingress routed packets within a VPLS service attached to the IP interface will use the IPv4 ingress filter applied to the packets virtual port when defined.
The no form of the command removes the sap-egress QoS policy used for reclassification from the egress IP interface. When removed, IP routed packets will not be reclassified on the egress SAPs of the VPLS service attached to the IP interface.
The no form of the command resets the allow-ip-int-bind flag on the VPLS service. If the VPLS service currently has an IP interface from an IES or VPRN service attached, the no allow-ip-int-bind command will fail. Once the allow-ip-int-bind flag is reset on the VPLS service, the configuration and hardware restrictions associated with setting the flag are removed. The port network mode hardware restrictions are also removed.
The no form of the command disables and deletes the counters for this SAP or MPLS SDP binding.
mep mep-id domain
md-index association
ma-index [direction
{up
| down
}]
no mep mep-id domain
md-index association
ma-index
[no
] interface-support-enable
no interface-support-enabled (AIS will not be generated or stopped based on the state of the entity on) which the DOWN MEP is configured.
The no form of the command disables the generation of CCM messages.
The no form of the command removes the priority value from the configuration.
[no
] ccm-padding-size
ccm-padding
oam eth-cfm eth-test mac-address mep
mep-id domain
md-index association
ma-index [priority
priority] [data-length
data-length]
The no form of the command removes the values from the configuration.
The no form of the command removes the silent discarding of previously matching ETH-CFM PDUs.
accept (SAP Level for Epipe and VPLS)
An SLA profile is a named group of QoS parameters used to define per service QoS for all subscriber hosts common to the same subscriber within a provider service offering. A single SLA profile may define the QoS parameters for multiple subscriber hosts. SLA profiles are maintained in two locations, the subscriber identification policy and the subscriber profile templates. After a subscriber host is associated with an SLA profile name, either the subscriber identification policy used to identify the subscriber or the subscriber profile associated with the subscriber host must contain an SLA profile with that name. If both the subscriber identification policy and the subscriber profile contain the SLA profile name, the SLA profile in the subscriber profile is used.
The no form of the command removes the default SLA profile from the SAP configuration.
This command specifies a default subscriber profile for this SAP. The subscriber profile must be defined prior to associating the profile with a SAP in the config>subscriber-mgmt>sub-profile context.
A subscriber profile defines the aggregate QoS for all hosts within a subscriber context. This is done through the definition of the egress and ingress scheduler policies that govern the aggregate SLA for subscriber using the subscriber profile. Subscriber profiles also allow for specific SLA profile definitions when the default definitions from the subscriber identification policy must be overridden.
The no form of the command removes the default SLA profile from the SAP configuration.
This command configures the maximum number of subscribers for this SAP. It is used in conjunction with the profiled-traffic-only command on single subscriber SAPs and creates a subscriber host which is used to forward non-IP traffic through the single subscriber SAP without the need for SAP queues.
The no form of this command returns the default value.
This command configures non-subscriber traffic profiles. It is used in conjunction with the profiled-traffic-only command on single subscriber SAPs and creates a subscriber host which is used to forward non-IP traffic through the single subscriber SAP without the need for SAP queues.
The no form of the command removes removes the profiles and disables the feature.
|
•
|
For VPRN SAPs with arp-reply-agent enabled with the optional sub-ident parameter, the static subscriber host’s sub-ident-string is used to determine whether an ARP request received on the SAP is sourced from a host belonging to the same subscriber as the destination host. When both the destination and source hosts from the ARP request are known on the SAP and the subscriber identifications do not match, the ARP request may be forwarded to the rest of the VPRN destinations.
|
If sub-ident is not enabled on the SAP arp-reply-agent, subscriber identification matching is not performed on ARP requests received on the SAP.
[no] profiled-traffic-only
The no form of the command disables the command.
This command associates a subscriber identification policy to this SAP. The subscriber identification policy must be defined prior to associating the profile with a SAP in the config>subscriber-mgmt>sub-ident-policy context.
Subscribers are managed by the system through the use of subscriber identification strings. A subscriber identification string uniquely identifies a subscriber. For static hosts, the subscriber identification string is explicitly defined with each static subscriber host.
For dynamic hosts, the subscriber identification string must be derived from the DHCP ACK message sent to the subscriber host. The default value for the string is the content of Option 82 CIRCUIT-ID and REMOTE-ID fields interpreted as an octet string. As an option, the DHCP ACK message may be processed by a subscriber identification policy which has the capability to parse the message into an alternative ASCII or octet string value.
The no form of the command removes the default subscriber identifcation policy from the SAP configuration.
The no form of the command removes an SRRP instance from a group IP interface. Once removed, the group interface ignores ARP requests for the SRRP gateway IP addresses that may exist on subscriber subnets associated with the group IP interface. Then the group interface stops routing using the redundant IP interface associated with the group IP interface and will stop routing with the SRRP gateway MAC address. Ingress packets destined to the SRRP gateway MAC will also be silently discarded. This is the same behavior as a group IP interface that is disabled (shutdown).
The no form of the command removes the explicit SRRP gateway MAC address from the SRRP instance. The SRRP gateway MAC address can only be changed or removed when the SRRP instance is shutdown.
The no form of the command restores the default interval.
The no form of the command can only be executed when the SRRP instance is shutdown. Executing no message-path allows the existing SAP to be used for subscriber management functions. A new message-path SAP must be defined prior to activating the SRRP instance.
[no
] policy
vrrp-policy-id
The no form of the command removes the association with vrrp-policy-id from the SRRP instance.
The no form of the command restores the default base priority to the SRRP instance. If a VRRP policy is associated with the SRRP instance, it will use the default base priority as the basis for any modifications to the SRRP instances in-use priority.
The no form of the command disables sending FIB population packets.
The no form of the command disables sending GARP packets to outer VLANs only.
vrrp virtual-router-id [owner
]
The no form of this command removes the specified VRID from the IP interface. This terminates VRRP participation for the virtual router and deletes all references to the VRID. The VRID does not need to be shutdown in order to remove the virtual router instance.
The authentication-key command, within the
vrrp virtual-router-id context, is used to assign a simple text password authentication key to generate master VRRP advertisement messages and validate received VRRP advertisement messages.
The authentication-key command is one of the few commands not affected by the presence of the
owner keyword. If simple text password authentication is not required, this command is not required. If the command is re-executed with a different password key defined, the new key will be used immediately. If a no
authentication-key command is executed, the password authentication key is restored to the default value. The
authentication-key command may be executed at any time.
The no form of this command restores the default null string to the value of key.
The key parameter identifies the simple text password used when VRRP Authentication Type 1 is enabled on the virtual router instance. Type 1 uses a string eight octets long that is inserted into all transmitted VRRP advertisement messages and compared against all received VRRP advertisement messages. The authentication data fields are used to transmit the key.
The key parameter is expressed as a string consisting of up to eight alpha-numeric characters. Spaces must be contained in quotation marks ( “ ” ). The quotation marks are not considered part of the string.
Specifies the key is entered in a more complex encrypted form. If the
hash2 parameter is
not used, the less encrypted hash form is assumed.
bfd-enable service-id interface
interface-name dst-ip
ip-address
no bfd-enable service-id interface
interface-name dst-ip
ip-address
The no form of this command removes BFD from the configuration.
|
Values
|
service-id: 1 — 2147483648 svc-name: Specifies an existing service name up to 64 characters in length. No service ID indicates a network interface.
|
[no
] mac
ieee-mac-address
The no form of this command returns the MAC address of the IP interface to the default value.
Specifies the 48-bit MAC address for the static ARP in the form aa:bb:cc:dd:ee:ff or
aa-bb-cc-dd-ee-ff where
aa,
bb,
cc,
dd,
ee and
ff are hexadecimal numbers. Allowed values are any non-broadcast, non-multicast MAC and non-IEEE reserved MAC addresses.
The message-interval command is available in both non-owner and owner vrrp virtual-router-id nodal contexts. If the message-interval command is not executed, the default message interval of 1 second will be used.
The no form of this command restores the default message interval value of 1 second to the virtual router instance.
The ping-reply command is only available in non-owner vrrp virtual-router-id nodal context. If the ping-reply command is not executed, ICMP Echo Requests to the virtual router instance IP addresses will be silently discarded.
The no form of this command restores the default operation of discarding all ICMP Echo Request messages destined to the non-owner virtual router instance IP addresses.
The priority command is only available in the non-owner vrrp virtual-router-id nodal context. The priority of owner virtual router instances is permanently set to 255 and cannot be changed. For non-owner virtual router instances, if the priority command is not executed, the base-priority will be set to 100.
The no form of this command restores the default value of 100 to base-priority.
The ssh-reply command is only available in non-owner vrrp virtual-router-id nodal context. If the ssh-reply command is not executed, SSH packets to the virtual router instance IP addresses will be silently discarded.
The no form of this command restores the default operation of discarding all SSH packets destined to the non-owner virtual router instance IP addresses.
The no form of the command specifies that a standby router should not forward traffic sent to virtual router's MAC address. However, the standby router should forward traffic sent to the standby router’s real MAC address.
The telnet-reply command is only available in non-owner VRRP nodal context. If the telnet-reply command is not executed, Telnet packets to the virtual router instance IP addresses will be silently discarded.
The no form of this command restores the default operation of discarding all Telnet packets destined to the non-owner virtual router instance IP addresses.
This command configures a Protocol Independent Multicast (PIM) instance in the VPRN service. When an PIM instance is created, the protocol is enabled.
PIM is used for multicast routing within the network. Devices in the network can receive the multicast feed requested and non-participating routers can be pruned. The router supports PIM sparse mode (PIM-SM).
The no form of the command deletes the PIM protocol instance removing all associated configuration parameters.
If a manually created interface or modified interface is deleted, the interface will be recreated when the apply-to command is executed. If PIM is not required on a specific interface, then execute a
shutdown command.
The apply-to command is saved first in the PIM configuration structure, all subsequent commands either create new structures or modify the defaults as created by the
apply-to command.
group-prefix ip-address/mask [ip-address/mask...(upto 8 max)][starg
]
import {join-policy
| register-policy
} [policy-name [.. policy-name] policy-name]
This command specifies the import route policy to be used for determining which routes are accepted from peers. Route policies are configured in the config>router>policy-options context. When an import policy is not specified, BGP routes are accepted by default.
The no form of the command removes the policy association from the IGMP instance.
no import join-policy
no import register-policy
[no
] interface
ip-int-name
The no form of the command deletes the PIM interface configuration for this interface. If the
apply-to command parameter is configured, then the
no interface form must be saved in the configuration to avoid automatic (re)creation after the next
apply-to is executed as part of a reboot.
The shutdown command can be used to disable an interface without removing the configuration for the interface.
The no form of the command reverts to the default.
[no
] bfd-enable [ipv4|ipv6]
The no form of this command removes BFD from the associated IGP protocol adjacency.
The no form of this command reverts to the default value.
The hello-multiplier in conjunction with the
hello-interval determines the holdtime for a PIM neighbor.
The no form of command disables joining P2MP LDP tree for IPv4 or IPv6 or both (if both or none is specified).
The no form of the command disqualifies the router to participate in the bootstrap election.
1 (The router is the least likely to become the designated router.)
By enabling sticky-dr on this interface, it will continue to act as the DR for the LAN even after the old DR comes back up.
The no form of the command disables sticky-dr operation on this interface.
[no
] ipv4-multicast-disable
The no form of the command disables the multicast balancing.
[no
] mc-ecmp-hashing-enabled
The no mc-ecmp-hashing-enabled form of the command means that the use of multiple ECMP paths if enabled at the
config>router or
config>service>vprn context is controlled by the existing implementation and CLI commands
mc-ecmp-balance.
[no
] non-dr-attract-traffic
[no
] anycast
rp-ip-address
The no form of the command removes the anycast instance from the configuration.
[no
] rp-set-peer
ip-address
The no form of the command removes an entry from the list.
The no form of the command disables auto RP.
The no form of this command removes the specified policy names from the configuration.
The no form of this command removes the specified policy names from the configuration.
Use the no form of this command to remove the static RP from the configuration.
The static IP address of the RP. The ip-address portion of the address command specifies the IP host address that will be used by the IP interface within the subnet. This address must be unique within the subnet and specified in dotted decimal notation.
[no
] address
ipv6-address
Use the no form of this command to remove the static RP from the configuration.
The static IP address of the RP. The ip-address portion of the address command specifies the IP host address that will be used by the IP interface within the subnet. This address must be unique within the subnet and specified in dotted decimal notation.
The no form of the command removes the anycast instance from the configuration.
The no form of the command removes an entry from the list.
[no
] group-range
{ip-prefix/mask | ip-prefix netmask}
Use the no form of this command to remove the group address or range of group addresses for which this router can be the RP from the configuration.
Use the no form of this command to revert to the default value.
Use the no form of this command to revert to the default value.
The no form of this command removes the static RP entry from the configuration.
[no
] group-prefix
{grp-ip-address/mask | grp-ip-address netmask}
The group-prefix for a static-rp defines a range of multicast-ip-addresses for which a certain RP is applicable.
The no form of the command removes the criterion.
[no
] rpf-table
{rtable-m
| rtable-u
| both
}
The no form of the command disables MLD.
[no
] interface
ip-int-name
The no form of the command deletes the MLD interface. The
shutdown command in the
config>router>mld>interface context can be used to disable an interface without removing the configuration for the interface.
no interface — No interfaces are defined.
[no
] disable-router-alert-check
The no form of the command removes the policy association from the MLD instance.
no import — No import policy specified.
The no form of the command removes the IPv6 address from the configuration.
The source command is mutually exclusive with the specification of individual sources for the same group.
The no form of the command removes the source from the configuration.
Use the no form of the command to remove the starg entry from the configuration.
qos network-policy-id fp-redirect-group
queue-group-name instance instance-id
This command is used to redirect unicast packets arriving on an automatically (using the auto-bind command) or manually configured (using a
spoke-sdp command, but not the
spoke-sdp command under the VPRN IP interface) binding in a VPRN to a policer in an ingress forwarding plane queue-group for the purpose of rate-limiting.
The unicast traffic can be redirected to a policer under the forwarding class fp-redirect-group command in the ingress section of a network QoS policy; any
fp-redirect-group multicast-policer, broadcast-policer or
unknown-policer commands are ignored for this traffic. Note that multicast traffic would use the ingress network queues or queue group related to the network interface.
The no version of this command removes the redirection of VPRN binding traffic to the queue-group policers.
The no form of the command disables the BGP protocol from the given VPRN service.
The no form of the command used at the global level reverts to default where BGP adds the AS number and router ID to the aggregator path attribute.
The no form of the command used at the group level reverts to the value defined at the group level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
This command configures the comparison of BGP routes based on the MED attribute. The default behavior of SR-OS (equivalent to the no form of the command) is to only compare two routes on the basis of MED if they have the same neighbor AS (the first non-confed AS in the received AS_PATH attribute). Also by default, a route without a MED attribute is handled the same as though it had a MED attribute with the value 0. The
always-compare-med command without the
strict-as keyword allows MED to be compared even if the paths have a different neighbor AS; in this case, if neither
zero or
infinity is specified, the
zero option is inferred, meaning a route without a MED is handled the same as though it had a MED attribute with the value 0. When the
strict-as keyword is present, MED is only compared between paths from the same neighbor AS, and in this case,
zero or
infinity is mandatory and tells BGP how to interpret paths without a MED attribute.
The no form of the command removes the parameter from the configuration.
This command controls how the BGP decision process compares routes on the basis of MED. When deterministic-med is configured, BGP groups paths that are equal up to the MED comparison step based on neighbor AS, and then compares the best path from each group to arrive at the overall best path. This change to the BGP decision process makes best path selection completely deterministic in all cases. Without
deterministic-med, the overall best path selection is sometimes dependent on the order of the route arrival because of the rule that MED cannot be compared in routes from different neighbor AS.
Specifies the key is entered in a more complex encrypted form. If the
hash2 parameter is
not used, the less encrypted hash form is assumed.
[no
] backup-path
[ipv4
] [ipv6
]
The no form of this command removes BFD from the associated BGP protocol peering.
Route
reflectors are used to reduce the number of IBGP sessions required within an AS. Normally, all BGP speakers within an AS must have a BGP peering with every other BGP speaker in an AS.
A route reflector and its clients form a cluster. Peers that are not part of the cluster are considered to be non-clients.
When a route reflector receives a route, first it must select the best path from all the paths rec
eived. If the route was rec
eived from a non-client peer, then the route reflector sends the route to all clients in the cluster. If the route
came from a client peer, the route reflector sends the route to all non-client peers and to all client peers except the originator.
The no form of the command deletes the cluster ID and effectively disables the Route Reflection for the given group.
The no form of the command used at the global level reverts to the default value.
The
no form of the command used at the group level reverts to the value defined at the global level.
The
no form of the command used at the neighbor level reverts to the value defined at the group level.
This command enables BGP route damping for learned routes which are defined within the route policy. Use damping to reduc
e the number of update messages sent between BGP peers
and reduce the load on
peers without
affecting the route convergence time for stable routes
. Damping parameters are set via route policy definition.
The no form of the command used at the global level disables route damping.
The
no form of the command used at the group level reverts to the value defined at the global level.
The
no form of the command used at the neighbor level reverts to the value defined at the group level.
Half-life: 15 minutes
Max-suppress: 60 minutes
Suppress-threshold: 3000
Reuse-threshold 750
The no form of the command resets the behavior to the default which is to enable the use of 4-byte ASN.
[no
] disable-capability-negotiation
The no form of the command removes this command from the configuration and restores the normal behavior.
[no
] disable-client-reflect
The no form re-enables client reflection of routes.
config>service>vprn>bgp>group
config>service>vprn>bgp>group
>neighbor
[no]
disable-fast-external-failover
config>service>vprn>bgp>group
config>service>vprn>bgp>group>neighbor
In order for this command to be effective, the ecmp and
multipath commands for the associated VPRN instance must also be configured to allow for multiple routes to the same destination.
The no form of the command used at the global level reverts to default values.
ebgp-link-bandwidth family [family ...
(up to 2 max)]
config>service>vprn>bgp>group
config>service>vprn>bgp>group
>neighbor
When the egp-link-bandwidth command is configured, BGP automatically adds a link-bandwidth extended community to every route (of the selected types) received from directly connected (single-hop) EBGP peers within the scope of the command.
|
Values
|
ipv4 The command applies to IPv4 and label-IPv4 routes. ipv6 The command applies to IPv6 and 6PE routes.
|
[no
] enable-peer-tracking
config>service>vprn>bgp>group
config>service>vprn>bgp>group
>neighbor
[no
] stale-routes-time
time
[no
] update-fault-tolerance
This command enables treat-as-withdraw and other similarly non-disruptive approaches for handling a wide range of UPDATE message errors, as long as there are no length errors that prevent all of the NLRI fields from being correctly identified and parsed.
The no form of this command removes all route policy names from the export list.
no export — BGP advertises routes from other BGP routes but does not advertise any routes from other protocols unless directed by an export policy.
family [ipv4
] [ipv6
] [mcast-ipv4
] [flow-ipv6
] [flow-ipv4
]
The no form of the command removes the specified address family from the associated BGP sessions.
The no form of the command disables the validation procedure.
group name [esm-dynamic-peer]
The no form of the command deletes the specified peer group and all configurations associated with the peer group. The group must be shutdown before it can be deleted.
None — No peer groups are defined.
The no form of the command is used to remove the specified neighbor and the entire configuration associated with the neighbor. The neighbor must be administratively
shutdown before attempting to delete it. If the neighbor is not shutdown, the command will not result in any action except a warning message on the console indicating that neighbor is still administratively up.
none — No neighbors are defined.
|
Values
|
ipv4-address : a.b.c.d
ipv6-address : x:x:x:x:x:x:x:x[-interface] x:x:x:x:x:x:d.d.d.d[-interface] x: [0..FFFF]H d: [0..255]D interface: 32 chars maximum, mandatory for link local addresses
|
family [ipv4
] [ipv6
] [mcast-ipv4
]
The no form of the command removes the specified address family from the associated BGP peerings. If an address family is not specified, then reset the supported address family back to the default.
Even though the router OS implementation allows setting the keepalive time separately, the configured
keepalive timer is overridden by the
hold-time value under the following circumstances:
|
2.
|
If the hold-time is set to zero, then the operational value of the keepalive time is set to zero; the configured keepalive time is not changed. This means that the connection with the peer is up permanently and no keepalive packets are sent to the peer.
|
The no form of the command used at the global level reverts to the default value.
The
no form of the command used at the group level reverts to the value defined at the global level.
The
no form of the command used at the neighbor level reverts to the value defined at the group level.
The no form of the command disables the IBGP multipath load balancing feature.
This command specifies the import policies to be used to control routes advertised to BGP neighbors. Route policies are configured in the config>router>policy-options context. When multiple policy names are specified, the policies are evaluated in the order they are specified. A maximum of five (5) policy names can be specified. The first policy that matches is applied.
The no form of this command removes all route policy names from the import list.
no import — BGP accepts all routes from configured BGP neighbors. Import policies can be used to limit or modify the routes accepted and their corresponding parameters and metrics.
This command configures the BGP keepalive timer. A keepalive message is sent every time this timer expires. The seconds parameter can be set at three levels: global level (applies to all peers), group level (applies to all peers in peer-group) or neighbor level (only applies to specified peer). The most specific value is used.
The keepalive value is generally one-third of the
hold-time interval. Even though the OS implementation allows the
keepalive value and the
hold-time interval to be independently set, under the following circumstances, the configured
keepalive value is overridden by the
hold-time value:
If the specified keepalive value is greater than the configured
hold-time, then the specified value is ignored, and the
keepalive is set to one third of the current
hold-time value.
If the specified hold-time interval is less than the configured
keepalive value, then the
keepalive value is reset to one third of the specified
hold-time interval.
If the hold-time interval is set to zero, then the configured value of the
keepalive value is ignored. This means that the connection with the peer is up permanently and no
keepalive packets are sent to the peer.
The no form of the command used at the global level reverts to the default value.
The
no form of the command used at the group level reverts to the value defined at the global level.
The
no form of the command used at the neighbor level reverts to the value defined at the group level.
Outgoing connections use the local-address as the source of the TCP connection when initiating connections with a peer.
When a local address is not specified, the SR OS uses the system IP address when communicating with IBGP peers and uses the interface address for directly connected EBGP peers. This command is used at the neighbor level to revert to the value defined under the group level.
The no form of the command removes the configured local-address for BGP.
The
no form of the command used at the group level reverts to the value defined at the global level.
The
no form of the command used at the neighbor level reverts to the value defined at the group level.
local-as as-number [private
] [no-prepend-global-as]
In addition to the global AS number configured for BGP in the config>router>autonomous-system context, a virtual (local) AS number can be configured to support various AS number migration scenarios.The local AS number is added to the to the beginning the as-path attribute ahead of the router’s AS number.
The no form of the command used at the global level will remove any virtual AS number configured.
The
no form of the command used at the group level reverts to the value defined at the global level.
The
no form of the command used at the neighbor level reverts to the value defined at the group level.
The no form of the command at the global level specifies that incoming routes with local-preference set are not overridden and routes arriving without local-preference set are interpreted as if the route had local-preference value of 100.
The no form of the command used at the group level reverts to the value defined at the global level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
loop-detect {drop-peer
| discard-route
| ignore-loop| off
}
The no form of the command used at the global level reverts to default, which is
loop-detect ignore-loop.
The no form of the command used at the group level reverts to the value defined at the global level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
The no form of the command used at the global level reverts to default where the MED is not advertised.
The no form of the command used at the group level reverts to the value defined at the global level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
The no form of the command reverts to default values.
The no form of the command is used to convey to the BGP instance that the EBGP peers are directly connected.
The
no form of the command reverts to default values.
1 — EBGP peers are directly connected.
The no form of the command used at the global level reverts to default values.
no multipath — Multipath disabled.
The no form of the command used at the group level allows third-party route advertisements in a multi-access network.
The
no form of the command used at the neighbor level reverts to the value defined at the group level.
The no form of the command used at the group level disables passive mode where BGP actively attempts to connect to its peers.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
The default next-hop resolution policy (when the no policy command is configured) is to use the longest matching active route in RTM that is not a BGP route (unless
use-bgp-routes is configured), an aggregate route or a subscriber management route.
[no
] preference
preference
The no form of the command used at the global level reverts to default value.
The no form of the command used at the group level reverts to the value defined at the global level.
The no form of the command used at the neighbor level reverts to the value defined at the group level.
prefix-limit family limit [log-only
] [threshold
percentage] [idle-timeout
{minutes | forever
}] [post-import
]
The prefix-limit command allows each address family to have its own limit; a set of address family limits can be applied to one neighbor or to all neighbors in a group.
The no form of the command removes the
prefix-limit.
The no form of the command removes this command from the configuration and returns withdrawal processing to the normal behavior.
When the remove-private parameter is set at the global level, it applies to all peers regardless of group or neighbor configuration. When the parameter is set at the group level, it applies to all peers in the group regardless of the neighbor configuration.
The no form of the command used at the global level reverts to default value. The
no form of the command used at the group level reverts to the value defined at the global level. The
no form of the command used at the neighbor level reverts to the value defined at the group level.
leak-import policy-name [
policy-name .. (up to 15 max)]
The configuration default is no split-horizon, meaning that no effort is taken to prevent a best route from being reflected back to the sending peer.
NOTE: Use of the
split-horizon command may have a detrimental impact on peer and route scaling and therefore operators are encouraged to use it only when absolutely needed.
The no form of the command disables split horizon command which allows the lower level to inherit the setting from an upper level.
The no form of the command prevents BGP from performing any third party next-hop processing toward any single-hop EBGP peers within the scope of the command. No third-party next-hop means the next-hop will always carry the IP address of the interface used to establish the TCP connection to the peer.
[no
] type
{internal
| external
}
This command designates the BGP peer as type internal or external.
The type of internal indicates the peer is an IBGP peer while the type of external indicates that the peer is an EBGP peer.
The no form of the command used at the group level reverts to the default value.
The
no form of the command used at the neighbor level reverts to the value defined at the group level.
[no
] updated-error-handling
config>service>vprn>bgp>group>neighbor
The no form of the command disables the ISIS protocol instance from the given VPRN service.
[no
] advertise-passive-only
[no
] area-id
area-address
A maximum of 3 area addresses can be configured for the VPRN instance.
If multiple area-id commands are entered, the system ID of all subsequent entries must match the first
area address.
The no form of the command removes the area address.
[no
] authentication-check
When no authentication-check is configured, authentication PDUs are generated and IS-IS PDUs are authenticated on receipt. However, mismatches cause an event to be generated and will not be rejected.
The no form of this command allows authentication mismatches to be accepted and generate a log event.
To configure authentication on the global level, configure this command in the config>router>isis context. When this parameter is configured on the global level, all PDUs are authenticated including the hello PDU.
To override the global setting for a specific level, configure the authentication-key command in the
config>router>isis>level context. When configured within the specific level, hello PDUs are not authenticated.
The no form of the command removes the authentication key.
Specifies the key is entered in a more complex encrypted form. If the
hash2 parameter is not used, the less encrypted
hash form is assumed.
The no form of the command disables authentication.
[no
] export
policy-name [policy-name...up to 5 max]
If an aggregate command is also configured in the
config>router context, then the aggregation is applied before the export policy is applied.
Routing policies are created in the config>router>policy-options context.
The no form of the command removes the specified
policy-name or all policies from the configuration if no
policy-name is specified.
no export — No export policy name is specified.
The no form of the command removes the parameters from the configuration.
The no form of the command disables graceful restart and removes all graceful restart configurations in the ISIS instance.
When graceful-restart is enabled, the router can be a helper (meaning that the router is helping a neighbor to restart) or be a restarting router or both. The router supports only helper mode. This facilitates the graceful restart of neighbors but will not act as a restarting router (meaning that the router will not help the neighbors to restart).
The no helper-disable command enables helper support and is the default when graceful-restart is enabled.
[no
] hello-authentication
The no form of the command suppresses authentication of HELLO packets.
[no
] hello-padding
{adaptive|loose|strict
}
The no form of the command disables IS-IS hello padding.
Specifies the loose padding option; the loose padding may not be able to detect certain situations such as asymmetrical MTUs between the routing devices.
Specifies the strict padding option.
2.
broadcast interface—Padding is done for all adjacency states, and is continuous. Strict padding has the most overhead but detects MTU issues on both sides of a link.
The no form of the command specifies that ISIS will not ignore LSP errors.
[no
] interface
ip-int-name
The no form of the command removes IS-IS from the interface.
The shutdown command in the
config>router>isis>interface context administratively disables IS-IS on the interface without affecting the IS-IS configuration.
[no
] bfd-enable
{ipv4
| ipv6
} [include-bfd-tlv
]
This command enables the use of bi-directional forwarding (BFD) to control IPv4 adjacencies. By enabling BFD on an IPv4 or IPv6 protocol interface, the state of the protocol interface is tied to the state of the BFD session between the local node and the remote node. The parameters used for the BFD are set by the BFD command under the IP interface. This command must be given separately to enable/disable BFD for both IPv4 and IPv6.
The no form of this command removes BFD from the associated adjacency.
The no form of the command reverts to the default value.
csnp-interval 5 — CSN PDUs are sent every 5 seconds for point-to-point interfaces.
When the hello authentication key is configured in the config>router>isis>interface context, it applies to all levels configured for the interface.
The no form of the command removes the authentication-key from the configuration.
Specifies the key is entered in a more complex encrypted form. If the
hash2 parameter is not used, the less encrypted
hash form is assumed.
The no form of the command disables hello authentication.
The no form of the command reverts to the default value.
broadcast — For IP interfaces on Ethernet or unknown type physical interfaces.
[no
] ipv4-multicast-disable
[no
] ipv6-unicast-disable
The no form of the command enables IS-IS IPv6 unicast routing for the interface.
The no form of the command to reverts to the default value.
3 — Hello interval default for the designated intersystem.
9 — Hello interval default for non-designated intersystems.
The no form of the command reverts to the default value.
3 — The router can miss up to 3 hello messages before declaring the adjacency down.
The no form of this command removes the metric from the configuration.
The no form of this command removes the metric from the configuration.
The no form of the command reverts to the default value.
10 — A metric of 10 for the level on the interface is used.
The no form of the command removes the passive attribute.
passive — Service interfaces are passive.
no passive — All other interfaces are not passive.
The no form of the command reverts to the default value.
If the pre-FEC error rate of the associated DWDM port crosses the configured sd-threshold, this offset-value is added to the IS-IS interface metric. This parameter is only effective if the interface is associated with a DWDM port and the
sd-threshold value is configured under that port.
The no form of the command reverts the offset value to 0.
If the pre-FEC error rate of the associated DWDM port crosses the configured sf-threshold, this offset-value is added to the IS-IS interface metric. This parameter is only effective if the interface is associated with a DWDM port and the
sf-threshold value is configured under that port.
The no form of the command reverts the offset value to 0.
If the user excluded the interface from LFA using the command loopfree-alternate-exclude, the LFA policy, if applied to the interface, has no effect.
The no form deletes the mapping of a route next-hop policy template to an OSPF or IS-IS interface.
The no form of this command re-instates the default value for this command.
The no form of the command reverts to the default value.
100 — LSPs are sent in 100 millisecond intervals.
To prevent an interface from flooding LSPs, the optional blocked parameter can be specified. Configure mesh groups carefully. It is easy to created isolated islands that do not receive updates as (other) links fail.
The no form of the command removes the interface from the mesh group.
The no form of the command reverts to the default value.
The no ipv4-multicast-routing form of the command results in none of the IS-IS routes being populated in the IPv4 multicast RTM and would be used if multicast is configured to use the unicast RTM for the RPF check.
The no form of the command disables IPv4 on the IS-IS instance.
[no
] ipv6-routing
{native | mt
}
The no form of the command disables support for IS-IS IPv6 TLVs for IPv6 routing.
The config>router>isis context configures default global parameters for both Level 1 and Level 2 interfaces.
The config>router>isis>interface context configures IS-IS operational characteristics of the interface at Level 1 and/or Level 2. A logical interface can be configured on one Level 1 and one Level 2. In this case, each level can be configured independently and parameters must be removed independently.
The no form of this command deletes the specified default metric and reverts to using the system default of 10.
The no form of this command deletes the specified default metric and reverts to using the system default of 10.
The external-preference command configures the preference level of either IS-IS level 1 or IS-IS level 2 external routes. By default, the preferences are as listed in the table below.
The no form of the command reverts to the default value.
Table 15 displays configuration combinations and the potential adjacencies that can be formed.
The no form of the command removes the level capability from the configuration.
In the config>router>isis context, changing the
level-capability performs a restart on the IS-IS protocol instance.
In the config>router>isis>interface context, changing the
level-capability performs a restart of IS-IS on the interface.
The no form of the command removes the specified link-group.
The no form of the command removes the description from the associated link-group.
The no form of the command reverts the offset value to 0.
The no form of the command reverts the offset value to 0.
The no form of the command reverts the offset value to 0.
The no form of the command removes the specified interface from the associated link-group.
The no form of the command reverts the oper-members limit to 1.
The no form of the command reverts the revert-members threshold back to the default which is equal to the oper-member threshold value.
The no form of this command disables the LFA computation by IGP SPF.
The default action of the loopfree-alternate-exclude command, when not explicitly specified by the user in the prefix policy, is a “reject”. Thus, regardless if the user did or did not explicitly add the statement “default-action reject” to the prefix policy, a prefix that did not match any entry in the policy will be accepted into LFA SPF.
The no form deletes the exclude prefix policy.
Each LSP received is maintained in an LSP database until the lsp-lifetime expires unless the originating router refreshes the LSP. By default, each router refreshes its LSP’s every 20 minutes (1200 seconds) so other routers will not age out the LSP.
The no form of the command reverts to the default value.
1200 — LSPs originated by the router should be valid for 1200 seconds (20 minutes).
This command configures the LSP MTU size. If the size value is changed from the default using CLI or SNMP, then ISIS must be restarted in order for the change to take effect. This can be done by performing a
shutdown command and then a
no shutdown command in the
config>router>isis context. Note: Using the
exec command to execute a configuration file to change the LSP MTU-size from its default value will automatically bounce IS-IS for the change to take effect.
The no form of the command reverts to the default value.
lsp-wait lsp-wait [lsp-initial-wait [lsp-second-wait]]
The no form of this command disables support for the IPv4 topology (MT3) within the associated IS-IS instance.
The no form of the command disables the submission of routes into the multicast RTM.
The overload command can be useful in circumstances where the router is overloaded or used prior to executing a
shutdown command to divert traffic around the router.
The no form of the command causes the router to exit the overload state.
The no overload command does not affect the
overload-on-boot function.
This state can be cleared with the config>router>isis>no overload command.
The no form of the command removes the overload-on-boot functionality from the configuration.
Use the show router isis status command to display the administrative and operational state as well as all timers.
The no form of the command removes the POI functionality from the configuration.
The no form of the command suppresses authentication of PSNP packets.
If the reference bandwidth is configured as 10 Gigabits (10,000,000,000), a 100 M/bps interface has a default metric of 100. In order for metrics in excess of 63 to be configured, wide metrics must be deployed. (See wide-metrics-only in the
config>router>isis context.)
The no form of the command reverts to the default value.
The no form of the command removes the router ID definition from the given VPRN context.
This command instructs IS-IS or OSPF to include RSVP LSPs originating on this node and terminating on the router-id of a remote node as direct links with a metric equal to the operational metric provided by MPLS. If the user enabled the relative-metric option for this LSP, IGP will apply the shortest IGP cost between the endpoints of the LSP plus the value of the offset, instead of the LSP operational metric, when computing the cost of a prefix which is resolved to the LSP.
When rsvp-shortcut is enabled at the IGP instance level, all RSVP LSPs originating on this node are eligible by default as long as the destination address of the LSP, as configured in configure>router>mpls>lsp>to, corresponds to a router-id of a remote node. RSVP LSPs with a destination corresponding to an interface address or any other loopback interface address of a remote node are automatically not considered by IS-IS or OSPF. The user can, however, exclude a specific RSVP LSP from being used as a shortcut for resolving IGP routes by entering the
config>router>mpls>lsp>no igp-shortcut command.
This feature provides IGP with the capability to populate the multicast RTM with the prefix IP next-hop when both the rsvp-shortcut and the
multicast-import options are enabled in IGP. The unicast RTM can still make use of the tunnel next-hop for the same prefix. This change is made possible with the enhancement by which SPF keeps track of both the direct first hop and the tunneled first hop of a node which is added to the Dijkstra tree.
The no form of this command disables the resolution of IGP routes using RSVP shortcuts.
[no]
spf-wait spf-wait [
spf-initial-wait [
spf-second-wait]]
This command defines the maximum interval between two consecutive SPF calculations in seconds. Timers that determine when to initiate the first, second and subsequent SPF calculations after a topology change occurs can be controlled with this command. Subsequent SPF runs (if required) will occur at exponentially increasing intervals of the spf-second-wait interval. For example, if the
spf-second-wait interval is 1000, then the next SPF will run after 2000 milliseconds, and then next SPF will run after 4000 milliseconds, etc., until it reaches the
spf-wait value. The SPF interval will stay at
spf-wait value until there are no more SPF runs scheduled in that interval. After a full interval without any SPF runs, the SPF interval will drop back to
spf-initial-wait.
[no
] strict-adjacency-check
When disabled (no strict-adjacency-check), both routers only need to have one common address family to establish the adjacency.
[no
] unicast-import-disable
The no form of the command deletes the OSPF protocol instance removing all associated configuration parameters.
no ospf — The OSPF protocol is not enabled.
ospf3 [instance-id] [router-id]
The no form of the command deletes the OSPFv3 protocol instance, removing all associated configuration parameters.
instance-id — Specify the instance ID for the OSPFv3 instance being created or modified. The instance ID must match the specified range based on the address family. For ipv6-unicast, the instance id must be between 0 and 31. For ipv4-unicast the instance id must be between 64-95.
This command creates the context to configure an OSPF area. An area is a collection of network segments within an AS that have been administratively grouped together. The area ID can be specified in dotted decimal notation or as a 32-bit decimal integer.
The no form of the command deletes the specified area from the configuration. Deleting the area also removes the OSPF configuration of all the interfaces, virtual-links, sham-links, and address-ranges etc., that are currently assigned to this area.
no area — No OSPF areas are defined.
area-range ip-prefix/prefix-length [advertise
| not-advertise
]
area-range ipv6-prefix/prefix-length [advertise
| not-advertise
]
The no form of the command deletes the range (non) advertisement.
no area-range — No range of addresses are defined.
In the NSSA context, the
option specifies that the range applies to external routes (via type-7 LSAs) learned within the NSSA when the routes are advertised to other areas as type-5 LSAs.
The no form of this command removes this option.
[no
] interface
ip-int-name [secondary]
The no form of the command deletes the OSPF interface configuration for this interface. The
shutdown command in the
config>router>ospf>interface context can be used to disable an interface without removing the configuration for the interface.
no interface — No OSPF interfaces are defined.
The no form of the command disables advertising point-to-point interfaces as subnet routes meaning they are advertised as host routes.
advertise-subnet — Advertises point-to-point interfaces as subnet routes.
This command configures the password used by the OSPF interface or virtual-link to send and receive OSPF protocol packets on the interface when simple password authentication is configured.
The no form of the command removes the authentication key.
no authentication-key — No authentication key is defined.
Specifies the key is entered in a more complex encrypted form. If the
hash2 parameter is
not used, the less encrypted hash form is assumed.
Both simple password and
message-digest authentication are supported.
The no form of the command disables authentication on the interface.
no authentication — No authentication is enabled on an interface.
The no form of this command removes BFD from the associated IGP protocol adjacency.
The no form of the command reverts to the default value.
If the dead-interval configured applies to an interface, then all nodes on the subnet must have the same dead interval.
If the dead-interval configured applies to a virtual link, then the interval on both termination points of the virtual link must have the same dead interval.
Sham-link — If the
dead-interval configured applies to a sham-link, then the interval on both endpoints of the sham-link must have the same dead interval.
When graceful-restart is enabled, the router can be a helper (meaning that the router is helping a neighbor to restart) or be a restarting router or both. The SR OS supports only helper mode. This facilitates the graceful restart of neighbors but will not act as a restarting router (meaning that the SR OS will not help the neighbors to restart).
The no helper-disable command enables helper support and is the default when graceful-restart is enabled.
The no form of the command enables the OSPF or OSPF3 router to follow the normal proceedure to determine whether to set the DN bit.
import policy-name [ policy-name...(up to 5 max)]
Reducing the interval, in combination with an appropriate reduction in the associated dead-interval, allows for faster detection of link and/or router failures at the cost of higher processing costs.
The no form of this command reverts to the default value.
hello-interval 10 — A 10-second hello interval.
If the hello-interval configured applies to an interface, then all nodes on the subnet must have the same hello interval.
If the hello-interval configured applies to a virtual link, then the interval on both termination points of the virtual link must have the same hello interval.
The no form of the command reverts to the default value.
point-to-point — If the physical interface is SONET.
broadcast — If the physical interface is Ethernet or unknown.
[no
] loopfree-alternate-exclude
The no form of this command re-instates the default value for this command.
The no form of this command disables OSPF LSA filtering (normal operation).
The no form of the command disables the submission of routes into the multicast RTM.
The no form of the command removes the message digest key identified by the
key-id.
The keyid is expressed as a decimal integer.
The MD5 key. The key can be any alphanumeric string up to 16 characters in length.
The no form of the command deletes the manually configured interface metric, so the interface uses the computed metric based on the
reference-bandwidth command setting and the speed of the underlying link.
no metric — The metric is based on
reference-bandwidth setting and the link speed.
Use the no form of this command to revert to default.
no mtu — Uses the value derived from the MTU configured in the
config>port context.
By default, only interface addresses that are configured for OSPF will be advertised as OSPF interfaces. The passive parameter allows an interface to be advertised as an OSPF interface without running the OSPF protocol.
The no form of the command removes the passive property from the OSPF interface.
Service interfaces defined in config>router>service-prefix are passive.
The no form of the command reverts the interface priority to the default value.
The no form of this command reverts to the default interval.
The no form of
rib-priority command disables RIB prioritization at the associated level.
The no form of this command reverts to the default delay time.
The no form of the command reverts to the default.
[no
] loopfree-alternate-exclude
The no form of the command includes the OSPF area in LFA calculations.
The no form of the command removes the NSSA designation and configuration context from the area.
no nssa — The OSPF area is not an NSSA.
The no form of the command disables origination of a default route.
no originate-default-route — A default route is not originated.
[no
] redistribute-external
The no form of the command disables the default behavior to automatically redistribute external routes into the NSSA area from the NSSA ABR.
redistribute-external — External routes are redistributed into the NSSA.
The no form of the command disables sending summary route advertisements and, for stub areas, only the default route is advertised by the ABR.
summaries — Summary routes are advertised by the ABR into the stub area or NSSA.
The no form of the command removes the stub designation and configuration context from the area.
no stub — The area is not configured as a stub area.
The no form of the command reverts to the default value.
[no
] virtual-link
router-id transit-area area-id
The router-id specified in this command must be associated with the virtual neighbor. The transit area cannot be a stub area or a Not So Stubby Area (NSSA).
The no form of the command deletes the virtual link.
The no form of the command enables the post-RFC1583 method of summary and external route calculation.
compatible-rfc1583 — RFC1583 compliance is enabled.
export policy-name [policy-name…]
The no form of the command removes all policies from the configuration.
no export — No export route policies specified.
The limit value specifies the maximum number of non-default AS-external-LSA entries that can be stored in the link-state database (LSDB). Placing a limit on the non-default AS-external-LSAs in the LSDB protects the router from receiving an excessive number of external routes that consume excessive memory or CPU resources. If the number of routes reach or exceed the
limit, the table is in an overflow state.
When in an overflow state, the router will not originate any new AS-external-LSAs. In fact, it withdraws all the self-originated non-default external LSAs.
The interval specifies the amount of time to wait after an overflow state before regenerating and processing non-default AS-external-LSAs. The waiting period acts like a dampening period preventing the router from continuously running Shortest Path First (SPF) calculations caused by the excessive number of non-default AS-external LSAs.
The external-db-overflow must be set identically on all routers attached to any regular OSPF area. OSPF stub areas and not-so-stubby areas (NSSAs) are excluded.
The no form of the command disables limiting the number of non-default AS-external-LSA entries.
no external-db-overflow — No limit on non-default AS-external-LSA entries.
The no form of the command reverts to the default value.
external-preference 150 — OSPF external routes have a default preference of 150.
The no form of this command disables the LFA computation by IGP SPF.
If the overload command is encountered during the execution of an
overload-on-boot command then this command takes precedence. This could occur as a result of a saved configuration file where both parameters are saved. When the file is saved by the system the
overload-on-boot command is saved after the
overload command.
Use the no form of this command to return to the default. When the
no overload command is executed, the overload state is terminated regardless the reason the protocol entered overload state.
Each single operation of the admin-group command allows a maximum of five (5) groups to be specified at a time. However, a maximum of 32 groups can be added to a given interface through multiple operations. Once an admin group is bound to one or more interface, its value cannot be changed until all bindings are removed.
It should be noted that only the admin groups bound to an MPLS interface are advertised in TE link TLVs and sub-TLVs when the traffic-engineering option is enabled in IS-IS or OSPF. IES and VPRN interfaces do not have their attributes advertised in TE TLVs.
The no form of this command deletes one or more of the admin-group memberships of an interface. The user can also delete all memberships of an interface by not specifying a group name.
srlg-group group-name [group-name...(up to 5 max)
]
An interface can belong to up to 64 SRLG groups. However, each single operation of the srlg-group command allows a maximum of five (5) groups to be specified at a time. Once an SRLG group is bound to one or more interface, its value cannot be changed until all bindings are removed.
It should be noted that only the SRLGs bound to an MPLS interface are advertised in TE link TLVs and sub-TLVs when the traffic-engineering option is enabled in IS-IS or OSPF. IES and VPRN interfaces do not have their attributes advertised in TE TLVs.
The no form of this command deletes one or more of the SRLG memberships of an interface. The user can also delete all memberships of an interface by not specifying a group name.
If the user excluded the interface from LFA using the command loopfree-alternate-exclude, the LFA policy, if applied to the interface, has no effect.
The no form deletes the mapping of a route next-hop policy template to an OSPF or IS-IS interface.
The default action of the loopfree-alternate-exclude command, when not explicitly specified by the user in the prefix policy, is a “reject”. Thus, regardless if the user did or did not explicitly add the statement “default-action reject” to the prefix policy, a prefix that did not match any entry in the policy will be accepted into LFA SPF.
The no form deletes the exclude prefix policy.
[no
] overload-include-ext-2
[no
] overload-include-stub
The no overload command does not affect the
overload-on-boot function.
The no form of the command removes the overload-on-boot functionality from the configuration.
The no form of the command reverts to the default value.
preference 10 — OSPF internal routes have a preference of 10.
The default reference-bandwidth is
100,000,000 Kbps or 100 Gbps, so the default auto-cost metrics for various link speeds are as as follows:
The reference-bandwidth command assigns a default cost to the interface based on the interface speed. To override this default cost on a particular interface, use the
metric metric command in the
config>router>ospf>area>interface ip-int-name context.
The no form of the command reverts the reference-bandwidth to the default value.
reference-bandwidth 100000000 — Reference bandwidth of 100 Gbps.
The no form of
rib-priority command disables RIB prioritization at the associated level.
spf-wait max-spf-wait [spf-initial-wait [spf-second-wait]]
This command defines the maximum interval between two consecutive SPF calculations in milliseconds. Timers that determine when to initiate the first, second, and subsequent SPF calculations after a topology change occurs can be controlled with this command. Subsequent SPF runs (if required) will occur at exponentially increasing intervals of the spf-second-wait interval. For example, if the
spf-second-wait interval is 1000, then the next SPF will run after 2000 milliseconds, and then next SPF will run after 4000 milliseconds, etc., until it reaches the
spf-wait value. The SPF interval will stay at the
spf-wait value until there are no more SPF runs scheduled in that interval. After a full interval without any SPF runs, the SPF interval will drop back to
spf-initial-wait.
Use the no form of this command to return to the default.
[no
] unicast-import-disable
vpn-domain [type {0005
| 0105
| 0205
| 8005
}] id
id
Use the no form of this command to return to the default.
lsa-generate max-lsa-wait [lsa-initial-wait [lsa-second-wait]]
Use the no form of this command to return to the default.
The no form of the command disables the RIP protocol from the given VPRN IP interface.
The no form of the command deletes the RIP protocol instance removing all associated configuration parameters.
no ripng — No RIPng protocol instance defined.
The no form of the command removes the authentication password from the configuration and disables authentication.
no authentication-key — Authentication is disabled and the authentication password is empty.
Specifies the key is entered in a more complex encrypted form. If the
hash2 parameter is
not used, the less encrypted hash form is assumed.
The no form of the command removes the authentication type from the configuration and effectively disables authentication.
The no form of the command disables this check and allows the receipt of RIP messages even if the mandatory zero fields are non-zero.
The split-horizon disable command enables split horizon without poison reverse. This allows the routes to be re-advertised on interfaces other than the interface that learned the route, with the advertised metric equaling an increment of the metric-in value.
The no form of the command disables split horizon command which allows the lower level to inherit the setting from an upper level.
The no form of the command removes all route policy names from the export list.
The no form of the command removes the parameters from the configuration.
The no form of the command removes all route policy names from the import list.
The no form of the command resets the maximum number of routes back to the default of 25.
The no form of the command reverts the
metric value back to the default.
The no form of the command removes the command from the config and resets the metric-in value back to the default.
The no form of the command resets the
preference to the default.
receive {both
| none
| version-1
| version-2
}
If both or
version-2 is specified, the RIP instance listens for and accepts packets sent to the broadcast and multicast (224.0.0.9) addresses.
If version-1 is specified, the router only listens for and accepts packets sent to the broadcast address.
The no form of the command resets the type of messages accepted to both.
no receive — Accepts both formats.
send {broadcast
| multicast
| none
| version-1
| both
}
If version-1 is specified, the router only listens for and accepts packets sent to the broadcast address.
The no form of this command resets the type of messages sent back to the default value.
no send — Sends RIPv2 to the broadcast address.
The no form of the command resets all timers to their default values of 30, 180, and 120 seconds respectively.
The no form of the command deletes the specified IPv6 unicast address from the configuration.
ipv6-address — IPv6 unicast address to which unicast RIPng updates should be sent.
The no form of the command deletes the RIP neighbor interface group. Deleting the group will also remove the RIP configuration of all the neighbor interfaces currently assigned to this group.
no group — No group of RIP neighbor interfaces defined
[no
] neighbor
ip-int-name
The no form of the command deletes the RIP interface configuration for this interface. The
shutdown command in the
config>router>rip>group group-name>
neighbor ip-int-name context can be used to disable an
interface without removing the configuration for the interface.
no neighbor — No RIP interfaces defined
local-ip {ip-prefix/prefix-length | ip-prefix netmask | any
}
Only one entry is necessary to describe a potential flow. The local-ip and
remote-ip commands can be defined only once. The system will evaluate the local IP as the source IP when traffic is examined in the direction of VPN to the tunnel and as the destination IP when traffic flows from the tunnel to the VPN. The remote IP will be evaluated as the source IP when traffic flows from the tunnel to the VPN when traffic flows from the VPN to the tunnel.
remote-ip ip-prefix/prefix-length | ip-prefix netmask | any
}
Only one entry is necessary to describe a potential flow. The local-ip and
remote-ip commands can be defined only once. The system will evaluate the local IP as the source IP when traffic is examined in the direction of VPN to the tunnel and as the destination IP when traffic flows from the tunnel to the VPN. The remote IP will be evaluated as the source IP when traffic flows from the tunnel to the VPN when traffic flows from the VPN to the tunnel.
[no
] address
{ip-address/mask | ip-address netmasks}
The no form of the command returns the default value.
tunnel ipsec-tunnel-name [create
]
[no
] bfd-enable service
service-id interface
interface-name dst-ip
ip-address
The no form of the command disables the automatic attempts to establish a phase 1 exchange.
[no]
local-id type {
ipv4 <
v4address> |
fqdn <
fqdn-value>}
transform transform-id [transform-id...(up to 4 max)]
|
Values
|
service-id: 1 — 2147483648 svc-name: Specifies an existing service name up to 64 characters in length.
|
security-association security-entry-id authentication-key
authentication-key encryption-key
encryption-key spi
spi transform
transform-id direction
{inbound
| outbound
}
{32 |
64 |
128 |
256 |
512}
This command configures an IPSec security policy. The policy may then be associated with tunnels defined in the same context.
tms-interface interface-name [create
] [off-ramp-vprn
off-ramp-svc] [mgmt-vprn
mgmt-svc]
The no form of the command removes the interface name from the configuration.
|
Values
|
service-id: 1 — 2148007978 svc-name: An existing service name up to 64 characters in length.
|
service-id: 1 — 2148007978
svc-name: An existing service name up to 64 characters in length.
address {ip-address/mask|ip-address netmask}
The no form of the command removes the IP address information from the interface configuration.
The no form of the command removes the description from the interface configuration.
The no form of the command removes the IP address information from the interface configuration.
The no form of the command removes the password.
server server-name [create
] [purpose
{[accounting
][authentication
]}]
The no form of the command disables caching.
key packet-type {accept
|request
} attribute-type
attribute-type [vendor-id
vendor-id]
The no form of the command removes the parameters from the configuration.
timeout [hrs
hours] [min
minutes] [sec
seconds]
The no form of the command reverts to the default.
The no form of the command reverts to the default.
The no form of the command removes the policy from the configuration.
The no form of the command removes the policy from the configuration.
[no
] interface
ip-int-name
load-balance-key vendor vendor-id [vendor-id...(up to 5 max)] attribute-type
attribute-type [attribute-type...(up to 5 max)]
Specifies the key is entered in a more complex encrypted form. If the
hash2 parameter is not used, the less encrypted
hash form is assumed.
[no
] send-accounting-response
The no form of the command disables the accounting response messages.
username [1..32] prefix-string
[128 chars max] [accounting-server-policy
policy-name] [authentication-server-policy
policy-name]
The no form of the comand removes the associations from the configuration.
server server-name [address
ip-address] [secret
key ] [hash
|hash2
] [port
port] [create
]
The no form of the command removes the parameters from the configuration.
Specifies the key is entered in a more complex encrypted form. If the
hash2 parameter is not used, the less encrypted
hash form is assumed.
The no form of the command removes the script policy from the configuration.
The no form of this command removes configuration under wpp.
portal name address
ip-address [create
]
The no form of this command removes configuration under WPP.
[no
] restore-disconnected
