Download Print this page

Alcatel-Lucent 7705 Configuration Manual

Alcatel-Lucent 7705 Configuration Manual

Aggregation router

Hide thumbs Also See for 7705:

Service manual (546 pages)

,

Interface configuration manual (226 pages)

,

Installation manual (176 pages)

Table Of Contents

page of 532

/ 532
Contents
Table of Contents
Bookmarks

Table of Contents

Advertisement

Quick Links

See also: Service Manual , Installation Manual

ROUTER CONFIGURATION GUIDE

Alcatel-Lucent 7705

SERVICE AGGREGATION ROUTER OS | RELEASE 6.2.R1

ROUTER CONFIGURATION GUIDE

Alcatel-Lucent – Proprietary & Confidential

Contains proprietary/trade secret information which is the property of Alcatel-Lucent. Not to be made available

to, or copied or used by anyone who is not an employee of Alcatel-Lucent except when there is a valid non-

disclosure agreement in place which covers such information and contains appropriate non-disclosure and

limited use obligations.

Copyright © 2015 Alcatel-Lucent. All rights reserved.

Table of Contents

Advertisement

Table of Contents

Need help?

Need help?

Do you have a question about the 7705 and is the answer not in the manual?

Questions and answers

Summary of Contents for Alcatel-Lucent 7705

Page 1 Contains proprietary/trade secret information which is the property of Alcatel-Lucent. Not to be made available to, or copied or used by anyone who is not an employee of Alcatel-Lucent except when there is a valid non- disclosure agreement in place which covers such information and contains appropriate non-disclosure and limited use obligations.
Page 2 This document may contain information regarding the use and installation of non-Alcatel-Lucent products. Please note that this information is provided as a courtesy to assist you. While Alcatel-Lucent tries to ensure that this information accurately reflects information provided by the supplier, please refer to the materials provided with any non-Alcatel-Lucent product and contact the supplier for confirmation.
Page 3: Table Of Contents
Audience ...............................13 List of Technical Publications ........................14 Technical Support ............................15 Getting Started............................17 In This Chapter ..............................17 Alcatel-Lucent 7705 SAR Router Configuration Process ...................17 IP Router Configuration ........................19 In This Chapter ..............................19 Configuring IP Router Parameters ........................20 Interfaces...............................20 Network Interface .............................21 System Interface ............................25...
Page 4 IP Address Owner ............................213 Primary Address............................214 Virtual Router Master ..........................214 Owner and Non-owner VRRP ........................215 Configurable Parameters ..........................215 VRID...............................216 Priority ..............................216 IP Addresses ............................217 Message Interval and Master Inheritance ....................217 Master Down Interval ..........................218 Skew Time .............................218 7705 SAR OS Router Configuration Guide...
Page 5 VRRP Monitor Commands ..........................241 VRRP Clear Commands ..........................241 VRRP Debug Commands ...........................241 Command Descriptions ..........................242 Configuration Commands ........................243 VRRP Show Commands ........................260 VRRP Monitor Commands ........................268 VRRP Clear Commands ........................270 VRRP Debug Commands ........................271 7705 SAR OS Router Configuration Guide...
Page 6 Renumbering Filter Policy Entries .......................314 Modifying an IP Filter Policy ........................317 Modifying a MAC Filter Policy ........................318 Modifying a VLAN Filter Policy ........................319 Removing and Deleting a Filter Policy ......................320 Removing a Filter from a Service ......................320 7705 SAR OS Router Configuration Guide...
Page 7 Beginning the Policy Statement .........................436 Creating a Route Policy..........................436 Configuring a Default Action ........................438 Configuring an Entry............................439 Configuring an AS Path (policy-option) .......................441 Configuring a Community List ........................441 Configuring Damping...........................442 Configuring a Prefix List ..........................443 7705 SAR OS Router Configuration Guide...
Page 8 Deleting a Policy Statement ........................448 Route Policy Command Reference ........................449 Command Hierarchies..........................449 Route Policy Configuration Commands ....................450 Show Commands ...........................452 Command Descriptions ..........................453 Configuration Commands ........................454 Show Commands ...........................480 Standards and Protocol Support ...................... 511 7705 SAR OS Router Configuration Guide...
Page 9 Show Router Status Output Fields ....................197 Table 38 Show Tunnel Table Output Fields ....................198 VRRP ..............................211 Table 39 Show VRRP Policy and Policy Event Summary Output Fields ..........263 Table 40 Show Router VRRP Instance Summary Output Fields ..............266 7705 SAR OS Router Configuration Guide...
Page 10 EMC Industrial Standards Compliance ..................512 Table 66 EMC Regulatory and Customer Standards Compliance .............513 Table 67 Environmental Standards Compliance ..................515 Table 68 Safety Standards Compliance ....................516 Table 69 Directives, Regional Approvals and Certifications Compliance ..........517 7705 SAR OS Router Configuration Guide...
Page 11 OSPF Route Policy Diagram ......................421 Figure 14 Route Policy Configuration and Implementation Flow ..............423 Figure 15 Route Policy Process Example....................429 Figure 16 Next Policy Logic Example ......................430 Figure 17 Next Entry Logic Example ......................431 Figure 18 Damping Example........................432 7705 SAR OS Router Configuration Guide...
Page 12 List of Figures 7705 SAR OS Router Configuration Guide...
Page 13: Preface
Command Line Interface (CLI) syntax and command usage. Note: This manual generically covers Release 6.2 content and may contain some content that will be released in later maintenance loads. Please refer to the 7705 SAR OS 6.2.Rx Software Release Notes, part number 3HE09585000xTQZZA, for information on features supported in each load of the Release 6.2 software.
Page 14: List Of Technical Publications
About This Guide List of Technical Publications The 7705 SAR OS documentation set is composed of the following guides: • 7705 SAR OS Basic System Configuration Guide This guide describes basic system configurations and operations. • 7705 SAR OS System Management Guide This guide describes system security and access configurations as well as event logging and accounting logs.
Page 15: Technical Support
Preface Technical Support If you purchased a service agreement for your 7705 SAR router and related products from a distributor or authorized reseller, contact the technical support staff for that distributor or reseller for assistance. If you purchased an Alcatel-Lucent service agreement, follow this link...
Page 16 About This Guide 7705 SAR OS Router Configuration Guide...
Page 17: Getting Started
ARP, and ICMP Protocol Configure IP, MAC, and VLAN filters Filter Policies configuration Configure routing policies Route Policies Reference List of IEEE, IETF, and other proprietary entities Standards and Protocol Support 7705 SAR OS Router Configuration Guide...
Page 18 Alcatel-Lucent 7705 SAR Router Configuration Process 7705 SAR OS Router Configuration Guide...
Page 19: Ip Router Configuration
This chapter provides information about commands required to configure basic router parameters. Topics in this chapter include: • Configuring IP Router Parameters • Router Configuration Process Overview • Configuration Notes • Configuring an IP Router with CLI • IP Router Command Reference 7705 SAR OS Router Configuration Guide...
Page 20: Configuring Ip Router Parameters
Configuring IP Router Parameters Configuring IP Router Parameters In order to provision services on a 7705 SAR, IP parameters must be configured on the node. Logical IP routing interfaces must be configured to associate entities, such as a port or the system, with IP addresses.
Page 21: Network Interface
(not the ring ports). The 7705 SAR can be used as an LER (label edge router) or LSR (label switch router). OSPF, RIP, IS-IS, and BGP are supported as dynamic routing protocols, and static routes to next-hop addresses are also supported.
Page 22 • For information on LDPs and static LSPs, refer to the 7705 SAR OS MPLS Guide. Configurable ARP Retry Timer A timer is available to configure a shorter retry interval when an ARP request fails. An ARP request may fail for a number of reasons, such as network connectivity issues.
Page 23: Proxy Arp
The 7705 SAR supports both proxy ARP and local proxy ARP. Local proxy ARP is similar to proxy ARP except that it is used within a subnet; the router responds to all requests for IP addresses within the subnet and forwards all traffic between the hosts in the subnet.
Page 24 Layer 3 interface 128.251.10.59, then by enabling remote proxy ARP, the 7705 SAR will respond to ARP requests from hosts 2.2.2.1 to 2.2.2.100. In addition, a route policy with a prefix list can be created and used as a proxy ARP policy for finer granularity of the IP range for which proxy ARP is being used.
Page 25: System Interface
For detailed information on ETH-CFM entities and on ETH-CFM support for services, refer to the 7705 SAR OS Services Guide, “ETH-CFM (802.1ag and Y.1731)”. For information on running Ethernet OAM tests, refer to the 7705 SAR OS OAM and Diagnostics Guide, “ETH- CFM (802.1ag and Y.1731)”.
Page 26: Ip Addresses
→ Ethernet ports on the 7705 SAR-H → Ethernet ports on the 7705 SAR-Hc → Ethernet management port → DSL module ports when the module is installed in the 7705 SAR-M (variants with module slots) 7705 SAR OS Router Configuration Guide...
Page 27: Internet Protocol Versions
7705 SAR is acting as a DHCP client. System IP addresses must be assigned manually. Internet Protocol Versions The 7705 SAR supports IP version 4 (IPv4 – RFC 791, Internet Protocol) and IP version 6 (IPv6 – RFC 2460, Internet Protocol, Version 6 Specification). The 7705 SAR can forward IPv6 packets over static routes for network forwarding, IES services, and node management.
Page 28: Ipv6 Address Format
/1 to /64 or is /128 (indicating a host route). Supported interface IP address prefixes are from /4 to /64, and /128 on system or loopback interfaces. 7705 SAR OS Router Configuration Guide...
Page 29: Ipv6 Headers
IPv6 header, in octets Any extension headers that are present in the packet are considered to be part of the payload; therefore, the payload always begins immediately after the Destination Address 7705 SAR OS Router Configuration Guide...
Page 30: Neighbor Discovery
The host generates its own addresses using locally available information and information advertised by routers, such as the 7705 SAR. Stateless autoconfiguration is a feature of the neighbor discovery protocol.
Page 31: Router Id
IP interface context. • if you do not specify a router ID, the last 4 bytes of the MAC address are used • the router ID can be derived on the protocol level; for example, BGP 7705 SAR OS Router Configuration Guide...
Page 32: Autonomous Systems
Note: Within the router context, the 7705 SAR supports IBGP but does not support EBGP. Within the VPRN context, the 7705 SAR supports EBGP but does not support IBGP. For information on configuring BGP within the router context, refer to the 7705 SAR OS Routing Protocols Guide, “BGP”.
Page 33: Dhcp Relay And Dhcpv6 Relay
The 7705 SAR can act as a DHCP client, a DHCP Relay agent, or a local DHCP server. When used as a CPE, the 7705 SAR can act as a DHCP client to learn the IP address of the network interface. Dynamic IP address allocation is supported on network interfaces only.
Page 34: Local Dhcp Server
DHCP server. Some options have additional information stored in suboptions. The 7705 SAR supports Option 60 and Option 61 as specified in RFC 2132. Option 60 is the vendor class identifier, which can contain information such as the client’s hardware configuration.
Page 35: Dhcp Server Options
Option 58—Renew (T1) Timer • Option 59—Renew (T2) Timer DHCP servers also support Suboption 13 Relay Agent Information Option 82 as specified in RFC 3046, to enable the use of a pool indicated by the DHCP client. 7705 SAR OS Router Configuration Guide...
Page 36: Icmp And Icmpv6
ICMP messages are typically generated in response to errors in IP datagrams or for diagnostic or routing purposes. The ICMP ping utility for IPv4 and IPv6 and the ICMP traceroute utility for IPv4 are described in the 7705 SAR OS OAM and Diagnostics Guide, “ICMP Diagnostics”.
Page 37: Table 4 Icmpv6 Capabilities For Ipv6
IP network and to measure the roundtrip time for packets sent from the local host to a destination node The 7705 SAR supports the ICMPv6 capabilities described in Table Table 4: ICMPv6 Capabilities for IPv6 ICMPv6 Message...
Page 38: Static Routes, Dynamic Routes, And Ecmp
Static routes to next-hop addresses are supported on the 7705 SAR. Dynamic routing using the OSPF, RIP, IS-IS, or BGP protocols is also supported. If the 7705 SAR chassis is equipped with two CSMs (Control and Switching modules) for redundancy, non-stop services are supported. Therefore, if the active CSM experiences an activity switch, all static route entries are maintained.
Page 39 (metrics) are equal, the decision of which route to use is determined by the configuration of ECMP. For information on configuring the 7705 SAR for LSR ECMP with the lsr-load- balancing command, see Router Interface Commands and the 7705 SAR OS Basic System Configuration Guide, “System Information and General Commands”.
Page 40: Igp-Ldp And Static Route-Ldp Synchronization
The timer does not start until the LDP adjacency with the neighbor node is fully established. For static routes, the ldp-sync-timer function requires LDP to use the interface address, not the system address, as its transport address. 7705 SAR OS Router Configuration Guide...
Page 41: Bidirectional Forwarding Detection (Bfd)
To address this issue, NAT can be used. NAT can hide multiple private IP addresses behind a single public IP address and therefore makes it possible to scale IP solutions in mobile backhaul, enterprise, and SI networks. 7705 SAR OS Router Configuration Guide...
Page 42: Session Creation
When the downloaded NAT session times out, or closes because of TCP connection termination, the session is deleted from the datapath. On the 7705 SAR-8 and 7705 SAR-18, NAT sessions survive a CSM redundancy switch. 7705 SAR OS Router Configuration Guide...
Page 43: Nat Zones
Zones can be segmented as small as a single interface or as large as the maximum number of interfaces supported by 7705 SAR. For example, in metrocell applications, all the SAPs on the access point used to aggregate the metrocell can be placed in a single zone (zone 2) and the uplink public interface can be placed in another zone (zone 1).
Page 44 The source IP address of the metrocell packet that enters IES 2 is replaced with the source IP address of IES uplink zone 1 as it exits the 7705 SAR. In addition the source UDP/ TCP port may also be replaced depending on the NAT policy configured for the zone.
Page 45: Figure 3 Zone Direction (Inbound)
Layer 3 interface (access) 24026 An example of outbound zone direction is shown in Figure 4. All traffic leaving zone 1 has NAT applied to it based on the configured NAT policy assigned to zone 1. 7705 SAR OS Router Configuration Guide...
Page 46: Figure 4 Zone Direction (Outbound)
IES or VPRN service context. A zone is configured by adding at least one Layer 3 interface to the zone configuration. Multiple zones can be created within each service or within the router context. Layer 3 interfaces from different services cannot be grouped into a single common zone. 7705 SAR OS Router Configuration Guide...
Page 47: Nat Security Profile
Minimum timeout: 1min Maximum timeout: 5 min TCP established Specifies the timeout for a TCP session in tcp-established the established state Default timeout: 2 hrs, 4 min Minimum timeout: 1 min Maximum timeout: 24 hr 7705 SAR OS Router Configuration Guide...
Page 48 Minimum timeout: 15 s Maximum timeout: 24 hr UDP initial Specifies the timeout applied to a UDP udp-initial session in its initial state Default timeout: 15 s Minimum timeout: 10 s Maximum timeout: 5 min 7705 SAR OS Router Configuration Guide...
Page 49: Nat Policies
Source IP Specifies an explicit source IP address for src-ip the match criteria of the rule. Packets being processed by a zone are evaluated for a match to the specified source IP. 7705 SAR OS Router Configuration Guide...
Page 50: Dynamic Source Nat
Source NAT can be used to create sessions from inside a private network to an outside (public) network. If an arriving IP packet on the 7705 SAR matches the NAT policy rules, an internal mapping is created between the inside (private) source IP address/source port and an outside (public) source IP address/source port.
Page 51: Local Traffic And Nat
Only packets transiting the 7705 SAR node have NAT applied to them. Any packet arriving on the 7705 SAR with a local IP address will be checked against active NAT sessions on the datapath (6-tuple lookup), and if there is no match, the packet is sent to the CSM for processing as local traffic.
Page 52: Session Resource Alarms
5620 SAM Server Application on portal Reach an array of applications using port forwarding and a single IPv4 address All applications are reachable via 10.1.1.2 interface on 7705 VPRN Server App: 192.168.1.4:21 Protocol TCP, Port 6001 Camera App: 192.168.1.3:50...
Page 53: Nat Support For Fragmented Packets
For source NAT packets traversing from a public network to a private network and destined to a local IP address on the 7705 SAR, fragmented packets that do not contain the UDP header are extracted to the CSM for processing and an ICMP error message is sent to the sender.
Page 54 Layer 4 load balancing hashing algorithms such as IP ECMP or LAG, it is recommended that these algorithms be disabled on all routers in the network if it is foreseen that packet fragments might be arriving on the 7705 SAR router.
Page 55: Router Configuration Process Overview
Figure 6 displays the process to configure basic router parameters. Figure 6: IP Router Configuration Flow START SET THE SYSTEM NAME CONFIGURE SYSTEM IP ADDRESS CONFIGURE NETWORK IP ADDRESS CONFIGURE THE AUTONOMOUS SYSTEM ENABLE 21818 7705 SAR OS Router Configuration Guide...
Page 56: Configuration Notes
Boot options file (BOF) parameters must be configured prior to configuring router parameters. Reference Sources For information on supported IETF drafts and standards, as well as standard and proprietary MIBs, refer to Standards and Protocol Support. 7705 SAR OS Router Configuration Guide...
Page 57: Configuring An Ip Router With Cli
Configuring an IP Router with CLI This section provides information to configure an IP router. Topics in this section include: • Router Configuration Overview • Basic Configuration • Common Configuration Tasks • Service Management Tasks 7705 SAR OS Router Configuration Guide...
Page 58: Router Configuration Overview
Router Configuration Overview Router Configuration Overview On a 7705 SAR, an interface is a logical named entity. An interface is created by specifying an interface name under the config>router context, the global router configuration context where objects like static routes and dynamic routing are defined. An IP interface name can be up to 32 alphanumeric characters long, must start with a letter, and is case-sensitive;...
Page 59: Network Interface
Network Interface A network interface can be configured on a physical or logical port. On the 2-port 10GigE (Ethernet) Adapter card/module, the network interface can only be created on the v-port (not the ring ports). 7705 SAR OS Router Configuration Guide...
Page 60: Basic Configuration
The following example displays a router configuration. A:ALU-A> config# info . . . #------------------------------------------ # Router Configuration #------------------------------------------ router interface "system" address 10.10.10.103/32 exit interface "to-104" address 10.0.0.103/24 port 1/1/1 exit exit #------------------------------------------ A:ALU-A> config# 7705 SAR OS Router Configuration Guide...
Page 61: Common Configuration Tasks
If special characters are included in the system name string, such as spaces, #, or ?, the entire string must be enclosed within double quotes. Use the following CLI syntax to configure the system name: CLI Syntax: config# system name system-name Example: config# system config>system# name ALU-A ALU-A>config>system# exit all ALU-A# 7705 SAR OS Router Configuration Guide...
Page 62: Configuring Interfaces
The system interface cannot be deleted. Configuring a System Interface Use the following CLI syntax to configure a system interface: CLI Syntax: config>router interface ip-int-name address {ip-addr/mask-length}| {ip-addr/netmask} Example: config>router# interface system config>router>if# address 10.10.10.104/32 config>router>if# exit 7705 SAR OS Router Configuration Guide...
Page 63: Configuring A Network Interface
To have the interface enabled for dynamic address assignment, use the dhcp keyword and, optionally, assign client ID and vendor class ID. In addition, to apply and configure a per-VLAN network egress aggregate shaper, use the queue-policy and agg-rate-limit commands. 7705 SAR OS Router Configuration Guide...
Page 64 This will ensure that the link-local address is derived from the port MAC address and will therefore not change after a reboot. CLI Syntax: config>port config>router interface ip-int-name port port-name ipv6 address ipv6-address/prefix-length [eui-64] 7705 SAR OS Router Configuration Guide...
Page 65: Configuring Ipv6 Parameters
→ Ethernet ports on the 7705 SAR-Hc → Ethernet management port → DSL module ports when the module is installed in the 7705 SAR-M (variants with module slots) → GPON module ports when the module is installed in the 7705 SAR-M (variants with module slots) →...
Page 66: Configuring Router Advertisement
{seconds | infinite} valid-lifetime {seconds | infinite} reachable-time milli-seconds retransmit-time milli-seconds router-lifetime seconds no shutdown Example: config>router# router-advertisement config>router>router-advert# interface “n1” config>router>router-advert>if# prefix 3::/64 config>router>router-advert>if>prefix# autonomous config>router>router-advert>if>prefix# on-link config>router>router-advert>if>prefix# preferred- lifetime 604800 config>router>router-advert>if>prefix# valid-lifetime 2592000 7705 SAR OS Router Configuration Guide...
Page 67: Configuring Ecmp
ECMP (Equal-Cost Multipath Protocol) refers to the distribution of packets over two or more outgoing links that share the same routing cost. The 7705 SAR load-balances traffic over multiple equal-cost links with a hashing algorithm that uses header fields from incoming packets to calculate which link to use.
Page 68: Configuring Static Routes
Common Configuration Tasks Configuring Static Routes The 7705 SAR supports both static routes and dynamic routing to next-hop addresses. For information on configuring OSPF, RIP, IS-IS, and BGP routing, refer to the 7705 SAR OS Routing Protocols Guide. Only one next-hop IP address can be specified per IP interface for static routes.
Page 69: Configuring An Autonomous System
10.0.0.104/24 port 1/1/1 exit router-id 10.10.10.104 #------------------------------------------ A:ALU-B>config>router# Configuring an Autonomous System Configuring an autonomous system is optional. Use the following CLI syntax to configure an autonomous system: CLI Syntax: config>router autonomous-system as-number 7705 SAR OS Router Configuration Guide...
Page 70: Configuring Icmp And Icmpv6
100 20 Use the following CLI syntax to configure ICMPv6 for the router: CLI Syntax: config>router interface ip-int-name ipv6 icmp6 packet-too-big number seconds param-problem number seconds time-exceeded number seconds unreachables number seconds 7705 SAR OS Router Configuration Guide...
Page 71: Configuring A Dhcp Relay Agent
[ascii-tuple | port-id | if-name] copy-82 remote-id [mac | string string] server server1 [server2...(up to 8 max)] no shutdown no shutdown Example: A:ALU-41>config>router# interface “DHCP_interface” A:ALU-41>config>router>if$ dhcp option A:ALU-41>config>router>if>dhcp>option$ circuit-id ascii-tuple A:ALU-41>config>router>if>dhcp>option$ exit 7705 SAR OS Router Configuration Guide...
Page 72: Configuring Proxy Arp
CLI Syntax: config>router>policy-options begin commit abort prefix-list name prefix ip-prefix/mask [exact | longer | through length | prefix-length-range length1- length2] policy-statement name default-action {accept | next-entry | next-policy | reject} entry entry-id 7705 SAR OS Router Configuration Guide...
Page 73 Apply the policy statement to the proxy ARP policy in the config>router>if> proxy-arp-policy context. CLI Syntax: config>router interface ip-int-name proxy-arp-policy policy-name [policy- name...(up to 5 max)] The following example displays the router interface proxy ARP configuration. A:ALU-41>config>router>if# info ------------------------------------------- address 128.251.10.59/24 remote-proxy-arp proxy-arp-policy “proxyARPpolicy” ------------------------------------------- 7705 SAR OS Router Configuration Guide...
Page 74: Configuring A Nat Zone
| policy-name shutdown The following example displays the NAT zone configuration output. A:ALU-B>config>router# info ---------------------------------------------- configure router zone 1 create begin name “GRT zone” description “uplink zone to public” pool 1 create 7705 SAR OS Router Configuration Guide...
Page 75 IP Router Configuration description "pool 1" direction zone-outbound entry 1 create ip-addr 68.193.0.1 port 5000 to 6000 exit exit exit policy 1 commit exit no-shutdown ---------------------------------------------- A:ALU-B>config>router# 7705 SAR OS Router Configuration Guide...
Page 76: Service Management Tasks
The following example displays the system name change. A:ALU-A>config>system# name TGIF A:TGIF>config>system# info #------------------------------------------ # System Configuration #------------------------------------------ name "TGIF" location "Kanata, ON, Canada" snmp exit security snmp community "private" rwa version both exit exit . . . ---------------------------------------------- A:TGIF>config>system# 7705 SAR OS Router Configuration Guide...
Page 77: Modifying Interface Parameters
A:ALU-A>config>router>if# port 1/1/2 A:ALU-A>config>router>if# no shutdown The following example displays the interface configuration. A:ALU-A>config>router# info #------------------------------------------ # IP Configuration #------------------------------------------ interface "system" address 10.0.0.103/32 exit interface "to-sr1" address 10.0.0.25/24 port 1/1/2 exit router-id 10.10.10.104 #------------------------------------------ A:ALU-A>config>router# 7705 SAR OS Router Configuration Guide...
Page 78: Deleting A Logical Ip Interface
2. After the interface has been shut down, it can then be deleted with the no interface command. CLI Syntax: config>router no interface ip-int-name Example: config>router# interface test-interface config>router>if# shutdown config>router>if# exit config>router# no interface test-interface config>router# 7705 SAR OS Router Configuration Guide...
Page 79: Ip Router Command Reference
Router Commands → Local DHCP Server Commands → Router Interface Commands → Router Interface IPv6 Commands → Router Advertisement Commands → Router NAT Configuration Commands • Show Commands • Clear Commands • Debug Commands 7705 SAR OS Router Configuration Guide...
Page 80: Configuration Commands
[days days] [hrs hours] [min minutes] [sec seconds] — no max-lease-time — min-lease-time [days days] [hrs hours] [min minutes] [sec seconds] — no min-lease-time — offer-time [min minutes] [sec seconds] — no offer-time — options 7705 SAR OS Router Configuration Guide...
Page 81 — custom-option option-number string ascii-string — no custom-option option-number — default-router ip-address [ip-address...(up to 4 max)] — no default-router — subnet-mask ip-address — no subnet-mask — [no] shutdown — [no] use-gi-address — [no] use-pool-from-client 7705 SAR OS Router Configuration Guide...
Page 82 — no mep mep-id domain md-index association ma-index — [no] ccm-enable — ccm-ltm-priority priority — no ccm-ltm-priority — [no] dual-ended-loss-test-enable — alarm-threshold percentage — no alarm-threshold — alarm-clear-threshold percentage — no alarm-clear-threshold — [no] eth-test-enable 7705 SAR OS Router Configuration Guide...
Page 83 — router [router-name] — [no] interface ip-int-name — [no] ipv6 — address ipv6-address/prefix-length [eui-64] — no address ipv6-address/prefix-length — icmp6 — packet-too-big [number seconds] — no packet-too-big — param-problem [number seconds] — no param-problem 7705 SAR OS Router Configuration Guide...
Page 84 {seconds | infinite} — no preferred-lifetime — valid-lifetime{seconds | infinite} — no valid-lifetime — reachable-time milli-seconds — no reachable-time — retransmit-time milli-seconds — no retransmit-time — router-lifetime seconds — no router-lifetime — [no] shutdown 7705 SAR OS Router Configuration Guide...
Page 85 [create] — no entry entry-id — ip-address ip-address [to ip-address] interface ip-int-name — no ip-address — port port [to port] — no port — name pool-name — policy policy-id | policy-name — [no] shutdown 7705 SAR OS Router Configuration Guide...
Page 86: Show Commands
[ip-address | ip-int-name | mac ieee-mac-address | summary] [dynamic | static | managed] — ospf — policy — route-table [family] [ip-prefix[/prefix-length] [longer | exact]] | [protocol protocol-name] | [summary] — rsvp — rtr-advertisement [interface interface-name] [prefix ipv6-prefix/prefix-length] [conflicts] — sgt-qos 7705 SAR OS Router Configuration Guide...
Page 87: Clear Commands
[ip-int-name | ip-addr] [icmp] — interface spoke-name statistics — isis — ldp — mpls — neighbor {all | ip-address} — neighbor [interface ip-int-name | ip-address] — ospf — router-advertisement — router-advertisement [interface interface-name] — rsvp 7705 SAR OS Router Configuration Guide...
Page 88: Debug Commands
— [no] ospf — [no] rsvp Note: • For information on MPLS, LDP, and RSVP, refer to the 7705 SAR OS MPLS Guide. • For information on OSPF, IS-IS, and BGP, refer to the 7705 SAR OS Routing Protocols Guide.
Page 89: Command Descriptions
IP Router Configuration Command Descriptions • Configuration Commands • Show Commands • Clear Commands • Debug Commands 7705 SAR OS Router Configuration Guide...
Page 90: Configuration Commands
Router Interface Commands • Router Interface IPv6 Commands • Router Interface DHCP Relay Agent Commands • Router Interface Filter Commands • Router Interface ICMP and ICMPv6 Commands • Router Advertisement Commands • Router NAT Configuration Commands 7705 SAR OS Router Configuration Guide...
Page 91 Unlike other commands and parameters where the default state is not indicated in the configuration file, shutdown and no shutdown are always indicated in system-generated configuration files. The no form of the command puts an entity into the administratively enabled state. Default no shutdown 7705 SAR OS Router Configuration Guide...
Page 92: Router Global Commands
The router name refers to the router instance (in other commands, the router instance can be either router name or service ID). The 7705 SAR has two routing domains (instances). The base routing domain includes all in-band IP traffic; that is, any IP packet arriving at the router over any IP interface (all services, all physical ports on the adapter cards).
Page 93 Context config>router Description This command enables ECMP and configures the number of routes for path sharing; for example, the value 2 means two equal-cost routes will be used for cost sharing. 7705 SAR OS Router Configuration Guide...
Page 94 This command configures the router ID for the router instance. The router ID is used by OSPF and BGP in the routing table manager. IS-IS uses the router ID as its system ID. Refer to the 7705 SAR OS Routing Protocols Guide for information on OSPF, IS-IS, and BGP.
Page 95 This is in addition to the management routes configured using the bof>static-route command (refer to the 7705 SAR OS Basic System Configuration Guide, “BOF Command Reference”). The static routes are not added to the routing table until after the configuration file is executed in the application load.
Page 96: Table 8 Route Preference Defaults By Route Type
— the cost metric for the static route, expressed as a decimal integer. This value is used when importing the static route into other protocols such as OSPF or IS-IS. When the metric is configured as 0, then the metric configured in the other protocol applies. 7705 SAR OS Router Configuration Guide...
Page 97 (wi‘zp‘zpth the exception of the next-hop parameters), this static route will be replaced with the newly entered configured route, and unless specified, the respective defaults for preference and metric will be applied. 7705 SAR OS Router Configuration Guide...
Page 98 FORCERENEW message to the client, upon receipt of the message, the client will change its state to the RENEW state and will then try to renew its lease according to normal DHCP procedures. The no form of the command disables the use of FORCERENEW messages. Default no force-renew 7705 SAR OS Router Configuration Guide...
Page 99 — the maximum lease time in hours Values 0 to 23 minutes — the maximum lease time in minutes Values 0 to 59 seconds — the maximum lease time in seconds Values 0 to 59 7705 SAR OS Router Configuration Guide...
Page 100 The no form of the command returns the value to the default. Default 1 min Parameters minutes — the offer time in minutes Values 0 to 10 seconds — the offer time in seconds Values 0 to 59 7705 SAR OS Router Configuration Guide...
Page 101 (host bits must be 0) hex-string — the hex value of this option Values 0x0 to 0xFFFFFFFF ascii-string — the value of the option as an ASCII string Values maximum 127 characters 7705 SAR OS Router Configuration Guide...
Page 102 This command configures the time from the assignment of the IP address until the client transitions to a rebinding state. The no form of the command removes the time from the configuration. Default Parameters days — the lease rebinding time in days Values 0 to 3650 7705 SAR OS Router Configuration Guide...
Page 103 [days days] [hrs hours] [min minutes] [sec seconds] no lease-time Context config>router>dhcp>local-dhcp-server>pool>options config>service>vprn>dhcp>local-dhcp-server>pool>options Description This command configures the time that the DHCP server grants permission to the DHCP client to use a particular IP address. 7705 SAR OS Router Configuration Guide...
Page 104 The no form of this command removes the configuration. Parameters ip-address — the IP address of the NetBIOS name server in dotted-decimal notation. Up to four IP addresses can be entered. Values ipv4-address: a.b.c.d (host bits must be 0) 7705 SAR OS Router Configuration Guide...
Page 105 IP addresses are made available until a range is defined. The no form of this command removes the configuration. Default Parameters ip-address — the base IP address of the subnet in dotted-decimal notation Values a.b.c.d (no multicast address; host bits must be 0) 7705 SAR OS Router Configuration Guide...
Page 106 [no] exclude-addresses start-ip-address [end-ip-address] Context config>router>dhcp>local-dhcp-server>pool>subnet config>service>vprn>dhcp>local-dhcp-server>pool>subnet Description This command configures a range of IP addresses to be excluded from this subnet’s pool of IP addresses. The no form of the command removes the configuration. Default 7705 SAR OS Router Configuration Guide...
Page 107 The no form of the command removes the configuration. Default Parameters minimum-free — specifies the minimum number of free addresses in this subnet Values 0 to 255 7705 SAR OS Router Configuration Guide...
Page 108 [no] use-gi-address Context config>router>dhcp>local-dhcp-server config>service>vprn>dhcp>local-dhcp-server Description This command enables the use of gateway IP address (GIADDR) matching. If the gi-address flag is enabled, a pool can be used even if a subnet is not found. 7705 SAR OS Router Configuration Guide...
Page 109 82. When disabled or if there is no suboption 13 in the DHCP message, the pool selection is specified by the value of the GIADDR. The no form of the command disables the use of the pool indicated by the DHCP client. Default no use-pool-from-client 7705 SAR OS Router Configuration Guide...
Page 110 Although not a keyword, the interface name “system” is associated with the network entity (such as a specific 7705 SAR), not a specific interface. The system interface is also referred to as the loopback address.
Page 111 IP address; the remainder of the IP address is used to determine the host portion of the IP address. Values 1 to 32 (mask length of 32 is reserved for system IP addresses) 7705 SAR OS Router Configuration Guide...
Page 112 By default, directed broadcasts are not allowed and are discarded at this egress IP interface. The no form of the command disables directed broadcasts forwarding out of the IP interface. Default no allow-directed broadcasts 7705 SAR OS Router Configuration Guide...
Page 113 The no form of the command reverts to the default value. Note: The 7705 SAR will attempt to refresh an ARP entry 30 s prior to its expiry. This refresh attempt occurs only if the ARP timeout is set to 45 s or more.
Page 114 3000 ms. The maximum receiving detection time is the receive-interval parameter multiplied by the multiplier parameter. Note: The BFD session must be disabled before the type np parameter can be changed. 7705 SAR OS Router Configuration Guide...
Page 115 When the LDP synchronization timer expires, the link cost is restored and is readvertised. IGP will announce a new best next-hop and LDP will use it if the label binding for the neighbor’s FEC is available. 7705 SAR OS Router Configuration Guide...
Page 116 • config>router>isis>disable-ldp-sync Refer to the 7705 SAR OS OAM and Diagnostics Guide for the tools commands and to the 7705 SAR OS Routing Protocols Guide for the OSPF and IS-IS commands. If the user changes the value of the LDP synchronization timer parameter, the new value will take effect at the next synchronization event.
Page 117 This command enables local proxy ARP on the interface. Local proxy ARP allows the 7705 SAR to respond to ARP requests received on an interface for an IP address that is part of a subnet assigned to the interface. The router responds to all requests for IP addresses within the subnet with its own MAC address and forwards all traffic between the hosts in the subnet.
Page 118 Syntax port port-name no port Context config>router>interface Description This command creates an association with a logical IP interface and a physical port. An interface can also be associated with the system (loopback address). 7705 SAR OS Router Configuration Guide...
Page 119 The port name consists of the port-id (for T1/E1 interfaces and Ethernet interfaces) and an optional encapsulation value (for Ethernet interfaces). The port name can also be the bundle-id used for the multilink bundle (PPP or IMA). Refer to the 7705 SAR OS Interface Configuration Guide for information on configuring ports.
Page 120 MAC address with the destination node’s IP address (acts as a proxy for the destination node). The router then takes responsibility for routing traffic to the real destination. Default no remote-proxy-arp 7705 SAR OS Router Configuration Guide...
Page 121 A router interface can only have one static ARP entry configured for it. Static ARP is used when a 7705 SAR needs to know about a device on an interface that cannot or does not respond to ARP requests. Therefore, the 7705 SAR OS configuration can state that, if it has a packet that has a certain IP address, to send it to the corresponding ARP address.
Page 122 → Ethernet ports on the 7705 SAR-Hc → Ethernet management port → DSL module ports when the module is installed in the 7705 SAR-M (variants with module slots) → GPON module ports when the module is installed in the 7705 SAR-M (variants with module slots) →...
Page 123 IPv6 node does not support ICMPv6 neighbor discovery or a static address must be used. This command can only be used on Ethernet interfaces. The ipv6-address must be on the subnet that was configured from the IPv6 address command or a link-local address. 7705 SAR OS Router Configuration Guide...
Page 124 — the IPv6 address on the interface Values ipv6-address x:x:x:x:x:x:x:x (eight 16-bit pieces) x:x:x:x:x:x:d.d.d.d x: [0 to FFFF]H d: [0 to 255]D mac-address the MAC address for the neighbor in the form of xx:xx:xx:xx:xx:xx or xx-xx-xx-xx- xx-xx 7705 SAR OS Router Configuration Guide...
Page 125 This command enables DHCP Option 82 (Relay Agent Information Option) parameters processing and enters the context for configuring Option 82 suboptions. The no form of this command returns the system to the default. Default no option 7705 SAR OS Router Configuration Guide...
Page 126 Description This command configures the processing required when the 7705 SAR receives a DHCP request that already has a Relay Agent Information Option (Option 82) field in the packet. The no form of this command returns the system to the default value.
Page 127 DHCP Relay to work. If there are multiple servers specified, then the request is forwarded to all of the servers in the list. There can be a maximum of eight DHCP servers configured. Default no server Parameters server — specifies the DHCP server IP address 7705 SAR OS Router Configuration Guide...
Page 128 Adapter card, only the agg-rate can be set—setting the cir-rate is blocked. For information on adapter card generations, refer to the “Evolution of Ethernet Adapter Cards, Modules, and Platforms” section in the 7705 SAR OS Interface Configuration Guide. The queue-policy command is used to enable and disable network egress per-VLAN shapers on a per- network-interface basis.
Page 129 The no form of the command removes the filter policy associated with the IP interface. Default Parameters ip-filter-id — the ID for the IPv4 filter policy expressed as a decimal integer. The filter policy must already exist within the config>filter>ip-filter context. Values 1 to 65535 7705 SAR OS Router Configuration Guide...
Page 130 Refer to the 7705 SAR OS Quality of Service Guide, “Network Queue QoS Policies”, for more information. The queue-policy command is used to enable and disable network egress per-VLAN shapers on a per- network-interface basis.
Page 131 By default, generation of ICMP TTL expired messages is enabled at a maximum rate of 100 per 10-s time interval. The no form of the command disables the generation of TTL expired messages. Default ttl-expired 100 10 — maximum of 100 TTL expired message in 10 s 7705 SAR OS Router Configuration Guide...
Page 132 — the interval, in seconds, used to limit the number of ICMP unreachable messages that can be issued, expressed as a decimal integer Values 1 to 60 icmp6 Syntax icmp6 Context config>router>if>ipv6 Description This command enables the context to configure ICMPv6 parameters on an interface. 7705 SAR OS Router Configuration Guide...
Page 133 Values 10 to 1000 seconds — the time frame, in seconds, used to limit the number of param-problem messages that can be issued, expressed as a decimal integer Values 1 to 60 7705 SAR OS Router Configuration Guide...
Page 134 Values 10 to 1000 seconds — the time frame, in seconds, used to limit the number of destination unreachable messages that can be issued, expressed as a decimal integer Values 1 to 60 7705 SAR OS Router Configuration Guide...
Page 135 Context config>router>router-advertisement>interface Description This command configures the current hop limit in the router advertisement messages. It informs the nodes on the subnet about the hop limit when originating IPv6 packets. Default 7705 SAR OS Router Configuration Guide...
Page 136 Context config>router>router-advertisement>interface Description This command configures the minimum interval between sending ICMPv6 router advertisement messages. Default Parameters seconds — the minimum interval, in seconds, between sending ICMPv6 router advertisement messages Values 3 to 1350 7705 SAR OS Router Configuration Guide...
Page 137 Description This command configures an IPv6 prefix in the router advertisement messages. To support multiple IPv6 prefixes, use multiple prefix statements. No prefix is advertised until it is explicitly configured using prefix statements. Default 7705 SAR OS Router Configuration Guide...
Page 138 Parameters seconds — the remaining length of time, in seconds, that this prefix will be preferred Values 1 to 4294967294 infinite — the prefix will always be preferred. A value of 4294967295 represents infinity. 7705 SAR OS Router Configuration Guide...
Page 139 This command configures the retransmission frequency of neighbor solicitation messages. Default no retransmit-time Parameters milli-seconds — the amount of time that a host should wait before retransmitting neighbor solicitation messages Values 0 to 1800000 7705 SAR OS Router Configuration Guide...
Page 140 — the length of time, in seconds (relative to the time that the packet is sent), that the prefix is valid for route determination Values 0, 4 to 9000 (a value of 0 means that the router is not a default router on this link) 7705 SAR OS Router Configuration Guide...
Page 141 Syntax abort Context config>router>zone Description This command discards changes made to a security feature. Default begin Syntax begin Context config>router>zone Description This command enters the mode to create or edit security features. Default 7705 SAR OS Router Configuration Guide...
Page 142 — specifies the name of the zone. Zone names must be unique within the system. If the string contains special characters (#, $, spaces, etc.), the entire string must be enclosed within double quotes. Values 1 to 32 characters (must start with a letter) 7705 SAR OS Router Configuration Guide...
Page 143 Parameters zone-outbound — configures a pool for the policy outbound traffic zone-inbound — configures a pool for the policy inbound traffic both — configures a pool for policy inbound and outbound traffic 7705 SAR OS Router Configuration Guide...
Page 144 NAT is updated accordingly. Only one IP address can be associated with an IP interface. Source IP addresses and interfaces cannot be used together in a single NAT pool. The IP address for the interface must be entered in dotted-decimal notation. The maximum IP address range limit is 255. 7705 SAR OS Router Configuration Guide...
Page 145 This command configures the UDP/TCP port or port range. Packets that match NAT policy undergo network port address translation (NPAT) and are routed to their source UDP/TCP port. Configuring a UDP/TCP port pool requires an IP-address pool because the 7705 SAR does not support port address translation (PAT) alone.
Page 146: Show Commands
04:5b:01:01:00:02 03:53:09 to-ser1 10.10.13.3 04:5d:01:01:00:02 00:00:00 to-ser1 10.10.34.3 04:5d:01:01:00:01 00:00:00 to-ser4 10.10.34.4 04:5e:01:01:00:01 01:08:00 to-ser4 10.10.35.3 04:5d:01:01:00:03 00:00:00 to-ser5 10.10.35.5 04:5f:01:01:00:03 02:47:07 to-ser5 192.168.2.93 00:03:47:97:68:7d 00:00:00 management ------------------------------------------------------------------------------- No. of ARP Entries: 8 =============================================================================== 7705 SAR OS Router Configuration Guide...
Page 147: Table 9 Show Arp Table Output Fields
The number of ARP entries displayed in the list authentication Syntax authentication statistics authentication statistics interface [ip-int-name | ip-address] authentication statistics policy name Context show>router>authentication Description This command displays interface or policy authentication statistics. 7705 SAR OS Router Configuration Guide...
Page 148: Table 10 Show Authentication Statistics Output Fields
This command enables the context to display bidirectional forwarding detection (BFD) information. interface Syntax interface Context show>router>bfd Description This command displays BFD interface information. Output The following output is an example of BFD interface information, and Table 11 describes the fields. 7705 SAR OS Router Configuration Guide...
Page 149: Table 11 Show Bfd Interface Output Fields
RX Interval Displays the expected interval, in milliseconds, between the received BFD messages to maintain the session Multiplier Displays the integer used by BFD to declare when the far end is down. 7705 SAR OS Router Configuration Guide...
Page 150: Table 12 Show Bfd Session Output Fields
Displays the expected interval, in milliseconds, between the received BFD messages to maintain the session Rx Pkts Displays the number of received packets Mult Displays the integer used by BFD to declare when the neighbor is down 7705 SAR OS Router Configuration Guide...
Page 151: Table 13 Show Dhcp Server Associations Output Fields
DHCP server local1 router 3 =============================================================================== Associations Admin ------------------------------------------------------------------------------- sim84 =============================================================================== *A:ALU-1# Table 13: Show DHCP Server Associations Output Fields Label Description Associations The name of the associated interface Admin The administrative state of the interface 7705 SAR OS Router Configuration Guide...
Page 152: Table 14 Show Dhcp Server Declined Addresses Output Fields
PPoe User Name/ The PPoE user name or Option 82 circuit ID Option 82 Circuit ID PPoE user names are not supported on the 7705 SAR Subnet The subnet of the DHCP address pool 7705 SAR OS Router Configuration Guide...
Page 153 Sample Output *A:ALU-1# show router dhcp local-dhcp-server local1 free-addresses pool p1 =============================================================================== Free addresses =============================================================================== IP Address Fail Ctrl ------------------------------------------------------------------------------- 10.0.0.0 local 10.0.0.1 local 10.0.0.2 local ------------------------------------------------------------------------------- No. of free addresses: 3 =============================================================================== *A:ALU-1# 7705 SAR OS Router Configuration Guide...
Page 154: Table 15 Show Dhcp Server Free Addresses Output Fields
Table 15: Show DHCP Server Free Addresses Output Fields Label Description IP Address The free IP address Fail Ctrl The failure control Failure control is not supported on the 7705 SAR leases Syntax leases ip-address[/mask] [detail] Context show>router>dhcp>local-dhcp-server Description This command displays the DHCP leases.
Page 155 Description (Continued) PPoE user name/Opt82 The PPoE user name or Option 82 circuit ID Circuit Id PPoE user names are not supported on the 7705 SAR User-db-hostname The user database hostname User databases are not supported on the 7705 SAR...
Page 156: Table 17 Show Dhcp Server Statistics Output Fields
DHCP server that were ignored by the clients Leases Timed Out The number of DHCP leases that timed out without renewal Dropped Bad Packet The number of DHCP packets received that were corrupt 7705 SAR OS Router Configuration Guide...
Page 157 Database server was not equal to the default value and a local user database with that name could not be found. This is not supported on the 7705 SAR. Dropped Unknown The number of DHCP packets dropped from hosts that were not found...
Page 158 Sample Output *A:ALU-1# show router dhcp local-dhcp-server local1 subnet-stats pool p1 =============================================================================== Statistics for pool p1 =============================================================================== Subnet Free Offered Stable FRPending RemPending Declined ------------------------------------------------------------------------------- 192.168.100.0/24 ------------------------------------------------------------------------------- No. of entries: 1 =============================================================================== *A:ALU-1# 7705 SAR OS Router Configuration Guide...
Page 159: Table 18 Show Dhcp Server Subnet Statistics Output Fields
Use gateway IP address : enabled Send force-renewals : disabled ------------------------------------------------------------------------------- Pool name : p1 ------------------------------------------------------------------------------- Subnet Free Stable Declined Offered Remove-pending ------------------------------------------------------------------------------- 2.0.0.0/8 16384 Totals for pool 16384 ------------------------------------------------------------------------------- Totals for server 16384 ------------------------------------------------------------------------------- Associations Admin 7705 SAR OS Router Configuration Guide...
Page 160: Table 19 Show Dhcp Server Summary Output Fields
The administrative state of the interface servers Syntax servers Context show>router>dhcp Description This command lists the local DHCP servers. Output The following output is an example of DHCP server information, and Table 20 describes the fields. 7705 SAR OS Router Configuration Guide...
Page 161: Table 20 Show Dhcp Server Output Fields
[interface ip-int-name | ip-address] Context show>router>dhcp show>router>dhcp6 Description This command displays statistics for DHCP Relay and DHCPv6 Relay. If no interface name or IP address is specified, then all configured interfaces are displayed. 7705 SAR OS Router Configuration Guide...
Page 162: Table 21 Show Dhcp Statistics Output Fields
The number of packets from the DHCP client that were forwarded Server Packets Discarded The number of packets from the DHCP server that were discarded Server Packets Relayed The number of packets from the DHCP server that were forwarded 7705 SAR OS Router Configuration Guide...
Page 163 21 Client message type not supported in pfx delegation 22 Nbr of addrs or pfxs exceeds allowed max (128) in msg 23 Unable to resolve client's mac address 24 The Client was assigned an illegal address 25 Illegal msg encoding ========================================================================== *A:ALU-1# 7705 SAR OS Router Configuration Guide...
Page 164: Table 22 Show Dhcpv6 Statistics Output Fields
------------------------------------------------------------------------------- vprn_interface Keep Down sap:1/5/2 ------------------------------------------------------------------------------- Interfaces: 1 =============================================================================== *A:ALU-48# Table 23: Show DHCP Summary Output Fields Label Description DHCP Summary (Router: Base) Interface Name SapID/ The name of the interface or SAP/SDP identifier 7705 SAR OS Router Configuration Guide...
Page 165: Table 24 Show Dhcpv6 Summary Output Fields
Table 24: Show DHCPv6 Summary Output Fields Label Description DHCP Summary (Router: Base) Interface Name SapID The name of the interface or SAP/SDP identifier Nbr Resol. Yes — neighbor resolution (discovery) is enabled No — neighbor resolution (discovery) is disabled 7705 SAR OS Router Configuration Guide...
Page 166: Table 25 Show Ecmp Settings Output Fields
Router ECMP =============================================================================== Instance Router Name ECMP Configured-ECMP-Routes ------------------------------------------------------------------------------- Base True =============================================================================== Table 25: Show ECMP Settings Output Fields Label Description Instance The router instance number Router Name The name of the router instance 7705 SAR OS Router Configuration Guide...
Page 167 — displays the peers that are IPv6-capable ip-prefix/prefix-length — displays FIB entries only matching the specified IP prefix and prefix length Values ipv4-prefix a.b.c.d (host bits must be 0) ipv4-prefix-length 0 to 32 7705 SAR OS Router Configuration Guide...
Page 168: Table 26 Show Fib Output Fields
=============================================================================== *A:ALU-A# Table 26: Show FIB Output Fields Label Description Active The number of active entries in the FIB for each type of route Total The total number of active entries in the FIB 7705 SAR OS Router Configuration Guide...
Page 169 Neighbor Solicits Neighbor Advertisements : 0 ------------------------------------------------------------------------------- Sent Total Errors Destination Unreachable : 0 Redirects Time Exceeded Pkt Too Big Echo Request Echo Reply Router Solicits Router Advertisements Neighbor Solicits Neighbor Advertisements : 0 =============================================================================== 7705 SAR OS Router Configuration Guide...
Page 170: Table 27 Show Icmpv6 Output Fields
The following output is an example of ICMPv6 interface information, and Table 28 describes the fields. Sample Output *A:ALU-A# show router icmp6 interface toSAR_131_121 =============================================================================== Interface ICMPv6 Stats =============================================================================== =============================================================================== Interface "toSAR_131_121" ------------------------------------------------------------------------------- Received Total Errors 7705 SAR OS Router Configuration Guide...
Page 171: Table 28 Show Icmpv6 Interface Output Fields
The number of packets that exceeded the appropriate size Echo Reply The number of echo replies Router Advertisements The number of times that the router advertised its location Neighbor The number of times that the neighbor router advertised its location Advertisements 7705 SAR OS Router Configuration Guide...
Page 172 IP interface information (Sample Output (summary), Table • detailed IP interface information (Sample Output (detail), Table • statistics IP interface information (Sample Output (statistics), Table • security IP interface information (Sample Output (statistics), Table 7705 SAR OS Router Configuration Guide...
Page 173: Table 29 Show Standard Ip Interface Output Fields
Down — the IP interface is operationally disabled Up — the IP interface is operationally enabled Mode Network — the IP interface is a network/core IP interface Port/SapId The port or SAP that the interface is bound to 7705 SAR OS Router Configuration Guide...
Page 174: Table 30 Show Summary Ip Interfaces Output Fields
SNTP B.Cast : False QoS Policy Queue-group : None MAC Address Arp Timeout : 14400 IP Oper MTU : 1554 ICMP Mask Reply : True Arp Populate : Disabled LdpSyncTimer : None Strip-Label : Disabled 7705 SAR OS Router Configuration Guide...
Page 175 Other Discards B*: 0 Tx V6 Pkts Tx V6 Bytes Tx V6 Discard Pk*: 0 Tx V6 Discard Byt*: 0 FltrActionDrop *: 0 FltrActionDrop B*: 0 Other Discards *: 0 Other Discards B*: 0 7705 SAR OS Router Configuration Guide...
Page 176 Peer Sec DNS Addr: Not configured DHCP CLIENT Details DHCP Client :Disabled client-id: n/a vendor-id: n/a ------------------------------------------------------------------------------- Qos Details ------------------------------------------------------------------------------- Egr Queue Pol : policy_8 Egr Agg RateLimit: max Egr Agg Cir : 0 Kbps ------------------------------------------------------------------------------- 7705 SAR OS Router Configuration Guide...
Page 177: Table 31 Show Detailed Ip Interface Output Fields
The IPv6 address and subnet mask length of the IP interface. Possible interface states are: PREFERRED (up), TENTATIVE (during duplicate address detection), DUPLICATE (another interface on the link has the same address), and UNAVAILABLE (for example, the port is down) 7705 SAR OS Router Configuration Guide...
Page 178 Strip-Label Indicates that the strip label is enabled or disabled LSR Load Balance Indicates the LSR load balance TEID Load Balance Indicates whether the tunnel endpoint ID (TEID) load balance is enabled or disabled 7705 SAR OS Router Configuration Guide...
Page 179 Inv Mcast Addr B* Directed Bcast * The number of directed broadcast packets or bytes discarded on the interface when the interface is not enabled for directed broadcast Directed Bcast B* packets Applies to IPv4 only 7705 SAR OS Router Configuration Guide...
Page 180 The number of IPv6 packets or bytes received on the interface. This output field may display N/A for spoke SDP and routed VPLS Rx V6 Bytes interfaces due to MPLS packets not contributing to this statistics counter. 7705 SAR OS Router Configuration Guide...
Page 181 MPLS packets not contributing to this statistics counter. Tx V6 Discard Pk* The number of IPv6 transmit packets or bytes discarded on the interface. Tx V6 Discard Byt* Tx V4 Discard Pk* for field descriptions 7705 SAR OS Router Configuration Guide...
Page 182 Proxy ARP Details Rem Proxy ARP Indicates whether remote proxy ARP is enabled or disabled Local Proxy ARP Indicates whether local proxy ARP is enabled or disabled Policies Specifies the policy statement(s) applied to proxy ARP 7705 SAR OS Router Configuration Guide...
Page 183 The maximum number (Number) of ICMP TTL expired messages the IP interface will issue in a given period of time, in seconds Disabled — indicates the IP interface will not generate ICMP TTL expired messages 7705 SAR OS Router Configuration Guide...
Page 184 The number of packets and octets forwarded by the queue for out-of- profile and best-effort traffic Out Profile dropped The number of packets and octets dropped by the queue for out-of- profile and best-effort traffic 7705 SAR OS Router Configuration Guide...
Page 185 Other Discards B*: 0 Tx V6 Pkts Tx V6 Bytes Tx V6 Discard Pk*: 0 Tx V6 Discard Byt*: 0 FltrActionDrop *: 0 FltrActionDrop B*: 0 Other Discards *: 0 Other Discards B*: 0 ------------------------------------------------------------------------------- 7705 SAR OS Router Configuration Guide...
Page 186 ------------------------------------------------------------------------------- Rx Queue CTL Packets Bytes Forwarded Dropped ------------------------------------------------------------------------------- =============================================================================== * indicates that the corresponding row element may have been truncated. *A-ALU-1# Table 31 for field descriptions of the show router interface security command. 7705 SAR OS Router Configuration Guide...
Page 187 Neighbor Table (Router: Base) =============================================================================== IPv6 Address Interface MAC Address State Expiry Type ------------------------------------------------------------------------------- FE80::203:FAFF:FE78:5C88 net1_1_2 00:16:4d:50:17:a3 STALE 03h52m08s Dynamic FE80::203:FAFF:FE81:6888 net1_2_3 00:03:fa:1a:79:22 STALE 03h29m28s Dynamic ------------------------------------------------------------------------------- No. of Neighbor Entries: 2 =============================================================================== *A:ALU-A# 7705 SAR OS Router Configuration Guide...
Page 188: Table 32 Show Ipv6 Neighbor Output Fields
— specifies the type of routing information to be distributed by this peer group Values ipv4 — displays the routes that have the IPv4 family enabled, excluding IP-VPN routes ipv6 — displays the routes that are IPv6-capable, including IPv6 static routes 7705 SAR OS Router Configuration Guide...
Page 189 ------------------------------------------------------------------------------- No. of Routes: 1 *A:ALU-A# show router route-table protocol ospf =============================================================================== Route Table (Router: Base) =============================================================================== Dest Prefix Type Proto Pref Next Hop[Interface Name] Metric ------------------------------------------------------------------------------- 10.10.0.1/32 Remote OSPF 65844 10.10.13.1 ------------------------------------------------------------------------------- 7705 SAR OS Router Configuration Guide...
Page 190: Table 33 Show Standard Route Table Output Fields
[0 to FFFF]H d: [0 to 255]D prefix-length 0 to 128 conflicts — displays router advertisement conflicts Output The following output is an example of router advertisement information, and Table 34 describes the fields. 7705 SAR OS Router Configuration Guide...
Page 191: Table 34 Show Router Advertisement Output Fields
The number of router advertisements received Rtr Solicitation Rx The number of router solicitation messages received Nbr Advertisement Rx The number of neighbor advertisements received Nbr Solicitation Rx The number of neighbor solicitation messages received 7705 SAR OS Router Configuration Guide...
Page 192 Syntax static-arp [ip-address | ip-int-name | mac ieee-mac-addr] Context show>router Description This command displays the router static ARP table sorted by IP address. If no options are present, all ARP entries are displayed. 7705 SAR OS Router Configuration Guide...
Page 193: Table 35 Show Static Arp Table Output Fields
The age of the ARP entry. Static ARPs always have 00:00:00 for the age. Type Inv — the ARP entry is an inactive static ARP entry (invalid) Sta — the ARP entry is an active static ARP entry 7705 SAR OS Router Configuration Guide...
Page 194 (host bits must be 0) ipv4-prefix-length 0 to 32 Values ipv6-prefix x:x:x:x:x:x:x:x (eight 16-bit pieces) x:x:x:x:x:x:d.d.d.d x: [0 to FFFF]H d: [0 to 255]D ipv6-prefix-length {0 to 128} | {0 to 64 | 128} 7705 SAR OS Router Configuration Guide...
Page 195: Table 36 Show Static Route Table Output Fields
NH — The route is a static route with a directly connected next hop. The next hop for this type of route is either the next-hop IP address or an egress IP interface name. 7705 SAR OS Router Configuration Guide...
Page 196 Admin State Oper State ---------------------------------------------------------------- Router OSPFv2-0 ISIS MPLS RSVP Down Down Max IPv4 Routes No Limit Max IPv6 Routes No Limit Total IPv4 Routes Total IPv6 Routes ECMP Max Routes Triggered Policies ================================================================ *A:ALU-1# 7705 SAR OS Router Configuration Guide...
Page 197: Table 37 Show Router Status Output Fields
— displays LDP protocol information sdp-id — displays information about the specified SDP summary — displays summary tunnel table information Output The following output is an example of tunnel table information, and Table 38 describes the fields. 7705 SAR OS Router Configuration Guide...
Page 198: Table 38 Show Tunnel Table Output Fields
The tunnel encapsulation type TunnelID The tunnel (SDP) identifier Pref The route preference for routes learned from the configured peer(s) Nexthop The next hop for the route’s destination Metric The route metric value for the route 7705 SAR OS Router Configuration Guide...
Page 199: Clear Commands
— clears the statistics for the specified interface name Values 32 characters maximum ip-address — clears the statistics for the specified IP address Values a.b.c.d Syntax Context clear>router Description This command enables the context to clear bidirectional forwarding (BFD) sessions and statistics. 7705 SAR OS Router Configuration Guide...
Page 200 This command enables the context to clear and reset DHCP entities. local-dhcp-server Syntax local-dhcp-server server-name Context clear>router>dhcp Description This command clears DHCP server data. Parameters server-name — the name of a local DHCP server 7705 SAR OS Router Configuration Guide...
Page 201 — the subnet mask in Classless Inter-Domain Routing (CIDR) notation, expressed as a decimal integer Values 0 to 32 offered — clears leases that are in the offered state server-stats Syntax server-stats Context clear>router>dhcp>local-dhcp-server Description This command clears all DHCP server statistics. 7705 SAR OS Router Configuration Guide...
Page 202 Description This command clears ICMPv6 statistics. If an interface name is specified, statistics are cleared only for that interface. Parameters all — all statistics global — global statistics interface-name — 32 characters maximum 7705 SAR OS Router Configuration Guide...
Page 203 [0 to FFFF]H d: [0 to 255]D ip-int-name — an IPv6 neighbor interface name, 32 characters maximum router-advertisement Syntax router-advertisement all router-advertisement [interface interface-name] Context clear>router Description This command clears router advertisement counters. 7705 SAR OS Router Configuration Guide...
Page 204 IP Router Command Reference If an interface name is specified, counters are cleared only for that interface. Parameters all — all interfaces interface-name — 32 characters maximum 7705 SAR OS Router Configuration Guide...
Page 205: Debug Commands
[function function-name] Context debug>trace Description This command adds trace points. The no form of the command removes the trace points. router Syntax router router-instance Context debug Description This command configures debugging for a router instance. 7705 SAR OS Router Configuration Guide...
Page 206 This command enables the context for DHCP debugging. detail-level Syntax detail-level {low | medium | high} no detail-level Context debug>router>ip>dhcp debug>router>local-dhcp-server Description This command enables debugging for the DHCP tracing detail level. The no form of the command disables debugging. 7705 SAR OS Router Configuration Guide...
Page 207 Parameters ip-int-name — only debugs the specified IP interface Values 32 characters maximum interface Syntax [no] interface [ip-int-name | ip-address] Context debug>router>ip Description This command enables or disables debugging for virtual interfaces. 7705 SAR OS Router Configuration Guide...
Page 208 — only debugs the specified IPv4 or IPv6 address Values ipv4-address a.b.c.d ipv6-address x:x:x:x:x:x:x:x (eight 16-bit pieces) x:x:x:x:x:x:d.d.d.d x: [0 to FFFF]H d: [0 to 255]D headers — only debugs the packet header 7705 SAR OS Router Configuration Guide...
Page 209 {0 to 128} | {0 to 64 | 128} longer — specifies that the prefix list entry matches any route that matches the specified ip-prefix and prefix-length values greater than the specified prefix-length 7705 SAR OS Router Configuration Guide...
Page 210 32 characters maximum ip-address — specifies a leased IP address in dotted-decimal notation Values a.b.c.d (host bits must be 0) ieee-address — specifies a leased MAC address Values xx:xx:xx:xx:xx:xx or xx-xx-xx-xx-xx-xx (cannot be all zeros) 7705 SAR OS Router Configuration Guide...
Page 211: Vrrp
Topics in this chapter include: • VRRP Overview • VRRP Components • VRRP Priority Control Policies • VRRP Non-owner Accessibility • VRRP Configuration Process Overview • Configuration Notes • Configuring VRRP with CLI • VRRP Command Reference 7705 SAR OS Router Configuration Guide...
Page 212: Vrrp Overview
Figure 7: VRRP Configuration Internet or Private Network Backup Master Backup Non-Owner Owner Non-Owner ALU-1 ALU-2 ALU-3 VRID 100 VRID 100 VRID 100 Priority 200 Priority 255 Priority 150 Virtual Router ID (VRID) Hosts 23231 7705 SAR OS Router Configuration Guide...
Page 213: Vrrp Components
This is a common mechanism that allows multiple local subnet attachments on a single routing interface. Up to four virtual routers are configurable on a single 7705 SAR interface. The virtual routers must be in the same subnet. Each virtual router has its own VRID, state machine, and messaging instance.
Page 214: Primary Address
IP address as the source of the IP packet. A 7705 SAR IP interface must always have a primary IP address assigned for VRRP to be active on the interface. The 7705 SAR supports primary addresses and multi-netting on the IP interface.
Page 215: Owner And Non-Owner Vrrp
VRID configured. VRRP on a 7705 SAR router can be configured to allow non-owners to respond to ICMP echo requests if they become the virtual router master for the virtual router. Telnet and other connection-oriented protocols can be configured for non-owner master response.
Page 216: Vrid
The priority is also used to determine when to preempt the existing master. If the preempt mode value is true, VRRP advertisement messages from inferior (lower-priority) masters are discarded, causing the master down timer to expire and the higher-priority backup router to transition to the master state. 7705 SAR OS Router Configuration Guide...
Page 217: Ip Addresses
The inheritance is only configurable in the non-owner context. It is used to allow the current virtual router master to dictate the master down timer for all virtual router backups. 7705 SAR OS Router Configuration Guide...
Page 218: Master Down Interval
Preempt mode cannot be set to false on the owner virtual router.The IP address owner always becomes master if available. The default value for preempt mode is true. 7705 SAR OS Router Configuration Guide...
Page 219: Vrrp Message Authentication
VRRP messages contain an IP address count field that indicates the number of IP addresses listed in the sequential IP address fields at the end of the message. The 7705 SAR implementation always logs mismatching events. The decision on where and whether to forward the generated messages depends on the configuration of the event manager.
Page 220: Policies
Policies can be configured to control VRRP priority with the virtual router instance. A policy can be associated with more than one virtual router instance. Policies can only be configured in the non-owner VRRP context. 7705 SAR OS Router Configuration Guide...
Page 221: Vrrp Priority Control Policies
The base priority is used to derive the in-use priority of the virtual router instance as modified by any optional VRRP priority control policy. VRRP priority control policies are used to either override or adjust the base priority value depending on events or conditions within the chassis. 7705 SAR OS Router Configuration Guide...
Page 222: Vrrp Priority Control Policy In-Use Priority
The result is the in-use priority for the virtual router instance. Any priority event can be configured as an explicit event or a delta event. 7705 SAR OS Router Configuration Guide...
Page 223: Priority Event Hold-Set Timers
If the port operational state is up, the port down priority event is considered false or cleared. If the port operational state is down, the port down priority event is considered true or set. 7705 SAR OS Router Configuration Guide...
Page 224: Host Unreachable Priority Event
If a route prefix does not exist within the active route table that matches the defined criteria, the route unknown priority event is considered true or set. 7705 SAR OS Router Configuration Guide...
Page 225: Vrrp Non-Owner Accessibility
VRRP Non-owner Accessibility Although only VRRP owners can respond to ping and other management-oriented protocols directed to the VRID IP addresses, the 7705 SAR allows an override of this restraint on a per-VRRP virtual router instance basis. This section contains information on the following topics: •...
Page 226: Non-Owner Access Ssh
IP address. SSH is applicable to IPv4 VRRP only. If non-owner access SSH is disabled on a virtual router instance, SSH sessions destined for the non-owner virtual router instance IP addresses are silently discarded in both master and backup modes. 7705 SAR OS Router Configuration Guide...
Page 227: Vrrp Configuration Process Overview
CONFIGURE VRRP PRIORITY CONTROL POLICIES (optional) CONFIGURE IES/VPRN SERVICE CONFIGURE INTERFACE SPECIFY ADDRESS, SECONDARY ADDRESS(ES) CONFIGURE VRRP OWNER/NON-OWNER INSTANCE SPECIFY BACKUP IP ADDRESS(ES) CONFIGURE VRRP PARAMETERS APPLY VRRP PRIORITY CONTROL POLICIES (optional) ENABLE 23230 7705 SAR OS Router Configuration Guide...
Page 228: Configuration Notes
→ the virtual backup IP address(es) must be on the same subnet. The backup addresses explicitly define which IP addresses are in the VRRP message IP address list. → in owner mode, the backup IP address must be identical to one of the interface IP addresses 7705 SAR OS Router Configuration Guide...
Page 229: Configuring Vrrp With Cli
VRRP Configuring VRRP with CLI This section provides information to configure VRRP using the command line interface. • VRRP Configuration Overview • Basic VRRP Configurations • Common Configuration Tasks • Configuring IES/VPRN VRRP Parameters 7705 SAR OS Router Configuration Guide...
Page 230: Vrrp Configuration Overview
• the service customer account must be created prior to configuring an IES or VPRN VRRP instance • the interface address must be specified in both the owner and non-owner IES or VPRN instances 7705 SAR OS Router Configuration Guide...
Page 231: Basic Vrrp Configurations
---------------------------------------------- delta-in-use-limit 50 priority-event port-down 4/1/2 hold-set 43200 priority 100 delta exit port-down 4/1/3 priority 200 explicit exit host-unreachable 10.10.24.4 drop-count 25 exit route-unknown 10.10.0.0/32 priority 50 delta protocol bgp exit exit ---------------------------------------------- 7705 SAR OS Router Configuration Guide...
Page 232: Deleting A Vrrp Policy
For IPv4, up to two VRIDs can be configured on an IES service interface. Each virtual router instance can manage up to eight backup IP addresses. VRRP parameters configured within an IES service must include the following: • vrid • virtual backup IP address(es) 7705 SAR OS Router Configuration Guide...
Page 233 7/1/1:100 create vrrp 19 owner backup 10.10.36.2 authentication-key "testabc" exit exit interface "testing" create address 10.10.10.16/24 sap 1/1/55:0 create vrrp 12 backup 10.10.10.15 policy 1 authentication-key "testabc" exit exit no shutdown ---------------------------------------------- config>service>ies# 7705 SAR OS Router Configuration Guide...
Page 234: Common Configuration Tasks
• • message-interval In addition to the common parameters, the following non-owner commands can be configured: • master-int-inherit • priority • policy • ping-reply • preempt • telnet-reply • ssh-reply • [no] shutdown 7705 SAR OS Router Configuration Guide...
Page 235: Configuring Ies/Vprn Vrrp Parameters
The following displays an IES interface configuration example: config>service>ies# info #------------------------------------------ interface "test-A" create address 123.123.123.123/24 exit interface "testB" create address 123.123.123.123/24 exit interface "testB" address 10.10.14.1/24 secondary 10.10.16.1/24 secondary 10.10.17.1/24 secondary 10.10.18.1/24 exit no shutdown 7705 SAR OS Router Configuration Guide...
Page 236: Non-Owner Vrrp
If a VRRP instance is created as owner, it cannot be changed to the non-owner state. The VRID must be deleted and then recreated without the owner keyword to remove IP address ownership. 7705 SAR OS Router Configuration Guide...
Page 237: Deleting Vrrp On A Service
The VRID does not need to be shut down to remove the virtual router instance from a service. The following example displays the command usage to delete a VRRP instance in non-owner mode from an IES service: Example: config>service# ies 10 config>service>ies# interface test config>service>ies>if# no vrrp 1 config>service>ies>if# exit all 7705 SAR OS Router Configuration Guide...
Page 238 Configuring IES/VPRN VRRP Parameters 7705 SAR OS Router Configuration Guide...
Page 239: Vrrp Command Reference
VRRP VRRP Command Reference Command Hierarchies • VRRP Priority Control Event Policy Commands • VRRP Show Commands • VRRP Monitor Commands • VRRP Clear Commands • VRRP Debug Commands 7705 SAR OS Router Configuration Guide...
Page 240: Vrrp Priority Control Event Policy Commands
— less-specific [allow-default] — no less-specific — [no]next-hop ip-address — priority priority-level {delta | explicit} — no priority — protocol {bgp | bgp-vpn | isis | ospf | rip | static} — no protocol 7705 SAR OS Router Configuration Guide...
Page 241: Vrrp Show Commands
[vrid virtual-router-id] ipv6 — statistics [interface interface-name [vrid virtual-router-id]] ipv6 VRRP Debug Commands debug — router — vrrp — events [interface interface-name [vrid virtual-router-id]] ipv6 — packets [interface interface-name [vrid virtual-router-id]] ipv6 7705 SAR OS Router Configuration Guide...
Page 242: Command Descriptions
VRRP Command Reference Command Descriptions • Configuration Commands • VRRP Show Commands • VRRP Monitor Commands • VRRP Clear Commands • VRRP Debug Commands 7705 SAR OS Router Configuration Guide...
Page 243: Configuration Commands
VRRP Configuration Commands • VRRP Priority Control Event Policy Commands • VRRP Priority Event Commands 7705 SAR OS Router Configuration Guide...
Page 244 — specifies the service ID to which the policy applies. A value of 0 means that this policy does not apply to a service but applies to the base router instance. Values 1 to 2147483647 7705 SAR OS Router Configuration Guide...
Page 245 Values 1 to 254 7705 SAR OS Router Configuration Guide...
Page 246 — specifies the description character string. Allowed values are any string up to 80 characters long composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, etc.), the entire string must be enclosed within double quotes. 7705 SAR OS Router Configuration Guide...
Page 247 No ARP address found for IP address for drop-count consecutive attempts. Only applies when IP address is considered local. Set – no route No route exists for IP address for drop-count consecutive attempts. Only applies when IP address is considered remote. 7705 SAR OS Router Configuration Guide...
Page 248 When the event is deleted, the in-use priority of all associated virtual router instances must be re-evaluated. The event hold-set timer has no effect on the removal procedure. Default no host-unreachable 7705 SAR OS Router Configuration Guide...
Page 249 – non-provisioned • set – not-populated • set – down • cleared – up When the port is provisioned, populated, or enters the operationally up or down state, the event operational state is updated appropriately. 7705 SAR OS Router Configuration Guide...
Page 250 Context config>vrrp>policy>priority-event Description This command creates a context to configure a route unknown priority control event that monitors the existence of a specific active IP route prefix within the routing table. 7705 SAR OS Router Configuration Guide...
Page 251 This timer prevents the event from clearing until it expires, damping the effect of event flapping. If the event clears and becomes set again before the hold-set timer expires, the timer is reset to the hold-set value, extending the time before another clear can take effect. 7705 SAR OS Router Configuration Guide...
Page 252 This command specifies the amount of time that must pass before the set state for a VRRP priority control event can transition to the cleared state to dampen flapping events. A flapping event continually transitions between clear and set. 7705 SAR OS Router Configuration Guide...
Page 253 7705 SAR OS Router Configuration Guide...
Page 254 The event hold-set value defines how long the event must stay in the set state even when a successful message attempt clears the consecutive drop counter. The event is not cleared until the consecutive drop counter is less than the drop-count value and the hold-set timer has a value of 0 (expired). 7705 SAR OS Router Configuration Guide...
Page 255 If the timeout value is larger than the interval value, multiple ICMP echo request messages can be outstanding. Every ICMP echo request message transmitted to the far-end host is tracked individually according to the message identifier and sequence number. 7705 SAR OS Router Configuration Guide...
Page 256 The less-specific command modifies the search parameters for the IP route prefix specified in the route-unknown priority event. Using this command allows a CIDR shortest-match hit on a route prefix that contains the IP route prefix. 7705 SAR OS Router Configuration Guide...
Page 257 IP address does not exist, the no next-hop command returns a warning message, but continues to execute if part of the exec script. The default value specifies that no next-hop IP address for the route-unknown priority control event is defined. Default no next-hop 7705 SAR OS Router Configuration Guide...
Page 258 If the protocol command is executed without the bgp keyword, a returned route prefix with a source of BGP is not considered a match and causes the event to enter the set state. 7705 SAR OS Router Configuration Guide...
Page 259 If the protocol command is executed without the static keyword, a returned route prefix with a source of static route is not considered a match and causes the event to enter the set state. 7705 SAR OS Router Configuration Guide...
Page 260: Vrrp Show Commands
Policy event route-unknown summary (Sample Output) • Summary of policy output fields (Table Sample Output show vrrp policy 1 *A:7705:Dut-A # show vrrp policy 1 =============================================================================== VRRP Policy 1 =============================================================================== Description Current Priority: 120 Delta Applied : Yes Current Explicit: None...
Page 261 Route Unknown 20.20.20.3/32 Set-NonExistant Expired 120 Del =============================================================================== Sample Output show vrrp policy 1 event port-down *A:7705:Dut-A# show vrrp policy 1 event port-down 1/1/8 =============================================================================== VRRP Policy 1, Event Port Down 1/1/8 =============================================================================== Description Current Priority: None Applied : Yes...
Page 262 Previous State : Cleared Last Transition : 01/21/2013 16:38:27 =============================================================================== Sample Output show vrrp policy 1 event host-unreachable *A:7705:Dut-A# show vrrp policy 1 event host-unreachable 20.20.20.3 =============================================================================== VRRP Policy 1, Event Host Unreachable 20.20.20.3 =============================================================================== Description Current Priority: None Applied...
Page 263: Table 39 Show Vrrp Policy And Policy Event Summary Output Fields
VRRP Sample Output show vrrp policy 1 event route-unknown *A:7705:Dut-A#show vrrp policy 1 event route-unknown 20.20.20.3/32 =============================================================================== VRRP Policy 1, Event Route Unknown 20.20.20.3/32 =============================================================================== Description Current Priority: 120 Delta Applied : Yes Current Explicit: None Current Delta Sum : 120...
Page 264 Explicit events override all delta events. When multiple explicit events occur simultaneously, the event with the lowest priority value defines the in-use priority. vrrp Syntax vrrp Context show>router>vrrp Description This command displays information for the VRRP instance. 7705 SAR OS Router Configuration Guide...
Page 265 The following output is an example of a router VRRP instance summary information, and Table 40 describes the fields. Sample Output show router vrrp instance interface n2 vrid 1 *A:7705:Dut-A# show router 10 vrrp instance interface vrrpMasNode vrid 10 =============================================================================== VRRP Instance 10 for interface "vrrpMasNode" =============================================================================== Owner...
Page 266: Table 40 Show Router Vrrp Instance Summary Output Fields
The date and time when operational state of the virtual router changed to master. For a backup outer, this value specifies the date and time when it received the first VRRP message from the virtual router which is the current master. 7705 SAR OS Router Configuration Guide...
Page 267 This command displays statistics for the VRRP instance. Output The following output is an example of VRRP statistics information. Sample Output *A:7705custDoc:Sar18>show>router>vrrp# statistics =============================================================================== VRRP Global Statistics =============================================================================== VR Id Errors Version Errors Checksum Errors =============================================================================== *A:7705custDoc:Sar18>show>router>vrrp# 7705 SAR OS Router Configuration Guide...
Page 268: Vrrp Monitor Commands
Monitor statistics for VRRP Instance 10 on interface "vrrpMasNode" =============================================================================== ------------------------------------------------------------------------------- At time t = 0 sec (Base Statistics) ------------------------------------------------------------------------------- Become Master Master Changes Adv Sent Adv Received Pri Zero Pkts Sent Pri Zero Pkts Rcvd: 0 7705 SAR OS Router Configuration Guide...
Page 269 Mesg Intvl Discards : 0 Mesg Intvl Errors : 0 Addr List Discards Addr List Errors Auth Type Mismatch Auth Failures Invalid Auth Type Invalid Pkt Type IP TTL Errors Pkt Length Errors : 0 Total Discards 7705 SAR OS Router Configuration Guide...
Page 270: Vrrp Clear Commands
— clears the VRRP statistics for all VRRP instances on the specified IES/VPRN interface virtual-router-id — specifies the virtual router identifier Values 1 to 255 ipv6 — clears IPv6 statistics for the specified IES interface 7705 SAR OS Router Configuration Guide...
Page 271: Vrrp Debug Commands
This command enables or disables debugging for VRRP packets. Parameters interface-name — specifies the interface name virtual-router-id — specifies the virtual router identifier Values 1 to 255 ipv6 — debugs the specified IPv6 IES packets 7705 SAR OS Router Configuration Guide...
Page 272 VRRP Command Reference 7705 SAR OS Router Configuration Guide...
Page 273: Filter Policies
In This Chapter This chapter provides information about filter policies and management. Topics in this chapter include: • Configuring Filter Policies • Configuration Notes • Configuring Filter Policies with CLI • Filter Command Reference 7705 SAR OS Router Configuration Guide...
Page 274: Configuring Filter Policies
“drop” or “forward”). The 7705 SAR supports four types of filter policies: IP filters, MAC filters, VLAN filters, and CSM filters. The 7705 SAR also supports policy-based routing (PBR), which is based on IP filters, and multi-field classification (MFC).
Page 275 Ingress filters affect only incoming packets regardless of whether the packets need to be forwarded to a downstream router or are destined for the 7705 SAR. IPv6 filters can be applied to the following entities: •...
Page 276: Network And Service (Access) Interface-Based Filtering
Configuring Filter Policies CSM Filters The 7705 SAR supports IPv4 and IPv6 CSM filters. For information on CSM filters, refer to the 7705 SAR OS System Management Guide, “CSM Filters and CSM Security”. Network and Service (Access) Interface-based Filtering IP and MAC filter policies specify either a forward or a drop action for packets, based on information specified in the match criteria.
Page 277: Policy-Based Routing
Figure 9 illustrates a PBR implementation for VPRN services in an LTE network, and includes CLI command syntax. The 7705 SAR-8 at the cell site makes routing decisions based on the incoming packet DSCP only, as follows: •...
Page 278: Figure 9 Pbr Filtering Based On The Dscp Of Incoming Packets
SDP, or mesh SDP); however, the PBR action is ignored (not performed). PBR is supported on the private IPSec service (VPRN). For more information on IPSec and PBR, refer to the “PBR” section in the “7705 SAR OS Services Guide”. 7705 SAR OS Router Configuration Guide...
Page 279: Multi-Field Classification (Mfc)
If the ACL action is forward fc, a match results in the assignment of the corresponding configured Forwarding Class (FC). This FC is used for queuing of the packet through the 7705 SAR. The match can be based on any IP criteria currently supported by the 7705 SAR IP filter policies.
Page 280: Vlan-Based Filtering
The number of VLAN filters that can be created depends on the memory available on the 2-port 10GigE (Ethernet) Adapter card or 2-port 10GigE (Ethernet) module. The 7705 SAR does not support filter logging or statistics collection for VLAN filters. Filter Policy Entries Topics in this section include: •...
Page 281: Applying Filter Policies
Figure 10 shows the process to create filter policies and apply them to a network interface. 7705 SAR OS Router Configuration Guide...
Page 282: Packet Matching Criteria
If no match is found, the default action is to drop the packet. Matching criteria for IP filters, MAC filters, and VLAN filters are described in Table Table 42, and Table 43, respectively. 7705 SAR OS Router Configuration Guide...
Page 283: Table 41 Ip Filter Policy Criteria
(for IPv4) or a source IP address and prefix length (for IPv6). The IPv4 address scheme consists of 32 bits expressed in dotted-decimal notation. The IPv6 address scheme consists of 128 bits expressed in colon-hexadecimal format. 7705 SAR OS Router Configuration Guide...
Page 284: Table 42 Mac Filter Policy Criteria
VLAN filter policies compare the matching criteria to traffic at the ingress of a ring port on the 2-port 10GigE (Ethernet) Adapter card and 2-port 10GigE (Ethernet) module. Matching criteria to drop or forward traffic are described in Table 7705 SAR OS Router Configuration Guide...
Page 285: Ordering Filter Entries
Note: By default, all created filters have a default action of drop (implicit drop). That is, if none of the entries in the filter match the packet, and a default action is not explicitly configured by the user, the packet is dropped. 7705 SAR OS Router Configuration Guide...
Page 286: Figure 11 Filtering Process Example
(SA: 10.10.10.103, DA: 10.10.10.106) Destination Address: 10.10.10.106 Action: Forward REMAINING PACKETS ARE DROPPED PER THE DEFAULT ACTION (DROP) SA: 10.10.10.103, DA: 10.10.10.107 SA: 10.10.10.103, DA: 10.10.10.108 SA: 10.10.10.192, DA: 10.10.10.16 SA: 10.10.10.155, DA: 10.10.10.21 21823 7705 SAR OS Router Configuration Guide...
Page 287: Filter Log Files
• ingress spoke SDP IPv4 filters (IES and VPRN) The 7705 SAR does not support filter logging for VLAN filters. Refer to the 7705 SAR OS System Management Guide, “Syslog”, for information on syslogs. 7705 SAR OS Router Configuration Guide...
Page 288: Configuration Notes
There are no default parameters defined for matching criteria. • Action — an action keyword must be specified for the entry to be active. Any filter entry without an action keyword specified is considered incomplete and will be inactive. 7705 SAR OS Router Configuration Guide...
Page 289: Ipv6 Filters
Some of the MAC match criteria fields are exclusive to each other, based on the type of Ethernet frame. Use Table 44 to determine the exclusivity of fields. Table 44: MAC Match Criteria Exclusivity Rules Frame Format Ethertype Ethernet – II 802.3 802.3 – snap 7705 SAR OS Router Configuration Guide...
Page 290: Vlan Filters
• The forwarding action sends packets to the other ring port or to the v-port, depending on the packet’s destination. • The 7705 SAR does not support filter logging or statistics collection for VLAN filters. Filter Logs • Summarization logging is the collection and summarization of log messages for one specific log ID within a period of time.
Page 291: Configuring Filter Policies With Cli
Configuring Filter Policies with CLI This section provides information to configure and manage filter policies using the command line interface. Topics in this section include: • Basic Configuration • Common Configuration Tasks • Filter Management Tasks 7705 SAR OS Router Configuration Guide...
Page 292: Basic Configuration
(VLAN filter policies always have a template scope) • default action (drop or forward) • at least one filter entry → specified action, either drop or forward → specified matching criteria 7705 SAR OS Router Configuration Guide...
Page 293: Common Configuration Tasks
IP Filter Policy Use the following CLI syntax to create a template IPv4 or IPv6 filter policy: CLI Syntax: config>filter# ip-filter filter-id [create] description description-string scope {exclusive | template} default-action {drop | forward} 7705 SAR OS Router Configuration Guide...
Page 294 11 create config>filter# description "filter-main" config>filter# scope exclusive CLI Syntax: config>filter# ipv6-filter ipv6-filter-id description description-string scope {exclusive | template} default-action {drop | forward} Example: config>filter# ipv6-filter 9 create config>filter# description "ipv6-filter-main" config>filter# scope exclusive 7705 SAR OS Router Configuration Guide...
Page 295: Ip Filter Entry
[drop] action forward [next-hop {ip-address | indirect ip-address}] [fc fc-name [priority low | high]] Example: config>filter# ip-filter 11 config>filter>ip-filter# entry 10 create config>filter>ip-filter>entry$ description "no-91" config>filter>ip-filter>entry$ action drop config>filter>ip-filter>entry# exit 7705 SAR OS Router Configuration Guide...
Page 296: Ip Filter Entry Matching Criteria
[ip-option-mask] multiple-option {true | false} option-present {true | false} src-ip {ip-address/mask | ip-address netmask} src-port {{lt | gt | eq} src-port-number} | {range start end} tcp-ack {true | false} tcp-syn {true | false} 7705 SAR OS Router Configuration Guide...
Page 297 {{lt | gt | eq} dst-port-number} | {range start end} icmp-code icmp-code icmp-type icmp-type src-ip {ip-address/prefix-length} src-port {{lt | gt | eq} src-port-number} | {range start end} tcp-ack {true | false} tcp-syn {true | false} 7705 SAR OS Router Configuration Guide...
Page 298: Ip Filter Entry For Pbr To A System Ip Or Loopback Address
A PBR rule can be set up to extract packets from the data path and send them to the CSM for debugging or slow path forwarding, by having the next-hop point to a system IP or loopback interface of the 7705 SAR. The extracted traffic can be rerouted to a final destination based on a RIB lookup on the CSM.
Page 299 112 create config>filter>ip-filter>entry$ action forward next-hop indirect 10.10.10.10 config>filter>ip-filter>entry# match config>filter>ip-filter>entry>match# dscp be config>filter>ip-filter>entry>match# exit A:ALU-7>config>filter>ip-filter# info ---------------------------------------------- scope exclusive entry 12 create match dscp be exit action forward next-hop indirect 10.10.10.10 exit ---------------------------------------------- A:ALU-7>config>filter>ip-filter# 7705 SAR OS Router Configuration Guide...
Page 300: Creating A Mac Filter Policy
90 create configure>filter>mac-filter# description filter-west configure>filter>mac-filter# scope exclusive configure>filter>mac-filter# default-action drop The following example displays an exclusive scope configuration. A:ALU-7>config>filter# info ---------------------------------------------- mac-filter 90 create description "filter-west" scope exclusive default-action drop exit ---------------------------------------------- A:ALU-7>config>filter# 7705 SAR OS Router Configuration Guide...
Page 301: Mac Filter Entry
104” configure>filter>mac-filter>entry# action drop configure>filter>mac-filter>entry# exit The following example displays a MAC filter entry configuration. A:sim1>config>filter# info ---------------------------------------------- mac-filter 90 create entry 1 create description "allow-104" match exit action drop exit exit ---------------------------------------------- A:sim1>config>filter# 7705 SAR OS Router Configuration Guide...
Page 302: Mac Entry Matching Criteria
The following example displays a filter matching configuration. A;ALU-7>config>filter# info ---------------------------------------------- description "filter-west" scope exclusive entry 1 create description "allow-104" match src-mac 00:dc:98:1d:00:00 ff:ff:ff:ff:ff:ff dst-mac 02:dc:98:1d:00:01 ff:ff:ff:ff:ff:ff etype 0x8100 exit action drop exit ---------------------------------------------- A:ALU-7>config>filter# 7705 SAR OS Router Configuration Guide...
Page 303: Creating A Vlan Filter Policy
{drop | forward} Example: configure>filter>vlan-filter 2 create configure>filter>vlan-filter# description VLAN_filter_2 configure>filter>vlan-filter# default-action drop The following example displays a VLAN filter configuration. A:ALU-7>config>filter# info ---------------------------------------------- vlan-filter 2 create description "VLAN_filter_2" default-action drop exit ---------------------------------------------- A:ALU-7>config>filter# 7705 SAR OS Router Configuration Guide...
Page 304: Vlan Filter Entry
104” configure>filter>vlan-filter>entry# action drop configure>filter>vlan-filter>entry# exit The following example displays a VLAN filter entry configuration. A:sim1>config>filter# info ---------------------------------------------- vlan-filter 2 create entry 2 create description "drop-104" match action drop exit exit exit ---------------------------------------------- A:sim1>config>filter# 7705 SAR OS Router Configuration Guide...
Page 305: Vlan Entry Matching Criteria
104 The following example displays a filter matching configuration. A;ALU-7>config>filter# info ---------------------------------------------- description "drop-104" entry 2 create description "drop-104" match vlan eq 104 action drop exit exit ---------------------------------------------- A:ALU-7>config>filter# 7705 SAR OS Router Configuration Guide...
Page 306: Configuring Filter Log Policies
The following example displays a filter log configuration. A:ALU-48>config>filter>log# info detail --------------------------------------------- description "Test filter log." destination memory 1000 wrap-around no shutdown --------------------------------------------- A:ALU-48>config>filter>log# 7705 SAR OS Router Configuration Guide...
Page 307: Configuring A Nat Security Profile
90 config>security# session-low-wmark 70 config>security# profile 2 create config>security>profile# name "default" config>security>profile# description "session timer check" config>security>profile# timeouts config>security>profile>timeouts# icmp-request seconds config>security>profile>timeouts# tcp-time-wait minutes config>security>profile>timeouts# exit config>security>profile# exit config>security# commit 7705 SAR OS Router Configuration Guide...
Page 308: Configuring A Nat Security Policy
{lt | gt | eq} tcp/udp port range start end icmp-code icmp-code icmp-type icmp-type src-ip ip-address to ip-address src-port {lt | gt | eq} tcp/udp port range start end 7705 SAR OS Router Configuration Guide...
Page 309 "Dest NAT" config>security>policy>entry# match local protocol udp config>security>policy>entry>match# dst-port eq 4000 config>security>policy>entry>match# exit config>security>policy>entry># limit config>security>policy>entry># exit config>security>policy>entry># action nat destination 10.10.10.1 port 4000 config>security>policy>entry># profile 2 config>security>policy>entry># exit config>security>policy># exit config>security># commit 7705 SAR OS Router Configuration Guide...
Page 310: Applying Ip And Mac Filter Policies To A Service
SAPs and spoke SDPs. (For IES SAPs, IPv6 ingress and egress filters can also be applied.) CLI Syntax: config>service# vpls service-id sap sap-id egress filter ip ip-filter-id ingress filter ip ip-filter-id filter mac mac-filter-id 7705 SAR OS Router Configuration Guide...
Page 311 1/5/5 config>service>vpls>sap# ingress filter mac 92 config>service>vpls>sap# egress filter ip 10 config>service>vpls>sap# exit config>service>vpls# mesh-sdp 15:5000 config>service>vpls>mesh-sdp# ingress filter mac 93 config>service>vpls>mesh-sdp# exit config>service>vpls# spoke-sdp 15:5001 config>service>vpls>spoke-sdp# ingress filter mac 94 config>service>vpls>spoke-sdp# exit 7705 SAR OS Router Configuration Guide...
Page 312: Applying Ip Filter Policies To Network Interfaces
Filter policies must be created before they can be applied to a network interface. Create filter policies in the config>filter context. CLI Syntax: config>router# interface ip-int-name egress filter ip ip-filter-id ingress filter ip ip-filter-id 7705 SAR OS Router Configuration Guide...
Page 313: Applying Vlan Filter Policies To A Ring Port
2-port 10GigE (Ethernet) module. The filter operates on ingress traffic. Filter policies must be created before they can be applied. Create filter policies in the config>filter context. CLI Syntax: config>port>ethernet# vlan-filter filter-id Example: config>port>ethernet# vlan-filter 2 A:ALU-48>config>port>ethernet# info #------------------------------------------ vlan-filter 2 #------------------------------------------ A:ALU-48>config>port>ethernet# 7705 SAR OS Router Configuration Guide...
Page 314: Filter Management Tasks
Removing and Deleting a Filter Policy Renumbering Filter Policy Entries The 7705 SAR OS exits the matching process when the first match is found and then executes the actions in accordance with the specified action. Because the ordering of entries is important, the numbering sequence can be rearranged.
Page 315 10.10.10.91/24 src-ip 10.10.0.100/24 exit action drop exit entry 35 create match dst-ip 10.10.10.91/24 src-ip 10.10.0.200/24 exit action forward exit entry 40 create match dst-ip 10.10.10.0/29 src-ip 10.10.10.106/24 exit action drop exit exit ---------------------------------------------- A:ALU-7>config>filter# 7705 SAR OS Router Configuration Guide...
Page 316 10.10.10.91/24 src-ip 10.10.0.10/32 exit action forward exit entry 35 create match dst-ip 10.10.10.91/24 src-ip 10.10.10.200/24 exit action forward exit entry 40 create match dst-ip 10.10.10.91/24 src-ip 10.10.0.100/24 exit action drop exit exit ---------------------------------------------- A:ALU-7>config>filter# 7705 SAR OS Router Configuration Guide...
Page 317: Modifying An Ip Filter Policy
1 create match dst-ip 10.10.10.0/29 src-ip 10.10.10.106/24 exit action drop exit entry 2 create description "new entry" match dst-ip 10.10.10.104/32 exit action drop exit entry 15 create description "no-91" match dst-ip 10.10.10.91/24 src-ip 10.10.10.10/32 7705 SAR OS Router Configuration Guide...
Page 318: Modifying A Mac Filter Policy
The following output displays the modified MAC filter output: A:ALU-7>config>filter# info ---------------------------------------------- mac-filter 90 create description "Mac_filter90" scope exclusive entry 1 create description "Mac_entry90_1" match src-mac 00:dc:98:1d:00:00 dst-mac 02:dc:98:1d:00:01 exit action forward exit exit ---------------------------------------------- A:ALU-7>config>filter# 7705 SAR OS Router Configuration Guide...
Page 319: Modifying A Vlan Filter Policy
The following output displays the modified VLAN filter output: *A:7705custDoc:Sar18>config>filter>vlan-filter# info ---------------------------------------------- description "VLAN_filter_2" entry 2 create description "vlan_fltr_entry2" action forward match vlan eq 104 exit entry 65535 create description "entry_65535" action forward match vlan range 2000 to 3000 exit ---------------------------------------------- *A:7705custDoc:Sar18>config>filter>vlan-filter# 7705 SAR OS Router Configuration Guide...
Page 320: Removing And Deleting A Filter Policy
[ip ip-filter-id | mac mac- filter-id] CLI Syntax: config>service# vprn service-id interface ip-int-name sap sap-id egress no filter [ip ip-filter-id] ingress no filter [ip ip-filter-id] spoke-sdp sdp-id:vc-id ingress no filter 7705 SAR OS Router Configuration Guide...
Page 321: Removing A Filter From A Network Interface
[ip ip-filter-id | ipv6 ipv6-filter- ingress no filter [ip ip-filter-id | ipv6 ipv6-filter- Example: config>router# interface b11 config>router>if# egress config>filter>if>egress# no filter ip 12 config>router>if>egress# exit config>filter>if># ingress config>filter>if>ingress# no filter ip 2 config>filter>if>ingress# exit 7705 SAR OS Router Configuration Guide...
Page 322: Removing A Filter From A Ring Port
CLI syntax to delete the filter: CLI Syntax: config>filter# no ip-filter filter-id CLI Syntax: config>filter# no ipv6-filter ipv6-filter-id CLI Syntax: config>filter# no mac-filter filter-id CLI Syntax: config>filter# no vlan-filter filter-id Example: config>filter# no ip-filter 2 config>filter# no mac-filter 55 7705 SAR OS Router Configuration Guide...
Page 323: Filter Command Reference
IP Filter Policy Configuration Commands → IPv6 Filter Policy Configuration Commands → MAC Filter Policy Commands → VLAN Filter Policy Commands → NAT Policy Commands • Show Commands • Clear Commands • Monitor Commands • Debug Commands 7705 SAR OS Router Configuration Guide...
Page 324: Configuration Commands
[protocol protocol-id] — no match — dscp dscp-name — no dscp — dst-ip {ip-address/mask | ip-address netmask} — no dst-ip — dst-port {lt | gt | eq} dst-port-number — dst-port range start end 7705 SAR OS Router Configuration Guide...
Page 325 — no — match [next-header next-header] — no match — dscp dscp-name — no dscp — dst-ip ipv6-address/prefix-length — no dst-ip — dst-port {lt | gt | eq} dst-port-number — dst-port range start end 7705 SAR OS Router Configuration Guide...
Page 326 {802dot3 | 802dot2-llc | 802dot2-snap | ethernet_II} — no match — dst-mac ieee-address — no dst-mac — etype 0x0600..0xffff — no etype — src-mac ieee-address — no src-mac — renum old-entry-id new-entry-id — scope {exclusive | template} — no scope 7705 SAR OS Router Configuration Guide...
Page 327 [days days] [hrs hours] [min minutes] [sec seconds] — no — udp-dns [days days] [hrs hours] [min minutes] [sec seconds] — no udp-dns — udp-initial [days days] [hrs hours] [min minutes] [sec seconds] — no udp-initial 7705 SAR OS Router Configuration Guide...
Page 328 {lt | gt | eq} tcp/udp port range start end — no src-port — profile {profile-id | profile-name} — no profile — name policy-name — no name — session-high-wmark percentage — session-low-wmark percentage 7705 SAR OS Router Configuration Guide...
Page 329: Show Commands
[interval seconds] [repeat repeat] [absolute | rate] — filter ipv6 ipv6-filter-id entry entry-id [interval seconds] [repeat repeat] [absolute | rate] — filter mac mac-filter-id entry entry-id [interval seconds] [repeat repeat] [absolute | rate] 7705 SAR OS Router Configuration Guide...
Page 330: Debug Commands
[zone-id | zone-name] [inbound | outbound | all] [forward | reject | nat] [source ip-address mask] [destination ip-address mask] — no zone [zone-id | zone-name] [inbound | outbound | all] [forward | reject | nat] [source ip-address mask] [destination ip-address mask] — no zone [zone-id | zone-name] 7705 SAR OS Router Configuration Guide...
Page 331: Command Descriptions
Filter Policies Command Descriptions • Configuration Commands • Show Commands • Clear Commands • Monitor Commands • Debug Commands 7705 SAR OS Router Configuration Guide...
Page 332: Configuration Commands
Generic Commands • Filter Log Commands • Filter Policy Commands • General Filter Entry Commands • IP, MAC, and VLAN Filter Entry Commands • IP and MAC Filter Match Criteria Commands • NAT Policy Commands 7705 SAR OS Router Configuration Guide...
Page 333 When disabled, an entity does not change, reset, or remove any configuration settings or statistics. Many objects must be shut down before they may be deleted. Many entities must be explicitly enabled using the no shutdown command. 7705 SAR OS Router Configuration Guide...
Page 334 Unlike other commands and parameters where the default state is not indicated in the configuration file, shutdown and no shutdown are always indicated in system-generated configuration files. The no form of the command puts an entity into the administratively enabled state. Default no shutdown 7705 SAR OS Router Configuration Guide...
Page 335 Filter logs can be sent to either memory or an existing syslog server. If the filter log destination is memory, the maximum number of entries in the log must be specified. The no form of the command deletes the filter log association. Default no destination 7705 SAR OS Router Configuration Guide...
Page 336 The no form of the command reverts to the default parameter. Default dst-addr Parameters dst-addr — specifies that received log packets are summarized based on the destination IP address src-addr — specifies that received log packets are summarized based on the source IP address 7705 SAR OS Router Configuration Guide...
Page 337 The no form of the command configures the memory filter log to accept filter log entries until full. When the memory filter log is full, filter logging for the log filter ID ceases. Default wrap-around 7705 SAR OS Router Configuration Guide...
Page 338: Filter Policy Commands
Any changes made to the existing policy, using any of the subcommands, will be applied immediately to all network interfaces where this policy is applied. 7705 SAR OS Router Configuration Guide...
Page 339 Context config>filter Description This command enables the context for a VLAN filter policy. The VLAN filter policy specifies either a forward or a drop action for packets based on the specified match criteria. 7705 SAR OS Router Configuration Guide...
Page 340 — specifies that all packets will be dropped unless there is a specific filter entry that causes the packet to be forwarded forward — specifies that all packets will be forwarded unless there is a specific filter entry that causes the packet to be dropped 7705 SAR OS Router Configuration Guide...
Page 341 If the policy is removed from the entity, it will become available for assignment to another entity. template — when the scope of a policy is defined as template, the policy can be applied to multiple network ports 7705 SAR OS Router Configuration Guide...
Page 342: General Filter Entry Commands
This command creates or edits a filter entry. Multiple entries can be created using unique entry-id numbers within the filter. The 7705 SAR implementation exits the filter on the first match found and executes the actions in accordance with the accompanying action command. For this reason, entries must be sequenced correctly, from most to least explicit.
Page 343 0.0.0.0 to 255.255.255.255 (dotted-decimal notation) fc fc-name — specifies the forwarding class (FC) to be used for queuing packets through the 7705 SAR. Each FC can be mapped to a different queue, or multiple FCs can be handled by the same queue.
Page 344 The filter log ID must exist before a filter entry can be enabled to use the filter log ID. The no form of the command disables logging for the filter entry. Default no log Parameters log-id — the filter log ID destination expressed as a decimal integer Values 101 to 199 7705 SAR OS Router Configuration Guide...
Page 345 IP in IP (encapsulation) Transmission Control Exterior Gateway Protocol Any private interior gateway User Datagram Reliable Data Protocol ipv6 IPv6 ipv6-route Routing Header for IPv6 idrp Inter-Domain Routing Protocol rsvp Reservation Protocol General Routing Encapsulation 7705 SAR OS Router Configuration Guide...
Page 346 PTP in the context of SGT QoS is defined as Precision Timing Protocol and is an application in the 7705 SAR. The PTP application name is also used in areas such as event-control and logging. Precision Timing Protocol is defined in IEEE 1588-2008.
Page 347 802dot3 — specifies the frame type as Ethernet IEEE 802.3 802dot2-llc — specifies the frame type as Ethernet IEEE 802.2 LLC 802dot2-snap — specifies the frame type as Ethernet IEEE 802.2 SNAP ethernet_II — specifies the frame type as Ethernet Type II 7705 SAR OS Router Configuration Guide...
Page 348 — specifies a range of VLAN IDs to be used for the VLAN filter match criteria. Values 1 to 4094 untagged — specifies that Ethernet frames with no tag or dot1q header (null encapsulation) are used for the VLAN filter match criteria 7705 SAR OS Router Configuration Guide...
Page 349 10.1.0.0/16. The conventional notation of 10.1.0.0 255.255.0.0 may also be used. The no form of the command removes the destination IP address match criterion. Default Parameters ip-address — the IP prefix for the IP match criterion in dotted-decimal notation Values 0.0.0.0 to 255.255.255.255 7705 SAR OS Router Configuration Guide...
Page 350 The no form of the command removes the destination MAC address match criterion. Default no dst-mac Parameters ieee-address — the MAC address to be used as a match criterion Values xx:xx:xx:xx:xx:xx or xx-xx-xx-xx-xx-xx, where x is a hexadecimal digit 7705 SAR OS Router Configuration Guide...
Page 351 (0x0600 to 0xFFFF) or a decimal (1536 to 65535) value. The Ethernet type field is used by the Ethernet version-II frames. The no form of the command removes the previously entered etype field as the match criteria. Default no etype 7705 SAR OS Router Configuration Guide...
Page 352 — the ICMP code values that must be present to match Values 0 to 255 (values can be expressed in decimal, hexadecimal, or binary – DHB) keywords - none | network-unreachable | host-unreachable | protocol-unreachable | port-unreachable | fragmentation-needed | dest-network-unknown | dest-host-unknown 7705 SAR OS Router Configuration Guide...
Page 353 — the 8-bit option type (can be entered using decimal, hexadecimal, or binary formats). The mask is applied as an AND to the option byte and the result is compared with the option value. 7705 SAR OS Router Configuration Guide...
Page 354: Table 46 8-Bit Mask Formats
— specifies matching on IP packets that contain more than one option field in the header false — specifies matching on IP packets that do not contain multiple option fields in the header 7705 SAR OS Router Configuration Guide...
Page 355 — the IP prefix for the IP match criterion in dotted-decimal notation Values 0.0.0.0 to 255.255.255.255 mask — the subnet mask length expressed as a decimal integer Values 0 to 32 netmask — any mask expressed in dotted-decimal notation Values 0.0.0.0 to 255.255.255.255 7705 SAR OS Router Configuration Guide...
Page 356 The no form of the command removes the source MAC address as the match criterion. Default no src-mac Parameters ieee-address — the 48-bit IEEE MAC address to be used as a match criterion Values xx:xx:xx:xx:xx:xx or xx-xx-xx-xx-xx-xx, where x is a hexadecimal digit 7705 SAR OS Router Configuration Guide...
Page 357 — specifies matching on IP packets that have the ACK bit set in the control bits of the TCP header of an IP packet false — specifies matching on IP packets that do not have the ACK bit set in the control bits of the TCP header of the IP packet 7705 SAR OS Router Configuration Guide...
Page 358 — specifies matching on IP packets that have the SYN bit set in the control bits of the TCP header false — specifies matching on IP packets that do not have the SYN bit set in the control bits of the TCP header 7705 SAR OS Router Configuration Guide...
Page 359 This command configures a profile group that provides a context within which you can configure security features such as session idle timeouts. Profile 1 is a default profile and cannot be modified. The no form of the command removes the configured profile group. Default 7705 SAR OS Router Configuration Guide...
Page 360 ICMP request is sent but no ICMP response is received. The no form of the command removes the timeout set for icmp-request. Default Parameters days — the timeout in days Values hours — the timeout in hours Values 1 to 24 7705 SAR OS Router Configuration Guide...
Page 361 This command configures the timeout applied to a TCP session in the SYN state. The no form of the command removes the timeout set for tcp-syn. Default Parameters days — the timeout in days Values 7705 SAR OS Router Configuration Guide...
Page 362 Context config>security>profile>timeouts Description This command configures the idle timeout applied to a TCP session in a transitory state. The no form of the command removes the timeout entered set for tcp-transitory. Default 7705 SAR OS Router Configuration Guide...
Page 363 [days days] [hrs hours] [min minutes] [sec seconds] no udp-dns Context config>security>profile>timeouts Description This command configures the timeout applied to a UDP session with destination port 53. The no form of the command removes the udp-dns timeout. 7705 SAR OS Router Configuration Guide...
Page 364 — the timeout in days Values hours — the timeout in hours Values 1 to 24 minutes — the timeout in minutes Values 1 to 59 seconds — the timeout in seconds Values 1 to 59 7705 SAR OS Router Configuration Guide...
Page 365 The nat and forward actions cause a 6-tuple lookup (src/dst IP, src/dst port, protocol, src zone). If there is a match, NAT is applied and the packet is routed based on the datapath session table. Multiple action statements entered will overwrite previous action statements when defined. 7705 SAR OS Router Configuration Guide...
Page 366 NAT (port forwarding). tcp-udp-port — the static NAT inside port IP number used for port forwarding. When configured, the original packet destination port number is overwritten with this configured port number. Values 1 to 65535 7705 SAR OS Router Configuration Guide...
Page 367 The no form of the command removes the match criteria for the entry. Default Parameters local — specifies local traffic matches indicated by a destination IP address that matches a local 7705 SAR interface. The local parameter applies only to static destination NAT (port forwarding). 7705 SAR OS Router Configuration Guide...
Page 368 Filter Command Reference protocol-id — configures an IP protocol to be used as a match criterion. The 7705 SAR supports protocol types TCP, UDP, and ICMP. Common protocol numbers include ICMP (1), TCP (6), and UDP (17). Values 0 to 32...
Page 369 This command configures matching on an ICMP code field in the ICMP header of an IPv4 packet as a match criterion. This option is only meaningful if the protocol match criterion specifies ICMP (1). The no form of the command removes the criterion from the match entry. Default no icmp-code 7705 SAR OS Router Configuration Guide...
Page 370 This command configures the source IP address or address range to be used in the matching criteria of a policy entry. All packets within the specified IP address range are processed for matching criteria. The no form of the command removes the source IP address match criteria. Default 7705 SAR OS Router Configuration Guide...
Page 371 This command assigns an already configured profile to a policy. The no form of the command removes the assigned profile. Default Parameters profile-id — specifies the ID of the profile group Values 1 to 65535 7705 SAR OS Router Configuration Guide...
Page 372 This command configures the low-watermark threshold for NAT sessions. The alarm is cleared when the session utilization percentage is equal to or less than the low-watermark threshold. The value must be lower than or equal to the session-high-wmark value. 7705 SAR OS Router Configuration Guide...
Page 373 Filter Policies The no form of the command removes the low-watermark setting. Default no session-low-wmark Parameters percentage — specifies the low-watermark threshold Values 1 to 100 7705 SAR OS Router Configuration Guide...
Page 374: Show Commands
Output, Table Sample Output *A-ALU-1# show filter ip =============================================================================== IP Filters =============================================================================== Filter-Id Scope Applied Description ------------------------------------------------------------------------------- Template Yes Template Yes Template Yes Template No Template No ------------------------------------------------------------------------------- Num IP filters: 5 =============================================================================== *A-ALU-1# 7705 SAR OS Router Configuration Guide...
Page 375: Table 47 Show Filter Output Fields
Fragment : Off Option-present : Off IP-Option : 0/0 Multiple Option: Off TCP-syn : Off TCP-ack : Off Match action : Drop Ing. Matches : 0 pkts Egr. Matches : 0 pkts =============================================================================== *A-ALU-1# 7705 SAR OS Router Configuration Guide...
Page 376: Table 48 Show Filter Output Fields (Filter Id Specified)
Inactive, the filter entry is incomplete as no action has been specified. Description The IP filter policy description Src. IP The source IP address and prefix length match criterion Dest. IP The destination IP address and prefix length match criterion 7705 SAR OS Router Configuration Guide...
Page 377 Multiple Option: (IPv4 Off — the option fields are not checked filters only) On — packets containing one or more option fields in the IP header will be used as IP filter match criteria 7705 SAR OS Router Configuration Guide...
Page 378 *A-ALU-49# show filter ip 1 associations =============================================================================== IPv6 Filter =============================================================================== Filter Id Applied : No Scope : Template Def. Action : Drop Entries Description : (Not Specified) ------------------------------------------------------------------------------- Filter Association : IPv6 ------------------------------------------------------------------------------- No Match Found =============================================================================== *A-ALU-49# 7705 SAR OS Router Configuration Guide...
Page 379: Table 49 Show Filter Associations Output Fields
(no action was specified). Drop — drop packets matching the filter entry Forward — forward packets matching the filter entry Ing. Matches The number of ingress filter matches/hits for the filter entry 7705 SAR OS Router Configuration Guide...
Page 380 : Template Def. Action : Drop Entries : Not Available ------------------------------------------------------------------------------- Filter Match Criteria : IP ------------------------------------------------------------------------------- Entry : 10 Ing. Matches: 749 Egr. Matches Entry : 200 Ing. Matches: 0 Egr. Matches =============================================================================== *A-ALU-1# 7705 SAR OS Router Configuration Guide...
Page 381: Table 50 Show Filter Counters Output Fields
The filter entry ID. If the filter entry ID indicates the entry is (Inactive), the filter entry is incomplete as no action has been specified. Ing. Matches The number of ingress filter matches/hits for the filter entry 7705 SAR OS Router Configuration Guide...
Page 382 Desc: Descr. for Ip Fltr Policy id # 1 entry 12 SDP: 1:60000 Direction: Ingress Action: Drop Src MAC: 1f-ff-f0-1f-ff-c5 Dst MAC: aa-bb-cc-dd-ee-ff EtherType: 0800 Src IP: 10.50.1.144:3216 Dst IP: 10.10.11.2:0 Flags: 0 TOS: b8 TTL: 64 7705 SAR OS Router Configuration Guide...
Page 383: Table 51 Show Filter Log Output Fields
The filter ID and entry ID Desc. The description string for the filter log The SDP using this filter Direction The direction of the traffic being filtered Action The action taken as a result of the filter 7705 SAR OS Router Configuration Guide...
Page 384: Table 52 Show Filter Log Bindings
The maximum allowed instances of filter logs allowed on the system (Allowed) Total Log Instances (In The instances of filter logs presently existing on the system Use) Total Log Bindings The count of the filter log bindings presently existing on the system 7705 SAR OS Router Configuration Guide...
Page 385 The following outputs are examples of MAC filter information: • no parameters specified (Sample Output, Table • mac-filter-id specified (Sample Output, Table • associations specified (Sample Output, Table • counters specified (Sample Output, Table 7705 SAR OS Router Configuration Guide...
Page 386: Table 53 Show Filter Mac (No Filter- D Specified)
Entries Description : (Not Specified) ------------------------------------------------------------------------------- Filter Match Criteria : Mac ------------------------------------------------------------------------------- Entry : 5000 (Inactive) FrameType : Ethernet Description : (Not Specified) Log Id : n/a Src Mac : ff:ff:ff:ff:ff:ff ff:ff:ff:ff:ff:ff Dest Mac 7705 SAR OS Router Configuration Guide...
Page 387: Table 54 Show Filter Mac (Filter Id Specified)
Log Id The filter log identifier Src Mac The source MAC address and mask match criterion. When both the MAC address and mask are all zeros, no criterion is specified for the filter entry 7705 SAR OS Router Configuration Guide...
Page 388 *A-ALU-1# show filter# mac 11 associations =============================================================================== Mac Filter =============================================================================== Filter Id : 11 Applied : No Scope : Template Def. Action : Drop Entries Description : (Not Specified) ------------------------------------------------------------------------------- Filter Association : Mac ------------------------------------------------------------------------------- No Match Found =============================================================================== 7705 SAR OS Router Configuration Guide...
Page 389: Table 55 Show Filter Mac Associations
Def. Action : Drop Entries Description : (Not Specified) ------------------------------------------------------------------------------- Filter Match Criteria : Mac ------------------------------------------------------------------------------- Entry : 11 (Inactive) FrameType : Ethernet II Ing. Matches: 0 pkts Egr. Matches: 0 pkts =============================================================================== *A-ALU-1# 7705 SAR OS Router Configuration Guide...
Page 390: Table 56 Show Filter Mac Counters
Ethernet II — the entry ID match frame type is Ethernet Type II Ing. Matches The number of ingress filter matches/hits for the filter entry Egr. Matches The number of egress filter matches/hits for the filter entry 7705 SAR OS Router Configuration Guide...
Page 391: Table 57 Show Filter Vlan (No Filter Specified)
Template — the VLAN filter policy is always of type Template Applied No — the filter policy ID has not been applied Yes — the filter policy ID is applied Description The VLAN filter policy description 7705 SAR OS Router Configuration Guide...
Page 392: Table 58 Show Filter Vlan (Filter Id Specified)
The VLAN filter policy ID Applied No — the filter policy ID has not been applied Yes — the filter policy ID is applied Scope Template — the filter policy is always of type Template 7705 SAR OS Router Configuration Guide...
Page 393 This command displays NAT policy information. Parameters policy-id — displays detailed information for the specified policy ID Values 1 to 65535 policy-name — specifies the name of the policy Values 1 to 32 characters (must start with a letter) 7705 SAR OS Router Configuration Guide...
Page 394 : None Dest. IP : None Dest. Port : None Protocol : udp ICMP Type : Undefined ICMP Code : Undefined Profile ID : DEFAULT Action : nat Session Limit : None =============================================================================== *A-ALU-1# 7705 SAR OS Router Configuration Guide...
Page 395: Table 59 Show Security Policy Output Fields (Detail)
Profile ID : DEFAULT Action : nat Session Limit : None =============================================================================== *A-ALU-1# Table 59: Show Security Policy Output Fields (Detail) Label Description Policy Id The NAT policy ID Name The name of the policy 7705 SAR OS Router Configuration Guide...
Page 396 Nat — applies NAT to the packets matching the profile entry Reject — rejects packets matching the profile entry Forward — forward packets matching the profile entry Src. Port The source TCP or UDP port number or port range 7705 SAR OS Router Configuration Guide...
Page 397 : 4 min TCP Established : 2 hrs 4 min TCP Time-Wait : None UDP Initial : 15 seconds UDP Idle : 5 min UDP DNS : 15 seconds ICMP Request : 1 min =============================================================================== *A-ALU-1# 7705 SAR OS Router Configuration Guide...
Page 398: Table 60 Show Security Profile Output Fields (Detail)
This command displays a summary of NAT security information. Output The following output is an example of NAT summary information. Sample Output *A-ALU-1# show security summary =============================================================================== Security =============================================================================== Policy State : Committed Last Commit : 07/11/2014 03:05:34 Policies Profiles Zones Sessions 7705 SAR OS Router Configuration Guide...
Page 399 The following output is an example of zone information: Sample Output *A-ALU-1# show security zone 1 statistics =============================================================================== Zone Statistics =============================================================================== Inbound Outbound ------------------------------------------------------------------------------- Total Sessions 76798 Active Sessions 2555 Dropped Packets 1184369 Octets 125543114 Default Action Packets 1201223 Octets 127329638 145630 7705 SAR OS Router Configuration Guide...
Page 400: Nat Pool
Entry Id Direction : Inbound IP Address : ies-10010.30.10.1 Port : Any ------------------------------------------------------------------------------- Num of Entries =============================================================================== *A-ALU-1# policy Syntax policy [entry entry-id] [detail] [statistics] Context show>security>zone Description This command displays NAT policy information. 7705 SAR OS Router Configuration Guide...
Page 401 This command displays NAT session information. Parameters session-id — displays detailed information for the specified session ID Values 1 to 6144 (7705 SAR-8/7705 SAR-18) 1 to 4096 (7705 SAR-H/7705 SAR-Hc/7705 SAR-Wx) inbound — displays zone inbound sessions 7705 SAR OS Router Configuration Guide...
Page 402 Action To Destination ------------------------------------------------------------------------------- No Outbound Sessions =============================================================================== *A-ALU-1# Sample Output *A-ALU-1# show security zone 1 session 1 statistics =============================================================================== Security Zone =============================================================================== Zone Id State : Committed Name : Service Inbound Zone =============================================================================== =============================================================================== 7705 SAR OS Router Configuration Guide...
Page 403 Filter Policies Session 1 Traffic Statistics =============================================================================== Forward Reverse ------------------------------------------------------------------------------- Passed Packets 2042929 2042589 Octets 216550474 224684790 =============================================================================== *A-ALU-1# 7705 SAR OS Router Configuration Guide...
Page 404: Clear Commands
— only the counters associated with the specified filter policy entry will be cleared Values 1 to 64 ingress — only the ingress counters will be cleared egress — only the egress counters will be cleared 7705 SAR OS Router Configuration Guide...
Page 405 — only the counters associated with the specified filter policy entry will be cleared Values 1 to 64 ingress — only the ingress counters will be cleared egress — only the egress counters will be cleared (currently not supported on the 7705 SAR) session Syntax session [session-id] [statistics] Context clear>security...
Page 406 — removes inbound sessions associated with the specified zone ID outbound — removes outbound sessions associated with the specified zone ID all — removes all sessions associated with the specified zone ID statistics — clears statistics for the specified zone ID 7705 SAR OS Router Configuration Guide...
Page 407: Monitor Commands
This command monitors the counters associated with the IPv6 filter policy. Parameters ipv6-filter-id — the IPv6 filter policy ID Values 1 to 65535 entry-id — only the counters associated with the specified filter policy entry will be monitored Values 1 to 64 7705 SAR OS Router Configuration Guide...
Page 408 — the raw statistics are displayed without processing. No calculations are performed on the delta or rate statistics. rate — the rate per second for each statistic is displayed instead of the delta 7705 SAR OS Router Configuration Guide...
Page 409: Debug Commands
— specifies forwarded packets reject — specifies rejected packets nat — specifies packets matching the entry criteria that have NAT applied to them source — specifies the source IP address destination — specifies the destination IP address 7705 SAR OS Router Configuration Guide...
Page 410 Filter Command Reference 7705 SAR OS Router Configuration Guide...
Page 411: Route Policies
This chapter provides information about configuring route policies. Topics in this chapter include: • Configuring Route Policies • Route Policy Configuration Process Overview • Configuration Notes • Configuring Route Policies with CLI • Route Policy Command Reference 7705 SAR OS Router Configuration Guide...
Page 412: Configuring Route Policies
MPLS label database. For routing, the 7705 SAR supports two databases to store routes. The routing database (RIB) is composed of the routing information learned by the routing protocols, including static routes.
Page 413: Policy Statements
Route Policies Refer to the “Label Distribution Protocol” section in the 7705 SAR OS MPLS Guide for more information on how routing policies can be used as LDP import or export policies to control the label bindings an LSR accepts from, or advertises to, its peers.
Page 414: Denied Ip Prefixes
BGP AS border routers is minimized. The rationale is to delay the use of unstable routes (flapping routes) to forward data and advertisements until the route stabilizes. 7705 SAR OS Router Configuration Guide...
Page 415 Route Policies The Alcatel-Lucent implementation of route damping is based on the following parameters: • Figure of Merit — a route is assigned a Figure of Merit (FoM), which is proportional to the frequency of flaps. The FoM algorithm can characterize a route’s behavior over a period of time.
Page 416: Regular Expressions
AS path so that they can be filtered out before cluttering the service provider’s routing information base (RIB). The 7705 SAR OS uses regular expression strings to specify match criteria for: •...
Page 417: Table 61 Regular Expression Operators
Matches the end of the string — only allowed for communities An escape character to indicate that the following character is a match criteria and not a grouping delimiter Examples of AS path and community string regular expressions are listed in Table 7705 SAR OS Router Configuration Guide...
Page 418: Table 62 As Path And Community Regular Expression Examples
(. 11) | (. 22) 200 22 300 400 … . (11 | 22) .* Path of length one or two whose second AS number . (11 | 22)? might be 11 or 22 200 11 300 22 7705 SAR OS Router Configuration Guide...
Page 419 11 22 33 44 55 AS number is 100 and community value is 200 100:200 ^100:200$ AS number is 11 or 22 and community value is any 11:100 ^((11)|(22)): number (.*)$ 22:100 11:200 … 7705 SAR OS Router Configuration Guide...
Page 420: Bgp And Ospf Route Policy Support
Figure 13 depicts OSPF support, which applies routing policies at the edge of the protocol, in order to control only the routes that are announced to or accepted from the Routing Table Manager (RTM). 7705 SAR OS Router Configuration Guide...
Page 421: Bgp Route Policies
20104 BGP Route Policies The Alcatel-Lucent implementation of BGP uses route policies extensively. The implied or default route policies can be overridden by customized route policies. The default BGP properties, with no route policies configured, behave as follows: •...
Page 422: Readvertised Route Policies
• when you want the MP-BGP routing protocol to announce active routes learned from another routing protocol (that is, the static routes configured in the 7705 SAR). This function is sometimes called route redistribution. •...
Page 423: Route Policy Configuration Process Overview
Figure 14: Route Policy Configuration and Implementation Flow START CONFIGURE AS-PATH REGULAR EXPRESSIONS CONFIGURE COMMUNITY LISTS CONFIGURE DAMPING PARAMETERS CONFIGURE PREFIX LISTS CONFIGURE ROUTE POLICY APPLY ROUTE POLICIES ENABLE 21824 7705 SAR OS Router Configuration Guide...
Page 424: Configuration Notes
When configuring policy statements, the policy statement name must be unique. Reference Sources For information on supported IETF drafts and standards, as well as standard and proprietary MIBs, refer to Standards and Protocol Support. 7705 SAR OS Router Configuration Guide...
Page 425: Configuring Route Policies With Cli
This section provides information to configure route policies using the command line interface. Topics in this section include: • Route Policy Configuration Overview • Basic Route Policy Configuration • Configuring Route Policy Components • Route Policy Configuration Management Tasks 7705 SAR OS Router Configuration Guide...
Page 426: Route Policy Configuration Overview
Each route policy must be explicitly created and applied. Applying route policies can introduce more efficiency as well as more complexity to the capabilities of the 7705 SAR. Route policies are used to configure which MPLS labels should be learned or advertised.
Page 427: Default Route Policy Actions
→ export (internal routes) – all OSPF or IS-IS routes are automatically advertised to all neighbors → export (external routes) – all non-OSPF or non-IS-IS learned routes are not advertised to OSPF or IS-IS neighbors 7705 SAR OS Router Configuration Guide...
Page 428: Policy Evaluation
Figure 15 shows an example of the route policy process. Figure 16 Figure 17 show the next-policy and next-entry route policy processes. 7705 SAR OS Router Configuration Guide...
Page 429: Figure 15 Route Policy Process Example
Accept Entry 1 or reject matches Accept Entry 2 or reject matches Accept Entry 3 or reject no match Perform Default action default specified? action Perform action specified by protocol 20096 7705 SAR OS Router Configuration Guide...
Page 430: Figure 16 Next Policy Logic Example
Match Criteria next-policy Match Criteria Match Criteria Community: Local-Pref: METRIC:300 Action: Action: Entry nn Action: Entry nn Entry nn next-policy next-policy Match Criteria next-policy Match Criteria Match Criteria Local-Pref: Community: METRIC: nn 20099 7705 SAR OS Router Configuration Guide...
Page 431: Damping
A route can be suppressed according to the Figure of Merit (FoM) value. The FoM is a value that is added to a route each time it flaps. A new route begins with an FoM value of 0. 7705 SAR OS Router Configuration Guide...
Page 432: Figure 18 Damping Example
(time), and reuse threshold. The peaks represent route flaps, and the slopes represent half-life decay. Figure 18: Damping Example SUPPRESS THRESHOLD REUSE THRESHOLD Time 20948 7705 SAR OS Router Configuration Guide...
Page 433: Basic Route Policy Configuration
"Outside madeup paths" exit action reject exit exit entry 2 from protocol bgp as-path "Outside Internet paths" exit action reject exit exit entry 3 from protocol ospf exit protocol bgp exit action reject exit exit 7705 SAR OS Router Configuration Guide...
Page 434 4 from protocol isis exit protocol bgp exit action reject exit exit default-action accept exit exit policy-statement "aggregate-customer-peer-only" entry 1 from community "all-customer-announce" exit action accept exit exit default-action reject exit exit ---------------------------------------------- A:ALU-B>config>router>policy-options# 7705 SAR OS Router Configuration Guide...
Page 435: Configuring Route Policy Components
{accept | next-entry | next-policy | reject} entry entry-id description text action {accept | next-entry |next-policy | reject} from neighbor {ip_address | prefix-list name} prefix-list name [name...up to 5 max] 7705 SAR OS Router Configuration Guide...
Page 436: Beginning The Policy Statement
Use the following CLI syntax to enter the edit mode: CLI Syntax: config>router>policy-options begin The following example displays some commands to configure a policy statement. Policy option commands are configured in the config>router context. Use the commit command to save the changes. 7705 SAR OS Router Configuration Guide...
Page 437 MINOR: CLI The policy-options must be in edit mode by calling begin before any changes can be made. A:ALU-B>config>router>policy-options# info #------------------------------------------ # Policy #------------------------------------------ policy-options begin policy-statement "allow all" description "General Policy" exit exit ---------------------------------------------- A:ALU-B>config>router>policy-options# 7705 SAR OS Router Configuration Guide...
Page 438: Configuring A Default Action
[igp | metric] preference preference tag hex-string type type The following example displays default action configuration command usage. These commands are configured in the config>router>policy-options context. Example: config>router>policy-options# policy-statement "1" policy-statement$ default-action accept 7705 SAR OS Router Configuration Guide...
Page 439: Configuring An Entry
{1 | 2} neighbor {ip-address | prefix-list name} origin {igp | egp | incomplete | any} prefix-list name [name...(up to 5 max)] protocol protocol [all | instance instance] source-address ip-address tag tag 7705 SAR OS Router Configuration Guide...
Page 440 The following example displays entry parameters and includes the default action parameters that were displayed in the previous section. A:ALU-B>config>router>policy-options# info ---------------------------------------------- policy-statement "1" entry 1 protocol bgp neighbor 10.10.10.104 exit action accept exit exit entry 2 from protocol ospf exit 7705 SAR OS Router Configuration Guide...
Page 441: Configuring An As Path (Policy-Option)
The following example displays a community list configuration: A:ALU-B>config>router>policy-options# info ---------------------------------------------- community "eastern" members "100:200" community "western" members "100:300" community "northern" members "100:400" community "southern" members "100:500" community "headquarters" members "100:1000" policy-statement "1" entry 1 7705 SAR OS Router Configuration Guide...
Page 442: Configuring Damping
The following example displays damping configuration command usage. Example: config>router>policy-options# config.router>policy-options#damping damptest123 config.router>policy-options#damping# max-suppress 60 config.router>policy-options#damping# half-life 15 config.router>policy-options#damping# re-use 750 config.router>policy-options#damping# suppress 1000 config.router>policy-options#damping# exit config.router>policy-options# 7705 SAR OS Router Configuration Guide...
Page 443: Configuring A Prefix List
10.10.0.3/32 policy-options>prefix-list# prefix 10.10.0.4/32 The following example displays the prefix list configuration. A:ALU-B>config>router>policy-options# info ---------------------------------------------- prefix-list "western" prefix 10.10.0.1/32 exact prefix 10.10.0.2/32 exact prefix 10.10.0.3/32 exact prefix 10.10.0.4/32 exact exit ---------------------------------------------- A:ALU-B>config>router>policy-options># 7705 SAR OS Router Configuration Guide...
Page 444: Configuring Pim Join Policies
PIM state explosion—large numbers of Join messages forwarded to each router on the RPT, resulting in memory consumption. For information on importing a Join policy into a PIM configuration, see the “Importing PIM Join Policies” section in the 7705 SAR OS Routing Protocols Guide.
Page 445: Configuring Bootstrap Message Import And Export Policies
The following configuration example illustrates the application of the policies to PIM. Up to five import and five export policies can be specified. Example: configure>router>pim>rp# bootstrap-import pim_import_policy configure>router>pim>rp# bootstrap-export pim_export_policy 7705 SAR OS Router Configuration Guide...
Page 446: Route Policy Configuration Management Tasks
“from hq” policy-statement>entry>from# exit policy-statement>entry# action reject policy-statement>entry# commit policy-statement>entry# exit The following example displays the changed configuration. A:ALU-B>config>router>policy-options>policy-statement# info ---------------------------------------------- description "Level 1" entry 1 from neighbor 10.10.10.104 exit action accept exit exit 7705 SAR OS Router Configuration Guide...
Page 447: Deleting An Entry
The following example displays the commands required to delete a policy statement entry. Example: config>router>policy-options# begin policy-options# policy-statement "1" policy-options>policy-statement# no entry 4 policy-options>policy-statement# commit 7705 SAR OS Router Configuration Guide...
Page 448: Deleting A Policy Statement
Use the following CLI syntax to delete a policy statement: CLI Syntax: config>router>policy-options begin commit abort no policy-statement name The following example displays the commands required to delete a policy statement. Example: config>router>policy-options# begin policy-options# no policy-statement 1 policy-options# commit 7705 SAR OS Router Configuration Guide...
Page 449: Route Policy Command Reference
Route Policies Route Policy Command Reference Command Hierarchies • Route Policy Configuration Commands • Show Commands 7705 SAR OS Router Configuration Guide...
Page 450: Route Policy Configuration Commands
— [no] next-hop-self — origin {igp | egp | incomplete} — no origin — preference preference — no preference — hex-string — no — type type — no type — entry entry-id — no entry 7705 SAR OS Router Configuration Guide...
Page 451 {igp | egp | incomplete | any} — no origin — prefix-list name [name...(up to 5 max)] — no prefix-list — protocol protocol [all | {instance instance}] — no protocol — source-address ip-address 7705 SAR OS Router Configuration Guide...
Page 452: Show Commands
[exact | longer | through length | prefix-length-range length1-length2] — [no] triggered-policy Show Commands show — router router-name — policy [name | damping | prefix-list name | as-path name | community name | admin] 7705 SAR OS Router Configuration Guide...
Page 453: Command Descriptions
Route Policies Command Descriptions • Configuration Commands • Show Commands 7705 SAR OS Router Configuration Guide...
Page 454: Configuration Commands
Route Policy Command Reference Configuration Commands • Generic Commands • Route Policy Options • Route Policy Damping Commands • Route Policy Prefix Commands • Route Policy Entry Match Commands • Route Policy Action Commands 7705 SAR OS Router Configuration Guide...
Page 455 Description This command creates a text description that is stored in the configuration file to help identify the contents of the entity. The no form of the command removes the string from the configuration. 7705 SAR OS Router Configuration Guide...
Page 456 — the description character string. Allowed values are any string up to 80 characters long composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, etc.), the entire string must be enclosed within double quotes. 7705 SAR OS Router Configuration Guide...
Page 457 — the community ID. Up to 15 community ID strings can be specified with a total maximum of 72 characters. A community ID can be specified in four different forms: as-number:comm-val1 | reg-ex | ext-comm | well-known-comm 7705 SAR OS Router Configuration Guide...
Page 458 [no] policy-options Context config>router Description This command enables the context to configure route policies. Route policies are applied to the routing protocol. The no form of the command deletes the route policy configuration. Default 7705 SAR OS Router Configuration Guide...
Page 459 BGP peer on a 7705 SAR. It is more effective to control changes on a peer-by-peer basis. If the triggered-policy command is enabled and a given peer is established, and you want the peer to remain up, then, in order for a change to a route policy to take effect, a clear command with the soft or soft-inbound option must be used.
Page 460 When the FoM value falls below the reuse threshold, the route is once again considered valid and can be reused or included in route advertisements. The no form of the command removes the half-life parameter from the damping profile and uses the value from the default profile. 7705 SAR OS Router Configuration Guide...
Page 461 The no form of the command removes the reuse parameter from the damping profile and uses the value from the default profile. Default no reuse 7705 SAR OS Router Configuration Guide...
Page 462 The no form of the command removes the suppress parameter from the damping profile and uses the value from the default profile. Default no suppress Parameters integer — the suppress value expressed as a decimal integer Values 1 to 20000 Default 3000 7705 SAR OS Router Configuration Guide...
Page 463 Values 0 to 32 length1 - length2 — a route must match the most significant bits and have a prefix-length value within the given range Values 0 to 32, length2 > length1 > prefix-length 7705 SAR OS Router Configuration Guide...
Page 464 This command creates the context to edit route policy entries within the route policy statement. Multiple entries can be created using unique entries. The 7705 SAR OS exits the filter when the first match is found and executes the action specified. For this reason, entries must be sequenced correctly from most to least explicit.
Page 465 The no form of the command removes the OSPF area match criterion. Default Parameters area-id — the OSPF area ID expressed in dotted-decimal notation or as a 32-bit decimal integer Values 0.0.0.0 to 255.255.255.255 (dotted-decimal), 0 to 4294967295 (decimal) 7705 SAR OS Router Configuration Guide...
Page 466 — the community list name. Allowed values are any string up to 32 characters long composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, etc.), the entire string must be enclosed within double quotes. The name specified must already be defined. 7705 SAR OS Router Configuration Guide...
Page 467 — the prefix-list name. Allowed values are any string up to 32 characters long composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, etc.), the entire string must be enclosed within double quotes. The prefix-list-name is defined in the config>router>policy-options>prefix-list context. 7705 SAR OS Router Configuration Guide...
Page 468 If no neighbor is specified, any neighbor is considered a match. The no form of the command removes the neighbor IP match criterion from the configuration. Default no neighbor 7705 SAR OS Router Configuration Guide...
Page 469 The prefix list specifies the network prefix (this includes the prefix and length) that a specific policy entry applies to. Up to five prefix list names can be specified. The no form of the command removes the prefix list match criterion. Default no prefix-list 7705 SAR OS Router Configuration Guide...
Page 470 This command specifies the source address that is embedded in the join or prune packet as a filter criterion. The no form of the command removes the criterion from the configuration. Default Parameters ip-address — the IP prefix for the IP match criterion in dotted-decimal notation 7705 SAR OS Router Configuration Guide...
Page 471 The no form of the command removes the OSPF type match criterion. Parameters type — the OSPF type metric Values 1 — set as OSPF routes with type 1 LSAs 2 — set as OSPF routes with type 2 LSAs 7705 SAR OS Router Configuration Guide...
Page 472 Description This command creates the context to configure actions to take for routes matching a route policy statement entry. This command is required and must be entered for the entry to be active. 7705 SAR OS Router Configuration Guide...
Page 473 — the AS path list name. Allowed values are any string up to 32 characters long composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, etc.), the entire string must be enclosed within double quotes. The name specified must already be defined. 7705 SAR OS Router Configuration Guide...
Page 474 — the specified community list is added to any existing list of communities remove — the specified community list is removed from the existing list of communities replace — the specified community list replaces any existing community attribute 7705 SAR OS Router Configuration Guide...
Page 475 The no form of the command disables assigning a local preference in the route policy entry. Default no local-preference Parameters preference — the local preference expressed as a decimal integer Values 0 to 4294967295 7705 SAR OS Router Configuration Guide...
Page 476 The no form of the command removes the MED value from the route policy statement. If a MED value is configured for a BGP peer using the med-out command, that value is used (see 7705 SAR OS Routing Protocols Guide, “BGP Command Reference”). If no MED is configured, no MED value is advertised.
Page 477 — sets the path information as originating within the local AS egp — sets the path information as originating in another AS incomplete — sets the path information as learned by some other means 7705 SAR OS Router Configuration Guide...
Page 478 This command assigns an OSPF type metric to routes that do not match any entry (for default action) or that match the entry (for action). The no form of the command disables assigning an OSPF type in the route policy entry. 7705 SAR OS Router Configuration Guide...
Page 479 Route Policies Default no type Parameters type — specifies the OSPF type metric Values 1 — set as OSPF routes with type 1 LSAs 2 — set as OSPF routes with type 2 LSAs 7705 SAR OS Router Configuration Guide...
Page 480: Show Commands
• Sample Output - show router policy as-path • Sample Output - show router policy as-path name • Sample Output - show router policy community • Sample Output - show router policy community name 7705 SAR OS Router Configuration Guide...
Page 481 5000 exit damping "TEST-MEDIUM" half-life 22 max-suppress 720 reuse 5000 suppress 11000 exit policy-statement "BGP To OSPF" description "Policy Statement For 'BGP To OSPF'" entry 10 description "Entry For Policy 'BGP To OSPF" from 7705 SAR OS Router Configuration Guide...
Page 482 "Policy Statement For 'BGP To OSPF'" entry 10 description "Entry For Policy 'BGP To OSPF" from protocol bgp exit protocol rip exit action accept metric set 1 next-hop 10.0.18.200 tag 0x8008135 exit exit default-action reject A:ALU-1# 7705 SAR OS Router Configuration Guide...
Page 483 The show router policy prefix-list name command displays information about a specific prefix list. A:ALU-1# show router policy prefix-list All-Routes prefix 0.0.0.0/0 longer prefix 2.0.0.0/8 longer prefix 3.0.0.0/8 longer prefix 4.0.0.0/8 longer prefix 5.0.0.0/8 longer prefix 6.0.0.0/8 exact prefix 224.0.0.0/24 longer A:ALU-1# 7705 SAR OS Router Configuration Guide...
Page 484 A:ALU-1# Sample Output - show router policy community name The show router policy community name command displays information about a specific community. A:ALU-1# show router policy community 65206 community "65206" members "no-export" "no-export-subconfed" A:ALU-1# 7705 SAR OS Router Configuration Guide...
Page 485: Table 63 Show Route Policy Output Fields
(length) values or values greater (longer) than the specified mask AS Path Name The list of AS path names AS Paths The total number of AS paths configured Community Name The list of community names Communities The total number of communities configured 7705 SAR OS Router Configuration Guide...
Page 486 Route Policy Command Reference 7705 SAR OS Router Configuration Guide...
Page 487: List Of Acronyms
ANSI American National Standards Institute Apipe ATM VLL 7705 SAR OS Router Configuration Guide...
Page 488 (first packet of a fragment) committed burst size excess burst size BECN backward explicit congestion notification Bellcore Bell Communications Research bidirectional forwarding detection border gateway protocol BITS building integrated timing supply BMCA best master clock algorithm 7705 SAR OS Router Configuration Guide...
Page 489 BSTA Broadband Service Termination Architecture base transceiver station channel associated signaling common bonding networks committed buffer space continuity check control channel continuity check message circuit emulation customer edge circuit emulation circuit emulation services 7705 SAR OS Router Configuration Guide...
Page 490 (from chronos = time) candidate RP Control and Switching Module CSNP complete sequence number PDU CSPF constrained shortest path first C-TAG customer VLAN tag connection verification customer VLAN (tag) control word 7705 SAR OS Router Configuration Guide...
Page 491 IEEE 802.1p bits, in Ethernet or VLAN ingress packet headers, used to map traffic to up to eight forwarding classes dot1q IEEE 802.1q encapsulation for Ethernet interfaces dead peer detection 7705 SAR OS Router Configuration Guide...
Page 492 Ethernet in the first mile exterior gateway protocol EIA/TIA-232 Electronic Industries Alliance/Telecommunications Industry Association Standard 232 (also known as RS-232) excess information rate ELER egress label edge router E&M ear and mouth earth and magneto exchange and multiplexer 7705 SAR OS Router Configuration Guide...
Page 493 FEAC far-end alarm and control forwarding equivalence class FECN forward explicit congestion notification FeGW far-end gateway fixed filter fast fault detection forwarding information base 7705 SAR OS Router Configuration Guide...
Page 494 Global System for Mobile Communications (2G) high availability high capacity multiplexing HDB3 high density bipolar of order 3 HDLC high-level data link control protocol header error control HMAC hash message authentication code 7705 SAR OS Router Configuration Guide...
Page 495 Internet Enhanced Service IETF Internet Engineering Task Force interior gateway protocol instance ID internet key exchange ILER ingress label edge router incoming label map inverse multiplexing over ATM INVARP inverse address resolution protocol input/output module 7705 SAR OS Router Configuration Guide...
Page 496 LFIB label forwarding information base label information base LLDP link layer discovery protocol LLDPDU link layer discovery protocol data unit link loss forwarding 7705 SAR OS Router Configuration Guide...
Page 497 MA-ID maintenance association identifier make-before-break MBMS multimedia broadcast multicast service maximum buffer space maximum burst size media buffer space MBSP mobile backhaul service provider MC-APS multi-chassis automatic protection switching 7705 SAR OS Router Configuration Guide...
Page 498 MI-IS-IS multi-instance IS-IS minimum information rate MLPPP multilink point-to-point protocol merge point multilink protocol MP-BGP multiprotocol border gateway protocol MPLS multiprotocol label switching MPLSCP multiprotocol label switching control protocol MPT protection protocol 7705 SAR OS Router Configuration Guide...
Page 499 NAT-T network address translation traversal NBMA non-broadcast multiple access (network) network element network entity title NHLFE next hop label forwarding entry NHOP next-hop 7705 SAR OS Router Configuration Guide...
Page 500 3 outgoing interface optical line termination optical network terminal out-of-band off premises extension outbound route filtering operating system Open Systems Interconnection (reference model) OSINLCP OSI Network Layer Control Protocol OSPF open shortest path first 7705 SAR OS Router Configuration Guide...
Page 501 0 PFoE power feed over Ethernet perfect forward secrecy per-hop behavior physical layer protocol ID PIM SSM protocol independent multicast—source-specific multicast peak information rate PLAR private line automatic ringdown PLCP Physical Layer Convergence Protocol 7705 SAR OS Router Configuration Guide...
Page 502 PVCC permanent virtual channel connection pseudowire pseudowire emulation PWE3 pseudowire emulation edge-to-edge Q.922 ITU-T Q-series Specification 922 quality level quality of service RADIUS Remote Authentication Dial In User Service Radio Access Network 7705 SAR OS Router Configuration Guide...
Page 503 RSTP rapid spanning tree protocol RSVP-TE resource reservation protocol - traffic engineering receive/transmit routing table manager battery return real-time protocol R&TTE Radio and Telecommunications Terminal Equipment remote terminal unit rack unit 7705 SAR OS Router Configuration Guide...
Page 504 12 Ethernet ports and 8 T1/E1 ports • passively cooled chassis with 12 Ethernet ports and no T1/E1 ports SAR-F 7705 Service Aggregation Router – fixed form-factor chassis SAR-H 7705 Service Aggregation Router – temperature- and EMC-hardened to the following specifications: IEEE 1613 and IEC 61850-3 SAR-Hc 7705 Service Aggregation Router –...
Page 505 List of Acronyms Table 64: Acronyms (Continued) Acronym Expansion SAR-O 7705 Service Aggregation Router passive CWDM device – three variants; each with different models: • The 2-wavelength CWDM dual-fiber variant is a bidirectional variant that is used to drop and add two specific wavelengths from the network;...
Page 506 Table 64: Acronyms (Continued) Acronym Expansion SAR-Wx 7705 Service Aggregation Router – passively cooled, universal AC powered unit; there are six variants: • a unit that is equipped with an AC power input connector, five Gigabit Ethernet data ports (three...
Page 507 SONET synchronous optical networking S-PE switching provider edge router shortest path first security parameter index shortest path tree service router (includes 7710 SR, 7750 SR) SRLG shared risk link group secure shell 7705 SAR OS Router Configuration Guide...
Page 508 LDP transport layer security type length value traffic management time of day type of service T-PE terminating provider edge router TPID tag protocol identifier TPIF IEEE C37.94 teleprotection interface TPMR two-port MAC relay 7705 SAR OS Router Configuration Guide...
Page 509 VCCV virtual circuit connectivity verification virtual circuit identifier VLAN ID VLAN virtual LAN virtual leased line VoIP voice over IP peak voltage virtual path virtual path connection virtual path identifier 7705 SAR OS Router Configuration Guide...
Page 510 WCDMA wideband code division multiple access (transmission protocol used in UMTS networks) WRED weighted random early discard wait to restore X.21 ITU-T X-series Recommendation 21 7705 SAR OS Router Configuration Guide...
Page 511: Standards And Protocol Support
Standards and Protocol Support This chapter lists the 7705 SAR compliance with EMC, environmental, and safety standards, telecom standards, and supported protocols: • EMC Industrial Standards Compliance • EMC Regulatory and Customer Standards Compliance • Environmental Standards Compliance • Safety Standards Compliance •...
Page 512: Table 65 Emc Industrial Standards Compliance
✓ ✓ ✓ IEC 61850-3 Communication networks and systems for power utility automation - Part 3: General requirements ✓ ✓ ✓ IEC/AS 60870.2.1 Telecontrol equipment and systems. Operating conditions. Power supply and electromagnetic compatibility 7705 SAR OS Router Configuration Guide...
Page 513: Table 66 Emc Regulatory And Customer Standards Compliance
(equipment input current <16A per phase) ✓ ✓ ✓ IEC 61000-3-3 Limits for voltage fluctuations and ✓ ✓ ✓ ✓ ✓ ✓ ✓ flicker in low-voltage supply systems for equipment with rated current <16A 7705 SAR OS Router Configuration Guide...
Page 514 ✓ ✓ ✓ ✓ ✓ ✓ Radio disturbance characteristics. Limits and methods of measurement ✓ ✓ ✓ ✓ ✓ ✓ ✓ KC Notice Emission EMS standard: NRRA notice (KN22) and Immunity (KN24) (South Korea) 7705 SAR OS Router Configuration Guide...
Page 515: Table 67 Environmental Standards Compliance
✓ ETSI EN 300 019-2-4 Specification of environmental tests; v2.2.2 class T4.1 Stationary use at non-weatherprotected locations Telcordia GR-63- NEBS Requirements: Physical ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ CORE Protection 7705 SAR OS Router Configuration Guide...
Page 516: Table 68 Safety Standards Compliance
IEC/EN Information technology equipment - 60950-1 Safety - Part 1: General requirements AS/NZS 60950-1 Information technology equipment - ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ Safety - Part 1: General requirements 7705 SAR OS Router Configuration Guide...
Page 517: Table 69 Directives, Regional Approvals And Certifications Compliance
Radio and Telecommunication EC R&TTE Terminal Equipment (R&TTE) OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ EU Directive 2004/ Electromagnetic Compatibility (EMC) 108/EC EMC 7705 SAR OS Router Configuration Guide...
Page 518 ✓ ✓ ✓ ✓ ✓ ✓ TL9000 certified ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ISO 14001 certified ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ISO 9001:2008 certified 7705 SAR OS Router Configuration Guide...
Page 519 ITU-T G.704—Synchronous frame structures used at 1544, 6312, 2048, 8448 and 44 736 kbit/s hierarchical levels ITU-T G.707—Network node interface for the Synchronous Digital Hierarchy (SDH) ITU-T G.712 (E&M)—Transmission performance characteristics of pulse code modulation channels ITU-T G.813—Timing characteristics of SDH equipment slave clock (SEC) 7705 SAR OS Router Configuration Guide...
Page 520: Protocol Support
GR-1248-CORE—Generic Requirements for Operations of ATM Network Elements (NEs). Issue 3 June 1996 GR-1113-CORE—Bellcore, Asynchronous Transfer Mode (ATM) and ATM Adaptation Layer (AAL) Protocols Generic Requirements, Issue 1, July 1994 AF-PHY-0086.001—Inverse Multiplexing for ATM (IMA) 7705 SAR OS Router Configuration Guide...
Page 521 RFC 1534—Interoperation between DHCP and BOOTP RFC 2131—Dynamic Host Configuration Protocol (REV) RFC 2132—DHCP Options and BOOTP Vendor Extensions RFC 3046—DHCP Relay Agent Information Option (Option 82) RFC 3315—Dynamic Host Configuration Protocol for IPv6 7705 SAR OS Router Configuration Guide...
Page 522 ANSI T1.617 Annex D—Signalling Specification For Frame Relay Bearer Service ITU-T Q.922 Annex A—Digital Subscriber Signalling System No. 1 (DSS1) data link layer - ISDN data link layer specification for frame mode bearer services. FRF.1.2—PVC User-to-Network Interface (UNI) Implementation Agreement 7705 SAR OS Router Configuration Guide...
Page 523 RFC 1195—Use of OSI IS-IS for routing in TCP/IP & dual environments RFC 2763—Dynamic Hostname Exchange for IS-IS RFC 2966—Domain-wide Prefix Distribution with Two-Level IS-IS RFC 2973—IS-IS Mesh Groups RFC 3373—Three-Way Handshake for Intermediate System to Intermediate System (IS-IS) Point-to-Point Adjacencies 7705 SAR OS Router Configuration Guide...
Page 524 RFC 2013—UDP-MIB RFC 2030—Simple Network Time Protocol (SNTP) Version 4 for IPv4, IPv6 and OSI RFC 2096—IP-FORWARD-MIB RFC 2138—RADIUS RFC 2206—RSVP-MIB RFC 2571—SNMP-FRAMEWORKMIB RFC 2572—SNMP-MPD-MIB RFC 2573—SNMP-TARGET-&-NOTIFICATION-MIB RFC 2574—SNMP-USER-BASED-SMMIB RFC 2575—SNMP-VIEW-BASED ACM-MIB RFC 2576—SNMP-COMMUNITY-MIB 7705 SAR OS Router Configuration Guide...
Page 525 RFC 4203—Shared Risk Link Group (SRLG) sub-TLV RFC 1332—PPP Internet Protocol Control Protocol (IPCP) RFC 1570—PPP LCP Extensions RFC 1619—PPP over SONET/SDH RFC 1661—The Point-to-Point Protocol (PPP) RFC 1662—PPP in HDLC-like Framing RFC 1989—PPP Link Quality Monitoring 7705 SAR OS Router Configuration Guide...
Page 526 RFC 2865—Remote Authentication Dial In User Service RFC 2866—RADIUS Accounting RSVP-TE and FRR RFC 2430—A Provider Architecture for DiffServ & TE RFC 2961—RSVP Refresh Overhead Reduction Extensions RFC 2702—Requirements for Traffic Engineering over MPLS 7705 SAR OS Router Configuration Guide...
Page 527 GR 1244 CORE—Clocks for the Synchronized Network: Common Generic Criteria IEEE Std 1588-2008—IEEE Standard for a Precision Clock Synchronization Protocol for Networked Measurement and Control Systems TACACS+ IETF draft-grant-tacacs-02.txt—The TACACS+ Protocol TCP/IP RFC 768—User Datagram Protocol RFC 791—Internet Protocol 7705 SAR OS Router Configuration Guide...
Page 528 RFC 3768 Virtual Router Redundancy Protocol RFC 5798 Virtual Router Redundancy Protocol Version 3 for IPv4 and IPv6 Proprietary MIBs TIMETRA-ATM-MIB.mib TIMETRA-CAPABILITY-7705-V1.mib TIMETRA-CFLOWD-MIB.mib TIMETRA-CHASSIS-MIB.mib TIMETRA-CLEAR-MIB.mib TIMETRA-FILTER-MIB.mib TIMETRA-GLOBAL-MIB.mib TIMETRA-LDP-MIB.mib TIMETRA-LOG-MIB.mib TIMETRA-MPLS-MIB.mib TIMETRA-OAM-TEST-MIB.mib TIMETRA-PORT-MIB.mib TIMETRA-PPP-MIB.mib TIMETRA-QOS-MIB.mib TIMETRA-ROUTE-POLICY-MIB.mib TIMETRA-RSVP-MIB.mib TIMETRA-SAP-MIB.mib TIMETRA-SDP-MIB.mib TIMETRA-SECURITY-MIB.mib 7705 SAR OS Router Configuration Guide...
Page 529 Standards and Protocol Support TIMETRA-SERV-MIB.mib TIMETRA-SYSTEM-MIB.mib TIMETRA-TC-MIB.mib TIMETRA-VRRP-MIB.mib 7705 SAR OS Router Configuration Guide...
Page 530 Standards and Protocol Support 7705 SAR OS Router Configuration Guide...
Page 531 Customer documentation and product support Customer documentation http://documentation.alcatel-lucent.com Technical support http://support.alcatel-lucent.com Documentation feedback documentation.feedback@alcatel-lucent.com...
Page 532 © 2015 Alcatel-Lucent. All rights reserved. 3HE 09685 AAAA TQZZA Edition 01...