Alcatel-Lucent 7450 Configuration Manual
Hide thumbs
Also See for 7450:
- Quality of service manual (912 pages) ,
- Manual (816 pages) ,
- Configuration manual (778 pages)
Table of Contents
Advertisement
Quick Links
ROUTER CONFIGURATION GUIDE
Alcatel-Lucent 7450
ETHERNET SERVICE SWITCH | RELEASE 13.0.R1
ROUTER CONFIGURATION GUIDE
Alcatel-Lucent Proprietary
This document contains proprietary information of Alcatel-Lucent and is not to be disclosed or used except in
accordance with applicable agreements.
Copyright 2015 © Alcatel-Lucent. All rights reserved.
Advertisement
Table of Contents
Related Manuals for Alcatel-Lucent 7450
Summary of Contents for Alcatel-Lucent 7450
- Page 1 Alcatel-Lucent 7450 ETHERNET SERVICE SWITCH | RELEASE 13.0.R1 ROUTER CONFIGURATION GUIDE Alcatel-Lucent Proprietary This document contains proprietary information of Alcatel-Lucent and is not to be disclosed or used except in accordance with applicable agreements. Copyright 2015 © Alcatel-Lucent. All rights reserved.
- Page 2 This document may contain information regarding the use and installation of non-Alcatel-Lucent products. Please note that this information is provided as a courtesy to assist you. While Alcatel-Lucent tries to ensure that this information accurately reflects information provided by the supplier, please refer to the materials provided with any non-Alcatel-Lucent product and contact the supplier for confirmation.
-
Page 3: Table Of Contents
In This Chapter ..............17 Alcatel-Lucent 7450 ESS-Series Router Configuration Process ....... .17 IP Router Configuration In This Chapter . - Page 4 Virtual Router ID (VRID) ............342 Page 4 7450 ESS Router Configuration Guide...
- Page 5 Modifying Non-Owner Parameters ..........377 7450 ESS Router Configuration Guide...
- Page 6 Filter Management Tasks .............482 Page 6 7450 ESS Router Configuration Guide...
- Page 7 Command Hierarchies .............643 7450 ESS Router Configuration Guide...
- Page 8 ........... . .659 Page 8 7450 ESS Router Configuration Guide...
- Page 9 Table 22: Tools Dump Cflowd Top-flows Out put Fields ........654 7450 ESS Router Configuration Guide...
- Page 10 List of Tables Page 10 7450 ESS Router Configuration Guide...
- Page 11 Figure 24: Cflowd Configuration and Implementation Flow ........602 7450 ESS Router Configuration Guide...
- Page 12 List of Figures Page 12 7450 ESS Router Configuration Guide...
-
Page 13: Preface
Command Line Interface (CLI) syntax and command usage. Audience This guide is intended for network administrators who are responsible for configuring the 7450 ESS routers. It is assumed that the network administrators have an understanding of networking principles and configurations. -
Page 14: List Of Technical Publications
Preface List of Technical Publications The 7450 ESS documentation set is composed of the following guides: • 7450 ESS Basic System Configuration Guide This guide describes basic system configurations and operations. • 7450 ESS System Management Guide This guide describes system security and access configurations as well as event logging and accounting logs. - Page 15 Preface This guide describes Triple Play services and support provided by the 7450 ESS and presents examples to configure and implement various protocols and services. • 7450 ESS Quality of Service Guide This guide describes how to configure Quality of Service (QoS) policy management.
-
Page 16: Technical Support
Preface Technical Support If you purchased a service agreement for your 7450 ESS router and related products from a distributor or authorized reseller, contact the technical support staff for that distributor or reseller for assistance. If you purchased an Alcatel-Lucent service agreement, follow this link to contact an Alcatel-Lucent support representative and to access product manuals and documentation updates: http://support.alcatel-lucent.com... -
Page 17: Getting Started
In This Chapter This chapter provides process flow information to configure routing entities, virtual routers, IP and MAC filters. Alcatel-Lucent 7450 ESS-Series Router Configuration Pro- cess Table 1 lists the tasks necessary to configure logical IP routing interfaces, virtual routers, IP and MAC-based filtering, and Cflowd. -
Page 18: Getting Started
SR OS releases. Previous SR OS behavior can cause issues with operator scripts that use standard IPv6 address expressions and with libraries that have standard IPv6 parsing as per RFC 5952 rules. See the section on IPv6 Addresses in this guide for more information. Page 18 7450 ESS Router Configuration Guide... -
Page 19: Ip Router Configuration
Exporting an Inactive BGP Route from a VPRN on page 41 → Static Route Resolution Using Tunnels on page 51 → Weighted Load-Balancing over MPLS LSP on page 53 → Bi-directional Forwarding Detection on page 59 • Configuration Notes on page 73 7450 ESS Router Configuration Guide Page 19... -
Page 20: Configuring Ip Router Parameters
Confederations on page 38 • Proxy ARP on page 40 Refer to 7450 ESS OS Triple Play Guide for information about DHCP and support as well as configuration examples. on page 33 Interfaces Alcatel-Lucent routers use different types of interfaces for various functions. Interfaces must be configured with parameters such as the interface type (network and system) and address. -
Page 21: Network Domains
This means that all SAPs in VPLS will have queue reaching all fwd- complexes serving interfaces that belong to the same network-domains as the SDPs. It is possible to assign/remove network-domain association of the interface/SDP without requiring deletion of the respective object. 7450 ESS Router Configuration Guide Page 21... -
Page 22: System Interface
The system interface is also referred to as the loopback address and is used as the router identifier. A system interface must have an IP address with a 32- bit subnet mask. Page 22 7450 ESS Router Configuration Guide... -
Page 23: Unicast Reverse Path Forwarding Check (Urpf)
IP Router Configuration Unicast Reverse Path Forwarding Check (uRPF) This section applies to the 7750-SR, 7710-SR, 7950-SR and the 7450-ESS. uRPF helps to mitigate problems that are caused by the introduction of malformed or forged (spoofed) IP source addresses into a network by discarding IP packets that lack a verifiable IP source address. -
Page 24: Creating An Ip Address Range
10.10.0.0/16, and a new service prefix is configured as 10.10.10.0/24, then the 10.10.0.0/16 entry will be removed, provided that no services are configured that use 10.10.x.x addresses other than 10.10.10.x. Page 24 7450 ESS Router Configuration Guide... -
Page 25: Qos Policy Propagation Using Bgp (Qppb)
XYZ into the QoS class implied by the BGP community value. QPPB may also be used to request that traffic sourced from certain networks receive appropriate QoS handling in downstream nodes that may span different administrative domains. This can be 7450 ESS Router Configuration Guide Page 25... - Page 26 ISP’s network do not need to rely on QPPB to determine the correct forwarding-class to use for the traffic. Note however, that the DSCP or other COS markings could be left unchanged in the ISP’s network and QPPB used on every node. Page 26 7450 ESS Router Configuration Guide...
-
Page 27: Ip Router Configuration
Content Provider interface to determine fc AS 300 Provider Peer AS 200 ASBR 2 PE 1 ASBR 1 OSSG639 Figure 1: Use of QPPB to Differentiate Traffic in an ISP Network 7450 ESS Router Configuration Guide Page 27... -
Page 28: Qppb
A route policy that includes the fc command in one or more entries can be used in any import or export policy but the fc command has no effect except in the following types of policies: • VRF import policies: → config>service>vprn>vrf-import Page 28 7450 ESS Router Configuration Guide... - Page 29 IPv4 and IPv6 static routes. This is achieved using the following modified versions of the static- route commands: • static-route {ip-prefix/prefix-length|ip-prefix netmask} [fc fc-name [priority {low | high}]] next-hop ip-int-name|ip-address • static-route {ip-prefix/prefix-length|ip-prefix netmask} [fc fc-name [priority {low | high}]] indirect ip-address 7450 ESS Router Configuration Guide Page 29...
- Page 30 A:Dut-A# show router route-table 10.1.5.0/24 qos =============================================================================== Route Table (Router: Base) =============================================================================== Dest Prefix Type Proto Pref Next Hop[Interface Name] Metric ------------------------------------------------------------------------------- 10.1.5.0/24 Remote 15h32m52s PE1_to_PE2 h1, high ------------------------------------------------------------------------------- No. of Routes: 1 =============================================================================== A:Dut-A# Page 30 7450 ESS Router Configuration Guide...
- Page 31 Currently, QPPB is not supported for ingress MPLS traffic on network interfaces or on CsC PE’- CE’ interfaces (config>service>vprn>nw-if). Note: QPPB based on a source IP address is not supported for ingress subscriber management traffic on a group interface. QPPB When Next-Hops are Resolved by QPPB Routes 7450 ESS Router Configuration Guide Page 31...
-
Page 32: Qppb And Grt Lookup
Y if the IP filter action redirects the packet to the indirect next-hop IP address Y, even if X is matched by a route with a forwarding-class and priority QPPB and GRT Lookup Page 32 7450 ESS Router Configuration Guide... - Page 33 DSCP/IP prec/802.1p and if fc1 mapped to a profile mode queue then it is based on the profile state of fc1). Table 2 summarizes these interactions. 7450 ESS Router Configuration Guide Page 33...
-
Page 34: Table 2: Qppb Interactions With Sap Ingress Qos
If DE=1 override then From new From original FC mode queue low otherwise from base FC and sub-class QPPB. If no DEI or QPPB overrides then from original dot1p/ exp/DSCP mapping or policy default. Page 34 7450 ESS Router Configuration Guide... - Page 35 From new From original FC queue base FC packet is marked in or base FC and sub-class unless out of profile in which overridden case follows profile. by DE=1 Default is high priority 7450 ESS Router Configuration Guide Page 35...
-
Page 36: Router Id
If neither the system interface or router ID are implicitly specified, then the router ID is inherited from the last four bytes of the MAC address. • The router can be derived on the protocol level; for example, BGP. Page 36 7450 ESS Router Configuration Guide... -
Page 37: Autonomous Systems (As)
AS path, with other ASs using BGP. Routing tables contain lists of next hops, reachable addresses, and associated path cost metrics to each router. BGP uses the information and path attributes to compile a network topology. 7450 ESS Router Configuration Guide Page 37... -
Page 38: Confederations
Setting BGP policies to select an optimal path through a confederation requires other BGP modifications. There are no default confederations. Router confederations must be explicitly created. Figure 2 depicts a confederation configuration example. Page 38 7450 ESS Router Configuration Guide... -
Page 39: Figure 2: Confederation Configuration
Confederation 2002 AS 200 AS 300 Confederation Member 1 Confederation Member 3 ALA-B ALA-C ALA-E ALA-F AS 100 ALA-A ALA-D ALA-G AS 400 Confederation Member 2 AS 500 ALA-H SRSG005 Figure 2: Confederation Configuration 7450 ESS Router Configuration Guide Page 39... -
Page 40: Proxy Arp
Static ARP is used when an Alcatel-Lucent router needs to know about a device on an interface that cannot or does not respond to ARP requests. Thus, the configuration can state that if it has a packet with a certain IP address to send it to the corresponding ARP address. -
Page 41: Exporting An Inactive Bgp Route From A Vprn
PE. This “best-external” type of route advertisement is useful in active/standby multi-homing scenarios because it can ensure that all PEs have knowledge of the backup path provided by the standby PE. 7450 ESS Router Configuration Guide Page 41... -
Page 42: Dhcp Relay
DHCP Relay DHCP Relay Refer to 7450 ESSOS Triple Play Guide for information about DHCP and support provided by the 7450 ESS as well as configuration examples. Page 42 7450 ESS Router Configuration Guide... -
Page 43: Internet Protocol Versions
(optional) data confidentiality are specified for IPv6. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Version| Prio. | Flow Label +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Payload Length Next Header Hop Limit +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Source Address +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Destination Address +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 3: IPv6 Header Format 7450 ESS Router Configuration Guide Page 43... -
Page 44: Ipv6 Address Format
(/), shows how many bits of the address make up the network identifier. For example, the address 1080:6809:8086:6502::1/64 means that the first 64 bits of the address represent the network identifier; the remaining 64 bits represent the node identifier. Page 44 7450 ESS Router Configuration Guide... - Page 45 SR OS releases. Previous SR OS behavior can cause issues with operator scripts that use standard IPv6 address expressions and with libraries that have standard IPv6 parsing as per RFC 5952 rules. 7450 ESS Router Configuration Guide Page 45...
-
Page 46: Ipv6 Applications
IPIPE_007 Figure 4: IPv6 Internet Exchange • IPv6 transit services — Figure 5 shows IPv6 transit provided by an ISP. Customer 1 2001:0410:0001:/48 2001:0410::/32 Customer 2 2001:0410:0002:/4 IPIPE_008 Figure 5: IPv6 Transit Services Page 46 7450 ESS Router Configuration Guide... -
Page 47: Figure 6: Ipv6 Services To Enterprise Customers And Home Users
IPv6 in an environment where not only IPv4 exists but native IPv6 networks depend on IPv4 for greater IPv6 connectivity. Alcatel-Lucent router supports dynamic IPv6 over IPv4 tunneling. The ipv4 source and destination address are taken from configuration, the source address is the ipv4 system address and the ipv4 destination is the next hop from the configured 6over4 tunnel. -
Page 48: Dns
The DNS client is extended to use IPv6 as transport and to handle the IPv6 address in the DNS AAAA resource record from an IPv4 or IPv6 DNS server. An assigned name can be used instead of an IPv6 address since IPv6 addresses are more difficult to remember than IPv4 addresses. Page 48 7450 ESS Router Configuration Guide... -
Page 49: Ipv6 Provider Edge Router Over Mpls (6Pe)
MPLS labels. 6PE is a cost effective solution for IPv6 deployment. MP-BGP sessions 2001:0620 2001:0420 145:950.0 2001:0421 Dual Stack IPv4-IPv6 routers Dual Stack IPv4-IPv6 routers 2001:0621 IPv4 MPLS Fig_30 Figure 8: Example of a 6PE Topology within One AS 7450 ESS Router Configuration Guide Page 49... - Page 50 The egress 6PE router pops the top LDP tunnel label. It sees the IPv6 explicit null label, which indicates an IPv6 packet is encapsulated. It also pops the IPv6 explicit null label and performs an IPv6 route lookup to find out the next hop for the IPv6 packet. Page 50 7450 ESS Router Configuration Guide...
-
Page 51: Static Route Resolution Using Tunnels
The following tunnel types are supported in a static route context: RSVP and LDP. • The ldp value instructs the code to search for an LDP LSP with a FEC prefix corresponding to the address of the indirect next-hop. 7450 ESS Router Configuration Guide Page 51... -
Page 52: Static Route Ecmp Support
There is no support for mixing IP and tunnel next-hops for the same prefix using different indirect next-hops. Tunnel next-hops preferred over IP next-hops. Page 52 7450 ESS Router Configuration Guide... -
Page 53: Weighted Load-Balancing Over Mpls Lsp
Weighted Load Balancing IGP, BGP, and Static Route Prefix Packets over IGP Shortcut Feature Configuration The user must have IGP shortcut or forwarding adjacency feature enabled in one or more IGP instances: configure>router>ospf(isis)>rsvp-shortcut configure>router>ospf(isis)>advertise-tunnel-link 7450 ESS Router Configuration Guide Page 53... -
Page 54: Feature Behavior
LSP equal to the normalized LSP weight value. All prefixes resolving to the same set of ECMP tunnel next-hops use the same table. This feature follows the following procedures: Page 54 7450 ESS Router Configuration Guide... - Page 55 → CPM generated packets, including OAM packets, which are looked-up in RTM and which are forwarded over tunnel next-hops. These will continue to be forwarded using either regular ECMP or by selecting one next-hop from the set as in existing implementation. 7450 ESS Router Configuration Guide Page 55...
-
Page 56: Ecmp Considerations
This selection continues to follow the algorithm used in the IGP shortcut feature. Once the set of tunnel next-hops is selected, the LSP weight is used to modulate the amount of packets forwarded over each next-hop. Page 56 7450 ESS Router Configuration Guide... -
Page 57: Weighted Load Balancing Static Route Packets Over Mpls Lsp
Here is an example: /configure router static-route 5.5.5.5/32 indirect 1.0.0.2 /configure router static-route-entry 5.5.5.5/32 indirect 1.0.0.2 tunnel-next-hop rsvp-te lsp to-1.0.0.2-1 lsp to-1.0.0.2-2 7450 ESS Router Configuration Guide Page 57... - Page 58 LDP LSP, the regular ECMP spraying for the prefix will be performed. Page 58 7450 ESS Router Configuration Guide...
-
Page 59: Bi-Directional Forwarding Detection
IP TTL should be 255 but can still be processed if it is not (assuming the packet passes the enabled authentication mechanism). If multiple BFD sessions exist between two nodes, the BFD discriminator is used to de-multiplex the BFD control packet to the appropriate BFD session. 7450 ESS Router Configuration Guide Page 59... -
Page 60: Control Packet Format
The final bit. If set, the transmitting system is responding to a received BFD control packet that had the poll (P) bit set. Rsvd Reserved bits. These bits must be zero on transmit and ignored on receipt. Page 60 7450 ESS Router Configuration Guide... - Page 61 This is the minimum interval, in microseconds, between received BFD echo pack- Interval ets that this system is capable of supporting. If this value is zero, the transmitting system does not support the receipt of BFD echo packets. 7450 ESS Router Configuration Guide Page 61...
-
Page 62: Bfd For Rsvp-Te
POS interfaces (including APS) • Channelized interfaces (PPP, HDLC, FR and ATM) on ASAP (priority 1) and channelized MDAs (Priority 2) including link bundles and IMA • Spoke SDPs • LAG interfaces • VSM interfaces Page 62 7450 ESS Router Configuration Guide... -
Page 63: Echo Support
This allows the echo sender to send BFD echo packets at any rate. Note that the SR-OS router does not support the sending of echo requests, only the response to echo requests. 7450 ESS Router Configuration Guide Page 63... -
Page 64: Bfd Support For Bgp
The MPLS LSP associated with the spoke SDP can enter or egress from multiple interfaces on the box. BFD for these types of interfaces can not exist on the IOM itself. Page 64 7450 ESS Router Configuration Guide... -
Page 65: Figure 10: Bfd For Ies/Vprn Over Spoke Sdp
Note: VPRN VPRN In this case BFD is run between the IES/VPRN interfaces Metro Metro independent of the SPD/LSP paths POP 4 POP 3 Fig_31 Figure 10: BFD for IES/VPRN over Spoke SDP 7450 ESS Router Configuration Guide Page 65... -
Page 66: Figure 11: Bfd Over Lag
VSM, to get to the remote node. L2 Switch LAG i/f LAG i/f LAG i/f Note: In this case BFD is run between the IES interfaces independent of the LAG or its members Fig_32A Figure 11: BFD over LAG Page 66 7450 ESS Router Configuration Guide... -
Page 67: Aggregate Next Hop
2001:db8::/64 next-hop 2001:db8:abba::2 validate-next-hop In this case, when the Neighbor Cache entry for next-hop is INVALID or not populated, the static route must remain invalid/inactive. When an NC entry for next-hop is populated based on a 7450 ESS Router Configuration Guide Page 67... -
Page 68: Ldp Shortcut For Igp Route Resolution
The latter was used by LDP to validate and activate the FEC. RTM then resolves all user prefixes which succeed a longest prefix match against the /24 route entry to use the LDP LSP. Page 68 7450 ESS Router Configuration Guide... - Page 69 When the preferred RTM entry corresponds to a regular IP route, spraying will be performed across regular IP next-hops for the prefix. Spraying across regular IP next-hops and LDP-shortcut next-hops concurrently is not supported. 7450 ESS Router Configuration Guide Page 69...
- Page 70 There is no interaction between an LDP shortcut for BGP next-hop resolution and the LDP shortcut for IGP route resolution. BGP will continue to resolve a BGP next-hop to an LDP shortcut if the user enabled the following option in BGP: config>router>bgp>next-hop-resolution>shortcut-tunnel family ipv4 resolution-filter ldp Page 70 7450 ESS Router Configuration Guide...
- Page 71 FEC origination of IGP learned routes and subscriber/host routes statically configured or dynamically learned over subscriber IES interfaces. An LDP LSP used as a shortcut by IPv4 packets may also be tunneled using the LDP-over-RSVP feature. 7450 ESS Router Configuration Guide Page 71...
-
Page 72: Process Overview
Autonomous system — (Optional) An autonomous system (AS) is a collection of networks that are subdivided into smaller, more manageable areas. • Confederation — (Optional) Creates confederation autonomous systems within an AS to reduce the number of IBGP sessions required within an AS. Page 72 7450 ESS Router Configuration Guide... -
Page 73: Configuration Notes
A system interface and associated IP address should be specified. • Boot options file (BOF) parameters must be configured prior to configuring router parameters. • Confederations can be configured before protocol connections (such as BGP) and peering parameters are configured. 7450 ESS Router Configuration Guide Page 73... - Page 74 Configuration Notes Page 74 7450 ESS Router Configuration Guide...
-
Page 75: Configuring An Ip Router With Cli
Service Management Tasks on page 92 • Service Management Tasks on page 92 → Changing the System Name on page 92 → Modifying Interface Parameters on page 93 → Deleting a Logical IP Interface on page 94 7450 ESS Router Configuration Guide Page 75... -
Page 76: Router Configuration Overview
Router Configuration Overview Router Configuration Overview In an Alcatel-Lucent router, an interface is a logical named entity. An interface is created by specifying an interface name under the context. This is the global router configure>router configuration context where objects like static routes are defined. An IP interface name can be up to 32 alphanumeric characters long, must start with a letter, and is case-sensitive;... -
Page 77: Basic Configuration
# Router Configuration #------------------------------------------ router interface "system" address 10.10.10.103/32 exit interface "to-104" address 10.0.0.103/24 port 1/1/1 exit exit autonomous-system 100 confederation 1000 members 100 200 300 router-id 10.10.10.103 exit isis exit #------------------------------------------ A:ALA-A> config# 7450 ESS Router Configuration Guide Page 77... -
Page 78: Common Configuration Tasks
The following example displays the system name output. A:ALA-A>config>system# info #------------------------------------------ # System Configuration #------------------------------------------ name "ALA-A" location "Mt.View, CA, NE corner of FERG 1 Building" coordinates "37.390, -122.05500 degrees lat." snmp exit Page 78 7450 ESS Router Configuration Guide... -
Page 79: Configuring Interfaces
To configure a network interface: CLI Syntax: config>router interface interface-name address ip-addr{/mask-length | mask} [broadcast {all- ones | host-ones}] cflowd {acl | interface} egress filter ip ip-filter-id ingress filter ip ip-filter-id port port-name 7450 ESS Router Configuration Guide Page 79... - Page 80 10 exit exit #------------------------------------------ A:ALA-A>config>router# To enable CPU protection: CLI Syntax: config>router interface interface-name cpu-protection policy-id CPU protection policies are configured in the config>sys>security>cpu-protection context. See the OS System Management Guide. Page 80 7450 ESS Router Configuration Guide...
-
Page 81: Configuring Ipv6 Parameters
[number seconds] time-exceeded [number seconds] unreachables [number seconds] neighbor ipv6-address mac-address The following displays a configuration example showing interface information. A:ALA-49>config>router>if# info ---------------------------------------------- address 10.11.10.1/24 port 1/2/37 ipv6 address 10::1/24 exit ---------------------------------------------- A:ALA-49>config>router>if# 7450 ESS Router Configuration Guide Page 81... -
Page 82: Router Advertisement
The following displays a router advertisement configuration example. *A:sim131>config>router>router-advert# info ---------------------------------------------- interface "n1" prefix 2001:db8:3::/64 exit use-virtual-mac no shutdown exit ---------------------------------------------- *A:sim131>config>router>router-advert# interface n1 *A:sim131>config>router>router-advert>if# prefix 2001:db8:3::/64 Page 82 7450 ESS Router Configuration Guide... - Page 83 IP Router Configuration ---------------------------------------------- autonomous on-link preferred-lifetime 604800 valid-lifetime 2592000 ---------------------------------------------- *A:tahi>config>router>router-advert>if>prefix# 7450 ESS Router Configuration Guide Page 83...
-
Page 84: Configuring Proxy Arp
For more information about route policies, refer to the OS Routing Protocols Guide. • Apply the policy statement to the proxy-arp configuration in the config>router>interface context. CLI Syntax: config>router# policy-options begin commit prefix-list name prefix ip-prefix/mask [exact|longer|through length|prefix-length-range length1-length2] Page 84 7450 ESS Router Configuration Guide... - Page 85 "prefixlist1" exit prefix-list "prefixlist2" exit action reject exit default-action accept exit exit ---------------------------------------------- A:ALA-49>config>router>policy-options# Use the following CLI to configure proxy ARP: CLI Syntax: config>router>interface interface-name local-proxy-arp proxy-arp-policy policy-name [policy-name...(upto 5 max)] remote-proxy-arp 7450 ESS Router Configuration Guide Page 85...
- Page 86 Configuring Interfaces The following displays a proxy ARP configuration example: A:ALA-49>config>router>if# info ---------------------------------------------- address 128.251.10.59/24 local-proxy-arp proxy-arp policy-statement "ProxyARPpolicy" exit ---------------------------------------------- A:ALA-49>config>router>if# Page 86 7450 ESS Router Configuration Guide...
-
Page 87: Creating An Ip Address Range
A no service-prefix ip-prefix/mask service prefix cannot be removed while one or more services use address(es) in the range to be removed. CLI Syntax: config>router service-prefix ip-prefix/mask [exclusive] 7450 ESS Router Configuration Guide Page 87... -
Page 88: Deriving The Router Id
{ip-address/mask | ip-address netmask} [broad- cast all-ones | host-ones] The following example displays a router ID configuration: A:ALA-4>config>router# info #------------------------------------------ # IP Configuration #------------------------------------------ interface "system" address 10.10.0.4/32 exit . . . router-id 10.10.0.4 #------------------------------------------ A:ALA-4>config>router# Page 88 7450 ESS Router Configuration Guide... -
Page 89: Configuring A Confederation
The following displays a confederation example. A:ALA-B>config>router# info #------------------------------------------ # IP Configuration #------------------------------------------ interface "system" address 10.10.10.103/32 exit interface "to-104" shutdown address 10.0.0.103/24 port 1/1/1 exit autonomous-system 100 confederation 2002 members 200 300 400 router-id 10.10.10.103 #------------------------------------------ A:ALA-B>config>router# 7450 ESS Router Configuration Guide Page 89... -
Page 90: Configuring An Autonomous System
The following displays an autonomous system configuration example: A;ALA-A>config>router# info #------------------------------------------ # IP Configuration #------------------------------------------ interface "system" address 10.10.10.103/32 exit interface "to-104" address 10.0.0.103/24 port 1/1/1 exit exit autonomous-system 100 router-id 10.10.10.103 #------------------------------------------ A:ALA-A>config>router# Page 90 7450 ESS Router Configuration Guide... -
Page 91: Configuring Overload State On A Single Sfm
IGP will cause PIM to join the new path and prune the old path, which effectively reroutes the multicast traffic downstream. When the problem is resolved, the overload condition is cleared, which will cause the traffic to be routed back to the router. 7450 ESS Router Configuration Guide Page 91... -
Page 92: Service Management Tasks
"TGIF" location "Mt.View, CA, NE corner of FERG 1 Building" coordinates "37.390, -122.05500 degrees lat." synchronize snmp exit security snmp community "private" rwa version both exit exit . . . ---------------------------------------------- A:TGIF>config>system# Page 92 7450 ESS Router Configuration Guide... -
Page 93: Modifying Interface Parameters
A:ALA-A>config>router>if# no shutdown The following example displays the interface configuration: A:ALA-A>config>router# info #------------------------------------------ # IP Configuration #------------------------------------------ interface "system" address 10.0.0.103/32 exit interface "to-sr1" address 10.0.0.25/24 port 1/1/2 exit router-id 10.10.0.3 #------------------------------------------ A:ALA-A>config>router# 7450 ESS Router Configuration Guide Page 93... -
Page 94: Deleting A Logical Ip Interface
2. After the interface has been shut down, it can then be deleted with the no interface command. CLI Syntax: config>router no interface ip-int-name Example config>router# interface test-interface config>router>if# shutdown config>router>if# exit config>router# no interface test-interface config>router# Page 94 7450 ESS Router Configuration Guide... -
Page 95: Ip Router Command Reference
• Router Interface IPv6 Commands on page 105 • Router Advertisement Commands on page 106 • Show Commands on page 107 • Clear Commands on page 109 • Debug Commands on page 110 7450 ESS Router Configuration Guide Page 95... - Page 96 — sgt-qos — application dscp-app-name dscp {dscp-value | dscp-name} — application dot1p-app-name dot1p dot1p-priority — no application {dscp-app-name | dot1p-app-name} — dscp dscp-name fc fc-name — [no] dscp dscp-name — single-sfm-overload [holdoff-time holdoff-time] Page 96 7450 ESS Router Configuration Guide...
- Page 97 — origin-validation — [no] rpki-session ip-address — [no] connect-retryseconds — [no] description string — [no] local-address ip-address — [no] port number — [no] refresh-time seconds hold-time seconds — [no] shutdown — [no] stale-time seconds 7450 ESS Router Configuration Guide Page 97...
- Page 98 — no transmit-interval — receive-interval receive-interval — no receive-interval — cv-tx transmit-interval — no cv-tx — echo-receive echo-interval — no echo-receive — multiplier multiplier — no multiplier — [no] type cpm-np Page 98 7450 ESS Router Configuration Guide...
- Page 99 — no password — — authentication {chap|pap|pref-chap} — authentication-policy auth-policy-name — no authentication-policy — default-group-interface ip-int-name service-id service-id — no default-group-interface — keepalive seconds [hold-up-multiplier multiplier] — no keepalive — mtu-bytes — no 7450 ESS Router Configuration Guide Page 99...
- Page 100 — [no] shutdown — next-attempt {same-preference-level | next-preference-level} — no next-attempt — replace-result-code code [code...(upto 3 max)] — no replace-result-code — peer-address-change-policy {accept | ignore | reject} — receive-window-size [4..1024] — no receive-window-size Page 100 7450 ESS Router Configuration Guide...
- Page 101 — add-tunnel never — add-tunnel on reason>[reason...(upto 8 max)] — no add-tunnel — add-tunnel — max-list-length count — no max-list-length — max-time minutes — no max-time — timeout-action action — no timeout-action 7450 ESS Router Configuration Guide Page 101...
- Page 102 — [no] service-id — string text — no string — [no] system-id — python-policy <[256 chars max]> — no python-policy — [no] relay-plain-bootp — server server1 [server2...(up to 8 max)] — no server Page 102 7450 ESS Router Configuration Guide...
- Page 103 — port port-name — no port — [no] proxy-arp-policy — [no] ptp-hw-assist — qos-route-lookup [source | destination] — no qos-route-lookup — network-policy-id [egress-port-redirect-group queue-group-name] [egress- instance instance-id]] [ingress-fp- redirect-group queue-group-name ingress- instance instance-id] 7450 ESS Router Configuration Guide Page 103...
- Page 104 — [no] srlg-enable — protection-type {link | node} — no protection-type — nh-type {ip | tunnel} — no nh-type For router interface VRRP commands, see VRRP Command Reference on page 379. Page 104 7450 ESS Router Configuration Guide...
- Page 105 — tcp-mss mss-value — no tcp-mss — [no] urpf-check — mode {strict | loose | strict-no-ecmp} — no mode — [no] qos-route-lookup — [no] urpf-check — mode {strict | loose} — no mode 7450 ESS Router Configuration Guide Page 105...
- Page 106 — valid-lifetime {seconds | infinite} — no valid-lifetime — reachable-time milli-seconds — no reachable-time — retransmit-time milli-seconds — no retransmit-time — router-lifetime seconds — no router-lifetime — [no] shutdown — [no] use-virtual-mac Page 106 7450 ESS Router Configuration Guide...
- Page 107 (v3)] [group group-name] [assignment-id assign- ment-id] [local-name host-name] [remote-name host-name]| tunnel [statistics] [detail] [peer ip-address] [state tunnel-state] [remote-tunnel-id remote-tunnel-id (v2)] [group group-name] [assignment-id assignment-id] [local-name host- name] [remote-name host-name] — tunnel tunnel-id tunnel-id (v2) [statistics] [detail] 7450 ESS Router Configuration Guide Page 107...
- Page 108 [ip-address | ip-int-name | mac ieee-mac-addr] — static-route [family] [[ip-prefix /mask]| [preference preference] | [next-hop ip-address] | [tag tag] [detail] — status — routes — tunnel-table [ip-address[/mask]] | [protocol protocol | sdp sdp-id] [summary] — neighbor [interface-name] Page 108 7450 ESS Router Configuration Guide...
- Page 109 — statistics — tunnel tunnel-id — statistics — neighbor {all | ip-address} — neighbor [interface ip-int-name | ip-address] — router-advertisement — router-advertisement [interface interface-name] — forwarding-table [slot-number] — interface [ip-int-name | ip-addr] [icmp] 7450 ESS Router Configuration Guide Page 109...
- Page 110 — [no] neighbor — packet [ip-int-name | ip-address] [headers] [protocol-id] — no packet [ip-int-name | ip-address] — route-table [ip-prefix/prefix-length] [longer] — no route-table — tunnel-table [ip-address] [ldp | rsvp [tunnel-id tunnel-id]| sdp [sdp-id sdp-id]] Page 110 7450 ESS Router Configuration Guide...
-
Page 111: Configuration Commands
— The description character string. Allowed values are any string up to 80 characters long composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, etc.), the entire string must be enclosed within double quotes. 7450 ESS Router Configuration Guide Page 111... - Page 112 By default aggregate routes are not installed in the forwarding table, however there are configuration options that allow an aggregate route to be installed with a black-hole next hop or with an indirect IP address as next hop. The no form of the command removes the aggregate. Page 112 7450 ESS Router Configuration Guide...
- Page 113 FIB with a next-hop taken from the route used to forward packets to ip-address. Values ipv4-prefix a.b.c.d description description-text — Specifies a text description stored in the configuration file for a configuration context. autonomous-system Syntax autonomous-system autonomous-system no autonomous-system Context config>router 7450 ESS Router Configuration Guide Page 113...
- Page 114 Context config>router Description This command enables ECMP and configures the number of routes for path sharing; for example, the value 2 means two equal cost routes will be used for cost sharing. Page 114 7450 ESS Router Configuration Guide...
- Page 115 IGP computes the normalized weight for each prefix tunnel next-hop. IGP updates the route in RTM with the set of tunnel next-hops and normalized weights. RTM downloads the information to IOM for inclusion in the FIB. 7450 ESS Router Configuration Guide Page 115...
- Page 116 GRT context for BGP shortcut, 6PE, and BGP label route prefixes, or in VPRN context for VPRN and 6VPE prefixes. It then forwards it to the destination, which is the sender of the original packet which TTL expired at the LSR. Page 116 7450 ESS Router Configuration Guide...
- Page 117 OSPF prefixes and VPN-IPv6 OSPF prefixes forwarded to a VPRN SAP interface or spoke interface. IP FRR also provides a LFA backup next-hop for the destination prefix of a GRE tunnel used in an SDP or in VPRN auto-bind. 7450 ESS Router Configuration Guide Page 117...
- Page 118 — The percentage at which a warning log message and SNMP trap should be sent. Values 0 — 100 Default mpls-labels Syntax mpls-labels Context config>router Description This command creates a context for the configuration of glocal parameters related to MPLS labels. Page 118 7450 ESS Router Configuration Guide...
- Page 119 18432 — 524287 Default none end end-value — end label value in the SRGB Values 18432 — 524287 Default none multicast-info Syntax multicast-info-policy policy-name no multicast-info-policy Context configure>router Description This command configures multicast information policy. 7450 ESS Router Configuration Guide Page 119...
- Page 120 Description This command creates network-domains that can be associated with individual interfaces and SDPs. Default network-domain “default” Parameters network-domain-name — Network domain name character string. rpki-session Syntax rpki-session ip-address no rpki-session ip-address Page 120 7450 ESS Router Configuration Guide...
- Page 121 This command configures a description for an RPKI-Router session. Default no description Parameters description-string — Specifies a text string up to 80 characters in length. local-address Syntax local-address ip-address no local-address Context config>router>origin-validation>rpki-session 7450 ESS Router Configuration Guide Page 121...
- Page 122 PDU from the cache server resets the hold timer. When the hold-time expires, the session is considered to be DOWN and the stale timer is started. Default no referesh-time Parameters seconds1 — Specifies a time in seconds. Values 30-32767 seconds2 — Specifies a time in seconds. Values 60-65535 Page 122 7450 ESS Router Configuration Guide...
- Page 123 Note that static entries can only be configured under the config>router>origin-validation context of the base router. Default no static entries Parameters ip-prefix/ip-prefix-length — Specifies an IPv4 or IPv6 address with a minimum prefix length value. Values 60-3600 7450 ESS Router Configuration Guide Page 123...
- Page 124 — The 32 bit router ID expressed in dotted decimal notation or as a decimal value. service-prefix Syntax service-prefix ip-prefix/mask | ip-prefix netmask [exclusive] no service-prefix ip-prefix/mask | ip-prefix netmask Context config>router Description This command creates an IP address range reserved for IES or VPLS services. Page 124 7450 ESS Router Configuration Guide...
- Page 125 When this option is specified, the addresses configured are exclusively used for services and cannot be assigned to network ports. sgt-qos Syntax sgt-qos Context config>router Description This command configures DSCP/Dot1p re-marking for self-generated traffic. 7450 ESS Router Configuration Guide Page 125...
- Page 126 — Specifies the forward class name. Values be, l2, af, l1, h2, ef, h1, nc Page 126 7450 ESS Router Configuration Guide...
- Page 127 MPLS-TP LSP, then this timer is used for CC packets. Default no receive-interval Parameters receive-interval — Specifies the receive interval. Note that the minimum interval that can be configured is hardware dependent. Values 10 ms — 100,000 ms in 1 ms intervals 7450 ESS Router Configuration Guide Page 127...
- Page 128 This command specifies the detect multiplier used for a BFD session. If a BFD control packet is not received for a period of multiplier x receive-interval, then the session is declared down. Default Page 128 7450 ESS Router Configuration Guide...
- Page 129 [no] static-route {ip-prefix/prefix-length | ip-prefix netmask} [preference preference] [metric metric] [tag tag] [community comm-id] [enable | disable] indirect ip-address [cpe- check cpe-ip-address [interval seconds] [drop-count count] [log]] {prefix-list prefix-list- name [all | none]} |{fc fc-name [priority {low | high}]} 7450 ESS Router Configuration Guide Page 129...
- Page 130 LDP session comes up and the FECs exchanged. This option when enabled delays the activation of the static route until the LDP session comes up over the interface and the ldp-sync-timer configured on that interface has expired. Page 130 7450 ESS Router Configuration Guide...
- Page 131 The configured ip-addr is not directly connected to a network configured on this node. The destination can be reachable via multiple paths. The indirect address can only resolved from dynamic routing protocol. Another static route cannot be used to resolve the indirect address. 7450 ESS Router Configuration Guide Page 131...
-
Page 132: Table 5: Default Route Preferences
Table 5: Default Route Preferences Label Preference Configurable Direct attached Static-route OSPF Internal routes IS-IS level 1 internal IS-IS level 2 internal OSPF external IS-IS level 1 external IS-IS level 2 external Default Values 1 — 255 Page 132 7450 ESS Router Configuration Guide... - Page 133 CPE connectivity check. Events should be sent to the system log, syslog and SNMP traps. Sample Output *B:Dut-C# configure router "management" *B:Dut-C>config>router# info ---------------------------------------------- static-route 1.1.1.0/24 next-hop 172.31.117.1 static-route 1::/96 next-hop 3000::AC1F:7567 7450 ESS Router Configuration Guide Page 133...
- Page 134 Only next-hop is allowed with any extra parameters. *B:Dut-C>config>router# show router "management" static-? static-arp static-route *B:Dut-C>config>router# show router "management" static-route =============================================================================== Static Route Table (Router: management) Family: IPv4 =============================================================================== Prefix Pref Type Act Next Hop Interface ------------------------------------------------------------------------------- 1.1.1.0/24 172.31.117.1 Page 134 7450 ESS Router Configuration Guide...
- Page 135 IP host address that will be used by the IP interface within the subnet. This address must be unique within the subnet and specified in dotted decimal notation. Values ipv4-address a.b.c.d (host bits must be 0) 7450 ESS Router Configuration Guide Page 135...
- Page 136 Description This command is for indirect static routes using tunnel next-hops. When enabled, the static route will not be activated using IGP next-hops in RTM if no tunnel next-hops are found in TTM. Page 136 7450 ESS Router Configuration Guide...
- Page 137 This keeps the peer up, and the change made to a route policy is applied only to that peer or group of peers. 7450 ESS Router Configuration Guide Page 137...
- Page 138 — The TTL of the IP packet is not propagated into the transport label stack. all — The TTL of the IP packet is propagated into all labels of the transport label stack. Page 138 7450 ESS Router Configuration Guide...
- Page 139 Note that when an LSR swaps a label or stitches a label, it always writes the decremented TTL value into the outgoing swapped or stitched label. What this feature controls is whether this decremented 7450 ESS Router Configuration Guide Page 139...
- Page 140 Note however the default behavior for a given VPRN instance is to inherit the global configuration for the same command. The user can explicitly set the default behavior by configuring the inherit value. Page 140 7450 ESS Router Configuration Guide...
- Page 141 LDP shortcut configuration when the matching routing is a LSP shortcut route. It is governed by the BGP label route configuration when the matching route is a RFC 3107 label route or a 6PE route. 7450 ESS Router Configuration Guide Page 141...
- Page 142 — The TTL of the IP packet is propagated into the VC label and not into the labels in the transport label stack. all — The TTL of the IP packet is propagated into the VC label and all labels in the transport label stack. Page 142 7450 ESS Router Configuration Guide...
- Page 143 - Agent Remote Id - SAP ID, formatted as a character string - Logical Line ID exclude-avps Syntax exclude-avps calling-number no exclude-avps Context config>router>l2tp Description This command configures the L2TP AVPs to exclude. 7450 ESS Router Configuration Guide Page 143...
- Page 144 — CDN Result-Code 5 on LNS will be replaced with the result code 2 before it is sent to LAC. cdn-inv-dest — CDN Result-Code 6 on LNS will be replaced with the result code 2 before it is sent to LAC. Page 144 7450 ESS Router Configuration Guide...
- Page 145 (6) Requestor is being shutdown Or in the case that the StopCCN with the following result codes is transmitted: (4) Requestor is not authorized to establish a control channel. (5) Protocol version not supported 7450 ESS Router Configuration Guide Page 145...
- Page 146 (tunnel or peer) from the blacklist that was in this blacklist forthe longest time. Default unlimited Parameters unlimited — Specifies there is no limit. count — Specifies how many items (tunnels or peers) can be in the tunnel-selection-blacklist. Values 1..65635 Page 146 7450 ESS Router Configuration Guide...
- Page 147 This behavior will avoid session establishment delays in case that the tunnel just removed from the blacklist is still unavailable. peer-address-change-policy Syntax peer-address-change-policy {accept | ignore | reject} Context config>router>l2tp 7450 ESS Router Configuration Guide Page 147...
- Page 148 [create] no group tunnel-group-name Context config>router>l2tp Description This command configures an L2TP tunnel group. Parameters tunnel-group-name — Specifies a name string to identify a L2TP group up to 63 characters in length. Page 148 7450 ESS Router Configuration Guide...
- Page 149 Default no avp-hiding Values sensitive — AVP hiding is used only for sensitive information (such as username/ password). always — AVP hiding is always used. challenge Syntax challenge always no challenge Context config>router>l2tp>group 7450 ESS Router Configuration Guide Page 149...
- Page 150 — Specifies that the LAC will send all L2TP packets with the DF bit set to 1. never — Specifies that the LAC will send all L2TP packets with the DF bit set to 0. default — Follows the DF-bit configuration specified on upper levels. Page 150 7450 ESS Router Configuration Guide...
- Page 151 Values 60 — 3600 idle-timeout Syntax idle-timeout idle-timeout no idle-timeout Context config>router>l2tp>group Description This command configures the period of time that an established tunnel with no active sessions will persist before being disconnected. 7450 ESS Router Configuration Guide Page 151...
- Page 152 ISA MDA; this may be useful or required in certain cases, for example: • MLPPP with multiple links per bundle; • HPol intermediate destination arbiters where the intermediate destination is an L2TP tunnel. local-address Syntax local-address ip-address Page 152 7450 ESS Router Configuration Guide...
- Page 153 The no form of the command removes the value from the configuration. Default no max-retries-estab Parameters max-retries — Specifies the maximum number of retries for an established tunnel. Default no max-retries-estab Values 2 — 7 max-retries-not-estab Syntax max-retries-not-estab max-retries 7450 ESS Router Configuration Guide Page 153...
- Page 154 — Specifies the key is entered in a more complex encrypted form. If the hash2 parameter is not used, the less encrypted hash form is assumed. Default no password Syntax Context config>router>l2tp>group Description This command configures PPP for the L2TP tunnel group. Page 154 7450 ESS Router Configuration Guide...
- Page 155 — Specifies the service name (instead of service ID). Values 64 chars max keepalive Syntax keepalive seconds [hold-up-multiplier multiplier] no keepalive Context config>router>l2tp>group>ppp Description This command configures the PPP keepalive interval and multiplier. 7450 ESS Router Configuration Guide Page 155...
- Page 156 This command configures the use of the proxy LCP AVPs received from the LAC. user-db Syntax user-db local-user-db-name no user-db Context config>router>l2tp>group>ppp Description This command configures the local user database to use for PPP PAP/CHAP authentication. Page 156 7450 ESS Router Configuration Guide...
- Page 157 (system, group, tunnel). The no form of the command removes the value from the configuration. Default no session-limit Parameters session-limit — Specifies the allowed number of sessions within the given context. Values 1 — 131071 7450 ESS Router Configuration Guide Page 157...
- Page 158 — Specifies the method to be used for the authentication of the tunnel. Values never — AVP hiding is not used. sensitive — AVP hiding is used only for sensitive information (such as username/ Page 158 7450 ESS Router Configuration Guide...
- Page 159 — Specifies the time interval, in seconds, between two consecutive tunnel Hello messages. Values 60 — 3600 infinite — Specifies that no hello messages are sent. idle-timeout Syntax idle-timeout idle-timeout idle-timeout infinite no idle-timeout Context config>router>l2tp>group>tunnel 7450 ESS Router Configuration Guide Page 159...
- Page 160 Parameters preference — Specifies the tunnel preference number with its group. The value 0 corresponds to the highest preference. Values 0 — 16777215 remote-name Syntax remote-name host-name no remote-name Context config>router>l2tp>group>tunnel Page 160 7450 ESS Router Configuration Guide...
- Page 161 — A tunnel will be forced to the blacklist in case that StopCCN message with the following Result Codes is received: (1) General request to clear control connection 7450 ESS Router Configuration Guide Page 161...
- Page 162 (tunnel or peer) from the blacklist that was in this blacklist forthe longest time. Default unlimited Parameters unlimited — Specifies there is no limit. count — Specifies how many items (tunnels or peers) can be in the tunnel-selection-blacklist. Values 1..65635 Page 162 7450 ESS Router Configuration Guide...
- Page 163 This behavior will avoid session establishment delays in case that the tunnel just removed from the blacklist is still unavailable. 7450 ESS Router Configuration Guide Page 163...
- Page 164 Although not a keyword, the ip-int-name “system” is associated with the network entity (such as a specific 7450 ESS), not a specific interface. The system interface is also referred to as the loopback address.
- Page 165 MPLS/RSVP will need to be re-added. If the no form of the command is executed then ptp-hw-assist is disabled. If a new address is entered while another address is still active, the new address will be rejected. Default No IP address is assigned to the IP interface. 7450 ESS Router Configuration Guide Page 165...
- Page 166 The broadcast format on an IP interface can be specified when the IP address is assigned or changed. Page 166 7450 ESS Router Configuration Guide...
- Page 167 — The minimum number of seconds a learned ARP entry is stored in the ARP table, expressed as a decimal integer. A value of 0 specifies that the timer is inoperative and learned ARP entries will not be aged. Values 0 — 65535 7450 ESS Router Configuration Guide Page 167...
- Page 168 — Sets the minimum echo receive interval, in milliseconds, for the session. Values 100 — 100000 Default cflowd-parameters Syntax cflowd-parameters no cflowd-parameters Context config>router>interface Description This command creates the configuration context to configure cflowd parameters for the associated IP interfaces. Page 168 7450 ESS Router Configuration Guide...
- Page 169 — Enables ingress sampling only on the associated interface. egress-only — Enables egress sampling only on the associated interface. both — Enables both ingress and egress cflowd sampling. cpu-protection Syntax cpu-protection policy-id no cpu-protection 7450 ESS Router Configuration Guide Page 169...
- Page 170 This command enables the collection of ingress interface IP stats. This command is only appliable to IP statistics, and not to uRPF statistics. If enabled, then the following statistics are collected: • IPv4 offered packets Page 170 7450 ESS Router Configuration Guide...
- Page 171 This command configures interface Admin Group memberships for this interface. if-srlg-group Syntax [no] if-srlg-group group-name [group-name...(upto 5 max)] Context config>router>interface Description This command configures interface SRLG Group memberships for this interface local-proxy-arp Syntax [no] local-proxy-arp Context config>router>interface 7450 ESS Router Configuration Guide Page 171...
- Page 172 Parameters link-map-profile-id — An integer from 1 to 32 that defines a unique lag link map profile on which the LAG the SAP/network interface exist. ldp-shortcut Syntax [no] ldp-shortcut Context config>router Page 172 7450 ESS Router Configuration Guide...
- Page 173 Next LDP hello adjacency is brought up with the neighbour. The LDP synchronization timer is started by IGP from the time the LDP session to the neighbor is UP over the interface. This is to allow time for the label-FEC bindings to be exchanged. 7450 ESS Router Configuration Guide Page 173...
- Page 174 This is a per interface setting. For load-balancing options that can also be enabled on the system level, the options enabled on the interface level overwrite system level configurations. Default not applicable Page 174 7450 ESS Router Configuration Guide...
- Page 175 IPv4/IPv6 (0x0100/0x0110). If the secondary check passes, the hash is performed using IP SA/DA fields in the expected IP header; otherwise (any of the check failed) label-stack hash is performed. spi-load-balancing Syntax [no] spi-load-balancing 7450 ESS Router Configuration Guide Page 175...
- Page 176 — Specifies the 48-bit MAC address for the IP interface in the form aa:bb:cc:dd:ee:ff or aa-bb-cc-dd-ee-ff, where aa, bb, cc, dd, ee and ff are hexadecimal numbers. Allowed values are any non-broadcast, non-multicast MAC and non-IEEE reserved MAC addresses. Page 176 7450 ESS Router Configuration Guide...
- Page 177 “default” network domain is assigned ntp-broadcast Syntax [no] ntp-broadcast Context config>router>interface Description This command enables SNTP broadcasts received on the IP interface. This parameter is only valid when the SNTP broadcast-client global parameter is configured. 7450 ESS Router Configuration Guide Page 177...
- Page 178 — The physical port identifier to associate with the IP interface. Values port-id slot/mda/port[.channel] ccag-id ccag-id.path-id[cc-type] ccag keyword 1 — 8 path-id a, b cc-type .sap-net, .net-sap lag-id lag-id keyword 1 — 800 gtg-id gmpls-tun-grp-id gmpls-tun-grp keyword 1 — 200 Page 178 7450 ESS Router Configuration Guide...
- Page 179 Use proxy ARP so the router responds to ARP requests on behalf of another device. Static ARP is used when a 7450 ESS needs to know about a device on an interface that cannot or does not respond to ARP requests. Thus, the SR OS configuration can state that if it has a packet that has a certain IP address to send it to the corresponding ARP address.
- Page 180 — Enables QoS classification of incoming IP packets based on the destination address matching a route with QoS information. Syntax qos network-policy-id [egress-port-redirect-group queue-group-name] [egress-instance instance-id]] [ingress-fp- redirect-group queue-group-name ingress-instance instance- no qos Context config>router>interface Page 180 7450 ESS Router Configuration Guide...
- Page 181 — Since multiple instances of the same ingress queue-group can be applied to the same forwarding plane this parameter is required to specify which particular instance to associate with this particular network IP interface. Values 1 — 16384 remote-proxy-arp Context config>router>interface 7450 ESS Router Configuration Guide Page 181...
- Page 182 The all-ones keyword following the broadcast parameter specifies that the broadcast address used by the IP interface for this IP address will be 255.255.255.255, also known as the local broadcast. Page 182 7450 ESS Router Configuration Guide...
- Page 183 The number of static-arp entries that can be configured on a single node is limited to 1000. Static ARP is used when a 7450 ESS needs to know about a device on an interface that cannot or does not respond to ARP requests. Thus, the SR OS configuration can state that if it has a packet that has a certain IP address to send it to the corresponding ARP address.
- Page 184 The default marking state for network IP interfaces is trusted. This is equivalent to declaring no tos- marking-state on the network IP interface. When undefined or set to tos-marking-state trusted, the trusted state of the interface will not be displayed when using show config or show info unless the Page 184 7450 ESS Router Configuration Guide...
- Page 185 [source | destination] no qos-route-lookup Context config>router>if config>router>if>ipv6 Description This command enables QoS classification of the ingress IP packets on an interface based on the QoS information associated with routes in the forwarding table. 7450 ESS Router Configuration Guide Page 185...
- Page 186 The no form of the command removes the static value and allows the TCP MSS value to be calculated based on the IP MTU value by subtracting the base IP and TCP header lengths from the IP MTU value (tcp_mss = ip_mtu – 40). Default no tcp-mss Page 186 7450 ESS Router Configuration Guide...
- Page 187 — When a packet is received on an interface in this mode and the SA matches an ECMP route the packet is dropped by uRPF. mh-primary-interface Syntax [no] mh-primary-interface Context config>router 7450 ESS Router Configuration Guide Page 187...
- Page 188 / — The forward slash is a parameter delimiter that separates the ipp-addr portion of the IP address from the mask that defines the scope of the local subnet. No spaces are allowed between the ip- Page 188 7450 ESS Router Configuration Guide...
- Page 189 The shutdown command administratively disables an entity. The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted. 7450 ESS Router Configuration Guide Page 189...
- Page 190 The system will also reject the creation of an admin-group if it re-uses the same group value but with a different name than an existing group. Page 190 7450 ESS Router Configuration Guide...
- Page 191 Syntax srlg-group group-name value group-value [penalty-weight penalty-weight] no srlg-group group-name Context config>router>if-attribute Description This command defines a Shared Risk Link Group (SRLG) which can be associated with an IP or MPLS interface. 7450 ESS Router Configuration Guide Page 191...
- Page 192 0 — 4294967295 penalty-weight penalty-weight — Specifies the integer value of the penalty weight that is assigned to the SRLG group. Values 0 — 65535 Default srlg-group Syntax srlg-group group-name [group-name...(up to 5 max)] Page 192 7450 ESS Router Configuration Guide...
- Page 193 A policy template can be used in both IS-IS and OSPF to apply the specific criteria to prefixes protected by LFA. Each instance of IS-IS or OSPF can apply the same policy template to one or more interface. 7450 ESS Router Configuration Guide Page 193...
- Page 194 The exclude-group statement simply prunes all links belonging to the specified admin group before making the LFA backup next-hop selection for a prefix. Page 194 7450 ESS Router Configuration Guide...
- Page 195 Note that the admin-group criteria are applied before running the LFA next-hop selection algorithm. The no form deletes the admin group constraint from the route next-hop policy template. Parameters group-name — Specifies the name of the group, up to 32 characters. 7450 ESS Router Configuration Guide Page 195...
- Page 196 The user can select if tunnel backup next-hop or IP backup next-hop is preferred. The default in SROS implementation is to prefer IP next-hop over tunnel next-hop. The implementation will fall back to the other type if no LFA next-hop of the preferred type is found. Page 196 7450 ESS Router Configuration Guide...
- Page 197 This is to allow the reset of the network to reconverge after a router failure before the anycast based label assignments are flushed from the forwarding plane. Values 0-65535 Default 7450 ESS Router Configuration Guide Page 197...
- Page 198 — The filter name acts as the ID for the IP filter policy expressed as a decimal integer. The filter policy must already exist within the config>filter>ip context. Values 1 — 16384 Page 198 7450 ESS Router Configuration Guide...
- Page 199 By default, generation of ICMP redirect messages is enabled at a maximum rate of 100 per 10 second time interval. The no form of the command disables the generation of ICMP redirects on the router interface. Default redirects 100 10 — Maximum of 100 redirect messages in 10 seconds. 7450 ESS Router Configuration Guide Page 199...
- Page 200 The rate at which ICMP unreachables is issued can be controlled with the optional number and seconds parameters by indicating the maximum number of destination unreachable messages that can be issued on the interface for a given time interval. Page 200 7450 ESS Router Configuration Guide...
- Page 201 The seconds parameter must also be specified. Values 10 — 1000 seconds — The time frame, in seconds, used to limit the number of ICMP unreachable messages that can be issued, expressed as a decimal integer. 7450 ESS Router Configuration Guide Page 201...
- Page 202 This command disables duplicate address detection (DAD) on a per-interface basis. This prevents the router from performing a DAD check on the interface. All IPv6 addresses of an interface with DAD disabled, immediately enter a preferred state, without checking for uniqueness on the interface. This Page 202 7450 ESS Router Configuration Guide...
- Page 203 — Limits the number of param-problem messages issued per the time frame specifed in the seconds parameter. Values 10 — 1000 seconds — Determines the time frame, in seconds, that is used to limit the number of param-problem messages issued per time frame. Values 1 — 60 7450 ESS Router Configuration Guide Page 203...
- Page 204 1 — 60 unreachables Syntax unreachables [number seconds] no unreachables Context config>router>if>ipv6>icmp6 Description This command configures the rate for ICMPv6 unreachable messages. When enabled, ICMPv6 host and network unreachable messages are generated by this interface. Page 204 7450 ESS Router Configuration Guide...
- Page 205 This command enables local proxy neighbor discovery on the interface. The no form of the command disables local proxy neighbor discovery. neighbor Syntax neighbor [ ipv6-address] [mac-address] no neighbor [ ipv6-address] Context config>router>if>ipv6 7450 ESS Router Configuration Guide Page 205...
- Page 206 7-bit ASCII characters. If the string contains special characters (#, $, spaces, etc.), the entire string must be enclosed within double quotes. The specified policy name(s) must already be defined. Page 206 7450 ESS Router Configuration Guide...
- Page 207 Option 82 sub-options. The no form of this command returns the system to the default. Default no option action Syntax action {replace | drop | keep} no action Context config>router>if>dhcp>option 7450 ESS Router Configuration Guide Page 207...
- Page 208 — Specifies that the SAP ID will be used. vlan-ascii-tuple — Specifies that the format will include VLAN-id and dot1p bits in addition to what is included in ascii-tuple already. The format is supported on dot1q and qinq ports only. Thus, Page 208 7450 ESS Router Configuration Guide...
- Page 209 This command enables the sending of the MAC address in the Alcatel-Lucent vendor specific suboption of the DHCP relay packet. The no form of the command disables the sending of the MAC address in the Alcatel-Lucent vendor specific suboption of the DHCP relay packet.
- Page 210 This command enables the sending of the service ID in the Alcatel-Lucent vendor specific suboption of the DHCP relay packet. The no form of the command disables the sending of the service ID in the Alcatel-Lucent vendor specific suboption of the DHCP relay packet.
- Page 211 IP Router Configuration Description This command specifies whether the system-id is encoded in the Alcatel-Lucent vendor specific sub- option of Option 82. Default None relay-plain-bootp Syntax [no] relay-plain-bootp Context config>router>if>dhcp Description This command enables the relaying of plain BOOTP packets.
- Page 212 This comman specifies a python policy. Python policies are configured in the config>python> python-policy name context. Parameters name — Specifies the name of an existing python script up to 32 characters in length. Page 212 7450 ESS Router Configuration Guide...
- Page 213 This command specifies the IPv6 DNS servers to include in the RDNSS option in Router Advertisements. When specified at the router advertisement level this applies to all interfaces that have include-dns enabled, unless the interfaces have more specific dns-options configured. Default none 7450 ESS Router Configuration Guide Page 213...
- Page 214 Syntax [no] interface ip-int-name Context config>router>router-advertisement Description This command configures router advertisement properties on a specific interface. The interface must already exist in the config>router>interface context. Default No interfaces are configured by default. Page 214 7450 ESS Router Configuration Guide...
- Page 215 Context config>router>router-advert>if Description This command configures the maximum interval between sending router advertisement messages. Default Parameters seconds — Specifies the maximum interval in seconds between sending router advertisement messages. Values 4 — 1800 7450 ESS Router Configuration Guide Page 215...
- Page 216 Context config>router>router-advert>if Description This command configures an IPv6 prefix in the router advertisement messages. To support multiple IPv6 prefixes, use multiple prefix statements. No prefix is advertised until explicitly configured using prefix statements. Page 216 7450 ESS Router Configuration Guide...
- Page 217 Default 604800 Parameters seconds — Specifies the remaining length of time in seconds that this prefix will continue to be preferred. 7450 ESS Router Configuration Guide Page 217...
- Page 218 — Specifies the length of time the router should be considered reachable. Values 0 — 3600000 retransmit-time Syntax retransmit-timer milli-seconds no retransmit-timer Context config>router>router-advert>if Description This command configures the retransmission frequency of neighbor solicitation messages. Default no retransmit-time Page 218 7450 ESS Router Configuration Guide...
- Page 219 If the virtual router is not the master, no router advertisement messages are sent. The no form of the command disables sending router advertisement messages. Default no use-virtual-mac 7450 ESS Router Configuration Guide Page 219...
- Page 220 Router Advertisement Commands Page 220 7450 ESS Router Configuration Guide...
-
Page 221: Show Commands
— Only displays ARP entries associated with the specified IP interface name. mac ieee-mac-addr — Only displays ARP entries associated with the specified MAC address. summary — Displays an abbreviate list of ARP entries. 7450 ESS Router Configuration Guide Page 221... - Page 222 No. of ARP Entries: 3 =============================================================================== A:ALA-A# show router ARP 10.10.0.3 =============================================================================== ARP Table =============================================================================== IP Address MAC Address Expiry Type Interface ------------------------------------------------------------------------------- 10.10.0.3 04:5d:ff:00:00:00 00:00:00 system =============================================================================== A:ALA-A# A:ALA-A# show router ARP to-ser1 =============================================================================== Page 222 7450 ESS Router Configuration Guide...
- Page 223 The number of packets that failed authentication. Client Packets Authenticate Fail The number of packets that were authenticated. Client Packets Authenticate Ok Sample Output A:ALU-3>show>router>auth# statistics =================================================================== Authentication Global Statistics =================================================================== Client Packets Authenticate Fail 7450 ESS Router Configuration Guide Page 223...
- Page 224 Remote State : Up (3) Remote Diag : 0 (None) Remote Mode : Async Remote Min Tx : 1000 Remote Mult Last Recv (ms) : 367 Remote Min Rx : 10 =============================================================================== *A:Dut-C# Page 224 7450 ESS Router Configuration Guide...
- Page 225 1000 0::0.0.0.0 mplsTp cpm-np wp::lsp-41 Down (1) 1000 1000 0::0.0.0.0 mplsTp cpm-np pp::lsp-32 Up (3) 1000 1000 0::0.0.0.0 mplsTp cpm-np pp::lsp-33 Up (3) 1000 1000 0::0.0.0.0 mplsTp cpm-np pp::lsp-34 Up (3) 1000 1000 7450 ESS Router Configuration Guide Page 225...
- Page 226 Displays the integer used by BFD to declare when the neighbor is down. Multiplier Sample Output *A:Dut-B# show router bfd interface =============================================================================== BFD Interface =============================================================================== Interface name Tx Interval Rx Interval Multiplier ------------------------------------------------------------------------------- port-1-1 port-1-1 port-1-2 port-1-2 Page 226 7450 ESS Router Configuration Guide...
- Page 227 Displays the number of received packets. Rx Pkts Displays the integer used by BFD to declare when the neighbor is down. Mult Sample Output A:Dut-B# show router bfd session =============================================================================== BFD Session 7450 ESS Router Configuration Guide Page 227...
- Page 228 : pim isis ospf3 Rx Interval : 10 Tx Interval : 10 Multiplier Echo Interval Up Time : 0d 07:10:20 Up Transitions Down Time : None Down Transitions : 2 Version Mismatch : 0 Forwarding Information Page 228 7450 ESS Router Configuration Guide...
- Page 229 Up (3) FE80::A0A:A03 pim isis ospf3 cpm-np port-1-3 Up (3) 3FFE::A03:103 static bgp cpm-np port-1-3 Up (3) FE80::A0A:A03 pim isis ospf3 cpm-np port-1-4 Up (3) 3FFE::A04:103 static bgp cpm-np 7450 ESS Router Configuration Guide Page 229...
- Page 230 [ip-int-name | ip-address] Context show>router>dhcp show>router>dhcp6 Description This command displays statistics for DHCP relay and DHCP snooping. If no IP address or interface name is specified, then all configured interfaces are displayed. Page 230 7450 ESS Router Configuration Guide...
- Page 231 The number of packets received from the DHCP server that were Server Packets Snooped snooped. Sample Output A:ALA-1# show router dhcp6 statistics ========================================================================== DHCP6 statistics (Router: Base) ========================================================================== Msg-type Dropped -------------------------------------------------------------------------- 1 SOLICIT 2 ADVERTISE 3 REQUEST 4 CONFIRM 5 RENEW 6 REBIND 7450 ESS Router Configuration Guide Page 231...
- Page 232 Show DHCP Summary Output — The following table describes the output fields for DHCP summary. Label Description Name of the router interface. Interface Name Indicates whether Option 82 processing is enabled on the interface. Info Option Page 232 7450 ESS Router Configuration Guide...
- Page 233 The name of the router instance. Router Name False — ECMP is disabled for the instance. ECMP True — ECMP is enabled for the instance. The number of ECMP routes configured for path sharing. Configured-ECMP-Routes 7450 ESS Router Configuration Guide Page 233...
- Page 234 — Displays FIB entries matching the ip-prefix/mask and routes with longer masks. secondary — Displays secondary VRF ID information. summary — Displays summary FIB information for the specified slot number. nh-table-usage — Displays next-hop table usage. Page 234 7450 ESS Router Configuration Guide...
- Page 235 1.1.9.0/24 ISIS 1.1.3.1 (to_Dut-A) 1.2.3.0/24 LOCAL 1.2.3.0 (to_Dut-B) 1.2.9.0/24 ISIS 1.2.3.2 (to_Dut-B) 10.12.0.0/24 LOCAL 10.12.0.0 (itfToArborCP_02) 10.20.1.1/32 ISIS 1.1.3.1 (to_Dut-A) 10.20.1.2/32 ISIS 1.2.3.2 (to_Dut-B) 10.20.1.3/32 LOCAL 10.20.1.3 (system) 20.12.0.43/32 STATIC vprn1:mda-1-1 20.12.0.44/32 STATIC 7450 ESS Router Configuration Guide Page 235...
- Page 236 Show Commands vprn1:mda-2-1 20.12.0.45/32 STATIC vprn1:mda-2-2 20.12.0.46/32 STATIC vprn1:mda-3-1 100.0.0.1/32 vprn1:mda-1-1 vprn1:mda-3-1 138.203.71.202/32 STATIC 10.12.0.2 (itfToArborCP_02) ------------------------------------------------------------------------------- Total Entries : 15 ------------------------------------------------------------------------------- =============================================================================== Page 236 7450 ESS Router Configuration Guide...
- Page 237 Total Entries : 1 =============================================================================== *A:Dut-C> show router route-table 10.1.0.5/32 extensive =============================================================================== Route Table (Router: Base) =============================================================================== Dest Prefix : 10.1.0.5/32 Protocol : STATIC : 00h01m37s Preference Next-Hop : 1.0.0.2 (RSVP tunnel:128) : Priority=n/c, FC=n/c 7450 ESS Router Configuration Guide Page 237...
- Page 238 Protocol : STATIC Next-Hop : 1.0.0.2 (RSVP tunnel:128) : Priority=n/c, FC=n/c Source-Class Dest-Class ECMP-Weight : 10 Next-Hop : 1.0.0.2 (RSVP tunnel:132) : Priority=n/c, FC=n/c Source-Class Dest-Class ECMP-Weight =============================================================================== Total Entries : 1 =============================================================================== Page 238 7450 ESS Router Configuration Guide...
- Page 239 Tunnel Table Display Legend: B - FRR Backup =============================================================================== Destination Protocol Tunnel-ID NextHop Intf/Tunnel ------------------------------------------------------------------------------- 4.0.0.1/32 SR-ISIS-0 20001 1.3.4.4 2/1/3:1 20001/21005 1.2.3.2(B) 1/1/2 10.20.1.2/32 SR-ISIS-0 21002 1.2.3.2 1/1/2 21002/21005 1.3.4.4(B) 2/1/3:1 10.20.1.4/32 SR-ISIS-0 7450 ESS Router Configuration Guide Page 239...
- Page 240 Pkt Too big The number of echo replies. Echo Reply The number of times the router advertised its location. Router Advertise- ments The number of times the neighbor router advertised its location. Neighbor Adver- tisements Page 240 7450 ESS Router Configuration Guide...
- Page 241 SRLG Output — The following table describes the show router if-attribute srlg-group output fields: Label Description The name of the SRLG. Group Name The integer value of the SRLG. Group Value The penalty weight that is assigned to the SRLG. Penalty Weight 7450 ESS Router Configuration Guide Page 241...
- Page 242 The number of times the local router was solicited. Router Solicits The number of times the neighbor router was solicited. Neighbor Solicits The number of error messages. Errors The number of packet redirects. Redirects Page 242 7450 ESS Router Configuration Guide...
- Page 243 [detail] interface ip-address|ip-int-name mac [ieee-address] interface ip-address|ip-int-name statistics interface dist-cpu-protection [detail] interface policy-accounting [class [index]] Context show>router Description This command displays the router IP interface table sorted by interface index. 7450 ESS Router Configuration Guide Page 243...
- Page 244 Down — The IP interface is operationally disabled. Up — The IP interface is operationally disabled. Network — The IP interface is a network/core IP interface. Mode Service — The IP interface is a service IP interface. Page 244 7450 ESS Router Configuration Guide...
- Page 245 LSR Load Balance : system EGR Load Balance : both TEID Load Balance: Disabled uRPF Chk : disabled uRPF Ipv6 Chk : disabled PTP HW Assist : Disabled Rx Pkts : N/A Rx Bytes : N/A 7450 ESS Router Configuration Guide Page 245...
- Page 246 Ing FP QGrp Inst : (none) Egr Port QGrp Inst: (none) ======================================================================= * indicates that the corresponding row element may have been truncated. *A:Dut-C# *A:mlstp-dutA# show router interface "AtoB_1" =============================================================================== Interface Table (Router: Base) =============================================================================== Page 246 7450 ESS Router Configuration Guide...
- Page 247 Up/Up Down/Down Network 3/1/4 14.2.4.4/24 3FFE::E02:404/120 ip-15.2.4.4 Up/Up Down/Down Network 3/1/5 15.2.4.4/24 3FFE::F02:404/120 ip-21.2.4.4 Up/Up Up/Up Network 6/2/11 21.2.4.4/24 3FFE::1502:404/120 PREFERRED FE80::200:FF:FE00:4/64 PREFERRED ip-22.2.4.4 Up/Up Up/Up Network 6/2/12 22.2.4.4/24 3FFE::1602:404/120 PREFERRED FE80::200:FF:FE00:4/64 PREFERRED 7450 ESS Router Configuration Guide Page 247...
- Page 248 =============================================================================== A:ALA-A# show router interface to-ser1 =============================================================================== Interface Table =============================================================================== Interface-Name Type IP-Address Mode ------------------------------------------------------------------------------- to-ser1 10.10.13.3/24 Network =============================================================================== A:ALA-A# A:ALA-A# show router interface exclude-services =============================================================================== Interface Table =============================================================================== Interface-Name Type IP-Address Mode Page 248 7450 ESS Router Configuration Guide...
- Page 249 The MAC address of the interface. MAC Address The ARP timeout for the interface, in seconds, which is the time an Arp Timeout ARP entry is maintained in the ARP cache without being refreshed. 7450 ESS Router Configuration Guide Page 249...
- Page 250 : none Egr IPv6 Flt : none Ingr IPv6 Flt : none BGP FlowSpec : Disabled SNTP B.Cast : False QoS Policy Queue-group : None MAC Address : ac:5e:01:01:00:01 Arp Timeout : 14400 Page 250 7450 ESS Router Configuration Guide...
- Page 251 * indicates that the corresponding row element may have been truncated. B:bksim1619# *A:Dut-C# show router 1 interface "mda-3-1" detail =============================================================================== Interface Table (Service: 1) =============================================================================== ------------------------------------------------------------------------------- Interface ------------------------------------------------------------------------------- If Name : mda-3-1 Admin State : Up Oper (v4/v6) : Up/Down 7450 ESS Router Configuration Guide Page 251...
- Page 252 Tx Pkts/Tx Bytes: Onramped traffic counters Tx Discard Pkts: Discarded packets by TMS It displays the #of pkts dropped while the traffic is getting distributed to various It doesn't account for the pkts dropped in HW level. Page 252 7450 ESS Router Configuration Guide...
- Page 253 "to_Ixia" detail =============================================================================== Interface Table (Router: Base) =============================================================================== ------------------------------------------------------------------------------- Interface ------------------------------------------------------------------------------- If Name : to_Ixia Admin State : Up Oper (v4/v6) : Up/Up Protocols : None IP Addr/mask : 1.3.9.3/24 Address Type : Primary 7450 ESS Router Configuration Guide Page 253...
- Page 254 Proxy ARP Details Rem Proxy ARP : Disabled Local Proxy ARP : Disabled Policies : none Proxy Neighbor Discovery Details Local Pxy ND : Disabled Policies : none Secure ND Details Secure ND : Disabled Page 254 7450 ESS Router Configuration Guide...
- Page 255 Fail V4 Byt uRPF Fail V6 Pk uRPF Fail V6 Byt =============================================================================== * indicates that the corresponding row element may have been truncated. *A:Dut-C# show router 1 interface "mda-3-1" detail =============================================================================== Interface Table (Service: 1) 7450 ESS Router Configuration Guide Page 255...
- Page 256 The number of operationally enabled IP interfaces in the router Oper-Up instance. Sample Output A:ALA-A# show router interface summary =============================================================================== Router Summary (Interfaces) =============================================================================== Instance Router Name Interfaces Admin-Up Oper-Up ------------------------------------------------------------------------------- Base =============================================================================== Page 256 7450 ESS Router Configuration Guide...
- Page 257 ============================================================================ Route Table ============================================================================ Prefix [Flags] Metric Lvl/Typ Ver. SysID/Hostname NextHop AdminTag ---------------------------------------------------------------------------- 10.20.1.2/32 1/Int. Dut-B 0.0.0.0 10.20.1.3/32 [L] 2/Int. Dut-C 10.20.3.3 10.20.1.4/32 2/Int. Dut-D 10.20.4.4 10.20.1.5/32 2/Int. Dut-C 10.20.3.3 10.20.1.6/32 2/Int. Dut-D 7450 ESS Router Configuration Guide Page 257...
- Page 258 0.0.0.0 10.20.4.0/24 1/Int. Dut-B 0.0.0.0 10.20.5.0/24 2/Int. Dut-C 10.20.3.3 10.20.6.0/24 2/Int. Dut-D 10.20.4.4 10.20.9.0/24 2/Int. Dut-D 10.20.4.4 10.20.10.0/24 2/Int. Dut-C 10.20.3.3 ---------------------------------------------------------------------------- Routes : 11 Flags: LFA = Loop-Free Alternate nexthop ============================================================================ *A:Dut-B# Page 258 7450 ESS Router Configuration Guide...
- Page 259 Swap 131066 262138BU 1/1/2 10.10.2.3 ------------------------------------------------------------------------ ------------------------------------------------------------------------------- No. of IPv4 Prefix Active Bindings: 10 =============================================================================== =============================================================================== LDP IPv6 Prefix Bindings (Active) =============================================================================== Prefix IngLbl EgrLbl EgrNextHop EgrIf/LspId ------------------------------------------------------------------------------- No Matching Entries Found =============================================================================== 7450 ESS Router Configuration Guide Page 259...
- Page 260 =============================================================================== =============================================================================== LDP In-Band-VPN-SSM IPv4 P2MP Bindings (Active) =============================================================================== Source Group RootAddr Interface IngLbl EgrLbl EgrNH EgrIf/LspId ------------------------------------------------------------------------------- No Matching Entries Found =============================================================================== =============================================================================== LDP In-Band-VPN-SSM IPv6 P2MP Bindings (Active) =============================================================================== Source Group Page 260 7450 ESS Router Configuration Guide...
- Page 261 LDP IPv6 Prefix Bindings =============================================================================== Prefix IngLbl EgrLbl Peer EgrIntf/LspId EgrNextHop ------------------------------------------------------------------------------- No Matching Entries Found =============================================================================== =============================================================================== LDP Generic IPv4 P2MP Bindings =============================================================================== P2MP-Id RootAddr Interface IngLbl EgrLbl EgrNH EgrIf/LspId Peer ------------------------------------------------------------------------------- 7450 ESS Router Configuration Guide Page 261...
- Page 262 90.90.90.2 1/1/6 2.2.2.2:0 ------------------------------------------------------------------------------- No. of Generic IPv4 P2MP Bindings: 9 =============================================================================== =============================================================================== LDP Generic IPv6 P2MP Bindings =============================================================================== P2MP-Id RootAddr Interface IngLbl EgrLbl EgrNH EgrIf/LspId Peer ------------------------------------------------------------------------------- No Matching Entries Found =============================================================================== Page 262 7450 ESS Router Configuration Guide...
- Page 263 2.2.2.2:100 1.1.1.1 225.0.0.1 1.1.1.1:100 3.3.3.3 Unknwn 60.60.60.1 1/1/1 2.2.2.2:100 1.1.1.1 225.0.0.1 1.1.1.1:100 3.3.3.3 Unknwn 60.60.60.1 1/1/1 2.2.2.2:100 ------------------------------------------------------------------------------- No. of In-Band-VPN-SSM IPv4 P2MP Bindings: 3 =============================================================================== =============================================================================== LDP In-Band-VPN-SSM IPv6 P2MP Bindings =============================================================================== 7450 ESS Router Configuration Guide Page 263...
- Page 264 131017D 986 ?-Ipipe 1800 R. Src None 2.2.2.2:0 Ukwn 131014D 1486 ------------------------------------------------------------------------------- No. of VC Labels: 5 =============================================================================== =============================================================================== LDP Service FEC 129 Bindings =============================================================================== SAII AGII IngLbl LMTU TAII Type EgrLbl RMTU Page 264 7450 ESS Router Configuration Guide...
- Page 265 This command displays information about the IPv6 neighbor cache. Parameters ip-int-name — Specify the IP interface name. ip-address — Specify the address of the IPv6 interface address. mac ieee-mac-address — Specify the MAC address. summary — Displays summary neighbor information. 7450 ESS Router Configuration Guide Page 265...
- Page 266 No. of Neighbor Entries: 2 =============================================================================== B:CORE2# network-domains Syntax network-domains [detail] [network-domain-name] Context show>router Description This command displays network-domains information. Parameters detail — Displays detailed network-domains information. network-domain-name — Displays information for a specific network domain. Page 266 7450 ESS Router Configuration Guide...
- Page 267 ------------------------------------------------------------------------------- intf1 1/2/2 net1 intf2 6/1/2 net1 ------------------------------------------------------------------------------- Interfaces : 2 =============================================================================== *A:Dut-T>config>router# *A:Dut-T>config>service# show router network-domains "net1" sdp-association =============================================================================== SDP Network Domain Association Table =============================================================================== SDP Id Network Domain ------------------------------------------------------------------------------- net1 ------------------------------------------------------------------------------- 7450 ESS Router Configuration Guide Page 267...
- Page 268 Label Description The policy name. Policy Displays the description of the policy. Description Sample Output B:CORE2# show router policy =============================================================================== Route Policies =============================================================================== Policy Description ------------------------------------------------------------------------------- fromStatic ------------------------------------------------------------------------------- Policies : 1 =============================================================================== B:CORE2# Page 268 7450 ESS Router Configuration Guide...
- Page 269 ID is shown. Output Standard Route Table Output — The following table describes the standard output fields for the route table. Label Description The route destination address and mask. Dest Address 7450 ESS Router Configuration Guide Page 269...
- Page 270 = Number of times nexthop is repeated =============================================================================== *A:Dut-B#config>service>vprn# show router 1 route-table alternative =============================================================================== Route Table (Service: 1) =============================================================================== Dest Prefix[Flags] Type Proto Pref Next Hop[Interface Name] Metric Alt-NextHop Alt- Metric ------------------------------------------------------------------------------- 10.0.0.0/30 Local Local 02h17m23s Page 270 7450 ESS Router Configuration Guide...
- Page 271 10.20.1.3/32 [L] Remote ISIS 00h00m58s 15 10.10.12.3 3 10.20.1.4/32 [L] Remote ISIS 00h00m58s 15 10.10.4.4 10 10.20.1.5/32 [L] Remote ISIS 00h00m58s 15 10.10.12.3 13 10.20.1.6/32 [L] Remote ISIS 00h00m58s 15 10.10.4.4 20 ---------------------------------------------------------------------------- No. of Routes: 16 7450 ESS Router Configuration Guide Page 271...
- Page 272 10.20.1.5/32 Remote ISIS 00h02m05s 15 10.10.12.3 13 10.10.4.4 (LFA) 20 10.20.1.6/32 Remote ISIS 00h02m05s 15 10.10.4.4 20 10.10.12.3 (LFA) 23 ---------------------------------------------------------------------------- No. of Routes: 16 Flags: Backup = BGP backup routeLFA = Loop-Free Alternate nexthop ============================================================================ Page 272 7450 ESS Router Configuration Guide...
- Page 273 B:ALA-B# show router route-table 100.10.0.0 exact =============================================================================== Route Table (Router: Base) =============================================================================== Dest Address Next Hop Type Proto Age Metric Pref ------------------------------------------------------------------------------- 100.10.0.0/16 Black Hole Remote Static 00h03m17s 1 5 ------------------------------------------------------------------------------- No. of Routes: 1 =============================================================================== B:ALA-B# 7450 ESS Router Configuration Guide Page 273...
- Page 274 Local Local 00h44m29s itfToArborCP_02 10.20.1.1/32 Remote ISIS 00h44m24s 1.1.3.1 10.20.1.2/32 Remote ISIS 00h44m28s 1.2.3.2 10.20.1.3/32 Local Local 00h44m32s system 20.12.0.43/32 Remote Static 00h44m31s vprn1:mda-1-1 20.12.0.44/32 Remote Static 00h44m31s vprn1:mda-2-1 20.12.0.45/32 Remote Static 00h44m31s Page 274 7450 ESS Router Configuration Guide...
- Page 275 Route Table (Router: Base) =============================================================================== Dest Prefix Type Proto Pref Next Hop[Interface Name] Metric ------------------------------------------------------------------------------- 10.10.5.0/24 Remote OSPF 00h02m20s 10.20.1.5 (tunneled:RSVP:1) 1100 10.10.10.0/24 Remote OSPF 00h02m20s 10.20.1.5 (tunneled:RSVP:1) 1100 10.20.1.5/32 Remote OSPF 00h02m20s 10.20.1.5 (tunneled:RSVP:1) 7450 ESS Router Configuration Guide Page 275...
- Page 276 = Number of times nexthop is repeated =============================================================================== *A:Dut-C# *A:Dut-C# show router route-table summary =============================================================================== Route Table Summary (Router: Base) =============================================================================== Active Available ------------------------------------------------------------------------------- Static Direct Host BGP (Backup) VPN Leak OSPF ISIS ISIS (LFA) Aggregate Sub Mgmt Managed Page 276 7450 ESS Router Configuration Guide...
- Page 277 ISIS (LFA) 1499 Aggregate Sub Mgmt Managed ------------------------------------------------------------------------------- Total 5006 9570 =============================================================================== NOTE: ISIS LFA routes and BGP Backup routes are not counted towards the total. *A:SRR# *A:Dut-C>config>router>mpls>lsp# show router route-table 10.0.0.2/32 extensive 7450 ESS Router Configuration Guide Page 277...
- Page 278 Dest-Class Metric ECMP-Weight Next-Hop : 1.0.0.3 (RSVP tunnel:94) : Priority=n/c, FC=n/c Source-Class Dest-Class Metric ECMP-Weight Next-Hop : 1.0.0.3 (RSVP tunnel:61442) : Priority=n/c, FC=n/c Source-Class Dest-Class Metric ECMP-Weight ------------------------------------------------------------------------------- No. of Destinations: 1 =============================================================================== Page 278 7450 ESS Router Configuration Guide...
- Page 279 The time, in milliseconds, that a node assumes a neighbor is reachable Reachable Time after receiving a reachability confirmation. The time, in milliseconds, between retransmitted neighbor solicitation Retransmit Time messages. The MTU number the nodes use for sending packets on the link. Link MTU 7450 ESS Router Configuration Guide Page 279...
- Page 280 : 07d00h00m Valid Lifetime : 30d00h00m Prefix: 231::/120 Autonomous Flag : FALSE On-link flag : FALSE Preferred Lifetime : 49710d06h Valid Lifetime : 49710d06h Prefix: 241::/120 Autonomous Flag : TRUE On-link flag : TRUE Page 280 7450 ESS Router Configuration Guide...
- Page 281 Autonomous Flag : TRUE On-link flag : TRUE Preferred Lifetime : 07d00h00m Valid Lifetime : 30d00h00m Prefix: 25::/120 Autonomous Flag : TRUE On-link flag : TRUE Preferred Lifetime : 07d00h00m Valid Lifetime : infinite 7450 ESS Router Configuration Guide Page 281...
- Page 282 : 30d00h00m Prefix not present in neighbor router advertisement Prefix: 231::/120 Autonomous Flag : FALSE On-link flag : FALSE Preferred Lifetime : 49710d06h Valid Lifetime : 49710d06h Prefix not present in neighbor router advertisement Page 282 7450 ESS Router Configuration Guide...
- Page 283 Prefix: 25::/120 Valid Lifetime : infinite [30d00h00m] Prefix not present in own router advertisement Prefix: 231::/120 Autonomous Flag : TRUE On-link flag : TRUE Preferred Lifetime : 07d00h00m Valid Lifetime : 30d00h00m =============================================================================== A:Dut-A# 7450 ESS Router Configuration Guide Page 283...
- Page 284 00:00:5a:40:00:01 00:00:00 Sta to-ser1 12.200.1.1 00:00:5a:01:00:33 00:00:00 Inv to-ser1a ------------------------------------------------------------------------------- No. of ARP Entries: 1 =============================================================================== A:ALA-A# A:ALA-A# show router static-arp 12.200.1.1 =============================================================================== ARP Table =============================================================================== IP Address MAC Address Type Interface ------------------------------------------------------------------------------- Page 284 7450 ESS Router Configuration Guide...
- Page 285 — Only displays static routes with the specified route preference. Values 0 — 65535 next-hop ip-address — Only displays static routes with the specified next hop IP address. Values ipv4-address: a.b.c.d (host bits must be 0) 7450 ESS Router Configuration Guide Page 285...
- Page 286 No. of Routes Sample Output A:ALA-A# show router static-route =============================================================================== Route Table =============================================================================== IP Addr/mask Pref Metric Type Nexthop Interface Active ------------------------------------------------------------------------------- 192.168.250.0/24 10.200.10.1 to-ser1 192.168.252.0/24 10.10.0.254 192.168.253.0/24 to-ser1 192.168.253.0/24 10.10.0.254 192.168.254.0/24 black-hole =============================================================================== A:ALA-A# Page 286 7450 ESS Router Configuration Guide...
- Page 287 : disabled ------------------------------------------------------------------------------- No. of Static Routes: 1 =============================================================================== *A:Dut-C> show router static-route 10.1.0.5/32 detail =============================================================================== Static Route Table (Router: Base) Family: IPv4 =============================================================================== Prefix : 10.1.0.5/32 Nexthop : 1.0.0.2 Indirect : Type 7450 ESS Router Configuration Guide Page 287...
- Page 288 IP interfaces. Sample Output A:ALA-A# show router service-prefix ================================================= Address Ranges reserved for Services ================================================= IP Prefix Mask Exclusive ------------------------------------------------- 172.16.1.0 true 172.16.2.0 false ================================================= A:ALA-A# Page 288 7450 ESS Router Configuration Guide...
- Page 289 Syntax status Context show>router Description This command displays the router status. Output Router Status Output — The following table describes the output fields for router status information. 7450 ESS Router Configuration Guide Page 289...
- Page 290 — TTL of the IP packet is propagated into the VC label and not into the labels in the transport label stack al — TTL of the IP packet is propagated into the VC label and all labels in the transport label stack Page 290 7450 ESS Router Configuration Guide...
- Page 291 Not configured Not configured Not configured IGMP Not configured Not configured Not configured Not configured OSPFv3 Not configured Not configured Max Routes No Limit Total IPv4 Routes 244285 Max Multicast Routes No Limit 7450 ESS Router Configuration Guide Page 291...
- Page 292 IGMP Not configured Not configured Not configured Not configured OSPFv3 Not configured Not configured Max Routes No Limit Total IPv4 Routes 244277 Max Multicast Routes No Limit Total Multicast Routes PIM not configured Page 292 7450 ESS Router Configuration Guide...
- Page 293 PIM not configured ECMP Max Routes Mcast Info Policy default Triggered Policies LDP Shortcut Disabled Single SFM Overload Disabled IP Fast Reroute Disabled ICMP Tunneling Disabled Reassembly ISA-BB group Not configured ICMP Tunneling Disabled 7450 ESS Router Configuration Guide Page 293...
- Page 294 Local Management Disabled Single SFM Overload Disabled IP Fast Reroute Disabled ICMP Tunneling Disabled Reassembly ISA-BB group Not configured ICMP Tunneling Disabled Ipv6 Nbr Reachab. time Not configured VPRN Local TTL Propagate all Page 294 7450 ESS Router Configuration Guide...
- Page 295 ------------------------------------------------------------------------------- No. of Routes: 10 =============================================================================== *A:Dut-C# show router 1 tms routes =============================================================================== TMS Routes (IPv4) =============================================================================== Status Network Next Hop[Interface Name] ------------------------------------------------------------------------------- Active 100.0.0.1/32 mda-2-1 ------------------------------------------------------------------------------- No. of Routes: 1 =============================================================================== 7450 ESS Router Configuration Guide Page 295...
- Page 296 =============================================================================== Destination Owner Encap TunnelId Pref Nexthop Metric ----------------------------------------------------------------------- 127.0.68.0/32 MPLS 17407 127.0.68.0 ======================================================================= *A:Dut-D# show service id 1 sdp 17407:4294967294 detail ======================================================================= Service Destination Point (Sdp Id : 17407:4294967294) Details ======================================================================= ------------------------------------------------------------------------------- Page 296 7450 ESS Router Configuration Guide...
- Page 297 : (none) Egr Port QGrp Inst: (none) ----------------------------------------------------------------------- ETH-CFM SDP-Bind specifics ----------------------------------------------------------------------- V-MEP Filtering : Disabled KeepAlive Information : Admin State : Disabled Oper State : Disabled Hello Time : 10 Hello Msg Len 7450 ESS Router Configuration Guide Page 297...
- Page 298 Bad BPDUs rcvd Cfg BPDUs rcvd Cfg BPDUs tx TCN BPDUs rcvd TCN BPDUs tx TC bit BPDUs rcvd TC bit BPDUs tx RST BPDUs rcvd RST BPDUs tx ----------------------------------------------------------------------- Number of SDPs : 1 Page 298 7450 ESS Router Configuration Guide...
- Page 299 (0) MPLS 524312 1.2.3.2 10.20.1.4/32 isis (0) MPLS 524310 1.3.4.4 10.20.1.5/32 isis (0) MPLS 524311 1.2.3.2 ------------------------------------------------------------------------------- Flags: B = BGP backup route available E = inactive best-external BGP route =============================================================================== A:Dut-C# 7450 ESS Router Configuration Guide Page 299...
- Page 300 Tunnel ID : 524311 Preference : 11 Tunnel Label : 21005 Tunnel Metric : 20 Tunnel MTU : 1382 ------------------------------------------------------------------------------- Number of tunnel-table entries Number of tunnel-table entries with LFA : 4 =============================================================================== A:Dut-C# Page 300 7450 ESS Router Configuration Guide...
- Page 301 ------------------------------------------------------------------------------- No. of L2TP Groups: 2 =============================================================================== *A:Dut-C# *A:Dut-C# show router l2tp group isp1.group-2 =============================================================================== Group Name: isp1.group-2 =============================================================================== Conn ID Loc-Tu-ID Rem-Tu-ID State Ses Active Group Ses Total Assignment ------------------------------------------------------------------------------- 7450 ESS Router Configuration Guide Page 301...
- Page 302 — Displays peer objects set to drain. unreachable — Displays peers that are deemed unreachable. statistics — Displays the statistics for the given IP address. Sample Output *A:Dut-C# show router l2tp peer =============================================================================== L2TP Peers Page 302 7450 ESS Router Configuration Guide...
- Page 303 ------------------------------------------------------------------------------- No. of tunnels: 1 =============================================================================== *A:Dut-C# *A:Dut-C# show router l2tp peer draining =============================================================================== L2TP Peers =============================================================================== Peer IP Tun Active Ses Active Drain Unreach Role Tun Total Ses Total 7450 ESS Router Configuration Guide Page 303...
- Page 304 [assignment-id assignment-id] [local-namelocal-host-name] [remote-name remote-host-name] [tunnel-id tunnel-id (v2)]| session [detail] [state session-state] [peer ip-address] [group group-name] [assignment-id assignment-id] [local-name local-host-name] [remote-name remote-host-name] [control- connection-id connection-id (v3)] Context show>router>l2tp Description This command displays L2TP session operational information. Page 304 7450 ESS Router Configuration Guide...
- Page 305 3615 14347 closed 236927915 236912640 3615 15275 closed 379407426 379387904 5789 19522 established 658187773 658178048 10043 9725 established 658198275 658178048 10043 20227 established 658210606 658178048 10043 32558 established ------------------------------------------------------------------------------- No. of sessions: 9 7450 ESS Router Configuration Guide Page 305...
- Page 306 Time Started : 04/17/2009 18:41:55 Time Established : 04/17/2009 18:41:55 Time Closed : 04/17/2009 18:43:20 CDN Result : generalError General Error : noError ------------------------------------------------------------------------------- =============================================================================== L2TP Session Status =============================================================================== Connection ID : 236927915 Page 306 7450 ESS Router Configuration Guide...
- Page 307 Tunnel-ID Session-ID State ------------------------------------------------------------------------------- 143524786 143523840 2190 established 143526923 143523840 2190 3083 established 143531662 143523840 2190 7822 closed 236926987 236912640 3615 14347 closed 236927915 236912640 3615 15275 closed 658187773 658178048 10043 9725 established 7450 ESS Router Configuration Guide Page 307...
- Page 308 =============================================================================== L2TP Session Summary =============================================================================== Control Conn ID Tunnel-ID Session-ID State ------------------------------------------------------------------------------- 658187773 658178048 10043 9725 established 658198275 658178048 10043 20227 established 658210606 658178048 10043 32558 established ------------------------------------------------------------------------------- No. of sessions: 3 =============================================================================== Page 308 7450 ESS Router Configuration Guide...
- Page 309 : 04/17/2009 18:41:55 Time Closed : 04/17/2009 18:43:20 CDN Result : generalError General Error : noError ------------------------------------------------------------------------------- =============================================================================== L2TP Session Status =============================================================================== Connection ID : 236927915 State : closed Tunnel Group : isp1.group-2 Assignment ID : isp1.tunnel-2 7450 ESS Router Configuration Guide Page 309...
- Page 310 No. of sessions: 1 =============================================================================== *A:Dut-C# *A:Fden-Dut2-BSA2# show router l2tp session connection-id 600407016 =============================================================================== L2TP Session Summary =============================================================================== Control Conn ID Tunnel-ID Session-ID State ------------------------------------------------------------------------------- 600407016 600375296 9161 31720 established simon@base.lac.base.lns interface: gi_base_lns_base_lac service-id: 100 Page 310 7450 ESS Router Configuration Guide...
- Page 311 : N/A Primary NBNS : N/A Secondary NBNS : N/A Address-Pool : N/A Circuit-Id : (Not Specified) Remote-Id : (Not Specified) Session-Timeout : N/A Radius Class : (Not Specified) Radius User-Name : simon@base.lac.base.lns 7450 ESS Router Configuration Guide Page 311...
- Page 312 This command displays L2TP statistics. Sample Output *A:Dut-C# show router l2tp statistics =============================================================================== L2TP Statistics =============================================================================== Tunnels Sessions ------------------------------------------------------------------------------- Active Active Setup history since 04/17/2009 18:38:41 Total Total Failed Failed Failed Auth =============================================================================== *A:Dut-C# Page 312 7450 ESS Router Configuration Guide...
- Page 313 — Displays information for the specified peer IP address. ipv4-address a.b.c.d (host bits must be 0) tunnel-id tunnel-id (v2) — Displays information for the specified ID of a L2TP tunnel. 7450 ESS Router Configuration Guide Page 313...
- Page 314 Idle TO (s) : 60 Destruct TO (s) : 7200 Max Retr Estab Max Retr Not Estab: 5 Session Limit : 1000 AVP Hiding : never Transport Type : udpIp Challenge : never Page 314 7450 ESS Router Configuration Guide...
- Page 315 Ctrl Octets 1438 Error Packets 0 ------------------------------------------------------------------------------- *A:Dut-C# *A:Dut-C# show router l2tp tunnel connection-id 143523840 statistics =============================================================================== L2TP Tunnel Statistics =============================================================================== Connection ID: 143523840 ------------------------------------------------------------------------------- Attempts Failed Active Total ------------------------------------------------------------------------------- Sessions ------------------------------------------------------------------------------- ------------------------------------------------------------------------------- 7450 ESS Router Configuration Guide Page 315...
- Page 316 =============================================================================== L2TP Tunnel Statistics =============================================================================== Connection ID: 143523840 ------------------------------------------------------------------------------- Attempts Failed Active Total ------------------------------------------------------------------------------- Sessions ------------------------------------------------------------------------------- ------------------------------------------------------------------------------- ------------------------------------------------------------------------------- Ctrl Packets Ctrl Octets 1014 1474 Error Packets 0 ------------------------------------------------------------------------------- No. of tunnels: 1 =============================================================================== Page 316 7450 ESS Router Configuration Guide...
- Page 317 236912640 3615 58919 closedByPeer isp1.group-2 isp1.tunnel-2 658178048 10043 33762 draining isp1.group-2 isp1.tunnel-2 ------------------------------------------------------------------------------- No. of tunnels: 3 =============================================================================== *A:Dut-C# *A:Dut-C# show router l2tp tunnel assignment-id isp1.tunnel-3 state established statis- tics =============================================================================== 7450 ESS Router Configuration Guide Page 317...
- Page 318 *A:Fden-Dut2-BSA2# show router l2tp tunnel connection-id 600375296 statistics =============================================================================== L2TP Tunnel Statistics =============================================================================== Connection ID: 600375296 ------------------------------------------------------------------------------- Attempts Failed Active Total ------------------------------------------------------------------------------- Sessions ------------------------------------------------------------------------------- ------------------------------------------------------------------------------- ------------------------------------------------------------------------------- Ctrl Packets Ctrl Octets Error Packets ------------------------------------------------------------------------------- ------------------------------------------------------------------------------- Accepted Duplicate Out-Of-Wnd Page 318 7450 ESS Router Configuration Guide...
- Page 319 : 60 Max Retr Estab Max Retr Not Estab: 5 Session Limit : 32767 AVP Hiding : never Transport Type : udpIp Challenge : never Time Started : 02/19/2015 13:00:36 Time Idle : N/A 7450 ESS Router Configuration Guide Page 319...
- Page 320 : 02/19/2015 13:00:36 Time Idle : N/A Time Established : 02/19/2015 13:00:36 Time Closed : N/A Stop CCN Result : noError General Error : noError Blacklist-state : not-blacklisted Set Dont Fragment : true Failover State : recoverable Page 320 7450 ESS Router Configuration Guide...
- Page 321 Failover State : not-recoverable Recovery Conn ID : N/A Recovery state : not-applicable Recovered Conn ID : N/A Recovery method : mcs Track SRRP : (Not specified) Ctrl msg behavior : handle ------------------------------------------------------------------------------- 7450 ESS Router Configuration Guide Page 321...
- Page 322 Recovered Conn ID : N/A Recovery method : recovery-tunnel Track SRRP : 124 Ctrl msg behavior : handle ------------------------------------------------------------------------------- Connection ID: 1865089024 State : closed : 10.124.0.9 : 1701 Peer IP : 10.124.0.3 Peer UDP : 1701 Page 322 7450 ESS Router Configuration Guide...
- Page 323 Peer IP : 10.124.0.3 Peer UDP : 1701 Tx dst-IP : 10.124.0.3 Tx dst-UDP : 1701 Rx src-IP : 10.124.0.3 Rx src-UDP : 1701 Name : mc-lac Remote Name : mc-lns Assignment ID: t1 7450 ESS Router Configuration Guide Page 323...
- Page 324 : mc-lns Acct. Policy : N/A Error Message: N/A Remote Conn ID : 7536640 Tunnel ID : 6612 Remote Tunnel ID : 115 Preference : 50 Receive Window : 64 Hello Interval (s): 300 Page 324 7450 ESS Router Configuration Guide...
- Page 325 : not-blacklisted Set Dont Fragment : true Failover State : not-applicable Recovery Conn ID : N/A Recovery state : recovery-tunnel Recovered Conn ID : 433324032 Recovery method : default Track SRRP : (Not specified) 7450 ESS Router Configuration Guide Page 325...
- Page 326 L2TP Show Commands Ctrl msg behavior : handle ------------------------------------------------------------------------------- No. of tunnels: 2 =============================================================================== Page 326 7450 ESS Router Configuration Guide...
-
Page 327: Clear Commands
— Clears all ARP cache entries for the specified IP interface with the specified IP address. Syntax bfd src-ip ip-address dst-ip ip-address bfd all Context clear>router Description This command enables the context to clear bi-directional forwarding (BFD) sessions and statistics. 7450 ESS Router Configuration Guide Page 327... - Page 328 — Clears statistics for all BFD sessions. dhcp Syntax dhcp Context clear>router Description This command enables the context to clear DHCP related information. dhcp6 Syntax dhcp6 Context clear>router Description This command enables the context to clear DHCP6 related information. Page 328 7450 ESS Router Configuration Guide...
- Page 329 Context clear>router Description This command clears ICMP statistics. Parameters all — Clears all statistics. global — Clears global statistics. interface-name — Clears ICMP6 statistics for the specified interface. 7450 ESS Router Configuration Guide Page 329...
- Page 330 This command clears L2PT data. Parameters tunnel-group-name — Specifies a Layer Two Tunneling Protocol Tunnel Group name. tunnel Syntax tunnel tunnel-id Context clear>router>l2tp Description This command clears L2PT data. Parameters tunnel-group-name — Clears L2TP tunnel statistics. Page 330 7450 ESS Router Configuration Guide...
- Page 331 [interface interface-name] Context clear>router Description This command clears all router advertisement counters. Parameters all — Clears all router advertisement counters for all interfaces. interface interface-name — Clear router advertisement counters for the specified interface. 7450 ESS Router Configuration Guide Page 331...
-
Page 332: Debug Commands
Syntax router router-instance Context debug Description This command configures debugging for a router instance. Parameters router-instance — Specify the router name or service ID. Values router-name: Base, management service-id: 1 — 2147483647 Page 332 7450 ESS Router Configuration Guide... - Page 333 [ip-int-name] no icmp6 Context debug>router>ip Description This command enables ICMP6 debugging. interface Syntax [no] interface [ip-int-name | ip-address] Context debug>router>ip Description This command displays the router IP interface table sorted by interface index. 7450 ESS Router Configuration Guide Page 333...
- Page 334 (host bits must be 0) ipv4-prefix-length 0 — 32 longer — Specifies the prefix list entry matches any route that matches the specified ip-prefix and pre- fix mask length values greater than the specified mask. Page 334 7450 ESS Router Configuration Guide...
- Page 335 IP Router Configuration tunnel-table Syntax tunnel-table [ip-address] [ldp | rsvp [tunnel-id tunnel-id]| sdp [sdp-id sdp-id]] Context debug>router>ip Description This command enables debugging for tunnel tables. 7450 ESS Router Configuration Guide Page 335...
- Page 336 Debug Commands Page 336 7450 ESS Router Configuration Guide...
-
Page 337: Vrrp
Non-Owner Access Telnet on page 359 → Non-Owner Access SSH on page 360 → VRRP Advertisement Message IP Address List Verification on page 348 • VRRP Configuration Process Overview on page 361 • Configuration Notes on page 362 7450 ESS Router Configuration Guide Page 337... -
Page 338: Vrrp Overview
VRRP configuration. Internet Backup Master Backup Non-Owner Owner Non-Owner ALA-1 ALA-2 ALA-3 vrld 100 vrld 100 vrld 100 Priority 200 Priority 150 Virtual Router ID (VRID) OSRG006 Figure 12: VRRP Configuration Page 338 7450 ESS Router Configuration Guide... -
Page 339: Vrrp Components
This is a common mechanism that allows multiple local subnet attachment on a single routing interface. Up to four virtual routers are possible on a single Alcatel-Lucent IP interface. The virtual routers must be in the same subnet. Each virtual router has its own VRID, state machine and messaging instance. -
Page 340: Primary And Secondary Ip Addresses
An IP interface must always have a primary IP address assigned for VRRP to be active on the interface. Alcatel-Lucent routers supports both primary and secondary IP addresses (multi-netting) on the IP interface. The virtual router’s VRID primary IP address is always the primary address on the IP interface. -
Page 341: Virtual Router Backup
VRRP priority control policy. VRRP priority control policies can be used to either override or adjust the base priority value depending on events or conditions within the chassis. For information about non-owner access parameters, refer to VRRP Non-Owner Accessibility on page 359. 7450 ESS Router Configuration Guide Page 341... -
Page 342: Configurable Parameters
Configurable Parameters Configurable Parameters In addition to backup IP addresses, to facilitate configuration of a virtual router on Alcatel-Lucent routers, the following parameters can be defined in owner configurations: • Virtual Router ID (VRID) on page 342 • Message Interval and Master Inheritance on page 344 •... -
Page 343: Ip Addresses
These are the IP addresses being used by hosts on the LAN as gateway addresses. Multi-netting supports 16 IP addresses on the IP interface, up to 16 addresses can be assigned to a specific a virtual router instance. 7450 ESS Router Configuration Guide Page 343... -
Page 344: Message Interval And Master Inheritance
Skew Time = ((256 - priority) / 256) seconds The higher priority value, the smaller the skew time will be. This means that virtual routers with a lower priority will transition to master slower than virtual routers with higher priorities. Page 344 7450 ESS Router Configuration Guide... -
Page 345: Master Down Interval
A backup router will only attempt to become the master router if the preempt mode is true and the received VRRP advertisement priority field is less than the virtual router in-use priority value. 7450 ESS Router Configuration Guide Page 345... -
Page 346: Vrrp Message Authentication
→ IP header destination IP address – Must be 224.0.0.18 → IP header TTL field – Must be equal to 255, the packet must not have traversed any IP routed hops → IP header protocol field – must be 112 (decimal) Page 346 7450 ESS Router Configuration Guide... - Page 347 → Authentication type field – Must be equal to 1 → Authentication data fields – Must be equal to the VRID configured simple text password Any VRRP message not meeting the type 0 verification checks with the exceptions above are silently discarded. 7450 ESS Router Configuration Guide Page 347...
-
Page 348: Authentication Data
VRRP advertisement messages contain an IP address count field that indicates the number of IP addresses listed in the sequential IP address fields at the end of the message. The Alcatel-Lucent routersimplementation always logs mismatching events. The decision on where and whether to forward the generated messages depends on the configuration of the event manager. -
Page 349: Inherit Master Vrrp Router's Advertisement Interval Timer
Policies can only be configured in the non-owner VRRP context. For non-owner virtual router instances, if policies are not configured, then the base priority is used as the in-use priority. 7450 ESS Router Configuration Guide Page 349... -
Page 350: Vrrp Priority Control Policies
100. The base priority is the starting priority for the VRRP instance. The actual in-use priority for the VRRP instance is derived from the base priority and an optional VRRP priority control policy. Page 350 7450 ESS Router Configuration Guide... -
Page 351: Vrrp Priority Control Policy Delta In-Use Priority Limit
The allowed range of the Delta In-Use Priority Limit is 1 to 254. The default is 1, which prevents the delta priority events from operationally disabling the virtual router instance. 7450 ESS Router Configuration Guide Page 351... -
Page 352: Vrrp Priority Control Policy Priority Events
This extends the amount of time that must expire before entering the cleared state. For an example of a hold-set timer setting, refer to LAG Degrade Priority Event on page 353. Page 352 7450 ESS Router Configuration Guide... -
Page 353: Port Down Priority Event
Table 6: LAG Events Time LAG Port State Parameter State Comments All ports down Event State Set - 8 ports down Event Threshold 6 ports down Hold Set Timer 5 seconds Set to hold-set parameter 7450 ESS Router Configuration Guide Page 353... - Page 354 Event Threshold 2 ports down Hold Set Timer Expired Four ports down Event State Set - 2 ports down Event Threshold 4 ports down Hold Set Timer 5 seconds Set to hold-set parameter Page 354 7450 ESS Router Configuration Guide...
- Page 355 Event Threshold 2 ports down Hold Set Timer Expired Four ports down Event State Set - 2 ports down Event Threshold 4 ports down Hold Set Timer 5 seconds Set to hold-set parameter 7450 ESS Router Configuration Guide Page 355...
- Page 356 Event Threshold 2 ports down Hold Set Timer Expired Four ports down Event State Set - 2 ports down Event Threshold 4 ports down Hold Set Timer 5 seconds Set to hold-set parameter Page 356 7450 ESS Router Configuration Guide...
-
Page 357: Host Unreachable Priority Event
The source protocol can be defined to indicate the protocol the installed route must be populated from. To further define match criteria when multiple instances of the route prefix exist, an optional next hop parameter can be defined. 7450 ESS Router Configuration Guide Page 357... - Page 358 When a route prefix does not exist within the active route table matching the defined criteria, the route unknown priority event is considered true or set. Page 358 7450 ESS Router Configuration Guide...
-
Page 359: Vrrp Non-Owner Accessibility
IP address. When non-owner access Telnet is disabled on a virtual router instance, Telnet sessions destined to the non-owner virtual router instance IP addresses are silently discarded in both master and backup modes. 7450 ESS Router Configuration Guide Page 359... -
Page 360: Non-Owner Access Ssh
IP address. SSH is applicable to IPv4 VRRP only. When non-owner access SSH is disabled on a virtual router instance, SSH sessions destined to the non-owner virtual router instance IP addresses are silently discarded in both master and backup modes. Page 360 7450 ESS Router Configuration Guide... -
Page 361: Vrrp Configuration Process Overview
SPECIFY ADDRESS, SECONDARY ADDRESS(ES) SPECIFY ADDRESS, SECONDARY ADDRESS(ES) CONFIGURE VRRP OWNER/NON-OWNER INSTANCE SPECIFY BACKUP IP ADDRESS(ES) CONFIGURE VRRP PARAMETERS APPLY VRRP PRIORITY CONTROL POLICIES (optional) ENABLE Figure 13: VRRP Configuration and Implementation Flow 7450 ESS Router Configuration Guide Page 361... -
Page 362: Configuration Notes
→ In the owner mode, the backup IP address must be identical to one of the interface’s IP addresses. The backup address explicitly defines which IP addresses are in the VRRP advertisement message IP address list. Page 362 7450 ESS Router Configuration Guide... -
Page 363: Configuring Vrrp With Cli
Modifying Service and Interface VRRP Parameters on page 377 • Modifying Non-Owner Parameters on page 377 • Modifying Owner Parameters on page 377 • Deleting VRRP on an Interface or Service on page 377 7450 ESS Router Configuration Guide Page 363... -
Page 364: Vrrp Configuration Overview
The service customer account must be created prior to configuring an IES VRRP instance. • The interface address must be specified in the both the owner and non-owner IES or router interface instances. Page 364 7450 ESS Router Configuration Guide... -
Page 365: Basic Vrrp Configurations
43200 priority 100 delta exit port-down 4/1/3 priority 200 explicit exit lag-port-down 1 number-down 3 priority 50 explicit exit exit host-unreachable 10.10.24.4 drop-count 25 exit route-unknown 10.10.0.0/32 priority 50 delta exit exit ---------------------------------------------- 7450 ESS Router Configuration Guide Page 365... -
Page 366: Vrrp Ies Service Parameters
19 owner backup 10.10.36.2 authentication-type password authentication-key "testabc" exit exit interface "testing" create address 10.10.10.16/24 sap 1/1/55:0 create vrrp 12 backup 10.10.10.15 policy 1 authentication-type password authentication-key "testabc" exit exit no shutdown ---------------------------------------------- A:SR2>config>service>ies# Page 366 7450 ESS Router Configuration Guide... -
Page 367: Vrrp Router Interface Parameters
"system" address 10.10.0.4/32 exit interface "test1" address 10.10.14.1/24 secondary 10.10.16.1/24 secondary 10.10.17.1/24 secondary 10.10.18.1/24 exit interface "test2" address 10.10.10.23/24 vrrp 1 owner backup 10.10.10.23 authentication-type password authentication-key "testabc" exit exit #------------------------------------------ A:SR4>config>router# 7450 ESS Router Configuration Guide Page 367... -
Page 368: Common Configuration Tasks
In addition to the common parameters, the following non-owner commands can be configured: • master-int-inherit • priority • policy • ping-reply • preempt • telnet-reply • ssh-reply (IPv4 only) • [no] shutdown Page 368 7450 ESS Router Configuration Guide... -
Page 369: Creating Interface Parameters
A:SR1>config>router# info #------------------------------------------ echo "IP Configuration " #------------------------------------------ interface "system" address 10.10.0.1/32 exit interface "testA" address 123.123.123.123/24 exit interface "testB" address 10.10.14.1/24 secondary 10.10.16.1/24 secondary 10.10.17.1/24 secondary 10.10.18.1/24 exit router-id 10.10.0.1 #------------------------------------------ A:SR1>config>router# 7450 ESS Router Configuration Guide Page 369... -
Page 370: Configuring Vrrp Policy Components
The following displays a VRRP policy configuration example: A:SR1>config>vrrp# info ---------------------------------------------- policy 1 delta-in-use-limit 50 priority-event port-down 1/1/2 hold-set 43200 priority 100 delta exit route-unknown 0.0.0.0/0 protocol isis exit exit exit ---------------------------------------------- A:SR1>config>vrrp# Page 370 7450 ESS Router Configuration Guide... -
Page 371: Configuring Service Vrrp Parameters
The following displays a basic non-owner VRRP configuration example: A:SR2>config>service>ies# info ---------------------------------------------- interface "testing" create address 10.10.10.16/24 sap 1/1/55:0 create vrrp 12 backup 10.10.10.15 policy 1 authentication-type password authentication-key "testabc" exit exit no shutdown ---------------------------------------------- A:SR2>config>service>ies# 7450 ESS Router Configuration Guide Page 371... -
Page 372: Owner Service Vrrp
The following displays the owner VRRP configuration example: A:SR4>config>router# info #------------------------------------------ echo "IP Configuration " #------------------------------------------ interface "test2" address 10.10.10.23/24 vrrp 1 owner backup 10.10.10.23 authentication-type password authentication-key "testabc" exit exit #------------------------------------------ A:SR4>config>router# Page 372 7450 ESS Router Configuration Guide... -
Page 373: Configuring Router Interface Vrrp Parameters
A:SR2>config># info #------------------------------------------ interface "if-test" address 10.20.30.40/24 secondary 10.10.50.1/24 secondary 10.10.60.1/24 secondary 10.10.70.1/24 vrrp 1 backup 10.10.50.2 backup 10.10.60.2 backup 10.10.70.2 backup 10.20.30.41 ping-reply telnet-reply authentication-type password authentication-key "testabc" exit exit #------------------------------------------ A:SR2>config># 7450 ESS Router Configuration Guide Page 373... -
Page 374: Router Interface Vrrp Owner
Router Interface VRRP Owner The following displays router interface owner VRRP configuration example: A:SR2>config>router# info #------------------------------------------ interface "vrrpowner" address 10.10.10.23/24 vrrp 1 owner backup 10.10.10.23 authentication-type password authentication-key "testabc" exit exit #------------------------------------------ A:SR2>config>router# Page 374 7450 ESS Router Configuration Guide... -
Page 375: Vrrp Configuration Management Tasks
The following example displays the modified VRRP policy configuration: A:SR2>config>vrrp>policy# info ---------------------------------------------- delta-in-use-limit 50 priority-event port-down 1/1/2 hold-set 43200 priority 100 delta exit port-down 1/1/3 priority 200 explicit exit host-unreachable 10.10.24.4 drop-count 25 exit exit ---------------------------------------------- A:SR2>config>vrrp>policy# 7450 ESS Router Configuration Guide Page 375... -
Page 376: Deleting A Vrrp Policy
VRRP policies are Applied applied to an entity. A:SR2# =============================================================================== VRRP Policies =============================================================================== Policy Current Current Current Delta Applied Priority & Effect Explicit Delta Sum Limit ------------------------------------------------------------------------------- 200 Explicit None None None None =============================================================================== A:SR2# Page 376 7450 ESS Router Configuration Guide... -
Page 377: Modifying Service And Interface Vrrp Parameters
The following example displays the command usage to delete a VRRP instance from an interface or IES service: Example: config>service#ies 10 config>service>ies# interface “test” config>service>ies>if# vrrp 1 config>service>ies>if>vrrp# shutdown config>service>ies>if>vrrp# exit config>service>ies>if# no vrrp 1 config>service>ies>if# exit all 7450 ESS Router Configuration Guide Page 377... - Page 378 Modifying Service and Interface VRRP Parameters Page 378 7450 ESS Router Configuration Guide...
-
Page 379: Vrrp Command Reference
• Priority Control Event Policy Commands on page 380 • Show Commands on page 382 • Monitor Commands on page 382 • Clear Commands on page 382 • Debug Commands on page 382 7450 ESS Router Configuration Guide Page 379... - Page 380 — vrrp — [no] policy policy-id [context service-id] — delta-in-use-limit limit — no delta-in-use-limit — description description string — no description — [no] priority-event — [no] host-unreachable ip-address — [no] host-unreachable ipv6-address Page 380 7450 ESS Router Configuration Guide...
- Page 381 — [no] next-hop ip-address — priority priority-level [delta | explicit] — no priority — protocol protocol — no protocol[protocol] — [no] protocol ospf — [no] protocol isis — [no] protocol — [no] protocol static 7450 ESS Router Configuration Guide Page 381...
- Page 382 — no events — no events interface ip-int-name [vrid virtual-router-id] — packets — packets interface ip-int-name [vrid virtual-router-id] — packets — no packets — no packets interface ip-int-name [vrid virtual-router-id] — no packets Page 382 7450 ESS Router Configuration Guide...
-
Page 383: Configuration Commands
— The authentication key. Allowed values are any string up to 8 characters long composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, etc.), the entire string must be enclosed within double quotes. 7450 ESS Router Configuration Guide Page 383... -
Page 384: Interface Configuration Commands
IP address from a given parental local subnet. Multiple virtual router instances can define a virtual router IP address from the same local subnet as long as each is a different IP address. Page 384 7450 ESS Router Configuration Guide... - Page 385 Parent IP addresses: 10.10.10.10/24 11.11.11.11/24 Virtual router IP addresses: 10.10.10.11 Invalid (not equal to parent IP address) 10.10.10.10 Associated (same as parent IP address 10.10.10.10) 10.10.11.11 Invalid (not equal to parent IP address) 7450 ESS Router Configuration Guide Page 385...
- Page 386 Parent Primary or Secondary IP Address Removal — When a virtual router IP address is successfully set, but removing the associated parent IP interface IP address is attempted and fails. All virtual router IP addresses associated with the parental IP interface IP address must be deleted prior Page 386 7450 ESS Router Configuration Guide...
- Page 387 BFD session. dst-ip ip-address — Specifies the destination address to be used for the BFD session. init-delay Syntax init-delay seconds no init-delay Context config>router>if>vrrp Description This command configures a VRRP initialization delay timer. 7450 ESS Router Configuration Guide Page 387...
- Page 388 The master-int-inherit command is only available in the non-owner nodal context and is used to allow the current virtual router instance master to dictate the master down timer for all backup virtual Page 388 7450 ESS Router Configuration Guide...
- Page 389 (3x (in-use message interval) + skew time) The skew time portion is used to slow down virtual routers with relatively low priority values when competing in the master election process. 7450 ESS Router Configuration Guide Page 389...
- Page 390 Values IPv4: 1 — 255 milliseconds milliseconds — Specifies the time interval, in milliseconds, between sending advertisement messages. This parameter is not supported on the 7750 SR-1 or 7450 ESS-1 chassis. Values 100 — 900...
- Page 391 — The base priority used by the virtual router instance expressed as a decimal integer. If no VRRP priority control policy is defined, the base-priority is the in-use priority for the virtual router instance. Values 1 — 254 7450 ESS Router Configuration Guide Page 391...
- Page 392 Non-Owner Virtual Router — Non-owner virtual router instances can be administratively shutdown. This allows the termination of VRRP participation in the virtual router and stops all routing and other access capabilities with regards to the virtual router IP addresses. Shutting down the Page 392 7450 ESS Router Configuration Guide...
- Page 393 The no form of the command discards all SSH request messages destined to the non-owner virtual router instance IP addresses. Default no ssh-reply — SSH requests to the virtual router instance IP addresses are discarded. 7450 ESS Router Configuration Guide Page 393...
- Page 394 The no form of the command configures discarding all Telnet request messages destined to the non- owner virtual router instance IP addresses. Default no telnet-reply — Telnet requests to the virtual router instance IP addresses are discarded. Page 394 7450 ESS Router Configuration Guide...
- Page 395 When this is the case, the virtual router instance is not associated with an IP address. The operational state of the virtual router instance is down. VRRP Owner Command Exclusions — By specifying the VRRP vrid as owner, The following commands are no longer available: 7450 ESS Router Configuration Guide Page 395...
- Page 396 Once created as owner, a vrid on an IP interface cannot have the owner parameter removed. The vrid must be deleted and than recreated without the owner keyword to remove ownership. Page 396 7450 ESS Router Configuration Guide...
-
Page 397: Priority Policy Commands
Setting the in-use-priority-limit to a value equal to or larger than the virtual router instance base- priority prevents the delta priority control events from having any effect on the virtual router instance in-use priority value. Values 1 — 254 7450 ESS Router Configuration Guide Page 397... - Page 398 The policy-id must be removed first from all virtual router instances before the no policy command can be issued. If the policy-id is associated with a virtual router instance, the command will fail. Default none Page 398 7450 ESS Router Configuration Guide...
- Page 399 A priority control event specifies an object to monitor and the effect on the in-use priority level for an associated virtual router instance. Up to 32 priority control events can be configured within the priority-event node. The no form of the command clears any configured priority events. 7450 ESS Router Configuration Guide Page 399...
-
Page 400: Priority Policy Event Commands
It is possible, on some event types, to have another set action reload the hold-set timer. This extends the amount of time that must expire before entering the cleared state. Page 400 7450 ESS Router Configuration Guide... - Page 401 If the priority command is not configured on the priority event, the priority-value defaults to 0 and the qualifier keyword defaults to delta, thus, there is no impact on the in-use priority. The no form of the command reverts to the default values. 7450 ESS Router Configuration Guide Page 401...
- Page 402 VRRP virtual router instance depending on the operational state of the event. Parameters tunnel-grp-id — Identifies the multi-chassis IPSec tunnel group whose non-forwarding state is monitored by this priority control event. Page 402 7450 ESS Router Configuration Guide...
-
Page 403: Priority Policy Port Down Event Commands
The events hold-set timer has no effect on the removal procedure. Default no port-down — No port down priority control events are defined. Parameters port-id — The port ID of the port monitored by the VRRP priority control event. 7450 ESS Router Configuration Guide Page 403... - Page 404 If the port is not provisioned, the event operational state is Set – non-provisioned. If the POS interface is configured as a clear-channel, the channel-id is 1 and the channel bandwidth is the full bandwidth of the port. Page 404 7450 ESS Router Configuration Guide...
-
Page 405: Priority Policy Lag Events Commands
If the event clears and becomes set again before the hold set timer expires, the timer is reset to the hold-set value, extending the time before another clear can take effect. 7450 ESS Router Configuration Guide Page 405... - Page 406 A number-down node is not required for each possible number of ports that could be down. The active threshold is always the closest lower threshold. When the number of ports down equals a given threshold, that is the active threshold. Page 406 7450 ESS Router Configuration Guide...
- Page 407 LAG equals or exceeds number-of- lag-ports-down, but does not equal or exceed the next highest configured number-of-lag-ports- down. Values 1 — 64 (for 64-link LAG) 1 — 32 (for other LAGs) 7450 ESS Router Configuration Guide Page 407...
-
Page 408: Priority Policy Host Unreachable Event Commands
A host unreachable priority event creates a continuous ICMP echo request (ping) probe to the specified ip-address. If a ping fails, the event is considered to be set. If a ping is successful, the event is considered to be cleared. Page 408 7450 ESS Router Configuration Guide... - Page 409 When an event transitions from clear to set, the set is processed ediately and must be reflected in the associated virtual router instances in-use priority value. As the event transitions from clear to set, a hold set timer is loaded with the value configured by the events hold-set command. This timer 7450 ESS Router Configuration Guide Page 409...
- Page 410 Context config>vrrp>priority-event>host-unreachable Description This command allows the operator to increase the size of IP packet by padding the PDU. The no form of the command reverts to the default. Page 410 7450 ESS Router Configuration Guide...
- Page 411 The no form of the command reverts to the default value. Default 7450 ESS Router Configuration Guide Page 411...
- Page 412 — The number of seconds before an ICMP echo request message is timed out. Once a message is timed out, a reply with the same identifier and sequence number is discarded. Values 1 — 60 Page 412 7450 ESS Router Configuration Guide...
- Page 413 The next-hop command is optional. If no next-hop ip-address commands are configured, the comparison between the RTM prefix return and the route-unknown IP route prefix are not included in the next hop information. 7450 ESS Router Configuration Guide Page 413...
- Page 414 — This parameter defines IS-IS as an eligible route source for a returned route prefix from the RTM when looking up the route-unknown route prefix. The is-is parameter is not exclusive from the other available protocol parameters. If protocol is executed without the is-is parameter, Page 414 7450 ESS Router Configuration Guide...
- Page 415 Set – inactive The route exists in the route table but is not being used. Set – wrong next hop The route exists in the route table but does not meet the next-hop requirements. 7450 ESS Router Configuration Guide Page 415...
- Page 416 — The subnet mask length expressed as a decimal integer associated with the IP prefix defining the route prefix to be monitored by the route unknown priority control event. Values 0 — 32 Page 416 7450 ESS Router Configuration Guide...
- Page 417 ICMP echo request messages it generates. This allows received ICMP echo reply messages to be directed to the appropriate sending application. Values ip-prefix/mask: ip-prefix a.b.c.d (host bits must be 0) mask 0 — 32 7450 ESS Router Configuration Guide Page 417...
- Page 418 Priority Policy Route Unknown Event Commands Page 418 7450 ESS Router Configuration Guide...
-
Page 419: Show Commands
Down — Indicates that the administrative state of the VRRP instance is down. Up — Indicates that the operational state of the VRRP instance is up. Down — Indicates that the operational state of the VRRP instance is down. 7450 ESS Router Configuration Guide Page 419... - Page 420 VRRP master with a lower priority. No — The preempt mode is disabled and prevents the non-owner vir- tual router instance from preempting another, less desirable virtual router. Page 420 7450 ESS Router Configuration Guide...
- Page 421 Master Since to master. For a backup virtual router, this value specifies the date and time when it received the first VRRP advertisement message from the virtual router which is the current master. 7450 ESS Router Configuration Guide Page 421...
- Page 422 Mesg Intvl Discards : 0 Mesg Intvl Errors : 0 Addr List Discards Addr List Errors Auth Type Mismatch Auth Failures Invalid Auth Type Invalid Pkt Type IP TTL Errors Pkt Length Errors : 0 Page 422 7450 ESS Router Configuration Guide...
- Page 423 When multiple explicitly defined events associated with the priority Current Explicit control policy happen simultaneously, the lowest value of all the cur- rent explicit priorities will be used as the in-use priority for the virtual router. 7450 ESS Router Configuration Guide Page 423...
- Page 424 If the delta priority event is cleared, the priority-level is no longer used in the in-use priority calculation. Page 424 7450 ESS Router Configuration Guide...
- Page 425 If the delta priority event is cleared, the priority-level is no longer used in the in-use priority calculation. 7450 ESS Router Configuration Guide Page 425...
- Page 426 Event Type & ID Event Oper State Hold Set Priority In Remaining &Effect ------------------------------------------------------------------------------- Host Unreach 10.10.200.252 Expired 20 Del Host Unreach 10.10.200.253 Expired 10 Del Route Unknown 10.10.100.0/24 Expired 1 Exp =============================================================================== A:ALA-A# Page 426 7450 ESS Router Configuration Guide...
- Page 427 Down — Indicates that the operational state of the VRRP instance is down. The base priority used by the virtual router instance. Base Pri The current in-use priority associated with the VRRP virtual router InUse Priority instance. 7450 ESS Router Configuration Guide Page 427...
- Page 428 Yes — The event is currently affecting the in-use priority of some Value In Use virtual router. Page 428 7450 ESS Router Configuration Guide...
- Page 429 Priority Control Event Host Unreachable 10.10.200.252 ------------------------------------------------------------------------------- Priority : 20 Priority Effect : Delta Interval : 1 sec Timeout : 1 sec Drop Count Hold Set Config : 0 sec Hold Set Remaining: Expired 7450 ESS Router Configuration Guide Page 429...
-
Page 430: Table 7: Show Vrrp Statistics Output
Table 7: Show VRRP Statistics Output Label Description Displays the number of virtual router ID errors. VR Id Errors Displays the number of version errors. Version Errors Displays the number of checksum errors. Checksum Errors Page 430 7450 ESS Router Configuration Guide... - Page 431 VRRP Sample Output A:ALA-48# show router vrrp statistics =============================================================================== VRRP Global Statistics =============================================================================== VR Id Errors Version Errors Checksum Errors =============================================================================== A:ALA-48# 7450 ESS Router Configuration Guide Page 431...
-
Page 432: Monitor Commands
Mesg Intvl Errors : 0 Addr List Discards Addr List Errors Auth Type Mismatch Auth Failures Invalid Auth Type Invalid Pkt Type IP TTL Errors Pkt Length Errors : 0 Total Discards =============================================================================== *A:ALA-A# Page 432 7450 ESS Router Configuration Guide... -
Page 433: Clear Commands
— Clears the VRRP statistics for all VRRP instances on the specified IP inter- face. vrid virtual-router-id — Clears the VRRP statistics for the specified VRRP instance on the IP inter- face. Default All VRRP instances on the IP interface. Values 1 — 255 7450 ESS Router Configuration Guide Page 433... - Page 434 Clear Commands policy [vrrp-policy-id] — Clears VRRP statistics for all or the specified VRRP priority control pol- icy. Default All VRRP policies. Values 1 — 9999 Page 434 7450 ESS Router Configuration Guide...
-
Page 435: Vrrp Debug Commands
Context debug>router>vrrp Description This command enables debugging for VRRP packets. The no form of the command disables debugging. Parameters ip-int-name — Displays the specified interface name. vrid virtual-router-id — Displays the specified VRID. 7450 ESS Router Configuration Guide Page 435... - Page 436 VRRP Debug Commands Page 436 7450 ESS Router Configuration Guide...
-
Page 437: Filter Policies
ISID MAC Filters on page 453 → VID MAC filters on page 454 → Redirect Policies on page 458 → HTTP-redirect (Captive Portal) on page 460 → Filter Policies and Dynamic, Policy-Driven Interfaces on page 462 7450 ESS Router Configuration Guide Page 437... -
Page 438: Acl Filter Policy Overview
If a packet does not match the entry parameters, the packet is compared to the next higher numerical filter entry rule and so on. If Page 438 7450 ESS Router Configuration Guide... -
Page 439: Filter Policy Basics
Filter Policy Packet Match Criteria This section defines packet match criteria supported on SROS-based routers/switches for IPv4, and MAC filters. Types of criteria supported depends on the hardware platform and filter direction, please see your Alcatel-Lucent representative for further details. General notes: •... - Page 440 — Match for the presence of IP Option 3 or 9 (Loose or Strict Source Route) in the first 3 IP Options of the IPv4 packet. A packet will also match this rule if the packet has more than 3 IP Options. Page 440 7450 ESS Router Configuration Guide...
-
Page 441: Mac Filter Policy Entry Match Criteria
This match criterion is mutually exclusive with all the other match criteria under a particular mac-filter policy and is applicable to MAC filters of type isid only. The resulting mac-filter can only be applied on a BVPLS SAP or PW in the egress direction. 7450 ESS Router Configuration Guide Page 441... - Page 442 In “VID MAC filters” subsection later-on this. This match criterion is mutually exclusive with all other match criteria under a particular mac-filter policy and is applicable to MAC filters of type vid only. Page 442 7450 ESS Router Configuration Guide...
-
Page 443: Filter Policy Actions
IPv4 and MAC filter policies deployed in VPLS service. The SDP traffic is to egress on must be in the same VPLS service as the incoming interface. If the configured SDP is down, traffic is dropped. 7450 ESS Router Configuration Guide Page 443... -
Page 444: Filter Policy Statistics
If a filter policy is not downloaded to any line card, the statistics show 0 (zero). If a filter policy is Page 444 7450 ESS Router Configuration Guide... -
Page 445: Filter Policy Logging
(filter-sample). 7450 ESS Router Configuration Guide Page 445... -
Page 446: Filter Policy Management
“overwrite” option during the copy command. Filter copy can be used, for example, when creating new policies from existing policies or when modifying an existing filter policy (an existing source policy is copied to a new destination policy, the new Page 446 7450 ESS Router Configuration Guide... -
Page 447: Filter Policy Advanced Topics
The same match list can be used in one or more IOM filter policies as well as CPM filter policies. 7450 ESS Router Configuration Guide Page 447... -
Page 448: Figure 15: Iom/Cpm Filter Policy Using An Address Prefix Match List
Please refer to SROS Release Notes for what objects can be grouped into a filter match list for IOM and CPM filter policies. Page 448 7450 ESS Router Configuration Guide... - Page 449 An operator must free resources and change filter policy configuration or must change BGP configuration to recover from this failure. 7450 ESS Router Configuration Guide Page 449...
-
Page 450: Embedded Filters
(for example when other filter policy entries are dynamically configured by applications like RADIUS in parallel). If that is the case, the embedded filter policy configured will be de-activated (configuration will be changed from activate to inactivate). Page 450 7450 ESS Router Configuration Guide... -
Page 451: Filter Policies
Entry 50 Entry 70 Entry 70 Entry 100 Entry 80 Entry 300 al_0167 Figure 16: Embedded Filter Policy NOTE: Embedded filter policies are supported for line card IP(v4) and IPv6 filter policies only. 7450 ESS Router Configuration Guide Page 451... -
Page 452: System-Level Ipv4/Ipv6 Line Card Filter Policy
# Configure system-policy ip-filter 1 create scope system entry 5 create match protocol * fragment true exit action drop exit exit # Activate it system-filter ip 1 exit # Use it in another filter: Page 452 7450 ESS Router Configuration Guide... -
Page 453: Network-Port Vprn Filter Policy
PBB BEB with unicast BMAC destination may be flooded in the BVPLS context as unknown unicast in the BVPLS context for both IVPLS and PBB Epipe. To restrict distribution of this traffic for local PBB services ISID filters can be deployed. The mac-filter configured with 7450 ESS Router Configuration Guide Page 453... -
Page 454: Vid Mac Filters
Service 3 illustrates single non-service delimiting tags on ingress and to two tags with one non-service delimiting tag on ingress and egress. Page 454 7450 ESS Router Configuration Guide... -
Page 455: Figure 17: Vid Filtering Examples
Tag Available for Matching and Indication of Which Match Criteria to Use OSSG735 Figure 17: VID Filtering Examples VID filters are available on Ethernet SAPs for Epipe, VPLS or I-VPLS including eth-tunnel and eth-ring services. 7450 ESS Router Configuration Guide Page 455... - Page 456 QinQ frames with a null second tag. Using this in combination with VID filters is not recommended. Note that the outer-tag is the only tag available for filtering on egress for frames arriving from MPLS SDPs or from PBB services even though additional tags may be carried transparently. Page 456 7450 ESS Router Configuration Guide...
-
Page 457: Figure 18: Port Groups
In the example, port A sap 1/1/1:1.* would have a filter as shown below while port A sap 1/1/1:2.* would not.: mac-filter 4 create default-action forward type vid entry 1 create match frame-type ethernet_II outer-tag 30 4095 exit action drop exit exit 7450 ESS Router Configuration Guide Page 457... -
Page 458: Redirect Policies
Redirect policy is supported for ingress IPv4 filter policies only. • Different platforms support different scale for redirect policies. Please contact your local Alcatel-Lucent representative to ensure the planned deployment does not exceed recommended scale. Router Instance Support for Redirect Policies There are two modes of deploying redirect policies on VPRN interfaces. - Page 459 Feature caveats: • Only unicast-rt-test and ping-test are supported when router option is enabled. 7450 ESS Router Configuration Guide Page 459...
-
Page 460: Http-Redirect (Captive Portal)
5. The customer’s web browser will then close the original connection and open a new connec- tion to the web portal. 6. The web portal updates the ACL (directly or through SSC) to remove the redirection policy. 7. The customer connects to the original site. Page 460 7450 ESS Router Configuration Guide... -
Page 461: Figure 19: Web Redirect Traffic Flow
$CID — A string that represents the circuit-id or interface-id of the subscriber host (hexadecimal format). • $RID — A string that represents the remote-id of the subscriber host (hexadecimal format). • $SAPDESC – A configurable string that represents the configured SAP description. 7450 ESS Router Configuration Guide Page 461... -
Page 462: Filter Policies And Dynamic, Policy-Driven Interfaces
For OpenFlow, embedded filter infrastructure is used to inject OpenFlow rules into an existing filter policy. Please see “Hybrid OpenFlow Switch” section for more details. Policy-controlled auto-created filters are recreated on system reboot. Policy-controlled filter- entries are lost on system reboot and need to be reprogrammed. Page 462 7450 ESS Router Configuration Guide... -
Page 463: Configuring Filter Policies With Cli
Renumbering Filter Policy Entries on page 482 → Modifying a Filter Policy on page 484 → Deleting a Filter Policy on page 486 → Deleting a Filter Policy on page 486 → Copying Filter Policies on page 489 7450 ESS Router Configuration Guide Page 463... -
Page 464: Basic Configuration
20 create match protocol 6 tcp-syn true tcp-ack false exit action drop exit exit ---------------------------------------------- A:ALA-1>config>filter# Ingress Filter ALA-1 TCP Connection OSRG007 Figure 20: Applying an IP Filter to an Ingress Interface Page 464 7450 ESS Router Configuration Guide... -
Page 465: Common Configuration Tasks
At least one filter entry with matching criteria specified • Optionally, an existing filter policy can have a Filter Name assigned, that can then be used in CLI to reference that filter policy including assigning it to SAPs and/or network interfaces. 7450 ESS Router Configuration Guide Page 465... -
Page 466: Ip Filter Policy
Creating an IP Filter Policy IP Filter Policy The following displays an exclusive filter policy configuration example: A:ALA-7>config>filter# info ---------------------------------------------- ip-filter 12 create description "IP-filter" scope exclusive exit ---------------------------------------------- A:ALA-7>config>filter# Page 466 7450 ESS Router Configuration Guide... -
Page 467: Ip Filter Entry
Specify matching criteria. The following displays an IP filter entry configuration example. A:ALA-7>config>filter>ip-filter# info ---------------------------------------------- description "filter-main" scope exclusive entry 10 create description "no-91" match dst-ip 10.10.10.91/24 src-ip 10.10.0.100/24 exit no action exit ---------------------------------------------- A:ALA-7>config>filter>ip-filter# 7450 ESS Router Configuration Guide Page 467... - Page 468 Configuring the HTTP-Redirect Option If http-redirect is specified as an action, a corresponding forward entry must be specified before the redirect. Note that http-redirect is not supported on 7750 SR-1 or 7450 ESS-1 models. The following displays an http-redirect configuration example: A:ALA-48>config>filter>ip-filter# info...
- Page 469 IP interface is set to cflowd interface mode. The following displays an IP filter entry configuration example: A:ALA-7>config>filter>ip-filter# info ---------------------------------------------- description "filter-main" scope exclusive entry 10 create description "no-91" no filter-sample no interface-disable-sample match exit action forward redirect-policy redirect1 exit ---------------------------------------------- A:ALA-7>config>filter>ip-filter# 7450 ESS Router Configuration Guide Page 469...
-
Page 470: Creating A Mac Filter Policy
At least one filter entry. • Matching criteria specified. MAC Filter Policy The following displays an MAC filter policy configuration example: A:ALA-7>config>filter# info ---------------------------------------------- mac-filter 90 create description "filter-west" scope exclusive type normal exit ---------------------------------------------- A:ALA-7>config>filter# Page 470 7450 ESS Router Configuration Guide... -
Page 471: Mac Isid Filter Policy
90 create description "filter-wan-man" scope template type isid entry 1 create description "drop-local-isids" match isid 100 to 1000 exit action drop exit entry 2 create description "allow-wan-isids" match isid 150 exit action forward exit 7450 ESS Router Configuration Guide Page 471... -
Page 472: Mac Vid Filter Policy
---------------------------------------------- default-action forward type vic entry 1 create match frame-type ethernet_II ouiter-tag 85 4095 exit action drop exit entry 2 create match frame-type ethernet_II ouiter-tag 43 4095 exit action drop exit ---------------------------------------------- A:TOP_NODE>config>filter>mac-filter# Page 472 7450 ESS Router Configuration Guide... -
Page 473: Mac Filter Entry
Assign an action, either drop or forward. • Specify matching criteria. The following displays a MAC filter entry configuration example: A:sim1>config>filter# info ---------------------------------------------- mac-filter 90 create entry 1 create description "allow-104" match exit action drop exit exit ---------------------------------------------- A:sim1>config>filter# 7450 ESS Router Configuration Guide Page 473... -
Page 474: Creating A Match List For Filter Policies
---------------------------------------------- match-list ip-prefix-list "IPv4PrefixBlacklist" description "default IPv4 prefix blacklist" prefix 10.0.0.0/21 prefix 10.254.0.0/24 exit exit ip-filter 10 scope template filter-name "IPv4PrefixBlacklistFilter" entry 10 match src-ip ip-prefix-list IPv4PrefixBlacklist exit action drop exit exit --------------------------------------------- Page 474 7450 ESS Router Configuration Guide... -
Page 475: Applying Filter Policies
Epipe SAP, spoke SDP Epipe SAP, spoke SDP Fpipe SAP, spoke SDP IES interface SAP Ipipe SAP, spoke SDP VPLS mesh SDP, spoke SDP, SAP VPLS mesh SDP, spoke SDP, SAP VPRN interface SAP, spoke SDP 7450 ESS Router Configuration Guide Page 475... -
Page 476: Apply Ip (V4) And Mac Filter Policies To A Service
1/1/1.1.1 create ingress filter ip 10 exit egress filter mac 92 exit exit spoke-sdp 8:8 create ingress filter ip “epipe sap default filter” exit egress filter mac 91 exit exit no shutdown ---------------------------------------------- A:ALA-48>config>service>epipe# Page 476 7450 ESS Router Configuration Guide... -
Page 477: Applying (Ipv4) Filter Policies To A Network Port
The following displays an IP filter applied to an interface at ingress. A:ALA-48>config>router# info #------------------------------------------ # IP Configuration #------------------------------------------ interface "to-104" address 10.0.0.103/24 port 1/1/1 ingress filter ip 10 exit egress filter ip “default network egress policy” exit exit #------------------------------------------ A:ALA-48>config>router# 7450 ESS Router Configuration Guide Page 477... -
Page 478: Creating A Redirect Policy
95 ping-test timeout 30 drop-count 5 exit no shutdown exit destination 10.10.10.106 create priority 90 url-test "URL_to_106" url "http://aww.alcatel.com/ipd/" interval 60 return-code 2323 4567 raise-priority 96 exit no shutdown exit ---------------------------------------------- A:ALA-7>config>filter# Page 478 7450 ESS Router Configuration Guide... -
Page 479: Configuring Policy-Based Forwarding For Deep Packet Inspection In Vpls
SAP 1/1/23:5 (which it should not). Figure shows an example to configure policy-based forwarding for deep packet inspection on a VPLS service. For information about configuring services, refer to the 7450 ESS OS Services Guide. DPI Box... - Page 480 The following displays a MAC filter configuration example: *A:ALA-48>config>filter# info ---------------------------------------------- mac-filter 100 create default-action forward entry 10 create match dot1p 7 7 exit log 101 action forward sap 1/1/22:1 exit exit ---------------------------------------------- *A:ALA-48>config>filter# Page 480 7450 ESS Router Configuration Guide...
- Page 481 1/1/21:1 split-horizon-group "split" create disable-learning static-mac 00:00:00:31:11:01 create exit sap 1/1/22:1 split-horizon-group "dpi" create disable-learning static-mac 00:00:00:31:12:01 create exit sap 1/1/23:5 create static-mac 00:00:00:31:13:05 create exit spoke-sdp 3:5 create exit no shutdown exit ..---------------------------------------------- *A:ALA-48>config>service# 7450 ESS Router Configuration Guide Page 481...
-
Page 482: Filter Management Tasks
10 15 config>filter>ip-filter# renum 20 10 config>filter>ip-filter# renum 40 1 The following displays the original filter entry order on the left side and the reordered filter entries on the right side: Page 482 7450 ESS Router Configuration Guide... - Page 483 40 create exit match entry 30 create dst-ip 10.10.10.91/24 match src-ip 10.10.10.106/24 dst-ip 10.10.10.91/24 exit src-ip 10.10.0.200/24 action drop exit exit action forward exit exit exit ---------------------------------------------- A:ALA-7>config>filter# ---------------------------------------------- A:ALA-7>config>filter# 7450 ESS Router Configuration Guide Page 483...
-
Page 484: Modifying A Filter Policy
10.10.10.91/24 src-ip 10.10.10.106/24 exit action drop exit entry 2 create description "new entry" match dst-ip 10.10.10.104/32 exit action drop exit entry 10 create match dst-ip 10.10.10.91/24 src-ip 10.10.0.100/24 exit action drop exit Page 484 7450 ESS Router Configuration Guide... - Page 485 Filter Policies entry 15 create description "no-91" match dst-ip 10.10.10.91/24 src-ip 10.10.10.103/24 exit action forward exit entry 30 create match dst-ip 10.10.10.91/24 src-ip 10.10.0.200/24 exit action forward exit exit ---------------------------------------------- A:ALA-7>config>filter# 7450 ESS Router Configuration Guide Page 485...
-
Page 486: Deleting A Filter Policy
1/1/2:3 config>service>epipe>sap# ingress config>service>epipe>sap>ingress# no filter After you have removed the filter from the SAPs network interfaces, you can delete the filter as shown in the following example. Example config>filter# no ip-filter 11 Page 486 7450 ESS Router Configuration Guide... -
Page 487: Modifying A Redirect Policy
5 exit no shutdown exit destination 10.10.10.106 create priority 90 url-test "URL_to_Proxy" url "http://www.alcatel.com" interval 10 timeout 10 return-code 1 4294967295 raise-priority 255 exit no shutdown exit no shutdown exit ---------------------------------------------- A:ALA-7>config>filter# 7450 ESS Router Configuration Guide Page 487... -
Page 488: Deleting A Redirect Policy
A:ALA-7>config>filter>ip-filter# info ---------------------------------------------- description "This is new" scope exclusive entry 1 create filter-sample interface-disable-sample match dst-ip 10.10.10.91/24 src-ip 10.10.10.106/24 exit action forward redirect-policy redirect2 exit entry 2 create description "new entry" ---------------------------------------------- A:ALA-7>config>filter>ip-filter# Page 488 7450 ESS Router Configuration Guide... -
Page 489: Copying Filter Policies
2 create ip-filter 12 create description "This is new" scope exclusive entry 1 create match dst-ip 10.10.10.91/24 src-ip 10.10.10.106/24 exit action drop exit entry 2 create ---------------------------------------------- A:ALA-7>config>filter# 7450 ESS Router Configuration Guide Page 489... - Page 490 Copying Filter Policies Page 490 7450 ESS Router Configuration Guide...
-
Page 491: Filter Command Reference
— action drop — no action — option dhcp-option-number {present | absent} — option dhcp-option-number match hex hex-string [exact] [invert- match] — option dhcp-option-number match string ascii-string [exact] [invert- match] — no option 7450 ESS Router Configuration Guide Page 491... - Page 492 — no dst-ip — dst-port {lt | gt | eq} dst-port-number — dst-port port-list-name — dst-port range dst-port-number dst-port-number — no dst-port — fragment {true|false|first-only|non-first-only} — no fragment — icmp-code icmp-code — no icmp-code Page 492 7450 ESS Router Configuration Guide...
- Page 493 — no sub-insert-credit-control — sub-insert-radius start-entry entry-id count count — no sub-insert-radius — sub-insert-shared-radius start-entry entry-id count count — no sub-insert-shared-radius — sub-insert-wmark low low-watermark high high-watermark — no sub-insert-wmark 7450 ESS Router Configuration Guide Page 493...
- Page 494 {lt | gt | eq} dst-port-number — dst-port port-list port-list-name — dst-port range dst-port-number dst-port-number — no dst-port — esp-ext-hdr {true | false } — no esp-ext-hdr — flow-label flow-label [mask] — no flow-label — fragment {true|false|first-only|non-first-only} Page 494 7450 ESS Router Configuration Guide...
- Page 495 System Filter Policy Commands config — filter — system-filter — filter-id — no filter-id — ipv6 filter-id — no ipv6 filter-id Log Filter Commands config — filter — log-id [create] — no log-id 7450 ESS Router Configuration Guide Page 495...
- Page 496 — no description — destination memory num-entries | syslog syslog-id — no destination — [no] shutdown — summary — [no] shutdown — summary-crit dst-addr — summary-crit src-addr — no summary-crit — [no] wrap-around Page 496 7450 ESS Router Configuration Guide...
-
Page 497: Mac Filter Commands
— no snap-pid — ssap ssap-value [ssap-mask] — no ssap — src-mac ieee-address [ieee-address-mask] — no src-mac — renum old-entry-id new-entry-id — scope {exclusive | template} — no scope — type filter-type 7450 ESS Router Configuration Guide Page 497... - Page 498 — [no] prefix ipv6-prefix/prefix-length — port-list port-list-name create — no port-list port-list-name — description description-string — no description — [no] port port number — [no] port range start end — no port Page 498 7450 ESS Router Configuration Guide...
- Page 499 [return-code-2] [disable | lower- priority priority | raise-priority priority] — no return-code return-code-1 [return-code-2] — timeout seconds — no timeout — url-string [http-version version-string] — no — [no] router [router-instance | service-name service-name] — [no] shutdown 7450 ESS Router Configuration Guide Page 499...
- Page 500 [entry entry-id] [ingress | egress] Monitor Commands monitor — filter ip ip-filter-id entry entry-id [interval seconds] [repeat repeat] [absolute | rate] — filter mac mac-filter-id entry entry-id [interval seconds] [repeat repeat] [absolute | rate] Debug Commands tools Page 500 7450 ESS Router Configuration Guide...
- Page 501 Filter Policies — dump — filter —Redirect policy commands — resources — — — <filter-id> — ipv6 <filter-id> — <filter-id> 7450 ESS Router Configuration Guide Page 501...
- Page 502 Command Hierarchies Page 502 7450 ESS Router Configuration Guide...
-
Page 503: Configuration Commands
— The description character string. Allowed values are any string up to 80 characters long composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, etc.), the entire string must be enclosed within double quotes. 7450 ESS Router Configuration Guide Page 503... -
Page 504: Global Filter Commands
— A string of up to 64 characters uniquely identifying this filter policy. ipv6-filter Syntax ipv6-filter filter-id [create] ip-filter {filter-id | filter-name} no ipv6-filter ipv6-filter-id Context config>filter Page 504 7450 ESS Router Configuration Guide... - Page 505 — Keyword required when first creating the configuration context. Once the context is created, one can navigate into the context without the create keyword. filter-name — A string of up to 64 characters uniquely identifying this filter policy. redirect-policy Syntax [no] redirect-policy redirect-policy-name Context config>filter 7450 ESS Router Configuration Guide Page 505...
- Page 506 1000 entries. The number of entries and wrap-around behavior can be modified. Default log 101 Parameters log-id — The filter log ID destination expressed as a decimal integer. Values 101 — 199 Page 506 7450 ESS Router Configuration Guide...
- Page 507 — The option must (partially) match a specified ASCII string. Values Up to 127 characters exact — This option requires an exact match of a hex or ascii string. invert-match — Requires the option not to (partially) match. 7450 ESS Router Configuration Guide Page 507...
- Page 508 Unlike other commands and parameters where the default state will not be indicated in the configuration file, shutdown and no shutdown are always indicated in system generated configuration files. The no form of the command puts an entity into the administratively enabled state. Default no shutdown Page 508 7450 ESS Router Configuration Guide...
- Page 509 The no form of the command configures the memory filter log to accept filter log entries until full. When the memory filter log is full, filter logging for the log filter ID ceases. Default wrap-around 7450 ESS Router Configuration Guide Page 509...
- Page 510 OF in VPRN/VPLS filters by embedding rules with sros-cookie:type “service-cookie”, value service-id from the specified OFS instance with switch-defined-cookie enabled – per service rules. The embedding filter can only be deployed in the specified VPRN/VPLS service. Note that a single Page 510 7450 ESS Router Configuration Guide...
- Page 511 (but not info detail), or when saving configuration. inactive — Specifies that no embedded filter policy entries are to be included in this embedded filter policy. The embedding is configured but will not do anything. 7450 ESS Router Configuration Guide Page 511...
- Page 512 — When the scope of a policy is defined as system, the policy defines system-wide filter rules. To apply system policy rules, activate system filter and chain exclusive/template ACL filter policy to the system filter. The system scope is supported for IP and IPv6 filter policies only. Page 512 7450 ESS Router Configuration Guide...
- Page 513 — Specifies the count. Values 1 — 65535 sub-insert-radius Syntax sub-insert-radius start-entry entry-id count count no sub-insert-radius Context config>filter>ip-filter config>filter>ipv6-filter Description This command insert point information for RADIUS for the filter. 7450 ESS Router Configuration Guide Page 513...
- Page 514 Default none Parameters low low-watermark — Specifies the utilization of the filter ranges for filter entry insertion, at which a table full alarm will be cleared by the agent. Values 0 — 100 Page 514 7450 ESS Router Configuration Guide...
- Page 515 — Regular match criteria are allowed; ISID or VID filter match criteria not allowed. isid — Only ISID match criteria are allowed. vid — On.y VID match criteria are allowed on ethernet_II frame types. 7450 ESS Router Configuration Guide Page 515...
-
Page 516: General Filter Entry Commands
This command chains this filter to a currently active system filter. When the filter is chained to the system filter, the system filter rules are executed first, and the filter rules are only evaluated if no match on the system filter was found. Page 516 7450 ESS Router Configuration Guide... - Page 517 The no form of the command deactivates the system filter policy. Default None of the IPv6 system filters is available by default. Parameters filter-id — An existing IPv6 filter policy with scope system. Values [1..65535] | <filter-name:64 char max> 7450 ESS Router Configuration Guide Page 517...
- Page 518 The filter log ID must exist before a filter entry can be enabled to use the filter log ID. The no form of the command disables logging for the filter entry. Default no log Parameters log-id — The filter log ID destination expressed as a decimal integer. Values 101 — 199 Page 518 7450 ESS Router Configuration Guide...
- Page 519 — Specifies packets matching the entry criteria will be dropped. forward — Specifies packets matching the entry criteria will be forwarded. next-hop ip-address — The IPv4 address of the direct next-hop to which to forward matching packets in dotted decimal notation. 7450 ESS Router Configuration Guide Page 519...
- Page 520 — Specifies the HTTP web address that will be sent to the user’s browser. Note that http-redirect is not supported on 7750 SR-1 or 7450 ESS-1 models. The following displays information that can optionally be added as variables in the portal URL (http-redirect url): •...
-
Page 521: Cflowd
This allows the option to not sample specific types of traffic when interface sampling is enabled. If the cflowd is either not enabled or set to cflowd acl mode, this command is ignored. The no form of this command enables sampling. Default no interface-disable-sample 7450 ESS Router Configuration Guide Page 521... - Page 522 Any private interior gateway (used by Cisco for IGRP) User Datagram Reliable Data Protocol idrp Inter-Domain Routing Protocol rsvp Reservation Protocol General Routing Encapsulation iso-ip ISO Internet Protocol eigrp EIGRP ospf-igp OSPFIGP ether-ip Ethernet-within-IP Encapsulation Page 522 7450 ESS Router Configuration Guide...
- Page 523 Description This command configures a DiffServ Code Point (DSCP) name to be used as an IP filter match criterion. The no form of the command removes the DSCP match criterion. Default no dscp 7450 ESS Router Configuration Guide Page 523...
- Page 524 — The IPv6 prefix length for the ipv6-address expressed as a decimal integer. Values 1 — 128 mask — Eight 16-bit hexadecimal pieces representing bit match criteria. Values x:x:x:x:x:x:x (eight 16-bit pieces) Page 524 7450 ESS Router Configuration Guide...
- Page 525 Syntax flow-label flow-label [mask] no flow-label Context config>filter>ipv6-filter>entry>match Description This command configures the flow-label and optional mask match condition. The no form of the command reverts to the default. Default no flow-label 7450 ESS Router Configuration Guide Page 525...
- Page 526 Default no ah-ext-hdr Parameters true — Matches a packet with an AH Extension Header. false — Match a packet without an AH Extension Header. Page 526 7450 ESS Router Configuration Guide...
- Page 527 Note that an entry containing Layer 4 non-zero match criteria will not match non-initial (2nd, 3rd, etc) fragments of a fragmented packet since only the first fragment contains the Layer 4 information. The no form of the command removes the criterion from the match entry. 7450 ESS Router Configuration Guide Page 527...
- Page 528 The no form of the command removes the match criterion. Default none Parameters ip-option-value — Enter the 8 bit option-type as a decimal integer. The mask is applied as an AND to the option byte, the result is compared with the option-value. Page 528 7450 ESS Router Configuration Guide...
- Page 529 — Specifies matching on IP packets that do not contain multiple option fields present in the header. option-present Syntax option-present {true | false} no option-present Context config>filter>ip-filter>entry>match Description This command configures matching packets that contain the option field in the IP header as an IP filter match criterion. 7450 ESS Router Configuration Guide Page 529...
- Page 530 Default no routing-type0 Parameters true — match if a packet contains Routing Type Extension Header type 0 false — match if a packet does not contain Routing Type Extension Header type 0 Page 530 7450 ESS Router Configuration Guide...
- Page 531 — The IPv6 prefix length for the ipv6-address expressed as a decimal integer. Values 1 — 128 mask — Eight 16-bit hexadecimal pieces representing bit match criteria. Values x:x:x:x:x:x:x (eight 16-bit pieces) 7450 ESS Router Configuration Guide Page 531...
- Page 532 (strict or loose) source route option is present/not present at any location within the IP header, as per the value of this object. Parameters true — Enables source route option match conditions. false — Disables source route option match conditions. Page 532 7450 ESS Router Configuration Guide...
- Page 533 — Specifies matching on IP packets that have the SYN bit set in the control bits of the TCP header. false — Specifies matching on IP packets that do not have the SYN bit set in the control bits of the TCP header. 7450 ESS Router Configuration Guide Page 533...
- Page 534 The no form of this command deletes the specified list. Operational notes: An ipv6-prefix-list must contain only IPv6 address prefixes. An IPv6 prefix match list cannot be deleted if it is referenced by a filter policy. Page 534 7450 ESS Router Configuration Guide...
- Page 535 Default No embedded filter policies are included in a filter policy. Parameters index — An integer from 1 to 255 enumerating bgp-peers auto-generation configuration within this list. 7450 ESS Router Configuration Guide Page 535...
- Page 536 The no form of this command deletes the specified port match criterion. Default no port Parameters port-number — A source or destination port to be used as a match criterion specified as a decimal Page 536 7450 ESS Router Configuration Guide...
- Page 537 - IPv6 address prefix x:x:x:x:x:x:x:x (eight 16-bit pieces) x:x:x:x:x:x:d.d.d.d x: [0..FFFF]H d: [0..255]D prefix-length — Length of the entered IP prefix. Values 1 — 128 prefix Syntax prefix ip-prefix/prefix-length no prefix ip-prefix/prefix-length Context config>filter>match-list>ip-prefix-list 7450 ESS Router Configuration Guide Page 537...
- Page 538 Parameters ip-prefix — A valid IPv4 address prefix in dotted decimal notation. Values 0.0.0.0 to 255.255.255.255 (host bit must be 0) prefix-length — Length of the entered IP prefix. Values 0 — 32 Page 538 7450 ESS Router Configuration Guide...
-
Page 539: Mac Filter Entry Commands
0 — 4094 Ethernet QinQ The SAP is identified by two 802.1Q tags on the port. qtag2: 0 — 4094 Note that a 0 qtag1 value also accepts untagged packets on the dot1q port. 7450 ESS Router Configuration Guide Page 539... - Page 540 802dot3 — Specifies the frame type is Ethernet IEEE 802.3. 802dot2-llc — Specifies the frame type is Ethernet IEEE 802.2 LLC. 802dot2-snap — Specifies the frame type is Ethernet IEEE 802.2 SNAP. ethernet_II — Specifies the frame type is Ethernet Type II. Page 540 7450 ESS Router Configuration Guide...
-
Page 541: Mac Filter Match Criteria
Binary 0bBBB 0b100 To select a range from 4 up to 7 specify p-value of 4 and a mask of 0b100 for value and mask. Default 7 (decimal) Values 1 — 7 (decimal) 7450 ESS Router Configuration Guide Page 541... - Page 542 Configures a destination MAC address or range to be used as a MAC filter match criterion. The no form of the command removes the destination mac address as the match criterion. Default no dst-mac Page 542 7450 ESS Router Configuration Guide...
- Page 543 The no form of the command removes the previously entered etype field as the match criteria. Default no etype Parameters ethernet-type — The Ethernet type II frame Ethertype value to be used as a match criterion expressed in hexadecimal. Values 0x0600 — 0xFFFF 7450 ESS Router Configuration Guide Page 543...
- Page 544 7 would match all VIDs with the lower 3 bits set to 6. Note for QoS the VID type cannot be specified on the default QoS policy. The default vid-mask is set to 4095 for exact match. Page 544 7450 ESS Router Configuration Guide...
- Page 545 — Specifies to match packets with the three-byte OUI field in the SNAP-ID set to zero. non-zero — Specifies to match packets with the three-byte OUI field in the SNAP-ID not set to zero. 7450 ESS Router Configuration Guide Page 545...
- Page 546 Values HH:HH:HH:HH:HH:HH or HH-HH-HH-HH-HH-HH where H is a hexadecimal digit ieee-address-mask — This 48-bit mask can be configured using: Format Style Format Syntax Example Decimal DDDDDDDDDDDDDD 281474959933440 Hexadecimal 0xHHHHHHHHHHHH 0x0FFFFF000000 Binary 0bBBBBBBB...B 0b11110000...B Page 546 7450 ESS Router Configuration Guide...
- Page 547 — This is optional and may be used when specifying a range of ssap values to use as the match criteria. This 8 bit mask can be configured using the following formats: Format Style Format Syntax Example Decimal Hexadecimal 0xHH 0xF0 Binary 0bBBBBBBBB 0b11110000 Default none Values 0x00 — 0xFF 7450 ESS Router Configuration Guide Page 547...
-
Page 548: Policy And Entry Maintenance Commands
‘break before make’ manner and therefore should be handled with care. filter-name Syntax filter-name filter-name no filter-name Context config>filter>ip-filter config>filter>ipv6-filter Description This command specifies the name to associate with this filter. Page 548 7450 ESS Router Configuration Guide... - Page 549 Parameters old-entry-id — Enter the entry number of an existing entry. Values 1 — 65535 new-entry-id — Enter the new entry-number to be assigned to the old entry. Values 1 — 65535 7450 ESS Router Configuration Guide Page 549...
-
Page 550: Redirect Policy Commands
[0..FFFF]H [0..255]D ping-test Syntax [no] ping-test Context config>filter>destination>ping-test config>filter>destination>snmp-test Description This command configures parameters to perform connectivity ping tests to validate the ability for the destination to receive redirected traffic. Default none Page 550 7450 ESS Router Configuration Guide... - Page 551 Default Parameters seconds — Specifies the amount of time, in seconds, between consecutive requests sent to the far end host. Values 1 — 60 timeout Syntax timeout seconds no timeout Context config>filter>destination>snmp-test config>filter>destination>url-test 7450 ESS Router Configuration Guide Page 551...
- Page 552 Syntax oid oid-string community community-string Context config>filter>redirect-policy>destination>snmp-test Description This command specifies the OID of the object to be fetched from the destination. Page 552 7450 ESS Router Configuration Guide...
- Page 553 The unicast route test is mutually exclusive with other redirect-policy test types. The test cannot be configured if no router is configured for this redirect policy. The no form of the command disables the test. Default no unicast-rt-test 7450 ESS Router Configuration Guide Page 553...
- Page 554 — Specifies the amount to lower the priority of the destination when the return code falls within the specified range. raise-priority priority — Specifies the amount to raise the priority of the destination when the return code falls within the specified range. Page 554 7450 ESS Router Configuration Guide...
- Page 555 Context config>filter>redirect-policy config>filter>redirect-policy>destination Description Administratively enables/disabled (AdminUp/AdminDown) an entity. Downing an entity does not change, reset or remove any configuration settings or statistics. Many objects must be shutdown before they may be deleted. 7450 ESS Router Configuration Guide Page 555...
- Page 556 Unlike other commands and parameters where the default state will not be indicated in the configuration file, shutdown and no shutdown are always indicated in system generated configuration files. The no form of the command puts an entity into the administratively enabled state. Default no shutdown Page 556 7450 ESS Router Configuration Guide...
-
Page 557: Show Commands
: 10 Applied : No Entries Description : test-dhcp-filter ------------------------------------------------------------------------------- Filter Match Criteria ------------------------------------------------------------------------------- No Match Criteria Found =============================================================================== *B:TechPubs>config# dhcp6 Syntax dhcp [<filter-id>] Context show>filter Description This command displays DHCP6 filter information. 7450 ESS Router Configuration Guide Page 557... - Page 558 [detail] Context show>filter Description This command shows IP filter information. Parameters ip-filter-id — Displays detailed information for the specified filter ID and its filter entries. Values 1 — 65535 Page 558 7450 ESS Router Configuration Guide...
- Page 559 OK—embedding operation successful, if any entries are overwritten this will also be indicated. Failed—embedding failed, the reason is displayed (out of resources). Sample Output A:ALA-49# show filter ip =============================================================================== IP Filters =============================================================================== Filter-Id Scope Applied Description ------------------------------------------------------------------------------- 7450 ESS Router Configuration Guide Page 559...
- Page 560 The default action for the filter ID for packets that do not Def. Action Forward — match the filter entries is to forward. The default action for the filter ID for packets that do not Drop — match the filter entries is to drop. Page 560 7450 ESS Router Configuration Guide...
- Page 561 Ing. Matches The source TCP, UDP, or SCTP port number, port range, or port match Src. Port list. The destination TCP, UDP, or SCTP port number, port range, or port Dest. Port match list. 7450 ESS Router Configuration Guide Page 561...
- Page 562 : Undefined ICMP Type : Undefined ICMP Code : Undefined TCP-syn : Off TCP-ack : Off Match action : Drop Ing. Matches : 0 Egr. Matches =============================================================================== A:ALA-49>config>filter# *A:Dut-C>config>filter# show filter ip fSpec-1 associations Page 562 7450 ESS Router Configuration Guide...
- Page 563 ICMP Type : Undefined ICMP Code : Undefined Fragment : Off Option-present : Off Sampling : Off Int. Sampling : On IP-Option : 0/0 Multiple Option: Off TCP-syn : Off TCP-ack : Off 7450 ESS Router Configuration Guide Page 563...
- Page 564 Entries Description : of-switch 'test' embedded filter ------------------------------------------------------------------------------- Filter Match Criteria : IP ------------------------------------------------------------------------------- Entry : 1000 Description : (Not Specified) Log Id : n/a Src. IP : 0.0.0.0/0 Src. Port : n/a Page 564 7450 ESS Router Configuration Guide...
- Page 565 : Off Int. Sampling : On IP-Option : 0/0 Multiple Option: Off TCP-syn : Off TCP-ack : Off Match action : Forward Next Hop : 172.22.184.101 Ing. Matches : 0 Egr. Matches =============================================================================== A:ALA-49# 7450 ESS Router Configuration Guide Page 565...
- Page 566 The ICMP type match criterion. indicates no ICMP type ICMP Type Undefined specified. Configures a match on all non-fragmented IP packets. Fragment False — Configures a match on all fragmented IP packets. True — Page 566 7450 ESS Router Configuration Guide...
- Page 567 Matches packets that contain the option field or have an option On — field of zero be used as IP filter match criteria. Interface traffic sampling is disabled. Int. Sampling Off — Interface traffic sampling is enabled. On — 7450 ESS Router Configuration Guide Page 567...
- Page 568 Show Filter Associations (with TOD-suite specified) — If a filter is referred to in a TOD Suite assignment, it is displayed in the show filter associations command output: A:ALA-49# show filter ip 160 associations Page 568 7450 ESS Router Configuration Guide...
- Page 569 The number of egress filter matches/hits for the filter entry. Egr. Matches Note that egress counters count the packets without Layer 2 encapsula- tion. Ingress counters count the packets with Layer 2 encapsulation. 7450 ESS Router Configuration Guide Page 569...
- Page 570 The filter policy is of type Exclusive. Exclusiv — The IP filter policy description. Description The filter policy ID has not been applied. Applied No — The filter policy ID is applied. Yes — Page 570 7450 ESS Router Configuration Guide...
- Page 571 Packets matching the filter entry criteria is forwarded. Forward — The number of ingress filter matches/hits for the filter entry. Ing. Matches The number of egress filter matches/hits for the filter entry. Egr. Matches 7450 ESS Router Configuration Guide Page 571...
- Page 572 The filter policy ID is applied as an ingress filter policy on the inter- (Ingress) face. The filter policy ID is applied as an egress filter policy on the interface. (Egress) Sample Output A:ALA-49# show filter mac 3 associations =============================================================================== Page 572 7450 ESS Router Configuration Guide...
- Page 573 (Egress) =============================================================================== A:ALA-49# Filter Entry Counters Output — When the counters keyword is specified, the filter entry output displays the filter matches/hit information. The following table describes the command output for the command. 7450 ESS Router Configuration Guide Page 573...
- Page 574 : Template Def. Action : Forward Entries Description : Description for Mac Filter Policy id # 8 ------------------------------------------------------------------------------- Filter Match Criteria : Mac ------------------------------------------------------------------------------- Entry FrameType : Ethernet Ing. Matches: 80 pkts (5440 bytes) Page 574 7450 ESS Router Configuration Guide...
- Page 575 Yes — The MAC filter policy description. Description and its entries is produced. The following table describes the command output for the command. Label Description The MAC filter policy ID. MAC Filter Filter Id 7450 ESS Router Configuration Guide Page 575...
- Page 576 Filter entry matches a non-zero value for the Ethernet Esnap-oui-zero Non-Zero — SNAP OUI. Filter entry matches a zero value for the Ethernet SNAP OUI. Zero — No Ethernet SNAP OUI value specified. Undefined — Page 576 7450 ESS Router Configuration Guide...
- Page 577 Egr. Matches: 0 pkts Entry : 50 FrameType : Ethernet Description : entry 50 Src Mac : 00:00:01:66:00:00 00:00:0f:ff:00:00 Dest Mac LI Source : No Ing. Matches: 0 pkts Egr. Matches: 0 pkts 7450 ESS Router Configuration Guide Page 577...
- Page 578 - SAP 1/1/6:9 (Egress) Filter Entry Counters Output — When the counters keyword is specified, the filter entry output displays the filter matches/hit information. The following table describes the command output for the command. Page 578 7450 ESS Router Configuration Guide...
- Page 579 LI Mac Filter =============================================================================== Filter Id : testLiMacFilter Associated : Yes Entries Description : test LI Mac filter setup ------------------------------------------------------------------------------- Filter Match Criteria : Mac ------------------------------------------------------------------------------- Entry : 10 Description : entry 10 7450 ESS Router Configuration Guide Page 579...
- Page 580 Specifies the operational value of the priority for this destination. The Oper Priority highest operational priority across multiple destinations is used as the preferred destination. Specifies the configured base priority for the destination. Admin Priority Page 580 7450 ESS Router Configuration Guide...
- Page 581 New redirect info redirect2 Test test test test =============================================================================== ALA-A>config>filter# ALA-A>config>filter# show filter redirect-policy redirect1 =============================================================================== Redirect Policy =============================================================================== Redirect Policy: redirect1 Applied : Yes Description : New redirect info Active Dest : 10.10.10.104 ------------------------------------------------------------------------------- 7450 ESS Router Configuration Guide Page 581...
- Page 582 Admin State : Up Oper State : Down URL Test : URL_to_Proxy Interval : 10 Timeout : 10 Drop Count Hold Down Hold Remain Last Action at : 03/19/2007 05:04:15 Action Taken : Disable Page 582 7450 ESS Router Configuration Guide...
- Page 583 IP filters that chain to the active IP system filter ============================================================================ 5:23 6:24 ---------------------------------------------------------------------------- No. of IP filters that chain to the active IP system filter: 6 ============================================================================ ============================================================================ IPv6 filters that chain to the active IPv6 system filter 7450 ESS Router Configuration Guide Page 583...
- Page 584 This command displays TCP/UDP/SCTP port values or ranges for match criteria in IPv4 and IPv6 ACL and CPM filter policies. Parameters port-list-name — A string of up to 32 characters of printable ASCII characters. If special characters are used, the string must be enclosed within double quotes. Page 584 7450 ESS Router Configuration Guide...
-
Page 585: Clear Commands
— The filter log ID destination expressed as a decimal integer. Values 101 — 199 Syntax mac mac-filter-id [entry entry-id] [ingress | egress] Context clear>filter Clears the counters associated with the MAC filter policy. 7450 ESS Router Configuration Guide Page 585... - Page 586 — Specifies that only the counters associated with the specified filter policy entry will be cleared. Values 1 — 65535 ingress — Specifies to only clear the ingress counters. egress — Specifies to only clear the egress counters. Page 586 7450 ESS Router Configuration Guide...
-
Page 587: Monitor Commands
Parameters mac-filter-id — The MAC filter policy ID. Values 1 — 65535 entry-id — Specifies that only the counters associated with the specified filter policy entry will be cleared. Values 1 — 65535 7450 ESS Router Configuration Guide Page 587... -
Page 588: Debug Commands
BGP FlowSpec Host Common Openflow --------------------------------------------------------------------------- Total =========================================================================== Available filters (except openflow): 16369 Available openflow filters: 16381 ============================================================================= Number of ACL filter entries / subentries defined on CPM ============================================================================= Inserted by IPv6 Total ----------------------------------------------------------------------------- Page 588 7450 ESS Router Configuration Guide... - Page 589 Ipv6 _tmnx_ofs_system:1 No more Ipv6 filters =============================================================================== =============================================================================== Filters utilizing most resources (ordered by CPM subentries) =============================================================================== Type Id Entries Subentries TCAM entries (per FlexPath) ------------------------------------------------------------------------------- No Mac filters found ------------------------------------------------------------------------------- 65535 5:23 6:24 7450 ESS Router Configuration Guide Page 589...
- Page 590 2043 65529 28670 2047 32766 16382 Ingr 2047 65529 28670 2047 32766 16382 =========================================================================== =============================================================================== Filters utilizing most resources (ordered by TCAM entries per FlexPath) Only filters present on any IOM are displayed Page 590 7450 ESS Router Configuration Guide...
- Page 591 Resource utilization details for Ip filter 100 =============================================================================== CPM entries used CPM subentries used TCAM entries used (per FlexPath) Associated with IOMs : 1,2,3,4,5,6,7,8,9,10 --------------------------------------------------------------------------- Largest 5 entries --------------------------------------------------------------------------- Entry ID Active TCAM entries (per FlexPath) --------------------------------------------------------------------------- 7450 ESS Router Configuration Guide Page 591...
- Page 592 This command displays information about the specified MAC filter including resource utilization on CPM and IOM, the IOMs on which the filter is used, and the entries using the most resources. Parameters filter-id — specifies filter resource utilization. Values 1 — 65535 Page 592 7450 ESS Router Configuration Guide...
- Page 593 CPM entries used CPM subentries used TCAM entries used (per FlexPath) Associated with IOMs --------------------------------------------------------------------------- Largest 5 entries --------------------------------------------------------------------------- Entry ID Active TCAM entries (per FlexPath) --------------------------------------------------------------------------- No more entries defined --------------------------------------------------------------------------- =============================================================================== 7450 ESS Router Configuration Guide Page 593...
- Page 594 Show Commands Page 594 7450 ESS Router Configuration Guide...
-
Page 595: Cflowd
Topics in this chapter include: • Cflowd Overview on page 596 → Operation on page 597 → Cflowd Filter Matching on page 601 • Cflowd Configuration Process Overview on page 602 • Configuration Notes on page 603 7450 ESS Router Configuration Guide Page 595... -
Page 596: Cflowd Overview
For the 7450 guides, it is only supported on the ESS-7 and 12 if mixed mode is enabled. Page 596... -
Page 597: Operation
(default 15 seconds), then the entry is removed from the flow cache. 6. If a flow has been active for a period of time equal to or greater than the active timer (default 30 minutes), then the entry is removed from the flow cache. 7450 ESS Router Configuration Guide Page 597... -
Page 598: Figure 23: V5, V8, V9, V10, And Flow Processing
3. If the export format is Version 8, then the flow entry is added to one or more of the configured aggregation matrices. Page 598 7450 ESS Router Configuration Guide... -
Page 599: Version 8
The Version 9 format is a more flexible format and allows for different templates or sets of cflowd data to be sent based on the type of traffic being sampled and the template set configured. Version 9 is interoperable with RFC 3954, Cisco Systems NetFlow Services Export Version 9. 7450 ESS Router Configuration Guide Page 599... -
Page 600: Version 10
IPv4, IPv6, and MPLS. Version 10 is interoperable with RFC 5150 and 5102. Page 600 7450 ESS Router Configuration Guide... -
Page 601: Cflowd Filter Matching
Subsequent packets in the same flow are then forwarded without needing to be matched against the complete set of filters. Specific performance varies depending on the number and complexity of the filters. 7450 ESS Router Configuration Guide Page 601... -
Page 602: Cflowd Configuration Process Overview
• Cflowd ACL, where IP filters must be created with entries containing the action filter- sampled. In this mode only traffic matching these filter entries will be subject to the cflowd sampling process. Page 602 7450 ESS Router Configuration Guide... -
Page 603: Configuration Notes
Sampling must be enabled on either: → An IP filter which is applied to a port or service. → An interface on a port or service. Cflowd is only available when mixed-mode is enabled on the system. 7450 ESS Router Configuration Guide Page 603... - Page 604 Configuration Notes Page 604 7450 ESS Router Configuration Guide...
-
Page 605: Configuring Cflowd With Cli
Specifying Sampling Options in Filter Entries on page 629 • Cflowd Configuration Management Tasks on page 632 → Modifying Global Cflowd Components on page 632 → Modifying Cflowd Collector Parameters on page 633 7450 ESS Router Configuration Guide Page 605... -
Page 606: Cflowd Configuration Overview
IP next hop • BGP next hop • ICMP type and code • IP version • Source prefix (from routing) • Destination prefix (from routing) • MPLS label stack from label 1 to 6 Page 606 7450 ESS Router Configuration Guide... -
Page 607: Collectors
The following aggregation schemes are supported: • AS matrix — Flows are aggregated based on source and destination AS and ingress and egress interface. 7450 ESS Router Configuration Guide Page 607... - Page 608 Source-destination prefix — Flows are aggregated based on source prefix and mask, destination prefix and mask, source and destination AS, ingress interface and egress interface. • Raw — Flows are not aggregated and are sent to the collector in a V5 record. Page 608 7450 ESS Router Configuration Guide...
-
Page 609: Basic Cflowd Configuration
A:ALA-1>config>cflowd# info detail ---------------------------------------------- active-timeout 30 cache-size 65536inactive-timeout 15 overflow 1 rate 1000 collector 10.10.10.103:2055 version 9 no aggregation autonomous-system-type origin description "V9 collector" no shutdown exit template-retransmit 330 exit no shutdown ---------------------------------------------- A:ALA-1>config>cflowd# 7450 ESS Router Configuration Guide Page 609... -
Page 610: Common Configuration Tasks
Rate - Defines the system wide sampling rate for cflowd. • Template retransmit - Defines the interval (in seconds) at which the v9 and v10 template are retransmitted to all configured v9 or v10 collectors. Page 610 7450 ESS Router Configuration Guide... -
Page 611: Configuring Cflowd
{version [5 | 8 | 9 |10]} aggregation as-matrix destination-prefix protocol-port source-destination-prefix source-prefix template-set {basic | mpls-ip} autonomous-system-type [origin | peer] description description-string no shutdown no shutdown 7450 ESS Router Configuration Guide Page 611... -
Page 612: Enabling Cflowd
The following example displays the default values when cflowd is initially enabled. No collectors or collector options are configured. A:ALA-1>config# info detail #------------------------------------------ echo "Cflowd Configuration" #------------------------------------------ cflowd active-timeout 30 cache-size 65536 inactive-timeout 15 overflow 1 rate 1000 template-retransmit 600 no shutdown exit #------------------------------------------ A:ALA-1>config# Page 612 7450 ESS Router Configuration Guide... -
Page 613: Configuring Global Cflowd Parameters
The following example displays a common cflowd component configuration: A:ALA-1>config>cflowd# info #------------------------------------------ active-timeout 20 inactive-timeout 10 overflow 10 rate 100 #------------------------------------------ A:ALA-1>config>cflowd# 7450 ESS Router Configuration Guide Page 613... -
Page 614: Configuring Cflowd Collectors
"AS info collector" exit collector 10.10.10.2:5000 version 8 aggregation protocol-port source-destination-prefix exit autonomous-system-type peer description "Neighbor collector" exit ----------------------------------------- A:ALA-1>config>cflowd# Version 9 Collector example: collector 10.10.10.9:2000 version 9 description "v9collector" template-set mpls-ip no shutdown exit Page 614 7450 ESS Router Configuration Guide... -
Page 615: Version 9 And Version 10 Templates
The following tables specify the fields present in each template: Table 10: Basic IPv4 Template Field Name Field ID IPv4 Src Addr IPv4 Dest Addr IPv4 Nexthop BGP Nexthop Ingress Interface Egress Interface Packet Count Byte Count Start Time End Time 7450 ESS Router Configuration Guide Page 615... -
Page 616: Table 11: Mpls-Ipv4 Template
Dest IPv4 Prefix Length 1.Only sent to collectors configured for v10 format Table 11: MPLS-IPv4 Template Field Name Field ID IPv4 Src Addr IPv4 Dest Addr IPv4 Nexthop BGP Nexthop Ingress Interface Egress Interface Page 616 7450 ESS Router Configuration Guide... - Page 617 Direction BGP Source ASN BGP Dest ASN Source IPv4 Prefix Length Dest IPv4 Prefix Length MPLS Top Label Type MPLS Top Label IPv4 Addr MPLS Label 1 MPLS Label 2 MPLS Label 3 7450 ESS Router Configuration Guide Page 617...
-
Page 618: Table 12: Basic Ipv6 Template
IPv4 Nexthop IPv4 BGP Nexthop Ingress Interface Egress Interface Packet Count Byte Count Start Time End Time Flow Start Milliseconds Flow End Milliseconds Src Port Dest Port Forwarding Status TCP control Bits (Flags) Page 618 7450 ESS Router Configuration Guide... -
Page 619: Table 13: Mpls-Ipv6 Template
1.Only sent to collectors configured for v10 format Table 13: MPLS-IPv6 Template Field Name Field ID IPv6 Src Addr IPv6 Dest Addr IPv6 Nexthop IPv6 BGP Nexthop IPv4 Nexthop IPv4 BGP Nexthop Ingress Interface Egress Interface Packet Count 7450 ESS Router Configuration Guide Page 619... - Page 620 IPv6 Extension Hdr IPv6 Next Header IPv6 Flow Label IP version IPv6 ICMP Type & Code Direction BGP Source ASN BGP Dest ASN IPv6 Src Mask IPv6 Dest Mask MPLS_TOP_LABEL_TY MPLS_TOP_LABEL_A MPLS Top Label Type Page 620 7450 ESS Router Configuration Guide...
-
Page 621: Table 14: Basic Mpls Template
1.Only sent to collectors configured for v10 format Table 14: Basic MPLS Template Field Name Field ID Start Time End Time Flow Start Milliseconds Flow End Milliseconds Ingress Interface Egress Interface Packet Count Byte Count Direction 7450 ESS Router Configuration Guide Page 621... -
Page 622: Table 15: Mpls-Ip Template
Table 15: MPLS-IP Template Field Name Field ID IPv4 Src Addr IPv4 Dest Addr IPv4 Nexthop IPv6 Src Addr IPv6 Dest Addr IPv6 Nexthop Ingress Interface Egress Interface Packet Count Byte Count Start Time End Time Page 622 7450 ESS Router Configuration Guide... - Page 623 MPLS Top Label Type MPLS Top Label IPv4 Addr MPLS Label 1 MPLS Label 2 MPLS Label 3 MPLS Label 4 MPLS Label 5 MPLS Label 6 1.Only sent to collectors configured for v10 format 7450 ESS Router Configuration Guide Page 623...
-
Page 624: Table 16: Ethernet (L2-Ip) Flow Template
IPv6 Src Addr IPv6 Dest Addr Packet Count Byte Count Flow Start Milliseconds Flow End Milliseconds Src Port Dest Port TCP control Bits (Flags) Protocol IPv6 Option Header IPv6 Next Header IPv6 Flow Label Page 624 7450 ESS Router Configuration Guide... - Page 625 Configuring System Management with CLI Table 16: Ethernet (L2-IP) Flow Template Field Name Field ID IP Version ICMP Type Code 1.Ohe Ethernet (L2-IP) flow template is only supported and exported to IPFIX (v10) col- lectors. 7450 ESS Router Configuration Guide Page 625...
-
Page 626: Enabling Cflowd On Interfaces And Filters
→ Interface Configurations on page 627 → Service Interfaces on page 628 • Specifying Sampling Options in Filter Entries on page 629 → Interface Configurations on page 627 • Dependencies on page 630 Page 626 7450 ESS Router Configuration Guide... -
Page 627: Specifying Cflowd Options On An Ip Interface
If The interface cflowd is not enabled ( ) then traffic sampling will not occur on the interface. no cflowd 7450 ESS Router Configuration Guide Page 627... -
Page 628: Service Interfaces
Cflowd is supported on IES and VPRN services interfaces only. Layer 2 traffic is excluded. All packets forwarded by the interface are analyzed according to the cflowd configuration. On the interface level, cflowd can be associated with a filter (ACL) or an IP interface. Page 628 7450 ESS Router Configuration Guide... -
Page 629: Specifying Sampling Options In Filter Entries
When the interface-disable-sample command is enabled, then traffic matching the associated IP filter entry is not sampled if the IP interface is set to cflowd ACL mode. 7450 ESS Router Configuration Guide Page 629... -
Page 630: Dependencies
Filter Configurations on page 629 Depending on the combination of interface and filter entry configurations determine if and when flow sampling occurs. Table 17 displays the expected results when specific features are enabled and disabled. Page 630 7450 ESS Router Configuration Guide... -
Page 631: Table 17: Cflowd Configuration Dependencies
Interface mode All IP traffic ingressing the none interface interface is subject to sampling. Interface mode Filter level action is ignored. All filter sampled interface traffic ingressing the interface is subject to sampling. 7450 ESS Router Configuration Guide Page 631... -
Page 632: Cflowd Configuration Management Tasks
Example: config>cflowd# active-timeout 60 config>cflowd# no inactive-timeout config>cflowd# overflow 2 config>cflowd# rate 10 The following example displays the common cflowd component configuration: A:ALA-1>config>cflowd# info #------------------------------------------ active-timeout 60 overflow 2 rate 10 #------------------------------------------ A:ALA-1>config>cflowd# Page 632 7450 ESS Router Configuration Guide... -
Page 633: Modifying Cflowd Collector Parameters
The following displays basic cflowd modifications: A:ALA-1>config>cflowd# info ----------------------------------------- active-timeout 60 overflow 2 rate 10 collector 10.10.10.1:2000 version 5 description "AS info collector" exit collector 10.10.10.2:5000 version 8 aggregation source-prefix exit description "Test collector" exit ----------------------------------------- A:ALA-1>config>cflowd# 7450 ESS Router Configuration Guide Page 633... - Page 634 Modifying Cflowd Collector Parameters Page 634 7450 ESS Router Configuration Guide...
-
Page 635: Cflowd Configuration Commands
The no form of this command resets the inactive timeout back to the default value. Default Parameters minutes — The value expressed in minutes before an active flow is exported. Values 1 — 600 7450 ESS Router Configuration Guide Page 635... - Page 636 <ip-address[:port]> : ip-address - a.b.c.d[:port] (IPv4) x:x:x:x:x:x:x:x (IPv6) [x:x:x:x:x:x:x:x]:port (IPv6) x - [0..FFFF]H port — Specifies the UDP port number on the remote Cflowd collector host to receive the exported Cflowd data. Values 1— 65535 Default 2055 Page 636 7450 ESS Router Configuration Guide...
- Page 637 Syntax [no] destination-prefix Context config>cflowd>collector>aggregation Description This command specifies that the aggregation data is based on destination prefix information. The no form removes this type of aggregation from the collector configuration. Default none 7450 ESS Router Configuration Guide Page 637...
- Page 638 Syntax [no] source-prefix Context config>cflowd>collector>aggregation Description This command configures cflowd aggregation based on source prefix information. The no form of this command removes this type of aggregation from the collector configuration. Default none Page 638 7450 ESS Router Configuration Guide...
- Page 639 The operational state of the entity is disabled as well as the operational state of any entities contained within. Many objects must be shut down before they may be deleted. The no form of this command administratively enables an entity. 7450 ESS Router Configuration Guide Page 639...
- Page 640 Context config>cflowd Description This command specifies the amount of time, in seconds, that must elapse without a packet matching a flow in order for the flow to be considered inactive. Page 640 7450 ESS Router Configuration Guide...
- Page 641 When sample-rate is configured as 100, then every 100th packet is sent to the cache. The no form of this command resets the sample rate to the default value. Default 1000 Parameters sample-rate — Specifies the rate at which traffic is sampled. Values 1 — 10000 7450 ESS Router Configuration Guide Page 641...
- Page 642 Context config>cflowd Description This command specifies the interval for sending template definitions. Default Parameters seconds — The value expressed in seconds before sending template definitions. Values 10 — 600 Page 642 7450 ESS Router Configuration Guide...
-
Page 643: Cflowd Command Reference
{basic | mpls-ip | l2-ip} — export-mode [automatic | manual] — inactive-timeout seconds — no inactive-timeout — overflow percent — no overflow — rate sample-rate — no rate — [no] shutdown — template-retransmit seconds — no template-retransmit 7450 ESS Router Configuration Guide Page 643... - Page 644 [ip-int-name | ip-address] — status Tools Commands tools — dump — cflowd — top-protocols [clear] — top-flows [ipv4 | ipv6 | mpls] [clear] — packet-size [ipv4 | ipv6] [clear] Clear Commands clear — cflowd Page 644 7450 ESS Router Configuration Guide...
-
Page 645: Show Commands
The current operational status of this Cflowd remote collector host. Oper The number of Cflowd records that have been transmitted to this Recs Sent remote collector host. The total number of collectors using this IP address. Collectors 7450 ESS Router Configuration GuidePage 645... -
Page 646: Table 19: Show Cflowd Collector Detailed Output Fields
The UDP port number on the remote Cflowd collector host to receive Port the exported Cflowd data. A user-provided descriptive string for this Cflowd remote collector Description host. The version of the flow data sent to the collector. Version Page 646 7450 ESS Router Configuration Guide... - Page 647 A:R51-CfmA# show cflowd collector detail =============================================================================== Cflowd Collectors (detail) =============================================================================== Address : 138.120.135.103 Port : 2055 Description : Test v5 Collector Version AS Type : peer Admin State : up Oper State : up 7450 ESS Router Configuration GuidePage 647...
- Page 648 Displays the administrative and operational status of the interfaces with cflowd enabled. Parameters ip-addr — Display only information for the IP interface with the specified IP address. Default all interfaces with cflowd enabled. Page 648 7450 ESS Router Configuration Guide...
- Page 649 Interface Router IF Index Mode Admin IPv4 Address Oper IPv4 IPv6 Address Oper IPv6 ------------------------------------------------------------------------------- ipv4ipv6NamedIf Base intf/ing 5.5.5.5/24 55::55/128 ipv4NamedIf acl-egr 10.10.10.10/24 Down ipv6NamedIf Base i/f-both Down 1234:5678::9/128 ------------------------------------------------------------------------------- Interfaces : 3 =============================================================================== 7450 ESS Router Configuration GuidePage 649...
-
Page 650: Table 20: Cflowd Status Output
Table 20: Cflowd Status Output Label Description The desired administrative state for this Cflowd remote collector host. Cflowd Admin Sta- The current operational status of this Cflowd remote collector host. Cflowd Oper Status Page 650 7450 ESS Router Configuration Guide... - Page 651 The number of times the active cache overflowed. Overflow events Equal to “total flows trashed” in cflowdStatsTotal. Dropped Flows Sample Output sr1# show cflowd status =============================================================================== Cflowd Status =============================================================================== Cflowd Admin Status : Enabled 7450 ESS Router Configuration GuidePage 651...
- Page 652 : 65536 entries Overflow : 1% Sample Rate Active Flows : 34 Total Pkts Rcvd : 801600 Total Pkts Dropped =============================================================================== Version Info =============================================================================== Version Status Sent Open Errors ------------------------------------------------------------------------------- Enabled Enabled Enabled Enabled =============================================================================== Page 652 7450 ESS Router Configuration Guide...
-
Page 653: Tools Commands
Displays the average lifetime of a flow for the associated protocol type. Duration/Flow (Number of seconds since last clear / total flows) Displays the percentage of bandwidth consumed by the associated pro- Bandwidth Total tocol type. (Total protocol bytes / total bytes of all flows) 7450 ESS Router Configuration GuidePage 653... -
Page 654: Table 22: Tools Dump Cflowd Top-Flows Out Put Fields
Displays the Type of Service/DSCP buts filed markings. Displays the protocol flag markings. Flgs Displays the total number of packets sampled for this flow (since stats Pkts were last cleared). Displays the vRouter context the flow was sample in. vRtr-ID Page 654 7450 ESS Router Configuration Guide... - Page 655 Ingress i/f Src Port vRtr ID DstIP (upto IPv6) Egress i/f Dst Port Proto Flags Nexthop (uptoIPv6) Total Pkts Avg Pkt Active(sec) 2001:0db8:85a3:0000:0000:8a2e:0370:7334 60005 10020 0x12 2001:0db8:85a3:0000:0000:8a2e:0280:1234 60325 20010 0x23 2001:0db8:85a3:0000:0000:8a2e:1234:5678 1234567890 1500 13600 …… 7450 ESS Router Configuration GuidePage 655...
- Page 656 .000 .250 .000 .000 .010 .100 .500 .090 .000 .000 .000 .000 .000 .000 .000 576 1024 1536 2048 2560 3072 3584 4096 4608 9000 .000 .000 .000 .050 .000 .000 .000 .000 .000 .000 .000 .000 Page 656 7450 ESS Router Configuration Guide...
-
Page 657: Clear Commands
This action will trigger all the flows to be discarded. The cache restarts flow data collection from a fresh state. This command also clears global stats collector stats listed in the cflowd show commands. 7450 ESS Router Configuration GuidePage 657... - Page 658 Clear Commands Page 658 7450 ESS Router Configuration Guide...
-
Page 659: Standards And Protocol Support
Standards and Protocol Support Note that the information presented is subject to change without notice. Alcatel-Lucent assumes no responsibility for inaccuracies contained herein. OSPF RFC 2858 Multiprotocol Extensions for BGP-4 RFC 1586 Guidelines for Running OSPF Over Frame Relay Networks... -
Page 660: Standards And Protocols
Internet Protocol Version 6 (IPv6) (Helper Mode) RFC 5998 An Extension for EAP-Only Specification RFC 5307 IS-IS Extensions in Support of Authentication in IKEv2 RFC 4552 Authentication/Confidentiality Generalized Multi-Protocol Label for OSPFv3 Switching (GMPLS) Page 660 7450 ESS Router Configuration Guide... - Page 661 RFC 5059 Bootstrap Router (BSR) Identification Codes Mechanism for Protocol RFC 3209 Extensions to RSVP for RFC 3443 Time To Live (TTL) Independent Multicast (PIM) Tunnels Processing in Multi-Protocol Label Switching (MPLS) Networks 7450 ESS Router Configuration Guide Page 661...
- Page 662 Label Switching (MPLS) - in Resource ReSerVation Protocol - Extensions to LSP Ping TCP/IP Traffic Engineering (RSVP-TE) RFC 768 UDP MPLS — TP (7750/7450 only) RFC 3564 Requirements for Diff-Serv- RFC 791 IP aware TE RFC 5586 MPLS Generic Associated RFC 792 ICMP...
- Page 663 MPLS Networks RFC 2684 Multiprotocol Encapsulation fr TCP RFC 4446 IANA Allocations for PWE3 over ATM Adaptation Layer 5 RFC 5508 NAT Behavioral Requirements RFC 4447 Pseudowire Setup and for ICMP Maintenance Using LDP 7450 ESS Router Configuration Guide Page 663...
- Page 664 ETSI TS 101 329-5 Annex E extensions- RFC 4250 The Secure Shell (SSH) QoS Measurement for VoIP - Protocol Assigned Numbers Method for determining an RFC 4251 The Secure Shell (SSH) Protocol Architecture Page 664 7450 ESS Router Configuration Guide...
- Page 665 Listener Discovery Protocol Information Base RFC 3164 Syslog draft-ietf-mpls-ldp-mib-07 Definitions of RFC 3273 HCRMON-MIB Managed Objects for the RFC 3411 An Architecture for Multiprotocol Label Switching, Describing Simple Network Label Distribution Protocol (LDP) 7450 ESS Router Configuration Guide Page 665...
- Page 666 Standards and Protocols Page 666 7450 ESS Router Configuration Guide...
- Page 667 Customer documentation and product support Customer documentation http://documentation.alcatel-lucent.com Technical support http://support.alcatel-lucent.com Documentation feedback documentation.feedback@alcatel-lucent.com...
- Page 668 © 2015 Alcatel-Lucent. All rights reserved. 3HE 09853 AAAA TQZZA 01...
Need help?
Do you have a question about the 7450 and is the answer not in the manual?
Questions and answers