Usage guidelines This function enables a device to log ARP events when ARP cannot resolve IP addresses correctly. The device can log the following ARP events: • On a proxy ARP-disabled interface, the target IP address of a received ARP packet is not one of the following IP addresses: The IP address of the receiving interface.
Usage guidelines An interface can dynamically learn ARP entries. To prevent an interface from holding too many ARP entries, you can set the maximum number of dynamic ARP entries that the interface can learn. When the maximum number is reached, the interface stops learning ARP entries. When the number argument is set to 0, the interface is disabled from learning dynamic ARP entries.
Usage guidelines A device can dynamically learn ARP entries. To prevent a device from holding too many ARP entries, you can set the maximum number of dynamic ARP entries that the device can learn. When the maximum number is reached, the device stops learning ARP entries. When the number argument is set to 0, the device is disabled from learning dynamic ARP entries.
If you do not specify a VPN, the undo arp command removes ARP entries only for the public network. Examples # Configure a static ARP entry that comprises IP address 202.38.10.2, MAC address 00e0-fc01-0000, and output interface Ten-GigabitEthernet 1/0/1 in VLAN 10. <Sysname>...
192.168.0.115 000d-88f7-9f7d XGE1/0/2 [No Vrf] 192.168.0.39 0012-a990-2241 XGE1/0/3 [No Vrf] 22.1.1.1 000c-299d-c041 [No Vrf] # Display the number of all ARP entries. <Sysname> display arp all count Total number of entries : 5 Table 1 Command output Field Description IP Address IP address in an ARP entry.
Views Any view Predefined user roles network-admin network-operator Parameters ip-address: Displays the ARP entry for the specified IP address. slot slot-number: Specifies an IRF member device by its member ID or a PEX by its virtual slot number. verbose: Displays the detailed information about the specified ARP entry. Usage guidelines The ARP entry information includes the IP address, MAC address, VLAN ID, output interface, entry type, and aging timer.
Syntax display arp timer aging Views Any view Predefined user roles network-admin network-operator Examples # Display the aging timer of dynamic ARP entries. <Sysname> display arp timer aging Current ARP aging time is 10 minute(s) Related commands arp timer aging display arp vpn-instance Use display arp vpn-instance to display the ARP entries for a VPN instance.
Usage guidelines This function takes effect only when the enabled interface is up and an IP address has been assigned to the interface. This function can send gratuitous ARP requests only for a VRRP virtual IP address, or the sending interface's primary IP address or manually configured secondary IP address.
gratuitous-arp-sending enable Use gratuitous-arp-sending enable to enable sending of gratuitous ARP packets upon receiving ARP requests whose sender IP address is on a different subnet. Use undo gratuitous-arp-sending enable to restore the default. Syntax gratuitous-arp-sending enable undo gratuitous-arp-sending enable Default A device does not send gratuitous ARP packets when it receives ARP requests whose sender IP address is on a different subnet.
Proxy ARP commands display local-proxy-arp Use display local-proxy-arp to display the local proxy ARP status. Syntax display local-proxy-arp [ interface interface-type interface-number ] Views Any view Predefined user roles network-admin network-operator Parameters interface interface-type interface-number: Displays the local proxy ARP status for the specified interface.
Usage guidelines You can use this command to check whether proxy ARP is enabled or disabled. If an interface is specified, this command displays proxy ARP status for the specified interface. If no interface is specified, this command displays proxy ARP status for all interfaces. Examples # Display the proxy ARP status on VLAN-interface 1.
[Sysname] interface vlan-interface 2 [Sysname-Vlan-interface2] local-proxy-arp enable # Enable local proxy ARP on VLAN-interface 2 for an IP address range. <Sysname> system-view [Sysname] interface vlan-interface 2 [Sysname-Vlan-interface2] local-proxy-arp enable ip-range 1.1.1.1 to 1.1.1.20 Related commands display local-proxy-arp proxy-arp enable Use proxy-arp enable to enable proxy ARP. Use undo proxy-arp enable to disable proxy ARP.
Usage guidelines If you do not specify any keywords or arguments, the command displays all ARP snooping entries. Examples # Display ARP snooping entries for VLAN 2. <Sysname> display arp snooping vlan 2 IP Address MAC Address VLAN ID Interface Aging Status 3.3.3.3...
ARP fast-reply commands arp fast-reply enable Use arp fast-reply enable to enable ARP fast-reply for a VLAN. Use undo arp fast-reply enable to disable ARP fast-reply for a VLAN. Syntax arp fast-reply enable undo arp fast-reply enable Default ARP fast-reply is disabled on a VLAN. Views VLAN view Predefined user roles...
IP addressing commands The IP addresses in this chapter refer to IPv4 addresses unless otherwise specified. The term "interface" in this chapter collectively refers to Layer 3 interfaces, including VLAN interfaces and Layer 3 Ethernet interfaces. You can set an Ethernet port as a Layer 3 interface by using the port link-mode route command (see Layer 2—LAN Switching Configuration Guide).
Page 32
Routing redirect: Echo request: Router advert: Router solicit: Time exceed: IP header bad: Timestamp request: Timestamp reply: Information request: Information reply: Netmask request: Netmask reply: Unknown type: Table 3 Command output Field Description Current physical state of the interface: • Administrative DOWN—The interface is shut down with the shutdown command.
Examples # Display brief IP configuration information for VLAN interfaces. <Sysname> display ip interface vlan-interface brief *down: administratively down (s): spoofing (l): loopback Interface Physical Protocol IP Address Description Vlan10 down down 6.6.6.1 Vlan-inte... Vlan2 down down 7.7.7.1 Vlan-inte... Table 4 Command output Field Description *down: administratively...
Page 35
Views Interface view Predefined user roles network-admin Parameters ip-address: Specifies the IP address of the interface, in dotted decimal notation. mask-length: Specifies the subnet mask length in the range of 1 to 31. For a loopback interface, the value range is 1 to 32. mask: Specifies the subnet mask in dotted decimal notation.
ip address unnumbered Use ip address unnumbered to configure the current interface as IP unnumbered to borrow an IP address from the specified interface. Use undo ip address unnumbered to disable IP unnumbered on the interface. Syntax ip address unnumbered interface interface-type interface-number undo ip address unnumbered Default The interface does not borrow IP addresses from other interfaces.
DHCP commands Common DHCP commands dhcp dscp Use dhcp dscp to set the DSCP value for DHCP packets sent by the DHCP server or the DHCP relay agent. Use undo dhcp dscp to restore the default. Syntax dhcp dscp dscp-value undo dhcp dscp Default The DSCP value in DHCP packets is 56.
Predefined user roles network-admin Usage guidelines Enable DHCP before you perform DHCP server or relay agent configurations. Examples # Enable DHCP. <Sysname> system-view [Sysname] dhcp enable dhcp select Use dhcp select to enable the DHCP server or DHCP relay agent on an interface. Use undo dhcp select to disable the DHCP server or DHCP relay agent on an interface.
DHCP server commands The term "interface" in this section collectively refers to Layer 3 interfaces, including VLAN interfaces and Layer 3 Ethernet interfaces. You can set an Ethernet port as a Layer 3 interface by using the port link-mode route command (see Layer 2—LAN Switching Configuration Guide). address range Use address range to configure an IP address range in a DHCP address pool for dynamic allocation.
bims-server Use bims-server to specify the IP address, port number, and shared key of the BIMS server in a DHCP address pool. Use undo bims-server to remove the specified BIMS server information. Syntax bims-server ip ip-address [ port port-number ] sharekey { cipher | simple } key undo bims-server Default No BIMS server information is specified.
Default No configuration file name or URL is specified. Views DHCP address pool view Predefined user roles network-admin Parameters bootfile-name: Specifies the configuration file name, a case-sensitive string of 1 to 63 characters. url: Specifies the configuration file URL in the format of http://. It is a case-sensitive string of 1 to 63 characters.
Predefined user roles network-admin Parameters class-name: Specifies the name of a DHCP user class, a case-insensitive string of 1 to 63 characters. If the specified user class does not exist, the DHCP server will not assign the addresses in the address range specified for the user class to any client. start-ip-address: Specifies the start IP address.
Parameters class-name: Specifies the name of a DHCP user class, a case-insensitive string of 1 to 63 characters. Usage guidelines You can also use this command to enter the view of an existing DHCP user class. In the DHCP user class view, use the if-match command to configure a match rule to match specific clients.
[Sysname] dhcp server always-broadcast dhcp server apply ip-pool Use dhcp server apply ip-pool to apply an address pool on an interface. Use undo dhcp server apply ip-pool to remove the configuration. Syntax dhcp server apply ip-pool pool-name undo dhcp server apply ip-pool Default No address pool is applied on an interface Views...
Views System view Predefined user roles network-admin Usage guidelines The lease duration of IP addresses obtained by BOOTP clients is unlimited. For scenarios that do not allow unlimited leases, you can configure the DHCP server to ignore BOOTP requests. Examples # Configure the DHCP server to ignore BOOTP requests.
Syntax dhcp server forbidden-ip start-ip-address [ end-ip-address ] undo dhcp server forbidden-ip start-ip-address [ end-ip-address ] Default No IP addresses are excluded from dynamic allocation. Views System view Predefined user roles network-admin Parameters start-ip-address: Specifies the start IP address. end-ip-address: Specifies the end IP address, which cannot be lower than the start-ip-address. If you do not specify this argument, only the start-ip-address is excluded from dynamic allocation.
Predefined user roles network-admin Parameters pool-name: Specifies the name for the DHCP address pool, a case-insensitive string of 1 to 63 characters used to uniquely identify this pool. Usage guidelines You can also use this command to enter the view of an existing DHCP address pool. A DHCP address pool is used to store the configuration parameters to be assigned to DHCP clients.
[Sysname] dhcp server ping packets 10 Related commands dhcp server ping timeout display dhcp server conflict reset dhcp server conflict dhcp server ping timeout Use dhcp server ping timeout to configure the ping response timeout time on the DHCP server. Use undo dhcp server ping timeout to restore the default.
Syntax dhcp server relay information enable undo dhcp server relay information enable Default The DHCP server handles Option 82. Views System view Predefined user roles network-admin Usage guidelines Upon receiving a DHCP request that contains Option 82, the server copies the original Option 82 into the response.
4.4.4.1 Apr 25 16:57:20 2007 4.4.4.2 Apr 25 17:00:10 2007 Table 5 Command output Field Description IP address Conflicted IP address. Detect time Time when the conflict was discovered. Related commands reset dhcp server conflict display dhcp server expired Use display dhcp server expired to display the lease expiration information. Syntax display dhcp server expired [ ip ip-address | pool pool-name ] Views...
Related commands reset dhcp server expired display dhcp server free-ip Use display dhcp server free-ip to display information about assignable IP addresses. Syntax display dhcp server free-ip [ pool pool-name ] Views Any view Predefined user roles network-admin network-operator Parameters pool pool-name: Displays assignable IP addresses in the specified address pool.
network display dhcp server ip-in-use Use display dhcp server ip-in-use to display binding information about assigned IP addresses. Syntax display dhcp server ip-in-use [ ip ip-address | pool pool-name ] Views Any view Predefined user roles network-admin network-operator Parameters ip ip-address: Displays binding information about the specified IP address. pool pool-name: Displays binding information about the specified IP address pool.
Field Description Binding types: • Static(F)—A free static binding whose IP address has not been assigned. • Static(O)—An offered static binding whose IP address has been selected and sent by the DHCP server in a DHCP-OFFER packet to the client. Static(C)—A committed static binding whose IP address has Type been assigned to the DHCP client.
Field Description dns-list DNS server IP address. domain-name Domain name suffix. bims-server BIMS server information. forbidden-ip IP addresses excluded from dynamic allocation. gateway-list Gateway addresses. nbns-list WINS server addresses. netbios-type NetBIOS node type. next-server Next server IP address. tftp-server domain-name TFTP server name.
Page 56
DHCPDISCOVER: DHCPREQUEST: DHCPDECLINE: DHCPRELEASE: DHCPINFORM: BOOTPREQUEST: Messages sent: DHCPOFFER: DHCPACK: DHCPNAK: BOOTPREPLY: Bad Messages: Table 10 Command output Field Description Total number of address pools. This field is not displayed when you Pool number display statistics for a specific address pool. Pool utilization rate: •...
dns-list Use dns-list to specify DNS server addresses in a DHCP address pool. Use undo dns-list to remove DNS server addresses from a DHCP address pool. Syntax dns-list ip-address&<1-8> undo dns-list [ ip-address&<1-8> ] Default No DNS server address is specified. Views DHCP address pool view Predefined user roles...
Parameters domain-name: Specifies the domain name, a case-sensitive string of 1 to 50 characters. Usage guidelines If you use the command multiple times, the most recent configuration takes effect. Examples # Specify the domain name company.com in address pool 0. <Sysname>...
[Sysname] dhcp server ip-pool 0 [Sysname-dhcp-pool-0] expired day 1 hour 2 minute 3 second 4 Related commands display dhcp server expired display dhcp server pool reset dhcp server expired forbidden-ip Use forbidden-ip to exclude IP addresses from dynamic allocation in an address pool. Use undo forbidden-ip to cancel the configuration.
Use undo gateway-list to remove the specified gateway addresses from a DHCP address pool or a DHCP secondary subnet. Syntax gateway-list ip-address&<1-8> undo gateway-list [ ip-address&<1-8> ] Default No gateway address is configured in a DHCP address pool or a DHCP secondary subnet. Views DHCP address pool view, DHCP secondary subnet view Predefined user roles...
Page 61
Views DHCP user class view Predefined user roles network-admin Parameters rule rule-number: Assigns the match rule an ID in the range of 1 to 16. A smaller ID represents a higher match priority. option option-code: Matches a DHCP option by a number in the range of 1 to 254. hex hex-string: Matches the specified hexadecimal string in the option.
# Configure match rule 3 to match DHCP requests that contain Option 82. Option 82's highest bit of the fourth byte is 1 for the DHCP user class exam. <Sysname> system-view [Sysname] dhcp class exam [Sysname-dhcp-class-exam] if-match rule 3 option 82 hex 00000080 mask 00000080 Related commands dhcp class nbns-list...
Syntax netbios-type { b-node | h-node | m-node | p-node } undo netbios-type Default No NetBIOS node type is specified. Views DHCP address pool view Predefined user roles network-admin Parameters b-node: Specifies the broadcast node. A b-node client sends the destination name in a broadcast message to get the name-to-IP mapping from a server.
Predefined user roles network-admin Parameters network-address: Specifies the subnet for dynamic allocation. If no mask length or mask is specified, the natural mask will be used. mask-length: Specifies the mask length in the range of 1 to 30. mask mask: Specifies the mask in dotted decimal format. secondary: Specifies the subnet as a secondary subnet.
Views DHCP address pool view Predefined user roles network-admin Parameters ip-address: Specifies the IP address of a server. Usage guidelines Upon startup, the DHCP client obtains an IP address and the specified server IP address. Then it contacts the specified server, such as a TFTP server, to get other boot information. If you use the next-server command multiple times, the most recent configuration takes effect.
If you use the option command with the same code specified, the most recent configuration takes effect. You can customize options for the following purposes: • Add newly released options. • Add options for which the vendor defines the contents, for example, Option 43. •...
Related commands display dhcp server conflict reset dhcp server expired Use reset dhcp server expired to clear binding information about expired IP addresses. Syntax reset dhcp server expired [ ip ip-address | pool pool-name ] Views User view Predefined user roles network-admin Parameters ip ip-address: Clears binding information about the specified expired IP address.
If you use this command to clear information about an assigned static binding, the static binding becomes an unassigned static binding. Examples # Clear binding information about the IP address 10.110.1.1. <Sysname> reset dhcp server ip-in-use ip 10.110.1.1 Related commands display dhcp server ip-in-use reset dhcp server statistics Use reset dhcp server statistics to clear DHCP server statistics.
client-identifier client-identifier: Specifies the client ID of the static binding, a string of 4 to 254 characters that can contain only hexadecimal numbers and hyphen (-), in the format of H-H-H…., in which the last H can be a two-digit or four-digit hexadecimal number while the other Hs must be all four-digit hexadecimal numbers.
Usage guidelines If you use this command multiple times, the most recent configuration takes effect. Examples # Specify the TFTP server name aaa in DHCP address pool 0. <Sysname> system-view [Sysname] dhcp server ip-pool 0 [Sysname-dhcp-pool-0] tftp-server domain-name aaa Related commands display dhcp server pool tftp-server ip-address tftp-server ip-address...
Syntax dhcp relay check mac-address undo dhcp relay check mac-address Default The MAC address check feature is disabled. Views Interface view Predefined user roles network-admin Usage guidelines This feature enables the DHCP relay agent to compare the chaddr field of a received DHCP request with the source MAC address in the frame header.
Parameters time: Specifies the aging time for MAC address check entries in seconds, in the range of 30 to 600. Usage guidelines This command takes effect only after you execute the dhcp relay check mac-address command. Examples # Set the aging time for MAC address check entries on the DHCP relay agent to 60 seconds. <Sysname>...
undo dhcp relay client-information refresh Default The refresh interval is automatically calculated based on the number of relay entries. Views System view Predefined user roles network-admin Parameters auto: Automatically calculates the refresh interval. The more the entries, the shorter the refresh interval.
• If the server returns a DHCP-ACK message or does not return any message within an interval, the DHCP relay agent performs the following operations: Removes the relay entry. Sends a DHCP-RELEASE message to the DHCP server to release the IP address. ...
Page 76
• sysname: Uses the device name as the node identifier. You can set the device name by using the sysname command in system view. The padding format for the device name is always ASCII regardless of the specified padding format. NOTE: If sysname is used as the node identifier, do not include any space when you set the device name.
dhcp relay information enable Use dhcp relay information enable to enable the relay agent to support Option 82. Use undo dhcp relay information enable to disable Option 82 support. Syntax dhcp relay information enable undo dhcp relay information enable Default The DHCP relay agent does not support Option 82.
Views Interface view Predefined user roles network-admin Parameters normal: Specifies the normal mode in which the padding content is the MAC address of the receiving interface. format: Specifies the padding format for the Remote ID sub-option. The default padding format is hex.
Views Interface view Predefined user roles network-admin Parameters drop: Drops DHCP messages that contain Option 82 messages. keep: Keeps the original Option 82 intact. replace: Replaces the original Option 82 with the configured Option 82. Usage guidelines This command takes effect only on DHCP requests that contain Option 82. When enabled to support Option 82, the DHCP relay agent always adds Option 82 into DHCP requests that do not contain Option 82 before forwarding the requests to the DHCP.
<Sysname> system-view [Sysname] dhcp relay release ip 1.1.1.1 dhcp relay server-address Use dhcp relay server-address to specify DHCP servers on the DHCP relay agent. Use undo dhcp relay server-address to remove DHCP servers. Syntax dhcp relay server-address ip-address undo dhcp relay server-address [ ip-address ] Default No DHCP server is specified on the DHCP relay agent.
Predefined user roles network-admin network-operator Examples # Display MAC address check entries on the DHCP relay agent. <Sysname> display dhcp relay check mac-address Source-MAC Interface Aging-time 23f3-1122-adf1 XGE1/0/1 23f3-1122-2230 XGE1/0/2 Table 12 Command output Field Description Source MAC Source MAC address of the attacker. Interface Interface where the attack comes from.
Total number of temporary items: 1 IP address MAC address Type Interface VPN name 10.1.1.1 00e0-0000-0001 Dynamic Vlan1 VPN1 10.1.1.5 00e0-0000-0000 Temporary Vlan2 VPN2 Table 13 Command output Field Description Total number of client-information items Total number of relay entries. Total number of dynamic items Total number of dynamic relay entries.
Strategy: Replace Circuit ID Pattern: Verbose Remote ID Pattern: Sysname Circuit ID format-type: Undefined Remote ID format-type: ASCII Node identifier: aabbcc Interface: Vlan-interface200 Status: Enable Strategy: Replace Circuit ID Pattern: User Defined Remote ID Pattern: User Defined Circuit ID format-type: ASCII Remote ID format-type: ASCII User defined: Circuit ID: vlan100...
Predefined user roles network-admin network-operator Parameters interface interface-type interface-number: Displays DHCP server addresses on the specified interface. If you do not specify an interface, this command displays DHCP server addresses on all interfaces operating in DHCP relay agent mode. Examples # Display DHCP server addresses on all interfaces.
ip ip-address: Clears the relay entry for the specified IP address. vpn-instance vpn-instance-name: Clears the relay entry for the specified IP address in the specified MPLS L3VPN instance. The vpn-instance-name is a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command clears the relay entry in the public network.
Views System view Predefined user roles network-admin Usage guidelines DHCP client detects IP address conflict through ARP packets. An attacker can act as the IP address owner to send an ARP reply, which makes the client unable to use the IP address assigned by the server.
Syntax dhcp client identifier { ascii string | hex string | mac interface-type interface-number } undo dhcp client identifier Default An interface generates an ASCII character string as the DHCP client ID based on its MAC address and the interface name. Views Interface view Predefined user roles...
Page 89
Parameters verbose: Displays verbose DHCP client information. interface interface-type interface-number: Specifies an interface by its type and number. Usage guidelines If you do not specify an interface, this command displays DHCP client information about all interfaces. Examples # Display DHCP client information about all interfaces. <Sysname>...
Field Description • REQUESTING—The client has sent out a DHCP-REQUEST message requesting for an IP address and is waiting for the response from DHCP servers. • BOUND—The client has received the DHCP-ACK message from a DHCP server and obtained an IP address successfully.
Syntax ip address dhcp-alloc undo ip address dhcp-alloc Default An interface does not use DHCP for IP address acquisition. Views Interface view Predefined user roles network-admin Usage guidelines When you execute the undo ip address dhcp-alloc command, the interface sends a DHCP-RELEASE message to release the IP address obtained through DHCP.
Page 92
Parameters filename: Specifies the name of a local file. For information about the filename argument, see Fundamentals Configuration Guide. url url: Specifies the URL of a remote file. Do not include any username or password in the URL. Case sensitivity and the supported path format type vary by server. username username: Specifies the username for logging in to the remote device.
Related commands dhcp snooping binding database update interval dhcp snooping binding database update interval Use dhcp snooping binding database update interval to set the waiting time after a DHCP snooping entry change for the DHCP snooping device to update the backup file. Use undo dhcp snooping binding database update interval to restore the default.
Usage guidelines This command does not take effect if you do not configure the DHCP snooping entry auto backup by using the dhcp snooping binding database filename command. Examples # Manually save DHCP snooping entries to the backup file. <Sysname> system-view [Sysname] dhcp snooping binding database update now Related commands dhcp snooping binding database filename...
Default MAC address check for DHCP snooping is disabled. Views Layer 2 Ethernet interface/Layer 2 aggregate interface view S-channel interface/S-channel aggregate interface view VSI interface/VSI aggregate interface view Predefined user roles network-admin Usage guidelines With MAC address check enabled, DHCP snooping compares the chaddr field of a received DHCP request with the source MAC address field in the frame header.
• If a match is found, DHCP snooping compares the entry with the message. If they have consistent information, DHCP snooping considers the packet valid and forwards it to the DHCP server. If they have different information, DHCP snooping considers the message invalid and discards it.
Views System view Predefined user roles network-admin Usage guidelines Use the DHCP snooping feature together with trusted port configuration. Before trusted ports are configured, all ports on the DHCP snooping device are untrusted and the device discards all responses sent from DHCP servers. When DHCP snooping is disabled, the device forwards all responses from DHCP servers.
Page 98
NOTE: If sysname is used as the node identifier, do not include any space when you set the device name. Otherwise, the DHCP snooping device fails to add or replace the Option 82. • user-defined node-identifier: Uses a case-sensitive string of 1 to 50 characters as the node identifier.
dhcp snooping information enable Use dhcp snooping information enable to enable DHCP snooping to support Option 82. Use undo dhcp snooping information enable to disable this feature. Syntax dhcp snooping information enable undo dhcp snooping information enable Default DHCP snooping does not support Option 82. Views Layer 2 Ethernet interface view, Layer 2 aggregate interface view Predefined user roles...
Views Layer 2 Ethernet interface view, Layer 2 aggregate interface view Predefined user roles network-admin Parameters vlan vlan-id: Specifies the VLAN ID as the Remote ID sub-option. string remote-id: Specifies the string mode that uses a case-sensitive string of 1 to 63 characters as the content of the Remote ID sub-option.
Views Layer 2 Ethernet interface view, Layer 2 aggregate interface view Predefined user roles network-admin Parameters drop: Drops DHCP messages that contain Option 82. keep: Keeps the original Option 82 intact. replace: Replaces the original Option 82 with the configured Option 82. Usage guidelines This command takes effect only on DHCP requests that contain Option 82.
Examples # Enable DHCP snooping logging. <Sysname> system-view [Sysname] dhcp snooping log enable dhcp snooping max-learning-num Use dhcp snooping max-learning-num to set the maximum number of DHCP snooping entries for an interface to learn. Use undo dhcp snooping max-learning-num to restore the default. Syntax dhcp snooping max-learning-num number undo dhcp snooping max-learning-num...
S-channel interface/S-channel aggregate interface view VSI interface/VSI aggregate interface view Predefined user roles network-admin Parameters rate: Specifies the maximum rate for an interface to receive DHCP packets, in Kbps. The value must be an integer multiple of 8 in the range of 64 to 512. Usage guidelines This command takes effect only when DHCP snooping is enabled.
Related commands display dhcp snooping trust display dhcp snooping binding Use display dhcp snooping binding to display DHCP snooping entries. Syntax display dhcp snooping binding [ ip ip-address [ vlan vlan-id ] ] Views Any view Predefined user roles network-admin network-operator Parameters ip ip-address: Displays the DHCP snooping entry for the specified IP address.
reset dhcp snooping binding display dhcp snooping binding database Use display dhcp snooping binding database to display information about DHCP snooping entry auto backup. Syntax display dhcp snooping binding database Views Any view Predefined user roles network-admin network-operator Examples # Display information about DHCP snooping entry auto backup. <Sysname>...
Page 106
Views Any view Predefined user roles network-admin network-operator Parameters all: Displays Option 82 configuration on all Layer 2 Ethernet interfaces. interface interface-type interface-number: Specifies an interface by its type and number. Examples # Display Option 82 configuration on all interfaces. <Sysname>...
Related commands ip address bootp-alloc ip address bootp-alloc Use ip address bootp-alloc to configure an interface to use BOOTP for IP address acquisition. Use undo ip address bootp-alloc to cancel an interface from using BOOTP. Syntax ip address bootp-alloc undo ip address bootp-alloc Default An interface does not use BOOTP for IP address acquisition.
DNS commands display dns domain Use display dns domain to display the domain name suffixes. Syntax display dns domain [ dynamic ] [ vpn-instance vpn-instance-name ] Views Any view Predefined user roles network-admin network-operator Parameters dynamic: Displays the domain name suffixes dynamically obtained through DHCP or other protocols.
Page 112
Syntax display dns host [ ip | ipv6 ] [ vpn-instance vpn-instance-name ] Views Any view Predefined user roles network-admin network-operator Parameters ip: Specifies type A queries. A type A query resolves a domain name to the mapped IPv4 address. ipv6: Specifies type AAAA queries.
Field Description • For type AAAA query, the replied IP address is an IPv6 address. Related commands ip host ipv6 host reset dns host display dns server Use display dns server to display IPv4 DNS server information. Syntax display dns server [ dynamic ] [ vpn-instance vpn-instance-name ] Views Any view Predefined user roles...
Related commands dns server display ipv6 dns server Use display ipv6 dns server to display IPv6 DNS server information. Syntax display ipv6 dns server [ dynamic ] [ vpn-instance vpn-instance-name ] Views Any view Predefined user roles network-admin network-operator Parameters dynamic: Displays IPv6 DNS server information dynamically obtained through DHCP or other protocols.
Use undo dns domain to delete the specified domain name suffix. Syntax dns domain domain-name [ vpn-instance vpn-instance-name ] undo dns domain domain-name [ vpn-instance vpn-instance-name ] Default No domain name suffix is configured. Only the provided domain name is resolved. Views System view Predefined user roles...
Views System view Predefined user roles network-admin Parameters dscp-value: Sets the DSCP value for outgoing DNS packets, in the range of 0 to 63. Usage guidelines The DSCP value of a packet specifies the priority level of the packet and affects the transmission priority of the packet.
undo dns server [ ip-address ] [ vpn-instance vpn-instance-name ] Default No DNS server is specified. Views System view Predefined user roles network-admin Parameters ip-address: Specifies an IPv4 address of a DNS server. vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters.
vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. To specify a source interface on the public network, do not use this option. Usage guidelines This configuration applies to both IPv4 and IPv6. •...
not answer or forward a DNS request if it cannot find a local matching DNS entry or reach the DNS server. You can configure DNS spoofing for the public network and a maximum of 1024 VPNs. You can specify only one replied IPv4 address on the DNS spoofing device for the public network or each VPN.
ip host Use ip host to create a host name-to-IPv4 address mapping. Use undo ip host to remove a mapping. Syntax ip host host-name ip-address [ vpn-instance vpn-instance-name ] undo ip host host-name ip-address [ vpn-instance vpn-instance-name ] Default No mappings are created. Views System view Predefined user roles...
undo ipv6 dns dscp Default The DSCP value for IPv6 DNS packets is 0. Views System view Predefined user roles network-admin Parameters dscp-value: Sets the DSCP value for outgoing IPv6 DNS packets, in the range of 0 to 63. Usage guidelines The DSCP value of a packet specifies the priority level of the packet and affects the transmission priority of the packet.
Usage guidelines For dynamic DNS, the device sends DNS query request to the IPv6 DNS servers in the order their IPv6 addresses are specified. You can specify the following: • DNS server IPv6 addresses for the public network and up to 1024 VPNs. •...
[Sysname] dns proxy enable [Sysname] ipv6 dns spoofing 2001::1 Related commands dns proxy enable ipv6 host Use ipv6 host to create a host name-to-IPv6 address mapping. Use undo ipv6 host to remove a mapping. Syntax ipv6 host host-name ipv6-address [ vpn-instance vpn-instance-name ] undo ipv6 host host-name ipv6-address [ vpn-instance vpn-instance-name ] Default No mappings are created.
reset dns host Use reset dns host to clear dynamic DNS entries. Syntax reset dns host [ ip | ipv6 ] [ vpn-instance vpn-instance-name ] Views User view Predefined user roles network-admin Parameters ip: Specifies type A queries. A type A query resolves a domain name to the mapped IPv4 address. ipv6: Specifies type AAAA queries.
DDNS commands The term "interface" in this chapter collectively refers to Layer 3 interfaces, including VLAN interfaces and Layer 3 Ethernet interfaces. You can set an Ethernet port as a Layer 3 interface by using the port link-mode route command (see Layer 2—LAN Switching Configuration Guide). ddns apply policy Use ddns apply policy to apply a DDNS policy to an interface to update the mapping between the FQDN and the primary IP address of the interface, and to enable DDNS update.
ddns dscp Use ddns dscp to set the DSCP value for outgoing DDNS packets. Use undo ddns dscp to restore the default. Syntax ddns dscp dscp-value undo ddns dscp Default The DSCP value for outgoing DDNS packets is 0. Views System view Predefined user roles network-admin...
Examples # Create a DDNS policy steven_policy and enter its view. <Sysname> system-view [Sysname] ddns policy steven_policy Related commands ddns apply policy display ddns policy display ddns policy Use display ddns policy to display information about DDNS policies. Syntax display ddns policy [ policy-name ] Views Any view Predefined user roles...
Views DDNS policy view Predefined user roles network-admin Parameters days: Days in the range of 0 to 365. hours: Hours in the range of 0 to 23. minutes: Minutes in the range of 0 to 59. Usage guidelines A DDNS update request is initiated immediately after the primary IP address of the interface changes or the link state of the interface changes from down to up.
Parameters http-get: Uses the get operation. http-post: Uses the post operation. Usage guidelines This command applies to DDNS updates in HTTP/HTTPS. If the DDNS server uses HTTP or HTTPS service, choose a parameter transmission method compatible with the DDNS server. For example, a DHS server supports the http-post method.
Examples # Specify the login password as nevets to be included in the URL address for update requests of DDNS policy steven_policy. <Sysname> system-view [Sysname] ddns policy steven_policy [Sysname-ddns-policy-steven_policy] password simple nevets Related commands ddns policy display ddns policy username ssl-client-policy Use ssl-client-policy to associate an SSL client policy with a DDNS policy.
Use url to specify the URL address for DDNS update requests. Use undo url to delete the URL address. Syntax url request-url undo url Default No URL address is specified for DDNS update requests. Views DDNS policy view Predefined user roles network-admin Parameters request-url: Specifies the URL address, a case-sensitive string of 1 to 240 characters.
Page 133
No username or password is included in the URL address. To configure the username and password, use the username command and the password command. HP and GNUDIP are common DDNS update protocols. The server-name parameter is the domain name or IP address of the service provider's server using one of the update protocols. The URL address for an update request can start with: •...
username Use username to specify the username to be included in the URL address for DDNS update requests. Use undo username to remove the username. Syntax username username undo username Default No username is specified for the URL address. Views DDNS policy view Predefined user roles network-admin...
Basic IP forwarding commands display fib Use display fib to display FIB entries. Syntax display fib [ vpn-instance vpn-instance-name ] [ ip-address [ mask | mask-length ] ] Views Any view Predefined user roles network-admin network-operator Parameters vpn-instance vpn-instance-name: Displays the FIB table for the specified VPN. The vpn-instance-name argument is a case-sensitive string of 1 to 31 characters.
Field Description OutInterface/Token Output interface/LSP index number. Label Inner label. ip forwarding-table save Use ip forwarding-table save to save the IP forwarding entries to a file. Syntax ip forwarding-table save filename filename Views Any view Predefined user roles network-admin Parameters filename filename: Specifies the name of a file, a string of 1 to 255 characters.
Views System view Predefined user roles network-admin Usage guidelines Local-first load sharing takes effect only in an IRF fabric. Examples # Disable local-first load sharing. <Sysname> system-view [Sysname] undo ip load-sharing local-first enable ip load-sharing mode per-flow Use ip load-sharing mode per-flow to configure per-flow load sharing. Use undo ip load-sharing mode per-flow to restore the default.
Examples # Configure per-flow load sharing on IRF member device 2. <Sysname> system-view [Sysname] ip load-sharing mode per-flow slot 2 ip load-sharing symmetric enable Use ip load-sharing symmetric enable to enable symmetric load sharing. Use undo ip load-sharing symmetric enable to restore the default. Syntax ip load-sharing symmetric enable undo ip load-sharing symmetric enable...
Fast forwarding commands display ip fast-forwarding aging-time Use display ip fast-forwarding aging-time to display the aging time of fast forwarding entries. Syntax display ip fast-forwarding aging-time Views Any view Predefined user roles network-admin network-operator Examples # Display the aging time of fast forwarding entries. <Sysname>...
Examples # Display all fast forwarding entries. <Sysname> display ip fast-forwarding cache Total number of fast-forwarding entries: 2 SPort DIP DPort Pro Input_If Output_If 192.168.0.71 192.168.0.18 3313 InLoop0 M-GE0/0/0 192.168.0.18 3313 192.168.0.71 M-GE0/0/0 InLoop0 Table 30 Command output Field Description Source IP address.
slot slot-number: Specifies an IRF member device by its member ID or a PEX by its virtual slot number. If you do not specify this option on an IRF fabric, the command displays fast forwarding entries for the fragmented packets on all member devices. If you do not specify this option on an eIRF system, the command displays fast forwarding entries for the fragmented packets on all parent devices and PEXs.
Views System view Predefined user roles network-admin Parameters aging-time: Specifies the aging time for fast forwarding entries, in the range of 10 to 300 seconds. Examples # Set the aging time of fast forwarding entries to 20 seconds. <Sysname> system-view [Sysname] ip fast-forwarding aging-time 20 Related commands display ip fast-forwarding aging-time...
Page 146
Views User view Predefined use roles network-admin Parameters slot slot-number: Specifies an IRF member device by its member ID or a PEX by its virtual slot number. If you do not specify this option on an IRF fabric, the command clears fast forwarding table information on all member devices.
IRDP commands The term "interface" in this chapter collectively refers to Layer 3 interfaces, including VLAN interfaces and Layer 3 Ethernet interfaces. You can set an Ethernet port as a Layer 3 interface by using the port link-mode route command (see Layer 2—LAN Switching Configuration Guide). ip irdp Use ip irdp to enable IRDP on an interface.
Parameters ip-address: Specifies an IP address in dotted decimal notation. preference-value: Specifies the preference for the proxy-advertised IP address, in the range of – 2147483648 to 2147483647. Usage guidelines You can specify a maximum of four proxy-advertised IP addresses on an interface. An RA sent on an interface includes the IP addresses of the interface and the proxy-advertised IP addresses.
Related commands ip irdp ip irdp interval ip irdp interval Use ip irdp interval to set the maximum and minimum intervals for advertising RAs on an interface. Use undo ip irdp interval to restore the default. Syntax ip irdp interval max-interval-value [ min-interval-value ] undo ip irdp interval Default The maximum advertising interval is 600 seconds, and the minimum advertising interval is 3/4 of the...
Syntax ip irdp multicast undo ip irdp multicast Default The destination IP address is 255.255.255.255. Views Interface view Predefined user roles network-admin Examples # Specify the multicast address 224.0.0.1 as the destination IP address for VLAN-interface 100 to send RAs. <Sysname>...
IP performance optimization commands The term "interface" in this chapter collectively refers to Layer 3 interfaces, including VLAN interfaces and Layer 3 Ethernet interfaces. You can set an Ethernet port as a Layer 3 interface by using the port link-mode route command (see Layer 2—LAN Switching Configuration Guide). display icmp statistics Use display icmp statistics to display ICMP statistics.
display ip statistics Use display ip statistics to display IP packet statistics. Syntax display ip statistics [ slot slot-number ] Views Any view Predefined user roles network-admin network-operator Parameters slot slot-number: Specifies an IRF member device by its member ID or a PEX by its virtual slot number.
Field Description local Total number of packets locally sent. dropped Total number of packets discarded. no route Total number of packets for which no route is available. compress fails Total number of packets failed to be compressed. input Total number of fragments received. output Total number of fragments sent.
Table 33 Command output Field Description Local Addr Local IP address. Foreign Addr Peer IP address. Protocol Protocol number. Slot ID of the IRF member device. Protocol control block. display rawip verbose Use display rawip verbose to display detailed information about RawIP connections. Syntax display rawip verbose [ slot slot-number [ pcb pcb-index ] ] Views...
Page 156
TTL: 255(minimum TTL: 0) Send VRF: 0xffff Receive VRF: 0xffff Table 34 Command output Field Description Total RawIP socket number Total number of RawIP sockets. Slot ID of the IRF member device. Name of the operation that created the socket. The number in Creator brackets is the process number of the creator.
Field Description • INP_ANONPORT—Port number not specified. • INP_RECVIF—Records the input interface of the packet. • INP_RECVTTL—Receives TTL of the packet. Only UDP and RawIP support this flag. • INP_DONTFRAG—Sets the Don't Fragment flag. • INP_ROUTER_ALERT—Receives packets with the router alert option.
Field Description • INP_RECVOPTS—Receives IP options. • INP_RECVRETOPTS—Receives replied IP options. • INP_RECVDSTADDR—Receives destination IP address. • INP_HDRINCL—Provides the entire IP header. • INP_REUSEADDR—Reuses the IP address. • INP_REUSEPORT—Reuses the port number. • INP_ANONPORT—Port number not specified. • INP_RECVIF—Records the input interface of the packet. •...
Usage guidelines Brief UDP connection information includes local IP address and port number, and peer IP address and port number. Examples # Display brief information about UDP connections. <Sysname> display udp Local Addr:port Foreign Addr:port Slot PCB 0.0.0.0:69 0.0.0.0:0 0x0000000000000003 192.168.20.200:1024 192.168.20.14:69 0x0000000000000002...
Total: 0 Related commands reset udp statistics display udp verbose Use display udp verbose to display detailed information about UDP connections. Syntax display udp verbose [ slot slot-number [ pcb pcb-index ] ] Views Any view Predefined user roles network-admin network-operator Parameters pcb pcb-index: Specifies a PCB by its index in the range of 1 to 16.
Page 165
Table 38 Command output Field Description Total UDP socket number Total number of UDP sockets. Slot ID of the IRF member device. Name of the operation that created the socket. The number in brackets is Creator the process number of the creator. State Socket state.
Field Description option. Only RawIP supports this flag. • INP_PROTOCOL_PACKET—Identifies a protocol packet. • INP_RCVVLANID—Receives the VLAN ID of the packet. Only UDP and RawIP support this flag. • INP_RCVMACADDR—Receives the MAC address of the frame. • INP_SNDBYLSPV—Sends through MPLS. •...
This command enables an interface to accept directed broadcast packets that are destined for and received from the directly connected network to support UDP helper. UDP helper converts the directed broadcasts to unicasts and forwards them to a specific server. The command also enables the interface to forward directed broadcast packets that are destined for the directly connected network and are received from another subnet to support Wake on LAN.
ip icmp fragment discarding Use ip icmp fragment discarding to disable forwarding of ICMP fragments. Use undo ip icmp fragment discarding to enable forwarding of ICMP fragments. Syntax ip icmp fragment discarding undo ip icmp fragment discarding Default Forwarding of ICMP fragments is enabled. Views System view Predefined user roles...
Usage guidelines It is a good practice to specify the IP address of the loopback interface as the source IP address for outgoing ping echo request and ICMP error messages. This feature helps users to locate the sending device easily. Examples # Specify 1.1.1.1 as the source address for outgoing ICMP packets.
ip redirects enable Use ip redirects enable to enable sending ICMP redirect messages. Use undo ip redirects enable to disable sending ICMP redirect messages. Syntax ip redirects enable undo ip redirects enable Default Sending ICMP redirect messages is disabled. Views System view Predefined user roles network-admin...
Usage guidelines A device sends ICMP time-exceeded messages by following these rules: • If a received packet is not destined for the device and the TTL field of the packet is 1, the device sends an ICMP TTL Expired in Transit message to the source. •...
[Sysname] ip unreachables enable reset ip statistics Use reset ip statistics to clear IP traffic statistics. Syntax reset ip statistics [ slot slot-number ] Views User view Predefined user roles network-admin Parameters slot slot-number: Specifies an IRF member device by its member ID or a PEX by its virtual slot number.
Syntax reset udp statistics Views User view Predefined user roles network-admin Examples # Clear UDP traffic statistics. <Sysname> reset udp statistics Related commands display udp statistics tcp mss Use tcp mss to configure the TCP maximum segment size (MSS). Use undo tcp mss to restore the default. Syntax tcp mss value undo tcp mss...
Predefined user roles network-admin Usage guidelines A TCP connection is established through a three-way handshake: The sender sends a SYN packet to the server. The server receives the SYN packet, establishes a TCP semi-connection in SYN_RECEIVED state, and replies with a SYN ACK packet to the sender. The sender receives the SYN ACK packet and replies with an ACK packet.
Examples # Set the TCP FIN wait timer to 800 seconds. <Sysname> system-view [Sysname] tcp timer fin-timeout 800 tcp timer syn-timeout Use tcp timer syn-timeout to configure the TCP SYN wait timer. Use undo tcp timer syn-timeout to restore the default. Syntax tcp timer syn-timeout time-value undo tcp timer syn-timeout...
Page 177
Parameters window-size: Specifies the size of the TCP receive/send buffer in KB, in the range of 1 to 64. Examples # Configure the size of the TCP receive/send buffer as 3 KB. <Sysname> system-view [Sysname] tcp window 3...
UDP helper commands The term "interface" in this chapter collectively refers to VLAN interfaces, Layer 3 Ethernet interfaces and subinterfaces, and Layer 3 aggregate interfaces and subinterfaces. You can set an Ethernet port as a Layer 3 interface by using the port link-mode route command (see Layer 2—LAN Switching Configuration Guide).
reset udp-helper statistics Use reset udp-helper statistics to clear packet statistics for UDP helper. Syntax reset udp-helper statistics Views User view Predefined user roles network-admin Examples # Clear the packet statistics for UDP helper. <Sysname> reset udp-helper statistics Related commands display udp-helper interface udp-helper broadcast-map Use udp-helper broadcast-map to specify a multicast address for UDP helper to convert broadcast...
Default No UDP port number is specified for UDP helper. Views System view Predefined user roles network-admin Parameters port-number: Specifies a UDP port number in the range of 1 to 65535 (except 67 and 68). dns: Specifies the UDP port 53 used by DNS packets. netbios-ds: Specifies the UDP port 138 used by NetBIOS distribution service packets.
Page 182
vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance to which the server belongs. The VPN instance name is a case-sensitive string of 1 to 31 characters. Usage guidelines Specify destination servers on an interface that receives UDP broadcast packets. You can specify a maximum of 20 unicast and multicast addresses for UDP helper to convert broadcast packets on an interface.
IPv6 basics commands The term "interface" in this chapter collectively refers to Layer 3 interfaces, including VLAN interfaces and Layer 3 Ethernet interfaces. You can set an Ethernet port as a Layer 3 interface by using the port link-mode route command (see Layer 2—LAN Switching Configuration Guide). display ipv6 fib Use display ipv6 fib to display IPv6 FIB entries.
Table 40 Command output Field Description Destination count Total number of destination addresses. FIB entry count Total number of IPv6 FIB entries. Destination Destination address. Prefix length Prefix length of the destination address. Nexthop Next hop. Route flag: • U—Usable route. •...
checksum error bad length path MTU changed destination unreachable too big parameter problem echo request echo reply neighbor solicit neighbor advertisement router solicit router advertisement redirect router renumbering output: parameter problem echo request echo reply unreachable no route unreachable admin unreachable beyond scope 0 unreachable address unreachable no port...
Page 186
IPv6 is enabled, link-local address is FE80::1234:56FF:FE65:4322 [TENTATIVE] Global unicast address(es): 10::1234:56FF:FE65:4322, subnet is 10::/64 [TENTATIVE] [AUTOCFG] [valid lifetime 4641s/preferred lifetime 4637s] 20::1234:56ff:fe65:4322, subnet is 20::/64 [TENTATIVE] [EUI-64] 30::1, subnet is 30::/64 [TENTATIVE] [ANYCAST] 40::2, subnet is 40::/64 [TENTATIVE] [DHCP] 50::3, subnet is 50::/64 [TENTATIVE] Joined group address(es): FF02::1...
Page 187
Field Description • Administratively DOWN—The VLAN interface has been administratively shut down by using the shutdown command. • DOWN—The VLAN interface is administratively up but its physical state is down because all ports in the VLAN are down. • UP—The administrative and physical states of the VLAN interface are both up.
Page 188
Field Description Received IPv6 packets that are too short, with a length less than 40 bytes, InTooShorts for example. Received IPv6 packets with a length less than that specified in the InTruncatedPkts packets. InHopLimitExceeds Received IPv6 packets with a hop count exceeding the limit. InBadHeaders Received IPv6 packets with incorrect basic headers.
Table 42 Command output Field Description *down: administratively The interface has been administratively shut down by using the shutdown down command. Spoofing attribute of the interface. (s): spoofing The link protocol state of the interface is up, but the link is temporarily established on demand or does not exist.
Lifetime(Valid/Preferred): 3000/2000 Prefix: 3001::/64 Origin: RA Age: Flag: Lifetime(Valid/Preferred): - Table 43 Command output Filed Description Prefix IPv6 address prefix. How the prefix is generated: • STATIC—Manually configured by using the ipv6 nd ra prefix command. Origin • RA—Advertised in RA messages after stateless autoconfiguration is enabled. •...
Page 191
interface interface-type interface-number: Specifies an interface by its type and name. vlan vlan-id: Specifies a VLAN by its ID. The value range for VLAN ID is 1 to 4094. verbose: Displays detailed neighbor information. Usage guidelines You can use the reset ipv6 neighbors command to clear IPv6 neighbor information. Examples # Display all neighbor information.
Field Description A hyphen (-) indicates a static entry. For a dynamic entry, this field displays the elapsed time in seconds. If the neighbor is never reachable, this field displays a pound sign (#). Name of a VPN or [No Vrf] with no VPN configured. Vpn-instance Related commands ipv6 neighbor...
Predefined user roles network-admin network-operator Examples # Display the maximum number of ND entries that a device supports. <Sysname> display ipv6 neighbors entry-limit ND entries: 8192 display ipv6 neighbors vpn-instance Use display ipv6 neighbors vpn-instance to display neighbor information about a VPN. Syntax display ipv6 neighbors vpn-instance vpn-instance-name [ count ] Views...
Field Description message to verify the reachability of the neighbor. Neighbor information type: • S—Statically configured. • D—Dynamically obtained. • O—Learned from the OpenFlow module. • I—Invalid. A hyphen (-) indicates a static entry. For a dynamic entry, this field displays the elapsed time in seconds. If the neighbor is never reachable, this field displays a pound sign (#).
<Sysname> display ipv6 pathmtu all count Total number of entries: 3 Table 46 Command output Field Description PathMTU Path MTU value on the network path to an IPv6 address. Time for a Path MTU to live. For a static Path MTU, this field displays a hyphen (-).
Prefix: ABCD:77D8::/32 Preferred lifetime 90 sec, valid lifetime 120 sec Table 47 Command output Field Description Number Prefix ID. Prefix type: • Static—Static IPv6 prefix. Type • Dynamic—Dynamic IPv6 prefix. Prefix Prefix and its length. If no prefix is obtained, this field displays Not-available. Preferred lifetime 90 sec Preferred lifetime in seconds.
Table 48 Command output Field Description Local Addr Local IPv6 address. Foreign Addr Peer IPv6 address. Protocol Protocol number. Slot ID of the IRF member device. PCB index. display ipv6 rawip verbose Use display ipv6 rawip verbose to display detailed information about IPv6 RawIP connections. Syntax display ipv6 rawip verbose [ slot slot-number [ pcb pcb-index ] ] Views...
Page 198
Send VRF: 0xffff Receive VRF: 0xffff Table 49 Command output Field Description Total RawIP socket number Total number of IPv6 RawIP sockets. Slot ID of the IRF member device. Creator Task name of the socket. The process number is in the square brackets. State Socket state.
Field Description and RawIP support this flag. • IN6P_IPV6_V6ONLY—Only supports IPv6 protocol stack. • IN6P_PKTINFO—Receives the source IPv6 address and input interface of the packet. • IN6P_HOPLIMIT—Receives the hop limit. • IN6P_HOPOPTS—Receives the hop-by-hop options extension header. • IN6P_DSTOPTS—Receives the destination options extension header. •...
Page 200
Parameters slot slot-number: Specifies an IRF member device by its member ID or a PEX by its virtual slot number. Usage guidelines This command displays statistics about received and sent IPv6 and ICMPv6 packets. Use the reset ipv6 statistics command to clear the statistics of all IPv6 and ICMPv6 packets. If the slot slot-number option is not specified, this command displays IPv6 and ICMPv6 packet statistics on all IRF member devices.
Field Description TCP connection state: • CLOSED—The server receives a disconnection request's reply from the client. • LISTEN—The server is waiting for connection requests. • SYN_SENT—The client is waiting for the server to reply to the connection request. • SYN_RCVD—The server receives a connection request. •...
Page 204
Field Description • 3—SOCK_RAW. This socket allows an application to change the next upper-layer protocol header. • N/A—None of the above types. Protocol Number of the protocol using the socket. 6 represents TCP. Connection information, including source IPv6 address and port number, Connection info and destination IPv6 address and port number.
Field Description • LISTEN—The server is waiting for connection requests. • SYN_SENT—The client is waiting for the server to reply to the connection request. • SYN_RCVD—The server receives a connection request. • ESTABLISHED—The server and client have established connections and can transmit data bidirectionally. •...
2003::1->25 2001::2->1283 0x0000000000000009 Table 52 Command output Field Description LAddr->port Local IPv6 address and port number. FAddr->port Peer IPv6 address and port number. Slot ID of the IRF member device. PCB index. display ipv6 udp verbose Use display ipv6 udp verbose to display detailed information about IPv6 UDP connections. Syntax display ipv6 udp verbose [ slot slot-number [ pcb pcb-index ] ] Views...
Page 207
Inpcb vflag: INP_IPV6 Hop limit: 255 (minimum hop limit: 0) Send VRF: 0xffff Receive VRF: 0xffff Table 53 Command output Field Description Total UDP socket number Total number of IPv6 UDP sockets. Slot ID of the IRF member device. Creator Task name of the socket.
Field Description • INP_REUSEPORT—Reuses the port number. • INP_ANONPORT—Port number not specified. • INP_PROTOCOL_PACKET—Identifies a protocol packet. • INP_RCVVLANID—Receives the VLAN ID of the packet. Only UDP and RawIP support this flag. • IN6P_IPV6_V6ONLY—Only supports IPv6 protocol stack. • IN6P_PKTINFO—Receives the source IPv6 address and input interface of the packet.
Default No IPv6 global unicast address is configured for an interface. Views Interface view Predefined user roles network-admin Parameters ipv6-address: Specifies an IPv6 address. prefix-length: Specifies a prefix length in the range of 1 to 128. Usage guidelines Like public IPv4 addresses, IPv6 global unicast addresses are assigned to ISPs. This type of address allows for prefix aggregation to reduce the number of global routing entries.
Examples # Set the IPv6 anycast address of VLAN-interface 100 to 2001::1 with prefix length 64. Method 1: <Sysname> system-view [Sysname] interface vlan-interface 100 [Sysname-Vlan-interface100] ipv6 address 2001::1/64 anycast Method 2: <Sysname> system-view [Sysname] interface vlan-interface 100 [Sysname-Vlan-interface100] ipv6 address 2001::1 64 anycast ipv6 address auto Use ipv6 address auto to enable the stateless address autoconfiguration function on an interface, so that the interface can automatically generate a global unicast address.
undo ipv6 address auto link-local Default No link-local address is configured on an interface. A link-local address is automatically generated after an IPv6 global unicast address is configured for the interface. Views Interface view Predefined user roles network-admin Usage guidelines Link-local addresses are used for neighbor discovery and stateless autoconfiguration on the local link.
undo ipv6 address [ ipv6-address prefix-length | ipv6-address/prefix-length ] eui-64 Default No EUI-64 IPv6 address is configured for an interface. Views Interface view Predefined user roles network-admin Parameters ipv6-address/prefix-length: Specifies an IPv6 address and IPv6 prefix length. The ipv6-address and prefix-length arguments jointly specify the prefix of an EUI-64 IPv6 address.
Parameters ipv6-address: IPv6 link-local address. The first 10 bits of an address must be 1111111010 (binary). The first group of hexadecimals in the address must be FE80 to FEBF. Usage guidelines Manual assignment takes precedence over automatic generation. If you adopt automatic generation, and then use manual assignment, the manually assigned link-local address overwrites the one that is automatically generated.
Examples # Set the maximum number of hops to 100. <Sysname> system-view [Sysname] ipv6 hop-limit 100 Related commands ipv6 nd ra hop-limit unspecified ipv6 hoplimit-expires enable Use ipv6 hoplimit-expires enable to enable sending ICMPv6 Time Exceeded messages. Use undo ipv6 hoplimit-expires to disable sending ICMPv6 Time Exceeded messages. Syntax ipv6 hoplimit-expires enable undo ipv6 hoplimit-expires enable...
Views System view Predefined user roles network-admin Parameters milliseconds: Specifies the interval for tokens to arrive in the bucket. The value range is 0 to 2147483647 milliseconds, and the default is 100 milliseconds. To disable the ICMPv6 rate limit, set the value to 0.
<Sysname> system-view [Sysname] ipv6 icmpv6 multicast-echo-reply enable ipv6 icmpv6 source Use ipv6 icmpv6 source to specify an IPv6 address as the source address for outgoing ICMPv6 packets. Use undo ipv6 icmpv6 source to restore the default. Syntax ipv6 icmpv6 source [ vpn-instance vpn-instance-name ] ipv6-address undo ipv6 icmpv6 source [ vpn-instance vpn-instance-name ] Default The device uses the IPv6 address of the sending interface as the source IPv6 address for outgoing...
Views Interface view Predefined user roles network-admin Parameters mtu-size: Specifies the size of the MTUs of an interface, in the range of 1280 to 10240 bytes. Usage guidelines IPv6 routers do not support packet fragmentation. After an IPv6 router receives an IPv6 packet, if the packet size is greater than the MTU of the forwarding interface, the router discards the packet.
<Sysname> system-view [Sysname] interface vlan-interface 100 [Sysname-Vlan-interface100] ipv6 nd autoconfig managed-address-flag ipv6 nd autoconfig other-flag Use ipv6 nd autoconfig other-flag to set the other stateful configuration flag (O) to 1 in RA advertisements to be sent. Use undo ipv6 nd autoconfig other-flag to restore the default. Syntax ipv6 nd autoconfig other-flag undo ipv6 nd autoconfig other-flag...
Views Interface view Predefined user roles network-admin Parameters value: Specifies the number of attempts to send an NS message for DAD, in the range of 0 to 600. If it is set to 0, DAD is disabled. Usage guidelines An interface sends an NS message for DAD after obtaining an IPv6 address. If the interface does not receive a response within the time specified by using the ipv6 nd ns retrans-timer command, it resends an NS message.
Usage guidelines If a device does not receive a response from the peer within the specified interval, the device re-sends an NS message. The value specified by this command serves as the interval for the local interface to retransmit an NS message.
Related commands display ipv6 interface ipv6 nd ra halt Use ipv6 nd ra halt to suppress an interface from advertising RA message. Use undo ipv6 nd ra halt to disable this function. Syntax ipv6 nd ra halt undo ipv6 nd ra halt Default An interface is suppressed from sending RA messages.
[Sysname] interface vlan-interface 10 [Sysname-Vlan-interface10] ipv6 nd ra hop-limit unspecified Related commands ipv6 hop-limit ipv6 nd ra interval Use ipv6 nd ra interval to set the maximum and minimum intervals for advertising RA messages. Use undo ipv6 nd ra interval to restore the default. Syntax ipv6 nd ra interval max-interval-value min-interval-value undo ipv6 nd ra interval...
Syntax ipv6 nd ra no-advlinkmtu undo ipv6 nd ra no-advlinkmtu Default RA messages contain the MTU option. Views Interface view Predefined user roles network-admin Usage guidelines The MTU option in the RA messages specifies the link MTU to make sure that all the nodes on the link use the same MTU.
preferred-lifetime: Specifies the preferred lifetime of a prefix used for stateless autoconfiguration, in the range of 0 to 4294967295 seconds. The preferred lifetime cannot be greater than the valid lifetime. no-autoconfig: Specifies a prefix not to be used for stateless autoconfiguration. If you do not specify this keyword, the prefix is used for stateless autoconfiguration.
The router lifetime in RA messages must be greater than or equal to the advertising interval. Examples # Set the router lifetime in RA messages on VLAN-interface 100 to 1000 seconds. <Sysname> system-view [Sysname] interface vlan-interface 100 [Sysname-Vlan-interface100] ipv6 nd ra router-lifetime 1000 Related commands ipv6 nd ra interval ipv6 nd router-preference...
Page 226
Syntax ipv6 neighbor ipv6-address mac-address { vlan-id port-type port-number | interface interface-type interface-number } [ vpn-instance vpn-instance-name ] undo ipv6 neighbor ipv6-address interface-type interface-number Default No static neighbor entry is configured. Views System view Predefined user roles network-admin Parameters ipv6-address: Specifies the IPv6 address of the static neighbor entry. mac-address: Specifies the MAC address (48 bits) of the static neighbor entry, in the format of H-H-H.
Predefined user roles network-admin Parameters aging-time: Specifies the age timer for ND entries in stale state, in the range of 1 to 1440 minutes. Usage guidelines ND entries in stale state have an age timer. If an ND entry in stale state is not refreshed before the timer expires, it moves to the delay state.
[Sysname-Vlan-interface100] ipv6 neighbors max-learning-num 10 ipv6 option drop enable Use ipv6 option drop enable to enable a device to discard IPv6 packets that contain extension headers. Use undo ipv6 option drop enable to disable a device from discarding IPv6 packets that contain extension headers.
Parameters vpn-instance vpn-instance-name: Specifies the MPLS L3VPN instance that the Path MTU belongs to. The vpn-instance-name argument is a case-sensitive string of 1 to 31 characters. If the Path MTU is for the public network, do not specify this option. ipv6-address: IPv6 address.
Examples # Set the aging time for a dynamic Path MTU to 40 minutes. <Sysname> system-view [Sysname] ipv6 pathmtu age 40 Related commands display ipv6 pathmtu ipv6 prefer temporary-address Use ipv6 prefer temporary-address to enable the system to preferentially use the temporary IPv6 address of the sending interface as the source address of a packet.
Default No static IPv6 prefix is configured on the device. Views System view Predefined user roles network-admin Parameters prefix-number: Specifies a prefix ID in the range of 1 to 1024. ipv6-prefix/prefix-length: Specifies a prefix and its length. The value range for the prefix-length argument is 1 to 128.
Examples # Enable sending ICMPv6 redirect messages. <Sysname> system-view [Sysname] ipv6 redirects enable ipv6 temporary-address Use ipv6 temporary-address to enable the system to generate a temporary IPv6 address. Use undo ipv6 temporary-address to disable temporary IPv6 address generation and remove the existing temporary addresses.
The preferred lifetime configured for temporary IPv6 addresses minus DESYNC_FACTOR (a random number in the range of 0 to 600 seconds). • The valid lifetime of a temporary IPv6 address takes the smaller of the following values: The valid lifetime of the address prefix. ...
Syntax reset ipv6 neighbors { all | dynamic | interface interface-type interface-number | slot slot-number | static } Views User view Predefined user roles network-admin Parameters all: Clears static and dynamic neighbor information for all interfaces. dynamic: Clears dynamic neighbor information for all interfaces. interface interface-type interface-number: Specifies an interface by its type and name.
DHCPv6 commands Common DHCPv6 commands display ipv6 dhcp duid Use display ipv6 dhcp duid to display the DUID of the local device. Syntax display ipv6 dhcp duid Views Any view Predefined user roles network-admin network-operator Usage guidelines A DHCP unique identifier (DUID) uniquely identifies a DHCPv6 device (DHCPv6 client, server, or relay agent).
Usage guidelines The DSCP value of a packet specifies the priority level of the packet and affects the transmission priority of the packet. A bigger DSCP value represents a higher priority. Examples # Set the DSCP value to 30 for DHCPv6 packets sent by the DHCPv6 server or the DHCPv6 relay agent.
DHCPv6 server commands The term "interface" in this section collectively refers to VLAN interfaces and Layer 3 Ethernet interfaces. You can set an Ethernet port as a Layer 3 interface by using the port link-mode route command (see Layer 2—LAN Switching Configuration Guide). address range Use address range to specify a non-temporary IPv6 address range in a DHCPv6 address pool for dynamic allocation.
[Sysname-dhcp6-pool-1] address range 3ffe:501:ffff:100::10 3ffe:501:ffff:100::31 Related commands display ipv6 dhcp pool network temporary address range display ipv6 dhcp pool Use display ipv6 dhcp pool to display information about a DHCPv6 address pool. Syntax display ipv6 dhcp pool [ pool-name ] Views Any view Predefined user roles...
Syntax display ipv6 dhcp prefix-pool [ prefix-pool-number ] Views Any view Predefined user roles network-admin network-operator Parameters prefix-pool-number: Displays detailed information about a prefix pool specified by its number in the range of 1 to 128. If you do not specify a prefix pool, this command displays brief information about all prefix pools.
Predefined user roles network-admin network-operator Parameters interface interface-type interface-number: Displays DHCPv6 server configuration information for the specified interface. If you do not specify an interface, this command displays DHCPv6 server configuration information for all interfaces. Examples # Display DHCPv6 server configuration information for all interfaces. <Sysname>...
Predefined user roles network-admin network-operator Parameters address ipv6-address: Displays conflict information for the specified IPv6 address. If you do not specify an IPv6 address, this command displays information about all IPv6 address conflicts. Usage guidelines The DHCPv6 server creates IP address conflict information in the following conditions: •...
Usage guidelines If you do not specify any parameters, this command displays lease expiration information for all IPv6 address pools. DHCPv6 assigns the expired IPv6 addresses to DHCPv6 clients when all available addresses have been assigned. Examples # Display all lease expiration information. <Sysname>...
Page 247
IPv6 address Type Lease expiration 2:1::1 Auto(O) Jul 10 19:45:01 2008 Pool: 2 IPv6 address Type Lease expiration 1:1::2 Static(F) Not available Pool: 3 IPv6 address Type Lease expiration 1:2::1f1 Static(O) Oct 9 09:23:31 2008 # Display binding information for all assigned IPv6 addresses for the specified DHCPv6 address pool.
Field Description Client IAID. For an unassigned static binding without IAID specified, this field IAID displays N/A. Preferred lifetime Preferred lifetime in seconds of the IPv6 address. valid lifetime Valid lifetime in seconds of the IPv6 address. Time when the lease of an IPv6 address will expire. If the lease expires after Expires at the year 2100, this field displays Expires after 2100.
Page 249
IPv6 prefix Type Lease expiration 2:1::/24 Auto(O) Jul 10 22:22:22 2008 3:1::/64 Static(C) Jan 1 11:11:11 2008 # Display binding information for the IPv6 prefix 2:1::3/24. <Sysname> display ipv6 dhcp server pd-in-use prefix 2:1::3/24 Pool: 1 Client: FE80::C800:CFF:FE18:0 Type: Auto(O) DUID: 00030001CA000C180000 IAID: 0x00030001 IPv6 prefix: 2:1::/24...
display ipv6 dhcp server statistics Use display ipv6 dhcp server statistics to display DHCPv6 packet statistics on the DHCPv6 server. Syntax display ipv6 dhcp server statistics [ pool pool-name ] Views Any view Predefined user roles network-admin network-operator Parameters pool pool-name: Displays DHCPv6 packet statistics for the DHCPv6 address pool specified by its name, a case-insensitive string of 1 to 63 characters.
Field Description Total number of conflicted addresses. If statistics about a specific address Conflict pool are displayed, this field is not displayed. Number of messages received by the DHCPv6 server. The message types include: • Solicit. • Request. • Confirm. •...
Usage guidelines You can use the dns-server command to specify up to eight DNS servers in an address pool. A DNS server specified earlier has a higher preference. Examples # Specify the DNS server address 2:2::3 in DHCPv6 address pool 1. <Sysname>...
Syntax ipv6 dhcp pool pool-name undo ipv6 dhcp pool pool-name Default No DHCPv6 address pool is configured. Views System view Predefined user roles network-admin Parameters pool-name: Specifies a name for the DHCPv6 address pool, a case-insensitive string of 1 to 63 characters.
Parameters prefix-pool-number: Specifies a prefix pool number in the range of 1 to 128. prefix prefix/prefix-len: Specifies a prefix/prefix length for the pool. The value range for the prefix-len argument is 1 to 128. assign-len assign-len: Specifies the assigned prefix length. The value range is 1 to 128, and the value must be greater than or equal to prefix-len.
Usage guidelines The allow-hint keyword enables the server to assign the desired address or prefix to the requesting client. If the desired address or prefix is not included in any global address pool, or is already assigned to another client, the server assigns the client a free address or a prefix. If the allow-hint keyword is not specified, the server ignores the desired address or prefix, and selects an address or prefix from a global address pool.
IPv6 address or prefix from a global address pool that matches the IPv6 address of the receiving interface or the DHCPv6 relay agent. The allow-hint keyword enables the server to assign the desired address or prefix to the client. If the desired address or prefix does not exist or is already assigned to another client, the server assigns a free address or prefix.
Usage guidelines You can exclude multiple IP address ranges from dynamic allocation. The IPv6 addresses of some devices such as the gateway and FTP server cannot be assigned to clients. Use this command to exclude such addresses from dynamic allocation. If the excluded IPv6 address is in a static binding, the address can still be assigned to the client.
Examples # Exclude IPv6 prefixes from 2001:3e11::/32 through 2001:3eff::/32 from dynamic allocation. <Sysname> system-view [Sysname] ipv6 dhcp server forbidden-prefix 2001:3e11::/32 2001:3eff::/32 Related commands ipv6 dhcp server forbidden-address static-bind network Use network to specify an IPv6 subnet for dynamic allocation in a DHCPv6 address pool. Use undo network to remove the specified IPv6 subnet.
temporary address range option Use option to configure a self-defined DHCPv6 option in a DHCPv6 address pool. Use undo option to remove a self-defined DHCPv6 option from a DHCPv6 address pool. Syntax option code hex hex-string undo option code Default No self-defined DHCPv6 option is configured in a DHCPv6 address pool.
domain-name sip-server prefix-pool Use prefix-pool to apply a prefix pool to a DHCPv6 address pool, so the DHCPv6 server can dynamically select a prefix from the prefix pool for a client. Use undo prefix-pool to remove the configuration. Syntax prefix-pool prefix-pool-number [ preferred-lifetime preferred-lifetime valid-lifetime valid-lifetime ] undo prefix-pool prefix-pool-number Default No prefix pool is applied to an address pool.
reset ipv6 dhcp server conflict Use reset ipv6 dhcp server conflict to clear IPv6 address conflict information. Syntax reset ipv6 dhcp server conflict [ address ipv6-address ] Views User view Predefined user roles network-admin Parameters address ipv6-address: Clears conflict information for the specified IPv6 address. If you do not specify an IPv6 address, this command clears all IPv6 address conflict information.
Related commands display ipv6 dhcp server expired reset ipv6 dhcp server ip-in-use Use reset ipv6 dhcp server ip-in-use to clear binding information for assigned IPv6 addresses. Syntax reset ipv6 dhcp server ip-in-use [ address ipv6-address | pool pool-name ] Views User view Predefined user roles network-admin...
Parameters pool pool-name: Clears binding information for assigned IPv6 prefixes in the address pool specified by its name, a case-insensitive string of 1 to 63 characters. prefix prefix/prefix-len: Clears binding information for the specified IPv6 prefix. The value range for the prefix length is 1 to 128.
Default No SIP server address or domain name is specified. Views DHCPv6 address pool view Predefined user roles network-admin Parameters address ipv6-address: Specifies the IPv6 address of a SIP server. domain-name domain-name: Specifies the domain name of a SIP server, a case-insensitive string of 1 to 50 characters.
prefix prefix/prefix-len: Specifies the prefix and prefix length. The value range for the prefix length is 1 to 128. duid duid: Specifies a client DUID. The value is an even hexadecimal number in the range of 2 to 256. iaid iaid: Specifies a client IAID. The value is a hexadecimal number in the range of 0 to FFFFFFFF. If you do not specify an IAID, the server does not match the client IAID for prefix assignment.
Predefined user roles network-admin Parameters start-ipv6-address: Specifies the start IPv6 address. end-ipv6-address: Specifies the end IPv6 address. preferred-lifetime preferred-lifetime: Specifies the preferred lifetime. The value range is 60 to 4294967295 seconds, and the default is 604800 seconds (7 days). valid-lifetime valid-lifetime: Specifies the valid lifetime. The value range is 60 to 4294967295 seconds, and the default is 2592000 seconds (30 days).
network-operator Parameters interface interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, this command displays DHCPv6 server addresses on all interfaces enabled with DHCPv6 relay agent. Examples # Display DHCPv6 server addresses on all interfaces enabled with DHCPv6 relay agent. <Sysname>...
Page 268
Parameters interface interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, this command displays DHCPv6 packets statistics on all interfaces enabled with DHCPv6 relay agent. Examples # Display DHCPv6 packet statistics on all interfaces enabled with DHCPv6 relay agent. <Sysname>...
Table 63 Command output Field Description Packets dropped Number of discarded packets. Packets received Number of received packets. Solicit Number of received solicit packets. Request Number of received request packets. Confirm Number of received confirm packets. Renew Number of received renew packets. Rebind Number of received rebind packets.
interface interface-type interface-number: Specifies an output interface through which the relay agent forwards the DHCPv6 requests to the DHCPv6 server. If you do not specify an output interface, the relay agent looks up the routing table for an output interface. Usage guidelines Upon receiving a request from a DHCPv6 client, the interface encapsulates the request into a Relay-forward message and forwards the message to the specified DHCPv6 server.
DHCPv6 client commands display ipv6 dhcp client Use display ipv6 dhcp client to display DHCPv6 client information. Syntax display ipv6 dhcp client [ interface interface-type interface-number ] Views Any view Predefined user roles network-admin network-operator Parameters interface interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, this command displays information about all DHCPv6 clients.
Page 272
Table 64 Command output Field Description Types of DHCPv6 client: • Stateful client requesting address—A DHCPv6 client that requests an IPv6 address. • Type Stateful client requesting prefix—A DHCPv6 client that requests an IPv6 prefix. • Stateless client—A DHCPv6 client that requests configuration parameters through stateless DHCPv6.
Field Description Reply Number of received reply packets. Advertise Number of received advertise packets. Reconfigure Number of received reconfigure packets. Invalid Number of invalid packets. Packets sent Number of sent packets. Solicit Number of sent solicit packets. Request Number of sent request packets. Renew Number of sent renew packets.
Predefined user roles network-admin Parameters dscp-value: Sets the DSCP value for DHCPv6 packets, in the range of 0 to 63. Usage guidelines The DSCP value is carried in the Traffic class field of a DHCPv6 packet. It specifies the priority level of the packet and affects the transmission priority of the packet.
Related commands display ipv6 dhcp client statistics DHCPv6 snooping commands DHCPv6 snooping works between the DHCPv6 client and the DHCPv6 server or between the DHCPv6 client and DHCPv6 the relay agent. DHCPv6 snooping does not work between the DHCPv6 server and the DHCPv6 relay agent. display ipv6 dhcp snooping binding Use display ipv6 dhcp snooping binding to display DHCPv6 snooping entries.
Field Description Interface Port connecting to the DHCPv6 client. Related commands ipv6 dhcp snooping binding record reset ipv6 dhcp snooping binding display ipv6 dhcp snooping binding database Use display ipv6 dhcp snooping binding database to display information about DHCPv6 snooping entry auto backup. Syntax display ipv6 dhcp snooping binding database Views...
display ipv6 dhcp snooping packet statistics Use display ipv6 dhcp snooping packet statistics to display DHCPv6 packet statistics for DHCPv6 snooping. Syntax display ipv6 dhcp snooping packet statistics [ slot slot-number ] Views Any view Predefined user roles network-admin network-operator Parameters slot slot-number: Specifies an IRF member device by its member ID or a PEX by its virtual slot number.
Ten-GigabitEthernet1/0/1 Trusted The output shows that DHCPv6 snooping is enabled, Ten-GigabitEthernet1/0/1 is the trusted port. Related commands ipv6 dhcp snooping trust ipv6 dhcp snooping binding database filename Use ipv6 dhcp snooping binding database filename to configure the DHCPv6 snooping device to back up DHCPv6 snooping entries to a file.
• If the file is on a TFTP server, enter URL in the format of tftp://server address:port/file path, where the port number is optional. • The username and password must be the same as those configured on the FTP or TFTP server.
Usage guidelines When a DHCPv6 snooping entry is learned, updated, or removed, the waiting period starts. The DHCPv6 snooping device updates the backup file when the waiting period is reached. All snooping entries changed during the period will be saved to the backup file. The waiting time does not take effect if you do not configure the DHCPv6 snooping entry auto backup by using the ipv6 dhcp snooping binding database filename command.
Views Layer 2 Ethernet interface/Layer 2 aggregate interface view S-channel interface/S-channel aggregate interface view VSI interface/VSI aggregate interface view Predefined user roles network-admin Usage guidelines This command enables DHCPv6 snooping on the port directly connected to the clients to record client information in DHCPv6 snooping entries.
Usage guidelines Use the DHCPv6 snooping feature together with trusted port configuration. Before trusted ports are configured, all ports on the DHCPv6 snooping device are untrusted and discard all responses sent from DHCPv6 servers. When DHCPv6 snooping is disabled, the device forwards all responses from DHCPv6 servers. Examples # Enable DHCPv6 snooping.
Default The number of DHCPv6 snooping entries for an interface to learn is not limited. Views Layer 2 Ethernet interface/Layer 2 aggregate interface view S-channel interface/S-channel aggregate interface view VSI interface/VSI aggregate interface view Predefined user roles network-admin Parameters number: Maximum number of DHCPv6 snooping entries for an interface to learn. The value range is 1 to 4294967295.
ipv6 dhcp snooping trust Use ipv6 dhcp snooping trust to configure a port as a trusted port. Use undo ipv6 dhcp snooping trust to restore the default state of a port. Syntax ipv6 dhcp snooping trust undo ipv6 dhcp snooping trust Default After you enable DHCPv6 snooping, all ports are untrusted.
IPv6 fast forwarding commands display ipv6 fast-forwarding aging-time Use display ipv6 fast-forwarding aging-time to display the aging time of IPv6 fast forwarding entries. Syntax display ipv6 fast-forwarding aging-time Views Any view Predefined user roles network-admin network-operator Examples # Display the aging time of IPv6 fast forwarding entries. <Sysname>...
Page 294
Usage guidelines This command displays IPv6 fast forwarding entries. Each entry includes the following fields: • Source IPv6 address • Source port number • Destination IPv6 address • Destination port number • Protocol number • VPN instance • Input and output interface Examples # Display all IPv6 fast forwarding entries.
Field Description If the output interface does not exist, this field displays a hyphen (-). Related commands reset ipv6 fast-forwarding cache ipv6 fast-forwarding aging-time Use ipv6 fast-forwarding aging-time to set the aging time of IPv6 fast forwarding entries. Use undo ipv6 fast-forwarding aging-time to restore the default. Syntax ipv6 fast-forwarding aging-time aging-time undo ipv6 fast-forwarding aging-time...
Predefined user roles network-admin Usage guidelines IPv6 fast-forwarding load sharing enables the device to identify a data flow by using the five-tuple (source IP, source port, destination IP, destination port, and protocol). The device then forwards packets of the same flow to implement load sharing. If IPv6 fast-forwarding load sharing is disabled, the device identifies a data flow by the five-tuple and the input interface.
Tunneling commands bandwidth Use bandwidth to configure the expected bandwidth of an interface. Use undo bandwidth to restore the default. Syntax bandwidth bandwidth-value undo bandwidth Default The expected bandwidth is 64 kbps. Views Tunnel interface view Predefined user roles network-admin Parameters bandwidth-value: Specifies the expected bandwidth in the range of 1 to 400000000 kbps.
default settings. If your restoration attempt still fails, follow the error message instructions to resolve the problem. Examples # Restore the default settings of interface tunnel 1. <Sysname> system-view [Sysname] interface tunnel 1 [Sysname-Tunnel1] default description Use description to configure a description for a tunnel interface. Use undo description to restore the default.
Default No tunnel destination address is configured. Views Tunnel interface view Predefined user roles network-admin Parameters ip-address: Specifies the tunnel destination IPv4 address. ipv6-address: Specifies the tunnel destination IPv6 address. Usage guidelines For a manual tunnel interface, you must configure the destination address. For an automatic tunnel interface, you do not need to configure the destination address.
Page 300
Predefined user roles network-admin network-operator Parameters number: Specifies the number of a tunnel interface. brief: Displays brief interface information. If you do not specify this keyword, the command displays detailed interface information. down: Displays information about interfaces in the physical state of DOWN and the causes. If you do not specify this keyword, the command displays information about interfaces in all states.
Page 301
Field Description Link layer protocol state of the tunnel interface. The value is determined by the parameter negotiation on the link layer. • UP—The protocol state of the interface is up. • UP (spoofing)—The link protocol state of the interface is up, Line protocol state but the link is temporarily set up on demand or does not exist.
Page 302
Link: ADM - administratively down; Stby - standby Protocol: (s) - spoofing Interface Link Protocol Main IP Description Tun1 1.1.1.1 aaaaaaaaaaaaaaaaaaaaaaaaaaaaa Aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa # Display information about interfaces in the physical state of DOWN and the causes. <Sysname> display interface tunnel brief down Brief information on interface(s) under route mode: Link: ADM - administratively down;...
interface tunnel Use interface tunnel to create a tunnel interface, specify the tunnel mode, and enter tunnel interface view. Use undo interface tunnel to delete a tunnel interface. Syntax interface tunnel number [ mode { gre [ ipv6 ] | ipv4-ipv4 | ipv6 | ipv6-ipv4 [ 6to4 | isatap ] | mpls-te } ] undo interface tunnel number Default...
Use mtu to set the MTU on a tunnel interface. Use undo mtu to restore the default. Syntax mtu size undo mtu Default The MTU is 64000 bytes. Views Tunnel interface view Predefined user roles network-admin Parameters size: Specifies the MTU in the range of 100 to 64000 bytes. Usage guidelines Set an appropriate MTU to avoid fragmentation.
• If you do not specify any parameters, this command clears statistics for all interfaces. • If you specify only the tunnel keyword, this command clears statistics for all tunnel interfaces. • If you specify both the tunnel keyword and the number argument, this command clears statistics for the specified tunnel interface.
Syntax shutdown undo shutdown Default The tunnel interface is enabled. Views Tunnel interface view Predefined user roles network-admin Usage guidelines This command disconnects all links set up on the interface. Make sure you fully understand the impact of the command on your network. Examples # Shut down interface Tunnel 1.
Usage guidelines The specified source address or the address of the specified source interface is used as the source address of tunneled packets. To view the configured tunnel source address, use the display interface tunnel command. The source address of the local tunnel interface must be the destination address of the peer tunnel interface, and vice versa.
[Sysname-Tunnel1] tunnel dfbit enable tunnel discard ipv4-compatible-packet Use tunnel discard ipv4-compatible-packet to enable dropping of IPv6 packets using IPv4-compatible IPv6 addresses. Use undo tunnel discard ipv4-compatible-packet to restore the default. Syntax tunnel discard ipv4-compatible-packet undo tunnel discard ipv4-compatible-packet Default IPv6 packets using IPv4-compatible IPv6 addresses are not dropped. Views System view Predefined user roles...
Usage guidelines After you configure this command, all the tunneled packets of different services sent on the tunnel interface will use the same configured ToS. For more information about ToS, see ACL and QoS Configuration Guide. Examples # Set the ToS of tunneled packets on the interface Tunnel 1 to 20. <Sysname>...
GRE commands keepalive Use keepalive to enable the GRE keepalive feature, and set the keepalive interval and the keepalive number. Use undo keepalive to disable the GRE keepalive feature. Syntax keepalive [ interval [ times ] ] undo keepalive Default The GRE keepalive feature is disabled.
Document conventions and icons Conventions This section describes the conventions used in the documentation. Port numbering in examples The port numbers in this document are for illustration only and might be unavailable on your device. Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown.
Network topology icons Convention Description Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features.
Support and other resources Accessing Hewlett Packard Enterprise Support • For live assistance, go to the Contact Hewlett Packard Enterprise Worldwide website: www.hpe.com/assistance • To access documentation and support services, go to the Hewlett Packard Enterprise Support Center website: www.hpe.com/support/hpesc Information to collect •...
For more information and device support details, go to the following website: www.hpe.com/info/insightremotesupport/docs Documentation feedback Hewlett Packard Enterprise is committed to providing documentation that meets your needs. To help us improve the documentation, send any errors, suggestions, or comments to Documentation Feedback (docsfeedback@hpe.com). When submitting your feedback, include the document title,...
Page 315
part number, edition, and publication date located on the front cover of the document. For online help content, include the product name, product version, help edition, and publication date located on the legal notices page.
Index A B C D E F G I K L M N O P R S T U V W dhcp relay information strategy,69 dhcp relay release ip,70 address range,30 dhcp relay server-address,71 address range,231 dhcp select,29 arp check enable,1 dhcp server always-broadcast,34...