H3C CR16000-F Command Reference Manual
  1. Manuals
  2. Brands
  3. H3C Manuals
  4. Network Router
  5. CR16000-F
  6. Command reference manual
H3C CR16000-F Command Reference Manual

H3C CR16000-F Command Reference Manual

Comware 7 vxlan
Hide thumbs Also See for CR16000-F:
Table of Contents

Advertisement

Quick Links

Download this manual
H3C CR16000-F Routers
Comware 7 VXLAN Command Reference
New H3C Technologies Co., Ltd.
http://www.h3c.com
Software version: CR16000-CMW710-R7951P01 or later
Document version: 6W100-20191122

Advertisement

Table of Contents
loading

Related Manuals for H3C CR16000-F

Summary of Contents for H3C CR16000-F

  • Page 1 H3C CR16000-F Routers Comware 7 VXLAN Command Reference New H3C Technologies Co., Ltd. http://www.h3c.com Software version: CR16000-CMW710-R7951P01 or later Document version: 6W100-20191122...
  • Page 2 The information in this document is subject to change without notice. All contents in this document, including statements, information, and recommendations, are believed to be accurate, but they are presented without warranty of any kind, express or implied. H3C shall not be liable for technical or editorial errors or omissions contained herein.
  • Page 3 Preface This command reference describes the commands of VXLAN. This preface includes the following topics about the documentation: • Audience. • Conventions. • Documentation feedback. Audience This documentation is intended for: • Network planners. • Field technical support and servicing engineers. •...
  • Page 4 Symbols Convention Description An alert that calls attention to important information that if not understood or followed WARNING! can result in personal injury. An alert that calls attention to important information that if not understood or followed CAUTION: can result in data loss, data corruption, or damage to hardware or software. An alert that calls attention to essential information.
  • Page 5 Documentation feedback You can e-mail your comments about product documentation to info@h3c.com. We appreciate your comments.

  • Page 6: Table Of Contents

    Contents VXLAN commands ··········································································· 1     Basic VXLAN commands ············································································································· 1   ac statistics enable ·············································································································· 1   arp suppression enable ········································································································ 1   description ························································································································· 2   display arp suppression vsi ···································································································· 3   display igmp host group ········································································································ 4  ...

  • Page 8: Vxlan Commands

    VXLAN commands Basic VXLAN commands ac statistics enable Use ac statistics enable to enable packet statistics for a Layer 3 interface that acts as an AC. Use undo ac statistics enable to disable packet statistics for a Layer 3 interface that acts as an AC.

  • Page 9: Description

    Default ARP flood suppression is disabled. Views VSI view Predefined user roles network-admin Usage guidelines ARP flood suppression reduces ARP request broadcasts by enabling the VTEP to reply to ARP requests on behalf of VMs. This feature snoops ARP packets to populate the ARP flood suppression table with local and remote MAC addresses.

  • Page 10: Display Arp Suppression Vsi

    Related commands display l2vpn vsi display arp suppression vsi Use display arp suppression vsi to display ARP flood suppression entries. Syntax In standalone mode: display arp suppression vsi [ name vsi-name ] [ slot slot-number ] [ count ] In IRF mode: display arp suppression vsi [ name vsi-name ] [ chassis chassis-number slot slot-number ] [ count ] Views...

  • Page 11: Display Igmp Host Group

    Related commands arp suppression enable reset arp suppression vsi display igmp host group Use display igmp host group to display information about the multicast groups that contain IGMP host-enabled interfaces. Syntax display igmp host group [ group-address | interface interface-type interface-number ] [ verbose ] Views Any view...

  • Page 12: Display L2Vpn Interface

    IGMP host groups in total: 2 Group: 225.1.1.1 Group mode: Exclude Member state: Idle Expires: Off Source list (sources in total: 0): Group: 225.1.1.2 Group mode: Exclude Member state: Idle Expires: Off Source list (sources in total: 0): Table 2 Command output Field Description Total number of multicast groups that contain IGMP host-enabled...
  • Page 13 Views Any view Predefined user roles network-admin network-operator Parameters vsi vsi-name : Specifies a VSI name, a case-sensitive string of 1 to 31 characters. interface-type interface-number : Specifies an interface by its type and number. verbose : Displays detailed information about Layer 3 interfaces. If you do not specify this keyword, the command displays brief information about Layer 3 interfaces.

  • Page 14: Display L2Vpn Mac-Address

    Errors Discards: 0 Output Statistics: Octets Packets : 0 Errors Discards: 0 Table 4 Command output Field Description Interface Layer 3 interface name. Owner VSI name. Link ID The interface's link ID on the VSI. Physical state of the interface: •...
  • Page 15 Views Any view Predefined user roles network-admin network-operator Parameters interface interface-type interface-number : Specifies an interface by its interface type and number. service-instance instance-id : Specifies an Ethernet service instance by its ID in the range of 1 to 4096. Do not specify this option if a Layer 3 interface is specified. If you specify a Layer 2 Ethernet interface or Layer 2 aggregate interface, you must specify this option.

  • Page 16: Display L2Vpn Service-Instance

    Field Description • Static—Static remote-MAC entry. • EVPN—Remote-MAC entry advertised through BGP EVPN. • OpenFlow—Remote-MAC entry issued by a remote controller through OpenFlow. For a local MAC address, this field displays the AC's link ID on the VSI. Link ID/Name For a remote MAC address, this field displays the tunnel interface name.
  • Page 17 Table 6 Command output Field Description Total number of attachment circuits (ACs) and the number of ACs in each state Total number of ACs (up or down). Interface Name of a Layer 2 Ethernet interface or Layer 2 aggregate interface. SrvID Ethernet service instance ID.

  • Page 18: Display L2Vpn Vsi

    Field Description • Down. Whether the device is the designated forwarder for the AC at a multihomed EVPN site: • BDF—The device is a backup designated forwarder. DF State • DF—The device is the designated forwarder. This field is not displayed if no Ethernet segment identifiers are configured on the interface.
  • Page 19 VSI Name VSI Index State vpna 1500 Table 8 Command output Field Description MTU on the VSI. VSI state: • Up—The VSI is up. • State Down—The VSI is down. • Admin down—The VSI has been manually shut down by using the shutdown command.

  • Page 20: Display Vxlan Tunnel

    Field Description Bandwidth Maximum bandwidth (in kbps) for known unicast traffic on the VSI. Broadcast Restrain Broadcast restraint bandwidth (in kbps). Multicast Restrain Multicast restraint bandwidth (in kbps). Unknown Unicast Unknown unicast restraint bandwidth (in kbps). Restrain MAC Learning State of the MAC learning feature. MAC Table Limit Maximum number of MAC address entries on the VSI.
  • Page 21 Syntax display vxlan tunnel [ vxlan-id vxlan-id [ tunnel tunnel-number ] ] Views Any view Predefined user roles network-admin network-operator Parameters vxlan-id : Specifies a VXLAN ID in the range of 0 to 16777215. If you do not specify a VXLAN, this command displays VXLAN tunnel information for all VXLANs.

  • Page 22: Encapsulation

    Octets : 0 Packets: 0 Table 10 Command output Field Description Link ID Tunnel's link ID in the VXLAN. Tunnel state: • Up—The tunnel is operating correctly. • Blocked—The tunnel is a backup proxy tunnel. Its tunnel interface is up, but the State tunnel is blocked because the primary proxy tunnel is operating correctly.

  • Page 23: Flooding Disable

    Predefined user roles network-admin Parameters s-vid vlan-id : Matches frames that are tagged with the specified outer 802.1Q VLAN ID. The value range for the vlan-id argument is 1 to 4094. Usage guidelines To change the match criterion, first execute the undo encapsulation command to remove the original criterion.

  • Page 24: Group

    To confine flood traffic to the site-facing interfaces, use this command to disable flooding on the VSI bound to the VXLAN. The VSI will not flood the corresponding frames to VXLAN tunnel interfaces. Examples # Disable flooding for VSI vsi1. <Sysname>...

  • Page 25: Igmp Host Enable

    To forward multicast traffic correctly, you must use the source IP address of an up VXLAN tunnel as the source IP address for multicast VXLAN packets. For multicast-mode VXLANs, transport network devices must maintain multicast group and forwarding information. To reduce the multicast forwarding entries maintained by transport network devices, assign a multicast group address to multiple VXLANs.

  • Page 26: L2Vpn Enable

    Examples # Enable IP multicast routing, and then enable the IGMP host feature on GigabitEthernet 3/1/1. <Sysname> system-view [Sysname] multicast routing [Sysname-mrib] quit [Sysname] interface gigabitethernet 3/1/1 [Sysname-GigabitEthernet3/1/1] igmp host enable Related commands display igmp host group group multicast routing (IP Multicast Command Reference) l2vpn enable Use l2vpn enable to enable L2VPN.

  • Page 27: Mac-Address Static

    Views System view Predefined user roles network-admin Parameters interval : Specifies an interval value in the range of 30 to 65535 seconds. Usage guidelines As a best practice, set the VXLAN statistics collection interval to a value smaller than 3600 seconds (1 hour).

  • Page 28: Reset L2Vpn Mac-Address

    • Advertisement through by BGP EVPN. Do not configure static remote-MAC entries for VXLAN tunnels that are automatically established by using EVPN. • EVPN re-establishes VXLAN tunnels if the transport-facing interface goes down and then comes up. If you have configured static remote-MAC entries, the entries are deleted when the tunnels are re-established.

  • Page 29: Reset L2Vpn Statistics Tunnel

    Syntax reset l2vpn statistics ac [ interface interface-type interface-number [ service-instance instance-id ] ] Views User view Predefined user roles network-admin Parameters interface interface-type interface-number : Specifies an interface by its type and number. service-instance instance-id : Specifies an Ethernet service instance ID in the range of 1 to 4096.

  • Page 30: Selective-Flooding Mac-Address

    Related commands tunnel statistics enable selective-flooding mac-address Use selective-flooding mac-address to enable selective flood for a MAC address. Use undo selective-flooding mac-address to disable selective flood for a MAC address. Syntax selective-flooding mac-address mac-address undo selective-flooding mac-address mac-address Default Selective flood is disabled for all MAC addresses. Views VSI view Predefined user roles...

  • Page 31: Shutdown

    Views Layer 2 aggregate interface view Layer 2 Ethernet interface view Predefined user roles network-admin Parameters instance-id : Specifies an Ethernet service instance ID in the range of 1 to 4096. Examples # On the Layer 2 Ethernet interface GigabitEthernet 3/1/1, create Ethernet service instance 1 and enter Ethernet service instance view.

  • Page 32: Statistics Enable (Ethernet Service Instance View)

    statistics enable (Ethernet service instance view) Use statistics enable to enable packet statistics for an Ethernet service instance. Use undo statistics enable to disable packet statistics for an Ethernet service instance. Syntax statistics enable undo statistics enable Default The packet statistics feature is disabled for an Ethernet service instance. Views Ethernet service instance view Predefined user roles...

  • Page 33: Tunnel

    Predefined user roles network-admin Examples # Enable packet statistics for VXLAN tunnel interface Tunnel 0. <Sysname> system-view [Sysname] interface tunnel 0 mode vxlan [Sysname-Tunnel0] statistics enable Related commands display interface tunnel (Layer 3—IP Services Command Reference) reset counters interface tunnel (Layer 3—IP Services Command Reference) tunnel statistics vxlan auto tunnel Use tunnel to assign a VXLAN tunnel to a VXLAN.

  • Page 34: Tunnel Global Source-Address

    <Sysname> system-view [Sysname] vsi vpna [Sysname-vsi-vpna] vxlan 10000 [Sysname-vsi-vpna-vxlan-10000] tunnel 0 [Sysname-vsi-vpna-vxlan-10000] tunnel 1 Related commands display vxlan tunnel tunnel global source-address Use tunnel global source-address to specify a global source address for VXLAN tunnels. Use undo tunnel global source-address to restore the default. Syntax tunnel global source-address ipv4-address undo tunnel global source-address...

  • Page 35: Tunnel Statistics Vxlan Auto

    Default The packet statistics feature is disabled for the VXLAN tunnels associated with a VSI. Views VSI view Predefined user roles network-admin Usage guidelines This command enables packet statistics only for VXLAN tunnels. It does not take effect on VXLAN-DCI tunnels. When the packet statistics feature is enabled for VXLAN tunnels, use the display vxlan tunnel vxlan-id vxlan-id tunnel tunnel-number command to view packet statistics of VXLAN tunnels.

  • Page 36: Vsi

    Examples # Enable packet statistics for automatically created VXLAN tunnels. <Sysname> system-view [Sysname] tunnel statistics vxlan auto Related commands display interface tunnel (Layer 3—IP Services Command Reference) reset counters interface tunnel (Layer 3—IP Services Command Reference) statistics enable (tunnel interface view) Use vsi to create a VSI and enter its view, or enter the view of an existing VSI.

  • Page 37: Vxlan Invalid-Vlan-Tag Discard

    Syntax vxlan vxlan-id undo vxlan Default No VXLANs exist. Views VSI view Predefined user roles network-admin Parameters vxlan-id : Specifies a VXLAN ID in the range of 0 to 16777215. Usage guidelines You can create only one VXLAN for a VSI. The VXLAN ID for each VSI must be unique. Examples # Create VXLAN 10000 for VSI vpna and enter VXLAN view.

  • Page 38: Vxlan Tunnel Arp-Learning Disable

    To configure the access mode, use the xconnect vsi command. Examples # Enable the device to drop VXLAN packets that have 802.1Q VLAN tags. <Sysname> system-view [Sysname] vxlan invalid-vlan-tag discard Related commands xconnect vsi vxlan tunnel arp-learning disable Use vxlan tunnel arp-learning disable to disable remote ARP learning for VXLANs. Use undo vxlan tunnel arp-learning disable to enable remote ARP learning for VXLANs.

  • Page 39: Vxlan Tunnel Nd-Learning Disable

    Default Remote-MAC address learning is enabled. Views System view Predefined user roles network-admin Usage guidelines When network attacks occur, use this command to prevent the device from learning incorrect remote MAC addresses in the data plane. Examples # Disable remote-MAC address learning. <Sysname>...

  • Page 40: Xconnect Vsi

    Use undo vxlan udp-port to restore the default. Syntax vxlan udp-port port-number undo vxlan udp-port Default The destination UDP port number is 4789 for VXLAN packets. Views System view Predefined user roles network-admin Parameters port-number : Specifies a UDP port number in the range of 1 to 65535. As a best practice, specify a port number in the range of 1024 to 65535 to avoid conflict with well-known ports.
  • Page 41 vlan : Specifies the VLAN access mode. track track-entry-number&<1-3> : Specifies a space-separated list of up to three track entry numbers in the range of 1 to 1024. The AC is up only if a minimum of one associated track entry is in positive state.

  • Page 42: Vxlan Ip Gateway Commands

    [Sysname-GigabitEthernet3/1/1] xconnect vsi vpn1 Related commands display l2vpn interface display l2vpn service-instance encapsulation VXLAN IP gateway commands arp distributed-gateway dynamic-entry synchronize Use arp distributed-gateway dynamic-entry synchronize to enable dynamic ARP entry synchronization for distributed VXLAN IP gateways. Use undo arp distributed-gateway dynamic-entry synchronize to disable dynamic ARP entry synchronization for distributed VXLAN IP gateways.

  • Page 43: Bandwidth

    Use undo arp send-rate to remove the ARP packet sending rate limit for a VSI interface. Syntax arp send-rate pps undo arp send-rate Default The ARP packet sending rate is not limited for a VSI interface. Views VSI interface view Predefined user roles network-admin Parameters...

  • Page 44: Default

    Examples # Set the expected bandwidth to 10000 kbps for VSI-interface 100. <Sysname> system-view [Sysname] interface vsi-interface 100 [Sysname-Vsi-interface100] bandwidth 10000 default Use default to restore the default settings for a VSI interface. Syntax default Views VSI interface view Predefined user roles network-admin Usage guidelines CAUTION:...

  • Page 45: Display Interface Vsi-Interface

    Views VSI interface view Predefined user roles network-admin Parameters text : Specifies a description, a case-sensitive string of 1 to 255 characters. Examples # Configure the description as gateway for VXLAN 10 for VSI-interface 100. <Sysname> system-view [Sysname] interface vsi-interface 100 [Sysname-Vsi-interface100] description gateway for VXLAN 10 display interface vsi-interface Use display interface vsi-interface to display information about VSI interfaces.
  • Page 46 Maximum transmission unit: 1500 Internet address: 10.1.1.1/24 (primary) IP packet frame type: Ethernet II, hardware address: 0011-2200-0102 IPv6 packet frame type: Ethernet II, hardware address: 0011-2200-0102 Physical: Unknown, baudrate: 1000000 kbps Last clearing of counters: Never Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec Last 300 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec Input: 0 packets, 0 bytes, 0 drops Output: 0 packets, 0 bytes, 0 drops...
  • Page 47 Field Description • Number of dropped incoming packets. Outgoing traffic statistics on the interface: • Number of outgoing packets. Output: 0 packets, 0 bytes, 0 drops • Number of outgoing bytes. • Number of dropped outgoing packets. # Display brief information about all VSI interfaces. <Sysname>...

  • Page 48: Distributed-Gateway Local

    Field Description Cause for the physical link state of an interface to be DOWN: • Administratively—The interface has been manually shut down by using the shutdown command. To restore the physical state of the Cause undo shutdown interface, use the command.

  • Page 49: Gateway Vsi-Interface

    Default No subnet is assigned to a VSI. Views VSI view Predefined user roles network-admin Parameters ipv4-address : Specifies an IPv4 subnet address in dotted-decimal notation. wildcard-mask : Specifies a wildcard mask in dotted decimal notation. In contrast to a network mask, the 0 bits in a wildcard mask represent "do care"...

  • Page 50: Interface Vsi-Interface

    Parameters vsi-interface-id : Specifies a VSI interface by its number. The value range for this argument is 1 to 16383. Usage guidelines A VSI can have only one gateway interface. Multiple VSIs can share a gateway interface. For multiple VSIs to share a VSI interface, you must assign IP addresses of different subnets to the VSI interface and specify a subnet for each VSI.

  • Page 51: Ipv6 Nd Distributed-Gateway Dynamic-Entry Synchronize

    ipv6 nd distributed-gateway dynamic-entry synchronize Use ipv6 nd distributed-gateway dynamic-entry synchronize to enable dynamic ND entry synchronization for distributed VXLAN IP gateways. Use undo ipv6 nd distributed-gateway dynamic-entry synchronize to disable dynamic ND entry synchronization for distributed VXLAN IP gateways. Syntax ipv6 nd distributed-gateway dynamic-entry synchronize undo ipv6 nd distributed-gateway dynamic-entry synchronize...

  • Page 52: Mtu

    Views VSI interface view Predefined user roles network-admin Parameters mac-address : Specifies a MAC address in H-H-H format. Examples # Assign MAC address 0001-0001-0001 to VSI-interface 100. <Sysname> system-view [Sysname] interface vsi-interface 100 [Sysname-Vsi-interface100] mac-address 1-1-1 Use mtu to set the MTU for a VSI interface. Use undo mtu to restore the default.

  • Page 53: Shutdown

    Predefined user roles network-admin Parameters vsi-interface [ vsi-interface-id ] : Specifies VSI interfaces. If you specify a VSI interface, this command clears packet statistics on the specified interface. If you specify only the vsi-interface keyword, this command clears packet statistics on all VSI interfaces. If you do not specify the vsi-interface [ vsi-interface-id ] option, this command clears packet statistics on all interfaces.

  • Page 54: Vtep Group Member Remote

    Default A VTEP is not assigned to any VTEP group. Views System view Predefined user roles network-admin Parameters group-ip : Specifies a VTEP group by its group IP address. The IP address must already exist on the local VTEP. member-ip : Specifies the member VTEP IP address for the local VTEP. The IP address must already exist on the local VTEP.
  • Page 55 Related commands vtep group member local...

Table of Contents