- Table of Contents
-
- 04 Layer 3 - IP Services Command Reference
- 00-Preface
- 01-ARP commands
- 02-IP addressing commands
- 03-DHCP commands
- 04-DNS commands
- 05-IP forwarding basics commands
- 06-Fast forwarding commands
- 07-IRDP commands
- 08-IP performance optimization commands
- 09-UDP Helper commands
- 10-IPv6 basics commands
- 11-DHCPv6 commands
- 12-IPv6 fast forwarding commands
- 13-Tunnel commands
- 14-GRE commands
- Related Documents
-
Title | Size | Download |
---|---|---|
13-Tunnel commands | 128.86 KB |
bandwidth
Use bandwidth to configure the expected bandwidth of an interface.
Use undo bandwidth to restore the default.
Syntax
bandwidth bandwidth-value
undo bandwidth
Default
The expected bandwidth is 64 kbps.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
bandwidth-value: Specifies the expected bandwidth in the range of 1 to 400000000 kbps.
Usage guidelines
The expected bandwidth of an interface affects the link costs in OSPF, OSPFv3, and IS-IS. For more information, see Layer 3—IP Routing Configuration Guide.
Examples
# Set the expected bandwidth of Tunnel 1 to 100 kbps.
<Sysname> system-view
[Sysname] interface tunnel 1
[Sysname-Tunnel1] bandwidth 100
default
Use default to restore the default settings for the tunnel interface.
Syntax
default
Views
Tunnel interface view
Predefined user roles
network-admin
Usage guidelines
The default command might interrupt ongoing network services. Make sure you are fully aware of the impacts of this command when you use it on a live network.
This command might fail to restore the default settings for some commands for reasons such as command dependencies or system restrictions. Use the display this command in interface view to identify these commands. Use their undo forms or follow the command reference to restore their default settings. If your restoration attempt still fails, follow the error message instructions to resolve the problem.
Examples
# Restore the default settings of interface tunnel 1.
<Sysname> system-view
[Sysname] interface tunnel 1
[Sysname-Tunnel1] default
description
Use description to configure a description for a tunnel interface.
Use undo description to restore the default.
Syntax
description text
undo description
Default
The description of a tunnel interface is Tunnelnumber Interface, for example, Tunnel1 Interface.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
text: Specifies a description for the interface, a case-sensitive string of 1 to 255 characters.
Usage guidelines
Configure descriptions for different interfaces for identification and management purposes.
This command configures an interface description and does not have any other function. You can use the display interface command to display the configured interface description.
Examples
# Configure the description for the interface Tunnel 1 as tunnel1.
<Sysname> system-view
[Sysname] interface tunnel 1
[Sysname-Tunnel1] description tunnel1
display interface tunnel
destination
Use destination to specify the destination address for a tunnel interface.
Use undo destination to remove the configured tunnel destination address.
Syntax
destination { ip-address | ipv6-address }
undo destination
Default
No tunnel destination address is configured.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
ip-address: Specifies the tunnel destination IPv4 address.
ipv6-address: Specifies the tunnel destination IPv6 address.
Usage guidelines
For a manual tunnel interface, you must configure the destination address. For an automatic tunnel interface, you do not need to configure the destination address.
The tunnel destination address must be the address of the receiving interface on the tunnel peer. It is used as the destination address of tunneled packets.
The destination address of the local tunnel interface must be the source address of the peer tunnel interface, and vice versa.
Examples
# VLAN-interface 100 of Sysname 1 uses the IP address 193.101.1.1 and VLAN-interface 100 of Sysname 2 uses the IP address 192.100.1.1. Configure the source address 193.101.1.1 and destination address 192.100.1.1 for the tunnel interface of Sysname 1.
<Sysname1> system-view
[Sysname1] interface tunnel 1 mode ipv6-ipv4
[Sysname1-Tunnel1] source 193.101.1.1
[Sysname1-Tunnel1] destination 192.100.1.1
# Configure the source address 192.100.1.1 and destination address 193.101.1.1 for the tunnel interface of Sysname 2.
<Sysname2> system-view
[Sysname2] interface tunnel 1 mode ipv6-ipv4
[Sysname2-Tunnel1] source 192.100.1.1
[Sysname2-Tunnel1] destination 193.101.1.1
· display interface tunnel
· interface tunnel
· source
display interface tunnel
Use display interface tunnel to display information about tunnel interfaces, including the source address, destination address, and tunnel mode.
Syntax
display interface tunnel [ number [ brief [ description ] ] | brief [ description | down ] ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
number: Specifies the number of a tunnel interface.
brief: Displays brief interface information. If you do not specify this keyword, the command displays detailed interface information.
down: Displays information about interfaces in the physical state of DOWN and the causes. If you do not specify this keyword, the command displays information about interfaces in all states.
description: Displays complete interface descriptions. If you do not specify this keyword, the command displays only the first 27 characters of interface descriptions.
Usage guidelines
If you do not specify the tunnel keyword, this command displays information about all interfaces on the device.
If you specify the tunnel keyword without the number argument, this command displays information about all existing tunnel interfaces.
Examples
# Display detailed information about interface Tunnel 1.
<Sysname> display interface tunnel 1
Current state: DOWN
Line protocol state: DOWN
Description: Tunnel5 Interface
Bandwidth: 64kbps
Maximum Transmit Unit: 64000
Internet protocol processing: disabled
Tunnel source unknown, destination unknown
Tunnel encapsulation-limit is disabled
Tunnel TTL 255
Tunnel protocol/transport IPv6
Last clearing of counters: Never
Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec
Last 300 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec
Input: 0 packets, 0 bytes, 0 drops
Output: 0 packets, 0 bytes, 0 drops
Table 1 Command output
Field |
Description |
Tunnel1 |
Information about the tunnel interface Tunnel 1. |
Current state |
State of the tunnel interface: · Administratively DOWN—The interface has been shut down by using the shutdown command. · DOWN—The interface is administratively up but its physical state is down. · UP—Both the administrative and physical states of the interface are up. |
Line protocol state |
Link layer protocol state of the tunnel interface. The value is determined by the parameter negotiation on the link layer. · UP—The protocol state of the interface is up. · UP (spoofing)—The link protocol state of the interface is up, but the link is temporarily set up on demand or does not exist. This attribute is available for null interfaces and loopback interfaces. · DOWN—The protocol state of the interface is down. |
Description |
Description of the tunnel interface. |
Bandwidth |
Intended bandwidth for the tunnel interface. |
Maximum Transmit Unit |
MTU of the tunnel interface. |
Internet Address |
IP address of the tunnel interface. If no IP address is assigned to the interface, this field displays Internet protocol processing: disabled, and the tunnel interface cannot process packets. Primary indicates it is the primary IP address of the interface. |
Tunnel source |
Source address of the tunnel. If a source interface is specified for the tunnel interface, this field also displays the source interface in parentheses. |
destination |
Destination address of the tunnel. |
Tunnel encapsulation-limit is disabled |
Tunnel nested encapsulation is not supported. |
Tunnel TTL |
TTL of tunneled packets. |
Tunnel protocol/transport |
Tunnel mode and transport protocol: · GRE/IP—GRE/IPv4 tunnel mode. · GRE/IPv6—GRE/IPv6 tunnel mode. · IP/IP—IPv4 over IPv4 tunnel mode. · IPv6—IPv6 tunnel mode. · IPv6/IP—IPv6 over IPv4 manual tunnel mode. · IPv6/IP 6to4—IPv6 over IPv4 6to4 tunnel mode. · IPv6/IP ISATAP—IPv6 over IPv4 ISATAP tunnel mode. · UDP_VXLAN/IP—UDP-encapsulated IPv4 VXLAN tunnel mode. · NVE/IP—IPv4 NVE tunnel mode. |
Last clearing of counters |
Last time of clearing counters. |
Last 300 seconds input: 0 bytes/sec, 0 packets/sec |
Average input rate in the last 300 seconds. |
Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec |
Average output rate in the last 300 seconds. |
# Display brief information about the interface Tunnel 1.
<Sysname> display interface tunnel 1 brief
Brief information of interface(s) under route mode:
Link: ADM - administratively down; Stby - standby
Protocol: (s) - spoofing
Interface Link Protocol Main IP Description
Tun1 UP UP 1.1.1.1 aaaaaaaaaaaaaaaaaaaaaaaaaaa
# Display brief information about interface Tunnel 1, including the complete interface description.
<Sysname> display interface tunnel 1 brief description
Brief information of interface(s) under route mode:
Link: ADM - administratively down; Stby - standby
Protocol: (s) - spoofing
Interface Link Protocol Main IP Description
Tun1 UP UP 1.1.1.1 aaaaaaaaaaaaaaaaaaaaaaaaaaaaa
Aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
# Display information about interfaces in the physical state of DOWN and the causes.
<Sysname> display interface tunnel brief down
Brief information on interface(s) under route mode:
Link: ADM - administratively down; Stby - standby
Interface Link Cause
Tun0 DOWN Not connected
Tun1 DOWN Not connected
Table 2 Command output
Field |
Description |
Brief information of interface(s) under route mode |
Brief information about Layer 3 interfaces. |
Link: ADM - administratively down; Stby - standby |
Link status: · ADM—The interface has been administratively shut down. To recover its physical state, use the undo shutdown command. · Stby—The interface is a backup interface. |
Protocol: (s) - spoofing |
(s) indicates that the data link layer protocol state is UP, but the link is temporarily set up on demand or does not exist. This attribute is available for null interfaces and loopback interfaces. |
Interface |
Abbreviated interface name. |
Link |
Physical link state of the interface: · UP—The link is physically up. · DOWN—The link is physically down. · ADM—The link has been administratively shut down. To bring it up, use the undo shutdown command. · Stby—The interface is a backup interface. |
Protocol |
Data link layer protocol state of the interface: · UP—The data link protocol state of the interface is up. · UP (spoofing)—The link protocol state of the interface is up, but the link is temporarily set up on demand or does not exist. This attribute is available for null interfaces and loopback interfaces. |
Main IP |
Primary IP address of the interface. |
Description |
Description of the interface. |
Cause |
Causes for the physical state of DOWN: · Administratively—The link has been shut down by using the shutdown command. To restore its physical state, use the undo shutdown command. · Not connected—The tunnel is not established. |
Related commands
· destination
· interface tunnel
· source
interface tunnel
Use interface tunnel to create a tunnel interface, specify the tunnel mode, and enter tunnel interface view.
Use undo interface tunnel to delete a tunnel interface.
Syntax
interface tunnel number [ mode { gre [ ipv6 ] | ipv4-ipv4 | ipv6 | ipv6-ipv4 [ 6to4 | isatap ] | mpls-te | nve | vxlan } ]
undo interface tunnel number
Default
No tunnel interface is created on the device.
Views
System view
Predefined user roles
network-admin
Parameters
number: Specifies the number of the tunnel interface, in the range of 0 to 1023.
mode gre: Specifies GRE/IPv4 tunnel mode.
mode gre ipv6: Specifies GRE/IPv6 tunnel mode.
mode ipv4-ipv4: Specifies IPv4 over IPv4 tunnel mode.
mode ipv6: Specifies IPv6 tunnel mode. Set this mode for IPv4 over IPv6 manual and IPv6 over IPv6 tunnels.
mode ipv6-ipv4: Specifies IPv6 over IPv4 manual tunnel mode.
mode ipv6-ipv4 6to4: Specifies 6to4 tunnel mode.
mode ipv6-ipv4 isatap: Specifies ISATAP tunnel mode.
mode mpls-te: Specifies MPLS TE tunnel mode.
mode nve: Specifies NVE tunnel mode.
mode vxlan: Specifies VXLAN tunnel mode.
Usage guidelines
To create a new tunnel interface, you must specify the tunnel mode in this command. To enter the view of an existing tunnel interface, you do not need to specify the tunnel mode.
A tunnel interface number is locally significant. The tunnel interfaces on the two ends of a tunnel can use the same or different interface numbers.
Examples
# Create a GRE/IPv4 tunnel interface Tunnel 1 and enter tunnel interface view.
<Sysname> system-view
[Sysname] interface tunnel 1 mode gre
[Sysname-Tunnel1]
Related commands
· destination
· display interface tunnel
· source
mtu
Use mtu to set the MTU on a tunnel interface.
Use undo mtu to restore the default.
Syntax
mtu size
undo mtu
Default
The MTU is 64000 bytes.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
size: Specifies the MTU in the range of 100 to 64000 bytes.
Usage guidelines
Set an appropriate MTU to avoid fragmentation. The MTU for the tunnel interface applies only to unicast packets.
An MTU set on any tunnel interface is effective on all existing tunnel interfaces.
Examples
# Set the MTU on interface Tunnel 1 to 10000 bytes.
<Sysname> system-view
[Sysname] interface tunnel 1
[Sysname-Tunnel1] mtu 10000
Related commands
display interface tunnel
reset counters interface
Use reset counters interface to clear statistics for tunnel interfaces.
Syntax
reset counters interface [ tunnel [ number ] ]
Views
User view
Predefined user roles
network-admin
Parameters
number: Specifies the tunnel interface number.
Usage guidelines
Use this command to clear old statistics so you can observe new traffic statistics on a tunnel interface.
· If you do not specify any parameters, this command clears statistics for all interfaces.
· If you specify only the tunnel keyword, this command clears statistics for all tunnel interfaces.
· If you specify both the tunnel keyword and the number argument, this command clears statistics for the specified tunnel interface.
Examples
# Clear statistics for interface Tunnel 1.
<Sysname> reset counters interface tunnel 1
display interface tunnel
service
Use service to specify an IRF member device for forwarding the traffic on the tunnel interface.
Use undo service to restore the default.
Syntax
service slot slot-number
undo service slot
Default
No IRF member device is specified for the tunnel interface.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
slot slot-number: Specifies an IRF member device by its member ID.
Usage guidelines
If no IRF member device is specified for forwarding the traffic on the tunnel interface, the traffic is processed on the IRF member device that receives the traffic.
Some functions, such as IPsec anti-replay, require that traffic for the same tunnel interface be processed on the same IRF member device. If such a function is configured, you must use this command to specify an IRF member device for forwarding the traffic on a tunnel interface.
If the specified IRF member device is removed, traffic on the tunnel interface cannot be forwarded even if the tunnel interface is up. When the IRF member device is reinstalled, traffic forwarding resumes on the member device.
Examples
# Specify IRF member device 2 to forward traffic for interface Tunnel 200.
<Sysname> system-view
[Sysname] interface tunnel 200
[Sysname-Tunnel200] service slot 2
shutdown
Use shutdown to shut down a tunnel interface.
Use undo shutdown to bring up a tunnel interface.
Syntax
shutdown
undo shutdown
Default
The tunnel interface is enabled.
Views
Tunnel interface view
Predefined user roles
network-admin
Usage guidelines
This command disconnects all links set up on the interface. Make sure you fully understand the impact of the command on your network.
Examples
# Shut down interface Tunnel 1.
<Sysname> system-view
[Sysname] interface tunnel 1
[Sysname-Tunnel1] shutdown
Related commands
display interface tunnel
source
Use source to specify the source address or source interface for the tunnel interface.
Use undo source to restore the default.
Syntax
source { ip-address | ipv6-address | interface-type interface-number }
undo source
Default
No source address or source interface is specified for the tunnel interface.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
ip-address: Specifies the tunnel source IPv4 address.
ipv6-address: Specifies the tunnel source IPv6 address.
Usage guidelines
The specified source address or the address of the specified source interface is used as the source address of tunneled packets. To view the configured tunnel source address, use the display interface tunnel command.
The source address of the local tunnel interface must be the destination address of the peer tunnel interface, and vice versa.
If you execute this command multiple times, the most recent configuration takes effect.
Examples
# Specify VLAN-interface 10 as the source interface of interface Tunnel 1.
<Sysname> system-view
[Sysname] interface tunnel 1 mode gre
[Sysname-Tunnel1] source vlan-interface 10
# Specify 192.100.1.1 as the source address of interface Tunnel 1.
<Sysname> system-view
[Sysname] interface tunnel 1 mode gre
[Sysname-Tunnel1] source 192.100.1.1
· destination
· display interface tunnel
· interface tunnel
tunnel dfbit enable
Use tunnel dfbit enable to set the Don't Fragment (DF) bit for tunneled packets.
Use undo tunnel dfbit enable to restore the default.
Syntax
tunnel dfbit enable
undo tunnel dfbit enable
Default
The DF bit is not set for tunneled packets.
Views
Tunnel interface view
Predefined user roles
network-admin
Usage guidelines
To avoid fragmentation and delay, set the DF bit for tunneled packets. Make sure the path MTU is larger than tunneled packets. Otherwise, do not set the DF bit to avoid discarding tunneled packets larger than the path MTU.
This command is not supported on a GRE over IPv6 tunnel interface and an IPv6 tunnel interface.
Examples
# Set the DF bit for tunneled packets on interface Tunnel 1.
<Sysname> system-view
[Sysname] interface tunnel 1 mode gre
[Sysname-Tunnel1] tunnel dfbit enable
tunnel discard ipv4-compatible-packet
Use tunnel discard ipv4-compatible-packet to enable dropping of IPv6 packets using IPv4-compatible IPv6 addresses.
Use undo tunnel discard ipv4-compatible-packet to restore the default.
Syntax
tunnel discard ipv4-compatible-packet
undo tunnel discard ipv4-compatible-packet
Default
IPv6 packets using IPv4-compatible IPv6 addresses are not dropped.
Views
System view
Predefined user roles
network-admin
Usage guidelines
This command enables the device to check the source and destination IPv6 addresses of the de-encapsulated IPv6 packets from the tunnel. Then the command discards packets that use a source or destination IPv4-compatible IPv6 address.
Examples
# Enable dropping of IPv6 packets using IPv4-compatible IPv6 addresses.
<Sysname> system-view
[Sysname] tunnel discard ipv4-compatible-packet
tunnel tos
Use tunnel tos to set the ToS of tunneled packets.
Use undo tunnel tos to restore the default.
Syntax
tunnel tos tos-value
undo tunnel tos
Default
The ToS of tunneled packets is the same as the ToS of the original packets.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
tos-value: Specifies the ToS of tunneled packets, in the range of 0 to 255.
Usage guidelines
After you configure this command, all the tunneled packets of different services sent on the tunnel interface will use the same configured ToS. For more information about ToS, see ACL and QoS Configuration Guide.
Examples
# Set the ToS of tunneled packets on the interface Tunnel 1 to 20.
<Sysname> system-view
[Sysname] interface tunnel 1 mode gre
[Sysname-Tunnel1] tunnel tos 20
Related commands
display interface tunnel
tunnel ttl
Use tunnel ttl to set the Time to Live (TTL) of tunneled packets.
Use undo tunnel ttl to restore the default.
Syntax
tunnel ttl ttl-value
undo tunnel ttl
Default
The TTL of tunneled packets is 255.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
ttl-value: Specifies the TTL of tunneled packets, in the range of 1 to 255.
Usage guidelines
The TTL determines the maximum number of hops that the tunneled packets can pass. When the TTL expires, the tunneled packet is discarded to avoid loops.
Examples
# Set the TTL of tunneled packets to 100 on interface Tunnel 1.
<Sysname> system-view
[Sysname] interface tunnel 1 mode gre
[Sysname-Tunnel1] tunnel ttl 100
Related commands
display interface tunnel