Login
- Table of Contents
-
- 04-Layer 3-IP Services Command Reference
- 00-Preface
- 01-ARP commands
- 02-IP addressing commands
- 03-DHCP commands
- 04-DNS commands
- 05-IP forwarding basics commands
- 06-Fast forwarding commands
- 07-Adjacency table commands
- 08-IRDP commands
- 09-IP performance optimization commands
- 10-UDP helper commands
- 11-IPv6 basics commands
- 12-DHCPv6 commands
- 13-IPv6 fast forwarding commands
- 14-Tunneling commands
- 15-GRE commands
- 16-HTTP redirect commands
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 05-IP forwarding basics commands | 92.27 KB |
Basic IP forwarding commands
display fib
Use display fib to display FIB entries.
Syntax
display fib [ vpn-instance vpn-instance-name ] [ ip-address [ mask | mask-length ] ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. To display the FIB entries for the public network, do not specify any VPN instance.
ip-address: Displays the FIB entry that matches the specified destination IP address.
mask: Specifies the mask for the IP address.
mask-length: Specifies the mask length for the IP address. The value range is 0 to 32.
Usage guidelines
If you specify an IP address without a mask or mask length, this command displays the longest matching FIB entry.
If you specify an IP address and a mask or mask length, this command displays the exactly matching FIB entry.
Examples
# Display all FIB entries of the public network.
<Sysname> display fib
Destination count: 5 FIB entry count: 5
Flag:
U:Usable G:Gateway H:Host B:Blackhole D:Dynamic S:Static
R:Relay F:FRR
Destination/Mask Nexthop Flag OutInterface/Token Label
0.0.0.0/32 127.0.0.1 UH InLoop0 Null
1.1.1.0/24 192.168.126.1 USGF M-GE0/0/0 Null
127.0.0.0/8 127.0.0.1 U InLoop0 Null
127.0.0.0/32 127.0.0.1 UH InLoop0 Null
127.0.0.1/32 127.0.0.1 UH InLoop0 Null
# Display the FIB entries for VPN vpn1.
<Sysname> display fib vpn-instance vpn1
Destination count: 6 FIB entry count: 6
Flag:
U:Usable G:Gateway H:Host B:Blackhole D:Dynamic S:Static
R:Relay F:FRR
Destination/Mask Nexthop Flag OutInterface/Token Label
0.0.0.0/32 127.0.0.1 UH InLoop0 Null
20.20.20.0/24 20.20.20.25 U M-GE0/0/0 Null
20.20.20.0/32 20.20.20.25 UBH M-GE0/0/0 Null
20.20.20.25/32 127.0.0.1 UH InLoop0 Null
20.20.20.25/32 20.20.20.25 H M-GE0/0/0 Null
20.20.20.255/32 20.20.20.25 UBH M-GE0/0/0 Null
# Display the FIB entries matching the destination IP address 10.2.1.1.
<Sysname> display fib 10.2.1.1
Destination count: 1 FIB entry count: 1
Flag:
U:Usable G:Gateway H:Host B:Blackhole D:Dynamic S:Static
R:Relay F:FRR
Destination/Mask Nexthop Flag OutInterface/Token Label
10.2.1.1/32 127.0.0.1 UH InLoop0 Null
Table 1 Command output
|
Field |
Description |
|
Destination count |
Total number of destination addresses. |
|
FIB entry count |
Total number of FIB entries. |
|
Destination/Mask |
Destination address and the mask length. |
|
Nexthop |
Next hop address. |
|
Flag |
Flags of routes: · U—Usable route. · G—Gateway route. · H—Host route. · B—Blackhole route. · D—Dynamic route. · S—Static route. · R—Relay route. · F—Fast reroute. |
|
OutInterface/Token |
Output interface/LSP index number. |
|
Label |
Inner label. |
forwarding split-horizon
Use forwarding split-horizon to enable split horizon forwarding.
Use undo forwarding split-horizon to disable split horizon forwarding.
Syntax
forwarding split-horizon
undo forwarding split-horizon
Default
Split horizon forwarding is disabled.
Views
System view
Predefined user roles
network-admin
Usage guidelines
This feature prevents IPv4, IPv6, and MPLS packets from being forwarded out of the physical interface on which they were received, avoiding network loops.
Examples
# Enable split horizon forwarding.
<Sysname> system-view
[Sysname] forwarding split-horizon
ip forwarding
|
|
NOTE: This command is available only in Release 6635 and later versions. |
Use ip forwarding to enable IPv4 packet forwarding on an interface that has no IPv4 address configured.
Use undo ip forwarding to disable IPv4 packet forwarding on an interface that has no IPv4 address configured.
Syntax
ip forwarding
undo ip forwarding
Default
If an interface has no IPv4 address configured, the IPv4 packet forwarding is disabled on the interface.
Views
Interface view
Predefined user roles
network-admin
Usage guidelines
On a device that supports both IPv4 and IPv6, the next hop of an IPv4 packet might be an IPv4 address or an IPv6 address. If the output interface has no IPv4 address configured, the interface cannot forward the IPv4 packet. To solve this problem, execute this command on the interface. This feature allows the interface to forward IPv4 packets even though the interface has no IPv4 address configured.
Examples
# Enable IPv4 packet forwarding on VLAN-interface 1 that has no IPv4 address configured.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] ip forwarding
ip forwarding-table save
Use ip forwarding-table save to save the IP forwarding entries to a file.
Syntax
ip forwarding-table save filename filename
Views
Any view
Predefined user roles
network-admin
Parameters
filename filename: Specifies the name of a file, a string of 1 to 255 characters. For information about the filename argument, see file system management in Fundamentals Configuration Guide.
Usage guidelines
The command automatically creates the file if you specify a nonexistent file. If the file already exists, this command overwrites the file content.
To automatically save the IP forwarding entries periodically, configure a schedule for the device to automatically run the ip forwarding-table save command. For information about scheduling a task, see Fundamentals Configuration Guide.
Examples
# Save the IP forwarding entries to the fib.txt file.
<Sysname> ip forwarding-table save filename fib.txt
packet-drop statistics enable
|
|
NOTE: This command is available only in Release 6635 and later versions. |
Use packet-drop statistics enable to enable packet-drop statistics collection on interfaces.
Use undo packet-drop statistics enable to disable packet-drop statistics collection on interfaces.
Syntax
packet-drop statistics enable [ in-acl | out-acl | in-checksum | out-checksum | in-illegal-interface | in-l2-mtu | out-l2-mtu | in-l3-header | in-l3-header-ipv6 | in-l3-mtu | in-l3-nexthop | in-l3-rib | in-l3-rib-ipv6 | in-l3-ttl | in-stp-block | out-stp-block | in-same-interface | in-storm-suppression | in-vlan-mismatch | out-vlan-mismatch ] *
undo packet-drop statistics enable [ in-acl | out-acl | in-checksum | out-checksum | in-illegal-interface | in-l2-mtu | out-l2-mtu | in-l3-header-ipv4 | in-l3-header-ipv6 | in-l3-mtu | in-l3-nexthop | in-l3-rib-ipv4 | in-l3-rib-ipv6 | in-l3-ttl | in-stp-block | out-stp-block | in-same-interface | in-storm-suppression | in-vlan-mismatch | out-vlan-mismatch ] *
Default
The device does not count packet drops on interfaces.
Views
System view
Predefined user roles
network-admin
Parameters
in-acl: Specifies incoming packets dropped by ACL.
out-acl: Specifies outgoing packets dropped by ACL.
in-checksum: Specifies incoming packets dropped because of parity check failures.
out-checksum: Specifies outgoing packets dropped because of parity check failures.
in-illegal-interface: Specifies incoming packets dropped because no egress interface was found or the egress interface was illegal.
in-l2-mtu: Specifies incoming packets dropped because of Layer 2 MTU exceeding.
out-l2-mtu: Specifies outgoing packets dropped because of Layer 2 MTU exceeding.
in-l3-header: Specifies incoming IPv4 packets dropped because of invalid Layer 3 headers, for example, invalid checksum.
in-l3-header-ipv6: Specifies incoming IPv6 packets dropped because of invalid Layer 3 headers, for example, invalid checksum.
in-l3-mtu: Specifies incoming packets dropped because of Layer 3 MTU exceeding.
in-l3-nexthop: Specifies incoming packets dropped because the next-hop action is Drop.
in-l3-ttl: Specifies incoming packets dropped because their TTLs are less than 1.
in-l3-rib: Specifies incoming IPv4 packets dropped because no route was found or the action in the routing table is drop.
in-l3-rib-ipv6: Specifies incoming IPv6 packets dropped because no route was found or the action in the routing table is drop.
in-same-interface: Specifies incoming packets dropped because the ingress interface is the same as the egress one.
in-stp-block: Specifies incoming packets dropped because of spanning tree port blocking.
out-stp-block: Specifies outgoing packets dropped because of spanning tree port blocking.
in-storm-suppression: Specifies incoming packets dropped because of broadcast, multicast, or unknown unicast suppression.
in-vlan-mismatch: Specifies incoming packets dropped because of VLAN mismatch.
out-vlan-mismatch: Specifies outgoing packets dropped because of VLAN mismatch.
Usage guidelines
This feature takes effect on only physical interfaces.
After you enable this feature, the device collects statistics on specific packet drops on interfaces and reports the statistics to the collector through gRPC.
Examples
# Enable the device to collect statistics on incoming packets dropped because of Layer 2 MTU exceeding.
<Sysname> system-view
[Sysname] packet-drop statistics enable in-l2-mtu
Load sharing commands
bandwidth-based-sharing
Use bandwidth-based-sharing to enable IPv4 load sharing based on bandwidth.
Use undo bandwidth-based-sharing to disable IPv4 load sharing based on bandwidth.
Syntax
bandwidth-based-sharing
undo bandwidth-based-sharing
Default
The IPv4 load sharing based on bandwidth is disabled.
Views
System view
Predefined user roles
network-admin
Usage guidelines
This feature load shares flow traffic among multiple output interfaces based on their load percentages. The device calculates the load percentage for each output interface in terms of their expected bandwidths.
Devices that run load sharing protocols, such as Locator/ID Separation Protocol (LISP), implement load sharing based on the ratios defined by these protocols.
This feature is mutually exclusive with the enhanced ECMP mode configured by the ecmp mode enhanced command.
After you enable this feature, the expected bandwidth set by using the bandwidth command on an interface cannot exceed the actual physical bandwidth of the interface.
After you enable this feature, you must set the expected bandwidth for VLAN interfaces to ensure correct bandwidth allocation.
Examples
# Enable IPv4 load sharing based on bandwidth.
<Sysname> system-view
[Sysname] bandwidth-based-sharing
display ip load-sharing mode
Use display ip load-sharing mode to display the load sharing mode in use.
Syntax
display ip load-sharing mode slot slot-number
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
slot slot-number: Specifies an IRF member device by its member ID. If you do not specify a member device, this command displays the load sharing mode for all member devices.
Examples
# Display the load sharing mode in use.
<Sysname> display ip load-sharing mode slot 1
Load-sharing mode: per-flow
Load-sharing options: dest-ip | src-ip | ip-pro | dest-port | src-port | ingress-port
Load-sharing algorithm: 1
IP tunnel load-sharing mode: outer
Table 2 Command output
|
Field |
Description |
|
Load-sharing mode |
Per-flow load sharing. |
|
Load-sharing options |
Options configured for load sharing: · dest-ip—Identifies flows by packet's destination IP address. · src-ip—Identifies flows by packet's source IP address. · ip-pro—Identifies flows by packet's IP protocol. · dest-port—Identifies flows by packet's destination port number. · src-port—Identifies flows by packet's source port number. · ingress-port—Identifies flows by packet's ingress port. |
|
Load-sharing algorithm |
Algorithm used by load sharing. |
|
IP tunnel load-sharing mode |
Load sharing for IP tunnel packets: · inner—Identifies flows by inner IP header information. · outer—Identifies flows by outer IP header information. |
Related commands
ip load-sharing mode
display ip load-sharing path
Use display ip load-sharing path to display the load sharing path selected for a flow.
Syntax
display ip load-sharing path ingress-port interface-type interface-number packet-format { ipv4oe dest-ip ip-address [ src-ip ip-address ] | ipv6oe dest-ipv6 ipv6-address [ src-ipv6 ipv6-address ] } [ dest-port port-id | ip-pro protocol-id | src-port port-id ] *
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
ingress-port interface-type interface-number: Specifies an ingress port by its type and number.
packet-format { ipv4oe dest-ip ip-address [src-ip ip-address ] | ipv6oe dest-ipv6 ipv6-address [ src-ipv6 ipv6-address ] }: Specifies the packet encapsulation format.
ipv4oe: Specifies the format of IPv4 over Ethernet.
dest-ip ip-address: Specifies the destination IPv4 address in dotted decimal notation. If you do not specify this argument, the calculation uses 0.0.0.0 for path selection.
src-ip ip-address: Specifies the source IPv4 address in dotted decimal notation. If you do not specify this argument, the calculation uses 0.0.0.0 for path selection.
ipv6oe: Specifies the format of IPv6 over Ethernet.
dest-ipv6 ipv6-address: Specifies the destination IPv6 address. If you do not specify this option, the calculation uses 0:0:0:0:0:0:0:0 for path selection.
src-ipv6 ipv6-address: Specifies the source IPv6 address. If you do not specify this option, the calculation uses 0:0:0:0:0:0:0:0 for path selection.
dest-port port-id: Specifies a destination port number in the range of 1 to 65535. If you do not specify this option, the calculation uses 0 for path selection.
ip-pro protocol-id: Specifies an IP protocol by its number in the range of 1 to 65535. If you do not specify this option, the calculation uses 0 for path selection.
source-port port-id: Specifies a source port number in the range of 1 to 65535. If you do not specify this option, the calculation uses 0 for path selection.
Usage guidelines
The option settings in this command must match both the options displayed in the display ip load-sharing mode command and the field values in load shared packets. If the option settings do not meet the requirement, the path displayed by this command might be different from the real path for load sharing.
Examples
# Display the load sharing path selected for the flow with the following attributes: ingress port Twenty-FiveGigE 1/0/3, destination IP address 10.110.0.2, source IP address 10.100.0.2, IP protocol number 153, destination port number 2000, source port number 2000.
<Sysname> display ip load-sharing path ingress-port twenty-fivegige 1/0/3 packet-format ipv4oe dest-ip 10.110.0.2 src-ip 10.100.0.2 ip-pro 153 dest-port 2000 src-port 2000
Load-sharing algorithm: 0
Load-sharing options: dest-ip | src-ip | ip-pro | dest-port | src-port | ingress-port
Load-sharing parameters:
Missing configured are set to 0.
ingress-port: Twenty-FiveGigE1/0/3
packet-format: IPv4oE
dest-ip: 10.110.0.2
src-ip: 10.100.0.2
ip-pro: 153
dest-port: 2000
src-port: 2000
Path selected: 20.0.0.2(interface Twenty-FiveGigE1/0/3)
Table 3 Command output
|
Field |
Description |
|
Load-sharing algorithm |
User-defined load sharing algorithm ID. |
|
Load-sharing options |
Load sharing options specified by the ip load-sharing mode command. |
|
Load-sharing parameters |
Load sharing parameters that you specify for the display ip load-sharing path command. |
|
Missing configured are set to 0. |
Values of the unconfigured parameters are set to 0. |
|
ingress-port |
Ingress port of the packet. |
|
packet-format |
Packet encapsulation format. |
|
dest-ip |
Destination IP address of the packet. |
|
src-ip |
Source IP address of the packet. |
|
ip-pro |
IP protocol number. |
|
dest-port |
Destination port number. |
|
src-port: |
Source port number. |
|
Path selected |
Selected path information, including the IPv4 or IPv6 address of the next hop and the egress port. |
Related commands
ip load-sharing mode
ip load-sharing local-first enable
Use ip load-sharing local-first enable to enable local-first load sharing.
Use undo ip load-sharing local-first enable to disable local-first load sharing.
Syntax
ip load-sharing local-first enable
undo ip load-sharing local-first enable
Default
Local-first load sharing is enabled.
Views
System view
Predefined user roles
network-admin
Examples
# Enable local-first load sharing.
<Sysname> system-view
[Sysname] ip load-sharing local-first enable
ip load-sharing mode
Use ip load-sharing mode to configure the load sharing mode.
Use undo ip load-sharing mode to restore the default.
Syntax
ip load-sharing mode per-flow [ algorithm algorithm-number [ seed seed-number ] [ shift shift-number ] | [ dest-ip | dest-port | ingress-port | ip-pro | src-ip | src-port ] * | tunnel { inner | outer } ] { global | slot slot-number }
undo ip load-sharing mode { global | slot slot-number }
Default
The device performs per-flow load sharing based on the following criteria: source IP address, destination IP address, source port number, destination port number, IP protocol number, and ingress port.
Views
System view
Predefined user roles
network-admin
Parameters
algorithm algorithm-number: Specifies an algorithm for per-flow load sharing. The value range for the algorithm-number argument is 0 to 13. If you do not specify an algorithm, the default algorithm value is 8.
seed seed-number: Specifies the seed value for the algorithm. The value range is 0 to ffffffff, and the default value is 0.
shift shift-number: Specifies the shift value for the hash algorithm result. The value range is 0 to 15, and the default value is 0.
per-flow: Implements per-flow load sharing.
dest-ip: Identifies flows by destination IP address.
dest-port: Identifies flows by destination port.
ingress-port: Identifies flows by ingress port.
ip-pro: Identifies flows by protocol number.
src-ip: Identifies flows by source IP address.
src-port: Identifies flows by source port.
tunnel { inner | outer }: Performs load sharing for IP tunnel packets. The inner keyword identifies flows by inner IP header information. The outer keyword identifies flows by outer IP header information. If you do not specify this option, the device performs load sharing based on inner IP header information.
global: Configures the load sharing mode globally.
slot slot-number: Specifies an IRF member device by its member ID. If you do not specify a member device, this command configures the load sharing mode for all member devices.
Usage guidelines
If traffic is not load shared well among interfaces, you can use the seed seed-number option and the shift shift-number option to adjust the algorithm result.
Examples
# Configure per-flow load sharing for slot 1.
<Sysname> system-view
[Sysname] ip load-sharing mode per-flow slot 1
ip load-sharing symmetric enable
Use ip load-sharing symmetric enable to enable symmetric load sharing.
Use undo ip load-sharing symmetric enable to disable symmetric load sharing.
Syntax
ip load-sharing symmetric enable
undo ip load-sharing symmetric enable
Default
Symmetric load sharing is disabled.
Views
System view
Predefined user roles
network-admin
Usage guidelines
Symmetric load sharing ensures that bidirectional traffic specific to a particular source and destination address pair flow along the same path.
Before you enable symmetric load sharing, first execute the ip load-sharing mode command to configure five tuple-based load sharing. The device will perform load sharing based on the source IP address, destination IP address, source port number, destination port number, and IP protocol number. If not doing so, the device will use the default load sharing mode. In this mode, the packet ingress port is included in load sharing calculation and symmetric load sharing does not take effect.
Examples
# Enable symmetric load sharing.
<Sysname> system-view
[Sysname] ip load-sharing symmetric enable
