- Table of Contents
-
- 04-Layer 3-IP Services Command Reference
- 00-Preface
- 01-ARP commands
- 02-IP addressing commands
- 03-DHCP commands
- 04-DNS commands
- 05-IP forwarding basics commands
- 06-Fast forwarding commands
- 07-Adjacency table commands
- 08-IRDP commands
- 09-IP performance optimization commands
- 10-UDP helper commands
- 11-IPv6 basics commands
- 12-DHCPv6 commands
- 13-IPv6 fast forwarding commands
- 14-Tunneling commands
- 15-GRE commands
- 16-HTTP redirect commands
- Related Documents
-
Title | Size | Download |
---|---|---|
14-Tunneling commands | 126.37 KB |
reset counters interface tunnel
tunnel discard ipv4-compatible-packet
tunnel ip-in-ip decapsulate-any
Tunneling commands
bandwidth
Use bandwidth to set the expected bandwidth for an interface.
Use undo bandwidth to restore the default.
Syntax
bandwidth bandwidth-value
undo bandwidth
Default
The expected bandwidth (in kbps) is the interface maximum rate divided by 1000.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
bandwidth-value: Specifies the expected bandwidth, in the range of 1 to 400000000 kbps.
Usage guidelines
The expected bandwidth for an interface affects the link costs in OSPF, OSPFv3, and IS-IS. For more information, see Layer 3—IP Routing Configuration Guide.
Examples
# Set the expected bandwidth for Tunnel 1 to 100 kbps.
<Sysname> system-view
[Sysname] interface tunnel 1
[Sysname-Tunnel1] bandwidth 100
default
Use default to restore the default settings for a tunnel interface.
Syntax
default
Views
Tunnel interface view
Predefined user roles
network-admin
Usage guidelines
CAUTION: The default command might interrupt ongoing network services. Make sure you are fully aware of the impact of this command when you use it on a live network. |
This command might fail to restore the default settings for some commands for reasons such as command dependencies or system restrictions. Use the display this command in interface view to identify these commands. Use their undo forms or follow the command reference to restore their default settings. If your restoration attempt still fails, follow the error message instructions to resolve the problem.
Examples
# Restore the default settings of Tunnel 1.
<Sysname> system-view
[Sysname] interface tunnel 1
[Sysname-Tunnel1] default
description
Use description to configure the description of an interface.
Use undo description to restore the default.
Syntax
description text
undo description
Default
The description of a tunnel interface is Tunnelnumber Interface, for example, Tunnel1 Interface.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
text: Specifies a description, a case-sensitive string of 1 to 255 characters.
Usage guidelines
Configure descriptions for different interfaces for identification and management purposes.
You can use the display interface command to display the configured interface description.
Examples
# Configure the description of Tunnel 1 as tunnel1.
<Sysname> system-view
[Sysname] interface tunnel 1
[Sysname-Tunnel1] description tunnel1
display interface tunnel
destination
Use destination to specify the destination address for a tunnel interface.
Use undo destination to restore the default.
Syntax
destination { ipv4-address | ipv6-address }
undo destination
Default
No tunnel destination address is configured.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
ipv4-address: Specifies the tunnel destination IPv4 address.
ipv6-address: Specifies the tunnel destination IPv6 address.
Usage guidelines
For a manual tunnel interface, you must configure the destination address. For an automatic tunnel interface, you do not need to configure the destination address.
The tunnel destination address must be the address of the receiving interface on the tunnel peer. It is used as the destination address of tunneled packets.
The destination address of the local tunnel interface must be the source address of the peer tunnel interface. The source address of the local tunnel interface must be the destination address of the peer tunnel interface.
Do not specify the same tunnel source and destination addresses for the tunnel interfaces on the same device.
Examples
# VLAN-interface 100 on Sysname 1 uses the IP address 193.101.1.1 and VLAN-interface 100 on Sysname 2 uses the IP address 192.100.1.1. Configure the source address 193.101.1.1 and destination address 192.100.1.1 for the tunnel interface on Sysname 1.
<Sysname1> system-view
[Sysname1] interface tunnel 1 mode ipv6-ipv4
[Sysname1-Tunnel1] source 193.101.1.1
[Sysname1-Tunnel1] destination 192.100.1.1
# Configure the source address 192.100.1.1 and destination address 193.101.1.1 for the tunnel interface on Sysname 2.
<Sysname2> system-view
[Sysname2] interface tunnel 1 mode ipv6-ipv4
[Sysname2-Tunnel1] source 192.100.1.1
[Sysname2-Tunnel1] destination 193.101.1.1
display interface tunnel
interface tunnel
source
display interface tunnel
Use display interface tunnel to display tunnel interface information.
Syntax
display interface [ tunnel [ number ] ] [ brief [ description | down ] ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
tunnel [ number ]: Specifies a tunnel interface. The number argument specifies the tunnel interface number. The specified tunnel interface must have been created. If you do not specify the tunnel keyword, this command displays information about all interfaces on the device. If you specify the tunnel keyword without the number argument, this command displays information about all existing tunnel interfaces.
brief: Displays brief interface information. If you do not specify this keyword, the command displays detailed interface information.
description: Displays complete interface descriptions. If you do not specify this keyword, the command displays only the first 25 characters of interface descriptions.
down: Displays information about interfaces in the physical state of DOWN and the causes. If you do not specify this keyword, the command displays information about interfaces in all states.
Examples
# Display detailed information about Tunnel 1.
<Sysname> display interface tunnel 1
Tunnel1
Current state: UP
Line protocol state: UP
Description: Tunnel1 Interface
Bandwidth: 64kbps
Maximum transmission unit: 1476
Internet address: 10.1.2.1/24 (primary)
Tunnel source 2002::1:1 (Vlan-interface10), destination 2001::2:1
Tunnel TOS 0xC8, Tunnel TTL 255
Tunnel protocol/transport GRE/IPv6
GRE key disabled
Checksumming of GRE packets disabled
Last clearing of counters: Never
Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec
Last 300 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec
Input: 0 packets, 0 bytes, 0 drops
Output: 0 packets, 0 bytes, 0 drops
Table 1 Command output
Field |
Description |
Tunnel1 |
Information about the tunnel interface Tunnel 1. |
Current state |
Physical link state of the tunnel interface: · Administratively DOWN—The interface has been shut down by using the shutdown command. · DOWN—The interface is administratively up, but its physical state is down (possibly because no physical link exists or the link has failed). · UP—The interface is both administratively and physically up. |
Line protocol state |
Data link layer state of the interface. The state is determined through automatic parameter negotiation at the data link layer. · UP—The data link layer protocol is up. · UP (spoofing)—The data link layer protocol is up, but the link is an on-demand link or does not exist. This attribute is typical of null interfaces and loopback interfaces. · DOWN—The data link layer protocol is down. |
Description |
Description of the tunnel interface. |
Bandwidth |
Expected bandwidth of the tunnel interface. |
Maximum transmission unit |
MTU of the tunnel interface. |
Internet protocol processing: Disabled |
The tunnel interface is not assigned an IP address and cannot process IP packets. |
Internet address: ip-address/mask-length (Type) |
IP address of the interface and type of the address in parentheses. Possible IP address types include: · Primary—Manually configured primary IP address. · Sub—Manually configured secondary IP address. If the interface has both primary and secondary IP addresses, the primary IP address is displayed. If the interface has only secondary IP addresses, the lowest secondary IP address is displayed. · Unnumbered—IP address borrowed from another interface. |
Tunnel source |
Source address of the tunnel. If a source interface is specified for the tunnel interface, this field also displays the source interface in parentheses. |
destination |
Destination address of the tunnel. |
Tunnel TOS |
ToS of tunneled packets. |
Tunnel TTL |
TTL of tunneled packets. |
Tunnel protocol/transport |
Tunnel mode and transport protocol: · CR_LSP—MPLS TE tunnel mode. · GRE/IP—GRE/IPv4 tunnel mode. · GRE/IPv6—GRE/IPv6 tunnel mode. · IP/IP—IPv4 over IPv4 tunnel mode. · IPv6—IPv6 tunnel mode. · IPv6/IP—IPv6 over IPv4 manual tunnel mode. · IPv6/IP 6to4—IPv6 over IPv4 6to4 tunnel mode. · IPv6/IP ISATAP—IPv6 over IPv4 ISATAP tunnel mode. · UDP_VXLAN/IP—UDP-encapsulated IPv4 VXLAN tunnel mode. · UDP_VXLAN/IPv6—UDP-encapsulated IPv6 VXLAN tunnel mode. · UDP_VXLAN_DCI/IP—UDP-encapsulated IPv4 VXLAN-DCI tunnel mode. · UDP_VXLAN_DCI/IPv6—UDP-encapsulated IPv6 VXLAN-DCI tunnel mode. |
GRE key disabled |
This field is not supported in the current software version. No GRE tunnel interface key is configured. |
Checksumming of GRE packets disabled |
This field is not supported in the current software version. The GRE packet checksum feature is disabled. |
Last clearing of counters |
Last time when counters were cleared. |
Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec |
Average input rate in the last 300 seconds. |
Last 300 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec |
Average output rate in the last 300 seconds. |
Input: 0 packets, 0 bytes, 0 drops |
Total input packets, total input bytes, and total input packets dropped. Input packets are counted after they are de-encapsulated by software. |
Output: 0 packets, 0 bytes, 0 drops |
Total output packets, total output bytes, and total output packets dropped. Output packets are counted before they are encapsulated by software. |
# Display brief information about Tunnel 1.
<Sysname> display interface tunnel 1 brief
Brief information on interfaces in route mode:
Link: ADM - administratively down; Stby - standby
Protocol: (s) - spoofing
Interface Link Protocol Primary IP Description
Tun1 UP UP 1.1.1.1 aaaaaaaaaaaaaaaaaaaaaaaaaaa
# Display brief information about Tunnel 1, including the complete interface description.
<Sysname> display interface tunnel 1 brief description
Brief information on interfaces in route mode:
Link: ADM - administratively down; Stby - standby
Protocol: (s) - spoofing
Interface Link Protocol Primary IP Description
Tun1 UP UP 1.1.1.1 aaaaaaaaaaaaaaaaaaaaaaaaaaaaa
Aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
# Display information about interfaces in DOWN state and the causes.
<Sysname> display interface tunnel brief down
Brief information on interfaces in route mode:
Link: ADM - administratively down; Stby - standby
Interface Link Cause
Tun0 DOWN Not connected
Tun1 DOWN Not connected
Table 2 Command output
Field |
Description |
Interface |
Abbreviated interface name. |
Link |
Physical link state of the interface: · UP—The interface is physically up. · DOWN—The interface is physically down. · ADM—The interface has been shut down by using the shutdown command. To restore the physical state of the interface, use the undo shutdown command. · Stby—The interface is a backup interface in standby state. |
Protocol |
Data link layer protocol state of the interface: · UP—The data link layer protocol of the interface is up. · DOWN—The data link layer protocol of the interface is down. · UP(s)—The data link layer protocol of the interface is up, but the link is an on-demand link or does not exist. The (s) attribute represents the spoofing flag. This value is typical of null interfaces and loopback interfaces. |
Primary IP |
Primary IP address of the interface. This field displays two hyphens (--) if the interface does not have an IP address. |
Description |
Description of the interface. |
Cause |
Cause for the physical link state of an interface to be DOWN: · Administratively—The interface has been manually shut down by using the shutdown command. To restore the physical state of the interface, use the undo shutdown command. · Not connected—The tunnel is not established. |
Related commands
destination
interface tunnel
source
group
Use group to assign a VXLAN tunnel interface to a VXLAN tunnel group.
Use undo group to restore the default.
|
NOTE: This command is supported only in Release 6635 and later. |
Syntax
group group-id
undo group
Default
A VXLAN tunnel interface is not assigned to any VXLAN tunnel group.
Views
VXLAN tunnel interface view
Predefined user roles
network-admin
Parameters
group-id: Specifies the ID of the VXLAN tunnel group. The value range for this argument varies by device model.
Usage guidelines
A VXLAN tunnel group can contain a maximum of 32 VXLAN tunnel interfaces on the device.
Use this command in conjunction with the traffic redirection feature to load share traffic among multiple VXLAN tunnels in a VXLAN tunnel group. For more information about traffic redirection, see QoS in ACL and QoS Command Reference.
A VXLAN tunnel interface can be assigned only to one VXLAN tunnel group. To assign the VXLAN tunnel interface to another VXLAN tunnel group, first remove the VXLAN tunnel interface from the original group by using the undo group command.
To assign an IPv6 tunnel interface to a VXLAN tunnel group, you must also bind the IPv6 tunnel interface to the VSI of the VXLAN.
Examples
# Assign VXLAN tunnel interface 1 to VXLAN tunnel group 2.
<Sysname> system-view
[Sysname] interface tunnel 1 mode vxlan
[Sysname-Tunnel1] group 2
interface tunnel
Use interface tunnel to create a tunnel interface, specify the tunnel mode, and enter tunnel interface view, or enter the view of an existing tunnel interface.
Use undo interface tunnel to delete a tunnel interface.
Syntax
interface tunnel number [ mode { gre [ ipv6 ] | ipv4-ipv4 | ipv6 | ipv6-ipv4 [ 6to4 | isatap ] | mpls-te | { vxlan | vxlan-dci } [ ipv6 ] } ]
undo interface tunnel number
Default
No tunnel interfaces exist.
Views
System view
Predefined user roles
network-admin
Parameters
number: Specifies the number of the tunnel interface. The value range is 0 to 15359. The number of tunnel interfaces that can be created is restricted by the total number of interfaces and the memory.
mode gre: Specifies the GRE/IPv4 tunnel mode.
mode gre ipv6: Specifies the GRE/IPv6 tunnel mode.
mode ipv4-ipv4: Specifies the IPv4 over IPv4 tunnel mode.
mode ipv6: Specifies the IPv6 tunnel mode. Set this mode for IPv4 over IPv6 tunnels and IPv6 over IPv6 tunnels.
mode ipv6-ipv4: Specifies the IPv6 over IPv4 manual tunnel mode.
mode ipv6-ipv4 6to4: Specifies the 6to4 tunnel mode.
mode ipv6-ipv4 isatap: Specifies the ISATAP tunnel mode.
mode mpls-te: Specifies the MPLS TE tunnel mode.
mode vxlan: Specifies the IPv4 VXLAN tunnel mode.
mode vxlan ipv6: Specifies the IPv6 VXLAN tunnel mode.
mode vxlan-dci: Specifies the IPv4 VXLAN-DCI tunnel mode.
mode vxlan-dci ipv6: Specifies the IPv6 VXLAN-DCI tunnel mode.
Usage guidelines
To create a new tunnel interface, you must specify the tunnel mode in this command. To enter the view of an existing tunnel interface, you do not need to specify the tunnel mode.
A tunnel interface number is locally significant. The tunnel interfaces on the two ends of a tunnel can use the same or different interface numbers.
Examples
# Create GRE/IPv4 tunnel interface Tunnel 1 and enter tunnel interface view.
<Sysname> system-view
[Sysname] interface tunnel 1 mode gre
[Sysname-Tunnel1]
Related commands
destination
display interface tunnel
source
mtu
Use mtu to set the MTU on a tunnel interface.
Use undo mtu to restore the default.
Syntax
mtu size
undo mtu
Default
If the tunnel interface has never been up, the MTU is 64000 bytes.
If the tunnel interface is up, its MTU is identical to the outgoing interface's MTU minus the length of the tunnel headers. The outgoing interface is automatically obtained through routing table lookup based on the tunnel destination address.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
size: Specifies the MTU, in the range of 100 to 64000 bytes.
Usage guidelines
After you configure an MTU for a tunnel interface, the configured MTU applies regardless of the tunnel interface status (up/down) and the outgoing interface MTU.
To avoid fragmentation after tunnel encapsulation, set the tunnel interface MTU no greater than the value of the outgoing interface MTU minus the length of the tunnel headers.
Examples
# Set the MTU on Tunnel 1 to 10000 bytes.
<Sysname> system-view
[Sysname] interface tunnel 1
[Sysname-Tunnel1] mtu 10000
Related commands
display interface tunnel
reset counters interface tunnel
Use reset counters interface tunnel to clear tunnel interface statistics.
Syntax
reset counters interface [ tunnel [ number ] ]
Views
User view
Predefined user roles
network-admin
Parameters
tunnel [ number ]: Specifies a tunnel interface. The number argument specifies the tunnel interface number. If you do not specify the tunnel keyword, this command clears statistics for all interfaces. If you specify the tunnel keyword without the number argument, this command clears statistics for all tunnel interfaces.
Usage guidelines
Use this command to clear old statistics so you can observe new traffic statistics on a tunnel interface.
Examples
# Clear statistics for Tunnel 1.
<Sysname> reset counters interface tunnel 1
display interface tunnel
service
Use service to specify a traffic processing slot for a tunnel interface.
Use undo service to restore the default.
Syntax
service slot slot-number
undo service slot
Default
No traffic processing slot is specified for a tunnel interface.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
slot slot-number: Specifies an IRF member device by its member ID.
Usage guidelines
Specify a traffic processing slot if a feature (for example, IPsec antireplay) requires that all traffic on a tunnel interface be processed on the same slot.
Make sure the specified traffic processing slot is available. If the specified traffic processing slot is unavailable, traffic on the tunnel interface cannot be forwarded, whether or not the tunnel interface is up. Traffic on the tunnel interface will not be forwarded until the traffic processing slot becomes available or until you respecify an available traffic processing slot.
Examples
# Specify a traffic processing slot for Tunnel 200.
<Sysname> system-view
[Sysname] interface tunnel 200
[Sysname-Tunnel200] service slot 1
shutdown
Use shutdown to shut down a tunnel interface.
Use undo shutdown to bring up a tunnel interface.
Syntax
shutdown
undo shutdown
Default
A tunnel interface is not administratively down.
Views
Tunnel interface view
Predefined user roles
network-admin
Usage guidelines
This command disconnects all links set up on the interface. Make sure you fully understand the impact of the command on your network.
Examples
# Shut down Tunnel 1.
<Sysname> system-view
[Sysname] interface tunnel 1
[Sysname-Tunnel1] shutdown
Related commands
display interface tunnel
source
Use source to specify the source address or source interface for a tunnel interface.
Use undo source to restore the default.
Syntax
source { ipv4-address | ipv6-address | interface-type interface-number }
undo source
Default
No source address or source interface is specified for a tunnel interface.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
ipv4-address: Specifies the tunnel source IPv4 address.
ipv6-address: Specifies the tunnel source IPv6 address.
Usage guidelines
The specified source address or the address of the specified source interface is used as the source address of tunneled packets. To display the configured tunnel source address, use the display interface tunnel command.
Do not specify the same tunnel source and destination addresses for the tunnel interfaces on the same device.
The destination address of the local tunnel interface must be the source address of the peer tunnel interface. The source address of the local tunnel interface must be the destination address of the peer tunnel interface.
If you execute this command multiple times, the most recent configuration takes effect.
Examples
# Specify VLAN-interface 10 as the source interface of Tunnel 1.
<Sysname> system-view
[Sysname] interface tunnel 1 mode gre
[Sysname-Tunnel1] source vlan-interface 10
# Specify 192.100.1.1 as the source address of Tunnel 1.
<Sysname> system-view
[Sysname] interface tunnel 1 mode gre
[Sysname-Tunnel1] source 192.100.1.1
destination
display interface tunnel
interface tunnel
tunnel dfbit enable
Use tunnel dfbit enable to set the Don't Fragment (DF) bit for tunneled packets.
Use undo tunnel dfbit enable to restore the default.
Syntax
tunnel dfbit enable
undo tunnel dfbit enable
Default
The DF bit is not set for tunneled packets.
Views
Tunnel interface view
Predefined user roles
network-admin
Usage guidelines
To avoid fragmentation and delay, set the DF bit for tunneled packets. Make sure the path MTU is larger than the tunneled packet length. To avoid discarding tunneled packets whose length is larger than the path MTU, do not set the DF bit.
This command is not supported on a GRE/IPv6 tunnel interface and an IPv6 tunnel interface.
Examples
# Set the DF bit for tunneled packets on Tunnel 1.
<Sysname> system-view
[Sysname] interface tunnel 1 mode gre
[Sysname-Tunnel1] tunnel dfbit enable
tunnel discard ipv4-compatible-packet
Use tunnel discard ipv4-compatible-packet to enable dropping IPv6 packets that use IPv4-compatible IPv6 addresses.
Use undo tunnel discard ipv4-compatible-packet to restore the default.
Syntax
tunnel discard ipv4-compatible-packet
undo tunnel discard ipv4-compatible-packet
Default
IPv6 packets that use IPv4-compatible IPv6 addresses are not dropped.
Views
System view
Predefined user roles
network-admin
Usage guidelines
This command enables the device to check the source and destination IPv6 addresses of the de-encapsulated IPv6 packets from a tunnel. If a packet uses an IPv4-compatible IPv6 address as the source or destination address, the device discards the packet.
Examples
# Enable dropping IPv6 packets that use IPv4-compatible IPv6 addresses.
<Sysname> system-view
[Sysname] tunnel discard ipv4-compatible-packet
tunnel exceed-mtu
Use tunnel exceed-mtu to specify an action for original packets that include a total length larger than the MTU of the output tunnel interface.
Use undo tunnel exceed-mtu to restore the default.
|
NOTE: This command is supported only in Release 6635 and later. |
Syntax
tunnel exceed-mtu { fragment | drop }
undo tunnel exceed-mtu
Default
The device does not fragment or drop original packets that include a total length larger than the MTU of the output tunnel interface.
Views
System view
Predefined user roles
network-admin
Parameters
fragment: Fragments original packets that include a total length larger than the MTU of the output tunnel interface.
drop: Drops original packets that include a total length larger than the MTU of the output tunnel interface.
Usage guidelines
On the device that performs hardware forwarding, the hardware does not check the length of the original packets to be tunneled. The length of the original packets in this feature refers to the total packet length included in the header of the original packets. The device does not fragment an original packet if its length is larger than the MTU of the output tunnel interface. With this command, the device handles the original packets to be tunneled as follows on a tunnel interface:
· If the length of the original packets is smaller than or equal to the tunnel interface MTU, the device performs hardware forwarding for the packets.
· If the length of the original packets is larger than the tunnel interface MTU, the device performs software forwarding for the packets.
¡ If the DF bit is set, the device drops the packets. For the device to send ICMP destination unreachable packets to the source, execute the ip unreachables enable command to enable sending of ICMP destination unreachable packets.
¡ If the DF bit is not set, the device fragments or drops the packets depending on the action configuration.
When you use the undo tunnel exceed-mtu command to restore the default, the device performs hardware forwarding for all packets.
You can use the ip mtu or mtu command to set the MTU of a tunnel interface.
· If neither of the command is used, the MTU of the tunnel interface is identical to the outgoing interface's MTU minus the length of the tunnel headers. The outgoing interface is automatically obtained through routing table lookup based on the tunnel destination address.
· If you use only one of the commands, the command setting takes effect.
· If both the commands are used on a tunnel interface, the ip mtu command takes effect.
Examples
# Fragment original packets that include a total length larger than the MTU of the output tunnel interface.
<Sysname> system-view
[Sysname] tunnel exceed-mtu fragment
Related commands
ip mtu (Layer 3—IP Services Command Reference)
ip unreachables enable (Layer 3—IP Services Command Reference)
mtu
tunnel ip-in-ip decapsulate-any
Use tunnel ip-in-ip decapsulate-any to configure a source-destination address pair for IPv4-in-IPv4 packet decapsulation.
Use undo tunnel ip-in-ip decapsulate-any to restore the default.
|
NOTE: This command is supported only in Release 6635 and later. |
Syntax
tunnel ip-in-ip decapsulate-any [ destination ip-address ] source { ip-address | interface-type interface-number | direct }
undo tunnel ip-in-ip decapsulate-any
Views
System view
Default
No source-destination address pair is configured for IPv4-in-IPv4 packet decapsulation.
Predefined user roles
network-admin
Parameters
destination ip-address: Specifies a destination address. The IP address can be any IP address. If you do not specify a destination address, IP address 1.1.1.1 is used as the destination address for IPv4-in-IPv4 packet decapsulation.
source ip-address: Specifies a local IP address as the source IP address. The IP address can be an IP address on any of the following interfaces:
· Layer 3 interfaces (except subinterfaces, interfaces in VPN instances, and inloopback interfaces).
· VLAN interfaces.
· Loopback interfaces.
source interface-type interface-number: Specifies a source interface by its type and number. The primary IP address of the interface is used as the source IP address.
source direct: Specifies a group of local IP addresses as the source IP addresses. If you specify this keyword, the system traverses all Layer 3 interfaces, VLAN interfaces, and loopback interfaces in up state on the device. The source IP addresses used for packet decapsulation are the primary IP addresses of the first 1000 interfaces (except subinterfaces, interfaces in VPN instances, and inloopback interfaces).
Usage guidelines
In some scenarios, a host needs to construct multi-layer encapsulated IPv4-in-IPv4 packets to detect whether a transmission path is reachable. Use this command on each node along the transmission path to configure a source-destination address pair used to decapsulate the IPv4-in-IPv4 packets.
Configure a source-destination address pair on each node along the path to be detected. On the end node, you can specify a source IP address, a source interface, or a group of source IP addresses. On the other nodes, you must use the source direct keyword to specify a group of source IP addresses.
Examples
# Configure a source-destination address pair for IPv4-in-IPv4 packet decapsulation. The destination IP address is 2.2.2.3 and the source IP address is 192.100.1.1.
<Sysname> system-view
[Sysname] tunnel ip-in-ip decapsulate-any destination 2.2.2.3 source 192.100.1.1
# Specify a group of IP addresses as the source IP addresses for IPv4-in-IPv4 packet decapsulation.
<Sysname> system-view
[Sysname] tunnel ip-in-ip decapsulate-any source direct
tunnel log updown with-tag
Use tunnel log updown with-tag to add the TUNNEL string to the PHY_UPDOWN log mnemonic for tunnel interfaces.
Use undo tunnel log updown with-tag to remove the TUNNEL string from the PHY_UPDOWN log mnemonic for tunnel interfaces.
Syntax
tunnel log updown with-tag
undo tunnel log updown with-tag
Default
The PHY_UPDOWN log mnemonic for tunnel interfaces does not contain the TUNNEL string.
Views
System view
Predefined user roles
network-admin
Usage guidelines
This command adds the TUNNEL string to the PHY_UPDOWN log mnemonic for tunnel interfaces. Use this command if you want to identify the interface state change logs for tunnel interfaces by using a regular expression that contains the TUNNEL string.
A tunnel interface state change log without the TUNNEL string in the mnemonic:
%Jan 8 18:45:33:621 2011 Sysname IFNET/3/PHY_UPDOWN: Physical state on the interface Tunnel1 changed to down.
A tunnel interface state change log with the TUNNEL string in the mnemonic:
%Jan 8 18:45:33:621 2011 Sysname IFNET/3/TUNNEL_PHY_UPDOWN: Physical state on the interface Tunnel1 changed to down.
Examples
# Add the TUNNEL string to the PHY_UPDOWN log mnemonic for tunnel interfaces.
<Sysname> system-view
[Sysname] tunnel log updown with-tag
tunnel tos
Use tunnel tos to set the ToS of tunneled packets.
Use undo tunnel tos to restore the default.
Syntax
tunnel tos tos-value
undo tunnel tos
Default
The ToS of tunneled packets is the same as the ToS of the original packets.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
tos-value: Specifies the ToS of tunneled packets, in the range of 0 to 255.
Usage guidelines
After you configure this command, all the tunneled packets of different services sent on the tunnel interface will use the same configured ToS. For more information about ToS, see ACL and QoS Configuration Guide.
This command takes effect only on packets forwarded through software forwarding. It cannot take effect on packets forwarded through hardware forwarding.
Examples
# Set the ToS of tunneled packets to 20 on Tunnel 1.
<Sysname> system-view
[Sysname] interface tunnel 1 mode gre
[Sysname-Tunnel1] tunnel tos 20
Related commands
display interface tunnel
tunnel ttl
Use tunnel ttl to set the Time to Live (TTL) of tunneled packets.
Use undo tunnel ttl to restore the default.
Syntax
tunnel ttl ttl-value
undo tunnel ttl
Default
The TTL of tunneled packets is 255.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
ttl-value: Specifies the TTL of tunneled packets, in the range of 1 to 255.
Usage guidelines
The TTL determines the maximum number of hops that the tunneled packets can pass. When the TTL expires, the tunneled packets are discarded to avoid loops.
Examples
# Set the TTL of tunneled packets to 100 on Tunnel 1.
<Sysname> system-view
[Sysname] interface tunnel 1 mode gre
[Sysname-Tunnel1] tunnel ttl 100
Related commands
display interface tunnel
tunnel vpn-instance
Use tunnel vpn-instance to specify a VPN instance for the destination address of a tunnel interface.
Use undo tunnel vpn-instance to restore the default.
|
NOTE: This command is supported only in Release 6635 and later. |
Syntax
tunnel vpn-instance vpn-instance-name
undo tunnel vpn-instance
Default
The destination address of a tunnel interface belongs to the public network.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters.
Usage guidelines
After this command is executed, the device looks up the routing table of the specified VPN instance to forward tunneled packets on the tunnel interface.
For a tunnel interface to come up, the tunnel source and destination must belong to the same VPN instance. To specify a VPN instance for the tunnel source, use the ip binding vpn-instance command on the tunnel source interface.
Examples
# Specify VPN instance vpn10 for the tunnel destination on Tunnel 1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn10
[Sysname-vpn-instance-vpn10] route-distinguisher 1:1
[Sysname-vpn-instance-vpn10] vpn-target 1:1
[Sysname-vpn-instance-vpn10] quit
[Sysname] interface vlan-interface 10
[Sysname-Vlan-interface10] ip binding vpn-instance vpn10
[Sysname-Vlan-interface10] ip address 1.1.1.1 24
[Sysname-Vlan-interface10] quit
[Sysname] interface tunnel 1 mode gre
[Sysname-Tunnel1] source vlan-interface 10
[Sysname-Tunnel1] destination 1.1.1.2
[Sysname-Tunnel1] tunnel vpn-instance vpn10
Related commands
ip binding vpn-instance (MPLS Command Reference)