- Table of Contents
-
- H3C S3600 Series Ethernet Switches Command Manual-Release 1510(V1.04)
- 00-1Cover
- 01-CLI Command
- 02-Login Command
- 03-Configuration File Management Command
- 04-VLAN Command
- 05-IP Address and Performance Configuration Command
- 06-Management VLAN Command
- 07-Voice VLAN Command
- 08-GVRP Command
- 09-Port Basic Configuration Command
- 10-Link Aggregation Command
- 11-Port Isolation Command
- 12-Port Security-Port Binding Command
- 13-DLDP Command
- 14-MAC Address Table Command
- 15-Auto Detect Command
- 16-MSTP Command
- 17-Routing Protocol Command
- 18-Multicast Command
- 19-802.1x Command
- 20-AAA-RADIUS-HWTACACS-EAD Command
- 21-VRRP Command
- 22-Centralized MAC Address Authentication Command
- 23-ARP Command
- 24-DHCP Command
- 25-ACL Command
- 26-QoS-QoS Profile Command
- 27-Web Cache Redirection Command
- 28-Mirroring Command
- 29-IRF Fabric Command
- 30-Cluster Command
- 31-PoE-PoE Profile Command
- 32-UDP Helper Command
- 33-SNMP-RMON Command
- 34-NTP Command
- 35-SSH Terminal Service Command
- 36-File System Management Command
- 37-FTP and TFTP Command
- 38-Information Center Command
- 39-System Maintenance and Debugging Command
- 40-VLAN-VPN Command
- 41-HWPing Command
- 42-DNS Command
- 43-Access Management Command
- 44-Appendix
- Related Documents
-
Title | Size | Download |
---|---|---|
18-Multicast Command | 320 KB |
Chapter 1 IGMP Snooping Configuration Commands
1.1 IGMP Snooping Configuration Commands
1.1.1 display igmp-snooping configuration
1.1.2 display igmp-snooping group
1.1.3 display igmp-snooping statistics
1.1.5 igmp-snooping fast-leave
1.1.6 igmp-snooping general-query source-ip
1.1.7 igmp-snooping group-limit
1.1.8 igmp-snooping group-policy
1.1.9 igmp-snooping host-aging-time
1.1.10 igmp-snooping max-response-time
1.1.12 igmp-snooping query-interval
1.1.13 igmp-snooping router-aging-time
1.1.14 reset igmp-snooping statistics
Chapter 2 Common IP Multicast Configuration Commands
2.1 Common IP Multicast Configuration Commands
2.1.1 display mpm forwarding-table
2.1.3 display multicast forwarding-table
2.1.4 display multicast routing-table
2.1.5 display multicast-source-deny
2.1.7 multicast routing-enable
2.1.9 reset multicast forwarding-table
2.1.10 reset multicast routing-table
Chapter 3 Multicast MAC Address Entry Configuration Commands
3.1 Multicast MAC Address Entry Configuration Commands
3.1.1 mac-address multicast interface
3.1.2 mac-address multicast vlan
3.1.3 display mac-address multicast static
Chapter 4 Unknown Multicast Drop Configuration Command
4.1 Unknown Multicast Drop Configuration Command
4.1.1 unknown-multicast drop enable
Chapter 5 IGMP Configuration Commands
5.1 IGMP Configuration Commands
5.1.9 igmp lastmember-queryinterval
5.1.13 igmp timer other-querier-present
Chapter 6 PIM Configuration Commands
6.1 PIM Configuration Commands
6.1.8 display pim routing-table
6.1.19 reset pim routing-table
Chapter 7 MSDP Configuration Commands
7.1 MSDP Configuration Commands
7.1.3 display msdp peer-status
Chapter 1 IGMP Snooping Configuration Commands
& Note:
l AmongS3600 series Ethernet switches,S3600-EI series support all the multicast protocols listed in this manual, whileS3600-SI series only support IGMP Snooping
l An Ethernet switch serves as a router when an IP multicast protocol is running on it. The routers mentioned here refer to common routers and Layer 3 Ethernet switches running an IP multicast protocol.
1.1 IGMP Snooping Configuration Commands
1.1.1 display igmp-snooping configuration
Syntax
display igmp-snooping configuration
View
Any view
Parameter
None
Description
Use the display igmp-snooping configuration command to display IGMP Snooping configuration information.
When IGMP Snooping is enabled on the switch, this command displays the following information: IGMP Snooping status, aging time of the router port, query response timeout time, and aging time of multicast member ports.
Related command: igmp-snooping.
Example
# Display IGMP Snooping configuration information on the switch.
<H3C> display igmp-snooping configuration
Enable IGMP-Snooping.
The router port timeout is 105 second(s).
The max response timeout is 10 second(s).
The host port timeout is 260 second(s).
The above-mentioned information shows: IGMP Snooping is enabled, the aging time of the router port is 105 seconds, the query response timeout time is 10 seconds, and the aging time of multicast member ports is 260 seconds.
1.1.2 display igmp-snooping group
Syntax
display igmp-snooping group [ vlan vlan-id ]
View
Any view
Parameter
vlan-id: VLAN under which the multicast group information is to be displayed. If you do not provide this argument, this command displays the multicast group information of all VLANs.
Description
Use the display igmp-snooping group command to display information about the IP and MAC multicast groups under the specified VLAN (with vlan vlan-id) or all VLANs (without vlan vlan-id).
This command displays the following information: VLAN ID, router port, IP multicast group address, member ports included in the IP multicast group, MAC multicast group, MAC multicast group address, and member ports included in the MAC multicast group.
Example
# Display the information about the multicast groups under all the VLANs.
<H3C> display igmp-snooping group
Total 1 IP Group(s).
Total 1 MAC Group(s).
Vlan(id):99.
Total 1 IP Group(s).
Total 1 MAC Group(s).
Static Router port(s):
Ethernet1/0/11
Dynamic Router port(s):
Ethernet1/0/22
IP group(s):the following ip group(s) match to one mac group.
IP group address:228.0.0.0
Static host port(s):
Ethernet1/0/23
Dynamic host port(s):
Ethernet1/0/10
MAC group(s):
MAC group address:0100-5e00-0000
Host port(s):Ethernet1/0/10 Ethernet1/0/23
Table 1-1 Description on the fields of the display igmp-snooping group command
Field |
Description |
Total 1 IP Group(s). Total 1 MAC Group(s). |
Total number of IP multicast groups and MAC multicast groups |
Vlan(id): |
ID of the VLAN whose multicast group information is displayed |
Static Router port(s): |
Static router port |
Dynamic Router port(s): |
Dynamic router port |
IP group address: |
IP address of a multicast group |
MAC group(s): |
MAC multicast group |
MAC group address: |
Address of a MAC multicast group |
Host port(s) |
Member ports |
1.1.3 display igmp-snooping statistics
Syntax
display igmp-snooping statistics
View
Any view
Parameter
None
Description
Use the display igmp-snooping statistics command to display IGMP Snooping statistics.
This command displays the following information: the numbers of the IGMP general query packets, IGMP group-specific query packets, IGMPv1 report packets, IGMPv2 report packets, IGMP leave packets and error IGMP packets received, and the number of the IGMP group-specific query packets sent.
Related command: igmp-snooping.
Example
# Display IGMP Snooping statistics.
<H3C> display igmp-snooping statistics
Received IGMP general query packet(s) number:0.
Received IGMP specific query packet(s) number:0.
Received IGMP V1 report packet(s) number:0.
Received IGMP V2 report packet(s) number:0.
Received IGMP leave packet(s) number:0.
Received error IGMP packet(s) number:0.
Sent IGMP specific query packet(s) number:0.
The information above shows that IGMP receives:
l zero IGMP general query packets
l zero IGMP specific query packets
l zero IGMPv1 report packets
l zero IGMPv2 report packets
l zero IGMP leave packets
l zero IGMP error packets
IGMP Snooping sends:
l zero IGMP specific query packets
1.1.4 igmp-snooping
Syntax
igmp-snooping { enable | disable }
View
System view
Parameter
enable: Enables the IGMP Snooping feature.
disable: Disables the IGMP Snooping feature.
Description
Use the igmp-snooping enable command to enable the IGMP Snooping feature.
Use the igmp-snooping disable command to disable the IGMP Snooping feature.
By default, the IGMP Snooping feature is disabled.
Caution:
l To configure IGMP Snooping in VLAN view, you should first enable IGMP Snooping globally in system view, and then enable IGMP Snooping in VLAN view. Otherwise, the IGMP Snooping function does not take effect.
l If you enable both IGMP Snooping and VLAN VPN in a VLAN, IGMP query messages may fail to pass the VLAN.
Example
# Enable the IGMP Snooping feature on the switch.
<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C] igmp-snooping enable
Enable IGMP-Snooping ok.
1.1.5 igmp-snooping fast-leave
Syntax
igmp-snooping fast-leave [ vlan vlan-list ]
undo igmp-snooping fast-leave [ vlan vlan-list ]
View
System view, Ethernet port view
Parameter
vlan-list: List of VLANs. You can specify multiple VLANs by providing this argument in the form of vlan-list = { vlan-id [ to vlan-id ] } & < 1-10 >, where vlan-id is the ID of the VLAN, in the range of 1 to 4,094 and & < 1-10 > means that you can provide up to 10 VLANs/VLAN ranges for this argument.
Description
Use the igmp-snooping fast-leave command to enable IGMP fast leave processing.
Use the undo igmp-snooping fast-leave command to cancel the configuration.
By default, IGMP fast leave processing is disabled.
Normally, upon receipt of an IGMP Leave message, Switch does not immediately remove the port from the multicast group, but sends a group-specific query message. If no response is received in a given period, it then removes the port from the multicast group.
After this command is executed, upon receipt of an IGMP Leave packet, Switch removes the port from the multicast group directly. When the port is connected to only one user, enabling IGMP fast leave processing can save bandwidth.
& Note:
l This feature is effective for IGMPv2-enabled clients only.
l When this feature is enabled, if one of the multiple users on a port leaves, the multicast services for the other users in the same multicast group may be interrupted.
Example
# Enable IGMP fast leave processing on Ethernet1/0/1.
<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C] interface Ethernet 1/0/1
[H3C-Ethernet1/0/1] igmp-snooping fast-leave
1.1.6 igmp-snooping general-query source-ip
Syntax
igmp-snooping general-query source-ip { current-interface | ip-address }
undo igmp-snooping general-query source-ip
View
VLAN view
Parameter
current-interface: Specifies the current interface whose IP address is selected by the Layer 2 multicast switch.
ip-address: Source IP address of the general query packet that the Layer 2 multicast switch sends.
Description
Use the igmp-snooping general-query source-ip current-interface command to configure the Layer 2 multicast switch to use the IP address of the current VLAN interface as the source IP address of the general query packets that the Layer 2 multicast switch sends. If no IP address is configured on the current VLAN interface, the default IP address 0.0.0.0. is used as the default source IP address.
Use the igmp-snooping general-query source-ip ip-address command to configure the Layer 2 multicast switch to use the specified IP address as the source IP address when sending general query packets.
Use the undo igmp-snooping general-query source-ip command to configure the Layer 2 multicast switch to use the default IP address as the source address when sending general query packets.
These commands are effective after the IGMP Snooping querier is enabled on the switch; otherwise, the switch cannot send general query packets.
By default, the Layer 2 multicast switch sends general query packets with the source IP address 0.0.0.0.
Example
# Configure the Layer 2 multicast switch to send general query packets with the source IP address 2.2.2.2 in VLAN 3.
<H3C> system-view
System view, return to user view with Ctrl+Z.
[H3C] igmp-snooping enable
[H3C] vlan 3
[H3C-vlan3] igmp-snooping enable
[H3C-vlan3] igmp-snooping querier
[H3C-vlan3] igmp-snooping general-query source-ip 2.2.2.2
1.1.7 igmp-snooping group-limit
Syntax
igmp-snooping group-limit limit [ vlan vlan-list ] [ overflow-replace ]
undo igmp-snooping group-limit [ vlan vlan-list ]
View
Ethernet port view
Parameter
limit: Maximum number of multicast groups the port can join, in the range of 1 to 256.
overflow-replace: Allows a new multicast group to replace an existing multicast group and the multicast group with the lowest IP address is replaced first.
vlan-list: List of VLANs. You can specify multiple VLANs by providing this argument in the form of vlan-list = { vlan-id [ to vlan-id ] }&<1-10>, where &<1-10> means that you can provide up to 10 VLANs/VLAN ranges for this argument. VLAN ID ranges from 1 to 4094.
Description
Use the igmp-snooping group-limit command to define the maximum number of multicast groups the port can join.
Use the undo igmp-snooping group-limit command to restore the default setting.
By default, there is no limit on the number of multicast groups the port can join.
Example
# Allow Ethernet1/0/1 to join at most 200 multicast groups.
<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C] interface Ethernet 1/0/1
[H3C-Ethernet1/0/1] igmp-snooping group-limit 200
1.1.8 igmp-snooping group-policy
Syntax
igmp-snooping group-policy acl-number [ vlan vlan-list ]
undo igmp-snooping group-policy [ vlan vlan-list ]
View
System view, Ethernet port view
Parameter
acl-number: Basic ACL number, in the range of 2000 to 2999.
vlan-id: vlan-list: List of VLANs. You can specify multiple VLANs by providing this argument in the form of vlan-list = { vlan-id [ to vlan-id ] }&<1-10>, where &<1-10> means that you can provide up to 10 VLANs/VLAN ranges for this argument. VLAN ID ranges from 1 to 4094.
Description
Use the igmp-snooping group-policy command to configure an IGMP Snooping filtering ACL.
Use the undo igmp-snooping group-policy command to remove the IGMP Snooping filtering ACL.
By default, no IGMP Snooping filtering ACL is configured.
You can configure multicast filtering ACLs globally or on the switch ports connected to user ends so as to use the IGMP Snooping filter function to limit the multicast streams that the users can access. With this function, you can treat different VoD users in different ways by allowing them to access the multicast streams in different multicast groups.
In practice, when a user orders a multicast program, an IGMP host report message is generated. When the message arrives at the switch, the switch examines the multicast filtering ACL configured on the access port to determine if the port can join the corresponding multicast group or not. If yes, it adds the port to the forward port list of the multicast group; if not, it drops the IGMP host report message and does not forward the corresponding data stream to the port. In this way, you can control the multicast streams that users can access.
An ACL rule defines a multicast address or a multicast address range (for example 224.0.0.1 to 239.255.255.255) and is used to:
l Allow the port(s) to join only the multicast group(s) defined in the rule by a permit statement.
l Inhibit the port(s) from joining the multicast group(s) defined in the rule by a deny statement.
& Note:
l One port can belong to multiple VLANs. But for each VLAN on the port, you can configure only one ACL.
l If no ACL rule is configured or the port does not belong to the specified VLAN, the filter ACL you configured does not take effect on the port.
l Since most devices broadcast unknown multicast packets, this function is often used together with the unknown multicast packet drop function to prevent multicast streams from being broadcast to a filtered port as unknown multicast packets.
Example
# Configure ACL 2000 to allow users under Ethernet1/0/1 to access the multicast streams in groups 225.0.0.0 to 225.255.255.255.
l Configure ACL 2000.
<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C] acl number 2000
[H3C-acl-basic-2000] rule permit source 225.0.0.0 0.255.255.255
[H3C-acl-basic-2000] quit
l Create VLAN 2 and add Ethernet1/0/1 to VLAN 2.
[H3C] vlan 2
[H3C-vlan2] port Ethernet 1/0/1
[H3C-vlan2] quit
l Configure ACL 2000 on Ethernet1/0/1 to allow this VLAN 2 port to join only the IGMP multicast groups defined in the rule of ACL 2000.
[H3C] interface Ethernet 1/0/1
[H3C-Ethernet1/0/1] igmp-snooping group-policy 2000 vlan 2
[H3C-Ethernet1/0/1] quit
# Configure ACL 2001 to allow users under Ethernet1/0/2 to access the multicast streams in any groups except groups 225.0.0.0 to 225.0.0.255.
l Configure ACL 2001.
[H3C] acl number 2001
[H3C-acl-basic-2001] rule deny source 225.0.0.0 0.0.0.255
[H3C-acl-basic-2001] rule permit source any
[H3C-acl-basic-2001] quit
l Create VLAN 2 and add Ethernet1/0/2 to VLAN 2.
[H3C] vlan 2
[H3C-vlan2] port Ethernet 1/0/2
[H3C-vlan2] quit
l Configure ACL 2001 on Ethernet1/0/2 to allow this VLAN 2 port to join any IGMP multicast groups except those defined in the deny rule of ACL 2001.
[H3C] interface Ethernet 1/0/2
[H3C-Ethernet1/0/2] igmp-snooping group-policy 2001 vlan 2
1.1.9 igmp-snooping host-aging-time
Syntax
igmp-snooping host-aging-time seconds
undo igmp-snooping host-aging-time
View
System view
Parameter
seconds: Aging time (in seconds) of multicast member ports, in the range of 200 to 1,000.
Description
Use the igmp-snooping host-aging-time command to configure the aging time of multicast member port.
Use the undo igmp-snooping host-aging-time command to restore the default aging time.
By default, the aging time of multicast member ports is 260 seconds.
The aging time of multicast member ports determines the refresh frequency of multicast group members. In an environment where multicast group members change frequently, a relatively shorter aging time is required.
Related command: igmp-snooping.
Example
# Set the aging time of multicast member ports to 300 seconds.
<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C] igmp-snooping host-aging-time 300
1.1.10 igmp-snooping max-response-time
Syntax
igmp-snooping max-response-time seconds
undo igmp-snooping max-response-time
View
System view
Parameter
seconds: Query response timeout time in seconds, in the range of 1 to 25.
Description
Use the igmp-snooping max-response-time command to configure the query response timeout time.
Use the undo igmp-snooping max-response-time command to restore the default timeout time.
By default, the query response timeout time is 10 seconds.
Related command: igmp-snooping, igmp-snooping router-aging-time.
Example
# Set the query response timeout time to 15 seconds.
<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C] igmp-snooping max-response-time 15
1.1.11 igmp-snooping querier
Syntax
igmp-snooping querier
undo igmp-snooping querier
View
VLAN view
Parameter
None
Description
Use the igmp-snooping querier command to enable the IGMP Snooping querier feature on the current VLAN of the Layer 2 multicast switch.
Use the undo igmp-snooping querier command to disable the IGMP Snooping querier feature on the current VLAN of the Layer 2 multicast switch.
By default, the IGMP Snooping querier feature of the Layer 2 multicast switch is disabled.
Example
# Enable the IGMP Snooping feature on VLAN 3 of the Layer 2 multicast switch.
<H3C> system-view
System view, return to user view with Ctrl+Z.
[H3C] igmp-snooping enable
[H3C] vlan 3
[H3C-vlan3] igmp-snooping enable
[H3C-vlan3] igmp-snooping querier
1.1.12 igmp-snooping query-interval
Syntax
igmp-snooping query-interval seconds
undo igmp-snooping query-interval
View
VLAN view
Parameter
seconds: Interval for the Layer 2 multicast switch to send general query packets.
Description
Use the igmp-snooping query-interval command to configure the interval for the Layer 2 multicast switch to send general query packets.
Use the undo igmp-snooping query-interval command to restore the interval to the default value.
These commands are effective after the IGMP Snooping querier feature is enabled. Otherwise, the switch will not send general query packets. The configured query interval must be longer than the maximum response interval of the host,
By default, the Layer 2 multicast switch sends general query packets at the interval of 60 seconds.
Example
# Configure the Layer 2 multicast switch to send general query packets at the interval of 100 seconds on VLAN 3.
<H3C> system-view
System view, return to user view with Ctrl+Z.
[H3C] igmp-snooping enable
[H3C] vlan 3
[H3C-vlan3] igmp-snooping enable
[H3C-vlan3] igmp-snooping querier
[H3C-vlan3] igmp-snooping query-interval 100
1.1.13 igmp-snooping router-aging-time
Syntax
igmp-snooping router-aging-time seconds
undo igmp-snooping router-aging-time
View
System view
Parameter
seconds: Aging time (in seconds) of the router port, in the range of 1 to 1,000.
Description
Use the igmp-snooping router-aging-time command to configure the aging time of the IGMP Snooping router port.
Use the undo igmp-snooping router-aging-time command to restore the default aging time.
By default, the aging time of the router port is 105 seconds.
The router port here refers to the port connecting the Layer 2 switch to the router. The Layer 2 switch receives IGMP general query messages from the router through this port. The aging time of the router port should be a value about 2.5 times of the general query interval.
Related command: igmp-snooping max-response-time, igmp-snooping.
Example
# Set the aging time of the router port to 500 seconds.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] igmp-snooping router-aging-time 500
1.1.14 reset igmp-snooping statistics
Syntax
reset igmp-snooping statistics
View
User view
Parameter
None
Description
Use the reset igmp-snooping statistics command to clear IGMP Snooping statistics.
Related command: igmp-snooping.
Example
# Clear IGMP Snooping statistics.
<H3C> reset igmp-snooping statistics
1.1.15 service-type multicast
Syntax
service-type multicast
undo service-type multicast
View
VLAN view
Parameter
None
Description
Use the service-type multicast command to set the current VLAN as a multicast VLAN.
Use the undo service-type multicast command to cancel the multicast VLAN setting.
By default, no VLAN is a multicast VLAN.
By configuring a multicast VLAN, adding the corresponding switch ports to the multicast VLAN, and enabling IGMP Snooping, you can allow users in different VLANs to share the same multicast VLAN. This saves bandwidth since multicast stream is transmitted only within the multicast VLAN, and also guarantees the security because the multicast VLAN is completely isolated from the user VLANs.
& Note:
l Isolate VLANs cannot be set as multicast VLANs.
l One port belongs to one multicast VLAN only.
l The type of ports connected to the user terminal must be hybrid.
l The multicast member port must be in the same multicast VLAN with the router port. Otherwise, the port cannot receive multicast packets.
l If a router port is added to a multicast VLAN, the router port must be configured as a trunk port or tagged hybrid port. Otherwise, all the multicast member ports in this multicast VLAN cannot receive multicast packets.
l If a multicast member port needs to receive packets forwarded by the router port that does not belong to any multicast VLAN, the multicast member port must be removed from the multicast VLAN. Otherwise, the port cannot receive multicast packets.
Example
# Configure VLAN 2 as a multicast VLAN.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] vlan 2
[H3C-vlan2] service-type multicast
Chapter 2 Common IP Multicast Configuration Commands
2.1 Common IP Multicast Configuration Commands
2.1.1 display mpm forwarding-table
Syntax
display mpm forwarding-table [ group-address ]
View
Any view
Parameter
group-address: IP address of a multicast group, in the range 224.0.0.0 to 239.255.255.255.
Description
Use the display mpm forwarding-table command to display the information about a multicast forward table/all the multicast forward tables containing port information.
With the group-address argument provided, this command only displays the matched (*, G) entries. Otherwise, this command displays all the entries.
To display the information about a multicast forward table that does not contain port information, use the display multicast forwarding-table command.
Example
# Display the information about all the multicast forward tables containing port information.
<H3C> display mpm forwarding-table
Total 1 entry(entries)
00001. (120.0.0.2, 225.0.0.2)
iif Vlan-interface1200
1 oif(s):
Vlan-interface32
Ethernet1/0/19
Total 1 entry(entries) Listed
Table 2-1 Description on the fields of the display mpm forwarding-table command
Field |
Description |
Total 1 entry(entries) |
Total number of the entries |
00001 |
Entry number |
(120.0.0.2, 225.0.0.2) |
Source address-group address pair |
iif Vlan-interface1200 |
The inbound VLAN is VLAN 1200. |
1 oif(s): 2 out-vlan(s): |
Two outbound VLANs exist. |
Vlan-interface32 Ethernet1/0/19 |
The first outbound VLAN is VLAN 32, with Ethernet1/0/19 as the outbound port |
Total 1 entry(entries) Listed |
The multicast forward table contains one (S,G) entry. |
2.1.2 display mpm group
Syntax
display mpm group [ vlan vlan-id ]
View
Any view
Parameter
vlan vlan-id: Specifies a VLAN ID. If you do not specify this keyword-argument combination, all the VLANs are specified.
Description
Use the display mpm group command to display the information about the IP multicast groups and MAC multicast groups in a VLAN/all the VLANs configured on a switch.
The output information includes:
l VLAN ID
l Router interface
l IP multicast group address
l Member port of an IP multicast group
l MAC multicast group
l MAC multicast group address
l Member port of a MAC multicast group
Example
# Display the information about the multicast groups of VLAN2.
<H3C> display mpm group vlan 1200
Total 1 IP Group(s).
Total 1 MAC Group(s).
Vlan(id):1200.
Total 1 IP Group(s).
Total 1 MAC Group(s).
Static router port(s):
Dynamic router port(s):
IP group(s):the following ip group(s) match to one mac group.
IP group address:228.0.0.1
Host port(s):Ethernet1/0/12
MAC group(s):
MAC group address:0100-5e00-0001
Host port(s):Ethernet1/0/12
Table 2-2 Description on the fields of the display mpm group command
Field |
Description |
Vlan(id):1200. |
The information about the multicast groups in VLAN 2 is displayed. |
Dynamic router port(s): |
Dynamic router ports |
IP group(s):the following ip group(s) match to one mac group |
IP multicast groups corresponding to the same MAC multicast group |
IP group address |
Address of an IP multicast group |
Host port(s) |
Member ports of an IP multicast group |
MAC group address |
Address of a MAC multicast group |
Host port(s) |
Member ports of a MAC multicast group |
2.1.3 display multicast forwarding-table
Syntax
display multicast forwarding-table [ group-address [ mask { group-mask | mask-length } ] | source-address [ mask { group-mask | mask-length } ] | incominginterface { interfacetype interfacenumber | register } ]*
View
Any view
Parameter
group-address: Multicast group address used to specify a multicast group, in the range of 224.0.0.0 to 239.255.255.255.
source-address: Unicast IP address of the multicast source.
incoming-interface: Specifies the incoming interface of multicast forwarding entries.
register: Specifies the registration VLAN interface of PIM-SM.
Description
Use the display multicast forwarding-table command to display the information about multicast forwarding tables.
Related command: display multicast routing-table.
Example
# Display the information about the multicast forwarding table.
<H3C> display multicast forwarding-table
Multicast Forwarding Cache Table
Total 1 entry: 0 entry created by IP, 1 entry created by protocol
00001. (10.0.0.4, 225.1.1.1), iif Vlan-interface2, 0 oifs,
Protocol Create
Matched 122 pkts(183000 bytes), Wrong If 0 pkts
Forwarded 122 pkts(183000 bytes)
Total 1 entry Listed
The following table describes the fields in the displayed information above:
Table 2-3 Description on the fields of the display multicast forwarding-table command
Field |
Description |
Multicast Forwarding Cache Table |
Multicast forwarding table |
Total 1 entries |
Total number of entries |
00001 |
Serial number of an entry |
(10.0.0.4, 225.1.1.1) |
(s,g) |
iif Vlan-interface2, 0 oifs |
The incoming interface of the multicast forwarding table is vlan-interface2, and the multicast forwarding table does not have an outgoing interface. |
Matched 122 pkts(183000 bytes), Wrong If 0 pkts Forwarded 122 pkts(183000 bytes) |
122 packets that are 183,000 bytes in all match the (s,g) entry, and 0 wrong packet matches the (s,g) entry. 122 packets that are 183,000 bytes in all are forwarded. |
2.1.4 display multicast routing-table
Syntax
display multicast routing-table [ group-address [ mask { mask | mask-length } ] | source-address [ mask { mask | mask-length } ] | incoming-interface { interface-type interface-number | register } ]*
View
Any view
Parameter
group-address: Multicast group address used to specify a multicast group and display the routing table information corresponding to this group, in the range of 224.0.0.0 to 239.255.255.255.
source-address: Unicast IP address of the multicast source.
incoming-interface: Specifies the incoming interface of the multicast routing entry.
register: Specifies the registration interface of PIM-SM.
Description
Use the display multicast routing-table command to display the information about the IP multicast routing table.
This command is used to display the information about the multicast routing table, while the display multicast forwarding-table command is used to display the information about the multicast forwarding table.
Example
# Display the information about the routing entries corresponding to the multicast group 225.1.1.1.1 in the multicast routing table.
<H3C> display multicast routing-table
Multicast Routing Table
Total 3 entries
(4.4.4.4, 224.2.149.17)
Uptime: 00:15:16, Timeout in 272 sec
Upstream interface: Vlan-interface1(4.4.4.6)
Downstream interface list:
Vlan-interface2(2.2.2.4), Protocol 0x1: IGMP
(4.4.4.4, 224.2.254.84)
Uptime: 00:15:16, Timeout in 272 sec
Upstream interface: Vlan-interface1(4.4.4.6)
Downstream interface list: NULL
(4.4.4.4, 239.255.2.2)
Uptime: 00:02:57, Timeout in 123 sec
Upstream interface: Vlan-interface1(4.4.4.6)
Downstream interface list: NULL
Matched 3 entries
The following table describes the fields in the displayed information.
Table 2-4 Description on the fields of the display multicast routing-table command
Field |
Description |
Multicast Routing Table |
Multicast routing table |
Total 3 entries |
There are three entries in all in the multicast routing table. |
(4.4.4.4, 224.2.149.17) |
(s,g) of the multicast routing table |
Uptime: 00:15:16, Timeout in 272 sec Upstream interface: Vlan-interface1(4.4.4.6) Downstream interface list: Vlan-interface2(2.2.2.4), Protocol 0x1: IGMP |
The entry is up for 15 minutes and 16 seconds, and it times out in 272 seconds. Upstream interface: vlan-interface1 (The IP address of the upstream interface is 4.4.4.6). Downstream interface list: Downstream interface: vlan-interface2. (The IP address of the downstream interface is 2.2.2.4). The downstream interface is added by the IGMP protocol. |
Matched 3 entries |
Three entries match the configuration. |
2.1.5 display multicast-source-deny
Syntax
display multicast-source-deny [ interface interface-type [ interface-number ] ]
View
Any view
Parameter
interface-type: Port type.
interface-number: Port number.
Description
Use the display multicast-source-deny command to display the configuration information about the multicast source port check.
When you use this command to display the information,
l If you specify neither the port type nor the port number, the multicast source port check information about all the ports on the switch is displayed.
l If you specify the port type only, the multicast source port check information about all ports of this type is displayed.
l If you specify both the port type and the port number, the multicast source port check information about the specified port is displayed.
Example
# Display the multicast source port suppression state of Ethernet1/0/1.
<H3C> display multicast-source-deny interface Ethernet 1/0/1
Ethernet1/0/1 Multicast-source-deny disabled.
2.1.6 multicast route-limit
Syntax
multicast route-limit limit
undo multicast route-limit
View
System view
Parameter
limit: Limit on the capacity of the multicast routing table, in the range of 0 to 256.
Description
Use the multicast route-limit command to limit the capacity of the multicast routing table. The router will drop the protocol and data packets of the new (S, G) when the limit is reached.
Use the undo multicast route-limit command to restore the default limit on the capacity of the multicast routing table.
The limit on the capacity of the multicast routing table is 256 by default.
If the number of existing routing entries exceeds the value to be configured when you configure this command, the existing entries in the routing table will not be removed. Instead, the system will prompt that the number of existing routing entries is more than the limit to be configured.
If you execute this command again, the new configuration will overwrite the former configuration.
Example
# Set the limit on the capacity of the multicast routing table to 100.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] multicast route-limit 100
2.1.7 multicast routing-enable
Syntax
multicast routing-enable
undo multicast routing-enable
View
System view
Parameter
None
Description
Use the multicast routing-enable command to enable the IP multicast routing feature.
Use the undo multicast routing-enable command to disable the IP multicast routing feature.
The IP multicast routing feature is disabled by default.
Related command: pim dm, pim sm.
Example
# Enable the IP multicast routing feature.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] multicast routing-enable
2.1.8 multicast-source-deny
Syntax
multicast-source-deny [ interface interface-list ]
undo multicast-source-deny [ interface interface-list ]
View
System view, Ethernet port view
Parameter
interface-list: List of Ethernet ports, expressed in the form of interface-list = { interface-number [ to interface-number ] } & < 1-10 >. The interface-number argument refers to one single Ethernet port, expressed in the form of interface-number = { interface-type interface-number | interface-name }, where the interface-type argument refers to the port type, the interface-number argument refers to the port number, and the interface-name argument refers to the port name. For meanings and value ranges of interface-type, interface-number and interface-name, refer to the parameters described in the “Port Basic Configuration” module in this manual.
Description
Use the multicast-source-deny command to enable the multicast source port suppression feature.
Use the undo multicast-source-deny command to restore the default setting.
By default, the multicast source port suppression feature is disabled on all the ports.
The multicast source port suppression feature can filter multicast packets on an unauthorized multicast source port to avoid the case that the user connected to the port sets the multicast server privately.
In system view, if the interface-list argument is not specified, the multicast source port suppression feature is enabled globally (that is, the feature is enabled on all the ports of the switch); if the interface-list argument is specified, the multicast source port suppression feature is enabled on the specified ports. In Ethernet port view, the interface-list argument cannot be specified in the command and you can use the command to enable the multicast source port suppression feature on the current port only.
Example
# Enable the multicast source port suppression feature on all the ports of the switch.
<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C] multicast-source-deny
# Enable the multicast source port suppression feature on Ethernet1/0/1 through Ethernet1/0/10 and on Ethernet1/0/12.
[H3C] multicast-source-deny interface Ethernet 1/0/1 to Ethernet 1/0/10 Ethernet 1/0/12
2.1.9 reset multicast forwarding-table
Syntax
reset multicast forwarding-table [ statistics ] { all | { group-address [ mask { group-mask | group-mask-length } ] | source-address [ mask { source-mask | source-mask-length } ] | incoming-interface interface-type interface-number } * }
View
User view
Parameter
statistics: Clears the statistics information about MFC forwarding entries if this keyword is specified. If this keyword is not specified, MFC forwarding entries will be cleared.
all: Specifies all MFC forwarding entries.
group-address: Group address.
group-mask: Group address mask.
group-mask-length: Length of group address mask.
source-address: Source address.
source-mask: Source address mask.
source-mask-length: Length of source address mask.
incoming-interface: Specifies the incoming interface of the forwarding entry.
interface-type interface-number: VLAN interface type and VLAN interface number.
Description
The order of the group-address argument and the source-address argument can be reversed. However, you must input valid group addresses and source addresses; otherwise, the system prompts an error.
Related command: reset pim routing-table, reset multicast routing-table, display multicast forwarding-table.
Example
# Clear the forwarding entries whose group address is 225.5.4.3 in the MFC forwarding table.
<H3C> reset multicast forwarding-table 225.5.4.3
# Clear the statistics about the forwarding entries whose group address is 225.5.4.3 in the MFC forwarding table.
<H3C> reset multicast forwarding-table statistics 225.5.4.3
2.1.10 reset multicast routing-table
Syntax
reset multicast routing-table { all | { group-address [ mask { group-mask | group-mask-length } ] | source-address [ mask { source-mask | source-mask-length } ] | incoming-interface interface-type interface-number } * }
View
User view
Parameter
all: Specifies all routing entries in the multicast core routing table.
group-address: Group address.
group-mask: Group address mask.
group-mask-length: Length of group address mask.
source-address: Source address.
source-mask: Source address mask.
source-mask-length: Length of source address mask.
incoming-interface: Specifies the incoming interface of the routing entry.
interface-type interface-number: VLAN interface type and VLAN interface number.
Description
Use the reset multicast routing-table command to clear the routing entries in the multicast core routing table and remove the corresponding forwarding entries in the MFC forwarding table.
The order of the group-address argument and the source-address argument can be reversed. However, you must input valid group addresses and source addresses; otherwise, the system prompts an error.
Related command: reset pim routing-table, reset multicast forwarding-table, display multicast forwarding-table.
Example
# Clear the routing entries whose group address is 225.5.4.3 from the multicast core routing table.
<H3C> reset multicast routing-table 225.5.4.3
Chapter 3 Multicast MAC Address Entry Configuration Commands
3.1 Multicast MAC Address Entry Configuration Commands
3.1.1 mac-address multicast interface
Syntax
mac-address multicast mac-address interface interface-list vlan vlan-id
undo mac-address multicast [ mac-address [ interface interface-list ] vlan vlan-id ]
View
System view
Parameter
mac-address: Multicast MAC address.
vlan-id: VLAN ID.
interface-list: Forward port list. You can specify multiple ports by providing this argument in the format of interface-list = { interface-type interface-number [ to { interface-type interface-number } ] }&<1-10>, where interface-type refers to the port type and interface-number refers to the port number. For meanings and value ranges of interface-type and interface-number, refer to the parameters described in the “Port Basic Configuration” module in this manual.
Description
Use the mac-address multicast command to add a multicast MAC address entry.
Use the undo mac-address multicast command to remove a multicast MAC address entry.
Each multicast MAC address entry contains multicast address, forward port, VLAN ID, and so on.
Related command: display mac-address multicast static.
Example
# Add a multicast MAC address entry, with multicast address 0100-5e0a-0805, forward port Ethernet1/0/1, and VLAN 1 to which the entry belongs.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] mac-address multicast 0100-5e0a-0805 interface Ethernet 1/0/1 vlan 1
3.1.2 mac-address multicast vlan
Syntax
mac-address multicast mac-address vlan vlan-id
undo mac-address multicast [ [ mac-address ] vlan vlan-id ]
View
Ethernet port view
Parameter
mac-address: Multicast MAC address.
vlan-id: VLAN ID.
Description
Use the mac-address multicast vlan command to add a multicast MAC address entry.
Use the undo mac-address multicast vlan command to remove a multicast MAC address entry.
Each multicast MAC address entry contains multicast address, VLAN ID, and so on.
Related command: display mac-address multicast static.
Example
# Add a multicast MAC address entry on Ethernet1/0/1, with multicast address 0100-5e0a-0805 and VLAN 1 to which the entry belongs.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] interface Ethernet1/0/1
[H3C-Ethernet1/0/1]mac-address multicast 0100-5e0a-0805 vlan 1
3.1.3 display mac-address multicast static
Syntax
display mac-address multicast [ static { { { mac-address vlan vlan-id | vlan vlan-id } [ count ] } | count } ]
View
Any view
Parameter
mac-address vlan vlan-id: Displays multicast MAC address entry/entries in the specified VLAN.
count: Displays the number of MAC entries.
vlan-id: ID of the specific VLAN.
Description
Use the display mac-address multicast static command to display the multicast MAC address entry/entries manually configured on the switch.
l Executing this command with neither mac-address nor vlan vlan-id will display the information about all the multicast MAC address entries manually added on the switch, including the multicast MAC address, VLAN ID, state of the MAC address, port number and aging time.
l Executing this command with vlan vlan-id but without mac-address will display the information about all the multicast MAC address entries manually added in the specified VLAN, including the multicast MAC address, VLAN ID, state of the MAC address, port number and aging time.
l Executing this command with both mac-address and vlan vlan-id will display the information about the multicast MAC address entries manually added in the specified VLAN with the specified multicast MAC address, including the multicast MAC address, VLAN ID, state of the MAC address, port number and aging time.
l Executing this command with count will display the information about the number of multicast MAC address entries added on the switch.
Example
# Display all the multicast MAC address entries manually added in VLAN 1.
<H3C>display mac-address multicast static vlan 1
MAC ADDR VLAN ID STATE PORT INDEX AGING TIME(s)
0100-0001-0001 1 Config static Ethernet1/0/1 N/A
Ethernet1/0/2
Ethernet1/0/3
Ethernet1/0/4
--- 1 static mac address(es) found ---
Chapter 4 Unknown Multicast Drop Configuration Command
4.1 Unknown Multicast Drop Configuration Command
4.1.1 unknown-multicast drop enable
Syntax
unknown-multicast drop enable
undo unknown-multicast drop enable
View
System view
Parameter
None
Description
Use the unknown-multicast drop enable command to enable the unknown multicast drop feature on the switch.
Use the undo unknown-multicast drop enable command to disable the unknown multicast drop feature on the switch.
Example
Enable the unknown multicast drop feature.
<H3C> system-view
System view, return to user view with Ctrl+Z.
[H3C] unknown-multicast drop enable
Chapter 5 IGMP Configuration Commands
5.1 IGMP Configuration Commands
5.1.1 display igmp group
Syntax
display igmp group [ group-address | interface interface-type interface-number ]
View
Any view
Parameter
group-address: Multicast group address.
interface-type interface-number: Interface type and VLAN interface number.
Description
Use the display igmp group command to display the member information of an IGMP multicast group.
You can specify to display the information of a group or the member information of the multicast group on a VLAN interface. The displayed information contains the multicast groups that are added by downstream hosts through IGMP or through command line.
Related command: igmp host-join.
Example
# Display the member information of the multicast groups in the system.
<H3C> display igmp group
LoopBack0 (20.20.20.20): Total 3 IGMP Groups reported:
Group Address Last Reporter Uptime Expires
225.1.1.1 20.20.20.20 00:02:04 00:01:15
225.1.1.3 20.20.20.20 00:02:04 00:01:15
225.1.1.2 20.20.20.20 00:02:04 00:01:17
Table 5-1 Description on the fields of the display igmp group command
Field |
Description |
Group address |
Multicast group address |
Last Reporter |
The last host reporting to join the multicast group |
Uptime |
Time elapsed since multicast group was discovered (hh: mm: ss). |
Expires |
Specifies when the member will be removed from the multicast group (hh: mm: ss). |
5.1.2 display igmp interface
Syntax
display igmp interface [ interface-type interface-number ]
View
Any view
Parameter
interface-type interface-number: VLAN interface type and VLAN interface number of the router, used to specify a VLAN interface. If this argument is not specified, the information about all the VLAN interfaces running IGMP is displayed.
Description
Use the display igmp interface command to display the IGMP configuration and running information on a VLAN interface.
Example
# Display the IGMP configuration and running information of all VLAN interfaces.
<H3C> display igmp interface
Vlan-interface1 (10.153.17.99):
IGMP is enabled
Current IGMP version is 2
Value of query interval for IGMP(in seconds): 60
Value of other querier time out for IGMP(in seconds): 120
Value of maximum query response time for IGMP(in seconds): 10
Value of robust count for IGMP: 2
Value of startup query interval for IGMP(in seconds): 15
Value of last member query interval for IGMP(in seconds): 1
Value of query timeout for IGMP version 1(in seconds): 400
Policy to accept IGMP reports: none
Querier for IGMP: 10.153.17.99 (this router)
IGMP group limit is 256
Table 5-2 Description on the fields of the display igmp interface command
Field |
Description |
IGMP version |
IGMP version |
query interval |
Interval of general query |
querier timeout |
Timeout time of the querier |
max query response time |
Maximum time of response to query |
robust count |
IGMP robust count, that is, the times of sending IGMP group-specific query packets before the IGMP querier receives the IGMP leave packet from the host |
startup query interval |
The startup interval of IGMP to send query packets |
last member query interval |
The interval of sending IGMP group-specific query packets when the IGMP querier receives the IGMP leave packets from the host |
query timeout |
Query timeout time in IGMP version 1 |
Policy to accept IGMP reports |
The filtering policy of the IGMP multicast group to control the access to IP multicast groups |
Querier for IGMP |
IGMP querier |
IGMP group limit |
Limit on the number of IGMP groups added to the VLAN interface. The router does not process new IGMP packet if the number of IGMP packet exceeds the limit |
5.1.3 igmp enable
Syntax
igmp enable
undo igmp enable
View
VLAN interface view
Parameter
None
Description
Use the igmp enable command to enable IGMP on a VLAN interface.
Use the undo igmp enable command to disable IGMP on a VLAN interface.
By default, IGMP is disabled on a VALN interface. .
These commands do not take effect until the multicast routing feature is enabled. You need to use this command before you can configure other IGMP features.
Related command: multicast routing-enable.
Example
# Enable IGMP on Vlan-interface10.
<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C] interface Vlan-interface 10
[H3C-Vlan-interface10] igmp enable
5.1.4 igmp group-limit
Syntax
igmp group-limit limit
undo igmp group-limit
View
VALN interface view
Parameter
limit: Quantity of multicast groups, in the range of 0 to 256.
Description
Use the igmp group-limit command to limit the number of multicast groups on an interface. The router does not process any new IGMP Join request when the number of IGMP groups on the interface exceeds the limit.
Use the undo igmp group-limit command to restore the default setting.
By default, up to 256 IGMP groups can be added on an interface.
If you use the command for a second time, the new configuration overwrites the old one.
Caution:
l No new group can be added if the number of IGMP multicast groups has exceeded the configured limit.
l If the limit on the number of IGMP packets is 1, a new group takes precedence; that is, the system automatically replaces an existing multicast group with the new multicast group, and the former multicast group leaves the interface automatically.
l If the number of existing multicast groups on the interface is greater than the configured limit, the system removes some existing groups automatically to satisfy the configured limit.
Example
# Limit the maximum number of IGMP groups on Vlan-interface10 to 100.
<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C] interface Vlan-interface 10
[H3C-Vlan-interface10] igmp group-limit 100
5.1.5 igmp group-policy
Syntax
igmp group-policy acl-number [ 1 | 2 | port interface-list ]
undo igmp group-policy [ port interface-list ]
View
VLAN interface view
Parameter
acl-number: Number of the basic IP ACL number, defining a multicast group range. The value ranges from 2,000 to 2,999.
1: Specifies IGMP version 1.
2: Specifies IGMP version 2. If IGMP version is not specified, version 2 will be used by default.
port: Limits the IGMP packets passing through the port and matching the ACL rules.
interface-list: Forward port list. You can specify multiple ports by providing this argument in the form of interface-list = { interface-type interface-number [ to { interface-type interface-number } ] }&<1-10>, where the interface-type argument refers to the port type, and the interface-number argument refers to the port number. For the meanings and value ranges of the interface-type argument and the interface-number argument, refer to the parameter descriptions in the “Port Basic Configuration” module in this manual.
Description
Use the igmp group-policy command to set the filter of multicast groups on the VLAN interface to control the access to IP multicast groups.
Use undo igmp group-policy command to remove the filter configured.
By default, no filter is configured; that is, a host can join any multicast group.
If you do not want the hosts on the network where the VLAN interface resides to join some multicast groups and to receive packets from the multicast groups, use this command to limit the range of the multicast groups serviced by the VLAN interface.
Related command: igmp host-join.
Caution:
Ethernet ports must belong to the igmp-group-policy-enabled VLAN interfaces only.
Example
# Configure ACL 2000.
<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C] acl number 2000
[H3C-acl-basic-2000] rule permit source 225.0.0.0 0.255.255.255
[H3C-acl-basic-2000] quit
# Configure that only the hosts matching ACL 2000 rules on VLAN-interface10 can be added to the multicast group whose IGMP version is specified as 2.
[H3C] interface Vlan-interface 10
[H3C-Vlan-interface10] igmp group-policy 2000 2
5.1.6 igmp group-policy vlan
Syntax
igmp group-policy acl-number vlan vlan-id
undo igmp group-policy vlan vlan-id
View
Port view
Parameter
acl-number: Number of the basic IP ACL number, defining a multicast group range. The value ranges from 2,000 to 2,999.
vlan-id: ID of the VLAN to which the port belongs.
Description
Use the igmp group-policy vlan command to set the filter of multicast groups on a port to control the access to the IP multicast groups.
Use the undo igmp group-policy vlan command to remove the configured filter.
By default, no filter is configured; that is, a host can join any multicast group.
This command performs the same function as the igmp group-policy command does. Note that the configured port must belong to the specified VLAN, and the IGMP protocol must be enabled on this port; otherwise, the configuration does not take effect.
Related command: igmp group-policy, igmp host-join port, igmp host-join vlan.
Example
# Configure that only the hosts matching ACL 2000 rules on Ethernet1/0/1 in VLAN-interface10 can be added to the multicast group.
<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C] interface Vlan-interface 10
[H3C-Vlan-interface10] igmp enable
[H3C-Vlan-interface10] quit
[H3C] interface Ethernet 1/0/1
[H3C-Ethernet1/0/1] port access vlan 10
[H3C-Ethernet1/0/1] igmp group-policy 2000 vlan 10
5.1.7 igmp host-join port
Syntax
igmp host-join group-address port interface-list
undo igmp host-join group-address port interface--list
View
VLAN interface view
Parameter
group-address: Multicast address of the multicast group that an interface will join.
port: Specifies the port in the VLAN interface.
interface-list: Forward port list. You can specify multiple ports by providing this argument in the form of interface-list = { interface-type interface-number [ to { interface-type interface-number } ] }&<1-10> where the interface-type argument refers to the port type and the interface-number argument refers to the port number. For the meanings and value ranges of the interface-type argument and the interface-number argument, refer to the parameter descriptions in the “Port Basic Configuration” module in this manual.
Description
Use the igmp host-join port command to enable a port in the VLAN interface of a switch to join a multicast group.
Use undo igmp host-join port command to remove the configuration.
By default, a VLAN interface of a switch does not belong to any multicast group.
Related command: igmp group-policy.
Example
# Add Ethernet1/0/1 in VLAN-interface10 to the multicast group at 225.0.0.1.
<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C] interface Vlan-interface 10
[H3C-Vlan-interface10] igmp host-join 225.0.0.1 port Ethernet 1/0/1
5.1.8 igmp host-join vlan
Syntax
igmp host-join group-address vlan vlan-id
undo igmp host-join group-address vlan vlan-id
View
Port view
Parameter
group-address: Multicast address of the multicast group that an interface will join.
vlan-id: ID of the VLAN to which the port belongs.
Description
Use the igmp host-join vlan command to enable an Ethernet port to join a multicast group.
Use the undo igmp host-join vlan command to disable the configuration.
By default, an Ethernet port does not belong to any multicast group.
Related command: igmp group-policy.
Example
# Add Ethernet1/0/1 in VLAN-interface10 to the multicast group at 225.0.0.1.
<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C] interface Vlan-interface 10
[H3C-Vlan-interface10] igmp enable
[H3C-Vlan-interface10] quit
[H3C] interface Ethernet 1/0/1
[H3C-Ethernet1/0/1] port access vlan 10
[H3C-Ethernet1/0/1] igmp host-join 225.0.0.1 vlan 10
5.1.9 igmp lastmember-queryinterval
Syntax
igmp lastmember-queryinterval seconds
undo igmp lastmember-queryinterval
View
VLAN interface view
Parameter
seconds: Interval for the IGMP querier to send IGMP group-specific query packets when it receives IGMP leave packets from the host. It is in the range of one second to five seconds.
Description
Use the igmp lastmember-queryinterval command to set the interval for the IGMP querier to send IGMP group-specific query packets when it receives IGMP leave packets from the host.
Use the undo igmp lastmember-queryinterval command to restore the default value.
The interval for the IGMP querier to send IGMP group-specific query packets is one second by default.
In a shared network, that is, the same network segment including multiple hosts and multicast routers, the query router (also known as querier) is responsible for maintaining the IGMP group membership on the interface. When the IGMPv2 host leaves a group, it sends an IGMP Leave message.
Upon receiving the IGMP Leave message, the IGMP querier must send the IGMP group-specific query messages for specified times (by the robust-value argument in the igmp robust-count command, with default value as 2) in a specified time interval (by the seconds argument in the igmp lastmember-queryinterval command, with default value as 1 second). If other hosts which are interested in the specified group receive the IGMP query message from the IGMP query router, they will send back the IGMP Membership Report message within the specified maximum response time interval. If it receives the IGMP Membership Report message within the defined period (equal to robust-value ´ seconds), the IGMP query router continue to maintain the membership of this group. When receiving no IGMP Membership Report message from any host within the defined period, the IGMP query router considers it as timed out and stops membership maintenance for the group.
This command is only available on the IGMP query router running IGMPv2. A host running IGMPv1 may not send the IGMP Leave message when it leaves a group. In this case, this command does not take effect for the host.
Related command: igmp robust-count, display igmp interface.
Example
# Set the query interval at the Vlan-interface10 to three seconds.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] interface Vlan-interface 10
[H3C-Vlan-interface10] igmp lastmember-queryinterval 3
5.1.10 igmp max-response-time
Syntax
igmp max-response-time seconds
undo igmp max-response-time
View
VLAN interface view
Parameter
seconds: Maximum response time in seconds in the IGMP query messages, ranging from 1 to 25.
Description
Use the igmp max-response-time command to configure the maximum response time contained in the IGMP query messages.
Use the undo igmp max-response-time command to restore the default value.
The maximum query response time is 10 seconds by default.
The maximum query response time determines the period for a router to detect that there is no more directly connected group member in the LAN.
Related command: display igmp group.
Example
# Set the maximum response time carried in host-query packets to eight seconds.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] interface Vlan-interface 10
[H3C-Vlan-interface10] igmp max-response-time 8
5.1.11 igmp proxy
Syntax
igmp proxy Vlan-interface interface-number
undo igmp proxy
View
VLAN view
Parameter
interface-number: Proxy interface number.
Description
Use the igmp proxy command to specify an interface of the Layer 3 endpoint switch as the IGMP proxy interface of another interface.
Use the undo igmp proxy command to disable this configuration.
The IGMP proxy feature is disabled by default.
You must enable the PIM protocol on the interface before configuring the igmp proxy command on the interface. One interface cannot serve as the IGMP proxy interface of two or more interfaces.
If the IGMP proxy feature is configured on the same interface for multiple times, the latest configuration takes effect.
Related command: pim neighbor-policy.
Caution:
l The multicast route feature and the IGMP protocol must be enabled on the proxy interface.
l You must enable the PIM protocol on the interface before configuring the igmp proxy command on the interface.
l One interface cannot serve as the IGMP proxy interface of two or more interfaces.
Example
# Configure VLAN-interface2 as the IGMP proxy interface of VLAN-interface1 on the Layer 3 switch.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] multicast routing-enable
[H3C] interface vlan-interface 1
[H3C-Vlan-interface1] igmp enable
[H3C- Vlan-interface1] igmp proxy vlan-interface 2
5.1.12 igmp robust-count
Syntax
igmp robust-count robust-value
undo igmp robust-count
View
VLAN interface view
Parameter
robust-value: IGMP robust value. It is the number of times of sending the IGMP group-specific query packets after the IGMP querier receives the IGMP Leave packet from the host. This value ranges from 2 to 5 .
Description
Use the igmp robust-count command to set the number of times of sending the IGMP group query message after the IGMP query router receives the IGMP Leave message from the host.
Use the undo igmp robust-count command to restore the default value.
By default, an IGMP querier sends IGMP group-specific query packets twice.
In a shared network, that is, the same network segment including multiple hosts and multicast routers, the query router is responsible for maintaining the IGMP group membership on the interface. When the IGMPv2 host leaves a group, it sends an IGMP Leave message. Upon receiving the IGMP Leave message, IGMP query router must send the IGMP group-specific query message for the specified times (by the robust-value argument in the igmp robust-count command, with default value as 2) at a specified time interval (by the seconds argument in the igmp lastmember-queryinterval command, with default value as one second). If other hosts that are interested in the specific group receive the IGMP group-specific query packets from the IGMP query router, they will send back the IGMP Membership Report packets within the specified maximum response time interval. If it receives the IGMP Membership Report packets within the defined period (equal to robust-value ´ seconds), the IGMP query router continue to maintain the membership of this group. When receiving no IGMP Membership Report packet from any hosts within the defined period, the IGMP query router considers it as timed out and stops membership maintenance for the group.
This command is only available on the IGMP query router running IGMPv2. A host running IGMPv1 may not send IGMP Leave packets when it leaves a group. In this case, this command does not take effect for the host.
Related command: igmp lastmember-queryinterval, display igmp interface.
Example
# Set the robust value of Vlan-interface10 to 3.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] interface Vlan-interface 10
[H3C-Vlan-interface10] igmp robust-count 3
5.1.13 igmp timer other-querier-present
Syntax
igmp timer other-querier-present seconds
undo igmp timer other-querier-present
View
VLAN interface view
Parameter
seconds: Time (in seconds) during which the IGMP querier is present, in the range of 1 to 131,070.
Description
Use the igmp timer other-querier-present command to configure the presence time of the IGMP querier.
Use the undo igmp timer other-querier-present command to restore the default value.
By default, the presence time of the IGMP querier is twice the value of IGMP query message interval, that is, 120 seconds.
On a shared network, that is, the same network segment including multiple multicast routers, the query router (also known as querier) is responsible for sending query messages periodically through the VLAN interface. If other non-queriers receive no query messages within the timer period, the router considers the previous querier to be invalid and the router itself acts as a querier.
In IGMP version 1, the selection of a querier is determined by the multicast routing protocol. In IGMP version 2, the router with the lowest IP address on the shared network segment acts as the querier.
Related command: igmp timer query, display igmp interface.
Example
# Configure the querier to expire in 300 seconds.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] interface Vlan-interface 10
[H3C-Vlan-interface10] igmp timer other-querier-present 300
5.1.14 igmp timer query
Syntax
igmp timer query seconds
undo igmp timer query
View
VLAN interface view
Parameter
seconds: Interval at which a router transmits IGMP query messages, in the range of 1 to 65,535 seconds.
Description
Use the igmp timer query command to configure the interval at which a router interface sends IGMP query messages.
Use the undo igmp timer query command to restore the default value.
By default, a router interface transmits IGMP query messages at the interval of 60 seconds.
A multicast router periodically sends out IGMP query messages to attached segments to find hosts that belong to different multicast groups. The query interval can be modified according to the practical conditions of the network.
Related command: igmp timer other-querier-present.
Example
# Configure to transmit host-query messages every 150 seconds through VLAN-interface2.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] interface Vlan-interface 2
[H3C-Vlan-interface2] igmp timer query 150
5.1.15 igmp version
Syntax
igmp version { 1 | 2 }
undo igmp version
View
VLAN interface view
Parameter
1: Specifies IGMP Version 1.
2: Specifies IGMP Version 2.
Description
Use the igmp version command to specify the version of IGMP that a router uses.
Use the undo igmp version command to restore the default value.
The default IGMP version is IGMP version 2.
All routers on a subnet must support the same version of IGMP. After detecting the presence of IGMP Version 1 system, a router cannot automatically switch to Version 1.
Example
# Run IGMP Version 1 on VLAN-interface10.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] interface Vlan-interface 10
[H3C-Vlan-interface10] igmp version 1
5.1.16 reset igmp group
Syntax
reset igmp group { all | interface interface-type interface-number { all | group-address [ group-mask ] } }
View
User view
Parameter
all: Specifies all IGMP groups.
interface-type interface-number: VLAN interface type and VLAN interface number.
group-address: IGMP group address.
group-mask: Mask of IGMP group address.
Description
Use the reset igmp group command to delete an existing IGMP group from the VLAN interface. The deleted group can be added to the VLAN interface again.
Example
# Delete all IGMP groups on all the VLAN interfaces.
<H3C> reset igmp group all
# Delete all IGMP groups on Vlan-interface10.
<H3C> reset igmp group interface Vlan-interface10 all
# Delete the group 225.0.0.1 from Vlan-interface10.
<H3C> reset igmp group interface Vlan-interface10 225.0.0.1
# Delete the IGMP groups ranging from 225.1.1.0 to 225.1.1.255 on Vlan-interface10.
<H3C> reset igmp group interface Vlan-interface10 225.1.1.0 255.255.255.0
Chapter 6 PIM Configuration Commands
6.1 PIM Configuration Commands
6.1.1 bsr-policy
Syntax
bsr-policy acl-number
undo bsr-policy
View
PIM view
Parameter
acl-number: ACL number imported in BSR filtering policy, in the range of 2000 to 2999.
Description
Use the bsr-policy command to limit the range of legal BSRs to prevent BSR spoofing.
Use the undo bsr-policy command to restore the default setting; that is, no range limit is set and all received messages are taken as legal.
In the PIM SM network using BSR (bootstrap router) mechanism, every router can set itself as C-BSR (candidate BSR) and take the authority to advertise RP information in the network once it wins in the contention. To prevent malicious BSR spoofing in the network, the following two measures need to be taken:
l Prevent the router from being spoofed by hosts though faking legal BSR messages to modify RP mapping. BSR messages are of multicast type and their TTL is 1, so this type of attacks often hit edge routers. Fortunately, BSRs are inside the network, while assaulting hosts are outside; therefore, neighbor and RPF checks can be used to stop this type of attacks.
l If a router in the network is manipulated by an attacker, or an illegal router gained access to the network, the attacker may set itself as C-BSR and try to win the contention and obtain authority to advertise RP information in the network. Since the router configured as C-BSR propagate BSR messages, which are multicast messages sent hop by hop with TTL as 1, in the network, then the network cannot be affected as long as the peer routers do not receive these BSR messages. One way is to configure the bsr-policy command on each router to limit the legal BSR range. For example, only 1.1.1.1/32 and 1.1.1.2/32 can be BSR. Thus, the routers cannot receive or forward BSR messages other than these two. Even legal BSRs cannot contend with them.
Problems may still exist if a legal BSR is attacked, though these two measures can effectively guarantee high BSR security.
The source keyword in the rule command is translated into BSR address in the bsr-policy command.
Related command: acl, rule.
Example
# Configure a BSR filtering policy on routers to allow only 101.1.1.1/32 to be BSR.
<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C] multicast routing-enable
[H3C] pim
[H3C-pim] bsr-policy 2000
[H3C-pim] quit
[H3C] acl number 2000
[H3C-acl-basic-2000] rule 0 permit source 101.1.1.1 0
6.1.2 c-bsr
Syntax
c-bsr interface-type interface-number hash-mask-len [ priority ]
undo c-bsr
View
PIM view
Parameter
interface-type interface-number: VLAN interface. The candidate BSR is configured on the VLAN interface. PIM-SM must be enabled on the VLAN interface first.
hash-mask-len: Length of the mask. The value ranges from 0 to 32.
priority: Priority of the candidate BSR. The greater the value of the priority, the higher the priority of the BSR. The value ranges from 0 to 255. By default, the priority is 0.
Description
Use the c-bsr command to configure a candidate BSR.
Use the undo c-bsr command to remove the candidate BSR configured.
By default, no candidate BSR is set.
For the configuration of the candidate BSR, the larger bandwidth should be guaranteed since a large amount of information will be exchanged between BSR and other devices in the PIM domain.
Related command: pim sm.
Example
# Configure the switch as a BSR with a priority of 2 (and the C-BSR address is designated as the IP address of VLAN-interface10).
<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C] multicast routing-enable
[H3C] pim
[H3C-pim] c-bsr vlan-interface 10 24 2
6.1.3 c-rp
Syntax
c-rp interface-type interface-number [ group-policy acl-number | priority priority-value ]*
undo c-rp { interface-type interface-number | all }
View
PIM view
Parameter
interface-type interface-number: VLAN interface whose IP address is advertised as a candidate RP address.
acl-number: Number of the basic ACL that defines a group range. This range is the service range of the advertised RP. The value ranges from 2,000 to 2,999.
priority-value: Priority value of candidate RP, in the range of 0 to 255. The greater the value, the lower the priority level
all: Removes all candidate RP configurations.
Description
Use the c-rp command to configure the router to advertise itself as a candidate RP.
Use the undo c-rp command to remove the configuration.
By default, no candidate RP is configured and the value of RP priority is 0.
For the configuration of candidate RP, a relatively large bandwidth should be reserved for the router and other devices in the PIM domain.
Related command: c-bsr.
Example
# Configure the switch to advertise the BSR that the switch itself acts as the C-RP in the PIM. Basic ACL 2000 defines the groups related to the RP. The address of C-RP is designated as the IP address of VLAN-interface10.
<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C] multicast routing-enable
[H3C] acl number 2000
[H3C-acl-basic-2000] rule permit source 225.0.0.0 0.255.255.255
[H3C] pim
[H3C-pim] c-rp vlan-interface 10 group-policy 2000
6.1.4 crp-policy
Syntax
crp-policy acl-number
undo crp-policy
View
PIM view
Parameter
acl-number: ACL number imported in C-RP filtering policy, ranging from 3000 to 3999.
Description
Use the crp-policy command to limit the range of legal C-RPs and define the service group range of each C-RP, so as to prevent C-RP spoofing.
Use the undo crp-policy command to restore the default setting; that is, no range limit is set and all received messages are taken as legal.
In a PIM SM network using BSR mechanism, every router can set itself as C-RP (candidate rendezvous point) servicing particular groups. If elected, a C-RP becomes the RP servicing the current group.
In BSR mechanism, a C-RP router unicasts C-RP messages to the BSR, which then propagates the C-RP messages in the network by using BSR messages. To prevent C-RP spoofing, you need to configure the crp-policy command on the BSR to limit the legal C-RP range and their service group range. Since each C-BSR has the chance to become BSR, you must configure the same filtering policy on each C-BSR router.
This command uses the ACLs numbered 3000 to 3999. The source keyword in the rule command is translated into a C-RP address in the crp-policy command, and the destination keyword into the service group range of this C-RP address. The C-RP messages received are considered as matched only when their C-RP addresses match the source address and their server group addresses are subset of those defined in the ACL.
Related command: acl, rule.
Example
# Configure C-RP filtering policy on the C-BSR routers, allowing only 1.1.1.1/32 to be C-RP and to serve only the groups 225.1.0.0/16.
<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C] multicast routing-enable
[H3C] pim
[H3C-pim] crp-policy 3000
[H3C-pim] quit
[H3C] acl number 3000
[H3C-acl-adv-3000] rule 0 permit source 1.1.1.1 0 destination 225.1.0.0 0.0.255.255
6.1.5 display pim bsr-info
Syntax
display pim bsr-info
View
Any view
Parameter
None
Description
Use the display pim bsr-info command to display the BSR information.
Related command: c-bsr, c-rp.
Example
# Display the BSR information.
<H3C> display pim bsr-info
Current BSR Address: 20.20.20.30
Priority: 0
Mask Length: 30
Expires: 00:01:55
Local host is BSR
Table 6-1 Description on the fields of the display pim bsr-info command
Field |
Description |
BSR |
BootStrap router |
Priority |
Priority of BSR |
Mask Length: 30 |
Length of mask |
Expires: 00:01:55 |
Value of the timer |
6.1.6 display pim interface
Syntax
display pim interface [ interface-type interface-number ]
View
Any view
Parameter
interface-type interface-number: Interface type and interface number, used to specify the VLAN interface.
Description
Use the display pim interface command to display the PIM configuration information of the interface.
If neither the VLAN interface type nor the VLAN interface number is specified, the PIM configuration information of all VLAN interfaces is displayed; if both the VLAN interface type and the VLAN interface number are specified, the PIM configuration information about the specified VLAN interface is displayed.
Example
# Display the PIM configuration information about the VLAN interface.
<H3C> display pim interface
PIM information of VLAN-interface 2:
IP address of the interface is 10.10.1.20
PIM is enabled
PIM version is 2
PIM mode is Sparse
PIM query interval is 30 seconds
PIM neighbor limit is 128
PIM neighbor policy is none
Total 1 PIM neighbor on interface
PIM DR(designated router) is 10.10.1.20
Table 6-2 Description on the fields of the display pim interface command
Field |
Description |
PIM version |
Version of PIM |
PIM mode |
PIM mode enabled on the VLAN interface (DM or SM) |
PIM query interval |
Hello packet interval |
PIM neighbor limit |
Limit on the number of PIM neighbors on the VLAN interface. No neighbor can be added when the limit is reached |
PIM neighbor policy |
Filtering policy of the PIM neighbors on the current interface |
PIM DR |
Designated router |
6.1.7 display pim neighbor
Syntax
display pim neighbor [ interface interface-type interface-number ]
View
Any view
Parameter
interface-type interface-number: Interface type and interface number, used to specify the VLAN interface.
Description
Use the display pim neighbor command to display the PIM neighbor information discovered by the VLAN interface of the switch. If you specify a VLAN interface, only the PIM neighbor information about the specified VLAN interface is displayed.
Example
# Display the PIM neighbor information discovered by the VLAN interface of the neighbor.
<H3C> display pim neighbor
Neighbor Address Interface Name Uptime Expires
8.8.8.6 VLAN-interface10 1637 89
Table 6-3 Description on the fields of the display pim neighbor command
Field |
Description |
Neighbor Address |
Neighbor address |
Interface |
VLAN interface on which the neighbor has been discovered |
Uptime |
Time elapsed since the multicast group was discovered |
Expires |
Specifies when the member will be removed from the group |
6.1.8 display pim routing-table
Syntax
display pim routing-table [ { { *g [ group-address [ mask { mask-length | mask } ] ] | **rp [ rp-address [ mask { mask-length | mask } ] ] } | { group-address [ mask { mask-length | mask } ] | source-address [ mask { mask-length | mask } ] } * } | incoming-interface { interface-type interface-number | null } | { dense-mode | sparse-mode } ] *
View
Any view
Parameter
*g: Specifies a (*, G) route entry.
mask: IP address mask.
mask-length: Length of IP address mask.
**rp: Specifies a (*, *, RP) route entry.
rp-address: RP address.
group-address: Address of the multicast group.
source-address: Address of the multicast source.
incoming-interface interface-type interface-number: Displays the route entry whose incoming VLAN interface is the specified VLAN interface.
null: Specifies the VLAN interface type as NULL.
dense-mode: Specifies the multicast routing protocol as PIM-DM.
sparse-mode: Specifies the multicast routing protocol as PIM-SM.
Description
Use the display pim routing-table command to display information about the PIM multicast routing table.
The displayed information about the PIM multicast routing table includes the SPT information and RPF information.
Example
# Display the information about the PIM multicast routing table.
<H3C> display pim routing-table
PIM-SM Routing Table
Total 1 (S,G) entry, 1 (*,G) entry, 0 (*,*,RP) entry
(*, 228.0.0.0), RP 23.12.0.1
Protocol 0x20: PIMSM, Flag 0x3: RPT WC
Uptime: 00:00:13, Timeout in 197 sec
Upstream interface: Vlan-interface1, RPF neighbor: 200.1.0.1
Downstream interface list:
Vlan-interface401, Protocol 0x100: RPT, timeout in 197 sec
(196.0.0.3, 228.0.0.0)
Protocol 0x20: PIMSM, Flag 0x4: SPT
Uptime: 00:10:49, Timeout in 196 sec
Upstream interface: Vlan-interface196, RPF neighbor: NULL
Downstream interface list:
Vlan-interface401, Protocol 0x100: RPT, timeout in 197 sec
Matched 1 (S,G) entry, 1 (*,G) entry, 0 (*,*,RP) entry
Table 6-4 Description on the fields of the display pim routing-table command
Field |
Description |
RP |
Rendezvous Point |
(S,G) |
(source address, multicast group) |
PIM-SM |
PIM Sparse Mode |
SPT |
Shortest Path Tree |
RPF |
Reverse Path Forwarding |
RPT |
Rendezvous Point Tree |
6.1.9 display pim rp-info
Syntax
display pim rp-info [ group-address ]
View
Any view
Parameter
group-address: Group address to be displayed. If no multicast group is specified, the RP information about all multicast groups will be displayed.
Description
Use the display pim rp-info command to display the RP information of the multicast group.
In addition, this command can also display the BSR and static RP information.
Example
# Display the RP information of the multicast group
<H3C> display pim rp-info
PIM-SM RP-SET information:
BSR is: 4.4.4.6
Group/MaskLen: 224.0.0.0/4
RP 4.4.4.6
Version: 2
Priority: 0
Uptime: 00:39:50
Table 6-5 Description on the fields of the display pim rp-info command
Field |
Description |
PIM-SM RP-SET information: |
Combination of RP information |
BSR is: 4.4.4.6 |
BSR is the VLAN interface of 4.4.4.6 in the network |
Group/MaskLen: 224.0.0.0/4 RP 4.4.4.6 Version: 2 Priority: 0 Uptime: 00:39:50 Expires: 00:01:40 |
The RP whose group address is 224.0.0.0 and mask length is 4 is the virtual interface of the IP address 4.4.4.6. The priority of the version 2 RP is 0. It has been up for 39 minutes and 50 seconds and will expire in one minute and forty seconds. |
6.1.10 pim
Syntax
pim
undo pim
View
System view
Parameter
None
Description
Use the pim command to enter PIM view and configure the global PIM parameters. You cannot use the pim command to enable the PIM protocol.
Use the undo pim command to exit to system view and clear the global PIM parameter configurations.
Example
# Enter PIM view.
<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C] multicast routing-enable
[H3C] pim
[H3C-pim]
6.1.11 pim bsr-boundary
Syntax
pim bsr-boundary
undo pim bsr-boundary
View
VLAN interface view
Parameter
None
Description
Use the pim bsr-boundary command to configure a VLAN interface of the switch as the PIM domain boundary.
Use the undo pim bsr-boundary command to remove the configured PIM domain boundary.
By default, no PIM domain boundary is configured on the switch.
After you use this command to set a PIM domain boundary on a VLAN interface, no Bootstrap message can cross this domain boundary. However, the other PIM packets can pass this domain boundary. In this way, you can divide the PIM-SM-running network into multiple domains, each of which uses a different Bootstrap router.
Note that you cannot use this command to set up a multicast boundary. Instead, this command configures just a PIM Bootstrap packet boundary.
Related command: c-bsr.
Example
# Configure domain boundary on VLAN-interface10.
<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C] multicast routing-enable
[H3C] pim
[H3C-pim] quit
[H3C] interface Vlan-interface 10
[H3C-Vlan-interface10] pim bsr-boundary
6.1.12 pim dm
Syntax
pim dm
undo pim dm
View
VLAN interface view
Parameter
None
Description
Use the pim dm command to enable PIM-DM.
Use the undo pim dm command to disable PIM-DM.
By default, PIM-DM is disabled.
Before enabling PIM-DM, make sure you enable multicast routing protocol by using the multicast routing-enable command in system view.
Example
# Enable the PIM-DM protocol on VLAN-interface10 of the switch.
<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C] multicast routing-enable
[H3C] interface Vlan-interface 10
[H3C-Vlan-interface10] pim dm
6.1.13 pim neighbor-limit
Syntax
pim neighbor-limit limit
undo pim neighbor-limit
View
VLAN interface view
Parameter
limit: Upper limit on the number of PIM neighbors on the VLAN interface, in the range of 0 to 128.
Description
Use the pim neighbor-limit command to limit the number of PIM neighbors on a router interface. No neighbor can be added to the router any more when the limit is reached.
Use the undo pim neighbor-limit command to restore the default setting.
By default, the number of PIM neighbors on a VLAN interface can be up to128.
If the number of existing PIM neighbors exceeds the configured limit, they will not be deleted.
Example
# Limit the number of PIM neighbors on Vlan-interface10 within 50.
<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C] multicast routing-enable
[H3C] interface Vlan-interface 10
[H3C-Vlan-interface10] pim neighbor-limit 50
6.1.14 pim neighbor-policy
Syntax
pim neighbor-policy acl-number
undo pim neighbor-policy
View
VLAN interface view
Parameter
acl-number: Basic ACL number, in the range of 2,000 to 2,999.
Description
Use the pim neighbor-policy command to configure the router to filter the PIM neighbors on the current VLAN interface.
Use the undo pim neighbor-policy command to disable the filtering.
Only the routers that match the filtering rule in the ACL can serve as a PIM neighbor of the current VLAN interface.
The new configuration overwrites the old one if you run the command for a second time.
Example
# Configure 10.10.1.2, but not 10.10.1.1, to serve as a PIM neighbor of the Vlan-interface10.
<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C] multicast routing-enable
[H3C] interface Vlan-interface 10
[H3C-Vlan-interface10] pim neighbor-policy 2000
[H3C-Vlan-interface10] quit
[H3C] acl number 2000
[H3C-acl-basic-2000] rule permit source 10.10.1.2 0
[H3C-acl-basic-2000] rule deny source 10.10.1.1 0
6.1.15 pim sm
Syntax
pim sm
undo pim sm
View
VLAN interface view
Parameter
None
Description
Use the pim sm command to enable the PIM-SM protocol.
Use the undo pim sm command to disable the PIM-SM protocol.
By default, the PIM-SM protocol is disabled on the switch.
You must enable the PIM-SM protocol on each VLAN interface respectively. Generally, the PIM-SM protocol is enabled on each VLAN interface.
Related command: multicast routing-enable.
Example
# Enable the PIM-SM protocol on VLAN-interface10.
<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C] multicast routing-enable
[H3C] interface Vlan-interface 10
[H3C-Vlan-interface10] pim sm
6.1.16 pim timer hello
Syntax
pim timer hello seconds
undo pim timer hello
View
VLAN interface view
Parameter
seconds: Interval (in seconds) at which a VLAN interface sends Hello packets, in the range of 1 to 18,000.
Description
Use the pim timer hello command to set the interval at which a VLAN interface sends Hello packets.
Use the undo pim timer hello command to restore the default value of the interval.
By default, a VLAN interface sends Hello packets at the interval of 30 seconds.
When the PIM-SM protocol is enabled on a VLAN interface, the switch periodically sends Hello packets to the network devices supporting PIM to discover neighbors. If the VLAN interface receives Hello packets, it means that the VLAN interface is connected to neighboring network devices that support PIM, and the VLAN interface will add the neighbors to its own neighbor list. If the VLAN interface does not receive any Hello packet from a neighbor in its neighbor list within the specified time, the neighbor is considered to have left the multicast group.
Example
# Configure VLAN-interfaceo10 of the switch to send Hello packet at the interval of 40 seconds.
<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C] multicast routing-enable
[H3C] interface Vlan-interface 10
[H3C-Vlan-interface10] pim timer hello 40
6.1.17 register-policy
Syntax
register-policy acl-number
undo register-policy
View
PIM view
Parameter
acl-number: Number of IP advanced ACL that defines the rule for filtering the source and group addresses. The value ranges from 3000 to 3999.
Description
Use the register-policy command to configure an RP to filter the register packets sent by the DR in the PIM-SM network and to accept the specified packets only.
Use the undo register-policy command to remove the configured packet filtering.
Example
# Configure the RP to filter the register packets sent by DR and to accept only the packets sourced from segment 10.10.0.0/16 and destined for multicast group 225.1.0.0/16.
<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C] acl number 3010
[H3C-acl-adv-3010] rule permit ip source 10.10.0.0 0.0.255.255 destination 225.1.0.0 0.0.255.255
[H3C-acl-adv-3010] quit
[H3C] pim
[H3C-pim] register-policy 3010
6.1.18 reset pim neighbor
Syntax
reset pim neighbor { all | { neighbor-address | interface interface-type interface-number } * }
View
User view
Parameter
all: Specifies all PIM neighbors.
neighbor-address: Neighbor address.
interface interface-type interface-number: Specifies a VLAN interface.
Description
Use the reset pim neighbor command to clear all PIM neighbors or PIM neighbors on the specified VLAN interface.
Related command: display pim neighbor.
Example
# Clear the PIM neighbor 25.5.4.3.
<H3C> reset pim neighbor 25.5.4.3
6.1.19 reset pim routing-table
Syntax
reset pim routing-table { all | { group-address [ mask group-mask | mask-length group-mask-length ] | source-address [ mask source-mask | mask-length source-mask-length ] | { incoming-interface interface-type interface-number } } * }
View
User view
Parameter
all: Specifies all PIM neighbors.
group-address: Group address.
mask group-mask: Specifies a group address mask.
mask-length group-mask-length: Specifies the length of group address mask.
source-address: Source address.
mask source-mask: Specifies the source address mask.
mask-length source-mask-length: Specifies the length of source address mask.
incoming-interface: Specifies the incoming interface for the route entry in PIM routing table.
interface-type interface-number: VLAN interface.
Use the reset pim routing-table command to clear all PIM route entries or the specified PIM route entry.
You can type in a source address before a group address in the command, as long as they are valid. An error message will be given if you type in an invalid address.
In this command, if the group-address is 224.0.0.0/24 and source-address is the RP address (where group address can have a mask, but the resulted IP address must be 224.0.0.0, and source address has no mask), then it means only the (*, *, RP) entry will be cleared.
In this command, if the group-address is a group address, and source-address is 0 (where group address can have a mask and source address has no mask), then only the (*, G) entry will be cleared.
This command shall clear not only multicast route entries from PIM routing table, but also the corresponding route entries and forward entries in the multicast core routing table and MFC.
Related command: reset multicast routing-table, reset multicast forwarding-table, display pim routing-table.
Example
# Clear the route entries with group address 225.5.4.3 from the PIM routing table.
<H3C> reset pim routing-table 225.5.4.3
6.1.20 spt-switch-threshold
Syntax
spt-switch-threshold { traffic-rate | infinity } [ group-policy acl-number [ order order-value ] ]
undo spt-switch-threshold [ group-policy acl-number ]
View
PIM view
Parameter
traffic-rate: Multicast traffic rate in kbps, ranging from 0 to 65,535. When it takes a non-zero value, RPT does not switch to SPT.
infinity: Never switches to the SPT.
acl-number: Basic ACL number, ranging from 2000 to 2999. It defines a group range within which the rate of multicast packets is limited.
Description
Use the spt-switch-threshold command to configure the threshold for switching from RPT to source SPT.
Use the undo spt-switch-threshold command to restore the default threshold for switching from RPT to source SPT.
By default, a RPT-to-SPT switch occurs once the device receives the first multicast packet.
If you do not specify an ACL number, the threshold applies to all multicast groups.
& Note:
When you execute the spt-switch-threshold command on anS3600 Ethernet switch, the traffic-rate argument can only be set to 0. That is, the threshold can be set to 0 or infinity.
l With the threshold set to 0, the last hop switch switches to SPT once it receives the first multicast packet.
l With the threshold set to infinity, the last hop switch never switches to SPT.
Example
# Configure the last hop switch to switch to SPT upon receipt of the first multicast packet.
<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C]pim
[H3C-pim] spt-switch-threshold 0
6.1.21 source-policy
Syntax
source-policy acl-number
undo source-policy
View
PIM view
Parameter
acl-number: Basic or advanced ACL, in the range of 2000 to 3999.
Description
Use the source-policy command to configure the router to filter the received multicast data packets according to the source address or group address.
Use the undo source-policy command to remove the configuration.
If resource address filtering and basic ACLs are configured, the router filters the resource addresses of all multicast data packets received. Those not matched will be discarded.
If resource address filtering and advanced ACLs are configured, the router filters the resource and group addresses of all multicast data packets received. Those not matched will be discarded.
When this feature is configured, the router filters not only multicast data, but also the multicast data encapsulated in the registration packets.
The new configuration overwrites the old one if you run the command for a second time.
Example
# Configure to receive the multicast data packets from source address 10.10.1.2 and discard those from 10.10.1.1.
<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C] multicast routing-enable
[H3C] pim
[H3C-pim] source-policy 2000
[H3C-pim] quit
[H3C] acl number 2000
[H3C-acl-basic-2000] rule permit source 10.10.1.2 0
[H3C-acl-basic-2000] rule deny source 10.10.1.1 0
6.1.22 static-rp
Syntax
static-rp rp-address [ acl-number ]
undo static-rp
View
PIM view
Parameter
rp-address: Static RP address. It must be a legal unicast IP address.
acl-number: Basic ACL, used to control the range of multicast group served by static RP. Its value ranges from 2000 to 2999. If no ACL is specified upon configuration, static RP will serve all multicast groups; if an ACL is specified, static RP will only serve the multicast group passing the ACL.
Description
Use the static-rp command to configure static RP.
Use the undo static-rp command to remove the configuration.
Static RP functions as the backup of dynamic RP to improve network robustness. If the RP elected by BSR mechanism is valid, static RP will not work. All routers in the PIM domain must be configured with this command and be specified with the same RP address.
The new configuration overwrites the old one if you execute the command for a second time.
Related command: display pim rp-info.
Example
# Configure 10.110.0.6 as a static RP.
<H3C>system-view
System View: return to User View with Ctrl+Z.
[H3C] multicast routing-enable
[H3C] pim
[H3C-pim] static-rp 10.110.0.6
Chapter 7 MSDP Configuration Commands
7.1 MSDP Configuration Commands
7.1.1 cache-sa-enable
Syntax
cache-sa-enable
undo cache-sa-enable
View
MSDP view
Parameter
None
Description
Use the cache-sa-enable command to enable the SA message cache mechanism.
Use the undo cache-sa-enable command to disable the cache mechanism.
By default, a router caches (S, G) entries after it receives an SA message.
If the router is in the cache state, it sends no SA request message to the specified MSDP peer when it receives a Join message.
Example
# Enable the router to cache all SA states.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] msdp
[H3C-msdp] cache-sa-enable
7.1.2 display msdp brief
Syntax
display msdp brief
View
Any view
Parameter
None
Description
Use the display msdp brief command to display the brief information of the MSDP peer state.
Example
# Display the brief information of the MSDP peer state.
<H3C> display msdp brief
MSDP Peer Brief Information
Peer's Address State Up/Down time AS SA Count Reset Count
20.20.20.20 Up 00:00:13 100 0 0
Table 7-1 Description on the fields of the display msdp brief command
Field |
Description |
Peer's Address |
Address of the MSDP peer |
State |
State |
Up/Down time |
Up/down time |
AS |
AS number |
SA Count |
SA count |
Reset Count |
Times of peer connection resets |
7.1.3 display msdp peer-status
Syntax
display msdp peer-status [ peer-address ]
View
Any view
Parameter
peer-address: IP address of an MSDP peer.
Description
Use the display msdp peer-status command to display the detailed information of the MSDP peer state.
Related command: peer.
Example
# Display the detailed information of MSDP peer 10.110.11.11.
<H3C> display msdp peer-status 10.110.11.11
MSDP Peer 20.20.20.20, AS 100
Description:
Information about connection status:
State: Up
Up/down time: 14:41:08
Resets: 0
Connection interface: LoopBack0 (20.20.20.30)
Number of sent/received messages: 867/947
Number of discarded output messages: 0
Elapsed time since last connection or counters clear: 14:42:40
Information about (Source, Group)-based SA filtering policy:
Import policy: none
Export policy: none
Information about SA-Requests:
Policy to accept SA-Request messages: none
Sending SA-Requests status: disable
Minimum TTL to forward SA with encapsulated data: 0
SAs learned from this peer: 0, SA-cache maximum for the peer: none
Input queue size: 0, Output queue size: 0
Counters for MSDP message:
Count of RPF check failure: 0
Incoming/outgoing SA messages: 0/0
Incoming/outgoing SA requests: 0/0
Incoming/outgoing SA responses: 0/0
Incoming/outgoing data packets: 0/0
7.1.4 display msdp sa-cache
Syntax
display msdp sa-cache [ group-address | [ source-address ] ] [ autonomous-system-number ]
View
Any view
Parameter
group-address: Group address of the (S, G) entry.
source-address: Source address of the (S, G) entry. If you do not specify a source address, the system displays all source information of the specified group. If you specify neither a group address nor a source address, the system displays all SA caches.
autonomous-system-number: Number of the AS from which the (S,G) entry comes. The value ranges from 1 to 65535.
Description
Use the display msdp sa-cache command to display (S, G) state learned from an MSDP peer.
You must configure the cache-sa-enable command before the system can display the cache state information.
Example
# Display SA messages learned from the MSDP peer.
<H3C> display msdp sa-cache
MSDP Total Source-Active Cache - 5 entries
(Source, Group) Origin RP Pro AS Uptime Expires
(10.10.1.2, 225.1.1.1) 10.10.10.10 ? ? 00:00:10 00:05:50
(10.10.1.3, 225.1.1.1) 10.10.10.10 ? ? 00:00:11 00:05:49
(10.10.1.2, 225.1.1.2) 10.10.10.10 ? ? 00:00:11 00:05:49
(10.10.2.1, 225.1.1.2) 10.10.10.10 ? ? 00:00:11 00:05:49
(10.10.1.2, 225.1.2.2) 10.10.10.10 ? ? 00:00:11 00:05:49
MSDP matched 5 entries
Table 7-2 Description on the fields of the display msdp sa-cache command
Field |
Description |
(Source, Group) |
(S, G) entry |
Origin RP |
Source RP address |
Pro |
Inter-domain unicast routing protocol |
AS |
AS number |
Uptime |
Up time |
Expires |
Expiry of a (S, G) entry |
7.1.5 display msdp sa-count
Syntax
display msdp sa-count [ autonomous-system-number ]
View
Any view
Parameter
autonomous-system-number: AS from which a source and group come The value ranges from 1 to 65535.
Description
Use the display msdp sa-count command to display the number of sources and groups in MSDP cache.
The debugging output of this command is available only after the cache-sa-enable command is configured.
Example
# Display the number of sources and groups in MSDP cache.
<H3C> display msdp sa-count
Number of cached Source-Active entries, counted by Peer
Peer's Address Number of SA
10.10.10.10 5
Number of source and group, counted by AS
AS Number of source Number of group
100 3 3
Total Source-Active entries: 5
Table 7-3 Description on the fields of the display msdp sa-count command
Field |
Description |
Peer's Address |
Address of an MSDP peer |
Number of SA |
Number of SA messages |
AS |
AS number |
Number of source |
Number of sources |
Number of group |
Number of groups |
7.1.6 import-source
Syntax
import-source [ acl acl-number ]
undo import-source
View
MSDP view
Parameter
acl-number: Basic or advanced IP ACL number, ranging from 2000 to 3999. An ACL controls SA message advertisement by filtering sources (with a basic ACL) and filtering sources or groups (with an advanced ACL). If you do not specify this argument, no multicast source is advertised.
Description
Use the import-source command to specify the (S, G) entries in this domain that need to be advertised when an MSDP peer creates an SA message.
Use the undo import-source command to cancel the configuration.
By default, an SA message advertise all the (S, G) entries in the domain.
In addition, you can use the peer sa-policy import command or the peer sa-policy export command to filter forwarded SA messages.
Example
# Configure the (S, G) entries in the multicast routing table to be advertised when an MSDP peer creates an SA message.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] acl number 3101
[H3C-acl-adv-3101] rule permit ip source 10.10.0.0 0.0.255.255 destination 225.1.0.0 0.0.255.255
[H3C-acl-adv-3101] quit
[H3C] msdp
[H3C-msdp] import-source acl 3101
7.1.7 msdp
Syntax
msdp
undo msdp
View
System view
Parameter
None
Description
Use the msdp command to enable MSDP and enter MSDP view.
Use the undo msdp command to clear all configurations in MSDP view, release resources occupied by MSDP, and restore the initial state.
Related command: peer.
Example
# Clear all configurations in MSDP view.
<H3C> system-view
System View: return to User View with Ctrl+Z.
7.1.8 msdp-tracert
Syntax
msdp-tracert source-address group-address rp-address [ max-hops max-hops ] [ next-hop-info | sa-info | peer-info ]* [ skip-hops skip-hops ]
View
Parameter
source-address: Multicast source address
group-address: Multicast group address
rp-address: IP address of an RP
max-hops: Maximum number of hops to be traced, ranging from 1 to 255.The default value is 16.
next-hop-info: Collects the next hop information.
sa-info: Collects the SA entity information.
peer-info: Collects the MSDP peer information.
skip-hops: Number of hops to be skipped before the detailed information is collected, in the range of 0 to 255.
Description
Use the msdp-tracert command to trace the path along which an SA message travels, so as to locate message loss and minimize configuration errors. After determining the path of the SA message, you can prevent SA flooding through correct configuration.
By default, the number of hops to be before the switch collects the detailed information is 0.
Example
# Trace path information of 10.10.1.1, 225.2.2.2, and 20.20.20.20.
<H3C> msdp-tracert 10.10.1.1 225.2.2.2 20.20.20.20
# Specify the maximum number of hops to be traced and collect the detailed SA and MSDP peer information.
<H3C> msdp-tracert 10.10.1.1 225.2.2.2 20.20.20.20 max-hops 10 sa-info peer-info
MSDP tracert: press CTRL_C to break
D-bit: set if have this (S,G) in cache but with a different RP
RP-bit: set if this router is an RP
NC-bit: set if this router is not caching SA's
C-bit: set if this (S,G,RP) tuple is in the cache
MSDP trace route path information:
Router Address: 20.20.1.1
Fixed-length response info:
Peer Uptime: 10 minutes, Cache Entry Uptime: 30 minutes
D-bit: 0, RP-bit: 1, NC-bit: 0, C-bit: 1
Return Code: Reached-max-hops
Next Hop info:
Next-Hop Router Address: 0.0.0.0
SA info:
Count of SA messages received for this (S,G,RP): 0
Count of encapsulated data packets received for this (S,G,RP):0
SA cache entry uptime: 00:30:00 , SA cache entry expiry time: 00:03:32
Peering info:
Peering Uptime: 10 minutes, Count of Peering Resets: 3
Table 7-4 Description on the fields of the msdp-tracert command
Field |
Description |
Router Address |
The address used by the local router to establish a peering session with the Peer-PRF neighbor |
Peer Uptime |
The time of the peering session between the local router and a Peer-RPF neighbor, in minutes. The maximum value is 255. |
Cache Entry Uptime |
Up time of the (S, G, RP) entry in SA cache of the local router, in minutes. The maximum value is 255. |
D-bit: 1 |
An (S, G, RP) entry exists in the SA cache of the local router, but the RP is different from the RP specified in the request message. |
RP-bit: 1 |
The local router is an RP, but it may be another RP than the source RP in the (S, G, RP) entry. |
NC-bit: 0 |
SA cache is enabled on the local router. |
C-bit: 1 |
A (S, G, RP) entry exists in SA cache of the local router. |
Return Code: Reached-max-hops |
Maximum number of hops is reached. Another possible value is: Hit-src-RP: The router of this hop is the source RP in the (S, G, RP) entry. |
Next-Hop Router Address: 0.0.0.0 |
If you use the next-hop-info keyword, the address of Peer-RPF neighbor is displayed. |
Count of SA messages received for this (S,G,RP) |
The number of SA messages received to trace the (S, G, RP) entry. |
Count of encapsulated data packets received for this (S,G,RP) |
The number of packets received to trace the (S, G, RP) entry. |
SA cache entry uptime |
The up time of an SA cache entry |
SA cache entry expiry time |
The expiry time of an SA cache entry |
Peering Uptime: 10 minutes |
The time of the peering session between the local router and a Peer-PRF neighbor |
Count of Peering Resets |
Count of session resets |
7.1.9 mtracert
Syntax
mtracert source-address [ group-address | last-hop-router-address group-address ]
View
Any view
Parameter
source-address: Multicast source address
group-address: Multicast group address
last-hop-router-address: IP address of the last-hop router.
Description
Use the mtracert command to trace the transmission path of the packet sent by the multicast source over the network.
Example
# Trace the packets sent by the multicast source at 3.3.3.3.
<H3C> mtracert 3.3.3.3
7.1.10 originating-rp
Syntax
originating-rp interface-type interface-number
undo originating-rp
View
MSDP view
Parameter
interface-type: Interface type
interface-number: Interface number
Description
Use the originating-rp command to allow MSDP peer to use the specified interface IP address as the RP address in the SA message when the MSDP peer creates SA messages.
Use the undo originating-rp command to cancel configuration.
By default, the RP address in an SA message is the RP address configured by PIM.
Example
# Configure the IP address of Vlan-interface100 as the RP address of the created SA message.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] msdp
[H3C-msdp] originating-rp Vlan-interface 100
7.1.11 peer description
peer peer-address description text
undo peer peer-address description
peer-address: IP address of the MSDP peer.
text: Description text, case-sensitive. The maximum length is 80 characters.
By default, an MSDP peer has no description text.
An administrator can distinguish MSDP peers by means of the description texts.
Related command: display msdp peer-status.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] msdp
[H3C-msdp] peer 125.10.7.6 description router CstmrA
7.1.12 peer mesh-group
Syntax
peer peer-address mesh-group name
undo peer peer-address mesh-group
View
MSDP view
Parameter
peer-address: IP address of an MSDP peer in a mesh group.
name: Name of a mesh group, case-sensitive and containing 1 to 32 characters.
Description
Use the peer mesh-group command to add an MSDP peer to a mesh group.
Use the undo peer mesh-group command to cancel the configuration.
By default, an MSDP peer does not belong to any mesh group.
Example
# Configure the MSDP peer whose address is 125.10.7.6 as a member of the mesh group Grp1.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] msdp
[H3C-msdp] peer 125.10.7.6 mesh-group Grp1
7.1.13 peer minimum-ttl
Syntax
peer peer-address minimum-ttl ttl-value
undo peer peer-address minimum-ttl
View
MSDP view
Parameter
peer-address: IP address of the MSDP peer to which the TTL threshold applies.
ttl-value: TTL threshold, ranging from 0 to 255.
Description
Use the peer minimum-ttl command to configure the minimum TTL value of the multicast data packets encapsulated in SA messages and to be sent to the specified MSDP peer.
Use the undo peerminimum-ttl command to restore the default TTL threshold.
By default, the value of TTL threshold is 0.
Related command: peer.
Example
# Set the TTL threshold to 10 so that only those multicast data packets with a TTL value greater than or equal to 10 can be forwarded to the MSDP peer 110.10.10.1.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] msdp
[H3C-msdp] peer 110.10.10.1 minimum-ttl 10
7.1.14 peer request-sa-enable
Syntax
peer peer-address request-sa-enable
undo peer peer-address request-sa-enable
View
MSDP view
Parameter
peer-address: IP address of the MSDP peer.
Description
Use the peer request-sa-enable command to enable the router to send an SA request message to the specified MSDP peer upon receipt of a Join message.
Use the undo peer request-sa-enable command to remove the configuration.
By default, upon receipt of a Join message, the router sends no SA request message to the MSDP peer but waits for the next SA message.
Related command: cache-sa-enable.
Example
# Configure to send an SA request message to the MSDP peer 125.10.7.6.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] msdp
[H3C-msdp] peer 125.10.7.6 request-sa-enable
7.1.15 peer sa-cache-maximum
Syntax
peer peer-address sa-cache-maximum sa-limit
undo peer peer-address sa-cache-maximum
View
MSDP view
Parameter
peer-address: IP address of the MSDP peer.
sa-limit: Maximum number of SA messages cached, ranging from 1 to 2,048.
Description
Use the peer sa-cache-maximum command to set the maximum number of SA messages cached on the router.
Use the undo peer sa-cache-maximum command to restore the default configuration.
By default, the maximum number of SA messages cached on a router is 2,048.
You are recommended to perform this configuration on all MSDP peers on a network that is vulnerable to DoS attacks.
Related command: display msdp sa-count, display msdp peer-status, display msdp brief.
Example
# Configure the SA cache of the router so that it caches a maximum of 100 SA messages received from the MSDP peer 125.10.7.6.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] msdp
[H3C-msdp] peer 125.10.7.6 sa-cache-maximum 100
7.1.16 peer connect-interface
Syntax
peer peer-address connect-interface interface-type interface-number
undo peer peer-address
View
MSDP view
Parameter
peer-address: IP address of the MSDP peer.
interface-type interface-number: Interface type and interface number. The local router uses the primary address of this interface as the source IP to establish a TCP connection with the remote MSDP peer.
Description
Use the peer connect-interface command to configure an MSDP peer.
Use the undo peer connect-interface command to disable the configured MSDP peer.
If the MSDP peer of the local router is also a BGP peer, the MSDP peer and the BGP peer must use the same IP addresses.
Related command: static-rpf-peer.
Example
# Configure the router whose IP address is 125.10 .7.6 as the MSDP peer of the local router.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] msdp
[H3C-msdp] peer 125.10.7.6 connect-interface Vlan-interface 100
7.1.17 peer sa-policy
Syntax
peer peer-address sa-policy { import | export } [ acl acl-number ]
undo peer peer-address sa-policy { import | export }
View
MSDP view
Parameter
import: Receives the SA messages from the specified MSDP peer.
export: Forwards the SA messages from the specified MSDP peer.
peer-address: IP address of the MSDP peer whose SA messages need to be filtered.
acl acl-number: Specifies an advanced IP ACL number ranging from 3000 to 3999. If no ACL is specified, all (S, G) entries are filtered out.
Description
Use the peer sa-policy command to configure the filtering list for receiving or forwarding the SA messages from the specified MSDP peer.
Use the undo peer sa-policy command to remove the configuration.
By default, no filtering is imposed on SA messages to be received or forwarded; namely, all SA messages from MSDP peers are received or forwarded.
Related command: peer.
Example
# Configure a filtering list so that only those SA messages permitted by the advanced IP ACL 3100 are forwarded.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] acl number 3100
[H3C-acl-adv-3100] rule permit ip source 170.15.0.0 0.0.255.255 destination 225.1.0.0 0.0.255.255
[H3C-acl-adv-3100] quit
[H3C] msdp
[H3C-msdp] peer 125.10.7.6 connect-interface Vlan-interface 100
[H3C-msdp] peer 125.10.7.6 sa-policy export acl 3100
7.1.18 peer sa-request-policy
Syntax
peer peer-address sa-request-policy [ acl acl-number ]
undo peer peer-address sa-request-policy
View
MSDP view
Parameter
peer-address: IP address of an MSDP peer, the SA request messages sent from which will be filtered
acl-number: Basic IP ACL number, describing a multicast group address and in the range of 2000 to 2999. If no ACL is specified, all SA request messages will be ignored.
Description
Use the peer sa-request-policy command to limit the SA request messages that the router receives from an MSDP peer.
Use the undo peer sa-request-policy command to remove the limitation.
By default, the router receives all SA request messages from the MSDP peer.
If no ACL is specified, all SA requests will be ignored. If an ACL is specified, only those SA request messages from the groups that match the ACL rule will be processed and others are ignored.
Related command: peer.
Example
# Configure an ACL so that SA request messages from the group address range of 225.1.1.0/24 and from the MSDP peer 175.58.6.5 are received and other SA messages are ignored.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] acl number 2001
[H3C-acl-basic-2001] rule permit source 225.1.1.0 0.0.0.255
[H3C-acl-basic-2001] quit
[H3C] msdp
[H3C-msdp] peer 175.58.6.5 sa-request-policy acl 2001
7.1.19 reset msdp peer
Syntax
reset msdp peer peer-address
View
User view
Parameter
peer-address: IP address of the MSDP peer
Description
Use the reset msdp peer command to reset the TCP connection with the specified MSDP peer and clear all statistics information of that MSDP peer.
Related command: peer.
Example
# Reset the TCP connection with the MSDP peer 125.10.7.6 and the statistics of the MSDP peer.
<H3C> reset msdp peer 125.10.7.6
7.1.20 reset msdp sa-cache
Syntax
reset msdp sa-cache [ group-address ]
View
User view
Parameter
group-address: Group address; the cached (S, G) entries matching this address are to be deleted from the SA cache. If no multicast group address is specified, all cached SA entries will be cleared.
Description
Use the reset msdp sa-cache command to clear cached SA entries of the MSDP peer.
Related command: cache-sa-enable, display msdp sa-cache.
Example
# Clear the cached entries whose group address is 225.5.4.3 from the SA cache.
<H3C> reset msdp sa-cache 225.5.4.3
7.1.21 reset msdp statistics
Syntax
reset msdp statistics [ peer-address ]
View
User view
Parameter
peer-address: Address of the MSDP peer whose statistics, reset information and input/output information will be cleared. If no MSDP peer address is specified, the statistics information of all MSDP peers will be cleared.
Description
Use the reset msdp statistics command to clear the statistics information of one or more MSDP peers without resetting the MSDP peer(s).
Example
# Clear the statistics information of the MSDP peer 125.10.7.6.
<H3C> reset msdp statistics 125.10.7.6
7.1.22 shutdown
Syntax
shutdown peer-address
undo shutdown peer-address
View
Parameter
peer-address: IP address of an MSDP peer.
Description
Use the shutdown command to shut down the specified MSDP peer.
Use the undo shutdown command to remove the configuration.
By default, no MSDP peer is shut down.
Related command: peer.
Example
# Shut down the MSDP peer 125.10.7.6.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] msdp
[H3C-msdp] shutdown 125.10.7.6
7.1.23 static-rpf-peer
Syntax
static-rpf-peer peer-address [ rp-policy ip-prefix-name ]
undo static-rpf-peer peer-address
View
MSDP view
Parameter
peer-address: Address of the static RPF peer receiving SA messages.
rp-policy ip-prefix-name: Specifies a filtering policy based on RP addresses to filter RPs in SA messages. ip-prefix-name is the IP address prefix list containing 1 to 19 characters.
Description
Use the static-rpf-peer command to configure a static RPF peer.
Use the undo static-rpf-peer command to remove a static RPF peer.
By default, no static RPF peer is configured.
If only one MSDP peer is configured with the peer command, the MSDP peer will be regarded as a static RPF peer. When configuring multiple static RPF peers for the same router, make sure you follow the following two configuration methods::
l In the case that all the peers use the rp-policy keyword: Multiple static RPF peers take effect at the same time. RPs in SA messages are filtered according to the prefix list configured; only SA messages whose RP addresses pass the filtering are received. If multiple static RPF peers using the same rp-policy keyword are configured, when any of the peers receives an SA message, it will forward the SA message to the other peers.
l In the case that none of the peers use the rp-policy keyword: According to the configuration sequence, only the first static RPF peer whose connection state is UP is active. All the SA messages from this peer will be received and those from other static RPF peers will be discarded. Once the active static RPF peer fails (because the configuration is removed or the connection is terminated), based on the configuration sequence, the subsequent first static RPF peer whose connection is in the UP state will be selected as the active static RPF peer.
Related command: peer, ip ip-prefix.
Example
# Configure a static RPF peer.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] ip ip-prefix list1 permit 130.10.0.0 16 greater-equal 16 less-equal 32
[H3C] msdp
[H3C-msdp] peer 130.10.7.6 connect-interface Vlan-interface 100
[H3C-msdp] static-rpf-peer 130.10.7.6 rp-policy list1
7.1.24 timer retry
Syntax
timer retry seconds
undo timer retry
View
MSDP view
Parameter
seconds: Connection request retry interval in seconds, ranging from 1 to 60.
Description
Use the timer retry command to configure a connection request retry interval.
Use the undo timer retry command to restore the default value.
By default, the connection request retry interval is 30 seconds.
Related command: peer.
Example
# Set the connection request retry interval to 60 seconds.
<H3C> system-view
System View: return to User View with Ctrl+Z.
[H3C] msdp
[H3C-msdp] timer retry 60