MSDP configuration commands 1

cache-sa-enable· 1

display msdp brief 1

display msdp peer-status 3

display msdp sa-cache· 6

display msdp sa-count 7

encap-data-enable· 9

import-source· 9

msdp· 11

originating-rp· 11

peer connect-interface· 12

peer description· 13

peer mesh-group· 14

peer minimum-ttl 14

peer password· 15

peer request-sa-enable· 16

peer sa-cache-maximum·· 17

peer sa-policy· 18

peer sa-request-policy· 19

reset msdp peer 20

reset msdp sa-cache· 20

reset msdp statistics 21

shutdown (MSDP view) 21

static-rpf-peer 22

timer retry· 23

 

cache-sa-enable

Syntax

cache-sa-enable

undo cache-sa-enable

View

Public network MSDP view, VPN instance MSDP view

Default level

2: System level

Parameters

None

Description

Use the cache-sa-enable command to enable the SA cache mechanism to cache the (S, G) entries contained in SA messages.

Use the undo cache-sa-enable command to disable the SA cache mechanism.

By default, the SA cache mechanism is enabled. That is, the device caches the (S, G) entries contained in SA messages received.

Examples

# Enable the SA message cache mechanism in the public network, so that the device caches the (S, G) entries contained in the received SA messages.

<Sysname> system-view

[Sysname] msdp

[Sysname-msdp] cache-sa-enable

# Enable the SA message cache mechanism in VPN instance mvpn,  so that the device caches the (S, G) entries contained in the received SA messages.

<Sysname> system-view

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn] cache-sa-enable

display msdp brief

Syntax

display msdp [ all-instance | vpn-instance vpn-instance-name ] brief [ state { connect | down | listen | shutdown | up } ] [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

all-instance: Specifies all VPN instances.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN, where vpn-instance-name is a case-sensitive string of 1 to 31 characters.

state: Displays the information of MSDP peers in the specified state.

connect: Displays the information of MSDP peers in connecting state.

down: Displays the information of MSDP peers in down state.

listen: Displays the information of MSDP peers in listening state.

shutdown: Displays the information of MSDP peers in terminated state.

up: Displays the information of MSDP peers in in-session state.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.

begin: Displays the first line that matches the specified regular expression and all lines that follow.

exclude: Displays all lines that do not match the specified regular expression.

include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use the display msdp brief command to view the brief information of MSDP peers.

If neither all-instance nor vpn-instance is specified, this command displays the information in the public network.

Examples

# Display brief information about MSDP peers in all states in the public network.

<Sysname> display msdp brief

MSDP Peer Brief Information of VPN-Instance: public net

  Configured   Up           Listen       Connect      Shutdown     Down

  1            1            0            0            0            0

 

  Peer's Address    State    Up/Down time    AS     SA Count   Reset Count

  20.20.20.20       Up       00:00:13        100    0          0

Table 1 Output description

Field	Description
MSDP Peer Brief Information of VPN-Instance: public net	Brief information of MSDP peers in the public network.
Configured	Number of MSDP peers configured.
Up	Number of MSDP peers in the up state.
Listen	Number of MSDP peers in the listen state.
Connect	Number of MSDP peers in the connect state.
Shutdown	Number of MSDP peers in the shutdown state.
Down	Number of MSDP peers in down state.
Peer's Address	MSDP peer address.
State	MSDP peer status: ·       Up: Session set up; MSDP peer in session. ·       Listen: Session set up; local device as server, in listening state. ·       Connect: Session not set up; local device as client, in connecting state. ·       Shutdown: Deactivated. ·       Down: Connection failed.
Up/Down time	Length of time since MSDP peer connection was established/failed.
AS	Number of the AS where the MSDP peer is located. “?” indicates that the system could not obtain the AS number.
SA Count	Number of (S, G) entrie.s
Reset Count	MSDP peer connection reset times.

 

display msdp peer-status

Syntax

display msdp [ all-instance | vpn-instance vpn-instance-name ] peer-status [ peer-address ] [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

all-instance: Specifies all VPN instances.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN, where vpn-instance-name is a case-sensitive string of 1 to 31 characters.

peer-address: Specifies an MSDP peer by its address. If you do not provide this argument, this command displays the detailed status information of all MSDP peers.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.

begin: Displays the first line that matches the specified regular expression and all lines that follow.

exclude: Displays all lines that do not match the specified regular expression.

include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use the display msdp peer-status command to view the detailed MSDP peer status information.

If neither all-instance nor vpn-instance is specified, this command displays the information in the public network.

Related commands: peer connect-interface, peer description, peer mesh-group, peer minimum-ttl, peer request-sa-enable, peer sa-cache-maximum, peer sa-policy, and peer sa-request-policy.

Examples

# Display the detailed status information of the MSDP peer with the address of 10.110.11.11 in the public network.

<Sysname> display msdp peer-status 10.110.11.11

MSDP Peer Information of VPN-Instance: public net

  MSDP Peer 20.20.20.20, AS 100

  Description:

  Information about connection status:

    State: Up

    Up/down time: 14:41:08

    Resets: 0

    Connection interface: LoopBack0 (20.20.20.30)

    Number of sent/received messages: 867/947

    Number of discarded output messages: 0

    Elapsed time since last connection or counters clear: 14:42:40

  Information about (Source, Group)-based SA filtering policy:

    Import policy: none

    Export policy: none

  Information about SA-Requests:

    Policy to accept SA-Request messages: none

    Sending SA-Requests status: disable

  Minimum TTL to forward SA with encapsulated data: 0

  SAs learned from this peer: 0, SA-cache maximum for the peer: none

  Input queue size: 0, Output queue size: 0

  Counters for MSDP message:

    Count of RPF check failure: 0

    Incoming/outgoing SA messages: 0/0

    Incoming/outgoing SA requests: 0/0

    Incoming/outgoing SA responses: 0/0

    Incoming/outgoing data packets: 0/0

Table 2 Output description

Field	Description
MSDP Peer Information of VPN-Instance: public net	Information about the MSDP peer in the public network.
MSDP Peer	MSDP peer address.
AS	Number of the AS where the MSDP peer is located. “?” indicates that the system could not obtain the AS number.
State	MSDP peer status: ·       Up: Session set up; MSDP peer in session ·       Listen: Session set up; local device as server, in listening state ·       Connect: Session not set up; local device as client, in connecting state ·       Shutdown: Deactivated ·       Down: Connection failed
Resets	Number of times the MSDP peer connection is reset.
Up/Down time	Length of time since MSDP peer connection was established/failed.
Connection interface	Interface and its IP address used for setting up a TCP connection with the remote MSDP peer.
Number of sent/received messages	Number of SA messages sent and received through this connection.
Number of discarded output messages	Number of discarded outgoing messages.
Elapsed time since last connection or counters clear	Time passed since the information of the MSDP peer was last cleared.
Information about (Source, Group)-based SA filtering policy	SA message filtering list information: ·       Import policy: Filter list for receiving SA messages from the specified MSDP peer ·       Export policy: Filter list for forwarding SA messages from the specified MSDP peer
Information about SA-Requests	SA requests information: ·       Policy to accept SA-Request messages: Filtering rule for receiving or forwarding SA messages from the specified MSDP peer ·       Sending SA-Requests status: Whether enabled to send an SA request message to the designated MSDP peer after receiving a new Join message
Minimum TTL to forward SA with encapsulated data	Minimum TTL of multicast packet encapsulated in SA messages.
SAs learned from this peer	Number of cached (S, G) entries learned from this MSDP peer.
SA-cache maximum for the peer	Maximum number of (S, G) entries learned from this MSDP peer that the device can cache .
Input queue size	Data size cached in the input queue.
Output queue size	Data size cached in the output queue.
Counters for MSDP message	MSDP peer statistics: ·       Count of RPF check failure: Number of SA messages discarded due to RPF check failure ·       Incoming/outgoing SA messages: Number of SA messages received and sent ·       Incoming/outgoing SA requests: Number of SA request received and sent ·       Incoming/outgoing SA responses: Number of SA responses received and sent ·       Incoming/outgoing data packets: Number of received and sent SA messages encapsulated with multicast data

 

display msdp sa-cache

Syntax

display msdp [ all-instance | vpn-instance vpn-instance-name ] sa-cache [ group-address | source-address | as-number ] * [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

all-instance: Specifies all VPN instances.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN, where vpn-instance-name is a case-sensitive string of 1 to 31 characters.

group-address: Multicast group address in the (S, G) entry, in the range of 224.0.1.0 to 239.255.255.255. If you do not provide any group address, this command displays the (S, G) entry information for all multicast groups.

source-address: Multicast source address in the (S, G) entry. If you do not provide any source address, this command displays the (S, G) entry information for all sources.

as-number: AS number, in the range of 1 to 4294967295. If you do not provide any AS number, this command displays the (S, G) entry information of all ASs.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.

begin: Displays the first line that matches the specified regular expression and all lines that follow.

exclude: Displays all lines that do not match the specified regular expression.

include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use the display msdp sa-cache command to view the information of (S, G) entries in the SA cache.

If neither all-instance nor vpn-instance is specified, this command displays the information in the public network.

This command gives the corresponding output only after the cache-sa-enable command is executed.

If you provide neither a group address nor a source address, this command displays the information of all cached (S, G) entries.

Related commands: cache-sa-enable.

Examples

# Display information about (S, G) entries in the SA cache in the public network.

<Sysname> display msdp sa-cache

MSDP Source-Active Cache Information of VPN-Instance: public net

 MSDP Total Source-Active Cache - 5 entries

 MSDP matched 5 entries

 

(Source, Group)              Origin RP       Pro  AS     Uptime   Expires

(10.10.1.2, 225.1.1.1)       10.10.10.10     BGP  100    00:00:11 00:05:49

(10.10.1.3, 225.1.1.1)       10.10.10.10     BGP  100    00:00:11 00:05:49

(10.10.1.2, 225.1.1.2)       10.10.10.10     BGP  100    00:00:11 00:05:49

(10.10.2.1, 225.1.1.2)       10.10.10.10     BGP  100    00:00:11 00:05:49

(10.10.1.2, 225.1.2.2)       10.10.10.10     BGP  100    00:00:11 00:05:49

Table 3 Output description

Field	Description
MSDP Source-Active Cache Information of VPN-Instance: public net	SA cache information in the public network.
MSDP Total Source-Active Cache - 5 entries	Total number of (S, G) entries in the SA cache.
MSDP matched 5 entries	Total number of (S, G) entries matched by MSDP.
(Source, Group)	(S, G) entry: (source address, group address).
Origin RP	Address of the RP that generated the (S, G) entry.
Pro	Type of protocol from which the AS number is originated. “?” indicates that the system could not obtain the protocol type.
AS	AS number of the origin RP. “?” indicates that the system could not obtain the AS number.
Uptime	Length of time for which the cached (S, G) entry has been existing, in hours:minutes:seconds.
Expires	Length of time in which the cached (S, G) entry will expire, in hours:minutes:seconds.

 

display msdp sa-count

Syntax

display msdp [ all-instance | vpn-instance vpn-instance-name ] sa-count [ as-number ] [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

all-instance: Specifies all VPN instances.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN, where vpn-instance-name is a case-sensitive string of 1 to 31 characters.

as-number: AS number, in the range of 1 to 4294967295.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.

begin: Displays the first line that matches the specified regular expression and all lines that follow.

exclude: Displays all lines that do not match the specified regular expression.

include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use the display msdp sa-count command to view the number of (S, G) entries in the SA cache.

If neither all-instance nor vpn-instance is specified, this command displays the information in the public network.

This command gives the corresponding output only after the cache-sa-enable command is executed.

Related commands: cache-sa-enable.

Examples

# Display the number of (S, G) entries in the SA cache in the public network.

<Sysname> display msdp sa-count

MSDP Source-Active Count Information of VPN-Instance: public net

  Number of cached Source-Active entries, counted by Peer

  Peer's Address     Number of SA

  10.10.10.10        5

 

  Number of source and group, counted by AS

  AS     Number of source    Number of group

  ?      3                   3

 

  Total 5 Source-Active entries

Table 4 Output description

Field	Description
MSDP Source-Active Count Information of VPN-Instance: public net	Number of SA messages for the public network cache.
Number of cached Source-Active entries, counted by Peer	Number of (S, G) entries counted by peer.
Peer's Address	Address of the MSDP peer that sent SA message.s
Number of SA	Number of (S, G) entries from this peer.
Number of source and group, counted by AS	Number of cached (S, G) entries, counted by AS.
AS	AS number. “?” indicates that the system could not obtain the AS number.
Number of source	Number of multicast sources from this AS.
Number of group	Number of multicast groups from this AS.

 

encap-data-enable

Syntax

encap-data-enable

undo encap-data-enable

View

Public network MSDP view, VPN instance MSDP view

Default level

2: System level

Parameters

None

Description

Use the encap-data-enable command to enable encapsulation of multicast data in SA messages.

Use the undo encap-data-enable command to restore the default.

By default, an SA message contains only an (S, G) entry. No multicast data is encapsulated in an SA message.

Examples

# Enable encapsulation of multicast data in SA messages in the public network.

<Sysname> system-view

[Sysname] msdp

[Sysname-msdp] encap-data-enable

# Enable encapsulation of multicast data in SA messages in VPN instance mvpn.

<Sysname> system-view

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn] encap-data-enable

import-source

Syntax

import-source [ acl acl-number ]

undo import-source

View

Public network MSDP view, VPN instance MSDP view

Default level

2: System level

Parameters

acl-number: Basic or advanced ACL number, in the range of 2000 to 3999. A basic ACL filters multicast sources, and an advanced ACL filters multicast sources or multicast groups. If you do not provide this argument in your command, no multicast source information will be advertised.

 

NOTE: During ACL matching, the protocol ID in the ACL rule is not checked.

 

Description

Use the import-source command to configure a rule of creating (S, G) entries.

Use the undo import-source command to remove any rule of creating (S, G) entries.

By default, when an SA message is created, no restrictions are defined for the (S, G) entries to be advertised in it. Namely, all the (S, G) entries within the domain are advertised in the SA message.

In addition to controlling SA message creation by using this command, you can also configure a filtering rule for forwarding and receiving SA messages by using the peer sa-policy command.

Related commands: peer sa-policy.

Examples

# Configure the MSDP peer in the public network to advertise only the (S, G) entries of multicast sources on the 10.10.0.0/16 subnet and with multicast group address of 225.1.0.0/16 when creating an SA message.

<Sysname> system-view

[Sysname] acl number 3101

[Sysname-acl-adv-3101] rule permit ip source 10.10.0.0 0.0.255.255 destination 225.1.0.0 0.0.255.255

[Sysname-acl-adv-3101] quit

[Sysname] msdp

[Sysname-msdp] import-source acl 3101

# Configure the MSDP peer in VPN instance mvpn to advertise only the (S, G) entries of multicast sources on the 10.10.0.0/16 subnet and with multicast group address of 225.1.0.0/16 when creating an SA message.

<Sysname> system-view

[Sysname] acl number 3101

[Sysname-acl-adv-3101] rule permit ip source 10.10.0.0 0.0.255.255 destination 225.1.0.0 0.0.255.255

[Sysname-acl-adv-3101] quit

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn] import-source acl 3101

msdp

Syntax

msdp [ vpn-instance vpn-instance-name ]

undo msdp [ vpn-instance vpn-instance-name ]

View

System view

Default level

2: System level

Parameters

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN, where vpn-instance-name is a case-sensitive string of 1 to 31 characters. If you do not specify this option, the command applies to the public network.

Description

Use the msdp command to enable MSDP in the public network or the specified VPN instance and enter public network MSDP view or VPN instance MSDP view.

Use the undo msdp command to disable MSDP in the public network or the specified VPN instance and remove the configurations in public network MSDP view or VPN instance MSDP view to free the resources occupied by MSDP.

By default, MSDP is disabled.

IP multicast must be enabled in the corresponding instance before this command can take effect.

Related commands: multicast routing-enable.

Examples

# Enable IP multicast routing in the public network, and enable MSDP in the public network to enter public network MSDP view.

<Sysname> system-view

[Sysname] multicast routing-enable

[Sysname] msdp

[Sysname-msdp]

# Enable IP multicast routing in VPN instance mvpn, and enable MSDP in VPN instance mvpn to enter MSDP view of VPN instance mvpn.

<Sysname> system-view

[Sysname] ip vpn-instance mvpn

[Sysname-vpn-instance-mvpn] route-distinguisher 100:1

[Sysname-vpn-instance-mvpn] multicast routing-enable

[Sysname-vpn-instance-mvpn] quit

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn]

originating-rp

Syntax

originating-rp interface-type interface-number

undo originating-rp

View

Public network MSDP view, VPN instance MSDP view

Default level

2: System level

Parameters

interface-type interface-number: Specifies an interface by its type and number.

Description

Use the originating-rp command to configure the address of the specified interface as the RP address of SA messages.

Use the undo originating-rp command to restore the default.

Be default, the PIM RP address is used as the RP address of SA messages.

Examples

# In public network, specify the IP address of VLAN-interface 100 as the RP address of SA messages.

<Sysname> system-view

[Sysname] msdp

[Sysname-msdp] originating-rp vlan-interface 100

# In VPN instance mvpn, specify the IP address of VLAN-interface 100 as the RP address of SA messages.

<Sysname> system-view

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn] originating-rp vlan-interface 100

peer connect-interface

Syntax

peer peer-address connect-interface interface-type interface-number

undo peer peer-address

View

Public network MSDP view, VPN instance MSDP view

Default level

2: System level

Parameters

peer-address: MSDP peer address.

interface-type interface-number: Specifies an interface by its type and number. The local device will use the IP address of the specified interface as the source IP address when setting up a TCP connection with the remote MSDP peer.

Description

Use the peer connect-interface command to create an MSDP peer connection.

Use the undo peer connect-interface command to remove an MSDP peer connection.

No MSDP peer connection is created by default.

Be sure to execute this command before you use any other peer command. Otherwise, the system will prompt that the peer does not exist.

Related commands: static-rpf-peer.

Examples

# In the public network, configure the device with the IP address of 125.10.7.6 as the MSDP peer of the local device, with interface VLAN-interface 100 as the local connection port.

<Sysname> system-view

[Sysname] msdp

[Sysname-msdp] peer 125.10.7.6 connect-interface vlan-interface 100

# In VPN instance mvpn, configure the device with the IP address of 125.10.7.6 as the MSDP peer of the local device, with interface VLAN-interface 100 as the local connection port.

<Sysname> system-view

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn] peer 125.10.7.6 connect-interface vlan-interface 100

peer description

Syntax

peer peer-address description text

undo peer peer-address description

View

Public network MSDP view, VPN instance MSDP view

Default level

2: System level

Parameters

peer-address: MSDP peer address.

text: Descriptive content, a case-sensitive string of 1 to 80 characters including spaces.

Description

Use the peer description command to configure the description information for the specified MSDP peer.

Use the undo peer description command to delete the configured description information of the specified MSDP peer.

By default, an MSDP peer has no description information.

Related commands: display msdp peer-status.

Examples

# In the public network, add the descriptive text “CustomerA” for the device with the IP address of 125.10.7.6 to indicate that this device is Customer A.

<Sysname> system-view

[Sysname] msdp

[Sysname-msdp] peer 125.10.7.6 description CustomerA

# In VPN instance mvpn, add the descriptive text “CustomerA” for the device with the IP address of 125.10.7.6 to indicate that this device is Customer A.

<Sysname> system-view

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn] peer 125.10.7.6 description CustomerA

peer mesh-group

Syntax

peer peer-address mesh-group name

undo peer peer-address mesh-group

View

Public network MSDP view, VPN instance MSDP view

Default level

2: System level

Parameters

peer-address: MSDP peer address.

name: Mesh group name, a case-sensitive string of 1 to 32 characters. A mesh group name must not contain any space.

Description

Use the peer mesh-group command to configure an MSDP peer as a mesh group member.

Use the undo peer mesh-group command to remove an MSDP peer as a mesh group member.

By default, an MSDP peer does not belong to any mesh group.

Examples

# In the public network, configure the MSDP peer with the IP address of 125.10.7.6 as a member of the mesh group “Group1”.

<Sysname> system-view

[Sysname] msdp

[Sysname-msdp] peer 125.10.7.6 mesh-group Group1

# In VPN instance mvpn, configure the MSDP peer with the IP address of 125.10.7.6 as a member of the mesh group “Group1”.

<Sysname> system-view

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn] peer 125.10.7.6 mesh-group Group1

peer minimum-ttl

Syntax

peer peer-address minimum-ttl ttl-value

undo peer peer-address minimum-ttl

View

Public network MSDP view, VPN instance MSDP view

Default level

2: System level

Parameters

peer-address: MSDP peer address.

ttl-value: Time-to-Live (TTL) threshold, in the range of 0 to 255.

Description

Use the peer minimum-ttl command to configure the TTL threshold for multicast data packet encapsulation in SA messages.

Use the undo peer minimum-ttl command to restore the default.

By default, the TTL threshold for a multicast packet to be encapsulated in an SA message is 0.

Related commands: display msdp peer-status.

Examples

# In the public network, set the TTL threshold for multicast packets to be encapsulated in SA messages to 10 so that only multicast data packets whose TTL value is larger than or equal to 10 can be encapsulated in SA messages and forwarded to the MSDP peer 110.10.10.1.

<Sysname> system-view

[Sysname] msdp

[Sysname-msdp] peer 110.10.10.1 minimum-ttl 10

# In VPN instance mvpn, set the TTL threshold for multicast packets to be encapsulated in SA messages to 10 so that only multicast data packets whose TTL value is larger than or equal to 10 can be encapsulated in SA messages and forwarded to the MSDP peer 110.10.10.1.

<Sysname> system-view

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn] peer 110.10.10.1 minimum-ttl 10

peer password

Syntax

peer peer-address password { cipher | simple } password

undo peer peer-address password

View

Public network MSDP view, VPN instance MSDP view

Default level

2: System level

Parameters

peer-address: MSDP peer address.

cipher: Displays the password in cipher text.

simple: Displays the password in plain text.

password: Key string. If the cipher keyword is specified, the key can be either a plain-text key or a cipher-text key. If the simple keyword is specified, the key can be only a plain-text key. A plain-text key is a string of 1 to 80 characters, and a cipher-text key is a string of 24 characters or 108 characters.

Description

Use the peer password command to configure an MD5 authentication key for the TCP connection to be established with an MSDP peer.

Use the undo peer password command to restore the default.

By default, no MD5 authentication is performed for TCP connections to be established between MSDP peers.

The MSDP peers involved in the MD5 authentication must have the authentication method and key. Otherwise, the authentication fails and the TCP connection cannot be established.

Examples

# In the public network, configure the MD5 authentication key to aabbcc in plain text for TCP connections to be established with MSDP peer 10.1.100.1. The configuration on the peer is similar.

<Sysname> system-view

[Sysname] msdp

[Sysname-msdp] peer 10.1.100.1 password simple aabbcc

# In VPN instance mvpn, configure the MD5 authentication key to aabbcc in plain text for TCP connections to be established with MSDP peer 10.1.100.1. The configuration on the peer is similar.

<Sysname> system-view

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn] peer 10.1.100.1 password simple aabbcc

peer request-sa-enable

Syntax

peer peer-address request-sa-enable

undo peer peer-address request-sa-enable

View

Public network MSDP view, VPN instance MSDP view

Default level

2: System level

Parameters

peer-address: MSDP peer address.

Description

Use the peer request-sa-enable command to enable the device to send an SA request message to the specified MSDP peer after receiving a new join message.

Use the undo peer request-sa-enable command to disable the device from sending an SA request message to the specified MSDP peer.

By default, after receiving a new join message, the device does not send an SA request message to any MSDP peer. Instead, it waits for the next SA message to come.

Before you can enable the device to send SA requests, you must disable the SA message cache mechanism.

Related commands: cache-sa-enable.

Examples

# Disable the SA message cache mechanism in the public network, and enable the device to send an SA request message to the MSDP peer 125.10.7.6 after receiving a new Join message.

<Sysname> system-view

[Sysname] msdp

[Sysname-msdp] undo cache-sa-enable

[Sysname-msdp] peer 125.10.7.6 request-sa-enable

# Disable the SA message cache mechanism in VPN instance mvpn, and enable the device to send an SA request message to the MSDP peer 125.10.7.6 after receiving a new Join message.

<Sysname> system-view

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn] undo cache-sa-enable

[Sysname-msdp-mvpn] peer 125.10.7.6 request-sa-enable

peer sa-cache-maximum

Syntax

peer peer-address sa-cache-maximum sa-limit

undo peer peer-address sa-cache-maximum

View

Public network MSDP view, VPN instance MSDP view

Default level

2: System level

Parameters

peer-address: MSDP peer address.

sa-limit: Maximum number of (S, G) entries that the device can cache, in the range of 1 to 8,192.

Description

Use the peer sa-cache-maximum command to configure the maximum number of (S, G) entries learned from the specified MSDP peer that the device can cache.

Use the undo peer sa-cache-maximum command to restore the default.

By default, the device can cache a maximum of 8,192 (S, G) entries learned from any MSDP peer.

Related commands: display msdp brief, display msdp peer-status, and display msdp sa-count.

Examples

# In the public network, enable the device to cache a maximum of 100 (S, G) entries learned from its MSDP peer 125.10.7.6.

<Sysname> system-view

[Sysname] msdp

[Sysname-msdp] peer 125.10.7.6 sa-cache-maximum 100

# In VPN instance mvpn, enable the device to cache a maximum of 100 (S, G) entries learned from its MSDP peer 125.10.7.6.

<Sysname> system-view

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn] peer 125.10.7.6 sa-cache-maximum 100

peer sa-policy

Syntax

peer peer-address sa-policy { import | export } [ acl acl-number ]

undo peer peer-address sa-policy { import | export }

View

Public network MSDP view, VPN instance MSDP view

Default level

2: System level

Parameters

import: Specifies to filter SA messages from the specified MSDP peer.

export: Specifies to filter SA messages forwarded to the specified MSDP peer.

peer-address: MSDP peer address.

acl-number: Advanced ACL number, in the range of 3000 to 3999. If you do not provide an ACL number, all SA messages carrying (S, G) entries will be filtered off.

Description

Use the peer sa-policy command to configure a filtering rule for receiving or forwarding SA messages.

Use the undo peer sa-policy command to restore the default.

By default, SA messages received or to be forwarded are not filtered. Namely, all SA messages are accepted or forwarded.

In addition to controlling SA message receiving and forwarding by using this command, you can also configure a filtering rule for creating SA messages using the import-source command.

Related commands: display msdp peer-status and import-source.

Examples

# In the public network, configure a filtering rule so that SA messages will be forwarded to the MSDP peer 125.10.7.6 only if they match advanced ACL 3100.

<Sysname> system-view

[Sysname] acl number 3100

[Sysname-acl-adv-3100] rule permit ip source 170.15.0.0 0.0.255.255 destination 225.1.0.0 0.0.255.255

[Sysname-acl-adv-3100] quit

[Sysname] msdp

[Sysname-msdp] peer 125.10.7.6 connect-interface vlan-interface 100

[Sysname-msdp] peer 125.10.7.6 sa-policy export acl 3100

# In VPN instance mvpn, configure a filtering rule so that SA messages will be forwarded to the MSDP peer 125.10.7.6 only if they match advanced ACL 3100.

<Sysname> system-view

[Sysname] acl number 3100

[Sysname-acl-adv-3100] rule permit ip source 170.15.0.0 0.0.255.255 destination 225.1.0.0 0.0.255.255

[Sysname-acl-adv-3100] quit

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn] peer 125.10.7.6 connect-interface vlan-interface 100

[Sysname-msdp-mvpn] peer 125.10.7.6 sa-policy export acl 3100

peer sa-request-policy

Syntax

peer peer-address sa-request-policy [ acl acl-number ]

undo peer peer-address sa-request-policy

View

Public network MSDP view, VPN instance MSDP view

Default level

2: System level

Parameters

peer-address: MSDP peer address.

acl-number: Basic ACL number, in the range of 2000 to 2999. If you provide this argument, the SA requests of only the multicast groups that match the ACL will be accepted and other SA requests will be ignored. If you do not provide this argument, all SA requests will be ignored.

Description

Use the peer sa-request-policy command to configure a filtering rule for SA request messages.

Use the undo peer sa-request-policy command to remove the configured SA request filtering rule.

Be default, SA request messages are not filtered.

Related commands: display msdp peer-status.

Examples

# Configure an SA request filtering rule in the public network so that SA messages from the MSDP peer 175.58.6.5 will be accepted only if the multicast group address in the SA messages is in the range of 225.1.1.0/24.

<Sysname> system-view

[Sysname] acl number 2001

[Sysname-acl-basic-2001] rule permit source 225.1.1.0 0.0.0.255

[Sysname-acl-basic-2001] quit

[Sysname] msdp

[Sysname-msdp] peer 175.58.6.5 sa-request-policy acl 2001

# Configure an SA request filtering rule in VPN instance mvpn so that SA messages from the MSDP peer 175.58.6.5 will be accepted only if the multicast group address in the SA messages is in the range of 225.1.1.0/24.

<Sysname> system-view

[Sysname] acl number 2001

[Sysname-acl-basic-2001] rule permit source 225.1.1.0 0.0.0.255

[Sysname-acl-basic-2001] quit

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn] peer 175.58.6.5 sa-request-policy acl 2001

reset msdp peer

Syntax

reset msdp [ all-instance | vpn-instance vpn-instance-name ] peer [ peer-address ]

View

User view

Default level

2: System level

Parameters

all-instance: Specifies all VPN instances.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN, where vpn-instance-name is a case-sensitive string of 1 to 31 characters.

peer-address: Specifies an MSDP peer by its address. If you do not provide this argument, the TCP connections with all MSDP peers will be reset.

Description

Use the reset msdp peer command to reset the TCP connection with the specified MSDP peer or the TCP connections with all MSDP peers and clear the statistics for the MSDP peer(s).

If neither all-instance nor vpn-instance is specified, this command displays the information in the public network.

Related commands: display msdp peer-status.

Examples

# Reset the TCP connection in the public network with the MSDP peer 125.10.7.6 and clear the statistics for this MSDP peer.

<Sysname> reset msdp peer 125.10.7.6

reset msdp sa-cache

Syntax

reset msdp [ all-instance | vpn-instance vpn-instance-name ] sa-cache [ group-address ]

View

User view

Default level

2: System level

Parameters

all-instance: Specifies all VPN instances.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN, where vpn-instance-name is a case-sensitive string of 1 to 31 characters.

group-address: Specifies a multicast group, in the range of 224.0.1.0 to 239.255.255.255. If you do not provide this argument, the command will clear the cached (S, G) entries for all multicast groups from the SA cache.

Description

Use the reset msdp sa-cache command to clear (S, G) entries from the SA cache.

If neither all-instance nor vpn-instance is specified, this command will clear the information in the public network.

Related commands: cache-sa-enable and display msdp sa-cache.

Examples

# Clear the (S, G) entries for multicast group 225.5.4.3 from the SA cache in the public network.

<Sysname> reset msdp sa-cache 225.5.4.3

reset msdp statistics

Syntax

reset msdp [ all-instance | vpn-instance vpn-instance-name ] statistics [ peer-address ]

View

User view

Default level

2: System level

Parameters

all-instance: Specifies all VPN instances.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN, where vpn-instance-name is a case-sensitive string of 1 to 31 characters.

peer-address: Address of the MSDP peer whose statistics will be cleared. If you do not provide this argument, the command will clear the statistics for all MSDP peers.

Description

Use the reset msdp statistics command to clear the statistics for the specified MSDP peer or all MSDP peers without resetting the MSDP peer(s).

If neither all-instance nor vpn-instance is specified, this command will clear the information in the public network.

Examples

# Clear the statistics for the MSDP peer 125.10.7.6 in the public network.

<Sysname> reset msdp statistics 125.10.7.6

shutdown (MSDP view)

Syntax

shutdown peer-address

undo shutdown peer-address

View

Public network MSDP view, VPN instance MSDP view

Default level

2: System level

Parameters

peer-address: MSDP peer address.

Description

Use the shutdown command to terminate manually the connection with the specified MSDP peer.

Use the undo shutdown command to reactivate the connection with the specified MSDP peer.

By default, the connections with all MSDP peers are active.

Related commands: display msdp peer-status.

Examples

# Terminate the connection with the MSDP peer 125.10.7.6 in the public network.

<Sysname> system-view

[Sysname] msdp

[Sysname-msdp] shutdown 125.10.7.6

# Terminate the connection with the MSDP peer 125.10.7.6 in VPN instance mvpn.

<Sysname> system-view

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn] shutdown 125.10.7.6

static-rpf-peer

Syntax

static-rpf-peer peer-address [ rp-policy ip-prefix-name ]

undo static-rpf-peer peer-address

View

Public network MSDP view, VPN instance MSDP view

Default level

2: System level

Parameters

peer-address: MSDP peer address.

rp-policy ip-prefix-name: Specifies a filtering policy based on the RP address in SA messages, where ip-prefix-name is the filtering policy name, a case-sensitive string of 1 to 19 characters.

Description

Use the static-rpf-peer command to configure a static RPF peer.

Use the undo static-rpf-peer command to remove a static RPF peer.

No static RPF peer is configured by default.

When you configure multiple static RPF peers, observe the follow rules:

1.      If you use the rp-policy keyword for all the static RPF peers, all the static RPF peers take effect concurrently. SA messages will be filtered as per the configured prefix list and only those SA messages whose RP addresses pass the filtering will be accepted. If multiple static RPF peers use the same filtering policy at the same time, when a peer receives an SA message, it will forward the SA message to the other peers.

2.      If you use the rp-policy keyword for none of the static RPF peers, according to the configuration sequence, only the first static RPF peer whose connection is in the UP state will be activated, and all SA messages from this peer will be accepted but the SA messages from other static RPF peers will be discarded. When this active static RPF peer fails (for example, when the configuration is removed or when the connection will be torn down), still the first RPF peer whose connection is in UP state will be selected as the activated RPF peer according to the configuration sequence.

Related commands: display msdp peer-status and ip prefix-list.

Examples

# Configure static RPF peers in the public network.

<Sysname> system-view

[Sysname] ip ip-prefix list1 permit 130.10.0.0 16 great-equal 16 less-equal 32

[Sysname] msdp

[Sysname-msdp] peer 130.10.7.6 connect-interface vlan-interface 100

[Sysname-msdp] static-rpf-peer 130.10.7.6 rp-policy list1

# Configure static RPF peers in VPN instance mvpn.

<Sysname> system-view

[Sysname] ip ip-prefix list1 permit 130.10.0.0 16 great-equal 16 less-equal 32

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn] peer 130.10.7.6 connect-interface vlan-interface 100

[Sysname-msdp-mvpn] static-rpf-peer 130.10.7.6 rp-policy list1

timer retry

Syntax

timer retry interval

undo timer retry

View

Public network MSDP view, VPN instance MSDP view

Default level

2: System level

Parameters

interval: Interval between MSDP peer connection retries, in seconds. The value ranges from 1 to 60.

Description

Use the timer retry command to configure the interval between MSDP peer connection retries.

Use the undo timer retry command to restore the default.

By default, the interval between MSDP peer connection retries is 30 seconds. 

Related commands: display msdp peer-status.

Examples

# Set the MSDP peer connection retry interval to 60 seconds in the public network.

<Sysname> system-view

[Sysname] msdp

[Sysname-msdp] timer retry 60

# Set the MSDP peer connection retry interval to 60 seconds in VPN instance mvpn.

<Sysname> system-view

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn] timer retry 60