MSDP configuration commands 1

cache-sa-enable· 1

display msdp brief 1

display msdp peer-status 3

display msdp sa-cache· 6

display msdp sa-count 7

encap-data-enable· 9

import-source· 9

msdp· 11

originating-rp· 12

peer connect-interface· 12

peer description· 13

peer mesh-group· 14

peer minimum-ttl 14

peer password· 15

peer request-sa-enable· 16

peer sa-cache-maximum·· 17

peer sa-policy· 18

peer sa-request-policy· 19

reset msdp peer 20

reset msdp sa-cache· 20

reset msdp statistics 21

shutdown (MSDP view) 22

static-rpf-peer 22

timer retry· 23

 

cache-sa-enable

Syntax

cache-sa-enable

undo cache-sa-enable

View

Public network MSDP view, VPN instance MSDP view

Default level

2: System level

Parameters

None

Description

Use cache-sa-enable to enable the SA cache mechanism to cache the (S, G) entries contained in SA messages.

Use undo cache-sa-enable to disable the SA cache mechanism.

By default, the SA cache mechanism is enabled. The device caches the (S, G) entries contained in SA messages received.

Examples

# Enable the SA message cache mechanism on the public network, so that the device caches the (S, G) entries contained in the received SA messages.

<Sysname> system-view

[Sysname] msdp

[Sysname-msdp] cache-sa-enable

# Enable the SA message cache mechanism in VPN instance mvpn, so that the device caches the (S, G) entries contained in the received SA messages.

<Sysname> system-view

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn] cache-sa-enable

display msdp brief

Syntax

display msdp [ all-instance | vpn-instance vpn-instance-name ] brief [ state { connect | down | listen | shutdown | up } ] [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

all-instance: Specifies all VPN instances.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN by its name, a case-sensitive string of 1 to 31 characters.

state: Displays the information of MSDP peers in the specified state.

connect: Displays the information of MSDP peers in connecting state.

down: Displays the information of MSDP peers in down state.

listen: Displays the information of MSDP peers in listening state.

shutdown: Displays the information of MSDP peers in terminated state.

up: Displays the information of MSDP peers in in-session state.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.

begin: Displays the first line that matches the specified regular expression and all lines that follow.

exclude: Displays all lines that do not match the specified regular expression.

include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display msdp brief to display brief information about MSDP peers.

If neither all-instance nor vpn-instance is specified, this command displays the information on the public network.

Examples

# Display brief information about MSDP peers in all states on the public network.

<Sysname> display msdp brief

MSDP Peer Brief Information of VPN-Instance: public net

  Configured   Up           Listen       Connect      Shutdown     Down

  1            1            0            0            0            0

 

  Peer's Address    State    Up/Down time    AS     SA Count   Reset Count

  20.20.20.20       Up       00:00:13        100    0          0

Table 1 Command output

Field	Description
MSDP Peer Brief Information of VPN-Instance: public net	Brief information of MSDP peers on the public network.
Configured	Number of MSDP peers configured.
Up	Number of MSDP peers in the up state.
Listen	Number of MSDP peers in the listen state.
Connect	Number of MSDP peers in the connect state.
Shutdown	Number of MSDP peers in the shutdown state.
Down	Number of MSDP peers in down state.
Peer's Address	MSDP peer address.
State	MSDP peer status: ·     Up—The session has set up and MSDP peers are in session. ·     Listen—The session has set up. The local device acts as the server and is in listening state. ·     Connect—The session has not set up. The local device acts as a client and is in connecting state. ·     Shutdown—Deactivated. ·     Down—Connection failed.
Up/Down time	Length of time since MSDP peer connection was established/failed.
AS	Number of the AS where the MSDP peer is located. If the system could not obtain the AS number, this field displays a question mark (?).
SA Count	Number of (S, G) entries.
Reset Count	MSDP peer connection reset times.

 

display msdp peer-status

Syntax

display msdp [ all-instance | vpn-instance vpn-instance-name ] peer-status [ peer-address ] [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

all-instance: Specifies all VPN instances.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN by its name, a case-sensitive string of 1 to 31 characters.

peer-address: Specifies an MSDP peer by its address. If you do not provide this argument, this command displays the detailed status information of all MSDP peers.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.

begin: Displays the first line that matches the specified regular expression and all lines that follow.

exclude: Displays all lines that do not match the specified regular expression.

include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display msdp peer-status to display detailed MSDP peer status information.

If neither all-instance nor vpn-instance is specified, this command displays the information on the public network.

Related commands: peer connect-interface, peer description, peer mesh-group, peer minimum-ttl, peer request-sa-enable, peer sa-cache-maximum, peer sa-policy, and peer sa-request-policy.

Examples

# Display detailed status information about the MSDP peer with the address of 10.110.11.11 on the public network.

<Sysname> display msdp peer-status 10.110.11.11

MSDP Peer Information of VPN-Instance: public net

  MSDP Peer 20.20.20.20, AS 100

  Description:

  Information about connection status:

    State: Up

    Up/down time: 14:41:08

    Resets: 0

    Connection interface: LoopBack0 (20.20.20.30)

    Number of sent/received messages: 867/947

    Number of discarded output messages: 0

    Elapsed time since last connection or counters clear: 14:42:40

  Information about (Source, Group)-based SA filtering policy:

    Import policy: none

    Export policy: none

  Information about SA-Requests:

    Policy to accept SA-Request messages: none

    Sending SA-Requests status: disable

  Minimum TTL to forward SA with encapsulated data: 0

  SAs learned from this peer: 0, SA-cache maximum for the peer: none

  Input queue size: 0, Output queue size: 0

  Counters for MSDP message:

    Count of RPF check failure: 0

    Incoming/outgoing SA messages: 0/0

    Incoming/outgoing SA requests: 0/0

    Incoming/outgoing SA responses: 0/0

    Incoming/outgoing data packets: 0/0

Table 2 Command output

Field	Description
MSDP Peer Information of VPN-Instance: public net	Information about the MSDP peer on the public network.
MSDP Peer	MSDP peer address.
AS	Number of the AS where the MSDP peer is located. If the system could not obtain the AS number, this field displays a question mark (?).
State	MSDP peer status: ·     Up—The session has set up and MSDP peers are in session. ·     Listen—The session has set up. The local device acts as the server and is in listening state. ·     Connect—The session has not set up. The local device acts as a client and is in connecting state. ·     Shutdown—Deactivated. ·     Down—Connection failed.
Resets	Number of times the MSDP peer connection is reset.
Up/Down time	Length of time since MSDP peer connection was established/failed.
Connection interface	Interface and its IP address used for setting up a TCP connection with the remote MSDP peer.
Number of sent/received messages	Number of SA messages sent and received through this connection.
Number of discarded output messages	Number of discarded outgoing messages.
Elapsed time since last connection or counters clear	Time passed since the information of the MSDP peer was last cleared.
Information about (Source, Group)-based SA filtering policy	SA message filtering list information: ·     Import policy—Filter list for receiving SA messages from the specified MSDP peer. ·     Export policy—Filter list for forwarding SA messages from the specified MSDP peer.
Information about SA-Requests	SA requests information: ·     Policy to accept SA-Request messages—Filtering rule for receiving or forwarding SA messages from the specified MSDP peer. ·     Sending SA-Requests status—Whether enabled to send an SA request message to the designated MSDP peer after receiving a new Join message.
Minimum TTL to forward SA with encapsulated data	Minimum TTL of multicast packet encapsulated in SA messages.
SAs learned from this peer	Number of cached (S, G) entries learned from this MSDP peer.
SA-cache maximum for the peer	Maximum number of (S, G) entries learned from this MSDP peer that the device can cache .
Input queue size	Data size cached in the input queue.
Output queue size	Data size cached in the output queue.
Counters for MSDP message	MSDP peer statistics: ·     Count of RPF check failure—Number of SA messages discarded due to RPF check failure. ·     Incoming/outgoing SA messages—Number of SA messages received and sent. ·     Incoming/outgoing SA requests—Number of SA request received and sent. ·     Incoming/outgoing SA responses—Number of SA responses received and sent. ·     Incoming/outgoing data packets—Number of received and sent SA messages encapsulated with multicast data.

 

display msdp sa-cache

Syntax

display msdp [ all-instance | vpn-instance vpn-instance-name ] sa-cache [ group-address | source-address | as-number ] * [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

all-instance: Specifies all VPN instances.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN by its name, a case-sensitive string of 1 to 31 characters.

group-address: Specifies a multicast group address in the range of 224.0.1.0 to 239.255.255.255. If you do not provide any group address, this command displays the (S, G) entry information for all multicast groups.

source-address: Specifies a multicast source address. If you do not provide any source address, this command displays the (S, G) entry information for all sources.

as-number: Specifies an AS number in the range of 1 to 4294967295. If you do not provide any AS number, this command displays the (S, G) entry information of all ASs.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.

begin: Displays the first line that matches the specified regular expression and all lines that follow.

exclude: Displays all lines that do not match the specified regular expression.

include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display msdp sa-cache to display information about (S, G) entries in the SA cache.

If neither all-instance nor vpn-instance is specified, this command displays the information on the public network.

This command gives the corresponding output only after the cache-sa-enable command is executed.

If you provide neither a group address nor a source address, this command displays the information of all cached (S, G) entries.

Related commands: cache-sa-enable.

Examples

# Display information about (S, G) entries in the SA cache on the public network.

<Sysname> display msdp sa-cache

MSDP Source-Active Cache Information of VPN-Instance: public net

 MSDP Total Source-Active Cache - 5 entries

 MSDP matched 5 entries

 

(Source, Group)              Origin RP       Pro  AS     Uptime   Expires

(10.10.1.2, 225.1.1.1)       10.10.10.10     BGP  100    00:00:11 00:05:49

(10.10.1.3, 225.1.1.1)       10.10.10.10     BGP  100    00:00:11 00:05:49

(10.10.1.2, 225.1.1.2)       10.10.10.10     BGP  100    00:00:11 00:05:49

(10.10.2.1, 225.1.1.2)       10.10.10.10     BGP  100    00:00:11 00:05:49

(10.10.1.2, 225.1.2.2)       10.10.10.10     BGP  100    00:00:11 00:05:49

Table 3 Command output

Field	Description
MSDP Source-Active Cache Information of VPN-Instance: public net	SA cache information on the public network.
MSDP Total Source-Active Cache - 5 entries	Total number of (S, G) entries in the SA cache.
MSDP matched 5 entries	Total number of (S, G) entries matched by MSDP.
(Source, Group)	(S, G) entry: (source address, group address).
Origin RP	Address of the RP that generated the (S, G) entry.
Pro	Type of protocol from which the AS number is originated. If the system could not obtain the protocol type, this field displays a question mark (?).
AS	AS number of the origin RP. If the system could not obtain the AS number, this field displays a question mark (?).
Uptime	Length of time for which the cached (S, G) entry has been existing, in hours:minutes:seconds.
Expires	Length of time in which the cached (S, G) entry will expire, in hours:minutes:seconds.

 

display msdp sa-count

Syntax

display msdp [ all-instance | vpn-instance vpn-instance-name ] sa-count [ as-number ] [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

all-instance: Specifies all VPN instances.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN by its name, a case-sensitive string of 1 to 31 characters.

as-number: Specifies an AS number in the range of 1 to 4294967295.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.

begin: Displays the first line that matches the specified regular expression and all lines that follow.

exclude: Displays all lines that do not match the specified regular expression.

include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display msdp sa-count to display the number of (S, G) entries in the SA cache.

If neither all-instance nor vpn-instance is specified, this command displays the information on the public network.

This command gives the corresponding output only after the cache-sa-enable command is executed.

Related commands: cache-sa-enable.

Examples

# Display the number of (S, G) entries in the SA cache on the public network.

<Sysname> display msdp sa-count

MSDP Source-Active Count Information of VPN-Instance: public net

  Number of cached Source-Active entries, counted by Peer

  Peer's Address     Number of SA

  10.10.10.10        5

 

  Number of source and group, counted by AS

  AS     Number of source    Number of group

  ?      3                   3

 

  Total 5 Source-Active entries

Table 4 Command output

Field	Description
MSDP Source-Active Count Information of VPN-Instance: public net	Number of SA messages for the public network cache.
Number of cached Source-Active entries, counted by Peer	Number of (S, G) entries counted by peer.
Peer's Address	Address of the MSDP peer that sent SA messages.
Number of SA	Number of (S, G) entries from this peer.
Number of source and group, counted by AS	Number of cached (S, G) entries, counted by AS.
AS	AS number. If the system could not obtain the AS number, this field displays a question mark (?).
Number of source	Number of multicast sources from this AS.
Number of group	Number of multicast groups from this AS.

 

encap-data-enable

Syntax

encap-data-enable

undo encap-data-enable

View

Public network MSDP view, VPN instance MSDP view

Default level

2: System level

Parameters

None

Description

Use encap-data-enable to enable encapsulation of multicast data in SA messages.

Use undo encap-data-enable to restore the default.

By default, an SA message contains only an (S, G) entry. No multicast data is encapsulated in an SA message.

Examples

# Enable encapsulation of multicast data in SA messages on the public network.

<Sysname> system-view

[Sysname] msdp

[Sysname-msdp] encap-data-enable

# Enable encapsulation of multicast data in SA messages in VPN instance mvpn.

<Sysname> system-view

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn] encap-data-enable

import-source

Syntax

import-source [ acl acl-number ]

undo import-source

View

Public network MSDP view, VPN instance MSDP view

Default level

2: System level

Parameters

acl-number: Specifies a basic or advanced ACL number in the range of 2000 to 3999. A basic ACL filters multicast sources, and an advanced ACL filters multicast sources or multicast groups. If you do not provide this argument in your command, no multicast source information will be advertised.

 

NOTE: During ACL matching, the protocol ID in the ACL rule is not checked.

 

Description

Use import-source to configure a rule of creating (S, G) entries.

Use undo import-source to remove any rule of creating (S, G) entries.

By default, when an SA message is created, no restrictions are defined for the (S, G) entries to be advertised in it. All the (S, G) entries within the domain are advertised in the SA message.

In addition to controlling SA message creation by using this command, you can also configure a filtering rule for forwarding and receiving SA messages by using the peer sa-policy command.

Related commands: peer sa-policy.

Examples

# Configure the MSDP peer on the public network to advertise only the (S, G) entries of multicast sources on the 10.10.0.0/16 subnet and with multicast group address of 225.1.0.0/16 when creating an SA message.

<Sysname> system-view

[Sysname] acl number 3101

[Sysname-acl-adv-3101] rule permit ip source 10.10.0.0 0.0.255.255 destination 225.1.0.0 0.0.255.255

[Sysname-acl-adv-3101] quit

[Sysname] msdp

[Sysname-msdp] import-source acl 3101

# Configure the MSDP peer in VPN instance mvpn to advertise only the (S, G) entries of multicast sources on the 10.10.0.0/16 subnet and with multicast group address of 225.1.0.0/16 when creating an SA message.

<Sysname> system-view

[Sysname] acl number 3101

[Sysname-acl-adv-3101] rule permit ip source 10.10.0.0 0.0.255.255 destination 225.1.0.0 0.0.255.255

[Sysname-acl-adv-3101] quit

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn] import-source acl 3101

msdp

Syntax

msdp [ vpn-instance vpn-instance-name ]

undo msdp [ vpn-instance vpn-instance-name ]

View

System view

Default level

2: System level

Parameters

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN by its name, a case-sensitive string of 1 to 31 characters. If you do not specify this option, the command applies to the public network.

Description

Use msdp to enable MSDP on the public network or the specified VPN instance and enter public network MSDP view or VPN instance MSDP view.

Use undo msdp to disable MSDP on the public network or the specified VPN instance and remove the configurations in public network MSDP view or VPN instance MSDP view to free the resources occupied by MSDP.

By default, MSDP is disabled.

IP multicast must be enabled in the corresponding instance before this command can take effect.

When the system is operating in standard mode, you must configure a reserved VLAN before you configure MSDP for a VPN instance. For more information about the system operating mode, see Fundamentals Configuration Guide. For more information about the configuration and commands about a reserved VLAN, see MPLS Configuration Guide and MPLS Command Reference.

Related commands: multicast routing-enable.

Examples

# Enable IP multicast routing on the public network, and enable MSDP on the public network to enter public network MSDP view.

<Sysname> system-view

[Sysname] multicast routing-enable

[Sysname] msdp

[Sysname-msdp]

# Enable IP multicast routing in VPN instance mvpn, and enable MSDP in VPN instance mvpn to enter MSDP view of VPN instance mvpn.

<Sysname> system-view

[Sysname] ip vpn-instance mvpn

[Sysname-vpn-instance-mvpn] route-distinguisher 100:1

[Sysname-vpn-instance-mvpn] multicast routing-enable

[Sysname-vpn-instance-mvpn] quit

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn]

originating-rp

Syntax

originating-rp interface-type interface-number

undo originating-rp

View

Public network MSDP view, VPN instance MSDP view

Default level

2: System level

Parameters

interface-type interface-number: Specifies an interface by its type and number.

Description

Use originating-rp to configure the address of the specified interface as the RP address of SA messages.

Use undo originating-rp to restore the default.

Be default, the PIM RP address is used as the RP address of SA messages.

Examples

# In public network, specify the IP address of VLAN-interface 100 as the RP address of SA messages.

<Sysname> system-view

[Sysname] msdp

[Sysname-msdp] originating-rp vlan-interface 100

# In VPN instance mvpn, specify the IP address of VLAN-interface 100 as the RP address of SA messages.

<Sysname> system-view

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn] originating-rp vlan-interface 100

peer connect-interface

Syntax

peer peer-address connect-interface interface-type interface-number

undo peer peer-address

View

Public network MSDP view, VPN instance MSDP view

Default level

2: System level

Parameters

peer-address: Specifies an MSDP peer address.

interface-type interface-number: Specifies an interface by its type and number. The local device will use the IP address of the specified interface as the source IP address when setting up a TCP connection with the remote MSDP peer.

Description

Use peer connect-interface to create an MSDP peer connection.

Use undo peer connect-interface to remove an MSDP peer connection.

No MSDP peer connection is created by default.

Be sure to execute this command before you use any other peer command. Otherwise, the system will prompt that the peer does not exist.

Related commands: static-rpf-peer.

Examples

# In the public network, configure the device with the IP address of 125.10.7.6 as the MSDP peer of the local device, with interface VLAN-interface 100 as the local connection port.

<Sysname> system-view

[Sysname] msdp

[Sysname-msdp] peer 125.10.7.6 connect-interface vlan-interface 100

# In VPN instance mvpn, configure the device with the IP address of 125.10.7.6 as the MSDP peer of the local device, with interface VLAN-interface 100 as the local connection port.

<Sysname> system-view

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn] peer 125.10.7.6 connect-interface vlan-interface 100

peer description

Syntax

peer peer-address description text

undo peer peer-address description

View

Public network MSDP view, VPN instance MSDP view

Default level

2: System level

Parameters

peer-address: Specifies an MSDP peer address.

text: Specifies a descriptive content, a case-sensitive string of 1 to 80 characters including spaces.

Description

Use peer description to configure the description for the specified MSDP peer.

Use undo peer description to delete the configured description of the specified MSDP peer.

By default, an MSDP peer has no description information.

Related commands: display msdp peer-status.

Examples

# In the public network, add the descriptive text CustomerA for the device with the IP address of 125.10.7.6 to indicate that this device is Customer A.

<Sysname> system-view

[Sysname] msdp

[Sysname-msdp] peer 125.10.7.6 description CustomerA

# In VPN instance mvpn, add the descriptive text CustomerA for the device with the IP address of 125.10.7.6 to indicate that this device is Customer A.

<Sysname> system-view

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn] peer 125.10.7.6 description CustomerA

peer mesh-group

Syntax

peer peer-address mesh-group name

undo peer peer-address mesh-group

View

Public network MSDP view, VPN instance MSDP view

Default level

2: System level

Parameters

peer-address: Specifies an MSDP peer address.

name: Specifies a mesh group name, a case-sensitive string of 1 to 32 characters. A mesh group name must not contain any space.

Description

Use peer mesh-group to configure an MSDP peer as a mesh group member.

Use undo peer mesh-group to remove an MSDP peer as a mesh group member.

By default, an MSDP peer does not belong to any mesh group.

Examples

# In the public network, configure the MSDP peer with the IP address of 125.10.7.6 as a member of the mesh group "Group1."

<Sysname> system-view

[Sysname] msdp

[Sysname-msdp] peer 125.10.7.6 mesh-group Group1

# In VPN instance mvpn, configure the MSDP peer with the IP address of 125.10.7.6 as a member of the mesh group "Group1."

<Sysname> system-view

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn] peer 125.10.7.6 mesh-group Group1

peer minimum-ttl

Syntax

peer peer-address minimum-ttl ttl-value

undo peer peer-address minimum-ttl

View

Public network MSDP view, VPN instance MSDP view

Default level

2: System level

Parameters

peer-address: Specifies an MSDP peer address.

ttl-value: Specifies a TTL threshold in the range of 0 to 255.

Description

Use peer minimum-ttl to configure the TTL threshold for multicast data packet encapsulation in SA messages.

Use undo peer minimum-ttl to restore the default.

By default, the TTL threshold for a multicast packet to be encapsulated in an SA message is 0.

Related commands: display msdp peer-status.

Examples

# In the public network, set the TTL threshold for multicast packets to be encapsulated in SA messages to 10 so that only multicast data packets whose TTL value is larger than or equal to 10 can be encapsulated in SA messages and forwarded to the MSDP peer 110.10.10.1.

<Sysname> system-view

[Sysname] msdp

[Sysname-msdp] peer 110.10.10.1 minimum-ttl 10

# In VPN instance mvpn, set the TTL threshold for multicast packets to be encapsulated in SA messages to 10 so that only multicast data packets whose TTL value is larger than or equal to 10 can be encapsulated in SA messages and forwarded to the MSDP peer 110.10.10.1.

<Sysname> system-view

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn] peer 110.10.10.1 minimum-ttl 10

peer password

Syntax

peer peer-address password { cipher cipher-password | simple simple-password }

undo peer peer-address password

View

Public network MSDP view, VPN instance MSDP view

Default level

2: System level

Parameters

peer-address: Specifies an MSDP peer address.

cipher cipher-password: Sets a ciphertext MD5 authentication password, a case-sensitive string of 1 to 137 characters.

simple simple-password: Specifies a plaintext MD5 authentication password, a case-sensitive string of 1 to 80 characters.

Description

Use peer password to configure an MD5 authentication key for the TCP connection to be established with an MSDP peer.

Use undo peer password to restore the default.

By default, no MD5 authentication is performed for TCP connections to be established between MSDP peers.

The MSDP peers involved in the MD5 authentication must have the authentication method and password. Otherwise, the authentication fails and the TCP connection cannot be established.

For security purposes, all MD5 authentication passwords, including passwords configured in plain text, are saved in cipher text to the configuration file.

Examples

# In the public network, configure a plaintext password for MD5 authentication to aabbcc in plain text for TCP connections to be established with MSDP peer 10.1.100.1. The configuration on the peer is similar.

<Sysname> system-view

[Sysname] msdp

[Sysname-msdp] peer 10.1.100.1 password simple aabbcc

# In VPN instance mvpn, configure a plaintext password for MD5 authentication to aabbcc in plain text for TCP connections to be established with MSDP peer 10.1.100.1. The configuration on the peer is similar.

<Sysname> system-view

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn] peer 10.1.100.1 password simple aabbcc

peer request-sa-enable

Syntax

peer peer-address request-sa-enable

undo peer peer-address request-sa-enable

View

Public network MSDP view, VPN instance MSDP view

Default level

2: System level

Parameters

peer-address: Specifies an MSDP peer address.

Description

Use peer request-sa-enable to enable the device to send an SA request message to the specified MSDP peer after receiving a new join message.

Use undo peer request-sa-enable to disable the device from sending an SA request message to the specified MSDP peer.

By default, after receiving a new join message, the device does not send an SA request message to any MSDP peer. Instead, it waits for the next SA message to come.

Before you can enable the device to send SA requests, you must disable the SA message cache mechanism.

Related commands: cache-sa-enable.

Examples

# Disable the SA message cache mechanism on the public network, and enable the device to send an SA request message to the MSDP peer 125.10.7.6 after receiving a new Join message.

<Sysname> system-view

[Sysname] msdp

[Sysname-msdp] undo cache-sa-enable

[Sysname-msdp] peer 125.10.7.6 request-sa-enable

# Disable the SA message cache mechanism in VPN instance mvpn, and enable the device to send an SA request message to the MSDP peer 125.10.7.6 after receiving a new Join message.

<Sysname> system-view

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn] undo cache-sa-enable

[Sysname-msdp-mvpn] peer 125.10.7.6 request-sa-enable

peer sa-cache-maximum

Syntax

peer peer-address sa-cache-maximum sa-limit

undo peer peer-address sa-cache-maximum

View

Public network MSDP view, VPN instance MSDP view

Default level

2: System level

Parameters

peer-address: Specifies an MSDP peer address.

sa-limit: Specifies the maximum number of (S, G) entries that the device can cache, in the range of 1 to 8192.

Description

Use peer sa-cache-maximum to configure the maximum number of (S, G) entries learned from the specified MSDP peer that the device can cache.

Use undo peer sa-cache-maximum to restore the default.

By default, the device can cache a maximum of 8192 (S, G) entries learned from any MSDP peer.

Related commands: display msdp brief, display msdp peer-status, and display msdp sa-count.

Examples

# In the public network, enable the device to cache a maximum of 100 (S, G) entries learned from its MSDP peer 125.10.7.6.

<Sysname> system-view

[Sysname] msdp

[Sysname-msdp] peer 125.10.7.6 sa-cache-maximum 100

# In VPN instance mvpn, enable the device to cache a maximum of 100 (S, G) entries learned from its MSDP peer 125.10.7.6.

<Sysname> system-view

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn] peer 125.10.7.6 sa-cache-maximum 100

peer sa-policy

Syntax

peer peer-address sa-policy { import | export } [ acl acl-number ]

undo peer peer-address sa-policy { import | export }

View

Public network MSDP view, VPN instance MSDP view

Default level

2: System level

Parameters

import: Specifies to filter SA messages from the specified MSDP peer.

export: Specifies to filter SA messages forwarded to the specified MSDP peer.

peer-address: Specifies an MSDP peer address.

acl-number: Specifies an advanced ACL number in the range of 3000 to 3999. If you do not provide an ACL number, all SA messages carrying (S, G) entries will be filtered off.

Description

Use peer sa-policy to configure a filtering rule for receiving or forwarding SA messages.

Use undo peer sa-policy to restore the default.

By default, SA messages received or to be forwarded are not filtered. All SA messages are accepted or forwarded.

In addition to controlling SA message receiving and forwarding by using this command, you can also configure a filtering rule for creating SA messages using the import-source command.

Related commands: display msdp peer-status and import-source.

Examples

# In the public network, configure a filtering rule so that SA messages will be forwarded to the MSDP peer 125.10.7.6 only if they match advanced ACL 3100.

<Sysname> system-view

[Sysname] acl number 3100

[Sysname-acl-adv-3100] rule permit ip source 170.15.0.0 0.0.255.255 destination 225.1.0.0 0.0.255.255

[Sysname-acl-adv-3100] quit

[Sysname] msdp

[Sysname-msdp] peer 125.10.7.6 connect-interface vlan-interface 100

[Sysname-msdp] peer 125.10.7.6 sa-policy export acl 3100

# In VPN instance mvpn, configure a filtering rule so that SA messages will be forwarded to the MSDP peer 125.10.7.6 only if they match advanced ACL 3100.

<Sysname> system-view

[Sysname] acl number 3100

[Sysname-acl-adv-3100] rule permit ip source 170.15.0.0 0.0.255.255 destination 225.1.0.0 0.0.255.255

[Sysname-acl-adv-3100] quit

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn] peer 125.10.7.6 connect-interface vlan-interface 100

[Sysname-msdp-mvpn] peer 125.10.7.6 sa-policy export acl 3100

peer sa-request-policy

Syntax

peer peer-address sa-request-policy [ acl acl-number ]

undo peer peer-address sa-request-policy

View

Public network MSDP view, VPN instance MSDP view

Default level

2: System level

Parameters

peer-address: Specifies an MSDP peer address.

acl-number: Specifies a basic ACL number in the range of 2000 to 2999. If you provide this argument, the SA requests of only the multicast groups that match the ACL will be accepted and other SA requests will be ignored. If you do not provide this argument, all SA requests will be ignored.

Description

Use peer sa-request-policy to configure a filtering rule for SA request messages.

Use undo peer sa-request-policy to remove the configured SA request filtering rule.

Be default, SA request messages are not filtered.

Related commands: display msdp peer-status.

Examples

# Configure an SA request filtering rule on the public network so that SA messages from the MSDP peer 175.58.6.5 will be accepted only if the multicast group address in the SA messages is in the range of 225.1.1.0/24.

<Sysname> system-view

[Sysname] acl number 2001

[Sysname-acl-basic-2001] rule permit source 225.1.1.0 0.0.0.255

[Sysname-acl-basic-2001] quit

[Sysname] msdp

[Sysname-msdp] peer 175.58.6.5 sa-request-policy acl 2001

# Configure an SA request filtering rule in VPN instance mvpn so that SA messages from the MSDP peer 175.58.6.5 will be accepted only if the multicast group address in the SA messages is in the range of 225.1.1.0/24.

<Sysname> system-view

[Sysname] acl number 2001

[Sysname-acl-basic-2001] rule permit source 225.1.1.0 0.0.0.255

[Sysname-acl-basic-2001] quit

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn] peer 175.58.6.5 sa-request-policy acl 2001

reset msdp peer

Syntax

reset msdp [ all-instance | vpn-instance vpn-instance-name ] peer [ peer-address ]

View

User view

Default level

2: System level

Parameters

all-instance: Specifies all VPN instances.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN by its name, a case-sensitive string of 1 to 31 characters.

peer-address: Specifies an MSDP peer address. If no MSDP peer is specified, this command resets the TCP connections with all MSDP peers.

Description

Use reset msdp peer to reset the TCP connection with the specified MSDP peer and clear statistics for the MSDP peers.

If neither all-instance nor vpn-instance is specified, this command resets the TCP connections with the MSDP peers on the public network and clears statistics for the MSDP peers.

Related commands: display msdp peer-status.

Examples

# Reset the TCP connection with the MSDP peer 125.10.7.6 on the public network and clear statistics for this MSDP peer.

<Sysname> reset msdp peer 125.10.7.6

reset msdp sa-cache

Syntax

reset msdp [ all-instance | vpn-instance vpn-instance-name ] sa-cache [ group-address ]

View

User view

Default level

2: System level

Parameters

all-instance: Specifies all VPN instances.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN by its name, a case-sensitive string of 1 to 31 characters.

group-address: Specifies a multicast group address in the range of 224.0.1.0 to 239.255.255.255. If you do not provide this argument, the command will clear the cached (S, G) entries for all multicast groups from the SA cache.

Description

Use reset msdp sa-cache to clear (S, G) entries from the SA cache.

If neither all-instance nor vpn-instance is specified, this command clears the (S, G) entries from the SA cache on the public network.

Related commands: cache-sa-enable and display msdp sa-cache.

Examples

# Clear the (S, G) entries for the multicast group 225.5.4.3 from the SA cache on the public network.

<Sysname> reset msdp sa-cache 225.5.4.3

reset msdp statistics

Syntax

reset msdp [ all-instance | vpn-instance vpn-instance-name ] statistics [ peer-address ]

View

User view

Default level

2: System level

Parameters

all-instance: Specifies all VPN instances.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN by its name, a case-sensitive string of 1 to 31 characters.

peer-address: Specifies an MSDP peer. If no MSDP peer is specified, this command clears statistics for all MSDP peers.

Description

Use reset msdp statistics to clear statistics for the specified MSDP peer without resetting the connections with the MSDP peer.

If neither all-instance nor vpn-instance is specified, this command clears statistics for the MSDP peers on the public network.

Examples

# Clear the statistics for the MSDP peer 125.10.7.6 on the public network.

<Sysname> reset msdp statistics 125.10.7.6

shutdown (MSDP view)

Syntax

shutdown peer-address

undo shutdown peer-address

View

Public network MSDP view, VPN instance MSDP view

Default level

2: System level

Parameters

peer-address: Specifies an MSDP peer address.

Description

Use shutdown to terminate manually the connection with the specified MSDP peer.

Use undo shutdown to reactivate the connection with the specified MSDP peer.

By default, the connections with all MSDP peers are active.

Related commands: display msdp peer-status.

Examples

# Terminate the connection with the MSDP peer 125.10.7.6 on the public network.

<Sysname> system-view

[Sysname] msdp

[Sysname-msdp] shutdown 125.10.7.6

# Terminate the connection with the MSDP peer 125.10.7.6 in VPN instance mvpn.

<Sysname> system-view

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn] shutdown 125.10.7.6

static-rpf-peer

Syntax

static-rpf-peer peer-address [ rp-policy ip-prefix-name ]

undo static-rpf-peer peer-address

View

Public network MSDP view, VPN instance MSDP view

Default level

2: System level

Parameters

peer-address: Specifies an MSDP peer address.

rp-policy ip-prefix-name: Specifies a filtering policy based on the RP address in SA messages, where ip-prefix-name is the filtering policy name, a case-sensitive string of 1 to 19 characters.

Description

Use static-rpf-peer to configure a static RPF peer.

Use undo static-rpf-peer to remove a static RPF peer.

No static RPF peer is configured by default.

When you configure multiple static RPF peers, observe the follow rules:

·     If you use the rp-policy keyword for all the static RPF peers, all the static RPF peers take effect concurrently. SA messages will be filtered as per the configured prefix list and only those SA messages whose RP addresses pass the filtering will be accepted. If multiple static RPF peers use the same filtering policy at the same time, when a peer receives an SA message, it will forward the SA message to the other peers.

·     If you use the rp-policy keyword for none of the static RPF peers, according to the configuration sequence, only the first static RPF peer whose connection is in the UP state will be activated, and all SA messages from this peer will be accepted but the SA messages from other static RPF peers will be discarded. When this active static RPF peer fails (for example, when the configuration is removed or when the connection will be torn down), still the first RPF peer whose connection is in UP state will be selected as the activated RPF peer according to the configuration sequence.

Related commands: display msdp peer-status and ip prefix-list.

Examples

# Configure static RPF peers on the public network.

<Sysname> system-view

[Sysname] ip ip-prefix list1 permit 130.10.0.0 16 great-equal 16 less-equal 32

[Sysname] msdp

[Sysname-msdp] peer 130.10.7.6 connect-interface vlan-interface 100

[Sysname-msdp] static-rpf-peer 130.10.7.6 rp-policy list1

# Configure static RPF peers in VPN instance mvpn.

<Sysname> system-view

[Sysname] ip ip-prefix list1 permit 130.10.0.0 16 great-equal 16 less-equal 32

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn] peer 130.10.7.6 connect-interface vlan-interface 100

[Sysname-msdp-mvpn] static-rpf-peer 130.10.7.6 rp-policy list1

timer retry

Syntax

timer retry interval

undo timer retry

View

Public network MSDP view, VPN instance MSDP view

Default level

2: System level

Parameters

interval: Specifies an interval between MSDP peer connection retries, in the range of 1 to 60 seconds.

Description

Use timer retry to configure the interval between MSDP peer connection retries.

Use undo timer retry to restore the default.

By default, the interval between MSDP peer connection retries is 30 seconds.

Related commands: display msdp peer-status.

Examples

# Set the MSDP peer connection retry interval to 60 seconds on the public network.

<Sysname> system-view

[Sysname] msdp

[Sysname-msdp] timer retry 60

# Set the MSDP peer connection retry interval to 60 seconds in VPN instance mvpn.

<Sysname> system-view

[Sysname] msdp vpn-instance mvpn

[Sysname-msdp-mvpn] timer retry 60