Login
- Table of Contents
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 07-MPLS L3VPN commands | 312.06 KB |
Contents
address-family ipv4 (VPN instance view)
description (VPN instance view)
display bgp routing-table ipv4 unicast inlabel
display bgp routing-table ipv4 unicast outlabel
display bgp routing-table vpnv4
display bgp routing-table vpnv4 advertise-info
display bgp routing-table vpnv4 as-path-acl
display bgp routing-table vpnv4 community-list
display bgp routing-table vpnv4 inlabel
display bgp routing-table vpnv4 outlabel
display bgp routing-table vpnv4 peer
display bgp routing-table vpnv4 statistics
reserve-vlan (VPN instance view)
route-distinguisher (VPN instance view)
tnl-policy (VPN instance view/IPv4 VPN view/IPv6 VPN view)
vpn-instance-capability simple
vpn-target (VPN instance view/IPv4 VPN view/IPv6 VPN view)
address-family ipv6 (VPN instance view)
display bgp routing-table vpnv6
display bgp routing-table vpnv6 advertise-info
display bgp routing-table vpnv6 as-path-acl
display bgp routing-table vpnv6 community-list
display bgp routing-table vpnv6 inlabel
display bgp routing-table vpnv6 outlabel
display bgp routing-table vpnv6 peer
display bgp routing-table vpnv6 statistics
vpn-instance-capability simple
address-family ipv4 (VPN instance view)
Use address-family ipv4 in VPN instance view to enter IPv4 VPN view.
Use undo address-family ipv4 to remove all configurations from IPv4 VPN view.
Syntax
address-family ipv4
undo address-family ipv4
Views
VPN instance view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
In IPv4 VPN view, you can configure IPv4 VPN parameters such as inbound and outbound routing policies.
Examples
# Enter IPv4 VPN view.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] address-family ipv4
[Sysname-vpn-ipv4-vpn1]
Related commands
address-family ipv6 (VPN instance view)
address-family vpnv4
Use address-family vpnv4 to create the BGP VPNv4 address family or BGP-VPN VPNv4 address family and enter its view.
Use undo address-family vpnv4 to remove the BGP VPNv4 address family or BGP-VPN VPNv4 address family and all configurations in address family view.
Syntax
address-family vpnv4
undo address-family vpnv4
Default
The BGP VPNv4 address family or BGP-VPN VPNv4 address family is not created.
Views
BGP view, BGP-VPN instance view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
A VPNv4 address comprises an RD and an IPv4 prefix. VPNv4 routes comprise VPNv4 addresses.
For a PE to exchange BGP VPNv4 routes with a BGP peer, you must enable that peer by executing the peer enable command in BGP VPNv4 address family view or BGP-VPN VPNv4 address family view.
In BGP VPNv4 address family view, you can configure the following settings:
· BGP VPNv4 route attributes, such as the preferred value.
· Whether to allow the local AS number to appear in the AS_PATH attribute of received route updates.
The settings in BGP VPNv4 address family view control VPNv4 route exchange between PEs.
The settings in BGP-VPN VPNv4 address family view control VPNv4 route exchange between provider PE and provider CE in nested MPLS L3VPN.
Examples
# Create the BGP VPNv4 address family and enter its view.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] address-family vpnv4
[Sysname-bgp-vpnv4]
# Create the BGP-VPN VPNv4 address family and enter its view.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] ip vpn-instance vpn1
[Sysname-bgp-vpn1] address-family vpnv4
[Sysname-bgp-vpnv4-vpn1]
description (VPN instance view)
Use description to configure a description for a VPN instance.
Use undo description to delete the description.
Syntax
description text
undo description
Default
No description is configured for a VPN instance.
Views
VPN instance view
Default command level
2: System level
Parameters
text: Specifies a description for the VPN instance, a case-sensitive string of 1 to 79 characters.
Examples
# Configure a description of This is vpn1 for VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] description This is vpn1
display bgp routing-table ipv4 unicast inlabel
Use display bgp routing-table ipv4 unicast inlabel to display incoming labels for BGP IPv4 unicast routes.
Syntax
display bgp routing-table ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] inlabel
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
vpn-instance vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays incoming labels for BGP IPv4 unicast routes on the public network.
Usage guidelines
This command displays incoming labels for BGP IPv4 unicast routes regardless of whether the unicast keyword is specified or not.
Examples
# Display incoming labels for all BGP IPv4 unicast routes on the public network.
<Sysname> display bgp routing-table ipv4 inlabel
Total number of routes: 1
BGP local router ID is 3.3.3.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop OutLabel InLabel
* > 2.2.2.9/32 1.1.1.2 1151 1279
Table 1 Command output
|
Field |
Description |
|
BGP Local router ID |
Router ID of the local BGP router. |
|
Status |
Route status codes. See Table 3. |
|
Origin |
Route origin codes. See Table 3. |
|
In/Out Label |
Incoming/outgoing label. |
display bgp routing-table ipv4 unicast outlabel
Use display bgp routing-table ipv4 unicast outlabel to display outgoing labels for BGP IPv4 unicast routes.
Syntax
display bgp routing-table ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] outlabel
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
vpn-instance vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays outgoing labels for BGP IPv4 unicast routes on the public network.
Usage guidelines
This command displays outgoing labels for BGP IPv4 unicast routes regardless of whether the unicast keyword is specified or not.
Examples
# Display outgoing labels for all BGP IPv4 unicast routes on the public network.
<Sysname> display bgp routing-table ipv4 outlabel
Total number of routes: 1
BGP local router ID is 3.3.3.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop OutLabel
* > 2.2.2.9/32 1.1.1.2 1151
Table 2 Command output
|
Field |
Description |
|
BGP Local router ID |
Router ID of the local BGP router. |
|
Status |
Route status codes. See Table 3. |
|
Origin |
Route origin codes. See Table 3. |
|
OutLabel |
Outgoing label. |
display bgp routing-table vpnv4
Use display bgp routing-table vpnv4 to display BGP VPNv4 routing information.
Syntax
display bgp routing-table vpnv4 [ route-distinguisher route-distinguisher ] [ network-address [ { mask | mask-length } [ longest-match ] ] ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
route-distinguisher route-distinguisher: Specifies an RD, a string of 3 to 21 characters in one of these formats:
· 16-bit AS number:32-bit user-defined number. For example, 101:3.
· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.
· 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1.
network-address: Specifies the destination network address.
mask: Specifies the network mask, in dotted decimal notation.
mask-length: Specifies the length of the network mask, in the range of 0 to 32.
longest-match: Displays the longest matching BGP VPNv4 route.
Usage guidelines
If you do not specify network-address, mask, or mask-length, this command displays brief information about all BGP VPNv4 routes.
If you specify network-address mask or network-address mask-length, this command displays detailed information about the BGP VPNv4 route that exactly matches the specified address and mask.
If you specify only network-address, this command displays detailed information about the BGP VPNv4 route that exactly matches the specified address and the natural mask.
Examples
# Display brief information about all BGP VPNv4 routes.
<Sysname> display bgp routing-table vpnv4
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Total number of routes from all PEs: 2
Route distinguisher: 100:1(vpn1)
Total number of routes: 6
Network NextHop MED LocPrf PrefVal Path/Ogn
* > 10.1.1.0/24 10.1.1.2 0 32768 ?
* e 10.1.1.1 0 0 65410?
* > 10.1.1.2/32 127.0.0.1 0 32768 ?
* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?
* >e 192.168.1.0 10.1.1.1 0 0 65410?
* i 3.3.3.9 0 100 0 65420?
Route distinguisher: 200:1
Total number of routes: 2
Network NextHop MED LocPrf PrefVal Path/Ogn
* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?
* >i 192.168.1.0 3.3.3.9 0 100 0 65420?
# Display brief information about BGP VPNv4 routes with RD 100:1.
<Sysname> display bgp routing-table vpnv4 route-distinguisher 100:1
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Route distinguisher: 100:1(vpn1)
Total number of routes: 6
Network NextHop MED LocPrf PrefVal Path/Ogn
* > 10.1.1.0/24 10.1.1.2 0 32768 ?
* e 10.1.1.1 0 0 65410?
* > 10.1.1.2/32 127.0.0.1 0 32768 ?
* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?
* >e 192.168.1.0 10.1.1.1 0 0 65410?
* i 3.3.3.9 0 100 0 65420?
|
Field |
Description |
|
BGP Local router ID |
Router ID of the local BGP router. |
|
Status codes |
Route status codes: · * - valid—Valid route. · > - best—Common best route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route. |
|
Origin |
Route origin: · i - IGP—Originated in the AS. The origin of summary routes and routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols. |
|
Total number of routes from all PEs |
Total number of VPNv4 routes from all PEs. |
|
Network |
Network address. |
|
NextHop |
Address of the next hop. |
|
MED |
MED value. |
|
LocPrf |
Local preference value. |
|
PrefVal |
Preferred value. |
|
Path/Ogn |
AS_PATH and Origin attributes. |
# Display detailed information about the BGP VPNv4 route destined for 10.3.1.0/24.
<Sysname> display bgp routing-table vpnv4 10.3.1.0 24
BGP local router ID: 1.1.1.9
Local AS number: 100
Route distinguisher: 100:1(vpn1)
Total number of routes: 1
Paths: 1 available, 1 best
BGP routing table information of 10.3.1.0/24:
From : 3.3.3.9 (3.3.3.9)
Relay nexthop : 172.1.1.2
Original nexthop: 3.3.3.9
OutLabel : 1279
Ext-Community : <RT: 111:1>
AS-path : (null)
Origin : incomplete
Attribute value : MED 0, localpref 100, pref-val 0
State : valid, internal, best,
Route distinguisher: 200:1
Total number of routes: 1
Paths: 1 available, 1 best
BGP routing table information of 10.3.1.0/24:
From : 3.3.3.9 (3.3.3.9)
Relay nexthop : 172.1.1.2
Original nexthop: 3.3.3.9
OutLabel : 1279
Ext-Community : <RT: 111:1>
AS-path : (null)
Origin : incomplete
Attribute value : MED 0, localpref 100, pref-val 0
State : valid, internal, best,
# Display detailed information about the BGP VPNv4 route destined for 10.3.1.0/24 and with RD 100:1.
<Sysname> display bgp routing-table vpnv4 route-distinguisher 100:1 10.3.1.0 24
BGP local router ID: 1.1.1.9
Local AS number: 100
Route distinguisher: 100:1(vpn1)
Total number of routes: 1
Paths: 1 available, 1 best
BGP routing table information of 10.3.1.0/24:
From : 3.3.3.9 (3.3.3.9)
Relay nexthop : 172.1.1.2
Original nexthop: 3.3.3.9
OutLabel : 1279
Ext-Community : <RT: 111:1>
AS-path : (null)
Origin : incomplete
Attribute value : MED 0, localpref 100, pref-val 0
State : valid, internal, best,
Table 4 Command output
|
Field |
Description |
|
Relay Nexthop |
Recursive next hop. If no recursive next hop is found, this field displays not resolved. |
|
Original nexthop |
Original next hop. If the route is learned from a BGP update, it is the next hop in the update message. |
|
Ext-Community |
Extended community attribute. |
|
Attribute value |
BGP route attribute information: · MED—MED attribute. · Localpref—Local preference. · pref-val—Preferred value. · pre—Protocol preference. |
|
State |
Route status: · valid—Valid route. · internal—Internal route. · external—External route. · local—Locally generated route. · synchronize—Synchronized route. · best—Best route. |
display bgp routing-table vpnv4 advertise-info
Use display bgp routing-table vpnv4 advertise-info to display advertisement information for BGP VPNv4 routes.
Syntax
display bgp routing-table vpnv4 [ route-distinguisher route-distinguisher ] network-address [ mask | mask-length ] advertise-info
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
route-distinguisher route-distinguisher: Specifies an RD, a string of 3 to 21 characters in one of these formats:
· 16-bit AS number:32-bit user-defined number. For example, 101:3.
· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.
· 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1.
network-address: Specifies the destination network address.
mask: Specifies the network mask, in dotted decimal notation.
mask-length: Specifies the length of the network mask, in the range of 0 to 32.
Usage guidelines
If you do not specify the mask and mask-length arguments, the system ANDs the specified network address with the mask of each route. If the result matches the network address of the route, this command displays advertisement information for the route.
If you specify the mask or mask-length argument, this command displays advertisement information for the BGP VPNv4 route that exactly matches the specified address and mask.
Examples
# Display advertisement information for the BGP VPNv4 route destined to network 10.2.1.0/24.
<Sysname> display bgp routing-table vpnv4 10.1.1.0 24 advertise-info
BGP local router ID: 1.1.1.9
Local AS number: 100
Route distinguisher: 100:1
Total number of routes: 1
Paths: 1 best
BGP routing table information of 10.1.1.0/24:
Advertised to VPN peers (1 in total):
3.3.3.9
Inlabel : 1279
display bgp routing-table vpnv4 as-path-acl
Use display bgp routing-table vpnv4 as-path-acl to display BGP IPv4 unicast routes permitted by an AS path ACL.
Syntax
display bgp routing-table vpnv4 [ route-distinguisher route-distinguisher ] as-path-acl as-path-acl-number
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
route-distinguisher route-distinguisher: Specifies an RD, a string of 3 to 21 characters in one of these formats:
· 16-bit AS number:32-bit user-defined number. For example, 101:3.
· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.
· 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1.
as-path-acl-number: Specifies an AS path ACL by its number in the range of 1 to 256.
Examples
# Display BGP VPNv4 routes permitted by AS path ACL 1.
<Sysname> display bgp routing-table vpnv4 as-path-acl 1
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Total number of routes from all PEs: 2
Route distinguisher: 100:1(vpn1)
Total number of routes: 6
Network NextHop MED LocPrf PrefVal Path/Ogn
* > 10.1.1.0/24 10.1.1.2 0 32768 ?
* e 10.1.1.1 0 0 65410?
* > 10.1.1.2/32 127.0.0.1 0 32768 ?
* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?
* >e 192.168.1.0 10.1.1.1 0 0 65410?
* i 3.3.3.9 0 100 0 65420?
Route distinguisher: 200:1
Total number of routes: 2
Network NextHop MED LocPrf PrefVal Path/Ogn
* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?
* >i 192.168.1.0 3.3.3.9 0 100 0 65420?
For command output, see Table 3.
Related commands
ip as-path (Layer 3—IP Routing Configuration Guide)
display bgp routing-table vpnv4 community-list
Use display bgp routing-table vpnv4 community-list to display BGP VPNv4 routing information matching a specified BGP community list.
Syntax
display bgp routing-table vpnv4 [ route-distinguisher route-distinguisher ] community-list { { basic-community-list-number | comm-list-name } [ whole-match ] | adv-community-list-number }
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
route-distinguisher route-distinguisher: Specifies an RD, a string of 3 to 21 characters in one of these formats:
· 16-bit AS number:32-bit user-defined number. For example, 101:3.
· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.
· 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1.
basic-community-list-number: Specifies a basic community list by its number in the range of 1 to 99.
comm-list-name: Specifies a community list by its name, a case-sensitive string of 1 to 63 characters.
whole-match: Displays routes exactly matching the specified community list. If you do not specify this keyword, the command displays routes whose COMMUNITY attributes comprise the specified community list.
adv-community-list-number: Specifies an advanced community list by its number in the range of 100 to 199.
Examples
# Display BGP VPNv4 routing information matching BGP community list 100.
<Sysname> display bgp routing-table vpnv4 community-list 100
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Total number of routes from all PEs: 2
Route distinguisher: 100:1(vpn1)
Total number of routes: 6
Network NextHop MED LocPrf PrefVal Path/Ogn
* > 10.1.1.0/24 10.1.1.2 0 32768 ?
* e 10.1.1.1 0 0 65410?
* > 10.1.1.2/32 127.0.0.1 0 32768 ?
* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?
* >e 192.168.1.0 10.1.1.1 0 0 65410?
* i 3.3.3.9 0 100 0 65420?
Route distinguisher: 200:1
Total number of routes: 2
Network NextHop MED LocPrf PrefVal Path/Ogn
* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?
* >i 192.168.1.0 3.3.3.9 0 100 0 65420?
For command output, see Table 3.
display bgp routing-table vpnv4 inlabel
Use display bgp routing-table vpnv4 inlabel to display incoming labels for BGP VPNv4 routes.
Syntax
display bgp routing-table vpnv4 inlabel
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Examples
# Display incoming labels for all BGP VPNv4 routes.
<Sysname> display bgp routing-table vpnv4 inlabel
Total number of routes: 2
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Route distinguisher: 100:1
Total number of routes: 2
Network NextHop OutLabel InLabel
* > 10.1.1.0/24 10.1.1.2 NULL 1279
* >e 192.168.1.0 10.1.1.1 NULL 1278
Table 5 Command output
|
Field |
Description |
|
BGP Local router ID |
Router ID of the local BGP router. |
|
Status codes |
Route status codes. See Table 3. |
|
Origin |
Route origin. See Table 3. |
display bgp routing-table vpnv4 outlabel
Use display bgp routing-table vpnv4 outlabel to display outgoing labels for BGP VPNv4 routes.
Syntax
display bgp routing-table vpnv4 outlabel
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Examples
# Display outgoing labels for all BGP VPNv4 routes.
<Sysname> display bgp routing-table vpnv4 outlabel
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Total number of routes from all PEs: 2
Route distinguisher: 100:1(vpn1)
Total number of routes: 2
Network NextHop OutLabel
* >i 10.3.1.0/24 3.3.3.9 1279
* i 192.168.1.0 3.3.3.9 1278
Route distinguisher: 200:1
Total number of routes: 2
Network NextHop OutLabel
* >i 10.3.1.0/24 3.3.3.9 1279
* >i 192.168.1.0 3.3.3.9 1278
Table 6 Command output
|
Field |
Description |
|
BGP Local router ID |
Router ID of the local BGP router. |
|
Status |
Route status codes. See Table 3. |
|
Origin |
Route origin codes. See Table 3. |
|
OutLabel |
Outgoing label. |
display bgp routing-table vpnv4 peer
Use display bgp routing-table vpnv4 peer to display BGP VPNv4 routing information advertised to or received from a specified BGP peer.
Syntax
display bgp routing-table vpnv4 [ vpn-instance vpn-instance-name ] peer ip-address { advertised-routes | received-routes } [ network-address [ mask | mask-length ] | statistics ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays BGP VPNv4 routing information advertised to or received from the specified BGP peer on the public network.
ip-address: Specifies a peer by its IP address.
advertised-routes: Displays routing information advertised to the specified peer.
received-routes: Displays routing information received from the specified peer.
network-address: Specifies the IP address of the destination network.
mask: Specifies the mask of the destination network, in dotted decimal notation.
mask-length: Specifies a mask length in the range of 0 to 32.
statistics: Displays route statistics.
Usage guidelines
If you do not specify network-address, mask, or mask-length, this command displays all BGP VPNv4 routing information advertised to or received from the specified BGP peer.
If you specify the network-address argument without mask or mask-length, the system ANDs the network address with the mask of a route. If the result matches the network address of the route, this command displays information about the route.
If you specify network-address mask or network-address mask-length, this command displays information about the route that exactly matches the specified address and mask (or mask length).
Examples
# Display all BGP VPNv4 routing information advertised to BGP peer 3.3.3.9 on the public network.
<Sysname> display bgp routing-table vpnv4 peer 3.3.3.9 advertised-routes
Total number of routes: 2
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Route distinguisher: 100:1
Total number of routes: 2
Network NextHop MED LocPrf Path/Ogn
* > 10.1.1.0/24 10.1.1.2 0 ?
* >e 192.168.1.0 10.1.1.1 0 65410?
# Display all BGP VPNv4 routing information received from BGP peer 3.3.3.9 on the public network.
<Sysname> display bgp routing-table vpnv4 peer 3.3.3.9 received-routes
Total number of routes: 2
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Route distinguisher: 200:1
Total number of routes: 2
Network NextHop MED LocPrf PrefVal Path/Ogn
* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?
* >i 192.168.1.0 3.3.3.9 0 100 0 65420?
For command output, see Table 3.
# Display statistics for BGP VPNv4 routes advertised to BGP peer 3.3.3.9 on the public network.
<Sysname> display bgp routing-table vpnv4 peer 3.3.3.9 advertised-routes statistics
Advertised routes total: 2
# Display statistics for BGP VPNv4 routes received from BGP peer 3.3.3.9 on the public network.
<Sysname> display bgp routing-table vpnv4 peer 3.3.3.9 received-routes statistic
Received routes total: 2
Table 7 Command output
|
Field |
Description |
|
Advertised routes total |
Total number of routes advertised to the specified peer. |
|
Received routes total |
Total number of routes received from the specified peer. |
display bgp routing-table vpnv4 statistics
Use display bgp routing-table vpnv4 statistics to display BGP VPNv4 route statistics.
Syntax
display bgp routing-table vpnv4 statistics
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Examples
# Display BGP VPNv4 route statistics for the public network.
<Sysname> display bgp routing-table vpnv4 statistics
Total number of routes from all PEs: 2
Route distinguisher: 100:1(vpn1)
Total number of routes: 6
Route distinguisher: 200:1
Total number of routes: 2
display ospf sham-link
Use display ospf sham-link to display OSPF sham link information.
Syntax
In standalone mode:
display ospf [ process-id ] sham-link [ area area-id ] [ standby slot slot-number ]
In IRF mode:
display ospf [ process-id ] sham-link [ area area-id ] [ standby chassis chassis-number slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
process-id: Displays sham link information for the OSPF process specified by its ID. The process ID is in the range of 1 to 65535. If you do not specify a process, this command displays sham link information for all OSPF processes.
area area-id: Displays sham link information for the OSPF area specified by its ID, which is an IP address, or an integer. The integer is in the range of 0 to 4294967295. If you do not specify an area, this command displays sham link information for all OSPF areas.
standby: Displays information about the standby OSPF process. If you do not specify this keyword, the command displays information about the active OSPF process.
slot slot-number: Specifies the card where the standby process resides by its slot number. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies the card in an IRF member device where the standby process resides. The chassis-number argument represents the IRF member ID of the device, and the slot-number argument represents the slot number of the card. (In IRF mode.)
Usage guidelines
If you do not specify any parameters, this command displays information about all OSPF sham links.
The active OSPF process backs up OSPF peers and routing information to the standby OSPF process only when OSPF NSR is enabled. If OSPF NSR is disabled, this command does not display anything when you execute it by using the standby keyword.
Examples
# Display information about all OSPF sham links.
<Sysname> display ospf sham-link
OSPF Process 1 with Router ID 125.1.1.1
Sham link
Area Neighbor ID Source IP Destination IP State Cost
0.0.0.0 95.1.1.1 125.2.1.1 95.2.1.1 P-2-P 1
# Display OSPF sham link information for OSPF area 1.
<Sysname> display ospf sham-link area 1
OSPF Process 1 with Router ID 125.1.1.1
Sham link: 125.2.1.1 --> 95.2.1.1
Neighbor ID: 95.1.1.1 State: Full
Area: 0.0.0.0
Cost: 1 State: P-2-P Type: Sham
Timers: Hello 10s, Dead 40s, Retransmit 5s, Transmit Delay 1s
Request list: 0 Retransmit list: 0
MD5 authentication enabled.
The last key is 3.
The rollover is in progress, 1 neighbor(s) left.
display ip vpn-instance
Use display ip vpn-instance to display information about VPN instances.
Syntax
display ip vpn-instance [ instance-name vpn-instance-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
instance-name vpn-instance-name: Displays information about the specified VPN instance. The vpn-instance-name is a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays brief information about all VPN instances.
Examples
# Display brief information about all VPN instances.
<Sysname> display ip vpn-instance
Total VPN-Instances configured : 1
VPN-Instance Name RD Create time
abc 1:1 2011/05/18 10:48:17
Table 8 Command output
|
Field |
Description |
|
VPN-Instance Name |
Name of the VPN instance. |
|
RD |
RD of the VPN instance. |
|
Create Time |
Time when the VPN instance was created. |
# Display detailed information about VPN instance vpn1.
<Sysname> display ip vpn-instance instance-name vpn1
VPN-Instance Name and Index : vpn1, 2
Route Distinguisher : 100:1
VPN ID : 1:1
Description : vpn1
Interfaces : GigabitEthernet3/0/2
Address-family IPv4:
Export VPN Targets :
2:2
Import VPN Targets :
3:3
Export Route Policy : outpolicy
Import Route Policy : inpolicy
Tunnel Policy : tunnel1
Maximum Routes Limit : 5000
Address-family IPv6:
Export VPN Targets :
2:2
Import VPN Targets :
3:3
Export Route Policy : outpolicy
Import Route Policy : inpolicy
Tunnel Policy : tunnel1
Maximum Routes Limit : 5000
domain-id
Use domain-id to set an OSPF domain ID.
Use undo domain-id to restore the default.
Syntax
domain-id domain-id [ secondary ]
undo domain-id [ domain-id ]
Default
The OSPF domain ID is 0.
Views
OSPF view
Predefined user roles
network-admin
mdc-admin
Parameters
domain-id: Specifies an OSPF domain ID, in one of these formats:
· Integer, in the range of 0 to 4294967295. For example, 1.
· Dotted decimal notation. For example, 0.0.0.1.
· Dotted decimal notation:16-bit user-defined number in the range of 0 to 65535. For example, 0.0.0.1:512.
secondary: Specifies a secondary domain ID. If you do not specify this keyword, the command specifies a primary domain ID.
Usage guidelines
When you redistribute OSPF routes into BGP, BGP does the following:
· Adds the configured OSPF domain ID to the redistributed BGP VPN routes as a BGP extended community attribute.
· Advertises the routes to the BGP peer.
When you redistribute the BGP VPN routes into OSPF on the BGP peer, OSPF uses the domain ID to determine whether the routes belong to the same OSPF routing domain. If they do and they are intra-area routes, OSPF advertises these routes in Summary LSAs (Type 3). If they do but they are not intra-area routes, OSPF advertises these routes in AS External LSAs (Type 5) or NSSA External LSAs (Type 7). If the routes do not belong to the same OSPF routing domain, OSPF advertises them in Type 5 or Type 7 LSAs.
With no parameter specified, the undo domain-id command deletes all domain IDs.
Examples
# Set an OSPF domain ID.
<Sysname> system-view
[Sysname] ospf 100
[Sysname-ospf-100] domain-id 234
export route-policy
Use export route-policy to apply an export routing policy for a VPN instance.
Use undo export route-policy to remove the application.
Syntax
export route-policy route-policy
undo export route-policy
Default
No export routing policy is applied for a VPN instance.
Views
VPN instance view, IPv4 VPN view, IPv6 VPN view
Predefined user roles
network-admin
mdc-admin
Parameters
route-policy: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.
Usage guidelines
You can specify an export routing policy to filter advertised routes or modify their route attributes for the VPN instance.
An export routing policy specified in VPN instance view applies to both IPv4 VPN and IPv6 VPN.
An export routing policy specified in IPv4 VPN view or IPv6 VPN view applies to only IPv4 VPN or IPv6 VPN.
IPv4/IPv6 VPN prefers the export routing policy specified in IPv4/IPv6 VPN view over the one specified in VPN instance view.
Examples
# Apply export routing policy poly-1 for VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] export route-policy poly-1
# Apply export routing policy poly-2 for IPv4 VPN vpn2.
<Sysname> system-view
[Sysname] ip vpn-instance vpn2
[Sysname-vpn-instance-vpn2] address-family ipv4
[Sysname-vpn-ipv4-vpn2] export route-policy poly-2
# Apply export routing policy poly-3 for IPv6 VPN vpn3.
<Sysname> system-view
[Sysname] ip vpn-instance vpn3
[Sysname-vpn-instance-vpn3] address-family ipv6
[Sysname-vpn-ipv6-vpn3] export route-policy poly-3
Related commands
· import route-policy
· route-policy (Layer 3—IP Routing Configuration Guide)
ext-community-type
Use ext-community-type to configure the type code of an OSPF extended community attribute.
Use undo ext-community-type to restore the default.
Syntax
ext-community-type { domain-id type-code1 | router-id type-code2 | route-type type-code3 }
undo ext-community-type { domain-id | router-id | route-type }
Default
The type codes for domain ID, router ID, and route type are 0x0005, 0x0107, and 0x0306, respectively.
Views
OSPF view
Predefined user roles
network-admin
mdc-admin
Parameters
domain-id type-code1: Specifies the type code for domain ID. Valid values are 0x0005, 0x0105, 0x0205, and 0x8005.
router-id type-code2: Specifies the type code for router ID. Valid values are 0x0107 and 0x8001.
router-type type-code3: Specifies the type code for route type. Valid values are 0x0306 and 0x8000.
Examples
# Configure the type codes of domain ID, router ID, and route type as 0x8005, 0x8001, and 0x8000, respectively, for OSPF process 100.
<Sysname> system-view
[Sysname] ospf 100
[Sysname-ospf-100] ext-community-type domain-id 8005
[Sysname-ospf-100] ext-community-type router-id 8001
[Sysname-ospf-100] ext-community-type route-type 8000
import route-policy
Use import route-policy to apply an import routing policy for a VPN instance.
Use undo import route-policy to remove the application.
Syntax
import route-policy route-policy
undo import route-policy
Default
All routes matching the import target attribute are accepted.
Views
VPN instance view, IPv4 VPN view, IPv6 VPN view
Predefined user roles
network-admin
mdc-admin
Parameters
route-policy: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.
Usage guidelines
You can specify an import routing policy to filter received routes or modify their route attributes for the VPN instance.
An import routing policy specified in VPN instance view applies to both IPv4 VPN and IPv6 VPN.
An import routing policy specified in IPv4 VPN view or IPv6 VPN view applies to only the IPv4 VPN or IPv6 VPN.
IPv4/IPv6 VPN prefers the import routing policy specified in IPv4/IPv6 VPN view over the one specified in VPN instance view.
Examples
# Apply import routing policy poly-1 for VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] import route-policy poly-1
# Apply import routing policy poly-2 for IPv4 VPN vpn2.
<Sysname> system-view
[Sysname] ip vpn-instance vpn2
[Sysname-vpn-instance-vpn2] address-family ipv4
[Sysname-vpn-ipv4-vpn2] import route-policy poly-2
# Apply import routing policy poly-3 for IPv6 VPN vpn3.
<Sysname> system-view
[Sysname] ip vpn-instance vpn3
[Sysname-vpn-instance-vpn3] address-family ipv6
[Sysname-vpn-ipv6-vpn3] import route-policy poly-3
Related commands
· export route-policy
· route-policy (Layer 3—IP Routing Configuration Guide)
ip binding vpn-instance
Use ip binding vpn-instance to associate an interface with a VPN instance.
Use undo ip binding vpn-instance to remove the association.
Syntax
ip binding vpn-instance vpn-instance-name
undo ip binding vpn-instance vpn-instance-name
Default
An interface is associated with no VPN instance and belongs to the public network.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters.
Usage guidelines
Use the command to associate the VPN instance with the interface connected to the CE.
This command or its undo form clears the IP address and routing protocol configuration on the interface. After executing this command or its undo form, use the display this command to view the current configuration and reconfigure the IP address and routing protocol on the interface.
The specified VPN instance must have been created by using the ip vpn-instance command in system view.
To associate a new VPN instance with an interface, you must remove the previous association and then associate the new VPN instance with the interface.
Examples
# Associate interface VLAN-interface 1 with VPN instance vpn1.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] ip binding vpn-instance vpn1
Related commands
ip vpn-instance (system view)
ip vpn-instance (system view)
Use ip vpn-instance to create a VPN instance and enter VPN instance view.
Use undo ip vpn-instance to delete a VPN instance.
Syntax
ip vpn-instance vpn-instance-name
undo ip vpn-instance vpn-instance-name
Default
No VPN instance is created.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
vpn-instance-name: Specifies the name of the VPN instance, a case-sensitive string of 1 to 31 characters.
Examples
# Create a VPN instance named vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1]
Related commands
route-distinguisher
nesting-vpn
Use nesting-vpn to enable the nested VPN function.
Use undo nesting-vpn to disable the nested VPN function.
Syntax
nesting-vpn
undo nesting-vpn
Default
The nested VPN function is disabled.
Views
BGP-VPNv4 address family view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
To exchange VPNv4 routes with a peer in nested VPN, you must enable nested VPN and then execute the peer enable command to enable that peer in BGP VPNv4 view.
Examples
# Enable nested VPN.
<Sysname> system-view
[Sysname] bgp 10
[Sysname-bgp] address-family vpnv4
[Sysname-bgp-vpnv4] nesting-vpn
peer next-hop-invariable
Use peer next-hop-invariable to configure the device to not change the next hop of routes advertised to an EBGP peer or peer group.
Use undo peer next-hop-invariable to restore the default.
Syntax
peer { group-name | ip-address } next-hop-invariable
undo peer { group-name | ip-address } next-hop-invariable
Default
The device uses its address as the next hop of routes advertised to an EBGP peer or peer group.
Views
BGP VPNv4 address family view
Predefined user roles
network-admin
mdc-admin
Parameters
group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters.
ip-address: Specifies a peer by its IP address.
Usage guidelines
On an RR in an inter-AS option C scenario, you must configure next-hop-invariable to not change the next hop of VPNv4 routes advertised to EBGP peers and RR clients.
This command is exclusive with the peer next-hop-local command.
Examples
# Configure the device to not change the next hop of routes advertised to EBGP peer 1.1.1.1.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] address-family vpnv4
[Sysname-bgp-af-vpnv4] peer 1.1.1.1 next-hop-invariable
Related commands
peer next-hop-local (Layer 3—IP Routing Command Reference)
peer upe
Use peer upe to configure a BGP peer or peer group as a HoVPN UPE in BGP VPNv4 address family view.
Use undo peer upe to remove the configuration.
Syntax
peer { group-name | ip-address } upe
undo peer { group-name | ip-address } upe
Default
No BGP peer or peer group is configured as a UPE.
Views
BGP VPNv4 address family view
Predefined user roles
network-admin
mdc-admin
Parameters
group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The specified peer group must exist.
ip-address: Specifies a peer by its IP address. The specified peer must exist.
Usage guidelines
A UPE is a special VPNv4 peer. It can accept one default route for each related VPN instance and routes permitted by the routing policy on the SPE. An SPE is a common VPN peer.
Examples
# Configure peer 1.1.1.1 as a UPE.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] address-family vpnv4
[Sysname-bgp-vpnv4] peer 1.1.1.1 upe
peer upe route-policy
Use peer upe route-policy to advertise routes permitted by a routing policy to a UPE.
Use undo peer upe route-policy to restore the default.
Syntax
peer { group-name | ip-address } upe route-policy route-policy-name export
undo peer { group-name | ip-address } upe route-policy export
Default
No routes are advertised to any peer.
Views
BGP VPNv4 address family view
Predefined user roles
network-admin
mdc-admin
Parameters
group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The specific peer group must exist.
ip-address: Specifies a peer by its IP address. The specific peer must exist.
route-policy-name: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.
export: Applies the filtering policy to routes to be advertised.
Usage guidelines
This command must be used with the peer upe command.
Examples
# Configure peer 1.1.1.1 as a UPE, and advertise routes permitted by routing policy hope to peer 1.1.1.1.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] peer 1.1.1.1 as-number 200
[Sysname-bgp] address-family vpnv4
[Sysname-bgp-vpnv4] peer 1.1.1.1 enable
[Sysname-bgp-vpnv4] peer 1.1.1.1 upe
[Sysname-bgp-vpnv4] peer 1.1.1.1 upe route-policy hope export
Related commands
· peer upe
· route-policy (Layer 3—IP Routing Configuration Guide)
policy vpn-target
Use policy vpn-target to enable route target filtering of received VPNv4 routes. Only VPNv4 routes whose route target attribute matches local import route target attribute are added to the routing table.
Use undo policy vpn-target to disable route target filtering, permitting all incoming VPNv4 routes.
Syntax
policy vpn-target
undo policy vpn-target
Default
The route target filtering function is enabled for received VPNv4 routes.
Views
BGP VPNv4 address family view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
In an inter-AS option B scenario, an ASBR-PE must save all incoming VPNv4 routes and advertises those routes to the peer ASBR-PE. For this purpose, you must execute the undo policy vpn-target command on the ASBR-PE to disable route target filtering.
Examples
# Disable route target filtering of received VPNv4 routes.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] address-family vpnv4
[Sysname-bgp-vpnv4] undo policy vpn-target
refresh bgp vpnv4
Use refresh bgp vpnv4 to manually soft reset BGP sessions for VPNv4 address family..
refresh bgp { ip-address | all | external | group group-name | internal } { export | import } vpnv4 [ vpn-instance vpn-instance-name ]
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
ip-address: Soft resets the BGP session with the BGP peer identified by this IP address.
all: Soft resets all BGP sessions for VPNv4 address family.
external: Soft resets all EBGP sessions for VPNv4 address family.
group group-name: Soft resets BGP sessions with the BGP peer group identified by this name, a case-sensitive string of 1 to 47 characters.
internal: Soft resets all IBGP sessions for VPNv4 address family.
export: Soft resets outbound EBGP sessions.
import: Soft resets inbound EBGP sessions.
vpn-instance vpn-instance-name: Soft resets BGP sessions for the VPN instance specified by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command soft resets BGP sessions for the public network.
Usage guidelines
Soft reset can update BGP VPNv4 routing information without breaking down BGP neighbor relationships.
You can apply a new route selection policy by executing this command. If you execute this command with the export keyword, BGP filters advertised routing information based on the new policy and sends the matching routes to the BGP peer. If you execute this command with the import keyword, BGP advertises a route-refresh message to the peer so the peer re-advertises its routing information. After receiving the routing information from the peer, BGP filters the routing information by using the new policy.
This command requires that both the local router and the peer support route refresh.
If the peer keep-all-routes command is configured, the refresh bgp vpnv4 import command does not take effect.
Examples
# Manually soft reset all inbound BGP sessions for VPNv4 address family.
<Sysname> refresh bgp all import vpnv4
· peer capability-advertise route-refresh (Layer 3—IP Routing Command Reference)
· peer keep-all-routes (Layer 3—IP Routing Command Reference)
reserve-vlan (VPN instance view)
Use reserve-vlan to specify a reserved VLAN for a VPN instance.
Use undo reserve-vlan to restore the default.
Syntax
reserve-vlan vlan-id
undo reserve-vlan
Default
No reserved VLAN is specified for a VPN instance.
Views
VPN instance view
Predefined user roles
network-admin
mdc-admin
Parameters
vlan-id: Specifies a reserved VLAN.
Usage guidelines
The reserved VLAN of a VPN instance provides resources for the VPN instance to complete packet forwarding.
A common VLAN (for example, a default VLAN, a VLAN created by using the vlan command, and a dynamically learned VLAN) cannot be specified as a reserved VLAN. After you specify a VLAN as the reserved VLAN of a VPN instance, the VLAN cannot be created by using the vlan command or be dynamically learned.
Reserved VLANs specified for VPN instances must be different.
The reserved VLAN configuration takes effect only when the system is operating in standard mode. For more information about system operating modes, see Fundamentals Configuration Guide.
When the system is operating in standard mode, you must configure a reserved VLAN for a created VPN instance in the following cases:
· The VPN instance is not connected to any CEs.
· It is required to configure the multicast VPN function for the VPN instance.
· It is required to bind the VPN instance to an IP tunnel.
When the system is operating in standard mode, if a VPN instance is not configured with a reserved VLAN, you cannot configure URPF on the private network VLAN interface bound to the VPN instance.
Examples
# Specify VLAN 100 as the reserved VLAN of VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] reserve-vlan 100
Related commands
vlan (Layer 2—LAN Switching Command Reference)
reset bgp vpnv4
Use reset bgp vpnv4 to reset BGP sessions for VPNv4 address family.
Syntax
reset bgp { as-number | ip-address | all | external | group group-name | internal } vpnv4 [ vpn-instance vpn-instance-name ]
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
as-number: Resets BGP sessions in the AS specified by its number in the range of 1 to 4294967295.
ip-address: Resets the BGP session with the BGP peer identified by this IP address.
all: Resets all BGP sessions for VPNv4 address family.
external: Resets EBGP sessions for VPNv4 address family.
group group-name: Resets BGP sessions with the BGP peer group identified by this name, a case-sensitive string of 1 to 47 characters.
internal: Resets IBGP sessions for VPNv4 address family.
vpn-instance vpn-instance-name: Resets BGP sessions for the VPN instance identified by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, the command resets BGP sessions for the public network.
Usage guidelines
You can reset BGP sessions to apply a new route selection policy. BGP filters advertised VPNv4 routing information based on the new policy. Resetting BGP sessions temporarily breaks down the BGP sessions.
Examples
# Reset all BGP sessions for VPNv4 address family.
<Sysname> reset bgp all vpnv4
route-distinguisher (VPN instance view)
Use route-distinguisher to configure an RD for a VPN instance.
Use undo route-distinguisher to remove the RD of a VPN instance.
Syntax
route-distinguisher route-distinguisher
undo route-distinguisher
Default
No RD is specified for a VPN instance.
Views
VPN instance view
Predefined user roles
network-admin
mdc-admin
Parameters
route-distinguisher: Specifies an RD for the VPN instance, a string of 3 to 21 characters in one of these formats:
· 16-bit AS number:32-bit user-defined number. For example, 101:3.
· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.
· 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1.
Usage guidelines
RDs enable VPNs to use the same address space. An RD and an IPv4 prefix comprise a unique VPN IPv4 prefix.
To change the RD of a VPN instance, you must delete the RD with the undo route-distinguisher command, and then use the route-distinguisher command to configure a new RD.
Examples
# Configure RD 22:1 for VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] route-distinguisher 22:1
route-tag
Use route-tag to configure an external route tag for redistributed VPN routes.
Use undo route-tag to restore the default.
Syntax
route-tag tag-value
undo route-tag
Default
If the AS number is not greater than 65535, the first two octets of the default external route tag are 0xD000 and the last two octets are the local AS number. For example, if the local BGP AS number is 100, the default value of the external route tag is 3489661028. If the AS number is greater than 65535, the default external route tag is 0.
Views
OSPF view
Predefined user roles
network-admin
mdc-admin
Parameters
tag-value: Specifies the external route tag for redistributed VPN routes, in the range of 0 to 4294967295.
Usage guidelines
If the PE-CE routing protocol is OSPF, the PE redistributes BGP VPNv4 routes received from the peer PE into the OSPF routing table, and advertises these routes to the locally connected CE through OSPF. If the routes are advertised to the CE in Type 5 or 7 LSAs, Type 5/7 LSAs must contain the external route tag. An external route tag can be configured by different commands and has different priorities. The commands used to configure the external route tag (in the descending order of tag priority) are as follows:
· import-route
· route-tag
· default tag
If the external route tag in a Type 5 or 7 LSA received by a PE is the same as the locally configured external route tag, the PE ignores the LSA in route calculation to avoid routing loops.
H3C recommends that you configure the same external route tag for PEs in the same area.
An external route tag is not transferred in any BGP extended community attribute. It is only locally significant and takes effect only on the PEs that receive BGP routes and generate OSPF Type 5 or 7 LSAs.
You can configure the same external route tag for different OSPF processes.
Examples
# In OSPF process 100, set the external route tag for redistributed VPN routes to 100.
<Sysname> system-view
[Sysname] ospf 100
[Sysname-ospf-100] route-tag 100
Related commands
import-route
routing-table limit
Use routing-table limit to set the maximum number of active routes in a VPN instance.
Use undo routing-table limit to restore the default.
Syntax
routing-table limit number { warn-threshold | simply-alert }
undo routing-table limit
Default
The maximum number of active routes depends on the system operating mode.
Views
VPN instance view, IPv4 VPN view, IPv6 VPN view
Predefined user roles
network-admin
mdc-admin
Parameters
number: Specifies the maximum number of active routes. The value range depends on the system operating mode. For more information about system operating modes, see Fundamentals Configuration Guide.
warn-threshold: Specifies a warning threshold in the range of 1 to 100 in percentage. When the percentage of the number of existing active routes to the maximum number of active routes exceeds the specified threshold, the system gives an alarm message but still allows new active routes. If active routes in the VPN instance reach the maximum, no more active routes are added.
simply-alert: Specifies that when active routes exceed the maximum number, the system still accepts active routes but generates a system log message.
Usage guidelines
A limit configured in VPN instance view applies to both the IPv4 VPN and the IPv6 VPN.
A limit configured in IPv4 VPN view or IPv6 VPN view applies to only the IPv4 VPN or the IPv6 VPN.
IPv4/IPv6 VPN prefers the limit configured in IPv4/IPv6 VPN view over the limit configured in VPN instance view.
Examples
# Specify that VPN instance vpn1 supports up to 1000 active routes, and when active routes exceed the upper limit, can receive new active routes but generates a system log message.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] route-distinguisher 100:1
[Sysname-vpn-instance-vpn1] routing-table limit 1000 simply-alert
# Specify that the IPv4 VPN vpn2 supports up to 1000 active routes, and when active routes exceed the upper limit, can receive new active routes but generates a system log message.
<Sysname> system-view
[Sysname] ip vpn-instance vpn2
[Sysname-vpn-instance-vpn2] route-distinguisher 100:2
[Sysname-vpn-instance-vpn2] address-family ipv4
[Sysname-vpn-ipv4-vpn2] routing-table limit 1000 simply-alert
# Specify that the IPv6 VPN vpn3 supports up to 1000 active routes, and when active routes exceed the upper limit, can receive new active routes but generates a system log message.
<Sysname> system-view
[Sysname] ip vpn-instance vpn3
[Sysname-vpn-instance-vpn3] route-distinguisher 100:3
[Sysname-vpn-instance-vpn3] address-family ipv6
[Sysname-vpn-ipv4-vpn3] routing-table limit 1000 simply-alert
rr-filter
Use rr-filter to create an RR reflection policy so that only IBGP routes whose extended community attribute matches the specified extended community list are reflected.
Use undo rr-filter to restore the default.
Syntax
rr-filter extended-community-number
undo rr-filter
Default
An RR does not filter reflected routes.
Views
BGP VPNv4 address family view
Predefined user roles
network-admin
mdc-admin
Parameters
extended-community-number: Specifies an extended community number in the range of 1 to 199.
Usage guidelines
By configuring different RR reflection policies on RRs in a cluster, you can implement load balancing among the RRs.
Examples
# Configure the RR to only reflect VPNv4 routes with an extended community number of 10.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] address-family vpnv4
[Sysname-bgp-vpnv4] rr-filter 10
sham-link
Use sham-link to create an OSPF sham link.
Use undo sham-link to remove an OSPF sham link or restore the defaults of specified parameters for a sham link.
Syntax
sham-link source-ip-address destination-ip-address [ cost cost | dead dead-interval | hello hello-interval | { { hmac-md5 | md5 } key-id { cipher cipher-string | plain plain-string } | simple { cipher cipher-string | plain plain-string } } | retransmit retrans-interval | trans-delay delay ] *
undo sham-link source-ip-address destination-ip-address [ cost | dead | hello | { { hmac-md5 | md5 } key-id | simple } | retransmit | trans-delay ] *
Default
No OSPF sham link is configured.
Views
OSPF area view
Predefined user roles
network-admin
mdc-admin
Parameters
source-ip-address: Specifies the source IP address of the sham link.
destination-ip-address: Specifies the destination IP address of the sham link.
cost cost: Specifies the cost of the sham link, in the range of 1 to 65535. The default cost is 1.
dead dead-interval: Specifies the dead interval in the range of 1 to 32768 seconds. The default is 40 seconds. The dead interval configured on the two ends of the sham link must be identical and be at least four times the hello interval.
hello hello-interval: Specifies the interval for sending hello packets, in the range of 1 to 8192 seconds. The default is 10 seconds. The hello interval configured on the two ends of the sham link must be identical.
hmac-md5: Enables HMAC-MD5 authentication.
md5: Enables MD5 authentication.
simple: Enables simple authentication.
key-id: Specifies a key ID in the range of 1 to 255.
cipher: Specifies a ciphertext key.
cipher-string: Specifies a ciphertext key. This argument is case sensitive. If simple is specified, it must be a string of 33 to 41 characters. If md5 or hmac-md5 is specified, it must be a string of 33 to 53 characters.
plain: Specifies a plaintext key.
plain-string: Specifies a plaintext key. This argument is case sensitive. If simple is specified, it must be a string of 1 to 8 characters. If md5 or hmac-md5 is specified, it must be a string of 1 to 16 characters.
retransmit retrans-interval: Specifies the interval for retransmitting LSAs, in the range of 1 to 3600 seconds. The default is 5 seconds.
trans-delay delay: Specifies the delay interval before the interface sends an LSA, in the range of 1 to 3600 seconds. The default is 1 second.
Usage guidelines
When a backdoor link exists between the two sites of a VPN, you can create a sham link between PEs to forward VPN traffic through the sham link on the backbone rather than the backdoor link. A sham link is considered an OSPF intra-area route.
This command can configure MD5/HMAC-MD5 or simple authentication for the sham link, but not both. For MD5/HMAC-MD5 authentication, you can configure multiple keys by executing this command multiple times, but a key-id can correspond with only one key.
To modify the MD5/HMAC-MD5 authentication key of a sham link, follow these steps:
1. Configure a new key for the sham link on the local device. If the neighbor on the sham link has not been configured with the new key, this configuration triggers a key rollover process, during which, OSPF advertises both the new and old keys so the neighbor can pass authentication and the neighbor relationship is maintained.
2. Configure the same key for the sham link on the neighbor. After the local device receives a packet carrying the new key from the neighbor, it quits the key rollover process.
3. Execute the undo sham-link command on the local device and the neighbor to remove the old key. This operation can avoid attacks to the sham link that uses the old key and reduce bandwidth consumption by key rollover.
Examples
# Create a sham link with the source address 1.1.1.1 and destination address 2.2.2.2.
<Sysname> system-view
[Sysname] ospf
[Sysname-ospf-1] area 0
[Sysname-ospf-1-area-0.0.0.0] sham-link 1.1.1.1 2.2.2.2
Related commands
display ospf sham-link
snmp-agent trap enable l3vpn
Use snmp-agent trap enable l3vpn to enable SNMP notifications for MPLS L3VPN.
Use undo snmp-agent trap enable l3vpn to disable SNMP notifications for MPLS L3VPN.
Syntax
snmp-agent trap enable l3vpn
undo snmp-agent trap enable l3vpn
Default
SNMP notifications for MPLS L3VPN are enabled.
Views
System view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
This feature enables MPLS L3VPN to generate SNMP notifications. The generated SNMP notifications are sent to the SNMP module.
For more information about SNMP notifications, see Network Management and Monitoring Configuration Guide.
Examples
# Enable SNMP notifications for MPLS L3VPN.
<Sysname> system-view
[Sysname] snmp-agent trap enable l3vpn
tnl-policy (VPN instance view/IPv4 VPN view/IPv6 VPN view)
Use tnl-policy to associate a VPN instance with a tunnel policy.
Use undo tnl-policy to remove the association.
Syntax
tnl-policy tunnel-policy-name
undo tnl-policy
Default
No tunnel policy is associated with a VPN instance.
Views
VPN instance view, IPv4 VPN view
Predefined user roles
network-admin
mdc-admin
Parameters
tunnel-policy-name: Specifies a tunnel policy by its name, a case-insensitive string of 1 to 19 characters.
Usage guidelines
The VPN instance uses the specified tunnel policy to select tunnels for traffic.
If a VPN instance is not associated with any tunnel policy or the associated tunnel policy is not configured, the VPN instance selects tunnels according to the default tunnel policy. The default tunnel policy selects only one tunnel in this order: LSP tunnel, GRE tunnel, CRLSP tunnel.
A tunnel policy specified in VPN instance view is applicable to both the IPv4 VPN and the IPv6 VPN.
A tunnel policy specified in IPv4 VPN view or IPv6 VPN view is applicable to only the IPv4 VPN or IPv6 VPN.
IPv4/IPv6 VPN prefers the tunnel policy specified in IPv4/IPv6 VPN view over the tunnel policy specified in VPN instance view.
Examples
# Associate VPN instance vpn1 with tunnel policy po1.
<Sysname> system-view
[Sysname] tunnel-policy po1
[Sysname-tunnel-policy-po1] tunnel select-seq lsp load-balance-number 1
[Sysname-tunnel-policy-po1] quit
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] route-distinguisher 22:33
[Sysname-vpn-instance-vpn1] tnl-policy po1
[Sysname-vpn-instance-vpn1] quit
# Associate the IPv4 VPN vpn2 with tunnel policy po1.
[Sysname] ip vpn-instance vpn2
[Sysname-vpn-instance-vpn2] route-distinguisher 11:22
[Sysname-vpn-instance-vpn2] address-family ipv4
[Sysname-vpn-ipv4-vpn2] tnl-policy po1
[Sysname-vpn-ipv4-vpn2] quit
[Sysname-vpn-instance-vpn2] quit
# Associate the IPv6 VPN vpn3 with tunnel policy po1.
[Sysname] ip vpn-instance vpn3
[Sysname-vpn-instance-vpn3] route-distinguisher 11:33
[Sysname-vpn-instance-vpn3] address-family ipv6
[Sysname-vpn-ipv6-vpn3] tnl-policy po1
Related commands
tunnel-policy
vpn popgo
Use vpn popgo to specify the VPN label processing mode as POPGO forwarding on an egress PE, which will pop the label for each packet and forward the packet out of the interface corresponding to the label.
Use undo vpn popgo to restore the default.
Syntax
vpn popgo
undo vpn popgo
Default
The VPN label processing mode is POP forwarding on an egress PE, which will pop the label for each packet and forward the packet through the FIB table.
Views
BGP view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
After you execute the vpn popgo command, the egress PE disconnects and re-establishes BGP sessions to re-learn VPN routes.
After the vpn popgo command is executed, the egress PE does not support load sharing among VPN BGP peers.
Examples
# Specify the VPN label processing mode on the egress PE as POPGO forwarding.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] vpn popgo
# Specify the VPN label processing mode on the egress PE as POP forwarding.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] undo vpn popgo
vpn-id
Use vpn-id to configure a VPN ID for a VPN instance.
Use undo vpn-id to remove the VPN ID of a VPN instance.
Syntax
vpn-id
undo vpn-id
Default
No VPN ID is configured for a VPN instance.
Views
VPN instance view
Predefined user roles
network-admin
mdc-admin
Parameters
vpn-id: Specifies a VPN ID for the VPN instance, in the form of OUI:Index. Both OUI and Index are hex numbers. The OUI is in the range of 0 to FFFFFF, and the index is in the range of 0 to FFFFFFFF.
Usage guidelines
The VPN ID uniquely identifies the VPN instance. Different VPN instances must have different VPN IDs.
The VPN ID cannot be 0:0.
Examples
# Configure VPN ID 20:1 for VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] vpn-id 20:1
Related commands
display ip vpn-instance
vpn-instance-capability simple
Use vpn-instance-capability simple to disable OSPF routing loop detection for a VPN instance.
Use undo vpn-instance-capability to restore the default.
Syntax
vpn-instance-capability simple
undo vpn-instance-capability
Default
OSPF routing loop detection is enabled for a VPN instance.
Views
OSPF view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
In an MCE network, you must disable OSPF routing loop detection for a VPN instance on the MCE. Otherwise, the MCE does not receive OSPF routes from the PE.
This command is applicable only to OSPF view for a VPN instance.
Examples
# Disable OSPF routing loop detection for VPN instance vpna.
<Sysname> system-view
[Sysname] ospf 100 vpn-instance vpna
[Sysname-ospf-100] vpn-instance-capability simple
vpn-target (VPN instance view/IPv4 VPN view/IPv6 VPN view)
Use vpn-target to configure route targets for a VPN instance.
Use undo vpn-target to remove the specified or all route targets of a VPN instance.
Syntax
vpn-target vpn-target&<1-8> [ both | export-extcommunity | import-extcommunity ]
undo vpn-target { all | vpn-target&<1-8> [ both | export-extcommunity | import-extcommunity ] }
Default
No route targets are configured for a VPN instance.
Views
VPN instance view, IPv4 VPN view, IPv6 VPN view
Predefined user roles
network-admin
mdc-admin
Parameters
vpn-target&<1-8>: Specifies a space-separated list of up to eight route targets.
A route target is a string of 3 to 21 characters in one of these formats:
· 16-bit AS number:32-bit user-defined number. For example, 101:3.
· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.
· 32-bit AS number:16-bit user-defined number, where the AS number must not be less than 65536. For example, 65536:1.
both: Uses the specified route targets as both import targets and export targets. The both keyword is also used when you do not specify any of the following keywords: both, export-extcommunity, and import-extcommunity.
export-extcommunity: Uses the specified route targets as export targets.
import-extcommunity: Uses the specified route targets as import targets.
all: Removes all route targets.
Usage guidelines
MPLS L3VPN uses route targets to control the advertisement of VPN routing information. A PE adds the configured export targets into the route target attribute of routes advertised to a peer. The peer uses the local import targets to match the route targets of received routes. If a match is found, the peer adds the routes to the routing table of the VPN instance.
Route targets configured in VPN instance view are applicable to both the IPv4 VPN and the IPv6 VPN.
Route targets configured in IPv4 VPN view or IPv6 VPN view are applicable to only the IPv4 VPN or IPv6 VPN.
Route targets configured in IPv4 VPN view or IPv6 VPN view take precedence over those configured in VPN instance view. If you configure route targets in both IPv4 VPN view (or IPv6 VPN view) and VPN instance view, the IPv4 VPN or IPv6 VPN uses the route targets configured in IPv4 VPN view or IPv6 VPN view.
Examples
# Configure route targets for VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] vpn-target 3:3 export-extcommunity
[Sysname-vpn-instance-vpn1] vpn-target 4:4 import-extcommunity
[Sysname-vpn-instance-vpn1] vpn-target 5:5 both
# Configure route targets for the IPv4 VPN vpn2.
<Sysname> system-view
[Sysname] ip vpn-instance vpn2
[Sysname-vpn-instance-vpn2] address-family ipv4
[Sysname-vpn-ipv4-vpn2] vpn-target 3:3 export-extcommunity
[Sysname-vpn-ipv4-vpn2] vpn-target 4:4 import-extcommunity
[Sysname-vpn-ipv4-vpn2] vpn-target 5:5 both
# Configure route targets for the IPv6 VPN vpn3.
<Sysname> system-view
[Sysname] ip vpn-instance vpn3
[Sysname-vpn-instance-vpn3] address-family ipv6
[Sysname-vpn-ipv6-vpn3] vpn-target 3:3 export-extcommunity
[Sysname-vpn-ipv6-vpn3] vpn-target 4:4 import-extcommunity
[Sysname-vpn-ipv6-vpn3] vpn-target 5:5 both
This chapter describes only IPv6 MPLS L3VPN-specific commands. For information about the commands available for both IPv4 MPLS L3VPN and IPv6 MPLS L3VPN, see "MPLS L3VPN commands."
address-family ipv6 (VPN instance view)
Use address-family ipv6 to enter IPv6 VPN view.
Use undo address-family ipv6 to remove all configurations from IPv6 VPN view.
Syntax
address-family ipv6
undo address-family ipv6
Views
VPN instance view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
In IPv6 VPN view, you can configure IPv6 VPN parameters such as inbound and outbound routing policies.
Examples
# Enter IPv6 VPN view.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] address-family ipv6
[Sysname-vpn-ipv6-vpn1]
Related commands
address-family ipv4 (VPN instance view)
address-family vpnv6
Use address-family vpnv6 to create the BGP VPNv6 address family and enter its view.
Use undo address-family vpnv6 to remove the BGP VPNv6 address family and all configurations in address family view.
Syntax
address-family vpnv6
undo address-family vpnv6
Default
The BGP VPNv6 address family is not created.
Views
BGP view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
A VPNv6 address comprises an RD and an IPv6 prefix. In IPv6 MPLS L3VPNs, PEs exchange BGP VPNv6 routes.
For a PE to exchange BGP VPNv6 routes with a BGP peer, you must enable that peer by executing the peer enable command in BGP VPNv6 address family view.
In BGP VPNv6 address family view, you can configure the following settings:
· BGP VPNv6 route attributes, such as the preferred value.
· Whether to allow the local AS number to appear in the AS_PATH attribute of received route updates.
Examples
# Create the BGP VPNv6 address family and enter its view.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] address-family vpnv6
[Sysname-bgp-af-vpnv6]
disable-dn-bit-check
Use disable-dn-bit-check to ignore the DN bit in OSPFv3 LSAs.
Use undo disable-dn-bit-check to restore the default.
Syntax
disable-dn-bit-check
undo disable-dn-bit-check
Default
A PE checks the DN bit in OSPFv3 LSAs.
Views
OSPFv3 view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
When a PE redistributes BGP routes into OSPFv3 and creates OSPFv3 LSAs, it sets the DN bit for the LSAs. When receiving the LSAs whose DN bit is set, the other PEs ignore the LSAs in route calculation to avoid routing loops.
If all LSAs from other PEs, including the LSAs whose DN bit is set, are required for route calculation, use the disable-dn-bit-check command to ignore the DN bit.
Before using this command, make sure it does not cause any routing loops.
This command takes effect only for an OSPFv3 VRF process that is not configured with the vpn-instance-capability simple command.
Examples
# Ignore the DN bit in LSAs for OSPFv3 VRF process 100.
<Sysname> system-view
[Sysname] ospfv3 100 vpn-instance vpn1
[Sysname-ospfv3-100] disable-dn-bit-check
Related commands
· disable-dn-bit-set
· display ospfv3 (Layer 3—IP Routing Command Reference)
disable-dn-bit-set
Use disable-dn-bit-set to disable setting the DN bit in OSPFv3 LSAs.
Use undo disable-dn-bit-set to restore the default.
Syntax
disable-dn-bit-set
undo disable-dn-bit-set
Default
When a PE redistributes BGP routes into OSPFv3 and creates OSPFv3 LSAs, it sets the DN bit for the LSAs.
Views
OSPFv3 view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
When a PE redistributes BGP routes into OSPFv3 and creates OSPFv3 LSAs, it sets the DN bit for the LSAs. When receiving the LSAs whose DN bit is set, the other PEs ignore the LSAs in route calculation to avoid routing loops.
If other PEs require all LSAs from a local PE for route calculation, use the disable-dn-bit-set command to disable setting the DN bit in the LSAs.
Before using this command, make sure it does not cause any routing loops.
This command takes effect only for an OSPFv3 VRF process that is not configured with the vpn-instance-capability simple command.
Examples
# Disable setting the DN bit in LSAs for OSPFv3 VRF process 100.
<Sysname> system-view
[Sysname] ospfv3 100 vpn-instance vpn1
[Sysname-ospfv3-100] disable-dn-bit-set
Related commands
· disable-dn-bit-check
· display ospfv3 (Layer 3—IP Routing Command Reference)
display bgp routing-table vpnv6
Use display bgp routing-table vpnv6 to display BGP VPNv6 routing information.
Syntax
display bgp routing-table vpnv6 [ route-distinguisher route-distinguisher ] [ network-address prefix-length ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
route-distinguisher route-distinguisher: Specifies an RD, a string of 3 to 21 characters in one of these formats:
· 16-bit AS number:32-bit user-defined number. For example, 101:3.
· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.
· 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1.
network-address prefix-length: Displays the BGP VPNv6 route that exactly matches the specified network address and prefix length. The prefix length is in the range of 0 to 128. If you do not specify this parameter, the command displays all BGP VPNv6 routes.
Examples
# Display all BGP VPNv6 routes.
<Sysname> display bgp routing-table vpnv6
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Total number of routes from all PEs: 1
Route distinguisher: 100:1(vpn1)
Total number of routes: 4
* > Network : 2001:1:: PrefixLen : 96
NextHop : :: LocPrf :
PrefVal : 32768 OutLabel : NULL
MED : 0
Path/Ogn: ?
* e Network : 2001:1:: PrefixLen : 96
NextHop : 2001:1::1 LocPrf :
PrefVal : 0 OutLabel : NULL
MED : 0
Path/Ogn: 65410?
* > Network : 2001:1::2 PrefixLen : 128
NextHop : ::1 LocPrf :
PrefVal : 32768 OutLabel : NULL
MED : 0
Path/Ogn: ?
* >i Network : 2001:3:: PrefixLen : 96
NextHop : ::FFFF:3.3.3.9 LocPrf : 100
PrefVal : 0 OutLabel : 1279
MED : 0
Path/Ogn: ?
Route distinguisher: 200:1
Total number of routes: 1
* >i Network : 2001:3:: PrefixLen : 96
NextHop : ::FFFF:3.3.3.9 LocPrf : 100
PrefVal : 0 OutLabel : 1279
MED : 0
Path/Ogn: ?
|
Field |
Description |
|
BGP Local router ID |
Router ID of the local BGP router. |
|
Status codes |
Route status codes: · * - valid—Valid route. · > - best—Common best route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route. |
|
Origin |
Route origin: · i - IGP—Originated in the AS. The origin of summary routes and routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols. |
|
Total number of routes from all PEs |
Total number of VPNv6 routes from all PEs. |
|
Network |
Network address. |
|
PrefixLen |
Prefix length. |
|
NextHop |
Address of the next hop. |
|
LocPrf |
Local preference value. |
|
PrefVal |
Preferred value. |
|
MED |
MED value. |
|
Path/Ogn |
AS_PATH and Origin attributes. |
display bgp routing-table vpnv6 advertise-info
Use display bgp routing-table vpnv6 advertise-info to display advertisement information for BGP VPNv6 routes.
Syntax
display bgp routing-table vpnv6 [ route-distinguisher route-distinguisher ] network-address [ mask | mask-length ] advertise-info
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
route-distinguisher route-distinguisher: Specifies an RD, a string of 3 to 21 characters in one of these formats:
· 16-bit AS number:32-bit user-defined number. For example, 101:3.
· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.
· 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1.
network-address prefix-length: Displays advertisement information for the BGP VPNv6 route that exactly matches the specified network address and prefix length. The prefix length is in the range of 0 to 128.
Examples
# Display advertisement information for the BGP VPNv6 route destined to network 2001:1::/96.
<Sysname> display bgp routing-table vpnv6 2001:1:: 96 advertise-info
BGP local router ID: 1.1.1.9
Local AS number: 100
Route distinguisher: 100:1
Total number of routes: 1
Paths: 1 best
BGP routing table information of 2001:1::/96:
Advertised to VPN peers (1 in total):
3.3.3.9
Inlabel : 1279
display bgp routing-table vpnv6 as-path-acl
Use display bgp routing-table vpnv6 as-path-acl to display BGP VPNv6 routes permitted by an AS path ACL.
Syntax
display bgp routing-table vpnv6 [ route-distinguisher route-distinguisher ] as-path-acl as-path-acl-number
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
route-distinguisher route-distinguisher: Specifies an RD, a string of 3 to 21 characters in one of these formats:
· 16-bit AS number:32-bit user-defined number. For example, 101:3.
· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.
· 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1.
as-path-acl-number: Specifies an AS path ACL by its number in the range of 1 to 256.
Examples
# Display BGP VPNv6 routes permitted by AS path ACL 1.
<Sysname> display bgp routing-table vpnv6 as-path-acl 1
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Total number of routes from all PEs: 1
Route distinguisher: 100:1(vpn1)
Total number of routes: 4
* > Network : 2001:1:: PrefixLen : 96
NextHop : :: LocPrf :
PrefVal : 32768 OutLabel : NULL
MED : 0
Path/Ogn: ?
* e Network : 2001:1:: PrefixLen : 96
NextHop : 2001:1::1 LocPrf :
PrefVal : 0 OutLabel : NULL
MED : 0
Path/Ogn: 65410?
* > Network : 2001:1::2 PrefixLen : 128
NextHop : ::1 LocPrf :
PrefVal : 32768 OutLabel : NULL
MED : 0
Path/Ogn: ?
* >i Network : 2001:3:: PrefixLen : 96
NextHop : ::FFFF:3.3.3.9 LocPrf : 100
PrefVal : 0 OutLabel : 1279
MED : 0
Path/Ogn: ?
Route distinguisher: 200:1
Total number of routes: 1
* >i Network : 2001:3:: PrefixLen : 96
NextHop : ::FFFF:3.3.3.9 LocPrf : 100
PrefVal : 0 OutLabel : 1279
MED : 0
Path/Ogn: ?
For command output, see Table 9.
Related commands
ip as-path (Layer 3—IP Routing Command Reference)
display bgp routing-table vpnv6 community-list
Use display bgp routing-table vpnv6 community-list to display BGP VPNv6 routing information matching a specified BGP community list.
Syntax
display bgp routing-table vpnv6 [ route-distinguisher route-distinguisher ] community-list { { basic-community-list-number | comm-list-name } [ whole-match ] | adv-community-list-number }
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
route-distinguisher route-distinguisher: Specifies an RD, a string of 3 to 21 characters in one of these formats:
· 16-bit AS number:32-bit user-defined number. For example, 101:3.
· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.
· 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1.
basic-community-list-number: Specifies a basic community list by its number in the range of 1 to 99.
comm-list-name: Specifies a community list by its name, a case-sensitive string of 1 to 63 characters.
whole-match: Displays routes exactly matching the specified community list. If you do not specify this keyword, the command displays routes whose COMMUNITY attributes comprise the specified community list.
adv-community-list-number: Specifies an advanced community list by its number in the range of 100 to 199.
Examples
# Display BGP VPNv6 routing information matching BGP community list 100.
<Sysname> display bgp routing-table vpnv6 community-list 100
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Total number of routes from all PEs: 1
Route distinguisher: 100:1(vpn1)
Total number of routes: 4
* > Network : 2001:1:: PrefixLen : 96
NextHop : :: LocPrf :
PrefVal : 32768 OutLabel : NULL
MED : 0
Path/Ogn: ?
* e Network : 2001:1:: PrefixLen : 96
NextHop : 2001:1::1 LocPrf :
PrefVal : 0 OutLabel : NULL
MED : 0
Path/Ogn: 65410?
* > Network : 2001:1::2 PrefixLen : 128
NextHop : ::1 LocPrf :
PrefVal : 32768 OutLabel : NULL
MED : 0
Path/Ogn: ?
* >i Network : 2001:3:: PrefixLen : 96
NextHop : ::FFFF:3.3.3.9 LocPrf : 100
PrefVal : 0 OutLabel : 1279
MED : 0
Path/Ogn: ?
Route distinguisher: 200:1
Total number of routes: 1
* >i Network : 2001:3:: PrefixLen : 96
NextHop : ::FFFF:3.3.3.9 LocPrf : 100
PrefVal : 0 OutLabel : 1279
MED : 0
Path/Ogn: ?
For command output, see Table 9.
display bgp routing-table vpnv6 inlabel
Use display bgp routing-table vpnv6 inlabel to display incoming labels for BGP VPNv6 routes.
Syntax
display bgp routing-table vpnv6 inlabel
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Examples
# Display incoming labels for all BGP VPNv6 routes.
<Sysname> display bgp routing-table vpnv6 inlabel
Total number of routes: 1
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Route distinguisher: 100:1
Total number of routes: 1
* > Network : 2001:1:: PrefixLen : 96
NextHop : :: OutLabel : NULL
InLabel : 1279
Table 10 Command output
|
Field |
Description |
|
BGP Local router ID |
Router ID of the local BGP router. |
|
Status codes |
Route status codes. See Table 3. |
|
Origin |
Route origin. See Table 3. |
display bgp routing-table vpnv6 outlabel
Use display bgp routing-table vpnv6 outlabel to display outgoing labels for BGP VPNv6 unicast routes.
Syntax
display bgp routing-table vpnv6 outlabel
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Examples
# Display outgoing labels for all BGP VPNv6 routes.
<Sysname> display bgp routing-table vpnv6 outlabel
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Total number of routes from all PEs: 1
Route distinguisher: 100:1(vpn1)
Total number of routes: 1
* >i Network : 2001:3:: PrefixLen : 96
NextHop : ::FFFF:3.3.3.9 OutLabel : 1279
Route distinguisher: 200:1
Total number of routes: 1
* >i Network : 2001:3:: PrefixLen : 96
NextHop : ::FFFF:3.3.3.9 OutLabel : 1279
Table 11 Command output
|
Field |
Description |
|
BGP Local router ID |
Router ID of the local BGP router. |
|
Status |
Route status codes. See Table 3. |
|
Origin |
Route origin codes. See Table 3. |
|
OutLabel |
Outgoing label. |
display bgp routing-table vpnv6 peer
Use display bgp routing-table vpnv6 peer to display BGP VPNv6 routing information advertised to or received from a specified BGP peer.
Syntax
display bgp routing-table vpnv6 peer ip-address { advertised-routes | received-routes } [ network-address prefix-length | statistics ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
ip-address: Specifies a peer by its IP address.
advertised-routes: Displays routing information advertised to the specified peer.
received-routes: Displays routing information received from the specified peer.
network-address prefix-length: Displays the BGP VPNv6 route that exactly matches the specified network address and prefix length. The prefix length is in the range of 0 to 128. If you do not specify this parameter, the command displays all BGP VPNv6 routes.
statistics: Displays route statistics.
Examples
# Display all BGP VPNv6 routing information advertised to BGP peer 3.3.3.9 on the public network.
<Sysname> display bgp routing-table vpnv6 peer 3.3.3.9 advertised-routes
Total number of routes: 1
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Route distinguisher: 100:1
Total number of routes: 1
* > Network : 2001:1:: PrefixLen : 96
NextHop : :: LocPrf :
MED : 0 OutLabel : NULL
Path/Ogn: ?
# Display all BGP VPNv6 routing information received from BGP peer 3.3.3.9 on the public network.
<Sysname> display bgp routing-table vpnv6 peer 3.3.3.9 received-routes
Total number of routes: 1
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Route distinguisher: 200:1
Total number of routes: 1
* >i Network : 2001:3:: PrefixLen : 96
NextHop : ::FFFF:3.3.3.9 LocPrf : 100
PrefVal : 0 OutLabel : 1279
MED : 0
Path/Ogn: ?
For command output, see Table 9.
# Display statistics for BGP VPNv6 routes advertised to BGP peer 3.3.3.9 on the public network.
<Sysname> display bgp routing-table vpnv6 peer 3.3.3.9 advertised-routes statistics
Advertised routes total: 2
# Display statistics for BGP VPNv6 routes received from BGP peer 3.3.3.9 on the public network.
<Sysname> display bgp routing-table vpnv6 peer 3.3.3.9 received-routes statistic
Received routes total: 2
Table 12 Command output
|
Field |
Description |
|
Advertised routes total |
Total number of routes advertised to the specified peer. |
|
Received routes total |
Total number of routes received from the specified peer. |
display bgp routing-table vpnv6 statistics
Use display bgp routing-table vpnv6 statistics to display BGP VPNv6 route statistics.
Syntax
display bgp routing-table vpnv6 statistics
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Examples
# Display BGP VPNv6 route statistics for the public network.
<Sysname> display bgp routing-table vpnv6 statistics
Total number of routes from all PEs: 1
Route distinguisher: 100:1(vpn1)
Total number of routes: 4
Route distinguisher: 200:1
Total number of routes: 1
display ospfv3 sham-link
Use display ospfv3 sham-link to display OSPFv3 sham link information.
Syntax
display ospfv3 [ process-id ] [ area area-id ] sham-link [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
process-id: Displays sham link information for the OSPFv3 process specified by its ID. The process ID is in the range of 1 to 65535. If you do not specify a process, this command displays sham link information for all OSPFv3 processes.
area area-id: Displays sham link information for the OSPFv3 area specified by its ID, which is an IP address, or an integer. The integer is in the range of 0 to 4294967295. If you do not specify an area, this command displays sham link information for all OSPFv3 areas.
verbose: Displays detailed sham link information. If you do not specify this keyword, the command displays brief sham link information.
Examples
# Display brief information about all OSPFv3 sham links.
<Sysname> display ospfv3 sham-link
OSPFv3 Process 1 with Router ID 125.0.0.1
Sham-link (Area: 0.0.0.1)
Neighbor ID State Instance ID Destination address
0.0.0.0 Down 1 1:1::58
95.0.0.1 P-2-P 1 1:1::95
# Display detailed information about all OSPFv3 sham links.
<Sysname> display ospfv3 sham-link verbose
OSPFv3 Process 1 with Router ID 125.0.0.1
Sham-link (Area: 0.0.0.1)
Source : 1:1::125
Destination : 1:1::58
Interface ID: 2147483649
Neighbor ID : 0.0.0.0, Neighbor state: Down
Cost: 1 State: Down Type: Sham Instance ID: 1
Timers: Hello 10, Dead 40, Retransmit 5, Transmit delay 1
Request list: 0 Retransmit list: 0
Source : 1:1::125
Destination : 1:1::95
Interface ID: 2147483650
Neighbor ID : 95.0.0.1, Neighbor state: Full
Cost: 1 State: P-2-P Type: Sham Instance ID: 1
Timers: Hello 10, Dead 40, Retransmit 5, Transmit delay 1
Request list: 0 Retransmit list: 0
IPsec profile name: profile001
Table 13 Command output
|
Field |
Description |
|
Neighbor state |
Neighbor state for the sham link, Down, Init, 2-Way, ExStart, Exchange, Loading, or Full. |
|
Request list |
Number of LSAs in the request list. |
|
Retransmit list |
Number of LSAs in the retransmit list. |
|
IPsec profile name |
Name of the IPsec profile applied by the sham link. |
domain-id
Use domain-id to set an OSPFv3 domain ID.
Use undo domain-id to restore the default.
Syntax
domain-id { domain-id [ secondary ] | null }
undo domain-id [ domain-id | null ]
Default
The OSPFv3 domain ID is 0.
Views
OSPFv3 view
Predefined user roles
network-admin
mdc-admin
Parameters
domain-id: Specifies an OSPFv3 domain ID, in one of the following formats:
· Integer, in the range of 0 to 4294967295. For example, 1.
· Dotted decimal notation. For example, 0.0.0.1.
· Dotted decimal notation:16-bit user-defined number in the range of 0 to 65535. For example, 0.0.0.1:512.
secondary: Specifies a secondary domain ID. If you do not specify this keyword, the command specifies a primary domain ID.
null: Carries no domain ID in the community attribute.
Usage guidelines
When you redistribute OSPFv3 routes into BGP, BGP adds the primary domain ID to the redistributed BGP VPNv6 routes as a BGP extended community attribute. Then, BGP advertises the routes to the peer PE.
When the peer PE receives the routes, it compares the OSPFv3 domain ID in the routes with the locally configured primary and secondary domain IDs. If the primary or secondary domain ID is the same as the received domain ID, and the received routes are intra-area or inter-area routes, OSPFv3 advertises these routes in Inter-Area-Prefix LSAs (Type 3 LSAs). Otherwise, OSPFv3 advertises these routes in AS External LSAs (Type 5 LSAs) or NSSA External LSAs (Type 7 LSAs).
A null domain ID and a domain ID of 0 are considered the same in domain ID comparison.
You cannot configure a secondary domain ID when the primary domain ID is configured as 0.
With no parameters specified, the undo domain-id command deletes all domain IDs.
This command takes effect only for an OSPFv3 VRF process that is not configured with the vpn-instance-capability simple command.
Examples
# Set the primary domain ID for OSPFv3 VRF process 100 to 1.1.1.1.
<Sysname> system-view
[Sysname] ospfv3 100 vpn-instance vpn1
[Sysname-ospfv3-100] domain-id 1.1.1.1
Related commands
display ospfv3 (Layer 3—IP Routing Command Reference)
ext-community-type
Use ext-community-type to configure the type code of an OSPFv3 extended community attribute.
Use undo ext-community-type to restore the default.
Syntax
ext-community-type { domain-id type-code1 | route-type type-code2 | router-id type-code3 }
undo ext-community-type [ domain-id | route-type | router-id ]
Default
The type codes for domain ID, route type, and router ID are hex numbers 0005, 0306, and 0107, respectively.
Views
OSPFv3 view
Predefined user roles
network-admin
mdc-admin
Parameters
domain-id type-code1: Specifies the type code for domain ID. Valid values are hex numbers 0005, 0105, 0205, and 8005.
route-type type-code2: Specifies the type code for route type. Valid values are hex numbers 0306 and 8000.
router-id type-code3: Specifies the type code for router ID. Valid values are hex numbers 0107 and 8001.
Examples
# Configure the type codes of domain ID, route type, and router ID as hex numbers 8005, 8000, and 8001, respectively, for OSPFv3 VRF process 100.
<Sysname> system-view
[Sysname] ospfv3 100 vpn-instance vpn1
[Sysname-ospfv3-100] ext-community-type domain-id 8005
[Sysname-ospfv3-100] ext-community-type route-type 8000
[Sysname-ospfv3-100] ext-community-type router-id 8001
Related commands
display ospfv3 (Layer 3—IP Routing Command Reference)
policy vpn-target
Use policy vpn-target to enable route target filtering of received VPNv6 routes.
Use undo policy vpn-target to permit all VPNv6 routes.
Syntax
policy vpn-target
undo policy vpn-target
Default
The route target filtering function is enabled for received VPNv6 routes.
Views
BGP VPNv6 address family view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
In an inter-AS option B scenario, an ASBR-PE must save all incoming VPNv4 routes and advertises those routes to the peer ASBR-PE. For this purpose, you must execute the undo policy vpn-target command on the ASBR-PE to disable route target filtering.
Examples
# Disable route target filtering of received VPNv6 routes.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] address-family vpnv6
[Sysname-bgp-af-vpnv6] undo policy vpn-target
refresh bgp vpnv6
Use refresh bgp vpnv6 to manually soft reset BGP sessions for VPNv6 address family.
Syntax
refresh bgp { ip-address | all | external | group group-name | internal } { export | import } vpnv6
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
ip-address: Soft resets the BGP session with the BGP peer identified by this IP address.
all: Soft resets all BGP sessions for VPNv6 address family.
external: Soft resets all EBGP sessions for VPNv6 address family.
group group-name: Soft resets BGP sessions with the BGP peer group identified by this name, a case-sensitive string of 1 to 47 characters.
internal: Soft resets all IBGP sessions for VPNv6 address family.
export: Soft resets outbound EBGP sessions.
import: Soft resets inbound EBGP sessions.
Usage guidelines
Soft reset can update BGP VPNv6 routing information without breaking down BGP neighbor relationships.
You can apply a new route selection policy by executing this command. If you execute this command with the export keyword, BGP filters advertised routing information based on the new policy and sends the matching routes to the BGP peer. If you execute this command with the import keyword, BGP advertises a route-refresh message to the peer so the peer re-advertises its routing information. After receiving the routing information from the peer, BGP filters the routing information by using the new policy.
This command requires that both the local router and the peer support route refresh.
If the peer keep-all-routes command is configured, the refresh bgp vpnv4 import command does not take effect.
Examples
# Manually soft reset all inbound BGP sessions for VPNv6 address family.
<Sysname> refresh bgp all import vpnv6
Related commands
· peer capability-advertise route-refresh (Layer 3—IP Routing Command Reference)
· peer keep-all-routes (Layer 3—IP Routing Command Reference)
reset bgp vpnv6
Use reset bgp vpnv6 to reset BGP sessions for VPNv6 address family.
Syntax
reset bgp { as-number | ip-address | all | external | group group-name | internal } vpnv6
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
as-number: Resets BGP sessions in the AS identified by this number in the range of 1 to 4294967295.
ip-address: Resets the BGP session with the BGP peer identified by this IP address.
all: Resets all BGP sessions for VPNv6 address family.
external: Resets all EBGP sessions for VPNv6 address family.
group group-name: Resets BGP sessions with the BGP peer group identified by this name, a case-sensitive string of 1 to 47 characters.
internal: Resets all IBGP sessions for VPNv6 address family.
Usage guidelines
You can reset BGP sessions to apply a new route selection policy. BGP filters advertised VPNv6 routing information based on the new policy. Resetting BGP sessions temporarily breaks down the BGP sessions.
Examples
# Reset all BGP sessions for VPNv6 address family.
<Sysname> reset bgp all vpnv6
route-tag
Use route-tag to configure an external route tag for redistributed VPN routes.
Use undo route-tag to restore the default.
Syntax
route-tag tag-value
undo route-tag
Default
If BGP runs within an MPLS backbone, and the BGP AS number is not greater than 65535, the first two octets of the external route tag are 0xD000, and the last two octets are the local BGP AS number. For example, if the local BGP AS number is 100, the external route tag value is 3489661028 (100 + the decimal value of 0xD0000000). If the AS number is greater than 65535, the external route tag is 0.
Views
OSPFv3 view
Predefined user roles
network-admin
mdc-admin
Parameters
tag-value: Specifies the external route tag for redistributed VPN routes, in the range of 0 to 4294967295.
Usage guidelines
In a dual-homed scenario where OSPFv3 runs between the CE and the connected PEs (PE-A and PE-B, for example), you can use external route tags to avoid routing loops.
When PE-A redistributes BGP VPNv6 routes from the peer PE into OSPFv3, and advertises these routes in the Type 5 or 7 LSAs to the CE, PE-A adds the locally configured external route tag to the LSAs.
If the route-tag-check enable command is configured on the PE-B, it compares the external route tag in the receiving Type 5 or 7 LSAs with the locally configured tag. If they are the same, PE-B ignores the LSA in route calculation to avoid routing loops.
The commands used to configure the external route tag (in the descending order of tag priority) are as follows:
· import-route
· route-tag (for PEs) and default tag (for CEs and MCEs)
H3C recommends configuring the same external route tag for PEs in the same area.
An external route tag is not transferred in any BGP extended community attribute. It takes effect only on PEs that receive BGP routes and generate OSPF Type 5 or 7 LSAs.
You can configure the same external route tag for different OSPF processes.
This command takes effect only for an OSPFv3 VRF process that is not configured with the vpn-instance-capability simple command.
Examples
# Set the external route tag for redistributed VPN routes to 100 for OSPFv3 VRF process 100.
<Sysname> system-view
[Sysname] ospfv3 100 vpn-instance vpn1
[Sysname-ospfv3-100] route-tag 100
Related commands
· default tag (Layer 3—IP Routing Command Reference)
· display ospfv3 (Layer 3—IP Routing Command Reference)
· import-route (Layer 3—IP Routing Command Reference)
· route-tag-check enable
route-tag-check enable
Use route-tag-check enable to enable the external route check function for OSPFv3 LSAs.
Use undo route-tag-check enable to restore the default.
Syntax
route-tag-check enable
undo route-tag-check enable
Default
The external route tag in OSPFv3 LSAs is not checked.
Views
OSPFv3 view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
In a dual-homed scenario where OSPFv3 runs between the CE and the connected PEs (PE-A and PE-B, for example), you can use external route tags to avoid routing loops.
When PE-A redistributes BGP VPNv6 routes from the peer PE into OSPFv3, and advertises these routes in the Type 5 or 7 LSAs to the CE, PE-A adds the locally configured external route tag to the LSAs.
If the route-tag-check enable command is configured on PE-B, it compares the external route tag in the receiving Type 5 or 7 LSAs with the locally configured tag. If they are the same, PE-B ignores the LSA in route calculation to avoid routing loops.
Use the external route tag check function only when the device does not support the DN bit. Otherwise, use the DN bit to avoid routing loops.
This command takes effect only for an OSPFv3 VRF process that is not configured with the vpn-instance-capability simple command.
Examples
# Check the external route tag in LSAs for OSPFv3 VRF process 100.
<Sysname> system-view
[Sysname] ospfv3 100 vpn-instance vpn1
[Sysname-ospfv3-100] route-tag-check enable
Related commands
· display ospfv3 (Layer 3—IP Routing Command Reference)
· route-tag
rr-filter
Use rr-filter to create an RR reflection policy so that only IBGP routes whose extended community attribute matches the specified extended community list are reflected.
Use undo rr-filter to restore the default.
Syntax
rr-filter extended-community-number
undo rr-filter
Default
An RR does not filter reflected routes.
Views
BGP VPNv6 address family view
Predefined user roles
network-admin
mdc-admin
Parameters
extended-community-number: Specifies an extended community number in the range of 1 to 199.
Usage guidelines
By configuring different RR reflection policies on RRs in a cluster, you can implement load balancing among the RRs.
Examples
# Configure the RR to only reflect VPNv6 routes with an extended community number of 10.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] address-family vpnv6
[Sysname-bgp-vpnv6] rr-filter 10
sham-link
Use sham-link to create an OSPFv3 sham link.
Use undo sham-link to remove a sham link or restore the defaults of specified parameters for a sham link.
Syntax
sham-link source-ipv6-address destination-ipv6-address [ cost cost | dead dead-interval | hello hello-interval | instance instance-id | ipsec-profile profile-name | retransmit retrans-interval | trans-delay delay ] *
undo sham-link source-ipv6-address destination-ipv6-address [ cost | dead | hello | ipsec-profile | retransmit | trans-delay ] *
Default
No OSPFv3 sham link is configured.
Views
OSPFv3 area view
Predefined user roles
network-admin
mdc-admin
Parameters
source-ipv6-address: Specifies the source IPv6 address of the sham link.
destination-ipv6-address: Specifies the destination IPv6 address of the sham link.
cost cost: Specifies the cost of the sham link, in the range of 1 to 65535. The default cost is 1.
dead dead-interval: Specifies the dead interval in the range of 1 to 32768 seconds. The default is 40 seconds. The dead interval configured on each end of the sham link must be identical, and must be at least four times the hello interval.
hello hello-interval: Specifies the interval for sending hello packets, in the range of 1 to 8192 seconds. The default is 10 seconds. The hello interval configured on each end of the sham link must be identical.
instance instance-id: Specifies the instance ID of the sham link, in the range of 0 to 255. The default value is 0.
ipsec-profile profile-name: Specifies the IPsec profile for the sham link. The profile-name argument specifies the profile by its name, a case-insensitive string of 1 to 63 characters.
retransmit retrans-interval: Specifies the interval for retransmitting LSAs, in the range of 1 to 3600 seconds. The default is 5 seconds.
trans-delay delay: Specifies the delay interval before the interface sends an LSA, in the range of 1 to 3600 seconds. The default is 1 second.
Usage guidelines
When a backdoor link exists between the two sites of a VPN, you can create a sham link between PEs to forward VPN traffic through the sham link on the backbone rather than through the backdoor link. A sham link is considered an OSPFv3 intra-area route.
Examples
# Create a sham link with the source address 1::1 and destination address 2::2.
<Sysname> system-view
[Sysname] ospfv3 100 vpn-instance vpn1
[Sysname-ospfv3-100] area 0
[Sysname-ospfv3-100-area-0.0.0.0] sham-link 1::1 2::2
Related commands
display ospfv3 sham-link
vpn-instance-capability simple
Use vpn-instance-capability simple to disable routing loop detection for an OSPFv3 VRF process.
Use undo vpn-instance-capability to restore the default.
Syntax
vpn-instance-capability simple
undo vpn-instance-capability
Default
Routing loop detection is enabled for an OSPFv3 VRF process.
Views
OSPFv3 view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
On an MCE network, you must disable routing loop detection for an OSPFv3 VRF process on the MCE. Otherwise, the MCE does not receive OSPFv3 routes from the PE.
This command is applicable only to OSPFv3 VRF processes.
Examples
# Disable routing loop detection for OSPFv3 VRF process 100.
<Sysname> system-view
[Sysname] ospfv3 100 vpn-instance vpn1
[Sysname-ospfv3-100] vpn-instance-capability simple
