Login
- Table of Contents
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 08-MPLS L3VPN commands | 213.92 KB |
address-family ipv4 (VPN instance view)
description (VPN instance view)
display bgp routing-table ipv4 unicast inlabel
display bgp routing-table ipv4 unicast outlabel
display bgp routing-table vpnv4
display bgp routing-table vpnv4 inlabel
display bgp routing-table vpnv4 outlabel
route-distinguisher (VPN instance view)
tnl-policy (VPN instance view/IPv4 VPN view/IPv6 VPN view)
vpn-target (VPN instance view/IPv4 VPN view/IPv6 VPN view)
address-family ipv6 (VPN instance view)
display bgp routing-table vpnv6
display bgp routing-table vpnv6 inlabel
display bgp routing-table vpnv6 outlabel
MPLS L3VPN commands
address-family ipv4 (VPN instance view)
Use address-family ipv4 in VPN instance view to enter IPv4 VPN view.
Use undo address-family ipv4 to remove all configurations from IPv4 VPN view.
Syntax
address-family ipv4
undo address-family ipv4
Views
VPN instance view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
In IPv4 VPN view, you can configure IPv4 VPN parameters such as inbound and outbound routing policies.
Examples
# Enter IPv4 VPN view.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] address-family ipv4
[Sysname-vpn-ipv4-vpn1]
Related commands
address-family ipv6 (VPN instance view)
address-family vpnv4
Use address-family vpnv4 to create the BGP VPNv4 address family or BGP-VPN VPNv4 address family and enter its view.
Use undo address-family vpnv4 to remove the BGP VPNv4 address family or BGP-VPN VPNv4 address family and all configurations in address family view.
Syntax
address-family vpnv4
undo address-family vpnv4
Default
The BGP VPNv4 address family or BGP-VPN VPNv4 address family is not created.
Views
BGP view, BGP-VPN instance view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
A VPNv4 address comprises an RD and an IPv4 prefix. VPNv4 routes comprise VPNv4 addresses.
For a PE to exchange BGP VPNv4 routes with a BGP peer, you must enable that peer by executing the peer enable command in BGP VPNv4 address family view or BGP-VPN VPNv4 address family view.
In BGP VPNv4 address family view, you can configure the following settings:
· BGP VPNv4 route attributes, such as the preferred value.
· Whether to allow the local AS number to appear in the AS_PATH attribute of received route updates.
The settings in BGP VPNv4 address family view control VPNv4 route exchange between PEs.
The settings in BGP-VPN VPNv4 address family view control VPNv4 route exchange between provider PE and provider CE in nested MPLS L3VPN.
Examples
# Create the BGP VPNv4 address family and enter its view.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] address-family vpnv4
[Sysname-bgp-vpnv4]
# Create the BGP-VPN VPNv4 address family and enter its view.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] ip vpn-instance vpn1
[Sysname-bgp-vpn1] address-family vpnv4
[Sysname-bgp-vpnv4-vpn1]
description (VPN instance view)
Use description to configure a description for a VPN instance.
Use undo description to delete the description.
Syntax
description text
undo description
Default
No description is configured for a VPN instance.
Views
VPN instance view
Predefined user roles
network-admin
mdc-admin
Parameters
text: Configures a description for the VPN instance, a case-sensitive string of 1 to 79 characters.
Examples
# Configure a description of This is vpn1 for VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] description This is vpn1
display bgp routing-table ipv4 unicast inlabel
Use display bgp routing-table ipv4 unicast inlabel to display incoming labels for BGP IPv4 unicast routes.
Syntax
display bgp routing-table ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] inlabel
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
vpn-instance vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays incoming labels for BGP IPv4 unicast routes on the public network.
Usage guidelines
This command displays incoming labels for BGP IPv4 unicast routes regardless of whether the unicast keyword is specified or not.
Examples
# Display incoming labels for all BGP IPv4 unicast routes on the public network.
<Sysname> display bgp routing-table ipv4 inlabel
Total number of routes: 1
BGP local router ID is 3.3.3.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop OutLabel InLabel
* > 2.2.2.9/32 1.1.1.2 1151 1279
Table 1 Command output
|
Field |
Description |
|
BGP Local router ID |
Router ID of the local BGP router. |
|
Status |
Route status codes: · * - valid—Valid route. · > - best—Common optimal route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route. |
|
Origin |
Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols. |
|
In/Out Label |
Incoming/outgoing label. |
display bgp routing-table ipv4 unicast outlabel
Use display bgp routing-table ipv4 unicast outlabel to display outgoing labels for BGP IPv4 unicast routes.
Syntax
In standalone mode:
display bgp routing-table ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] outlabel [ standby slot slot-number ]
In IRF mode:
display bgp routing-table ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] outlabel [ standby chassis chassis-number slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
vpn-instance vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays outgoing labels for BGP IPv4 unicast routes on the public network.
standby: Displays BGP IPv4 unicast route outgoing labels for a standby BGP process. If you do not specify a standby BGP process, this command displays information for the active BGP process.
slot slot-number: Specifies the slot number of the card where the standby process resides. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies the card or the PEX where the standby process resides. The chassis-number argument represents the member ID of the IRF member device or the virtual chassis number of the PEX. The slot-number argument represents the slot number of the card or PEX. (In IRF mode.)
Usage guidelines
This command displays outgoing labels for BGP IPv4 unicast routes regardless of whether the unicast keyword is specified or not.
Examples
# Display outgoing labels for all BGP IPv4 unicast routes on the public network.
<Sysname> display bgp routing-table ipv4 outlabel
Total number of routes: 1
BGP local router ID is 3.3.3.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop OutLabel
* > 2.2.2.9/32 1.1.1.2 1151
Table 2 Command output
|
Field |
Description |
|
BGP Local router ID |
Router ID of the local BGP router. |
|
Status |
Route status codes: · * - valid—Valid route. · > - best—Common optimal route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route. |
|
Origin |
Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols. |
|
OutLabel |
Outgoing label. |
display bgp routing-table vpnv4
Use display bgp routing-table vpnv4 to display BGP VPNv4 routing information.
Syntax
In standalone mode:
display bgp routing-table vpnv4 [ [ route-distinguisher route-distinguisher ] [ network-address [ { mask | mask-length } [ longest-match ] ] | network-address [ mask | mask-length ] advertise-info | as-path-acl as-path-acl-number | community-list { { basic-community-list-number | comm-list-name } [ whole-match ] | adv-community-list-number } ] | [ vpn-instance vpn-instance-name ] peer ip-address { advertised-routes | received-routes } [ network-address [ mask | mask-length ] | statistics ] | statistics ] [ standby slot slot-number ]
In IRF mode:
display bgp routing-table vpnv4 [ [ route-distinguisher route-distinguisher ] [ network-address [ { mask | mask-length } [ longest-match ] ] | network-address [ mask | mask-length ] advertise-info | as-path-acl as-path-acl-number | community-list { { basic-community-list-number | comm-list-name } [ whole-match ] | adv-community-list-number } ] | [ vpn-instance vpn-instance-name ] peer ip-address { advertised-routes | received-routes } [ network-address [ mask | mask-length ] | statistics ] | statistics ] [ standby chassis chassis-number slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
route-distinguisher route-distinguisher: Specifies an RD, a string of 3 to 21 characters in one of the following formats:
· 16-bit AS number:32-bit user-defined number. For example, 101:3.
· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.
· 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1.
network-address: Specifies the destination network address.
mask: Specifies the network mask, in dotted decimal notation.
mask-length: Specifies the length of the network mask, in the range of 0 to 32.
longest-match: Displays the longest matching BGP VPNv4 route.
advertise-info: Displays advertisement information for BGP VPNv4 routes.
as-path-acl as-path-acl-number: Displays BGP VPNv4 routes that match the AS path list specified by its number in the range of 1 to 256.
community-list: Displays BGP VPNv4 routes that match a BGP community list.
basic-community-list-number: Specifies a basic community list by its number in the range of 1 to 99.
comm-list-name: Specifies a community list by its name, a case-sensitive string of 1 to 63 characters.
whole-match: Displays BGP VPNv4 routes exactly matching the specified community list. If you do not specify this keyword, the command displays BGP VPNv4 routes whose COMMUNITY attributes include the specified community list.
adv-community-list-number: Specifies an advanced community list by its number in the range of 100 to 199.
vpn-instance vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays BGP VPNv4 routes advertised to or received from the specified peer on the public network.
peer: Displays BGP VPNv4 routing information advertised to or received from a peer.
ip-address: Specifies the peer IP address.
advertised-routes: Displays BGP VPNv4 routing information advertised to the specified peer.
received-routes: Displays BGP VPNv4 routing information received from the specified peer.
statistics: Displays BGP VPNv4 routing statistics.
standby: Displays BGP VPNv4 routing information for a standby BGP process. If you do not specify a standby BGP process, this command displays information for the active BGP process.
slot slot-number: Specifies the slot number of the card where the standby process resides. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies the card or PEX where the standby process resides. The chassis-number argument represents the member ID of the IRF member device or the virtual chassis number of the PEX. The slot-number argument represents the slot number of the card or PEX. (In IRF mode.)
Usage guidelines
If you do not specify any parameters, this command displays information about all BGP VPNv4 routes.
If you specify network-address mask or network-address mask-length, this command displays information about the BGP VPNv4 route that exactly matches the specified address and mask.
If you specify only network-address, the system ANDs the network address with the mask of a route. If the result matches the network address of the route, this command displays information about the BGP VPNv4 route.
The active BGP process backs up BGP peers and routing information to the standby BGP process only when BGP NSR is enabled. If BGP NSR is disabled, this command does not display anything when you execute it with the standby keyword.
Examples
# Display brief information about all BGP VPNv4 routes.
<Sysname> display bgp routing-table vpnv4
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Total number of routes from all PEs: 8
Route distinguisher: 100:1(vpn1)
Total number of routes: 6
Network NextHop MED LocPrf PrefVal Path/Ogn
* > 10.1.1.0/24 10.1.1.2 0 32768 ?
* e 10.1.1.1 0 0 65410?
* > 10.1.1.2/32 127.0.0.1 0 32768 ?
* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?
* >e 192.168.1.0 10.1.1.1 0 0 65410?
* i 3.3.3.9 0 100 0 65420?
Route distinguisher: 200:1
Total number of routes: 2
Network NextHop MED LocPrf PrefVal Path/Ogn
* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?
* >i 192.168.1.0 3.3.3.9 0 100 0 65420?
# Display brief information about BGP VPNv4 routes with RD 100:1.
<Sysname> display bgp routing-table vpnv4 route-distinguisher 100:1
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Route distinguisher: 100:1(vpn1)
Total number of routes: 6
Network NextHop MED LocPrf PrefVal Path/Ogn
* > 10.1.1.0/24 10.1.1.2 0 32768 ?
* e 10.1.1.1 0 0 65410?
* > 10.1.1.2/32 127.0.0.1 0 32768 ?
* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?
* >e 192.168.1.0 10.1.1.1 0 0 65410?
* i 3.3.3.9 0 100 0 65420?
# Display information about BGP VPNv4 routes matching AS_PATH list 1.
<Sysname> display bgp routing-table vpnv4 as-path-acl 1
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Total number of routes from all PEs: 8
Route distinguisher: 100:1(vpn1)
Total number of routes: 6
Network NextHop MED LocPrf PrefVal Path/Ogn
* > 10.1.1.0/24 10.1.1.2 0 32768 ?
* e 10.1.1.1 0 0 65410?
* > 10.1.1.2/32 127.0.0.1 0 32768 ?
* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?
* >e 192.168.1.0 10.1.1.1 0 0 65410?
* i 3.3.3.9 0 100 0 65420?
Route distinguisher: 200:1
Total number of routes: 2
Network NextHop MED LocPrf PrefVal Path/Ogn
* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?
* >i 192.168.1.0 3.3.3.9 0 100 0 65420?
# Display information about BGP VPNv4 routes matching BGP community list 100.
<Sysname> display bgp routing-table vpnv4 community-list 100
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Total number of routes from all PEs: 8
Route distinguisher: 100:1(vpn1)
Total number of routes: 6
Network NextHop MED LocPrf PrefVal Path/Ogn
* > 10.1.1.0/24 10.1.1.2 0 32768 ?
* e 10.1.1.1 0 0 65410?
* > 10.1.1.2/32 127.0.0.1 0 32768 ?
* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?
* >e 192.168.1.0 10.1.1.1 0 0 65410?
* i 3.3.3.9 0 100 0 65420?
Route distinguisher: 200:1
Total number of routes: 2
Network NextHop MED LocPrf PrefVal Path/Ogn
* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?
* >i 192.168.1.0 3.3.3.9 0 100 0 65420?
# Display information about BGP VPNv4 routes advertised to peer 3.3.3.9 on the public network.
<Sysname> display bgp routing-table vpnv4 peer 3.3.3.9 advertised-routes
Total number of routes: 2
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Route distinguisher: 100:1
Total number of routes: 2
Network NextHop MED LocPrf Path/Ogn
* > 10.1.1.0/24 10.1.1.2 0 ?
* >e 192.168.1.0 10.1.1.1 0 65410?
# Display information about BGP VPNv4 routes received from peer 3.3.3.9 on the public network.
<Sysname> display bgp routing-table vpnv4 peer 3.3.3.9 received-routes
Total number of routes: 2
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Route distinguisher: 200:1
Total number of routes: 2
Network NextHop MED LocPrf PrefVal Path/Ogn
* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?
* >i 192.168.1.0 3.3.3.9 0 100 0 65420?
|
Field |
Description |
|
BGP Local router ID |
Router ID of the local BGP router. |
|
Status codes |
Route status codes: · * - valid—Valid route. · > - best—Common best route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route. |
|
Origin |
Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols. |
|
Total number of routes from all PEs |
Total number of VPNv4 routes from all PEs. |
|
Network |
Network address. |
|
NextHop |
Address of the next hop. |
|
MED |
MULTI_EXIT_DISC attribute. |
|
LocPrf |
Local preference value. |
|
PrefVal |
Preferred value. |
|
Path/Ogn |
AS_PATH and Origin attributes. |
# Display detailed information about BGP VPNv4 routes to 10.3.1.0/24.
<Sysname> display bgp routing-table vpnv4 10.3.1.0 24
BGP local router ID: 1.1.1.9
Local AS number: 100
Route distinguisher: 100:1(vpn1)
Total number of routes: 1
Paths: 1 available, 1 best
BGP routing table information of 10.3.1.0/24:
From : 3.3.3.9 (3.3.3.9)
Rely nexthop : 172.1.1.2
Original nexthop: 3.3.3.9
OutLabel : 1279
Ext-Community : <RT: 111:1>
AS-path : (null)
Origin : incomplete
Attribute value : MED 0, localpref 100, pref-val 0
State : valid, internal, best
IP precedence : N/A
QoS local ID : N/A
Route distinguisher: 200:1
Total number of routes: 1
Paths: 1 available, 1 best
BGP routing table information of 10.3.1.0/24:
From : 3.3.3.9 (3.3.3.9)
Rely nexthop : 172.1.1.2
Original nexthop: 3.3.3.9
OutLabel : 1279
Ext-Community : <RT: 111:1>
AS-path : (null)
Origin : incomplete
Attribute value : MED 0, localpref 100, pref-val 0
State : valid, internal, best
IP precedence : N/A
QoS local ID : N/A
# Display detailed information about the BGP VPNv4 route to 10.3.1.0/24 and with RD 100:1.
<Sysname> display bgp routing-table vpnv4 route-distinguisher 100:1 10.3.1.0 24
BGP local router ID: 1.1.1.9
Local AS number: 100
Route distinguisher: 100:1(vpn1)
Total number of routes: 1
Paths: 1 available, 1 best
BGP routing table information of 10.3.1.0/24:
From : 3.3.3.9 (3.3.3.9)
Rely nexthop : 172.1.1.2
Original nexthop: 3.3.3.9
OutLabel : 1279
Ext-Community : <RT: 111:1>
AS-path : (null)
Origin : incomplete
Attribute value : MED 0, localpref 100, pref-val 0
State : valid, internal, best
IP precedence : N/A
QoS local ID : N/A
Table 4 Command output
|
Field |
Description |
|
Rely Nexthop |
Recursive next hop. If no recursive next hop is found, this field displays not resolved. |
|
Original nexthop |
Original next hop. If the route is learned from a BGP update, it is the next hop in the update message. |
|
Ext-Community |
Extended community attribute. |
|
Attribute value |
BGP route attribute information: · MED—MED attribute. · Localpref—Local preference. · pref-val—Preferred value. · pre—Protocol preference. |
|
State |
Route status: · valid—Valid route. · internal—Internal route. · external—External route. · local—Locally generated route. · synchronize—Synchronized route. · best—Best route. |
|
IP precedence |
IP priority of a route, in the range of 0 to 7. N/A indicates an invalid value. |
|
QoS local ID |
QoS local ID attribute of a route, in the range of 1 to 4095. N/A indicates an invalid value. |
# Display advertisement information for BGP VPNv4 routes to 10.1.1.0/24.
<Sysname> display bgp routing-table vpnv4 10.1.1.0 24 advertise-info
BGP local router ID: 1.1.1.9
Local AS number: 100
Route distinguisher: 100:1
Total number of routes: 1
Paths: 1 best
BGP routing table information of 10.1.1.0/24:
Advertised to VPN peers (1 in total):
3.3.3.9
Inlabel : 1279
Table 5 Command output
|
Field |
Description |
|
Paths |
Number of routes to the specified destination network. |
|
BGP routing table information of 10.1.1.0/24 |
Advertisement information for the BGP route to 10.1.1.0/24. |
|
Advertised to VPN peers (1 in total) |
VPNv4 peers to which the route is advertised, and the number of peers. |
|
Inlabel |
Incoming label of the route. |
# Display statistics about BGP VPNv4 routes advertised to peer 3.3.3.9 on the public network.
<Sysname> display bgp routing-table vpnv4 peer 3.3.3.9 advertised-routes statistics
Advertised routes total: 2
# Display statistics about BGP VPNv4 routes received from peer 3.3.3.9 on the public network.
<Sysname> display bgp routing-table vpnv4 peer 3.3.3.9 received-routes statistic
Received routes total: 2
Table 6 Command output
|
Field |
Description |
|
Advertised routes total |
Total number of routes advertised to the specified peer. |
|
Received routes total |
Total number of routes received from the specified peer. |
# Display statistics about BGP VPNv4 routes on the public network.
<Sysname> display bgp routing-table vpnv4 statistics
Total number of routes from all PEs: 8
Route distinguisher: 100:1(vpn1)
Total number of routes: 6
Route distinguisher: 200:1
Total number of routes: 2
Table 7 Command output
|
Field |
Description |
|
Total number of routes from all PEs |
Total number of VPNv4 routes from all PEs. |
|
Total number of routes |
Total number of VPNv4 routes with the specified RD. |
Related commands
ip as-path (Layer 3—IP Routing Command Reference)
display bgp routing-table vpnv4 inlabel
Use display bgp routing-table vpnv4 inlabel to display incoming labels for BGP VPNv4 routes.
Syntax
display bgp routing-table vpnv4 inlabel
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Examples
# Display incoming labels for all BGP VPNv4 routes.
<Sysname> display bgp routing-table vpnv4 inlabel
Total number of routes: 2
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Route distinguisher: 100:1
Total number of routes: 2
Network NextHop OutLabel InLabel
* > 10.1.1.0/24 10.1.1.2 NULL 1279
* >e 192.168.1.0 10.1.1.1 NULL 1278
Table 8 Command output
|
Field |
Description |
|
BGP Local router ID |
Router ID of the local BGP router. |
|
Status codes |
Route status codes: · * - valid—Valid route. · > - best—Common optimal route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route. |
|
Origin |
Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols. |
display bgp routing-table vpnv4 outlabel
Use display bgp routing-table vpnv4 outlabel to display outgoing labels for all BGP VPNv4 routes.
Syntax
In standalone mode:
display bgp routing-table vpnv4 outlabel [ standby slot slot-number ]
In IRF mode:
display bgp routing-table vpnv4 outlabel [ standby chassis chassis-number slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
standby: Displays BGP VPNv4 route outgoing labels for a standby BGP process. If you do not specify a standby BGP process, this command displays information for the active BGP process.
slot slot-number: Specifies the slot number of the card where the standby process resides. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies the card or PEX where the standby process resides. The chassis-number argument represents the member ID of the IRF member device or the virtual chassis number of the PEX. The slot-number argument represents the slot number of the card or PEX. (In IRF mode.)
Examples
# Display outgoing labels for all BGP VPNv4 routes.
<Sysname> display bgp routing-table vpnv4 outlabel
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Total number of routes from all PEs: 8
Route distinguisher: 100:1(vpn1)
Total number of routes: 2
Network NextHop OutLabel
* >i 10.3.1.0/24 3.3.3.9 1279
* i 192.168.1.0 3.3.3.9 1278
Route distinguisher: 200:1
Total number of routes: 2
Network NextHop OutLabel
* >i 10.3.1.0/24 3.3.3.9 1279
* >i 192.168.1.0 3.3.3.9 1278
Table 9 Command output
|
Field |
Description |
|
BGP Local router ID |
Router ID of the local BGP router. |
|
Status |
Route status codes: · * - valid—Valid route. · > - best—Common optimal route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route. |
|
Origin |
Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols. |
|
OutLabel |
Outgoing label. |
display ospf sham-link
Use display ospf sham-link to display OSPF sham link information.
Syntax
In standalone mode:
display ospf [ process-id ] sham-link [ area area-id ] [ standby slot slot-number ]
In IRF mode:
display ospf [ process-id ] sham-link [ area area-id ] [ standby chassis chassis-number slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
process-id: Displays sham link information for the OSPF process specified by its ID. The process ID is in the range of 1 to 65535. If you do not specify a process, this command displays sham link information for all OSPF processes.
area area-id: Displays sham link information for the OSPF area specified by its ID, which is an IP address, or an integer. The integer is in the range of 0 to 4294967295. If you do not specify an area, this command displays sham link information for all OSPF areas.
standby: Displays sham link information for a standby OSPF process. If you do not specify a standby OSPF process, this command displays information for the active OSPF process.
slot slot-number: Specifies the slot number of the card where the standby process resides. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies the card or PEX where the standby process resides. The chassis-number argument represents the member ID of the IRF member device or the virtual chassis number of the PEX. The slot-number argument represents the slot number of the card or PEX. (In IRF mode.)
Usage guidelines
If you do not specify any processes or areas, this command displays information about all OSPF sham links.
The active OSPF process backs up OSPF neighbors and routing information to the standby OSPF process only when OSPF NSR is enabled. If OSPF NSR is disabled, this command does not display anything when you execute it with the standby keyword.
Examples
# Display information about all OSPF sham links.
<Sysname> display ospf sham-link
OSPF Process 1 with Router ID 125.1.1.1
Sham link
Area Neighbor ID Source IP Destination IP State Cost
0.0.0.0 95.1.1.1 125.2.1.1 95.2.1.1 P-2-P 1
# Display OSPF sham link information for OSPF area 1.
<Sysname> display ospf sham-link area 1
OSPF Process 100 with Router ID 100.1.1.2
Sham link: 3.3.3.3 --> 5.5.5.5
Neighbor ID: 120.1.1.2 State: Full
Area: 0.0.0.1
Cost: 1 State: P-2-P Type: Sham
Timers: Hello 10, Dead 40, Retransmit 5, Transmit Delay 1
Request list: 0 Retransmit list: 0
MD5 authentication enabled.
The last key is 3.
The rollover is in progress, 1 neighbor(s) left.
The timers for a sham link are in seconds.
display ip vpn-instance
Use display ip vpn-instance to display information about VPN instances.
Syntax
display ip vpn-instance [ instance-name vpn-instance-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
instance-name vpn-instance-name: Displays information about the specified VPN instance. The vpn-instance-name argument is a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays brief information about all VPN instances.
Examples
# Display brief information about all VPN instances.
<Sysname> display ip vpn-instance
Total VPN-Instances configured : 1
VPN-Instance Name RD Create time
abc 1:1 2011/05/18 10:48:17
Table 10 Command output
|
Field |
Description |
|
VPN-Instance Name |
Name of the VPN instance. |
|
RD |
RD of the VPN instance. |
|
Create Time |
Time when the VPN instance was created. |
# Display detailed information about VPN instance vpn1.
<Sysname> display ip vpn-instance instance-name vpn1
VPN-Instance Name and Index : vpn1, 2
Route Distinguisher : 100:1
VPN ID : 1:1
Description : vpn1
Interfaces : GigabitEthernet1/0/2
Address-family IPv4:
Export VPN Targets :
2:2
Import VPN Targets :
3:3
Export Route Policy : outpolicy
Import Route Policy : inpolicy
Tunnel Policy : tunnel1
Maximum Routes Limit : 5000
Address-family IPv6:
Export VPN Targets :
2:2
Import VPN Targets :
3:3
Export Route Policy : outpolicy
Import Route Policy : inpolicy
Tunnel Policy : tunnel1
Maximum Routes Limit : 5000
domain-id
Use domain-id to set an OSPF domain ID.
Use undo domain-id to restore the default.
Syntax
domain-id domain-id [ secondary ]
undo domain-id [ domain-id ]
Default
The OSPF domain ID is 0.
Views
OSPF view
Predefined user roles
network-admin
mdc-admin
Parameters
domain-id: Specifies an OSPF domain ID, in one of the following formats:
· Integer, in the range of 0 to 4294967295. For example, 1.
· Dotted decimal notation. For example, 0.0.0.1.
· Dotted decimal notation:16-bit user-defined number in the range of 0 to 65535. For example, 0.0.0.1:512.
secondary: Specifies a secondary domain ID. If you do not specify this keyword, the command specifies a primary domain ID.
Usage guidelines
When you redistribute OSPF routes into BGP, BGP adds the primary domain ID to the redistributed BGP VPNv4 routes as a BGP extended community attribute. Then, BGP advertises the routes to the peer PE.
When the peer PE receives the routes, it compares the OSPF domain ID in the routes with the locally configured primary and secondary domain IDs. If the primary or secondary domain ID is the same as the received domain ID, and the received routes are intra-area or inter-area routes, OSPF advertises these routes in Network Summary LSAs (Type 3). Otherwise, OSPF advertises these routes in AS External LSAs (Type 5) or NSSA External LSAs (Type 7).
If you do not specify any parameters, the undo domain-id command deletes all domain IDs.
Examples
# Set the OSPF domain ID to 234.
<Sysname> system-view
[Sysname] ospf 100
[Sysname-ospf-100] domain-id 234
export route-policy
Use export route-policy to apply an export routing policy to a VPN instance.
Use undo export route-policy to remove the application.
Syntax
export route-policy route-policy
undo export route-policy
Default
No export routing policy is applied to a VPN instance.
Views
VPN instance view, IPv4 VPN view, IPv6 VPN view
Predefined user roles
network-admin
mdc-admin
Parameters
route-policy: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.
Usage guidelines
You can specify an export routing policy to filter advertised routes or modify their route attributes for the VPN instance.
An export routing policy specified in VPN instance view applies to both IPv4 VPN and IPv6 VPN.
An export routing policy specified in IPv4 VPN view or IPv6 VPN view applies to only IPv4 VPN or IPv6 VPN.
IPv4/IPv6 VPN prefers the export routing policy specified in IPv4/IPv6 VPN view over the one specified in VPN instance view.
Examples
# Apply export routing policy poly-1 to VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] export route-policy poly-1
# Apply export routing policy poly-2 to IPv4 VPN vpn2.
<Sysname> system-view
[Sysname] ip vpn-instance vpn2
[Sysname-vpn-instance-vpn2] address-family ipv4
[Sysname-vpn-ipv4-vpn2] export route-policy poly-2
# Apply export routing policy poly-3 to IPv6 VPN vpn3.
<Sysname> system-view
[Sysname] ip vpn-instance vpn3
[Sysname-vpn-instance-vpn3] address-family ipv6
[Sysname-vpn-ipv6-vpn3] export route-policy poly-3
Related commands
· import route-policy
· route-policy (Layer 3—IP Routing Configuration Guide)
ext-community-type
Use ext-community-type to configure the type code of an OSPF extended community attribute.
Use undo ext-community-type to restore the default.
Syntax
ext-community-type { domain-id type-code1 | router-id type-code2 | route-type type-code3 }
undo ext-community-type [ domain-id | router-id | route-type ]
Default
The type codes for domain ID, router ID, and route type are hex numbers 0005, 0107, and 0306, respectively.
Views
OSPF view
Predefined user roles
network-admin
mdc-admin
Parameters
domain-id type-code1: Specifies the type code for domain ID. Valid values are hex numbers 0005, 0105, 0205, and 8005.
router-id type-code2: Specifies the type code for router ID. Valid values are hex numbers 0107 and 8001.
router-type type-code3: Specifies the type code for route type. Valid values are hex numbers 0306 and 8000.
Examples
# Configure the type codes of domain ID, router ID, and route type as hex numbers 8005, 8001, and 8000, respectively, for OSPF process 100.
<Sysname> system-view
[Sysname] ospf 100
[Sysname-ospf-100] ext-community-type domain-id 8005
[Sysname-ospf-100] ext-community-type router-id 8001
[Sysname-ospf-100] ext-community-type route-type 8000
import route-policy
Use import route-policy to apply an import routing policy to a VPN instance.
Use undo import route-policy to remove the application.
Syntax
import route-policy route-policy
undo import route-policy
Default
All routes matching the import target attribute are accepted.
Views
VPN instance view, IPv4 VPN view, IPv6 VPN view
Predefined user roles
network-admin
mdc-admin
Parameters
route-policy: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.
Usage guidelines
You can specify an import routing policy to filter received routes or modify their route attributes for the VPN instance.
An import routing policy specified in VPN instance view applies to both IPv4 VPN and IPv6 VPN.
An import routing policy specified in IPv4 VPN view or IPv6 VPN view applies to only the IPv4 VPN or IPv6 VPN.
IPv4/IPv6 VPN prefers the import routing policy specified in IPv4/IPv6 VPN view over the one specified in VPN instance view.
Examples
# Apply import routing policy poly-1 to VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] import route-policy poly-1
# Apply import routing policy poly-2 to IPv4 VPN vpn2.
<Sysname> system-view
[Sysname] ip vpn-instance vpn2
[Sysname-vpn-instance-vpn2] address-family ipv4
[Sysname-vpn-ipv4-vpn2] import route-policy poly-2
# Apply import routing policy poly-3 to IPv6 VPN vpn3.
<Sysname> system-view
[Sysname] ip vpn-instance vpn3
[Sysname-vpn-instance-vpn3] address-family ipv6
[Sysname-vpn-ipv6-vpn3] import route-policy poly-3
Related commands
· export route-policy
· route-policy (Layer 3—IP Routing Configuration Guide)
ip binding vpn-instance
Use ip binding vpn-instance to associate an interface with a VPN instance.
Use undo ip binding vpn-instance to remove the association.
Syntax
ip binding vpn-instance vpn-instance-name
undo ip binding vpn-instance vpn-instance-name
Default
An interface is associated with no VPN instance and belongs to the public network.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters.
Usage guidelines
Use this command to associate the VPN instance with the interface connected to the CE.
This command or its undo form clears the IP address and routing protocol configuration on the interface. After executing this command or its undo form, use the display this command to display the current configuration and reconfigure the IP address and routing protocol on the interface.
The specified VPN instance must have been created by using the ip vpn-instance command in system view.
To associate a new VPN instance with an interface, you must remove the previous association and then associate the new VPN instance with the interface.
Examples
# Associate interface VLAN-interface 1 with VPN instance vpn1.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] ip binding vpn-instance vpn1
Related commands
ip vpn-instance (system view)
ip vpn-instance (system view)
Use ip vpn-instance to create a VPN instance and enter VPN instance view.
Use undo ip vpn-instance to delete a VPN instance.
Syntax
ip vpn-instance vpn-instance-name
undo ip vpn-instance vpn-instance-name
Default
No VPN instance is created.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters.
Examples
# Create a VPN instance named vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1]
Related commands
route-distinguisher
nesting-vpn
Use nesting-vpn to enable the nested VPN feature.
Use undo nesting-vpn to disable the nested VPN feature.
Syntax
nesting-vpn
undo nesting-vpn
Default
The nested VPN feature is disabled.
Views
BGP VPNv4 address family view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
To exchange VPNv4 routes with a peer in nested VPN, you must enable nested VPN and then execute the peer enable command to enable that peer in BGP VPNv4 view.
Examples
# Enable nested VPN.
<Sysname> system-view
[Sysname] bgp 10
[Sysname-bgp] address-family vpnv4
[Sysname-bgp-vpnv4] nesting-vpn
peer next-hop-invariable
Use peer next-hop-invariable to configure the device to not change the next hop of routes advertised to peers.
Use undo peer next-hop-invariable to restore the default.
Syntax
peer { group-name | ip-address [ mask-length ] } next-hop-invariable
undo peer { group-name | ip-address [ mask-length ] } next-hop-invariable
Default
The device uses its address as the next hop of routes advertised to EBGP peers.
Views
BGP VPNv4 address family view
Predefined user roles
network-admin
mdc-admin
Parameters
group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters.
ip-address: Specifies a peer by its IP address.
mask-length: Specifies a mask length in the range of 0 to 32. You can use the ip-address and mask-length arguments together to specify a subnet. If you specify a subnet in this command, the device does not change the next hop of routes advertised to the dynamic peers in the subnet.
Usage guidelines
On an RR in an inter-AS option C scenario, you must configure this command to not change the next hop of VPNv4 routes advertised to BGP peers and RR clients.
This command is exclusive with the peer next-hop-local command.
Examples
# Configure the device to not change the next hop of routes advertised to peer 1.1.1.1.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] address-family vpnv4
[Sysname-bgp-af-vpnv4] peer 1.1.1.1 next-hop-invariable
Related commands
peer next-hop-local (Layer 3—IP Routing Command Reference)
peer upe
Use peer upe to configure BGP peers as HoVPN UPEs in BGP VPNv4 address family view.
Use undo peer upe to remove the configuration.
Syntax
peer { group-name | ip-address [ mask-length ] } upe
undo peer { group-name | ip-address [ mask-length ] } upe
Default
No BGP peer is configured as a UPE.
Views
BGP VPNv4 address family view
Predefined user roles
network-admin
mdc-admin
Parameters
group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The specified peer group must exist.
ip-address: Specifies a peer by its IP address. The specified peer must exist.
mask-length: Specifies a mask length in the range of 0 to 32. You can use the ip-address and mask-length arguments together to specify a subnet. If you specify a subnet, this command configures all dynamic peers in the subnet as UPEs.
Usage guidelines
A UPE is a special VPNv4 peer. It can accept one default route for each related VPN instance and routes permitted by the routing policy on the SPE. An SPE is a common VPN peer.
Examples
# Configure peer 1.1.1.1 as a UPE.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] address-family vpnv4
[Sysname-bgp-vpnv4] peer 1.1.1.1 upe
peer upe route-policy
Use peer upe route-policy to advertise routes permitted by a routing policy to a UPE.
Use undo peer upe route-policy to restore the default.
Syntax
peer { group-name | ip-address [ mask-length ] } upe route-policy route-policy-name export
undo peer { group-name | ip-address [ mask-length ] } upe route-policy export
Default
No routes are advertised to any peer.
Views
BGP VPNv4 address family view
Predefined user roles
network-admin
mdc-admin
Parameters
group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must exist.
ip-address: Specifies a peer by its IP address. The peer must exist.
mask-length: Specifies a mask length in the range of 0 to 32. You can use the ip-address and mask-length arguments together to specify a subnet. If you specify a subnet, this command advertises routes permitted by a routing policy to all dynamic peers in the subnet.
route-policy-name: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.
export: Applies the filtering policy to routes to be advertised.
Usage guidelines
This command must be used with the peer upe command.
Examples
# Configure peer 1.1.1.1 as a UPE, and advertise routes permitted by routing policy hope to peer 1.1.1.1.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] peer 1.1.1.1 as-number 200
[Sysname-bgp] address-family vpnv4
[Sysname-bgp-vpnv4] peer 1.1.1.1 enable
[Sysname-bgp-vpnv4] peer 1.1.1.1 upe
[Sysname-bgp-vpnv4] peer 1.1.1.1 upe route-policy hope export
Related commands
· peer upe
· route-policy (Layer 3—IP Routing Configuration Guide)
policy vpn-target
Use policy vpn-target to enable route target filtering of received VPNv4 routes. Only VPNv4 routes whose export route target attribute matches local import route target attribute are added to the routing table.
Use undo policy vpn-target to disable route target filtering, permitting all incoming VPNv4 routes.
Syntax
policy vpn-target
undo policy vpn-target
Default
The route target filtering function is enabled for received VPNv4 routes.
Views
BGP VPNv4 address family view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
In an inter-AS option B scenario, an ASBR must save all incoming VPNv4 routes and advertises those routes to the peer ASBR. For this purpose, you must execute the undo policy vpn-target command on the ASBR to disable route target filtering.
Examples
# Disable route target filtering of received VPNv4 routes.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] address-family vpnv4
[Sysname-bgp-vpnv4] undo policy vpn-target
route-distinguisher (VPN instance view)
Use route-distinguisher to configure an RD for a VPN instance.
Use undo route-distinguisher to remove the RD of a VPN instance.
Syntax
route-distinguisher route-distinguisher
undo route-distinguisher
Default
No RD is specified for a VPN instance.
Views
VPN instance view
Predefined user roles
network-admin
mdc-admin
Parameters
route-distinguisher: Specifies an RD for the VPN instance, a string of 3 to 21 characters in one of the following formats:
· 16-bit AS number:32-bit user-defined number. For example, 101:3.
· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.
· 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1.
Usage guidelines
RDs enable VPNs to use the same address space. An RD and an IPv4 prefix comprise a unique VPN IPv4 prefix.
To change an RD, you must remove the RD and then configure it again.
Examples
# Configure RD 22:1 for VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] route-distinguisher 22:1
route-tag
Use route-tag to configure an external route tag for redistributed VPN routes.
Use undo route-tag to restore the default.
Syntax
route-tag tag-value
undo route-tag
Default
If BGP runs within an MPLS backbone, and the BGP AS number is not greater than 65535, the first two octets of the external route tag are 0xD000, and the last two octets are the local BGP AS number. For example, if the local BGP AS number is 100, the external route tag value is 3489661028 (100 + the decimal value of 0xD0000000). If the AS number is greater than 65535, the external route tag is 0.
Views
OSPF view
Predefined user roles
network-admin
mdc-admin
Parameters
tag-value: Specifies the external route tag for redistributed VPN routes, in the range of 0 to 4294967295.
Usage guidelines
In a dual-homed scenario where OSPF runs between the CE and the connected PEs (PE-A and PE-B, for example), you can use external route tags to avoid routing loops.
When PE-A redistributes BGP routes from the peer PE into OSPF, and advertises these routes in the Type 5 or 7 LSAs to the CE, PE-A adds the locally configured external route tag to the LSAs.
When PE-B receives the Type 5 or 7 LSAs advertised by the CE, it compares the external route tag in the LSAs with the locally configured tag. If they are the same, PE-B ignores the LSA in route calculation to avoid routing loops.
The commands used to configure the external route tag (in the descending order of tag priority) are as follows:
· import-route
· route-tag
· default tag
As a best practice, configure the same external route tag for PEs in the same area.
An external route tag is not transferred in any BGP extended community attribute. It takes effect only on the PEs that receive BGP routes and generate OSPF Type 5 or 7 LSAs.
You can configure the same external route tag for different OSPF processes.
Examples
# In OSPF process 100, set the external route tag for redistributed VPN routes to 100.
<Sysname> system-view
[Sysname] ospf 100
[Sysname-ospf-100] route-tag 100
Related commands
· default (Layer 3—IP Routing Command Reference)
· import-route (Layer 3—IP Routing Command Reference)
routing-table limit
Use routing-table limit to limit the maximum number of active routes in a VPN instance.
Use undo routing-table limit to restore the default.
Syntax
routing-table limit number { warn-threshold | simply-alert }
undo routing-table limit
Default
The maximum number of active routes is not configured.
Views
VPN instance view, IPv4 VPN view, IPv6 VPN view
Predefined user roles
network-admin
mdc-admin
Parameters
number: Specifies the maximum number of active routes, in the range of 1 to 262144.
warn-threshold: Specifies a warning threshold in the range of 1 to 100 in percentage. When the percentage of the number of existing active routes to the maximum number of active routes exceeds the specified threshold, the system gives an alarm message but still allows new active routes. If active routes in the VPN instance reach the maximum, no more active routes are added.
simply-alert: Specifies that when active routes exceed the maximum number, the system still accepts active routes but generates a system log message.
Usage guidelines
A limit configured in VPN instance view applies to both the IPv4 VPN and the IPv6 VPN.
A limit configured in IPv4 VPN view or IPv6 VPN view applies to only the IPv4 VPN or the IPv6 VPN.
IPv4/IPv6 VPN prefers the limit configured in IPv4/IPv6 VPN view over the limit configured in VPN instance view.
Examples
# Specify that VPN instance vpn1 supports a maximum of 1000 active routes, and when active routes exceed the upper limit, can receive new active routes but generates a system log message.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] route-distinguisher 100:1
[Sysname-vpn-instance-vpn1] routing-table limit 1000 simply-alert
# Specify that the IPv4 VPN vpn2 supports a maximum of 1000 active routes, and when active routes exceed the upper limit, can receive new active routes but generates a system log message.
<Sysname> system-view
[Sysname] ip vpn-instance vpn2
[Sysname-vpn-instance-vpn2] route-distinguisher 100:2
[Sysname-vpn-instance-vpn2] address-family ipv4
[Sysname-vpn-ipv4-vpn2] routing-table limit 1000 simply-alert
# Specify that the IPv6 VPN vpn3 supports a maximum of 1000 active routes, and when active routes exceed the upper limit, can receive new active routes but generates a system log message.
<Sysname> system-view
[Sysname] ip vpn-instance vpn3
[Sysname-vpn-instance-vpn3] route-distinguisher 100:3
[Sysname-vpn-instance-vpn3] address-family ipv6
[Sysname-vpn-ipv4-vpn3] routing-table limit 1000 simply-alert
rr-filter
Use rr-filter to create an RR reflection policy so that only IBGP routes whose extended community attribute matches the specified extended community list are reflected.
Use undo rr-filter to restore the default.
Syntax
rr-filter extended-community-number
undo rr-filter
Default
An RR does not filter reflected routes.
Views
BGP VPNv4 address family view
Predefined user roles
network-admin
mdc-admin
Parameters
extended-community-number: Specifies an extended community number in the range of 1 to 199.
Usage guidelines
By configuring different RR reflection policies on RRs in a cluster, you can implement load balancing among the RRs.
Examples
# Configure the RR to only reflect VPNv4 routes with an extended community number of 10.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] address-family vpnv4
[Sysname-bgp-vpnv4] rr-filter 10
sham-link
Use sham-link to create an OSPF sham link.
Use undo sham-link to remove an OSPF sham link or restore the defaults of specified parameters for a sham link.
Syntax
sham-link source-ip-address destination-ip-address [ cost cost | dead dead-interval | hello hello-interval | { { hmac-md5 | md5 } key-id { cipher cipher-string | plain plain-string } | simple { cipher cipher-string | plain plain-string } } | retransmit retrans-interval | trans-delay delay ] *
undo sham-link source-ip-address destination-ip-address [ cost | dead | hello | { { hmac-md5 | md5 } key-id | simple } | retransmit | trans-delay ] *
Default
No OSPF sham link is configured.
Views
OSPF area view
Predefined user roles
network-admin
mdc-admin
Parameters
source-ip-address: Specifies the source IP address of the sham link.
destination-ip-address: Specifies the destination IP address of the sham link.
cost cost: Specifies the cost of the sham link, in the range of 1 to 65535. The default cost is 1.
dead dead-interval: Specifies the dead interval in the range of 1 to 32768 seconds. The default is 40 seconds. The dead interval configured on the two ends of the sham link must be identical, and it must be at least four times the hello interval.
hello hello-interval: Specifies the interval for sending hello packets, in the range of 1 to 8192 seconds. The default is 10 seconds. The hello interval configured on the two ends of the sham link must be identical.
hmac-md5: Enables HMAC-MD5 authentication.
md5: Enables MD5 authentication.
simple: Enables simple authentication.
key-id: Specifies a key ID in the range of 1 to 255.
cipher: Specifies a ciphertext key.
cipher-string: Specifies a ciphertext key. This argument is case sensitive. If simple is specified, it must be a string of 33 to 41 characters. If md5 or hmac-md5 is specified, it must be a string of 33 to 53 characters.
plain: Specifies a plaintext key.
plain-string: Specifies a plaintext key. This argument is case sensitive. If simple is specified, it must be a string of 1 to 8 characters. If md5 or hmac-md5 is specified, it must be a string of 1 to 16 characters.
retransmit retrans-interval: Specifies the interval for retransmitting LSAs, in the range of 1 to 3600 seconds. The default is 5 seconds.
trans-delay delay: Specifies the delay interval before the interface sends an LSA, in the range of 1 to 3600 seconds. The default is 1 second.
Usage guidelines
When a backdoor link exists between the two sites of a VPN, you can create a sham link between PEs to forward VPN traffic through the sham link on the backbone rather than the backdoor link. A sham link is considered an OSPF intra-area route.
This command can configure MD5/HMAC-MD5 or simple authentication for the sham link, but not both. For MD5/HMAC-MD5 authentication, you can configure multiple keys by executing this command multiple times, but a key-id can correspond with only one key.
To modify the MD5/HMAC-MD5 authentication key of a sham link, follow these steps:
1. Configure a new key for the sham link on the local device. If the neighbor on the sham link has not been configured with the new key, this configuration triggers a key rollover process, during which, OSPF advertises both the new and old keys so the neighbor can pass authentication and the neighbor relationship is maintained.
2. Configure the same key for the sham link on the neighbor. After the local device receives a packet carrying the new key from the neighbor, it quits the key rollover process.
3. Execute the undo sham-link command on the local device and the neighbor to remove the old key. This operation can avoid attacks to the sham link that uses the old key and reduce bandwidth consumption by key rollover.
You cannot configure a sham link with the same source and destination IP address for multiple OSPF processes in a VPN instance.
The sham links configured on the local and remote PEs must be in the same OSPF area. Otherwise, the OSPF neighbor relationship cannot be established.
Examples
# Create a sham link with the source address 1.1.1.1 and destination address 2.2.2.2.
<Sysname> system-view
[Sysname] ospf
[Sysname-ospf-1] area 0
[Sysname-ospf-1-area-0.0.0.0] sham-link 1.1.1.1 2.2.2.2
Related commands
display ospf sham-link
snmp-agent trap enable l3vpn
Use snmp-agent trap enable l3vpn to enable SNMP notifications for MPLS L3VPN.
Use undo snmp-agent trap enable l3vpn to disable SNMP notifications for MPLS L3VPN.
Syntax
snmp-agent trap enable l3vpn
undo snmp-agent trap enable l3vpn
Default
SNMP notifications for MPLS L3VPN are enabled.
Views
System view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
This feature enables MPLS L3VPN to generate SNMP notifications. The generated SNMP notifications are sent to the SNMP module.
For more information about SNMP notifications, see Network Management and Monitoring Configuration Guide.
Examples
# Enable SNMP notifications for MPLS L3VPN.
<Sysname> system-view
[Sysname] snmp-agent trap enable l3vpn
tnl-policy (VPN instance view/IPv4 VPN view/IPv6 VPN view)
Use tnl-policy to associate a VPN instance with a tunnel policy.
Use undo tnl-policy to remove the association.
Syntax
tnl-policy tunnel-policy-name
undo tnl-policy
Default
No tunnel policy is associated with a VPN instance.
Views
VPN instance view, IPv4 VPN view
Predefined user roles
network-admin
mdc-admin
Parameters
tunnel-policy-name: Specifies a tunnel policy by its name, a case-sensitive string of 1 to 19 characters.
Usage guidelines
The VPN instance uses the specified tunnel policy to select tunnels for traffic.
If a VPN instance is not associated with any tunnel policy or the associated tunnel policy is not configured, the VPN instance selects tunnels according to the default tunnel policy. The default tunnel policy selects only one tunnel in this order: LSP tunnel, CRLSP tunnel.
A tunnel policy specified in VPN instance view is applicable to both the IPv4 VPN and the IPv6 VPN.
A tunnel policy specified in IPv4 VPN view or IPv6 VPN view is applicable to only the IPv4 VPN or IPv6 VPN.
IPv4/IPv6 VPN prefers the tunnel policy specified in IPv4/IPv6 VPN view over the tunnel policy specified in VPN instance view.
Examples
# Associate VPN instance vpn1 with tunnel policy po1.
<Sysname> system-view
[Sysname] tunnel-policy po1
[Sysname-tunnel-policy-po1] select-seq lsp load-balance-number 1
[Sysname-tunnel-policy-po1] quit
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] route-distinguisher 22:33
[Sysname-vpn-instance-vpn1] tnl-policy po1
[Sysname-vpn-instance-vpn1] quit
# Associate the IPv4 VPN vpn2 with tunnel policy po1.
[Sysname] ip vpn-instance vpn2
[Sysname-vpn-instance-vpn2] route-distinguisher 11:22
[Sysname-vpn-instance-vpn2] address-family ipv4
[Sysname-vpn-ipv4-vpn2] tnl-policy po1
[Sysname-vpn-ipv4-vpn2] quit
[Sysname-vpn-instance-vpn2] quit
# Associate the IPv6 VPN vpn3 with tunnel policy po1.
[Sysname] ip vpn-instance vpn3
[Sysname-vpn-instance-vpn3] route-distinguisher 11:33
[Sysname-vpn-instance-vpn3] address-family ipv6
[Sysname-vpn-ipv6-vpn3] tnl-policy po1
Related commands
tunnel-policy
vpn popgo
Use vpn popgo to specify the VPN label processing mode as POPGO forwarding on an egress PE, which will pop the label for each packet and forward the packet out of the interface corresponding to the label.
Use undo vpn popgo to restore the default.
Syntax
vpn popgo
undo vpn popgo
Default
The VPN label processing mode is POP forwarding on an egress PE, which will pop the label for each packet and forward the packet through the FIB table.
Views
BGP view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
After you execute the vpn popgo command, the egress PE disconnects and re-establishes BGP sessions to re-learn VPN routes.
After the vpn popgo command is executed, the egress PE does not support load sharing among VPN BGP peers.
Examples
# Specify the VPN label processing mode on the egress PE as POPGO forwarding.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] vpn popgo
# Specify the VPN label processing mode on the egress PE as POP forwarding.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] undo vpn popgo
vpn-id
Use vpn-id to configure a VPN ID for a VPN instance.
Use undo vpn-id to remove the VPN ID of a VPN instance.
Syntax
vpn-id vpn-id
undo vpn-id
Default
No VPN ID is configured for a VPN instance.
Views
VPN instance view
Predefined user roles
network-admin
mdc-admin
Parameters
vpn-id: Specifies a VPN ID for the VPN instance, in the form of OUI:Index. Both OUI and Index are hex numbers. The OUI is in the range of 0 to FFFFFF, and the index is in the range of 0 to FFFFFFFF.
Usage guidelines
The VPN ID uniquely identifies the VPN instance. Different VPN instances must have different VPN IDs.
The VPN ID cannot be 0:0.
Examples
# Configure VPN ID 20:1 for VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] vpn-id 20:1
Related commands
display ip vpn-instance
vpn-target (VPN instance view/IPv4 VPN view/IPv6 VPN view)
Use vpn-target to configure route targets for a VPN instance.
Use undo vpn-target to remove the specified or all route targets of a VPN instance.
Syntax
vpn-target vpn-target&<1-8> [ both | export-extcommunity | import-extcommunity ]
undo vpn-target { all | vpn-target&<1-8> [ both | export-extcommunity | import-extcommunity ] }
Default
No route targets are configured for a VPN instance.
Views
VPN instance view, IPv4 VPN view, IPv6 VPN view
Predefined user roles
network-admin
mdc-admin
Parameters
vpn-target&<1-8>: Specifies a space-separated list of up to eight route targets.
A route target is a string of 3 to 21 characters in one of the following formats:
· 16-bit AS number:32-bit user-defined number. For example, 101:3.
· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.
· 32-bit AS number:16-bit user-defined number, where the AS number must not be less than 65536. For example, 65536:1.
both: Uses the specified route targets as both import targets and export targets. The both keyword is also used when you do not specify any of the following keywords: both, export-extcommunity, and import-extcommunity.
export-extcommunity: Uses the specified route targets as export targets.
import-extcommunity: Uses the specified route targets as import targets.
all: Removes all route targets.
Usage guidelines
MPLS L3VPN uses route targets to control the advertisement of VPN routing information. A PE adds the configured export targets into the route target attribute of routes advertised to a peer. The peer uses the local import targets to match the route targets of received routes. If a match is found, the peer adds the routes to the routing table of the VPN instance.
Route targets configured in VPN instance view are applicable to both the IPv4 VPN and the IPv6 VPN.
Route targets configured in IPv4 VPN view or IPv6 VPN view are applicable to only the IPv4 VPN or IPv6 VPN.
Route targets configured in IPv4 VPN view or IPv6 VPN view take precedence over those configured in VPN instance view. If you configure route targets in both IPv4 VPN view (or IPv6 VPN view) and VPN instance view, the IPv4 VPN or IPv6 VPN uses the route targets configured in IPv4 VPN view or IPv6 VPN view.
Examples
# Configure route targets for VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] vpn-target 3:3 export-extcommunity
[Sysname-vpn-instance-vpn1] vpn-target 4:4 import-extcommunity
[Sysname-vpn-instance-vpn1] vpn-target 5:5 both
# Configure route targets for the IPv4 VPN vpn2.
<Sysname> system-view
[Sysname] ip vpn-instance vpn2
[Sysname-vpn-instance-vpn2] address-family ipv4
[Sysname-vpn-ipv4-vpn2] vpn-target 3:3 export-extcommunity
[Sysname-vpn-ipv4-vpn2] vpn-target 4:4 import-extcommunity
[Sysname-vpn-ipv4-vpn2] vpn-target 5:5 both
# Configure route targets for the IPv6 VPN vpn3.
<Sysname> system-view
[Sysname] ip vpn-instance vpn3
[Sysname-vpn-instance-vpn3] address-family ipv6
[Sysname-vpn-ipv6-vpn3] vpn-target 3:3 export-extcommunity
[Sysname-vpn-ipv6-vpn3] vpn-target 4:4 import-extcommunity
[Sysname-vpn-ipv6-vpn3] vpn-target 5:5 both
IPv6 MPLS L3VPN commands
This chapter describes only IPv6 MPLS L3VPN-specific commands. For information about the commands available for both IPv4 MPLS L3VPN and IPv6 MPLS L3VPN, see "MPLS L3VPN commands."
address-family ipv6 (VPN instance view)
Use address-family ipv6 to enter IPv6 VPN view.
Use undo address-family ipv6 to remove all configurations from IPv6 VPN view.
Syntax
address-family ipv6
undo address-family ipv6
Views
VPN instance view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
In IPv6 VPN view, you can configure IPv6 VPN parameters such as inbound and outbound routing policies.
Examples
# Enter IPv6 VPN view.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] address-family ipv6
[Sysname-vpn-ipv6-vpn1]
Related commands
address-family ipv4 (VPN instance view)
address-family vpnv6
Use address-family vpnv6 to create the BGP VPNv6 address family and enter its view.
Use undo address-family vpnv6 to remove the BGP VPNv6 address family and all configurations in address family view.
Syntax
address-family vpnv6
undo address-family vpnv6
Default
The BGP VPNv6 address family is not created.
Views
BGP view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
A VPNv6 address comprises an RD and an IPv6 prefix. In IPv6 MPLS L3VPNs, PEs exchange BGP VPNv6 routes.
For a PE to exchange BGP VPNv6 routes with a BGP peer, you must enable that peer by executing the peer enable command in BGP VPNv6 address family view.
In BGP VPNv6 address family view, you can configure the following settings:
· BGP VPNv6 route attributes, such as the preferred value.
· Whether to allow the local AS number to appear in the AS_PATH attribute of received route updates.
Examples
# Create the BGP VPNv6 address family and enter its view.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] address-family vpnv6
[Sysname-bgp-af-vpnv6]
disable-dn-bit-check
Use disable-dn-bit-check to ignore the DN bit in OSPFv3 LSAs.
Use undo disable-dn-bit-check to restore the default.
Syntax
disable-dn-bit-check
undo disable-dn-bit-check
Default
A PE checks the DN bit in OSPFv3 LSAs.
Views
OSPFv3 view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
When a PE redistributes BGP routes into OSPFv3 and creates OSPFv3 LSAs, it sets the DN bit for the LSAs. When receiving the LSAs whose DN bit is set, the other PEs ignore the LSAs in route calculation to avoid routing loops.
If all LSAs from other PEs, including the LSAs whose DN bit is set, are required for route calculation, use the disable-dn-bit-check command to ignore the DN bit.
Before using this command, make sure it does not cause any routing loops.
This command takes effect only for an OSPFv3 VRF process that is not configured with the vpn-instance-capability simple command. For more information about the vpn-instance-capability simple command, see "IPv6 MCE commands."
Examples
# Ignore the DN bit in LSAs for OSPFv3 VRF process 100.
<Sysname> system-view
[Sysname] ospfv3 100 vpn-instance vpn1
[Sysname-ospfv3-100] disable-dn-bit-check
Related commands
· disable-dn-bit-set
· display ospfv3 (Layer 3—IP Routing Command Reference)
disable-dn-bit-set
Use disable-dn-bit-set to disable setting the DN bit in OSPFv3 LSAs.
Use undo disable-dn-bit-set to restore the default.
Syntax
disable-dn-bit-set
undo disable-dn-bit-set
Default
When a PE redistributes BGP routes into OSPFv3 and creates OSPFv3 LSAs, it sets the DN bit for the LSAs.
Views
OSPFv3 view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
When a PE redistributes BGP routes into OSPFv3 and creates OSPFv3 LSAs, it sets the DN bit for the LSAs. When receiving the LSAs whose DN bit is set, the other PEs ignore the LSAs in route calculation to avoid routing loops.
If other PEs require all LSAs from a local PE for route calculation, use the disable-dn-bit-set command to disable setting the DN bit in the LSAs.
Before using this command, make sure it does not cause any routing loops.
This command takes effect only for an OSPFv3 VRF process that is not configured with the vpn-instance-capability simple command. For more information about the vpn-instance-capability simple command, see "IPv6 MCE commands."
Examples
# Disable setting the DN bit in LSAs for OSPFv3 VRF process 100.
<Sysname> system-view
[Sysname] ospfv3 100 vpn-instance vpn1
[Sysname-ospfv3-100] disable-dn-bit-set
Related commands
· disable-dn-bit-check
· display ospfv3 (Layer 3—IP Routing Command Reference)
display bgp routing-table vpnv6
Use display bgp routing-table vpnv6 to display BGP VPNv6 routing information.
Syntax
In standalone mode:
display bgp routing-table vpnv6 [ [ route-distinguisher route-distinguisher ] [ network-address prefix-length [ advertise-info ] | as-path-acl as-path-acl-number | community-list { { basic-community-list-number | comm-list-name } [ whole-match ] | adv-community-list-number } ] | peer ip-address { advertised-routes | received-routes } [ network-address prefix-length | statistics ] | statistics ] [ standby slot slot-number ]
In IRF mode:
display bgp routing-table vpnv6 [ [ route-distinguisher route-distinguisher ] [ network-address prefix-length [ advertise-info ] | as-path-acl as-path-acl-number | community-list { { basic-community-list-number | comm-list-name } [ whole-match ] | adv-community-list-number } ] | peer ip-address { advertised-routes | received-routes } [ network-address prefix-length | statistics ] | statistics ] [ standby chassis chassis-number slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
route-distinguisher route-distinguisher: Specifies an RD, a string of 3 to 21 characters in one of the following formats:
· 16-bit AS number:32-bit user-defined number. For example, 101:3.
· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.
· 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1.
network-address prefix-length: Displays the BGP VPNv6 route that exactly matches the specified network address and prefix length. The prefix length is in the range of 0 to 128. If you do not specify this argument, the command displays all BGP VPNv6 routes.
advertise-info: Displays BGP VPNv6 route advertisement information.
as-path-acl as-path-acl-number: Displays BGP VPNv6 routes that match the AS path list specified by its number in the range of 1 to 256.
community-list: Displays BGP VPNv6 routes that match a BGP community list.
basic-community-list-number: Specifies a basic community list by its number in the range of 1 to 99.
comm-list-name: Specifies a community list by its name, a case-sensitive string of 1 to 63 characters.
whole-match: Displays BGP VPNv6 routes exactly matching the specified community list. If you do not specify this keyword, the command displays BGP VPNv6 routes whose COMMUNITY attributes include the specified community list.
adv-community-list-number: Specifies an advanced community list by its number in the range of 100 to 199.
peer: Displays BGP VPNv6 routing information advertised to or received from a peer.
ip-address: Specifies the peer IP address.
advertised-routes: Displays BGP VPNv6 routing information advertised to the specified peer.
received-routes: Displays BGP VPNv6 routing information received from the specified peer.
statistics: Displays BGP VPNv6 routing statistics.
standby: Displays BGP VPNv6 routing information for a standby BGP process. If you do not specify a standby BGP process, this command displays information for the active BGP process.
slot slot-number: Specifies the slot number of the card where the standby process resides. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies the card or PEX where the standby process resides. The chassis-number argument represents the member ID of the IRF member device or the virtual chassis number of the PEX. The slot-number argument represents the slot number of the card or PEX. The (In IRF mode.)
Usage guidelines
The active BGP process backs up BGP peers and routing information to the standby BGP process only when BGP NSR is enabled. If BGP NSR is disabled, this command does not display anything when you execute it with the standby keyword.
Examples
# Display all BGP VPNv6 routes.
<Sysname> display bgp routing-table vpnv6
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Total number of routes from all PEs: 1
Route distinguisher: 100:1(vpn1)
Total number of routes: 4
* > Network : 2001:1:: PrefixLen : 96
NextHop : :: LocPrf :
PrefVal : 32768 OutLabel : NULL
MED : 0
Path/Ogn: ?
* e Network : 2001:1:: PrefixLen : 96
NextHop : 2001:1::1 LocPrf :
PrefVal : 0 OutLabel : NULL
MED : 0
Path/Ogn: 65410?
* > Network : 2001:1::2 PrefixLen : 128
NextHop : ::1 LocPrf :
PrefVal : 32768 OutLabel : NULL
MED : 0
Path/Ogn: ?
* >i Network : 2001:3:: PrefixLen : 96
NextHop : ::FFFF:3.3.3.9 LocPrf : 100
PrefVal : 0 OutLabel : 1279
MED : 0
Path/Ogn: ?
Route distinguisher: 200:1
Total number of routes: 1
* >i Network : 2001:3:: PrefixLen : 96
NextHop : ::FFFF:3.3.3.9 LocPrf : 100
PrefVal : 0 OutLabel : 1279
MED : 0
Path/Ogn: ?
# Display information about BGP VPNv6 routes matching the AS_PATH list 1.
<Sysname> display bgp routing-table vpnv6 as-path-acl 1
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Total number of routes from all PEs: 1
Route distinguisher: 100:1(vpn1)
Total number of routes: 4
* > Network : 2001:1:: PrefixLen : 96
NextHop : :: LocPrf :
PrefVal : 32768 OutLabel : NULL
MED : 0
Path/Ogn: ?
* e Network : 2001:1:: PrefixLen : 96
NextHop : 2001:1::1 LocPrf :
PrefVal : 0 OutLabel : NULL
MED : 0
Path/Ogn: 65410?
* > Network : 2001:1::2 PrefixLen : 128
NextHop : ::1 LocPrf :
PrefVal : 32768 OutLabel : NULL
MED : 0
Path/Ogn: ?
* >i Network : 2001:3:: PrefixLen : 96
NextHop : ::FFFF:3.3.3.9 LocPrf : 100
PrefVal : 0 OutLabel : 1279
MED : 0
Path/Ogn: ?
Route distinguisher: 200:1
Total number of routes: 1
* >i Network : 2001:3:: PrefixLen : 96
NextHop : ::FFFF:3.3.3.9 LocPrf : 100
PrefVal : 0 OutLabel : 1279
MED : 0
Path/Ogn: ?
# Display information about BGP VPNv6 routes matching the BGP community list 100.
<Sysname> display bgp routing-table vpnv6 community-list 100
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Total number of routes from all PEs: 1
Route distinguisher: 100:1(vpn1)
Total number of routes: 4
* > Network : 2001:1:: PrefixLen : 96
NextHop : :: LocPrf :
PrefVal : 32768 OutLabel : NULL
MED : 0
Path/Ogn: ?
* e Network : 2001:1:: PrefixLen : 96
NextHop : 2001:1::1 LocPrf :
PrefVal : 0 OutLabel : NULL
MED : 0
Path/Ogn: 65410?
* > Network : 2001:1::2 PrefixLen : 128
NextHop : ::1 LocPrf :
PrefVal : 32768 OutLabel : NULL
MED : 0
Path/Ogn: ?
* >i Network : 2001:3:: PrefixLen : 96
NextHop : ::FFFF:3.3.3.9 LocPrf : 100
PrefVal : 0 OutLabel : 1279
MED : 0
Path/Ogn: ?
Route distinguisher: 200:1
Total number of routes: 1
* >i Network : 2001:3:: PrefixLen : 96
NextHop : ::FFFF:3.3.3.9 LocPrf : 100
PrefVal : 0 OutLabel : 1279
MED : 0
Path/Ogn: ?
# Display information about BGP VPNv6 routes advertised to 3.3.3.9 on the public network.
<Sysname> display bgp routing-table vpnv6 peer 3.3.3.9 advertised-routes
Total number of routes: 1
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Route distinguisher: 100:1
Total number of routes: 1
* > Network : 2001:1:: PrefixLen : 96
NextHop : :: LocPrf :
MED : 0 OutLabel : NULL
Path/Ogn: ?
# Display information about BGP VPNv6 routes received from 3.3.3.9 on the public network.
<Sysname> display bgp routing-table vpnv6 peer 3.3.3.9 received-routes
Total number of routes: 1
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Route distinguisher: 200:1
Total number of routes: 1
* >i Network : 2001:3:: PrefixLen : 96
NextHop : ::FFFF:3.3.3.9 LocPrf : 100
PrefVal : 0 OutLabel : 1279
MED : 0
Path/Ogn: ?
|
Field |
Description |
|
BGP Local router ID |
Router ID of the local BGP router. |
|
Status codes |
Route status codes: · * - valid—Valid route. · > - best—Common best route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route. |
|
Origin |
Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols. |
|
Total number of routes from all PEs |
Total number of VPNv6 routes from all PEs. |
|
Network |
Network address. |
|
PrefixLen |
Prefix length. |
|
NextHop |
Address of the next hop. |
|
LocPrf |
Local preference value. |
|
PrefVal |
Preferred value. |
|
MED |
MULTI_EXIT_DISC attribute. |
|
Path/Ogn |
AS_PATH and Origin attributes. |
# Display advertisement information for BGP VPNv6 routes to 2001:1::/96.
<Sysname> display bgp routing-table vpnv6 2001:1:: 96 advertise-info
BGP local router ID: 1.1.1.9
Local AS number: 100
Route distinguisher: 100:1
Total number of routes: 1
Paths: 1 best
BGP routing table information of 2001:1::/96:
Advertised to VPN peers (1 in total):
3.3.3.9
Inlabel : 1279
Table 12 Command output
|
Field |
Description |
|
Paths |
Number of routes to the specified destination network. |
|
BGP routing table information of 2001:1::/96 |
Advertisement information for the BGP route to 2001:1::/96. |
|
Advertised to VPN peers (1 in total) |
VPNv6 peers to which the route is advertised, and the number of peers. |
|
Inlabel |
Incoming label of the route. |
# Display statistics about BGP VPNv6 routes advertised to peer 3.3.3.9 on the public network.
<Sysname> display bgp routing-table vpnv6 peer 3.3.3.9 advertised-routes statistics
Advertised routes total: 2
# Display statistics about BGP VPNv6 routes received from peer 3.3.3.9 on the public network.
<Sysname> display bgp routing-table vpnv6 peer 3.3.3.9 received-routes statistic
Received routes total: 2
Table 13 Command output
|
Field |
Description |
|
Advertised routes total |
Total number of routes advertised to the specified peer. |
|
Received routes total |
Total number of routes received from the specified peer. |
# Display statistics about BGP VPNv6 routes on the public network.
<Sysname> display bgp routing-table vpnv6 statistics
Total number of routes from all PEs: 1
Route distinguisher: 100:1(vpn1)
Total number of routes: 4
Route distinguisher: 200:1
Total number of routes: 1
Table 14 Command output
|
Field |
Description |
|
Total number of routes from all PEs |
Total number of VPNv6 routes from all PEs. |
|
Total number of routes |
Total number of VPNv6 routes with the specified RD. |
Related commands
ip as-path (Layer 3—IP Routing Command Reference)
display bgp routing-table vpnv6 inlabel
Use display bgp routing-table vpnv6 inlabel to display incoming labels for BGP VPNv6 routes.
Syntax
display bgp routing-table vpnv6 inlabel
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Examples
# Display incoming labels for all BGP VPNv6 routes.
<Sysname> display bgp routing-table vpnv6 inlabel
Total number of routes: 1
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Route distinguisher: 100:1
Total number of routes: 1
* > Network : 2001:1:: PrefixLen : 96
NextHop : :: OutLabel : NULL
InLabel : 1279
Table 15 Command output
|
Field |
Description |
|
BGP Local router ID |
Router ID of the local BGP router. |
|
Status codes |
Route status codes: · * - valid—Valid route. · > - best—Common optimal route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route. |
|
Origin |
Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols. |
display bgp routing-table vpnv6 outlabel
Use display bgp routing-table vpnv6 outlabel to display outgoing labels for all BGP VPNv6 routes.
Syntax
In standalone mode:
display bgp routing-table vpnv6 outlabel [ standby slot slot-number ]
In IRF mode:
display bgp routing-table vpnv6 outlabel [ standby chassis chassis-number slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
standby: Displays BGP VPNv6 route outgoing labels for a standby BGP process. If you do not specify a standby BGP process, this command displays information for the active BGP process.
slot slot-number: Specifies the slot number of the card where the standby process resides. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies the card or PEX where the standby process resides. The chassis-number argument represents the member ID of the IRF member device or the virtual chassis number of the PEX. The slot-number argument represents the slot number of the card or PEX. (In IRF mode.)
Examples
# Display outgoing labels for all BGP VPNv6 routes.
<Sysname> display bgp routing-table vpnv6 outlabel
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Total number of routes from all PEs: 1
Route distinguisher: 100:1(vpn1)
Total number of routes: 1
* >i Network : 2001:3:: PrefixLen : 96
NextHop : ::FFFF:3.3.3.9 OutLabel : 1279
Route distinguisher: 200:1
Total number of routes: 1
* >i Network : 2001:3:: PrefixLen : 96
NextHop : ::FFFF:3.3.3.9 OutLabel : 1279
Table 16 Command output
|
Field |
Description |
|
BGP Local router ID |
Router ID of the local BGP router. |
|
Status |
Route status codes: · * - valid—Valid route. · > - best—Common optimal route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route. |
|
Origin |
Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols. |
|
OutLabel |
Outgoing label. |
display ospfv3 sham-link
Use display ospfv3 sham-link to display OSPFv3 sham link information.
Syntax
display ospfv3 [ process-id ] [ area area-id ] sham-link [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
process-id: Displays sham link information for the OSPFv3 process specified by its ID. The process ID is in the range of 1 to 65535. If you do not specify a process, this command displays sham link information for all OSPFv3 processes.
area area-id: Displays sham link information for the OSPFv3 area specified by its ID, which is an IP address, or an integer. The integer is in the range of 0 to 4294967295. If you do not specify an area, this command displays sham link information for all OSPFv3 areas.
verbose: Displays detailed sham link information. If you do not specify this keyword, the command displays brief sham link information.
Examples
# Display brief information about all OSPFv3 sham links.
<Sysname> display ospfv3 sham-link
OSPFv3 Process 1 with Router ID 125.0.0.1
Sham-link (Area: 0.0.0.1)
Neighbor ID State Instance ID Destination address
0.0.0.0 Down 1 1:1::58
95.0.0.1 P-2-P 1 1:1::95
# Display detailed information about all OSPFv3 sham links.
<Sysname> display ospfv3 sham-link verbose
OSPFv3 Process 1 with Router ID 125.0.0.1
Sham-link (Area: 0.0.0.1)
Source : 1:1::125
Destination : 1:1::58
Interface ID: 2147483649
Neighbor ID : 0.0.0.0, Neighbor state: Down
Cost: 1 State: Down Type: Sham Instance ID: 1
Timers: Hello 10, Dead 40, Retransmit 5, Transmit delay 1
Request list: 0 Retransmit list: 0
Source : 1:1::125
Destination : 1:1::95
Interface ID: 2147483650
Neighbor ID : 95.0.0.1, Neighbor state: Full
Cost: 1 State: P-2-P Type: Sham Instance ID: 1
Timers: Hello 10, Dead 40, Retransmit 5, Transmit delay 1
Request list: 0 Retransmit list: 0
IPsec profile name: profile001
Table 17 Command output
|
Field |
Description |
|
Neighbor state |
Neighbor state for the sham link, Down, Init, 2-Way, ExStart, Exchange, Loading, or Full. |
|
Request list |
Number of LSAs in the request list. |
|
Retransmit list |
Number of LSAs in the retransmit list. |
|
IPsec profile name |
Name of the IPsec profile used by the sham link. |
domain-id
Use domain-id to set an OSPFv3 domain ID.
Use undo domain-id to restore the default.
Syntax
domain-id { domain-id [ secondary ] | null }
undo domain-id [ domain-id | null ]
Default
The OSPFv3 domain ID is 0.
Views
OSPFv3 view
Predefined user roles
network-admin
mdc-admin
Parameters
domain-id: Specifies an OSPFv3 domain ID, in one of the following formats:
· Integer, in the range of 0 to 4294967295. For example, 1.
· Dotted decimal notation. For example, 0.0.0.1.
· Dotted decimal notation:16-bit user-defined number in the range of 0 to 65535. For example, 0.0.0.1:512.
secondary: Specifies a secondary domain ID. If you do not specify this keyword, the command specifies a primary domain ID.
null: Carries no domain ID in the community attribute.
Usage guidelines
When you redistribute OSPFv3 routes into BGP, BGP adds the primary domain ID to the redistributed BGP VPNv6 routes as a BGP extended community attribute. Then, BGP advertises the routes to the peer PE.
When the peer PE receives the routes, it compares the OSPFv3 domain ID in the routes with the locally configured primary and secondary domain IDs. If the primary or secondary domain ID is the same as the received domain ID, and the received routes are intra-area or inter-area routes, OSPFv3 advertises these routes in Inter-Area-Prefix LSAs (Type 3 LSAs). Otherwise, OSPFv3 advertises these routes in AS External LSAs (Type 5 LSAs) or NSSA External LSAs (Type 7 LSAs).
A null domain ID and a domain ID of 0 are considered the same in domain ID comparison.
You cannot configure a secondary domain ID when the primary domain ID is configured as 0.
If you do not specify any parameters, the undo domain-id command deletes all domain IDs.
This command takes effect only for an OSPFv3 VRF process that is not configured with the vpn-instance-capability simple command. For more information about the vpn-instance-capability simple command, see "IPv6 MCE commands."
Examples
# Set the primary domain ID for OSPFv3 VRF process 100 to 1.1.1.1.
<Sysname> system-view
[Sysname] ospfv3 100 vpn-instance vpn1
[Sysname-ospfv3-100] domain-id 1.1.1.1
Related commands
display ospfv3 (Layer 3—IP Routing Command Reference)
ext-community-type
Use ext-community-type to configure the type code of an OSPFv3 extended community attribute.
Use undo ext-community-type to restore the default.
Syntax
ext-community-type { domain-id type-code1 | route-type type-code2 | router-id type-code3 }
undo ext-community-type [ domain-id | route-type | router-id ]
Default
The type codes for domain ID, route type, and router ID are hex numbers 0005, 0306, and 0107, respectively.
Views
OSPFv3 view
Predefined user roles
network-admin
mdc-admin
Parameters
domain-id type-code1: Specifies the type code for domain ID. Valid values are hex numbers 0005, 0105, 0205, and 8005.
route-type type-code2: Specifies the type code for route type. Valid values are hex numbers 0306 and 8000.
router-id type-code3: Specifies the type code for router ID. Valid values are hex numbers 0107 and 8001.
Examples
# Configure the type codes of domain ID, route type, and router ID as hex numbers 8005, 8000, and 8001, respectively, for OSPFv3 VRF process 100.
<Sysname> system-view
[Sysname] ospfv3 100 vpn-instance vpn1
[Sysname-ospfv3-100] ext-community-type domain-id 8005
[Sysname-ospfv3-100] ext-community-type route-type 8000
[Sysname-ospfv3-100] ext-community-type router-id 8001
Related commands
display ospfv3 (Layer 3—IP Routing Command Reference)
peer next-hop-invariable
Use peer next-hop-invariable to configure the device to not change the next hop of routes advertised to peers.
Use undo peer next-hop-invariable to restore the default.
Syntax
peer { group-name | ip-address [ mask-length ] } next-hop-invariable
undo peer { group-name | ip-address [ mask-length ] } next-hop-invariable
Default
The device uses its address as the next hop of routes advertised to EBGP peers.
Views
BGP VPNv6 address family view
Predefined user roles
network-admin
mdc-admin
Parameters
group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters.
ip-address: Specifies a peer by its IP address.
mask-length: Specifies a mask length in the range of 0 to 32. You can use the ip-address and mask-length arguments together to specify a subnet. If you specify a subnet in this command, the device does not change the next hop of routes advertised to the dynamic peers in the subnet.
Usage guidelines
On an RR in an inter-AS option C scenario, you must configure this command to not change the next hop of VPNv6 routes advertised to BGP peers and RR clients.
This command is exclusive with the peer next-hop-local command.
Examples
# Configure the device to not change the next hop of routes advertised to peer 1.1.1.1.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] address-family vpnv6
[Sysname-bgp-af-vpnv6] peer 1.1.1.1 next-hop-invariable
Related commands
peer next-hop-local (Layer 3—IP Routing Command Reference)
policy vpn-target
Use policy vpn-target to enable route target filtering of received VPNv6 routes.
Use undo policy vpn-target to permit all VPNv6 routes.
Syntax
policy vpn-target
undo policy vpn-target
Default
The route target filtering feature is enabled for received VPNv6 routes.
Views
BGP VPNv6 address family view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
In an inter-AS option B scenario, an ASBR must save all incoming VPNv4 routes and advertises those routes to the peer ASBR. For this purpose, you must execute the undo policy vpn-target command on the ASBR to disable route target filtering.
Examples
# Disable route target filtering of received VPNv6 routes.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] address-family vpnv6
[Sysname-bgp-af-vpnv6] undo policy vpn-target
route-tag
Use route-tag to configure an external route tag for redistributed VPN routes.
Use undo route-tag to restore the default.
Syntax
route-tag tag-value
undo route-tag
Default
If BGP runs within an MPLS backbone, and the BGP AS number is not greater than 65535, the first two octets of the external route tag are 0xD000, and the last two octets are the local BGP AS number. For example, if the local BGP AS number is 100, the external route tag value is 3489661028 (100 + the decimal value of 0xD0000000). If the AS number is greater than 65535, the external route tag is 0.
Views
OSPFv3 view
Predefined user roles
network-admin
mdc-admin
Parameters
tag-value: Specifies the external route tag for redistributed VPN routes, in the range of 0 to 4294967295.
Usage guidelines
In a dual-homed scenario where OSPFv3 runs between the CE and the connected PEs (PE-A and PE-B, for example), you can use external route tags to avoid routing loops.
When PE-A redistributes BGP VPNv6 routes from the peer PE into OSPFv3, and advertises these routes in the Type 5 or 7 LSAs to the CE, PE-A adds the locally configured external route tag to the LSAs.
If the route-tag-check enable command is configured on the PE-B, it compares the external route tag in the receiving Type 5 or 7 LSAs with the locally configured tag. If they are the same, PE-B ignores the LSA in route calculation to avoid routing loops.
The commands used to configure the external route tag (in the descending order of tag priority) are as follows:
· import-route
· route-tag (for PEs) and default tag (for CEs)
As a best practice, configure the same external route tag for PEs in the same area.
An external route tag is not transferred in any BGP extended community attribute. It takes effect only on PEs that receive BGP routes and generate OSPF Type 5 or 7 LSAs.
You can configure the same external route tag for different OSPF processes.
This command takes effect only for an OSPFv3 VRF process that is not configured with the vpn-instance-capability simple command. For more information about the vpn-instance-capability simple command, see "IPv6 MCE commands."
Examples
# Set the external route tag for redistributed VPN routes to 100 for OSPFv3 VRF process 100.
<Sysname> system-view
[Sysname] ospfv3 100 vpn-instance vpn1
[Sysname-ospfv3-100] route-tag 100
Related commands
· default tag (Layer 3—IP Routing Command Reference)
· display ospfv3 (Layer 3—IP Routing Command Reference)
· import-route (Layer 3—IP Routing Command Reference)
· route-tag-check enable
route-tag-check enable
Use route-tag-check enable to enable the external route check feature for OSPFv3 LSAs.
Use undo route-tag-check enable to restore the default.
Syntax
route-tag-check enable
undo route-tag-check enable
Default
The external route tag in OSPFv3 LSAs is not checked.
Views
OSPFv3 view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
In a dual-homed scenario where OSPFv3 runs between the CE and the connected PEs (PE-A and PE-B, for example), you can use external route tags to avoid routing loops.
When PE-A redistributes BGP VPNv6 routes from the peer PE into OSPFv3, and advertises these routes in the Type 5 or 7 LSAs to the CE, PE-A adds the locally configured external route tag to the LSAs.
If the route-tag-check enable command is configured on PE-B, it compares the external route tag in the receiving Type 5 or 7 LSAs with the locally configured tag. If they are the same, PE-B ignores the LSA in route calculation to avoid routing loops.
Use the external route tag check feature only when the device does not support the DN bit. Otherwise, use the DN bit to avoid routing loops.
This command takes effect only for an OSPFv3 VRF process that is not configured with the vpn-instance-capability simple command. For more information about the vpn-instance-capability simple command, see "IPv6 MCE commands."
Examples
# Check the external route tag in LSAs for OSPFv3 VRF process 100.
<Sysname> system-view
[Sysname] ospfv3 100 vpn-instance vpn1
[Sysname-ospfv3-100] route-tag-check enable
Related commands
· display ospfv3 (Layer 3—IP Routing Command Reference)
· route-tag
rr-filter
Use rr-filter to create an RR reflection policy so that only IBGP routes whose extended community attribute matches the specified extended community list are reflected.
Use undo rr-filter to restore the default.
Syntax
rr-filter extended-community-number
undo rr-filter
Default
An RR does not filter reflected routes.
Views
BGP VPNv6 address family view
Predefined user roles
network-admin
mdc-admin
Parameters
extended-community-number: Specifies an extended community number in the range of 1 to 199.
Usage guidelines
By configuring different RR reflection policies on RRs in a cluster, you can implement load balancing among the RRs.
Examples
# Configure the RR to only reflect VPNv6 routes with an extended community number of 10.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] address-family vpnv6
[Sysname-bgp-vpnv6] rr-filter 10
sham-link
Use sham-link to create an OSPFv3 sham link.
Use undo sham-link to remove a sham link or restore the defaults of specified parameters for a sham link.
Syntax
sham-link source-ipv6-address destination-ipv6-address [ cost cost | dead dead-interval | hello hello-interval | instance instance-id | ipsec-profile profile-name | retransmit retrans-interval | trans-delay delay ] *
undo sham-link source-ipv6-address destination-ipv6-address [ cost | dead | hello | ipsec-profile | retransmit | trans-delay ] *
Default
No OSPFv3 sham link is configured.
Views
OSPFv3 area view
Predefined user roles
network-admin
mdc-admin
Parameters
source-ipv6-address: Specifies the source IPv6 address of the sham link.
destination-ipv6-address: Specifies the destination IPv6 address of the sham link.
cost cost: Specifies the cost of the sham link, in the range of 1 to 65535. The default cost is 1.
dead dead-interval: Specifies the dead interval in the range of 1 to 32768 seconds. The default is 40 seconds. The dead interval configured on each end of the sham link must be identical, and it must be at least four times the hello interval.
hello hello-interval: Specifies the interval for sending hello packets, in the range of 1 to 8192 seconds. The default is 10 seconds. The hello interval configured on each end of the sham link must be identical.
instance instance-id: Specifies the instance ID of the sham link, in the range of 0 to 255. The default value is 0.
ipsec-profile profile-name: Specifies the IPsec profile for the sham link. The profile-name argument specifies the profile by its name, a case-insensitive string of 1 to 63 characters.
retransmit retrans-interval: Specifies the interval for retransmitting LSAs, in the range of 1 to 3600 seconds. The default is 5 seconds.
trans-delay delay: Specifies the delay interval before the interface sends an LSA, in the range of 1 to 3600 seconds. The default is 1 second.
Usage guidelines
When a backdoor link exists between the two sites of a VPN, you can create a sham link between PEs to forward VPN traffic through the sham link on the backbone rather than through the backdoor link. A sham link is considered an OSPFv3 intra-area route.
Examples
# Create a sham link with the source address 1::1 and destination address 2::2.
<Sysname> system-view
[Sysname] ospfv3 100 vpn-instance vpn1
[Sysname-ospfv3-100] area 0
[Sysname-ospfv3-100-area-0.0.0.0] sham-link 1::1 2::2
Related commands
display ospfv3 sham-link
