Use address-family vpnv4 in BGP view to create the BGP VPNv4 address family and enter its view, or enter the view of the existing BGP VPNv4 address family.

Use address-family vpnv4 in BGP-VPN instance view to create the BGP-VPN VPNv4 address family and enter its view, or enter the view of the existing BGP-VPN VPNv4 address family.

Use undo address-family vpnv4 to remove the BGP VPNv4 address family or BGP-VPN VPNv4 address family, and all settings in address family view.

Syntax

address-family vpnv4

undo address-family vpnv4

Default

The BGP VPNv4 address family or BGP-VPN VPNv4 address family does not exist.

Views

BGP instance view

BGP-VPN instance view

Predefined user roles

network-admin

Usage guidelines

A VPNv4 address consists of an RD and an IPv4 prefix. VPNv4 routes are routes that carry VPNv4 addresses.

For a PE to exchange BGP VPNv4 routes with a BGP peer, enable that peer by executing the peer enable command in BGP VPNv4 or BGP-VPN VPNv4 address family view.

In BGP VPNv4 address family view, you can configure the following settings:

· BGP VPNv4 route attributes, such as the preferred value.

· Whether to allow the local AS number to appear in the AS_PATH attribute of received route updates.

The settings in BGP VPNv4 address family view control VPNv4 route exchange between PEs.

The settings in BGP-VPN VPNv4 address family view control VPNv4 route exchange between provider PE and provider CE in nested MPLS L3VPN.

Examples

# Create the BGP VPNv4 address family and enter its view.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family vpnv4

[Sysname-bgp-default-vpnv4]

dampening ibgp

Use dampening ibgp to configure BGP VPNv4 route dampening.

Use undo dampening ibgp to restore the default.

Syntax

dampening ibgp [ half-life-reachable half-life-unreachable reuse suppress ceiling | route-policy route-policy-name ] *

undo dampening ibgp

Default

BGP VPNv4 route dampening is not configured.

Views

BGP VPNv4 address family view

Predefined user roles

network-admin

Parameters

half-life-reachable: Specifies a half-life for active routes, in the range of 1 to 45 minutes. By default, the value is 15 minutes.

half-life-unreachable: Specifies a half-life for suppressed routes, in the range of 1 to 45 minutes. By default, the value is 15 minutes.

reuse: Specifies a reuse threshold value for suppressed routes, in the range of 1 to 20000. The default value is 750. A suppressed route whose penalty value decreases under the value is reused. The reuse threshold must be smaller than the suppression threshold.

suppress: Specifies a suppression threshold in the range of 1 to 20000. The default value is 2000. A route with a penalty value greater than this threshold is suppressed.

ceiling: Specifies a ceiling penalty value in the range of 1001 to 20000. The default value is 16000. The value must be greater than the suppression threshold.

route-policy route-policy-name: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.

Usage guidelines

This command applies only to IBGP routes.

If an IBGP peer goes down after you configure this feature, VPNv4 routes coming from the peer are dampened but not deleted.

Examples

# In BGP VPNv4 address family view, configure BGP route dampening. Set the half-life for both active and suppressed routes to 10 minutes, the reuse threshold to 1000, the suppression threshold to 2000, and the ceiling penalty to 10000.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family vpnv4

[Sysname-bgp-default-vpnv4] dampening ibgp 10 10 1000 2000 10000

Related commands

display bgp dampening parameter (Layer 3—IP Routing Command Reference)

description (VPN instance view)

Use description to configure a description for a VPN instance.

Use undo description to restore the default.

Syntax

description text

undo description

Default

No description is configured for a VPN instance.

Views

VPN instance view

Predefined user roles

network-admin

Parameters

text: Specifies a description, a case-sensitive string of 1 to 79 characters.

Examples

# Configure a description of This is vpn1 for VPN instance vpn1.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] description This is vpn1

display bgp routing-table ipv4 unicast inlabel

Use display bgp routing-table ipv4 unicast inlabel to display incoming labels for BGP IPv4 unicast routes.

Syntax

display bgp [ instance instance-name ] routing-table ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] inlabel

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

instance instance-name: Specifies a BGP instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a BGP instance, this command displays incoming labels for BGP IPv4 unicast routes in the default BGP instance.

vpn-instance vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays incoming labels for BGP IPv4 unicast routes on the public network.

Usage guidelines

This command displays incoming labels for BGP IPv4 unicast routes regardless of whether the unicast keyword is specified or not.

Examples

# Display incoming labels for all BGP IPv4 unicast routes on the public network.

<Sysname> display bgp routing-table ipv4 inlabel

Total number of routes: 1

BGP local router ID is 3.3.3.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

a – additional-path

Origin: i - IGP, e - EGP, ? - incomplete

Network NextHop OutLabel InLabel

* > 2.2.2.9/32 1.1.1.2 1151 1279

Table 1 Command output

Field	Description
BGP local router ID	Router ID of the local BGP router.
Status codes	Route status codes: · * - valid—Valid route. · > - best—Common optimal route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route. · a - additional-path—Add-Path optimal route.
Origin	Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols.
OutLabel	Outgoing label.
InLabel	Incoming label.

display bgp routing-table ipv4 unicast outlabel

Use display bgp routing-table ipv4 unicast outlabel to display outgoing labels for BGP IPv4 unicast routes.

Syntax

display bgp [ instance instance-name ] routing-table ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] outlabel

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

instance instance-name: Specifies a BGP instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a BGP instance, this command displays outgoing labels for BGP IPv4 unicast routes in the default BGP instance.

vpn-instance vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays outgoing labels for BGP IPv4 unicast routes on the public network.

Usage guidelines

This command displays outgoing labels for BGP IPv4 unicast routes regardless of whether the unicast keyword is specified or not.

Examples

# Display outgoing labels for all public BGP IPv4 unicast routes in the default BGP instance.

<Sysname> display bgp routing-table ipv4 outlabel

Total number of routes: 1

BGP local router ID is 3.3.3.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

a – additional-path

Origin: i - IGP, e - EGP, ? - incomplete

Network NextHop OutLabel

* > 2.2.2.9/32 1.1.1.2 1151

Table 2 Command output

Field	Description
BGP local router ID	Router ID of the local BGP router.
Status codes	Route status codes: · * - valid—Valid route. · > - best—Common optimal route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route. · a - additional-path—Add-Path optimal route.
Origin	Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols.
OutLabel	Outgoing label.

display bgp routing-table vpnv4

Use display bgp routing-table vpnv4 to display BGP VPNv4 routing information.

Syntax

display bgp [ instance instance-name ] routing-table vpnv4 [ [ route-distinguisher route-distinguisher ] [ ipv4-address [ mask-length | mask ] [ longest-match ] | ipv4-address [ mask-length | mask ] advertise-info | as-path-acl as-path-acl-number | community-list { { basic-community-list-number | comm-list-name } [ whole-match ] | adv-community-list-number } ] | [ vpn-instance vpn-instance-name ] peer ipv4-address { advertised-routes | received-routes } [ ipv4-address [ mask-length | mask ] | statistics ] | statistics ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

instance instance-name: Specifies a BGP instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a BGP instance, this command displays BGP VPNv4 routes in the default BGP instance.

route-distinguisher route-distinguisher: Specifies an RD, a string of 3 to 21 characters in one of the following formats:

· 16-bit AS number:32-bit user-defined number. For example, 101:3.

· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.

· 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1.

ipv4-address: Specifies the destination IPv4 address.

mask-length: Specifies the length of the network mask, in the range of 0 to 32.

mask: Specifies the network mask, in dotted decimal notation.

longest-match: Displays the longest matching BGP VPNv4 route. The system first ANDs the specified network address with the mask of each route, and then selects the longest matching BGP VPNv4 route as follows:

· If you specify a mask, a route is matched if the AND result is the same as the network address of the route and the mask of the route is shorter than or equal to the specified mask. In this case, the command displays brief information about the route with the longest mask among the matching routes.

· If you do not specify a mask, a route is matched if the AND result is the same as the network address of the route. In this case, the command displays detailed information about the route with the longest mask among the matching routes.

advertise-info: Displays advertisement information for BGP VPNv4 routes.

as-path-acl as-path-acl-number: Displays BGP VPNv4 routes that match the AS path list specified by its number in the range of 1 to 256.

community-list: Displays BGP VPNv4 routes that match a BGP community list.

basic-community-list-number: Specifies a basic community list by its number in the range of 1 to 99.

comm-list-name: Specifies a community list by its name, a case-sensitive string of 1 to 63 characters.

whole-match: Displays BGP VPNv4 routes exactly matching the specified community list. If you do not specify this keyword, the command displays BGP VPNv4 routes whose COMMUNITY attributes include the specified community list.

adv-community-list-number: Specifies an advanced community list by its number in the range of 100 to 199.

vpn-instance vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays BGP VPNv4 routes advertised to or received from the specified peer on the public network.

peer: Displays BGP VPNv4 routing information advertised to or received from a peer.

ipv4-address: Specifies the peer IPv4 address.

advertised-routes: Displays BGP VPNv4 routing information advertised to the specified peer.

received-routes: Displays BGP VPNv4 routing information received from the specified peer.

statistics: Displays BGP VPNv4 routing statistics.

Usage guidelines

If you do not specify any parameters, this command displays brief information about all BGP VPNv4 routes.

If you specify only ipv4-address mask or ipv4-address mask-length, this command displays detailed information about the BGP VPNv4 route that exactly matches the specified address and mask.

If you specify ipv4-address mask (or ipv4-address mask-length) and longest-match, the sysetm ANDs the specified network address with the mask of each route. A route is matched if the AND result is the same as the route's network address and the route's mask is shorter than or equal to the specified mask. In this case, the command displays brief information about the route with the longest mask among the matching routes.

If you specify only ipv4-address, the system ANDs the network address with the mask of a route. If the result matches the network address of the route, this command displays detailed information about the BGP VPNv4 route.

If you specify ipv4-address and longest-match, the sysetm ANDs the specified network address with the mask of each route. A route is matched if the AND result is the same as the route's network address. In this case, the command displays detailed information about the route with the longest mask among the matching routes.

Examples

# Display brief information about all BGP VPNv4 routes in the default BGP instance.

<Sysname> display bgp routing-table vpnv4

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

a – additional-path

Origin: i - IGP, e - EGP, ? - incomplete

Total number of VPN routes: 8

Total number of routes from all PEs: 8

Route distinguisher: 100:1(vpn1)

Total number of routes: 6

Network NextHop MED LocPrf PrefVal Path/Ogn

* > 10.1.1.0/24 10.1.1.2 0 32768 ?

* e 10.1.1.1 0 0 65410?

* > 10.1.1.2/32 127.0.0.1 0 32768 ?

* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?

* >e 192.168.1.0 10.1.1.1 0 0 65410?

* i 3.3.3.9 0 100 0 65420?

Route distinguisher: 200:1

Total number of routes: 2

Network NextHop MED LocPrf PrefVal Path/Ogn

* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?

* >i 192.168.1.0 3.3.3.9 0 100 0 65420?

# Display brief information about BGP VPNv4 routes with RD 100:1 in the default BGP instance.

<Sysname> display bgp routing-table vpnv4 route-distinguisher 100:1

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

a – additional-path

Origin: i - IGP, e - EGP, ? - incomplete

Route distinguisher: 100:1(vpn1)

Total number of routes: 6

Network NextHop MED LocPrf PrefVal Path/Ogn

* > 10.1.1.0/24 10.1.1.2 0 32768 ?

* e 10.1.1.1 0 0 65410?

* > 10.1.1.2/32 127.0.0.1 0 32768 ?

* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?

* >e 192.168.1.0 10.1.1.1 0 0 65410?

* i 3.3.3.9 0 100 0 65420?

# Display information about BGP VPNv4 routes matching AS_PATH list 1 in the default BGP instance.

<Sysname> display bgp routing-table vpnv4 as-path-acl 1

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

a – additional-path

Origin: i - IGP, e - EGP, ? - incomplete

Total number of VPN routes: 8

Total number of routes from all PEs: 8

Route distinguisher: 100:1(vpn1)

Total number of routes: 6

Network NextHop MED LocPrf PrefVal Path/Ogn

* > 10.1.1.0/24 10.1.1.2 0 32768 ?

* e 10.1.1.1 0 0 65410?

* > 10.1.1.2/32 127.0.0.1 0 32768 ?

* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?

* >e 192.168.1.0 10.1.1.1 0 0 65410?

* i 3.3.3.9 0 100 0 65420?

Route distinguisher: 200:1

Total number of routes: 2

Network NextHop MED LocPrf PrefVal Path/Ogn

* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?

* >i 192.168.1.0 3.3.3.9 0 100 0 65420?

# Display information about BGP VPNv4 routes matching BGP community list 100 in the default BGP instance.

<Sysname> display bgp routing-table vpnv4 community-list 100

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

a – additional-path

Origin: i - IGP, e - EGP, ? - incomplete

Total number of VPN routes: 8

Total number of routes from all PEs: 8

Route distinguisher: 100:1(vpn1)

Total number of routes: 6

Network NextHop MED LocPrf PrefVal Path/Ogn

* > 10.1.1.0/24 10.1.1.2 0 32768 ?

* e 10.1.1.1 0 0 65410?

* > 10.1.1.2/32 127.0.0.1 0 32768 ?

* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?

* >e 192.168.1.0 10.1.1.1 0 0 65410?

* i 3.3.3.9 0 100 0 65420?

Route distinguisher: 200:1

Total number of routes: 2

Network NextHop MED LocPrf PrefVal Path/Ogn

* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?

* >i 192.168.1.0 3.3.3.9 0 100 0 65420?

# Display information about public BGP VPNv4 routes advertised to peer 3.3.3.9 in the default BGP instance.

<Sysname> display bgp routing-table vpnv4 peer 3.3.3.9 advertised-routes

Total number of routes: 2

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

a – additional-path

Origin: i - IGP, e - EGP, ? - incomplete

Route distinguisher: 100:1

Total number of routes: 2

Network NextHop MED LocPrf Path/Ogn

* > 10.1.1.0/24 10.1.1.2 0 ?

* >e 192.168.1.0 10.1.1.1 0 65410?

# Display information about public BGP VPNv4 routes received from peer 3.3.3.9 in the default BGP instance.

<Sysname> display bgp routing-table vpnv4 peer 3.3.3.9 received-routes

Total number of routes: 2

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

a – additional-path

Origin: i - IGP, e - EGP, ? - incomplete

Route distinguisher: 200:1

Total number of routes: 2

Network NextHop MED LocPrf PrefVal Path/Ogn

* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?

* >i 192.168.1.0 3.3.3.9 0 100 0 65420?

Table 3 Command output

Field	Description
BGP local router ID	Router ID of the local BGP router.
Status codes	Route status codes: · * - valid—Valid route. · > - best—Common optimal route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route. · a - additional-path—Add-Path optimal route.
Origin	Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols.
Total number of VPN routes	Total number of VPNv4 routes on the device.
Total number of routes from all PEs	Total number of VPNv4 routes from all PEs.
Network	Network address.
NextHop	Next hop address.
MED	MULTI_EXIT_DISC attribute.
LocPrf	Local preference value.
PrefVal	Preferred value.
Path/Ogn	AS_PATH and Origin attributes.

# Display detailed information about BGP VPNv4 routes to 10.3.1.0/24 in the default BGP instance.

<Sysname> display bgp routing-table vpnv4 10.3.1.0 24

BGP local router ID: 1.1.1.9

Local AS number: 100

Route distinguisher: 100:1(vpn1)

Total number of routes: 1

Paths: 1 available, 1 best

BGP routing table information of 10.3.1.0/24:

From : 3.3.3.9 (3.3.3.9)

Rely nexthop : 172.1.1.2

Original nexthop: 3.3.3.9

OutLabel : 1279

Ext-Community : <RT: 111:1>

AS-path : (null)

Origin : incomplete

Attribute value : MED 0, localpref 100, pref-val 0

State : valid, internal, best

IP precedence : N/A

QoS local ID : N/A

Traffic index : N/A

Route distinguisher: 200:1

Total number of routes: 1

Paths: 1 available, 1 best

BGP routing table information of 10.3.1.0/24:

From : 3.3.3.9 (3.3.3.9)

Rely nexthop : 172.1.1.2

Original nexthop: 3.3.3.9

Out interface : GigabitEthernet3/1/1

Route age : 01h26m11s

OutLabel : 1279

Ext-Community : <RT: 111:1>

RxPathID : 0x0

TxPathID : 0x0

AS-path : (null)

Origin : incomplete

Attribute value : MED 0, localpref 100, pref-val 0

State : valid, internal, best

IP precedence : N/A

QoS local ID : N/A

Traffic index : N/A

Tunnel policy : NULL

Rely tunnel IDs : N/A

Route distinguisher: 200:1

Total number of routes: 1

Paths: 1 available, 1 best

BGP routing table information of 10.3.1.0/24:

From : 3.3.3.9 (3.3.3.9)

Rely nexthop : 172.1.1.2

Original nexthop: 3.3.3.9

Out interface : GigabitEthernet3/1/2

Route age : 01h26m11s

OutLabel : 1279

Ext-Community : <RT: 111:1>

RxPathID : 0x0

TxPathID : 0x0

AS-path : (null)

Origin : incomplete

Attribute value : MED 0, localpref 100, pref-val 0

State : valid, internal, best

IP precedence : N/A

QoS local ID : N/A

Traffic index : N/A

Tunnel policy : NULL

Rely tunnel IDs : N/A

# Display detailed information about the BGP VPNv4 route to 10.3.1.0/24 and with RD 100:1 in the default BGP instance.

<Sysname> display bgp routing-table vpnv4 route-distinguisher 100:1 10.3.1.0 24

BGP local router ID: 1.1.1.9

Local AS number: 100

Route distinguisher: 100:1(vpn1)

Total number of routes: 1

Paths: 1 available, 1 best

BGP routing table information of 10.3.1.0/24:

From : 3.3.3.9 (3.3.3.9)

Rely nexthop : 172.1.1.2

Original nexthop: 3.3.3.9

Out interface : GigabitEthernet3/1/3

OutLabel : 1279

Ext-Community : <RT: 111:1>

RxPathID : 0x0

TxPathID : 0x0

AS-path : (null)

Origin : incomplete

Attribute value : MED 0, localpref 100, pref-val 0

State : valid, internal, best

IP precedence : N/A

QoS local ID : N/A

Traffic index : N/A

Tunnel policy : NULL

Rely tunnel IDs : N/A

Table 4 Command output

Field	Description
Rely Nexthop	Recursive next hop. If no recursive next hop is found, this field displays not resolved.
Original nexthop	Original next hop. If the route is learned from a BGP update, it is the next hop in the update message.
Out interface	Next hop output interface information.
Route age	Time elapsed since the most recent route update.
Ext-Community	Extended community attribute: · RT—Route Target extended community. · RT Import—VRF Route Import extended community used for multicast VPN. · SrcAs—Source AS extended community used for multicast VPN.
RxPathID	Received Add-Path ID of the route.
TxPathID	Advertised Add-Path ID of the route.
Origin	Route origin: · igp—Originated in the AS. The origin of routes advertised by the network command is IGP. · egp—Learned through EGP. · incomplete—Redistributed from IGP protocols.
Attribute value	BGP route attribute information: · MED—MED attribute. · localpref—Local preference. · pref-val—Preferred value. · pre—Protocol preference.
State	Route status: · valid—Valid route. · internal—Internal route. · external—External route. · local—Locally generated route. · synchronize—Synchronized route. · best—Optimal route. · not preferred for reason—Reason why the route is not selected as the optimal route. For more information, see Table 5. · not ECMP for reason—Reason why the route does not form ECMP routes with other routes. For more information, see Table 6.
IP precedence	IP priority of a route, in the range of 0 to 7. N/A indicates that the route does not support this field.
QoS local ID	QoS local ID attribute of a route, in the range of 1 to 4095. N/A indicates that the route does not support this field.
Traffic index	Index of the traffic, in the range of 1 to 64. N/A indicates that the route does not support this field.
Tunnel policy	Tunnel policy that takes effect. NULL indicates that no tunnel policy takes effect.
Rely Tunnel IDs	NHLFE IDs for tunnels found through route recursion. This field displays multiple NHLFE IDs if ECMP tunnels exist and displays N/A if route recursion does not occur.

Table 5 Reason why the route is not selected as the optimal route

Reason	Description
preferred-value	Routes with larger preferred values exist.
local-preference	Routes with larger local preference values exist.
local-origin-route	There are routes whose local-origin-route attribute has a higher priority. BGP selects the optimal route from local routes in this order: route generated by the network command, route redistributed by the import-route command, and summary route.
aigp	Routes carrying the AIGP attribute or routes with smaller AIGP attribute values exist.
as-path	Routes with smaller AS_PATH attribute values exist.
origin	There are routes whose origin has a higher priority. The route origins are IGP, EGP, and INCOMPLETE in descending order of priority.
med	Routes with smaller MED values exist.
remote-route	There are routes whose remote-route attribute has a higher priority. BGP selects the optimal route from remote routes in this order: · Route learned from an EBGP peer. · Route learned from a confederation EBGP peer. · Route learned from a confederation IBGP peer. · Route learned from an IBGP peer.
igp-cost	Routes with smaller IGP metrics exist.
relydepth	Routes with smaller recursion depth values exist.
rfc5004	A route received from an EBGP peer is the current optimal route. BGP does not change the optimal route when it receives routes from other EBGP peers.
router-id	Routes with smaller router IDs exist. If one of the routes is advertised by a route reflector, BGP compares the ORIGINATOR_ID of the route with the router IDs of other routes. Then, BGP selects the route with the smallest ID as the optimal route.
cluster-list	Routes with smaller CLUSTER_LIST attribute values exist.
peer-address	Routes advertised by peers with lower IP addresses exist.
redist-route	Routes of the current VPN instance exist.
rpki	Routes with higher RPKI validation state preferences exist.
received	Earlier learned routes exist.
evpn-macip-mobile	There are EVPN MAC/IP advertisement routes carrying the MAC mobility extended community attribute.
evpn-macip-mobile-static	There are EVPN MAC/IP advertisement routes whose static flag in the MAC mobility extended community attribute is set.
evpn-macip-mobile-seq	There are EVPN MAC/IP advertisement routes carrying a larger sequence number in the MAC mobility extended community attribute.
evpn-macip-mobile-routerid	There are EVPN MAC/IP advertisement routes carrying a smaller router ID in the MAC mobility extended community attribute.

Table 6 Reason why the route does not form ECMP routes with other routes

Reason	Description
preferred-value	The preferred value of the route is different than other routes.
local-preference	The local preference of the route is different than other routes.
local-origin-route	The way for generating the route is different than other routes.
aigp	The AIGP attribute state (whether or not the attribute is carried) or the AIGP attribute value of the route is different than other routes.
as-path	The AS_PATH attribute of the route is different than other routes.
origin	The ORIGIN attribute of the route is different than other routes.
med	The MED attribute of the route is different than other routes.
remote-route	The route comes from a different EBGP, confederation EBGP, confederation IBGP, or IBGP peer than other routes.
igp-cost	The IGP metric of the route is different than other routes.
local-redist-route	The route is redistributed from another VPN instance.
label-route	The labelling state of the route is different than other routes.
samenexthop	The route has the same next hop with another route.
evpn-macip-label	The L3VNI state (whether or not L3VNI is carried) of the route is different than other routes.
evpn-other-type	The route is the only EVPN MAC/IP advertisement route or the route is not an EVPN MAC/IP advertisement route.

# Display advertisement information for BGP VPNv4 routes to 10.1.1.0/24 in the default BGP instance.

<Sysname> display bgp routing-table vpnv4 10.1.1.0 24 advertise-info

BGP local router ID: 1.1.1.9

Local AS number: 100

Route distinguisher: 100:1

Total number of routes: 1

Paths: 1 best

BGP routing table information of 10.1.1.0/24(TxPathID:0):

Advertised to VPN peers (1 in total):

3.3.3.9

Inlabel : 1279

Table 7 Command output

Field	Description
Paths	Number of routes to the specified destination network.
BGP routing table information of 10.1.1.0/24(TxPathID:0)	Advertisement information for the BGP route to 10.1.1.0/24.
Advertised to VPN peers (1 in total)	VPNv4 peers to which the route is advertised, and the number of peers.
Inlabel	Incoming label of the route.

# Display statistics about public BGP VPNv4 routes advertised to peer 3.3.3.9 in the default BGP instance.

<Sysname> display bgp routing-table vpnv4 peer 3.3.3.9 advertised-routes statistics

Advertised routes total: 2

# Display statistics about public BGP VPNv4 routes received from peer 3.3.3.9 in the default BGP instance.

<Sysname> display bgp routing-table vpnv4 peer 3.3.3.9 received-routes statistics

Received routes total: 2

Table 8 Command output

Field	Description
Advertised routes total	Total number of routes advertised to the specified peer.
Received routes total	Total number of routes received from the specified peer.

# Display statistics about public BGP VPNv4 routes in the default BGP instance.

<Sysname> display bgp routing-table vpnv4 statistics

Total number of VPN routes: 8

Total number of routes from all PEs: 8

Route distinguisher: 100:1(vpn1)

Total number of routes: 6

Route distinguisher: 200:1

Total number of routes: 2

Table 9 Command output

Field	Description
Total number of VPN routes	Total number of VPNv4 routes on the device.
Total number of routes from all PEs	Total number of VPNv4 routes from all PEs.
Total number of routes	Total number of VPNv4 routes with the specified RD.

Related commands

ip as-path (Layer 3—IP Routing Command Reference)

display bgp routing-table vpnv4 inlabel

Use display bgp routing-table vpnv4 inlabel to display incoming labels for BGP VPNv4 routes.

Syntax

display bgp [ instance instance-name ] routing-table vpnv4 inlabel

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

Examples

# Display incoming labels for all BGP VPNv4 routes in the default BGP instance.

<Sysname> display bgp routing-table vpnv4 inlabel

Total number of routes: 2

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

a – additional-path

Origin: i - IGP, e - EGP, ? - incomplete

Route distinguisher: 100:1

Total number of routes: 2

Network NextHop OutLabel InLabel

* > 10.1.1.0/24 10.1.1.2 NULL 1279

* >e 192.168.1.0 10.1.1.1 NULL 1278

Table 10 Command output

Field	Description
BGP local router ID	Router ID of the local BGP router.
Status codes	Route status codes: · * - valid—Valid route. · > - best—Common optimal route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route. · a - additional-path—Add-Path optimal route.
Origin	Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols.
OutLabel	Outgoing label. If the peer PE assigns a null label, this field displays NULL.
InLabel	Incoming label.

display bgp routing-table vpnv4 outlabel

Use display bgp routing-table vpnv4 outlabel to display outgoing labels for BGP VPNv4 routes.

Syntax

display bgp [ instance instance-name ] routing-table vpnv4 outlabel

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

Examples

# Display outgoing labels for all BGP VPNv4 routes in the default BGP instance.

<Sysname> display bgp routing-table vpnv4 outlabel

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

a – additional-path

Origin: i - IGP, e - EGP, ? - incomplete

Total number of routes from all PEs: 4

Route distinguisher: 100:1(vpn1)

Total number of routes: 2

Network NextHop OutLabel

* >i 10.3.1.0/24 3.3.3.9 1279

* i 192.168.1.0 3.3.3.9 1278

Route distinguisher: 200:1

Total number of routes: 2

Network NextHop OutLabel

* >i 10.3.1.0/24 3.3.3.9 1279

* >i 192.168.1.0 3.3.3.9 1278

Table 11 Command output

Field	Description
BGP local router ID	Router ID of the local BGP router.
Status codes	Route status codes: · * - valid—Valid route. · > - best—Common optimal route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route. · a - additional-path—Add-Path optimal route.
Origin	Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols.
OutLabel	Outgoing label. If the peer PE assigns a null label, this field displays NULL.

display ip vpn-instance

Use display ip vpn-instance to display information about VPN instances.

Syntax

display ip vpn-instance [ instance-name vpn-instance-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

instance-name vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays brief information about all VPN instances.

Examples

# Display brief information about all VPN instances.

<Sysname> display ip vpn-instance

Total VPN-Instances configured : 1

Total IPv4 VPN-Instances configured : 1

Total IPv6 VPN-Instances configured : 0

VPN-Instance Name RD Address family Create time

abc 1:1 IPv4 2011/05/18 10:48:17

Table 12 Command output

Field	Description
VPN-Instance Name	Name of the VPN instance.
RD	RD of the VPN instance.
Address family	Name of the IPv4 or IPv6 address family. If no IPv4 or IPv6 VPN instances exist, this field displays N/A. The display ip vpn-instance command does not display brief information about IPv4 Flowspec VPN instances. For information about IPv4 Flowspec VPN instances, see Flowspec configuration in ACL and QoS Configuration Guide.
Create Time	Time when the VPN instance was created.

# Display detailed information about VPN instance vpn1.

<Sysname> display ip vpn-instance instance-name vpn1

VPN-Instance Name and Index : vpn1, 2

Route Distinguisher : 100:1

VPN ID : 1:1

Description : vpn1

Interfaces : GigabitEthernet3/1/2

Address-family IPv4:

Export VPN Targets :

2:2

Import VPN Targets :

3:3

Export Route Policy : outpolicy

Import Route Policy : inpolicy

Tunnel Policy : tunnel1

Maximum Routes Limit : 500

Threshold Value(%): 50

Diffserv-mode information: ingress pipe af4, egress short-pipe

Address-family IPv6:

Export VPN Targets :

2:2

Import VPN Targets :

3:3

Export Route Policy : outpolicy

Import Route Policy : inpolicy

Tunnel Policy : tunnel1

Maximum Routes Limit :500

Threshold Value(%): 50

Table 13 Command output

Field	Description
VPN-Instance Name and Index	Name and index of the VPN instance.
Route Distinguisher	Route distinguisher for the VPN instance.
Description	Description of the VPN instance.
Interfaces	Interfaces associated with the VPN instance.
Address-family IPv4	IPv4 VPN instance information.
Address-family IPv6	IPv6 VPN instance information.
Address-family IPv4 Flowspec	IPv4 Flowspec VPN instance information. For more information about IPv4 Flowspec VPN instances, see Flowspec configuration in ACL and QoS Configuration Guide.
Export VPN Targets	Export extended community attribute.
Import VPN Targets	Import extended community attribute.
Export Route Policy	Export routing policy.
Import Route Policy	Import routing policy.
Maximum Routes Limit	Maximum number of routes that the VPN instance supports.
Threshold Value(%)	Alarm threshold for the number of active routes.
Diffserv-mode information	MPLS DiffServ mode information. For more information, see MPLS QOS configuration in ACL and QoS Configuration Guide.

Related commands

diffserv-mode (ACL and QoS Command Reference)

display ospf sham-link

Use display ospf sham-link to display OSPF sham link information.

Syntax

display ospf [ process-id ] sham-link [ area area-id ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

process-id: Specifies an OSPF process by its ID. The process ID is in the range of 1 to 65535. If you do not specify a process, this command displays sham link information for all OSPF processes.

area area-id: Specifies an OSPF area by its ID, which is an IP address, or an integer. The integer is in the range of 0 to 4294967295. If you do not specify an area, this command displays sham link information for all OSPF areas.

Usage guidelines

If you do not specify any processes or areas, this command displays information about all OSPF sham links.

Examples

# Display information about all OSPF sham links.

<Sysname> display ospf sham-link

OSPF Process 1 with Router ID 125.1.1.1

Sham link

Area Neighbor ID Source IP Destination IP State Cost

0.0.0.0 95.1.1.1 125.2.1.1 95.2.1.1 P-2-P 1

# Display OSPF sham link information for OSPF area 1.

<Sysname> display ospf sham-link area 1

OSPF Process 100 with Router ID 100.1.1.2

Sham link: 3.3.3.3 --> 5.5.5.5

Neighbor ID: 120.1.1.2 State: Full

Area: 0.0.0.1

Cost: 1 State: P-2-P Type: Sham

Timers: Hello 10, Dead 40, Retransmit 5, Transmit Delay 1

Request list: 0 Retransmit list: 0

GTSM: Disabled

Cryptographic authentication: Enabled, inherited

The last key is 3.

The rollover is in progress, 1 neighbor(s) left.

Table 14 Command output

Field	Description
State	Neighbor state for the sham link: Down, Init, 2-way, ExStart, Exchange, Loading, or Full.
Cost	Cost of the sham link.
State	Sham link state: Down or P-2-P.
Timers	Timers for the sham link, in seconds. The timers include Hello timer, Dead timer, Retransmit timer, and Transmit Delay timer.
GTSM: Disabled	This field is not supported in the current software version. OSPF GTSM is disabled.
Cryptographic authentication: Enabled, inherited	Cryptographic authentication mode (MD5, HMAC-MD5, or HMAC-SHA-256) is used by the sham link. The inherited attribute indicates that the sham link uses the authentication mode specified for the area to which the sham link belongs. If the sham link uses the simple authentication mode, this field displays Simple authentication: Enabled, inherited.
The last key	Most recent MD5, HMAC-MD5, or HMAC-SHA-256 authentication key ID.
The rollover is in progress, 1 neighbor(s) left	Key rollover for MD5, HMAC-MD5, or HMAC-SHA-256 authentication is in progress, and one neighbor has not completed the key rollover.

domain-id (OSPF view)

Use domain-id to set an OSPF domain ID.

Use undo domain-id to delete an OSPF domain ID.

Syntax

domain-id domain-id [ secondary ]

undo domain-id [ domain-id ]

Default

The OSPF domain ID is 0.

Views

OSPF view

Predefined user roles

network-admin

Parameters

domain-id: Specifies an OSPF domain ID, in one of the following formats:

· Integer, in the range of 0 to 4294967295. For example, 1.

· Dotted decimal notation. For example, 0.0.0.1.

· A string of 9 to 21 characters in the dotted decimal notation:16-bit user-defined number format. The value range for the 16-bit user-defined number is 0 to 65535. For example, 0.0.0.1:512.

secondary: Specifies a secondary domain ID. If you do not specify this keyword, the command specifies a primary domain ID.

Usage guidelines

When you redistribute OSPF routes into BGP, BGP adds the primary domain ID to the redistributed BGP VPNv4 routes as a BGP extended community attribute. Then, BGP advertises the routes to the peer PE.

When the peer PE receives the routes, it compares the OSPF domain ID in the routes with the locally configured primary and secondary domain IDs. OSPF advertises these routes in Network Summary LSAs (Type 3) if both the following conditions exist:

· The primary or secondary domain ID is the same as the received domain ID.

· The received routes are intra-area or inter-area routes.

Otherwise, OSPF advertises these routes in AS External LSAs (Type 5) or NSSA External LSAs (Type 7).

If you do not specify any parameters, the undo domain-id command restores the default.

Examples

# Set the OSPF domain ID to 234.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] domain-id 234

export route-policy

Use export route-policy to apply an export routing policy to a VPN instance.

Use undo export route-policy to restore the default.

Syntax

export route-policy route-policy

undo export route-policy

Default

No export routing policy is applied to a VPN instance.

Views

VPN instance view

VPN instance IPv4 VPN view

VPN instance IPv6 VPN view

Predefined user roles

network-admin

Parameters

route-policy: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.

Usage guidelines

You can specify an export routing policy to filter advertised routes or modify their route attributes for the VPN instance.

If you execute this command multiple times, the most recent configuration takes effect.

An export routing policy specified in VPN instance view applies to both IPv4 VPN and IPv6 VPN. An export routing policy specified in VPN instance IPv4 VPN view applies only to the IPv4 VPN. An export routing policy specified in VPN instance IPv6 VPN view applies only to the IPv6 VPN.

IPv4 VPN prefers the export routing policy specified in VPN instance IPv4 VPN view over the one specified in VPN instance view.

IPv6 VPN prefers the export routing policy specified in VPN instance IPv6 VPN view over the one specified in VPN instance view.

Examples

# Apply export routing policy poly-1 to VPN instance vpn1.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] export route-policy poly-1

Related commands

import route-policy

route-policy (Layer 3—IP Routing Command Reference)

ext-community-type (OSPF view)

Use ext-community-type to configure the type code of an OSPF extended community attribute.

Use undo ext-community-type to restore the default.

Syntax

ext-community-type { domain-id type-code1 | router-id type-code2 | route-type type-code3 }

undo ext-community-type [ domain-id | router-id | route-type ]

Default

The type codes for domain ID, router ID, and route type are hex numbers 0005, 0107, and 0306, respectively.

Views

OSPF view

Predefined user roles

network-admin

Parameters

domain-id type-code1: Specifies the type code for domain ID. Valid values are hex numbers 0005, 0105, 0205, and 8005.

router-id type-code2: Specifies the type code for router ID. Valid values are hex numbers 0107 and 8001.

route-type type-code3: Specifies the type code for route type. Valid values are hex numbers 0306 and 8000.

Examples

# Configure the type codes of domain ID, router ID, and route type as hex numbers 8005, 8001, and 8000, respectively, for OSPF process 100.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] ext-community-type domain-id 8005

[Sysname-ospf-100] ext-community-type router-id 8001

[Sysname-ospf-100] ext-community-type route-type 8000

import route-policy

Use import route-policy to apply an import routing policy to a VPN instance.

Use undo import route-policy to restore the default.

Syntax

import route-policy route-policy

undo import route-policy

Default

All routes matching the import target attribute are accepted.

Views

VPN instance view

VPN instance IPv4 VPN view

VPN instance IPv6 VPN view

Predefined user roles

network-admin

Parameters

route-policy: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.

Usage guidelines

You can specify an import routing policy to filter received routes or modify their route attributes for the VPN instance.

If you execute this command multiple times, the most recent configuration takes effect.

An import routing policy specified in VPN instance view applies to both IPv4 VPN and IPv6 VPN. An import routing policy specified in VPN instance IPv4 VPN view applies only to the IPv4 VPN. An import routing policy specified in VPN instance IPv6 VPN view applies only to the IPv6 VPN.

IPv4 VPN prefers the import routing policy specified in VPN instance IPv4 VPN view over the one specified in VPN instance view.

IPv6 VPN prefers the import routing policy specified in VPN instance IPv6 VPN view over the one specified in VPN instance view.

Examples

# Apply import routing policy poly-1 to VPN instance vpn1.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] import route-policy poly-1

Related commands

export route-policy

route-policy (Layer 3—IP Routing Command Reference)

ip binding vpn-instance

Use ip binding vpn-instance to associate an interface with a VPN instance.

Use undo ip binding vpn-instance to restore the default.

Syntax

ip binding vpn-instance vpn-instance-name

undo ip binding vpn-instance

Default

An interface is associated with no VPN instance and belongs to the public network.

Views

Interface view

Predefined user roles

network-admin

Parameters

vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters.

Usage guidelines

Use this command to associate the VPN instance with the interface connected to the CE.

This command or its undo form clears the IP address and routing protocol configuration on the interface. The specified VPN instance must have been created by using the ip vpn-instance command in system view.

To associate a new VPN instance with an interface, first execute the undo ip binding vpn-instance command to remove the existing association.

Examples

# Associate GigabitEthernet 3/1/1 with VPN instance vpn1.

<Sysname> system-view

[Sysname] interface gigabitethernet 3/1/1

[Sysname-GigabitEthernet3/1/1] ip binding vpn-instance vpn1

Related commands

ip vpn-instance (system view)

Use ip vpn-instance to create a VPN instance and enter its view, or enter the view of an existing VPN instance.

Use undo ip vpn-instance to delete a VPN instance.

Syntax

ip vpn-instance vpn-instance-name

undo ip vpn-instance vpn-instance-name

Default

No VPN instances exist.

Views

System view

Predefined user roles

network-admin

Parameters

vpn-instance-name: Specifies a VPN instance name, a case-sensitive string of 1 to 31 characters.

Examples

# Create a VPN instance named vpn1 and enter its view.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1]

Related commands

route-distinguisher

l3vpn reflector

Use l3vpn reflector to configure L3VPN packet reflection.

Use undo l3vpn reflector to disable L3VPN packet reflection.

Syntax

l3vpn reflector vpn-instance vpn-instance-name ip ip-address [ source-port source-port ] [ destination-port destination-port ]

undo l3vpn reflector vpn-instance vpn-instance-name

Default

L3VPN packet reflection is disabled.

Views

System view

Predefined user roles

network-admin

Parameters

vpn-instance vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters.

ip ip-address: Specifies the destination IP address to be reflected, in dotted decimal notation. The specified IP address must not be the IP address of the CE's interface connected to the local device.

source-port source-port: Specifies the source UDP port to be reflected. The value range for the port number is 1 to 65535, and the default is 49184.

destination-port destination-port: Specifies the destination UDP port to be reflected. The value range for the port number is 1 to 65535, and the default is 7.

Usage guidelines

L3VPN packet reflection reflects test packets for the specified VPN instance.

Only one destination IP address can be specified for a VPN instance. If you execute this command multiple times for a VPN instance, the most recent configuration takes effect.

Examples

# Configure packet reflection, specify the VPN instance as vpn1, and specify the IP address to be reflected as 1.1.1.1.

<Sysname> system-view

[Sysname] l3vpn reflector vpn-instance vpn1 ip 1.1.1.1

mpls l3vpn fragment enable

Use mpls l3vpn fragment enable to enable MPLS IP packet fragmentation.

Use undo mpls l3vpn fragment enable to disable MPLS IP packet fragmentation.

Syntax

mpls l3vpn fragment enable

undo mpls l3vpn fragment enable

Default

MPLS packet fragmentation is disabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

To enable MPLS IP packet fragmentation, you must also set an MPLS MTU by using the mpls mtu command. The device compares each MPLS packet against the MPLS MTU. When an MPLS packet exceeds the MPLS MTU, the device fragments the MPLS packet.

This command is supported on CSPEX (except CSPEX-1204 and CSPEX-1104-E) cards.

Examples

# Enable MPLS packet fragmentation.

<Sysname> system-view

[Sysname] mpls l3vpn fragment enable

Related commands

mpls mtu

nesting-vpn

Use nesting-vpn to enable the nested VPN feature.

Use undo nesting-vpn to disable the nested VPN feature.

Syntax

nesting-vpn

undo nesting-vpn

Default

The nested VPN feature is disabled.

Views

BGP VPNv4 address family view

Predefined user roles

network-admin

Usage guidelines

To exchange VPNv4 routes with a peer in nested VPN, enable nested VPN, and then execute the peer enable command to enable that peer in BGP-VPN VPNv4 address family view.

Examples

# Enable nested VPN.

<Sysname> system-view

[Sysname] bgp 10

[Sysname-bgp-default] address-family vpnv4

[Sysname-bgp-default-vpnv4] nesting-vpn

peer default-route-advertise (BGP VPNv4 address family view)

Use peer default-route-advertise to advertise a default route to a peer or peer group.

Use undo peer default-route-advertise to disable default route advertisement to a peer or peer group.

Syntax

peer { group-name | ipv4-address [ mask-length ] } default-route-advertise vpn-instance vpn-instance-name

undo peer { group-name | ipv4-address [ mask-length ] } default-route-advertise vpn-instance vpn-instance-name

Default

No default route is advertised to a peer or peer group.

Views

BGP VPNv4 address family view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must have been created.

ipv4-address: Specifies a peer by its IPv4 address. The peer must have been created.

mask-length: Specifies a mask length in the range of 0 to 32. You can use the ipv4-address and mask-length arguments together to specify a subnet. If you specify a subnet, this command advertises a default route to all dynamic peers in the subnet.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters.

Usage guidelines

This command enables the device to send a default route with the next hop being itself to the peer or peer group regardless of whether the default route exists in the routing table.

Examples

# In BGP VPNv4 address family view, advertise the default route of VPN instance vpn1 to peer group test.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family vpnv4

[Sysname-bgp-default-vpnv4] peer test default-route-advertise vpn-instance vpn1

peer next-hop-invariable (BGP VPNv4 address family view)

Use peer next-hop-invariable to configure the device to not change the next hop of routes advertised to peers.

Use undo peer next-hop-invariable to configure the device to use its address as the next hop of routes advertised to peers.

Syntax

peer { group-name | ipv4-address [ mask-length ] } next-hop-invariable

undo peer { group-name | ipv4-address [ mask-length ] } next-hop-invariable

Default

The device uses its address as the next hop of routes advertised to peers.

Views

BGP VPNv4 address family view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters.

ipv4-address: Specifies a peer by its IP address.

mask-length: Specifies a mask length in the range of 0 to 32. You can use the ipv4-address and mask-length arguments together to specify a subnet. If you specify a subnet in this command, the device does not change the next hop of routes advertised to the dynamic peers in the subnet.

Usage guidelines

On an RR in an inter-AS option C scenario, you must configure this command to not change the next hop of VPNv4 routes advertised to BGP peers and RR clients.

This command is exclusive with the peer next-hop-local command.

Examples

# Configure the device to not change the next hop of routes advertised to peer 1.1.1.1.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family vpnv4

[Sysname-bgp-default-vpnv4] peer 1.1.1.1 next-hop-invariable

Related commands

peer next-hop-local (Layer 3—IP Routing Command Reference)

peer upe (BGP VPNv4 address family view)

Use peer upe to configure BGP peers as HoVPN UPEs.

Use undo peer upe to delete HoVPN UPEs.

Syntax

peer { group-name | ipv4-address [ mask-length ] } upe

undo peer { group-name | ipv4-address [ mask-length ] } upe

Default

No BGP peer is configured as a UPE.

Views

BGP VPNv4 address family view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The specified peer group must exist.

ipv4-address: Specifies a peer by its IP address. The specified peer must exist.

mask-length: Specifies a mask length in the range of 0 to 32. You can use the ipv4-address and mask-length arguments together to specify a subnet. If you specify a subnet, this command configures all dynamic peers in the subnet as UPEs.

Usage guidelines

A UPE is a special VPNv4 peer. It can accept one default route for each related VPN instance and routes permitted by the routing policy on the SPE. An SPE is a common VPN peer.

Examples

# Configure peer 1.1.1.1 as a UPE.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family vpnv4

[Sysname-bgp-default-vpnv4] peer 1.1.1.1 upe

peer upe route-policy (BGP VPNv4 address family view)

Use peer upe route-policy to advertise routes permitted by a routing policy to UPEs.

Use undo peer upe route-policy to remove the configuration.

Syntax

peer { group-name | ipv4-address [ mask-length ] } upe route-policy route-policy-name export

undo peer { group-name | ipv4-address [ mask-length ] } upe route-policy route-policy-name export

Default

No routes are advertised to any peers.

Views

BGP VPNv4 address family view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must exist.

ipv4-address: Specifies a peer by its IP address. The peer must exist.

mask-length: Specifies a mask length in the range of 0 to 32. You can use the ipv4-address and mask-length arguments together to specify a subnet. If you specify a subnet, this command advertises routes permitted by a routing policy to all dynamic peers in the subnet.

route-policy-name: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.

export: Applies the filtering policy to routes to be advertised.

Usage guidelines

This command must be used with the peer upe command.

Examples

# Configure peer 1.1.1.1 as a UPE, and advertise routes permitted by routing policy hope to peer 1.1.1.1.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] peer 1.1.1.1 as-number 200

[Sysname-bgp-default] address-family vpnv4

[Sysname-bgp-default-vpnv4] peer 1.1.1.1 enable

[Sysname-bgp-default-vpnv4] peer 1.1.1.1 upe

[Sysname-bgp-default-vpnv4] peer 1.1.1.1 upe route-policy hope export

Related commands

peer upe

route-policy (Layer 3—IP Routing Command Reference)

policy vpn-target

Use policy vpn-target to enable route target filtering of received VPNv4 routes. Only VPNv4 routes whose export route target attribute matches local import route target attribute are added to the routing table.

Use undo policy vpn-target to disable route target filtering, permitting all incoming VPNv4 routes.

Syntax

policy vpn-target

undo policy vpn-target

Default

The route target filtering feature is enabled for received VPNv4 routes.

Views

BGP VPNv4 address family view

Predefined user roles

network-admin

Usage guidelines

In an inter-AS option B scenario, an ASBR must save all incoming VPNv4 routes and advertise those routes to the peer ASBR. For this purpose, you must execute the undo policy vpn-target command on the ASBR to disable route target filtering.

Examples

# Disable route target filtering of received VPNv4 routes.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family vpnv4

[Sysname-bgp-default-vpnv4] undo policy vpn-target

route-distinguisher (VPN instance view)

Use route-distinguisher to configure a route distinguisher (RD) for a VPN instance.

Use undo route-distinguisher to restore the default.

Syntax

route-distinguisher route-distinguisher

undo route-distinguisher

Default

No RD is configured for a VPN instance.

Views

VPN instance view

Predefined user roles

network-admin

Parameters

route-distinguisher: Specifies an RD for the VPN instance, a string of 3 to 21 characters in one of the following formats:

· 16-bit AS number:32-bit user-defined number. For example, 101:3.

· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.

· 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1.

Usage guidelines

RDs enable VPNs to use the same address space. An RD and an IPv4 prefix form a unique VPN-IPv4 prefix.

To guarantee global uniqueness for a VPN-IPv4 address, do not set the AS number or IP address in an RD to any private AS number or private IP address.

To modify an RD, execute the undo route-distinguisher command to remove the RD and then execute the route-distinguisher command.

Examples

# Configure RD 22:1 for VPN instance vpn1.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] route-distinguisher 22:1

route-replicate

Use route-replicate to enable a VPN instance to redistribute routes from the public network or other VPN instances.

Use undo route-replicate to cancel the configuration.

Syntax

route-replicate from { public | vpn-instance vpn-instance-name } protocol bgp as-number [ route-policy route-policy-name ]

route-replicate from { public | vpn-instance vpn-instance-name } protocol eigrp eigrp-as [ advertise ] [ route-policy route-policy-name ]

route-replicate from { public | vpn-instance vpn-instance-name } protocol { direct | static | { isis | ospf | rip } process-id } [ advertise ] [ route-policy route-policy-name ]

undo route-replicate from { public | vpn-instance vpn-instance-name } protocol { direct | eigrp eigrp-as | static | bgp as-number | { isis | ospf | rip } process-id }

Default

A VPN instance cannot redistribute routes of the public network or other VPN instances.

Views

VPN instance IPv4 VPN view

Predefined user roles

network-admin

Parameters

public: Redistributes routes from the public network.

vpn-instance vpn-instance-name: Redistributes routes from a VPN instance. The vpn-instance-name argument specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters.

protocol: Redistributes routes of the specified routing protocol.

bgp: Redistributes BGP routes.

as-number: Specifies an AS number in the range of 1 to 4294967295.

direct: Redistributes direct routes.

eigrp: Redistributes EIGRP routes.

static: Redistributes static routes.

isis: Redistributes IS-IS routes.

ospf: Redistributes OSPF routes.

rip: Redistributes RIP routes.

eigrp-as: Specifies an EIGRP process by its ID, in the range of 1 to 65535.

process-id: Specifies a process by its ID, in the range of 1 to 65535.

advertise: Allows the VPN instance to advertise redistributed routes. If you do not specify this keyword, the VPN instance cannot advertise redistributed routes.

route-policy route-policy-name: Applies a routing policy to redistributed routes. The route-policy-name argument specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.

Usage guidelines

In a BGP/MPLS L3VPN network, only VPN instances that have matching route targets can communicate with each other.

This command allows a VPN instance to communicate with the public network or other VPN instances by redistributing routing information of the public network or other VPN instances.

In an intelligent traffic control network, traffic of different tenants is assigned to different VPNs. To enable the tenants to communicate with the public network, configure this command to redistribute routes from the public network to the VPN instances.

Examples

# Redistribute OSPF routes from the public network to VPN instance vpn1.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] address-family ipv4

[Sysname-vpn-ipv4-vpn1] route-replicate from public protocol ospf 1

route-tag (OSPF view)

Use route-tag to configure an external route tag for redistributed VPN routes.

Use undo route-tag to restore the default.

Syntax

route-tag tag-value

undo route-tag

Default

If BGP runs within an MPLS backbone, and the BGP AS number is not greater than 65535, the first two octets of the external route tag are 0xD000, and the last two octets are the local BGP AS number. For example, if the local BGP AS number is 100, the external route tag value is 3489661028 (100 + the decimal value of 0xD0000000). If the AS number is greater than 65535, the external route tag is 0.

Views

OSPF view

Predefined user roles

network-admin

Parameters

tag-value: Specifies the external route tag for redistributed VPN routes, in the range of 0 to 4294967295.

Usage guidelines

In a dual-homed scenario where OSPF runs between the CE and the connected PEs (PE-A and PE-B, for example), you can use external route tags to avoid routing loops.

PE-A redistributes BGP routes from the peer PE into OSPF, and advertises these routes in the Type 5 or 7 LSAs to the CE. In these LSAs, PE-A adds the local external route tag.

When PE-B receives the Type 5 or 7 LSAs advertised by the CE, it compares the external route tag in the LSAs with the local external route tag. If the two tags have the same value (including the value of 0), PE-B ignores the LSA in route calculation to avoid routing loops.

The commands used to configure the external route tag (in the descending order of tag priority) are as follows:

· import-route

· route-tag (for PEs) and default tag (for CEs and MCEs)

As a best practice, configure the same external route tag for PEs in the same area.

An external route tag is not transferred in any BGP extended community attribute. It takes effect only on the PEs that receive BGP routes and generate OSPF Type 5 or 7 LSAs.

You can configure the same external route tag for different OSPF processes.

Examples

# In OSPF process 10, set the external route tag to 10 for redistributed VPN routes.

<Sysname> system-view

[Sysname] ospf 10

[Sysname-ospf-100] route-tag 10

Related commands

default (Layer 3—IP Routing Command Reference)

import-route (Layer 3—IP Routing Command Reference)

routing-table limit

Use routing-table limit to set the maximum number of active routes in a VPN instance.

Use undo routing-table limit to restore the default.

Syntax

routing-table limit number { warn-threshold | simply-alert }

undo routing-table limit

Default

The number of active routes in a VPN instance is not limited.

Views

VPN instance view

VPN instance IPv4 VPN view

VPN instance IPv6 VPN view

Predefined user roles

network-admin

Parameters

number: Specifies the maximum number of active routes.

· The value range for this argument is 1 to 1039360 in VPN instance view and VPN instance IPv6 VPN view.

· The value range for this argument is 1 to 4185088 in VPN instance IPv4 VPN view.

warn-threshold: Specifies a warning threshold in the range of 1 to 100 in percentage. When the percentage of the existing active routes to the maximum active routes exceeds the threshold, the system gives a log message but still allows new active routes. If active routes in the VPN instance reach the maximum, no more active routes are added.

simply-alert: Specifies that when active routes exceed the maximum number, the system still accepts active routes but generates a log message.

Usage guidelines

Setting the maximum number of active routes for a VPN instance can prevent a PE from learning too many routes.

A limit configured in VPN instance view applies to both the IPv4 VPN and the IPv6 VPN. A limit configured in VPN instance IPv4 VPN view applies only to the IPv4 VPN. A limit configured in VPN instance IPv6 VPN view applies only to the IPv6 VPN.

IPv4 VPN prefers the limit configured in VPN instance IPv4 VPN view over the limit configured in VPN instance view.

IPv6 VPN prefers the limit configured in VPN instance IPv6 VPN view over the limit configured in VPN instance view.

Examples

# Specify that VPN instance vpn1 supports a maximum of 1000 active routes. When active routes exceed this limit, the device can receive new active routes but generates a log message.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] route-distinguisher 100:1

[Sysname-vpn-instance-vpn1] routing-table limit 1000 simply-alert

rr-filter (BGP VPNv4 address family view)

Use rr-filter to create a route reflector (RR) reflection policy.

Use undo rr-filter to restore the default.

Syntax

rr-filter ext-comm-list-number

undo rr-filter

Default

An RR does not filter reflected routes.

Views

BGP VPNv4 address family view

Predefined user roles

network-admin

Parameters

ext-comm-list-number: Specifies an extended community list number in the range of 1 to 199.

Usage guidelines

After this command is executed, only the VPNv4 routes that are permitted by the specified extended community list are reflected.

By configuring different RR reflection policies on RRs in a cluster, you can implement load balancing among the RRs.

For more information about extended community lists, see Layer 3—IP Routing Configuration Guide.

Examples

# Configure the RR to reflect only VPNv4 routes that are permitted by extended community list 10.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family vpnv4

[Sysname-bgp-default-vpnv4] rr-filter 10

Related commands

ip extcommunity-list (Layer 3—IP Routing Command Reference)

sham-link (OSPF area view)

Use sham-link to create an OSPF sham link.

Use undo sham-link to remove an OSPF sham link or restore the defaults of specified parameters for an OSPF sham link.

Syntax

sham-link source-ip-address destination-ip-address [ cost cost-value | dead dead-interval | hello hello-interval | { { hmac-md5 | hmac-sha-256 | md5 } key-id { cipher | plain } string | keychain keychain-name | simple { cipher | plain } string } | retransmit retrans-interval | trans-delay delay ] *

undo sham-link source-ip-address destination-ip-address [ cost | dead | hello | { { hmac-md5 | hmac-sha-256 | md5 } key-id | keychain | simple } | retransmit | trans-delay ] *

Default

No OSPF sham links exist.

Views

OSPF area view

Predefined user roles

network-admin

Parameters

source-ip-address: Specifies the source IP address of the sham link.

destination-ip-address: Specifies the destination IP address of the sham link.

cost cost-value: Specifies the cost of the sham link, in the range of 1 to 65535. The default cost is 1.

dead dead-interval: Specifies the dead interval in the range of 1 to 32768 seconds. The default is 40 seconds. The dead interval configured on the two ends of the sham link must be identical, and it must be at least four times the hello interval.

hello hello-interval: Specifies the interval for sending hello packets, in the range of 1 to 8192 seconds. The default is 10 seconds. The hello interval configured on the two ends of the sham link must be identical.

hmac-md5: Enables HMAC-MD5 authentication.

hmac-sha-256: Enables HMAC-SHA-256 authentication.

md5: Enables MD5 authentication.

simple: Enables simple authentication.

key-id: Specifies a key ID for MD5, HMAC-MD5, or HMAC-SHA-256 authentication, in the range of 1 to 255.

cipher: Specifies a key in encrypted form.

plain: Specifies a key in plaintext form. For security purposes, the key specified in plaintext form will be stored in encrypted form.

string: Specifies the key. This argument is case sensitive.

· In simple authentication mode, the plaintext form of the key is a string of 1 to 8 characters. The encrypted form of the key is a string of 33 to 41 characters.

· In MD5/HMAC-MD5 authentication mode, the plaintext form of the key is a string of 1 to 16 characters. The encrypted form of the key is a string of 33 to 53 characters.

· In HMAC-SHA-256 authentication mode, the plaintext form of the key is a string of 1 to 255 characters. The encrypted form of the key is a string of 33 to 373 characters.

keychain: Enables keychain authentication.

keychain-name: Specifies a keychain by its name. A keychain name is a case-sensitive string of 1 to 63 characters.

retransmit retrans-interval: Specifies the interval for retransmitting LSAs, in the range of 1 to 3600 seconds. The default is 5 seconds.

trans-delay delay: Specifies the delay interval before the interface sends an LSA, in the range of 1 to 3600 seconds. The default is 1 second.

Usage guidelines

When a backdoor link exists between the two sites of a VPN, traffic is forwarded through the backdoor link. To forward VPN traffic over the backbone, you can create a sham link between PEs. A sham link is considered an OSPF intra-area route.

For a sham link, you can configure only one authentication mode: MD5/HMAC-MD5/HMAC-SHA-256 authentication, simple authentication, or keychain authentication. For MD5/HMAC-MD5/HMAC-SHA-256 authentication, you can configure multiple keys by executing this command multiple times.

To modify the MD5/HMAC-MD5/HMAC-SHA-256 authentication key of a sham link, perform the following tasks:

1. Configure a new key for the sham link on the local device. If the neighbor on the sham link has not been configured with the new key, this configuration triggers a key rollover process, during which, OSPF advertises both the new and old keys so the neighbor can pass authentication and the neighbor relationship is maintained.

2. Configure the same key for the sham link on the neighbor. After the local device receives a packet carrying the new key from the neighbor, it quits the key rollover process.

3. Execute the undo sham-link command on the local device and the neighbor to remove the old key. This operation can avoid attacks to the sham link that uses the old key and reduce bandwidth consumption by key rollover.

When keychain authentication is configured for an OSPF sham link, OSPF performs the following operations before sending a packet:

1. Obtains a valid send key from the keychain.

OSPF does not send the packet if it fails to obtain a valid send key.

2. Uses the key ID, authentication algorithm, and key string of the send key to authenticate the packet.

If the key ID is greater than 255, OSPF does not send the packet.

When keychain authentication is configured for an OSPF sham link, OSPF performs the following operations before accepting a received a packet:

1. Uses the key ID carried in the packet to obtain a valid accept key from the keychain.

OSPF discards the packet if it fails to obtain a valid accept key.

2. Uses the authentication algorithm and key string of the accept key to authenticate the packet.

If the authentication fails, OSPF discards the packet.

OSPF supports the MD5, HMAC-MD5, HMAC-SM3, and HMAC-SHA-256 authentication algorithms. The ID of keys used for authentication can only be in the range of 0 to 255.

Examples

# Create a sham link with the source address 1.1.1.1 and destination address 2.2.2.2.

<Sysname> system-view

[Sysname] ospf

[Sysname-ospf-1] area 0

[Sysname-ospf-1-area-0.0.0.0] sham-link 1.1.1.1 2.2.2.2

Related commands

display ospf sham-link

snmp context-name

Use snmp context-name to configure an SNMP context for a VPN instance.

Use undo snmp context-name to restore the default.

Syntax

snmp context-name context-name

undo snmp context-name

Default

No SNMP context is configured for a VPN instance.

Views

VPN instance view

Predefined user roles

network-admin

Parameters

context-name: Specifies an SNMP context, a case-sensitive string of 1 to 32 characters.

Usage guidelines

VPN-aware features such as AAA and NAT do not know the VPN instance to which a managed MIB node belongs. To resolve this issue, configure different SNMP contexts for different VPN instances.

The device selects a MIB for an SNMP packet according to the context (for SNMPv3) or community name (for SNMPv1/v2c) in the following ways:

· For an SNMPv3 packet:

¡ The device selects the public MIB if the packet does not carry a context.

¡ The device selects the MIB of a VPN instance if the packet meets the following conditions:

- Carries a context that was configured with the snmp-agent context command in system view.

- Matches the context of the VPN instance.

¡ The device does not process any MIBs in other situations.

· For an SNMPv1/v2c packet:

¡ The device selects the public MIB if no SNMP community to SNMP context mapping was configured with the snmp-agent community-map command in system view.

¡ The device selects the MIB of a VPN instance if the SNMP community is mapped to an SNMP context and the context matches the context of the VPN instance.

¡ The device does not process any MIBs in other situations.

For more information about SNMP context and community name, see Network Management and Monitoring Configuration Guide.

Do not configure the same SNMP context for different VPN instances.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Configure SNMP context vpna for VPN instance vpna.

<Sysname> system-view

[Sysname] snmp-agent context vpna

[Sysname] ip vpn-instance vpna

[Sysname-vpn-instance-vpna] route-distinguisher 22:33

[Sysname-vpn-instance-vpna] snmp context-name vpna

Related commands

snmp-agent community-map (Network Management and Monitoring Command Reference)

snmp-agent context (Network Management and Monitoring Command Reference)

snmp-agent trap enable l3vpn

Use snmp-agent trap enable l3vpn to enable SNMP notifications for MPLS L3VPN.

Use undo snmp-agent trap enable l3vpn to disable SNMP notifications for MPLS L3VPN.

Syntax

snmp-agent trap enable l3vpn

undo snmp-agent trap enable l3vpn

Default

SNMP notifications for MPLS L3VPN are enabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

To report critical MPLS L3VPN events to an NMS, enable SNMP notifications for MPLS L3VPN. For MPLS L3VPN event notifications to be sent correctly, you must also configure SNMP on the device. For more information about SNMP configuration, see the network management and monitoring configuration guide for the device.

Examples

# Enable SNMP notifications for MPLS L3VPN.

<Sysname> system-view

[Sysname] snmp-agent trap enable l3vpn

tnl-policy

Use tnl-policy to associate a VPN instance with a tunnel policy.

Use undo tnl-policy to restore the default.

Syntax

tnl-policy tunnel-policy-name

undo tnl-policy

Default

No tunnel policy is associated with a VPN instance.

Views

VPN instance view

VPN instance IPv4 VPN view

VPN instance IPv6 VPN view

Predefined user roles

network-admin

Parameters

tunnel-policy-name: Specifies a tunnel policy by its name, a case-sensitive string of 1 to 19 characters.

Usage guidelines

The VPN instance uses the specified tunnel policy to select tunnels for traffic.

If a VPN instance is not associated with any tunnel policies or the associated tunnel policy is not configured, the VPN instance selects tunnels according to the default tunnel policy. The default tunnel policy selects only one tunnel in this order: LSP tunnel, GRE tunnel, CRLSP tunnel, and SRLSP tunnel.

A tunnel policy specified in VPN instance view applies to both the IPv4 VPN and the IPv6 VPN. A tunnel policy specified in VPN instance IPv4 VPN view applies only to the IPv4 VPN. A tunnel policy specified in VPN instance IPv6 VPN view applies only to the IPv6 VPN.

IPv4 VPN prefers the tunnel policy specified in VPN instance IPv4 VPN view over the tunnel policy specified in VPN instance view.

IPv6 VPN prefers the tunnel policy specified in VPN instance IPv6 VPN view over the tunnel policy specified in VPN instance view.

Examples

# Associate VPN instance vpn1 with tunnel policy po1.

<Sysname> system-view

[Sysname] tunnel-policy po1

[Sysname-tunnel-policy-po1] select-seq lsp load-balance-number 1

[Sysname-tunnel-policy-po1] quit

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] route-distinguisher 22:33

[Sysname-vpn-instance-vpn1] tnl-policy po1

[Sysname-vpn-instance-vpn1] quit

Related commands

tunnel-policy

update-first route-policy(BGP VPNv4 address family view)

Use update-first route-policy to configure BGP to send withdrawal messages of routes matching the specified routing policy prior to other routes.

Use undo update-first route-policy to restore the default.

Syntax

update-first route-policy route-policy-name

undo update-first route-policy

Default

BGP does not send withdrawal messages of any routes prior to other routes.

Views

BGP VPNv4 address family view

Predefined user roles

network-admin

Parameters

route-policy-name: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.

Usage guidelines

This command enables BGP to send the withdrawal messages of specific routes prior to other routes. This can achieve fast route switchover and reduce the traffic interruption time.

Examples

# In BGP VPNv4 address family view, configure BGP to send withdrawal messages of routes matching routing policy test-policy prior to other routes.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family vpnv4

[Sysname-bgp-default-vpnv4] update-first route-policy test-policy

Related commands

default-route update-first (Layer 3—IP Routing Command Reference)

route-policy (Layer 3—IP Routing Command Reference)

vpn popgo

Use vpn popgo to specify the VPN label processing mode as POPGO forwarding on an egress PE. In POPGO forwarding mode, the egress PE pops the label for each packet and forwards the packet out of the interface corresponding to the label.

Use undo vpn popgo to restore the default.

Syntax

vpn popgo

undo vpn popgo

Default

The VPN label processing mode is POP forwarding on an egress PE, which will pop the label for each packet and forward the packet through the FIB table.

Views

BGP instance view

Predefined user roles

network-admin

Usage guidelines

After you execute the vpn popgo command, the egress PE disconnects and re-establishes BGP sessions to re-learn VPN routes, and it does not support load sharing among VPN BGP peers.

The vpn popgo and label-allocation-mode per-vrf commands are mutually exclusive. Do not configure both modes in a BGP instance.

Examples

# Specify the VPN label processing mode on the egress PE as POPGO forwarding.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] vpn popgo

Related commands

label-allocation-mode (Layer 3—IP Routing Command Reference)

vpn-id

Use vpn-id to configure a VPN ID for a VPN instance.

Use undo vpn-id to restore the default.

Syntax

vpn-id vpn-id

undo vpn-id

Default

No VPN ID is configured for a VPN instance.

Views

VPN instance view

Predefined user roles

network-admin

Parameters

vpn-id: Specifies a VPN ID for the VPN instance, a string of 3 to 15 characters in the form of OUI:Index. The OUI is a hexadecimal number in the range of 0 to FFFFFF, and the index is a hexadecimal number in the range of 0 to FFFFFFFF.

Usage guidelines

A VPN ID uniquely identifies a VPN instance. Different VPN instances must have different VPN IDs.

A VPN ID cannot be 0:0.

Examples

# Configure VPN ID 20:1 for VPN instance vpn1.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] vpn-id 20:1

Related commands

display ip vpn-instance

vpn-route cross multipath

Use vpn-route cross multipath to enable ECMP VPN route redistribution.

Use undo vpn-route cross multipath to disable ECMP VPN route redistribution.

Syntax

vpn-route cross multipath

undo vpn-route cross multipath

Default

ECMP VPN route redistribution is disabled. If multiple routes have the same prefix and RD, a VPN redistributes only the optimal route to its routing table.

Views

BGP IPv4 unicast address family view

BGP-VPN IPv4 unicast address family view

Predefined user roles

network-admin

Usage guidelines

This feature enables a VPN instance to redistribute multiple routes that have the same prefix and RD into its routing table. Then, you can configure load sharing among the ECMP routes or MPLS L3VPN FRR.

Examples

# In BGP-VPN IPv4 unicast address family view, enable ECMP route redistribution.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] ip vpn-instance vpn1

[Sysname-bgp-default-vpn1] address-family ipv4

[Sysname-bgp-default-ipv4-vpn1] vpn-route cross multipath

vpn-target

Use vpn-target to configure route targets for a VPN instance.

Use undo vpn-target to remove the specified or all route targets of a VPN instance.

Syntax

vpn-target vpn-target&<1-8> [ both | export-extcommunity | import-extcommunity ]

undo vpn-target { all | vpn-target&<1-8> [ both | export-extcommunity | import-extcommunity ] }

Default

No route targets are configured for a VPN instance.

Views

VPN instance view

VPN instance IPv4 VPN view

IPv4 flowspec VPN view

VPN instance IPv6 VPN view

Predefined user roles

network-admin

Parameters

vpn-target&<1-8>: Specifies a space-separated list of up to eight route targets.

A route target is a string of 3 to 21 characters in one of the following formats:

· 16-bit AS number:32-bit user-defined number. For example, 101:3.

· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.

· 32-bit AS number:16-bit user-defined number, where the AS number must not be less than 65536. For example, 65536:1.

both: Uses the specified route targets as both import targets and export targets. The both keyword is also used when you do not specify any of the following keywords: both, export-extcommunity, and import-extcommunity.

export-extcommunity: Uses the specified route targets as export targets.

import-extcommunity: Uses the specified route targets as import targets.

all: Removes all route targets.

Usage guidelines

MPLS L3VPN uses route targets to control the advertisement of VPN routing information. A PE adds the configured export targets into the route target attribute of routes advertised to a peer. The peer uses the local import targets to match the route targets of received routes. If a match is found, the peer adds the routes to the routing table of the VPN instance.

You can repeat the vpn-target command to configure multiple route targets.

Route targets configured in VPN instance view applies to the IPv4 VPN, the IPv4 flowspec VPN, and the IPv6 VPN. Route targets configured in VPN instance IPv4 VPN view apply only to the IPv4 VPN. Route targets configured in IPv4 flowspec VPN view apply only to the IPv4 flowspec VPN. Route targets configured in VPN instance IPv6 VPN view apply only to the IPv6 VPN.

IPv4 VPN prefers the route targets configured in VPN instance IPv4 VPN view over those configured in VPN instance view.

IPv4 flowspec VPN prefers the route targets configured in IPv4 flowspec VPN view over those configured in VPN instance view.

IPv6 VPN prefers the route targets configured in VPN instance IPv6 VPN view over those configured in VPN instance view.

Examples

# Configure route targets for VPN instance vpn1.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] vpn-target 3:3 export-extcommunity

[Sysname-vpn-instance-vpn1] vpn-target 4:4 import-extcommunity

[Sysname-vpn-instance-vpn1] vpn-target 5:5 both

IPv6 MPLS L3VPN commands

This chapter describes only IPv6 MPLS L3VPN-specific commands. For information about the commands available for both IPv4 MPLS L3VPN and IPv6 MPLS L3VPN, see "MPLS L3VPN commands."

address-family ipv6 (VPN instance view)

Use address-family ipv6 to enter VPN instance IPv6 VPN view.

Use undo address-family ipv6 to remove all configurations from VPN instance IPv6 VPN view.

Syntax

address-family ipv6

undo address-family ipv6

Views

VPN instance view

Predefined user roles

network-admin

Usage guidelines

In VPN instance IPv6 VPN view, you can configure IPv6 VPN parameters such as inbound and outbound routing policies.

Examples

# Enter VPN instance IPv6 VPN view.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] address-family ipv6

[Sysname-vpn-ipv6-vpn1]

Related commands

address-family ipv4 (VPN instance view)

address-family vpnv6

Use address-family vpnv6 to create the BGP VPNv6 address family and enter its view, or enter the view of the existing BGP VPNv6 address family.

Use undo address-family vpnv6 to remove the BGP VPNv6 address family and all configurations in address family view.

Syntax

address-family vpnv6

undo address-family vpnv6

Default

The BGP VPNv6 address family is not created.

Views

BGP instance view

Predefined user roles

network-admin

Usage guidelines

A VPNv6 address consists of an RD and an IPv6 prefix. In IPv6 MPLS L3VPNs, PEs exchange BGP VPNv6 routes.

For a PE to exchange BGP VPNv6 routes with a BGP peer, you must enable that peer by executing the peer enable command in BGP VPNv6 address family view.

In BGP VPNv6 address family view, you can configure the following settings:

· BGP VPNv6 route attributes, such as the preferred value.

· Whether to allow the local AS number to appear in the AS_PATH attribute of received route updates.

Examples

# Create the BGP VPNv6 address family and enter its view.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family vpnv6

[Sysname-bgp-default-vpnv6]

disable-dn-bit-check

Use disable-dn-bit-check to ignore the DN bit in OSPFv3 LSAs.

Use undo disable-dn-bit-check to restore the default.

Syntax

disable-dn-bit-check

undo disable-dn-bit-check

Default

A PE checks the DN bit in OSPFv3 LSAs.

Views

OSPFv3 view

Predefined user roles

network-admin

Usage guidelines

When a PE redistributes BGP routes into OSPFv3 and creates OSPFv3 LSAs, it sets the DN bit for the LSAs. When receiving the LSAs whose DN bit is set, the other PEs ignore the LSAs in route calculation to avoid routing loops.

If all LSAs from other PEs, including the LSAs whose DN bit is set, are required for route calculation, use the disable-dn-bit-check command to ignore the DN bit.

Before using this command, make sure it does not cause any routing loops.

This command takes effect only for a VPN OSPFv3 process that is not configured with the vpn-instance-capability simple command.

Examples

# Ignore the DN bit in LSAs for VPN OSPFv3 process 100.

<Sysname> system-view

[Sysname] ospfv3 100 vpn-instance vpn1

[Sysname-ospfv3-100] disable-dn-bit-check

Related commands

disable-dn-bit-set

display ospfv3 (Layer 3—IP Routing Command Reference)

disable-dn-bit-set

Use disable-dn-bit-set to disable setting the DN bit in OSPFv3 LSAs.

Use undo disable-dn-bit-set to restore the default.

Syntax

disable-dn-bit-set

undo disable-dn-bit-set

Default

When a PE redistributes BGP routes into OSPFv3 and creates OSPFv3 LSAs, it sets the DN bit for the LSAs.

Views

OSPFv3 view

Predefined user roles

network-admin

Usage guidelines

If other PEs require all LSAs from a local PE for route calculation, use the disable-dn-bit-set command to disable setting the DN bit in the LSAs.

Before using this command, make sure it does not cause any routing loops.

This command takes effect only for a VPN OSPFv3 process that is not configured with the vpn-instance-capability simple command.

Examples

# Disable setting the DN bit in LSAs for VPN OSPFv3 process 100.

<Sysname> system-view

[Sysname] ospfv3 100 vpn-instance vpn1

[Sysname-ospfv3-100] disable-dn-bit-set

Related commands

disable-dn-bit-check

display ospfv3 (Layer 3—IP Routing Command Reference)

display bgp routing-table vpnv6

Use display bgp routing-table vpnv6 to display BGP VPNv6 routing information.

Syntax

display bgp [ instance instance-name ] routing-table vpnv6 [ [ route-distinguisher route-distinguisher ] [ ipv6-address prefix-length [ advertise-info ] | as-path-acl as-path-acl-number | community-list { { basic-community-list-number | comm-list-name } [ whole-match ] | adv-community-list-number } ] | peer ipv4-address { advertised-routes | received-routes } [ ipv6-address prefix-length | statistics ] | statistics ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

instance instance-name: Specifies a BGP instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a BGP instance, this command displays BGP VPNv6 routes in the default BGP instance.

route-distinguisher route-distinguisher: Specifies an RD, a string of 3 to 21 characters in one of the following formats:

· 16-bit AS number:32-bit user-defined number. For example, 101:3.

· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.

· 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1.

ipv6-address prefix-length: Displays detailed information about the BGP VPNv6 route that exactly matches the specified network address and prefix length. The prefix length is in the range of 0 to 128. If you do not specify this argument, the command displays brief information about all BGP VPNv6 routes.

advertise-info: Displays BGP VPNv6 route advertisement information.

as-path-acl as-path-acl-number: Displays BGP VPNv6 routes that match the AS path list specified by its number in the range of 1 to 256.

community-list: Displays BGP VPNv6 routes that match a BGP community list.

basic-community-list-number: Specifies a basic community list by its number in the range of 1 to 99.

comm-list-name: Specifies a community list by its name, a case-sensitive string of 1 to 63 characters.

whole-match: Displays BGP VPNv6 routes exactly matching the specified community list. If you do not specify this keyword, the command displays BGP VPNv6 routes whose COMMUNITY attributes include the specified community list.

adv-community-list-number: Specifies an advanced community list by its number in the range of 100 to 199.

peer: Displays BGP VPNv6 routing information advertised to or received from a peer.

ipv4-address: Specifies the peer IP address.

advertised-routes: Displays BGP VPNv6 routing information advertised to the specified peer.

received-routes: Displays BGP VPNv6 routing information received from the specified peer.

statistics: Displays BGP VPNv6 routing statistics.

Usage guidelines

If you do not specify any parameters, this command displays brief information about all BGP VPNv6 routes.

Examples

# Display brief information about all BGP VPNv6 routes in the default BGP instance.

<Sysname> display bgp routing-table vpnv6

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

a – additional-path

Origin: i - IGP, e - EGP, ? - incomplete

Total number of VPN routes: 5

Total number of routes from all PEs: 1

Route distinguisher: 100:1(vpn1)

Total number of routes: 4

* > Network : 2001:1:: PrefixLen : 96

NextHop : :: LocPrf :

PrefVal : 32768 OutLabel : NULL

MED : 0

Path/Ogn: ?

* e Network : 2001:1:: PrefixLen : 96

NextHop : 2001:1::1 LocPrf :

PrefVal : 0 OutLabel : NULL

MED : 0

Path/Ogn: 65410?

* > Network : 2001:1::2 PrefixLen : 128

NextHop : ::1 LocPrf :

PrefVal : 32768 OutLabel : NULL

MED : 0

Path/Ogn: ?

* >i Network : 2001:3:: PrefixLen : 96

NextHop : ::FFFF:3.3.3.9 LocPrf : 100

PrefVal : 0 OutLabel : 1279

MED : 0

Path/Ogn: ?

Route distinguisher: 200:1

Total number of routes: 1

* >i Network : 2001:3:: PrefixLen : 96

NextHop : ::FFFF:3.3.3.9 LocPrf : 100

PrefVal : 0 OutLabel : 1279

MED : 0

Path/Ogn: ?

# Display information about BGP VPNv6 routes matching AS_PATH list 1 in the default BGP instance.

<Sysname> display bgp routing-table vpnv6 as-path-acl 1

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

a – additional-path

Origin: i - IGP, e - EGP, ? - incomplete

Total number of VPN routes: 5

Total number of routes from all PEs: 1

Route distinguisher: 100:1(vpn1)

Total number of routes: 4

* > Network : 2001:1:: PrefixLen : 96

NextHop : :: LocPrf :

PrefVal : 32768 OutLabel : NULL

MED : 0

Path/Ogn: ?

* e Network : 2001:1:: PrefixLen : 96

NextHop : 2001:1::1 LocPrf :

PrefVal : 0 OutLabel : NULL

MED : 0

Path/Ogn: 65410?

* > Network : 2001:1::2 PrefixLen : 128

NextHop : ::1 LocPrf :

PrefVal : 32768 OutLabel : NULL

MED : 0

Path/Ogn: ?

* >i Network : 2001:3:: PrefixLen : 96

NextHop : ::FFFF:3.3.3.9 LocPrf : 100

PrefVal : 0 OutLabel : 1279

MED : 0

Path/Ogn: ?

Route distinguisher: 200:1

Total number of routes: 1

* >i Network : 2001:3:: PrefixLen : 96

NextHop : ::FFFF:3.3.3.9 LocPrf : 100

PrefVal : 0 OutLabel : 1279

MED : 0

Path/Ogn: ?

# Display information about BGP VPNv6 routes matching BGP community list 100 in the default BGP instance.

<Sysname> display bgp routing-table vpnv6 community-list 100

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

a – additional-path

Origin: i - IGP, e - EGP, ? - incomplete

Total number of VPN routes: 5

Total number of routes from all PEs: 1

Route distinguisher: 100:1(vpn1)

Total number of routes: 4

* > Network : 2001:1:: PrefixLen : 96

NextHop : :: LocPrf :

PrefVal : 32768 OutLabel : NULL

MED : 0

Path/Ogn: ?

* e Network : 2001:1:: PrefixLen : 96

NextHop : 2001:1::1 LocPrf :

PrefVal : 0 OutLabel : NULL

MED : 0

Path/Ogn: 65410?

* > Network : 2001:1::2 PrefixLen : 128

NextHop : ::1 LocPrf :

PrefVal : 32768 OutLabel : NULL

MED : 0

Path/Ogn: ?

* >i Network : 2001:3:: PrefixLen : 96

NextHop : ::FFFF:3.3.3.9 LocPrf : 100

PrefVal : 0 OutLabel : 1279

MED : 0

Path/Ogn: ?

Route distinguisher: 200:1

Total number of routes: 1

* >i Network : 2001:3:: PrefixLen : 96

NextHop : ::FFFF:3.3.3.9 LocPrf : 100

PrefVal : 0 OutLabel : 1279

MED : 0

Path/Ogn: ?

# Display information about public BGP VPNv6 routes advertised to 3.3.3.9 in the default BGP instance.

<Sysname> display bgp routing-table vpnv6 peer 3.3.3.9 advertised-routes

Total number of routes: 1

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

a – additional-path

Origin: i - IGP, e - EGP, ? - incomplete

Route distinguisher: 100:1

Total number of routes: 1

* > Network : 2001:1:: PrefixLen : 96

NextHop : :: LocPrf :

MED : 0 OutLabel : NULL

Path/Ogn: ?

# Display information about public BGP VPNv6 routes received from 3.3.3.9 in the default BGP instance.

<Sysname> display bgp routing-table vpnv6 peer 3.3.3.9 received-routes

Total number of routes: 1

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

a – additional-path

Origin: i - IGP, e - EGP, ? - incomplete

Route distinguisher: 200:1

Total number of routes: 1

* >i Network : 2001:3:: PrefixLen : 96

NextHop : ::FFFF:3.3.3.9 LocPrf : 100

PrefVal : 0 OutLabel : 1279

MED : 0

Path/Ogn: ?

Table 15 Command output

Field	Description
BGP local router ID	Router ID of the local BGP router.
Status codes	Route status codes: · * - valid—Valid route. · > - best—Common optimal route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route. · a - additional-path—Add-Path optimal route.
Origin	Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols.
Total number of VPN routes	Total number of VPNv6 routes on the device.
Total number of routes from all PEs	Total number of VPNv6 routes from all PEs.
Network	Network address.
PrefixLen	Prefix length.
NextHop	Address of the next hop.
LocPrf	Local preference value.
PrefVal	Preferred value.
MED	MULTI_EXIT_DISC attribute.
Path/Ogn	AS_PATH and Origin attributes.

# Display detailed information about BGP VPNv6 routes to 2::/64 in the default BGP instance.

<Sysname> display bgp routing-table vpnv6 2:: 64

BGP local router ID: 192.168.1.135

Local AS number: 200

Paths: 2 available, 1 best

BGP routing table information of 2::/64:

From : 10.1.1.1 (192.168.1.136)

Rely nexthop : ::FFFF:10.1.1.1

Original nexthop: ::FFFF:10.1.1.1

Out interface : GigabitEthernet3/1/1

Route age : 01h26m11s

OutLabel : NULL

RxPathID : 0x0

TxPathID : 0x0

AS-path : 100

Origin : igp

Attribute value : MED 0, pref-val 0

State : valid, external, best

IP precedence : N/A

QoS local ID : N/A

Traffic index : N/A

Tunnel policy : NULL

Rely tunnel IDs : N/A

Backup route.

From : 1::1 (192.168.1.136)

Rely nexthop : 1::1

Original nexthop: 1::1

Out interface : GigabitEthernet3/1/2

Route age : 01h26m11s

OutLabel : NULL

RxPathID : 0x0

TxPathID : 0x0

AS-path : 100

Origin : igp

Attribute value : MED 0, pref-val 0

State : valid, external

IP precedence : N/A

QoS local ID : N/A

Traffic index : N/A

Tunnel policy : NULL

Rely tunnel IDs : N/A

Table 16 Command output

Field	Description
BGP local router ID	Router ID of the local BGP router.
Paths	Number of routes: · available—Available routes. · best—Optimal routes.
BGP routing table information of 2::/64	Routing information for the BGP routes to 2::/64.
From	IP address of the BGP peer that advertises the route.
Rely Nexthop	Recursive next hop. If no recursive next hop is found, this field displays not resolved.
Original nexthop	Original next hop. If the route is learned from a BGP update, it is the next hop in the update message.
Out interface	Next hop output interface information.
Route age	Time elapsed since the most recent route update.
RxPathID	Received Add-Path ID of the route.
TxPathID	Advertised Add-Path ID of the route.
Origin	Route origin: · igp—Originated in the AS. The origin of routes advertised by the network command is IGP. · egp—Learned through EGP. · incomplete—Redistributed from IGP protocols.
Attribute value	BGP route attribute information: · MED—MED attribute. · localpref—Local preference. · pref-val—Preferred value. · pre—Protocol preference.
State	Route status: · valid—Valid route. · internal—Internal route. · external—External route. · local—Locally generated route. · best—Optimal route.
IP precedence	IP priority of a route, in the range of 0 to 7. N/A indicates that the route does not support this field.
QoS local ID	QoS local ID attribute of a route, in the range of 1 to 4095. N/A indicates that the route does not support this field.
Traffic index	Index of the traffic, in the range of 1 to 64. N/A indicates that the route does not support this field.
Tunnel policy	Tunnel policy that takes effect. NULL indicates that no tunnel policy takes effect.
Rely Tunnel IDs	NHLFE IDs for tunnels found through route recursion. This field displays multiple NHLFE IDs if ECMP tunnels exist and displays N/A if route recursion does not occur.

# Display advertisement information for BGP VPNv6 routes to 2001:1::/96 in the default BGP instance.

<Sysname> display bgp routing-table vpnv6 2001:1:: 96 advertise-info

BGP local router ID: 1.1.1.9

Local AS number: 100

Route distinguisher: 100:1

Total number of routes: 1

Paths: 1 best

BGP routing table information of 2001:1::/96(TxPathID:0):

Advertised to VPN peers (1 in total):

3.3.3.9

Inlabel : 1279

Table 17 Command output

Field	Description
Paths	Number of routes to the specified destination network.
BGP routing table information of 2001:1::/96(TxPathID:0)	Advertisement information for the BGP route to 2001:1::/96.
Advertised to VPN peers (1 in total)	VPNv6 peers to which the route is advertised, and the number of peers.
Inlabel	Incoming label of the route.

# Display statistics about public BGP VPNv6 routes advertised to peer 3.3.3.9 in the default BGP instance.

<Sysname> display bgp routing-table vpnv6 peer 3.3.3.9 advertised-routes statistics

Advertised routes total: 2

# Display statistics about public BGP VPNv6 routes received from peer 3.3.3.9 in the default BGP instance.

<Sysname> display bgp routing-table vpnv6 peer 3.3.3.9 received-routes statistic

Received routes total: 2

Table 18 Command output

Field	Description
Advertised routes total	Total number of routes advertised to the specified peer.
Received routes total	Total number of routes received from the specified peer.

# Display statistics about public BGP VPNv6 routes in the default BGP instance.

<Sysname> display bgp routing-table vpnv6 statistics

Total number of VPN routes: 5

Total number of routes from all PEs: 1

Route distinguisher: 100:1(vpn1)

Total number of routes: 4

Route distinguisher: 200:1

Total number of routes: 1

Table 19 Command output

Field	Description
Total number of VPN routes	Total number of VPNv6 routes on the device.
Total number of routes from all PEs	Total number of VPNv6 routes from all PEs.
Total number of routes	Total number of VPNv6 routes with the specified RD.

Related commands

ip as-path (Layer 3—IP Routing Command Reference)

display bgp routing-table vpnv6 inlabel

Use display bgp routing-table vpnv6 inlabel to display incoming labels for all BGP VPNv6 routes.

Syntax

display bgp [ instance instance-name ] routing-table vpnv6 inlabel

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

Examples

# Display incoming labels for all BGP VPNv6 routes.

<Sysname> display bgp routing-table vpnv6 inlabel

Total number of routes: 1

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

a – additional-path

Origin: i - IGP, e - EGP, ? - incomplete

Route distinguisher: 100:1

Total number of routes: 1

* > Network : 2001:1:: PrefixLen : 96

NextHop : :: OutLabel : NULL

InLabel : 1279

Table 20 Command output

Field	Description
BGP local router ID	Router ID of the local BGP router.
Status codes	Route status codes: · * - valid—Valid route. · > - best—Common optimal route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route. · a - additional-path—Add-Path optimal route.
Origin	Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols.
OutLabel	Outgoing label. If the peer PE assigns a null label, this field displays NULL.
InLabel	Incoming label.

display bgp routing-table vpnv6 outlabel

Use display bgp routing-table vpnv6 outlabel to display outgoing labels for BGP VPNv6 routes.

Syntax

display bgp [ instance instance-name ] routing-table vpnv6 outlabel

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

Examples

# Display outgoing labels for all BGP VPNv6 routes in the default BGP instance.

<Sysname> display bgp routing-table vpnv6 outlabel

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

a – additional-path

Origin: i - IGP, e - EGP, ? - incomplete

Total number of routes from all PEs: 1

Route distinguisher: 100:1(vpn1)

Total number of routes: 1

* >i Network : 2001:3:: PrefixLen : 96

NextHop : ::FFFF:3.3.3.9 OutLabel : 1279

Route distinguisher: 200:1

Total number of routes: 1

* >i Network : 2001:3:: PrefixLen : 96

NextHop : ::FFFF:3.3.3.9 OutLabel : 1279

Table 21 Command output

Field	Description
BGP local router ID	Router ID of the local BGP router.
Status	Route status codes: · * - valid—Valid route. · > - best—Common optimal route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route. · a - additional-path—Add-Path optimal route.
Origin	Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols.
OutLabel	Outgoing label. If the peer PE assigns a null label, this field displays NULL.

display ospfv3 sham-link

Use display ospfv3 sham-link to display OSPFv3 sham link information.

Syntax

display ospfv3 [ process-id ] [ area area-id ] sham-link [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

process-id: Specifies an OSPFv3 process by its ID. The process ID is in the range of 1 to 65535. If you do not specify a process, this command displays sham link information for all OSPFv3 processes.

area area-id: Specifies an OSPFv3 area by its ID, which is an IP address, or an integer. The integer is in the range of 0 to 4294967295. If you do not specify an area, this command displays sham link information for all OSPFv3 areas.

verbose: Displays detailed sham link information. If you do not specify this keyword, the command displays brief sham link information.

Examples

# Display brief information about all OSPFv3 sham links.

<Sysname> display ospfv3 sham-link

OSPFv3 Process 1 with Router ID 125.0.0.1

Sham-link (Area: 0.0.0.1)

Neighbor ID State Instance ID Destination address

0.0.0.0 Down 1 1:1::58

95.0.0.1 P-2-P 1 1:1::95

# Display detailed information about all OSPFv3 sham links.

<Sysname> display ospfv3 sham-link verbose

OSPFv3 Process 1 with Router ID 125.0.0.1

Sham-link (Area: 0.0.0.1)

Source : 1:1::125

Destination : 1:1::58

Interface ID: 2147483649

Neighbor ID : 0.0.0.0, Neighbor state: Down

Cost: 1 State: Down Type: Sham Instance ID: 1

Timers: Hello 10, Dead 40, Retransmit 5, Transmit delay 1

Request list: 0 Retransmit list: 0

Keychain authentication: Enabled (test), inherited

Source : 1:1::125

Destination : 1:1::95

Interface ID: 2147483650

Neighbor ID : 95.0.0.1, Neighbor state: Full

Cost: 1 State: P-2-P Type: Sham Instance ID: 1

Timers: Hello 10, Dead 40, Retransmit 5, Transmit delay 1

Request list: 0 Retransmit list: 0

IPsec profile name: profile001

Keychain authentication: Enabled (test)

Table 22 Command output

Field	Description
Neighbor state	Neighbor state for the sham link: Down, Init, 2-Way, ExStart, Exchange, Loading, or Full.
Request list	Number of LSAs in the request list.
Retransmit list	Number of LSAs in the retransmit list.
IPsec profile name	Name of the IPsec profile used by the sham link.
Keychain authentication: Enabled (test), inherited	Keychain authentication is enabled for the sham link, and the keychain test is used. The inherited attribute indicates that the sham link uses the authentication mode specified for the area where the sham link resides.

domain-id (OSPFv3 view)

Use domain-id to set an OSPFv3 domain ID.

Use undo domain-id to delete an OSPFv3 domain ID.

Syntax

domain-id { domain-id [ secondary ] | null }

undo domain-id [ domain-id | null ]

Default

The OSPFv3 domain ID is 0.

Views

OSPFv3 view

Predefined user roles

network-admin

Parameters

domain-id: Specifies an OSPFv3 domain ID, in one of the following formats:

· Integer, in the range of 0 to 4294967295. For example, 1.

· Dotted decimal notation. For example, 0.0.0.1.

· A string of 9 to 21 characters in the dotted decimal notation:16-bit user-defined number format. The value range for the 16-bit user-defined number is 0 to 65535. For example, 0.0.0.1:512.

secondary: Specifies a secondary domain ID. If you do not specify this keyword, the command specifies a primary domain ID.

null: Carries no domain ID in the community attribute.

Usage guidelines

When you redistribute OSPFv3 routes into BGP, BGP adds the primary domain ID to the redistributed BGP VPNv6 routes as a BGP extended community attribute. Then, BGP advertises the routes to the peer PE.

When the peer PE receives the routes, it compares the OSPFv3 domain ID in the routes with the locally configured primary and secondary domain IDs. OSPFv3 advertises these routes in Inter-Area-Prefix LSAs (Type 3 LSAs) if both the following conditions exist:

· The primary or secondary domain ID is the same as the received domain ID.

· The received routes are intra-area or inter-area routes.

Otherwise, OSPFv3 advertises these routes in AS External LSAs (Type 5 LSAs) or NSSA External LSAs (Type 7 LSAs).

A null domain ID and a domain ID of 0 are considered the same in domain ID comparison.

You cannot configure a secondary domain ID when the primary domain ID is configured as 0.

If you do not specify any parameters, the undo domain-id command restores the default.

This command takes effect only for a VPN OSPFv3 process that is not configured with the vpn-instance-capability simple command.

Examples

# Set the primary domain ID for VPN OSPFv3 process 100 to 1.1.1.1.

<Sysname> system-view

[Sysname] ospfv3 100 vpn-instance vpn1

[Sysname-ospfv3-100] domain-id 1.1.1.1

Related commands

display ospfv3 (Layer 3—IP Routing Command Reference)

ext-community-type (OSPFv3 view)

Use ext-community-type to configure the type code of an OSPFv3 extended community attribute.

Use undo ext-community-type to restore the default.

Syntax

ext-community-type { domain-id type-code1 | route-type type-code2 | router-id type-code3 }

undo ext-community-type [ domain-id | route-type | router-id ]

Default

The type codes for domain ID, route type, and router ID are hex numbers 0005, 0306, and 0107, respectively.

Views

OSPFv3 view

Predefined user roles

network-admin

Parameters

domain-id type-code1: Specifies the type code for domain ID. Valid values are hex numbers 0005, 0105, 0205, and 8005.

route-type type-code2: Specifies the type code for route type. Valid values are hex numbers 0306 and 8000.

router-id type-code3: Specifies the type code for router ID. Valid values are hex numbers 0107 and 8001.

Examples

# Configure the type codes of domain ID, route type, and router ID as hex numbers 8005, 8000, and 8001, respectively, for VPN OSPFv3 process 100.

<Sysname> system-view

[Sysname] ospfv3 100 vpn-instance vpn1

[Sysname-ospfv3-100] ext-community-type domain-id 8005

[Sysname-ospfv3-100] ext-community-type route-type 8000

[Sysname-ospfv3-100] ext-community-type router-id 8001

Related commands

display ospfv3 (Layer 3—IP Routing Command Reference)

peer default-route-advertise(BGP VPNv6 address family view)

Use peer default-route-advertise to advertise a default route to a peer or peer group.

Use undo peer default-route-advertise to disable default route advertisement to a peer or peer group.

Syntax

peer { group-name | ipv4-address [ mask-length ] } default-route-advertise vpn-instance vpn-instance-name

undo peer { group-name | ipv4-address [ mask-length ] } default-route-advertise vpn-instance vpn-instance-name

Default

No default route is advertised to a peer or peer group.

Views

BGP VPNv6 address family view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must have been created.

ipv4-address: Specifies a peer by its IPv4 address. The peer must have been created.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters.

Usage guidelines

This command enables the device to send a default route with the next hop being itself to the peer or peer group regardless of whether the default route exists in the routing table.

Examples

# In BGP VPNv6 address family view, advertise the default route of VPN instance vpn1 to peer group test.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family vpnv6

[Sysname-bgp-default-vpnv6] peer test default-route-advertise vpn-instance vpn1

peer next-hop-invariable (BGP VPNv6 address family view)

Use peer next-hop-invariable to configure the device to not change the next hop of routes advertised to peers.

Use undo peer next-hop-invariable to configure the device to use its address as the next hop of routes advertised to peers.

Syntax

peer { group-name | ipv4-address [ mask-length ] } next-hop-invariable

undo peer { group-name | ipv4-address [ mask-length ] } next-hop-invariable

Default

The device uses its address as the next hop of routes advertised to peers.

Views

BGP VPNv6 address family view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters.

ipv4-address: Specifies a peer by its IP address.

mask-length: Specifies a mask length in the range of 0 to 32. You can use the ipv4-address and mask-length arguments together to specify a network. If you specify a network in this command, the device does not change the next hop of routes advertised to the dynamic peers in the network.

Usage guidelines

On an RR in an inter-AS option C scenario, you must configure this command to not change the next hop of VPNv6 routes advertised to BGP peers and RR clients.

Examples

# Configure the device to not change the next hop of routes advertised to peer 1.1.1.1.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family vpnv6

[Sysname-bgp-default-vpnv6] peer 1.1.1.1 next-hop-invariable

peer upe (BGP VPNv6 address family view)

Use peer upe to configure BGP peers as HoVPN UPEs.

Use undo peer upe to delete HoVPN UPEs.

Syntax

peer { group-name | ipv4-address [ mask-length ] } upe

undo peer { group-name | ipv4-address [ mask-length ] } upe

Default

No BGP peer is configured as a UPE.

Views

BGP VPNv6 address family view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The specified peer group must exist.

ipv4-address: Specifies a peer by its IPv4 address. The specified peer must exist.

mask-length: Specifies a mask length in the range of 0 to 32. You can use the ipv4-address and mask-length arguments together to specify a subnet. If you specify a subnet, this command configures all dynamic peers in the subnet as UPEs.

Usage guidelines

A UPE is a special VPNv6 peer. It can accept one default route for each related VPN instance and routes permitted by the routing policy on the SPE. An SPE is a common VPN peer.

Examples

# In BGP VPNv6 address family view, configure peer 1.1.1.1 as a UPE.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family vpnv6

[Sysname-bgp-default-vpnv6] peer 1.1.1.1 upe

peer upe route-policy (BGP VPNv6 address family view)

Use peer upe route-policy to advertise routes permitted by a routing policy to UPEs.

Use undo peer upe route-policy to remove the configuration.

Syntax

peer { group-name | ipv4-address [ mask-length ] } upe route-policy route-policy-name export

undo peer { group-name | ipv4-address [ mask-length ] } upe route-policy route-policy-name export

Default

No routes are advertised to any peers.

Views

BGP VPNv6 address family view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must exist.

ipv4-address: Specifies a peer by its IPv4 address. The peer must exist.

mask-length: Specifies a mask length in the range of 0 to 32. You can use the ipv4-address and mask-length arguments together to specify a subnet. If you specify a subnet, this command advertises routes permitted by a routing policy to all dynamic peers in the subnet.

route-policy-name: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.

export: Applies the routing policy to filter routes to be advertised.

Usage guidelines

This command must be used with the peer upe command.

Examples

# In BGP VPNv6 address family view, configure peer 1.1.1.1 as a UPE, and advertise routes permitted by routing policy hope to peer 1.1.1.1.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] peer 1.1.1.1 as-number 200

[Sysname-bgp-default] address-family vpnv6

[Sysname-bgp-default-vpnv6] peer 1.1.1.1 enable

[Sysname-bgp-default-vpnv6] peer 1.1.1.1 upe

[Sysname-bgp-default-vpnv6] peer 1.1.1.1 upe route-policy hope export

Related commands

peer upe (BGP VPNv6 address family view)

route-policy (Layer 3—IP Routing Command Reference)

policy vpn-target

Use policy vpn-target to enable route target filtering of received VPNv6 routes. Only VPNv6 routes whose export route target attribute matches local import route target attribute are added to the routing table.

Use undo policy vpn-target to disable route target filtering, permitting all incoming VPNv6 routes.

Syntax

policy vpn-target

undo policy vpn-target

Default

The route target filtering feature is enabled for received VPNv6 routes.

Views

BGP VPNv6 address family view

Predefined user roles

network-admin

Usage guidelines

Examples

# Disable route target filtering of received VPNv6 routes.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family vpnv6

[Sysname-bgp-default-vpnv6] undo policy vpn-target

route-tag (OSPFv3 view)

Use route-tag to configure an external route tag for redistributed VPN routes.

Use undo route-tag to restore the default.

Syntax

route-tag tag-value

undo route-tag

Default

Views

OSPFv3 view

Predefined user roles

network-admin

Parameters

tag-value: Specifies the external route tag for redistributed VPN routes, in the range of 0 to 4294967295.

Usage guidelines

In a dual-homed scenario where OSPFv3 runs between the CE and the connected PEs (PE-A and PE-B, for example), you can use external route tags to avoid routing loops.

PE-A redistributes BGP VPNv6 routes from the peer PE into OSPFv3, and advertises these routes in the Type 5 or 7 LSAs to the CE. In these LSAs, PE-A adds the locally configured external route tag.

If the route-tag-check enable command is configured on the PE-B, it compares the external route tag in the receiving Type 5 or 7 LSAs with the locally configured tag. If they are the same, PE-B ignores the LSA in route calculation to avoid routing loops.

The commands used to configure the external route tag (in the descending order of tag priority) are as follows:

· import-route

· route-tag (for PEs) and default tag (for CEs and MCEs)

As a best practice, configure the same external route tag for PEs in the same area.

An external route tag is not transferred in any BGP extended community attribute. It takes effect only on PEs that receive BGP routes and generate OSPF Type 5 or 7 LSAs.

You can configure the same external route tag for different OSPF processes.

This command takes effect only for a VPN OSPFv3 process that is not configured with the vpn-instance-capability simple command.

Examples

# Set the external route tag for redistributed VPN routes to 100 for VPN OSPFv3 process 100.

<Sysname> system-view

[Sysname] ospfv3 100 vpn-instance vpn1

[Sysname-ospfv3-100] route-tag 100

Related commands

default tag (Layer 3—IP Routing Command Reference)

display ospfv3 (Layer 3—IP Routing Command Reference)

import-route (Layer 3—IP Routing Command Reference)

route-tag-check enable

Use route-tag-check enable to enable external route check for OSPFv3 LSAs.

Use undo route-tag-check enable to disable external route check for OSPFv3 LSAs.

Syntax

route-tag-check enable

undo route-tag-check enable

Default

The external route check feature is disabled for OSPFv3 LSAs.

Views

OSPFv3 view

Predefined user roles

network-admin

Usage guidelines

In a dual-homed scenario where OSPFv3 runs between the CE and the connected PEs (PE-A and PE-B, for example), you can use external route tags to avoid routing loops.

PE-A redistributes BGP VPNv6 routes from the peer PE into OSPFv3, and advertises these routes in the Type 5 or 7 LSAs to the CE. In these LSAs, PE-A adds the locally configured external route tag.

If external route check for OSPFv3 LSAs is enabled on PE-B, it compares the external route tag in the receiving Type 5 or 7 LSAs with the locally configured tag. If they are the same, PE-B ignores the LSA in route calculation to avoid routing loops.

Use the external route tag check feature only when the device does not support the DN bit. Otherwise, use the DN bit to avoid routing loops.

This command takes effect only for a VPN OSPFv3 process that is not configured with the vpn-instance-capability simple command.

Examples

# Enable external route check in OSPFv3 LSAs for VPN OSPFv3 process 100.

<Sysname> system-view

[Sysname] ospfv3 100 vpn-instance vpn1

[Sysname-ospfv3-100] route-tag-check enable

Related commands

display ospfv3 (Layer 3—IP Routing Command Reference)

route-tag

rr-filter (BGP VPNv6 address family view)

Use rr-filter to create an RR reflection policy.

Use undo rr-filter to restore the default.

Syntax

rr-filter ext-comm-list-number

undo rr-filter

Default

An RR does not filter reflected routes.

Views

BGP VPNv6 address family view

Predefined user roles

network-admin

Parameters

ext-comm-list-number: Specifies an extended community list number in the range of 1 to 199.

Usage guidelines

After this command is executed, only the VPNv6 routes that are permitted by the specified extended community list are reflected.

By configuring different RR reflection policies on RRs in a cluster, you can implement load balancing among the RRs.

For more information about extended community lists, see Layer 3—IP Routing Configuration Guide.

Examples

# Configure the RR to reflect only VPNv6 routes that are permitted by extended community list 10.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family vpnv6

[Sysname-bgp-default-vpnv6] rr-filter 10

Related commands

ip extcommunity-list (Layer 3—IP Routing Command Reference)

sham-link (OSPFv3 area view)

Use sham-link to create an OSPFv3 sham link.

Use undo sham-link to remove an OSPFv3 sham link or restore the defaults of specified parameters for an OSPFv3 sham link.

Syntax

Default

No OSPFv3 sham links exist.

Views

OSPFv3 area view

Predefined user roles

network-admin

Parameters

source-ipv6-address: Specifies the source IPv6 address of the sham link.

destination-ipv6-address: Specifies the destination IPv6 address of the sham link.

cost cost-value: Specifies the cost of the sham link, in the range of 1 to 65535. The default cost is 1.

dead dead-interval: Specifies the dead interval in the range of 1 to 32768 seconds. The default is 40 seconds. The dead interval configured on each end of the sham link must be identical, and it must be at least four times the hello interval.

hello hello-interval: Specifies the interval for sending hello packets, in the range of 1 to 8192 seconds. The default is 10 seconds. The hello interval configured on each end of the sham link must be identical.

instance instance-id: Specifies the instance ID of the sham link, in the range of 0 to 255. The default value is 0.

ipsec-profile profile-name: Specifies the IPsec profile for the sham link. The profile-name argument specifies the profile by its name, a case-insensitive string of 1 to 63 characters.

keychain: Specifies keychain authentication for the sham link.

keychain-name: Specifies a keychain by its name, a case-sensitive string of 1 to 63 characters.

retransmit retrans-interval: Specifies the interval for retransmitting LSAs, in the range of 1 to 3600 seconds. The default is 5 seconds.

trans-delay delay: Specifies the delay interval before the interface sends an LSA, in the range of 1 to 3600 seconds. The default is 1 second.

Usage guidelines

The authentication mode specified for an OSPFv3 sham link has a higher priority than the authentication mode specified for the area where the sham link resides. If no authentication mode is specified for the sham link, the authentication mode specified for the area applies.

When keychain authentication is configured for an OSPFv3 sham link, OSPFv3 performs the following operations before sending a packet:

1. Obtains a valid send key from the keychain.

OSPFv3 does not send the packet if it fails to obtain a valid send key.

2. Uses the key ID, authentication algorithm, and key string to authenticate the packet.

If the authentication fails, OSPFv3 does not send the packet.

When keychain authentication is configured for an OSPFv3 sham link, OSPFv3 performs the following operations after receiving a packet:

1. Uses the key ID carried in the packet to obtain a valid accept key from the keychain.

OSPFv3 discards the packet if it fails to obtain a valid accept key.

2. Uses the authentication algorithm and key string for the valid accept key to authenticate the packet.

If the authentication fails, OSPFv3 discards the packet.

OSPFv3 supports only the HMAC-SM3 and HMAC-SHA-256 authentication algorithms.

The ID of keys used for authentication can only be in the range of 0 to 65535.

Examples

# Create a sham link with the source address 1::1 and destination address 2::2.

<Sysname> system-view

[Sysname] ospfv3 100 vpn-instance vpn1

[Sysname-ospfv3-100] area 0

[Sysname-ospfv3-100-area-0.0.0.0] sham-link 1::1 2::2

Related commands

display ospfv3 sham-link

update-first route-policy (BGP VPNv6 address family view)

Use update-first route-policy to configure BGP to send withdrawal messages of routes matching the specified routing policy prior to other routes.

Use undo update-first route-policy to restore the default.

Syntax

update-first route-policy route-policy-name

undo update-first route-policy

Default

BGP does not send withdrawal messages of any routes prior to other routes.

Views

BGP VPNv6 address family view

Predefined user roles

network-admin

Parameters

route-policy-name: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.

Usage guidelines

This command enables BGP to send the withdrawal messages of specific routes prior to other routes. This can achieve fast route switchover and reduce the traffic interruption time.

Examples

# In BGP VPNv6 address family view, configure BGP to send withdrawal messages of routes matching routing policy test-policy prior to other routes.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family vpnv6

[Sysname-bgp-default-vpnv6] update-first route-policy test-policy

Related commands

default-route update-first

route-policy (Layer 3—IP Routing Command Reference)

vpn-route cross multipath

Use vpn-route cross multipath to enable ECMP VPN route redistribution.

Use undo vpn-route cross multipath to disable ECMP VPN route redistribution.

Syntax

vpn-route cross multipath

undo vpn-route cross multipath

Default

ECMP VPN route redistribution is disabled. If multiple routes have the same prefix and RD, a VPN redistributes only the optimal route to its routing table.

Views

BGP IPv6 unicast address family view

BGP-VPN IPv6 unicast address family view

Predefined user roles

network-admin

Usage guidelines

Examples

# In BGP-VPN IPv6 unicast address family view, enable ECMP route redistribution.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] ip vpn-instance vpn1

[Sysname-bgp-default-vpn1] address-family ipv6

[Sysname-bgp-default-ipv6-vpn1] vpn-route cross multipath

09-MPLS Command Reference

description (VPN instance view)

display bgp routing-table vpnv4 outlabel

display ip vpn-instance

domain-id (OSPF view)

ext-community-type (OSPF view)

import route-policy

ip vpn-instance (system view)

peer default-route-advertise (BGP VPNv4 address family view)

peer next-hop-invariable (BGP VPNv4 address family view)

peer upe (BGP VPNv4 address family view)

peer upe route-policy (BGP VPNv4 address family view)

route-distinguisher (VPN instance view)

route-tag (OSPF view)

sham-link (OSPF area view)

snmp-agent trap enable l3vpn

update-first route-policy(BGP VPNv4 address family view)

domain-id (OSPFv3 view)

ext-community-type (OSPFv3 view)

peer next-hop-invariable (BGP VPNv6 address family view)

route-tag (OSPFv3 view)

sham-link (OSPFv3 area view)

Intelligent Terminal Products

Product Support Services

Technical Service Solutions

Resource Center

Policy

Online Help

Become a Partner

Partner Policy & Program

Global Learning

Partner Sales Resources

Service Business

News & Events

Contact Us