Hardware series	Model	Interface backup compatibility
WX1800H series	WX1804H WX1810H WX1820H WX1840H	Yes
WX3800H series	WX3820H WX3840H	No
WX5800H series	WX5860H	No

backup interface

Use backup interface to specify a backup interface for an interface.

Use undo backup interface to remove a backup interface.

Syntax

backup interface interface-type interface-number [ priority ]

undo backup interface interface-type interface-number

Default

An interface does not have backup interfaces.

Views

Interface view

Predefined user roles

network-admin

Parameters

interface-type interface-number: Specifies a backup interface by its type and number.

priority: Assigns a priority to the backup interface. The value range is 0 to 255, and the default is 0. The greater the value, the higher the priority.

Usage guidelines

Use this command on the primary interface to specify its backup interfaces. If you also configure the traffic thresholds, the primary and backup interfaces operate in load balancing mode. If you do not configure the traffic thresholds, the primary and backup interfaces operate in strict active/standby mode.

Backup interface priority is used for interface backup to make interface activation or deactivation decisions when the primary interface fails or is overloaded. Backup interfaces are activated in descending order of priority, with the highest-priority interface deactivated first. In contrast, they are deactivated in ascending order of priority, with the lowest-priority interface deactivated first.

Once a backup interface is activated to forward traffic, only the primary interface can preempt it. A higher-priority backup interface cannot preempt a lower-priority backup interface that has taken over the primary interface.

Use Table 1 when you configure primary and backup interfaces.

Table 1 Restrictions on the primary and backup interfaces

Item	Restrictions
Backup interfaces/primary interface	3.
Configuration restrictions	· An interface can only be the backup of one interface. · A primary interface cannot be configured as a backup interface at the same time. · A main interface and its subinterfaces cannot be the backup of each other. · The primary and backup interfaces cannot be members of a logical link. For example, they cannot be members of a Layer 3 aggregation group.

Item

Restrictions

Backup interfaces/primary interface

Configuration restrictions

· An interface can only be the backup of one interface.

· A primary interface cannot be configured as a backup interface at the same time.

· A main interface and its subinterfaces cannot be the backup of each other.

· The primary and backup interfaces cannot be members of a logical link. For example, they cannot be members of a Layer 3 aggregation group.

This command and the backup track command are mutually exclusive.

· If you have configured the backup interface command on the primary interface, you cannot configure the backup track command on the primary or backup interface.

· If you have associated a backup interface with a track entry, you cannot configure the backup interface command on it or specify it as a backup interface by using the backup interface command.

Examples

# Specify GigabitEthernet 1/0/6 as a backup interface of GigabitEthernet 1/0/5, with a priority of 50.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/5

[Sysname-GigabitEthernet1/0/5] backup interface gigabitethernet 1/0/6 50

Related commands

backup track

backup threshold

Use backup threshold to configure traffic thresholds on a primary interface for load sharing.

Use undo backup threshold to restore the default.

Syntax

backup threshold upper-threshold lower-threshold

undo backup threshold

Default

No traffic thresholds are configured.

Views

Interface view

Predefined user roles

network-admin

Parameters

upper-threshold: Specifies the upper threshold as a percentage of bandwidth available on the primary interface. The value range is 1 to 99.

lower-threshold: Specifies the lower threshold as a percentage of bandwidth available on the primary interface. The value range is 1 to 99.

NOTE:

To set the bandwidth used for load sharing calculation in this command, use the bandwidth command on the primary interface.

Usage guidelines

Before you can use this command on an interface, you must specify at least one backup interface for the interface.

This command enables a primary interface and its backup interfaces to be load shared. In load sharing mode, interface backup regularly compares the amount of traffic with the thresholds.

· When the amount of traffic on the primary interface exceeds the upper threshold, the backup interfaces are activated to share load in descending order of backup priority.

· When the total amount of traffic on all the load-shared interfaces drops below the lower threshold, the backup interfaces are deactivated in ascending order of priority. To prevent link flapping from causing frequent interface switchovers, H3C recommends that you configure the lower threshold smaller than half of the upper threshold.

· When the primary interface goes down, the active/standby mode applies. Only the highest-priority interface is activated.

You can configure the traffic polling interval by using the backup timer flow-check command.

NOTE:

· "Traffic" on an interface refers to the amount of incoming or outgoing traffic, whichever is higher.

· If two backup interfaces have the same priority, the one configured first has preference.

Examples

# On GigabitEthernet 1/0/5, set the upper and lower traffic thresholds to 80 and 20, respectively.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/5

[Sysname-GigabitEthernet1/0/5] backup threshold 80 20

Related commands

· backup interface

· backup timer flow-check

backup timer delay

Use backup timer delay to set interface state switchover delay timers on a primary interface.

Use undo backup timer delay to restore the default.

Syntax

backup timer delay up-delay down-delay

undo backup timer delay

Default

Both up and down delay timers are 5 seconds.

Views

Interface view

Predefined user roles

network-admin

Parameters

up-delay: Specifies the number of seconds that the primary or backup interface must wait before it can come up. The value range is 1 to 65535 seconds.

down-delay: Specifies the number of seconds that the active primary or backup interface must wait before it is set to down state. The value range is 1 to 65535 seconds.

Usage guidelines

Before you can use this command on an interface, you must specify at least one backup interface for the interface.

The switchover delay mechanism prevents link flapping from causing frequent interface switchovers. When the link of the active interface fails, the interface state does not change immediately. Instead, a down delay timer starts. If the link recovers before the timer expires, the interface state does not change. If the link is still down when the timer expires, the interface state changes to down.

Examples

# Specify GigabitEthernet 1/0/6 as a backup of GigabitEthernet 1/0/5, and set both up and down delay timers to 10 seconds.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/5

[Sysname-GigabitEthernet1/0/5] backup interface gigabitethernet 1/0/6

[Sysname-GigabitEthernet1/0/5] backup timer delay 10 10

Related commands

backup interface

backup timer flow-check

Use backup timer flow-check to configure the traffic polling interval on a primary interface.

Use undo backup timer flow-check to restore the default.

Syntax

backup timer flow-check interval

undo backup timer flow-check

Default

The traffic polling interval is 30 seconds.

Views

Interface view

Predefined user roles

network-admin

Parameters

interval: Specifies a traffic polling interval in the range of 30 to 600 seconds.

Usage guidelines

Before you can use this command on an interface, you must specify at least one backup interface for the interface.

This command takes effect when the primary and backup interfaces operate in load sharing mode. Interface backup compares the amount of traffic with the thresholds at this interval to determine whether to activate or deactivate a backup interface.

Examples

# Set the traffic polling interval to 60 seconds on GigabitEthernet 1/0/5.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/5

[Sysname-GigabitEthernet1/0/5] backup timer flow-check 60

Related commands

backup interface

backup track

Use backup track to associate a backup interface with a track entry.

Use undo backup track to remove the association.

Syntax

backup track track-entry-number

undo backup track

Default

An interface is not associated with a track entry.

Views

Interface view

Predefined user roles

network-admin

Parameters

track-entry-number: Specifies a track entry ID in the range of 1 to 1024.

Usage guidelines

To change the state of a backup interface response to the link state of the primary interface, use this command. For the setting to work, you must configure the track entry to monitor the state of the primary link. For more information about configuring a track entry, see High Availability Configuration Guide.

You can associate an interface with only one track entry.

You can create the associated track entry before or after the association. The association takes effect after the track entry is created.

To maintain performance, limit the number of associations to 64.

This command and the backup interface command are mutually exclusive.

· If you have configured the backup interface command on the primary interface, you cannot configure the backup track command on the primary or backup interface.

· If you have associated a backup interface with a track entry, you cannot configure the backup interface command on it or specify it as a backup interface by using the backup interface command.

Examples

# Associate GigabitEthernet 1/0/5 with track entry 1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/5

[Sysname-GigabitEthernet1/0/5] backup track 1

Related commands

backup interface

display interface-backup state

Use display interface-backup state to display state information for primary and backup interfaces.

Syntax

display interface-backup state

Views

Any view

Predefined user roles

network-admin

network-operator

Examples

# Display state information for primary and backup interfaces.

<Sysname> display interface-backup state

Interface: GE1/0/5

UpDelay: 10 s

DownDelay: 5 s

Upper threshold: 80

Lower threshold: 20

State: DOWN

Backup interfaces:

GE1/0/6 Priority: 30 State: UP_DELAY

Table 2 Command output

Field	Description
Interface	Name of the primary interface.
UpDelay	The number of seconds that elapse after the primary interface goes down before the backup interface is activated.
DownDelay	The number of seconds that elapse after the primary interface comes up before the backup interface is deactivated.
Upper threshold	The upper traffic threshold specified as a percentage of bandwidth available on the primary interface. When the traffic on the primary interface exceeds the upper threshold, the backup interfaces are activated to share load in descending order of backup priority.
Lower threshold	The lower traffic threshold specified as a percentage of bandwidth available on the primary interface. When the total amount of traffic on all the load-shared interfaces drops below the lower threshold, the backup interfaces are deactivated in ascending order of priority.
State	State of the primary interface: UP—The interface is operating correctly. DOWN—The interface is down and cannot forward traffic. UP_DELAY—The interface has recovered, and it is waiting to preempt the active backup interface. DOWN_DELAY—The interface has failed, and it is waiting to be taken over by a backup interface. During this period, packet loss occurs on the primary interface. The interface can forward traffic only when it is in UP state.
Backup interfaces	Backup interfaces assigned to the primary interface.
Priority	Priority of the backup interface.
State	State of the backup interface: · UP—The interface has taken over the primary interface to forward traffic. · DOWN—The interface is down and cannot forward traffic. · UP_DELAY—The backup interface is waiting to take over the primary interface. · DOWN_DELAY—The interface is waiting to be preempted by the primary interface that has recovered. · STANDBY—The interface is on standby while the primary interface is operating correctly. The interface can forward traffic only when it is in UP state.

display interface-backup statistics

Use display interface-backup statistics to display traffic statistics for load-shared interfaces.

Syntax

display interface-backup statistics

Views

Any view

Predefined user roles

network-admin

network-operator

Examples

# Display traffic statistics for load-shared interfaces.

<Sysname> display interface-backup statistics

Interface: GigabitEthernet1/0/6

Statistics interval: 30 s

Bandwidth: 100000000 bps

ActiveTotalIn: 102 bytes

ActiveTotalOut: 108 bytes

ActiveIntervalIn: 102 bytes

ActiveIntervalOut: 108 bytes

Active used bandwidth: 28 bps

TotalIn: 102 bytes

TotalOut: 108 bytes

TotalIntervalIn: 102 bytes

TotalIntervalOut: 108 bytes

Total used bandwidth: 28 bps

Table 3 Command output

Field	Description
Interface	Name of the primary interface.
Statistics interval	Traffic polling interval, in seconds.
Bandwidth	Expected bandwidth (in bps) of the primary interface. This bandwidth is used for load sharing computation. You can use the bandwidth command in interface view to set its value.
PrimaryTotalIn	Cumulative sum of incoming bytes on the primary interface at the most recent traffic polling.
PrimaryTotalOut	Cumulative sum of outgoing bytes on the primary interface at the most recent traffic polling.
PrimaryIntervalIn	Number of incoming bytes on the primary interface for the most recent polling interval.
PrimaryIntervalOut	Number of outgoing bytes on the primary interface for the most recent polling interval.
Primary used bandwidth	The primary interface's used bandwidth that was counted in load sharing computation.
TotalIn	Cumulative sum of incoming bytes on the load-shared primary and backup interfaces at the most recent traffic polling.
TotalOut	Cumulative sum of outgoing bytes on the load-shared primary and backup interfaces at the most recent traffic polling.
TotalIntervalIn	Number of incoming bytes on the load-shared primary and backup interfaces for the most recent polling interval.
TotalIntervalOut	Number of outgoing bytes on the load-shared primary and backup interfaces for the most recent polling interval.
Total used bandwidth	Total used bandwidth (in bps) of the load-shared primary and backup interfaces for the most recent polling interval.

Track commands

delay

Use delay to set the period of time that the Track module must wait before notifying the application module of track entry state changes.

Use undo delay to remove the notification delay configuration.

Syntax

delay { negative negative-time | positive positive-time } *

undo delay

Default

The Track module notifies the application module immediately when the track entry state changes.

Views

Track view

Predefined user roles

network-admin

Parameters

negative negative-time: Specifies the delay for notifying the application module that the track entry state has changed to negative. The negative-time argument represents the negative state notification delay in the range of 1 to 300 seconds.

positive positive-time: Specifies the delay for notifying the application module that the track entry state has changed to positive. The positive-time argument represents the positive state notification delay in the range of 1 to 300 seconds.

Usage guidelines

If the Track module immediately notifies the application module of a track entry state change but the route convergence is not complete, a communication failure might occur. In such cases, you can set a notification delay to avoid immediate notification of track entry status changes.

The notification delay settings do not take effect if the track entry is not associated with an application module.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Set the negative state notification delay to 50 seconds and the positive state notification delay to 30 seconds for Boolean OR tracked list 101.

<Sysname> system-view

[Sysname] track 101 list boolean or

[Sysname-track-101] delay negative 50 positive 30

Related commands

· track interface

· track ip route reachability

· track list boolean

· track list threshold percentage

· track list threshold weight

· track nqa

display track

Use display track to display track entry information.

Syntax

display track { track-entry-number | all [ negative | positive ] } [ brief ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

track-entry-number: Specifies the track entry ID in the range of 1 to 1024.

all: Specifies all track entries.

negative: Displays track entries in Negative state.

positive: Displays track entries in Positive state.

brief: Displays brief information about track entries.

Examples

# Display information about all track entries.

<Sysname> display track all

Track ID: 1

State: Positive

Duration: 0 days 0 hours 0 minutes 7 seconds

Tracked object type: NQA

Notification delay: Positive 20, Negative 30 (in seconds)

Tracked object:

NQA entry: admin test

Reaction: 10

Remote IP/URL: 2.2.2.2

Local IP: 1.1.1.1

Interface: GigabitEthernet1/0/1

Tracked by:

Track-list 6

Track-list 7

Track ID: 2

State: Negative

Duration: 0 days 0 hours 0 minutes 32 seconds

Notification delay: Positive 20, Negative 30 (in seconds)

Tracked object:

Interface: Vlan-interface3

Protocol: IPv4

Tracked by:

Track-list 6

Track-list 7

Track ID: 3

State: Positive

Duration: 0 days 0 hours 0 minutes 32 seconds

Tracked object type: Percentage threshold list

Notification delay: Positive 20, Negative 30 (in seconds)

Threshold: Positive 40, Negative 30

Percentage of positive objects: 50%

Tracked objects:

Object 1: Positive

Object 3: Negative

Track ID: 4

State: Positive

Duration: 0 days 0 hours 0 minutes 32 seconds

Tracked object type: Weight threshold list

Notification delay: Positive 20, Negative 30 (in seconds)

Threshold: Positive 50, Negative 30

Positive weight/total weight: 50/80

Tracked objects:

Object 1: Positive, Weight: 50

Object 3: Negative, Weight: 30

Track ID: 5

State: Positive

Duration: 0 days 0 hours 0 minutes 32 seconds

Tracked object type: Boolean and list

Notification delay: Positive 20, Negative 30 (in seconds)

Tracked objects:

Object 1: Positive

Object 3: Negative(not)

Object 10: NotReady(not)

# Display brief information about track entries in negative state.

<Sysname> display track all negative brief

ID Status Type Remote IP/URL Local IP Interface

1 Negative Interface -- -- GE1/0/1

10 Negative Interface -- -- GE1/0/2

12 Negative List -- -- --

Table 4 Command output

Field	Description
Track ID	ID of a track entry.
State	States of a track entry: · Positive—The tracked object operates correctly. · NotReady—The tracked object is invalid. · Negative—The tracked object is abnormal.
Duration	Time period during which the track entry stays in the state.
Type	Tracked object type: · Interface. · NQA. · List—Tracked list. This field is displayed only when the display track brief command is executed.
Tracked object type	Tracked object type: · Interface. · NQA. · Boolean and list—Boolean AND list. · Boolean or list—Boolean OR list. · Percentage threshold list. · Weight threshold list.
Notification delay: Positive 20, Negative 30 (in seconds)	· The Track module notifies the application modules that the status of the track entry changes to Positive after a delay time of 20 seconds. · The Track module notifies the application modules that the status of the track entry changes to Negative after a delay time of 30 seconds.
Threshold: Positive 40, Negative 30	Positive and negative state thresholds. This field is displayed only when the tracked object type is Percentage threshold list or Weight threshold list.
Percentage of positive objects	Percentage of positive objects in the tracked list. This field is displayed only when the tracked object type is Percentage threshold list.
Positive weight/total weight: 50/80	Weight of positive objects to the total weight of all objects in the tracked list. This field is displayed only when the tracked object type is Weight threshold list.
Tracked object	Tracked object associated with the track entry.
NQA entry	NQA operation associated with the track entry.
Reaction	Reaction entry associated with the track entry.
IP route	Route associated with the track entry.
Remote IP/URL	Remote IP address or URL. If no remote IP address or URL exists, two consecutive hyphens (--) are displayed.
Local IP	Local IP address. If no local IP address exists, two consecutive hyphens (--) are displayed.
Interface	Interface to be monitored. If no interface is to be monitored, two consecutive hyphens (--) are displayed.
Protocol	Protocol type of the route. This field displays N/A if the route does not exist.
Nexthop interface	Next hop of the route. This field displays N/A if the route does not exist.
Object 10 : Positive	State of a tracked object: Positive, NotReady, or Negative. If the tracked object type is Weight threshold list, the weight of the object is also displayed. If the (not) attribute is displayed, the tracked list will negate the state of the object.
Tracked by	Other track entries that are tracking the object. This field is not displayed if the object type is tracked list.

Related commands

· track interface

· track interface protocol

· track ip route reachability

· track nqa

object

Use object to add a track entry as an object to a tracked list.

Use undo object remove an object from a tracked list

Syntax

object track-entry-number [ not ] [ weight weight ]

undo object track-entry-number

Default

A tracked list does not contain any objects.

Views

Track view

Predefined user roles

network-admin

Parameters

track-entry-number: Specifies a track entry by its ID in the range of 1 to 1024.

not: Negates the state of the object. For example, the tracked list regards the object as negative when the object is in positive state. This keyword is supported only by a Boolean list.

weight weight: Assigns a weight to the object, in the range of 1 to 255. This keyword is supported only by a weight threshold list. The default weight is 10.

Usage guidelines

The track entry ID of the object cannot be the same as the ID of the tracked list to which the object is added.

You can add a maximum of 16 objects to a tracked list.

Loops between track entries are not allowed. For example, after you add track entry 1 (object 1) to tracked list 2 and track entry 2 (object 2) to tracked list 3, you cannot add track entry 3 (object 3) to tracked list 1 because a loop will be created.

Examples

# Create Boolean AND list 100 and add track entries 1 and 2 as tracked objects to the list.

<Sysname> system-view

[Sysname] track 100 list boolean and

[Sysname-track-101] object 1

[Sysname-track-101] object 2 not

Related commands

· track list boolean

· track list threshold percentage

· track list threshold weight

threshold percentage

Use threshold percentage to set the threshold values used to determine the state of a percentage threshold list.

Use undo threshold percentage to restore the default.

Syntax

threshold percentage { negative negative-threshold | positive positive-threshold } *

undo threshold percentage

Default

The negative state threshold is 0% and the positive state threshold is 1%.

Views

Track view

Predefined user roles

network-admin

Parameters

negative negative-threshold: Specifies the negative state threshold, in the range of 1 to 100. The percentage of negative objects must be equal to or smaller than the configured negative state threshold for the tracked list to be set to the negative state.

positive positive-threshold: Specifies the positive state threshold in the range of 1 to 100. The percentage of positive objects must be equal to or greater than the configured positive state threshold for the tracked list to be set to the positive state. The positive-threshold must be greater than the negative-threshold.

Usage guidelines

The state of a percentage threshold list remains unchanged in the following conditions:

· The percentage of positive objects is smaller than the positive state threshold value.

· The percentage of negative objects is greater than the negative state threshold value.

This command is supported only by a percentage threshold list.

Examples

# Set the negative state threshold to 30% and the positive state threshold to 50% for percentage threshold list 1.

<Sysname> system-view

[Sysname] track 1 list threshold percentage

[Sysname-track-1] threshold percentage negative 30 positive 50

Related commands

track list threshold percentage

threshold weight

Use threshold weight to set the threshold values used to determine the state of a weight threshold list.

Use undo threshold weight to restore the default.

Syntax

threshold weight { negative negative-threshold | positive positive-threshold } *

undo threshold weight

Default

The negative state threshold is 0 and the positive state threshold is 1.

Views

Track view

Predefined user roles

network-admin

Parameters

negative negative-threshold: Specifies the negative state threshold in the range of 0 to 255. The total weight of negative objects must be equal to or smaller than the configured negative state threshold for the tracked list to be set to the negative state.

positive positive-threshold: Specifies the positive state threshold in the range of 0 to 255. The total weight of positive objects must be equal to or greater than the configured positive state threshold for the tracked list to be set to the positive state. The positive-threshold must be greater than the negative-threshold.

Usage guidelines

The state of a weight threshold list remains unchanged in the following conditions:

· The total weight of positive objects is smaller than the positive state threshold value.

· The total weight of negative objects is greater than the negative state threshold value.

This command is supported only by a weight threshold list.

Examples

# Set the negative state threshold to 30 and the positive state threshold to 50 for weight threshold list 1.

<Sysname> system-view

[Sysname] track 1 list threshold weight

[Sysname-track-1] threshold weight negative 30 positive 50

Related commands

track list threshold weight

track interface

Use track interface to create a track entry to monitor the link state of an interface and enter track entry view, or enter the view of an existing track entry.

Use undo track to remove the track entry and all configurations from its view.

Syntax

track track-entry-number interface interface-type interface-number

undo track track-entry-number

Default

No track entries exist.

Views

System view

Predefined user roles

network-admin

Parameters

track-entry-number: Specifies the track entry ID in the range of 1 to 1024.

interface-type interface-number: Specifies an interface by its type and number.

Usage guidelines

To create a track entry, you must specify the tracked object type, which is interface in this command.

To enter the view of an existing track entry, use the track track-entry-number command. The tracked object type is not required.

To modify the settings for a track entry, execute the undo track command to remove the track entry, and then execute the track interface command again.

For a track entry that monitors the link status of an interface, the track entry state changes as follows:

· The track entry state is positive if the link state of the interface is up.

· The track entry state is negative if the link state of the interface is down.

To display the link state of an interface, use the display ip interface brief command.

Examples

# Create track entry 1 to monitor the link state of VLAN-interface 10 and enter track entry view.

<Sysname> system-view

[Sysname] track 1 interface vlan-interface 10

[Sysname-track-1]

Related commands

· delay

· display track

· display ip interface brief (Layer 3—IP Services Command Reference)

track interface physical

Use track interface physical to create a track entry to monitor the physical state of an interface and enter track entry view, or enter the view of an existing track entry.

Use undo track to remove the track entry and all configurations from its view.

Syntax

track track-entry-number interface interface-type interface-number physical

undo track track-entry-number

Default

No track entries exist.

Views

System view

Predefined user roles

network-admin

Parameters

track-entry-number: Specifies the track entry ID in the range of 1 to 1024.

interface-type interface-number: Specifies an interface by its type and number.

Usage guidelines

To create a track entry, you must specify the tracked object type, which is interface physical in this command.

To enter the view of an existing track entry, use the track track-entry-number command. The tracked object type is not required.

To modify the settings for a track entry, execute the undo track command to remove the track entry, and then execute the track interface physical command again.

Examples

# Create track entry 1 to monitor the physical state of GigabitEthernet 1/0/1 and enter track entry view.

<Sysname> system-view

[Sysname] track 1 interface gigabitethernet 1/0/1 physical

[Sysname-track-1]

Related commands

delay

track interface protocol

Use track interface protocol to create a track entry to monitor the protocol state of an interface and enter track entry view, or enter the view of an existing track entry.

Use undo track to remove the track entry and all configurations from its view.

Syntax

track track-entry-number interface interface-type interface-number protocol { ipv4 | ipv6 }

undo track track-entry-number

Default

No track entries exist.

Views

System view

Predefined user roles

network-admin

Parameters

track-entry-number: Specifies the track entry ID in the range of 1 to 1024.

interface-type interface-number: Specifies an interface by its type and number.

ipv4: Monitors the IPv4 protocol state. When the IPv4 protocol state of the interface is up, the state of the track object is Positive. When the IPv4 protocol state of the interface is down, the state of the track object is Negative. To display the IPv4 protocol state of an interface, use the display ip interface brief command.

ipv6: Monitors the IPv6 protocol state. When the IPv6 protocol state of the interface is up, the state of the track object is Positive. When the IPv6 protocol state of the interface is down, the state of the track object is Negative. To display the IPv6 protocol state of an interface, use the display ipv6 interface brief command.

Usage guidelines

To create a track entry, you must specify the tracked object type, which is interface protocol in this command.

To enter the view of an existing track entry, use the track track-entry-number command. The tracked object type is not required.

To modify the settings for a track entry, execute the undo track command to remove the track entry, and then execute the track interface protocol command again.

Examples

# Create track entry 1 to monitor the IPv4 protocol state of VLAN-interface 2 and enter track entry view.

<Sysname> system-view

[Sysname] track 1 interface vlan-interface 2 protocol ipv4

[Sysname-track-1]

Related commands

· delay

· display track

· display ip interface brief (Layer 3—IP Services Command Reference)

· display ipv6 interface brief (Layer 3—IP Services Command Reference)

track ip route reachability

Use track ip route reachability to create a track entry to monitor the reachability of an IP route and enter track entry view, or enter the view of an existing track entry.

Use undo track to remove the track entry and all configurations from its view.

Syntax

track track-entry-number ip route ip-address { mask-length | mask } reachability

undo track track-entry-number

Default

No track entries exist.

Views

System view

Predefined user roles

network-admin

Parameters

track-entry-number: Specifies the track entry ID in the range of 1 to 1024.

ip-address: Specifies the destination IP address of the route in dotted decimal notation.

mask-length: Specifies the mask length of the route in the range of 0 to 32.

mask: Specifies the subnet mask of route in dotted decimal notation.

Usage guidelines

To create a track entry, you must specify the tracked object type, which is ip route reachability in this command.

To enter the view of an existing track entry, use the track track-entry-number command. The tracked object type is not required.

To modify the settings for a track entry, execute the undo track command to remove the track entry, and then execute the track ip route reachability command again.

Route management does not immediately notify the Track module of the route status changes when the following conditions are met:

· An active/standby device switchover or a RIB process switchover has occurred.

· The status of the monitored route is changed before the routing protocol completes the graceful restart.

You can resolve the problem by configuring the nonstop routing feature.

Examples

# Create track entry 1 to monitor the status of IP route 10.1.1.0/24 and enter track entry view.

<Sysname> system-view

[Sysname] track 1 ip route 10.1.1.0 24 reachability

[Sysname-track-1]

Related commands

· delay

· display ip route (Layer 3—IP Routing Command Reference)

· display track

track list boolean

Use track list boolean to create a Boolean tracked list and enter its view, or enter the view of an existing tracked list.

Use undo track to remove the tracked list and all configurations from its view.

Syntax

track track-entry-number list boolean { and | or }

undo track track-entry-number

Default

No tracked lists exist.

Views

System view

Predefined user roles

network-admin

Parameters

track-entry-number: Specifies an ID for the tracked list in the range of 1 to 1024.

and: Calculates the tracked list state by using the Boolean AND operation.

or: Calculates the tracked list state by using the Boolean OR operation.

Usage guidelines

The state of a Boolean list is determined by the tracked object states based on the Boolean AND or Boolean OR operation.

· Boolean AND list—The tracked list is set to the positive state only when all objects are in positive state. If one or more objects are in negative state, the tracked list is set to the negative state.

· Boolean OR list—The tracked list is set to the positive state if any object is in positive state. If all objects are in negative state, the tracked list is set to the negative state.

To create a track entry, you must specify the tracked object type, which is list boolean in this command.

To enter the view of an existing track entry, use the track track-entry-number command. The tracked object type is not required.

To modify the settings for a track entry, execute the undo track command to remove the track entry, and then execute the track list boolean command again.

Examples

# Create Boolean OR list 101 and enter its view.

<Sysname> system-view

[Sysname] track 101 list boolean or

[Sysname-track-101]

Related commands

· delay

· object

track list threshold percentage

Use track list threshold percentage to create a percentage threshold tracked list and enter its view, or enter the view of an existing tracked list.

Use undo track to remove the tracked list and all configurations from its view.

Syntax

track track-entry-number list threshold percentage

undo track track-entry-number

Default

No tracked lists exist.

Views

System view

Predefined user roles

network-admin

Parameters

track-entry-number: Specifies an ID for the tracked list in the range of 1 to 1024.

Usage guidelines

The state of a percentage threshold list is determined by comparing the percentage of positive and negative objects in the list with the percentage thresholds configured for the list.

To configure the threshold values used to determine the state of a percentage threshold list, use the threshold percentage command.

To create a track entry, you must specify the tracked object type, which is list threshold percentage in this command.

To enter the view of an existing track entry, use the track track-entry-number command. The tracked object type is not required.

To modify the settings for a track entry, execute the undo track command to remove the track entry, and then execute the track list threshold percentage command again.

Examples

# Create percentage threshold list 101 and enter its view.

<Sysname> system-view

[Sysname] track 101 list threshold percentage

[Sysname-track-101]

Related commands

· delay

· object

· threshold percentage

track list threshold weight

Use track list threshold weight to create a weight threshold tracked list and enter its view, or enter the view of an existing tracked list.

Use undo track to remove the tracked list and all configurations from its view.

Syntax

track track-entry-number list threshold weight

undo track track-entry-number

Default

No tracked lists exist.

Views

System view

Predefined user roles

network-admin

Parameters

track-entry-number: Specifies an ID for the tracked list in the range of 1 to 1024.

Usage guidelines

The state of a weight threshold list is determined by comparing the weight of positive and negative objects in the list with the weight thresholds configured for the list.

To configure the threshold values used to determine the state of a weight threshold list, use the threshold weight command.

To create a track entry, you must specify the tracked object type, which is list threshold weight in this command.

To enter the view of an existing track entry, use the track track-entry-number command. The tracked object type is not required.

To modify the settings for a track entry, execute the undo track command to remove the track entry, and then execute the track list threshold weight command again.

Examples

# Create weight threshold tracked list 101 and enter its view.

<Sysname> system-view

[Sysname] track 101 list threshold weight

[Sysname-track-101]

Related commands

· delay

· object

· threshold weight

track nqa

Use track nqa to create a track entry to monitor the reaction entry of an NQA operation and enter track entry view, or enter the view of an existing track entry..

Use undo track to remove the track entry and all configurations from its view.

Syntax

track track-entry-number nqa entry admin-name operation-tag reaction item-number

undo track track-entry-number

Default

No track entries exist.

Views

System view

Predefined user roles

network-admin

Parameters

track-entry-number: Specifies the track entry ID in the range of 1 to 1024.

entry admin-name operation-tag: Specifies an NQA operation. The admin-name argument is a case-insensitive string of 1 to 32 characters that specifies the name of the administrator who created the NQA operation. The operation-tag argument is a case-insensitive string of 1 to 32 characters that specifies the NQA operation tag.

reaction item-number: Specifies a reaction entry of the NQA operation. The item-number argument specifies the reaction entry ID in the range of 1 to 10.

Usage guidelines

To create a track entry, you must specify the tracked object type, which is nqa in this command.

To enter the view of an existing track entry, use the track track-entry-number command. The tracked object type is not required.

To modify the settings for a track entry, execute the undo track command to remove the track entry, and then execute the track nqa command again.

Examples

# Create track entry 1 to monitor reaction entry 3 of NQA operation admin-test and enter track entry view.

<Sysname> system-view

[Sysname] track 1 nqa entry admin test reaction 3

[Sysname-track-1]

Related commands

· delay

· display track

Load balancing commands

The following compatibility matrix shows the support of hardware platforms for load balancing:

Hardware series	Model	Load balancing compatibility
WX1800H	WX1804H WX1810H WX1820H WX1840H	Yes
WX3800H	WX3820H WX3840H	No
WX5800H	WX5860H	No

activate

Use activate to set the criteria to determine whether a link group is available.

Use undo activate to restore the default.

Syntax

activate lower lower-percentage upper upper-percentage

undo activate

Default

A link group is available when a minimum of one link is available.

Views

Link group view

Predefined user roles

network-admin

Parameters

lower lower-percentage: Specifies the lower percentage value in the range of 1 to 99.

upper upper-percentage: Specifies the upper percentage value in the range of 1 to 99. The upper percentage value must be greater than or equal to the lower percentage value.

Usage guidelines

When the percentage of available links in a primary link group is smaller than the lower percentage value, the primary link group becomes unavailable. Then the backup link group takes over. When the percentage of available links in a primary link group is greater than the upper percentage value, the primary link group becomes available again to process services.

If no backup link group is configured on the virtual server, this configuration does not take effect.

Examples

# Set the lower percentage value to 20 and upper percentage value to 80 for the link group lg.

<Sysname> system-view

[Sysname] loadbalance link-group lg

[Sysname-lb-lgroup-lg] activate lower 20 upper 80

bandwidth busy-protection enable (transparent DNS proxy view)

Use bandwidth busy-protection enable to enable the link protection feature for a transparent DNS proxy.

Use undo bandwidth busy-protection enable to disable the link protection feature for a transparent DNS proxy.

Syntax

bandwidth busy-protection enable

undo bandwidth busy-protection enable

Default

The link protection feature is disabled for a transparent DNS proxy.

Views

Transparent DNS proxy view

Predefined user roles

network-admin

Usage guidelines

This feature enables a transparent DNS proxy to select a DNS server from the DNS server pool based on the link bandwidth ratio. If the bandwidth ratio of a link exceeds the specified value, the corresponding DNS server is not selected.

If the link bandwidth ratio of all DNS servers in the DNS server pool exceeds the specified value, the link protection feature is automatically disabled. If the link bandwidth ratio of any DNS server drops below the specified value, the link protection feature is automatically enabled, and the corresponding DNS server is selected.

Examples

# Enable the link protection feature for transparent DNS proxy dns-proxy1.

<Sysname> system-view

[Sysname] loadbalance dns-proxy dns-proxy1

[Sysname-lb-dp-udp-dns-proxy1] bandwidth busy-protection enable

Related commands

bandwidth busy-rate

bandwidth busy-protection enable (virtual server view)

Use bandwidth busy-protection enable to enable the link protection feature.

Use undo bandwidth busy-protection enable to disable the link protection feature.

Syntax

bandwidth busy-protection enable

undo bandwidth busy-protection enable

Default

The link protection feature is disabled.

Views

Virtual server view

Predefined user roles

network-admin

Usage guidelines

The link protection feature takes effect only when bandwidth statistics collection by interfaces is enabled.

Examples

# Enable the link protection feature for the link-IP-type virtual server vs3.

<Sysname>system-view

[Sysname] virtual-server vs3 type link-ip

[Sysname-vs-link-ip-vs3] bandwidth busy-protection enable

Related commands

bandwidth interface statistics enable

bandwidth busy-rate

Use bandwidth busy-rate to set the bandwidth ratio for an LB link.

Use undo bandwidth busy-rate to restore the default.

Syntax

bandwidth [ inbound | outbound ] busy-rate busy-rate-number [ recovery recovery-rate-number ]

undo bandwidth [ inbound | outbound ] busy-rate

Default

The bandwidth ratio is 70.

Views

LB link view

Predefined user roles

network-admin

Parameters

inbound: Specifies the inbound bandwidth ratio.

outbound: Specifies the outbound bandwidth ratio.

busy-rate-number: Specifies bandwidth ratio in the range of 1 to 100.

recovery recovery-rate-number: Specifies bandwidth recovery ratio in the range of 1 to 100. By default, if the bandwidth ratio is greater than 10, the bandwidth recovery ratio equals the bandwidth ratio minus 10; if the bandwidth ratio is smaller than or equal to 10, the bandwidth recovery ratio equals the bandwidth ratio.

Usage guidelines

If the bandwidth of an LB link exceeds the maximum expected bandwidth multiplied by the bandwidth ratio, the LB link is busy and will not be selected. If the bandwidth of the LB link drops below the maximum expected bandwidth multiplied by the bandwidth recovery ratio, the LB link participates in scheduling again.

If you do not specify the inbound or outbound keyword, this command sets the total bandwidth ratio.

The bandwidth ratio equals the current bandwidth divided by the maximum bandwidth of the LB link. If the maximum bandwidth is not limited, the supported maximum bandwidth is used for calculating the bandwidth ratio.

The bandwidth recovery ratio must be smaller than or equal to the bandwidth ratio of an LB link.

This command takes effect only on new sessions and does not take effect on existing sessions.

Examples

# Set the total bandwidth ratio and bandwidth recovery ratio for the LB link lk1 to 90 and 85.

<Sysname> system-view

[Sysname] loadbalance link lk1

[Sysname-lb-link-link1] bandwidth busy-rate 90 recovery 85

Related commands

display loadbalance link

max-bandwidth

bandwidth interface statistics enable

Use bandwidth interface statistics enable to enable bandwidth statistics collection by interfaces.

Use undo bandwidth interface statistics enable to disable bandwidth statistics collection by interfaces.

Syntax

bandwidth interface statistics enable

undo bandwidth interface statistics enable

Default

Bandwidth statistics collection by interfaces is disabled.

Views

Virtual server view

Predefined user roles

network-admin

Examples

# Enable bandwidth statistics collection by interfaces for the link-IP-type virtual server vs3.

<Sysname> system-view

[Sysname] virtual-server vs3 type link-ip

[Sysname-vs-link-ip-vs3] bandwidth interface statistics enable

bandwidth weight

Use bandwidth weight to set the bandwidth weight for proximity calculation.

Use undo bandwidth weight to restore the default.

Syntax

bandwidth { inbound | outbound } weight bandwidth-weight

undo bandwidth { inbound | outbound } weight

Default

The inbound or outbound bandwidth weight for proximity calculation is 100.

Views

Proximity view

Predefined user roles

network-admin

Parameters

inbound: Specifies the inbound bandwidth weight.

outbound: Specifies the outbound bandwidth weight.

bandwidth-weight: Specifies the bandwidth weight for proximity calculation, in the range of 0 to 255. A larger value indicates a higher bandwidth weight.

Examples

# Set the inbound bandwidth weight for proximity calculation to 200.

<Sysname> system-view

[Sysname] loadbalance proximity

[Sysname-lb-proximity] bandwidth inbound weight 200

# Set the outbound bandwidth weight for proximity calculation to 200.

<Sysname> system-view

[Sysname] loadbalance proximity

[Sysname-lb-proximity] bandwidth outbound weight 200

class

Use class to specify an LB action for the specified LB class.

Use undo class to delete an LB class.

Syntax

class class-name [ insert-before before-class-name ] action action-name

undo class class-name

Default

No LB action is specified for the LB class.

Views

LB policy view

Predefined user roles

network-admin

Parameters

class-name: Specifies an LB class by its name, a case-insensitive string of 1 to 63 characters.

insert-before before-class-name: Inserts the target class before an LB class (which must already be referenced by the current LB policy), a case-insensitive string of 1 to 63 characters.

action-name: Specifies an LB action by its name, a case-insensitive string of 1 to 63 characters.

Usage guidelines

This command sets an LB action for packets matching the specified LB class.

You can specify an LB action for different LB classes.

A DNS LB policy can reference DNS LB actions only; a link-generic LB policy can reference link-generic LB classes and link-generic LB actions only.

Examples

# Specify the LB action lba1 for the LB class lbc1 in the DNS policy lbp1, and insert lbc1 before the LB class lbc0.

<Sysname> system-view

[Sysname] loadbalance policy lbp1 type dns

[Sysname-lbp-dns-lbp1] class lbc1 insert-before lbc0 action lba1

connection-limit max (link view)

Use connection-limit max to set the maximum number of connections of a link.

Use undo connection-limit max to restore the default.

Syntax

connection-limit max max-number

undo connection-limit max

Default

The maximum number of connections of a link is 0, which means the number is not limited.

Views

Link view

Predefined user roles

network-admin

Parameters

max-number: Specifies the maximum number of connections, in the range of 0 to 4294967295. If the value of this argument takes 0, the number is not limited.

Usage guidelines

This command takes effect only on new sessions and does not take effect on existing sessions.

Examples

# Set the maximum number of connections of the link lk to 10000.

<Sysname> system-view

[Sysname] loadbalance link lk

[Sysname-lb-link-lk] connection-limit max 10000

connection-limit max (virtual server view)

Use connection-limit max to set the maximum number of connections of a virtual server.

Use undo connection-limit max to restore the default.

Syntax

connection-limit max max-number

undo connection-limit max

Default

The maximum number of connections of a virtual server is 0, which means the number is not limited.

Views

Virtual server view

Predefined user roles

network-admin

Parameters

max-number: Specifies the maximum number of connections, in the range of 0 to 4294967295. If the value of this argument takes 0, the number is not limited.

Usage guidelines

This command takes effect only on new sessions and does not take effect on existing sessions.

Examples

# Set the maximum number of connections for the link-IP-type virtual server vs3 to 10000.

<Sysname>system-view

[Sysname] virtual-server vs3 type link-ip

[Sysname-vs-link-ip-vs3] connection-limit max 10000

cost

Use cost to set the link cost for proximity calculation.

Use undo cost to restore the default.

Syntax

cost cost-value

undo cost

Default

The link cost for proximity calculation is 0.

Views

Link view

Predefined user roles

network-admin

Parameters

cost-value: Specifies the link cost for proximity calculation, in the range of 0 to 10240.

Examples

# Set the link cost for proximity calculation to 200 for the link lk1.

<Sysname> system-view

[Sysname] loadbalance link lk1

[Sysname-lb-link-lk1] cost 200

cost weight

Use cost weight to set the cost weight for proximity calculation.

Use undo cost weight to restore the default.

Syntax

cost weight cost-weight

undo cost weight

Default

The cost weight for proximity calculation is 100.

Views

Proximity view

Predefined user roles

network-admin

Parameters

cost-weight: Specifies the cost weight for proximity calculation, in the range of 0 to 255. A larger value indicates a higher cost weight.

Examples

# Set the cost weight for proximity calculation to 200.

<Sysname> system-view

[Sysname] loadbalance proximity

[Sysname-lb-proximity] cost weight 200

default dns-server-pool

Use default dns-server-pool to specify the default (primary) DNS server pool for a transparent DNS proxy.

Use undo default dns-server-pool to restore the default.

Syntax

default dns-server-pool pool-name [ sticky sticky-name ]

undo default dns-server-pool pool-name

Default

No default DNS server pool is specified for a transparent DNS proxy.

Views

Transparent DNS proxy view

Predefined user roles

network-admin

Parameters

pool-name: Specifies a primary DNS server pool by its name, a case-insensitive string of 1 to 63 characters.

sticky sticky-name: Specifies a sticky group by its name, a case-insensitive string of 1 to 63 characters. If you do not specify a sticky group, the DNS server pool does not correspond to any sticky group.

Usage guidelines

If you execute the default dns-server-pool command multiple times, the most recent configuration takes effect.

Examples

# Specify the primary DNS server pool dns-pool1 and the sticky group st1 for the transparent DNS proxy dns-proxy1.

<Sysname> system-view

[Sysname] loadbalance dns-proxy dns-proxy1

[Sysname-lb-dp-udp-dns-proxy1] default dns-server-pool dns-pool1 sticky st1

default link-group

Use default link-group to specify the default (primary) link group.

Use undo default link-group to restore the default.

Syntax

default link-group link-group-name [ backup backup-link-group-name ] [ sticky sticky-name ]

undo default link-group

Default

No default link group is specified.

Views

Link-IP virtual server view

Predefined user roles

network-admin

Parameters

link-group-name: Specifies a primary link group by its name, a case-insensitive string of 1 to 63 characters.

backup backup-link-group-name: Specifies a backup link group by its name, a case-insensitive string of 1 to 63 characters.

sticky sticky-name: Specifies a sticky group by its name, a case-insensitive string of 1 to 63 characters.

Usage guidelines

When the primary link group is available (contains links), the virtual server forwards packets through the primary link group. When the primary link group is not available, the virtual server forwards packets through the backup link group.

Examples

# Specify the primary link group link1, the backup link group link2, and the sticky group sg1 for the link-IP-type virtual server vs3.

<Sysname> system-view

[Sysname] virtual-server vs3 type link-ip

[Sysname--vs-link-ip-vs3] default link-group link1 backup link2 sticky sg1

default-class action

Use default-class action to specify the default LB action.

Use undo default-class to restore the default.

Syntax

default-class action action-name

undo default-class

Default

No default LB action is specified.

Views

LB policy view

Predefined user roles

network-admin

Parameters

action-name: Specifies an LB action by its name, a case-insensitive string of 1 to 63 characters.

Usage guidelines

This command sets the default LB action for packets that fail to match any LB class.

A DNS LB policy can reference DNS LB actions only; a link-generic LB policy can reference link-generic LB actions only.

Examples

# Specify the default LB action lba1 for the link-generic LB policy lbp1.

<Sysname> system-view

[Sysname] loadbalance policy lbp1 type link-generic

[Sysname-lbp-link-generic-lbp1] default-class action lba1

description

Use description to configure a description.

Use undo description to restore the default.

Syntax

description text

undo description

Default

No description is configured.

Views

ISP view

LB action view

LB class view

LB policy view

Parameter profile view

Sticky group view

Virtual server view

Link group view

Link view

DNS server pool view

DNS server view

SNAT address pool view

Predefined user roles

network-admin

Parameters

text: Specifies a description, a case-sensitive string of 1 to 127 characters.

Examples

# Configure the description LB action LBA1 for the link-generic LB action lba1.

<Sysname> system-view

[Sysname] loadbalance action lba1 type link-generic

[Sysname-lba-link-generic-lba1] description LB action LBA1

display loadbalance action

Use display loadbalance action to display LB action information.

Syntax

display loadbalance action [ name action-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

name action-name: Specifies an LB action by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this option, the command displays information about all LB actions.

Examples

# Display information about all LB actions.

<Sysname> display loadbalance action

LB action: lba3

Description: sina

Type: Link-generic

State: Active

Forward type: link group

Link group: lg1 (in use)

Backup link group: lg2

Sticky:

IP ToS:

Fallback-action: None

LB action: lba4

Description: xx

Type: DNS

State: Active

Forward type: DNS server pool

DNS server pool: dsp1

Sticky: st

IP ToS:

Fallback-action: Disabled

Table 5 Command output

Field	Description
LB action	LB action name.
Description	Description for the LB action.
Type	LB action type: · DNS. · Link-generic.
State	LB action state: · Active. · Inactive.
Forward type	Packet forwarding mode of the LB action: · Drop—Discards packets. · Forward—Forwards packets. · Link group—Forwards packets through the link group (applicable to link-generic LB actions). · DNS server pool—Forwards packets through the DNS server pool (applicable to DNS LB actions). · Skip current DNS proxy (applicable to DNS LB actions).
Link group	Default link group name. (in use) indicates the link group is in use.
Backup link group	Backup link group name. (in use) indicates the link group is in use.
Sticky	Sticky group name. This field is displayed only when the packet forwarding mode is DNS server pool.
IP ToS	ToS field value of IP packets.
Fallback-action	Action taken upon load balancing failure: · None—Does not take any action. · Continue—Matches the next rule.
DNS server pool	DNS server pool name. This field is displayed only when the packet forwarding mode is DNS server pool.

display loadbalance alg

Use display loadbalance alg to display the ALG status for all protocols.

Syntax

display loadbalance alg

Views

Any view

Predefined user roles

network-admin

network-operator

Examples

# Display the ALG status for all protocols.

<Sysname> display loadbalance alg

LB ALG:

DNS : Enable

FTP : Enable

H323 : Enable

ICMP-ERROR : Enable

ILS : Enable

MGCP : Enable

NBT : Enable

PPTP : Enable

RSH : Enable

RTSP : Enable

SCCP : Enable

SIP : Enable

SQLNET : Enable

TFTP : Enable

XDMCP : Enable

display loadbalance class

Use display loadbalance class to display LB class information.

Syntax

display loadbalance class [ name class-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

name class-name: Specifies an LB class by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this option, the command displays information about all LB classes.

Examples

# Display information about all LB classes.

<Sysname> display loadbalance class

LB class: lbc3

Description:

Type: Link-generic

Match type: Match-any

Match rule:

match 1 class cla3

match 2 source ip address 1.2.3.0 24

match 3 source ipv6 address 1::12

match 4 acl ipv4 number 3002

match 5 acl ipv6 number 3003

match 6 acl ipv4 name ccc

match 7 acl ipv6 name ddd

match 8 isp name isp2

LB class: lbc4

Description:

Type: DNS

Match type: Match-any

Match rule:

match 1 class cla2

match 2 source ip address 1.2.3.0 24

match 3 source ipv6 address 1::12

match 4 acl ipv4 number 3002

match 5 acl ipv6 number 3003

match 6 acl ipv4 name ccc

match 7 acl ipv6 name ddd

match 8 destination ip address 1.2.3.0 24

match 9 destination ipv6 address 1::12

match 10 domain-name www.h3c.com

Table 6 Command output

Field	Description
LB class	LB class name.
Description	Description for the LB class.
Type	LB class type: · DNS. · Link-generic.
Match type	Match type for the LB class: · Match-all—Requires matching all rules of the LB class. · Match-any—Requires matching any rule of the LB class.
Match rule	Match rules for the LB class.

display loadbalance dns-proxy

Use display loadbalance dns-proxy to display transparent DNS proxy information.

Syntax

display loadbalance dns-proxy [ brief | name dns-proxy-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

brief: Displays brief transparent DNS proxy information. If you do not specify this keyword, the command displays detailed transparent DNS proxy information.

name dns-proxy-name: Specifies a transparent DNS proxy by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this option, the command displays information about all transparent DNS proxies.

Examples

# Display brief information about all transparent DNS proxies.

<Sysname> display loadbalance dns-proxy brief

DNS proxy State Type VPN instance IP address Port

dns-proxy1 Active UDP 1.2.3.0/24 53

dns-proxy2 Inactive UDP -- 5353

# Display information about transparent DNS proxy dns-proxy1.

<Sysname> display loadbalance dns-proxy name dns-proxy1

DNS proxy: dns-proxy1

Type: UDP

State: Active

Service state: Enabled

VPN instance:

IPv4 address: 1.2.3.0/24

IPv6 address: --

Port: 53

DNS server pool: dns-pool1

Sticky: st

LB policy: dns-policy1

Bandwidth busy protection: Disabled

Table 7 Command output

Field	Description
DNS proxy	Transparent DNS proxy name.
Type	Transparent DNS proxy type. Only UDP is supported.
State	Transparent DNS proxy state: · Active—The transparent DNS proxy is available. · Inactive—The transparent DNS proxy is unavailable for any reason except that the transparent DNS proxy feature is disabled. · Inactive (disabled)—The transparent DNS proxy is unavailable because the transparent DNS proxy feature is disabled.
Service state	Transparent DNS proxy state: Enabled or Disabled.
VPN instance	VPN instance to which the transparent DNS proxy belongs. This field is not supported in the current software version.
DNS server pool	Default DNS server pool used by the transparent DNS proxy.
Sticky	Sticky group used by the transparent DNS proxy.
Bandwidth busy protection	Link protection state: Enabled or Disabled.

display loadbalance dns-proxy statistics

Use display loadbalance dns-proxy statistics to display transparent DNS proxy statistics.

Syntax

display loadbalance dns-proxy statistics [ name dns-proxy-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

name dns-proxy-name: Specifies a transparent DNS proxy by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this option, the command displays statistics for all transparent DNS proxies.

Examples

# Display statistics for the transparent DNS proxy dns-proxy1.

<Sysname> display loadbalance dns-proxy statistics name dns-proxy1

DNS proxy: dns-proxy1

Received requests: 100

Dropped requests: 2

Received responses: 98

Dropped responses: 0

Table 8 Command output

Field	Description
DNS proxy	Transparent DNS proxy name.
Received requests	Number of DNS requests received by the transparent DNS proxy.
Dropped requests	Number of DNS requests dropped by the transparent DNS proxy.
Received responses	Number of DNS responses received by the transparent DNS proxy.
Dropped responses	Number of DNS responses dropped by the transparent DNS proxy.

display loadbalance dns-server

Use display loadbalance dns-server to display DNS server information.

Syntax

display loadbalance dns-server [ brief | name dns-server-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

brief: Displays brief DNS server information. If you do not specify this keyword, the command displays detailed DNS server information.

name dns-server-name: Displays detailed information about a DNS server. The dns-server-name argument specifies a DNS server by its name, a case-insensitive string of 1 to 63 characters.

Usage guidelines

If you do not specify any parameter, the command displays detailed information about all DNS servers.

If the device obtains multiple DNS server IP addresses, it uses the smallest available IP address.

If no health monitoring method is specified, the device determines that all obtained DNS server IP addresses are available. If a health monitoring method is specified, the device determines that only the DNS server IP addresses that pass health monitoring are available.

Examples

# Display brief information about all DNS servers.

<Sysname> display loadbalance dns-server brief

DNS server Address Port Link State DNS server pool

ds1 10.150.100.100 0 link1 Active dns_pool

ds2 20.150.100.100 5353 link2 Probe-failed dns_pool

ds3 -- 0 link3 Inactive dns_pool

ds4 -- 0 link3 Inactive dns_pool

# Display detailed information about DNS server ds1.

<Sysname> display loadbalance dns-server name ds1

DNS server: ds1

Description:

State: Active

IPv4 address: 10.150.100.100

10.160.100.1

10.154.60.2

IPv6 address: --

Port: 0

Link: link1

DNS server pool: dns-pool

Weight: 100

Priority: 4

Probe information:

Probe success criteria: All

Probe method State

t4 Succeeded

Table 9 Command output

Field	Description
DNS server	DNS server name.
Address	IP address of the DNS server. If no IP address is configured, this field displays two hyphens (--).
Link	Link of the DNS server.
State	DNS server state: · Active—The DNS server is available. · Busy—The DNS server is busy. When the DNS server is in Active state and enabled with the link protection feature, this field displays Busy if the maximum expected bandwidth is reached. · Inactive—The DNS server is unavailable, because the configuration is not complete or the server is not referenced. · Probe-failed—Health monitoring has failed.
Description	Description for the DNS server.
IPv4 address	IPv4 address of the DNS server.
IPv6 address	IPv6 address of the DNS server.
Port	Port number of the DNS server.
Weight	Weight of the DNS server.
Priority	Priority of the DNS server.
Probe information	Detailed health monitoring information for the DNS server.
Probe success criteria	Health monitoring success criteria for the DNS server: · All—Health monitoring succeeds only when all the specified health monitoring methods succeed. · At least—Health monitoring succeeds when a specified minimum number of health monitoring methods succeed.
Probe method	Name of the NQA template used by the health monitoring method.
State	State of the health monitoring method: · Failed—Health monitoring has failed. · In progress—Health monitoring is in progress. · Invalid—Health monitoring is unavailable (because the configuration of the NQA template is not complete), or the DNS server is unavailable. · Succeeded—Health monitoring has succeeded.

display loadbalance dns-server statistics

Use display loadbalance dns-server statistics to display DNS server statistics.

Syntax

display loadbalance dns-server statistics [ name dns-server-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

name dns-server-name: Specifies a DNS server by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this option, the command displays statistics for all DNS servers.

Examples

# Display statistics for the DNS server ds1.

<Sysname> display loadbalance dns-server statistics name ds1

DNS server: ds1

Received requests: 100

Send requests: 98

Dropped requests: 2

Received responses: 98

Send responses: 98

Dropped responses: 0

Table 10 Command output

Field	Description
DNS server	DNS server name.
Received requests	Number of DNS requests received by the DNS server.
Send requests	Number of DNS requests sent by the DNS server.
Dropped requests	Number of DNS requests dropped by the DNS server.
Received responses	Number of DNS responses received by the DNS server.
Send responses	Number of DNS responses sent by the DNS server.
Dropped responses	Number of DNS responses dropped by the DNS server.

display loadbalance dns-server-pool

Use display loadbalance dns-server-pool to display DNS server pool information.

Syntax

display loadbalance dns-server-pool [ brief | name pool-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

brief: Displays brief DNS server pool information. If you do not specify this keyword, the command displays detailed DNS server pool information.

name pool-name: Displays detailed information about a DNS server pool. The pool-name argument specifies a DNS server pool by its name, a case-insensitive string of 1 to 63 characters.

Usage guidelines

If you do not specify any parameter, the command displays detailed information about all DNS server pools.

Examples

# Display brief information about all DNS server pools.

<Sysname> display loadbalance dns-server-pool brief

Predictor: RR - Round robin, RD - Random,

BW - Bandwidth, MBW - Max bandwidth,

IBW - Inbound bandwidth, OBW - Outbound bandwidth,

MIBW - Max inbound bandwidth, MOBW - Max outbound bandwidth,

HASH(SIP) - Hash address source IP,

HASH(DIP) - Hash address destination IP,

HASH(SIP-PORT) - Hash address source IP-port

DNS server pool Predictor Total Active

dns-pool RR 3 2

dns-pool1 RR 0 0

dns-pool2 RD 3 0

# Display detailed information about DNS server pool dns-pool.

<Sysname> display loadbalance dns-server-pool name dns-pool

DNS server pool: dns-pool

Description:

Predictor: Round robin

Selected server: Enabled

Min servers: 3

Max servers: 5

Probe information:

Probe success criteria: At-least 2

Probe method: t4

Total DNS servers: 3

Active DNS servers: 0

DNS server list:

Name State Address port Link Weight Priority

ds1 Active 10.150.100.100 0 link1 100 4

ds2 Probe-failed 20.150.100.100 5353 link2 100 4

ds3 Inactive -- 0 link3 100 4

Table 11 Command output

Field	Description
Predictor	Scheduling algorithm of the DNS server pool: · RR—Weighted round robin algorithm. · RD—Random algorithm. · BW—Bandwidth algorithm. · IBW—Inbound bandwidth algorithm. · OBW—Outbound bandwidth algorithm. · MBW—Maximum bandwidth algorithm. · MIBW—Maximum inbound bandwidth algorithm. · MOBW—Maximum outbound bandwidth algorithm. · HASH(SIP)—Hash algorithm based on source IP address. · HASH(DIP)—Hash algorithm based on destination IP address. · HASH(SIP-PORT)—Hash algorithm based on source IP address and port number.
DNS server pool	DNS server pool name.
Total	Total number of DNS servers.
Active	Number of active DNS servers.
Description	Description for the DNS server pool.
Selected server	State of DNS server limit to participate in scheduling: disabled or enabled. If the state is enabled, the following fields are displayed: · Min servers—Minimum number of DNS servers that can participate in scheduling. · Max servers—Maximum number of DNS servers that can participate in scheduling.
Probe information	Detailed health monitoring information for the DNS server pool.
Probe success criteria	Health monitoring success criteria for the DNS server pool: · All—Health monitoring succeeds only when all the specified health monitoring methods succeed. · At least—Health monitoring succeeds when a specified minimum number of health monitoring methods succeed.
Probe method	Name of the NQA template used by the health monitoring method.
Total DNS servers	Total number of DNS servers.
Active DNS servers	Number of active DNS servers.
Name	DNS server name.
State	DNS server state: · Active—The DNS server is available. · Busy—The DNS server is busy. When the DNS server is in Active or Ramp state and enabled with link protection, this field displays Busy if the maximum expected bandwidth is reached. · Inactive—The DNS server is unavailable, because the configuration is not complete or the server is not referenced. · Probe-failed—Health monitoring has failed.
Address	IP address of the DNS server. If no IP address is configured, this field displays two hyphens (--).
Port	Port number of the DNS server.
Link	Name of the link corresponding to the DNS server.
Weight	Weight of the DNS server.
Priority	Priority of the DNS server.

display loadbalance isp

Use display loadbalance isp to display ISP information.

Syntax

display loadbalance isp [ ip ipv4-address | ipv6 ipv6-address | name isp-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

ip ipv4-address: Specifies an IPv4 address. If you do not specify this option, the command displays information about all ISPs.

ipv6 ipv6-address: Specifies an IPv6 address. If you do not specify this option, the command displays information about all ISPs.

name isp-name: Specifies an ISP by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this option, the command displays information about all ISPs.

Examples

# Display information about all ISPs.

<Sysname> display loadbalance isp

(*) - User-defined object

LB ISP: isp1

Description: ISP1

IPv4 address/Mask length: --

IPv6 address/Prefix length: --

LB ISP: isp2(*)

Description:

IPv4 address/Mask length:

1.2.3.0/32(*) 1.2.3.4/32 3.3.3.6/32(*)

192.168.6.131/32(*) 192.168.195.189/32(*)

IPv6 address/Prefix length:

1::2/128

FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF/128(*)

# Display information about the ISP corresponding to the IP address 1.2.3.0.

<Sysname> display loadbalance isp ip 1.2.3.0

ISP name Source IPv4 address/Mask length

isp2 user-set 1.2.3.0/28

isp2 user-set 1.2.3.0/29

isp2 user-set 1.2.3.0/30

isp2 file-load 1.2.3.0/31

isp2 file-load & user-set 1.2.3.0/32

# Display information about the ISP corresponding to the IPv6 address 1::1234.

<Sysname> display loadbalance isp ipv6 1::1234

ISP name Source IPv6 address/Prefix length

isp2 user-set 1::1234/126

isp2 user-set 1::1234/127

isp2 file-load 1::1234/128

Table 12 Command output

Field	Description
(*) - User-defined object	() indicates that the ISP information is manually configured. If the ISP information is also imported from a file, () is not displayed.
LB ISP	ISP name.
Description	Description for the ISP.
Source	Source of the ISP: · user-set—Manually configured. · file-load—Imported from a file. · file-load & user-set—Manually configured and imported from a file.

display loadbalance link

Use display loadbalance link to display LB link information.

Syntax

display loadbalance link [ brief | name link-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

brief: Displays brief information about all LB links. If you do not specify this keyword, the command displays detailed LB link information.

name link-name: Displays detailed information about the specified LB link. The link-name argument specifies an LB link name, a case-insensitive string of 1 to 63 characters.

Usage guidelines

If you do not specify the brief keyword or the name link-name option, the command displays detailed information about all LB links.

Examples

# Display brief information about all LB links.

<Sysname> display loadbalance link brief

Link Router IP State VPN instance Link group

Lk1 192.168.1.1 Busy -- lg

Lk2 192.168.2.1 Active -- lg

# Display detailed information about the LB link lk.

<Sysname> display loadbalance link name lk

Link: lk

Description: lk

State: Busy

VPN instance: --

Inherit VPN: Disabled

Router IP: 1.2.3.4

Router IPv6: --

Link-group: lg

Weight: 100

Priority: 4

Cost: 0

Slow-shutdown: Disabled

Connection limit: 0

Rate limit:

Connections: 10000

Bandwidth: 10000 Kbytes/s

Inbound bandwidth: 5000 Kbytes/s

Outbound bandwidth: 5000 Kbytes/s

Bandwidth busy:

Max bandwidth: 10000 Kbytes/s

Max inbound bandwidth: 5000 Kbytes/s

Max outbound bandwidth: 5000 Kbytes/s

Busy rate: 80

Inbound busy rate: 70

Outbound busy rate: 60

Busy recovery rate: 60

Inbound busy recovery rate: 60

Outbound busy recovery rate: 60

Probe information:

Probe success criteria: All

Probe method State

t4 Inactive

Link: lk2

Description: link2

State: Inactive

VPN instance: --

Inherit VPN: Disabled

Link group: lg

Weight: 150

Priority: 3

Cost: 100

Slow shutdown: Enabled

Connection limit: 10000

Rate limit:

Connections: 10000

Bandwidth: 10000 Kbytes/s

Inbound bandwidth: 5000 Kbytes/s

Outbound bandwidth: 5000 Kbytes/s

Bandwidth busy:

Max bandwidth: 10000 Kbytes/s

Max inbound bandwidth: 5000 Kbytes/s

Max outbound bandwidth: 5000 Kbytes/s

Busy rate: 80

Inbound busy rate: 70

Outbound busy rate: 60

Busy recovery rate: 60

Inbound busy recovery rate: 60

Outbound busy recovery rate: 60

Probe information:

Probe success criteria: All

Probe method State

t4 Inactive

Table 13 Command output

Field	Description
Link	LB link name.
Description	Description for the LB link.
State	LB link state: · Active—The LB link is available. · Busy—The LB link is busy. · Inactive—The LB link is unavailable, because the configuration is not complete, the LB link is not referenced, or the virtual server is not enabled. · Probe-failed—Health monitoring has failed. · Ramp—Ramp-up phase of slow online. · Shutdown—The LB link is shut down. · Standby—Standby phase of slow online.
VPN instance	VPN instance of the LB link. · Config—Manually configured. · Inherit—Inherited. This field is not supported in the current software version.
Inherit VPN	State of VPN instance inheritance: Enabled or Disabled. This field is not supported in the current software version.
Router IP	IPv4 address of the gateway on the LB link.
Router IPv6	IPv6 address of the gateway on the LB link.
Link group	Link group to which the LB link belongs.
Weight	Weight of the LB link.
Priority	Priority of the LB link.
Cost	Cost for proximity calculation.
Slow shutdown	Slow offline state of the LB link: · Disabled. · Enabled.
Connection limit	Maximum number of connections for the LB link.
Rate limit	Rate limit of the LB link.
Connections	Maximum number of connections per second for the LB link.
Bandwidth	Maximum bandwidth for the LB link in KBps.
Inbound bandwidth	Maximum inbound bandwidth for the LB link in KBps.
Outbound bandwidth	Maximum outbound bandwidth for the LB link in KBps.
Bandwidth busy	Bandwidth ratio.
Max bandwidth	Maximum expected bandwidth for the LB link in KBps.
Max inbound bandwidth	Maximum inbound expected bandwidth for the LB link in KBps.
Max outbound bandwidth	Maximum outbound expected bandwidth for the LB link in KBps.
Busy rate	Bandwidth ratio for the LB link.
Inbound busy rate	Inbound bandwidth ratio for the LB link.
Outbound busy rate	Outbound bandwidth ratio for the LB link.
Busy recovery rate	Bandwidth recovery ratio for the LB link.
Inbound busy recovery rate	Inbound bandwidth recovery ratio for the LB link.
Outbound busy recovery rate	Outbound bandwidth recovery ratio for the LB link.
Probe information	Detailed health monitoring information for the LB link.
Probe success criteria	Health monitoring success criteria for the LB link: · All—Health monitoring succeeds only when all the specified health monitoring methods succeed. · At least—Health monitoring succeeds when a specified minimum number of health monitoring methods succeed.
Probe method	Name of the NQA template used by the health monitoring method.
State	State of the health monitoring method: · Failed—Health monitoring has failed. · In progress—Health monitoring is in progress. · Invalid—Health monitoring is unavailable (because the configuration of the NQA template is not complete), or the link is unavailable. · Succeeded—Health monitoring has succeeded.

display loadbalance link-group

Use display loadbalance link-group to display link group information.

Syntax

display loadbalance link-group [ brief | name link-group-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

brief: Displays brief information about all link groups. If you do not specify this keyword, the command displays detailed link group information.

name link-group-name: Specifies a link group by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this option, the command displays information about all link groups.

Usage guidelines

If you do not specify any parameters, the command displays detailed information about all link groups.

A link is displayed as unavailable if the link group configuration is not complete, the link group is not referenced, or the virtual server is not enabled. This does not mean that the link is not available.

Examples

# Display brief information about all link groups.

<Sysname> display loadbalance link-group brief

Predictor: RR - Round robin, RD - Random, LC - Least connection,

BW – Bandwidth, MBW – Max bandwidth,

IBW – Inbound bandwidth, OBW – Outbound bandwidth,

MIBW – Max inbound bandwidth, MOBW – Max outbound bandwidth,

HASH(SIP) - Hash address source IP,

HASH(DIP) - Hash address destination IP,

HASH(SIP-PORT) - Hash address source IP-port

NAT/SNAT: Y - Enabled, N - Disabled

Link group Predictor NAT SNAT Total Active

lg RR Y N 3 3

# Display detailed information about all link groups.

<Sysname> display loadbalance link-group

Link group: lg1

Description:

Predictor: Hash address

Proximity: Disabled

NAT: Enabled

SNAT pool:

Failed action: Keep

Active threshold: Enabled

Lower: 80

Upper: 90

Slow-online: Enabled

Standby time: 5s

Ramp-up time: 10s

Selected link: Enabled

Min link: 100

Max link: 600

Probe information:

Probe success criteria: All

Probe method:

aaa

ddd

Total link: 1

Active link: 1

Link list:

Name State VPN instance Router IP Weight Priority

Link1 Inactive -- 1.2.3.4 4 100

Table 14 Command output

Field	Description
Link group	Link group name.
Description	Description for the link group.
Predictor	Scheduling algorithm of the link group: · RR—Weighted round robin algorithm. · RD—Random algorithm. · LC—Weighted least connection algorithm. · BW—Bandwidth algorithm. · IBW—Inbound bandwidth algorithm. · OBW—Outbound bandwidth algorithm. · MBW—Maximum bandwidth algorithm. · MIBW—Maximum inbound bandwidth algorithm. · MOBW—Maximum outbound bandwidth algorithm. · HASH(SIP)—Hash algorithm based on source IP address. · HASH(DIP)—Hash algorithm based on destination IP address. · HASH(SIP-PORT)—Hash algorithm based on source IP address and port number.
Proximity	Proximity state of the link group: · Disabled. · Enabled.
NAT	NAT state of the link group: · Disabled. · Enabled.
SNAT pool	Name of the SNAT address pool referenced by the link group.
Failed action	Fault processing method of the link group: · Keep—Keeps existing connections. · Reschedule—Redirects connections. · Reset—Terminates existing connections.
Active threshold	State of the criteria to determine that the link group is available: disabled or enabled. If the state is enabled, the following fields are displayed: · Lower—Lower percentage value. · Upper—Upper percentage value.
Slow-online	State of the slow online feature: disabled or enabled. If the state is enabled, the following fields are displayed: · Standby time. · Ramp-up time.
Selected link	State of link limit to participate in scheduling: disabled or enabled. If the state is enabled, the following fields are displayed: · Min server—Minimum number of links that participate in scheduling. · Max server—Maximum number of links that participate in scheduling.
Probe success criteria	Health monitoring success criteria for the link group: · All—Health monitoring succeeds only when all the specified health monitoring methods succeed. · At least X—Health monitoring succeeds when a minimum of X health monitoring methods succeed.
Probe method	Name of the NQA template used by the health monitoring method.
Total link	Total number of links.
Active link	Number of active links.
Name	Link name.
State	Link state: · Active—The link is available. · Busy—The link is busy. When the link is in Active or Ramp state and enabled with bandwidth statistics collection and link protection, this field displays Busy if the maximum expected bandwidth is reached. · Inactive—The link is unavailable, because the configuration is not complete, the link is not referenced, or the virtual server is not enabled. · Probe-failed—Health monitoring has failed. · Ramp—Ramp-up phase of slow online. · Shutdown—The link is shut down. · Standby—Standby phase of slow online.
VPN instance	VPN instance of the link. This field is not supported in the current software version.
Router IP	IPv4 and IPv6 addresses of the link.
Weight	Weight of the link.
Priority	Priority of the link.

display loadbalance link statistics

Use display loadbalance link statistics to display link statistics.

Syntax

display loadbalance link statistics [ name link-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

name link-name: Specifies a link by its name, a case-insensitive string of 1 to 63 characters.

Examples

# Display statistics for the link lk1.

<Sysname> display loadbalance link statistics name lk1

Loadbalance link: lk1

Total connections: 1798

Active connections: 788

Max connections: 803

Connections per second: 157

Max connections per second: 163

Downstream traffic: 333332 bytes

Upstream traffic: 472054 bytes

Throughput: 4396 bytes/s

Inbound throughput: 1214 bytes/s

Outbound throughput: 3128 bytes/s

Max throughput: 4564 bytes/s

Max inbound throughput: 1214 bytes/s

Max outbound throughput: 3320 bytes/s

Received packets: 1798

Sent packets: 0

Dropped packets: 0

Table 15 Command output

Field	Description
Loadbalance link	Link name.
Total connections	Total number of connections.
Active connections	Number of active connections.
Max connections	Maximum number of connections.
Connections per second	Number of connections per second.
Max connections per second	Maximum number of connections per second.
Downstream traffic	Downstream traffic (in bytes) received by the LB device.
Upstream traffic	Upstream traffic (in bytes) sent by the LB device.
Throughput	Total packet throughput in Bps.
Inbound throughput	Inbound packet throughput in Bps.
Outbound throughput	Outbound packet throughput in Bps.
Max throughput	Maximum packet throughput in Bps.
Max inbound throughput	Maximum inbound packet throughput in Bps.
Max outbound throughput	Maximum outbound packet throughput in Bps.
Received packets	Number of received packets.
Sent packets	Number of sent packets.
Dropped packets	Number of dropped packets.

display loadbalance policy

Use display loadbalance policy to display LB policy information.

Syntax

display loadbalance policy [ name policy-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

name policy-name: Specifies an LB policy by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this option, the command displays information about all LB policies.

Examples

# Display information about all LB policies.

<Sysname> display loadbalance policy

LB policy: lbp3

Description:

Type: Link-generic

Class: lbc3

Action: lba3

Default class action: lba3

LB policy: lbp4

Description:

Type: DNS

Class: lbc4

Action: lba4

Default class action: lba4

Table 16 Command output

Field	Description
LB policy	LB policy name.
Description	Description for the LB policy.
Type	LB policy type: · DNS. · Link-generic.
Class	LB class for the LB policy.
Action	LB action for the LB class.
Default class action	Default LB action.

display loadbalance proximity

Use display loadbalance proximity to display proximity entry information.

Syntax

display loadbalance proximity [ ip [ ipv4-address ] | ipv6 [ ipv6-address ] ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

ip [ ipv4-address ]: Displays IPv4 proximity entry information. If you specify the ipv4-address argument, this command displays detailed information about the proximity entry corresponding to the IPv4 address. If you do not specify the ipv4-address argument, this command displays brief information about all IPv4 proximity entries.

ipv6 [ ipv6-address ]: Displays IPv6 proximity entry information. If you specify the ipv6-address argument, this command displays detailed information about the proximity entry corresponding to the IPv6 address. If you do not specify the ipv6-address argument, this command displays brief information about all IPv6 proximity entries.

Usage guidelines

If you do not specify the ip or ipv6 keyword, this command displays brief information about all IPv4 and IPv6 proximity entries.

Examples

# Display brief information about all IPv4 and IPv6 proximity entries for the public network.

<Sysname> display loadbalance proximity

(*) – Real server object

Slot :1

IPv4 address/Mask length Timeout Best link

------------------------------------------------------------

1.2.3.0/24 59 lk1

1.2.15.0/24 58 lk2

IPv6 address/Prefix length Timeout Best link

------------------------------------------------------------

11:22::/96 40 lk1

# Display detailed information about the proximity entry corresponding to the IP address 1.2.3.1 for the public network.

<Sysname> display loadbalance proximity ip 1.2.3.1

(*) – Real server object

IPv4 address/Mask length: 1.2.3.0/24

Timeout: 40

Link list:

lk1

lk2

Table 17 Command output

Field	Description
(*) – Real server object	The link corresponds to a real server object. This field is not supported in the current software version.
Timeout	Remaining time of the proximity entries, in seconds.
Link list	Links for the proximity entry. They are listed in descending priority order.

display loadbalance snat-pool

Use display loadbalance snat-pool to display SNAT address pool information.

Syntax

display loadbalance snat-pool [ name pool-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

name pool-name: Specifies an SNAT address pool by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this option, the command displays information about all SNAT address pools.

Examples

# Display information about all SNAT address pools.

<Sysname> display loadbalance snat-pool

SNAT pool: lbsp1

Description:

IPv4 range:

Start address End address

202.110.10.10 202.110.10.15

IPv6 range:

Start address End address

2002::2 2002::100

SNAT pool: lbsp2

Description:

IPv4 range:

Start address End address

203.110.10.10 203.110.10.15

IPv6 range:

Start address End address

2003::2 2003::100

Table 18 Command output

Field	Description
SNAT pool	SNAT address pool name.
Description	Description for the SNAT address pool.
IPv4 range	IPv4 address range.
IPv6 range	IPv6 address range.

display parameter-profile

Use display parameter-profile to display parameter profile information.

Syntax

display parameter-profile [ name parameter-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

name parameter-name: Specifies a parameter profile by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this option, the command displays information about all parameter profiles.

Examples

# Display information about all parameter profiles.

<Sysname> display parameter-profile

Parameter profile: pp1

Description:

Type: IP

IP ToS: 20

Table 19 Command output

Field	Description
Parameter profile	Parameter profile name.
Description	Description for the parameter profile.
Type	Parameter profile type, which can only be IP.
IP ToS	ToS field of the IP packets sent to the server.

display sticky

Use display sticky to display sticky entry information.

Syntax

display sticky { dns-proxy [ dns-proxy-name ] | virtual-server [ virtual-server-name ] } [ class class-name | default-class | default-dns-server-pool | default-link-group ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

dns-proxy dns-proxy-name: Specifies a transparent DNS proxy by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this option, the command displays sticky entry information for all transparent DNS proxies.

virtual-server virtual-server-name: Specifies a virtual server by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this option, the command displays sticky entry information for all virtual servers.

class class-name: Specifies an LB class by its name, a case-insensitive string of 1 to 63 characters.

default-class: Specifies the default LB action.

default-dns-server-pool: Specifies the default DNS server pool.

default-link-group: Specifies the default link group.

Examples

# Display sticky entry information for all virtual services.

<Sysname> display sticky virtual-server

Virtual server name: vs4

Sticky zone type: Default link group

Class name:

Sticky group name: sg3

Sticky method: Both IP and port

Timeout: 60

Sticky entry Link Expired time Count

-----------------------------------------------------------------------------

192.168.6.206/2605 192.168.6.206/0 55 0

192.168.6.40/80

# Display sticky entry information for all transparent DNS proxies.

<Sysname> display sticky dns-proxy

DNS proxy name: dns-proxy1

Sticky zone type: Default DNS server pool

Sticky group name: st

Sticky method: Source IP

Timeout: 60

Sticky entry DNS server Expired time Count

--------------------------------------------------------------------

192.168.6.206/2606 192.168.6.206/0 57 0

DNS proxy name: dns-proxy2

Sticky zone type: Class

Class name: class

Sticky group name: sg2

Sticky method: Destination IP and port

Timeout: 60

Sticky entry DNS server Expired time Count

-------------------------------------------------------------------

192.168.6.206/2606 192.168.6.206/0 57 0

DNS proxy name: dns-proxy3

Sticky zone type: Default class

Sticky group name: sg3

Sticky method: Both IP and port

Timeout: 60

Sticky entry DNS server Expired time Count

-------------------------------------------------------------------

192.168.6.206/2606 192.168.6.206/0 57 0

Table 20 Command output

Field	Description
Sticky zone type	Sticky entry source: · Class—Generated by the class and action in the policy referenced by the virtual service. · Default class—Generated by the default action in the policy referenced by the virtual service. · Default DNS server pool—Generated by the default DNS server pool of the transparent DNS proxy. · Default link group—Generated by the default primary or backup link group of the virtual service.
Class name	LB class name. The LB class name is displayed only when the sticky entries are generated by the class and action.
Sticky group name	Name of the sticky group that generates the sticky entries.
Sticky method	Sticky method corresponding to the sticky entries: · Source IP—Source IPv4 address sticky method. · Source IPv6—Source IPv6 address sticky method. · Source IP and port—Source IPv4 address + source port sticky method. · Source IPv6 and port—Source IPv6 address + source port sticky method. · Destination IP—Destination IPv4 address sticky method. · Destination IPv6—Destination IPv6 address sticky method. · Destination IP and port—Destination IPv4 address + destination port sticky method. · Destination IPv6 and port—Destination IPv6 address + destination port sticky method. · Both IP—Source IPv4 address + destination IPv4 address sticky method. · Both IPv6—Source IPv6 address + destination IPv6 address sticky method. · Both IP and port—Source IPv4 address + source port + destination IPv4 address + destination port sticky method. · Both IPv6 and port—Source IPv6 address + source port + destination IPv6 address + destination port sticky method.
Timeout	Timeout time of the sticky entries, in seconds.
Sticky entry	Key value corresponding to the sticky entry.
DNS server	IP address and port number of the DNS server.
Link	Outbound next hop IP address and port number of the link.
Expired time	Remaining lifetime of the sticky entry. If the reference count is not 0, the configured value is displayed.
Count	Reference count of the sticky entry.

display sticky-group

Use display sticky-group to display sticky group information.

Syntax

display sticky-group [ name group-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

name group-name: Specifies a sticky group by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this option, the command displays information about all sticky groups.

Examples

# Display information about all sticky groups.

<Sysname> display sticky-group

Sticky group: sg1

Description:

Timeout: 60

Override limit: Disabled

Sticky group type: Address-port

Method: Both IP and port

Mask: 32

Table 21 Command output

Field	Description
Sticky group	Sticky group name.
Description	Description for the sticky group.
Timeout	Timeout time for sticky entries in seconds.
Override limit	Whether the feature of ignoring the limits for sessions that match sticky entries is enabled: Enabled or Disabled.
Sticky group type	Sticky group type: · Address-port—Address and port.

Table 22 Detailed information for sticky groups

Sticky group type	Field	Description
Address-port	Method	Sticky method: · Source IP—Source IPv4 address sticky method. · Source IPv6—Source IPv6 address sticky method. · Source IP and port—Source IPv4 address + source port sticky method. · Source IPv6 and port—Source IPv6 address + source port sticky method. · Destination IP—Destination IPv4 address sticky method. · Destination IPv6—Destination IPv6 address sticky method. · Destination IP and port—Destination IPv4 address + destination port sticky method. · Destination IPv6 and port—Destination IPv6 address + destination port sticky method. · Both IP—Source IPv4 address + destination IPv4 address sticky method. · Both IPv6—Source IPv6 address + destination IPv6 address sticky method. · Both IP and port—Source IPv4 address + source port + destination IPv4 address + destination port sticky method. · Both IPv6 and port—Source IPv6 address + source port + destination IPv6 address + destination port sticky method.
	Mask	Mask length for the sticky method. This field is displayed only for IPv4 sticky methods.
	Prefix	Prefix length for the sticky method. This field is displayed only for IPv6 sticky methods.

display virtual-server

Use display virtual-server to display virtual server information.

Syntax

display virtual-server [ brief | name virtual-server-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

brief: Displays brief virtual server information. If you do not specify this keyword, the command displays detailed virtual server information.

name virtual-server-name: Displays information about the specified virtual server. The virtual-server-name argument specifies a virtual server name, a case-insensitive string of 1 to 63 characters. If you do not specify this option, the command displays information about all virtual servers.

Examples

# Display brief information about all virtual servers.

<Sysname> display virtual-server brief

Virtual server State Type VPN instance Virtual address Port

vs3 Active LINK-IP 51.139.4.100/32 0

# Display detailed information about the virtual server lk.

<Sysname> display virtual-server name lk

Virtual server: lk

Description:

Type: Link-IP

State: Active

VPN instance: --

Virtual IPv4 address: 1.1.1.1/32

Virtual IPv6 address: 1001::1/128

Port: 0

Primary link group: lg1 (in use)

Backup link group: lg2

Sticky: sg3

LB policy: lbp2

Connection limit: 10000

Rate limit:

Connections: 10000

Bandwidth: 10000 Kbytes/s

Inbound bandwidth: 5000 Kbytes/s

Outbound bandwidth: 5000 Kbytes/s

Bandwidth busy protection: Disabled

Interface bandwidth statistics: Disabled

Table 23 Command output

Field	Description
Virtual server	Virtual server name.
State	Virtual server state: · Active—The virtual server is available. · Inactive—The virtual server is unavailable for any reason other than lack of license and disabled virtual server. · Inactive (no license)—The virtual server is unavailable because of lack of license. · Inactive (disabled)—The virtual server is unavailable because the virtual server is disabled.
Type	Virtual server type: link-IP.
VPN instance	Name of the VPN instance to which the virtual server belongs. This field is not supported in the current software version.
Virtual address	IPv4 address and mask of the virtual server.
Port	Port number of the virtual server.
Description	Description of the virtual server.
Virtual IPv4 address	IPv4 address and mask of the virtual server.
Virtual IPv6 address	IPv6 address and prefix of the virtual server.
Primary link group	Default primary link group name. (in use) indicates the link group is in use.
Backup link group	Default backup link group name. (in use) indicates the link group is in use.
Sticky	Default sticky group name.
LB policy	LB policy referenced by the virtual server.
IP parameter profile	IP parameter profile referenced by the virtual server. This field is displayed only when an IP parameter profile is configured.
Connection limit	Maximum number of connections of the virtual server.
Rate limit	Rate limit of the virtual server.
Connections	Maximum number of connections per second of the virtual server.
Bandwidth	Maximum bandwidth for the virtual server in KBps.
Inbound bandwidth	Maximum inbound bandwidth for the virtual server in KBps.
Outbound bandwidth	Maximum outbound bandwidth for the virtual server in KBps.
Bandwidth busy protection	Link protection state: Enabled or Disabled.
Interface bandwidth statistics	Bandwidth statistics collection by interfaces: Disabled or Enabled.

display virtual-server statistics

Use display virtual-server statistics to display virtual server statistics.

Syntax

display virtual-server statistics [ name virtual-server-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

name virtual-server-name: Specifies a virtual server by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this option, the command displays statistics of all virtual servers.

Examples

# Display statistics for the virtual server vs.

<Sysname> display virtual-server statistics name vs

Virtual server: vs

Total connections: 979

Active connections: 618

Max connections: 661

Connections per second: 146

Max connections per second: 156

Client input: 333332 bytes

Client output: 472054 bytes

Throughput: 4088 bytes/s

Inbound throughput: 1214 bytes/s

Outbound throughput: 2874 bytes/s

Max throughput: 4368 bytes/s

Max inbound throughput: 1214 bytes/s

Max outbound throughput: 3154 bytes/s

Received packets: 979

Sent packets: 0

Dropped packets: 0

Table 24 Command output

Field	Description
Virtual server	Virtual server name.
Total connections	Total number of connections.
Active connections	Number of active connections.
Max connections	Maximum number of connections.
Connections per second	Number of connections per second.
Max connections per second	Maximum number of connections per second.
Client input	Traffic (in bytes) received from the client.
Client output	Traffic (in bytes) sent to the client.
Throughput	Total packet throughput in Bps.
Inbound throughput	Inbound packet throughput in Bps.
Outbound throughput	Outbound packet throughput in Bps.
Max throughput	Maximum packet throughput in Bps.
Max throughput	Maximum inbound packet throughput in Bps.
Max throughput	Maximum outbound packet throughput in Bps.
Received packets	Number of received packets.
Sent packets	Number of packets sent by the virtual server to the client.
Dropped packets	Number of dropped packets.

Related commands

reset virtual-server statistics

dns-server-pool (LB action view)

Use dns-server-pool to specify a DNS server pool for guiding packet forwarding.

Use undo dns-server-pool to restore the default.

Syntax

dns-server-pool pool-name [ sticky sticky-name ]

undo dns-server-pool

Default

No DNS server pool is specified for guiding packet forwarding.

Views

DNS LB action view

Predefined user roles

network-admin

Parameters

pool-name: Specifies a DNS server pool by its name, a case-insensitive string of 1 to 63 characters.

Usage guidelines

This command is mutually exclusive with the forward all or skip current-dns-proxy command. If you configure one command, the other command (if configured) is automatically cancelled.

Examples

# Specify the DNS server pool dsp and the sticky group sg1 for DNS LB action lba1.

<Sysname> system-view

[Sysname] loadbalance action lba1 type dns

[Sysname-lba-dns-lba1] dns-server-pool dsp sticky st1

Related commands

forward all

dns-server-pool (DNS server view)

Use dns-server-pool to specify a DNS server pool for a DNS server.

Use undo dns-server-pool to restore the default.

Syntax

dns-server-pool pool-name

undo dns-server-pool

Default

A DNS server does not belong to any DNS server pool.

Views

DNS server view

Predefined user roles

network-admin

Parameters

pool-name: Specifies a DNS server pool by its name, a case-insensitive string of 1 to 63 characters.

Usage guidelines

You can specify a DNS server pool that has not been created.

Examples

# Specify DNS server pool dns-pool1 for DNS server ds1.

<Sysname> system-view

[Sysname] loadbalance dns-server ds1

[Sysname-lb-ds-ds1] dns-server-pool dns-pool1

Related commands

display loadbalance dns-server

fail-action

Use fail-action to specify the fault processing method for a link group.

Use undo fail-action to restore the default.

Syntax

fail-action { keep | reschedule | reset }

undo fail-action

Default

The fault processing method is to keep existing connections.

Views

Link group view

Predefined user roles

network-admin

Parameters

keep: Keeps the connection with the failed link. Keeping or terminating the connection depends on the timeout mechanism of the protocol.

reschedule: Redirects the connection to another available link in the link group.

reset: Terminates the connection with the failed link by sending RST packets (for TCP packets) or ICMP unreachable packets (for other types of packets).

Usage guidelines

The fault processing method applies when the link that processes packets fails.

Examples

# Specify the fault processing method for the link group lg as reschedule.

<Sysname> system-view

[Sysname] loadbalance link-group lg

[Sysname-lb-lgroup-lg] fail-action reschedule

fallback-action continue

Use fallback-action continue to match the next rule upon failure to find an available server.

Use undo fallback-action continue to restore the default.

Syntax

fallback-action continue

undo fallback-action continue

Default

The next rule is not matched when no servers are available for the current LB action.

Views

LB action view

Predefined user roles

network-admin

Usage guidelines

This command enables packets to match the next rule in an LB policy when no servers are available for the current LB action.

Examples

# Match the next rule upon failure to find a DNS server for the DNS LB action a2.

<Sysname> system-view

[Sysname] loadbalance action a2 type dns

[Sysname-lba-dns-a2] fallback-action continue

forward all

Use forward all to configure the packet forwarding mode.

Use undo forward to restore the default.

Syntax

forward all

undo forward

Default

The packet forwarding mode is to discard packets.

Views

DNS/Link-generic LB action view

Predefined user roles

network-admin

Usage guidelines

In DNS LB action view, this command is mutually exclusive with the dns-server-pool or skip current-dns-proxy command. In link-generic LB action view, the forward all and link-group commands are mutually exclusive. If you configure one command, the other command (if configured) is automatically cancelled.

Examples

# Configure the packet forwarding mode for the link-generic LB action lba1.

<Sysname> system-view

[Sysname] loadbalance action lba1 type link-generic

[Sysname-lba-link-generic-lba1] forward all

Related commands

dns-server-pool

link-group (LB action view)

ip

Use ip to configure the IPv4 sticky method.

Use undo ip to restore the default.

Syntax

ip [ port ] { both | destination | source } [ mask mask-length ]

undo ip

Default

No IPv4 sticky method is configured.

Views

Sticky group view

Predefined user roles

network-admin

Parameters

port: Specifies the sticky method as IPv4 address + port number. If you do not specify this keyword, the sticky method is IPv4 address.

both: Specifies the sticky method as source IPv4 address + destination IPv4 address (if you do not specify the port keyword), or source IPv4 address + source port number + destination IPv4 address + destination port number (if you specify the port keyword).

destination: Specifies the sticky method as destination IPv4 address if you do not specify the port keyword, or destination IPv4 address + destination port number if you specify the port keyword.

source: Specifies the sticky method as source IPv4 address if you do not specify the port keyword, or source IPv4 address + source port number if you specify the port keyword.

mask mask-length: Specifies the mask length for the sticky method.

Examples

# Configure the sticky method for the address and port-based sticky group sg1 as source IPv4 address.

<Sysname> system-view

[Sysname] sticky-group sg1 type address-port

[Sysname-sticky-address-port-sg1] ip source

# Configure the sticky method for the address and port-based sticky group sg1 as source IPv4 address + source port number.

<Sysname> system-view

[Sysname] sticky-group sg1 type address-port

[Sysname-sticky-address-port-sg1] ip port source

Related commands

sticky-group

ip address (transparent DNS proxy view)

Use ip address to specify an IPv4 address for a transparent DNS proxy.

Use undo ip address to restore the default.

Syntax

ip address ipv4-address [ mask-length | mask ]

undo ip address

Default

No IPv4 address is specified for a transparent DNS proxy.

Views

Transparent DNS proxy view

Predefined user roles

network-admin

Parameters

ipv4-address: Specifies an IPv4 address, which cannot be a loopback address, multicast address, broadcast address, or an address in the format of 0.X.X.X.

mask-length: Specifies a mask length in the range of 0 to 32.

mask: Specifies a subnet mask.

Usage guidelines

A transparent DNS proxy processes a DNS request only when the destination IP address and port number of the DNS request match those of the transparent DNS proxy.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Specify the IPv4 address for transparent DNS proxy dns-proxy1 as 1.2.3.4/24.

<Sysname> system-view

[Sysname] loadbalance dns-proxy dns_proxy1

[Sysname-lb-dp-udp-dns-proxy1] ip address 1.2.3.4 24

ip address (DNS server view)

Use ip address to specify an IPv4 address for a DNS server.

Use undo ip address to restore the default.

Syntax

ip address ipv4-address

undo ip address

Default

No IPv4 address is specified for a DNS server.

Views

DNS server view

Predefined user roles

network-admin

Parameters

ipv4-address: Specifies an IPv4 address, which cannot be a loopback address, multicast address, broadcast address, or an address in the format of 0.X.X.X.

Usage guidelines

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Specify the IPv4 address for DNS server ds1 as 1.2.3.4.

<Sysname> system-view

[Sysname] loadbalance dns-server ds1

[Sysname-lb-ds-ds1] ip address 1.2.3.4

ip address (ISP view)

Use ip address to configure an IPv4 address for an ISP.

Use undo ip address to restore the default.

Syntax

ip address ipv4-address { mask-length | mask }

undo ip address ipv4-address { mask-length | mask }

Default

No IPv4 address is configured for an ISP.

Views

ISP view

Predefined user roles

network-admin

Parameters

ipv4-address: Specifies an IPv4 address.

mask-length: Specifies the mask length for the IPv4 address, in the range of 0 to 32.

mask: Specifies the mask for the IPv4 address.

Examples

# Configure the IPv4 address for the ISP isp1 as 1.1.1.1.

<Sysname> system-view

[Sysname] loadbalance isp name isp1

[Sysname-lbisp-isp1] ip address 1.1.1.1 24

ip mask

Use ip mask to set the mask length for IPv4 proximity entries.

Use undo ip mask to restore the default.

Syntax

ip mask { mask-length | mask }

undo ip mask

Default

The mask length for IPv4 proximity entries is 24.

Views

Proximity view

Predefined user roles

network-admin

Parameters

mask-length: Specifies the mask length for IPv4 proximity entries, in the range of 0 to 32. A value of 0 indicates the natural mask.

mask: Specifies the mask for IPv4 proximity entries.

Examples

# Set the mask length for IPv4 proximity entries to 30.

<Sysname> system-view

[Sysname] loadbalance proximity

[Sysname-lb-proximity] ip mask 30

ip range

Use ip range to specify an IPv4 address range for an SNAT address pool.

Use undo ip range to restore the default.

Syntax

ip range start start-ipv4-address end end-ipv4-address

undo ip range

Default

No IPv4 address range is specified for an SNAT address pool.

Views

SNAT address pool view

Predefined user roles

network-admin

Parameters

start start-ipv4-address: Specifies the start IPv4 address.

end end-ipv4-address: Specifies the end IPv4 address, which must be greater than or equal to the start IPv4 address.

Usage guidelines

An SNAT address pool can have a maximum of 256 IPv4 addresses. No overlapping IPv4 addresses are allowed in different SNAT address pools.

Examples

# Specify IPv4 address range 1.1.1.1 to 1.1.1.100 for the SNAT address pool lbsp.

<Sysname> system-view

[Sysname] loadbalance snat-pool lbsp

[Sysname-lbsnat-pool-lbsp] ip range start 1.1.1.1 end 1.1.1.100

ipv6

Use ipv6 to configure the IPv6 sticky method.

Use undo ipv6 to restore the default.

Syntax

ipv6 [ port ] { both | destination | source } [ prefix prefix-length ]

undo ipv6

Default

No IPv6 sticky method is configured.

Views

Sticky group view

Predefined user roles

network-admin

Parameters

port: Specifies the sticky method as IPv6 address + port number. If you do not specify this keyword, the sticky method is IPv6 address.

both: Specifies the sticky method as source IPv6 address + destination IPv6 address if you do not specify the port keyword, or source IPv6 address + source port number + destination IPv6 address + destination port number if you specify the port keyword.

destination: Specifies the sticky method as destination IPv6 address if you do not specify the port keyword, or destination IPv6 address + destination port number if you specify the port keyword.

source: Specifies the sticky method as source IPv6 address if you do not specify the port keyword, or source IPv6 address + source port number if you specify the port keyword.

prefix prefix-length: Specifies the prefix length for the sticky method.

Examples

# Configure the sticky method for the address- and port-based sticky group sg1 as source IPv6 address.

<Sysname> system-view

[Sysname] sticky-group sg1 type address-port

[Sysname-sticky-address-port-sg1] ipv6 source

# Configure the sticky method for the address- and port-based sticky group sg1 as source IPv6 address + source port number.

<Sysname> system-view

[Sysname] sticky-group sg1 type address-port

[Sysname-sticky-address-port-sg1] ipv6 port source

Related commands

sticky-group

ipv6 address (DNS server view)

Use ipv6 address to configure an IPv6 address for a DNS server.

Use undo ipv6 address to restore the default.

Syntax

ipv6 address ipv6-address

undo ipv6 address

Default

No IPv6 address is configured for a DNS server.

Views

DNS server view

Predefined user roles

network-admin

Parameters

ipv6-address: Specifies an IPv6 address, which cannot be a loopback address, IPv6 multicast address, link-local address, or all-zero address.

Usage guidelines

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Configure the IPv6 address for DNS server ds1 as 1001::1.

<Sysname> system-view

[Sysname] loadbalance dns-server ds1

[Sysname-lb-ds-ds1] ipv6 address 1001::1

ipv6 address (transparent DNS proxy view)

Use ipv6 address to configure an IPv6 address for a transparent DNS proxy.

Use undo ipv6 address to restore the default.

Syntax

ipv6 address ipv6-address [ prefix-length ]

undo ipv6 address

Default

No IPv6 address is configured for a transparent DNS proxy.

Views

Transparent DNS proxy view

Predefined user roles

network-admin

Parameters

ipv6-address: Specifies an IPv6 address, which cannot be a loopback address, IPv6 multicast address, link-local address, or all-zero address (If the prefix length is 0, you can specify the all-zero address.).

prefix-length: Specifies a prefix length for the IPv6 address, in the range of 0 to 128.

Usage guidelines

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Configure the IPv6 address for transparent DNS proxy dns-proxy1 as 1::2:3/112.

<Sysname> system-view

[Sysname] loadbalance dns-proxy dns-proxy1

[Sysname-lb-dp-udp-dns-proxy1] ipv6 address 1::2:3 112

ipv6 address (ISP view)

Use ipv6 address to configure an IPv6 address for an ISP.

Use undo ipv6 address to restore the default.

Syntax

ipv6 address ipv6-address prefix-length

undo ipv6 address ipv6-address prefix-length

Default

No IPv6 address is configured for an ISP.

Views

ISP view

Predefined user roles

network-admin

Parameters

ipv6-address: Specifies an IPv6 address.

prefix-length: Specifies the prefix length for the IPv6 address, in the range of 1 to 128.

Examples

# Configure the IPv6 address for the ISP isp1 as 200::1.

<Sysname> system-view

[Sysname] loadbalance isp name isp1

[Sysname-lbisp-isp1] ipv6 address 200::1 100

ipv6 prefix

Use ipv6 prefix to configure the prefix length for IPv6 proximity entries.

Use undo ipv6 prefix to restore the default.

Syntax

ipv6 prefix prefix-length

undo ipv6 prefix

Default

The prefix length for IPv6 proximity entries is 96.

Views

Proximity view

Predefined user roles

network-admin

Parameters

prefix-length: Specifies the prefix length for IPv6 proximity entries, in the range of 1 to 128.

Examples

# Specify the prefix length for IPv6 proximity entries as 64.

<Sysname> system-view

[Sysname] loadbalance proximity

[Sysname-lb-proximity] ipv6 prefix 64

ipv6 range

Use ip range to specify an IPv6 address range for an SNAT address pool.

Use undo ip range to restore the default.

Syntax

ipv6 range start start-ipv6-address end end-ipv6-address

undo ipv6 range

Default

No IPv6 address range is specified for an SNAT address pool.

Views

SNAT address pool view

Predefined user roles

network-admin

Parameters

start start-ipv6-address: Specifies the start IPv6 address.

end end-ipv6-address: Specifies the end IPv6 address, which must be greater than or equal to the start IPv6 address.

Usage guidelines

An SNAT address pool can have a maximum of 65536 IPv6 addresses. No overlapping IPv6 addresses are allowed in different SNAT address pools.

Examples

# Specify IPv6 address range 1001::1 to 1001::100 for the SNAT address pool lbsp.

<Sysname> system-view

[Sysname] loadbalance snat-pool lbsp

[Sysname-lbsnat-pool-lbsp] ipv6 range start 1001::1 end 1001::100

lb-policy (transparent DNS proxy view)

Use lb-policy to specify an LB policy to be referenced by a transparent DNS proxy.

Use undo lb-policy to restore the default.

Syntax

lb-policy policy-name

undo lb-policy

Default

No LB policy is referenced by a transparent DNS proxy.

Views

Transparent DNS proxy view

Predefined user roles

network-admin

Parameters

policy-name: Specifies an LB policy by its name, a case-insensitive string of 1 to 63 characters.

Usage guidelines

By referencing an LB policy, a transparent DNS proxy implements load balancing for matching packets based on the packet contents.

A transparent DNS proxy can reference only a DNS policy template.

Examples

# Specify the LB policy dns-policy1 to be referenced by transparent DNS proxy dns-proxy1.

<Sysname> system-view

[Sysname] loadbalance dns-proxy dns-proxy1

[Sysname-lb-dp-udp-dns-proxy1] lb-policy dns-policy1

lb-policy (virtual server view)

Use lb-policy to specify an LB policy to be referenced by the specified virtual server.

Use undo lb-policy to restore the default.

Syntax

lb-policy policy-name

undo lb-policy

Default

No LB policy is referenced by a virtual server.

Views

Virtual server view

Predefined user roles

network-admin

Parameters

policy-name: Specifies an LB policy by its name, a case-insensitive string of 1 to 63 characters.

Usage guidelines

By referencing an LB policy, the virtual server implements load balancing for matching packets based on the packet contents.

A virtual server can reference only a link-generic policy template.

Examples

# Specify the LB policy lbp1 to be referenced by the link-IP-type virtual server vs3.

<Sysname> system-view

[Sysname] virtual-server vs3 type link-ip

[Sysname-vs-link-ip-vs3] lb-policy lbp1

link

Use link to associate a link with a DNS server.

Use undo link to restore the default.

Syntax

link link-name

undo link

Default

No link is associated with a DNS server.

Views

DNS server view

Predefined user roles

network-admin

Parameters

link-name: Specifies a link by its name, a case-insensitive string of 1 to 63 characters.

Usage guidelines

A DNS server can be associated with only one link. A link can be associated with multiple DNS servers.

Examples

# Associate link link1 with DNS server ds1.

<Sysname> system-view

[Sysname] loadbalance dns-server ds1

[Sysname-lb-ds-ds1] link link1

link-group (LB action view)

Use link-group to specify the primary link group.

Use undo link-group to restore the default.

Syntax

link-group link-group-name [ backup backup-link-group-name ] [ sticky sticky-name ]

undo link-group

Default

No primary link group is specified.

Views

LB action view

Predefined user roles

network-admin

Parameters

link-group-name: Specifies a primary link group name, a case-insensitive string of 1 to 63 characters.

backup backup-link-group-name: Specifies a backup link group name, a case-insensitive string of 1 to 63 characters.

sticky sticky-name: Specifies the name of the sticky group corresponding to the link group. It is a case-insensitive string of 1 to 63 characters.

Usage guidelines

The link-group and forward all commands are mutually exclusive. If you configure one command, the other command (if configured) is automatically cancelled.

When the primary link group is available (contains links), packets are forwarded through the primary link group. When the primary link group is not available, packets are forwarded through the backup link group.

Examples

# Specify the primary link group lg, the backup link group lgb, and the sticky group sg1 for the link-generic LB action lba1.

<Sysname> system-view

[Sysname] loadbalance action lba1 type link-generic

[Sysname-lba-link-generic-lba1] server-farm sf backup sfb sticky sg1

Related commands

forward all

link-group (link view)

Use link-group to specify a link group for a link.

Use undo link-group to restore the default.

Syntax

link-group link-group-name

undo link-group

Default

A link does not belong to any link group.

Views

Link view

Predefined user roles

network-admin

Parameters

link-group-name: Specifies a link group name, a case-insensitive string of 1 to 63 characters.

Usage guidelines

The device selects the best link from the matching link group to perform link load balancing.

Examples

# Specify the link group lkg1 for the link lk1.

<Sysname> system-view

[Sysname] loadbalance link lk1

[Sysname-lb-link-lk1] link-group lkg1

loadbalance action

Use loadbalance action to create an LB action and enter its view, or enter the view of an existing LB action.

Use undo loadbalance action to delete the specified LB action.

Syntax

loadbalance action action-name [ type { dns | link-generic } ]

undo loadbalance action action-name

Default

No LB actions exist.

Views

System view

Predefined user roles

network-admin

Parameters

action-name: Specifies the LB action name, a case-insensitive string of 1 to 63 characters.

type { dns | link-generic }: Specifies an LB action type.

· dns: DNS load balancing action.

· link-generic: Link load balancing action.

Usage guidelines

When you create an LB action, you must specify the LB action type. You can enter an existing LB action view without entering the type of the LB action.

Examples

# Create the LB action lba1 with the link-generic type, and enter LB action view.

<Sysname> system-view

[Sysname] loadbalance action lba1 type link-generic

[Sysname-lba-link-generic-lba1]

loadbalance alg

Use loadbalance alg to enable ALG for the specified protocols.

Use undo loadbalance alg to disable ALG for the specified protocols.

Syntax

loadbalance alg { dns | ftp | h323 | icmp-error | ils | mgcp | nbt | pptp | rsh | rtsp | sccp | sip | sqlnet | tftp | xdmcp }

undo loadbalance alg { dns | ftp | h323 | icmp-error | ils | mgcp | nbt | pptp | rsh | rtsp | sccp | sip | sqlnet | tftp | xdmcp }

Default

ALG is enabled for dns, ftp, pptp, icmp-error, and rtsp.

Views

System view

Predefined user roles

network-admin

Parameters

dns: Specifies the DNS protocol.

ftp: Specifies the FTP protocol.

h323: Specifies the H.323 protocol.

icmp-error: Specifies the ICMP error packets.

ils: Specifies the Internet Locator Service (ILS) protocol.

mgcp: Specifies the Media Gateway Control Protocol (MGCP).

nbt: Specifies the NetBIOS over TCP/IP (NBT) protocol.

pptp: Specifies the Point-to-Point Tunneling Protocol (PPTP).

rsh: Specifies the Remote Shell (RSH) protocol.

rtsp: Specifies the Real Time Streaming Protocol (RTSP).

sccp: Specifies the Skinny Client Control Protocol (SCCP).

sip: Specifies the Session Initiation Protocol (SIP).

sqlnet: Specifies the SQLNET protocol.

tftp: Specifies the TFTP protocol.

xdmcp: Specifies the X Display Manager Control Protocol (XDMCP).

Usage guidelines

The ALG feature distributes parent and child sessions to the same link.

Examples

# Enable ALG for TFTP.

<Sysname> system-view

[Sysname] loadbalance alg tftp

loadbalance alg all-enable

Use loadbalance alg all-enable to enable ALG for all protocols.

Use loadbalance alg all-disable to disable ALG for all protocols.

Syntax

loadbalance alg all-enable

loadbalance alg all-disable

Default

ALG is enabled for dns, ftp, pptp, icmp-error, and rtsp.

Views

System view

Predefined user roles

network-admin

Examples

# Enable ALG for all protocols.

<Sysname> system-view

[Sysname] loadbalance alg all-enable

loadbalance class

Use loadbalance class to create an LB class and enter its view, or enter the view of an existing LB class.

Use undo loadbalance class to delete the specified LB class.

Syntax

loadbalance class class-name [ type { dns | link-generic } [ match-all | match-any ] ]

undo loadbalance class class-name

Default

No LB classes exist.

Views

System view

Predefined user roles

network-admin

Parameters

class-name: Specifies the LB class name, a case-insensitive string of 1 to 63 characters.

type { dns | link-generic }: Specifies an LB class type.

· dns: DNS load balancing class.

· link-generic: Link load balancing class.

[ match-all | match-any ]: Requires matching all rules or any rule of the LB class. match-all is the default match mode.

Usage guidelines

When you create an LB class, you must specify an LB class type. You can enter an existing LB class view without entering the type of the LB class.

Examples

# Create the LB class lbc1 with the link-generic type, and enter LB class view.

<Sysname> system-view

[Sysname] loadbalance class lbc1 type link-generic

[Sysname-lbc-link-generic-lbc1]

loadbalance dns-proxy

Use loadbalance dns-proxy to create a transparent DNS proxy and enter its view, or enter the view of an existing transparent DNS proxy.

Use undo loadbalance dns-proxy to delete a transparent DNS proxy.

Syntax

loadbalance dns-proxy dns-proxy-name type udp

undo loadbalance dns-proxy dns-proxy-name

Default

No transparent DNS proxies exist.

Views

System view

Predefined user roles

network-admin

Parameters

dns-proxy-name: Specifies the transparent DNS proxy name, a case-insensitive string of 1 to 63 characters.

type udp: Specifies the transparent DNS proxy type as UDP.

Examples

# Create the UDP transparent DNS proxy dns-proxy1, and enter UDP transparent DNS proxy view.

<Sysname> system-view

[Sysname] loadbalance dns-proxy dns-proxy1 type udp

[Sysname-lb-dp-udp-dns-proxy1]

Related commands

display loadbalance dns-proxy

loadbalance dns-server

Use loadbalance dns-server to create a DNS server and enter its view, or enter the view of an existing DNS server.

Use undo loadbalance dns-server to delete a DNS server.

Syntax

loadbalance dns-server dns-server-name

undo loadbalance dns-server dns-server-name

Default

No DNS servers exist.

Views

System view

Predefined user roles

network-admin

Parameters

dns-server-name: Specifies the DNS server name, a case-insensitive string of 1 to 63 characters.

Examples

# Create the DNS server ds1, and enter DNS server view.

<Sysname> system-view

[Sysname] loadbalance dns-server ds1

[Sysname-lb-ds-ds1]

loadbalance dns-server-pool

Use loadbalance dns-server-pool to create a DNS server pool and enter its view, or enter the view of an existing DNS server pool.

Use undo loadbalance dns-server-pool to delete a DNS server pool.

Syntax

loadbalance dns-server-pool pool-name

undo loadbalance dns-server-pool pool-name

Default

No DNS server pools exist.

Views

System view

Predefined user roles

network-admin

Parameters

pool-name: Specifies the DNS server pool name, a case-insensitive string of 1 to 63 characters.

Examples

# Create the DNS server pool dns-pool1, and enter DNS server pool view.

<Sysname> system-view

[Sysname] loadbalance dns-server-pool dns-pool1

[Sysname-lb-dspool-dns-pool1]

loadbalance isp file

Use loadbalance isp file to import an ISP file.

Use undo loadbalance isp file to delete an ISP file.

Syntax

loadbalance isp file isp-file-name

undo loadbalance isp file

Views

System view

Predefined user roles

network-admin

Parameters

isp-file-name: Specifies the ISP file name, a case-insensitive string of 1 to 255 characters.

Usage guidelines

The system keeps the imported information intact when detecting the following problems:

· The file does not exist.

· The file name is invalid.

· File decryption occurs.

If the system quits the import operation because of IP address parsing failure, the system performs the following operations:

· Clears the most recently imported information.

· Saves the information imported this time.

You cannot delete the imported ISP and its IPv4 or IPv6 address. If the manually configured and imported ISP information overlaps, you can delete the manually configured ISP information.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Import the ISP file isp2.

<Sysname> system-view

[Sysname] loadbalance isp file isp2

loadbalance isp name

Use loadbalance isp name to create an ISP and enter its view, or enter the view of an existing ISP.

Use undo loadbalance isp name to delete the specified ISP.

Syntax

loadbalance isp name isp-name

undo loadbalance isp name isp-name

Default

No ISPs exist.

Views

System view

Predefined user roles

network-admin

Parameters

isp-name: Specifies the ISP name, a case-insensitive string of 1 to 63 characters.

Examples

# Create ISP isp1, and enter ISP view.

<Sysname> system-view

[Sysname] loadbalance isp name isp1

[Sysname-lbisp-isp1]

loadbalance link

Use loadbalance link to create an LB link and enter its view, or enter the view of an existing LB link.

Use undo loadbalance link to delete an LB link.

Syntax

loadbalance link link-name

undo loadbalance link link-name

Default

No LB links exist.

Views

System view

Predefined user roles

network-admin

Parameters

link-name: Specifies the LB link name, a case-insensitive string of 1 to 63 characters.

Usage guidelines

Each physical link connected to the external network corresponds to an LB link.

Examples

# Create the LB link lk1, and enter LB link view.

<Sysname> system-view

[Sysname] loadbalance link lk1

[Sysname-lb-link-lk1]

loadbalance link-group

Use loadbalance link-group to create a link group and enter its view, or enter the view of an existing link group.

Use undo loadbalance link-group to delete a link group.

Syntax

loadbalance link-group link-group-name

undo loadbalance link-group link-group-name

Default

No link groups exist.

Views

System view

Predefined user roles

network-admin

Parameters

link-group-name: Specifies the link group name, a case-insensitive string of 1 to 63 characters.

Usage guidelines

You can add links that contain similar functions to a link group to facilitate management.

Examples

# Create the link group lg, and enter link group view.

<Sysname> system-view

[Sysname] loadbalance link-group lg

[Sysname-lb-lgroup-lg]

loadbalance policy

Use loadbalance policy to create an LB policy and enter its view, or enter the view of an existing LB policy.

Use undo loadbalance policy to delete the specified LB policy.

Syntax

loadbalance policy policy-name [ type { dns | link-generic } ]

undo loadbalance policy policy-name

Default

No LB policies exist.

Views

System view

Predefined user roles

network-admin

Parameters

policy-name: Specifies the LB policy name, a case-insensitive string of 1 to 63 characters.

type { dns | link-generic }: Specifies an LB policy type.

· dns: DNS load balancing policy.

· link-generic: Link load balancing policy.

Usage guidelines

When you create an LB policy, you must specify the LB policy type. You can enter existing LB policy view without entering the type of the LB policy.

Examples

# Create the LB policy lbp1 with the link-generic type, and enter LB policy view.

<Sysname> system-view

[Sysname] loadbalance policy lbp1 type link-generic

[Sysname-lbp-link-generic-lbp1]

loadbalance proximity

Use loadbalance proximity to create proximity and enter its view, or enter the view of the existing proximity.

Use undo loadbalance proximity to delete proximity view and clear all configuration in proximity view.

Syntax

loadbalance proximity

undo loadbalance proximity

Views

System view

Predefined user roles

network-admin

Examples

# Create and enter proximity view.

<Sysname> system-view

[Sysname] loadbalance proximity

[Sysname-lb-proximity]

loadbalance schedule-test ip

Use loadbalance schedule-test ip to perform an IPv4 load balancing test.

Syntax

loadbalance schedule-test ip { protocol { protocol-number | icmp | tcp | udp } } destination destination-address destination-port destination-port source source-address source-port source-port

Views

Any view

Predefined user roles

network-admin

Parameters

protocol { protocol-number | icmp | tcp | udp }: Specifies a protocol by its number in the range of 0 to 255 or by its name. For ICMP (1), TCP (6), and UDP (17), you can enter the protocol number or protocol name.

destination destination-address: Specifies the destination IPv4 address.

destination-port destination-port: Specifies the destination port number in the range of 0 to 65535. This option is not supported by some protocols.

source source-address: Specifies the source IPv4 address.

source-port source-port: Specifies the source port number in the range of 0 to 65535. This option is not supported by some protocols.

Examples

# Perform an IPv4 load balancing test for the TCP protocol.

<Sysname> loadbalance schedule-test ip protocol tcp destination 7.7.7.7 destination-port 4 source 2.2.2.2 source-port 5

Matched virtual server: vs2

Matched default link group: lg

Forward type: Forwarding to link

Selected link: link2

Scheduling algorithm: Predictor

Table 25 Command output

Field	Description
Forward type	Forwarding mode: · The destination address is not supported. Load balancing is not performed. · Forward all—Forwards packets. · Forwarding to link—Forwards packets to the link. · Drop—Drops packets. · Waiting—Enqueues packets.
Drop reason	Packet drop reason: · Number of connections or bandwidth for the virtual server exceeded the limit. · No class matched and no valid default link group configured. · No valid link in the link group. · Action is drop. · A sticky entry was matched but the number of connections or bandwidth for the link exceeded the limit. · A class was matched but no valid link group exists in the action of the class. · Queue overflow (which means the wait queue is full).
Scheduling algorithm	Scheduling algorithm used to select the link: · Predicator—The link is selected by using the scheduling algorithm. · Sticky method—The link is selected by using the sticky method. · Proximity—The link is selected by using the proximity feature.

loadbalance schedule-test ipv6

Use loadbalance schedule-test ipv6 to perform an IPv6 load balancing test.

Syntax

loadbalance schedule-test ipv6 { protocol { protocol-number | icmpv6 | tcp | udp } } destination destination-address destination-port destination-port source source-address source-port source-port

Views

Any view

Predefined user roles

network-admin

Parameters

protocol { protocol-number | icmpv6 | tcp | udp }: Specifies a protocol by its number in the range of 0 to 255 or by its name. For ICMPv6 (58), TCP (6), and UDP (17), you can enter the protocol number or protocol name.

destination destination-address: Specifies the destination IPv6 address.

destination-port destination-port: Specifies the destination port number in the range of 0 to 65535. This option is not supported by some protocols.

source source-address: Specifies the source IPv6 address.

source-port source-port: Specifies the source port number in the range of 0 to 65535. This option is not supported by some protocols.

Examples

# Schedule an IPv6 load balancing test for the ICMPv6 protocol.

<Sysname> loadbalance schedule-test ipv6 protocol icmpv6 destination 10::1 source 12::2

Matched virtual server: vs2

Matched default link group: lg

Forward type: Forwarding to link

Selected link: link2

Scheduling algorithm: Predictor

Table 26 Command output

Field	Description
Forward type	Forwarding mode: · The destination address is not supported. Load balancing is not performed. · Forward all—Forwards packets. · Forwarding to link—Forwards packets to the link. · Drop—Drops packets. · Waiting—Enqueues packets.
Drop reason	Packet drop reason: · Number of connections or bandwidth for the virtual server exceeded the limit. · No class matched and no valid default link group configured. · No valid link in the link group. · Action is drop. · A sticky entry was matched but the number of connections or bandwidth for the link exceeded the limit. · A class was matched but no valid link group exists in the action of the class. · Queue overflow (which means the wait queue is full).
Scheduling algorithm	Scheduling algorithm used to select the link: · Predicator—The link is selected by using the scheduling algorithm. · Sticky method—The link is selected by using the sticky method. · Proximity—The link is selected by using the proximity feature.

loadbalance snat-pool

Use loadbalance snat-pool to create an SNAT address pool and enter its view, or enter the view of an existing SNAT address pool.

Use undo loadbalance snat-pool to delete the specified SNAT address pool.

Syntax

loadbalance snat-pool pool-name

undo loadbalance snat-pool pool-name

Default

No SNAT address pools exist.

Views

System view

Predefined user roles

network-admin

Parameters

pool-name: Specifies the SNAT address pool name, a case-insensitive string of 1 to 63 characters.

Examples

# Create the SNAT address pool lbsp, and enter SNAT address pool view.

<Sysname> system-view

[Sysname] loadbalance snat-pool lbsp

[Sysname-lbsnat-pool-lbsp]

match

Use match to specify the proximity probe method for packets.

Use undo match to restore the default.

Syntax

match [ match-id ] tcp probe nqa-template

undo match match-id

Default

No proximity probe method is specified.

Views

Proximity view

Predefined user roles

network-admin

Parameters

match-id: Specifies a proximity probe method by its ID in the range of 1 to 65535. If the rule does not exist, the command creates the proximity probe method. If the rule already exists, the command modifies the proximity probe method. If you do not specify this argument, the system automatically assigns an available rule ID with the smallest available ID.

tcp: Specifies TCP packets.

probe nqa-template: Specifies an NQA template by its name, a case-insensitive string of 1 to 32 characters.

Usage guidelines

If the match command is configured, the specified proximity probe method applies. If no packets match the type in the match command or the match command is not configured, the default proximity probe method specified by using the match default command applies.

You can specify only one proximity probe method for each type of packets.

Examples

# Create the ICMP-type NQA template t4, and specify the NQA template as the proximity probe method for TCP packets.

<Sysname> system-view

[Sysname] nqa template icmp t4

[Sysname-nqatplt-icmp-t4] quit

[Sysname] loadbalance proximity

[Sysname-lb-proximity] match tcp probe t4

Related commands

match default

match acl

Use match acl to create an ACL match rule or modify an existing ACL match rule.

Use undo match to delete a match rule.

Syntax

match [ match-id ] acl [ ipv6 ] { acl-number | name acl-name }

undo match match-id

Default

No match rules exist.

Views

LB class view

Predefined user roles

network-admin

Parameters

match-id: Specifies a match rule by its ID in the range of 1 to 65535. If you do not specify this argument, the system automatically assigns an available rule ID with the smallest number.

ipv6: Specifies an IPv6 ACL. If you do not specify this keyword, the command creates an IPv4 ACL.

acl-number: Specifies the ACL number in the range of 2000 to 3999.

name acl-name: Specifies an ACL by its name, a case-insensitive string of 1 to 63 characters starting with a letter.

Usage guidelines

If the specified ACL does not exist, this rule is not matched.

You can create a maximum of 65535 match rules for an LB class.

Examples

# Create an ACL match rule for the link-generic LB class lbc1.

<Sysname> system-view

[Sysname] loadbalance class lbc1 type link-generic

[Sysname-lbc-link-generic-lbc1] match acl 2000

match app-group

Use match app-group to create an application group match rule or modify an existing application group match rule.

Use undo match app-group to delete a match rule.

Syntax

match [ match-id ] app-group group-name

undo match match-id

Default

No match rules exist.

Views

Link-generic LB class view

Predefined user roles

network-admin

Parameters

match-id: Specifies a match rule ID in the range of 1 to 65535. If you do not specify this argument, the system automatically assigns an available rule ID with the smallest number.

app-group group-name: Specifies an application group by its name, a case-insensitive string of 1 to 63 characters.

Usage guidelines

If the specified application group does not exist, the rule does not take effect.

Examples

# Create an application group match rule for the link-generic LB class lbc1.

<Sysname> system-view

[Sysname] loadbalance class lbc1 type link-generic

[Sysname-lbc-link-generic-lbc1] match app-group http

Related commands

app-group (Security Command Reference)

match class

Use match class to create a match rule that references an LB class or modify an existing match rule that references an LB class.

Use undo match to delete a match rule.

Syntax

match [ match-id ] class class-name

undo match match-id

Default

An LB class does not have a match rule.

Views

LB class view

Predefined user roles

network-admin

Parameters

match-id: Specifies a match rule by its ID in the range of 1 to 65535. If you do not specify this argument, the system automatically assigns an available rule ID with the smallest number.

class-name: Specifies an LB class by its name, a case-insensitive string of 1 to 63 characters, to be referenced by the match rule. The current LB class cannot be referenced.

Usage guidelines

A match rule cannot reference an LB class that has already been referenced.

You can create a maximum of 65535 match rules for an LB class.

Examples

# Create a match rule that references the LB class lbc2 for the link-generic LB class lbc1.

<Sysname> system-view

[Sysname] loadbalance class lbc1 type link-generic

[Sysname-lbc-link-generic-lbc1] match class lbc2

match default

Use match default to specify the default proximity probe method.

Use undo match default to restore the default.

Syntax

match default probe nqa-template

undo match default

Default

The default proximity probe method is not specified.

Views

Proximity view

Predefined user roles

network-admin

Parameters

probe nqa-template: Specifies an NQA template by its name, a case-insensitive string of 1 to 32 characters.

Usage guidelines

Examples

# Create the ICMP-type NQA template t4, and specify the NQA template as the default proximity probe method.

<Sysname> system-view

[Sysname] nqa template icmp t4

[Sysname-nqatplt-icmp-t4] quit

[Sysname] loadbalance proximity

[Sysname-lb-proximity] match default probe t4

Related commands

match

nqa template (Network Management and Monitoring Command Reference)

match destination

Use match destination to create a destination IP address match rule or modify an existing destination IP address match rule.

Use undo match to delete a match rule.

Syntax

match [ match-id ] destination { ip address ipv4-address [ mask-length | mask ] | ipv6 address ipv6-address [ prefix-length ] }

undo match match-id

Default

An LB class does not have a match rule.

Views

DNS/Link-generic LB class view

Predefined user roles

network-admin

Parameters

match-id: Specifies a match rule by its ID in the range of 1 to 65535. If you do not specify this argument, the system automatically assigns an available rule ID with the smallest number.

ip address ipv4-address: Specifies an IPv4 address.

mask-length: Specifies a mask length in the range of 0 to 32. The default is 32.

mask: Specifies a subnet mask. The default is 255.255.255.255.

ipv6 address ipv6-address: Specifies an IPv6 address.

prefix-length: Specifies a prefix length in the range of 0 to 128. The default is 128.

Usage guidelines

You can create a maximum of 65535 match rules for an LB class.

Examples

# Create a match rule to match destination IPv4 address 1.1.1.1/32 for the DNS LB class lbc1.

<Sysname> system-view

[Sysname] loadbalance class lbc1 type dns

[Sysname-lbc-dns-lbc1] match destination ip address 1.1.1.1

# Create a match rule to match destination IPv4 address 1.1.1.1/32 for the link-generic LB class lbc2.

<Sysname> system-view

[Sysname] loadbalance class lbc2 type link-generic

[Sysname-lbc-link-generic-lbc2] match destination ip address 1.1.1.1

match destination domain-name

Use match destination domain-name to create a domain name match rule or modify an existing domain name match rule.

Use undo match to delete a match rule.

Syntax

match [ match-id ] destination domain-name domain-name

undo match match-id

Default

An LB class does not have a match rule.

Views

Link-generic LB class view

Predefined user roles

network-admin

Parameters

match-id: Specifies a match rule by its ID in the range of 1 to 65535. If you do not specify this argument, the system automatically assigns an available rule ID with the smallest number.

domain-name: Specifies a domain name, a case-insensitive string of 1 to 253 characters. Each dot-separated part in the domain name can contain a maximum of 63 characters. The domain name can contain letters, digits, hyphens (-), underscores (_), dots (.), and wildcards (asterisks and question marks).

Usage guidelines

When you use wildcards (asterisks and question marks) in a domain name, follow these guidelines:

· The wildcards can substitute any characters except for dots (.).

· An asterisk (*) can substitute a character string.

· A question mark (?) can substitute a single character.

You can create a maximum of 65535 match rules for an LB class.

Examples

# Create a domain name match rule for the link-generic LB class lbc1 to match domain name www.abc.com.

<Sysname> system-view

[Sysname] loadbalance class lbc1 type link-generic

[Sysname-lbc-link-generic-lbc1] match destination domain-name www.aaa.com

match domain-name

Use match domain-name to create a domain name match rule or modify an existing domain name match rule.

Use undo match to delete a match rule.

Syntax

match [ match-id ] domain-name domain-name

undo match match-id

Default

An LB class does not have a match rule.

Views

DNS LB class view

Predefined user roles

network-admin

Parameters

match-id: Specifies a match rule by its ID in the range of 1 to 65535. If you do not specify this argument, the system automatically assigns an available rule ID with the smallest number.

Usage guidelines

When you use wildcards (asterisks and question marks) in a domain name, follow these guidelines:

· The wildcards can substitute any characters except for dots (.).

· An asterisk (*) can substitute a character string.

· A question mark (?) can substitute a single character.

You can create a maximum of 65535 match rules for an LB class.

Examples

# Create a domain name match rule for DNS LB class lbc1 to match domain name www.abc.com.

<Sysname> system-view

[Sysname] loadbalance class lbc1 type dns

[Sysname-lbc-dns-lbc1] match domain-name www.abc.com

match isp

Use match isp to create an ISP match rule or modify an existing ISP match rule.

Use undo match to delete a match rule.

Syntax

match [ match-id ] isp isp-name

undo match match-id

Default

An LB class does not have a match rule.

Views

LB class view

Predefined user roles

network-admin

Parameters

match-id: Specifies a match rule by its ID in the range of 1 to 65535. If you do not specify this argument, the system automatically assigns an available rule ID with the smallest number.

isp-name: Specifies an ISP name, a case-insensitive string of 1 to 63 characters.

Usage guidelines

If the specified ISP does not exist or is not configured with an IP network segment, this rule is not matched.

You can create a maximum of 65535 match rules for an LB class.

Examples

# Create an ISP match rule for the link-generic LB class lbc1. Specify the ISP name as isp1.

<Sysname> system-view

[Sysname] loadbalance class lbc1 type link-generic

[Sysname-lbc-link-generic-lbc1] match isp isp1

match source

Use match source to create a source IP address match rule or modify an existing source IP address match rule.

Use undo match to delete a match rule.

Syntax

match [ match-id ] source { ip address ipv4-address [ mask-length | mask ] | ipv6 address ipv6-address [ prefix-length ] }

undo match match-id

Default

An LB class does not have a match rule.

Views

LB class view

Predefined user roles

network-admin

Parameters

match-id: Specifies a match rule by its ID in the range of 1 to 65535. If you do not specify this argument, the system automatically assigns an available rule ID with the smallest number.

source: Specifies the match rule type as source IP address.

ip address ipv4-address: Specifies an IPv4 address.

mask-length: Specifies a mask length in the range of 0 to 32. The default is 32.

mask: Specifies a subnet mask. The default is 255.255.255.255.

ipv6 address ipv6-address: Specifies an IPv6 address.

prefix-length: Specifies a prefix length in the range of 0 to 128. The default is 128.

Usage guidelines

You can create a maximum of 65535 match rules for an LB class.

Examples

# Create a match rule that matches source IP address 1.1.1.1/32 for the link-generic LB class lbc1.

<Sysname> system-view

[Sysname] loadbalance class lbc1 type link-generic

[Sysname-lbc-link-generic-lbc1] match source ip address 1.1.1.1

max-bandwidth

Use max-bandwidth to set the maximum expected bandwidth of an LB link.

Use undo max-bandwidth to restore the default.

Syntax

max-bandwidth [ inbound | outbound ] bandwidth-value

undo max-bandwidth [ inbound | outbound ]

Default

The maximum expected bandwidth of an LB link is not limited.

Views

Link view

Predefined user roles

network-admin

Parameters

inbound: Specifies the maximum inbound expected bandwidth.

outbound: Specifies the maximum outbound expected bandwidth.

bandwidth-value: Specifies the maximum expected bandwidth in the range of 0 to 4294967295 in KBps. The value 0 means the bandwidth is not limited.

Usage guidelines

If you do not specify the inbound or outbound keyword, the maximum expected bandwidth equals the inbound expected bandwidth plus the outbound expected bandwidth.

This command takes effect only on new sessions and does not take effect on existing sessions.

In addition to being used for link protection, the maximum expected bandwidth is used for remaining bandwidth calculation in the bandwidth algorithm, maximum bandwidth algorithm, and dynamic proximity algorithm.

Examples

# Set the maximum expected bandwidth of the LB link lk1 to 1 KBps.

<Sysname> system-view

[Sysname] loadbalance link lk1

[Sysname-lb-link-lk1] max-bandwidth 1

# Set the maximum inbound expected bandwidth of the LB link lk1 to 1 KBps.

<Sysname> system-view

[Sysname] loadbalance link lk1

[Sysname-lb-link-lk1] max-bandwidth inbound 1

# Set the maximum outbound expected bandwidth of the LB link lk1 to 1 KBps.

<Sysname> system-view

[Sysname] loadbalance link lk1

[Sysname-lb-link-lk1] max-bandwidth outbound 1

max-number

Use max-number to set the maximum number of proximity entries.

Use undo max-number to restore the default.

Syntax

max-number number

undo max-number

Default

The maximum number of proximity entries is not set.

Views

Proximity view

Predefined user roles

network-admin

Parameters

number: Specifies the maximum number of proximity entries, in the range of 0 to 10000000. The default value is 0, which indicates that the maximum number of proximity entries is not limited.

Examples

# Set the maximum number of proximity entries to 100.

<Sysname> system-view

[Sysname] loadbalance proximity

[Sysname-lb-proximity] max-number 100

override-limit enable

Use override-limit enable to ignore the limits for sessions that match sticky entries.

Use undo override-limit enable to remove the configuration.

Syntax

override-limit enable

undo override-limit enable

Default

The session limits apply to sessions that match sticky entries.

Views

Sticky group view

Predefined user roles

network-admin

Usage guidelines

Use this command to ignore the following limits for sessions that match sticky entries:

· Bandwidth and connection parameters on links.

· Bandwidth ratios and maximum expected bandwidths for links.

· LB connection limit policies on virtual servers.

This command takes effect only on new sessions and does not take effect on existing sessions.

Examples

# Ignore the limits for sessions that match sticky entries generated in the sticky group st.

<Sysname> system-view

[Sysname] sticky-group st type address-port

[Sysname-sticky-address-port-st] override-limit enable

parameter

Use parameter to specify a parameter profile to be referenced by a virtual server.

Use undo parameter to restore the default.

Syntax

parameter ip profile-name

undo parameter ip

Default

No parameter profile is referenced by a virtual server.

Views

Virtual server view

Predefined user roles

network-admin

Parameters

ip: Specifies an IP parameter profile.

profile-name: Specifies a parameter profile by its name, a case-insensitive string of 1 to 63 characters.

Usage guidelines

The virtual server references the parameter profile to implement analysis, processing, and optimization for service traffic.

Examples

# Specify the IP parameter profile pp2 to be referenced by the IP-type virtual server vs3.

<Sysname> system-view

[Sysname] virtual-server vs3 type ip

[Sysname-vs-ip-vs3] parameter ip pp2

parameter-profile

Use parameter-profile to create a parameter profile and enter its view, or enter the view of an existing parameter profile.

Use undo parameter-profile to delete the specified parameter profile.

Syntax

parameter-profile profile-name [ type ip ]

undo parameter-profile profile-name

Default

No parameter profiles exist.

Views

System view

Predefined user roles

network-admin

Parameters

profile-name: Specifies a parameter profile name, a case-insensitive string of 1 to 63 characters.

type ip: Specifies the parameter profile type as IP. When you create a parameter profile, you must specify the parameter profile type. You can enter an existing parameter profile view without entering the parameter profile type.

Usage guidelines

You can configure advanced parameters through the parameter profile. The virtual server references the parameter profile to implement analysis, processing, and optimization for service traffic.

Examples

# Create the IP parameter profile pp2, and enter parameter profile view.

<Sysname> system-view

[Sysname] parameter-profile pp2 type ip

[Sysname-para-ip-pp2]

port (DNS server view)

Use port to configure the port number of a DNS server.

Use undo port to restore the default.

Syntax

port port-number

undo port

Default

The port number of a DNS server is 0.

Views

DNS server view

Predefined user roles

network-admin

Parameters

port-number: Specifies a port number in the range of 0 to 65535. The value 0 means that the original port number is used.

Usage guidelines

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Specify the port number of DNS server ds1 as 5353.

<Sysname> system-view

[Sysname] loadbalance dns-server ds1

[Sysname-lb-ds-ds1] port 5353

port (transparent DNS proxy view)

Use port to configure the port number of a transparent DNS proxy.

Use undo port to restore the default.

Syntax

port port-number

undo port

Default

The port number of a transparent DNS proxy is 53.

Views

Transparent DNS proxy view

Predefined user roles

network-admin

Parameters

port-number: Specifies a port number in the range of 1 to 65535.

Usage guidelines

A transparent DNS proxy processes a DNS request only when the destination IP address and port number of the DNS request matches those of the transparent DNS proxy.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Specify the port number of transparent DNS proxy dns-proxy1 as 5353.

<Sysname> system-view

[Sysname] loadbalance dns-proxy dns-proxy1

[Sysname-lb-dp-dns-proxy1] port 5353

Related commands

display loadbalance dns-proxy

port (virtual server view)

Use port to configure the port number of a virtual server.

Use undo port to restore the default.

Syntax

port { port-number [ to port-number ] } &<1-n>

undo port

Default

The port number is 0 (indicates any port) for a virtual server.

Views

Virtual server view

Predefined user roles

network-admin

Parameters

port-number [ to port-number ] &<1-n>: Specifies a space-separated list of up to n port number items. Each port number item specifies a port number or a range of port numbers in the form of start-port-number to end-port-number. The value range for the port-number argument is 0 to 65535 (0 means any port) and the value range for n is 1 to 8.

Examples

# Specify the port number of the link-IP-type virtual server vs3 as 8080.

<Sysname> system-view

[Sysname] virtual-server vs3 type link-ip

[Sysname-vs-link-ip-vs3] port 8080

predictor (DNS server pool view)

Use predictor to specify a scheduling algorithm for a DNS server pool.

Use undo predictor to restore the default.

Syntax

predictor hash address { destination | source | source-ip-port } [ mask mask-length ] [ prefix prefix-length ]

predictor { random | round-robin | { bandwidth | max-bandwidth } [ inbound | outbound ] }

undo predictor

Default

The scheduling algorithm for a DNS server pool is weighted round robin.

Views

DNS server pool view

Predefined user roles

network-admin

Parameters

hash address: Specifies the hash algorithm based on the IP address.

destination: Specifies the hash algorithm based on the destination IP address.

source: Specifies the hash algorithm based on the source IP address.

source-ip-port: Specifies the hash algorithm based on the source IP address and port number.

mask mask-length: Specifies the mask length of the IPv4 address used in the hash algorithm. The value range for the mask-length argument is 0 to 32. The default is 32.

prefix prefix-length: Specifies the prefix length of the IPv6 address used in the hash algorithm. The value range for the prefix-length argument is 0 to 128. The default is 128.

random: Specifies the random algorithm, which randomly assigns DNS requests to DNS servers.

round-robin: Specifies the weighted round robin algorithm, which assigns DNS requests to DNS servers based on the weights of the DNS servers. A higher weight indicates more DNS requests will be assigned.

bandwidth: Specifies the bandwidth algorithm, which assigns DNS requests to DNS servers based on the weight and remaining bandwidth of the DNS servers.

max-bandwidth: Specifies the maximum bandwidth algorithm, which always assigns DNS requests to the DNS server corresponding to the idle link with the largest remaining bandwidth.

inbound: Selects a DNS server based on the inbound bandwidth.

outbound: Selects a DNS server based on the outbound bandwidth.

Usage guidelines

If you do not specify the inbound or outbound keyword, the total bandwidth is used to select a DNS server.

In the bandwidth algorithm and maximum bandwidth algorithm, the remaining bandwidth is the maximum expected bandwidth minus the current bandwidth. If the maximum expected bandwidth is not configured, the remaining bandwidth is the maximum bandwidth of the link minus the current bandwidth.

Examples

# Specify the scheduling algorithm as random for DNS server pool dns-pool.

<Sysname> system-view

[Sysname] loadbalance dns-server-pool dns-pool

[Sysname-lb-dspool-dns-pool] predictor random

Related commands

max-bandwidth (link view)

rate-limit bandwidth (link view)

predictor (link group view)

Use predictor to specify a scheduling algorithm for a link group.

Use undo predictor to restore the default.

Syntax

predictor hash address { destination | source | source-ip-port } [ mask mask-length ] [ prefix prefix-length ]

predictor { least-connection | random | round-robin | { bandwidth | max-bandwidth } [ inbound | outbound ] }

undo predictor

Default

The scheduling algorithm for a link group is weighted round robin.

Views

Link group view

Predefined user roles

network-admin

Parameters

hash address: Performs the hash algorithm based on IP address.

destination: Performs the hash algorithm based on destination IP address.

source: Performs the hash algorithm based on source IP address.

source-ip-port: Performs the hash algorithm based on source IP address and port number.

mask mask-length: Specifies the IPv4 address mask length, in the range of 0 to 32. The default is 32.

prefix prefix-length: Specifies the IPv6 address prefix length, in the range of 0 to 128. The default is 128.

least-connection: Specifies the weighted least connection algorithm. This algorithm always assigns new connections to the link with the fewest number of weighted active connections (the number of active connections divided by weight).

random: Specifies the random algorithm, which randomly assigns new connections to links.

round-robin: Specifies the weighted round robin algorithm, which assigns new connections to links based on the weights of links. A higher weight indicates more new connections will be assigned.

bandwidth: Specifies the bandwidth algorithm, which assigns packets to links based on the weight of the links and the bandwidth ratio.

max-bandwidth: Specifies the maximum bandwidth algorithm, which always assigns packets to the idle link with the largest remaining bandwidth.

inbound: Selects a link based on the inbound bandwidth.

outbound: Selects a link based on the outbound bandwidth.

Usage guidelines

If you do not specify the inbound or outbound keyword, the total bandwidth is used to select a link.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Specify the scheduling algorithm random for the link group lg.

<Sysname> system-view

[Sysname] loadbalance link-group lg

[Sysname-lb-lgroup-lg] predictor random

Related commands

max-bandwidth (link view)

rate-limit bandwidth (link view)

priority (DNS server view)

Use priority to set the priority of a DNS server.

Use undo priority to restore the default.

Syntax

priority priority

undo priority

Default

The priority of a DNS server is 4.

Views

DNS server view

Predefined user roles

network-admin

Parameters

priority: Specifies the priority value in the range of 1 to 8. A greater value means a higher priority.

Usage guidelines

Typically, only the DNS servers with the highest priority participate in scheduling. If the number of such DNS servers is smaller than the required minimum number, more DNS servers are selected by priority in descending order. If the allowed maximum number is exceeded after DNS servers with a certain priority are added, only some of the DNS servers with that priority are added.

Use this command together with the selected-server command in DNS server pool view.

Examples

# Set the priority of DNS server ds1 to 3.

<Sysname> system-view

[Sysname] loadbalance dns-server ds1

[Sysname-lb-ds-ds1] priority 3

Related commands

selected-server (DNS server pool view)

priority (link view)

Use priority to set the priority of a link.

Use undo priority to restore the default.

Syntax

priority priority

undo priority

Default

The priority of a link is 4.

Views

Link view

Predefined user roles

network-admin

Parameters

priority: Specifies the priority value in the range of 1 to 8. A greater value means a higher priority.

Usage guidelines

Typically only the links with the highest priority participate in scheduling. If the number of such links is smaller than the required minimum number, more links are selected by priority in descending order.

Examples

# Set the priority of the link lk1 to 3.

<Sysname> system-view

[Sysname] loadbalance link lk1

[Sysname-lb-link-lk1] priority 3

Related commands

selected-link

probe (DNS server pool view)

Use probe to specify a health monitoring method for a DNS server pool.

Use undo probe to restore the default.

Syntax

probe template-name

undo probe template-name

Default

No health monitoring method is specified for a DNS server pool.

Views

DNS server pool view

Predefined user roles

network-admin

Parameters

template-name: Specifies an NQA template by its name, a case-insensitive string of 1 to 32 characters.

Usage guidelines

Use the nqa template command to create an NQA template to be referenced by the health monitoring method. The DNS server pool uses the parameters defined in the NQA template to detect the availability of DNS servers.

The health monitoring method configuration in DNS server view takes precedence over the configuration in DNS server pool view.

Examples

# Create the ICMP-type NQA template t4, and specify the health monitoring method for the DNS server pool dns-pool as t4.

<Sysname> system-view

[Sysname] nqa template icmp t4

[Sysname-nqatplt-icmp-t4] quit

[Sysname] loadbalance dns-server-pool dns-pool

[Sysname-lb-dspool-dns-pool] probe t4

Related commands

nqa template (Network Management and Monitoring Command Reference)

success-criteria (DNS server pool view)

probe (DNS server view)

Use probe to specify a health monitoring method for a DNS server.

Use undo probe to restore the default.

Syntax

probe template-name

undo probe template-name

Default

No health monitoring method is specified for a DNS server.

Views

DNS server view

Predefined user roles

network-admin

Parameters

template-name: Specifies an NQA template by its name, a case-insensitive string of 1 to 32 characters.

Usage guidelines

Use the nqa template command to create an NQA template to be referenced by the health monitoring method.

The health monitoring method configuration in DNS server view takes precedence over the configuration in DNS server pool view.

Examples

# Create the ICMP-type NQA template t4, and specify the health monitoring method for DNS server ds1 as t4.

<Sysname> system-view

[Sysname] nqa template icmp t4

[Sysname-nqatplt-icmp-t4] quit

[Sysname] loadbalance dns-server ds1

[Sysname-lb-ds-ds1] probe t4

Related commands

nqa template (Network Management and Monitoring Command Reference)

success-criteria (DNS server view)

probe (link group view)

Use probe to specify a health monitoring method for a link group.

Use undo probe to restore the default.

Syntax

probe template-name

undo probe template-name

Default

No health monitoring method is specified for a link group.

Views

Link group view

Predefined user roles

network-admin

Parameters

template-name: Specifies an NQA template by its name, a case-insensitive string of 1 to 32 characters.

Usage guidelines

The link group uses the parameters defined in the NQA template to detect the availability of links.

The health monitoring method configuration in link view takes precedence over the configuration in link group view.

Examples

# Create the ICMP-type NQA template t4, and specify the health monitoring method for the link group lg as t4.

<Sysname> system-view

[Sysname] nqa template icmp t4

[Sysname-nqatplt-icmp-t4] quit

[Sysname] loadbalance link-group lg

[Sysname-lb-lgroup-lg] probe t4

Related commands

nqa template (Network Management and Monitoring Command Reference)

success-criteria (link group view)

probe (link view)

Use probe to specify a health monitoring method for an LB link.

Use undo probe to restore the default.

Syntax

probe template-name

undo probe template-name

Default

No health monitoring method is specified for an LB link.

Views

Link view

Predefined user roles

network-admin

Parameters

template-name: Specifies an NQA template by its name, a case-insensitive string of 1 to 32 characters.

Usage guidelines

Use the nqa template command to create an NQA template to be referenced by the health monitoring method.

You can configure multiple health monitoring methods for an LB link. By default, health monitoring succeeds only when all the specified health monitoring methods succeed. You can use the success-criteria command to specify the health monitoring success criteria for the LB link.

Examples

# Create the ICMP-type NQA template t4, and specify the health monitoring method for the LB link lk1 as t4.

<Sysname> system-view

[Sysname] nqa template icmp t4

[Sysname-nqatplt-icmp-t4] quit

[Sysname] loadbalance link lk1

[Sysname-lb-link-lk1] probe t4

Related commands

nqa template (Network Management and Monitoring Command Reference)

success-criteria (link view)

proximity enable

Use proximity enable to enable the proximity feature for a link group.

Use undo proximity enable to disable the proximity feature for a link group.

Syntax

proximity enable

undo proximity enable

Default

The proximity feature is disabled for a link group.

Views

Link group view

Predefined user roles

network-admin

Usage guidelines

The proximity feature takes precedence over the scheduling algorithm in selecting a link. If no link is selected according to the proximity feature, the scheduling algorithm is used.

Examples

# Enable the proximity feature for the link group lg.

<Sysname> system-view

[Sysname] loadbalance link-group lg

[Sysname-lb-lgroup-lg] proximity enable

rate-limit bandwidth (link view)

Use rate-limit bandwidth to set the maximum bandwidth of a link.

Use undo rate-limit bandwidth to restore the default.

Syntax

rate-limit bandwidth [ inbound | outbound ] bandwidth-value

undo rate-limit bandwidth [ inbound | outbound ]

Default

The maximum bandwidth of a link is not limited.

Views

Link view

Predefined user roles

network-admin

Parameters

inbound: Specifies the maximum inbound bandwidth.

outbound: Specifies the maximum outbound bandwidth.

bandwidth-value: Specifies the maximum bandwidth in the range of 0 to 4294967295 in KBps. The value 0 means the bandwidth is not limited.

Usage guidelines

If you do not specify the inbound or outbound keyword, the maximum bandwidth equals the inbound bandwidth plus the outbound bandwidth.

This command takes effect only on new sessions and does not take effect on existing sessions.

Examples

# Set the maximum bandwidth of the link lk1 to 1 KBps.

<Sysname> system-view

[Sysname] loadbalance link lk1

[Sysname-lb-link-lk1] rate-limit bandwidth 1

# Set the maximum inbound bandwidth of the link lk1 to 1 KBps.

<Sysname> system-view

[Sysname] loadbalance link lk1

[Sysname-lb-link-lk1] rate-limit bandwidth inbound 1

# Set the maximum outbound bandwidth of the link lk1 to 1 KBps.

<Sysname> system-view

[Sysname] loadbalance link lk1

[Sysname-lb-link-lk1] rate-limit bandwidth outbound 1

rate-limit bandwidth (virtual server view)

Use rate-limit bandwidth to set the maximum bandwidth of a virtual server.

Use undo rate-limit bandwidth to restore the default.

Syntax

rate-limit bandwidth [ inbound | outbound ] bandwidth-value

undo rate-limit bandwidth [ inbound | outbound ]

Default

The maximum bandwidth of a virtual server is not limited.

Views

Virtual server view

Predefined user roles

network-admin

Parameters

inbound: Specifies the maximum inbound bandwidth.

outbound: Specifies the maximum outbound bandwidth.

bandwidth-value: Specifies the maximum bandwidth in the range of 0 to 4294967295 in KBps. The value 0 means the bandwidth is not limited.

Usage guidelines

If you do not specify the inbound or outbound keyword, the maximum bandwidth equals the inbound bandwidth plus the outbound bandwidth.

Examples

# Set the maximum bandwidth of the link-IP-type virtual server vs3 to 1 KBps.

<Sysname> system-view

[Sysname] virtual-server vs3 type link-ip

[Sysname-vs-link-ip-vs3] rate-limit bandwidth 1

# Set the maximum inbound bandwidth of the link-IP-type virtual server vs3 to 1 KBps.

<Sysname> system-view

[Sysname] virtual-server vs3 type link-ip

[Sysname-vs-link-ip-vs3] rate-limit bandwidth inbound 1

# Set the maximum outbound bandwidth of the link-IP-type virtual server vs3 to 1 KBps.

<Sysname> system-view

[Sysname] virtual-server vs3 type link-ip

[Sysname-vs-link-ip-vs3] rate-limit bandwidth outbound 1

rate-limit connection (link view)

Use rate-limit connection to set the maximum number of connections per second of a link.

Use undo rate-limit connection to restore the default.

Syntax

rate-limit connection connection-number

undo rate-limit connection

Default

The maximum number of connections per second of a link is 0.

Views

Link view

Predefined user roles

network-admin

Parameters

connection-number: Specifies the maximum number of connections per second in the range of 0 to 4294967295. 0 means the number is not limited.

Usage guidelines

This command takes effect only on new sessions and does not take effect on existing sessions.

Examples

# Set the maximum number of connections per second of the link lk1 to 10000.

<Sysname> system-view

[Sysname] loadbalance link lk1

[Sysname-lb-link-lk1] rate-limit connection 10000

rate-limit connection (virtual server view)

Use rate-limit connection to set the maximum number of connections per second of a virtual server.

Use undo rate-limit connection to restore the default.

Syntax

rate-limit connection connection-number

undo rate-limit connection

Default

The maximum number of connections per second of a virtual server is 0.

Views

Virtual server view

Predefined user roles

network-admin

Parameters

connection-number: Specifies the maximum number of connections per second in the range of 0 to 4294967295. 0 means the number is not limited.

Examples

# Set the maximum number of connections per second of the link-IP-type virtual server vs3 to 10000.

<Sysname> system-view

[Sysname] virtual-server vs3 type link-ip

[Sysname-vs-link-ip-vs3] rate-limit connection 10000

reset loadbalance connections

Use reset loadbalance connections to clear application layer connections.

Syntax

reset loadbalance connections

Views

User view

Predefined user roles

network-admin

Usage guidelines

This command clears all application layer connections, including reused idle connections.

Examples

# Clear application layer connections.

<Sysname> reset loadbalance connection

reset loadbalance dns-proxy statistics

Use reset loadbalance dns-proxy statistics to clear transparent DNS proxy statistics.

Syntax

reset loadbalance dns-proxy statistics [ dns-proxy-name ]

Views

User view

Predefined user roles

network-admin

Parameters

dns-proxy-name: Specifies a transparent DNS proxy by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this argument, the command clears statistics for all DNS transparent proxies.

Examples

# Clear statistics for transparent DNS proxy dns-proxy1.

<Sysname> reset loadbalance dns-proxy statistics dns-proxy1

Related commands

display loadbalance dns-proxy statistics

reset loadbalance dns-server statistics

Use reset loadbalance dns-server statistics to clear DNS server statistics.

Syntax

reset loadbalance dns-server statistics [ dns-server-name ]

Views

User view

Predefined user roles

network-admin

Parameters

dns-server-name: Specifies a DNS server by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this argument, the command clears statistics for all DNS servers.

Examples

# Clear statistics for DNS server ds1.

<Sysname> reset loadbalance dns-server statistics ds1

Related commands

display loadbalance dns-server statistics

reset loadbalance link statistics

Use reset loadbalance link statistics to clear link statistics.

Syntax

reset loadbalance link statistics [ link-name ]

Views

User view

Predefined user roles

network-admin

Parameters

link-name: Specifies a link by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this argument, the command clears statistics about all links.

Examples

# Clear statistics about all links.

<Sysname> reset loadbalance link statistics

reset loadbalance proximity

Use reset loadbalance proximity to clear proximity entry information.

Syntax

reset loadbalance proximity [ ip [ ipv4-address ] | ipv6 [ ipv6-address ] ]

Views

User view

Predefined user roles

network-admin

Parameters

ip [ ipv4-address ]: Clears IPv4 proximity entry information. If you specify the ipv4-address argument, this command clears information about the proximity entry corresponding to the IPv4 address. If you do not specify the ipv4-address argument, this command clears information about all IPv4 proximity entries.

ipv6 [ ipv6-address ]: Clears IPv6 proximity entry information. If you specify the ipv6-address argument, this command clears information about the proximity entry corresponding to the IPv6 address. If you do not specify the ipv6-address argument, this command clears information about all IPv6 proximity entries.

Usage guidelines

If you do not specify the ip or ipv6 keyword, this command clears information about all IPv4 and IPv6 proximity entries for the public network.

Examples

# Clear information about all IPv6 proximity entries for the public network.

<Sysname> reset loadbalance proximity ipv6

reset virtual-server statistics

Use reset virtual-server statistics to clear virtual server statistics.

Syntax

reset virtual-server statistics [ virtual-server-name ]

Views

User view

Predefined user roles

network-admin

Parameters

virtual-server-name: Clears statistics of the specified virtual server. The virtual-server-name argument specifies a virtual server name, a case-insensitive string of 1 to 63 characters. If you do not specify this argument, the command clears statistics of all virtual servers.

Examples

# Clear statistics of all virtual servers.

<Sysname> reset virtual-server statistics

Related commands

display virtual-server statistics

router ip

Use router ip to specify the outbound next hop for an LB link.

Use undo router ip to restore the default.

Syntax

router ip ipv4-address

undo router ip

Default

The outbound next hop is not specified for an LB link.

Views

LB link view

Predefined user roles

network-admin

Parameters

ipv4-address: Specifies an IPv4 address, which cannot be a loopback address, multicast address, broadcast address, or an address in the format of 0.X.X.X.

Usage guidelines

You can specify only one outbound next hop for an LB link.

Examples

# Specify the outbound next hop as 1.2.3.4 for the LB link lk1.

<Sysname> system-view

[Sysname] loadbalance link lk1

[Sysname-lb-link-lk1] router ip 1.2.3.4

router ipv6

Use router ipv6 to specify the outbound next hop for an LB link.

Use undo router ipv6 to restore the default.

Syntax

router ipv6 ipv6-address

undo router ipv6

Default

The outbound next hop is not specified for an LB link.

Views

LB link view

Predefined user roles

network-admin

Parameters

ipv6-address: Specifies an IPv6 address, which cannot be an all-zero address, a multicast address, a loopback address, or a link-local address.

Usage guidelines

You can specify only one outbound next hop for an LB link.

Examples

# Specify the outbound next hop as 8008::8 for the LB link lk1.

<Sysname> system-view

[Sysname] loadbalance link lk1

[Sysname-lb-link-lk1] router ipv6 8008::8

rtt weight

Use rtt weight to set the network delay weight for proximity calculation.

Use undo rtt weight to restore the default.

Syntax

rtt weight rtt-weight

undo rtt weight

Default

The network delay weight for proximity calculation is 100.

Views

Proximity view

Predefined user roles

network-admin

Parameters

rtt-weight: Specifies the network delay weight for proximity calculation, in the range of 0 to 255. A larger value indicates a higher weight.

Examples

# Set the network delay weight for proximity calculation to 200.

<Sysname> system-view

[Sysname] loadbalance proximity

[Sysname-lb-proximity] rtt weight 200

selected-link

Use selected-link to specify the number of links to participate in scheduling.

Use undo selected-link to restore the default.

Syntax

selected-link min min-number max max-number

undo selected-link

Default

The links with the highest priority participate in scheduling.

Views

Link group view

Predefined user roles

network-admin

Parameters

min min-number: Specifies the minimum number of links to participate in scheduling, in the range of 1 to 1000.

max max-number: Specifies the maximum number of links to participate in scheduling, in the range of 1 to 1000. The value of the max-number argument must be greater than or equal to the value of the min-number argument.

Usage guidelines

If the number of links available to participate in scheduling exceeds the max-number setting, the max-number setting applies.

If the number of links available to participate in scheduling is smaller than the min-number setting, more links are selected by priority in descending order.

Examples

# Configure the minimum number and maximum number of links in the link group lg to participate in scheduling as 20 and 30, respectively.

<Sysname> system-view

[Sysname] loadbalance link-group lg

[Sysname-lb-lgroup-lg] selected-link min 20 max 30

Related commands

predictor (link group view)

priority (link view)

selected-server

Use selected-server to specify the number of DNS servers to participate in scheduling.

Use undo selected-server to restore the default.

Syntax

selected-server min min-number max max-number

undo selected-server

Default

The DNS servers with the highest priority participate in scheduling.

Views

DNS server pool view

Predefined user roles

network-admin

Parameters

min min-number: Specifies the minimum number of DNS servers to participate in scheduling, in the range of 1 to 1000.

max max-number: Specifies the maximum number of DNS servers to participate in scheduling, in the range of 1 to 1000. The value of the max-number argument must be greater than or equal to the value of the min-number argument.

Usage guidelines

If the number of DNS servers available to participate in scheduling exceeds the max-number setting, the max-number setting applies.

If the number of DNS servers available to participate in scheduling is less than the min-number setting, more DNS servers are selected by priority in descending order.

Examples

# Configure the minimum number and maximum number of DNS servers in DNS server pool dns-pool to participate in scheduling as 20 and 30, respectively.

<Sysname> system-view

[Sysname] loadbalance dns-server-pool dns-pool

[Sysname-lb-dspool-dns-pool] selected-server min 20 max 30

service enable (transparent DNS proxy view)

Use service enable to enable the transparent DNS proxy feature.

Use undo service enable to disable the transparent DNS proxy feature.

Syntax

service enable

undo service enable

Default

The transparent DNS proxy feature is disabled.

Views

Transparent DNS proxy view

Predefined user roles

network-admin

Examples

# Enable the transparent DNS proxy feature for transparent DNS proxy dns-proxy1.

<Sysname> system-view

[Sysname] loadbalance dns-proxy dns-proxy1

[Sysname-lb-dp-udp-dns-proxy1] service enable

service enable (virtual server view)

Use service enable to enable a virtual server.

Use undo service enable to disable a virtual server.

Syntax

service enable

undo service enable

Default

A virtual server is disabled.

Views

Virtual server view

Predefined user roles

network-admin

Examples

# Enable the link-IP-type virtual server vs3.

<Sysname> system-view

[Sysname] virtual-server vs3 type link-ip

[Sysname-vs-link-ip-vs3] service enable

set ip tos (LB action view)

Use set ip tos to set the ToS field value of IP packets sent to the server.

Use undo set ip tos to restore the default.

Syntax

set ip tos tos-number

undo set ip tos

Default

The ToS field of IP packets sent to the server is not changed.

Views

LB action view

Predefined user roles

network-admin

Parameters

tos-number: Specifies the ToS field value in the range of 0 to 255.

Examples

# Set the ToS field value to 20 for IP packets sent to the server for the link-generic LB action lba1.

<Sysname> system-view

[Sysname] loadbalance action lba1 type link-generic

[Sysname-lba-link-generic-lba1] set ip tos 20

set ip tos (parameter profile view)

Use set ip tos to set the ToS field value of IP packets sent to the client.

Use undo set ip tos to restore the default.

Syntax

set ip tos tos-number

undo set ip tos

Default

The ToS field of IP packets sent to the client is not changed.

Views

Parameter profile view

Predefined user roles

network-admin

Parameters

tos-number: Specifies the ToS field value in the range of 0 to 255.

Usage guidelines

This command is available in IP parameter profile view only.

Examples

# Set the ToS field value to 20 for IP packets sent to the client for the IP parameter profile pp2.

<Sysname> system-view

[Sysname] parameter-profile pp2 type ip

[Sysname-para-ip-pp2] set ip tos 20

shutdown

Use shutdown to shut down a link.

Use undo shutdown to activate a link.

Syntax

shutdown

undo shutdown

Default

A link is activated.

Views

Link view

Predefined user roles

network-admin

Examples

# Shut down the link lk1.

<Sysname> system-view

[Sysname] loadbalance link lk1

[Sysname-lb-link-lk1] shutdown

skip current-dns-proxy

Use skip current-dns-proxy to skip the current transparent DNS proxy.

Use undo skip current-dns-proxy to restore the default.

Syntax

skip current-dns-proxy

undo skip current-dns-proxy

Default

The forwarding mode is to discard packets.

Views

DNS LB action view

Predefined user roles

network-admin

Usage guidelines

This command enables DNS requests to skip the current transparent DNS proxy and match the next transparent DNS proxy or virtual server.

A DNS request can skip a maximum of five transparent DNS proxies and virtual servers.

This command is mutually exclusive with the dns-server-pool or forward all command. If you configure one command, the other command (if configured) is automatically cancelled.

Examples

# Skip the current transparent DNS proxy in DNS LB action lba1.

<Sysname> system-view

[Sysname] loadbalance action lba1 type dns

[Sysname-lba-dns-lba1] skip current-dns-proxy

slow-online

Use slow-online to enable the slow online feature for a link group.

Use undo slow-online to disable the slow online feature for a link group.

Syntax

slow-online [ standby-time standby-time ramp-up-time ramp-up-time ]

undo slow-online

Default

The slow online feature is disabled for a link group.

Views

Link group view

Predefined user roles

network-admin

Parameters

standby-time standby-time: Specifies the standby timer in the range of 0 to 600 seconds. The default is 5 seconds.

ramp-up-time ramp-up-time: Specifies the ramp-up timer in the range of 3 to 600 seconds. The default is 5 seconds.

Usage guidelines

The links newly added to a link group might be unable to immediately process large numbers of services assigned by the LB device. To resolve this issue, enable the slow online feature for the link group. The feature uses the standby timer and ramp-up timer. When a link is added, the LB device does not assign any service to the link until the standby timer expires.

When the standby timer expires, the ramp-up timer starts. During the ramp-up time, the LB device increases the service amount according to the processing capability of the link, until the ramp-up timer expires.

Examples

# Enable the slow online feature for the link group lg.

<Sysname> system-view

[Sysname] loadbalance link-group lg

[Sysname-lb-lgroup-lg] slow-online

slow-shutdown enable

Use slow-shutdown enable to enable the slow offline feature for a link.

Use undo slow-shutdown enable to disable the slow offline feature for a link.

Syntax

slow-shutdown enable

undo slow-shutdown enable

Default

The slow offline feature is disabled for a link.

Views

Link view

Predefined user roles

network-admin

Usage guidelines

The shutdown command immediately terminates existing connections of a link. The slow offline feature ages out the connections, and does not establish new connections.

To enable the slow offline feature for a link, you must execute the slow-shutdown enable command and then the shutdown command. If you execute the shutdown command and then the slow-shutdown enable command, the slow offline feature does not take effect and the link is shut down.

Examples

# Enable the slow offline feature for the link lk1.

<Sysname> system-view

[Sysname] loadbalance link lk1

[Sysname-lb-link-lk1] slow-shutdown enable

Related commands

shutdown (link view)

snat-pool

Use snat-pool to specify the SNAT address pool to be referenced by a link group.

Use undo snat-pool to restore the default.

Syntax

snat-pool pool-name

undo snat-pool

Default

No SNAT address pool is referenced by a link group.

Views

Link group view

Predefined user roles

network-admin

Parameters

pool-name: Specifies the SNAT address pool name, a case-insensitive string of 1 to 63 characters.

Usage guidelines

After a link group references an SNAT address pool, the LB device replaces the source address of packets it receives with an SNAT address before forwarding the packets.

Examples

# Specify the SNAT address pool lbsp to be referenced by the link group lg.

<Sysname> system-view

[Sysname] loadbalance link-group lg

[Sysname-lb-lgroup-lg] snat-pool lbsp

snmp-agent trap enable loadbalance

Use snmp-agent trap enable loadbalance to enable SNMP notifications for load balancing.

Use undo snmp-agent trap enable loadbalance to disable SNMP notifications for load balancing.

Syntax

snmp-agent trap enable loadbalance

undo snmp-agent trap enable loadbalance

Default

All SNMP notifications are enabled for load balancing.

Views

System view

Predefined user roles

network-admin

Usage guidelines

To report critical load balancing events to an NMS, enable SNMP notifications for load balancing. For load balancing event notifications to be sent correctly, you must also configure SNMP as described in the network management and monitoring configuration guide for the device.

Examples

# Disable SNMP notifications for load balancing.

<Sysname> system-view

[Sysname] undo snmp-agent trap enable loadbalance

sticky-group

Use sticky-group to create a sticky group and enter its view, or enter the view of an existing sticky group.

Use undo sticky-group to delete the specified sticky group.

Syntax

sticky-group group-name [ type address-port ]

undo sticky-group group-name

Default

No sticky groups exist.

Views

System view

Predefined user roles

network-admin

Parameters

group-name: Specifies a sticky group name, a case-insensitive string of 1 to 63 characters.

type address-port: Specifies the sticky group type as address-port. When you create a sticky group, you must specify the sticky group type. You can enter an existing sticky group view without entering the type of the sticky group.

Usage guidelines

A sticky group uses a specific sticky method to distribute similar sessions to the same link. The sticky method applies to the first packet of a session. Subsequent packets of the session are distributed to the same link.

Examples

# Create the address-port-type sticky group sg1 and enter sticky group view.

<Sysname> system-view

[Sysname] sticky-group sg1 type address-port

[Sysname-sticky-address-port-sg1]

success-criteria (DNS server pool view)

Use success-criteria to specify the health monitoring success criteria for a DNS server pool.

Use undo success-criteria to restore the default.

Syntax

success-criteria { all | at-least min-number }

undo success-criteria

Default

Health monitoring succeeds only when all the specified health monitoring methods succeed.

Views

DNS server pool view

Predefined user roles

network-admin

Parameters

all: Specifies the health monitoring success criteria as all successful health monitoring methods.

at-least min-number: Specifies the health monitoring success criteria as the specified minimum number of successful health monitoring methods, in the range of 1 to 4294967295.

Usage guidelines

If the min-number setting exceeds the number of existing health monitoring methods on the device, the number of existing health monitoring methods applies.

The health monitoring success criteria configuration in DNS server view takes precedence over the configuration in DNS server pool view.

Examples

# Configure the health monitoring success criteria for the DNS server pool dns-pool as a minimum number of 2 successful health monitoring methods.

<Sysname> system-view

[Sysname] loadbalance dns-server-pool dns-pool

[Sysname-lb-dspool-dns-pool] success-criteria at-least 2

Related commands

success-criteria (DNS server view)

Use success-criteria to specify the health monitoring success criteria for a DNS server.

Use undo success-criteria to restore the default.

Syntax

success-criteria { all | at-least min-number }

undo success-criteria

Default

Health monitoring succeeds only when all the specified health monitoring methods succeed.

Views

DNS server view

Predefined user roles

network-admin

Parameters

all: Specifies the health monitoring success criteria as all successful health monitoring methods.

at-least min-number: Specifies the health monitoring success criteria as the specified minimum number of successful health monitoring methods, in the range of 1 to 4294967295.

Usage guidelines

If the min-number setting exceeds the number of existing health monitoring methods on the device, the number of existing health monitoring methods applies.

The health monitoring success criteria configuration in DNS server view takes precedence over the configuration in DNS server pool view.

Examples

# Configure the health monitoring success criteria for DNS server ds1 as a minimum number of 2 successful health monitoring methods.

<Sysname> system-view

[Sysname] loadbalance dns-server ds1

[Sysname-lb-ds-ds1] success-criteria at-least 2

Related commands

success-criteria (DNS server pool view)

success-criteria (link group view)

Use success-criteria to specify the health monitoring success criteria for a link group.

Use undo success-criteria to restore the default.

Syntax

success-criteria { all | at-least min-number }

undo success-criteria

Default

Health monitoring succeeds only when all the specified health monitoring methods succeed.

Views

Link group view

Predefined user roles

network-admin

Parameters

all: Specifies the health monitoring success criteria as all successful health monitoring methods.

at-least min-number: Specifies the health monitoring success criteria as the specified minimum number of successful health monitoring methods, in the range of 1 to 4294967295.

Usage guidelines

If the min-number setting exceeds the number of existing health monitoring methods on the device, the number of existing health monitoring methods applies.

The health monitoring success criteria configuration in link view takes precedence over the configuration in link group view.

Examples

# Configure the health monitoring success criteria for the link group lg as a minimum number of 2 successful health monitoring methods.

<Sysname> system-view

[Sysname] loadbalance link-group lg

[Sysname-lb-lgroup-lg] success-criteria at-least 2

Related commands

success-criteria (link view)

Use success-criteria to specify the health monitoring success criteria for an LB link.

Use undo success-criteria to restore the default.

Syntax

success-criteria { all | at-least min-number }

undo success-criteria

Default

Health monitoring succeeds only when all the specified health monitoring methods succeed.

Views

LB link view

Predefined user roles

network-admin

Parameters

all: Specifies the health monitoring success criteria as all successful health monitoring methods.

at-least min-number: Specifies the health monitoring success criteria as the specified minimum number of successful health monitoring methods, in the range of 1 to 4294967295.

Usage guidelines

If the min-number setting exceeds the number of existing health monitoring methods on the device, the number of existing health monitoring methods applies.

Examples

# Configure the health monitoring success criteria for the LB link lk1 as a minimum number of 2 successful health monitoring methods.

<Sysname> system-view

[Sysname] loadbalance link lk1

[Sysname-lb-link-lk1] success-criteria at-least 2

Related commands

success-criteria (link group view)

timeout (proximity view)

Use timeout to set the timeout timer for proximity entries.

Use undo timeout to restore the default.

Syntax

timeout timeout-value

undo timeout

Default

The timeout timer for proximity entries is 60 seconds.

Views

Proximity view

Predefined user roles

network-admin

Parameters

timeout-value: Specifies the timeout timer in the range of 60 to 3600 seconds.

Examples

# Set the timeout timer for proximity entries to 80 seconds.

<Sysname> system-view

[Sysname] loadbalance proximity

[Sysname-lb-proximity] timeout 80

timeout (sticky group view)

Use timeout to set the timeout timer for sticky entries.

Use undo timeout to restore the default.

Syntax

timeout timeout-value

undo timeout

Default

The timeout timer for sticky entries is 60 seconds.

Views

Sticky group view

Predefined user roles

network-admin

Parameters

timeout-value: Specifies the timeout timer in the range of 10 to 604800 seconds.

Examples

# Set the timeout timer for sticky entries to 100 seconds in the address- and port-type sticky group sg1.

<Sysname> system-view

[Sysname] sticky-group sg1 type address-port

[Sysname-sticky-address-port-sg1] timeout 100

transparent enable

Use transparent enable to disable NAT for a link group.

Use undo transparent enable to enable NAT for a link group.

Syntax

transparent enable

undo transparent enable

Default

NAT is enabled for a link group.

Views

Link group view

Predefined user roles

network-admin

Examples

# Disable NAT for the link group lg.

<Sysname> system-view

[Sysname] loadbalance link-group lg

[Sysname-lb-lgroup-sinalab] transparent enable

ttl weight

Use ttl weight to set the TTL weight for proximity calculation.

Use undo ttl weight to restore the default.

Syntax

ttl weight ttl-weight

undo ttl weight

Default

The TTL weight for proximity calculation is 100.

Views

Proximity view

Predefined user roles

network-admin

Parameters

ttl-weight: Specifies the TTL weight for proximity calculation, in the range of 0 to 255. A larger value indicates a higher weight.

Examples

# Set the TTL weight for proximity calculation to 200.

<Sysname> system-view

[Sysname] loadbalance proximity

[Sysname-lb-proximity] ttl weight 200

virtual ip address

Use virtual ip address to configure an IPv4 address (VSIP) for a virtual server.

Use undo virtual ip address to restore the default.

Syntax

virtual ip address ipv4-address [ mask-length | mask ]

undo virtual ip address

Default

No IPv4 address is configured for a virtual server.

Views

Virtual server view

Predefined user roles

network-admin

Parameters

ipv4-address: Specifies an IPv4 address. It cannot be a loopback address, multicast address, broadcast address, or an address in the format of 0.X.X.X (with a mask length of 32).

mask-length: Specifies a mask length in the range of 0 to 32. The default is 32.

mask: Specifies a subnet mask. The default is 255.255.255.255.

Examples

# Configure the IPv4 address for the link-IP-type virtual server vs3 as 1.1.1.1/24.

<Sysname> system-view

[Sysname] virtual-server vs3 type link-ip

[Sysname-vs-link-ip-vs3] virtual ip address 1.1.1.1 24

virtual ipv6 address

Use virtual ipv6 address to configure an IPv6 address (VSIP) for a virtual server.

Use undo virtual ipv6 address to restore the default.

Syntax

virtual ipv6 address ipv6-address [ prefix-length ]

undo virtual ipv6 address

Default

No IPv6 address is configured for a virtual server.

Views

Virtual server view

Predefined user roles

network-admin

Parameters

ipv6-address: Specifies an IPv6 address, which cannot be a loopback address, IPv6 multicast address, link-local address, or all-zero address (when the prefix length is not 0).

prefix-length: Specifies a prefix length in the range of 0 to 128. The default is 128.

Examples

# Configure the IPv6 address for the link-IP-type virtual server vs3 as 1001::1/64.

<Sysname> system-view

[Sysname] virtual-server vs3 type link-ip

[Sysname-vs-link-ip-vs3] virtual ipv6 address 1001::1 64

virtual-server

Use virtual-server to create a virtual server and enter its view, or enter the view of an existing virtual server.

Use undo virtual-server to delete the specified virtual server.

Syntax

virtual-server virtual-server-name [ type link-ip ]

undo virtual-server virtual-server-name

Default

No virtual servers exist.

Views

System view

Predefined user roles

network-admin

Parameters

virtual-server-name: Specifies the virtual server name, a case-insensitive string of 1 to 63 characters.

type { link-ip }: Specifies the virtual server type as link-IP. When you create a virtual server, you must specify a virtual server type. You can enter an existing virtual server view without entering the type of the virtual server.

Examples

# Create the virtual server vs3 with the link-IP type, and enter virtual server view.

<Sysname> system-view

[Sysname] virtual-server vs3 type link-ip

[Sysname-vs-link-ip-vs3]

weight (DNS server view)

Use weight to set the weight of a DNS server to be used by the weighted round robin algorithm and bandwidth algorithm.

Use undo weight to restore the default.

Syntax

weight weight-value

undo weight

Default

The weight of a DNS server is 100.

Views

DNS server view

Predefined user roles

network-admin

Parameters

weight-value: Specifies the weight in the range of 1 to 255. A greater value means a higher priority in scheduling.

Examples

# Set the weight of the DNS server ds1 to 150.

<Sysname> system-view

[Sysname] loadbalance dns-server ds1

[Sysname-lb-ds-ds1] weight 150

weight (link view)

Use weight to set the weight of a link to be used by the weighted round robin and weighted least connection algorithms.

Use undo weight to restore the default.

Syntax

weight weight-value

undo weight

Default

The weight of a link is 100.

Views

Link view

Predefined user roles

network-admin

Parameters

weight-value: Specifies the weight in the range of 1 to 255. For the weighted round robin or weighted least connection algorithm, a greater value means a higher priority to be referenced.

Examples

# Set the weight of the link lk1 to 150.

<Sysname> system-view

[Sysname] loadbalance link lk1

[Sysname-lb-link-lk1] weight 150

Index

A B C D F I L M O P R S T V W

activate,24

backup interface,1

backup threshold,2

backup timer delay,3

backup timer flow-check,4

backup track,5

bandwidth busy-protection enable (transparent DNS proxy view),25

bandwidth busy-protection enable (virtual server view),25

bandwidth busy-rate,26

bandwidth interface statistics enable,27

bandwidth weight,27

class,28

connection-limit max (link view),29

connection-limit max (virtual server view),29

cost,30

cost weight,30

default dns-server-pool,31

default link-group,32

default-class action,32

delay,9

description,33

display interface-backup state,6

display interface-backup statistics,7

display loadbalance action,34

display loadbalance alg,35

display loadbalance class,36

display loadbalance dns-proxy,37

display loadbalance dns-proxy statistics,39

display loadbalance dns-server,39

display loadbalance dns-server statistics,41

display loadbalance dns-server-pool,42

display loadbalance isp,44

display loadbalance link,46

display loadbalance link statistics,52

display loadbalance link-group,49

display loadbalance policy,53

display loadbalance proximity,54

display loadbalance snat-pool,55

display parameter-profile,56

display sticky,57

display sticky-group,59

display track,10

display virtual-server,61

display virtual-server statistics,63

dns-server-pool (DNS server view),65

dns-server-pool (LB action view),64

fail-action,66

fallback-action continue,66

forward all,67

ip,67

ip address (DNS server view),69

ip address (ISP view),70

ip address (transparent DNS proxy view),68

ip mask,70

ip range,71

ipv6,71

ipv6 address (DNS server view),72

ipv6 address (ISP view),73

ipv6 address (transparent DNS proxy view),73

ipv6 prefix,74

ipv6 range,75

lb-policy (transparent DNS proxy view),75

lb-policy (virtual server view),76

link,76

link-group (LB action view),77

link-group (link view),78

loadbalance action,78

loadbalance alg,79

loadbalance alg all-enable,80

loadbalance class,80

loadbalance dns-proxy,81

loadbalance dns-server,82

loadbalance dns-server-pool,82

loadbalance isp file,83

loadbalance isp name,84

loadbalance link,84

loadbalance link-group,85

loadbalance policy,85

loadbalance proximity,86

loadbalance schedule-test ip,86

loadbalance schedule-test ipv6,88

loadbalance snat-pool,89

match,89

match acl,90

match app-group,91

match class,92

match default,92

match destination,93

match destination domain-name,94

match domain-name,95

match isp,96

match source,96

max-bandwidth,97

max-number,98

object,13

override-limit enable,99

parameter,99

parameter-profile,100

port (DNS server view),100

port (transparent DNS proxy view),101

port (virtual server view),102

predictor (DNS server pool view),102

predictor (link group view),103

priority (DNS server view),105

priority (link view),105

probe (DNS server pool view),106

probe (DNS server view),107

probe (link group view),108

probe (link view),108

proximity enable,109

rate-limit bandwidth (link view),110

rate-limit bandwidth (virtual server view),111

rate-limit connection (link view),111

rate-limit connection (virtual server view),112

reset loadbalance connections,113

reset loadbalance dns-proxy statistics,113

reset loadbalance dns-server statistics,113

reset loadbalance link statistics,114

reset loadbalance proximity,114

reset virtual-server statistics,115

router ip,115

router ipv6,116

rtt weight,116

selected-link,117

selected-server,118

service enable (transparent DNS proxy view),118

service enable (virtual server view),119

set ip tos (LB action view),119

set ip tos (parameter profile view),120

shutdown,120

skip current-dns-proxy,121

slow-online,121

slow-shutdown enable,122

snat-pool,123

snmp-agent trap enable loadbalance,123

sticky-group,124

success-criteria (DNS server pool view),125

success-criteria (DNS server view),125

success-criteria (link group view),126

success-criteria (link view),127

threshold percentage,14

threshold weight,15

timeout (proximity view),128

timeout (sticky group view),128

track interface,15

track interface physical,16

track interface protocol,17

track ip route reachability,18

track list boolean,19

track list threshold percentage,20

track list threshold weight,21

track nqa,22

transparent enable,129

ttl weight,129

virtual ip address,130

virtual ipv6 address,130

virtual-server,131

weight (DNS server view),131

weight (link view),132

11 High Availability

backup interface

backup timer delay

Track commands

threshold percentage

track list boolean

bandwidth busy-protection enable (virtual server view)

bandwidth interface statistics enable

connection-limit max (virtual server view)

default-class action

display loadbalance action

display loadbalance link-group

fallback-action continue

forward all

lb-policy (virtual server view)

link-group (LB action view)

link-group (link view)

match source

max-number

port (virtual server view)

rate-limit bandwidth (virtual server view)

rate-limit connection (virtual server view)

set ip tos (LB action view)

set ip tos (parameter profile view)

snmp-agent trap enable loadbalance