- Table of Contents
- Related Documents
-
Title | Size | Download |
---|---|---|
01-Text | 538.88 KB |
display interface-backup state
display interface-backup statistics
track list threshold percentage
bandwidth busy-protection enable (transparent DNS proxy view)
bandwidth busy-protection enable (virtual server view)
bandwidth interface statistics enable
connection-limit max (link view)
connection-limit max (virtual server view)
display loadbalance dns-proxy statistics
display loadbalance dns-server
display loadbalance dns-server statistics
display loadbalance dns-server-pool
display loadbalance link-group
display loadbalance link statistics
display virtual-server statistics
dns-server-pool (LB action view)
dns-server-pool (DNS server view)
ip address (transparent DNS proxy view)
ipv6 address (DNS server view)
ipv6 address (transparent DNS proxy view)
lb-policy (transparent DNS proxy view)
lb-policy (virtual server view)
loadbalance schedule-test ipv6
port (transparent DNS proxy view)
predictor (DNS server pool view)
rate-limit bandwidth (link view)
rate-limit bandwidth (virtual server view)
rate-limit connection (link view)
rate-limit connection (virtual server view)
reset loadbalance dns-proxy statistics
reset loadbalance dns-server statistics
reset loadbalance link statistics
reset virtual-server statistics
service enable (transparent DNS proxy view)
service enable (virtual server view)
set ip tos (parameter profile view)
snmp-agent trap enable loadbalance
success-criteria (DNS server pool view)
success-criteria (DNS server view)
success-criteria (link group view)
Interface backup commands
The following matrix shows the feature and hardware compatibility:
Hardware series |
Model |
Interface backup compatibility |
WX1800H series |
WX1804H WX1810H WX1820H WX1840H |
Yes |
WX3800H series |
WX3820H WX3840H |
No |
WX5800H series |
WX5860H |
No |
backup interface
Use backup interface to specify a backup interface for an interface.
Use undo backup interface to remove a backup interface.
Syntax
backup interface interface-type interface-number [ priority ]
undo backup interface interface-type interface-number
Default
An interface does not have backup interfaces.
Views
Interface view
Predefined user roles
network-admin
Parameters
interface-type interface-number: Specifies a backup interface by its type and number.
priority: Assigns a priority to the backup interface. The value range is 0 to 255, and the default is 0. The greater the value, the higher the priority.
Usage guidelines
Use this command on the primary interface to specify its backup interfaces. If you also configure the traffic thresholds, the primary and backup interfaces operate in load balancing mode. If you do not configure the traffic thresholds, the primary and backup interfaces operate in strict active/standby mode.
Backup interface priority is used for interface backup to make interface activation or deactivation decisions when the primary interface fails or is overloaded. Backup interfaces are activated in descending order of priority, with the highest-priority interface deactivated first. In contrast, they are deactivated in ascending order of priority, with the lowest-priority interface deactivated first.
Once a backup interface is activated to forward traffic, only the primary interface can preempt it. A higher-priority backup interface cannot preempt a lower-priority backup interface that has taken over the primary interface.
Use Table 1 when you configure primary and backup interfaces.
Table 1 Restrictions on the primary and backup interfaces
Item |
Restrictions |
Backup interfaces/primary interface |
3. |
Configuration restrictions |
· An interface can only be the backup of one interface. · A primary interface cannot be configured as a backup interface at the same time. · A main interface and its subinterfaces cannot be the backup of each other. · The primary and backup interfaces cannot be members of a logical link. For example, they cannot be members of a Layer 3 aggregation group. |
This command and the backup track command are mutually exclusive.
· If you have configured the backup interface command on the primary interface, you cannot configure the backup track command on the primary or backup interface.
· If you have associated a backup interface with a track entry, you cannot configure the backup interface command on it or specify it as a backup interface by using the backup interface command.
Examples
# Specify GigabitEthernet 1/0/6 as a backup interface of GigabitEthernet 1/0/5, with a priority of 50.
[Sysname] interface gigabitethernet 1/0/5
[Sysname-GigabitEthernet1/0/5] backup interface gigabitethernet 1/0/6 50
backup threshold
Use backup threshold to configure traffic thresholds on a primary interface for load sharing.
Use undo backup threshold to restore the default.
Syntax
backup threshold upper-threshold lower-threshold
Default
No traffic thresholds are configured.
Views
Interface view
Predefined user roles
Parameters
upper-threshold: Specifies the upper threshold as a percentage of bandwidth available on the primary interface. The value range is 1 to 99.
lower-threshold: Specifies the lower threshold as a percentage of bandwidth available on the primary interface. The value range is 1 to 99.
|
NOTE: To set the bandwidth used for load sharing calculation in this command, use the bandwidth command on the primary interface. |
Usage guidelines
This command enables a primary interface and its backup interfaces to be load shared. In load sharing mode, interface backup regularly compares the amount of traffic with the thresholds.
· When the amount of traffic on the primary interface exceeds the upper threshold, the backup interfaces are activated to share load in descending order of backup priority.
· When the total amount of traffic on all the load-shared interfaces drops below the lower threshold, the backup interfaces are deactivated in ascending order of priority. To prevent link flapping from causing frequent interface switchovers, H3C recommends that you configure the lower threshold smaller than half of the upper threshold.
· When the primary interface goes down, the active/standby mode applies. Only the highest-priority interface is activated.
You can configure the traffic polling interval by using the backup timer flow-check command.
|
NOTE: · "Traffic" on an interface refers to the amount of incoming or outgoing traffic, whichever is higher. · If two backup interfaces have the same priority, the one configured first has preference. |
Examples
# On GigabitEthernet 1/0/5, set the upper and lower traffic thresholds to 80 and 20, respectively.
<Sysname> system-view
[Sysname] interface gigabitethernet 1/0/5
[Sysname-GigabitEthernet1/0/5] backup threshold 80 20
Related commands
· backup timer flow-check
backup timer delay
Use backup timer delay to set interface state switchover delay timers on a primary interface.
Use undo backup timer delay to restore the default.
Syntax
backup timer delay up-delay down-delay
Default
Both up and down delay timers are 5 seconds.
Views
Interface view
Predefined user roles
Parameters
up-delay: Specifies the number of seconds that the primary or backup interface must wait before it can come up. The value range is 1 to 65535 seconds.
down-delay: Specifies the number of seconds that the active primary or backup interface must wait before it is set to down state. The value range is 1 to 65535 seconds.
Usage guidelines
Before you can use this command on an interface, you must specify at least one backup interface for the interface.
The switchover delay mechanism prevents link flapping from causing frequent interface switchovers. When the link of the active interface fails, the interface state does not change immediately. Instead, a down delay timer starts. If the link recovers before the timer expires, the interface state does not change. If the link is still down when the timer expires, the interface state changes to down.
Examples
# Specify GigabitEthernet 1/0/6 as a backup of GigabitEthernet 1/0/5, and set both up and down delay timers to 10 seconds.
<Sysname> system-view
[Sysname] interface gigabitethernet 1/0/5
[Sysname-GigabitEthernet1/0/5] backup interface gigabitethernet 1/0/6
[Sysname-GigabitEthernet1/0/5] backup timer delay 10 10
backup interface
backup timer flow-check
Use backup timer flow-check to configure the traffic polling interval on a primary interface.
Use undo backup timer flow-check to restore the default.
backup timer flow-check interval
Default
The traffic polling interval is 30 seconds.
Views
Interface view
Predefined user roles
network-admin
Parameters
interval: Specifies a traffic polling interval in the range of 30 to 600 seconds.
Usage guidelines
Before you can use this command on an interface, you must specify at least one backup interface for the interface.
This command takes effect when the primary and backup interfaces operate in load sharing mode. Interface backup compares the amount of traffic with the thresholds at this interval to determine whether to activate or deactivate a backup interface.
Examples
# Set the traffic polling interval to 60 seconds on GigabitEthernet 1/0/5.
[Sysname] interface gigabitethernet 1/0/5
[Sysname-GigabitEthernet1/0/5] backup timer flow-check 60
backup interface
backup track
Use backup track to associate a backup interface with a track entry.
Use undo backup track to remove the association.
backup track track-entry-number
Default
An interface is not associated with a track entry.
Views
Interface view
Predefined user roles
Parameters
track-entry-number: Specifies a track entry ID in the range of 1 to 1024.
Usage guidelines
To change the state of a backup interface response to the link state of the primary interface, use this command. For the setting to work, you must configure the track entry to monitor the state of the primary link. For more information about configuring a track entry, see High Availability Configuration Guide.
You can associate an interface with only one track entry.
You can create the associated track entry before or after the association. The association takes effect after the track entry is created.
To maintain performance, limit the number of associations to 64.
This command and the backup interface command are mutually exclusive.
· If you have configured the backup interface command on the primary interface, you cannot configure the backup track command on the primary or backup interface.
· If you have associated a backup interface with a track entry, you cannot configure the backup interface command on it or specify it as a backup interface by using the backup interface command.
Examples
# Associate GigabitEthernet 1/0/5 with track entry 1.
[Sysname] interface gigabitethernet 1/0/5
[Sysname-GigabitEthernet1/0/5] backup track 1
display interface-backup state
Use display interface-backup state to display state information for primary and backup interfaces.
display interface-backup state
Views
Any view
Predefined user roles
network-admin
network-operator
Examples
# Display state information for primary and backup interfaces.
<Sysname> display interface-backup state
Interface: GE1/0/5
UpDelay: 10 s
DownDelay: 5 s
Upper threshold: 80
Lower threshold: 20
State: DOWN
Backup interfaces:
GE1/0/6 Priority: 30 State: UP_DELAY
Table 2 Command output
Description |
|
Name of the primary interface. |
|
The number of seconds that elapse after the primary interface goes down before the backup interface is activated. |
|
DownDelay |
The number of seconds that elapse after the primary interface comes up before the backup interface is deactivated. |
Upper threshold |
The upper traffic threshold specified as a percentage of bandwidth available on the primary interface. When the traffic on the primary interface exceeds the upper threshold, the backup interfaces are activated to share load in descending order of backup priority. |
The lower traffic threshold specified as a percentage of bandwidth available on the primary interface. When the total amount of traffic on all the load-shared interfaces drops below the lower threshold, the backup interfaces are deactivated in ascending order of priority. |
|
State of the primary interface: UP—The interface is operating correctly. DOWN—The interface is down and cannot forward traffic. UP_DELAY—The interface has recovered, and it is waiting to preempt the active backup interface. DOWN_DELAY—The interface has failed, and it is waiting to be taken over by a backup interface. During this period, packet loss occurs on the primary interface. The interface can forward traffic only when it is in UP state. |
|
Backup interfaces assigned to the primary interface. |
|
Priority |
Priority of the backup interface. |
State |
State of the backup interface: · UP—The interface has taken over the primary interface to forward traffic. · DOWN—The interface is down and cannot forward traffic. · UP_DELAY—The backup interface is waiting to take over the primary interface. · DOWN_DELAY—The interface is waiting to be preempted by the primary interface that has recovered. · STANDBY—The interface is on standby while the primary interface is operating correctly. The interface can forward traffic only when it is in UP state. |
display interface-backup statistics
Use display interface-backup statistics to display traffic statistics for load-shared interfaces.
Syntax
display interface-backup statistics
Views
Any view
Predefined user roles
network-admin
network-operator
Examples
# Display traffic statistics for load-shared interfaces.
<Sysname> display interface-backup statistics
Interface: GigabitEthernet1/0/6
Statistics interval: 30 s
Bandwidth: 100000000 bps
ActiveTotalIn: 102 bytes
ActiveTotalOut: 108 bytes
ActiveIntervalIn: 102 bytes
ActiveIntervalOut: 108 bytes
Active used bandwidth: 28 bps
TotalIn: 102 bytes
TotalOut: 108 bytes
TotalIntervalIn: 102 bytes
TotalIntervalOut: 108 bytes
Total used bandwidth: 28 bps
Table 3 Command output
Description |
|
Name of the primary interface. |
|
Bandwidth |
Expected bandwidth (in bps) of the primary interface. This bandwidth is used for load sharing computation. You can use the bandwidth command in interface view to set its value. |
Cumulative sum of incoming bytes on the primary interface at the most recent traffic polling. |
|
PrimaryTotalOut |
Cumulative sum of outgoing bytes on the primary interface at the most recent traffic polling. |
PrimaryIntervalIn |
Number of incoming bytes on the primary interface for the most recent polling interval. |
PrimaryIntervalOut |
Number of outgoing bytes on the primary interface for the most recent polling interval. |
Primary used bandwidth |
The primary interface's used bandwidth that was counted in load sharing computation. |
Cumulative sum of incoming bytes on the load-shared primary and backup interfaces at the most recent traffic polling. |
|
TotalOut |
Cumulative sum of outgoing bytes on the load-shared primary and backup interfaces at the most recent traffic polling. |
Number of incoming bytes on the load-shared primary and backup interfaces for the most recent polling interval. |
|
Number of outgoing bytes on the load-shared primary and backup interfaces for the most recent polling interval. |
|
Total used bandwidth |
Total used bandwidth (in bps) of the load-shared primary and backup interfaces for the most recent polling interval. |
Track commands
delay
Use delay to set the period of time that the Track module must wait before notifying the application module of track entry state changes.
Use undo delay to remove the notification delay configuration.
Syntax
delay { negative negative-time | positive positive-time } *
undo delay
Default
The Track module notifies the application module immediately when the track entry state changes.
Views
Track view
Predefined user roles
network-admin
Parameters
negative negative-time: Specifies the delay for notifying the application module that the track entry state has changed to negative. The negative-time argument represents the negative state notification delay in the range of 1 to 300 seconds.
positive positive-time: Specifies the delay for notifying the application module that the track entry state has changed to positive. The positive-time argument represents the positive state notification delay in the range of 1 to 300 seconds.
Usage guidelines
If the Track module immediately notifies the application module of a track entry state change but the route convergence is not complete, a communication failure might occur. In such cases, you can set a notification delay to avoid immediate notification of track entry status changes.
The notification delay settings do not take effect if the track entry is not associated with an application module.
If you execute this command multiple times, the most recent configuration takes effect.
Examples
# Set the negative state notification delay to 50 seconds and the positive state notification delay to 30 seconds for Boolean OR tracked list 101.
<Sysname> system-view
[Sysname] track 101 list boolean or
[Sysname-track-101] delay negative 50 positive 30
Related commands
· track interface
· track ip route reachability
· track list boolean
· track list threshold percentage
· track list threshold weight
· track nqa
display track
Use display track to display track entry information.
Syntax
display track { track-entry-number | all [ negative | positive ] } [ brief ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
track-entry-number: Specifies the track entry ID in the range of 1 to 1024.
all: Specifies all track entries.
negative: Displays track entries in Negative state.
positive: Displays track entries in Positive state.
brief: Displays brief information about track entries.
Examples
# Display information about all track entries.
Track ID: 1
State: Positive
Duration: 0 days 0 hours 0 minutes 7 seconds
Tracked object type: NQA
Notification delay: Positive 20, Negative 30 (in seconds)
Tracked object:
NQA entry: admin test
Reaction: 10
Remote IP/URL: 2.2.2.2
Local IP: 1.1.1.1
Interface: GigabitEthernet1/0/1
Tracked by:
Track-list 6
Track-list 7
Track ID: 2
State: Negative
Duration: 0 days 0 hours 0 minutes 32 seconds
Notification delay: Positive 20, Negative 30 (in seconds)
Tracked object:
Interface: Vlan-interface3
Protocol: IPv4
Tracked by:
Track-list 6
Track-list 7
Track ID: 3
State: Positive
Duration: 0 days 0 hours 0 minutes 32 seconds
Tracked object type: Percentage threshold list
Notification delay: Positive 20, Negative 30 (in seconds)
Threshold: Positive 40, Negative 30
Percentage of positive objects: 50%
Tracked objects:
Object 1: Positive
Object 3: Negative
Track ID: 4
State: Positive
Duration: 0 days 0 hours 0 minutes 32 seconds
Tracked object type: Weight threshold list
Notification delay: Positive 20, Negative 30 (in seconds)
Threshold: Positive 50, Negative 30
Positive weight/total weight: 50/80
Tracked objects:
Object 1: Positive, Weight: 50
Object 3: Negative, Weight: 30
Track ID: 5
State: Positive
Duration: 0 days 0 hours 0 minutes 32 seconds
Tracked object type: Boolean and list
Notification delay: Positive 20, Negative 30 (in seconds)
Tracked objects:
Object 1: Positive
Object 3: Negative(not)
Object 10: NotReady(not)
# Display brief information about track entries in negative state.
<Sysname> display track all negative brief
ID Status Type Remote IP/URL Local IP Interface
1 Negative Interface -- -- GE1/0/1
10 Negative Interface -- -- GE1/0/2
12 Negative List -- -- --
Table 4 Command output
Field |
Description |
Track ID |
ID of a track entry. |
State |
States of a track entry: · Positive—The tracked object operates correctly. · NotReady—The tracked object is invalid. · Negative—The tracked object is abnormal. |
Duration |
Time period during which the track entry stays in the state. |
Type |
Tracked object type: · Interface. · NQA. · List—Tracked list. This field is displayed only when the display track brief command is executed. |
Tracked object type |
Tracked object type: · Interface. · NQA. · Boolean and list—Boolean AND list. · Boolean or list—Boolean OR list. · Percentage threshold list. · Weight threshold list. |
Notification delay: Positive 20, Negative 30 (in seconds) |
· The Track module notifies the application modules that the status of the track entry changes to Positive after a delay time of 20 seconds. · The Track module notifies the application modules that the status of the track entry changes to Negative after a delay time of 30 seconds. |
Threshold: Positive 40, Negative 30 |
Positive and negative state thresholds. This field is displayed only when the tracked object type is Percentage threshold list or Weight threshold list. |
Percentage of positive objects |
Percentage of positive objects in the tracked list. This field is displayed only when the tracked object type is Percentage threshold list. |
Positive weight/total weight: 50/80 |
Weight of positive objects to the total weight of all objects in the tracked list. This field is displayed only when the tracked object type is Weight threshold list. |
Tracked object |
Tracked object associated with the track entry. |
NQA entry |
NQA operation associated with the track entry. |
Reaction |
Reaction entry associated with the track entry. |
IP route |
Route associated with the track entry. |
Remote IP/URL |
Remote IP address or URL. If no remote IP address or URL exists, two consecutive hyphens (--) are displayed. |
Local IP |
Local IP address. If no local IP address exists, two consecutive hyphens (--) are displayed. |
Interface |
Interface to be monitored. If no interface is to be monitored, two consecutive hyphens (--) are displayed. |
Protocol |
Protocol type of the route. This field displays N/A if the route does not exist. |
Nexthop interface |
Next hop of the route. This field displays N/A if the route does not exist. |
Object 10 : Positive |
State of a tracked object: Positive, NotReady, or Negative. If the tracked object type is Weight threshold list, the weight of the object is also displayed. If the (not) attribute is displayed, the tracked list will negate the state of the object. |
Tracked by |
Other track entries that are tracking the object. This field is not displayed if the object type is tracked list. |
Related commands
· track interface
· track interface protocol
· track ip route reachability
· track nqa
object
Use object to add a track entry as an object to a tracked list.
Use undo object remove an object from a tracked list
Syntax
object track-entry-number [ not ] [ weight weight ]
undo object track-entry-number
Default
A tracked list does not contain any objects.
Views
Track view
Predefined user roles
network-admin
Parameters
track-entry-number: Specifies a track entry by its ID in the range of 1 to 1024.
not: Negates the state of the object. For example, the tracked list regards the object as negative when the object is in positive state. This keyword is supported only by a Boolean list.
weight weight: Assigns a weight to the object, in the range of 1 to 255. This keyword is supported only by a weight threshold list. The default weight is 10.
Usage guidelines
The track entry ID of the object cannot be the same as the ID of the tracked list to which the object is added.
You can add a maximum of 16 objects to a tracked list.
Loops between track entries are not allowed. For example, after you add track entry 1 (object 1) to tracked list 2 and track entry 2 (object 2) to tracked list 3, you cannot add track entry 3 (object 3) to tracked list 1 because a loop will be created.
Examples
# Create Boolean AND list 100 and add track entries 1 and 2 as tracked objects to the list.
<Sysname> system-view
[Sysname] track 100 list boolean and
[Sysname-track-101] object 1
[Sysname-track-101] object 2 not
Related commands
· track list boolean
· track list threshold percentage
· track list threshold weight
threshold percentage
Use threshold percentage to set the threshold values used to determine the state of a percentage threshold list.
Use undo threshold percentage to restore the default.
Syntax
threshold percentage { negative negative-threshold | positive positive-threshold } *
undo threshold percentage
Default
The negative state threshold is 0% and the positive state threshold is 1%.
Views
Track view
Predefined user roles
network-admin
Parameters
negative negative-threshold: Specifies the negative state threshold, in the range of 1 to 100. The percentage of negative objects must be equal to or smaller than the configured negative state threshold for the tracked list to be set to the negative state.
positive positive-threshold: Specifies the positive state threshold in the range of 1 to 100. The percentage of positive objects must be equal to or greater than the configured positive state threshold for the tracked list to be set to the positive state. The positive-threshold must be greater than the negative-threshold.
Usage guidelines
The state of a percentage threshold list remains unchanged in the following conditions:
· The percentage of positive objects is smaller than the positive state threshold value.
· The percentage of negative objects is greater than the negative state threshold value.
This command is supported only by a percentage threshold list.
Examples
# Set the negative state threshold to 30% and the positive state threshold to 50% for percentage threshold list 1.
<Sysname> system-view
[Sysname] track 1 list threshold percentage
[Sysname-track-1] threshold percentage negative 30 positive 50
Related commands
track list threshold percentage
threshold weight
Use threshold weight to set the threshold values used to determine the state of a weight threshold list.
Use undo threshold weight to restore the default.
Syntax
threshold weight { negative negative-threshold | positive positive-threshold } *
undo threshold weight
Default
The negative state threshold is 0 and the positive state threshold is 1.
Views
Track view
Predefined user roles
network-admin
Parameters
negative negative-threshold: Specifies the negative state threshold in the range of 0 to 255. The total weight of negative objects must be equal to or smaller than the configured negative state threshold for the tracked list to be set to the negative state.
positive positive-threshold: Specifies the positive state threshold in the range of 0 to 255. The total weight of positive objects must be equal to or greater than the configured positive state threshold for the tracked list to be set to the positive state. The positive-threshold must be greater than the negative-threshold.
Usage guidelines
The state of a weight threshold list remains unchanged in the following conditions:
· The total weight of positive objects is smaller than the positive state threshold value.
· The total weight of negative objects is greater than the negative state threshold value.
This command is supported only by a weight threshold list.
Examples
# Set the negative state threshold to 30 and the positive state threshold to 50 for weight threshold list 1.
<Sysname> system-view
[Sysname] track 1 list threshold weight
[Sysname-track-1] threshold weight negative 30 positive 50
Related commands
track list threshold weight
track interface
Use track interface to create a track entry to monitor the link state of an interface and enter track entry view, or enter the view of an existing track entry.
Use undo track to remove the track entry and all configurations from its view.
Syntax
track track-entry-number interface interface-type interface-number
undo track track-entry-number
Default
No track entries exist.
Views
System view
Predefined user roles
network-admin
Parameters
track-entry-number: Specifies the track entry ID in the range of 1 to 1024.
interface-type interface-number: Specifies an interface by its type and number.
Usage guidelines
To create a track entry, you must specify the tracked object type, which is interface in this command.
To enter the view of an existing track entry, use the track track-entry-number command. The tracked object type is not required.
To modify the settings for a track entry, execute the undo track command to remove the track entry, and then execute the track interface command again.
For a track entry that monitors the link status of an interface, the track entry state changes as follows:
· The track entry state is positive if the link state of the interface is up.
· The track entry state is negative if the link state of the interface is down.
To display the link state of an interface, use the display ip interface brief command.
Examples
# Create track entry 1 to monitor the link state of VLAN-interface 10 and enter track entry view.
<Sysname> system-view
[Sysname] track 1 interface vlan-interface 10
[Sysname-track-1]
Related commands
· delay
· display track
· display ip interface brief (Layer 3—IP Services Command Reference)
track interface physical
Use track interface physical to create a track entry to monitor the physical state of an interface and enter track entry view, or enter the view of an existing track entry.
Use undo track to remove the track entry and all configurations from its view.
Syntax
track track-entry-number interface interface-type interface-number physical
undo track track-entry-number
Default
No track entries exist.
Views
System view
Predefined user roles
network-admin
Parameters
track-entry-number: Specifies the track entry ID in the range of 1 to 1024.
interface-type interface-number: Specifies an interface by its type and number.
Usage guidelines
To create a track entry, you must specify the tracked object type, which is interface physical in this command.
To enter the view of an existing track entry, use the track track-entry-number command. The tracked object type is not required.
To modify the settings for a track entry, execute the undo track command to remove the track entry, and then execute the track interface physical command again.
Examples
# Create track entry 1 to monitor the physical state of GigabitEthernet 1/0/1 and enter track entry view.
<Sysname> system-view
[Sysname] track 1 interface gigabitethernet 1/0/1 physical
[Sysname-track-1]
Related commands
delay
track interface protocol
Use track interface protocol to create a track entry to monitor the protocol state of an interface and enter track entry view, or enter the view of an existing track entry.
Use undo track to remove the track entry and all configurations from its view.
Syntax
track track-entry-number interface interface-type interface-number protocol { ipv4 | ipv6 }
undo track track-entry-number
Default
No track entries exist.
Views
System view
Predefined user roles
network-admin
Parameters
track-entry-number: Specifies the track entry ID in the range of 1 to 1024.
interface-type interface-number: Specifies an interface by its type and number.
ipv4: Monitors the IPv4 protocol state. When the IPv4 protocol state of the interface is up, the state of the track object is Positive. When the IPv4 protocol state of the interface is down, the state of the track object is Negative. To display the IPv4 protocol state of an interface, use the display ip interface brief command.
ipv6: Monitors the IPv6 protocol state. When the IPv6 protocol state of the interface is up, the state of the track object is Positive. When the IPv6 protocol state of the interface is down, the state of the track object is Negative. To display the IPv6 protocol state of an interface, use the display ipv6 interface brief command.
Usage guidelines
To create a track entry, you must specify the tracked object type, which is interface protocol in this command.
To enter the view of an existing track entry, use the track track-entry-number command. The tracked object type is not required.
To modify the settings for a track entry, execute the undo track command to remove the track entry, and then execute the track interface protocol command again.
Examples
# Create track entry 1 to monitor the IPv4 protocol state of VLAN-interface 2 and enter track entry view.
<Sysname> system-view
[Sysname] track 1 interface vlan-interface 2 protocol ipv4
[Sysname-track-1]
Related commands
· delay
· display track
· display ip interface brief (Layer 3—IP Services Command Reference)
· display ipv6 interface brief (Layer 3—IP Services Command Reference)
track ip route reachability
Use track ip route reachability to create a track entry to monitor the reachability of an IP route and enter track entry view, or enter the view of an existing track entry.
Use undo track to remove the track entry and all configurations from its view.
Syntax
track track-entry-number ip route ip-address { mask-length | mask } reachability
undo track track-entry-number
Default
No track entries exist.
Views
System view
Predefined user roles
network-admin
Parameters
track-entry-number: Specifies the track entry ID in the range of 1 to 1024.
ip-address: Specifies the destination IP address of the route in dotted decimal notation.
mask-length: Specifies the mask length of the route in the range of 0 to 32.
mask: Specifies the subnet mask of route in dotted decimal notation.
Usage guidelines
To create a track entry, you must specify the tracked object type, which is ip route reachability in this command.
To enter the view of an existing track entry, use the track track-entry-number command. The tracked object type is not required.
To modify the settings for a track entry, execute the undo track command to remove the track entry, and then execute the track ip route reachability command again.
Route management does not immediately notify the Track module of the route status changes when the following conditions are met:
· An active/standby device switchover or a RIB process switchover has occurred.
· The status of the monitored route is changed before the routing protocol completes the graceful restart.
You can resolve the problem by configuring the nonstop routing feature.
Examples
# Create track entry 1 to monitor the status of IP route 10.1.1.0/24 and enter track entry view.
<Sysname> system-view
[Sysname] track 1 ip route 10.1.1.0 24 reachability
[Sysname-track-1]
Related commands
· delay
· display ip route (Layer 3—IP Routing Command Reference)
· display track
track list boolean
Use track list boolean to create a Boolean tracked list and enter its view, or enter the view of an existing tracked list.
Use undo track to remove the tracked list and all configurations from its view.
Syntax
track track-entry-number list boolean { and | or }
undo track track-entry-number
Default
No tracked lists exist.
Views
System view
Predefined user roles
network-admin
Parameters
track-entry-number: Specifies an ID for the tracked list in the range of 1 to 1024.
and: Calculates the tracked list state by using the Boolean AND operation.
or: Calculates the tracked list state by using the Boolean OR operation.
Usage guidelines
The state of a Boolean list is determined by the tracked object states based on the Boolean AND or Boolean OR operation.
· Boolean AND list—The tracked list is set to the positive state only when all objects are in positive state. If one or more objects are in negative state, the tracked list is set to the negative state.
· Boolean OR list—The tracked list is set to the positive state if any object is in positive state. If all objects are in negative state, the tracked list is set to the negative state.
To create a track entry, you must specify the tracked object type, which is list boolean in this command.
To enter the view of an existing track entry, use the track track-entry-number command. The tracked object type is not required.
To modify the settings for a track entry, execute the undo track command to remove the track entry, and then execute the track list boolean command again.
Examples
# Create Boolean OR list 101 and enter its view.
<Sysname> system-view
[Sysname] track 101 list boolean or
[Sysname-track-101]
Related commands
· delay
· object
track list threshold percentage
Use track list threshold percentage to create a percentage threshold tracked list and enter its view, or enter the view of an existing tracked list.
Use undo track to remove the tracked list and all configurations from its view.
Syntax
track track-entry-number list threshold percentage
undo track track-entry-number
Default
No tracked lists exist.
Views
System view
Predefined user roles
network-admin
Parameters
track-entry-number: Specifies an ID for the tracked list in the range of 1 to 1024.
Usage guidelines
The state of a percentage threshold list is determined by comparing the percentage of positive and negative objects in the list with the percentage thresholds configured for the list.
To configure the threshold values used to determine the state of a percentage threshold list, use the threshold percentage command.
To create a track entry, you must specify the tracked object type, which is list threshold percentage in this command.
To enter the view of an existing track entry, use the track track-entry-number command. The tracked object type is not required.
To modify the settings for a track entry, execute the undo track command to remove the track entry, and then execute the track list threshold percentage command again.
Examples
# Create percentage threshold list 101 and enter its view.
<Sysname> system-view
[Sysname] track 101 list threshold percentage
[Sysname-track-101]
Related commands
· delay
· object
· threshold percentage
track list threshold weight
Use track list threshold weight to create a weight threshold tracked list and enter its view, or enter the view of an existing tracked list.
Use undo track to remove the tracked list and all configurations from its view.
Syntax
track track-entry-number list threshold weight
undo track track-entry-number
Default
No tracked lists exist.
Views
System view
Predefined user roles
network-admin
Parameters
track-entry-number: Specifies an ID for the tracked list in the range of 1 to 1024.
Usage guidelines
The state of a weight threshold list is determined by comparing the weight of positive and negative objects in the list with the weight thresholds configured for the list.
To configure the threshold values used to determine the state of a weight threshold list, use the threshold weight command.
To create a track entry, you must specify the tracked object type, which is list threshold weight in this command.
To enter the view of an existing track entry, use the track track-entry-number command. The tracked object type is not required.
To modify the settings for a track entry, execute the undo track command to remove the track entry, and then execute the track list threshold weight command again.
Examples
# Create weight threshold tracked list 101 and enter its view.
<Sysname> system-view
[Sysname] track 101 list threshold weight
[Sysname-track-101]
Related commands
· delay
· object
· threshold weight
track nqa
Use track nqa to create a track entry to monitor the reaction entry of an NQA operation and enter track entry view, or enter the view of an existing track entry..
Use undo track to remove the track entry and all configurations from its view.
Syntax
track track-entry-number nqa entry admin-name operation-tag reaction item-number
undo track track-entry-number
Default
No track entries exist.
Views
System view
Predefined user roles
network-admin
Parameters
track-entry-number: Specifies the track entry ID in the range of 1 to 1024.
entry admin-name operation-tag: Specifies an NQA operation. The admin-name argument is a case-insensitive string of 1 to 32 characters that specifies the name of the administrator who created the NQA operation. The operation-tag argument is a case-insensitive string of 1 to 32 characters that specifies the NQA operation tag.
reaction item-number: Specifies a reaction entry of the NQA operation. The item-number argument specifies the reaction entry ID in the range of 1 to 10.
Usage guidelines
To create a track entry, you must specify the tracked object type, which is nqa in this command.
To enter the view of an existing track entry, use the track track-entry-number command. The tracked object type is not required.
To modify the settings for a track entry, execute the undo track command to remove the track entry, and then execute the track nqa command again.
Examples
# Create track entry 1 to monitor reaction entry 3 of NQA operation admin-test and enter track entry view.
<Sysname> system-view
[Sysname] track 1 nqa entry admin test reaction 3
[Sysname-track-1]
Related commands
· delay
· display track
Load balancing commands
The following compatibility matrix shows the support of hardware platforms for load balancing:
Hardware series |
Model |
Load balancing compatibility |
WX1800H |
WX1804H WX1810H WX1820H WX1840H |
Yes |
WX3800H |
WX3820H WX3840H |
No |
WX5800H |
WX5860H |
No |
activate
Use activate to set the criteria to determine whether a link group is available.
Use undo activate to restore the default.
Syntax
activate lower lower-percentage upper upper-percentage
undo activate
Default
A link group is available when a minimum of one link is available.
Views
Link group view
Predefined user roles
network-admin
Parameters
lower lower-percentage: Specifies the lower percentage value in the range of 1 to 99.
upper upper-percentage: Specifies the upper percentage value in the range of 1 to 99. The upper percentage value must be greater than or equal to the lower percentage value.
Usage guidelines
When the percentage of available links in a primary link group is smaller than the lower percentage value, the primary link group becomes unavailable. Then the backup link group takes over. When the percentage of available links in a primary link group is greater than the upper percentage value, the primary link group becomes available again to process services.
If no backup link group is configured on the virtual server, this configuration does not take effect.
Examples
# Set the lower percentage value to 20 and upper percentage value to 80 for the link group lg.
<Sysname> system-view
[Sysname] loadbalance link-group lg
[Sysname-lb-lgroup-lg] activate lower 20 upper 80
bandwidth busy-protection enable (transparent DNS proxy view)
Use bandwidth busy-protection enable to enable the link protection feature for a transparent DNS proxy.
Use undo bandwidth busy-protection enable to disable the link protection feature for a transparent DNS proxy.
Syntax
bandwidth busy-protection enable
undo bandwidth busy-protection enable
Default
The link protection feature is disabled for a transparent DNS proxy.
Views
Transparent DNS proxy view
Predefined user roles
network-admin
Usage guidelines
This feature enables a transparent DNS proxy to select a DNS server from the DNS server pool based on the link bandwidth ratio. If the bandwidth ratio of a link exceeds the specified value, the corresponding DNS server is not selected.
If the link bandwidth ratio of all DNS servers in the DNS server pool exceeds the specified value, the link protection feature is automatically disabled. If the link bandwidth ratio of any DNS server drops below the specified value, the link protection feature is automatically enabled, and the corresponding DNS server is selected.
Examples
# Enable the link protection feature for transparent DNS proxy dns-proxy1.
<Sysname> system-view
[Sysname] loadbalance dns-proxy dns-proxy1
[Sysname-lb-dp-udp-dns-proxy1] bandwidth busy-protection enable
Related commands
bandwidth busy-rate
bandwidth busy-protection enable (virtual server view)
Use bandwidth busy-protection enable to enable the link protection feature.
Use undo bandwidth busy-protection enable to disable the link protection feature.
Syntax
bandwidth busy-protection enable
undo bandwidth busy-protection enable
Default
The link protection feature is disabled.
Views
Virtual server view
Predefined user roles
network-admin
Usage guidelines
The link protection feature takes effect only when bandwidth statistics collection by interfaces is enabled.
Examples
# Enable the link protection feature for the link-IP-type virtual server vs3.
[Sysname] virtual-server vs3 type link-ip
[Sysname-vs-link-ip-vs3] bandwidth busy-protection enable
bandwidth interface statistics enable
bandwidth busy-rate
Use bandwidth busy-rate to set the bandwidth ratio for an LB link.
Use undo bandwidth busy-rate to restore the default.
Syntax
bandwidth [ inbound | outbound ] busy-rate busy-rate-number [ recovery recovery-rate-number ]
undo bandwidth [ inbound | outbound ] busy-rate
Default
The bandwidth ratio is 70.
Views
LB link view
Predefined user roles
network-admin
Parameters
inbound: Specifies the inbound bandwidth ratio.
outbound: Specifies the outbound bandwidth ratio.
busy-rate-number: Specifies bandwidth ratio in the range of 1 to 100.
recovery recovery-rate-number: Specifies bandwidth recovery ratio in the range of 1 to 100. By default, if the bandwidth ratio is greater than 10, the bandwidth recovery ratio equals the bandwidth ratio minus 10; if the bandwidth ratio is smaller than or equal to 10, the bandwidth recovery ratio equals the bandwidth ratio.
Usage guidelines
If the bandwidth of an LB link exceeds the maximum expected bandwidth multiplied by the bandwidth ratio, the LB link is busy and will not be selected. If the bandwidth of the LB link drops below the maximum expected bandwidth multiplied by the bandwidth recovery ratio, the LB link participates in scheduling again.
If you do not specify the inbound or outbound keyword, this command sets the total bandwidth ratio.
The bandwidth ratio equals the current bandwidth divided by the maximum bandwidth of the LB link. If the maximum bandwidth is not limited, the supported maximum bandwidth is used for calculating the bandwidth ratio.
The bandwidth recovery ratio must be smaller than or equal to the bandwidth ratio of an LB link.
This command takes effect only on new sessions and does not take effect on existing sessions.
Examples
# Set the total bandwidth ratio and bandwidth recovery ratio for the LB link lk1 to 90 and 85.
<Sysname> system-view
[Sysname] loadbalance link lk1
[Sysname-lb-link-link1] bandwidth busy-rate 90 recovery 85
Related commands
display loadbalance link
max-bandwidth
bandwidth interface statistics enable
Use bandwidth interface statistics enable to enable bandwidth statistics collection by interfaces.
Use undo bandwidth interface statistics enable to disable bandwidth statistics collection by interfaces.
Syntax
bandwidth interface statistics enable
undo bandwidth interface statistics enable
Default
Bandwidth statistics collection by interfaces is disabled.
Views
Virtual server view
Predefined user roles
network-admin
Examples
# Enable bandwidth statistics collection by interfaces for the link-IP-type virtual server vs3.
<Sysname> system-view
[Sysname] virtual-server vs3 type link-ip
[Sysname-vs-link-ip-vs3] bandwidth interface statistics enable
bandwidth weight
Use bandwidth weight to set the bandwidth weight for proximity calculation.
Use undo bandwidth weight to restore the default.
Syntax
bandwidth { inbound | outbound } weight bandwidth-weight
undo bandwidth { inbound | outbound } weight
Default
The inbound or outbound bandwidth weight for proximity calculation is 100.
Views
Proximity view
Predefined user roles
network-admin
Parameters
inbound: Specifies the inbound bandwidth weight.
outbound: Specifies the outbound bandwidth weight.
bandwidth-weight: Specifies the bandwidth weight for proximity calculation, in the range of 0 to 255. A larger value indicates a higher bandwidth weight.
Examples
# Set the inbound bandwidth weight for proximity calculation to 200.
[Sysname] loadbalance proximity
[Sysname-lb-proximity] bandwidth inbound weight 200
# Set the outbound bandwidth weight for proximity calculation to 200.
[Sysname] loadbalance proximity
[Sysname-lb-proximity] bandwidth outbound weight 200
class
Use class to specify an LB action for the specified LB class.
Use undo class to delete an LB class.
Syntax
class class-name [ insert-before before-class-name ] action action-name
undo class class-name
Default
No LB action is specified for the LB class.
Views
LB policy view
Predefined user roles
network-admin
Parameters
class-name: Specifies an LB class by its name, a case-insensitive string of 1 to 63 characters.
insert-before before-class-name: Inserts the target class before an LB class (which must already be referenced by the current LB policy), a case-insensitive string of 1 to 63 characters.
action-name: Specifies an LB action by its name, a case-insensitive string of 1 to 63 characters.
Usage guidelines
This command sets an LB action for packets matching the specified LB class.
You can specify an LB action for different LB classes.
A DNS LB policy can reference DNS LB actions only; a link-generic LB policy can reference link-generic LB classes and link-generic LB actions only.
Examples
# Specify the LB action lba1 for the LB class lbc1 in the DNS policy lbp1, and insert lbc1 before the LB class lbc0.
<Sysname> system-view
[Sysname] loadbalance policy lbp1 type dns
[Sysname-lbp-dns-lbp1] class lbc1 insert-before lbc0 action lba1
connection-limit max (link view)
Use connection-limit max to set the maximum number of connections of a link.
Use undo connection-limit max to restore the default.
Syntax
connection-limit max max-number
undo connection-limit max
Default
The maximum number of connections of a link is 0, which means the number is not limited.
Views
Link view
Predefined user roles
network-admin
Parameters
max-number: Specifies the maximum number of connections, in the range of 0 to 4294967295. If the value of this argument takes 0, the number is not limited.
Usage guidelines
This command takes effect only on new sessions and does not take effect on existing sessions.
Examples
# Set the maximum number of connections of the link lk to 10000.
<Sysname> system-view
[Sysname] loadbalance link lk
[Sysname-lb-link-lk] connection-limit max 10000
connection-limit max (virtual server view)
Use connection-limit max to set the maximum number of connections of a virtual server.
Use undo connection-limit max to restore the default.
Syntax
connection-limit max max-number
undo connection-limit max
Default
The maximum number of connections of a virtual server is 0, which means the number is not limited.
Views
Virtual server view
Predefined user roles
network-admin
Parameters
max-number: Specifies the maximum number of connections, in the range of 0 to 4294967295. If the value of this argument takes 0, the number is not limited.
Usage guidelines
This command takes effect only on new sessions and does not take effect on existing sessions.
Examples
# Set the maximum number of connections for the link-IP-type virtual server vs3 to 10000.
<Sysname>system-view
[Sysname] virtual-server vs3 type link-ip
[Sysname-vs-link-ip-vs3] connection-limit max 10000
cost
Use cost to set the link cost for proximity calculation.
Use undo cost to restore the default.
Syntax
Default
The link cost for proximity calculation is 0.
Views
Link view
Predefined user roles
network-admin
Parameters
cost-value: Specifies the link cost for proximity calculation, in the range of 0 to 10240.
Examples
# Set the link cost for proximity calculation to 200 for the link lk1.
[Sysname] loadbalance link lk1
[Sysname-lb-link-lk1] cost 200
cost weight
Use cost weight to set the cost weight for proximity calculation.
Use undo cost weight to restore the default.
Syntax
Default
The cost weight for proximity calculation is 100.
Views
Proximity view
Predefined user roles
network-admin
Parameters
cost-weight: Specifies the cost weight for proximity calculation, in the range of 0 to 255. A larger value indicates a higher cost weight.
Examples
# Set the cost weight for proximity calculation to 200.
[Sysname] loadbalance proximity
[Sysname-lb-proximity] cost weight 200
default dns-server-pool
Use default dns-server-pool to specify the default (primary) DNS server pool for a transparent DNS proxy.
Use undo default dns-server-pool to restore the default.
Syntax
default dns-server-pool pool-name [ sticky sticky-name ]
undo default dns-server-pool pool-name
Default
No default DNS server pool is specified for a transparent DNS proxy.
Views
Transparent DNS proxy view
Predefined user roles
network-admin
Parameters
pool-name: Specifies a primary DNS server pool by its name, a case-insensitive string of 1 to 63 characters.
sticky sticky-name: Specifies a sticky group by its name, a case-insensitive string of 1 to 63 characters. If you do not specify a sticky group, the DNS server pool does not correspond to any sticky group.
Usage guidelines
If you execute the default dns-server-pool command multiple times, the most recent configuration takes effect.
Examples
# Specify the primary DNS server pool dns-pool1 and the sticky group st1 for the transparent DNS proxy dns-proxy1.
<Sysname> system-view
[Sysname] loadbalance dns-proxy dns-proxy1
[Sysname-lb-dp-udp-dns-proxy1] default dns-server-pool dns-pool1 sticky st1
default link-group
Use default link-group to specify the default (primary) link group.
Use undo default link-group to restore the default.
Syntax
default link-group link-group-name [ backup backup-link-group-name ] [ sticky sticky-name ]
undo default link-group
Default
No default link group is specified.
Views
Link-IP virtual server view
Predefined user roles
network-admin
Parameters
link-group-name: Specifies a primary link group by its name, a case-insensitive string of 1 to 63 characters.
backup backup-link-group-name: Specifies a backup link group by its name, a case-insensitive string of 1 to 63 characters.
sticky sticky-name: Specifies a sticky group by its name, a case-insensitive string of 1 to 63 characters.
Usage guidelines
When the primary link group is available (contains links), the virtual server forwards packets through the primary link group. When the primary link group is not available, the virtual server forwards packets through the backup link group.
Examples
# Specify the primary link group link1, the backup link group link2, and the sticky group sg1 for the link-IP-type virtual server vs3.
<Sysname> system-view
[Sysname] virtual-server vs3 type link-ip
[Sysname--vs-link-ip-vs3] default link-group link1 backup link2 sticky sg1
default-class action
Use default-class action to specify the default LB action.
Use undo default-class to restore the default.
Syntax
default-class action action-name
undo default-class
Default
No default LB action is specified.
Views
LB policy view
Predefined user roles
network-admin
Parameters
action-name: Specifies an LB action by its name, a case-insensitive string of 1 to 63 characters.
Usage guidelines
This command sets the default LB action for packets that fail to match any LB class.
A DNS LB policy can reference DNS LB actions only; a link-generic LB policy can reference link-generic LB actions only.
Examples
# Specify the default LB action lba1 for the link-generic LB policy lbp1.
<Sysname> system-view
[Sysname] loadbalance policy lbp1 type link-generic
[Sysname-lbp-link-generic-lbp1] default-class action lba1
description
Use description to configure a description.
Use undo description to restore the default.
Syntax
description text
undo description
Default
No description is configured.
Views
ISP view
LB action view
LB class view
LB policy view
Parameter profile view
Sticky group view
Virtual server view
Link group view
Link view
DNS server pool view
DNS server view
SNAT address pool view
Predefined user roles
network-admin
Parameters
text: Specifies a description, a case-sensitive string of 1 to 127 characters.
Examples
# Configure the description LB action LBA1 for the link-generic LB action lba1.
<Sysname> system-view
[Sysname] loadbalance action lba1 type link-generic
[Sysname-lba-link-generic-lba1] description LB action LBA1
display loadbalance action
Use display loadbalance action to display LB action information.
Syntax
display loadbalance action [ name action-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
name action-name: Specifies an LB action by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this option, the command displays information about all LB actions.
Examples
# Display information about all LB actions.
<Sysname> display loadbalance action
LB action: lba3
Description: sina
Type: Link-generic
State: Active
Forward type: link group
Link group: lg1 (in use)
Backup link group: lg2
Sticky:
IP ToS:
Fallback-action: None
LB action: lba4
Description: xx
Type: DNS
State: Active
Forward type: DNS server pool
DNS server pool: dsp1
Sticky: st
IP ToS:
Fallback-action: Disabled
Table 5 Command output
Field |
Description |
LB action |
LB action name. |
Description |
Description for the LB action. |
Type |
LB action type: · DNS. · Link-generic. |
State |
LB action state: · Active. · Inactive. |
Forward type |
Packet forwarding mode of the LB action: · Drop—Discards packets. · Forward—Forwards packets. · Link group—Forwards packets through the link group (applicable to link-generic LB actions). · DNS server pool—Forwards packets through the DNS server pool (applicable to DNS LB actions). · Skip current DNS proxy (applicable to DNS LB actions). |
Link group |
Default link group name. (in use) indicates the link group is in use. |
Backup link group |
Backup link group name. (in use) indicates the link group is in use. |
Sticky |
Sticky group name. This field is displayed only when the packet forwarding mode is DNS server pool. |
IP ToS |
ToS field value of IP packets. |
Fallback-action |
Action taken upon load balancing failure: · None—Does not take any action. · Continue—Matches the next rule. |
DNS server pool |
DNS server pool name. This field is displayed only when the packet forwarding mode is DNS server pool. |
display loadbalance alg
Use display loadbalance alg to display the ALG status for all protocols.
Syntax
display loadbalance alg
Views
Any view
Predefined user roles
network-admin
network-operator
Examples
# Display the ALG status for all protocols.
<Sysname> display loadbalance alg
LB ALG:
DNS : Enable
FTP : Enable
H323 : Enable
ICMP-ERROR : Enable
ILS : Enable
MGCP : Enable
NBT : Enable
PPTP : Enable
RSH : Enable
RTSP : Enable
SCCP : Enable
SIP : Enable
SQLNET : Enable
TFTP : Enable
XDMCP : Enable
display loadbalance class
Use display loadbalance class to display LB class information.
Syntax
display loadbalance class [ name class-name ]
Views
Any view
Predefined user roles
network-operator
Parameters
name class-name: Specifies an LB class by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this option, the command displays information about all LB classes.
Examples
# Display information about all LB classes.
<Sysname> display loadbalance class
LB class: lbc3
Description:
Type: Link-generic
Match type: Match-any
Match rule:
match 1 class cla3
match 2 source ip address 1.2.3.0 24
match 3 source ipv6 address 1::12
match 4 acl ipv4 number 3002
match 5 acl ipv6 number 3003
match 6 acl ipv4 name ccc
match 7 acl ipv6 name ddd
match 8 isp name isp2
LB class: lbc4
Description:
Type: DNS
Match type: Match-any
Match rule:
match 1 class cla2
match 2 source ip address 1.2.3.0 24
match 3 source ipv6 address 1::12
match 4 acl ipv4 number 3002
match 5 acl ipv6 number 3003
match 6 acl ipv4 name ccc
match 7 acl ipv6 name ddd
match 8 destination ip address 1.2.3.0 24
match 9 destination ipv6 address 1::12
match 10 domain-name www.h3c.com
Table 6 Command output
Field |
Description |
LB class |
LB class name. |
Description |
Description for the LB class. |
Type |
LB class type: · DNS. · Link-generic. |
Match type |
Match type for the LB class: · Match-all—Requires matching all rules of the LB class. · Match-any—Requires matching any rule of the LB class. |
Match rule |
Match rules for the LB class. |
display loadbalance dns-proxy
Use display loadbalance dns-proxy to display transparent DNS proxy information.
Syntax
display loadbalance dns-proxy [ brief | name dns-proxy-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
brief: Displays brief transparent DNS proxy information. If you do not specify this keyword, the command displays detailed transparent DNS proxy information.
name dns-proxy-name: Specifies a transparent DNS proxy by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this option, the command displays information about all transparent DNS proxies.
Examples
# Display brief information about all transparent DNS proxies.
<Sysname> display loadbalance dns-proxy brief
DNS proxy State Type VPN instance IP address Port
dns-proxy1 Active UDP 1.2.3.0/24 53
dns-proxy2 Inactive UDP -- 5353
# Display information about transparent DNS proxy dns-proxy1.
<Sysname> display loadbalance dns-proxy name dns-proxy1
DNS proxy: dns-proxy1
Type: UDP
State: Active
Service state: Enabled
VPN instance:
IPv4 address: 1.2.3.0/24
IPv6 address: --
Port: 53
DNS server pool: dns-pool1
Sticky: st
LB policy: dns-policy1
Bandwidth busy protection: Disabled
Table 7 Command output
Field |
Description |
DNS proxy |
Transparent DNS proxy name. |
Type |
Transparent DNS proxy type. Only UDP is supported. |
State |
Transparent DNS proxy state: · Active—The transparent DNS proxy is available. · Inactive—The transparent DNS proxy is unavailable for any reason except that the transparent DNS proxy feature is disabled. · Inactive (disabled)—The transparent DNS proxy is unavailable because the transparent DNS proxy feature is disabled. |
Service state |
Transparent DNS proxy state: Enabled or Disabled. |
VPN instance |
VPN instance to which the transparent DNS proxy belongs. This field is not supported in the current software version. |
DNS server pool |
Default DNS server pool used by the transparent DNS proxy. |
Sticky |
Sticky group used by the transparent DNS proxy. |
Bandwidth busy protection |
Link protection state: Enabled or Disabled. |
display loadbalance dns-proxy statistics
Use display loadbalance dns-proxy statistics to display transparent DNS proxy statistics.
Syntax
display loadbalance dns-proxy statistics [ name dns-proxy-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
name dns-proxy-name: Specifies a transparent DNS proxy by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this option, the command displays statistics for all transparent DNS proxies.
Examples
# Display statistics for the transparent DNS proxy dns-proxy1.
<Sysname> display loadbalance dns-proxy statistics name dns-proxy1
DNS proxy: dns-proxy1
Received requests: 100
Dropped requests: 2
Received responses: 98
Dropped responses: 0
Table 8 Command output
Field |
Description |
DNS proxy |
Transparent DNS proxy name. |
Received requests |
Number of DNS requests received by the transparent DNS proxy. |
Dropped requests |
Number of DNS requests dropped by the transparent DNS proxy. |
Received responses |
Number of DNS responses received by the transparent DNS proxy. |
Dropped responses |
Number of DNS responses dropped by the transparent DNS proxy. |
display loadbalance dns-server
Use display loadbalance dns-server to display DNS server information.
Syntax
display loadbalance dns-server [ brief | name dns-server-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
brief: Displays brief DNS server information. If you do not specify this keyword, the command displays detailed DNS server information.
name dns-server-name: Displays detailed information about a DNS server. The dns-server-name argument specifies a DNS server by its name, a case-insensitive string of 1 to 63 characters.
Usage guidelines
If you do not specify any parameter, the command displays detailed information about all DNS servers.
If the device obtains multiple DNS server IP addresses, it uses the smallest available IP address.
If no health monitoring method is specified, the device determines that all obtained DNS server IP addresses are available. If a health monitoring method is specified, the device determines that only the DNS server IP addresses that pass health monitoring are available.
Examples
# Display brief information about all DNS servers.
<Sysname> display loadbalance dns-server brief
DNS server Address Port Link State DNS server pool
ds1 10.150.100.100 0 link1 Active dns_pool
ds2 20.150.100.100 5353 link2 Probe-failed dns_pool
ds3 -- 0 link3 Inactive dns_pool
ds4 -- 0 link3 Inactive dns_pool
# Display detailed information about DNS server ds1.
<Sysname> display loadbalance dns-server name ds1
DNS server: ds1
Description:
State: Active
IPv4 address: 10.150.100.100
10.160.100.1
10.154.60.2
IPv6 address: --
Port: 0
Link: link1
DNS server pool: dns-pool
Weight: 100
Priority: 4
Probe information:
Probe success criteria: All
Probe method State
t4 Succeeded
Table 9 Command output
Field |
Description |
DNS server |
DNS server name. |
Address |
IP address of the DNS server. If no IP address is configured, this field displays two hyphens (--). |
Link |
Link of the DNS server. |
State |
DNS server state: · Active—The DNS server is available. · Busy—The DNS server is busy. When the DNS server is in Active state and enabled with the link protection feature, this field displays Busy if the maximum expected bandwidth is reached. · Inactive—The DNS server is unavailable, because the configuration is not complete or the server is not referenced. · Probe-failed—Health monitoring has failed. |
Description |
Description for the DNS server. |
IPv4 address |
IPv4 address of the DNS server. |
IPv6 address |
IPv6 address of the DNS server. |
Port |
Port number of the DNS server. |
Weight |
Weight of the DNS server. |
Priority |
Priority of the DNS server. |
Probe information |
Detailed health monitoring information for the DNS server. |
Probe success criteria |
Health monitoring success criteria for the DNS server: · All—Health monitoring succeeds only when all the specified health monitoring methods succeed. · At least—Health monitoring succeeds when a specified minimum number of health monitoring methods succeed. |
Probe method |
Name of the NQA template used by the health monitoring method. |
State |
State of the health monitoring method: · Failed—Health monitoring has failed. · In progress—Health monitoring is in progress. · Invalid—Health monitoring is unavailable (because the configuration of the NQA template is not complete), or the DNS server is unavailable. · Succeeded—Health monitoring has succeeded. |
display loadbalance dns-server statistics
Use display loadbalance dns-server statistics to display DNS server statistics.
Syntax
display loadbalance dns-server statistics [ name dns-server-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
name dns-server-name: Specifies a DNS server by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this option, the command displays statistics for all DNS servers.
Examples
# Display statistics for the DNS server ds1.
<Sysname> display loadbalance dns-server statistics name ds1
DNS server: ds1
Received requests: 100
Send requests: 98
Dropped requests: 2
Received responses: 98
Send responses: 98
Dropped responses: 0
Table 10 Command output
Field |
Description |
DNS server |
DNS server name. |
Received requests |
Number of DNS requests received by the DNS server. |
Send requests |
Number of DNS requests sent by the DNS server. |
Dropped requests |
Number of DNS requests dropped by the DNS server. |
Received responses |
Number of DNS responses received by the DNS server. |
Send responses |
Number of DNS responses sent by the DNS server. |
Dropped responses |
Number of DNS responses dropped by the DNS server. |
display loadbalance dns-server-pool
Use display loadbalance dns-server-pool to display DNS server pool information.
Syntax
display loadbalance dns-server-pool [ brief | name pool-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
brief: Displays brief DNS server pool information. If you do not specify this keyword, the command displays detailed DNS server pool information.
name pool-name: Displays detailed information about a DNS server pool. The pool-name argument specifies a DNS server pool by its name, a case-insensitive string of 1 to 63 characters.
Usage guidelines
If you do not specify any parameter, the command displays detailed information about all DNS server pools.
Examples
# Display brief information about all DNS server pools.
<Sysname> display loadbalance dns-server-pool brief
Predictor: RR - Round robin, RD - Random,
BW - Bandwidth, MBW - Max bandwidth,
IBW - Inbound bandwidth, OBW - Outbound bandwidth,
MIBW - Max inbound bandwidth, MOBW - Max outbound bandwidth,
HASH(SIP) - Hash address source IP,
HASH(DIP) - Hash address destination IP,
HASH(SIP-PORT) - Hash address source IP-port
DNS server pool Predictor Total Active
dns-pool RR 3 2
dns-pool1 RR 0 0
dns-pool2 RD 3 0
# Display detailed information about DNS server pool dns-pool.
<Sysname> display loadbalance dns-server-pool name dns-pool
DNS server pool: dns-pool
Description:
Predictor: Round robin
Selected server: Enabled
Min servers: 3
Max servers: 5
Probe information:
Probe success criteria: At-least 2
Probe method: t4
Total DNS servers: 3
Active DNS servers: 0
DNS server list:
Name State Address port Link Weight Priority
ds1 Active 10.150.100.100 0 link1 100 4
ds2 Probe-failed 20.150.100.100 5353 link2 100 4
ds3 Inactive -- 0 link3 100 4
Table 11 Command output
Field |
Description |
Predictor |
Scheduling algorithm of the DNS server pool: · RR—Weighted round robin algorithm. · RD—Random algorithm. · BW—Bandwidth algorithm. · IBW—Inbound bandwidth algorithm. · OBW—Outbound bandwidth algorithm. · MBW—Maximum bandwidth algorithm. · MIBW—Maximum inbound bandwidth algorithm. · MOBW—Maximum outbound bandwidth algorithm. · HASH(SIP)—Hash algorithm based on source IP address. · HASH(DIP)—Hash algorithm based on destination IP address. · HASH(SIP-PORT)—Hash algorithm based on source IP address and port number. |
DNS server pool |
DNS server pool name. |
Total |
Total number of DNS servers. |
Active |
Number of active DNS servers. |
Description |
Description for the DNS server pool. |
Selected server |
State of DNS server limit to participate in scheduling: disabled or enabled. If the state is enabled, the following fields are displayed: · Min servers—Minimum number of DNS servers that can participate in scheduling. · Max servers—Maximum number of DNS servers that can participate in scheduling. |
Probe information |
Detailed health monitoring information for the DNS server pool. |
Probe success criteria |
Health monitoring success criteria for the DNS server pool: · All—Health monitoring succeeds only when all the specified health monitoring methods succeed. · At least—Health monitoring succeeds when a specified minimum number of health monitoring methods succeed. |
Probe method |
Name of the NQA template used by the health monitoring method. |
Total DNS servers |
Total number of DNS servers. |
Active DNS servers |
Number of active DNS servers. |
Name |
DNS server name. |
State |
DNS server state: · Active—The DNS server is available. · Busy—The DNS server is busy. When the DNS server is in Active or Ramp state and enabled with link protection, this field displays Busy if the maximum expected bandwidth is reached. · Inactive—The DNS server is unavailable, because the configuration is not complete or the server is not referenced. · Probe-failed—Health monitoring has failed. |
Address |
IP address of the DNS server. If no IP address is configured, this field displays two hyphens (--). |
Port |
Port number of the DNS server. |
Link |
Name of the link corresponding to the DNS server. |
Weight |
Weight of the DNS server. |
Priority |
Priority of the DNS server. |
display loadbalance isp
Use display loadbalance isp to display ISP information.
Syntax
display loadbalance isp [ ip ipv4-address | ipv6 ipv6-address | name isp-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
ip ipv4-address: Specifies an IPv4 address. If you do not specify this option, the command displays information about all ISPs.
ipv6 ipv6-address: Specifies an IPv6 address. If you do not specify this option, the command displays information about all ISPs.
name isp-name: Specifies an ISP by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this option, the command displays information about all ISPs.
Examples
# Display information about all ISPs.
<Sysname> display loadbalance isp
(*) - User-defined object
LB ISP: isp1
Description: ISP1
IPv4 address/Mask length: --
IPv6 address/Prefix length: --
LB ISP: isp2(*)
Description:
IPv4 address/Mask length:
1.2.3.0/32(*) 1.2.3.4/32 3.3.3.6/32(*)
192.168.6.131/32(*) 192.168.195.189/32(*)
IPv6 address/Prefix length:
1::2/128
FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF/128(*)
# Display information about the ISP corresponding to the IP address 1.2.3.0.
<Sysname> display loadbalance isp ip 1.2.3.0
ISP name Source IPv4 address/Mask length
isp2 user-set 1.2.3.0/28
isp2 user-set 1.2.3.0/29
isp2 user-set 1.2.3.0/30
isp2 file-load 1.2.3.0/31
isp2 file-load & user-set 1.2.3.0/32
# Display information about the ISP corresponding to the IPv6 address 1::1234.
<Sysname> display loadbalance isp ipv6 1::1234
ISP name Source IPv6 address/Prefix length
isp2 user-set 1::1234/126
isp2 user-set 1::1234/127
isp2 file-load 1::1234/128
Table 12 Command output
Field |
Description |
(*) indicates that the ISP information is manually configured. If the ISP information is also imported from a file, (*) is not displayed. |
|
ISP name. |
|
Description |
Description for the ISP. |
Source of the ISP: · user-set—Manually configured. · file-load—Imported from a file. · file-load & user-set—Manually configured and imported from a file. |
display loadbalance link
Use display loadbalance link to display LB link information.
Syntax
display loadbalance link [ brief | name link-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
brief: Displays brief information about all LB links. If you do not specify this keyword, the command displays detailed LB link information.
name link-name: Displays detailed information about the specified LB link. The link-name argument specifies an LB link name, a case-insensitive string of 1 to 63 characters.
Usage guidelines
If you do not specify the brief keyword or the name link-name option, the command displays detailed information about all LB links.
Examples
# Display brief information about all LB links.
<Sysname> display loadbalance link brief
Link Router IP State VPN instance Link group
Lk1 192.168.1.1 Busy -- lg
Lk2 192.168.2.1 Active -- lg
# Display detailed information about the LB link lk.
<Sysname> display loadbalance link name lk
Link: lk
Description: lk
State: Busy
VPN instance: --
Inherit VPN: Disabled
Router IP: 1.2.3.4
Router IPv6: --
Link-group: lg
Weight: 100
Priority: 4
Cost: 0
Slow-shutdown: Disabled
Connection limit: 0
Rate limit:
Connections: 10000
Bandwidth: 10000 Kbytes/s
Inbound bandwidth: 5000 Kbytes/s
Outbound bandwidth: 5000 Kbytes/s
Bandwidth busy:
Max bandwidth: 10000 Kbytes/s
Max inbound bandwidth: 5000 Kbytes/s
Max outbound bandwidth: 5000 Kbytes/s
Busy rate: 80
Inbound busy rate: 70
Outbound busy rate: 60
Busy recovery rate: 60
Inbound busy recovery rate: 60
Outbound busy recovery rate: 60
Probe information:
Probe success criteria: All
Probe method State
t4 Inactive
Link: lk2
Description: link2
State: Inactive
VPN instance: --
Inherit VPN: Disabled
Link group: lg
Weight: 150
Priority: 3
Cost: 100
Slow shutdown: Enabled
Connection limit: 10000
Rate limit:
Connections: 10000
Bandwidth: 10000 Kbytes/s
Inbound bandwidth: 5000 Kbytes/s
Outbound bandwidth: 5000 Kbytes/s
Bandwidth busy:
Max bandwidth: 10000 Kbytes/s
Max inbound bandwidth: 5000 Kbytes/s
Max outbound bandwidth: 5000 Kbytes/s
Busy rate: 80
Inbound busy rate: 70
Outbound busy rate: 60
Busy recovery rate: 60
Inbound busy recovery rate: 60
Outbound busy recovery rate: 60
Probe information:
Probe success criteria: All
Probe method State
t4 Inactive
Table 13 Command output
Field |
Description |
Link |
LB link name. |
Description |
Description for the LB link. |
State |
LB link state: · Active—The LB link is available. · Busy—The LB link is busy. · Inactive—The LB link is unavailable, because the configuration is not complete, the LB link is not referenced, or the virtual server is not enabled. · Probe-failed—Health monitoring has failed. · Ramp—Ramp-up phase of slow online. · Shutdown—The LB link is shut down. · Standby—Standby phase of slow online. |
VPN instance |
VPN instance of the LB link. · Config—Manually configured. · Inherit—Inherited. This field is not supported in the current software version. |
Inherit VPN |
State of VPN instance inheritance: Enabled or Disabled. This field is not supported in the current software version. |
Router IP |
IPv4 address of the gateway on the LB link. |
Router IPv6 |
IPv6 address of the gateway on the LB link. |
Link group |
Link group to which the LB link belongs. |
Weight |
Weight of the LB link. |
Priority |
Priority of the LB link. |
Cost |
Cost for proximity calculation. |
Slow shutdown |
Slow offline state of the LB link: · Disabled. · Enabled. |
Connection limit |
Maximum number of connections for the LB link. |
Rate limit |
Rate limit of the LB link. |
Connections |
Maximum number of connections per second for the LB link. |
Bandwidth |
Maximum bandwidth for the LB link in KBps. |
Inbound bandwidth |
Maximum inbound bandwidth for the LB link in KBps. |
Outbound bandwidth |
Maximum outbound bandwidth for the LB link in KBps. |
Bandwidth busy |
Bandwidth ratio. |
Max bandwidth |
Maximum expected bandwidth for the LB link in KBps. |
Max inbound bandwidth |
Maximum inbound expected bandwidth for the LB link in KBps. |
Max outbound bandwidth |
Maximum outbound expected bandwidth for the LB link in KBps. |
Busy rate |
Bandwidth ratio for the LB link. |
Inbound busy rate |
Inbound bandwidth ratio for the LB link. |
Outbound busy rate |
Outbound bandwidth ratio for the LB link. |
Busy recovery rate |
Bandwidth recovery ratio for the LB link. |
Inbound busy recovery rate |
Inbound bandwidth recovery ratio for the LB link. |
Outbound busy recovery rate |
Outbound bandwidth recovery ratio for the LB link. |
Probe information |
Detailed health monitoring information for the LB link. |
Probe success criteria |
Health monitoring success criteria for the LB link: · All—Health monitoring succeeds only when all the specified health monitoring methods succeed. · At least—Health monitoring succeeds when a specified minimum number of health monitoring methods succeed. |
Probe method |
Name of the NQA template used by the health monitoring method. |
State |
State of the health monitoring method: · Failed—Health monitoring has failed. · In progress—Health monitoring is in progress. · Invalid—Health monitoring is unavailable (because the configuration of the NQA template is not complete), or the link is unavailable. · Succeeded—Health monitoring has succeeded. |
display loadbalance link-group
Use display loadbalance link-group to display link group information.
Syntax
display loadbalance link-group [ brief | name link-group-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
brief: Displays brief information about all link groups. If you do not specify this keyword, the command displays detailed link group information.
name link-group-name: Specifies a link group by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this option, the command displays information about all link groups.
Usage guidelines
If you do not specify any parameters, the command displays detailed information about all link groups.
A link is displayed as unavailable if the link group configuration is not complete, the link group is not referenced, or the virtual server is not enabled. This does not mean that the link is not available.
Examples
# Display brief information about all link groups.
<Sysname> display loadbalance link-group brief
Predictor: RR - Round robin, RD - Random, LC - Least connection,
BW – Bandwidth, MBW – Max bandwidth,
IBW – Inbound bandwidth, OBW – Outbound bandwidth,
MIBW – Max inbound bandwidth, MOBW – Max outbound bandwidth,
HASH(SIP) - Hash address source IP,
HASH(DIP) - Hash address destination IP,
HASH(SIP-PORT) - Hash address source IP-port
NAT/SNAT: Y - Enabled, N - Disabled
Link group Predictor NAT SNAT Total Active
lg RR Y N 3 3
# Display detailed information about all link groups.
<Sysname> display loadbalance link-group
Link group: lg1
Description:
Predictor: Hash address
Proximity: Disabled
NAT: Enabled
SNAT pool:
Failed action: Keep
Active threshold: Enabled
Lower: 80
Upper: 90
Slow-online: Enabled
Standby time: 5s
Ramp-up time: 10s
Selected link: Enabled
Min link: 100
Max link: 600
Probe information:
Probe success criteria: All
Probe method:
aaa
ddd
Total link: 1
Active link: 1
Link list:
Name State VPN instance Router IP Weight Priority
Link1 Inactive -- 1.2.3.4 4 100
Table 14 Command output
Field |
Description |
Link group |
Link group name. |
Description |
Description for the link group. |
Predictor |
Scheduling algorithm of the link group: · RR—Weighted round robin algorithm. · RD—Random algorithm. · LC—Weighted least connection algorithm. · BW—Bandwidth algorithm. · IBW—Inbound bandwidth algorithm. · OBW—Outbound bandwidth algorithm. · MBW—Maximum bandwidth algorithm. · MIBW—Maximum inbound bandwidth algorithm. · MOBW—Maximum outbound bandwidth algorithm. · HASH(SIP)—Hash algorithm based on source IP address. · HASH(DIP)—Hash algorithm based on destination IP address. · HASH(SIP-PORT)—Hash algorithm based on source IP address and port number. |
Proximity |
Proximity state of the link group: · Disabled. · Enabled. |
NAT |
NAT state of the link group: · Disabled. · Enabled. |
SNAT pool |
Name of the SNAT address pool referenced by the link group. |
Failed action |
Fault processing method of the link group: · Keep—Keeps existing connections. · Reschedule—Redirects connections. · Reset—Terminates existing connections. |
Active threshold |
State of the criteria to determine that the link group is available: disabled or enabled. If the state is enabled, the following fields are displayed: · Lower—Lower percentage value. · Upper—Upper percentage value. |
Slow-online |
State of the slow online feature: disabled or enabled. If the state is enabled, the following fields are displayed: · Standby time. · Ramp-up time. |
Selected link |
State of link limit to participate in scheduling: disabled or enabled. If the state is enabled, the following fields are displayed: · Min server—Minimum number of links that participate in scheduling. · Max server—Maximum number of links that participate in scheduling. |
Probe success criteria |
Health monitoring success criteria for the link group: · All—Health monitoring succeeds only when all the specified health monitoring methods succeed. · At least X—Health monitoring succeeds when a minimum of X health monitoring methods succeed. |
Probe method |
Name of the NQA template used by the health monitoring method. |
Total link |
Total number of links. |
Active link |
Number of active links. |
Name |
Link name. |
State |
Link state: · Active—The link is available. · Busy—The link is busy. When the link is in Active or Ramp state and enabled with bandwidth statistics collection and link protection, this field displays Busy if the maximum expected bandwidth is reached. · Inactive—The link is unavailable, because the configuration is not complete, the link is not referenced, or the virtual server is not enabled. · Probe-failed—Health monitoring has failed. · Ramp—Ramp-up phase of slow online. · Shutdown—The link is shut down. · Standby—Standby phase of slow online. |
VPN instance |
VPN instance of the link. This field is not supported in the current software version. |
Router IP |
IPv4 and IPv6 addresses of the link. |
Weight |
Weight of the link. |
Priority |
Priority of the link. |
display loadbalance link statistics
Use display loadbalance link statistics to display link statistics.
Syntax
display loadbalance link statistics [ name link-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
name link-name: Specifies a link by its name, a case-insensitive string of 1 to 63 characters.
Examples
# Display statistics for the link lk1.
<Sysname> display loadbalance link statistics name lk1
Loadbalance link: lk1
Total connections: 1798
Active connections: 788
Max connections: 803
Connections per second: 157
Max connections per second: 163
Downstream traffic: 333332 bytes
Upstream traffic: 472054 bytes
Throughput: 4396 bytes/s
Inbound throughput: 1214 bytes/s
Outbound throughput: 3128 bytes/s
Max throughput: 4564 bytes/s
Max inbound throughput: 1214 bytes/s
Max outbound throughput: 3320 bytes/s
Received packets: 1798
Sent packets: 0
Dropped packets: 0
Table 15 Command output
Field |
Description |
Loadbalance link |
Link name. |
Total connections |
Total number of connections. |
Active connections |
Number of active connections. |
Max connections |
Maximum number of connections. |
Connections per second |
Number of connections per second. |
Max connections per second |
Maximum number of connections per second. |
Downstream traffic |
Downstream traffic (in bytes) received by the LB device. |
Upstream traffic |
Upstream traffic (in bytes) sent by the LB device. |
Throughput |
Total packet throughput in Bps. |
Inbound throughput |
Inbound packet throughput in Bps. |
Outbound throughput |
Outbound packet throughput in Bps. |
Max throughput |
Maximum packet throughput in Bps. |
Max inbound throughput |
Maximum inbound packet throughput in Bps. |
Max outbound throughput |
Maximum outbound packet throughput in Bps. |
Received packets |
Number of received packets. |
Sent packets |
Number of sent packets. |
Dropped packets |
Number of dropped packets. |
display loadbalance policy
Use display loadbalance policy to display LB policy information.
Syntax
display loadbalance policy [ name policy-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
name policy-name: Specifies an LB policy by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this option, the command displays information about all LB policies.
Examples
# Display information about all LB policies.
<Sysname> display loadbalance policy
LB policy: lbp3
Description:
Type: Link-generic
Class: lbc3
Action: lba3
Default class action: lba3
LB policy: lbp4
Description:
Type: DNS
Class: lbc4
Action: lba4
Default class action: lba4
Table 16 Command output
Field |
Description |
LB policy |
LB policy name. |
Description |
Description for the LB policy. |
Type |
LB policy type: · DNS. · Link-generic. |
Class |
LB class for the LB policy. |
Action |
LB action for the LB class. |
Default class action |
Default LB action. |
display loadbalance proximity
Use display loadbalance proximity to display proximity entry information.
Syntax
display loadbalance proximity [ ip [ ipv4-address ] | ipv6 [ ipv6-address ] ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
ip [ ipv4-address ]: Displays IPv4 proximity entry information. If you specify the ipv4-address argument, this command displays detailed information about the proximity entry corresponding to the IPv4 address. If you do not specify the ipv4-address argument, this command displays brief information about all IPv4 proximity entries.
ipv6 [ ipv6-address ]: Displays IPv6 proximity entry information. If you specify the ipv6-address argument, this command displays detailed information about the proximity entry corresponding to the IPv6 address. If you do not specify the ipv6-address argument, this command displays brief information about all IPv6 proximity entries.
Usage guidelines
If you do not specify the ip or ipv6 keyword, this command displays brief information about all IPv4 and IPv6 proximity entries.
Examples
# Display brief information about all IPv4 and IPv6 proximity entries for the public network.
<Sysname> display loadbalance proximity
(*) – Real server object
Slot :1
IPv4 address/Mask length Timeout Best link
------------------------------------------------------------
1.2.3.0/24 59 lk1
1.2.15.0/24 58 lk2
IPv6 address/Prefix length Timeout Best link
------------------------------------------------------------
11:22::/96 40 lk1
# Display detailed information about the proximity entry corresponding to the IP address 1.2.3.1 for the public network.
<Sysname> display loadbalance proximity ip 1.2.3.1
(*) – Real server object
IPv4 address/Mask length: 1.2.3.0/24
Timeout: 40
Link list:
lk1
lk2
Table 17 Command output
Field |
Description |
(*) – Real server object |
The link corresponds to a real server object. This field is not supported in the current software version. |
Remaining time of the proximity entries, in seconds. |
|
Links for the proximity entry. They are listed in descending priority order. |
display loadbalance snat-pool
Use display loadbalance snat-pool to display SNAT address pool information.
Syntax
display loadbalance snat-pool [ name pool-name ]
Views
Any view
Predefined user roles
network-operator
Parameters
name pool-name: Specifies an SNAT address pool by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this option, the command displays information about all SNAT address pools.
Examples
# Display information about all SNAT address pools.
<Sysname> display loadbalance snat-pool
SNAT pool: lbsp1
Description:
IPv4 range:
Start address End address
202.110.10.10 202.110.10.15
IPv6 range:
Start address End address
2002::2 2002::100
SNAT pool: lbsp2
Description:
IPv4 range:
Start address End address
203.110.10.10 203.110.10.15
IPv6 range:
Start address End address
2003::2 2003::100
Table 18 Command output
Field |
Description |
SNAT pool |
SNAT address pool name. |
Description |
Description for the SNAT address pool. |
IPv4 range |
IPv4 address range. |
IPv6 range |
IPv6 address range. |
display parameter-profile
Use display parameter-profile to display parameter profile information.
Syntax
display parameter-profile [ name parameter-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
name parameter-name: Specifies a parameter profile by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this option, the command displays information about all parameter profiles.
Examples
# Display information about all parameter profiles.
<Sysname> display parameter-profile
Parameter profile: pp1
Description:
Type: IP
IP ToS: 20
Table 19 Command output
Field |
Description |
Parameter profile |
Parameter profile name. |
Description |
Description for the parameter profile. |
Type |
Parameter profile type, which can only be IP. |
IP ToS |
ToS field of the IP packets sent to the server. |
display sticky
Use display sticky to display sticky entry information.
Syntax
display sticky { dns-proxy [ dns-proxy-name ] | virtual-server [ virtual-server-name ] } [ class class-name | default-class | default-dns-server-pool | default-link-group ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
dns-proxy dns-proxy-name: Specifies a transparent DNS proxy by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this option, the command displays sticky entry information for all transparent DNS proxies.
virtual-server virtual-server-name: Specifies a virtual server by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this option, the command displays sticky entry information for all virtual servers.
class class-name: Specifies an LB class by its name, a case-insensitive string of 1 to 63 characters.
default-class: Specifies the default LB action.
default-dns-server-pool: Specifies the default DNS server pool.
default-link-group: Specifies the default link group.
Examples
# Display sticky entry information for all virtual services.
<Sysname> display sticky virtual-server
Virtual server name: vs4
Sticky zone type: Default link group
Class name:
Sticky group name: sg3
Sticky method: Both IP and port
Timeout: 60
Sticky entry Link Expired time Count
-----------------------------------------------------------------------------
192.168.6.206/2605 192.168.6.206/0 55 0
192.168.6.40/80
# Display sticky entry information for all transparent DNS proxies.
<Sysname> display sticky dns-proxy
DNS proxy name: dns-proxy1
Sticky zone type: Default DNS server pool
Sticky group name: st
Sticky method: Source IP
Timeout: 60
Sticky entry DNS server Expired time Count
--------------------------------------------------------------------
192.168.6.206/2606 192.168.6.206/0 57 0
DNS proxy name: dns-proxy2
Sticky zone type: Class
Class name: class
Sticky group name: sg2
Sticky method: Destination IP and port
Timeout: 60
Sticky entry DNS server Expired time Count
-------------------------------------------------------------------
192.168.6.206/2606 192.168.6.206/0 57 0
DNS proxy name: dns-proxy3
Sticky zone type: Default class
Sticky group name: sg3
Sticky method: Both IP and port
Timeout: 60
Sticky entry DNS server Expired time Count
-------------------------------------------------------------------
192.168.6.206/2606 192.168.6.206/0 57 0
Table 20 Command output
Field |
Description |
Sticky zone type |
Sticky entry source: · Class—Generated by the class and action in the policy referenced by the virtual service. · Default class—Generated by the default action in the policy referenced by the virtual service. · Default DNS server pool—Generated by the default DNS server pool of the transparent DNS proxy. · Default link group—Generated by the default primary or backup link group of the virtual service. |
Class name |
LB class name. The LB class name is displayed only when the sticky entries are generated by the class and action. |
Sticky group name |
Name of the sticky group that generates the sticky entries. |
Sticky method |
Sticky method corresponding to the sticky entries: · Source IP—Source IPv4 address sticky method. · Source IPv6—Source IPv6 address sticky method. · Source IP and port—Source IPv4 address + source port sticky method. · Source IPv6 and port—Source IPv6 address + source port sticky method. · Destination IP—Destination IPv4 address sticky method. · Destination IPv6—Destination IPv6 address sticky method. · Destination IP and port—Destination IPv4 address + destination port sticky method. · Destination IPv6 and port—Destination IPv6 address + destination port sticky method. · Both IP—Source IPv4 address + destination IPv4 address sticky method. · Both IPv6—Source IPv6 address + destination IPv6 address sticky method. · Both IP and port—Source IPv4 address + source port + destination IPv4 address + destination port sticky method. · Both IPv6 and port—Source IPv6 address + source port + destination IPv6 address + destination port sticky method. |
Timeout |
Timeout time of the sticky entries, in seconds. |
Sticky entry |
Key value corresponding to the sticky entry. |
DNS server |
IP address and port number of the DNS server. |
Link |
Outbound next hop IP address and port number of the link. |
Expired time |
Remaining lifetime of the sticky entry. If the reference count is not 0, the configured value is displayed. |
Count |
Reference count of the sticky entry. |
display sticky-group
Use display sticky-group to display sticky group information.
Syntax
display sticky-group [ name group-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
name group-name: Specifies a sticky group by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this option, the command displays information about all sticky groups.
Examples
# Display information about all sticky groups.
<Sysname> display sticky-group
Sticky group: sg1
Description:
Timeout: 60
Override limit: Disabled
Sticky group type: Address-port
Method: Both IP and port
Mask: 32
Table 21 Command output
Field |
Description |
Sticky group |
Sticky group name. |
Description |
Description for the sticky group. |
Timeout |
Timeout time for sticky entries in seconds. |
Override limit |
Whether the feature of ignoring the limits for sessions that match sticky entries is enabled: Enabled or Disabled. |
Sticky group type |
Sticky group type: · Address-port—Address and port. |
Table 22 Detailed information for sticky groups
Sticky group type |
Field |
Description |
Address-port |
Method |
Sticky method: · Source IP—Source IPv4 address sticky method. · Source IPv6—Source IPv6 address sticky method. · Source IP and port—Source IPv4 address + source port sticky method. · Source IPv6 and port—Source IPv6 address + source port sticky method. · Destination IP—Destination IPv4 address sticky method. · Destination IPv6—Destination IPv6 address sticky method. · Destination IP and port—Destination IPv4 address + destination port sticky method. · Destination IPv6 and port—Destination IPv6 address + destination port sticky method. · Both IP—Source IPv4 address + destination IPv4 address sticky method. · Both IPv6—Source IPv6 address + destination IPv6 address sticky method. · Both IP and port—Source IPv4 address + source port + destination IPv4 address + destination port sticky method. · Both IPv6 and port—Source IPv6 address + source port + destination IPv6 address + destination port sticky method. |
Mask |
Mask length for the sticky method. This field is displayed only for IPv4 sticky methods. |
|
Prefix |
Prefix length for the sticky method. This field is displayed only for IPv6 sticky methods. |
display virtual-server
Use display virtual-server to display virtual server information.
Syntax
display virtual-server [ brief | name virtual-server-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
brief: Displays brief virtual server information. If you do not specify this keyword, the command displays detailed virtual server information.
name virtual-server-name: Displays information about the specified virtual server. The virtual-server-name argument specifies a virtual server name, a case-insensitive string of 1 to 63 characters. If you do not specify this option, the command displays information about all virtual servers.
Examples
# Display brief information about all virtual servers.
<Sysname> display virtual-server brief
Virtual server State Type VPN instance Virtual address Port
vs3 Active LINK-IP 51.139.4.100/32 0
# Display detailed information about the virtual server lk.
<Sysname> display virtual-server name lk
Virtual server: lk
Description:
Type: Link-IP
State: Active
VPN instance: --
Virtual IPv4 address: 1.1.1.1/32
Virtual IPv6 address: 1001::1/128
Port: 0
Primary link group: lg1 (in use)
Backup link group: lg2
Sticky: sg3
LB policy: lbp2
Connection limit: 10000
Rate limit:
Connections: 10000
Bandwidth: 10000 Kbytes/s
Inbound bandwidth: 5000 Kbytes/s
Outbound bandwidth: 5000 Kbytes/s
Bandwidth busy protection: Disabled
Interface bandwidth statistics: Disabled
Table 23 Command output
Field |
Description |
Virtual server |
Virtual server name. |
State |
Virtual server state: · Active—The virtual server is available. · Inactive—The virtual server is unavailable for any reason other than lack of license and disabled virtual server. · Inactive (no license)—The virtual server is unavailable because of lack of license. · Inactive (disabled)—The virtual server is unavailable because the virtual server is disabled. |
Type |
Virtual server type: link-IP. |
Name of the VPN instance to which the virtual server belongs. This field is not supported in the current software version. |
|
Virtual address |
IPv4 address and mask of the virtual server. |
Port |
Port number of the virtual server. |
Description |
Description of the virtual server. |
Virtual IPv4 address |
IPv4 address and mask of the virtual server. |
Virtual IPv6 address |
IPv6 address and prefix of the virtual server. |
Primary link group |
Default primary link group name. (in use) indicates the link group is in use. |
Backup link group |
Default backup link group name. (in use) indicates the link group is in use. |
Sticky |
Default sticky group name. |
LB policy |
LB policy referenced by the virtual server. |
IP parameter profile |
IP parameter profile referenced by the virtual server. This field is displayed only when an IP parameter profile is configured. |
Connection limit |
Maximum number of connections of the virtual server. |
Rate limit |
Rate limit of the virtual server. |
Connections |
Maximum number of connections per second of the virtual server. |
Bandwidth |
Maximum bandwidth for the virtual server in KBps. |
Inbound bandwidth |
Maximum inbound bandwidth for the virtual server in KBps. |
Outbound bandwidth |
Maximum outbound bandwidth for the virtual server in KBps. |
Link protection state: Enabled or Disabled. |
|
Interface bandwidth statistics |
Bandwidth statistics collection by interfaces: Disabled or Enabled. |
display virtual-server statistics
Use display virtual-server statistics to display virtual server statistics.
Syntax
display virtual-server statistics [ name virtual-server-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
name virtual-server-name: Specifies a virtual server by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this option, the command displays statistics of all virtual servers.
Examples
# Display statistics for the virtual server vs.
<Sysname> display virtual-server statistics name vs
Virtual server: vs
Total connections: 979
Active connections: 618
Max connections: 661
Connections per second: 146
Max connections per second: 156
Client input: 333332 bytes
Client output: 472054 bytes
Throughput: 4088 bytes/s
Inbound throughput: 1214 bytes/s
Outbound throughput: 2874 bytes/s
Max throughput: 4368 bytes/s
Max inbound throughput: 1214 bytes/s
Max outbound throughput: 3154 bytes/s
Received packets: 979
Sent packets: 0
Dropped packets: 0
Table 24 Command output
Field |
Description |
Virtual server |
Virtual server name. |
Total connections |
Total number of connections. |
Active connections |
Number of active connections. |
Max connections |
Maximum number of connections. |
Connections per second |
Number of connections per second. |
Max connections per second |
Maximum number of connections per second. |
Client input |
Traffic (in bytes) received from the client. |
Client output |
Traffic (in bytes) sent to the client. |
Throughput |
Total packet throughput in Bps. |
Inbound throughput |
Inbound packet throughput in Bps. |
Outbound throughput |
Outbound packet throughput in Bps. |
Max throughput |
Maximum packet throughput in Bps. |
Max throughput |
Maximum inbound packet throughput in Bps. |
Max throughput |
Maximum outbound packet throughput in Bps. |
Received packets |
Number of received packets. |
Sent packets |
Number of packets sent by the virtual server to the client. |
Dropped packets |
Number of dropped packets. |
reset virtual-server statistics
dns-server-pool (LB action view)
Use dns-server-pool to specify a DNS server pool for guiding packet forwarding.
Use undo dns-server-pool to restore the default.
Syntax
dns-server-pool pool-name [ sticky sticky-name ]
undo dns-server-pool
Default
No DNS server pool is specified for guiding packet forwarding.
Views
DNS LB action view
Predefined user roles
network-admin
Parameters
pool-name: Specifies a DNS server pool by its name, a case-insensitive string of 1 to 63 characters.
sticky sticky-name: Specifies a sticky group by its name, a case-insensitive string of 1 to 63 characters. If you do not specify a sticky group, the DNS server pool does not correspond to any sticky group.
Usage guidelines
This command is mutually exclusive with the forward all or skip current-dns-proxy command. If you configure one command, the other command (if configured) is automatically cancelled.
Examples
# Specify the DNS server pool dsp and the sticky group sg1 for DNS LB action lba1.
<Sysname> system-view
[Sysname] loadbalance action lba1 type dns
[Sysname-lba-dns-lba1] dns-server-pool dsp sticky st1
Related commands
forward all
dns-server-pool (DNS server view)
Use dns-server-pool to specify a DNS server pool for a DNS server.
Use undo dns-server-pool to restore the default.
Syntax
dns-server-pool pool-name
undo dns-server-pool
Default
A DNS server does not belong to any DNS server pool.
Views
DNS server view
Predefined user roles
network-admin
Parameters
pool-name: Specifies a DNS server pool by its name, a case-insensitive string of 1 to 63 characters.
Usage guidelines
You can specify a DNS server pool that has not been created.
Examples
# Specify DNS server pool dns-pool1 for DNS server ds1.
<Sysname> system-view
[Sysname] loadbalance dns-server ds1
[Sysname-lb-ds-ds1] dns-server-pool dns-pool1
Related commands
display loadbalance dns-server
fail-action
Use fail-action to specify the fault processing method for a link group.
Use undo fail-action to restore the default.
Syntax
fail-action { keep | reschedule | reset }
undo fail-action
Default
The fault processing method is to keep existing connections.
Views
Link group view
Predefined user roles
network-admin
Parameters
keep: Keeps the connection with the failed link. Keeping or terminating the connection depends on the timeout mechanism of the protocol.
reschedule: Redirects the connection to another available link in the link group.
reset: Terminates the connection with the failed link by sending RST packets (for TCP packets) or ICMP unreachable packets (for other types of packets).
Usage guidelines
The fault processing method applies when the link that processes packets fails.
Examples
# Specify the fault processing method for the link group lg as reschedule.
<Sysname> system-view
[Sysname] loadbalance link-group lg
[Sysname-lb-lgroup-lg] fail-action reschedule
fallback-action continue
Use fallback-action continue to match the next rule upon failure to find an available server.
Use undo fallback-action continue to restore the default.
Syntax
fallback-action continue
undo fallback-action continue
Default
The next rule is not matched when no servers are available for the current LB action.
Views
LB action view
Predefined user roles
network-admin
Usage guidelines
This command enables packets to match the next rule in an LB policy when no servers are available for the current LB action.
Examples
# Match the next rule upon failure to find a DNS server for the DNS LB action a2.
<Sysname> system-view
[Sysname] loadbalance action a2 type dns
[Sysname-lba-dns-a2] fallback-action continue
forward all
Use forward all to configure the packet forwarding mode.
Use undo forward to restore the default.
Syntax
forward all
undo forward
Default
The packet forwarding mode is to discard packets.
Views
DNS/Link-generic LB action view
Predefined user roles
network-admin
Usage guidelines
In DNS LB action view, this command is mutually exclusive with the dns-server-pool or skip current-dns-proxy command. In link-generic LB action view, the forward all and link-group commands are mutually exclusive. If you configure one command, the other command (if configured) is automatically cancelled.
Examples
# Configure the packet forwarding mode for the link-generic LB action lba1.
<Sysname> system-view
[Sysname] loadbalance action lba1 type link-generic
[Sysname-lba-link-generic-lba1] forward all
Related commands
dns-server-pool
link-group (LB action view)
ip
Use ip to configure the IPv4 sticky method.
Use undo ip to restore the default.
Syntax
ip [ port ] { both | destination | source } [ mask mask-length ]
undo ip
Default
No IPv4 sticky method is configured.
Views
Sticky group view
Predefined user roles
network-admin
Parameters
port: Specifies the sticky method as IPv4 address + port number. If you do not specify this keyword, the sticky method is IPv4 address.
both: Specifies the sticky method as source IPv4 address + destination IPv4 address (if you do not specify the port keyword), or source IPv4 address + source port number + destination IPv4 address + destination port number (if you specify the port keyword).
destination: Specifies the sticky method as destination IPv4 address if you do not specify the port keyword, or destination IPv4 address + destination port number if you specify the port keyword.
source: Specifies the sticky method as source IPv4 address if you do not specify the port keyword, or source IPv4 address + source port number if you specify the port keyword.
mask mask-length: Specifies the mask length for the sticky method.
Examples
# Configure the sticky method for the address and port-based sticky group sg1 as source IPv4 address.
<Sysname> system-view
[Sysname] sticky-group sg1 type address-port
[Sysname-sticky-address-port-sg1] ip source
# Configure the sticky method for the address and port-based sticky group sg1 as source IPv4 address + source port number.
<Sysname> system-view
[Sysname] sticky-group sg1 type address-port
[Sysname-sticky-address-port-sg1] ip port source
Related commands
sticky-group
ip address (transparent DNS proxy view)
Use ip address to specify an IPv4 address for a transparent DNS proxy.
Use undo ip address to restore the default.
Syntax
ip address ipv4-address [ mask-length | mask ]
undo ip address
Default
No IPv4 address is specified for a transparent DNS proxy.
Views
Transparent DNS proxy view
Predefined user roles
network-admin
Parameters
ipv4-address: Specifies an IPv4 address, which cannot be a loopback address, multicast address, broadcast address, or an address in the format of 0.X.X.X.
mask-length: Specifies a mask length in the range of 0 to 32.
mask: Specifies a subnet mask.
Usage guidelines
A transparent DNS proxy processes a DNS request only when the destination IP address and port number of the DNS request match those of the transparent DNS proxy.
If you execute this command multiple times, the most recent configuration takes effect.
Examples
# Specify the IPv4 address for transparent DNS proxy dns-proxy1 as 1.2.3.4/24.
<Sysname> system-view
[Sysname] loadbalance dns-proxy dns_proxy1
[Sysname-lb-dp-udp-dns-proxy1] ip address 1.2.3.4 24
ip address (DNS server view)
Use ip address to specify an IPv4 address for a DNS server.
Use undo ip address to restore the default.
Syntax
ip address ipv4-address
undo ip address
Default
No IPv4 address is specified for a DNS server.
Views
DNS server view
Predefined user roles
network-admin
Parameters
ipv4-address: Specifies an IPv4 address, which cannot be a loopback address, multicast address, broadcast address, or an address in the format of 0.X.X.X.
Usage guidelines
If you execute this command multiple times, the most recent configuration takes effect.
Examples
# Specify the IPv4 address for DNS server ds1 as 1.2.3.4.
<Sysname> system-view
[Sysname] loadbalance dns-server ds1
[Sysname-lb-ds-ds1] ip address 1.2.3.4
ip address (ISP view)
Use ip address to configure an IPv4 address for an ISP.
Use undo ip address to restore the default.
Syntax
ip address ipv4-address { mask-length | mask }
undo ip address ipv4-address { mask-length | mask }
Default
No IPv4 address is configured for an ISP.
Views
ISP view
Predefined user roles
network-admin
Parameters
ipv4-address: Specifies an IPv4 address.
mask-length: Specifies the mask length for the IPv4 address, in the range of 0 to 32.
mask: Specifies the mask for the IPv4 address.
Examples
# Configure the IPv4 address for the ISP isp1 as 1.1.1.1.
[Sysname] loadbalance isp name isp1
[Sysname-lbisp-isp1] ip address 1.1.1.1 24
ip mask
Use ip mask to set the mask length for IPv4 proximity entries.
Use undo ip mask to restore the default.
Syntax
ip mask { mask-length | mask }
Default
The mask length for IPv4 proximity entries is 24.
Views
Proximity view
Predefined user roles
network-admin
Parameters
mask-length: Specifies the mask length for IPv4 proximity entries, in the range of 0 to 32. A value of 0 indicates the natural mask.
mask: Specifies the mask for IPv4 proximity entries.
Examples
# Set the mask length for IPv4 proximity entries to 30.
[Sysname] loadbalance proximity
[Sysname-lb-proximity] ip mask 30
ip range
Use ip range to specify an IPv4 address range for an SNAT address pool.
Use undo ip range to restore the default.
Syntax
ip range start start-ipv4-address end end-ipv4-address
undo ip range
Default
No IPv4 address range is specified for an SNAT address pool.
Views
SNAT address pool view
Predefined user roles
network-admin
Parameters
start start-ipv4-address: Specifies the start IPv4 address.
end end-ipv4-address: Specifies the end IPv4 address, which must be greater than or equal to the start IPv4 address.
Usage guidelines
An SNAT address pool can have a maximum of 256 IPv4 addresses. No overlapping IPv4 addresses are allowed in different SNAT address pools.
Examples
# Specify IPv4 address range 1.1.1.1 to 1.1.1.100 for the SNAT address pool lbsp.
<Sysname> system-view
[Sysname] loadbalance snat-pool lbsp
[Sysname-lbsnat-pool-lbsp] ip range start 1.1.1.1 end 1.1.1.100
ipv6
Use ipv6 to configure the IPv6 sticky method.
Use undo ipv6 to restore the default.
Syntax
ipv6 [ port ] { both | destination | source } [ prefix prefix-length ]
undo ipv6
Default
No IPv6 sticky method is configured.
Views
Sticky group view
Predefined user roles
network-admin
Parameters
port: Specifies the sticky method as IPv6 address + port number. If you do not specify this keyword, the sticky method is IPv6 address.
both: Specifies the sticky method as source IPv6 address + destination IPv6 address if you do not specify the port keyword, or source IPv6 address + source port number + destination IPv6 address + destination port number if you specify the port keyword.
destination: Specifies the sticky method as destination IPv6 address if you do not specify the port keyword, or destination IPv6 address + destination port number if you specify the port keyword.
source: Specifies the sticky method as source IPv6 address if you do not specify the port keyword, or source IPv6 address + source port number if you specify the port keyword.
prefix prefix-length: Specifies the prefix length for the sticky method.
Examples
# Configure the sticky method for the address- and port-based sticky group sg1 as source IPv6 address.
<Sysname> system-view
[Sysname] sticky-group sg1 type address-port
[Sysname-sticky-address-port-sg1] ipv6 source
# Configure the sticky method for the address- and port-based sticky group sg1 as source IPv6 address + source port number.
<Sysname> system-view
[Sysname] sticky-group sg1 type address-port
[Sysname-sticky-address-port-sg1] ipv6 port source
Related commands
sticky-group
ipv6 address (DNS server view)
Use ipv6 address to configure an IPv6 address for a DNS server.
Use undo ipv6 address to restore the default.
Syntax
ipv6 address ipv6-address
undo ipv6 address
Default
No IPv6 address is configured for a DNS server.
Views
DNS server view
Predefined user roles
network-admin
Parameters
ipv6-address: Specifies an IPv6 address, which cannot be a loopback address, IPv6 multicast address, link-local address, or all-zero address.
Usage guidelines
If you execute this command multiple times, the most recent configuration takes effect.
Examples
# Configure the IPv6 address for DNS server ds1 as 1001::1.
<Sysname> system-view
[Sysname] loadbalance dns-server ds1
[Sysname-lb-ds-ds1] ipv6 address 1001::1
ipv6 address (transparent DNS proxy view)
Use ipv6 address to configure an IPv6 address for a transparent DNS proxy.
Use undo ipv6 address to restore the default.
Syntax
ipv6 address ipv6-address [ prefix-length ]
undo ipv6 address
Default
No IPv6 address is configured for a transparent DNS proxy.
Views
Transparent DNS proxy view
Predefined user roles
network-admin
Parameters
ipv6-address: Specifies an IPv6 address, which cannot be a loopback address, IPv6 multicast address, link-local address, or all-zero address (If the prefix length is 0, you can specify the all-zero address.).
prefix-length: Specifies a prefix length for the IPv6 address, in the range of 0 to 128.
Usage guidelines
If you execute this command multiple times, the most recent configuration takes effect.
Examples
# Configure the IPv6 address for transparent DNS proxy dns-proxy1 as 1::2:3/112.
<Sysname> system-view
[Sysname] loadbalance dns-proxy dns-proxy1
[Sysname-lb-dp-udp-dns-proxy1] ipv6 address 1::2:3 112
ipv6 address (ISP view)
Use ipv6 address to configure an IPv6 address for an ISP.
Use undo ipv6 address to restore the default.
Syntax
ipv6 address ipv6-address prefix-length
undo ipv6 address ipv6-address prefix-length
Default
No IPv6 address is configured for an ISP.
Views
ISP view
Predefined user roles
network-admin
Parameters
ipv6-address: Specifies an IPv6 address.
prefix-length: Specifies the prefix length for the IPv6 address, in the range of 1 to 128.
Examples
# Configure the IPv6 address for the ISP isp1 as 200::1.
[Sysname] loadbalance isp name isp1
[Sysname-lbisp-isp1] ipv6 address 200::1 100
ipv6 prefix
Use ipv6 prefix to configure the prefix length for IPv6 proximity entries.
Use undo ipv6 prefix to restore the default.
Syntax
Default
The prefix length for IPv6 proximity entries is 96.
Views
Proximity view
Predefined user roles
network-admin
Parameters
prefix-length: Specifies the prefix length for IPv6 proximity entries, in the range of 1 to 128.
Examples
# Specify the prefix length for IPv6 proximity entries as 64.
[Sysname] loadbalance proximity
[Sysname-lb-proximity] ipv6 prefix 64
ipv6 range
Use ip range to specify an IPv6 address range for an SNAT address pool.
Use undo ip range to restore the default.
Syntax
ipv6 range start start-ipv6-address end end-ipv6-address
undo ipv6 range
Default
No IPv6 address range is specified for an SNAT address pool.
Views
SNAT address pool view
Predefined user roles
network-admin
Parameters
start start-ipv6-address: Specifies the start IPv6 address.
end end-ipv6-address: Specifies the end IPv6 address, which must be greater than or equal to the start IPv6 address.
Usage guidelines
An SNAT address pool can have a maximum of 65536 IPv6 addresses. No overlapping IPv6 addresses are allowed in different SNAT address pools.
Examples
# Specify IPv6 address range 1001::1 to 1001::100 for the SNAT address pool lbsp.
<Sysname> system-view
[Sysname] loadbalance snat-pool lbsp
[Sysname-lbsnat-pool-lbsp] ipv6 range start 1001::1 end 1001::100
lb-policy (transparent DNS proxy view)
Use lb-policy to specify an LB policy to be referenced by a transparent DNS proxy.
Use undo lb-policy to restore the default.
Syntax
lb-policy policy-name
undo lb-policy
Default
No LB policy is referenced by a transparent DNS proxy.
Views
Transparent DNS proxy view
Predefined user roles
network-admin
Parameters
policy-name: Specifies an LB policy by its name, a case-insensitive string of 1 to 63 characters.
Usage guidelines
By referencing an LB policy, a transparent DNS proxy implements load balancing for matching packets based on the packet contents.
A transparent DNS proxy can reference only a DNS policy template.
Examples
# Specify the LB policy dns-policy1 to be referenced by transparent DNS proxy dns-proxy1.
<Sysname> system-view
[Sysname] loadbalance dns-proxy dns-proxy1
[Sysname-lb-dp-udp-dns-proxy1] lb-policy dns-policy1
lb-policy (virtual server view)
Use lb-policy to specify an LB policy to be referenced by the specified virtual server.
Use undo lb-policy to restore the default.
Syntax
lb-policy policy-name
undo lb-policy
Default
No LB policy is referenced by a virtual server.
Views
Virtual server view
Predefined user roles
network-admin
Parameters
policy-name: Specifies an LB policy by its name, a case-insensitive string of 1 to 63 characters.
Usage guidelines
By referencing an LB policy, the virtual server implements load balancing for matching packets based on the packet contents.
A virtual server can reference only a link-generic policy template.
Examples
# Specify the LB policy lbp1 to be referenced by the link-IP-type virtual server vs3.
<Sysname> system-view
[Sysname] virtual-server vs3 type link-ip
[Sysname-vs-link-ip-vs3] lb-policy lbp1
link
Use link to associate a link with a DNS server.
Use undo link to restore the default.
Syntax
link link-name
undo link
Default
No link is associated with a DNS server.
Views
DNS server view
Predefined user roles
network-admin
Parameters
link-name: Specifies a link by its name, a case-insensitive string of 1 to 63 characters.
Usage guidelines
A DNS server can be associated with only one link. A link can be associated with multiple DNS servers.
Examples
# Associate link link1 with DNS server ds1.
<Sysname> system-view
[Sysname] loadbalance dns-server ds1
[Sysname-lb-ds-ds1] link link1
link-group (LB action view)
Use link-group to specify the primary link group.
Use undo link-group to restore the default.
Syntax
link-group link-group-name [ backup backup-link-group-name ] [ sticky sticky-name ]
undo link-group
Default
No primary link group is specified.
Views
LB action view
Predefined user roles
network-admin
Parameters
link-group-name: Specifies a primary link group name, a case-insensitive string of 1 to 63 characters.
backup backup-link-group-name: Specifies a backup link group name, a case-insensitive string of 1 to 63 characters.
sticky sticky-name: Specifies the name of the sticky group corresponding to the link group. It is a case-insensitive string of 1 to 63 characters.
Usage guidelines
The link-group and forward all commands are mutually exclusive. If you configure one command, the other command (if configured) is automatically cancelled.
When the primary link group is available (contains links), packets are forwarded through the primary link group. When the primary link group is not available, packets are forwarded through the backup link group.
Examples
# Specify the primary link group lg, the backup link group lgb, and the sticky group sg1 for the link-generic LB action lba1.
<Sysname> system-view
[Sysname] loadbalance action lba1 type link-generic
[Sysname-lba-link-generic-lba1] server-farm sf backup sfb sticky sg1
Related commands
forward all
link-group (link view)
Use link-group to specify a link group for a link.
Use undo link-group to restore the default.
Syntax
link-group link-group-name
undo link-group
Default
A link does not belong to any link group.
Views
Link view
Predefined user roles
network-admin
Parameters
link-group-name: Specifies a link group name, a case-insensitive string of 1 to 63 characters.
Usage guidelines
The device selects the best link from the matching link group to perform link load balancing.
Examples
# Specify the link group lkg1 for the link lk1.
<Sysname> system-view
[Sysname] loadbalance link lk1
[Sysname-lb-link-lk1] link-group lkg1
loadbalance action
Use loadbalance action to create an LB action and enter its view, or enter the view of an existing LB action.
Use undo loadbalance action to delete the specified LB action.
Syntax
loadbalance action action-name [ type { dns | link-generic } ]
undo loadbalance action action-name
Default
No LB actions exist.
Views
System view
Predefined user roles
network-admin
Parameters
action-name: Specifies the LB action name, a case-insensitive string of 1 to 63 characters.
type { dns | link-generic }: Specifies an LB action type.
· dns: DNS load balancing action.
· link-generic: Link load balancing action.
Usage guidelines
When you create an LB action, you must specify the LB action type. You can enter an existing LB action view without entering the type of the LB action.
Examples
# Create the LB action lba1 with the link-generic type, and enter LB action view.
<Sysname> system-view
[Sysname] loadbalance action lba1 type link-generic
[Sysname-lba-link-generic-lba1]
loadbalance alg
Use loadbalance alg to enable ALG for the specified protocols.
Use undo loadbalance alg to disable ALG for the specified protocols.
Syntax
undo loadbalance alg { dns | ftp | h323 | icmp-error | ils | mgcp | nbt | pptp | rsh | rtsp | sccp | sip | sqlnet | tftp | xdmcp }
Default
ALG is enabled for dns, ftp, pptp, icmp-error, and rtsp.
Views
System view
Predefined user roles
network-admin
Parameters
dns: Specifies the DNS protocol.
ftp: Specifies the FTP protocol.
h323: Specifies the H.323 protocol.
icmp-error: Specifies the ICMP error packets.
ils: Specifies the Internet Locator Service (ILS) protocol.
mgcp: Specifies the Media Gateway Control Protocol (MGCP).
nbt: Specifies the NetBIOS over TCP/IP (NBT) protocol.
pptp: Specifies the Point-to-Point Tunneling Protocol (PPTP).
rsh: Specifies the Remote Shell (RSH) protocol.
rtsp: Specifies the Real Time Streaming Protocol (RTSP).
sccp: Specifies the Skinny Client Control Protocol (SCCP).
sip: Specifies the Session Initiation Protocol (SIP).
sqlnet: Specifies the SQLNET protocol.
tftp: Specifies the TFTP protocol.
xdmcp: Specifies the X Display Manager Control Protocol (XDMCP).
Usage guidelines
The ALG feature distributes parent and child sessions to the same link.
Examples
# Enable ALG for TFTP.
[Sysname] loadbalance alg tftp
loadbalance alg all-enable
Use loadbalance alg all-enable to enable ALG for all protocols.
Use loadbalance alg all-disable to disable ALG for all protocols.
Syntax
loadbalance alg all-enable
loadbalance alg all-disable
Default
ALG is enabled for dns, ftp, pptp, icmp-error, and rtsp.
Views
System view
Predefined user roles
network-admin
Examples
# Enable ALG for all protocols.
<Sysname> system-view
[Sysname] loadbalance alg all-enable
loadbalance class
Use loadbalance class to create an LB class and enter its view, or enter the view of an existing LB class.
Use undo loadbalance class to delete the specified LB class.
Syntax
loadbalance class class-name [ type { dns | link-generic } [ match-all | match-any ] ]
undo loadbalance class class-name
Default
No LB classes exist.
Views
System view
Predefined user roles
network-admin
Parameters
class-name: Specifies the LB class name, a case-insensitive string of 1 to 63 characters.
type { dns | link-generic }: Specifies an LB class type.
· dns: DNS load balancing class.
· link-generic: Link load balancing class.
[ match-all | match-any ]: Requires matching all rules or any rule of the LB class. match-all is the default match mode.
Usage guidelines
When you create an LB class, you must specify an LB class type. You can enter an existing LB class view without entering the type of the LB class.
Examples
# Create the LB class lbc1 with the link-generic type, and enter LB class view.
<Sysname> system-view
[Sysname] loadbalance class lbc1 type link-generic
[Sysname-lbc-link-generic-lbc1]
loadbalance dns-proxy
Use loadbalance dns-proxy to create a transparent DNS proxy and enter its view, or enter the view of an existing transparent DNS proxy.
Use undo loadbalance dns-proxy to delete a transparent DNS proxy.
Syntax
loadbalance dns-proxy dns-proxy-name type udp
undo loadbalance dns-proxy dns-proxy-name
Default
No transparent DNS proxies exist.
Views
System view
Predefined user roles
network-admin
Parameters
dns-proxy-name: Specifies the transparent DNS proxy name, a case-insensitive string of 1 to 63 characters.
type udp: Specifies the transparent DNS proxy type as UDP.
Examples
# Create the UDP transparent DNS proxy dns-proxy1, and enter UDP transparent DNS proxy view.
<Sysname> system-view
[Sysname] loadbalance dns-proxy dns-proxy1 type udp
[Sysname-lb-dp-udp-dns-proxy1]
Related commands
display loadbalance dns-proxy
loadbalance dns-server
Use loadbalance dns-server to create a DNS server and enter its view, or enter the view of an existing DNS server.
Use undo loadbalance dns-server to delete a DNS server.
Syntax
loadbalance dns-server dns-server-name
undo loadbalance dns-server dns-server-name
Default
No DNS servers exist.
Views
System view
Predefined user roles
network-admin
Parameters
dns-server-name: Specifies the DNS server name, a case-insensitive string of 1 to 63 characters.
Examples
# Create the DNS server ds1, and enter DNS server view.
<Sysname> system-view
[Sysname] loadbalance dns-server ds1
[Sysname-lb-ds-ds1]
loadbalance dns-server-pool
Use loadbalance dns-server-pool to create a DNS server pool and enter its view, or enter the view of an existing DNS server pool.
Use undo loadbalance dns-server-pool to delete a DNS server pool.
Syntax
loadbalance dns-server-pool pool-name
undo loadbalance dns-server-pool pool-name
Default
No DNS server pools exist.
Views
System view
Predefined user roles
network-admin
Parameters
pool-name: Specifies the DNS server pool name, a case-insensitive string of 1 to 63 characters.
Examples
# Create the DNS server pool dns-pool1, and enter DNS server pool view.
<Sysname> system-view
[Sysname] loadbalance dns-server-pool dns-pool1
[Sysname-lb-dspool-dns-pool1]
loadbalance isp file
Use loadbalance isp file to import an ISP file.
Use undo loadbalance isp file to delete an ISP file.
Syntax
loadbalance isp file isp-file-name
undo loadbalance isp file
Views
System view
Predefined user roles
network-admin
Parameters
isp-file-name: Specifies the ISP file name, a case-insensitive string of 1 to 255 characters.
Usage guidelines
The system keeps the imported information intact when detecting the following problems:
· The file does not exist.
· The file name is invalid.
· File decryption occurs.
If the system quits the import operation because of IP address parsing failure, the system performs the following operations:
· Clears the most recently imported information.
· Saves the information imported this time.
You cannot delete the imported ISP and its IPv4 or IPv6 address. If the manually configured and imported ISP information overlaps, you can delete the manually configured ISP information.
If you execute this command multiple times, the most recent configuration takes effect.
Examples
# Import the ISP file isp2.
[Sysname] loadbalance isp file isp2
loadbalance isp name
Use loadbalance isp name to create an ISP and enter its view, or enter the view of an existing ISP.
Use undo loadbalance isp name to delete the specified ISP.
Syntax
undo loadbalance isp name isp-name
Default
No ISPs exist.
Views
System view
Predefined user roles
network-admin
Parameters
isp-name: Specifies the ISP name, a case-insensitive string of 1 to 63 characters.
Examples
# Create ISP isp1, and enter ISP view.
[Sysname] loadbalance isp name isp1
[Sysname-lbisp-isp1]
loadbalance link
Use loadbalance link to create an LB link and enter its view, or enter the view of an existing LB link.
Use undo loadbalance link to delete an LB link.
Syntax
loadbalance link link-name
undo loadbalance link link-name
Default
No LB links exist.
Views
System view
Predefined user roles
network-admin
Parameters
link-name: Specifies the LB link name, a case-insensitive string of 1 to 63 characters.
Usage guidelines
Each physical link connected to the external network corresponds to an LB link.
Examples
# Create the LB link lk1, and enter LB link view.
<Sysname> system-view
[Sysname] loadbalance link lk1
[Sysname-lb-link-lk1]
loadbalance link-group
Use loadbalance link-group to create a link group and enter its view, or enter the view of an existing link group.
Use undo loadbalance link-group to delete a link group.
Syntax
loadbalance link-group link-group-name
undo loadbalance link-group link-group-name
Default
No link groups exist.
Views
System view
Predefined user roles
network-admin
Parameters
link-group-name: Specifies the link group name, a case-insensitive string of 1 to 63 characters.
Usage guidelines
You can add links that contain similar functions to a link group to facilitate management.
Examples
# Create the link group lg, and enter link group view.
<Sysname> system-view
[Sysname] loadbalance link-group lg
[Sysname-lb-lgroup-lg]
loadbalance policy
Use loadbalance policy to create an LB policy and enter its view, or enter the view of an existing LB policy.
Use undo loadbalance policy to delete the specified LB policy.
Syntax
loadbalance policy policy-name [ type { dns | link-generic } ]
undo loadbalance policy policy-name
Default
No LB policies exist.
Views
System view
Predefined user roles
network-admin
Parameters
policy-name: Specifies the LB policy name, a case-insensitive string of 1 to 63 characters.
type { dns | link-generic }: Specifies an LB policy type.
· dns: DNS load balancing policy.
· link-generic: Link load balancing policy.
Usage guidelines
When you create an LB policy, you must specify the LB policy type. You can enter existing LB policy view without entering the type of the LB policy.
Examples
# Create the LB policy lbp1 with the link-generic type, and enter LB policy view.
<Sysname> system-view
[Sysname] loadbalance policy lbp1 type link-generic
[Sysname-lbp-link-generic-lbp1]
loadbalance proximity
Use loadbalance proximity to create proximity and enter its view, or enter the view of the existing proximity.
Use undo loadbalance proximity to delete proximity view and clear all configuration in proximity view.
Syntax
Views
System view
Predefined user roles
network-admin
Examples
# Create and enter proximity view.
[Sysname] loadbalance proximity
[Sysname-lb-proximity]
loadbalance schedule-test ip
Use loadbalance schedule-test ip to perform an IPv4 load balancing test.
Syntax
Views
Any view
Predefined user roles
network-admin
Parameters
protocol { protocol-number | icmp | tcp | udp }: Specifies a protocol by its number in the range of 0 to 255 or by its name. For ICMP (1), TCP (6), and UDP (17), you can enter the protocol number or protocol name.
destination destination-address: Specifies the destination IPv4 address.
destination-port destination-port: Specifies the destination port number in the range of 0 to 65535. This option is not supported by some protocols.
source source-address: Specifies the source IPv4 address.
source-port source-port: Specifies the source port number in the range of 0 to 65535. This option is not supported by some protocols.
Examples
# Perform an IPv4 load balancing test for the TCP protocol.
<Sysname> loadbalance schedule-test ip protocol tcp destination 7.7.7.7 destination-port 4 source 2.2.2.2 source-port 5
Matched virtual server: vs2
Matched default link group: lg
Forward type: Forwarding to link
Selected link: link2
Scheduling algorithm: Predictor
Table 25 Command output
Field |
Description |
Forwarding mode: · The destination address is not supported. Load balancing is not performed. · Forward all—Forwards packets. · Forwarding to link—Forwards packets to the link. · Drop—Drops packets. · Waiting—Enqueues packets. |
|
Packet drop reason: · Number of connections or bandwidth for the virtual server exceeded the limit. · No class matched and no valid default link group configured. · No valid link in the link group. · Action is drop. · A sticky entry was matched but the number of connections or bandwidth for the link exceeded the limit. · A class was matched but no valid link group exists in the action of the class. · Queue overflow (which means the wait queue is full). |
|
Scheduling algorithm used to select the link: · Predicator—The link is selected by using the scheduling algorithm. · Sticky method—The link is selected by using the sticky method. · Proximity—The link is selected by using the proximity feature. |
loadbalance schedule-test ipv6
Use loadbalance schedule-test ipv6 to perform an IPv6 load balancing test.
Syntax
Views
Any view
Predefined user roles
network-admin
Parameters
protocol { protocol-number | icmpv6 | tcp | udp }: Specifies a protocol by its number in the range of 0 to 255 or by its name. For ICMPv6 (58), TCP (6), and UDP (17), you can enter the protocol number or protocol name.
destination destination-address: Specifies the destination IPv6 address.
destination-port destination-port: Specifies the destination port number in the range of 0 to 65535. This option is not supported by some protocols.
source source-address: Specifies the source IPv6 address.
source-port source-port: Specifies the source port number in the range of 0 to 65535. This option is not supported by some protocols.
Examples
# Schedule an IPv6 load balancing test for the ICMPv6 protocol.
<Sysname> loadbalance schedule-test ipv6 protocol icmpv6 destination 10::1 source 12::2
Matched virtual server: vs2
Matched default link group: lg
Forward type: Forwarding to link
Selected link: link2
Scheduling algorithm: Predictor
Table 26 Command output
Field |
Description |
Forward type |
Forwarding mode: · The destination address is not supported. Load balancing is not performed. · Forward all—Forwards packets. · Forwarding to link—Forwards packets to the link. · Drop—Drops packets. · Waiting—Enqueues packets. |
Drop reason |
Packet drop reason: · Number of connections or bandwidth for the virtual server exceeded the limit. · No class matched and no valid default link group configured. · No valid link in the link group. · Action is drop. · A sticky entry was matched but the number of connections or bandwidth for the link exceeded the limit. · A class was matched but no valid link group exists in the action of the class. · Queue overflow (which means the wait queue is full). |
Scheduling algorithm |
Scheduling algorithm used to select the link: · Predicator—The link is selected by using the scheduling algorithm. · Sticky method—The link is selected by using the sticky method. · Proximity—The link is selected by using the proximity feature. |
loadbalance snat-pool
Use loadbalance snat-pool to create an SNAT address pool and enter its view, or enter the view of an existing SNAT address pool.
Use undo loadbalance snat-pool to delete the specified SNAT address pool.
Syntax
loadbalance snat-pool pool-name
undo loadbalance snat-pool pool-name
Default
No SNAT address pools exist.
Views
System view
Predefined user roles
network-admin
Parameters
pool-name: Specifies the SNAT address pool name, a case-insensitive string of 1 to 63 characters.
Examples
# Create the SNAT address pool lbsp, and enter SNAT address pool view.
<Sysname> system-view
[Sysname] loadbalance snat-pool lbsp
[Sysname-lbsnat-pool-lbsp]
match
Use match to specify the proximity probe method for packets.
Use undo match to restore the default.
Syntax
match [ match-id ] tcp probe nqa-template
undo match match-id
Default
No proximity probe method is specified.
Views
Proximity view
Predefined user roles
network-admin
Parameters
match-id: Specifies a proximity probe method by its ID in the range of 1 to 65535. If the rule does not exist, the command creates the proximity probe method. If the rule already exists, the command modifies the proximity probe method. If you do not specify this argument, the system automatically assigns an available rule ID with the smallest available ID.
tcp: Specifies TCP packets.
probe nqa-template: Specifies an NQA template by its name, a case-insensitive string of 1 to 32 characters.
Usage guidelines
If the match command is configured, the specified proximity probe method applies. If no packets match the type in the match command or the match command is not configured, the default proximity probe method specified by using the match default command applies.
You can specify only one proximity probe method for each type of packets.
Examples
# Create the ICMP-type NQA template t4, and specify the NQA template as the proximity probe method for TCP packets.
<Sysname> system-view
[Sysname] nqa template icmp t4
[Sysname-nqatplt-icmp-t4] quit
[Sysname] loadbalance proximity
[Sysname-lb-proximity] match tcp probe t4
Related commands
match default
match acl
Use match acl to create an ACL match rule or modify an existing ACL match rule.
Use undo match to delete a match rule.
Syntax
match [ match-id ] acl [ ipv6 ] { acl-number | name acl-name }
Default
No match rules exist.
Views
LB class view
Predefined user roles
network-admin
Parameters
match-id: Specifies a match rule by its ID in the range of 1 to 65535. If you do not specify this argument, the system automatically assigns an available rule ID with the smallest number.
ipv6: Specifies an IPv6 ACL. If you do not specify this keyword, the command creates an IPv4 ACL.
acl-number: Specifies the ACL number in the range of 2000 to 3999.
name acl-name: Specifies an ACL by its name, a case-insensitive string of 1 to 63 characters starting with a letter.
Usage guidelines
If the specified ACL does not exist, this rule is not matched.
You can create a maximum of 65535 match rules for an LB class.
Examples
# Create an ACL match rule for the link-generic LB class lbc1.
[Sysname] loadbalance class lbc1 type link-generic
[Sysname-lbc-link-generic-lbc1] match acl 2000
match app-group
Use match app-group to create an application group match rule or modify an existing application group match rule.
Use undo match app-group to delete a match rule.
Syntax
match [ match-id ] app-group group-name
undo match match-id
Default
No match rules exist.
Views
Link-generic LB class view
Predefined user roles
network-admin
Parameters
match-id: Specifies a match rule ID in the range of 1 to 65535. If you do not specify this argument, the system automatically assigns an available rule ID with the smallest number.
app-group group-name: Specifies an application group by its name, a case-insensitive string of 1 to 63 characters.
Usage guidelines
If the specified application group does not exist, the rule does not take effect.
Examples
# Create an application group match rule for the link-generic LB class lbc1.
<Sysname> system-view
[Sysname] loadbalance class lbc1 type link-generic
[Sysname-lbc-link-generic-lbc1] match app-group http
Related commands
app-group (Security Command Reference)
match class
Use match class to create a match rule that references an LB class or modify an existing match rule that references an LB class.
Use undo match to delete a match rule.
Syntax
match [ match-id ] class class-name
undo match match-id
Default
An LB class does not have a match rule.
Views
LB class view
Predefined user roles
network-admin
Parameters
match-id: Specifies a match rule by its ID in the range of 1 to 65535. If you do not specify this argument, the system automatically assigns an available rule ID with the smallest number.
class-name: Specifies an LB class by its name, a case-insensitive string of 1 to 63 characters, to be referenced by the match rule. The current LB class cannot be referenced.
Usage guidelines
A match rule cannot reference an LB class that has already been referenced.
You can create a maximum of 65535 match rules for an LB class.
Examples
# Create a match rule that references the LB class lbc2 for the link-generic LB class lbc1.
<Sysname> system-view
[Sysname] loadbalance class lbc1 type link-generic
[Sysname-lbc-link-generic-lbc1] match class lbc2
match default
Use match default to specify the default proximity probe method.
Use undo match default to restore the default.
Syntax
match default probe nqa-template
Default
The default proximity probe method is not specified.
Views
Proximity view
Predefined user roles
network-admin
Parameters
probe nqa-template: Specifies an NQA template by its name, a case-insensitive string of 1 to 32 characters.
Usage guidelines
If the match command is configured, the specified proximity probe method applies. If no packets match the type in the match command or the match command is not configured, the default proximity probe method applies.
Examples
# Create the ICMP-type NQA template t4, and specify the NQA template as the default proximity probe method.
[Sysname] nqa template icmp t4
[Sysname-nqatplt-icmp-t4] quit
[Sysname] loadbalance proximity
[Sysname-lb-proximity] match default probe t4
Related commands
nqa template (Network Management and Monitoring Command Reference)
match destination
Use match destination to create a destination IP address match rule or modify an existing destination IP address match rule.
Use undo match to delete a match rule.
Syntax
match [ match-id ] destination { ip address ipv4-address [ mask-length | mask ] | ipv6 address ipv6-address [ prefix-length ] }
undo match match-id
Default
An LB class does not have a match rule.
Views
DNS/Link-generic LB class view
Predefined user roles
network-admin
Parameters
match-id: Specifies a match rule by its ID in the range of 1 to 65535. If you do not specify this argument, the system automatically assigns an available rule ID with the smallest number.
ip address ipv4-address: Specifies an IPv4 address.
mask-length: Specifies a mask length in the range of 0 to 32. The default is 32.
mask: Specifies a subnet mask. The default is 255.255.255.255.
ipv6 address ipv6-address: Specifies an IPv6 address.
prefix-length: Specifies a prefix length in the range of 0 to 128. The default is 128.
Usage guidelines
You can create a maximum of 65535 match rules for an LB class.
Examples
# Create a match rule to match destination IPv4 address 1.1.1.1/32 for the DNS LB class lbc1.
<Sysname> system-view
[Sysname] loadbalance class lbc1 type dns
[Sysname-lbc-dns-lbc1] match destination ip address 1.1.1.1
# Create a match rule to match destination IPv4 address 1.1.1.1/32 for the link-generic LB class lbc2.
<Sysname> system-view
[Sysname] loadbalance class lbc2 type link-generic
[Sysname-lbc-link-generic-lbc2] match destination ip address 1.1.1.1
match destination domain-name
Use match destination domain-name to create a domain name match rule or modify an existing domain name match rule.
Use undo match to delete a match rule.
Syntax
match [ match-id ] destination domain-name domain-name
undo match match-id
Default
An LB class does not have a match rule.
Views
Link-generic LB class view
Predefined user roles
network-admin
Parameters
match-id: Specifies a match rule by its ID in the range of 1 to 65535. If you do not specify this argument, the system automatically assigns an available rule ID with the smallest number.
domain-name: Specifies a domain name, a case-insensitive string of 1 to 253 characters. Each dot-separated part in the domain name can contain a maximum of 63 characters. The domain name can contain letters, digits, hyphens (-), underscores (_), dots (.), and wildcards (asterisks and question marks).
Usage guidelines
When you use wildcards (asterisks and question marks) in a domain name, follow these guidelines:
· The wildcards can substitute any characters except for dots (.).
· An asterisk (*) can substitute a character string.
· A question mark (?) can substitute a single character.
You can create a maximum of 65535 match rules for an LB class.
Examples
# Create a domain name match rule for the link-generic LB class lbc1 to match domain name www.abc.com.
<Sysname> system-view
[Sysname] loadbalance class lbc1 type link-generic
[Sysname-lbc-link-generic-lbc1] match destination domain-name www.aaa.com
match domain-name
Use match domain-name to create a domain name match rule or modify an existing domain name match rule.
Use undo match to delete a match rule.
Syntax
match [ match-id ] domain-name domain-name
undo match match-id
Default
An LB class does not have a match rule.
Views
DNS LB class view
Predefined user roles
network-admin
Parameters
match-id: Specifies a match rule by its ID in the range of 1 to 65535. If you do not specify this argument, the system automatically assigns an available rule ID with the smallest number.
domain-name: Specifies a domain name, a case-insensitive string of 1 to 253 characters. Each dot-separated part in the domain name can contain a maximum of 63 characters. The domain name can contain letters, digits, hyphens (-), underscores (_), dots (.), and wildcards (asterisks and question marks).
Usage guidelines
When you use wildcards (asterisks and question marks) in a domain name, follow these guidelines:
· The wildcards can substitute any characters except for dots (.).
· An asterisk (*) can substitute a character string.
· A question mark (?) can substitute a single character.
You can create a maximum of 65535 match rules for an LB class.
Examples
# Create a domain name match rule for DNS LB class lbc1 to match domain name www.abc.com.
<Sysname> system-view
[Sysname] loadbalance class lbc1 type dns
[Sysname-lbc-dns-lbc1] match domain-name www.abc.com
match isp
Use match isp to create an ISP match rule or modify an existing ISP match rule.
Use undo match to delete a match rule.
Syntax
match [ match-id ] isp isp-name
Default
An LB class does not have a match rule.
Views
LB class view
Predefined user roles
network-admin
Parameters
match-id: Specifies a match rule by its ID in the range of 1 to 65535. If you do not specify this argument, the system automatically assigns an available rule ID with the smallest number.
isp-name: Specifies an ISP name, a case-insensitive string of 1 to 63 characters.
Usage guidelines
If the specified ISP does not exist or is not configured with an IP network segment, this rule is not matched.
You can create a maximum of 65535 match rules for an LB class.
Examples
# Create an ISP match rule for the link-generic LB class lbc1. Specify the ISP name as isp1.
[Sysname] loadbalance class lbc1 type link-generic
[Sysname-lbc-link-generic-lbc1] match isp isp1
match source
Use match source to create a source IP address match rule or modify an existing source IP address match rule.
Use undo match to delete a match rule.
Syntax
match [ match-id ] source { ip address ipv4-address [ mask-length | mask ] | ipv6 address ipv6-address [ prefix-length ] }
undo match match-id
Default
An LB class does not have a match rule.
Views
LB class view
Predefined user roles
network-admin
Parameters
match-id: Specifies a match rule by its ID in the range of 1 to 65535. If you do not specify this argument, the system automatically assigns an available rule ID with the smallest number.
source: Specifies the match rule type as source IP address.
ip address ipv4-address: Specifies an IPv4 address.
mask-length: Specifies a mask length in the range of 0 to 32. The default is 32.
mask: Specifies a subnet mask. The default is 255.255.255.255.
ipv6 address ipv6-address: Specifies an IPv6 address.
prefix-length: Specifies a prefix length in the range of 0 to 128. The default is 128.
Usage guidelines
You can create a maximum of 65535 match rules for an LB class.
Examples
# Create a match rule that matches source IP address 1.1.1.1/32 for the link-generic LB class lbc1.
[Sysname] loadbalance class lbc1 type link-generic
[Sysname-lbc-link-generic-lbc1] match source ip address 1.1.1.1
max-bandwidth
Use max-bandwidth to set the maximum expected bandwidth of an LB link.
Use undo max-bandwidth to restore the default.
Syntax
max-bandwidth [ inbound | outbound ] bandwidth-value
undo max-bandwidth [ inbound | outbound ]
Default
The maximum expected bandwidth of an LB link is not limited.
Views
Link view
Predefined user roles
network-admin
Parameters
inbound: Specifies the maximum inbound expected bandwidth.
outbound: Specifies the maximum outbound expected bandwidth.
bandwidth-value: Specifies the maximum expected bandwidth in the range of 0 to 4294967295 in KBps. The value 0 means the bandwidth is not limited.
Usage guidelines
If you do not specify the inbound or outbound keyword, the maximum expected bandwidth equals the inbound expected bandwidth plus the outbound expected bandwidth.
This command takes effect only on new sessions and does not take effect on existing sessions.
In addition to being used for link protection, the maximum expected bandwidth is used for remaining bandwidth calculation in the bandwidth algorithm, maximum bandwidth algorithm, and dynamic proximity algorithm.
Examples
# Set the maximum expected bandwidth of the LB link lk1 to 1 KBps.
<Sysname> system-view
[Sysname] loadbalance link lk1
[Sysname-lb-link-lk1] max-bandwidth 1
# Set the maximum inbound expected bandwidth of the LB link lk1 to 1 KBps.
<Sysname> system-view
[Sysname] loadbalance link lk1
[Sysname-lb-link-lk1] max-bandwidth inbound 1
# Set the maximum outbound expected bandwidth of the LB link lk1 to 1 KBps.
<Sysname> system-view
[Sysname] loadbalance link lk1
[Sysname-lb-link-lk1] max-bandwidth outbound 1
max-number
Use max-number to set the maximum number of proximity entries.
Use undo max-number to restore the default.
Syntax
Default
The maximum number of proximity entries is not set.
Views
Proximity view
Predefined user roles
network-admin
Parameters
number: Specifies the maximum number of proximity entries, in the range of 0 to 10000000. The default value is 0, which indicates that the maximum number of proximity entries is not limited.
Examples
# Set the maximum number of proximity entries to 100.
[Sysname] loadbalance proximity
[Sysname-lb-proximity] max-number 100
override-limit enable
Use override-limit enable to ignore the limits for sessions that match sticky entries.
Use undo override-limit enable to remove the configuration.
Syntax
override-limit enable
undo override-limit enable
Default
The session limits apply to sessions that match sticky entries.
Views
Sticky group view
Predefined user roles
network-admin
Usage guidelines
Use this command to ignore the following limits for sessions that match sticky entries:
· Bandwidth and connection parameters on links.
· Bandwidth ratios and maximum expected bandwidths for links.
· LB connection limit policies on virtual servers.
This command takes effect only on new sessions and does not take effect on existing sessions.
Examples
# Ignore the limits for sessions that match sticky entries generated in the sticky group st.
<Sysname> system-view
[Sysname] sticky-group st type address-port
[Sysname-sticky-address-port-st] override-limit enable
parameter
Use parameter to specify a parameter profile to be referenced by a virtual server.
Use undo parameter to restore the default.
Syntax
parameter ip profile-name
undo parameter ip
Default
No parameter profile is referenced by a virtual server.
Views
Virtual server view
Predefined user roles
network-admin
Parameters
ip: Specifies an IP parameter profile.
profile-name: Specifies a parameter profile by its name, a case-insensitive string of 1 to 63 characters.
Usage guidelines
The virtual server references the parameter profile to implement analysis, processing, and optimization for service traffic.
Examples
# Specify the IP parameter profile pp2 to be referenced by the IP-type virtual server vs3.
<Sysname> system-view
[Sysname] virtual-server vs3 type ip
[Sysname-vs-ip-vs3] parameter ip pp2
parameter-profile
Use parameter-profile to create a parameter profile and enter its view, or enter the view of an existing parameter profile.
Use undo parameter-profile to delete the specified parameter profile.
Syntax
parameter-profile profile-name [ type ip ]
undo parameter-profile profile-name
Default
No parameter profiles exist.
Views
System view
Predefined user roles
network-admin
Parameters
profile-name: Specifies a parameter profile name, a case-insensitive string of 1 to 63 characters.
type ip: Specifies the parameter profile type as IP. When you create a parameter profile, you must specify the parameter profile type. You can enter an existing parameter profile view without entering the parameter profile type.
Usage guidelines
You can configure advanced parameters through the parameter profile. The virtual server references the parameter profile to implement analysis, processing, and optimization for service traffic.
Examples
# Create the IP parameter profile pp2, and enter parameter profile view.
<Sysname> system-view
[Sysname] parameter-profile pp2 type ip
[Sysname-para-ip-pp2]
port (DNS server view)
Use port to configure the port number of a DNS server.
Use undo port to restore the default.
Syntax
port port-number
undo port
Default
The port number of a DNS server is 0.
Views
DNS server view
Predefined user roles
network-admin
Parameters
port-number: Specifies a port number in the range of 0 to 65535. The value 0 means that the original port number is used.
Usage guidelines
If you execute this command multiple times, the most recent configuration takes effect.
Examples
# Specify the port number of DNS server ds1 as 5353.
<Sysname> system-view
[Sysname] loadbalance dns-server ds1
[Sysname-lb-ds-ds1] port 5353
port (transparent DNS proxy view)
Use port to configure the port number of a transparent DNS proxy.
Use undo port to restore the default.
Syntax
port port-number
undo port
Default
The port number of a transparent DNS proxy is 53.
Views
Transparent DNS proxy view
Predefined user roles
network-admin
Parameters
port-number: Specifies a port number in the range of 1 to 65535.
Usage guidelines
A transparent DNS proxy processes a DNS request only when the destination IP address and port number of the DNS request matches those of the transparent DNS proxy.
If you execute this command multiple times, the most recent configuration takes effect.
Examples
# Specify the port number of transparent DNS proxy dns-proxy1 as 5353.
<Sysname> system-view
[Sysname] loadbalance dns-proxy dns-proxy1
[Sysname-lb-dp-dns-proxy1] port 5353
Related commands
display loadbalance dns-proxy
port (virtual server view)
Use port to configure the port number of a virtual server.
Use undo port to restore the default.
Syntax
port { port-number [ to port-number ] } &<1-n>
undo port
Default
The port number is 0 (indicates any port) for a virtual server.
Views
Virtual server view
Predefined user roles
network-admin
Parameters
port-number [ to port-number ] &<1-n>: Specifies a space-separated list of up to n port number items. Each port number item specifies a port number or a range of port numbers in the form of start-port-number to end-port-number. The value range for the port-number argument is 0 to 65535 (0 means any port) and the value range for n is 1 to 8.
Examples
# Specify the port number of the link-IP-type virtual server vs3 as 8080.
<Sysname> system-view
[Sysname] virtual-server vs3 type link-ip
[Sysname-vs-link-ip-vs3] port 8080
predictor (DNS server pool view)
Use predictor to specify a scheduling algorithm for a DNS server pool.
Use undo predictor to restore the default.
Syntax
predictor { random | round-robin | { bandwidth | max-bandwidth } [ inbound | outbound ] }
undo predictor
Default
The scheduling algorithm for a DNS server pool is weighted round robin.
Views
DNS server pool view
Predefined user roles
network-admin
Parameters
hash address: Specifies the hash algorithm based on the IP address.
destination: Specifies the hash algorithm based on the destination IP address.
source: Specifies the hash algorithm based on the source IP address.
source-ip-port: Specifies the hash algorithm based on the source IP address and port number.
mask mask-length: Specifies the mask length of the IPv4 address used in the hash algorithm. The value range for the mask-length argument is 0 to 32. The default is 32.
prefix prefix-length: Specifies the prefix length of the IPv6 address used in the hash algorithm. The value range for the prefix-length argument is 0 to 128. The default is 128.
random: Specifies the random algorithm, which randomly assigns DNS requests to DNS servers.
round-robin: Specifies the weighted round robin algorithm, which assigns DNS requests to DNS servers based on the weights of the DNS servers. A higher weight indicates more DNS requests will be assigned.
bandwidth: Specifies the bandwidth algorithm, which assigns DNS requests to DNS servers based on the weight and remaining bandwidth of the DNS servers.
max-bandwidth: Specifies the maximum bandwidth algorithm, which always assigns DNS requests to the DNS server corresponding to the idle link with the largest remaining bandwidth.
inbound: Selects a DNS server based on the inbound bandwidth.
outbound: Selects a DNS server based on the outbound bandwidth.
Usage guidelines
If you do not specify the inbound or outbound keyword, the total bandwidth is used to select a DNS server.
In the bandwidth algorithm and maximum bandwidth algorithm, the remaining bandwidth is the maximum expected bandwidth minus the current bandwidth. If the maximum expected bandwidth is not configured, the remaining bandwidth is the maximum bandwidth of the link minus the current bandwidth.
Examples
# Specify the scheduling algorithm as random for DNS server pool dns-pool.
<Sysname> system-view
[Sysname] loadbalance dns-server-pool dns-pool
[Sysname-lb-dspool-dns-pool] predictor random
Related commands
max-bandwidth (link view)
rate-limit bandwidth (link view)
predictor (link group view)
Use predictor to specify a scheduling algorithm for a link group.
Use undo predictor to restore the default.
Syntax
predictor hash address { destination | source | source-ip-port } [ mask mask-length ] [ prefix prefix-length ]
predictor { least-connection | random | round-robin | { bandwidth | max-bandwidth } [ inbound | outbound ] }
undo predictor
Default
The scheduling algorithm for a link group is weighted round robin.
Views
Link group view
Predefined user roles
network-admin
Parameters
hash address: Performs the hash algorithm based on IP address.
destination: Performs the hash algorithm based on destination IP address.
source: Performs the hash algorithm based on source IP address.
source-ip-port: Performs the hash algorithm based on source IP address and port number.
mask mask-length: Specifies the IPv4 address mask length, in the range of 0 to 32. The default is 32.
prefix prefix-length: Specifies the IPv6 address prefix length, in the range of 0 to 128. The default is 128.
least-connection: Specifies the weighted least connection algorithm. This algorithm always assigns new connections to the link with the fewest number of weighted active connections (the number of active connections divided by weight).
random: Specifies the random algorithm, which randomly assigns new connections to links.
round-robin: Specifies the weighted round robin algorithm, which assigns new connections to links based on the weights of links. A higher weight indicates more new connections will be assigned.
bandwidth: Specifies the bandwidth algorithm, which assigns packets to links based on the weight of the links and the bandwidth ratio.
max-bandwidth: Specifies the maximum bandwidth algorithm, which always assigns packets to the idle link with the largest remaining bandwidth.
inbound: Selects a link based on the inbound bandwidth.
outbound: Selects a link based on the outbound bandwidth.
Usage guidelines
If you do not specify the inbound or outbound keyword, the total bandwidth is used to select a link.
In the bandwidth algorithm and maximum bandwidth algorithm, the remaining bandwidth is the maximum expected bandwidth minus the current bandwidth. If the maximum expected bandwidth is not configured, the remaining bandwidth is the maximum bandwidth of the link minus the current bandwidth.
If you execute this command multiple times, the most recent configuration takes effect.
Examples
# Specify the scheduling algorithm random for the link group lg.
<Sysname> system-view
[Sysname] loadbalance link-group lg
[Sysname-lb-lgroup-lg] predictor random
Related commands
max-bandwidth (link view)
rate-limit bandwidth (link view)
priority (DNS server view)
Use priority to set the priority of a DNS server.
Use undo priority to restore the default.
Syntax
priority priority
undo priority
Default
The priority of a DNS server is 4.
Views
DNS server view
Predefined user roles
network-admin
Parameters
priority: Specifies the priority value in the range of 1 to 8. A greater value means a higher priority.
Usage guidelines
Typically, only the DNS servers with the highest priority participate in scheduling. If the number of such DNS servers is smaller than the required minimum number, more DNS servers are selected by priority in descending order. If the allowed maximum number is exceeded after DNS servers with a certain priority are added, only some of the DNS servers with that priority are added.
Use this command together with the selected-server command in DNS server pool view.
Examples
# Set the priority of DNS server ds1 to 3.
<Sysname> system-view
[Sysname] loadbalance dns-server ds1
[Sysname-lb-ds-ds1] priority 3
Related commands
selected-server (DNS server pool view)
priority (link view)
Use priority to set the priority of a link.
Use undo priority to restore the default.
Syntax
priority priority
undo priority
Default
The priority of a link is 4.
Views
Link view
Predefined user roles
network-admin
Parameters
priority: Specifies the priority value in the range of 1 to 8. A greater value means a higher priority.
Usage guidelines
Typically only the links with the highest priority participate in scheduling. If the number of such links is smaller than the required minimum number, more links are selected by priority in descending order.
Examples
# Set the priority of the link lk1 to 3.
<Sysname> system-view
[Sysname] loadbalance link lk1
[Sysname-lb-link-lk1] priority 3
Related commands
selected-link
probe (DNS server pool view)
Use probe to specify a health monitoring method for a DNS server pool.
Use undo probe to restore the default.
Syntax
probe template-name
undo probe template-name
Default
No health monitoring method is specified for a DNS server pool.
Views
DNS server pool view
Predefined user roles
network-admin
Parameters
template-name: Specifies an NQA template by its name, a case-insensitive string of 1 to 32 characters.
Usage guidelines
Use the nqa template command to create an NQA template to be referenced by the health monitoring method. The DNS server pool uses the parameters defined in the NQA template to detect the availability of DNS servers.
The health monitoring method configuration in DNS server view takes precedence over the configuration in DNS server pool view.
Examples
# Create the ICMP-type NQA template t4, and specify the health monitoring method for the DNS server pool dns-pool as t4.
<Sysname> system-view
[Sysname] nqa template icmp t4
[Sysname-nqatplt-icmp-t4] quit
[Sysname] loadbalance dns-server-pool dns-pool
[Sysname-lb-dspool-dns-pool] probe t4
Related commands
nqa template (Network Management and Monitoring Command Reference)
success-criteria (DNS server pool view)
probe (DNS server view)
Use probe to specify a health monitoring method for a DNS server.
Use undo probe to restore the default.
Syntax
probe template-name
undo probe template-name
Default
No health monitoring method is specified for a DNS server.
Views
DNS server view
Predefined user roles
network-admin
Parameters
template-name: Specifies an NQA template by its name, a case-insensitive string of 1 to 32 characters.
Usage guidelines
Use the nqa template command to create an NQA template to be referenced by the health monitoring method.
The health monitoring method configuration in DNS server view takes precedence over the configuration in DNS server pool view.
Examples
# Create the ICMP-type NQA template t4, and specify the health monitoring method for DNS server ds1 as t4.
<Sysname> system-view
[Sysname] nqa template icmp t4
[Sysname-nqatplt-icmp-t4] quit
[Sysname] loadbalance dns-server ds1
[Sysname-lb-ds-ds1] probe t4
Related commands
nqa template (Network Management and Monitoring Command Reference)
success-criteria (DNS server view)
probe (link group view)
Use probe to specify a health monitoring method for a link group.
Use undo probe to restore the default.
Syntax
probe template-name
undo probe template-name
Default
No health monitoring method is specified for a link group.
Views
Link group view
Predefined user roles
network-admin
Parameters
template-name: Specifies an NQA template by its name, a case-insensitive string of 1 to 32 characters.
Usage guidelines
The link group uses the parameters defined in the NQA template to detect the availability of links.
The health monitoring method configuration in link view takes precedence over the configuration in link group view.
Examples
# Create the ICMP-type NQA template t4, and specify the health monitoring method for the link group lg as t4.
<Sysname> system-view
[Sysname] nqa template icmp t4
[Sysname-nqatplt-icmp-t4] quit
[Sysname] loadbalance link-group lg
[Sysname-lb-lgroup-lg] probe t4
Related commands
nqa template (Network Management and Monitoring Command Reference)
success-criteria (link group view)
probe (link view)
Use probe to specify a health monitoring method for an LB link.
Use undo probe to restore the default.
Syntax
probe template-name
undo probe template-name
Default
No health monitoring method is specified for an LB link.
Views
Link view
Predefined user roles
network-admin
Parameters
template-name: Specifies an NQA template by its name, a case-insensitive string of 1 to 32 characters.
Usage guidelines
Use the nqa template command to create an NQA template to be referenced by the health monitoring method.
You can configure multiple health monitoring methods for an LB link. By default, health monitoring succeeds only when all the specified health monitoring methods succeed. You can use the success-criteria command to specify the health monitoring success criteria for the LB link.
Examples
# Create the ICMP-type NQA template t4, and specify the health monitoring method for the LB link lk1 as t4.
<Sysname> system-view
[Sysname] nqa template icmp t4
[Sysname-nqatplt-icmp-t4] quit
[Sysname] loadbalance link lk1
[Sysname-lb-link-lk1] probe t4
Related commands
nqa template (Network Management and Monitoring Command Reference)
success-criteria (link view)
proximity enable
Use proximity enable to enable the proximity feature for a link group.
Use undo proximity enable to disable the proximity feature for a link group.
Syntax
proximity enable
undo proximity enable
Default
The proximity feature is disabled for a link group.
Views
Link group view
Predefined user roles
network-admin
Usage guidelines
The proximity feature takes precedence over the scheduling algorithm in selecting a link. If no link is selected according to the proximity feature, the scheduling algorithm is used.
Examples
# Enable the proximity feature for the link group lg.
<Sysname> system-view
[Sysname] loadbalance link-group lg
[Sysname-lb-lgroup-lg] proximity enable
rate-limit bandwidth (link view)
Use rate-limit bandwidth to set the maximum bandwidth of a link.
Use undo rate-limit bandwidth to restore the default.
Syntax
rate-limit bandwidth [ inbound | outbound ] bandwidth-value
undo rate-limit bandwidth [ inbound | outbound ]
Default
The maximum bandwidth of a link is not limited.
Views
Link view
Predefined user roles
network-admin
Parameters
inbound: Specifies the maximum inbound bandwidth.
outbound: Specifies the maximum outbound bandwidth.
bandwidth-value: Specifies the maximum bandwidth in the range of 0 to 4294967295 in KBps. The value 0 means the bandwidth is not limited.
Usage guidelines
If you do not specify the inbound or outbound keyword, the maximum bandwidth equals the inbound bandwidth plus the outbound bandwidth.
This command takes effect only on new sessions and does not take effect on existing sessions.
Examples
# Set the maximum bandwidth of the link lk1 to 1 KBps.
<Sysname> system-view
[Sysname] loadbalance link lk1
[Sysname-lb-link-lk1] rate-limit bandwidth 1
# Set the maximum inbound bandwidth of the link lk1 to 1 KBps.
<Sysname> system-view
[Sysname] loadbalance link lk1
[Sysname-lb-link-lk1] rate-limit bandwidth inbound 1
# Set the maximum outbound bandwidth of the link lk1 to 1 KBps.
<Sysname> system-view
[Sysname] loadbalance link lk1
[Sysname-lb-link-lk1] rate-limit bandwidth outbound 1
rate-limit bandwidth (virtual server view)
Use rate-limit bandwidth to set the maximum bandwidth of a virtual server.
Use undo rate-limit bandwidth to restore the default.
Syntax
rate-limit bandwidth [ inbound | outbound ] bandwidth-value
undo rate-limit bandwidth [ inbound | outbound ]
Default
The maximum bandwidth of a virtual server is not limited.
Views
Virtual server view
Predefined user roles
network-admin
Parameters
inbound: Specifies the maximum inbound bandwidth.
outbound: Specifies the maximum outbound bandwidth.
bandwidth-value: Specifies the maximum bandwidth in the range of 0 to 4294967295 in KBps. The value 0 means the bandwidth is not limited.
Usage guidelines
If you do not specify the inbound or outbound keyword, the maximum bandwidth equals the inbound bandwidth plus the outbound bandwidth.
Examples
# Set the maximum bandwidth of the link-IP-type virtual server vs3 to 1 KBps.
<Sysname> system-view
[Sysname] virtual-server vs3 type link-ip
[Sysname-vs-link-ip-vs3] rate-limit bandwidth 1
# Set the maximum inbound bandwidth of the link-IP-type virtual server vs3 to 1 KBps.
<Sysname> system-view
[Sysname] virtual-server vs3 type link-ip
[Sysname-vs-link-ip-vs3] rate-limit bandwidth inbound 1
# Set the maximum outbound bandwidth of the link-IP-type virtual server vs3 to 1 KBps.
<Sysname> system-view
[Sysname] virtual-server vs3 type link-ip
[Sysname-vs-link-ip-vs3] rate-limit bandwidth outbound 1
rate-limit connection (link view)
Use rate-limit connection to set the maximum number of connections per second of a link.
Use undo rate-limit connection to restore the default.
Syntax
rate-limit connection connection-number
undo rate-limit connection
Default
The maximum number of connections per second of a link is 0.
Views
Link view
Predefined user roles
network-admin
Parameters
connection-number: Specifies the maximum number of connections per second in the range of 0 to 4294967295. 0 means the number is not limited.
Usage guidelines
This command takes effect only on new sessions and does not take effect on existing sessions.
Examples
# Set the maximum number of connections per second of the link lk1 to 10000.
<Sysname> system-view
[Sysname] loadbalance link lk1
[Sysname-lb-link-lk1] rate-limit connection 10000
rate-limit connection (virtual server view)
Use rate-limit connection to set the maximum number of connections per second of a virtual server.
Use undo rate-limit connection to restore the default.
Syntax
rate-limit connection connection-number
undo rate-limit connection
Default
The maximum number of connections per second of a virtual server is 0.
Views
Virtual server view
Predefined user roles
network-admin
Parameters
connection-number: Specifies the maximum number of connections per second in the range of 0 to 4294967295. 0 means the number is not limited.
Examples
# Set the maximum number of connections per second of the link-IP-type virtual server vs3 to 10000.
<Sysname> system-view
[Sysname] virtual-server vs3 type link-ip
[Sysname-vs-link-ip-vs3] rate-limit connection 10000
reset loadbalance connections
Use reset loadbalance connections to clear application layer connections.
Syntax
reset loadbalance connections
Views
User view
Predefined user roles
network-admin
Usage guidelines
This command clears all application layer connections, including reused idle connections.
Examples
# Clear application layer connections.
<Sysname> reset loadbalance connection
reset loadbalance dns-proxy statistics
Use reset loadbalance dns-proxy statistics to clear transparent DNS proxy statistics.
Syntax
reset loadbalance dns-proxy statistics [ dns-proxy-name ]
Views
User view
Predefined user roles
network-admin
Parameters
dns-proxy-name: Specifies a transparent DNS proxy by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this argument, the command clears statistics for all DNS transparent proxies.
Examples
# Clear statistics for transparent DNS proxy dns-proxy1.
<Sysname> reset loadbalance dns-proxy statistics dns-proxy1
Related commands
display loadbalance dns-proxy statistics
reset loadbalance dns-server statistics
Use reset loadbalance dns-server statistics to clear DNS server statistics.
Syntax
reset loadbalance dns-server statistics [ dns-server-name ]
Views
User view
Predefined user roles
network-admin
Parameters
dns-server-name: Specifies a DNS server by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this argument, the command clears statistics for all DNS servers.
Examples
# Clear statistics for DNS server ds1.
<Sysname> reset loadbalance dns-server statistics ds1
Related commands
display loadbalance dns-server statistics
reset loadbalance link statistics
Use reset loadbalance link statistics to clear link statistics.
Syntax
reset loadbalance link statistics [ link-name ]
Views
User view
Predefined user roles
network-admin
Parameters
link-name: Specifies a link by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this argument, the command clears statistics about all links.
Examples
# Clear statistics about all links.
<Sysname> reset loadbalance link statistics
reset loadbalance proximity
Use reset loadbalance proximity to clear proximity entry information.
Syntax
reset loadbalance proximity [ ip [ ipv4-address ] | ipv6 [ ipv6-address ] ]
Views
User view
Predefined user roles
network-admin
Parameters
ip [ ipv4-address ]: Clears IPv4 proximity entry information. If you specify the ipv4-address argument, this command clears information about the proximity entry corresponding to the IPv4 address. If you do not specify the ipv4-address argument, this command clears information about all IPv4 proximity entries.
ipv6 [ ipv6-address ]: Clears IPv6 proximity entry information. If you specify the ipv6-address argument, this command clears information about the proximity entry corresponding to the IPv6 address. If you do not specify the ipv6-address argument, this command clears information about all IPv6 proximity entries.
Usage guidelines
If you do not specify the ip or ipv6 keyword, this command clears information about all IPv4 and IPv6 proximity entries for the public network.
Examples
# Clear information about all IPv6 proximity entries for the public network.
<Sysname> reset loadbalance proximity ipv6
reset virtual-server statistics
Use reset virtual-server statistics to clear virtual server statistics.
Syntax
reset virtual-server statistics [ virtual-server-name ]
Views
User view
Predefined user roles
network-admin
Parameters
virtual-server-name: Clears statistics of the specified virtual server. The virtual-server-name argument specifies a virtual server name, a case-insensitive string of 1 to 63 characters. If you do not specify this argument, the command clears statistics of all virtual servers.
Examples
# Clear statistics of all virtual servers.
<Sysname> reset virtual-server statistics
display virtual-server statistics
router ip
Use router ip to specify the outbound next hop for an LB link.
Use undo router ip to restore the default.
Syntax
router ip ipv4-address
undo router ip
Default
The outbound next hop is not specified for an LB link.
Views
LB link view
Predefined user roles
network-admin
Parameters
ipv4-address: Specifies an IPv4 address, which cannot be a loopback address, multicast address, broadcast address, or an address in the format of 0.X.X.X.
Usage guidelines
You can specify only one outbound next hop for an LB link.
Examples
# Specify the outbound next hop as 1.2.3.4 for the LB link lk1.
<Sysname> system-view
[Sysname] loadbalance link lk1
[Sysname-lb-link-lk1] router ip 1.2.3.4
router ipv6
Use router ipv6 to specify the outbound next hop for an LB link.
Use undo router ipv6 to restore the default.
Syntax
router ipv6 ipv6-address
undo router ipv6
Default
The outbound next hop is not specified for an LB link.
Views
LB link view
Predefined user roles
network-admin
Parameters
ipv6-address: Specifies an IPv6 address, which cannot be an all-zero address, a multicast address, a loopback address, or a link-local address.
Usage guidelines
You can specify only one outbound next hop for an LB link.
Examples
# Specify the outbound next hop as 8008::8 for the LB link lk1.
<Sysname> system-view
[Sysname] loadbalance link lk1
[Sysname-lb-link-lk1] router ipv6 8008::8
rtt weight
Use rtt weight to set the network delay weight for proximity calculation.
Use undo rtt weight to restore the default.
Syntax
Default
The network delay weight for proximity calculation is 100.
Views
Proximity view
Predefined user roles
network-admin
Parameters
rtt-weight: Specifies the network delay weight for proximity calculation, in the range of 0 to 255. A larger value indicates a higher weight.
Examples
# Set the network delay weight for proximity calculation to 200.
[Sysname] loadbalance proximity
[Sysname-lb-proximity] rtt weight 200
selected-link
Use selected-link to specify the number of links to participate in scheduling.
Use undo selected-link to restore the default.
Syntax
selected-link min min-number max max-number
undo selected-link
Default
The links with the highest priority participate in scheduling.
Views
Link group view
Predefined user roles
network-admin
Parameters
min min-number: Specifies the minimum number of links to participate in scheduling, in the range of 1 to 1000.
max max-number: Specifies the maximum number of links to participate in scheduling, in the range of 1 to 1000. The value of the max-number argument must be greater than or equal to the value of the min-number argument.
Usage guidelines
If the number of links available to participate in scheduling exceeds the max-number setting, the max-number setting applies.
If the number of links available to participate in scheduling is smaller than the min-number setting, more links are selected by priority in descending order.
Examples
# Configure the minimum number and maximum number of links in the link group lg to participate in scheduling as 20 and 30, respectively.
<Sysname> system-view
[Sysname] loadbalance link-group lg
[Sysname-lb-lgroup-lg] selected-link min 20 max 30
Related commands
predictor (link group view)
priority (link view)
selected-server
Use selected-server to specify the number of DNS servers to participate in scheduling.
Use undo selected-server to restore the default.
Syntax
selected-server min min-number max max-number
undo selected-server
Default
The DNS servers with the highest priority participate in scheduling.
Views
DNS server pool view
Predefined user roles
network-admin
Parameters
min min-number: Specifies the minimum number of DNS servers to participate in scheduling, in the range of 1 to 1000.
max max-number: Specifies the maximum number of DNS servers to participate in scheduling, in the range of 1 to 1000. The value of the max-number argument must be greater than or equal to the value of the min-number argument.
Usage guidelines
If the number of DNS servers available to participate in scheduling exceeds the max-number setting, the max-number setting applies.
If the number of DNS servers available to participate in scheduling is less than the min-number setting, more DNS servers are selected by priority in descending order.
Examples
# Configure the minimum number and maximum number of DNS servers in DNS server pool dns-pool to participate in scheduling as 20 and 30, respectively.
<Sysname> system-view
[Sysname] loadbalance dns-server-pool dns-pool
[Sysname-lb-dspool-dns-pool] selected-server min 20 max 30
service enable (transparent DNS proxy view)
Use service enable to enable the transparent DNS proxy feature.
Use undo service enable to disable the transparent DNS proxy feature.
Syntax
service enable
undo service enable
Default
The transparent DNS proxy feature is disabled.
Views
Transparent DNS proxy view
Predefined user roles
network-admin
Examples
# Enable the transparent DNS proxy feature for transparent DNS proxy dns-proxy1.
<Sysname> system-view
[Sysname] loadbalance dns-proxy dns-proxy1
[Sysname-lb-dp-udp-dns-proxy1] service enable
service enable (virtual server view)
Use service enable to enable a virtual server.
Use undo service enable to disable a virtual server.
Syntax
service enable
undo service enable
Default
A virtual server is disabled.
Views
Virtual server view
Predefined user roles
network-admin
Examples
# Enable the link-IP-type virtual server vs3.
<Sysname> system-view
[Sysname] virtual-server vs3 type link-ip
[Sysname-vs-link-ip-vs3] service enable
set ip tos (LB action view)
Use set ip tos to set the ToS field value of IP packets sent to the server.
Use undo set ip tos to restore the default.
Syntax
set ip tos tos-number
undo set ip tos
Default
The ToS field of IP packets sent to the server is not changed.
Views
LB action view
Predefined user roles
network-admin
Parameters
tos-number: Specifies the ToS field value in the range of 0 to 255.
Examples
# Set the ToS field value to 20 for IP packets sent to the server for the link-generic LB action lba1.
<Sysname> system-view
[Sysname] loadbalance action lba1 type link-generic
[Sysname-lba-link-generic-lba1] set ip tos 20
set ip tos (parameter profile view)
Use set ip tos to set the ToS field value of IP packets sent to the client.
Use undo set ip tos to restore the default.
Syntax
set ip tos tos-number
undo set ip tos
Default
The ToS field of IP packets sent to the client is not changed.
Views
Parameter profile view
Predefined user roles
network-admin
Parameters
tos-number: Specifies the ToS field value in the range of 0 to 255.
Usage guidelines
This command is available in IP parameter profile view only.
Examples
# Set the ToS field value to 20 for IP packets sent to the client for the IP parameter profile pp2.
<Sysname> system-view
[Sysname] parameter-profile pp2 type ip
[Sysname-para-ip-pp2] set ip tos 20
shutdown
Use shutdown to shut down a link.
Use undo shutdown to activate a link.
Syntax
shutdown
undo shutdown
Default
A link is activated.
Views
Link view
Predefined user roles
network-admin
Examples
# Shut down the link lk1.
<Sysname> system-view
[Sysname] loadbalance link lk1
[Sysname-lb-link-lk1] shutdown
skip current-dns-proxy
Use skip current-dns-proxy to skip the current transparent DNS proxy.
Use undo skip current-dns-proxy to restore the default.
Syntax
skip current-dns-proxy
undo skip current-dns-proxy
Default
The forwarding mode is to discard packets.
Views
DNS LB action view
Predefined user roles
network-admin
Usage guidelines
This command enables DNS requests to skip the current transparent DNS proxy and match the next transparent DNS proxy or virtual server.
A DNS request can skip a maximum of five transparent DNS proxies and virtual servers.
This command is mutually exclusive with the dns-server-pool or forward all command. If you configure one command, the other command (if configured) is automatically cancelled.
Examples
# Skip the current transparent DNS proxy in DNS LB action lba1.
<Sysname> system-view
[Sysname] loadbalance action lba1 type dns
[Sysname-lba-dns-lba1] skip current-dns-proxy
slow-online
Use slow-online to enable the slow online feature for a link group.
Use undo slow-online to disable the slow online feature for a link group.
Syntax
slow-online [ standby-time standby-time ramp-up-time ramp-up-time ]
undo slow-online
Default
The slow online feature is disabled for a link group.
Views
Link group view
Predefined user roles
network-admin
Parameters
standby-time standby-time: Specifies the standby timer in the range of 0 to 600 seconds. The default is 5 seconds.
ramp-up-time ramp-up-time: Specifies the ramp-up timer in the range of 3 to 600 seconds. The default is 5 seconds.
Usage guidelines
The links newly added to a link group might be unable to immediately process large numbers of services assigned by the LB device. To resolve this issue, enable the slow online feature for the link group. The feature uses the standby timer and ramp-up timer. When a link is added, the LB device does not assign any service to the link until the standby timer expires.
When the standby timer expires, the ramp-up timer starts. During the ramp-up time, the LB device increases the service amount according to the processing capability of the link, until the ramp-up timer expires.
Examples
# Enable the slow online feature for the link group lg.
<Sysname> system-view
[Sysname] loadbalance link-group lg
[Sysname-lb-lgroup-lg] slow-online
slow-shutdown enable
Use slow-shutdown enable to enable the slow offline feature for a link.
Use undo slow-shutdown enable to disable the slow offline feature for a link.
Syntax
slow-shutdown enable
undo slow-shutdown enable
Default
The slow offline feature is disabled for a link.
Views
Link view
Predefined user roles
network-admin
Usage guidelines
The shutdown command immediately terminates existing connections of a link. The slow offline feature ages out the connections, and does not establish new connections.
To enable the slow offline feature for a link, you must execute the slow-shutdown enable command and then the shutdown command. If you execute the shutdown command and then the slow-shutdown enable command, the slow offline feature does not take effect and the link is shut down.
Examples
# Enable the slow offline feature for the link lk1.
<Sysname> system-view
[Sysname] loadbalance link lk1
[Sysname-lb-link-lk1] slow-shutdown enable
Related commands
shutdown (link view)
snat-pool
Use snat-pool to specify the SNAT address pool to be referenced by a link group.
Use undo snat-pool to restore the default.
Syntax
snat-pool pool-name
undo snat-pool
Default
No SNAT address pool is referenced by a link group.
Views
Link group view
Predefined user roles
network-admin
Parameters
pool-name: Specifies the SNAT address pool name, a case-insensitive string of 1 to 63 characters.
Usage guidelines
After a link group references an SNAT address pool, the LB device replaces the source address of packets it receives with an SNAT address before forwarding the packets.
Examples
# Specify the SNAT address pool lbsp to be referenced by the link group lg.
<Sysname> system-view
[Sysname] loadbalance link-group lg
[Sysname-lb-lgroup-lg] snat-pool lbsp
snmp-agent trap enable loadbalance
Use snmp-agent trap enable loadbalance to enable SNMP notifications for load balancing.
Use undo snmp-agent trap enable loadbalance to disable SNMP notifications for load balancing.
Syntax
snmp-agent trap enable loadbalance
undo snmp-agent trap enable loadbalance
Default
All SNMP notifications are enabled for load balancing.
Views
System view
Predefined user roles
network-admin
Usage guidelines
To report critical load balancing events to an NMS, enable SNMP notifications for load balancing. For load balancing event notifications to be sent correctly, you must also configure SNMP as described in the network management and monitoring configuration guide for the device.
Examples
# Disable SNMP notifications for load balancing.
<Sysname> system-view
[Sysname] undo snmp-agent trap enable loadbalance
sticky-group
Use sticky-group to create a sticky group and enter its view, or enter the view of an existing sticky group.
Use undo sticky-group to delete the specified sticky group.
Syntax
sticky-group group-name [ type address-port ]
undo sticky-group group-name
Default
No sticky groups exist.
Views
System view
Predefined user roles
network-admin
Parameters
group-name: Specifies a sticky group name, a case-insensitive string of 1 to 63 characters.
type address-port: Specifies the sticky group type as address-port. When you create a sticky group, you must specify the sticky group type. You can enter an existing sticky group view without entering the type of the sticky group.
Usage guidelines
A sticky group uses a specific sticky method to distribute similar sessions to the same link. The sticky method applies to the first packet of a session. Subsequent packets of the session are distributed to the same link.
Examples
# Create the address-port-type sticky group sg1 and enter sticky group view.
<Sysname> system-view
[Sysname] sticky-group sg1 type address-port
[Sysname-sticky-address-port-sg1]
success-criteria (DNS server pool view)
Use success-criteria to specify the health monitoring success criteria for a DNS server pool.
Use undo success-criteria to restore the default.
Syntax
success-criteria { all | at-least min-number }
undo success-criteria
Default
Health monitoring succeeds only when all the specified health monitoring methods succeed.
Views
DNS server pool view
Predefined user roles
network-admin
Parameters
all: Specifies the health monitoring success criteria as all successful health monitoring methods.
at-least min-number: Specifies the health monitoring success criteria as the specified minimum number of successful health monitoring methods, in the range of 1 to 4294967295.
Usage guidelines
If the min-number setting exceeds the number of existing health monitoring methods on the device, the number of existing health monitoring methods applies.
The health monitoring success criteria configuration in DNS server view takes precedence over the configuration in DNS server pool view.
Examples
# Configure the health monitoring success criteria for the DNS server pool dns-pool as a minimum number of 2 successful health monitoring methods.
<Sysname> system-view
[Sysname] loadbalance dns-server-pool dns-pool
[Sysname-lb-dspool-dns-pool] success-criteria at-least 2
Related commands
success-criteria (DNS server view)
success-criteria (DNS server view)
Use success-criteria to specify the health monitoring success criteria for a DNS server.
Use undo success-criteria to restore the default.
Syntax
success-criteria { all | at-least min-number }
undo success-criteria
Default
Health monitoring succeeds only when all the specified health monitoring methods succeed.
Views
DNS server view
Predefined user roles
network-admin
Parameters
all: Specifies the health monitoring success criteria as all successful health monitoring methods.
at-least min-number: Specifies the health monitoring success criteria as the specified minimum number of successful health monitoring methods, in the range of 1 to 4294967295.
Usage guidelines
If the min-number setting exceeds the number of existing health monitoring methods on the device, the number of existing health monitoring methods applies.
The health monitoring success criteria configuration in DNS server view takes precedence over the configuration in DNS server pool view.
Examples
# Configure the health monitoring success criteria for DNS server ds1 as a minimum number of 2 successful health monitoring methods.
<Sysname> system-view
[Sysname] loadbalance dns-server ds1
[Sysname-lb-ds-ds1] success-criteria at-least 2
Related commands
success-criteria (DNS server pool view)
success-criteria (link group view)
Use success-criteria to specify the health monitoring success criteria for a link group.
Use undo success-criteria to restore the default.
Syntax
success-criteria { all | at-least min-number }
undo success-criteria
Default
Health monitoring succeeds only when all the specified health monitoring methods succeed.
Views
Link group view
Predefined user roles
network-admin
Parameters
all: Specifies the health monitoring success criteria as all successful health monitoring methods.
at-least min-number: Specifies the health monitoring success criteria as the specified minimum number of successful health monitoring methods, in the range of 1 to 4294967295.
Usage guidelines
If the min-number setting exceeds the number of existing health monitoring methods on the device, the number of existing health monitoring methods applies.
The health monitoring success criteria configuration in link view takes precedence over the configuration in link group view.
Examples
# Configure the health monitoring success criteria for the link group lg as a minimum number of 2 successful health monitoring methods.
<Sysname> system-view
[Sysname] loadbalance link-group lg
[Sysname-lb-lgroup-lg] success-criteria at-least 2
Related commands
success-criteria (link view)
success-criteria (link view)
Use success-criteria to specify the health monitoring success criteria for an LB link.
Use undo success-criteria to restore the default.
Syntax
success-criteria { all | at-least min-number }
undo success-criteria
Default
Health monitoring succeeds only when all the specified health monitoring methods succeed.
Views
LB link view
Predefined user roles
network-admin
Parameters
all: Specifies the health monitoring success criteria as all successful health monitoring methods.
at-least min-number: Specifies the health monitoring success criteria as the specified minimum number of successful health monitoring methods, in the range of 1 to 4294967295.
Usage guidelines
If the min-number setting exceeds the number of existing health monitoring methods on the device, the number of existing health monitoring methods applies.
Examples
# Configure the health monitoring success criteria for the LB link lk1 as a minimum number of 2 successful health monitoring methods.
<Sysname> system-view
[Sysname] loadbalance link lk1
[Sysname-lb-link-lk1] success-criteria at-least 2
Related commands
success-criteria (link group view)
timeout (proximity view)
Use timeout to set the timeout timer for proximity entries.
Use undo timeout to restore the default.
Syntax
timeout timeout-value
undo timeout
Default
The timeout timer for proximity entries is 60 seconds.
Views
Proximity view
Predefined user roles
network-admin
Parameters
timeout-value: Specifies the timeout timer in the range of 60 to 3600 seconds.
Examples
# Set the timeout timer for proximity entries to 80 seconds.
[Sysname] loadbalance proximity
[Sysname-lb-proximity] timeout 80
timeout (sticky group view)
Use timeout to set the timeout timer for sticky entries.
Use undo timeout to restore the default.
Syntax
timeout timeout-value
undo timeout
Default
The timeout timer for sticky entries is 60 seconds.
Views
Sticky group view
Predefined user roles
network-admin
Parameters
timeout-value: Specifies the timeout timer in the range of 10 to 604800 seconds.
Examples
# Set the timeout timer for sticky entries to 100 seconds in the address- and port-type sticky group sg1.
<Sysname> system-view
[Sysname] sticky-group sg1 type address-port
[Sysname-sticky-address-port-sg1] timeout 100
transparent enable
Use transparent enable to disable NAT for a link group.
Use undo transparent enable to enable NAT for a link group.
Syntax
transparent enable
undo transparent enable
Default
NAT is enabled for a link group.
Views
Link group view
Predefined user roles
network-admin
Examples
# Disable NAT for the link group lg.
<Sysname> system-view
[Sysname] loadbalance link-group lg
[Sysname-lb-lgroup-sinalab] transparent enable
ttl weight
Use ttl weight to set the TTL weight for proximity calculation.
Use undo ttl weight to restore the default.
Syntax
ttl weight ttl-weight
undo ttl weight
Default
The TTL weight for proximity calculation is 100.
Views
Proximity view
Predefined user roles
network-admin
Parameters
ttl-weight: Specifies the TTL weight for proximity calculation, in the range of 0 to 255. A larger value indicates a higher weight.
Examples
# Set the TTL weight for proximity calculation to 200.
[Sysname] loadbalance proximity
[Sysname-lb-proximity] ttl weight 200
virtual ip address
Use virtual ip address to configure an IPv4 address (VSIP) for a virtual server.
Use undo virtual ip address to restore the default.
Syntax
virtual ip address ipv4-address [ mask-length | mask ]
undo virtual ip address
Default
No IPv4 address is configured for a virtual server.
Views
Virtual server view
Predefined user roles
network-admin
Parameters
ipv4-address: Specifies an IPv4 address. It cannot be a loopback address, multicast address, broadcast address, or an address in the format of 0.X.X.X (with a mask length of 32).
mask-length: Specifies a mask length in the range of 0 to 32. The default is 32.
mask: Specifies a subnet mask. The default is 255.255.255.255.
Examples
# Configure the IPv4 address for the link-IP-type virtual server vs3 as 1.1.1.1/24.
<Sysname> system-view
[Sysname] virtual-server vs3 type link-ip
[Sysname-vs-link-ip-vs3] virtual ip address 1.1.1.1 24
virtual ipv6 address
Use virtual ipv6 address to configure an IPv6 address (VSIP) for a virtual server.
Use undo virtual ipv6 address to restore the default.
Syntax
virtual ipv6 address ipv6-address [ prefix-length ]
undo virtual ipv6 address
Default
No IPv6 address is configured for a virtual server.
Views
Virtual server view
Predefined user roles
network-admin
Parameters
ipv6-address: Specifies an IPv6 address, which cannot be a loopback address, IPv6 multicast address, link-local address, or all-zero address (when the prefix length is not 0).
prefix-length: Specifies a prefix length in the range of 0 to 128. The default is 128.
Examples
# Configure the IPv6 address for the link-IP-type virtual server vs3 as 1001::1/64.
<Sysname> system-view
[Sysname] virtual-server vs3 type link-ip
[Sysname-vs-link-ip-vs3] virtual ipv6 address 1001::1 64
virtual-server
Use virtual-server to create a virtual server and enter its view, or enter the view of an existing virtual server.
Use undo virtual-server to delete the specified virtual server.
Syntax
virtual-server virtual-server-name [ type link-ip ]
undo virtual-server virtual-server-name
Default
No virtual servers exist.
Views
System view
Predefined user roles
network-admin
Parameters
virtual-server-name: Specifies the virtual server name, a case-insensitive string of 1 to 63 characters.
type { link-ip }: Specifies the virtual server type as link-IP. When you create a virtual server, you must specify a virtual server type. You can enter an existing virtual server view without entering the type of the virtual server.
Examples
# Create the virtual server vs3 with the link-IP type, and enter virtual server view.
<Sysname> system-view
[Sysname] virtual-server vs3 type link-ip
[Sysname-vs-link-ip-vs3]
weight (DNS server view)
Use weight to set the weight of a DNS server to be used by the weighted round robin algorithm and bandwidth algorithm.
Use undo weight to restore the default.
Syntax
weight weight-value
undo weight
Default
The weight of a DNS server is 100.
Views
DNS server view
Predefined user roles
network-admin
Parameters
weight-value: Specifies the weight in the range of 1 to 255. A greater value means a higher priority in scheduling.
Examples
# Set the weight of the DNS server ds1 to 150.
<Sysname> system-view
[Sysname] loadbalance dns-server ds1
[Sysname-lb-ds-ds1] weight 150
weight (link view)
Use weight to set the weight of a link to be used by the weighted round robin and weighted least connection algorithms.
Use undo weight to restore the default.
Syntax
weight weight-value
undo weight
Default
The weight of a link is 100.
Views
Link view
Predefined user roles
network-admin
Parameters
weight-value: Specifies the weight in the range of 1 to 255. For the weighted round robin or weighted least connection algorithm, a greater value means a higher priority to be referenced.
Examples
# Set the weight of the link lk1 to 150.
<Sysname> system-view
[Sysname] loadbalance link lk1
[Sysname-lb-link-lk1] weight 150
activate,24
backup interface,1
backup threshold,2
backup timer delay,3
backup timer flow-check,4
backup track,5
bandwidth busy-protection enable (transparent DNS proxy view),25
bandwidth busy-protection enable (virtual server view),25
bandwidth busy-rate,26
bandwidth interface statistics enable,27
bandwidth weight,27
class,28
connection-limit max (link view),29
connection-limit max (virtual server view),29
cost,30
cost weight,30
default dns-server-pool,31
default link-group,32
default-class action,32
delay,9
description,33
display interface-backup state,6
display interface-backup statistics,7
display loadbalance action,34
display loadbalance alg,35
display loadbalance class,36
display loadbalance dns-proxy,37
display loadbalance dns-proxy statistics,39
display loadbalance dns-server,39
display loadbalance dns-server statistics,41
display loadbalance dns-server-pool,42
display loadbalance isp,44
display loadbalance link,46
display loadbalance link statistics,52
display loadbalance link-group,49
display loadbalance policy,53
display loadbalance proximity,54
display loadbalance snat-pool,55
display parameter-profile,56
display sticky,57
display sticky-group,59
display track,10
display virtual-server,61
display virtual-server statistics,63
dns-server-pool (DNS server view),65
dns-server-pool (LB action view),64
fail-action,66
fallback-action continue,66
forward all,67
ip,67
ip address (DNS server view),69
ip address (ISP view),70
ip address (transparent DNS proxy view),68
ip mask,70
ip range,71
ipv6,71
ipv6 address (DNS server view),72
ipv6 address (ISP view),73
ipv6 address (transparent DNS proxy view),73
ipv6 prefix,74
ipv6 range,75
lb-policy (transparent DNS proxy view),75
lb-policy (virtual server view),76
link,76
link-group (LB action view),77
link-group (link view),78
loadbalance action,78
loadbalance alg,79
loadbalance alg all-enable,80
loadbalance class,80
loadbalance dns-proxy,81
loadbalance dns-server,82
loadbalance dns-server-pool,82
loadbalance isp file,83
loadbalance isp name,84
loadbalance link,84
loadbalance link-group,85
loadbalance policy,85
loadbalance proximity,86
loadbalance schedule-test ip,86
loadbalance schedule-test ipv6,88
loadbalance snat-pool,89
match,89
match acl,90
match app-group,91
match class,92
match default,92
match destination,93
match destination domain-name,94
match domain-name,95
match isp,96
match source,96
max-bandwidth,97
max-number,98
object,13
override-limit enable,99
parameter,99
parameter-profile,100
port (DNS server view),100
port (transparent DNS proxy view),101
port (virtual server view),102
predictor (DNS server pool view),102
predictor (link group view),103
priority (DNS server view),105
priority (link view),105
probe (DNS server pool view),106
probe (DNS server view),107
probe (link group view),108
probe (link view),108
proximity enable,109
rate-limit bandwidth (link view),110
rate-limit bandwidth (virtual server view),111
rate-limit connection (link view),111
rate-limit connection (virtual server view),112
reset loadbalance connections,113
reset loadbalance dns-proxy statistics,113
reset loadbalance dns-server statistics,113
reset loadbalance link statistics,114
reset loadbalance proximity,114
reset virtual-server statistics,115
router ip,115
router ipv6,116
rtt weight,116
selected-link,117
selected-server,118
service enable (transparent DNS proxy view),118
service enable (virtual server view),119
set ip tos (LB action view),119
set ip tos (parameter profile view),120
shutdown,120
skip current-dns-proxy,121
slow-online,121
slow-shutdown enable,122
snat-pool,123
snmp-agent trap enable loadbalance,123
sticky-group,124
success-criteria (DNS server pool view),125
success-criteria (DNS server view),125
success-criteria (link group view),126
success-criteria (link view),127
threshold percentage,14
threshold weight,15
timeout (proximity view),128
timeout (sticky group view),128
track interface,15
track interface physical,16
track interface protocol,17
track ip route reachability,18
track list boolean,19
track list threshold percentage,20
track list threshold weight,21
track nqa,22
transparent enable,129
ttl weight,129
virtual ip address,130
virtual ipv6 address,130
virtual-server,131
weight (DNS server view),131
weight (link view),132