Unless otherwise specified, the tem "interface" in this chapter refers to a Layer 3 interface. It can be a VLAN interface or a Layer 3 Ethernet interface. Layer 3 Ethernet interfaces refer to the Ethernet interfaces that operate in Layer 3 mode. For information about switching the Ethernet interface operating mode, see Layer 2—LAN Switching Configuration Guide.

display mpls forwarding ilm

Use display mpls forwarding ilm to display Incoming Label Map (ILM) entries.

Syntax

In standalone mode:

display mpls forwarding ilm [ label ] [ slot slot-number ]

In IRF mode:

display mpls forwarding ilm [ label ] [ chassis chassis-number slot slot-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

label: Displays the ILM entry with the specified incoming label. The value range for this argument is 16 to 1048575. If you do not specify an incoming label, this command displays information about all ILM entries.

slot slot-number: Specifies a card by its slot number. If you do not specify a card, this command displays ILM entries on the active MPU. (In standalone mode.)

chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The chassis-number argument represents the member ID of the IRF member device. The slot-number argument represents the slot number of the card. If you do not specify a card, this command displays ILM entries for the global active MPU. (In IRF mode.)

Usage guidelines

An ILM entry records the label operation type, outgoing label, and other forwarding information.

After an LSR receives a labeled packet, it performs the following operations:

1. Identifies the ILM entry that matches the top label of the packet.

2. Performs the specified label operation.

3. Forwards the packet.

Examples

# Display the ILM entry with incoming label 30.

<Sysname> display mpls forwarding ilm 30

Flags: T - Forwarded through a tunnel

N - Forwarded through the outgoing interface to the nexthop IP address

B - Backup forwarding information

A - Active forwarding information

InLabel Oper VRF Flag SwapLabel Forwarding Info

--------------------------------------------------------------------------------

30 SWAP 0 T 1000 1024

# Display all ILM entries for the card in slot 3.

<Sysname> display mpls forwarding ilm slot 3

Total ILM entries: 3

Flags: T - Forwarded through a tunnel

N - Forwarded through the outgoing interface to the nexthop IP address

B - Backup forwarding information

A - Active forwarding information

InLabel Oper VRF Flag SwapLabel Forwarding Info

--------------------------------------------------------------------------------

30 SWAP 0 T 1000 1024

1279 POP 0 - - -

1407 SWAP 0 NA 1271 Vlan10 50.2.0.2

NB 1270 Tun0 0.0.0.0

Table 1 Command output

Field	Description
Total ILM entries	Total number of ILM entries.
InLabel	Incoming label.
Oper	Operation type: · POP—Pops the label. · POPGO—Pops the label and forwards the packet to another tunnel. · SWAP—Swaps the label.
VRF	Index of a VPN instance.
Flag	Forwarding flag: · T—Forwarded through a tunnel. · N—Forwarded through the outgoing interface to the next hop IP address. · B—Backup forwarding information. · A—Active forwarding information.
SwapLabel	Outgoing label value.
Forwarding Info	Forwarding information: · When the forwarding flag is N, the forwarding information records the outgoing interface and the next hop. · When the forwarding flag is T, the forwarding information records the NID.

display mpls forwarding nhlfe

Use display mpls forwarding nhlfe to display Next Hop Label Forwarding Entry (NHLFE) entries.

Syntax

In standalone mode:

display mpls forwarding nhlfe [ nid ] [ slot slot-number ]

In IRF mode:

display mpls forwarding nhlfe [ nid ] [ chassis chassis-number slot slot-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

nid: Displays the NHLFE entry with the specified NID. The NID value range is 0 to 4294967294. If you do not specify an NID, this command displays information about all NHLFE entries.

slot slot-number: Specifies a card by its slot number. If you do not specify a card, this command displays NHLFE entries on the active MPU. (In standalone mode.)

chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The chassis-number argument represents the member ID of the IRF member device. The slot-number argument represents the slot number of the card. If you do not specify a card, this command displays NHLFE entries for the global active MPU. (In IRF mode.)

Usage guidelines

An NHLFE entry records label forwarding information, such as the outgoing label and outgoing interface. NHLFE entries are mainly used to add multiple labels to packets.

To add multiple labels to a packet, an LSR performs the following operations:

1. Obtains the bottom label and NID in the matching FIB or ILM entry.

2. Obtains the outer label in the NHLFE entry identified by the NID.

Examples

# Display the NHLFE entry with NID 2048.

<Sysname> display mpls forwarding nhlfe 2048

Flags: T - Forwarded through a tunnel

N - Forwarded through the outgoing interface to the nexthop IP address

B - Backup forwarding information

A - Active forwarding information

NID Tnl-Type Flag OutLabel Forwarding Info

--------------------------------------------------------------------------------

2048 LSP NA 2025 Vlan10 10.11.112.26

# Display all NHLFE entries for the card in slot 3.

<Sysname> display mpls forwarding nhlfe slot 3

Total NHLFE entries: 5

Flags: T - Forwarded through a tunnel

N - Forwarded through the outgoing interface to the nexthop IP address

B - Backup forwarding information

A - Active forwarding information

NID Tnl-Type Flag OutLabel Forwarding Info

--------------------------------------------------------------------------------

10 - TA - 2049

20 - TA - 2050

2048 LSP NA 2025 Vlan2 10.11.112.26

2049 LSP NA 3024 Vlan2 10.11.112.26

TB 3026 20

2050 LSP NA 3025 Vlan10 10.11.113.26

Table 2 Command output

Field	Description
Total NHLFE entries	Total number of NHLFE entries.
NID	NHLFE entry index.
Tnl-Type	Tunnel type: · LOCAL—Direct LSP tunnel. · LSP—Static LSP tunnel, or LSP tunnel signaled using LDP or BGP. · TE—TE tunnel. · CRLSP—Static CRLSP tunnel or CRLSP tunnel signaled using RSVP. · - (a hyphen)—The tunnel type is invalid.
Flag	Forwarding flag: · T—Forwarded through a tunnel. · N—Forwarded through the outgoing interface to the next hop IP address. · B—Backup forwarding information. · A—Active forwarding information.
OutLabel	Outgoing label.
Forwarding Info	Forwarding information: · When the forwarding flag is N, the forwarding information records the outgoing interface and the next hop. · When the forwarding flag is T, the forwarding information records the NID.

display mpls interface

Use display mpls interface to display MPLS interface information, including the interface name, interface status, and interface MPLS MTU.

Syntax

display mpls interface [ interface-type interface-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

interface-type interface-number: Specifies an interface by the interface type and number. If you do not specify an interface, this command displays MPLS information for all MPLS-enabled interfaces.

Examples

# Display all MPLS interfaces.

<Sysname> display mpls interface

Interface Status MPLS MTU

Vlan2 Up 1500

Vlan20 Up 1500

The MPLS MTU of an interface is in bytes.

Related commands

· mpls enable

· mpls mtu

display mpls label

Use display mpls label to display MPLS label usage information.

Syntax

display mpls label { label-value1 [ to label-value2 ] | all }

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

label-value1: Specifies a label value in the range of 16 to 1048575. If used with the label-value2 argument, the label-value1 argument represents the start label of a label range.

to label-value2: Specifies the end label of the label range. The value range for the end label is 16 to 1048575. If you specify a label range by using the label-value1 argument and the to label-value2 option, this command displays usage information for the specified range of labels.

all: Specifies all labels.

Examples

# Display usage information for labels 1025 through 1027.

<Sysname> display mpls label 1025 to 1027

Label Owner State

1025 LDP Alloc

1026 LDP Alloc

1027 LDP Inuse

Table 3 Command output

Field	Description
Label	Label value.
Owner	Protocol that is using the label. Possible values include LDP, BGP, and RSVP.
State	Usage state of the label: · Idle—The label is idle. · Alloc—The label has been allocated. · Pending—The label has been released but is still used by an LSP entry. · Inuse—The label has been allocated and used by an LSP entry.

display mpls lsp

Use display mpls lsp to display LSP information.

Syntax

display mpls lsp [ egress | in-label label-value | ingress | outgoing-interface interface-type interface-number | protocol { bgp | ldp | local | rsvp-te | static | static-cr } | transit ] [ vpn-instance vpn-instance-name ] [ ipv4-dest mask-length ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

egress: Displays the LSPs taking the current LSR as the egress.

in-label label-value: Displays the LSPs using the specified label as the incoming label, in the range of 0 to 1048575.

ingress: Displays the LSPs taking the current LSR as the ingress.

outgoing-interface interface-type interface-number: Displays the LSPs using the specified interface as the outgoing interface. The interface-type interface-number argument specifies an interface by its type and number.

protocol: Displays the LSPs established by a specific protocol.

bgp: Displays BGP LSPs.

ldp: Displays LDP LSPs.

local: Displays the direct LSP.

rsvp-te: Displays CRLSPs established by RSVP-TE.

static: Displays static LSPs.

static-cr: Displays static CRLSPs.

transit: Displays the LSPs taking the current LSR as a transit LSR.

vpn-instance vpn-instance-name: Displays LSPs for the specified VPN. The vpn-instance-name is a case-sensitive string of 1 to 31 characters. If you do not specify this option, the command displays LSPs for the public network.

ipv4-dest mask-length: Displays the IPv4 LSP for an FEC specified by an IPv4 address and a mask length. The value range for the mask length is 0 to 32.

verbose: Displays detailed LSP information. If you do not specify this keyword, the command displays brief LSP information.

Usage guidelines

If you do not specify any parameters, this command displays brief information about all LSPs. If you specify only the verbose keyword, this command displays detailed information about all LSPs.

Examples

# Display brief information about all IPv4 LSPs.

<Sysname> display mpls lsp

FEC Proto In/Out Label Interface/Out NHLFE

100.100.100.100/24 LDP -/1049 Vlan20

Backup -/1050 Vlan21

100.100.100.10/24 LDP -/1051 Vlan22

Backup -/1050 Vlan21

100.100.100.10/24 LDP -/1049 Vlan30

101.100.100.10/24 LDP 1026/1049 Vlan20

102.100.100.10/24 LDP 1027/- -

103.100.100.10/24 LDP 1028/1049 Tunnel10

110.100.100.20/24 BGP -/1049 Vlan20

111.100.100.10/24 BGP 2028/1049 Vlan20

112.100.100.10/24 BGP 2029/- Vlan20

113.100.100.10/24 BGP 2030/1049 NHLFE1500

114.100.100.10/24 BGP 2031/1050 Tunnel100

100.100.100.100 Local -/- Vlan20

101.101.101.101/32 Static -/100 Vlan20

- Static 100/200 Vlan20

- Static 101/- Vlan20

200.200.200.200/64000/64000 RSVP -/1030 Vlan10

201.200.200.200/64000/64000 RSVP 1024/1031 Vlan10

202.200.200.200/64000/64000 RSVP 1025/- -

150.140.150.100/64001/0 StaticCR -/1000 Vlan10

- StaticCR 50/1001 Vlan10

- StaticCR 51/- -

Table 4 Command output

Field	Description
FEC	Forwarding equivalence class: · IP address/mask—Classifies FECs by destination address. · IP address—Classifies FECs by next hop. · IP address/Out Label—Classifies FECs by next hop and outgoing label. · Ingress LSR ID/Tunnel ID/LSP ID—RSVP TE FEC. · - (a hyphen)—The LSP is a static transit LSP, static egress LSP, static transit CRLSP, or static egress CRLSP. · Backup—If the LSP is a backup LSP of the previous LSP, this field displays Backup.
Proto	Label distribution protocol: · LDP. · BGP. · RSVP. · Static. · StaticCR—Static CRLSP. · Local—The LSP is a direct LSP.
In/Out Label	Incoming label/outgoing label.
Interface/Out NHLFE	Outgoing interface name or NHLFE entry index. NHLFEnumber specifies the outer LSP that carries the current LSP. The outer LSP is that matches the NHLFE entry with an NID of number.

# Display detailed information about all LSPs.

<Sysname> display mpls lsp verbose

Destination : 56.10.10.2

FEC : 56.10.10.2/32

Protocol : LDP

LSR Type : Egress

Service : -

In-Label : 1024

State : Active

Destination : 56.10.10.4

FEC : 56.10.10.2/32

Protocol : LDP

LSR Type : Transit

Service : -

In-Label : 1026

Path ID : 0x40000000.1

State : Active

Out-Label : 1800

Nexthop : 10.1.1.2

Out-Interface: Vlan10

BkLabel : 1900

BkNexthop : 20.1.1.2

BkInterface : Vlan20

Destination : 56.10.10.4

FEC : 56.10.10.2/32

Protocol : LDP

LSR Type : Ingress

Service : -

NHLFE ID : 2000

State : Active

Out-Label : 1800

Nexthop : 10.1.1.2

Out-Interface: Vlan10

Table 5 Command output

Field	Description
Destination	LSP destination address.
FEC	Forwarding equivalence class: · IP address/mask—Classifies FECs by destination address. · IP address—Classifies FECs by next hop. · IP address/Out Label—Classifies FECs by next hop and outgoing label. · Ingress LSR ID/Tunnel ID/LSP ID—RSVP TE FEC. · - (a hyphen)—The LSP is a static transit LSP, static egress LSP, static transit CRLSP, or static egress CRLSP.
Protocol	Label distribution protocol: · LDP. · BGP. · RSVP. · Static. · StaticCR—Static CRLSP. · Local—Direct LSP.
LSR Type	LSR type: · Ingress—The current LSR is the ingress node of the LSP. · Transit—The current LSR is a transit node of the LSP. · Egress—The current LSR is the egress node of the LSP.
Service	Service deployed on the LSP. This field is not supported in the current software release.
Path ID	Forwarding path. The value is in the format of 0xnn.m, where nn represents the NHLFE group ID of the outer LSPs that carry the current LSP, and m represents the sequence number of the equivalence path.
NHLFE ID	NHLFE entry index.
State	LSP state: · Active—The LSP is in use. · Inactive—The LSP is idle.
BkLabel	Outgoing label of the backup LSP.
BkNexthop	Next hop address of the backup LSP.
BkInterface	Outgoing interface of the backup LSP.

Related commands

display mpls lsp statistics

Use display mpls lsp statistics to display LSP statistics.

Syntax

display mpls lsp statistics

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Examples

# Display LSP statistics.

<Sysname> display mpls lsp statistics

LSP Type Ingress/Transit/Egress Active

Static LSP 0/0/0 0/0/0

Static CRLSP 0/0/0 0/0/0

LDP LSP 2/2/1 2/2/1

RSVP CRLSP 0/0/0 0/0/0

BGP LSP 0/0/0 0/0/0

Local LSP 2/0/0 2/0/0

-----------------------------------------------------

Total 4/2/1 4/2/1

Table 6 Command output

Field	Description
LSP Type	LSP types: · Static LSP. · Static CRLSP. · LDP LSP. · Local LSP (direct LSP). · RSVP CRLSP. · BGP LSP.
Total	Total number of LSPs.
Ingress	Number of LSPs that take the local device as the ingress node.
Transit	Number of LSPs that take the local device as a transit node.
Egress	Number of LSPs that take the local device as the egress node.
Active	Number of active LSPs of a specific type.

display mpls nib

Use display mpls nib to display MPLS Nexthop Information Base (NIB) information.

Syntax

display mpls nib [ nib-id ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

nib-id: Specifies a next hop ID in the range of 1 to FFFFFFFFFFFFFFFE. If you do not specify a next hop, this command displays information about all MPLS next hops.

Examples

# Display information about all MPLS next hops.

<Sysname> display mpls nib

NIB ID: 0x40000000

Users: 1

Status: Active

ECMP number: 1

Outgoing NHLFE ID: 1024

Backup outgoing NHLFE ID: 1027

Table 7 Command output

Field	Description
NIB ID	ID of the next hop.
Users	Number of ILM entries that use this next hop.
Status	Next hop status: · Active—The next hop is active. · Dummy—The next hop is inactive .
ECMP number	Number of equal-cost NHLFE entries.
Outgoing NHLFE ID	ID of the NHLFE entry to which the next hop corresponds.
Backup outgoing NHLFE ID	ID of the backup NHLFE entry.

display mpls nid

Use display mpls nid to display usage information for dynamic NIDs.

Syntax

display mpls nid [ nid-value1 [ to nid-value2 ] ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

nid-value1: Specifies an NID in the range of 0 to 65535. If used with the nid-value2 argument, the nid-value1 argument represents the start NID of an NID range.

to nid-value2: Specifies the end NID of the NID range. The value range for the end NID is 0 to 65535. If you specify an NID range by using the nid-value1 argument and the to nid-value2 option, this command displays usage information for the specified range of NIDs.

Usage guidelines

NIDs are 32-bit binary numbers. They include fixed NIDs and dynamic NIDs.

· Fixed NIDs—Generated for tunnel interfaces. The highest four bits are a value other than 0000.

· Dynamic NIDs—NIDs except fixed NIDs. The highest four bits are 0s.

If you do not specify any parameters, this command displays usage information for all dynamic NIDs.

Examples

# Display usage information for dynamic NIDs 1028 through 1500.

<Sysname> display mpls nid 1028 to 1500

NID alloc state: '.' means not used, '$' means used

1028 :...$.... ........ ........ ........ ........ ........ ........ ........

1092 :........ ........ ........ ........ ........ ........ ........ ........

1156 :........ ........ ........ ........ ........ ........ ........ ........

1220 :........ ........ ........ ........ ........ ........ ........ ........

1284 :........ ........ ........ ........ ........ ........ ........ ........

1348 :........ ........ ........ ........ ........ ........ ........ ........

1412 :........ ........ ........ ........ ........ ........ ........ ........

1476 :........ ........ ........ .

display mpls summary

Use display mpls summary to display MPLS summary information.

Syntax

display mpls summary

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Examples

# Display MPLS summary information.

<Sysname> display mpls summary

MPLS LSR ID : 2.2.2.2

Egress Label Type: Implicit-null

Labels:

Range Idle

16-1023 1008

1024-65535 64354

Protocols:

Type State

BGP Normal

Static Normal

Table 8 Command output

Field	Description
Egress Label Type	Label type that the egress assigns to the penultimate hop: · Implicit-null. · Explicit-null. · Non-null.
Labels	Label information.
Range	Label range.
Idle	Number of idle labels in the label range.
Protocols	Running label distribution protocols and the related information.
Type	Protocol type: LDP, BGP, RSVP, Static, Static CRLSP, or TE.
State	Label distribution protocol running status: · Normal. · Recover—The protocol is in the GR process.

mpls enable

Use mpls enable to enable MPLS on an interface.

Use undo mpls enable to disable MPLS on an interface.

Syntax

mpls enable

undo mpls enable

Default

MPLS is disabled on an interface.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Examples

# Enable MPLS on interface VLAN-interface 2.

<Sysname> System-view

[Sysname] interface vlan-interface 2

[Sysname-Vlan-interface2] mpls enable

Related commands

display mpls interface

mpls label advertise

Use mpls label advertise to specify the type of label the egress will advertise to the penultimate hop.

Use undo mpls label advertise to restore the default.

Syntax

mpls label advertise { explicit-null | implicit-null | non-null }

undo mpls label advertise

Default

As an egress, the device advertises an implicit null label to the penultimate hop.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

explicit-null: Specifies the egress to advertise an explicit null label of 0 to the penultimate hop.

implicit-null: Specifies the egress to advertise an implicit null label of 3 to the penultimate hop.

non-null: Specifies the egress to advertise a normal label to the penultimate hop. The value range for a normal label is 16 to 1048575.

Usage guidelines

As a best practice, configure the egress to advertise an implicit null label to the penultimate hop if the penultimate hop supports PHP. If you want to simplify packet forwarding on the egress but keep labels to determine QoS policies, configure the egress to advertise an explicit null label to the penultimate hop. Use non-null labels only in particular scenarios. For example, when OAM is configured on the egress, the egress can get the OAM function entity status only through non-null labels.

As a penultimate hop, the device accepts the implicit null label, explicit null label, or normal label advertised by the egress device.

For LDP LSPs, the mpls label advertise command triggers LDP to delete the LSPs established before the command is executed and re-establishes new LSPs.

For BGP LSPs, the mpls label advertise command takes effect only for the BGP LSPs established after the command is executed. To apply the new setting to BGP LSPs established before the command is executed, delete the routes corresponding to the BGP LSPs, and then redistribute the routes.

Examples

# Configure the egress device to advertise an explicit null label to the penultimate hop.

<Sysname> system-view

[Sysname] mpls label advertise explicit-null

Related commands

reset mpls ldp

mpls lsr-id

Use mpls lsr-id to configure an LSR ID for the local LSR.

Use undo mpls lsr-id to delete the LSR ID of the local LSR.

Syntax

mpls lsr-id lsr-id

undo mpls lsr-id

Default

An LSR has no LSR ID.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

lsr-id: Specifies an ID for identifying the LSR, in dotted decimal notation.

Usage guidelines

As a best practice, use the address of a loopback interface on the LSR as the LSR ID.

Examples

# Configure the LSR ID as 3.3.3.3 for the local node.

<Sysname> system-view

[Sysname] mpls lsr-id 3.3.3.3

Related commands

lsr-id

mpls mtu

Use mpls mtu to configure the MPLS MTU for an interface.

Use undo mpls mtu to restore the default.

Syntax

mpls mtu value

undo mpls mtu

Default

The MPLS MTU of an interface is not configured. Fragmentation for MPLS packets is based on the MTU of the interface, and the length of a fragment does not include that of the MPLS label. Thus, after an MPLS label is added into a fragment, the length of the MPLS fragment might exceed the interface MTU.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

value: Specifies the MPLS MTU of the interface, in the range of 46 to 65535 bytes.

Usage guidelines

This command is effective only when MPLS is enabled on the interface.

If the MPLS MTU is larger than the interface MTU, data forwarding might fail.

MPLS TE tunnel interfaces do not support this command.

Examples

# Set the MPLS MTU of interface VLAN-interface 2 to 1000 bytes.

<Sysname> system-view

[Sysname] interface vlan-interface 2

[Sysname-Vlan-interface2] mpls enable

[Sysname-Vlan-interface2] mpls mtu 1000

Related commands

display mpls interface

mpls ttl expiration enable

Use mpls ttl expiration enable to enable the sending of MPLS TTL-expired messages.

Use undo mpls ttl expiration enable to disable the sending of MPLS TTL-expired messages.

Syntax

mpls ttl expiration enable

undo mpls ttl expiration enable

Default

The MPLS TTL-expired messages sending function is enabled.

Views

System view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

The mpls ttl expiration enable command enables an LSR to generate an ICMP TTL-expired message upon receiving an MPLS packet with TTL being 1.

· If the MPLS packet has only one label, the LSR sends the ICMP TTL-expired message back to the source through IP routing.

· If the MPLS packet has multiple labels, the LSR forwards the ICMP TTL-expired message along the LSP of the MPLS packet to the egress, which then sends the message back to the source.

Examples

# Disable the MPLS TTL-expired messages sending function.

<Sysname> system-view

[Sysname] undo mpls ttl expiration enable

mpls ttl propagate

Use mpls ttl propagate to enable TTL propagation.

Use undo mpls ttl propagate to disable TTL propagation.

Syntax

mpls ttl propagate { public | vpn }

undo mpls ttl propagate { public | vpn }

Default

TTL propagation is enabled for public network packets and disabled for VPN packets.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

public: Specifies public network packets.

vpn: Specifies VPN packets.

Usage guidelines

When TTL propagation is enabled, MPLS performs the following operations:

· Copies the IP TTL to the label TTL for packets entering the MPLS network.

· Copies the label TTL to the IP TTL for packets leaving the MPLS network.

If you enable TTL propagation on both the ingress and egress, the IP tracert facility can show the real path in the MPLS network.

When TTL propagation is disabled, MPLS performs the following operations:

· Sets the label TTL to 255 for packets entering the MPLS network.

· Pops the label for packets leaving the MPLS network, without copying the label TTL value to the IP TTL.

The IP tracert facility cannot show the real path in the MPLS network.

After TTL propagation is enabled or disabled, execute the reset mpls ldp command to make the configuration take effect.

Within an MPLS network, TTL is always copied between the labels of an MPLS packet. The mpls ttl propagate command affects only the propagation between IP TTL and label TTL.

As a best practice, set the same TTL processing mode on all LSRs of an LSP.

To enable TTL propagation for a VPN, you must enable it on all PE devices in the VPN. This allows you to obtain the same traceroute result (hop count) from those PEs.

After TTL propagation is disabled, the device cannot map the DSCP precedence of packets entering the MPLS network to the EXP value of MPLS packets.

Examples

# Enable TTL propagation for VPN packets.

<Sysname> system-view

[Sysname] mpls ttl propagate vpn

Related commands

reset mpls ldp

snmp-agent trap enable mpls

Use snmp-agent trap enable mpls to enable SNMP notifications for MPLS.

Use undo snmp-agent trap enable mpls to disable SNMP notifications for MPLS.

Syntax

snmp-agent trap enable mpls

undo snmp-agent trap enable mpls

Default

SNMP notifications for MPLS are enabled.

Views

System view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

This command enables MPLS to generate SNMP notifications. The generated SNMP notifications are sent to the SNMP module.

For more information about SNMP notifications, see Network Management and Monitoring Configuration Guide.

Examples

# Enable SNMP notifications for MPLS.

<Sysname> system-view

[Sysname] snmp-agent trap enable mpls

Static LSP commands

The static LSP feature is available in Release 1138P01 and later versions.

display mpls static-lsp

Use display mpls static-lsp to display static LSP information.

Syntax

display mpls static-lsp [ lsp-name lsp-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

lsp-name lsp-name: Specifies a static LSP by its name, a case-sensitive string of 1 to 15 characters. If you do not specify a static LSP, this command displays information about all static LSPs.

Examples

# Display information about all static LSPs.

<Sysname> display mpls static-lsp

Total: 4

Name FEC In/Out Label Nexthop/Out Interface State

egress123 -/- 16/NULL - Up

ingress123 202.118.224.132/32 NULL/1022 100.100.100.19 Down

transit123 -/- 32/1022 100.100.100.17 Down

transit124 -/- 34/1020 10.2.1.1 Down

Table 9 Command output

Field	Description
Total	Total number of static LSPs.
Name	Name of the static LSP.
FEC	Forwarding equivalence class—IP prefix and the prefix length.
In/Out Label	Incoming label/outgoing label.

static-lsp egress

Use static-lsp egress to configure the egress node of a static LSP.

Use undo static-lsp egress to delete the egress node configuration of a static LSP.

Syntax

static-lsp egress lsp-name in-label in-label

undo static-lsp egress lsp-name

Default

No static LSP exists on the device.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

lsp-name: Specifies a name for the static LSP, a case-sensitive string of 1 to 15 characters.

in-label in-label: Specifies an incoming label in the range of 16 to 1023.

Examples

# Configure a static LSP on the egress node: specify the LSP's name as bj-sh and incoming label as 233.

<Sysname> system-view

[Sysname] static-lsp egress bj-sh in-label 233

Related commands

display mpls static-lsp

static-lsp ingress

Use static-lsp ingress to configure the ingress node of a static LSP.

Use undo static-lsp ingress to delete the ingress node configuration of a static LSP.

Syntax

static-lsp ingress lsp-name destination dest-addr { mask | mask-length } { nexthop next-hop-addr | outgoing-interface interface-type interface-number } out-label out-label

undo static-lsp ingress lsp-name

Default

No static LSP exists on the device.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

lsp-name: Specifies a name for the static LSP, a case-sensitive string of 1 to 15 characters.

destination dest-addr: Specifies a destination IP address for the LSP.

mask: Specifies the mask of the destination IP address.

mask-length: Specifies the mask length of the destination address, in the range of 0 to 32.

nexthop next-hop-addr: Specifies a next hop address.

outgoing-interface interface-type interface-number: Specifies an outgoing interface by its type and number. The specified interface must be a point-to-point interface.

out-label out-label: Specifies an outgoing label, a value of 0, 3, or in the range of 16 to 1023.

Usage guidelines

The next hop or outgoing interface specified for the LSP must be consistent with that of the optimal route destined for the specified address. If you configure a static IP route for the LSP, be sure to specify the same next hop or outgoing interface for the static route and the static LSP.

You must enable MPLS on the outgoing interface of the static LSP.

Examples

# Configure a static LSP on the ingress node: specify the LSP's name as bj-sh, destination address as 202.25.38.1/24, next hop address as 202.55.25.33, and outgoing label as 237.

<Sysname> system-view

[Sysname] static-lsp ingress bj-sh destination 202.25.38.1 24 nexthop 202.55.25.33 out-label 237

Related commands

display mpls static-lsp

static-lsp transit

Use static-lsp transit to configure the transit node of a static LSP.

Use undo static-lsp transit to delete the transit node configuration of a static LSP.

Syntax

static-lsp transit lsp-name in-label in-label { nexthop next-hop-addr | outgoing-interface interface-type interface-number } out-label out-label

undo static-lsp transit lsp-name

Default

No static LSP exists on the device.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

lsp-name: Specifies a name for the static LSP, a case-sensitive string of 1 to 15 characters.

in-label in-label: Specifies an incoming label in the range of 16 to 1023.

nexthop next-hop-addr: Specifies a next hop address.

outgoing-interface interface-type interface-number: Specifies an outgoing interface by its type and number. The specified interface must be a point-to-point interface.

out-label out-label: Specifies an outgoing label, a value of 0, 3, or in the range of 16 to 1023.

Usage guidelines

You must enable MPLS on the outgoing interface of the static LSP.

Examples

# Configure a static LSP on the transit node: specify the LSP's name as bj-sh, incoming label as 123, next hop address as 202.34.114.7, and outgoing label as 253.

<Sysname> system-view

[Sysname] static-lsp transit bj-sh in-label 123 nexthop 202.34.114.7 out-label 253

Related commands

display mpls static-lsp

LDP commands

The LDP feature is available in Release 1138P01 and later versions.

accept-label

Use accept-label to configure a label acceptance policy.

Use undo accept-label to remove the label acceptance policy.

Syntax

accept-label peer peer-lsr-id prefix-list prefix-list-name

undo accept-label peer peer-lsr-id

Default

No label acceptance policy is configured. LDP accepts all label mappings from all peers.

Views

LDP view, LDP-VPN instance view

Predefined user roles

network-admin

mdc-admin

Parameters

peer peer-lsr-id: Specifies an LDP peer by its LSR ID.

prefix-list prefix-list-name: Specifies an IP prefix list by its name, a case-sensitive string of 1 to 63 characters.

Usage guidelines

This feature enables you to control the number of FEC-label mappings received from peers. LDP accepts only the FEC-label mappings whose IP prefixes are permitted by the specified IP prefix list from the specified peer.

To accept the previously denied label mappings from a peer, use the undo accept-label command or change the IP prefix list for the peer. Then, execute the reset mpls ldp command to reset the LDP session with that peer to apply the new settings.

Using a label advertisement policy on an LSR or using a label acceptance policy on its upstream LSR can achieve the same purpose. As a best practice, use the label advertisement policy to reduce network load.

Examples

# Configure a label acceptance policy to accept only the FEC-label mappings containing prefixes 10.1.1.0/24 and 10.2.1.0/24 from the LDP peer 1.1.1.9.

<Sysname> system-view

[Sysname] ip prefix-list prefix-from-RTA index 1 permit 10.1.1.0 24

[Sysname] ip prefix-list prefix-from-RTA index 2 permit 10.2.1.0 24

[Sysname] mpls ldp

[Sysname-ldp] accept-label peer 1.1.1.9 prefix-list prefix-from-RTA

Related commands

· display mpls ldp peer verbose

· ip prefix-list (Layer 3—IP Routing Command Reference)

advertise-label

Use advertise-label to configure a label advertisement policy.

Use undo advertise-label to delete a label advertisement policy.

Syntax

advertise-label prefix-list prefix-list-name [ peer peer-prefix-list-name ]

undo advertise-label prefix-list prefix-list-name

Default

No label advertisement policy is configured. The device advertises label mappings permitted by the LSP generation policy to all peers.

Views

LDP view, LDP-VPN instance view

Predefined user roles

network-admin

mdc-admin

Parameters

prefix-list prefix-list-name: Specifies an IP prefix list by its name, a case-sensitive string of 1 to 63 characters. This prefix list filters advertised label mappings.

peer peer-prefix-list-name: Specifies an IP prefix list by its name, a case-sensitive string of 1 to 63 characters. This prefix list filters LDP peers. If you do not specify this option, the device advertises label mappings to all peers.

Usage guidelines

Use a label advertisement policy to filter label mappings advertised to peers.

Configure multiple label advertisement policies by executing this command multiple times.

If a label mapping is permitted by an advertisement policy, LDP advertises the mapping by following these rules:

· If the policy has no peer IP prefix list (peer peer-prefix-list-name not specified), LDP advertises the label mapping to all peers.

· If the policy has a peer IP prefix list, LDP advertises the label mapping to the peers permitted by the peer IP prefix list.

If a label mapping is permitted by multiple advertisement policies, LDP advertises the label mapping according to the first configured policy.

Examples

# Configure two label advertisement policies. One policy advertises only the label mapping for subnet 10.1.1.0/24 to the peer 3.3.3.9; the other policy advertises only the label mapping for subnet 10.2.1.0/24 to the peer 4.4.4.9.

<Sysname> system-view

[Sysname] ip prefix-list prefix-to-C permit 10.1.1.0 24

[Sysname] ip prefix-list prefix-to-D permit 10.2.1.0 24

[Sysname] ip prefix-list peer-C permit 3.3.3.9 32

[Sysname] ip prefix-list peer-D permit 4.4.4.9 32

[Sysname] mpls ldp

[Sysname-ldp] advertise-label prefix-list prefix-to-C peer peer-C

[Sysname-ldp] advertise-label prefix-list prefix-to-D peer peer-D

Related commands

· display mpls ldp fec

· ip prefix-list (Layer 3—IP Routing Command Reference)

· lsp-trigger

backoff

Use backoff to configure the LDP backoff initial delay time and maximum delay time.

Use undo backoff to restore the default.

Syntax

backoff initial initial-time maximum maximum-time

undo backoff

Default

The LDP backoff initial delay time is 15 seconds and the maximum delay time is 120 seconds.

Views

LDP view, LDP-VPN instance view

Predefined user roles

network-admin

mdc-admin

Parameters

initial initial-time: Specifies the LDP backoff initial delay time in the range of 15 to 50331 seconds.

maximum maximum-time: Specifies the LDP backoff maximum delay time in the range of 120 to 50331 seconds.

Usage guidelines

LDP peers continually negotiate with each other until a session is set up. If LDP peers use incompatible negotiation parameters (for example, different label advertisement modes), a large amount of negotiation traffic will enter the network. To suppress LDP session negotiation traffic, use this command to control the interval between negotiation attempts.

After LDP fails to establish a session with a peer LSR for the first time, LDP does not start another attempt until the initial delay timer expires. If the session setup fails again, LDP waits for two times the initial delay before the next attempt. This process continues until the maximum delay time is reached. After that, the maximum delay time always takes effect.

If you configure the initial delay time to be larger than the maximum delay time, the configuration does not take effect. LDP uses the maximum delay time as the initial delay time.

Examples

# Configure LDP backoff for the public network, and set the initial delay time to 100 seconds and the maximum delay time to 300 seconds.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] backoff initial 100 maximum 300

display mpls ldp discovery

Use display mpls ldp discovery to display LDP discovery information.

Syntax

In standalone mode:

display mpls ldp discovery [ vpn-instance vpn-instance-name ] [ interface interface-type interface-number | peer peer-lsr-id ] [ verbose ] [ standby slot slot-number ]

In IRF mode:

display mpls ldp discovery [ vpn-instance vpn-instance-name ] [ interface interface-type interface-number | peer peer-lsr-id ] [ verbose ] [ standby chassis chassis-number slot slot-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. The command displays LDP discovery information for the specified VPN. If you do not specify a VPN instance, this command displays LDP discovery information for the public network.

interface interface-type interface-number: Specifies an interface by its type and number.

peer peer-lsr-id: Specifies an LDP peer by its LSR ID.

verbose: Displays detailed LDP discovery information. If you do not specify this keyword, the command displays brief LDP discovery information.

standby: Displays backup LDP process information. If you do not specify this keyword, the command displays primary LDP process information.

slot slot-number: Specifies the slot number of the MPU where the standby process resides. (In standalone mode.)

chassis chassis-number slot slot-number: Specifies the MPU where the standby process resides. The chassis-number argument represents the IRF member ID of the device. The slot-number argument represents the slot number of the MPU. (In IRF mode.)

Usage guidelines

If you do not specify the interface and peer parameters, this command displays all LDP discovery information.

Examples

# Display brief LDP discovery information for the public network.

<Sysname> display mpls ldp discovery

Type: L - Link Hello, T - Targeted Hello

Discovery Source Peer LDP ID Hello Sent/Rcvd

(L) Vlan17 100.100.100.18:0 83/80

200.100.100.18:0 83/60

Table 10 Command output

Field	Description
Type	Type of LDP discovery. · L—Basic discovery, which sends Link Hellos to discover peers. · T—Extended discovery, which sends Targeted Hellos to discover peers. This type is not supported in the current software release.
Discovery Source	Discovery source. This field displays the interface that discovers the peer.
Peer LDP ID	LDP identifier of the LDP peer.
Hello Sent/Rcvd	Number of hellos sent to the peer/number of hellos received from the peer.

# Display detailed LDP discovery information for the public network.

<Sysname> display mpls ldp discovery verbose

Link Hellos:

Interface Vlan-interface17

Hello Interval : 5000 ms Hello Sent/Rcvd : 83/160

Transport Address: 100.100.100.17

Peer LDP ID : 100.100.100.18:0

Source Address : 202.118.224.18 Transport Address: 100.100.100.18

Hello Hold Time: 15 sec (Local: 15 sec, Peer: 15 sec)

Peer LDP ID : 100.100.100.20:0

Source Address : 202.118.224.20 Transport Address: 100.100.100.20

Hello Hold Time: 15 sec (Local: 15 sec, Peer: 15 sec)

Table 11 Command output

Field	Description
Link Hellos	Information about LDP discovery that sends Link Hellos on interfaces. In a non-point-to-point network, an interface might discover multiple peers.
Interface	Interface using basic discovery.
Hello Interval	Hello interval in milliseconds.
Hello Sent/Rcvd	Number of Hellos sent or received on the interface.
Transport Address	Local transport address.
Peer LDP ID	LDP identifier of the LDP peer.
Source Address	Source IP address of received Hello messages.
Transport Address	Transport address in the received Hello messages—the transport address of the LDP peer.
Hello Hold Time	Hello hold time in seconds. Local—Local hello hold time. Peer—Peer hello hold time. The negotiated hello hold time is the smaller value of the local and peer hold time values.

display mpls ldp fec

Use display mpls ldp fec to display LDP FEC-label mappings.

Syntax

In standalone mode:

display mpls ldp fec [ vpn-instance vpn-instance-name ] [ destination-address mask-length | summary ] [ standby slot slot-number ]

In IRF mode:

display mpls ldp fec [ vpn-instance vpn-instance-name ] [ destination-address mask-length | summary ] [ standby chassis chassis-number slot slot-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. The command displays FEC-label mappings for the specified VPN. If you do not specify a VPN instance, this command displays FEC-label mappings for the public network.

destination-address mask-length: Specifies an FEC by an IP address and a mask in the range of 0 to 32.

summary: Displays summary information about all FEC-label mappings learned by LDP.

standby: Displays backup LDP process information. If you do not specify this keyword, the command displays primary LDP process information.

slot slot-number: Specifies the slot number of the MPU where the standby process resides. (In standalone mode.)

Usage guidelines

If you do not specify the destination-address mask-length and summary parameters, this command displays detailed information about all FEC-label mappings learned by LDP.

Examples

# Display detailed information about all FEC-label mappings learned by LDP for the public network.

<Sysname> display mpls ldp fec

FEC: 100.100.100.18/32

Flags: 0x02

In Label: 1531

Label Advertisement Policy:

FEC Prefix-list: Fec-prefix-list

Peer Prefix-list: Peer-prefix-list

Upstream Info:

Peer: 100.100.100.18:0 State: Established (stale)

Downstream Info:

Peer: 100.100.100.18:0

Out Label: 3 State: Established (stale)

Next Hops: 202.118.224.18 Vlan17

100.19.100.18 Vlan20

FEC: 200.100.100.18/32 (No route)

Flags: 0x0

In Label: 1532

Upstream Info:

Peer: 200.200.200.28:0 State: Established

Downstream Info:

Peer: 120.100.100.18:0

Out Label: 3 State: Idle

Table 12 Command output

Field	Description
FEC	Forwarding equivalence class identified by an IP prefix.
Flags	FEC flags: · 0x01—Egress LSP. · 0x02—Ingress LSP. · 0x04—Waiting to add an outgoing label to RIB. · 0x08—Waiting to add an LSP to LSM. · 0x10—Non-egress LSP waiting for the recovery during a GR process. · 0x20—Ready to advertise labels.
In Label	Incoming label assigned by the local LSR to the FEC.
Label Advertisement Policy	Label advertisement policy.
FEC Prefix-list	IP prefix list for filtering FEC prefixes.
Peer Prefix-list	IP prefix list for filtering LDP peers.
Upstream Info	Upstream peer to which the local LSR advertised the FEC-label mapping and current state of the LSP.
Peer	LDP ID of an upstream peer.
State	Current state of the LSP established with the upstream peer: · Established—Active state. · Idle—Initial state. · Release Awaited—Waiting for a Release message. · Resource Awaited—Waiting for a label for the FEC. If the state is marked as stale, the FEC-label mapping is under a GR process.
Downstream Info	Downstream peer from which the local LSR received the FEC-label mapping, and current state of the LSP.
Peer	LDP ID of a downstream peer.
Out Label	Outgoing label assigned by the downstream LSR for the FEC.
State	Current state of the LSP established with the downstream peer: · Established—Active state. · Idle—Inactive state. If the state is marked as stale, the FEC-label mapping is under a GR process.
Next Hops	Next hops and outgoing interfaces.

# Display summary information about all FEC-label mappings learned by LDP for the public network.

<Sysname> display mpls ldp fec summary

FECs : 3

Implicit Null: 1

Explicit Null: 0

Non-Null : 2

No Label : 0

No Route : 0

Sent : 3

Received : 3

Table 13 Command output

Field	Description
FECs	Number of FECs that LDP has discovered from the routing protocol or FEC-label mappings advertised by peers.
Implicit Null	Number of FECs that are bound to the implicit null label.
Explicit Null	Number of FECs that are bound to the explicit null label.
Non-Null	Number of FECs that are bound to non-null labels.
No Label	Number of FECs without a label.
No Route	Number of FECs without matching routes.
Sent	Number of label mappings sent and being sent.
Received	Number of label mappings accepted.

display mpls ldp igp sync

Use display mpls ldp igp sync to display LDP-IGP synchronization information.

Syntax

display mpls ldp igp sync [ interface interface-type interface-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

interface interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, this command displays LDP-IGP synchronization information for all interfaces.

Example

# Display LDP-IGP synchronization information for all interfaces.

<Sysname> display mpls ldp igp sync

Vlan2:

IGP protocols: OSPF

Sync status: Ready

Peers:

10.1.1.2:0

Vlan3:

IGP protocols: OSPF, IS-IS

Sync status: Delayed (24 sec remaining)

Peers:

20.1.1.2:0

Vlan4:

LDP-IGP synchronization is disabled on the interface

Table 14 Command output

Field	Description
IGP protocols	IGP protocols that require LDP-IGP synchronization: OSPF and IS-IS.
Sync status	LDP-IGP synchronization state: · Ready—LDP is converged and is available for IGP. · Delayed—LDP is waiting to notify IGP of the convergence. remaining indicates the remaining time for the delay, in seconds. · Not ready—LDP is not converged and is not available for IGP. · LDP not enabled—LDP is not enabled on the interface.
Peers	LDP peer that completes LDP convergence on the interface.

display mpls ldp interface

Use display mpls ldp interface to display LDP interface information.

Syntax

display mpls ldp interface [ interface-type interface-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, this command displays information about all LDP interfaces.

Examples

# Display information about all LDP interfaces.

<Sysname> display mpls ldp interface

Interface MPLS LDP Auto-config

Vlan17 Enabled Configured -

Table 15 Command output

Field	Description
Interface	Interface enabled with LDP.
MPLS	Whether the interface is enabled with MPLS.
LDP	Whether the interface is configured with the mpls ldp enable command.
Auto-config	LDP automatic configuration information. This field is not supported in the current software version and is reserved for future support.

Related commands

· mpls ldp

· mpls ldp enable

display mpls ldp lsp

Use display mpls ldp lsp to display information about LSPs generated by LDP.

Syntax

display mpls ldp lsp [ vpn-instance vpn-instance-name ] [ destination-address mask-length ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. The command displays LDP LSP information for the specified VPN. If you do not specify a VPN instance, this command displays LDP LSP information for the public network.

destination-address mask-length: Specifies an FEC by an IP address and a mask length in the range of 0 to 32. If you do not specify an FEC, this command displays information about LDP LSPs for all FECs.

Examples

# Display LDP LSP information for the public network.

<Sysname> display mpls ldp lsp

Status Flags: * - stale, L - liberal, B - backup

Statistics:

FECs: 4 Ingress LSPs: 1 Transit LSPs: 1 Egress LSPs: 3

FEC In/Out Label Nexthop OutInterface

1.1.1.1/32 -/3 10.1.1.1 Vlan17

1151/3 10.1.1.1 Vlan20

-/1025(B) 30.1.1.1 Vlan30

1151/1025(B) 30.1.1.1 Vlan40

2.2.2.2/32 3/-

-/1151(L)

10.1.1.0/24 1149/-

-/1149(L)

192.168.1.0/24 1150/-

-/1150(L)

Table 16 Command output

Field	Description
Status Flags	LSP status: · *—Stale, indicating the LSP is under a GR process. · L—Liberal, indicating the LSP is not available. · B—Backup, indicating a backup LSP.
FECs	Total number of FECs.
Ingress LSPs	Number of LSPs that take the local device as the ingress node.
Transit LSPs	Number of LSPs that take the local device as a transit node.
Egress LSPs	Number of LSPs that take the local device as the egress node.
FEC	Forwarding equivalence class identified by an IP prefix.
In/Out Label	Incoming/outgoing label.
Nexthop	Next hop address for the FEC.
OutInterface	Outgoing interface for the FEC.

Related commands

display mpls lsp

display mpls ldp parameter

Use display mpls ldp parameter to display LDP running parameters.

Syntax

display mpls ldp parameter [ vpn-instance vpn-instance-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. The command displays the LDP running parameters for the specified VPN. If you do not specify a VPN instance, this command displays the LDP running parameters for the public network.

Examples

# Display LDP running parameters for the public network.

<Sysname> display mpls ldp parameter

Global Parameters:

Protocol Version : V1 IGP Sync Delay on Restart : 90 sec

Nonstop Routing : Off Graceful Restart : Off

Reconnect Time : 120 sec Forwarding State Hold Time: 360 sec

Instance Parameters:

Instance ID : 0 Instance State : Active

LSR ID : 0.0.0.0

Loop Detection : Off

Hop Count Limit : 32 Path Vector Limit : 32

Label Retention Mode: Liberal Label Distribution Control Mode: Ordered

IGP Sync Delay : 0 sec

Table 17 Command output

Field	Description
Global Parameters	Global parameters for all LDP-enabled networks.
Protocol Version	LDP protocol version.
IGP Sync Delay on Restart	Maximum delay time (in seconds) that LDP must wait before it notifies IGP of an LDP session-up event when there is an LDP restart.
Nonstop Routing	Whether the nonstop routing function is enabled: · On—Enabled. · Off—Disabled.
Graceful Restart	Whether the GR function is enabled: · On—Enabled. · Off—Disabled.
Reconnect Time	Value of the Reconnect timer, in seconds.
Forwarding State Hold Time	Value of the MPLS Forwarding State Holding timer, in seconds.
Instance Parameters	Running parameters for a specific VPN instance or public network.
Instance ID	VPN instance ID. For the public network, this field displays 0.
Instance State	LDP status in the VPN instance, Active or Inactive.
LSR ID	LSR ID of the local device.
Loop Detection	Whether loop detection is enabled: · On—Enabled. · Off—Disabled.
Hop Count Limit	Hop count limit specified for loop detection.
Path Vector Limit	Path Vector length limit specified for loop detection.
Label Retention Mode	The device supports only the Liberal mode.
IGP Sync Delay	Delay time (in seconds) that LDP must wait before it notifies IGP of an LDP session-up event.

display mpls ldp peer

Use display mpls ldp peer to display the LDP peer and session information.

Syntax

In standalone mode:

display mpls ldp peer [ vpn-instance vpn-instance-name ] [ peer-lsr-id ] [ verbose ] [ standby slot slot-number ]

In IRF mode:

display mpls ldp peer [ vpn-instance vpn-instance-name ] [ peer-lsr-id ] [ verbose ] [ standby chassis chassis-number slot slot-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. The command displays LDP peer and session information for the specified VPN. If you do not specify a VPN instance, this command displays the LDP peer and session information for the public network.

peer peer-lsr-id: Specifies an LDP peer by its LSR ID. If you do not specify this option, the command displays all LDP peers and related session information.

verbose: Displays detailed LDP peer and session information. If you do not specify this keyword, the command displays brief LDP peer and session information.

standby: Displays backup LDP process information. If you do not specify this keyword, the command displays primary LDP process information.

slot slot-number: Specifies the slot number of the MPU where the standby process resides. (In standalone mode.)

Examples

# Display brief information about all LDP peers and LDP sessions for the public network.

<Sysname> display mpls ldp peer

Total number of peers: 1

Peer LDP ID State Role GR MD5 KA Sent/Rcvd

2.2.2.9:0 Operational Passive Off Off 39/39

Table 18 Command output

Field	Description
Peer LDP ID	LDP identifier of the peer.
State	State of the LDP session between the local LSR and the peer: · Non Existent—No TCP connection is established. · Initialized—A TCP connection has been established. · OpenRecv—LDP has received an acceptable initialization message. · OpenSent—LDP has sent an initialization message. · Operational—An LDP session has been established.
Role	Role of the local LSR in the session, Active or Passive. In a session, the LSR with a higher IP address takes the Active role. The Active LSR initiates a TCP connection to the passive LSR.
GR	Whether GR is enabled on the peer: · On—Enabled. · Off—Disabled.
MD5	Whether MD5 authentication is enabled for the LDP session on the local device: · On—Enabled. · Off—Disabled.
KA Sent/Rcvd	Number of keepalive messages sent/received.

# Display detailed information about all LDP peers and LDP sessions for the public network.

<Sysname> display mpls ldp peer verbose

Peer LDP ID : 100.100.100.20:0

Local LDP ID : 100.100.100.17:0

TCP Connection : 100.100.100.20:47515 -> 100.100.100.17:646

Session State : Operational Session Role : Passive

Session Up Time : 0000:00:03 (DD:HH:MM)

Max PDU Length : 4096 bytes (Local: 4096 bytes, Peer: 4096 bytes)

Keepalive Time : 45 sec (Local: 45 sec, Peer: 45 sec)

Keepalive Interval : 15 sec

Msgs Sent/Rcvd : 288/426

KA Sent/Rcvd : 13/13

Label Adv Mode : DU Graceful Restart : On

Reconnect Time : 120 sec Recovery Time : 360 sec

Loop Detection : On Path Vector Limit: 32

Discovery Sources:

Vlan-interface17

Hello Hold Time: 15 sec Hello Interval : 5000 ms

Label Acceptance Policy : prefix-from-20

Session Protection : Off

Addresses received from peer:

202.118.224.20 100.100.100.20 11.22.33.44 1.2.3.10

1.2.3.4

Table 19 Command output

Field	Description
Peer LDP ID	LDP identifier of the peer.
Local LDP ID	LDP identifier of the local LSR.
TCP connection	TCP connection information for the session, including the IP addresses and port numbers used by both ends of the TCP connection, and whether MD5 authentication is enabled for the TCP connection. If MD5 authentication is enabled, MD5 On is displayed. If MD5 is not enabled, this field is blank.
Session State	State of the LDP session: · Non Existent—No TCP connection is established. · Initialized—A TCP connection has been established. · OpenRecv—LDP has received an acceptable initialization message. · OpenSent—LDP has sent an initialization message. · Operational—An LDP session has been established.
Session Role	Role the local LSR in the session, Active or Passive.
Session Up time	Duration of the session in Operational state.
Max PDU Length	Maximum PDU length negotiated, in bytes. Local—Maximum PDU length (in bytes) on the local LSR. Peer—Maximum PDU length (in bytes) on the peer.
Keepalive Time	Keepalive time negotiated, in seconds. Local—Locally configured Keepalive holding time, in seconds. Peer—Keepalive holding time (in seconds) configured on the peer.
Keepalive Interval	Keepalive interval in seconds.
Msgs Sent/Rcvd	Total number of LDP messages sent and received.
KA Sent/Rcvd	Total number of Keepalive messages sent and received.
Label Adv Mode	Label advertisement mode negotiated. The device only supports the DU mode.
Graceful Restart	Whether GR is enabled on the peer: · On—Enabled. · Off—Disabled.
Reconnect Time	Reconnect time negotiated, in seconds.
Recovery Time	Recovery time (in seconds) carried in packets sent by the peer.
Loop Detection	Whether loop detection is enabled on the peer: · On—Enabled. · Off—Disabled.
Path Vector Limit	Maximum Path Vector length configured on the peer.
Discovery Sources	Discovery source of the LDP peer.
Vlan-interface17	Interface running LDP basic discovery. The device discovers the LDP peer by sending Link Hellos out of the interface.
Hello Hold Time	Hello hold time negotiated, in seconds.
Hello Interval	Current Hello interval, in milliseconds.
Label Acceptance Policy	Label acceptance policy used to filter label mappings received from the peer.
Session Protection	Whether session protection is enabled. This field is not supported in the current software release.
Addresses received from peer	IP addresses received from the peer.

display mpls ldp summary

Use display mpls ldp summary to display LDP summary information.

Syntax

In standalone mode:

display mpls ldp summary [ all | vpn-instance vpn-instance-name ] [ standby slot slot-number ]

In IRF mode:

display mpls ldp summary [ all | vpn-instance vpn-instance-name ] [ standby chassis chassis-number slot slot-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

all: Displays LDP summary information for the public network and all VPN instances.

vpn-instance vpn-instance-name: Displays LDP summary information for the specified VPN. The vpn-instance-name argument is a case-sensitive string of 1 to 31 characters.

standby: Displays backup LDP process information. If you do not specify this keyword, the command displays primary LDP process information.

slot slot-number: Specifies the slot number of the MPU where the standby process resides. (In standalone mode.)

Usage guidelines

If you do not specify any parameters, this command displays LDP summary information for the public network.

Examples

# Display LDP summary information for the public network.

<Sysname> display mpls ldp summary

VPN Instance Name : Public

Instance ID : 0

Instance State : Active

Interfaces : 1 (1 active)

Targeted Peers : 0

Adjacencies : 1

Peers : 1

Operational : 1 (0 GR)

OpenSent : 0

OpenRecv : 0

Initialized : 0

Non-Existent: 0

Table 20 Command output

Field	Description
Instance ID	VPN instance identifier. A value of 0 represents the public network.
Instance State	LDP status in the VPN instance, Active or Inactive.
Interfaces	Number of interfaces enabled with LDP. active: Number of interfaces running LDP.
Targeted Peers	Number of peers discovered by the LDP extended discovery mechanism, including the manually specified peers and the automatically established peers. This field is not supported in the current software release.
Adjacencies	Number of Hello adjacencies.
Peers	Total number of peers.
Operational	Number of peers in Operational state. GR: Number of GR-capable peers.
OpenSent	Number of peers in OpenSent state.
OpenRecv	Number of peers in OpenRecv state.
Initialized	Number of peers in Initialized state.
Non-Existent	Number of peers in Non-Existent state.

graceful-restart

Use graceful-restart to enable Graceful Restart (GR) for LDP.

Use undo graceful-restart to disable LDP GR.

Syntax

graceful-restart

undo graceful-restart

Default

LDP GR is disabled.

Views

LDP view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

GR enables an LSR to retain MPLS forwarding entries during an LDP restart, ensuring continuous MPLS forwarding.

The graceful-restart command does not take effect for LDP sessions established before the command is executed. To apply the new setting, execute the reset mpls ldp command to re-establish LDP sessions.

Examples

# Enable GR for LDP.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] graceful-restart

Related commands

· display mpls ldp parameter

· reset mpls ldp

graceful-restart timer

Use graceful-restart timer to configure the MPLS Forwarding State Holding timer and the Reconnect timer for GR.

Use undo graceful-restart timer to restore the default.

Syntax

graceful-restart timer { forwarding-hold hold-time | reconnect reconnect-time }

undo graceful-restart timer { forwarding-hold | reconnect }

Default

The MPLS Forwarding State Holding timer is 180 seconds and the Reconnect timer is 120 seconds.

Views

LDP view

Predefined user roles

network-admin

mdc-admin

Parameters

forwarding-hold hold-time: Specifies the MPLS Forwarding State Holding time in the range of 60 to 600 seconds. This time specifies how long the local LSR retains its MPLS forwarding entries after the control plane of the local LSR restarts.

reconnect timeout: Specifies the Reconnect time in the range of 60 to 300 seconds. This time specifies the period the local LSR expects the peer to wait for LDP session re-establishment after the peer detects an LDP session failure. The local LSR sends the Reconnect time to the peer.

Usage guidelines

The MPLS Forwarding State Holding time must be greater than the Reconnect time.

In a GR process, the timers work as follows:

1. When LDP restarts, the GR restarter starts the MPLS Forwarding State Holding timer, and marks the MPLS forwarding entries as stale. When a GR helper detects that the LDP session with the GR restarter is down, it performs the following tasks:

a. Marks the FEC-label mappings learned from the session as stale.

b. Starts the Reconnect timer received from the GR restarter.

2. After the LDP restart, the GR restarter re-establishes an LDP session with the GR helper.

¡ If the LDP session is not set up before the Reconnect timer expires, the GR helper deletes stale FEC-label mappings and corresponding MPLS forwarding entries.

¡ If the LDP session is successfully set up before the Reconnect timer expires, the GR restarter sends the remaining time of the MPLS Forwarding State Holding timer to the GR helper.

The remaining time is sent as the LDP Recovery time.

3. After the LDP session is re-established, the GR helper starts the LDP Recovery timer.

4. The GR restarter and the GR helper exchange label mappings and update their MPLS forwarding tables.

The GR restarter compares each received label mapping against stale MPLS forwarding entries. If a match is found, the restarter deletes the stale mark for the matching entry. Otherwise, it adds a new entry for the label mapping.

The GR helper compares each received label mapping against stale FEC-label mappings. If a match is found, the helper deletes the stale mark for the matching mapping. Otherwise, it adds the received FEC-label mapping and a new MPLS forwarding entry for the mapping.

5. When the MPLS Forwarding State Holding timer expires, the GR restarter deletes all stale MPLS forwarding entries.

6. When the LDP Recovery timer expires, the GR helper deletes all stale FEC-label mappings.

Examples

# Set the MPLS Forwarding State Holding time to 200 seconds, and the Reconnect time to 100 seconds.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] graceful-restart timer forwarding-hold 200

[Sysname-ldp] graceful-restart timer reconnect 100

Related commands

· display mpls ldp parameter

· graceful-restart

igp sync delay

Use igp sync delay to configure the delay for LDP to notify IGP of the LDP convergence completion.

Use undo igp sync delay to restore the default.

Syntax

igp sync delay time

undo igp sync delay

Default

LDP immediately notifies IGP of the LDP convergence completion.

Views

LDP view

Predefined user roles

network-admin

mdc-admin

Parameters

time: Specifies the notification delay in the range of 5 to 300 seconds.

Usage guidelines

LDP convergence on a link is completed when the following conditions exist:

· The local device establishes an LDP session to at least one peer, and the LDP session is already in Operational state.

· The local device has distributed the label mappings to at least one peer.

If LDP notifies IGP immediately after convergence, MPLS traffic forwarding might be interrupted in one of the following scenarios:

· LDP peers use the Ordered label distribution control mode. When LDP notifies IGP of the LDP convergence, the device has not received a label mapping from downstream.

· A large number of label mappings are distributed from downstream. When LDP notifies IGP of the LDP convergence completion, label advertisement is not completed.

In these scenarios, you must use the igp sync delay command to configure the notification delay. When LDP convergence on a link is completed, LDP waits a delay time before notifying IGP of the LDP convergence completion to reduce traffic interruption.

Examples

# Configure a 30-second delay for LDP to notify IGP of the LDP convergence.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] igp sync delay 30

Related commands

· igp sync delay on-restart

· mpls ldp igp sync disable

· mpls ldp sync (IS-IS view)

· mpls ldp sync (OSPF view/OSPF area view)

igp sync delay on-restart

Use igp sync delay on-restart to configure the maximum delay for LDP to notify IGP of the LDP-IGP synchronization status after an LDP restart or an active/standby switchover occurs.

Use undo igp sync delay on-restart to restore the default.

Syntax

igp sync delay on-restart time

undo igp sync delay on-restart

Default

The maximum notification delay is 90 seconds.

Views

LDP view

Predefined user roles

network-admin

mdc-admin

Parameters

time: Specifies the maximum notification delay in the range of 60 to 600 seconds.

Usage guidelines

When an LDP restart or an active/standby switchover occurs, LDP takes time to converge. LDP notifies IGP of the LDP-IGP synchronization status as follows:

· If a notification delay is not configured, LDP immediately notifies IGP of the current synchronization states during convergence, and then updates the states after LDP convergence. This could impact IGP processing.

· If a notification delay is configured, LDP notifies IGP of the synchronization states in bulk when one of the following events occurs:

¡ LDP recovers to the state before the restart or switchover.

¡ The maximum delay timer expires.

Examples

# Configure a 300-second maximum delay for LDP to notify IGP of the LDP-IGP synchronization status after an LDP restart or active/standby switchover occurs.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] igp sync delay on-restart 300

Related commands

· igp sync delay

· mpls ldp igp sync disable

· mpls ldp sync (IS-IS view)

· mpls ldp sync (OSPF view/OSPF area view)

label-distribution

Use label-distribution to configure the label distribution control mode.

Use undo label-distribution to restore the default.

Syntax

label-distribution { independent | ordered }

undo label-distribution

Default

The label distribution control mode is ordered.

Views

LDP view, LDP-VPN instance view

Predefined user roles

network-admin

mdc-admin

Parameters

independent: Specifies Independent label distribution mode. In this mode, an LSR can distribute label mappings to the upstream LSR at any time.

ordered: Specifies Ordered label distribution mode. In this mode, an LSR distributes a label mapping for an FEC to the upstream LSR only when one of the following events occurs:

· The LSR receives a label mapping for that FEC from the downstream LSR.

· The LSR is the egress node of that FEC.

Usage guidelines

In Ordered mode, an LSR can determine that the downstream LSR has established an LSP when the LSR receives an FEC-label mapping from the downstream LSR.

The Independent mode enables faster LSP convergence because each LSR independently advertises labels without waiting for labels from downstream LSRs.

Examples

# Set the Independent LDP label distribution mode for the public network.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] label-distribution independent

Related commands

display mpls ldp parameter

loop-detect

Use loop-detect to enable loop detection.

Use undo loop-detect to disable loop detection.

Syntax

loop-detect

undo loop-detect

Default

Loop detection is disabled.

Views

LDP view, LDP-VPN instance view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

This command enables LDP to detect and terminate LSP loops. LDP loop detection uses one of the following methods:

· Hop count. For more information, see "maxhops."

· Path vector. For more information, see "pv-limit."

Use LDP loop detection only in networks with devices that do not support TTL mechanism such as ATM switches. Do not use LDP loop detection on other networks because it only results in extra LDP overhead.

Examples

# Enable LDP loop detection for the public network.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] loop-detect

Related commands

· display mpls ldp parameter

· maxhops

· pv-limit

lsp-trigger

Use lsp-trigger to configure an LSP generation policy.

Use undo lsp-trigger to restore the default.

Syntax

lsp-trigger { all | prefix-list prefix-list-name }

undo lsp-trigger

Default

LDP can only use host routes with a 32-bit mask to generate LSPs.

Views

LDP view, LDP-VPN instance view

Predefined user roles

network-admin

mdc-admin

Parameters

all: Enables LDP to use all routes to generate LSPs.

prefix-list prefix-name: Specifies an IP prefix list by its name, a case-sensitive string of 1 to 63 characters. LDP can only use the routes permitted by the IP prefix list to generate LSPs.

Usage guidelines

The default LSP generation policy depends on the label distribution control mode.

· In Ordered mode, LDP can only use the Loopback interface address routes with a 32-bit mask and the routes with a 32-bit mask that match the FECs of label mappings received from downstream LSRs to generate LSPs.

· In Independent mode, LDP can use all routes with a 32-bit mask to generate LSPs.

After you configure an LSP generation policy, LDP uses all routes or the routes permitted by the IP prefix list to generate LSPs, regardless of the label distribution control mode.

As a best practice, use the default LSP generation policy.

Examples

# Configure an LSP generation policy to use only routes 10.10.1.0/24 and 10.20.1.0/24 to establish LSPs for the public network.

<Sysname> system-view

[Sysname] ip prefix-list egress-fec-list index 1 permit 10.10.1.0 24

[Sysname] ip prefix-list egress-fec-list index 2 permit 10.20.1.0 24

[Sysname] mpls ldp

[Sysname-ldp] lsp-trigger prefix-list egress-fec-list

Related commands

ip prefix-list (Layer 3—IP Services Command Reference)

lsr-id

Use lsr-id to configure an LDP LSR ID.

Use undo lsr-id to delete the configured LDP LSR ID.

Syntax

lsr-id lsr-id

undo lsr-id

Default

No LDP LSR ID is configured. LDP uses the MPLS LSR ID configured by the mpls lsr-id command for both the public network and VPN instances.

Views

LDP view, LDP-VPN instance view

Predefined user roles

network-admin

mdc-admin

Parameters

lsr-id: Specifies an LDP LSR ID, in dotted decimal notation.

Usage guidelines

If you configure an LDP LSR ID by using the lsr-id command in LDP view or LDP-VPN instance view, LDP uses the LDP LSR ID. Otherwise, LDP uses the LSR-ID configured by the mpls lsr-id command.

LDP uses the same LSR ID for all sessions in the same VPN instance. After you configure a new LSR ID for a VPN instance, LDP does not use the new LSR ID unless the reset mpls ldp command is executed. The reset mpls ldp command re-establishes all LDP sessions in the VPN instance.

As a best practice, use the default LDP LSR ID configured by the mpls lsr-id command for the public network. If you want to configure an LDP LSR ID for the public network by using the lsr-id command, specify the IP address of a local Loopback interface as the LDP LSR ID for high reliability.

Examples

# Configure the LDP LSR ID as 2.2.2.2 for the public network.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] lsr-id 2.2.2.2

Related commands

· display mpls ldp parameter

· mpls lsr-id

maxhops

Use maxhops to specify the maximum hop count for loop detection.

Use undo maxhops to restore the default.

Syntax

maxhops hop-number

undo maxhops

Default

The maximum hop count for loop detection is 32.

Views

LDP view, LDP-VPN instance view

Predefined user roles

network-admin

mdc-admin

Parameters

hop-number: Specifies the maximum hop count for loop detection, in the range of 1 to 32.

Usage guidelines

LDP adds a hop count in a label request or label mapping message. The hop count increments by 1 on each LSR. When the hop count reaches the maximum hop count configured by this command, LDP considers that a loop occurs and terminates LSP establishment.

Set a proper maximum hop count according to the number of LSRs in your network. For example, set a smaller maximum hop count in small networks to allow for fast loop detection. Set a higher maximum hop count in large networks to make sure LSPs can be successfully established.

Examples

# Set the maximum hop count to 25 for loop detection in the public network.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] maxhops 25

Related commands

· display mpls ldp parameter

· loop-detect

· pv-limit

md5-authentication

Use md5-authentication to enable LDP MD5 authentication.

Use undo md5-authentication to disable LDP MD5 authentication.

Syntax

md5-authentication peer-lsr-id { cipher | plain } password

undo md5-authentication peer-lsr-id

Default

LDP MD5 authentication is disabled.

Views

LDP view, LDP-VPN instance view

Predefined user roles

network-admin

mdc-admin

Parameters

peer-lsr-id: Specifies the LSR ID of a peer.

cipher: Sets a ciphertext key.

plain: Sets a plaintext key.

password: Specifies a case-sensitive key string. If plain is specified, it must be a plaintext string of 1 to 16 characters. If cipher is specified, it must be a ciphertext string of 1 to 53 characters.

For security purposes, all keys, including keys configured in plain text, are saved in cipher text.

Usage guidelines

To improve security for LDP sessions, you can configure MD5 authentication for the underlying TCP connections to check the integrity of LDP messages.

The local LSR and the peer LSR must have the same key. Otherwise, they cannot establish a TCP connection.

After you change the MD5 authentication key, the local LSR uses the new key to re-establish an LDP session with the specified peer.

Examples

# Enable LDP MD5 authentication for peer 3.3.3.3 in the public network, and set a plaintext key of pass.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] md5-authentication 3.3.3.3 plain pass

Related commands

display mpls ldp peer

mpls ldp

Use mpls ldp to enable LDP globally for an LSR and enter LDP view.

Use undo mpls ldp to disable LDP globally for an LSR and delete all LDP-VPN instances.

Syntax

mpls ldp

undo mpls ldp

Default

LDP is globally disabled.

Views

System view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

You must enable LDP globally for an LSR to run LDP.

The NSR and GR commands are available only in LDP view. All other commands available in LDP view are also available in LDP-VPN instance view.

Commands executed in LDP view take effect only for the public network. Commands executed in LDP-VPN instance view take effect only for the specified VPN instance. The NSR and GR commands are global commands and take effect for all VPN instances and the public network.

Examples

# Enable LDP globally and enter LDP view.

<Sysname> System-view

[Sysname] mpls ldp

[Sysname-ldp]

Related commands

· mpls ldp enable

· vpn-instance

mpls ldp enable

Use mpls ldp enable to enable LDP for an interface.

Use undo mpls ldp enable to disable LDP for an interface.

Syntax

mpls ldp enable

undo mpls ldp enable

Default

LDP is disabled on an interface.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

Before you enable LDP for an interface, use the mpls ldp command in system view to enable LDP globally.

Disabling LDP on an interface terminates all LDP sessions on the interface, and removes all LSPs established through the sessions.

If the interface is bound with a VPN instance, you must also use the vpn-instance command to enable LDP for the VPN instance.

An up interface enabled with LDP and MPLS sends Link Hellos for neighbor discovery.

Examples

# Enable LDP for interface VLAN-interface 2.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] quit

[Sysname] interface vlan-interface 2

[Sysname-Vlan-interface2] mpls ldp enable

Related commands

· display mpls ldp interface

· mpls enable

· mpls ldp

mpls ldp igp sync disable

Use mpls ldp igp sync disable to disable LDP-IGP synchronization on an interface.

Use undo mpls ldp igp sync disable to restore the default.

Syntax

mpls ldp igp sync disable

undo mpls ldp igp sync disable

Default

LDP-IGP synchronization is enabled on an interface.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

After you enable LDP-IGP synchronization for an OSPF area or an IS-IS process, LDP-IGP synchronization is enabled on the OSPF or IS-IS process interfaces by default. To disable LDP-IGP synchronization on an interface, execute the mpls ldp igp sync disable command on that interface.

Examples

# Disable LDP-IGP synchronization on VLAN-interface 2.

<Sysname> System-view

[Sysname] interface vlan-interface 2

[Sysname-Vlan-interface2] mpls ldp igp sync disable

Related commands

· mpls ldp sync (IS-IS view)

· mpls ldp sync (OSPF view/OSPF area view)

mpls ldp sync (IS-IS view)

Use mpls ldp sync to enable LDP-ISIS synchronization.

Use undo mpls ldp sync to disable LDP-ISIS synchronization.

Syntax

mpls ldp sync [ level-1 | level-2 ]

undo mpls ldp sync [ level-1 | level-2 ]

Default

LDP-ISIS synchronization is disabled.

Views

IS-IS view

Predefined user roles

network-admin

mdc-admin

Parameters

level-1: Specifies Level-1 of the IS-IS process.

level-2: Specifies Level-2 of the IS-IS process.

Usage guidelines

LDP establishes LSPs based on the IGP optimal route. If LDP is not synchronized with IGP, MPLS traffic forwarding might be interrupted. The LDP-IGP synchronization function is used to solve the synchronization problem.

After LDP-IGP synchronization is enabled, IGP advertises the actual cost of a link only when LDP convergence on the link is completed. Before LDP is converged, IGP advertises the maximum cost of the link. As a result, the link is visible on the IGP topology, but IGP does not select the link as the optimal route when other links are available. In this way, the device can avoid discarding MPLS packets due to lack of LDP LSP on the optimal route.

LDP-IGP synchronization is not supported for an IS-IS process that belongs to a VPN instance.

If you do not specify any keywords, this command enables LDP-ISIS synchronization for both Level-1 and Level-2.

If you use this command multiple times, the most recent configuration takes effect. For example, if you execute the mpls ldp sync level-1 command after you execute the mpls ldp sync command, LDP-ISIS synchronization is enabled for Level-1 but disabled for Level-2.

Examples

# Enable LDP-ISIS synchronization for Level-2 of IS-IS process 1.

<Sysname> system-view

[Sysname] isis 1

[Sysname-isis-1] mpls ldp sync level-2

Related commands

· display mpls ldp igp sync

· igp sync delay

· igp sync delay on-restart

· mpls ldp igp sync disable

mpls ldp sync (OSPF view/OSPF area view)

Use mpls ldp sync to enable LDP-OSPF synchronization.

Use undo mpls ldp sync to disable LDP-OSPF synchronization.

Syntax

mpls ldp sync

undo mpls ldp sync

Default

LDP-OSPF synchronization is disabled.

Views

OSPF view, OSPF area view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

LDP-IGP synchronization is not supported for an OSPF process and its OSPF areas if the OSPF process belongs to a VPN instance.

To enable LDP-OSPF synchronization for an OSPF area, use this command in OSPF area view. To enable LDP-OSPF synchronization for all areas of an OSPF process, use this command in OSPF view.

Examples

# Enable LDP-OSPF synchronization for OSPF process 1.

<Sysname> system-view

[Sysname] ospf 1

[Sysname-ospf-1] mpls ldp sync

Related commands

· display mpls ldp igp sync

· igp sync delay

· igp sync delay on-restart

· mpls ldp igp sync disable

mpls ldp timer

Use mpls ldp timer to configure the Hello hold time, Hello interval, Keepalive hold time, and Keepalive interval.

Use undo mpls ldp timer to restore the default.

Syntax

mpls ldp timer { hello-hold timeout | hello-interval interval | keepalive-hold timeout | keepalive-interval interval }

undo mpls ldp timer { hello-hold | hello-interval | keepalive-hold | keepalive-interval }

Default

· The Link Hello hold time is 15 seconds.

· The Link Hello interval is 5 seconds.

· The Keepalive hold time is 45 seconds.

· The Keepalive interval is 15 seconds.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

hello-hold timeout: Specifies the Hello hold time in the range of 1 to 65535 seconds. LDP keeps the hello adjacency during the Hello hold time. The negotiated Hello hold time takes the smaller value of the local Hello hold time and the peer Hello hold time. If LDP receives no Hello message from the peer before the Hello hold timer expires, LDP deletes the Hello adjacency with the peer. If you set the Hello hold time to 65535, LDP permanently keeps the Hello adjacency.

hello-interval interval: Specifies the Hello interval in the range of 1 to 65535 seconds. LDP sends Hello messages at this interval.

keepalive-hold timeout: Specifies the Keepalive hold time in the range of 15 to 65535 seconds. LDP keeps the LDP session with the peer during the Keepalive hold time. The negotiated Keepalive hold time takes the smaller value of the local Keepalive hold time and the peer Keepalive hold time. If LDP receives no LDP message from the peer before the Keepalive hold timer expires, LDP deletes the LDP session with the peer.

keepalive-interval interval: Specifies the Keepalive interval in the range of 1 to 65535 seconds. LDP sends Keepalive messages to the peer at this interval.

Usage guidelines

If the Hello hold time and the Keepalive hold time values are too large, LDP cannot quickly detect link failures. If the values are too small, LDP might mistakenly consider a normal link failed. As a best practice, use the default values.

If two LSRs have multiple LDP links in between, make sure those links have the same Keepalive hold time.

During LDP session negotiation, an LSR compares the local Hello hold time with the peer LSR's Hello hold time carried in Hellos. Then, the LSR uses the smaller one as the negotiated Hello hold time. If the negotiated Hello hold time is larger than three times the local Hello interval, the LSR sends Hello messages at the local Hello interval. Otherwise, the LSR sends Hello messages at an interval 1/3 of the negotiated Hello hold time.

During LDP session negotiation, an LSR compares the local Keepalive hold time with the Keepalive hold time of the peer LSR by exchanging Initialization messages. Then, the LSR uses the smaller one as the negotiated Keepalive hold time. If the negotiated Keepalive hold time is larger than three times the local Keepalive interval, the LSR sends Keepalive messages at the local Keepalive interval. Otherwise, the LSR sends Keepalive messages at an interval 1/3 of the negotiated Keepalive hold time.

Examples

# On VLAN-interface 2, set the Link Hello hold time to 100 seconds, Link Hello interval to 20 seconds, Keepalive hold time to 50 seconds, and Keepalive interval to 10 seconds.

<Sysname> System-view

[Sysname] interface vlan-interface 2

[Sysname-Vlan-interface2] mpls ldp timer hello-hold 100

[Sysname-Vlan-interface2] mpls ldp timer hello-interval 20

[Sysname-Vlan-interface2] mpls ldp timer keepalive-hold 50

[Sysname-Vlan-interface2] mpls ldp timer keepalive-interval 10

Related commands

· display mpls ldp discovery

· display mpls ldp peer

mpls ldp transport-address

Use mpls ldp transport-address to specify the LDP transport address.

Use undo mpls ldp transport-address to restore the default.

Syntax

mpls ldp transport-address { ip-address | interface }

undo mpls ldp transport-address

Default

If the interface belongs to the public network, the LDP transport address is the local LSR ID. If the interface belongs to a VPN, the LDP transport address is the primary IP address of the interface.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

ip-address: Specifies the LDP transport address.

interface: Uses the IP address of the current interface as the LDP transport address.

Usage guidelines

Before two LSRs establish an LDP session, they must establish a TCP connection by using the LDP transport address. LDP sends the local LDP transport address to the peer in Link Hello messages.

As a best practice, use the default transport address.

If two LSRs have multiple links in between and you want to establish an LDP session on each link, make sure all the links use the same transport address.

Examples

# On interface VLAN-interface 2, specify the transport address carried in Link Hellos as the IP address of the interface.

<Sysname> System-view

[Sysname] interface vlan-interface 2

[Sysname-Vlan-interface2] mpls ldp transport-address interface

Related commands

display mpls ldp discovery

non-stop-routing

Use non-stop-routing to enable LDP NSR.

Use undo non-stop-routing to disable LDP NSR.

Syntax

non-stop-routing

undo non-stop-routing

Default

LDP NSR is disabled.

Views

LDP view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

LDP nonstop routing (NSR) backs up protocol states and data (including LDP session and LSP information) from the active process to the standby process. After the LDP active process fails, the standby process becomes active and takes over processing seamlessly. The LDP peers are not notified of the LDP interruption. The LDP session stays in Operational state, and the forwarding is not interrupted.

The LDP active process fails when one of the following events occurs:

· The active process restarts.

· The MPU where the active process resides fails.

· The MPU where the active process resides performs an ISSU.

Both LDP NSR and LDP GR ensure continuous traffic forwarding. Choose either feature as needed. They have the following differences:

· Device requirements—To use LDP NSR, the device must have two or more MPUs, and the active and standby processes for LDP reside on different MPUs. To use LDP GR, the device can have only one MPU on the device.

· LDP peer requirements—With LDP NSR, LDP peers of the local device are not aware of any switchover events on the local device. The local device does not require the help of a peer to restore the MPLS forwarding information. With LDP GR, the LDP peer must be able to identify the GR capability flag (in the Initialization message) of the GR restarter. The LDP peer acts as a GR helper to help the GR restarter to restore MPLS forwarding information.

Example

# Enable LDP NSR.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] non-stop-routing

Related commands

· display mpls ldp discovery

· display mpls ldp fec

· display mpls ldp peer

· display mpls ldp summary

pv-limit

Use pv-limit to specify the path vector limit.

Use undo pv-limit to restore the default.

Syntax

pv-limit pv-number

undo pv-limit

Default

The path vector limit is 32.

Views

LDP view, LDP-VPN instance view

Predefined user roles

network-admin

mdc-admin

Parameters

pv-number: Specifies the path vector limit in the range of 1 to 32.

Usage guidelines

LDP adds LSR ID information in a label request or label mapping message. Each LSR checks whether its LSR ID is contained in the message.

· If it is not, the LSR adds its own LSR ID into the message.

· If it is, the LSR considers that a loop occurs and terminates LSP establishment.

In addition, when the number of LSR IDs in the message reaches the path vector limit, LDP also considers that a loop occurs and terminates LSP establishment.

Examples

# Set the path vector limit to 3 for LDP loop detection in the public network.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] pv-limit 3

Related commands

· display mpls ldp parameter

· loop-detect

· maxhops

reset mpls ldp

Use reset mpls ldp to reset LDP sessions.

Syntax

reset mpls ldp [ vpn-instance vpn-instance-name ] [ peer peer-id ]

Views

User view

Predefined user roles

network-admin

mdc-admin

Parameters

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. This command resets the LDP sessions in the specified VPN. If you do not specify a VPN instance, this command resets the LDP sessions in the public network.

peer peer-id: Specifies a peer by its LSR ID. If you do not specify a peer, this command resets all LDP sessions in the specified VPN instance or the public network.

Usage guidelines

Resetting an LDP session deletes and re-establishes the session and all LSPs based on the session.

Changes to LDP session parameters take effect only on new LDP sessions. To apply the changes to an existing LDP session on a network, you must reset all LDP sessions on that network by executing this command without the peer keyword. If you specify the peer keyword, this command resets the LDP session to the specified peer without applying the parameter changes to the session.

Examples

# Reset all LDP sessions in the public network.

<Sysname> reset mpls ldp

# Reset all LDP sessions in VPN instance vpn1.

<Sysname> reset mpls ldp vpn-instance vpn1

snmp-agent trap enable ldp

Use snmp-agent trap enable ldp to enable SNMP notifications for LDP.

Use undo snmp-agent trap enable ldp to disable SNMP notifications for LDP.

Syntax

snmp-agent trap enable ldp

undo snmp-agent trap enable ldp

Default

SNMP notifications for LDP are enabled.

Views

System view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

This command enables generating SNMP notifications for LDP upon LDP session changes, as defined in RFC 3815. The generated SNMP notifications are sent to the SNMP module.

For more information about SNMP notifications, see Network Management and Monitoring Configuration Guide.

Examples

# Enable SNMP notifications for LDP.

<Sysname> system-view

[Sysname] snmp-agent trap enable ldp

vpn-instance

Use vpn-instance to enable LDP for a VPN instance and enter LDP-VPN instance view.

Use undo vpn-instance to delete the LDP-VPN instance.

Syntax

vpn-instance vpn-instance-name

undo vpn-instance vpn-instance-name

Default

LDP is disabled for a VPN instance.

Views

LDP view

Predefined user roles

network-admin

mdc-admin

Parameters

vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters.

Usage guidelines

Enabling LDP for VPNs is used for the Carrier's Carrier network that uses LDP between the Level 1 carrier and Level 2 carrier PEs. In such a network, you must enable LDP for each VPN on each Level 1 carrier PE.

The VPN instance specified by this command must have been created by the ip vpn-instance command in system view.

The NSR and GR commands are available only in LDP view. All other commands available in LDP view are available in LDP-VPN instance view.

Examples

# Enable LDP for the VPN instance vpn1 and enter LDP-VPN instance view.

<Sysname> System-view

[Sysname] mpls ldp

[Sysname-ldp] vpn-instance vpn1

[Sysname-ldp-vpn-instance-vpn1]

Related commands

· ip vpn-instance

· mpls ldp

MPLS TE commands

The MPLS TE feature is available in Release 1138P01 and later versions.

auto-bandwidth enable

Use auto-bandwidth enable to enable automatic bandwidth adjustment globally, and configure the output rate sampling interval.

Use undo auto-bandwidth enable to disable automatic bandwidth adjustment.

Syntax

auto-bandwidth enable [ sample-interval seconds ]

undo auto-bandwidth enable

Default

The global auto bandwidth adjustment is disabled.

Views

MPLS TE view

Predefined user roles

network-admin

mdc-admin

Parameters

sample-interval seconds: Specifies an output rate sample interval for tunnels enabled with automatic bandwidth adjustment, in the range of 1 to 604800 seconds. The default sample interval is 300 seconds. As a best practice, use the default sample interval.

Usage guidelines

The automatic bandwidth adjustment feature measures the average output rate of a tunnel, and periodically tunes the bandwidth assigned to the tunnel based on the measurement results.

The output rate sampling feature calculates the average output rate of a tunnel based on the traffic passed through the tunnel interface during a sampling interval.

To use the automatic bandwidth adjustment feature for an MPLS TE tunnel, perform the following tasks:

1. Execute the auto-bandwidth enable command to enable this feature globally.

2. Execute the mpls te auto-bandwidth adjustment command in the tunnel interface view.

Examples

# Enable global auto bandwidth adjustment, and configure the output rate sampling interval on MPLS TE tunnel interfaces as 600 seconds.

<Sysname> system-view

[Sysname] mpls te

[Sysname-te] auto-bandwidth enable sample-interval 600

Related commands

· mpls te auto-bandwidth

· reset mpls te auto-bandwidth-adjustment timers

auto-tunnel backup

Use auto-tunnel backup to enable the automatic bypass tunnel setup feature (also called auto FRR) globally, and enter MPLS TE auto-FRR view.

Use undo auto-tunnel backup to disable the auto FRR feature globally.

Syntax

auto-tunnel backup

undo auto-tunnel backup

Default

The auto FRR feature is disabled globally.

Views

MPLS TE view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

After you execute the auto-tunnel backup command, and specify an interface number range for bypass tunnels by using the tunnel-number command, the local device (the PLR) automatically sets up two bypass tunnels for each of its primary CRLSPs: one for link protection and the other for node protection.

If the PLR is the penultimate node of a primary CRLSP, the PLR does not create a node-protection bypass tunnel for the primary CRLSP.

Execution of the undo auto-tunnel backup command deletes all existing bypass tunnels automatically created for MPLS TE auto FRR.

Examples

# Enable the automatic bypass tunnel setup feature globally, and enter MPLS TE auto-tunnel backup view.

<Sysname> system-view

[Sysname] mpls te

[Sysname-te] auto-tunnel backup

[Sysname-te-auto-bk]

Related commands

· mpls te auto-backup disable

· nhop-only

· timers removal unused

· tunnel-number

destination

Use destination to configure the destination address for a tunnel interface.

Use undo destination to restore the default.

Syntax

destination ip-address

undo destination

Default

No destination address is specified for a tunnel interface.

Views

Tunnel interface view

Predefined user roles

network-admin

mdc-admin

Parameters

ip-address: Specifies the tunnel destination IPv4 address.

Examples

# Configure the destination address of the interface Tunnel 1 as 193.101.1.1.

<Sysname> system-view

[Sysname] interface tunnel 1 mode mpls-te

[Sysname-Tunnel1] destination 193.101.1.1

Related commands

interface tunnel

disable

Use disable to disable the current explicit path.

Use undo disable to restore the default.

Syntax

disable

undo disable

Default

The explicit path is enabled.

Views

Explicit path view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

You can use the disable command to prevent an explicit path from being used by a tunnel during explicit path configuration.

Examples

# Disable the explicit path named path1.

<Sysname> system-view

[Sysname] explicit-path path1

[Sysname-explicit-path-path1] disable

display explicit-path

Use display explicit-path to display information about explicit paths.

Syntax

display explicit-path [ path-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

path-name: Displays information about the explicit path specified by its name, a case-sensitive string of 1 to 31 characters. If you do not specify an explicit path, this command displays information about all explicit paths.

Examples

# Display information about all explicit paths.

<Sysname> display explicit-path

Path Name: path1 Hop Count: 3 Path Status: Enabled

Index IP Address Hop Type Hop Attribute

1 1.1.1.1 Strict Include

101 2.2.2.2 Loose Include

201 3.3.3.3 - Exclude

Table 21 Command output

Field	Description
Path Name	Name of the explicit path.
Hop Count	Number of nodes specified in the explicit path.
Path Status	Explicit path status: · Enabled—The explicit path is available. · Disabled—The explicit path is not available.
Index	Index of a node on the explicit path.
IP Address	IP address of a node on the explicit path.
Hop Type	Node type: · Strict—The node must be connected directly to its previous hop. · Loose—The node can be connected indirectly to its previous hop.
Hop Attribute	Node attribute: · Include—The node must be included in the explicit path. · Exclude—The node must not be included in the explicit path.

display interface tunnel

Use display interface tunnel to display tunnel interface information, including destination address and tunnel mode.

Syntax

display interface [ tunnel [ number ] ] [ brief [ description | down ] ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

number: Specifies the number of an existing tunnel interface. If you do not specify the tunnel keyword, this command displays information about all interfaces on the device. If you specify the tunnel keyword without the number argument, this command displays information about all existing tunnel interfaces.

brief: Displays brief interface information. If you do not specify this keyword, the command displays detailed interface information.

description: Displays complete interface descriptions. If you do not specify this keyword, the command displays only the first 27 characters of interface descriptions.

down: Displays information about interfaces in the physical state of DOWN and the causes. If you do not specify this keyword, the command displays information about interfaces in all states.

Examples

# Display detailed information about interface Tunnel 1.

<Sysname> display interface tunnel 1

Tunnel1

Current state: UP

Line protocol state: UP

Description: Tunnel1 Interface

Bandwidth: 64kbps

Maximum Transmit Unit: 1496

Internet Address is 6.1.1.1/24 Primary

Tunnel source unknown, destination 3.3.3.3

Tunnel TTL 255

Tunnel protocol/transport CR_LSP

Output queue - Urgent queuing: Size/Length/Discards 0/100/0

Output queue - Protocol queuing: Size/Length/Discards 0/500/0

Output queue - FIFO queuing: Size/Length/Discards 0/75/0

Last clearing of counters: Never

Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec

Last 300 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec

Input: 0 packets, 0 bytes, 0 drops

Output: 0 packets, 0 bytes, 0 drops

Table 22 Command output

Field	Description
Tunnel1	Information about the tunnel interface Tunnel 1.
Current state	Physical link state of the tunnel interface: · Administratively DOWN—The interface has been shut down by using the shutdown command. · DOWN—The interface is administratively up, but its physical state is down (possibly because no physical link exists or the link has failed). · UP—The interface is both administratively and physically up.
Line protocol state	Data link layer state of the interface. The state is determined through automatic parameter negotiation at the data link layer. · UP—The data link layer protocol is up. · UP (spoofing)—The data link layer protocol is up, but the link is an on-demand link or does not exist. This attribute is typical of null interfaces and loopback interfaces. · DOWN—The data link layer protocol is down.
Description	Description of the tunnel interface.
Bandwidth	Expected bandwidth of the tunnel interface.
Maximum Transmit Unit	MTU of the tunnel interface.
Internet protocol processing: Disabled	The tunnel interface is not assigned an IP address and cannot process IP packets.
Internet Address	IP address of the tunnel interface. The primary attribute indicates that the address is the primary IP address.
Tunnel source	Source address of the tunnel.
destination	Destination address of the tunnel.
Tunnel TTL	TTL of tunneled packets.
Tunnel protocol/transport	Tunnel mode and transport protocol. The value is CR_LSP that indicates the MPLS TE tunnel mode.
Last clearing of counters	Last time when counters were cleared.
Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec	Average input rate in the last 300 seconds.
Last 300 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec	Average output rate in the last 300 seconds.

Related commands

· destination

· interface tunnel

display isis mpls te advertisement

Use display isis mpls te advertisement to display link and node information in an IS-IS TEDB.

Syntax

display isis mpls te advertisement [ [ level-1 | level-2 ] | [ originate-system system-id | local ] | verbose ] * [ process-id ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

level-1: Displays link and node information for Level-1 routers.

level-2: Displays link and node information for Level-2 routers.

originate-system system-id: Displays link and node information advertised by the system specified by its system ID, in the format of XXXX.XXXX.XXXX.

local: Displays link and node information advertised by the local device.

verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information.

process-id: Specifies an IS-IS process by its ID in the range of 1 to 65535. If you do not specify an IS-IS process, this command displays link and node information for all IS-IS processes.

Usage guidelines

If you do not specify the level-1 or level-2 keyword, this command displays link and node information for both Level-1 and Level-2 routers.

If you do not specify the originate-system system-id option or the local keyword, this command displays link and node information advertised by all systems.

Examples

# Display brief link and node information in the IS-IS TEDB for Level-1 routers.

<Sysname> display isis mpls te advertisement level-1

TE information for IS-IS(1)

---------------------------

Level-1 TE node and link information

-------------------------------

Node total count : 2

Node index : 0

System ID : 0000.0000.0004

MPLS LSR ID : 4.4.4.4

Node flags : -/-/R/-

Link total count : 1

Link information :

Neighbour Frag ID Link Type Local Address Remote Address

0000.0000.0004.04 0x00 Broadcast 1.1.1.3

Node index : 1

System ID : 0000.0000.0001

MPLS LSR ID : 1.1.1.1

Node flags : -/-/R/-

Link total count : 1

Link information :

Neighbour Frag ID Link Type Local Address Remote Address

0000.0000.0004.04 0x00 Broadcast 1.1.1.1 --

# Display detailed link and node information in the IS-IS TEDB for Level-1 routers.

<Sysname> display isis mpls te advertisement level-1 local verbose

TE information for IS-IS(1)

---------------------------

Level-1 TE node and link information

-------------------------------

Node total count : 2

Node index : 0

System ID : 0000.0000.0004

MPLS LSR ID : 4.4.4.4

Node flags : -/-/R/-

Link total count : 1

Link information :

Link index : 0

Neighbor : 0000.0000.0004.04 Frag ID : 0x00

Link type : Broadcast Admin group : 0x00000000

IGP metric : 10 TE metric : 10

Link flags : -/-/-

Physical bandwidth: 12500000 bytes/sec

Reservable bandwidth: 0 bytes/sec

Unreserved bandwidth for each TE class:

TE class 0: 0 bytes/sec TE class 1: 0 bytes/sec

TE class 2: 0 bytes/sec TE class 3: 0 bytes/sec

TE class 4: 0 bytes/sec TE class 5: 0 bytes/sec

TE class 6: 0 bytes/sec TE class 7: 0 bytes/sec

TE class 8: 0 bytes/sec TE class 9: 0 bytes/sec

TE class 10: 0 bytes/sec TE class 11: 0 bytes/sec

TE class 12: 0 bytes/sec TE class 13: 0 bytes/sec

TE class 14: 0 bytes/sec TE class 15: 0 bytes/sec

Bandwidth constraint model: Prestandard DS-TE RDM

Bandwidth constraints:

BC[00]: 0 bytes/sec BC[01]: 0 bytes/sec

Local address: 1.1.1.3

Node index : 1

System ID : 0000.0000.0001

MPLS LSR ID : 1.1.1.1

Node flags : -/-/-/-

Link total count : 1

Link information :

Link index : 0

Neighbor : 0000.0000.0004.04 Frag ID : 0x00

Link type : Broadcast Admin group : 0x00000000

IGP metric: 10 TE metric : 10

Link flags: -/-/-

Physical bandwidth: 12500000 bytes/sec

Reservable bandwidth: 0 bytes/sec

Unreserved bandwidth for each TE class:

TE class 0: 0 bytes/sec TE class 1: 0 bytes/sec

TE class 2: 0 bytes/sec TE class 3: 0 bytes/sec

TE class 4: 0 bytes/sec TE class 5: 0 bytes/sec

TE class 6: 0 bytes/sec TE class 7: 0 bytes/sec

TE class 8: 0 bytes/sec TE class 9: 0 bytes/sec

TE class 10: 0 bytes/sec TE class 11: 0 bytes/sec

TE class 12: 0 bytes/sec TE class 13: 0 bytes/sec

TE class 14: 0 bytes/sec TE class 15: 0 bytes/sec

Bandwidth constraint model: Prestandard DS-TE RDM

Bandwidth constraints:

BC[00]: 0 bytes/sec BC[01]: 0 bytes/sec

Local address: 1.1.1.1

Table 23 Command output

Field	Description
TE information for IS-IS(1)	TE information for IS-IS process 1.
Node total count	Total number of nodes that advertises TE information.
Node flags	Node information flags: · A—Already synchronizes the node information with CSPF. · S—Ready to synchronize the node information with CSPF again after the previous synchronization failed. · R—The node is reachable. · O—The node is overloaded.
Link total count	Total number of links advertised by the node.
Link information	Link information advertised by the node.
Neighbor	System ID of the neighbor.
Frag ID	LSP fragment number.
Link type	Link type, broadcast or P2P.
Admin group	Administrator group attribute of the link.
Link flags	Link information flags: · A—Already synchronizes link information with CSPF. · U—Ready to update link information with CSPF again after the previous update failed. · D—Ready to delete link information from CSPF again after the previous deletion failed.
Bandwidth constraint model	Bandwidth constraint model: · Prestandard DS-TE RDM. · IETF DS-TE RDM. · IETF DS-TE MAM.
Local address	Local IP address of the link.
Remote address	Remote IP address of the link.

display isis mpls te configured-sub-tlvs

Use display isis mpls te configured-sub-tlvs to display sub-TLV information for IS-IS TE.

Syntax

display isis mpls te configured-sub-tlvs [ process-id ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

process-id: Specifies an IS-IS process by its ID in the range of 1 to 65535. If you do not specify an IS-IS process, this command displays sub-TLV information for all IS-IS processes.

Examples

# Display sub-TLV information for IS-IS TE.

<Sysname> display isis mpls te configured-sub-tlvs

TE sub-TLV information for IS-IS(1)

-----------------------------------

Type value of the unreserved sub-pool bandwidth sub-TLV : 251

Type value of the bandwidth constraint sub-TLV : 252

Table 24 Command output

Field	Description
TE Sub-TLV Information for IS-IS(1)	DS-TE sub-TLV information for IS-IS process 1.

display isis mpls te network

Use display isis mpls te network to display network information in an IS-IS TEDB.

Syntax

display isis mpls te network [ [ level-1 | level-2 ] | local | lsp-id lsp-id ] * [ process-id ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

level-1: Displays network information for Level-1 routers.

level-2: Displays network information for Level-2 routers.

local: Displays network information advertised by the local device.

lsp-id lsp-id: Displays network information for an LSP. The lsp-id argument is the LSP ID in the format of SYSID.Pseudonode ID-fragment num. SYSID represents the system ID of the node or pseudonode that generates the LSP. Pseudonode ID represents ID of the pseudonode. fragment num represents the fragment number of the LSP.

process-id: Specifies an IS-IS process by its ID in the range of 1 to 65535. If you do not specify an IS-IS process, this command displays network information for all IS-IS processes.

Usage guidelines

If you do not specify the level-1 or level-2 keyword, this command displays network information for both Level-1 and Level-2 routers.

If you do not specify the local keyword or the lsp-id lsp-id option, this command displays all TE network information.

Examples

# Display network information in IS-IS TEDBs.

<Sysname> display isis mpls te network

TE information for IS-IS(1)

--------------------------

Level-1 network information

---------------------------

LAN ID : 0000.0000.0004.04

Frag ID : 0x00

Flags : -/-/-

Attached routers : 0000.0000.0001

0000.0000.0004

Level-2 Network Information

---------------------------

LAN ID : 0000.0000.0004.04

Frag ID : 0x00

Flags : -/-/-

Attached routers : 0000.0000.0001

0000.0000.0004

Table 25 Command output

Field	Description
TE information for IS-IS(1)	TE information for IS-IS process 1.
LAN ID	Broadcast network ID, in the format of System-ID.Pseudonode-ID.
Frag ID	LSP fragment number.
Flags	State flag for network information: · A—Already synchronizes network information with CSPF. · U—Ready to update network information with CSPF again after the previous update failed. · D—Ready to delete network information from CSPF again after the previous deletion failed.

display isis mpls te tunnel

Use display isis mpls te tunnel to display MPLS TE tunnel interface information for IS-IS.

Syntax

display isis mpls te tunnel [ level-1 | level-2 ] [ process-id ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

level-1: Displays tunnel interface information for Level-1 routers.

level-2: Displays tunnel interface information for Level-2 routers.

process-id: Specifies an IS-IS process by its ID in the range of 1 to 65535. If you do not specify an IS-IS process, this command displays tunnel information for all IS-IS processes.

Usage guidelines

If you do not specify the level-1 or level-2 keyword, this command displays MPLS TE tunnel interface information for both IS-IS Level-1 and IS-IS Level-2 routers.

Examples

# Display MPLS TE tunnel interface information for IS-IS.

<Sysname> display isis mpls te tunnel

MPLS-TE tunnel information for IS-IS(1)

---------------------------------------

Level-1 Tunnel Statistics

-------------------------

Tunnel Name Auto Route Destination Metric

-----------------------------------------------------------------------

Tun0 Advertise 2.2.2.2 Relative 0

Level-2 Tunnel Statistics

-------------------------

Tunnel Name Auto Route Destination Metric

-----------------------------------------------------------------------

Tun0 Advertise 2.2.2.2 Relative 0

Table 26 Command output

Field	Description
MPLS-TE tunnel information for IS-IS(1)	MPLS TE tunnel interface information for IS-IS process 1.
Auto Route	Automatic route advertisement method on the tunnel interface: · Advertise—Forwarding adjacency. · Shortcut—IGP shortcut.
Destination	Tunnel destination address.
Metric	Metric type and value configured on the tunnel interface: · Relative. · Absolute.

display mpls te ds-te

Use display mpls te ds-te to display DS-TE information, including the DS-TE mode, bandwidth constraint (BC) model, and TE classes.

Syntax

display mpls te ds-te

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Examples

# Display DS-TE information.

<Sysname> display mpls te ds-te

MPLS LSR ID : 0.0.0.0

MPLS DS-TE mode : Prestandard

MPLS DS-TE BC model : RDM

TE Class Class Type Priority

0 0 0

1 0 1

2 0 2

3 0 3

4 0 4

5 0 5

6 0 6

7 0 7

8 1 0

9 1 1

10 1 2

11 1 3

12 1 4

13 1 5

14 1 6

15 1 7

Table 27 Command output

Field	Description
MPLS LSR ID	MPLS LSR ID of the device.
MPLS DS-TE mode	DS-TE mode: Prestandard or IETF.
MPLS DS-TE BC model	DS-TE BC model: · RDM—Russian Dolls Model. · MAM—Maximum Allocation Model.
TE Class	Serial number of a TE class.

display mpls te link-management bandwidth-allocation

Use display mpls te link-management bandwidth-allocation to display bandwidth information on MPLS TE-enabled interfaces.

Syntax

display mpls te link-management bandwidth-allocation [ interface interface-type interface-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

interface interface-type interface-number: Displays bandwidth information on the interface specified by its type and number. If you do not specify this option, the command displays bandwidth information on all interfaces enabled with MPLS TE.

Examples

# Display bandwidth information on all interfaces enabled with MPLS TE.

<Sysname> display mpls te link-management bandwidth-allocation

Interface: Vlan1

Max Link Bandwidth : 3200000 kbps

Max Reservable Bandwidth of Prestandard RDM : 2000000 kbps

Max Reservable Bandwidth of IETF RDM : 200000 kbps

Max Reservable Bandwidth of IETF MAM : 300000 kbps

Allocated Bandwidth-Item Count :1

Allocated Bandwidth :1000 kbps

Physical Link Status : Up

BC Prestandard RDM(kbps) IETF RDM(kbps) IETF MAM(kbps)

0 2000000 200000 2000

1 1000000 150000 2000

2 0 100000 2000

3 0 50000 2000

TE Class Class Type Priority BW Reserved(kbps) BW Available(kbps)

0 0 0 0 2000000

1 0 1 0 2000000

2 0 2 0 2000000

3 0 3 0 2000000

4 0 4 0 2000000

5 0 5 0 2000000

6 0 6 0 2000000

7 0 7 1000 1999000

8 1 0 0 1000000

9 1 1 0 1000000

10 1 2 0 1000000

11 1 3 0 1000000

12 1 4 0 1000000

13 1 5 0 1000000

14 1 6 0 1000000

15 1 7 0 1000000

Table 28 Command output

Field	Description
Interface	Interface enabled with MPLS TE.
Max Link Bandwidth	Maximum link bandwidth for MPLS TE traffic.
Allocated Bandwidth-Item Count	Number of CRLSPs that have successfully obtained bandwidth.

Related commands

· mpls te max-link-bandwidth

· mpls te max-reservable-bandwidth

· mpls te max-reservable-bandwidth mam

· mpls te max-reservable-bandwidth rdm

display mpls te tedb

Use display mpls te tedb to display MPLS TE database (TEDB) information.

Syntax

display mpls te tedb { { isis { level-1 | level-2 } | ospf area area-id } | link ip-address | network | node [ local | mpls-lsr-id ] | summary }

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

isis: Displays TEDB information for IS-IS.

level-1: Displays TEDB information for Level-1 routers.

level-2: Displays TEDB information for Level-2 routers.

ospf area area-id: Displays TEDB information for an OSPF area. The value range for the OSPF area ID is 0 to 4294967295.

link ip-address: Displays TEDB information for a link. The ip-address argument represents the IP address of the local interface on the link.

network: Displays TEDB information for all broadcast and NBMA networks.

node: Displays TEDB information for the local or specified node. If you do not specify the local keyword or the mpls-lsr-id argument, this command displays TEDB information for all nodes.

local: Displays TEDB information for the local node.

mpls-lsr-id: Displays TEDB information for the node specified by its MPLS LSR ID.

summary: Displays summary TEDB information.

Examples

# Display TEDB information for all broadcast and NBMA networks.

<Sysname> display mpls te tedb network

DR MPLS LSR-ID DR-address IGP Process-ID Area/Level Neighbors

8.1.1.2 3.0.0.2 OSPF 100 0 1.1.1.1

2.1.1.1

8.1.1.2

2.1.1.1 3.0.0.3 OSPF 100 0 2.1.1.1

3.1.1.1

2.1.1.2

3.1.1.2 3.0.0.4 OSPF 100 0 3.1.1.1

4.1.1.1

3.1.1.2

4.1.1.2 3.0.0.5 OSPF 100 0 4.1.1.1

5.1.1.1

4.1.1.2

5.1.1.2 3.0.0.6 OSPF 100 0 5.1.1.1

6.1.1.1

5.1.1.2

6.1.1.2 3.0.0.9 OSPF 100 0 6.1.1.1

7.1.1.1

6.1.1.2

7.1.1.1 12.0.0.7 OSPF 100 0 3.1.1.1

7.1.1.1

7.1.1.2

Table 29 Command output

Field	Description
DR MPLS LSR-ID	MPLS LSR ID of a designated router (DR), in dotted decimal notation.
DR-address	Interface address of the DR.
IGP	Internal gateway protocol: OSPF or IS-IS.
Process-ID	IGP process ID.
Area/Level	OSPF area or IS-IS level of the router.
Neighbors	Router IDs of the routers that have formed full adjacencies with the DR, and router ID of the DR itself.

# Display summary TEDB information.

<Sysname> display mpls te tedb summary

MPLS LSR-ID IGP Process-ID Area/Level Links-Count

1.1.1.1 OSPF 100 1001 20

1002 30

1003 40

1004 50

1007 70

1010 80

2.1.1.1 ISIS 100 Level-1 20

Level-1 30

3.1.1.1 OSPF 100 0 4

Table 30 Command output

Field	Description
MPLS LSR-ID	MPLS LSR ID of a router, in dotted decimal notation.
IGP	Internal gateway protocol: OSPF or IS-IS.
Process-ID	IGP process ID.
Area/Level	OSPF area or IS-IS level of the router.
Links-Count	Number of links in an OSPF area or IS-IS level.

# Display TEDB information for an OSPF area.

<Sysname> display mpls te tedb ospf area 1

Node information for OSPF area 1:

MPLS LSR-ID IGP Process-ID Area Links-Count

2.2.2.2 OSPF 100 1 1

3.3.3.3 OSPF 100 1 1

Network information for OSPF area 1:

DR MPLS LSR-ID DR-address IGP Process-ID Area Neighbors

3.3.3.3 20.1.1.2 OSPF 100 1 2.2.2.2

3.3.3.3

Table 31 Command output

Field	Description
MPLS LSR-ID	MPLS LSR ID of a router, in dotted decimal notation.
IGP	Internal gateway protocol: OSPF or IS-IS.
Process-ID	IGP process ID.
Area	OSPF area of the router.
Level	IS-IS level of the router.
Links-Count	Number of links in the OSPF area or IS-IS level.
DR MPLS LSR-ID	MPLS LSR ID of a DR.
DR-address	Interface address of the DR.
Neighbors	Router IDs of the routers that have formed full adjacencies with the DR, and router ID of the DR itself.

# Display TEDB information for the local node in prestandard mode.

<Sysname> display mpls te tedb node local

MPLS LSR-ID: 1.1.1.1

IGP Type: OSPF Process ID: 100 Area: 1

Link[1]:

Local IP Address: 2.0.1.33

Neighbor IP Address: 2.0.1.2

Neighbor MPLS LSR-ID: 1.1.1.2

Link Type: P2P Link Status: Inactive

IGP Metric: 100 TE Metric: 100 Link Attribute: 0xff

Maximum Link Bandwidth: 100 kbps

Maximum Reservable Bandwidth: 20 kbps

Bandwidth Constraint Model: Prestandard DS-TE RDM

Bandwidth Constraints:

BC[0]: 100 kbps

BC[1]: 20 kbps

Unreserved Bandwidth for each TE class:

TE class 0: 10 kbps

TE class 1: 10 kbps

TE class 2: 10 kbps

TE class 3: 10 kbps

TE class 4: 10 kbps

TE class 5: 10 kbps

TE class 6: 10 kbps

TE class 7: 10 kbps

TE class 8: 10 kbps

TE class 9: 10 kbps

TE class 10: 10 kbps

TE class 11: 10 kbps

TE class 12: 10 kbps

TE class 13: 10 kbps

TE class 14: 10 kbps

TE class 15: 10 kbps

MPLS LSR-ID: 1.1.1.1

IGP Type: ISIS Process ID: 100 Level: Level-1

Link[1]:

Local IP Address: 2.0.1.33

Neighbor IP Address: 2.0.1.2

Neighbor MPLS LSR-ID: 1.1.1.2

Link Type: P2P Link Status: Active

IGP Metric: 10 TE Metric: 10 Link Attribute: 0x11

Maximum Bandwidth: 100 (kbps)

Maximum Reservable Bandwidth: 100 (kbps)

Bandwidth Constraint Model: Prestandard DS-TE RDM

Bandwidth Constraints:

BC[0]: 100 kbps

BC[1]: 20 kbps

Unreserved Bandwidth for each TE Class:

TE class 0: 10 kbps

TE class 1: 10 kbps

TE class 2: 10 kbps

TE class 3: 10 kbps

TE class 4: 10 kbps

TE class 5: 10 kbps

TE class 6: 10 kbps

TE class 7: 10 kbps

TE class 8: 10 kbps

TE class 9: 10 kbps

TE class 10: 10 kbps

TE class 11: 10 kbps

TE class 12: 10 kbps

TE class 13: 10 kbps

TE class 14: 10 kbps

TE class 15: 10 kbps

Table 32 Command output

Field	Description
MPLS LSR-ID	MPLS LSR ID of a router, in dotted decimal notation.
IGP Type	Internal gateway protocol: OSPF or IS-IS.
Process ID	IGP process ID.
Area	OSPF area of the router.
Level	IS-IS level of the router: Level-1 or Level-2.
Link[n]	Information about a link. n is the number of the link.
Local IP Address	Local interface address.
Neighbor IP Address	Remote interface address for a P2P or P2MP link. For an NBMA or a broadcast link, this field is blank.
Link Type	Link type: · P2P. · P2MP. · NBMA. · Broadcast.
Link Status	Link status: Active or Inactive.
Bandwidth Constraint Model	Bandwidth constraint model: · Prestandard DS-TE RDM. · IETF DS-TE RDM. · IETF DS-TE MAM.

# Display TEDB information for the link connected to interface 20.1.1.1 in IETF DS-TE RDM model.

<Sysname> display mpls te tedb link 20.1.1.1

MPLS LSR-ID: 2.2.2.2

IGP Type: ISIS Process ID: 100 Level: Level-1

Local IP Address: 20.1.1.1

Neighbor MPLS LSR-ID: 20.1.1.2

Link Type: Broadcast Link Status: Active

IGP Metric: 10 TE Metric: 0 Link Attribute: 0x0

Maximum Bandwidth: 0 kbps

Maximum Reservable Bandwidth: 0 kbps

Bandwidth Constraint Model: IETF DS-TE RDM

Bandwidth Constraints:

BC[0] : 0 kbps

BC[1] : 0 kbps

BC[2] : 0 kbps

BC[3] : 0 kbps

Unreserved Bandwidth for each TE class:

TE class 0: 0 kbps

TE class 1: 0 kbps

TE class 2: 0 kbps

TE class 3: 0 kbps

TE class 4: 0 kbps

TE class 5: 0 kbps

TE class 6: 0 kbps

TE class 7: 0 kbps

Table 33 Command output

Field	Description
MPLS LSR-ID	MPLS LSR ID of a router, in dotted decimal notation.
IGP Type	Internal gateway protocol: OSPF or IS-IS.
Process ID	IGP process ID.
Area	OSPF area of the router.
Level	IS-IS level of the router: Level-1 or Level-2.
Local IP Address	Local interface address.
Neighbor IP Address	Remote interface address for a P2P or P2MP link. For an NBMA or a broadcast link, this field is blank.
Link Type	Link type: · P2P. · P2MP. · NBMA. · Broadcast.
Link Status	Link status: Active or Inactive.
Bandwidth Constraint Mode	Bandwidth constraint model: · Prestandard DS-TE RDM. · IETF DS-TE RDM. · IETF DS-TE MAM.

display mpls te tunnel-interface

Use display mpls te tunnel-interface to display information about MPLS TE tunnel interfaces.

Syntax

display mpls te tunnel-interface [ tunnel number ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

tunnel number: Displays information about the tunnel interface specified by its number. The tunnel interface must already have been created. If you do not specify this option, the command displays information about all MPLS TE tunnel interfaces.

Examples

# Display information about all MPLS TE tunnel interfaces.

<Sysname> display mpls te tunnel-interface

Tunnel Name : Tunnel 0

Tunnel State : Up (Main CRLSP up)

Tunnel Attributes :

LSP ID : 1 Tunnel ID : 0

Admin State : Normal

Ingress LSR ID : 1.1.1.1 Egress LSR ID : 3.3.3.3

Signaling : Static Static CRLSP Name : static-cr-lsp-1

Resv Style : -

Tunnel mode : -

Reverse-LSP name : -

Reverse-LSP LSR ID : - Reverse-LSP Tunnel ID: -

Class Type : - Tunnel Bandwidth : -

Reserved Bandwidth : -

Setup Priority : 0 Holding Priority : 0

Affinity Attr/Mask : -/-

Explicit Path : -

Backup Explicit Path : -

Metric Type : TE

Record Route : - Record Label : -

FRR Flag : - Bandwidth Protection : Disabled

Backup Bandwidth Flag: Disabled Backup Bandwidth Type: -

Backup Bandwidth : -

Bypass Tunnel : No Auto Created : No

Route Pinning : -

Retry Limit : 10 Retry Interval : 2 sec

Reoptimization : - Reoptimization Freq : -

Backup Type : - Backup LSP ID : -

Auto Bandwidth : - Auto Bandwidth Freq : -

Min Bandwidth : - Max Bandwidth : -

Collected Bandwidth : -

Table 34 Command output

Field	Description
Tunnel Name	Name of the tunnel interface.
Tunnel State	Running state of the tunnel: Down or Up. Description information includes: · Main CRLSP down. · Main CRLSP up. · Main CRLSP being set up. · Shared-resource CRLSP down. · Shared-resource CRLSP up. · Shared-resource CRLSP being set up. · Shared-resource CRLSP being activated. · Shared-resource CRLSP switching to Main CRLSP. · Backup CRLSP down. · Backup CRLSP up. · Backup CRLSP being set up. · Reverse CRLSP down. · Reverse CRLSP up. · Reverse CRLSP being set up.
Admin State	Administrative state of the tunnel interface: · Normal—The interface is not shut down by the shutdown command. · Shutdown—The tunnel interface is shut down by the shutdown command.
Signaling	Signaling protocol used to set up the tunnel: RSVP-TE or Static.
Static CRLSP Name	Static CRLSP referenced by the tunnel.
Resv Style	Resource reservation style: FF or SE.
Tunnel Mode	Tunnel mode of the bidirectional tunnel: · Co-routed, active—The device is the active end of the co-routed bidirectional tunnel. · Co-routed, passive—The device is the passive end of the co-routed bidirectional tunnel. · Associated—The tunnel is an associated bidirectional tunnel.
Reverse-LSP Name	Name of the associated reverse LSP.
Reverse-LSP LSR ID	LSR ID of the reverse LSP. This field has a value for the LSR of an associated reverse LSP and the passive end of the co-routed bidirectional tunnel. For other LSPs, this field displays a hyphen (-).
Reverse-LSP Tunnel ID	Tunnel ID of the reverse LSP. This field has a value for an associated reverse LSP and the passive end of the co-routed bidirectional tunnel. For other LSPs, this field displays a hyphen (-).
Class Type	CT of the tunnel: CT 0, CT 1, CT 2, or CT 3.
Tunnel Bandwidth	Bandwidth required by the tunnel, in kbps.
Reserved Bandwidth	Bandwidth reserved for the tunnel, in kbps.
Setup Priority	Tunnel setup priority.
Holding Priority	Tunnel holding priority.
Affinity Attr/Mask	Tunnel affinity attribute and mask.
Explicit Path Name	Name of the explicit path referenced by the tunnel. If the path used by the tunnel is not an explicit path, this field displays a hyphen (-).
Backup Explicit Path	Name of the explicit path referenced by the backup tunnel. If the path used by the backup tunnel is not an explicit path, this field displays a hyphen (-).
Metric Type	Link metric type used for tunnel path selection, TE or IGP.
Bandwidth Protection	Whether FRR needs bandwidth protection, Enabled or Disabled.
Backup Bandwidth Flag	Whether the bandwidth and the type of CRLSPs that the bypass tunnel can protect have been configured (by using the mpls te backup bandwidth command): · Enabled—Configured. · Disabled—Not configured.
Backup Bandwidth Type	Class type of the traffic on the primary tunnel that the bypass tunnel can protect.
Backup Bandwidth	Bandwidth that the bypass tunnel can protect, in kbps.
Bypass Tunnel	Whether it is a bypass tunnel: Yes or No.
Auto Created	Whether the bypass tunnel is automatically created: Yes or No.
Retry Limit	Maximum number of tunnel setup retries.
Retry Interval	Tunnel setup retry interval, in seconds.
Reoptimization Freq	Tunnel reoptimization frequency, in seconds.
Backup Type	CRLSP backup mode: · None—CRLSP backup is disabled. · Hot Standby. · Ordinary.
Backup LSP ID	LSP ID of the backup tunnel.
Auto Bandwidth	State of the automatic bandwidth adjustment feature.
Auto Bandwidth Freq	Automatic bandwidth adjustment interval, in seconds.
Min Bandwidth	Minimum bandwidth (in kbps) that can be applied to the tunnel by automatic bandwidth adjustment.
Max Bandwidth	Maximum bandwidth (in kbps) that can be applied to the tunnel by automatic bandwidth adjustment.
Collected Bandwidth	Current output rate, in kbps.

display ospf mpls te advertisement

Use display ospf mpls te advertisement to display link and node information in an OSPF TEDB.

Syntax

display ospf [ process-id ] [ area area-id ] mpls te advertisement [ originate-router advertising-router-id | self-originate ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

process-id: Specifies an OSPF process ID in the range of 1 to 65535. If you do not specify this argument, the command displays information about all OSPF processes.

area area-id: Specifies an area by its ID, an IP address or a decimal integer, in the range of 0 to 4294967295. If you specify an integer, the system will translate the integer into the IP address format. If you do not specify this option, the command displays information about all areas.

originate-router advertising-router-id: Displays information originated from a router specified by its router ID.

self-originate: Displays information generated by the local router.

Examples

# Display link and node information for all processes in all areas.

<Sysname> display ospf mpls te advertisement

OSPF Process 1 with Router ID 2.2.2.2

Traffic Engineering Database

Area: 0.0.0.1

Adv Router ID : 1.1.1.1

MPLS LSR ID : 1.1.1.1

Flags : A/S/R

Router Address Count : 1

Router Address Index : 0

Instance ID : 0.0.0.0

MPLS LSR ID : 1.1.1.1

Link Count : 1

Link Index : 0

Link Type : Broadcast

Instance ID : 0.0.0.1

Link Flags : -/U/-

Link ID : 197.168.1.1

TE Metric : 1000

IGP Metric : 1000

Maximum Bandwidth : 12500000 bytes/sec

Maximum Reservable BW : 0 bytes/sec

Administrative Group : 0x0

Unreserved Bandwidth for each TE Class:

TE class 0 = 0 bytes/sec

TE class 1 = 0 bytes/sec

TE class 2 = 0 bytes/sec

TE class 3 = 0 bytes/sec

TE class 4 = 0 bytes/sec

TE class 5 = 0 bytes/sec

TE class 6 = 0 bytes/sec

TE class 7 = 0 bytes/sec

TE class 8 = 0 bytes/sec

TE class 9 = 0 bytes/sec

TE class 10 = 0 bytes/sec

TE class 11 = 0 bytes/sec

TE class 12 = 0 bytes/sec

TE class 13 = 0 bytes/sec

TE class 14 = 0 bytes/sec

TE class 15 = 0 bytes/sec

Bandwidth Constraint Model: Prestandard DS-TE RDM

Bandwidth Constraints:

BC [ 0] = 0 bytes/sec

BC [ 1] = 0 bytes/sec

Local Interface Address : 197.168.1.1

Remote Interface Address : 197.168.1.11

Table 35 Command output

Field	Description
Adv Router ID	ID of the router that advertises the information.
MPLS LSR ID	MPLS LSR ID of the router that advertises the information.
Flags	TE information flags: · A—Already synchronizes the information with CSPF. · S—Be ready to synchronize the information with CSPF. · R—The route to the router that advertises the information is reachable.
Router Address Count	Number of Router TLV messages in TEDB.
Router Address Index	Index of the current Router TLV message.
Instance ID	LSA instance ID.
Link Count	Number of Link TLV messages in TEDB.
Link Index	Index of the current Link TLV message.
Link Type	Link types: · Point to Point. · Point to Multi Point. · Broadcast. · NBMA.
Link Flags	Link information flags: · A—Already synchronizes the information with CSPF. · U—Updates the information with CSPF again after the previous update failed. · D—Deletes the information from CSPF again after the previous deletion failed.
Link ID	Link state ID.
IGP Metric	OSPF protocol metric.
Administrative Group	Link attributes.
Bandwidth Constraint Model	Bandwidth constraint model, Prestandard DS-TE RDM, IETF DS-TE RDM, or IETF DS-TE MAM.
Bandwidth Constraints	This field takes effect only on DS-TEs.
BC	Bandwidth constraint value. The Prestandard mode supports two BCs, and the IETF mode supports four BCs.

display ospf mpls te network

Use display ospf mpls te network to display network information in an OSPF TEDB.

Syntax

display ospf [ process-id ] [ area area-id ] mpls te network [ originate-router advertising-router-id | self-originate ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

process-id: Specifies an OSPF process ID in the range of 1 to 65535. If you do not specify this argument, the command displays information about all OSPF processes.

originate-router advertising-router-id: Displays information originated from a router specified by its router ID.

self-originate: Displays information generated by the local router.

Examples

# Display network information for all processes in all areas.

<Sysname> display ospf mpls te network

OSPF Process 1 with Router ID 12.1.1.1

Traffic Engineering Network

Area: 0.0.0.0

Adv Router ID : 1.1.1.1

Designated Router : 197.168.1.1

Flags : -/U/-

Attached Router 2.2.2.2

Attached Router 1.1.1.1

Table 36 Command output

Field	Description
Adv Router ID	ID of the router that advertises the information.
Designated Router	IP address of the designated router.
Flag	Network information flags: · A—Already synchronizes the information with CSPF. · U—Updates the information with CSPF again after the previous update fails. · D—Deletes the information from CSPF again after the previous deletion fails.
Attached Router	ID of the attached router.

display ospf mpls te tunnel

Use display ospf mpls te tunnel to display MPLS TE tunnel interface information for OSPF.

Syntax

display ospf [ process-id ] [ area area-id ] mpls te tunnel

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

process-id: Specifies an OSPF process ID in the range of 1 to 65535. If you do not specify this argument, the command displays information about all OSPF processes.

area area-id: Specifies an area by its ID, an IP address or a decimal integer, in the range of 0 to 4294967295 . If you specify an integer, the system will translate the integer into the IP address format. If you do not specify this option, the command displays information about all areas.

Examples

# Display MPLS TE tunnel interface information for all OSPF processes in all areas.

<Sysname> display ospf mpls te tunnel

OSPF Process 1 with Router ID 2.2.2.2

Traffic Engineering Tunnel

Area: 0.0.0.1

Interface: Tunnel1 (12.1.1.2)

State: Inactive

Neighbor ID: 0.0.0.0 Cost: 0

Destination: 125.1.1.1

Auto Route: IGP Shortcut

Metric: Relative 10

Table 37 Command output

Field	Description
Interface	Name and IP address of a tunnel interface.
State	Tunnel interface states: · Inactive—The tunnel interface is not used to forward packets, because the tunnel route is not the optimal route. · Active—The tunnel interface is used to forward packets, because the tunnel route is the optimal route.
Neighbor ID	Router ID for the tunnel destination.
Cost	Route cost of the tunnel interface.
Destination	LSR ID for the tunnel destination.
Auto Route	Automatic route advertisement method, IGP Shortcut or IGP Advertise. IGP Advertise indicates that forwarding adjacency is enabled.
Metric	Absolute or relative metric of the MPLS TE tunnel.

ds-te bc-model

Use ds-te bc-model to specify the bandwidth constraint (BC) model used in IETF DS-TE.

Use undo ds-te bc-model to restore the default.

Syntax

ds-te bc-model mam

undo ds-te bc-model

Default

The BC model of IETF DS-TE is Russian Dolls Model (RDM).

Views

MPLS TE view

Predefined user roles

network-admin

mdc-admin

Parameters

mam: Specifies the BC model as Maximum Allocation Model (MAM).

Usage guidelines

RDM does not define the bandwidth for one class type (CT) but limits the shared bandwidth for multiple CTs. In cooperation with priority preemption, the RDM model can also implement the isolation between CTs, ensuring each CT its share of bandwidth. RDM is suitable for networks where traffic is unstable and traffic bursts might occur.

MAM constrains the bandwidth for only one CT on an interface. This ensures isolation between CTs no matter whether preemption is used or not. Compared with RDM, MAM is easy to understand and configure. MAM is suitable for networks where traffic of each CT is stable.

This command applies only to IETF DS-TE. The prestandard DS-TE only uses RDM.

After you change the BC model in IETF DS-TE mode, all nonzero-bandwidth CRLSPs on the device are deleted and then re-established.

Examples

# Specify the BC model of IETF DS-TE as MAM.

<Sysname> system-view

[Sysname] mpls te

[Sysname-te] ds-te bc-model mam

Related commands

· display mpls te ds-te

· ds-te mode

ds-te te-class

Use ds-te te-class to configure a TE class used in IETF DS-TE mode.

Use undo ds-te te-class to restore the default.

Syntax

ds-te te-class te-class-index class-type class-type-number priority priority-number

undo ds-te te-class te-class-index

Default

Table 38 Default TE classes in IETF mode

TE class	CT	Priority
0	0	7
1	1	7
2	2	7
3	3	7
4	0	0
5	1	0
6	2	0
7	3	0

Views

MPLS TE view

Predefined user roles

network-admin

mdc-admin

Parameters

te-class-index: Specifies a TE class index in the range of 0 to 7.

class-type class-type-number: Specifies a CT by its number in the range of 0 to 3. The system supports four CTs, CT 0 through CT 3.

priority priority-number: Specifies a priority number in the range of 0 to 7.

Usage guidelines

For a traffic trunk from a CT, the setup or/and holding priority of the LSP transporting the traffic trunk must be the priority specified for the CT in the TE class.

Follow these guidelines:

· When you use the ds-te te-class command to configure a TE class, make sure to specify a CT-priority pair different from that in any existing TE class.

· When you use the undo ds-te te-class command to restore the default settings for a TE class, make sure the default CT and priority values of the TE class are not the same as those of an existing TE class.

· After a TE class is modified, the device notifies the IGP to re-advertise the bandwidth information of all TE interfaces, and removes and then re-establishes the CRLSPs of the TE class on all TE interfaces.

Examples

# Specify CT 2 and priority 3 for TE class 7 in IETF DS-TE mode.

<Sysname> system-view

[Sysname] mpls te

[Sysname-mpls] ds-te te-class 7 class-type 2 priority 3

Related commands

· display mpls te ds-te

· ds-te mode

ds-te mode

Use ds-te mode to configure the DS-TE mode.

Use undo ds-te mode to restore the default.

Syntax

ds-te mode ietf

undo ds-te mode

Default

The DS-TE mode is prestandard.

Views

MPLS TE view

Predefined user roles

network-admin

mdc-admin

Parameters

ietf: Specifies the DS-TE mode as IETF.

Usage guidelines

The prestandard and IETF modes of DS-TE have the following differences:

· The prestandard mode supports two CTs (CT 0 and CT 1), eight priorities, and up to 16 TE classes. The IETF mode supports four CTs (CT 0 through CT 3), eight priorities, and up to eight TE classes.

· The prestandard mode does not allow you to configure TE classes. The IETF mode allows for TE class configuration.

· The prestandard mode supports only RDM. The IETF mode supports both RDM and MAM.

· A device operating in prestandard mode cannot communicate with devices from some vendors. A device operating in IETF mode can communicate with devices from other vendors.

Be aware of these differences and choose a proper DS-TE mode as needed.

After the DS-TE mode is changed, all CRLSPs on the device are deleted and then re-established.

Examples

# Configure the DS-TE mode as IETF.

<Sysname> system-view

[Sysname] mpls te

[Sysname-te] ds-te mode ietf

Related commands

· display mpls te ds-te

· ds-te bc-model

explicit-path

Use explicit-path to create an explicit path and enter its view.

Use undo explicit-path to remove an explicit path.

Syntax

explicit-path path-name

undo explicit-path path-name

Default

No explicit path exists on the device.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

path-name: Specifies a name for the explicit path, a case-sensitive string of 1 to 31 characters.

Usage guidelines

In explicit path view, you can use the nexthop command to explicitly specify a node or link that a tunnel must or must not traverse.

Examples

# Create an explicit path named path1 and enter its view.

<Sysname> system-view

[Sysname] explicit-path path1

[Sysname-explicit-path-path1]

Related commands

· display explicit-path

· mpls te backup-path

· mpls te path

· nexthop

fast-reroute timer

Use fast-reroute timer to configure the interval for selecting an optimal bypass tunnel.

Use undo fast-reroute timer to restore the default.

Syntax

fast-reroute timer interval

undo fast-reroute timer

Default

The optimal bypass tunnel selection interval is 300 seconds.

Views

MPLS TE view

Predefined user roles

network-admin

mdc-admin

Parameters

interval: Specifies the interval for selecting an optimal bypass tunnel, in the range of 0 to 604800 seconds. If you set the interval to 0 seconds, RSVP does not periodically select an optimal bypass tunnel.

Usage guidelines

If you have specified multiple bypass tunnels for a primary CRLSP, MPLS TE selects an optimal bypass tunnel to protect the primary CRLSP. Sometimes, a bypass tunnel might become better than the current optimal bypass tunnel because, for example, the reservable bandwidth changes. Therefore, MPLS TE needs to poll the bypass tunnels periodically to update the optimal bypass tunnel.

NOTE:

After traffic is switched from the primary CRLSP to a bypass tunnel, MPLS TE no longer periodically selects optimal bypass tunnels for the primary CRLSP.

Examples

# Set the optimal bypass tunnel selection interval to 120 seconds.

<Sysname> system-view

[Sysname] mpls te

[Sysname-te] fast-reroute timer 120

interface tunnel

Use interface tunnel to create a tunnel interface, specify the tunnel mode, and enter tunnel interface view.

Use undo interface tunnel to delete a tunnel interface.

Syntax

interface tunnel tunnel-number [ mode mpls-te ]

undo interface tunnel tunnel-number

Default

No tunnel interfaces exist.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

tunnel-number: Specifies the number of the tunnel interface.

mode mpls-te: Specifies the MPLS TE tunnel mode.

Usage guidelines

To create a new tunnel interface, you must specify the tunnel mode in this command. To enter the view of an existing tunnel interface, you do not need to specify the tunnel mode.

A tunnel interface number is locally significant. The tunnel interfaces on the two ends of a tunnel can use the same or different interface numbers.

Examples

# Create the MPLS TE tunnel interface Tunnel 1 and enter tunnel interface view.

<Sysname> system-view

[Sysname] interface tunnel 1 mode mpls-te

[Sysname-Tunnel1]

Related commands

destination

link-management periodic-flooding timer

Use link-management periodic-flooding timer to configure the interval at which IGP floods TE information.

Use undo link-management periodic-flooding timer to restore the default.

Syntax

link-management periodic-flooding timer interval

undo link-management periodic-flooding timer

Default

The IGP floods TE information every 180 seconds.

Views

MPLS TE view

Predefined user roles

network-admin

mdc-admin

Parameters

interval: Specifies the interval at which IGP floods TE information, in the range of 0 to 3600, in seconds.

Usage guidelines

When the reservable bandwidth of a link changes, IGP floods the link TE information to notify network devices of the change. You can use the mpls te bandwidth change thresholds command to configure IGP to flood only significant bandwidth changes of a link to prevent excessive IGP flooding. The bandwidth changes that cannot trigger immediate flooding are flooded at the interval configured by the link-management periodic-flooding timer command.

If you set the interval to 0, the periodical flooding feature is disabled. If you set the interval to a value less than 30 seconds (1 to 29 seconds), the device automatically sets the interval to 30 seconds.

After you execute this command, the configured interval takes effect immediately.

Examples

# Configure IGP to flood TE information every 100 seconds.

<Sysname> system-view

[Sysname] mpls te

[Sysname-te] link-management periodic-flooding timer 100

Related commands

mpls te bandwidth change thresholds

mpls te

Use mpls te to enable MPLS TE for the local node and enter MPLS TE view.

Use undo mpls te to disable MPLS TE for the local node.

Syntax

mpls te

undo mpls te

Default

MPLS TE is disabled.

Views

System view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

Disabling MPLS TE also deletes all CRLSPs on the device and MPLS TE configurations on all interfaces.

Examples

# Enable MPLS TE for the local node and enter MPLS TE view.

<Sysname> system-view

[Sysname] mpls lsr-id 1.1.1.9

[Sysname] mpls te

[Sysname-te]

Related commands

mpls te enable

mpls te affinity-attribute

Use mpls te affinity-attribute to configure an affinity for a tunnel.

Use undo mpls te affinity-attribute to restore the default.

Syntax

mpls te affinity-attribute attribute-value [ mask mask-value ]

undo mpls te affinity-attribute

Default

The affinity is 0x00000000, and the mask is 0x00000000. That is, a tunnel can use any link.

Views

Tunnel interface view

Predefined user roles

network-admin

mdc-admin

Parameters

attribute-value: Specifies the affinity value in the range of 0x00000000 to 0xFFFFFFFF. An affinity is a 32-bit binary number. Each bit of the affinity represents an attribute, which takes a value of 0 or 1.

mask mask-value: Specifies the mask of the affinity bits, in the range of 0x00000000 to 0xFFFFFFFF. A mask is a 32-bit binary number. Each bit of the mask determines whether to check the corresponding bit of the link attribute. If the mask bit is 1, the corresponding link attribute bit must be checked with the affinity bit and the link can be used by the tunnel only when the link attribute bit meets certain requirements. If the mask bit is 0, the corresponding link attribute bit is not checked.

Usage guidelines

Affinity determines which links a tunnel can use. The affinity attribute and its mask, and the link attribute are all 32-bit long. A link is available for a tunnel if the link attribute meets the following requirements:

· The link attribute bits corresponding to the affinity attribute's 1 bits whose mask bits are 1 must have at least one bit set to 1.

· The link attribute bits corresponding to the affinity attribute's 0 bits whose mask bits are 1 must have no bit set to 1.

The link attribute bits corresponding to the 0 bits in the affinity mask are not checked.

For example, if the affinity is 0xFFFFFFF0 and the mask is 0x0000FFFF, a link is available for the tunnel when its attribute bits meet the following requirements:

· The highest 16 bits each can be 0 or 1 (no requirements).

· The 17^th through 28^th bits must have at least one bit whose value is 1.

· The lowest four bits must be 0.

Examples

# Configure the tunnel affinity as 0x101 and mask as 0x303, so a link is available for the tunnel only when the link attribute bits (from left to right) meet the following requirements: the 23^rd bit is 0, the 31^st bit is 0, and at least one bit from the 24^th to 32^nd bits must be 1.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te affinity-attribute 101 mask 303

Related commands

· display mpls te tunnel-interface

· mpls te link-attribute

mpls te auto-bandwidth

Use mpls te auto-bandwidth to enable automatic bandwidth adjustment or output rate collection for an MPLS TE tunnel.

Use undo mpls te auto-bandwidth to disable automatic bandwidth adjustment or output rate collection for an MPLS TE tunnel.

Syntax

mpls te auto-bandwidth { adjustment [ frequency seconds ] [ max-bw max-bandwidth | min-bw min-bandwidth ] * | collect-bw [ frequency seconds ] }

undo mpls te auto-bandwidth

Default

Automatic bandwidth adjustment and output rate collection are disabled for an MPLS TE tunnel.

Views

Tunnel interface view

Predefined user roles

network-admin

mdc-admin

Parameters

adjustment: Enables automatic bandwidth adjustment for the tunnel.

collect-bw: Enables output rate collection for the tunnel, but does not adjust the tunnel's bandwidth.

frequency seconds: Specifies the automatic bandwidth adjustment interval (with the adjustment keyword) or the output rate collection interval (with the collect-bw keyword). The value range for the seconds argument is 300 to 604800, in seconds. The default interval is 86400 seconds (24 hours).

max-bw max-bandwidth: Specifies the maximum automatic bandwidth for the tunnel, in the range of 1 to 4294967295, in kbps. If you do not specify this option, TE does not limit the maximum bandwidth value.

min-bw min-bandwidth: Specifies the minimum automatic bandwidth for the tunnel, in the range of 1 to 4294967295, in kbps. If you do not specify this option, TE does not limit the minimum bandwidth value.

Usage guidelines

Automatic bandwidth adjustment functions as follows:

1. Samples the tunnel interface output rate at regular intervals.

The sampling interval is specified by using the auto-bandwidth enable command.

2. Calculates the average output rate in each sampling interval.

3. Adjusts the MPLS TE tunnel bandwidth to the maximum average output rate when the automatic bandwidth adjustment interval is reached.

The maximum average output rate refers to the largest of all average output rates calculated in the sampling intervals during the automatic bandwidth adjustment interval. As a best practice, set the bandwidth adjustment interval to a value at least 3 times the sampling interval to get the accurate output rate.

4. Establishes a new CRLSP based on the adjusted bandwidth.

5. Switches traffic to the new CRLSP, and then deletes the old CRLSP.

The output rate collection feature collects the tunnel output rate regularly at the specified collection interval. The collected output rate is the largest of all average output rates calculated in the sampling intervals during the collection interval.

To enable MPLS TE to adjust bandwidth or samples the output rate for an MPLS TE tunnel, perform the following tasks:

· Enable the global automatic bandwidth adjustment by using the auto-bandwidth enable command in MPLS TE view.

· Enable automatic bandwidth adjustment or output rate sampling for the MPLS TE tunnel by using the mpls te auto-bandwidth command.

In the same tunnel interface view, the mpls te auto-bandwidth command is mutually exclusive with these commands: mpls te reoptimization, mpls te route-pinning, mpls te backup, and mpls te resv-style ff.

Examples

# Enable automatic bandwidth adjustment for MPLS TE tunnel 0, and set the adjustment interval to 3600 seconds.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te auto-bandwidth adjustment frequency 3600

Related commands

· display mpls te tunnel-interface

· auto-bandwidth enable

· reset mpls te auto-bandwidth-adjustment timers

mpls te auto-tunnel backup disable

Use mpls te auto-tunnel backup disable to disable the auto FRR feature on an interface.

Use undo mpls te auto-tunnel backup disable to enable the auto FRR feature on an interface.

Syntax

mpls te auto-tunnel backup disable

undo mpls te auto-tunnel backup disable

Default

The auto FRR feature is enabled on all RSVP-enabled interfaces after it is enabled globally.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

The auto FRR feature allows an interface to automatically set up a node-protection bypass tunnel and a link-protection bypass tunnel for each of its primary CRLSPs. The egress interface of the primary CRLSPs is the interface itself.

Bypass tunnels are set up before the primary CRLSP fails. Therefore, they use extra bandwidth. To save network bandwidth, configure auto FRR only for key interfaces. On other interfaces, use the mpls te auto-tunnel backup disable command to disable the interfaces from automatically setting up bypass tunnels.

Execution of the mpls te auto-tunnel backup disable command deletes all existing bypass tunnels automatically created on the interface.

Examples

# Disable auto FRR for interface VLAN-interface 10.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] mpls te auto-tunnel backup disable

Related commands

auto-tunnel backup

mpls te backup

Use mpls te backup to enable CRLSP backup and specify the backup mode for a tunnel.

Use undo mpls te backup to disable CRLSP tunnel backup.

Syntax

mpls te backup { hot-standby | ordinary }

undo mpls te backup

Default

Tunnel backup is disabled.

Views

Tunnel interface view

Predefined user roles

network-admin

mdc-admin

Parameters

hot-standby: Enables hot backup for the tunnel. In this mode, a backup CRLSP is established immediately after the primary CRLSP is established. When the primary CRLSP fails, MPLS TE immediately switches traffic to the backup CRLSP.

ordinary: Enables ordinary backup for the tunnel. In this mode, a backup CRLSP is established after the primary CRLSP fails.

Usage guidelines

When backup is enabled for a tunnel, the record route flag is automatically set for the tunnel, regardless of whether the mpls te record-route command is configured.

In the same tunnel interface view, the mpls te backup command cannot be used together with the mpls te reoptimization, mpls te auto-bandwidth adjustment, and mpls te resv-style ff commands.

Examples

# Enable hot backup for tunnel 0.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te backup hot-standby

Related commands

mpls te backup-path

mpls te backup bandwidth

Use mpls te backup bandwidth to configure the bandwidth and the CT that the bypass tunnel can protect.

Use undo mpls te backup bandwidth to restore the default.

Syntax

mpls te backup bandwidth [ ct0 | ct1 | ct2 | ct3 ] { bandwidth | un-limited }

undo mpls te backup bandwidth

Default

The bandwidth and the CT that the bypass tunnel can protect are not specified.

Views

Tunnel interface view

Predefined user roles

network-admin

mdc-admin

Parameters

bandwidth: Specifies the total bandwidth that the bypass tunnel can protect, in the range of 1 to 4294967295, in kbps.

ct0: Specifies the bypass tunnel to protect only CRLSPs of CT 0.

ct1: Specifies the bypass tunnel to protect only CRLSPs of CT 1.

ct2: Specifies the bypass tunnel to protect only CRLSPs of CT 2.

ct3: Specifies the bypass tunnel to protect only CRLSPs of CT 3.

un-limited: Puts no limit on total protected bandwidth. This keyword means the bypass tunnel does not provide bandwidth protection.

Usage guidelines

If you specify the un-limited keyword, the bypass tunnel does not provide bandwidth protection. FRR does not guarantee the bandwidth of the protected tunnels. If the sum of traffic of the protected tunnels exceeds the actual bandwidth of the bypass tunnel, traffic of protected tunnels might be lost. The primary CRLSP that does not need bandwidth protection prefers this type of bypass tunnels over other types of bypass tunnels.

If you specify the bandwidth argument, the bypass tunnel provides bandwidth protection. The primary CRLSP that needs bandwidth protection prefers this type of bypass tunnels over other types of bypass tunnels. If you set the value for the bandwidth argument to 0, the bypass tunnel performs best-effort forwarding for the traffic of primary CRLSP, and the occupied bandwidth is not fixed. Therefore, this type of bypass tunnel cannot protect a primary CRLSP with the bandwidth 0 or a primary CRLSP whose bandwidth exceeds the protected bandwidth.

If no CT is specified, CRLSPs of all CTs can use the bypass tunnel.

The bandwidth value specified is used only for calculating and determining the bandwidth protection relationship between a primary CRLSP and a bypass tunnel. The bandwidth is not reserved on the bypass tunnel.

The specified bandwidth value must be less than the actual bandwidth of the bypass tunnel. Otherwise, the bypass tunnel will be overwhelmed after FRR, and the protected tunnel might be torn down.

After an FRR, the primary CRLSP will be down if you modify the bandwidth that the bypass tunnel can protect and your modification results in one of the following:

· The CT type changes.

· The bypass tunnel cannot protect adequate bandwidth as configured.

· FRR protection type (whether or not to provide bandwidth protection for the primary CRLSP) changes.

After you configure the mpls te backup bandwidth command for a tunnel, the record route flag is automatically set for the tunnel, regardless of whether the mpls te record-route command is configured.

Examples

# Configure Tunnel 0 to provide protection for CRLSPs of CT 0 without constraining the protected bandwidth. Configure Tunnel 1 to provide protection for CRLSPs of CT 1 and protect up to 1000 kbps bandwidth.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te backup bandwidth ct0 un-limited

[Sysname-Tunnel0] quit

[Sysname] interface tunnel 1

[Sysname-Tunnel1] mpls te backup bandwidth ct1 1000

Related commands

· display mpls te tunnel-interface

· mpls te fast-reroute

mpls te backup-path

Use mpls te backup-path to specify a path for the backup CRLSP and set the preference of the path.

Use undo mpls te backup-path to delete a path for the backup CRLSP.

Syntax

mpls te backup-path preference value { dynamic | explicit-path path-name } [ no-cspf ]

undo mpls te backup-path preference value

Default

MPLS TE uses the dynamically calculated path to establish the backup CRLSP.

Views

Tunnel interface view

Predefined user roles

network-admin

mdc-admin

Parameters

preference value: Sets a preference value for the specified path, in the range of 1 to 10. A smaller value represents a higher preference.

dynamic: Uses the dynamically calculated path to establish the backup CRLSP.

explicit-path path-name: Uses the specified explicit path to establish the backup CRLSP. The path-name argument specifies the name of an explicit path, a case-sensitive string of 1 to 31 characters.

no-cspf: Calculates the path by searching the routing table instead of using the CSPF algorithm.

Usage guidelines

You can specify up to 10 backup paths for a tunnel interface. The backup paths must have different preferences.

When establishing a backup CRLSP, MPLS TE performs CSPF calculations using the specified paths in the preference order from high to low until the backup CRLSP is established successfully. If the CSPF calculations for all paths are failed, the backup CRLSP cannot be established.

This command takes effect only when backup has been enabled for the current tunnel by using the mpls te backup command.

Examples

# Configure that interface Tunnel 0 can use explicit path path1 and the dynamically calculated path to establish a backup CRLSP, and set a higher preference for the explicit path.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te backup-path preference 1 explicit-path path1

[Sysname-Tunnel0] mpls te backup-path preference 2 dynamic

Related commands

· display mpls te tunnel-interface

· mpls te backup

· mpls te path

mpls te bandwidth

Use mpls te bandwidth to assign bandwidth to the MPLS TE tunnel and specify a class type (CT) for the tunnel.

Use undo mpls te bandwidth to restore the default.

Syntax

mpls te bandwidth [ ct0 | ct1 | ct2 | ct3 ] bandwidth

undo mpls te bandwidth

Default

No bandwidth (0 bps) is assigned to an MPLS TE tunnel and the tunnel is available for CT 0.

Views

Tunnel interface view

Predefined user roles

network-admin

mdc-admin

Parameters

ct0: Specifies CT 0 for the tunnel.

ct1: Specifies CT 1 for the tunnel.

ct2: Specifies CT 2 for the tunnel.

ct3: Specifies CT 3 for the tunnel.

bandwidth: Specifies the bandwidth required by the MPLS TE tunnel, in the range of 1 to 4294967295, in kbps.

Usage guidelines

If you do not specify a CT for the tunnel, the tunnel is available for CT 0.

If the bandwidth required by the MPLS TE tunnel is more than 1024 kbps, set the bandwidth to a multiple of 1024 kbps.

This command applies only to the MPLS TE tunnels established by RSVP-TE. The bandwidth and CT of an MPLS TE tunnel established by using a static CRLSP are determined by the static-cr-lsp ingress command.

Examples

# Assign 1000 kbps bandwidth to MPLS TE tunnel 0 and specify the CT of the tunnel as CT 1.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te bandwidth ct1 1000

Related commands

· display mpls te tunnel-interface

· mpls te max-link-bandwidth

· mpls te max-reservable-bandwidth

· mpls te max-reservable-bandwidth mam

· mpls te max-reservable-bandwidth rdm

mpls te bandwidth change thresholds

Use mpls te bandwidth change thresholds to configure the bandwidth up/down threshold for the IGP to flood TE information.

Use undo mpls te bandwidth change thresholds to restore the default.

Syntax

mpls te bandwidth change thresholds { down | up } percent

undo mpls te bandwidth change thresholds { down | up }

Default

The IGP floods the TE information when the bandwidth increases or decreases by 10% of the link reservable bandwidth.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

down: Configures the bandwidth decrease percentage threshold that triggers the IGP to flood TE information. When the percentage of the link reservable-bandwidth decrease to the maximum link reservable bandwidth reaches or exceeds the threshold, the IGP floods the TE information and updates the TE database (TEDB).

up: Configures the bandwidth increase percentage threshold that triggers the IGP to flood TE information. When the percentage of the link reservable-bandwidth increase to the maximum link reservable bandwidth reaches or exceeds the threshold, the IGP floods the TE information and updates the TEDB.

percent: Specifies the IGP flooding threshold in the range of 0% to 100%.

Usage guidelines

When the reservable bandwidth of a link changes, the IGP floods the link TE information to notify network devices of the change. To avoid frequent TE information flooding from affecting the network performance, you can use this command to configure the IGP to flood only significant bandwidth changes of a link.

Examples

# On interface VLAN-interface 10, configure the IGP to flood TE information when the link available bandwidth decreases by 100%.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] mpls te bandwidth change thresholds down 100

Related commands

link-management periodic-flooding timer

mpls te bidirectional

Use mpls te bidirectional to enable the bidirectional tunnel feature on an MPLS TE tunnel interface.

Use undo mpls te bidirectional to restore the default.

Syntax

mpls te bidirectional { associated reverse-lsp { lsp-name lsp-name | lsr-id ingress-lsr-id tunnel-id tunnel-id } | co-routed { active | passive reverse-lsp lsr-id ingress-lsr-id tunnel-id tunnel-id } }

undo mpls te bidirectional

Default

The bidirectional tunnel feature is disabled on an MPLS TE tunnel interface. A tunnel established on an MPLS TE tunnel interface is a unidirectional MPLS TE tunnel.

Views

Tunnel interface view

Predefined user roles

network-admin

mdc-admin

Parameters

associated reverse-lsp lsp-name lsp-name: Configures an associated bidirectional MPLS TE tunnel, and specifies the associated reverse CRLSP. The lsp-name argument specifies the name of a static CRLSP (the reverse CRLSP), a case-sensitive string of 1 to 15 characters.

associated reverse-lsp lsr-id ingress-lsr-id tunnel-id tunnel-id: Configures an associated bidirectional MPLS TE tunnel, and specifies the associated reverse CRLSP. The ingress-lsr-id argument specifies the LSR ID of the ingress node of the reverse CRLSP and the tunnel-id argument specifies the tunnel ID of the reverse CRLSP.

co-routed: Configures a co-routed bidirectional MPLS TE tunnel.

active: Specifies the local end as the active end of the co-routed bidirectional MPLS TE tunnel.

passive reverse-lsp lsr-id ingress-lsr-id tunnel-id tunnel-id: Specifies the local end as the passive end of the co-routed bidirectional MPLS TE tunnel, and specifies the associated reverse CRLSP. The ingress-lsr-id argument specifies the LSR ID of the ingress node of the reverse CRLSP and the tunnel-id argument specifies the tunnel ID of the reverse CRLSP. You must specify a reverse CRLSP on the passive end, so that the CRLSP and the reverse CRLSP are associated to form a bidirectional MPLS TE tunnel.

Usage guidelines

A bidirectional MPLS TE tunnel can be established in co-routed mode or associated mode.

· Co-routed mode uses the extended RSVP-TE protocol to establish a bidirectional MPLS TE tunnel. To establish a co-routed bidirectional MPLS TE tunnel, you must configure one end of the tunnel as the active end and the other as the passive end.

· In associated mode, you establish a bidirectional MPLS TE tunnel by binding two unidirectional CRLSPs in opposite directions. The two CRLSPs can be established in different modes and use different paths. For example, one CR-LSP is established statically and the other CR-LSP is established dynamically by RSVP-TE.

Follow these guidelines when setting up a bidirectional MPLS TE tunnel:

· To create a bidirectional MPLS TE tunnel, you must disable the PHP feature on both ends of the tunnel to assign non-null labels to the penultimate hop.

· To set up a bidirectional MPLS TE tunnel in co-routed mode, you must specify the signaling protocol as RSVP-TE, and configure the resources reservation style as FF for the tunnel.

· To set up a bidirectional MPLS TE tunnel in associated mode and use RSVP-TE to set up one CRLSP of the tunnel, you must configure the resources reservation style as FF for the CRLSP.

Examples

· Configure an MPLS TE bidirectional tunnel between Sysname1 and Sysname2 in co-routed mode:

# Configure Sysname1 as follows:

¡ Enable the MPLS TE bidirectional tunnel feature on tunnel interface Tunnel 0.

¡ Configure Sysname1 as the active end of the co-routed bidirectional tunnel.

<Sysname1> system-view

[Sysname1] interface tunnel 0 mode mpls-te

[Sysname1-Tunnel0] destination 10.0.0.2

[Sysname1-Tunnel0] mpls te bidirectional co-routed active

# Configure Sysname2 as follows:

¡ Enable the MPLS TE bidirectional tunnel feature on tunnel interface Tunnel 1.

¡ Configure Sysname2 as the passive end of the co-routed bidirectional tunnel.

¡ Specify the ingress node's LSR ID of the reverse CRLSP as 10.0.0.1—the LSR ID of Sysname1.

¡ Specify the tunnel ID of the reverse CRLSP as 0—the tunnel ID configured on Sysname1.

<Sysname2> system-view

[Sysname2] interface tunnel 1 mode mpls-te

[Sysname2-Tunnel1] destination 10.0.0.1

[Sysname2-Tunnel1] mpls te bidirectional co-routed passive reverse-lsp lsr-id 10.0.0.1 tunnel-id 0

· Configure an MPLS TE bidirectional tunnel between Sysname1 and Sysname2 in associated mode:

# Configure Sysname1 as follows:

¡ Enable the MPLS TE bidirectional tunnel feature on tunnel interface Tunnel 0.

¡ Configure the tunnel establishment mode as associated.

¡ Specify the ingress node's LSR ID of the reverse CRLSP as 10.0.0.2—the LSR ID of Sysname2.

¡ Specify the tunnel ID of the reverse CRLSP as 1—the tunnel ID configured on Sysname2.

<Sysname1> system-view

[Sysname1] interface tunnel 0 mode mpls-te

[Sysname1-Tunnel0] destination 10.0.0.2

[Sysname1-Tunnel0] mpls te bidirectional associated reverse-lsp lsr-id 10.0.0.2 tunnel-id 1

# Configure Sysname2 as follows:

¡ Enable the MPLS TE bidirectional tunnel feature on tunnel interface Tunnel 1.

¡ Configure the tunnel establishment mode as associated.

¡ Specify the ingress node's LSR ID of the reverse CRLSP as 10.0.0.1—the LSR ID of Sysname1.

¡ Specify the tunnel ID of the reverse CRLSP as 0—the tunnel ID configured on Sysname1.

<Sysname2> system-view

[Sysname2] interface tunnel 1 mode mpls-te

[Sysname2-Tunnel1] destination 10.0.0.1

[Sysname2-Tunnel1] mpls te bidirectional associated reverse-lsp lsr-id 10.0.0.1 tunnel-id 0

Related commands

display mpls te tunnel-interface

mpls te enable (interface view)

Use mpls te enable to enable MPLS TE on an interface.

Use undo mpls te enable to disable MPLS TE on an interface.

Syntax

mpls te enable

undo mpls te enable

Default

MPLS TE is disabled on an interface.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

After you enable MPLS TE on an interface by using the mpls te enable command, the interface can serve as part of an MPLS TE tunnel.

After you execute the undo mpls te enable command on an interface, MPLS TE is disabled on the interface and all CRLSPs on the interface are deleted.

Examples

# Enable MPLS TE on interface VLAN-interface 10.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] mpls te enable

Related commands

· display mpls te link-management bandwidth-allocation

· mpls te

mpls te enable (IS-IS view)

Use mpls te enable to enable MPLS TE for the current IS-IS process.

Use undo mpls te enable to restore the default.

Syntax

mpls te enable [ level-1 | level-2 ]

undo mpls te enable [ level-1 | level-2 ]

Default

MPLS TE is disabled for an IS-IS process.

Views

IS-IS view

Predefined user roles

network-admin

mdc-admin

Parameters

level-1: Enables MPLS TE for IS-IS at Level-1.

level-2: Enables MPLS TE for IS-IS at Level-2.

Usage guidelines

If you do not specify an IS-IS level, this command enables MPLS TE for IS-IS at both Level-1 and Level-2.

IS-IS TE uses a sub-TLV of the extended IS reachability TLV (type 22) to carry TE attributes. Because the extended IS reachability TLV carries wide metrics, specify a wide metric-compatible metric style for the IS-IS process before enabling IS-IS TE. Available metric styles for IS-IS TE include wide, compatible, or wide-compatible. For more information about IS-IS, see Layer 3—IP Routing Configuration Guide.

If you execute this command multiple times, the most recent configuration takes effect. For example, if you first execute the mpls te enable command and then the mpls te enable level-1 command, MPLS TE is enabled for Level-1 and disabled for Level-2.

After you enable MPLS TE for both Level-1 and Level-2 by using the mpls te enable command, executing the undo mpls te enable level-1 command disables MPLS TE for Level-1, and MPLS TE is still enabled for Level-2. Similarly, the undo mpls te enable level-2 command only disables MPLS TE for Level-2.

Examples

# Enable MPLS TE for IS-IS process 1 at Level-2.

<Sysname> system-view

[Sysname] isis 1

[Sysname-isis-1] cost-style compatible

[Sysname-isis-1] mpls te enable level-2

Related commands

cost-style (Layer 3—IP Routing Command Reference)

mpls te enable (OSPF area view)

Use mpls te enable to enable MPLS TE for an OSPF area.

Use undo mpls te enable to restore the default.

Syntax

mpls te enable

undo mpls te enable

Default

MPLS TE is disabled for an OSPF area.

Views

OSPF area view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

OSPF TE uses Type-10 opaque LSAs to carry the TE attributes for a link. Before you configure OSPF TE, you must enable opaque LSA advertisement and reception by using the opaque-capability enable command. For more information about opaque LSA advertisement and reception, see Layer 3—IP Routing Configuration Guide.

Examples

# Enable MPLS TE for OSPF process 1 in OSPF area 1.

<Sysname> system-view

[Sysname] ospf 1

[Sysname-ospf-1] area 1

[Sysname-ospf-1-area-0.0.0.1] mpls te enable

Related commands

opaque-capability enable (Layer 3—IP Routing Command Reference)

mpls te fast-reroute

Use mpls te fast-reroute to enable the fast reroute (FRR) feature.

Use undo mpls te fast-reroute to disable FRR.

Syntax

mpls te fast-reroute [ bandwidth ]

undo mpls te fast-reroute

Default

FRR is disabled.

Views

Tunnel interface view

Predefined user roles

network-admin

mdc-admin

Parameters

bandwidth: Provides bandwidth protection for the primary CRLSP. If you do not specify this keyword, bandwidth protection is not provided for the primary CRLSP.

Usage guidelines

FRR provides a quick link or node protection on a CRLSP. FRR traffic switching can happen in as fast as 50 milliseconds, minimizing data loss.

After FRR is enabled for an MPLS TE tunnel, once a link or node fails on the primary CRLSP, FRR reroutes the traffic to a bypass tunnel and the ingress node attempts to set up a new CRLSP. After the new CRLSP is set up successfully, traffic is forwarded on the new CRLSP.

When a primary CRLSP does not need bandwidth protection, it prefers to use a bypass tunnel that does not provide bandwidth protection. No bandwidth guarantee is required after FRR.

When a primary CRLSP needs bandwidth protection, it prefers to use the bypass tunnel that can protect bandwidth as much as possible to provide bandwidth guarantee after FRR.

Regardless of whether or not a primary CRLSP requires bandwidth protection, the following will occur when the primary CRLSP is bound to a bypass tunnel that provides bandwidth protection:

· The bypass tunnel will reserve the protected bandwidth for the primary CRLSP.

· The RRO message of the PLR will carry the bandwidth protection flag.

After FRR is enabled for a tunnel, the label recording feature is automatically enabled for the tunnel, regardless of whether the mpls te record-route label command is configured.

In the same tunnel interface view, FRR cannot be used together with the mpls te resv-style ff command.

Examples

# Enable FRR for interface Tunnel 0.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te fast-reroute

Related commands

· display mpls te tunnel-interface

· mpls te backup bandwidth

mpls te fast-reroute bypass-tunnel

Use mpls te fast-reroute bypass-tunnel to specify a bypass tunnel for an interface.

Use undo mpls te fast-reroute bypass-tunnel to delete a bypass tunnel for an interface.

Syntax

mpls te fast-reroute bypass-tunnel tunnel tunnel-number

undo mpls te fast-reroute bypass-tunnel tunnel tunnel-number

Default

No bypass tunnel is specified for an interface.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

tunnel tunnel-number: Specifies a bypass tunnel by the tunnel interface number in the range of 0 to 9214.

Usage guidelines

The protected interface (where the command is executed) is the outgoing interface of a primary CRLSP. When the outgoing interface is down or a neighbor failure is detected through the BFD or hello mechanism, the traffic of the primary CRLSP is switched to the bypass tunnel.

When you use this command, follow these restrictions and guidelines:

· You can specify up to three bypass tunnels for an interface.

· A bypass tunnel can protect up to three interfaces.

· The bypass tunnel specified by this command must be established by RSVP.

· The protected interface must not be the outgoing interface of a bypass tunnel.

Examples

# Configure tunnel interface Tunnel 0 as the bypass tunnel for VLAN-interface 10.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] mpls te fast-reroute bypass-tunnel tunnel 0

Related commands

fast-reroute timer

mpls te igp advertise

Use mpls te igp advertise to enable forwarding adjacency for an MPLS TE tunnel, so IGP advertises the MPLS TE tunnel as a link in the IGP network.

Use undo mpls te igp advertise to restore the default.

Syntax

mpls te igp advertise [ hold-time value ]

undo mpls te igp advertise

Default

Forwarding adjacency is disabled for an MPLS TE tunnel and IGP does not advertise the tunnel as a link.

Views

Tunnel interface view

Predefined user roles

network-admin

mdc-admin

Parameters

hold-time value: Specifies the period of time that IGP waits to advertise an MPLS TE tunnel up/down state change. The value range is 0 to 4294967295 milliseconds. The default value is 0, which means when the MPLS TE tunnel state changes, IGP immediately advertises the state change.

Usage guidelines

Forwarding adjacency is an approach to direct traffic to an MPLS TE tunnel.

After forwarding adjacency is enabled on the tunnel ingress node, the ingress node advertises the MPLS TE tunnel as a link in the network through the IGP. Therefore, all devices in the IGP network can use the MPLS TE tunnel in their IGP route calculation.

To make forwarding adjacency take effect, you must establish two MPLS TE tunnels in opposite directions between two nodes, and enable forwarding adjacency on both the nodes.

On the same tunnel interface, the mpls te igp advertise command and the mpls te igp shortcut command cannot both take effect. The newly configured command overwrites the previous command.

Examples

# Enable forwarding adjacency for MPLS TE tunnel 0, and configure the wait time before advertising a tunnel state change as 10000 milliseconds.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te igp advertise hold-time 10000

Related commands

· mpls te igp metric

· mpls te igp shortcut

mpls te igp metric

Use mpls te igp metric to assign a metric to an MPLS TE tunnel.

Use undo mpls te igp metric to restore the default.

Syntax

mpls te igp metric { absolute value | relative value }

undo mpls te igp metric

Default

The metric of an MPLS TE tunnel equals its IGP metric.

Views

Tunnel interface view

Predefined user roles

network-admin

mdc-admin

Parameters

absolute value: Assigns an absolute metric to the MPLS TE tunnel, an integer in the range of 1 to 65535. An absolute metric is directly used as the MPLS TE tunnel's metric.

relative value: Assigns a relative metric to the MPLS TE tunnel, an integer in the range of –10 to +10. The MPLS TE tunnel's metric is the assigned metric value plus the IGP metric.

Usage guidelines

When IGP shortcut is enabled for an MPLS TE tunnel, the tunnel is included in the IGP route calculation as a link. You can use this command to configure the metric of this link used for IGP route calculation.

Examples

# Assign MPLS TE tunnel interface Tunnel0 a relative metric of –1 for route calculation in IGP shortcut mechanism.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te igp metric relative -1

Related commands

mpls te igp shortcut

Use mpls te igp shortcut to enable IGP shortcut for an MPLS TE tunnel. The tunnel ingress node includes the MPLS TE tunnel in the IGP route calculation as a link.

Use undo mpls te igp shortcut to restore the default.

Syntax

mpls te igp shortcut [ isis | ospf ]

undo mpls te igp shortcut

Default

IGP shortcut is disabled for an MPLS TE tunnel. The ingress node does not include the MPLS TE tunnel in the IGP route calculation.

Views

Tunnel interface view

Predefined user roles

network-admin

mdc-admin

Parameters

isis: Specifies IS-IS as the IGP.

ospf: Specifies OSPF as the IGP.

Usage guidelines

IGP shortcut is a method to direct traffic to an MPLS TE tunnel.

After IGP shortcut is enabled on the tunnel ingress node, IGP shortcut does not advertise the MPLS TE tunnel as a link through the IGP. Only the ingress node includes the MPLS TE tunnel in route calculation. Other devices do not consider the MPLS TE tunnel in route calculation.

If you do not specify the IGP in this command, both OSPF and IS-IS will include the MPLS TE tunnel in route calculation.

On the same tunnel interface, the mpls te igp advertise command and the mpls te igp shortcut command cannot both take effect. The newly configured command overwrites the previous command.

Examples

# Enable IGP shortcut for MPLS TE tunnel 0, so the ingress node of the tunnel considers the tunnel as a link in the OSPF and IS-IS route calculation.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te igp shortcut

Related commands

· mpls te igp advertise

· mpls te igp metric

mpls te link-attribute

Use mpls te link-attribute to configure the link attribute.

Use undo mpls te link-attribute to restore the default.

Syntax

mpls te link-attribute attribute-value

undo mpls te link-attribute

Default

The link attribute value is 0x00000000.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

attribute-value: Specifies the link attribute value in the range of 0x00000000 to 0xFFFFFFFF. A link attribute value is a 32-bit binary number. Each bit represents an attribute with a value of 0 or 1.

Usage guidelines

The TE information of a link advertised by the IGP includes the link attribute configured by this command. After receiving the link TE information, the ingress node of an MPLS TE tunnel determines whether the link can be used to establish the MPLS TE tunnel according to the configured tunnel affinity attribute, the affinity mask, and the link attribute. A link is available for a tunnel if the following requirements are met:

· The link attribute bits corresponding to the affinity attribute's 1 bits whose mask bits are 1 must have at least one bit set to 1.

· The link attribute bits corresponding to the affinity attribute's 0 bits whose mask bits are 1 must have no bit set to 1.

The link attribute bits corresponding to the 0 bits in the affinity mask are not checked.

For example, if the affinity is 0xFFFFFFF0 and the mask is 0x0000FFFF, a link is available for the tunnel when its link attribute bits meet the following requirements:

· The highest 16 bits each can be 0 or 1 (no requirements).

· The 17^th through 28^th bits must have at least one bit whose value is 1.

· The lowest four bits must be 0.

Examples

# On interface VLAN-interface 10, configure the link attribute as 0x00000101.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] mpls te link-attribute 101

Related commands

mpls te affinity-attribute

mpls te loop-detection

Use mpls te loop-detection to enable loop detection during establishment of an MPLS TE tunnel.

Use undo mpls te loop-detection to disable loop detection for the MPLS TE tunnel.

Syntax

mpls te loop-detection

undo mpls te loop-detection

Default

Loop detection is disabled for an MPLS TE tunnel.

Views

Tunnel interface view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

When loop detection is enabled on the ingress node of an MPLS TE tunnel, the route recording feature is automatically enabled for the tunnel, regardless of whether you have configured the mpls te record-route command. When establishing the MPLS TE tunnel, each node of the tunnel detects whether a loop has occurred according to the recorded route information.

Examples

# Enable loop detection for establishing MPLS TE tunnel 0.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te loop-detection

mpls te max-link-bandwidth

Use mpls te max-link-bandwidth to configure the maximum bandwidth for MPLS TE traffic on an interface.

Use undo mpls te max-link-bandwidth to restore the default.

Syntax

mpls te max-link-bandwidth bandwidth-value

undo mpls te max-link-bandwidth

Default

The maximum link bandwidth for MPLS TE traffic is 0 kbps.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

bandwidth-value: Specifies the maximum link bandwidth in the range of 1 to 4294967295 kbps.

Usage guidelines

The device carries the maximum link bandwidth in advertised IGP routes. The tunnel ingress node can obtain the information and use the information in CSPF calculation to select a path that meets the tunnel bandwidth requirements.

Examples

# On interface VLAN-interface 10, configure the maximum link bandwidth for MPLS TE traffic as 1158 kbps.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] mpls te max-link-bandwidth 1158

Related commands

· display mpls te link-management bandwidth-allocation

· mpls te bandwidth

· mpls te max-reservable-bandwidth

· mpls te max-reservable-bandwidth mam

· mpls te max-reservable-bandwidth rdm

mpls te max-reservable-bandwidth

Use mpls te max-reservable-bandwidth to configure the maximum reservable bandwidth of the link (BC 0) and BC 1 in prestandard DS-TE RDM model.

Use undo mpls te max-reservable-bandwidth to restore the default.

Syntax

mpls te max-reservable-bandwidth bandwidth-value [ bc1 bc1-bandwidth ]

undo mpls te max-reservable-bandwidth

Default

The maximum reservable bandwidth of a link is 0 kbps and BC 1 is 0 kbps.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

bandwidth-value: Specifies the maximum reservable bandwidth of the link (the value of BC 0), in the range of 1 to 4294967295 kbps.

bc1 bc1-bandwidth: Specifies the value of BC 1, in the range of 1 to 4294967295 kbps. The default value is 0.

Usage guidelines

The device carries the bandwidth values configured by this command in IGP route advertisements. The tunnel ingress node can obtain the information and use the information in CSPF calculation to select a path that meets the tunnel bandwidth requirements.

The maximum reservable bandwidth of a link (bandwidth-value) cannot be greater than the maximum bandwidth of the link (configured with the mpls te max-link-bandwidth command). The value of BC 1 (bc1-bandwidth) cannot be greater than the maximum reservable bandwidth of the link (bandwidth-value).

The bandwidth values configured by this command are only for MPLS TE traffic.

Examples

# Configure the link maximum reservable bandwidth as 1158 kbps and BC 1 as 200 kbps for MPLS TE traffic in prestandard DS-TE RDM model.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] mpls te max-reservable-bandwidth 1158 bc1 200

Related commands

· display mpls te link-management bandwidth-allocation

· mpls te bandwidth

· mpls te max-link-bandwidth

· mpls te max-reservable-bandwidth mam

· mpls te max-reservable-bandwidth rdm

mpls te max-reservable-bandwidth mam

Use mpls te max-reservable-bandwidth mam to configure the maximum reservable bandwidth of the link and the BCs in MAM model of the IETF DS-TE.

Use undo mpls te max-reservable-bandwidth mam to restore the default.

Syntax

mpls te max-reservable-bandwidth mam bandwidth-value { bc0 bc0-bandwidth | bc1 bc1-bandwidth | bc2 bc2-bandwidth | bc3 bc3-bandwidth } *

undo mpls te max-reservable-bandwidth mam

Default

The maximum reservable bandwidth of a link is 0 kbps and each BC is 0 kbps.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

bandwidth-value: Specifies the maximum reservable bandwidth of the link, in the range of 1 to 4294967295 kbps.

bc0 bc0-bandwidth: Specifies the value of BC 0, in the range of 1 to 4294967295 kbps. By default, BC 0 is 0 kbps.

bc1 bc1-bandwidth: Specifies the value of BC 1, in the range of 1 to 4294967295 kbps. By default, BC 1 is 0 kbps.

bc2 bc2-bandwidth: Specifies the value of BC 2, in the range of 1 to 4294967295 kbps. By default, BC 2 is 0 kbps.

bc3 bc3-bandwidth: Specifies the value of BC 3, in the range of 1 to 4294967295 kbps. By default, BC 3 is 0 kbps.

Usage guidelines

The maximum reservable bandwidth of a link (bandwidth-value) cannot be greater than the maximum bandwidth of the link (configured with the mpls te max-link-bandwidth command). Each BC (bc0-bandwidth, bc1-bandwidth, bc2-bandwidth and bc3-bandwidth) cannot be greater than the maximum reservable bandwidth of the link (bandwidth-value).

The maximum reservable bandwidth and BCs configured by this command are only for MPLS TE traffic.

Examples

# Configure the link maximum reservable bandwidth as 1158 kbps and BC 0 through BC 3 as 500 kbps, 300 kbps, 400 kbps, and 100 kbps for MPLS TE traffic in IETF DS-TE MAM model.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] mpls te max-reservable-bandwidth mam 1158 bc0 500 bc1 300 bc2 400 bc3 100

Related commands

· display mpls te link-management bandwidth-allocation

· mpls te bandwidth

· mpls te max-link-bandwidth

· mpls te max-reservable-bandwidth

· mpls te max-reservable-bandwidth rdm

mpls te max-reservable-bandwidth rdm

Use mpls te max-reservable-bandwidth rdm to configure the BCs in IETF DS-TE RDM model.

Use undo mpls te max-reservable-bandwidth rdm to restore the default.

Syntax

mpls te max-reservable-bandwidth rdm bandwidth-value [ bc1 bc1-bandwidth ] [ bc2 bc2-bandwidth ] [ bc3 bc3-bandwidth ]

undo mpls te max-reservable-bandwidth rdm

Default

Each BC is 0 kbps.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

bandwidth-value: Specifies the maximum reservable bandwidth of the link, or, the value of BC 0, in the range of 1 to 4294967295 kbps.

bc1 bc1-bandwidth: Specifies the value of BC 1, in the range of 1 to 4294967295 kbps. By default, BC 1 is 0 kbps.

bc2 bc2-bandwidth: Specifies the value of BC 2, in the range of 1 to 4294967295 kbps. By default, BC 2 is 0 kbps.

bc3 bc3-bandwidth: Specifies the value of BC 3, in the range of 1 to 4294967295 kbps. By default, BC 3 is 0 kbps.

Usage guidelines

BC 0 (bandwidth-value) must be smaller than or equal to the maximum bandwidth of the link (configured with the mpls te max-link-bandwidth command). BC 0 must be greater than or equal to BC 1. BC 1 must be greater than or equal to BC 2. BC 2 must be greater than or equal to BC 3.

The BCs configured by this command are only for MPLS TE traffic.

Examples

# Set BC 0 in IETF RDM model to 500 kbps, BC 1 to 400 kbps, BC 2 to 300 kbps, and BC 3 to 100 kbps.

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] mpls te max-reservable-bandwidth rdm 500 bc1 400 bc2 300 bc3 100

Related commands

· display mpls te link-management bandwidth-allocation

· mpls te bandwidth

· mpls te max-link-bandwidth

· mpls te max-reservable-bandwidth

· mpls te max-reservable-bandwidth mam

mpls te metric

Use mpls te metric to assign a TE metric to the link.

Use undo mpls te metric to restore the default.

Syntax

mpls te metric value

undo mpls te metric

Default

A link uses its IGP metric as its TE metric.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

value: Specifies a TE metric for the link, in the range of 1 to 4294967295.

Usage guidelines

The device carries two types of metrics (IGP metric and TE metric) of a link in the advertised IGP routes. You can use this command to configure the TE metric. When the tunnel ingress node receives the link metrics, it uses the IGP metric or the TE metric for path selection according to the configuration of the mpls te path-metric-type command or the path-metric-type command.

Examples

# Assign a TE metric of 20 to the link on VLAN-interface 10.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] mpls te metric 20

Related commands

· mpls te path metric-type

· path metric-type

mpls te path

Use mpls te path to specify a path for the tunnel and set the preference of the path.

Use undo mpls te path to delete a path for the tunnel.

Syntax

mpls te path preference value { dynamic | explicit-path path-name } [ no-cspf ]

undo mpls te path preference value

Default

MPLS TE uses the dynamically calculated path to establish a CRLSP.

Views

Tunnel interface view

Predefined user roles

network-admin

mdc-admin

Parameters

preference value: Sets a preference value for the specified path, in the range of 1 to 10. A smaller value represents a higher preference.

dynamic: Uses the dynamically calculated path to establish the CRLSP.

explicit-path path-name: Uses the specified explicit path to establish the CRLSP. The path-name argument specifies the name of an explicit path, a case-sensitive string of 1 to 31 characters.

no-cspf: Calculates the path by searching the routing table instead of using the CSPF algorithm.

Usage guidelines

You can specify up to 10 paths for a tunnel interface. The paths must have different preferences.

When establishing a CRLSP, MPLS TE performs CSPF calculations according to the specified paths in the preference order from high to low until the CRLSP is established successfully. If the CSPF calculations for all paths are failed, the CRLSP cannot be established.

Examples

# Configure that interface Tunnel 0 can use explicit path path1 and the dynamically calculated path to establish a CRLSP, and set a higher preference for the explicit path.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te path preference 1 explicit-path path1

[Sysname-Tunnel0] mpls te path preference 2 dynamic

Related commands

· display mpls te tunnel-interface

· mpls te backup-path

mpls te path-metric-type

Use mpls te path-metric-type to specify the link metric type for a tunnel.

Use undo mpls te path-metric-type to restore the default.

Syntax

mpls te path-metric-type { igp | te }

undo mpls te path-metric-type

Default

No link metric type is specified for path selection of a tunnel.

Views

Tunnel interface view

Predefined user roles

network-admin

mdc-admin

Parameters

igp: Uses the IGP metric.

te: Uses the TE metric.

Usage guidelines

Each MPLS TE link has two metrics: IGP metric and TE metric. By using the two metrics, you can select different tunnels for different classes of traffic. For example, use the IGP metric to represent a link delay (a smaller IGP metric value indicates a lower link delay), and use the TE metric to represent a link bandwidth value (a smaller TE metric value indicates a bigger link bandwidth value).

You can establish two MPLS TE tunnels: Tunnel1 for voice traffic and Tunnel2 for video traffic. Configure Tunnel1 to use IGP metrics for path selection, and configure Tunnel2 to use TE metrics for path selection. As a result, the video traffic travels through the path that has larger bandwidth and the voice service travels through the path that has lower delay.

If you specify a metric type for a tunnel by using this command in tunnel interface view, the tunnel uses the specified metric type for path selection. Otherwise, the tunnel uses the metric type specified by the path-metric-type command in MPLS TE view for path selection.

Examples

# Configure Tunnel 0 to use the IGP metric for path selection.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te path-metric-type igp

Related commands

· display mpls te tunnel-interface

· mpls te metric

· path-metric-type

mpls te priority

Use mpls te priority to configure a setup priority and a holding priority for an MPLS TE tunnel.

Use undo mpls te priority to restore the default.

Syntax

mpls te priority setup-priority [ hold-priority ]

undo mpls te priority

Default

The setup priority and the holding priority of an MPLS TE tunnel are both 7.

Views

Tunnel interface view

Predefined user roles

network-admin

mdc-admin

Parameters

setup-priority: Specifies the setup priority in the range of 0 to 7. A smaller number represents a higher priority.

hold-priority: Specifies the holding priority in the range of 0 to 7. A smaller number represents a higher priority. If you do not specify this argument, the holding priority is the same as the setup priority.

Usage guidelines

The setup priority and holding priority of an MPLS TE tunnel determines the importance of the tunnel. A tunnel that has a higher setup priority than the holding priority of another tunnel can preempt the resources of the second.

The setup priority and holding priority can be applied to the following scenarios:

· Multiple MPLS TE tunnels use the same path but the path does not have enough bandwidth for all the tunnels. You can configure different setup and holding priorities for different tunnels to make sure important tunnels can be established first.

· Before an important tunnel is established, multiple less-important MPLS TE tunnels have existed on the network, occupying the bandwidth resources and the optimal path. You can assign a higher setup priority to the import tunnel, so the tunnel can preempt the resources of the existing tunnels and use the optimal path.

The setup priority of a tunnel must not be set higher than its holding priority, namely, the setup priority value must be equal to or greater than the holding priority value.

Examples

# Set both the setup priority and holding priority of tunnel 0 to 1.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te priority 1 1

Related commands

display mpls te tunnel-interface

mpls te record-route

Use mpls te record-route to enable route recording and label recording for the tunnel.

Use undo mpls te record-route to restore the default.

Syntax

mpls te record-route [ label ]

undo mpls te record-route

Default

A tunnel does not support route recording or label recording.

Views

Tunnel interface view

Predefined user roles

network-admin

mdc-admin

Parameters

label: Enables both route recording and label recording. If you do not specify this keyword, the command enables only route recording.

Usage guidelines

Route recording records the nodes that an MPLS TE tunnel traverses. Label recording records the label assigned by each node. The recorded information helps you know about the path used by the MPLS TE tunnel and the label distribution information, and when the tunnel fails, it helps you locate the fault.

Examples

# Enable route recording for MPLS TE tunnel 0.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te record-route

Related commands

display mpls te tunnel-interface

mpls te reoptimization (tunnel interface view)

Use mpls te reoptimization to enable tunnel reoptimization.

Use undo mpls te reoptimization to disable tunnel reoptimization.

Syntax

mpls te reoptimization [ frequency seconds ]

undo mpls te reoptimization

Default

Reoptimization is disabled.

Views

Tunnel interface view

Predefined user roles

network-admin

mdc-admin

Parameters

frequency seconds: Specifies the tunnel reoptimization frequency in the range of 1 to 604800 seconds. The default is 3600 seconds.

Usage guidelines

MPLS TE uses the tunnel reoptimization feature to implement dynamic CRLSP optimization. For example, when MPLS TE sets up a tunnel, if a link on the optimal path does not have enough reservable bandwidth, MPLS TE sets up the tunnel on another path. When the link has enough bandwidth, tunnel optimization can automatically switch the tunnel to the optimal path.

You can configure the ingress to perform tunnel reoptimization periodically. Or, you can use the mpls te reoptimization command in user view to trigger the ingress to perform a tunnel reoptimization at any time.

On the same tunnel interface, the mpls te reoptimization command cannot be used together with these commands: mpls te auto-bandwidth adjustment, mpls te route-pinning, mpls te backup, and mpls te resv-style ff.

Examples

# Enable reoptimization for tunnel 0, and set the reoptimization frequency to 43200 seconds (12 hours).

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te reoptimization frequency 43200

Related commands

· display mpls te tunnel-interface

· mpls te reoptimization (user view)

mpls te reoptimization (user view)

Use mpls te reoptimization to reoptimize all reoptimization-enabled MPLS TE tunnels.

Syntax

mpls te reoptimization

Views

User view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

After reoptimization is enabled for a tunnel by using the mpls te reoptimization command in tunnel interface view, you can use this command in user view to trigger the ingress node to immediately reselect an optimal path for the tunnel.

Examples

# Reoptimize all reoptimization-enabled MPLS TE tunnels.

<Sysname> mpls te reoptimization

Related commands

mpls te reoptimization (tunnel interface view)

mpls te resv-style

Use mpls te resv-style to configure the resource reservation style for the MPLS TE tunnel.

Use undo mpls te resv-style to restore the default.

Syntax

mpls te resv-style { ff | se }

undo mpls te resv-style

Default

The resource reservation style is SE.

Views

Tunnel interface view

Predefined user roles

network-admin

mdc-admin

Parameters

ff: Specifies the resource reservation style as fixed filter (FF).

se: Specifies the resource reservation style as shared explicit (SE).

Usage guidelines

This command applies only to MPLS TE tunnels established by RSVP-TE.

FF—Resources are reserved for individual senders and cannot be shared among senders on the same session.

SE—Resources are reserved for senders on the same session and shared among them.

Examples

# Use the FF reservation style to establish MPLS TE tunnel 0.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te resv-style ff

Related commands

· display mpls te tunnel-interface

· mpls te signaling

mpls te retry

Use mpls te retry to configure the maximum number of tunnel setup attempts.

Use undo mpls te retry to restore the default.

Syntax

mpls te retry times

undo mpls te retry

Default

The maximum number of tunnel setup attempts is 3.

Views

Tunnel interface view

Predefined user roles

network-admin

mdc-admin

Parameters

times: Specifies the number of tunnel setup attempts, in the range of 1 to 4294967295.

Usage guidelines

After failing to establish an MPLS TE tunnel, the tunnel ingress node waits for the tunnel setup retry interval (configured by the mpls te timer retry command). Then it tries to set up the tunnel until the tunnel is established successfully or the number of tunnel setup attempts reaches the maximum. If the tunnel cannot be established when the number of attempts reaches the maximum, the ingress waits for a longer period and then repeats the previous process.

Examples

# Set the maximum number of tunnel setup attempts to 20.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te retry 20

Related commands

· display mpls te tunnel-interface

· mpls te timer retry

mpls te route-pinning

Use mpls te route-pinning to enable route pinning.

Use undo mpls te route-pinning to restore the default.

Syntax

mpls te route-pinning

undo mpls te route-pinning

Default

Route pinning is disabled.

Views

Tunnel interface view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

When route pinning is enabled, an established CRLSP does not re-select an optimal path even if the optimal route has changed.

On a network where routes are often changed, to avoid CRLSPs from changing frequently with the routes, you can use this feature to make sure the established CRLSPs are not re-established as long as they are available.

In the same tunnel interface view, the mpls te route-pinning command cannot be used together with the mpls te reoptimization and mpls te auto-bandwidth adjustment commands.

Examples

# Enable route pinning for Tunnel 0.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te route-pinning

Related commands

display mpls te tunnel-interface

mpls te signaling

Use mpls te signaling to configure the signaling protocol for an MPLS TE tunnel interface.

Use undo mpls te signaling to restore the default.

Syntax

mpls te signaling { rsvp-te | static }

undo mpls te signaling

Default

MPLS TE uses RSVP-TE to establish tunnels.

Views

Tunnel interface view

Predefined user roles

network-admin

mdc-admin

Parameters

rsvp-te: Uses the RSVP-TE signaling protocol to establish a tunnel.

static: Uses a static CRLSP to establish a tunnel.

Usage guidelines

To use RSVP-TE to establish an MPLS TE tunnel, you must enable MPLS TE and RSVP on each node and interface that the MPLS TE tunnel traverses.

To establish an MPLS TE tunnel over a static CRLSP, you must configure the tunnel to reference the static CRLSP by using the mpls te static-cr-lsp command.

Examples

# Use RSVP-TE to establish the MPLS TE tunnel 0.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te signaling rsvp-te

Related commands

· display mpls te tunnel-interface

· mpls te static-cr-lsp

mpls te static-cr-lsp

Use mpls te static-cr-lsp to reference a static CRLSP for a tunnel.

Use undo mpls te static-cr-lsp to remove the reference of the specified static CRLSP.

Syntax

mpls te static-cr-lsp lsp-name

undo mpls te static-cr-lsp lsp-name

Default

A tunnel does not reference any static CRLSP.

Views

Tunnel interface view

Predefined user roles

network-admin

mdc-admin

Parameters

lsp-name: Specifies a static CRLSP by its name, a case-sensitive string of 1 to 15 characters.

Usage guidelines

This command takes effect only when the mpls te signaling static command has been configured in tunnel interface view.

Execute this command on the ingress node. The static CRLSP specified must have been created by using the static-cr-lsp ingress command.

Examples

# Configure tunnel 0 to reference static CRLSP named static-te-3.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te static-cr-lsp static-te-3

Related commands

· display mpls te tunnel-interface

· mpls te signaling

· static-cr-lsp egress

· static-cr-lsp ingress

· static-cr-lsp transit

mpls te timer retry

Use mpls te timer retry to configure the tunnel setup retry interval.

Use undo mpls te timer retry to restore the default.

Syntax

mpls te timer retry seconds

undo mpls te timer retry

Default

The retry interval is 2 seconds.

Views

Tunnel interface view

Predefined user roles

network-admin

mdc-admin

Parameters

seconds: Specifies the interval at which MPLS TE tries to re-establish the tunnel, in the range of 1 to 604800 seconds.

Usage guidelines

After failing to establish an MPLS TE tunnel, the tunnel ingress node waits for the tunnel setup retry interval. Then it tries to set up the tunnel until the tunnel is established successfully or the number of tunnel setup attempts reaches the maximum (configured by the mpls te retry command). If the tunnel cannot be established when the number of attempts reaches the maximum, the ingress waits for a longer period and then repeats the previous process.

Examples

# Configure the setup retry interval as 20 seconds for tunnel 0.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te timer retry 20

Related commands

· display mpls te tunnel-interface

· mpls te retry

nexthop

Use nexthop to add or modify a node in an explicit path, and configure the attributes of the node.

Use undo nexthop to delete the specified node in an explicit path.

Syntax

nexthop [ index index-number ] ip-address [ exclude | include [ loose | strict ] ]

undo nexthop index index-number

Default

An explicit path does not include any nodes.

Views

Explicit path view

Predefined user roles

network-admin

mdc-admin

Parameters

index index-number: Specifies an index for the node in the explicit path, in the range of 1 to 65535. If you do not specify an index, MPLS TE automatically calculates an index for the node, the value of which is the current maximum index value plus 100.

ip-address: Specifies a node by its IP address in dotted decimal notation.

exclude: Excludes the specified node from the explicit path.

include: Includes the specified node on the explicit path.

loose: Specifies the node as a loose node, which means the specified node and its previous hop can be connected indirectly.

strict: Specifies the node as a strict node, which means the node and its previous hop must be directly connected.

Usage guidelines

The IP address specified in this command can be one of the following:

· Link IP address—IP address of an interface on the device, identifying a link.

· Device LSR ID—Identifies the device.

The address of a strict node must be a link IP address. The address of a loose node can be a link IP address or the device LSR ID.

CSPF excludes the links or devices specified by exclude from path calculation, and uses the links specified by include in ascending order of indexes to establish a CRLSP.

When you execute the nexthop command, follow these guidelines:

· If you specify an existing index, the command modifies the IP address or attribute of the node identified by that index.

· If you specify neither include nor exclude, the include keyword is used by default.

· If you specify neither loose nor strict, the strict keyword is used by default.

Examples

# Exclude IP address 10.0.0.125 from the MPLS TE explicit path named path1.

<Sysname> system-view

[Sysname] explicit-path path1

[Sysname-explicit-path-path1] next-hop 10.0.0.125 exclude

Related commands

display explicit-path

nhop-only

Use nhop-only to configure the PLR to create only link-protection bypass tunnels.

Use undo nhop-only to restore the default.

Syntax

nhop-only

undo nhop-only

Default

The PLR automatically creates both link-protection and node-protection bypass tunnels.

Views

MPLS TE auto-FRR view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

Execution of the nhop-only command deletes all existing node-protection bypass tunnels automatically created for MPLS TE auto FRR.

Examples

# Configure the device to automatically create only link-protection bypass tunnels.

<Sysname> system-view

[Sysname] mpls te

[Sysname-te] auto-tunnel backup

[Sysname-te-auto-bk] nhop-only

Related commands

· auto-tunnel backup

· tunnel-number

path-metric-type

Use path-metric-type to specify the link metric type to be used for path selection when a metric type is not explicitly specified for a tunnel.

Use undo path-metric-type to restore the default.

Syntax

path-metric-type { igp | te }

undo path-metric-type

Default

A tunnel uses TE metrics of links for path selection when no metric type is specified for the tunnel.

Views

MPLS TE view

Predefined user roles

network-admin

mdc-admin

Parameters

igp: Uses the IGP metric.

te: Uses the TE metric.

Usage guidelines

Each MPLS TE link has two metrics: IGP metric and TE metric. By correctly planning the two metrics, you can select different tunnels for different classes of traffic. For example, use the IGP metric to represent a link delay (a smaller IGP metric value indicates a lower link delay), and use the TE metric to represent a link bandwidth value (a smaller TE metric value indicates a bigger link bandwidth value).

You can establish two MPLS TE tunnels: Tunnel1 for voice traffic and Tunnel2 for video traffic. Configure Tunnel1 to use IGP metrics for path selection, and configure Tunnel2 to use TE metrics for path selection. As a result, the video traffic travels through the path that has larger bandwidth and the voice traffic travels through the path that has lower delay.

If you have specified a metric type for a tunnel by using the mpls te path-metric-type command in tunnel interface view, the tunnel uses the specified metric type for path selection. Otherwise, the tunnel uses the metric type specified by the path-metric-type command for path selection.

Examples

# Configure MPLS TE tunnels that are not explicitly specified with a metric type to use the IGP metric for path selection.

<Sysname> system-view

[Sysname] mpls te

[Sysname-te] path-metric-type igp

Related commands

· mpls te metric

· mpls te path-metric-type

reset mpls te auto-bandwidth-adjustment timers

Use reset mpls te auto-bandwidth-adjustment timers to reset the automatic bandwidth adjustment feature.

Syntax

reset mpls te auto-bandwidth-adjustment timers

Views

User view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

After this command is executed, the system clears the output rate sampling information and the remaining time to the next bandwidth adjustment. Then it starts new output rate sampling and bandwidth adjustment.

Examples

# Reset the automatic bandwidth adjustment feature.

<Sysname> reset mpls te auto-bandwidth-adjustment timers

Related commands

· mpls te auto-bandwidth

· auto-bandwidth enable

te-subtlv

Use te-subtlv to specify the types of the sub-TLVs for carrying DS-TE parameters.

Use undo te-subtlv to restore the default.

Syntax

te-subtlv { bw-constraint value | unreserved-subpool-bw value } *

undo te-subtlv { bw-constraint | unreserved-subpool-bw } *

Default

The bw-constraint parameter is carried in sub-TLV 252, and the unreserved-subpool-bw parameter is carried in sub-TLV 251.

Views

IS-IS view

Predefined user roles

network-admin

mdc-admin

Parameters

bw-constraint value: Specifies the type value of the sub-TLV that carries the bandwidth constraints, in the range of 23 to 254.

unreserved-subpool-bw value: Specifies the type value of the sub-TLV that carries the unreserved subpool bandwidth, in the range of 23 to 254.

Usage guidelines

This command takes effect when the DS-TE mode is prestandard. It does not take effect when the DE-TE mode is IETF.

In prestandard mode, no standard sub-TLV type values are defined to carry DS-TE parameters. Different vendors might use different type values. To communicate with devices from other vendors, use this command to specify the sub-TLV type values.

Examples

# For IS-IS process 1, specify the sub-TLV type value 200 for bw-constraint, and 202 for unreserved-subpool-bw.

<Sysname> system-view

[Sysname] isis 1

[Sysname-isis-1] te-subtlv bw-constraint 200 unreserved-subpool-bw 202

Related commands

display isis mpls te configured-sub-tlvs

timers removal unused

Use timers removal unused to configure a removal timer for unused bypass tunnels.

Use undo timers removal unused to restore the default.

Syntax

timers removal unused seconds

undo timers removal unused

Default

A bypass tunnel is removed after it is unused for 3600 seconds.

Views

MPLS TE auto-FRR view

Predefined user roles

network-admin

mdc-admin

Parameters

seconds: Specifies the period of time after which an unused bypass tunnel is removed, in the range of 300 to 604800 seconds. You can also set this argument to 0, which means not to remove unused bypass tunnels.

Usage guidelines

An automatically created bypass tunnel can protect multiple primary CRLSPs. A bypass tunnel is unused when all primary CRLSPs protected by the bypass tunnel are removed. When a bypass tunnel is unused for the period of time configured by this command, MPLS TE removes the bypass tunnel to release the occupied bandwidth and tunnel interface number.

Configure a removal timer according to your network conditions, with the following considerations:

· Save resources—If the timer value is too big, unused bypass tunnels occupy bandwidth and interface numbers for a long time.

· Keep network stability—If the timer value is too small, bypass tunnels might be set up and removed frequently.

Examples

# Configure the removal timer for unused bypass tunnels to 60000 seconds (100 minutes).

<Sysname> system-view

[Sysname] mpls te

[Sysname-te] auto-tunnel backup

[Sysname-te-auto-bk] timers removal unused 60000

Related commands

· auto-tunnel backup

· tunnel-number

tunnel-number

Use tunnel-number to specify an interface number range for automatically created bypass tunnels.

Use undo tunnel-number to restore the default.

Syntax

tunnel-number min min-number max max-number

undo tunnel-number

Default

No interface number range is specified, and the PLR cannot set up a bypass tunnel automatically.

Views

MPLS TE auto-FRR view

Predefined user roles

network-admin

mdc-admin

Parameters

min min-number: Specifies the minimum interface number for automatically created bypass tunnels. The value range for the min-number argument is 0 to 9214.

max max-number: Specifies the maximum interface number for automatically created bypass tunnels. The value range for the max-number argument is 0 to 9214.

Usage guidelines

To enable the PLR to automatically create bypass tunnels, you must enable auto FRR globally by using the auto-tunnel backup command, and then specify the interface number range for bypass tunnels by using the tunnel-number command. The PLR uses the interface numbers in the specified range in ascending order for the bypass tunnels.

When you use the tunnel-number command, follow these restrictions and guidelines:

· The min-number must be smaller than or equal to the max-number.

· The specified range must include less than 1000 interface numbers. Otherwise, this command cannot be executed successfully.

· If you execute this command multiple times, the most recent configuration takes effect.

· When you execute this command, if bypass tunnels are already created automatically, make sure the min-number is not greater than the minimum interface number used by the existing bypass tunnels, and the max-number is not smaller than the maximum interface number used by the existing bypass tunnels.

· The interface number range specified by this command can include the interface numbers used by the tunnel interfaces created by the interface tunnel command. However, those interface numbers cannot be used for bypass tunnels, unless they are released by the undo interface tunnel command.

Examples

# Specify interface numbers 800 to 900 for automatically created bypass tunnels.

<Sysname> system-view

[Sysname] mpls te

[Sysname-te] auto-tunnel backup

[Sysname-te-auto-bk] tunnel-number min 800 max 900

Related commands

auto-tunnel backup

Static CRLSP commands

The static CRLSP feature is available in Release 1138P01 and later versions.

display mpls static-cr-lsp

Use display mpls static-cr-lsp to display information about static CRLSPs.

Syntax

display mpls static-cr-lsp [ lsp-name lsp-name ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

lsp-name lsp-name: Displays information about the static CRLSP specified by its name, a case-sensitive string of 1 to 15 characters. If you do not specify this option, this command displays information about all static CRLSPs.

verbose: Displays detailed information about static CRLSPs.

Examples

# Display brief information about static CRLSPs.

<Sysname> display mpls static-cr-lsp

Name LSR Type In/Out Label Out Interface State

static-cr-lsp-1 Ingress Null/20 Vlan10 Up

Table 39 Command output

Field	Description
Name	Name of the static CRLSP.
LSR Type	LSR type of the local node on the static CRLSP: Ingress, Transit, or Egress.
In/Out Label	Incoming label/outgoing label.
Out Interface	Outgoing interface.
State	Current state of the static CRLSP: · Down—The static CRLSP is not available. · Up—The static CRLSP is available.

# Display detailed information about static CRLSPs.

<Sysname> display mpls static-cr-lsp verbose

LSP Name : Tunnel0

LSR Type : Ingress

In-Label : Null

Out-Label : 60

Out-Interface : Vlan10

Nexthop : 20.1.1.2

Class Type : -

Bandwidth : -

LSP State : Up

Table 40 Command output

Field	Description
LSP Name	Name of the static CRLSP.
LSR Type	LSR type of the local node on the static CRLSP: Ingress, Transit, or Egress.
In-Label	Incoming label.
Out-Label	Outgoing label.
Out-Interface	Outgoing interface.
Nexthop	Next hop address.
Class Type	Class type of the static CRLSP. This field is not supported in the current software version and is reserved for future support.
Bandwidth	Bandwidth required by the static CRLSP, in kbps. This field is not supported in the current software version.
LSP State	Current state of the static CRLSP: · Down—The CRLSP is not available. · Up—The CRLSP is available.

Related commands

· static-cr-lsp egress

· static-cr-lsp ingress

· static-cr-lsp transit

static-cr-lsp egress

Use static-cr-lsp egress to configure the egress node of a static CRLSP.

Use undo static-cr-lsp egress to delete the egress node configuration of a static CRLSP.

Syntax

static-cr-lsp egress lsp-name in-label in-label-value

undo static-cr-lsp egress lsp-name

Default

No static CRLSP exists on the device.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

lsp-name: Specifies a name for the static CRLSP, a case-sensitive string of 1 to 15 characters.

in-label in-label-value: Specifies the incoming label in the range of 16 to 1023.

Examples

# On the egress node, configure a static CRLSP with the name static-te-1 and incoming label 233.

<Sysname> system-view

[Sysname] static-cr-lsp egress static-te-1 in-label 233

Related commands

· display mpls static-cr-lsp

· static-cr-lsp ingress

· static-cr-lsp transit

static-cr-lsp ingress

Use static-cr-lsp ingress to configure the ingress node of a static CRLSP.

Use undo static-cr-lsp ingress to delete the ingress node configuration of a static CRLSP.

Syntax

static-cr-lsp ingress lsp-name { nexthop next-hop-addr | outgoing-interface interface-type interface-number } out-label out-label-value [ bandwidth [ ct0 | ct1 | ct2 | ct3 ] bandwidth-value ]

undo static-cr-lsp ingress lsp-name

Default

No static CRLSP exists on the device.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

lsp-name: Specifies a name for the static CRLSP, a case-sensitive string of 1 to 15 characters.

nexthop next-hop-addr: Specifies the next hop IP address.

outgoing-interface interface-type interface-number: Specifies an outgoing interface by its type and number. The specified interface must be a P2P tunnel interface.

out-label out-label-value: Specifies the outgoing label, a value of 0, 3, or from 16 through 1023.

bandwidth: Specifies the CT and required bandwidth for the static CRLSP. If you do not specify this keyword, the bandwidth required by the static CRLSP is 0 kbps. If you specify this keyword but do not specify a CT, the static CRLSP belongs to CT 0.

ct0: Specifies CT 0 for the static CRLSP.

ct1: Specifies CT 1 for the static CRLSP.

ct2: Specifies CT 2 for the static CRLSP.

ct3: Specifies CT 3 for the static CRLSP.

bandwidth-value: Specifies the bandwidth required by the static CRLSP, in the range of 1 to 4294967295 kbps. The default is 0 kbps.

Usage guidelines

The next hop address specified for the static CRLSP cannot be a public IP address on the local device.

CT 2 and CT 3 are valid only in IETF DS-TE mode. In prestandard DS-TE mode, CT 2 and CT 3 are invalid and the tunnel cannot be established.

Examples

# Configure a static CRLSP on the ingress node, and configure its name as static-te-2, next hop IP address as 202.55.25.33, and outgoing label as 237.

<Sysname> system-view

[Sysname] static-cr-lsp ingress static-te-2 nexthop 202.55.25.33 out-label 237

Related commands

· display mpls static-cr-lsp

· static-cr-lsp egress

· static-cr-lsp transit

static-cr-lsp transit

Use static-cr-lsp transit to configure a transit node for a static CRLSP.

Use undo static-cr-lsp transit to delete the transit node configuration of a static CRLSP.

Syntax

static-cr-lsp transit lsp-name in-label in-label-value { nexthop next-hop-addr | outgoing-interface interface-type interface-number } out-label out-label-value [ bandwidth [ ct0 | ct1 | ct2 | ct3 ] bandwidth-value ]

undo static-cr-lsp transit lsp-name

Default

No static CRLSP exists on the device.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

lsp-name: Specifies a name for the static CRLSP, a case-sensitive string of 1 to 15 characters.

in-label in-label-value: Specifies the incoming label in the range of 16 to 1023.

nexthop next-hop-addr: Specifies the next hop IP address.

outgoing-interface interface-type interface-number: Specifies an outgoing interface by its type and number. The specified interface must be a P2P tunnel interface.

out-label out-label-value: Specifies the outgoing label, a value of 0, 3, or in the range of 16 to 1023.

ct0: Specifies CT 0 for the static CRLSP.

ct1: Specifies CT 1 for the static CRLSP.

ct2: Specifies CT 2 for the static CRLSP.

ct3: Specifies CT 3 for the static CRLSP.

bandwidth-value: Specifies the bandwidth required by the static CRLSP, in the range of 1 to 4294967295 kbps. The default is 0 kbps.

Usage guidelines

The next hop address specified for the static CRLSP cannot be a public IP address on the local device.

CT 2 and CT 3 are valid only in IETF DS-TE mode. In prestandard DS-TE mode, CT 2 and CT 3 are invalid and the tunnel cannot be established.

Examples

# Configure a static CRLSP on the transit node, and configure its name as static-te-3, incoming label as 123, next hop IP address as 1.1.1.1, and outgoing label as 253.

<Sysname> system-view

[Sysname] static-cr-lsp transit static-te-3 in-label 123 nexthop 1.1.1.1 out-label 253

Related commands

· display mpls static-cr-lsp

· static-cr-lsp egress

· static-cr-lsp ingress

RSVP commands

The RSVP feature is available in Release 1138P01 and later versions.

authentication challenge

Use authentication challenge to enable the RSVP challenge-response handshake function globally or for an RSVP neighbor.

Use undo authentication challenge to disable the challenge-response handshake function globally or for an RSVP neighbor.

Syntax

authentication challenge

undo authentication challenge

Default

The RSVP challenge-response handshake function is disabled.

Views

RSVP view, RSVP neighbor view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

To prevent packet replay attacks, RSVP requires received authentication messages to carry incremental sequence numbers. To verify the subsequent messages, RSVP saves the sequence number of the last valid message in a receive-type security association.

However, when RSVP creates a new receive-type security association, it cannot obtain the sequence number of the sender. To successfully establish the receive-type security association, RSVP sets the receive sequence number to 0 by default, so the association can receive a message with any sequence number from the peer. Because this introduces a vulnerability to replay attacks, you should execute the authentication challenge command. When RSVP creates a receive-type security association, it will perform a challenge-response handshake to obtain the sequence number of the sender.

RSVP challenge-response handshake can be configured in the following views:

· RSVP view—Configuration applies to all RSVP security associations.

· RSVP neighbor view—Configuration applies only to RSVP security associations with the specified neighbor.

· Interface view—Configuration applies only to RSVP security associations established on the current interface.

Examples

# Enable RSVP challenge-response handshake globally.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp] authentication challenge

# Enable challenge-response handshake for RSVP neighbor 1.1.1.9.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp] peer 1.1.1.9

[Sysname-rsvp-peer-1.1.1.9] authentication challenge

Related commands

· authentication key

· authentication lifetime

· authentication window-size

· display rsvp authentication

· reset rsvp authentication

· rsvp authentication challenge

· rsvp authentication key

· rsvp authentication lifetime

· rsvp authentication window-size

authentication key

Use authentication key to enable RSVP authentication globally or for an RSVP neighbor, and configure the authentication key.

Use undo authentication key to disable RSVP authentication.

Syntax

authentication key { cipher | plain } auth-key

undo authentication key

Default

RSVP authentication is disabled.

Views

RSVP view, RSVP neighbor view

Predefined user roles

network-admin

mdc-admin

Parameters

cipher: Sets a ciphertext authentication key.

plain: Sets a plaintext authentication key.

auth-key: Specifies the authentication key. This argument is case sensitive. If the cipher keyword is specified, it must be a ciphertext string of 1 to 53 characters. If the plain keyword is specified, it must be a plaintext string of 1 to 16 characters.

Usage guidelines

RSVP authentication ensures integrity of RSVP messages, and prevents false resource reservation requests from occupying network resources.

With RSVP authentication, the sender uses the MD5 algorithm and the authentication key to calculate a message digest for an RSVP message. The sender inserts the message digest to the RSVP message. When the receiver receives the message, it performs the same calculation and compares the result with the message digest received. If they match, the receiver accepts the message. Otherwise, it drops the message.

RSVP authentication can be configured in the following views:

· RSVP view—Configuration applies to all RSVP security associations.

· RSVP neighbor view—Configuration applies only to RSVP security associations with the specified RSVP neighbor.

· Interface view—Configuration applies only to RSVP security associations established on the current interface.

Configurations in RSVP neighbor view, interface view, and RSVP view are in descending order of priority. For example, if you have enabled RSVP authentication for a neighbor in both RSVP neighbor view and RSVP view but configured different authentication keys, the authentication key configured in RSVP neighbor view is used to authenticate the RSVP messages between the local device and the neighbor.

To re-establish a security association, you must delete the authentication key used by the current security association or delete the current security association (using the reset rsvp authentication command). Then the device can re-establish a security association by looking up a new authentication key in order of priorities.

When using this command, follow these guidelines:

· After you enable RSVP authentication on the local device, you must also enable RSVP authentication and configure the same authentication key on the corresponding RSVP neighbor.

· For security purposes, all keys, including keys configured in plain text, are saved in cipher text.

Examples

# Enable RSVP authentication globally, and configure the authentication key as a plaintext string of abcdefgh.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp] authentication key plain abcdefgh

# Enable RSVP authentication for neighbor 1.1.1.9, and configure the authentication key as a plaintext string of abcdefgh.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp] peer 1.1.1.9

[Sysname-rsvp-peer-1.1.1.9] authentication key plain abcdefgh

Related commands

· authentication challenge

· authentication lifetime

· authentication window-size

· display rsvp authentication

· reset rsvp authentication

· rsvp authentication challenge

· rsvp authentication key

· rsvp authentication lifetime

· rsvp authentication window-size

authentication lifetime

Use authentication lifetime in RSVP view to configure the global idle timeout for RSVP security associations.

Use authentication lifetime in RSVP neighbor view to configure the idle timeout for RSVP security associations with an RSVP neighbor.

Use undo authentication lifetime to restore the default.

Syntax

authentication lifetime life-time

undo authentication lifetime

Default

The idle timeout for an RSVP security association is 1800 seconds.

Views

RSVP view, RSVP neighbor view

Predefined user roles

network-admin

mdc-admin

Parameters

life-time: Specifies the RSVP security association idle timeout in the range of 30 to 86400 seconds.

Usage guidelines

When RSVP authentication is enabled, the device dynamically establishes security associations when receiving and sending RSVP messages.

To release memory resources, each security association has an idle timeout. When a security association is idle for the specified timeout time, the device deletes the security association. When the device sends or receives an authenticated RSVP message, it resets the idle timeout timer for the corresponding security association.

The RSVP authentication idle timeout can be configured in the following views:

· RSVP view—Configuration applies to all RSVP security associations.

· RSVP neighbor view—Configuration applies only to RSVP security associations with the specified RSVP neighbor.

· Interface view—Configuration applies only to RSVP security associations established on the current interface.

An RSVP security association established by using the authentication key configured in a view uses the idle timeout configured in the same view.

A modification to the idle timeout affects only security associations established after the modification. To apply the new setting to existing security associations, you must execute the reset rsvp authentication command to delete and then re-establish the security associations.

Examples

# Configure the global idle timeout as 100 seconds for RSVP security associations.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp] authentication lifetime 100

# Configure the idle timeout as 100 seconds for the security associations with RSVP neighbor 1.1.1.9.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp] peer 1.1.1.9

[Sysname-rsvp-peer-1.1.1.9] authentication lifetime 100

Related commands

· authentication challenge

· authentication key

· authentication window-size

· display rsvp authentication

· reset rsvp authentication

· rsvp authentication challenge

· rsvp authentication key

· rsvp authentication lifetime

· rsvp authentication window-size

authentication window-size

Use authentication window-size in RSVP view to configure the global RSVP authentication window size, which is the maximum number of authenticated RSVP messages that can be received out of sequence.

Use authentication window-size in RSVP neighbor view to configure the RSVP authentication window size for an RSVP neighbor.

Use undo authentication window-size to restore the default.

Syntax

authentication window-size number

undo authentication window-size

Default

Only one authenticated RSVP message can be received out of sequence.

Views

RSVP view, RSVP neighbor view

Predefined user roles

network-admin

mdc-admin

Parameters

number: Specifies the maximum number of authenticated RSVP messages that can be received out of sequence, in the range of 1 to 64.

Usage guidelines

To protect against replay attacks, the sender places a unique sequence number in each RSVP message that contains authentication information. The sender increases the value of the sequence number by one each time it sends an RSVP message. If the sequence number of a received message is in the specified authentication window size, the receiver accepts the message. Otherwise, the receiver discards the message.

When the receiver receives an RSVP message, it compares the sequence number of the last accepted RSVP message with the sequence number of the newly received RSVP message.

· If the new sequence number is greater than the last sequence number, RSVP accepts the message and updates the last sequence number with the new sequence number.

· If the new sequence number equals the last sequence number, RSVP regards the message a replay message and discards the message.

· If the new sequence number is smaller than the last sequence number but greater than the last sequence number minus the window size, and has never been received before, RSVP accepts the message. If the new sequence number has been received before, RSVP regards the message a replay message and discards the message.

· If the new sequence number is smaller than or equal to the last sequence number minus the window size, RSVP regards the message invalid and discards the message.

By default, the authentication window size is 1. If the sequence number of a newly received RSVP message is smaller than that of the last accepted message, the device discards the message. However, if the sender sends multiple RSVP messages in a short time, these messages might arrive at the neighbor out of sequence. If you use the default window size, the out-of-sequence messages will be discarded. To solve this problem, you can use the authentication window-size command to configure a correct window size.

A security association established by using the authentication key configured in a view uses the window size configured in that view.

A modification to the window size affects only security associations established after the modification. To apply the new setting to existing security associations, you must execute the reset rsvp authentication command to delete and then re-establish the security associations.

Examples

# In RSVP view, set the maximum number of out-of-sequence authenticated RSVP messages that can be received to 10.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp] authentication window-size 10

# Set the maximum number of out-of-sequence authenticated RSVP messages that can be received from the RSVP neighbor 1.1.1.9 to 10.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp] peer 1.1.1.9

[Sysname-rsvp-peer-1.1.1.9] authentication window-size 10

Related commands

· authentication challenge

· authentication key

· authentication lifetime

· display rsvp authentication

· reset rsvp authentication

· rsvp authentication challenge

· rsvp authentication key

· rsvp authentication lifetime

· rsvp authentication window-size

display rsvp

Use display rsvp to display RSVP information.

Syntax

display rsvp [ interface [ interface-type interface-number ] ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

interface: Displays RSVP information on interfaces.

interface-type interface-number: Displays RSVP information on the interface specified by its type and number.

Usage guidelines

If you do not specify the interface keyword, this command displays the global RSVP information.

If you specify the interface keyword but do not specify the interface-type interface-number argument, this command displays RSVP information for all interfaces.

If you specify the interface interface-type interface-number option, this command displays RSVP information for the specified interface.

Examples

# Display global RSVP information.

<Sysname> display rsvp

LSR ID: 50.0.0.1 Fast Reroute time: 300 sec

Refresh interval: 30 sec Keep multiplier: 3

Hello interval: 3 sec Hello lost: 4

Graceful Restart: Disabled DSCP value: 48

Authentication: Enabled

Lifetime: 300 sec

Window size: 64

Challenge: Enabled

Statistics:

PSB number: 5 RSB number: 5

LSP number: 5 Request number: 5

Peer number: 5 SA number: 5

Table 41 Command output

Field	Description
Fast Reroute time	Interval for detecting whether a better bypass CRLSP is available for a primary CRLSP, in seconds.
Refresh interval	Interval for refreshing Path and Resv messages, in seconds.
Keep multiplier	PSB and RSB timeout multiplier.
Hello interval	Interval for sending hello requests, in seconds.
Hello lost	Maximum number of consecutive lost or erroneous hellos allowed.
DSCP value	DSCP value for outgoing RSVP packets.
Authentication	RSVP authentication state.
Lifetime	Idle timeout for RSVP security associations, in seconds.
Window size	Maximum number of out-of-sequence authenticated RSVP messages that can be received.
Challenge	State of the challenge-response handshake function.
Statistics	RSVP statistics.
PSB number	Total number of PSBs.
RSB number	Total number of RSBs.
LSP number	Total number of LSPs established by RSVP.
Request number	Total number of RSVP request data blocks.
Peer number	Total number of RSVP neighbors.
SA number	Total number of security associations.

# Display RSVP information for all interfaces.

<Sysname> display rsvp interface

Interface: Vlan10 Logical interface handle: 0x19a5

State: Up IP address: 50.1.0.1

MPLS TE: Enabled RSVP: Enabled

Hello: Enabled BFD: Enabled

Summary Refresh: Enabled Reliability: Disabled

Retransmit interval: 500 ms Retransmit increment: 1

Authentication: Enabled

Lifetime: 300 sec

Window size: 64

Challenge: Enabled

Bypass tunnels: Tunnel0

Interface: Vlan11 Logical interface handle: 0x19a6

State: Up IP address: 50.2.0.1

MPLS TE: Enabled RSVP: Enabled

Hello: Enabled BFD: Enabled

Summary Refresh: Disabled Reliability: Disabled

Retransmit interval: 500 ms Retransmit increment: 1

Authentication: Enabled

Lifetime: 300 sec

Window size: 64

Challenge: Enabled

Bypass tunnels: Tunnel0, Tunnel1, Tunnel2

Table 42 Command output

Field	Description
Logical interface handle	Logical interface handle, used to distinguish logical outgoing interfaces on the RSVP interface.
State	Interface state recorded by RSVP: UP or Down.
IP address	IP address of the current interface used by RSVP.
MPLS TE	MPLS TE state on the interface.
RSVP	RSVP state on the interface.
Hello	State of the hello extension function on the interface.
BFD	BFD state on the interface.
Summary Refresh	State of the summary refresh function on the interface.
Reliability	State of the reliable RSVP message delivery function on the interface.
Retransmit interval	Initial retransmission interval for reliable RSVP message delivery, in milliseconds.
Retransmit increment	Retransmission increment value for reliable RSVP message delivery.
Authentication	RSVP authentication state on the interface.
Lifetime	Idle timeout for RSVP security associations, in seconds.
Window size	Maximum number of out-of-sequence authenticated RSVP messages that can be received.
Challenge	State of the challenge-response handshake function on the interface.
Bypass tunnels	Bypass tunnels configured on the interface for fast reroute (FRR). If no bypass tunnels are configured, this field displays None.

display rsvp authentication

Use display rsvp authentication to display information about the security associations established with RSVP neighbors.

Syntax

display rsvp authentication [ from ip-address ] [ to ip-address ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

from ip-address: Displays information about the security associations with the specified source IP address.

to ip-address: Displays information about the security associations with the specified destination IP address.

verbose: Displays detailed information about RSVP security associations. If you do not specify this keyword, the command displays brief information about RSVP security associations.

Usage guidelines

If you do not specify the from ip-address to ip-address options, this command displays information about the security associations established with all RSVP neighbors.

After RSVP authentication is enabled, the device automatically establishes security associations when sending and receiving RSVP messages. A security association includes the following information:

· IP address of the authentication source node.

· IP address of the authentication destination node.

· Authentication direction.

· Authentication type.

· Authentication key.

· Authentication expiration time.

The device obtains the RSVP authentication source and destination IP addresses from the IP header or RSVP message objects, as shown in Table 43.

Table 43 How to get RSVP authentication source and destination IP addresses

Message type received or sent	Authentication source IP	Authentication destination IP
Path	Address in the HOP object of the RSVP message.	Address in the SESSION object of the RSVP message.
PathTear	Address in the HOP object of the RSVP message.	Address in the SESSION object of the RSVP message.
PathError	Source IP address in the IP header	Destination IP address in the IP header
Resv	Address in the HOP object of the RSVP message.	Destination IP address in the IP header
ResvTear	Address in the HOP object of the RSVP message.	Destination IP address in the IP header
ResvError	Address in the HOP object of the RSVP message.	Destination IP address in the IP header
ResvConfirm	Source IP address in the IP header	Address in the CONFIRM object of the RSVP message.
ACK	Source IP address in the IP header	Destination IP address in the IP header
Srefresh	Source IP address in the IP header	Destination IP address in the IP header
Hello	Source IP address in the IP header	Destination IP address in the IP header

Examples

# Display brief information about the security associations established with all RSVP neighbors.

<Sysname> display rsvp authentication

From To Mode Type Key-ID Expiration

57.10.10.1 57.10.10.2 Receive Interface 000103000000 280s

57.10.10.2 57.10.10.1 Send Interface 000103000000 280s

Table 44 Command output

Field	Description
From	RSVP authentication source IP address.
To	RSVP authentication destination IP address.
Mode	Direction of the security association: · Receive—Receive security association, used to authenticate messages received from an RSVP neighbor. · Send—Send security association, used to authenticate messages sent to an RSVP neighbor.
Type	Type of the security association: · Peer—Security association established in RSVP neighbor view. · Interface—Security association established in interface view. · Global—Security association established in RSVP view.
Key-ID	Key ID of the security association. · For a send security association, this field displays the local key ID. · For a receive security association, this field displays the key ID received from the peer.
Expiration	Idle timeout remaining time of the security association, in seconds.

# Display detailed information about the security associations established with all RSVP neighbors.

<Sysname> display rsvp authentication verbose

From: 20.1.1.1 To: 4.4.4.9

Mode: Send Type: Interface

Challenge: Supported Peer: 20.1.1.2

Local key ID: 0x000104000000 Peer key ID: 0x0

Lifetime: 1800 sec Expiration time: 1781 sec

Window size: 1

Last sent sequence number:

5781735195480686593

From: 20.1.1.2 To: 20.1.1.1

Mode: Receive Type: Interface

Challenge: Not configured Peer: 20.1.1.2

Local key ID: 0x0 Peer key ID: 0x000104000000

Lifetime: 1800 sec Expiration time: 1798 sec

Window size: 1

Received sequence numbers:

5781742445385482241

Table 45 Command output

Field	Description
From	RSVP authentication source IP address.
To	RSVP authentication destination IP address.
Mode	Direction of the security association: · Receive—Receive security association, used to authenticate messages received from an RSVP neighbor. · Send—Send security association, used to authenticate messages sent to an RSVP neighbor.
Type	Type of the security association: · Peer—Security association established in RSVP neighbor view. · Interface—Security association established in interface view. · Global—Security association established in RSVP view.
Challenge	State of the authentication challenge-response function: · Not configured—The challenge-response handshake function is disabled locally. (For a receive security association.) · Configured—The challenge-response handshake function is enabled locally. (For a receive security association.) · In progress—The local device has sent an Integrity Challenge message to the peer and is waiting for the Integrity Response message from the peer. · Completed—The local device has received an Integrity Response message from the peer and the message has passed the authentication. · Failed—The Failed state is displayed when one of the following events occurs: ¡ The local device has received an Integrity Response message from the peer but the message failed the authentication. ¡ The local device has not received any valid Integrity Response after sending three Integrity Challenge messages to the peer. ¡ The challenge-response function is disabled on the peer. · Supported—The local device supports the challenge-response function. (For a send security association.)
Peer	IP address of the authentication neighbor.
Local key ID	Local key ID, for a send security association.
Peer key ID	Peer key ID, for a receive security association.
Lifetime	Idle timeout of the security association, in seconds.
Expiration time	Idle timeout remaining time of the security association, in seconds.
Window size	Maximum number of out-of-sequence authenticated RSVP messages that can be received.
Received sequence numbers	Sequence numbers of the received messages. This field can display the sequence numbers for up to window-size messages.
Last sent sequence number	Sequence number of the last sent message.

Related commands

· authentication challenge

· authentication key

· authentication lifetime

· authentication window-size

· reset rsvp authentication

· rsvp authentication challenge

· rsvp authentication key

· rsvp authentication lifetime

· rsvp authentication window-size

display rsvp lsp

Use display rsvp lsp to display information about CRLSPs established by RSVP.

Syntax

display rsvp lsp [ destination ip-address ] [ source ip-address ] [ tunnel-id tunnel-id ] [ lsp-id lsp-id ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

destination ip-address: Displays information about the CRLSP with the specified tunnel destination address.

source ip-address: Displays information about the CRLSP with the specified tunnel source address. The tunnel source address is the extended tunnel ID in the Session object of an RSVP message.

tunnel-id tunnel-id: Displays information about the CRLSP with the specified tunnel ID in the range of 0 to 65535.

lsp-id lsp-id: Displays information about the CRLSP with the specified LSP ID in the range of 0 to 65535.

verbose: Displays detailed information about CRLSPs. If you do not specify this keyword, the command displays brief information about CRLSPs.

Examples

# Display brief information about all CRLSPs established by RSVP.

<Sysname> display rsvp lsp

Destination Source Tunnel-ID LSP-ID Direction Tunnel-name

50.0.0.1 50.0.0.3 0 1 Uni Sysname_t0

50.0.0.1 50.0.0.3 1 2 Bi-Down Sysname_t1

Table 46 Command output

Field	Description
Destination	Tunnel destination address.
Source	Tunnel source address.
Direction	Tunnel direction: · Uni—Unidirectional tunnel. · Bi-Down—Forward CRLSP of a bidirectional tunnel. · Bi-Up—Backward CRLSP of a bidirectional tunnel.
Tunnel-name	The value for a tunnel name is Sysname_ttunnel-ID, where Sysname represents the device name, and tunnel-ID represents the ID of the tunnel. You can configure the device name by executing the sysname command in system view. This field contains a maximum of 80 characters, and displays the first 77 characters and three dots (.) if the name contains more than 80 characters.

# Display detailed information about all CRLSPs established by RSVP.

<Sysname> display rsvp lsp verbose

Tunnel name: Sysname_t1

Destination: 3.3.3.9 Source: 1.1.1.9

Tunnel ID: 1 LSP ID: 5

LSR type: Transit Direction: Unidirectional

Setup priority: 7 Holding priority: 7

In-Label: 1146 Out-Label: 3

In-Interface: Vlan10 Out-Interface: Vlan30

Nexthop: 57.20.20.1 Exclude-any: 0

Include-Any: 0 Include-all: 0

Mean rate (CIR): 0.00 kbps Mean burst size (CBS): 1000.00 bytes

Path MTU: 1500 Class type: CT0

RRO number: 8

57.10.10.1/32 Flag: 0x00 (No FRR)

57.10.10.2/32 Flag: 0x40 (No FRR/In-Int)

1146 Flag: 0x01 (Global label)

2.2.2.9/32 Flag: 0x20 (No FRR/Node-ID)

57.20.20.2/32 Flag: 0x00 (No FRR)

57.20.20.1/32 Flag: 0x40 (No FRR/In-Int)

3 Flag: 0x01 (Global label)

3.3.3.9/32 Flag: 0x20 (No FRR/Node-ID)

Fast Reroute protection: Ready

FRR inner label: 3 Bypass tunnel: Tunnel253

Tunnel name: Sysname_t253

Destination: 3.3.3.9 Source: 2.2.2.9

Tunnel ID: 253 LSP ID: 17767

LSR type: Ingress Direction: Bidirectional, Downstream

Setup priority: 7 Holding priority: 7

In-Label: - Out-Label: 1025

In-Interface: - Out-Interface: Vlan15

Nexthop: 10.11.112.135 Exclude-any: 0

Include-Any: 0 Include-all: 0

Mean rate (CIR): 125.00 kbps Mean burst size (CBS): 0.00 bytes

Path MTU: 0 Class type: CT0

RRO number: 8

10.11.112.140/32 Flag: 0x00 (No FRR)

10.11.112.135/32 Flag: 0x40 (No FRR/In-Int)

1025 Flag: 0x01 (Global label)

5.5.5.9/32 Flag: 0x20 (No FRR/Node-ID)

57.40.40.3/32 Flag: 0x00 (No FRR)

57.40.40.1/32 Flag: 0x40 (No FRR/In-Int)

3 Flag: 0x01 (Global label)

3.3.3.9/32 Flag: 0x20 ((No FRR/Node-ID)

Fast Reroute protection: None

Table 47 Command output

Field	Description
Tunnel name	The value for a tunnel name is Sysname_ttunnel-ID, where Sysname represents the device name, and tunnel-ID represents the ID of the tunnel. You can configure the device name by executing the sysname command in system view.
Destination	Tunnel destination address.
Source	Tunnel source address.
Direction	Tunnel direction: · Unidirectional—Unidirectional tunnel. · Bidirectional, Downstream—Forward CRLSP of a bidirectional tunnel. · Bidirectional, Upstream—Backward CRLSP of a bidirectional tunnel.
Exclude-any	Affinity representing a set of attribute filters. Matching any filter renders a link unacceptable.
Include-any	Affinity representing a set of attribute filters. Matching any filter renders a link acceptable.
Include-all	Affinity representing a set of attribute filters. All filters must be present for a link to be acceptable.
Class type	CT of the LSP.
RRO number	Number of Record Route Objects (RROs). If the number is not 0, the subsequent output displays the IP addresses or labels recorded in the RROs. The RRO information is displayed only when route recording is configured on the tunnel interface.
Flag	Flag value and its meaning in an RRO: · No FRR—FRR is not configured. · FRR Avail—FRR is available. · In use—FRR has occurred. · BW—Bandwidth protection. · Node-Prot—Node protection. · Node-ID—The IP address in the RRO is the LSR ID of the node. · In-Int—The IP address in the RRO is address of the incoming interface. · Global label—Per-platform label space.
Fast Reroute protection	Whether the tunnel has been bound to an FRR bypass tunnel: · None—Not bound to a bypass tunnel. · Ready—Bound to a bypass tunnel. No FRR has occurred. · Active—Bound to a bypass tunnel. An FRR has occurred.
FRR inner label	Incoming label of the FRR bypass tunnel. This field is displayed only when a bypass tunnel is bound.
Bypass tunnel	Name of the bypass tunnel. This field is displayed only when a bypass tunnel is bound.

Related commands

· display rsvp request

· display rsvp reservation

· display rsvp sender

display rsvp peer

Use display rsvp peer to display RSVP neighbor information.

Syntax

display rsvp peer [ interface interface-type interface-number ] [ ip ip-address ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

interface interface-type interface-number: Displays information about RSVP neighbors connected to the interface specified by its type and number.

ip ip-address: Displays information about the RSVP neighbor specified by its IP address.

verbose: Displays detailed information about RSVP neighbors. If you do not specify this keyword, the command displays brief information about RSVP neighbors.

Examples

# Display brief information about all RSVP neighbors.

<Sysname> display rsvp peer

Peer Interface State Type Reduction

57.10.10.1 Vlan10 Idle Active Enabled

57.20.20.1 Vlan11 Init Passive Disabled

Table 48 Command output

Field	Description
Peer	Address of the RSVP neighbor.
Interface	Interface connecting the RSVP neighbor.
State	Local hello state: · Idle—Hello extension is disabled. · Init—Hello extension is enabled. The local device failed to exchange hellos with the neighbor or hello exchanges are in progress. · Up—Hello extension is enabled. The local device successfully exchanged hellos with the neighbor.
Type	Role of the local device in the neighbor relationship: · Active—The local device actively sends hello requests to the neighbor. · Passive—The local end passively receives hello requests from the neighbor and replies with hello ACK messages.
Reduction	State of the Srefresh function on the neighbor: enabled or disabled.

# Display detailed information about all RSVP neighbors.

<Sysname> display rsvp peer verbose

Peer: 57.10.10.1 Interface: Vlan10

Hello state: Idle Hello type: Active

PSB count: 1 RSB count: 0

Src instance: 0x32e Dst instance: 0x0

Refresh reduction: Enabled Graceful Restart state: Invalid

Peer GR restart time: 0 ms Peer GR recovery time: 0 ms

Peer: 57.20.20.1 Interface: Vlan11

Hello state: Init Hello type: Active

PSB count: 0 RSB count: 1

Src instance: 0x32e Dst instance: 0x0

Refresh reduction: Disabled Graceful Restart state: Ready

Peer GR restart time: 0 ms Peer GR recovery time: 0 ms

Table 49 Command output

Field	Description
Peer	Address of the RSVP neighbor.
Interface	Interface connecting the RSVP neighbor.
Hello state	Local hello state: · Idle—Hello extension is disabled locally. · Init—Hello extension is enabled locally. The local device failed to exchange hellos with the neighbor or hello exchanges are in progress. · Up—Hello extension is enabled locally. The local device successfully exchanged hellos with the neighbor.
Hello type	Role of the local device in the neighbor relationship: · Active—The local device actively sends hello requests to the neighbor. · Passive—The local end passively receives hello requests from the neighbor and replies with hello ACK messages.
PSB count	Number of PSBs for the neighbor.
RSB count	Number of RSBs for the neighbor.
Src instance	Local device instance carried in the hello sent to the neighbor.
Dst instance	Neighbor device instance carried in the last hello received from the neighbor.
Refresh reduction	State of the Srefresh function on the neighbor: enabled or disabled.
Graceful Restart state	GR state of the neighbor: · Invalid—Neighbor is not GR capable, or GR is disabled locally. · Ready—Neighbor is GR capable. · Restarting—Neighbor is restarting. · Recovering—Neighbor is recovering.
Peer GR restart time	GR restart period of the neighbor, in milliseconds.
Peer GR recovery time	GR recovery period of the neighbor, in milliseconds.

display rsvp request

Use display rsvp request to display information about RSVP resource reservation requests sent to upstream devices.

Syntax

display rsvp request [ destination ip-address ] [ source ip-address ] [ tunnel-id tunnel-id ] [ prev-hop ip-address ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

destination ip-address: Displays information about the RSVP resource reservation requests with the specified tunnel destination address.

source ip-address: Displays information about the RSVP resource reservation requests with the specified tunnel source address. The tunnel source address is the extended tunnel ID in the Session object of an RSVP message.

tunnel-id tunnel-id: Displays information about the RSVP resource reservation requests with the specified tunnel ID. The value range for a tunnel ID is 0 to 65535.

prev-hop ip-address: Displays information about the RSVP resource reservation requests sent to the specified upstream device. The ip-address argument is the address of the destination device of the RSVP resource reservation requests, which is the address of the previous hop on the tunnel.

verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information.

Examples

# Display brief information about the RSVP resource reservation requests sent to all upstream devices.

<Sysname> display rsvp request

Destination Source Tunnel-ID Previous-hop Style

3.3.3.9 1.1.1.9 1 57.10.10.1 SE

Table 50 Command output

Field	Description
Destination	Tunnel destination address.
Source	Tunnel source address.
Style	Resource reservation style: · SE—Shared-explicit style. · FF—Fixed-filter style.

# Display detailed information about the RSVP resource reservation requests sent to all upstream devices.

<Sysname> display rsvp request verbose

Destination: 3.3.3.9 Source: 1.1.1.9

Tunnel ID: 1 Style: SE

Previous hop: 57.10.10.1 Previous hop LIH: 0xf0008

Sent message epoch: 0 Sent message ID: 0

Out-Interface: Vlan10 Refresh interval: 30000 ms

Unknown object number: 0

Flow descriptor 1:

Flow specification:

Mean rate (CIR): 50.00 kbps Mean burst size (CBS): 1000.00 bytes

Path MTU: 1500 QoS service: Controlled-Load

Filter specification 1:

Sender address: 1.1.1.9 LSP ID: 23

Label: 1110

Table 51 Command output

Field	Description
Destination	Tunnel destination address.
Source	Tunnel source address.
Style	Resource reservation style: · SE—Shared-explicit style. · FF—Fixed-filter style.
Previous hop LIH	Logical interface handle of the previous hop.
Sent message epoch	Value of the Epoch field in the Message ID object of the sent message.
Sent message ID	Message ID in the sent message.
Out-Interface	Outgoing interface of the message.
Refresh interval	Refresh interval for Path and Resv messages, in milliseconds.
Unknown object number	Number of unknown objects.
QoS service	QoS service type: Controlled-Load or Guaranteed.
Sender address	Sender address identifies the tunnel source end.
Label	Incoming label of the forward LSP.

Related commands

· display rsvp lsp

· display rsvp reservation

· display rsvp sender

display rsvp reservation

Use display rsvp reservation to display information about RSVP resource reservation states.

Syntax

display rsvp reservation [ destination ip-address ] [ source ip-address ] [ tunnel-id tunnel-id ] [ nexthop ip-address ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

destination ip-address: Displays information about the RSVP resource reservation states with the specified tunnel destination address.

source ip-address: Displays information about the RSVP resource reservation states with the specified tunnel source address. The tunnel source address is the extended tunnel ID in the Session object of an RSVP message.

tunnel-id tunnel-id: Displays information about the RSVP resource reservation states with the specified tunnel ID. The value range for a tunnel ID is 0 to 65535.

nexthop ip-address: Displays information about the RSVP resource reservation states received from the specified downstream device. The ip-address argument is the address of the device that sent the RSVP resource reservation states, which is the address of the next hop on the tunnel.

verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information.

Examples

# Display brief information about all RSVP resource reservation states.

<Sysname> display rsvp reservation

Destination Source Tunnel-ID Nexthop Style

3.3.3.9 1.1.1.9 1 57.20.20.1 SE

Table 52 Command output

Field	Description
Destination	Tunnel destination address.
Source	Tunnel source address.
Style	Resource reservation style: · SE—Shared-explicit style. · FF—Fixed-filter style.

# Display detailed information about all RSVP resource reservation states.

<Sysname> display rsvp reservation verbose

Destination: 3.3.3.9 Source: 1.1.1.9

Tunnel ID: 1 Style: SE

Nexthop: 57.20.20.1 Nexthop LIH: 0x35

Received message epoch: 0 Received message ID: 0

In-Interface: Vlan10 Unknown object number: 0

Flow descriptor 1:

Flow specification:

Mean rate (CIR): 50.00 kbps Mean burst size (CBS): 1000.00 bytes

Path MTU: 1500 QoS service: Controlled-Load

Filter specification 1:

Sender address: 1.1.1.9 LSP ID: 23

Label: 3

RRO number: 3

57.20.20.1/32 Flag: 0x40 (No FRR/In-Int)

3 Flag: 0x01 (Global label)

3.3.3.9/32 Flag: 0x20 (No FRR/Node-ID)

Table 53 Command output

Field	Description
Destination	Tunnel destination address.
Source	Tunnel source address.
Style	Resource reservation style: · SE—Shared-explicit style. · FF—Fixed-filter style.
Nexthop LIH	Logical interface handle of the local outgoing interface for the next hop.
Received message epoch	Value of the Epoch field in the Message ID object of the received message.
Received message ID	Message ID in the received message.
In-Interface	Incoming interface of the message.
Unknown object number	Number of unknown objects.
QoS service	QoS service type: Controlled-Load or Guaranteed.
Sender address	Sender address identifies the tunnel source end.
Label	Outgoing label of the forward LSP.
RRO number	Number of RROs. If the number is not 0, the subsequent output displays the IP addresses or labels recorded in the RROs. The RRO information is displayed only when route recording is configured on the tunnel interface.
Flag	Flag value and its meaning in an RRO: · No FRR—FRR is not configured. · FRR Avail—FRR is available. · In use—FRR has occurred. · BW—Bandwidth protection. · Node-Prot—Node protection. · Node-ID—The IP address in the RRO is the LSR ID of the node. · In-Int—The IP address in the RRO is that of the incoming interface. · Global label—Per-platform label space.

Related commands

· display rsvp lsp

· display rsvp request

· display rsvp sender

display rsvp sender

Use display rsvp sender to display information about RSVP path states.

Syntax

display rsvp sender [ destination ip-address ] [ source ip-address ] [ tunnel-id tunnel-id ] [ lsp-id lsp-id ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

destination ip-address: Displays information about the RSVP path states with the specified tunnel destination address.

source ip-address: Displays information about the RSVP path states with the specified tunnel source address. The tunnel source address is the extended tunnel ID in the Session object of an RSVP message.

tunnel-id tunnel-id: Displays information about the RSVP path states with the specified tunnel ID. The value range for a tunnel ID is 0 to 65535.

lsp-id lsp-id: Displays information about the RSVP path states with the specified LSP ID. The lsp-id argument specifies the ID of a CRLSP, in the range of 0 to 65535.

verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information.

Examples

# Display brief information about all RSVP path states.

<Sysname> display rsvp sender

Destination Source Tunnel-ID LSP-ID Style Bitrate

3.3.3.9 1.1.1.9 1 5 SE 0.00

3.3.3.9 2.2.2.9 253 17767 SE 125.00

Table 54 Command output

Field	Description
Destination	Tunnel destination address.
Source	Tunnel source address.
Style	Resource reservation style: · SE—Shared-explicit style. · FF—Fixed-filter style.
Bitrate	Tunnel bandwidth in kbps.

# Display detailed information about all RSVP path states.

<Sysname> display rsvp sender verbose

Destination: 3.3.3.9 Source: 1.1.1.9

Tunnel ID: 1 Style: SE

Sender address: 1.1.1.9 LSP ID: 5

Setup priority: 7 Holding priority: 7

FRR desired: Yes BW protection desired: Yes

Received upstream label: 1051 Sent upstream label: 1051

Previous hop: 57.10.10.1 Previous hop LIH: 0xf0008

Mean rate (CIR): 0.00 kbps Mean burst size (CBS): 1000.00 bytes

MTU: 1500 Qos service: Controlled-Load

Received message epoch: 0 Received message ID: 0

Sent message epoch: 0 Sent message ID: 0

In-Interface: Vlan10 Local LIH: 0x35

Local address: 57.20.20.2 Refresh interval: 30000 ms

Out-Interface: Vlan11 Nexthop: 57.20.20.1

Unknown object number: 0

Received ERO number: 2

57.10.10.2/32 Strict

57.20.20.1/32 Loose

Sent ERO number: 1

57.20.20.1/32 Loose

XRO number: 2

67.10.10.1/32

67.20.20.1/32

RRO number: 1

57.10.10.1/32 Flag: 0x00 (No FRR)

Fast Reroute PLR: Active

FRR inner label: 3 Bypass tunnel: Tunnel253

Sender Template:

Sender address: 10.11.112.140 LSP ID: 5

FRR ERO number: 1

3.3.3.9/32 Strict

Fast Reroute MP: None

Destination: 3.3.3.9 Source: 2.2.2.9

Tunnel ID: 253 Style: SE

Sender address: 2.2.2.9 LSP ID: 17767

Setup priority: 7 Holding priority: 7

FRR desired: Yes BW protection desired: Yes

Received upstream label: 1115 Sent upstream label: 1115

Previous hop: 57.10.10.1 Previous hop LIH: 0xf0008

Mean rate (CIR): 125.00 kbps Mean burst size (CBS): 0.00 bytes

MTU: 1500 Qos service: Controlled-Load

Received message epoch: 0 Received message ID: 0

Sent message epoch: 0 Sent message ID: 0

In-Interface: Vlan15 Local LIH: 0x67

Local address: 10.11.112.140 Refresh interval: 30000 ms

Out-Interface: Vlan18 Nexthop: 10.11.112.135

Unknown object number: 0

Received ERO number: 5

2.2.2.9/32 Strict

10.11.112.140/32 Strict

10.11.112.135/32 Strict

57.40.40.3/32 Strict

57.40.40.1/32 Strict

Sent ERO number: 3

10.11.112.135/32 Strict

57.40.40.3/32 Strict

57.40.40.1/32 Strict

XRO number: 1

67.40.40.1/32

RRO number: 0

Fast Reroute PLR: None

Fast Reroute MP: Active

In-Interface: Vlan20

Sender Template:

Sender address: 10.11.112.140 LSP ID: 5

Table 55 Command output

Field	Description
Destination	Tunnel destination address.
Source	LSR ID of the device at the tunnel source end.
Style	Resource reservation style: · SE—Shared-explicit style. · FF—Fixed-filter style.
Sender address	Sender address identifies the tunnel source end.
FRR desired	State of FRR: Yes or No.
BW protection desired	State of bandwidth protection, Yes or No.
Received upstream label	Backward LSP label received from the upstream device.
Sent upstream label	Backward LSP label sent to the downstream device.
Previous hop LIH	Logical interface handle of the previous hop.
QoS service	QoS service type: Controlled-Load or Guaranteed.
Received message Epoch	Value of the Epoch field in the Message ID object of the received message.
Received message ID	Message ID in the received message.
Sent message epoch	Value of the Epoch field in the Message ID object of the sent message.
Sent message ID	Message ID in the sent message.
In-Interface	Incoming interface of the message.
Local LIH	Local logical interface handle.
Local address	IP address of the outgoing interface of the Path message.
Refresh interval	Refresh interval for Path and Resv messages, in milliseconds.
Out-Interface	Outgoing interface of the message.
Unknown object number	Number of unknown objects.
Received ERO number	Number of received Explicit Route Objects (EROs) and the ERO information. ERO information includes the addresses of the nodes on the explicit path, and whether the current node is a loose or strict next hop.
Sent ERO number	Number of sent EROs and the ERO information. ERO information includes the addresses of the nodes on the explicit path, and whether the current node is a loose or strict next hop.
XRO number	Number of Exclude Route Objects (XROs). If the number is not 0, the subsequent output displays the IP addresses in the XROs. The IP addresses are the addresses of interfaces or the LSR IDs of the nodes that are to be excluded from routes. The addresses in the XROs are non-sequenced.
RRO number	Number of RROs. If the number is not 0, the subsequent output displays the IP addresses or labels recorded in the RROs. The RRO information is displayed only when route recording is configured on the tunnel interface.
Flag	Flag value and its meaning in an RRO: · No FRR—FRR is not configured. · FRR Avail—FRR is available. · In use—FRR has occurred. · BW—Bandwidth protection. · Node-Prot—Node protection. · Node-ID—The IP address in the RRO is the LSR ID of the node. · In-Int—The IP address in the RRO is that of the incoming interface. · Global label—Per-platform label space.
Fast Reroute PLR	Point of Local Repair (PLR) information: · None—Not bound to an FRR bypass tunnel. · Ready—Bound to an FRR bypass tunnel. No FRR has occurred. · Active—Bound to an FRR bypass tunnel. An FRR has occurred.
FRR inner label	Incoming label of the FRR bypass tunnel. Only the PLR node displays this field.
Bypass tunnel	Name of the bypass tunnel. Only the PLR node displays this field.
Sender address	Address of the path message sender after an FRR. The value of this field is the address of the outgoing interface of the bypass tunnel on the PLR node.
LSP ID	LSP ID carried in the path message after an FRR.
Fast Reroute MP	Merge Point (MP) information: · Active—The node is an MP and an FRR has occurred. · None—The node is not an MP, or the node is an MP but no FRR has occurred.
In-Interface	Incoming interface of the message.

Related commands

· display rsvp lsp

· display rsvp request

· display rsvp reservation

display rsvp statistics

Use display rsvp statistics to display RSVP statistics.

Syntax

display rsvp statistics [ interface [ interface-type interface-number ] ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

interface: Displays RSVP statistics on interfaces.

interface-type interface-number: Displays RSVP statistics on the interface specified by its type and number.

Usage guidelines

If you do not specify the interface keyword, this command displays global RSVP statistics.

If you specify the interface keyword without the interface-type interface-number argument, this command displays RSVP statistics on all RSVP-enabled interfaces.

If you specify the interface interface-type interface-number option, this command displays RSVP statistics on the specified interface.

Examples

# Display global RSVP statistics.

<Sysname> display rsvp statistics

Object Added Deleted

PSB 3 1

RSB 3 1

LSP 3 1

Packet Received Sent

Path 5 5

Resv 5 5

PathError 0 0

ResvError 0 0

PathTear 0 0

ResvTear 0 0

ResvConf 0 0

Bundle 0 0

Ack 0 0

Srefresh 0 0

Hello 0 0

Challenge 0 0

Response 0 0

Error 0 0

# Display RSVP statistics on interfaces.

<Sysname> display rsvp statistics interface

Vlan10:

Packet Received Sent

Path 2 2

Resv 2 2

PathError 0 0

ResvError 0 0

PathTear 0 0

ResvTear 0 0

ResvConf 0 0

Bundle 0 0

Ack 0 0

Srefresh 0 0

Hello 0 0

Challenge 0 0

Response 0 0

Error 0 0

Vlan11:

Packet Received Sent

Path 3 3

Resv 3 3

PathError 0 0

ResvError 0 0

PathTear 0 0

ResvTear 0 0

ResvConf 0 0

Bundle 0 0

Ack 0 0

Srefresh 0 0

Hello 0 0

Challenge 0 0

Response 0 0

Error 0 0

Table 56 Command output

Field	Description
PSB	Number of added/deleted PSBs.
RSB	Number of added/deleted RSBs.
LSP	Number of added/deleted LSPs.
Path	Number of received/sent Path messages.
Resv	Number of received/sent Resv messages.
PathError	Number of received/sent Path Error messages.
ResvError	Number of received/sent Resv Error messages.
PathTear	Number of received/sent Path Tear messages.
ResvTear	Number of received/sent Resv Tear messages.
ResvConf	Number of received/sent Resv Conf messages.
Bundle	Number of received/sent Bundle messages.
Ack	Number of received/sent Ack messages.
Srefresh	Number of received/sent Srefresh messages.
Hello	Number of received/sent Hello messages.
Challenge	Number of received/sent Integrity Challenge messages.
Response	Number of received/sent Integrity Response messages.
Error	Number of received/sent error messages.

Related commands

reset rsvp statistics

dscp

Use dscp to specify a DSCP value for outgoing RSVP packets.

Use undo dscp to restore the default.

Syntax

dscp dscp-value

undo dscp

Default

The DSCP value for outgoing RSVP packets is 48.

Views

RSVP view

Predefined user roles

network-admin

mdc-admin

Parameters

dscp-value: Specifies a DSCP value in the range of 0 to 63.

Usage guidelines

The DSCP value of an IP packet specifies the priority level of the packet and affects the transmission priority of the packet.

Examples

# Set the DSCP value for outgoing RSVP packets to 56.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp] dscp 56

Related commands

display rsvp

graceful-restart enable

Use graceful-restart enable to enable RSVP GR.

Use undo graceful-restart enable to disable RSVP GR.

Syntax

graceful-restart enable

undo graceful-restart enable

Default

RSVP GR is disabled.

Views

RSVP view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

RSVP supports only the GR helper function. The device is not able to perform GR, but it can help neighbor devices to perform GR.

Nonstop forwarding (NSF) is implemented between active and standby processes on the device.

The local device can act as a GR helper for the RSVP neighbor connected to an interface only after the RSVP GR function and the RSVP hello extension function are enabled on that interface by using the graceful-restart enable command and the rsvp hello enable command, respectively.

Examples

# Enable RSVP GR globally.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp] graceful-restart enable

Related commands

rsvp hello enable

hello interval

Use hello interval to configure the interval for sending hello requests.

Use undo hello interval to restore the default.

Syntax

hello interval interval

undo hello interval

Default

Hello request messages are sent at an interval of 5 seconds.

Views

RSVP view

Predefined user roles

network-admin

mdc-admin

Parameters

interval: Specifies the interval at which RSVP sends hello requests, in the range of 1 to 60, in seconds.

Usage guidelines

If no hello request is received from a neighbor within the hello interval, the device sends a hello request to the neighbor. If the device receives a hello request from a neighbor within the interval, it immediately replies the neighbor with a hello ACK message.

The hello interval command takes effect only on interfaces that have the RSVP hello extension function enabled (by using the rsvp hello enable command).

Examples

# Set the interval for sending hello request messages to 10 seconds.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp] hello interval 10

Related commands

· hello lost

· rsvp hello enable

hello lost

Use hello lost to configure the maximum number of consecutive lost or erroneous hellos.

Use undo hello lost to restore the default.

Syntax

hello lost times

undo hello lost

Default

The maximum number of consecutive lost or erroneous hellos is 4.

Views

RSVP view

Predefined user roles

network-admin

mdc-admin

Parameters

times: Specifies the maximum number of consecutive lost or erroneous hellos, in the range of 3 to 10.

Usage guidelines

When a device sends a hello to a neighbor but the device does not receive any reply within an interval, the hello is lost. The device considers that the neighbor fails when it does not receive hellos or receives erroneous hellos from the neighbor in three consecutive hello intervals.

If RSVP GR is enabled, the local device acts as a GR helper to help the neighbor to perform GR. If RSVP GR is disabled but FRR is enabled on the local device, it performs an FRR.

If the maximum number is too big, neighbor failures cannot be promptly detected. If the maximum number is too small, an operating neighbor might be regarded failed.

This command takes effect only after the RSVP hello extension function has been enabled by using the rsvp hello enable command.

Examples

# Set the maximum number of consecutive lost or erroneous hellos to 6.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp] hello lost 6

Related commands

· hello interval

· rsvp hello enable

keep-multiplier

Use keep-multiplier to configure the PSB and RSB timeout multiplier.

Use undo keep-multiplier to restore the default.

Syntax

keep-multiplier number

undo keep-multiplier

Default

The PSB and RSB timeout multiplier is 3.

Views

RSVP view

Predefined user roles

network-admin

mdc-admin

Parameters

number: Specifies the PSB and RSB timeout multiplier in the range of 3 to 255.

Usage guidelines

The PSB and RSB timeout is computed in this formula: Timeout = (keep-multiplier+0.5) × 1.5 × refresh-time. Refresh-time is the interval at which the peer device advertises the Path and Resv messages to the local device.

To prevent too many PSBs and RSBs from occupying system resources, the device removes a PSB or RSB if no Path or Resv message is received within the timeout interval.

Examples

# Set the PSB and RSB timeout multiplier to 5.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp] keep-multiplier 5

Related commands

refresh interval

peer

Use peer to create an RSVP authentication neighbor and enter RSVP neighbor view.

Use undo peer to delete the specified RSVP authentication neighbor.

Syntax

peer ip-address

undo peer ip-address

Default

The device does not have any RSVP authentication neighbors.

Views

RSVP view

Predefined user roles

network-admin

mdc-admin

Parameters

ip-address: Specifies an RSVP authentication neighbor by its IP address.

Usage guidelines

After you enter RSVP neighbor view by using this command, you can configure RSVP authentication information for the specified RSVP neighbor, such as the authentication key and idle timeout of the security association.

After the device receives an RSVP message with an authentication object, it checks whether it has an RSVP authentication neighbor that matches the IP address in PHOP of the message (Path or Path Tear message) or matches the source IP address in the message (message other than Path and Path Tear). If a matching neighbor exists and an authentication key has been configured for the neighbor, the device verifies the validity of the message according to the key. Otherwise, the device uses the authentication key configured in interface view or RSVP view to verify the message validity. If no authentication key is configured in any view, the device ignores the authentication object carried in the message and accepts the message.

When sending an RSVP message, the device checks whether it has a matching authentication neighbor according to the next hop address of the destination address in the RSVP message. If a matching neighbor exists and an authentication key has been configured for the neighbor, the device sets the authentication object of the message according to the key. Otherwise, the device uses the authentication key configured in interface view or RSVP view to set the authentication object. If no authentication key is configured in any view, the device does not add an authentication object in the message.

If an FRR occurs, the downstream authentication neighbor of the PLR node is the destination IP address of the bypass tunnel. The upstream authentication neighbor of the MP node is the IP address of the physical outgoing interface of the bypass tunnel on the PLR.

Examples

# Create RSVP authentication neighbor 1.1.1.1, enter RSVP neighbor view, and configure a plaintext authentication key abcdfegh for the neighbor.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp] peer 1.1.1.1

[Sysname-rsvp-peer-1.1.1.1] authentication key plain abcdfegh

Related commands

· authentication challenge

· authentication key

· authentication lifetime

· authentication window-size

refresh interval

Use refresh interval to configure the refresh interval for Path and Resv messages.

Use undo refresh interval to restore the default.

Syntax

refresh interval interval

undo refresh interval

Default

The refresh interval for Path and Resv messages is 30 seconds.

Views

RSVP view

Predefined user roles

network-admin

mdc-admin

Parameters

interval: Specifies the interval at which RSVP refreshes Path and Resv messages, in the range of 10 to 65535 seconds.

Usage guidelines

This command does the following:

· Determines the interval for sending Path and Resv messages.

· Adds the locally configured refresh interval in the sent Path and Resv messages, so the peer device can use this value to calculate the PSB and RSB timeout.

Examples

# Configure the refresh interval for Path and Resv messages as 60 seconds.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp] refresh interval 60

Related commands

keep-multiplier

reset rsvp authentication

Use reset rsvp authentication to clear RSVP security associations.

Syntax

reset rsvp authentication [ from ip-address to ip-address ]

Views

User view

Predefined user roles

network-admin

mdc-admin

Parameters

from ip-address: Clears the RSVP security associations with the specified authentication source IP address.

to ip-address: Clears the RSVP security associations with the specified authentication destination IP address.

Usage guidelines

If you do not specify the from ip-address to ip-address options, this command clears the security associations established with all RSVP neighbors.

Examples

# Clear all RSVP security associations.

<Sysname> reset rsvp authentication

# Clear the RSVP security association sourced from 1.1.1.1 to 2.2.2.2.

<Sysname> reset rsvp authentication from 1.1.1.1 to 2.2.2.2

Related commands

display rsvp authentication

reset rsvp statistics

Use reset rsvp statistics to clear RSVP statistics.

Syntax

reset rsvp statistics [ interface [ interface-type interface-number ] ]

Views

User view

Predefined user roles

network-admin

mdc-admin

Parameters

interface: Clears RSVP statistics on interfaces.

interface-type interface-number: Clears RSVP statistics on the interface specified by its type and number.

Usage guidelines

If you do not specify the interface keyword, this command clears global RSVP statistics.

If you specify the interface keyword without the interface-type interface-number argument, this command clears RSVP statistics on all RSVP-enabled interfaces.

If you specify the interface interface-type interface-number option, this command clears RSVP statistics on the specified interface.

Examples

# Clear global RSVP statistics.

<Sysname> reset rsvp statistics

# Clear RSVP statistics on all RSVP-enabled interfaces.

<Sysname> reset rsvp statistics interface

Related commands

display rsvp statistics

rsvp

Use rsvp to enable RSVP globally and enter RSVP view.

Use undo rsvp to disable RSVP globally.

Syntax

rsvp

undo rsvp

Default

RSVP is disabled globally.

Views

System view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

To enable global RSVP, you must enable both global RSVP (by using the rsvp command) and global MPLS TE (by using the mpls te command).

Examples

# Enable RSVP globally and enter RSVP view.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp]

Related commands

· mpls te

· rsvp enable

rsvp authentication challenge

Use rsvp authentication challenge to enable RSVP challenge-response handshake on an interface.

Use undo rsvp authentication challenge to disable RSVP challenge-response handshake on an interface.

Syntax

rsvp authentication challenge

undo rsvp authentication challenge

Default

RSVP challenge-response handshake is disabled on an interface.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

To prevent packet replay attacks, RSVP requires received authentication messages to carry incremental sequence numbers. RSVP saves the sequence number of the last valid message in a receive-type security association to verify the subsequent messages. However, when RSVP creates a new receive-type security association, it cannot obtain the sequence number of the sender. To successfully establish the receive-type security association, RSVP sets the receive sequence number to 0 by default, so the association can receive a message with any sequence number from the peer. Because this introduces a vulnerability to replay attacks, you should execute the authentication challenge command. When RSVP creates a receive-type security association, it will perform a challenge-response handshake to obtain the sequence number of the sender.

RSVP challenge-response handshake can be configured in the following views:

· RSVP view—Configuration applies to all RSVP security associations.

· RSVP neighbor view—Configuration applies only to RSVP security associations with the specified RSVP neighbor.

· Interface view—Configuration applies only to RSVP security associations established on the current interface.

Examples

# Enable RSVP challenge-response handshake on VLAN-interface 10.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] rsvp authentication challenge

Related commands

· authentication challenge

· authentication key

· authentication lifetime

· authentication window-size

· display rsvp authentication

· reset rsvp authentication

· rsvp authentication key

· rsvp authentication lifetime

· rsvp authentication window-size

rsvp authentication key

Use rsvp authentication key to enable RSVP authentication on an interface, and configure the authentication key.

Use undo rsvp authentication key to disable RSVP authentication on an interface.

Syntax

rsvp authentication key { cipher | plain } auth-key

undo rsvp authentication key

Default

RSVP authentication is disabled.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

cipher: Sets a ciphertext authentication key.

plain: Sets a plaintext authentication key.

Usage guidelines

RSVP authentication ensures integrity of RSVP messages, preventing fake resource reservation requests from occupying network resources.

RSVP uses MD5 to calculate a digest for the authentication key and the message body, adds the digest to the message, and sends the message. When the peer receives the message, it performs the same calculation and compares the calculated digest with the digest in the message. If the two digests are the same, the message passes the RSVP authentication and is accepted. Otherwise, the peer device discards the message.

RSVP authentication can be configured in the following views:

· RSVP view—Configuration applies to all RSVP security associations.

· RSVP neighbor view—Configuration applies only to RSVP security associations with the specified RSVP neighbor.

· Interface view—Configuration applies only to RSVP security associations established on the current interface.

Configurations in RSVP neighbor view, interface view, and RSVP view are in descending order of priority. If RSVP authentication for a neighbor is enabled in both RSVP neighbor view and RSVP view, the authentication key configured in RSVP neighbor view is used.

When using this command, follow these guidelines:

· After RSVP authentication is enabled on the local device, you must also enable RSVP authentication and configure the same authentication key on the RSVP neighbor.

· For security purposes, all keys, including keys configured in plain text, are saved in cipher text.

Examples

# Enable RSVP authentication and configure the authentication key as abcdefgh on VLAN-interface 10.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] rsvp authentication key plain abcdefgh

Related commands

· authentication challenge

· authentication key

· authentication lifetime

· authentication window-size

· display rsvp authentication

· reset rsvp authentication

· rsvp authentication challenge

· rsvp authentication lifetime

· rsvp authentication window-size

rsvp authentication lifetime

Use rsvp authentication lifetime to configure the idle timeout for RSVP security associations on an interface.

Use undo rsvp authentication lifetime to restore the default.

Syntax

rsvp authentication lifetime life-time

undo rsvp authentication lifetime

Default

The idle timeout for RSVP security associations is 1800 seconds on an interface.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

life-time: Specifies the RSVP security association idle timeout in the range of 30 to 86400 seconds.

Usage guidelines

When RSVP authentication is enabled, the device dynamically establishes security associations when receiving and sending RSVP messages to record the message sequence numbers, which are used in RSVP authentication.

The RSVP authentication idle timeout can be configured in the following views:

· RSVP view—Configuration applies to all RSVP security associations.

· RSVP neighbor view—Configuration applies only to RSVP security associations with the specified RSVP neighbor.

· Interface view—Configuration applies only to RSVP security associations established on the current interface.

An RSVP security association established by using the authentication key configured in a view uses the idle timeout configured in the same view.

A modification to the idle timeout affects only security associations established after the modification. To apply the modification to existing security associations, you must execute the reset rsvp authentication command to delete and then re-establish the security associations.

Examples

# Configure the idle timeout for RSVP security associations on VLAN-interface 10 as 100 seconds.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] rsvp authentication lifetime 100

Related commands

· authentication challenge

· authentication key

· authentication lifetime

· authentication window-size

· display rsvp authentication

· reset rsvp authentication

· rsvp authentication challenge

· rsvp authentication key

· rsvp authentication window-size

rsvp authentication window-size

Use rsvp authentication window-size to configure the RSVP authentication window size, which is the maximum number of authenticated RSVP messages that can be received out of sequence on an interface.

Use undo rsvp authentication window-size to restore the default.

Syntax

rsvp authentication window-size number

undo rsvp authentication window-size

Default

Only one authenticated RSVP message can be received out of sequence on an interface.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

number: Specifies the maximum number of authenticated RSVP messages that can be received out of sequence, in the range of 1 to 64.

Usage guidelines

When the receiver receives an RSVP message, it compares the sequence number of the last accepted RSVP message with the sequence number of the newly received RSVP message.

· If the new sequence number is greater than the last sequence number, RSVP accepts the message and updates the last sequence number with the new sequence number.

· If the received sequence number equals the last sequence number, RSVP regards the message a replay message and discards the message.

· If the new sequence number is smaller than the last sequence number but greater than the new sequence number minus the window size, and has never been received before, RSVP accepts the message. If the new sequence number has been received before, RSVP regards the message a replay message and discards the message.

· If the new sequence number is smaller than the new sequence number minus the window size, RSVP regards the message invalid and discards the message.

By default, the authentication window size is 1. If the sequence number of a newly received RSVP message is smaller than that of the last accepted message, the device discards the message.

If the sender sends multiple RSVP messages in a short time, these messages might arrive at the neighbor out of sequence. If you use the default window size, the out-of-sequence messages will be discarded. To solve this problem, you can use the rsvp authentication window-size command to configure a correct window size.

A security association established by using the authentication key configured in a view uses the window size configured in that view.

Examples

# Set the maximum number of out-of-sequence authenticated RSVP messages that can be received on VLAN-interface 10 to 10.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] rsvp authentication window-size 10

Related commands

· authentication challenge

· authentication key

· authentication lifetime

· authentication window-size

· display rsvp authentication

· reset rsvp authentication

· rsvp authentication challenge

· rsvp authentication key

· rsvp authentication lifetime

rsvp bfd enable

Use rsvp bfd enable to enable BFD for RSVP on an interface.

Use undo rsvp bfd enable to restore the default.

Syntax

rsvp bfd enable

undo rsvp bfd enable

Default

RSVP-TE does not use BFD to detect the link status to an RSVP neighbor.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

By sending hellos, RSVP cannot promptly detect neighbor status. By executing this command on an interface, a BFD session is established to detect the link status to the RSVP neighbor on the interface. When the neighbor fails, BFD can quickly detect the failure and notify RSVP of the failure so RSVP can respond as configured, for example, performs an FRR.

Examples

# Enable BFD to detect the link status to the RSVP neighbor on VLAN-interface 10.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] rsvp bfd enable

rsvp enable

Use rsvp enable to enable RSVP for an interface.

Use undo rsvp enable to disable RSVP for an interface.

Syntax

rsvp enable

undo rsvp enable

Default

RSVP is disabled on an interface.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

Before you enable RSVP for an interface, you must first enable RSVP globally by using the rsvp command in system view.

Examples

# Enable RSVP for VLAN-interface 10.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp] quit

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] rsvp enable

Related commands

rsvp

rsvp hello enable

Use rsvp hello enable to enable RSVP hello extension.

Use undo rsvp hello enable to disable RSVP hello extension.

Syntax

rsvp hello enable

undo rsvp hello enable

Default

RSVP hello extension is disabled.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

With RSVP hello extension enabled, an interface sends and receives hello messages to detect the neighbor status.

Examples

# Enable RSVP hello extension on VLAN-interface 10.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] rsvp hello enable

Related commands

· hello lost

· hello interval

rsvp reduction retransmit increment

Use rsvp reduction retransmit increment to configure the RSVP message retransmission increment value.

Use undo rsvp reduction retransmit increment to restore the default.

Syntax

rsvp reduction retransmit increment increment-value

undo rsvp reduction retransmit increment

Default

The RSVP message retransmission increment is 1.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

increment-value: Specifies the RSVP message retransmission increment in the range of 1 to 10.

Usage guidelines

After the reliable RSVP message delivery function is enabled by using the rsvp reduction srefresh reliability command, the retransmission increment and retransmission interval together determine the time for the next transmission of the RSVP message. For more information, see the usage guidelines in the rsvp reduction srefresh command.

Examples

# On VLAN-interface 10, set the RSVP message retransmission increment value to 2.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] rsvp reduction retransmit increment 2

Related commands

· rsvp reduction retransmit interval

· rsvp reduction srefresh

rsvp reduction retransmit interval

Use rsvp reduction retransmit interval to configure the RSVP message retransmission interval.

Use undo rsvp reduction retransmit interval to restore the default.

Syntax

rsvp reduction retransmit interval retrans-timer-value

undo rsvp reduction retransmit interval

Default

The RSVP message retransmission interval is 500 milliseconds.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

retrans-timer-value: Specifies the RSVP message retransmission interval in the range of 500 to 3000 milliseconds.

Usage guidelines

Examples

# On VLAN-interface 10, configure the RSVP message retransmission interval as 1000 milliseconds.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] rsvp reduction retransmit interval 1000

Related commands

· rsvp reduction retransmit increment

· rsvp reduction srefresh

rsvp reduction srefresh

Use rsvp reduction srefresh to enable summary refresh and reliable RSVP message delivery.

Use undo rsvp reduction srefresh to disable summary refresh and reliable RSVP message delivery.

Syntax

rsvp reduction srefresh [ reliability ]

undo rsvp reduction srefresh

Default

Summary refresh and reliable RSVP message delivery are disabled.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

reliability: Enables reliable RSVP message delivery. If you do not specify this keyword, the command enables only the summary refresh function.

Usage guidelines

RSVP sends Path and Resv messages with the same states and objects to maintain the path and reservation states at a specific interval (configured by the refresh interval command). These messages are collectively referred to as refresh messages. Refresh messages are used to synchronize the path and reservation states on RSVP neighbors and to recover from lost RSVP messages.

When multiple RSVP sessions exist on a network, the periodically sent refresh messages can cause network degradation. In this case, the refreshing interval of Path and Resv messages should not be too short. However, delay sensitive applications want to recover from lost RSVP messages through the refresh messages as soon as possible. In this case, the refreshing interval should not be too long. You can use the summary refresh (Srefresh) and the reliable RSVP message delivery functions to find the appropriate balance.

Srefresh is implemented by adding a Message_ID object to a Path or Resv message to uniquely identify the message. To refresh Path and Resv states, RSVP does not need to send standard Path and Resv messages. Instead, it can send a summary refresh message that carries a set of Message_ID objects that identify the Path and Resv states to be refreshed. The Srefresh function reduces the number of refresh messages on the network and speeds up the refresh message processing.

Reliable RSVP message delivery requires the peer device to acknowledge each RSVP message received from the local device. If no acknowledgment is received, the local device retransmits the message.

To implement reliable RSVP message delivery, a node sends an RSVP message that includes a Message_ID object in which the ACK_Desired flag is set. The receiver needs to confirm the delivery by sending back a message that includes the Message_ID_ACK object. If the sender does not receive a Message_ID_ACK within the retransmission interval (Rf), it retransmits the message when Rf expires and sets the next transmission interval to (1 + delta) × Rf. The sender repeats this process until it receives the Message_ID_ACK before the retransmission time expires or it has transmitted the message three times.

The initial value of Rf is configured by the rsvp reduction retransmit interval command. The delta value is configured by the rsvp reduction retransmit increment command.

After the summary refresh is enabled, RSVP maintains the path and reservation states by sending Srefresh messages rather than standard refresh messages. The Srefresh message sending interval is configured by the refresh interval command.

Examples

# On VLAN-interface 10, enable summary refresh and reliable RSVP message delivery.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] rsvp reduction srefresh reliability

Related commands

· refresh interval

· rsvp reduction retransmit increment

· rsvp reduction retransmit interval

Tunnel policy commands

The tunnel policy feature is available in Release 1138P01 and later versions.

display mpls tunnel

Use display mpls tunnel to display tunnel information.

Syntax

display mpls tunnel { all | statistics | [ vpn-instance vpn-instance-name ] destination tunnel-ipv4-dest }

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

all: Displays all tunnels.

statistics: Displays tunnel statistics.

vpn-instance vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays tunnel information for the public network.

destination tunnel-ipv4-dest: Specifies the tunnel destination IPv4 address.

Examples

# Display information about all tunnels.

<Sysname> display mpls tunnel all

Destination Type Tunnel/NHLFE VPN Instance

2.2.2.2 LSP NHLFE1024

3.3.3.3 CRLSP Tunnel2

Table 57 Command output

Field	Description
Destination	Tunnel destination address.
Type	Tunnel type: LSP or CRLSP (MPLS TE tunnel).
Tunnel/NHLFE	Tunnel or NHLFE entry. NHLFEnumber represents the ingress LSP that matches the NHLFE entry with NID of number.
VPN Instance	VPN instance name. If the tunnel belongs to the public network, this field is blank.

# Display tunnel statistics.

<Sysname> display mpls tunnel statistics

LSP : 1

GRE : 0

CRLSP: 0

Table 58 Command output

Field	Description
LSP	Number of LSP tunnels.
GRE	Number of GRE tunnels. This field is not supported in the current software release.
CRLSP	Number of CRLSP (MPLS TE) tunnels.

preferred-path

Use preferred-path to specify a preferred tunnel in a tunnel policy.

Use undo preferred-path to restore the default.

Syntax

preferred-path tunnel number

undo preferred-path tunnel number

Default

No preferred tunnel is specified.

Views

Tunnel policy view

Predefined user roles

network-admin

mdc-admin

Parameters

number: Specifies a tunnel interface by its number in the range of 0 to 9214.

Usage guidelines

As a best practice, specify a preferred tunnel and make sure the destination address of the tunnel interface identifies the peer PE for an MPLS VPN. In this method, the local PE forwards traffic destined for the peer PE over the tunnel.

For a tunnel policy to solely use a tunnel, do not specify the tunnel as the preferred tunnel in other tunnel policies.

If you specify multiple preferred tunnels that have the same destination address in a tunnel policy, only the first configured tunnel takes effect. If the first tunnel is not available, the second tunnel is used, and so forth. No load balancing will be performed on these tunnels.

Examples

# Configure tunnel 1 and tunnel 2 as preferred tunnels for tunnel policy policy1.

<Sysname> system-view

[Sysname] tunnel-policy policy1

[Sysname-tunnel-policy-policy1] preferred-path tunnel 1

[Sysname-tunnel-policy-policy1] preferred-path tunnel 2

select-seq load-balance-number

Use select-seq load-balance-number to configure the tunnel selection order and the number of tunnels for load balancing.

Use undo select-seq load-balance-number to restore the default.

Syntax

select-seq { cr-lsp | lsp } * load-balance-number number

undo select-seq

Default

The device selects only one tunnel in LSP-CRLSP order.

Views

Tunnel policy view

Predefined user roles

network-admin

mdc-admin

Parameters

cr-lsp: Uses CRLSP tunnels.

lsp: Uses LSP tunnels.

load-balance-number number: Specifies the number of tunnels for load balancing. The value range for the number argument is 1 to n, where n equals the maximum number of ECMP routes set by the max-ecmp-num command. For more information about the max-ecmp-num command, see Layer 3—IP Routing Command Reference.

Usage guidelines

A tunnel type closer to the select-seq keyword has a higher priority, and only the tunnel types specified in this command can be used. For example, the select-seq lsp cr-lsp load-balance-number 3 command gives LSP higher priority over CRLSP. If no LSP is available or the number of LSPs is less than 3, VPN uses CRLSP tunnels.

Tunnels selected by this method are not fixed, making it hard to plan VPN traffic. As a best practice, do not use this method.

When you configure both the select-seq load-balance-number and preferred-path commands for a tunnel policy, the tunnel policy selects tunnels in the following steps:

1. If the destination address of the preferred tunnel identifies a peer PE, the tunnel policy uses the preferred tunnel to forward traffic destined for the peer PE without using any other tunnels.

2. If not, the tunnel policy selects tunnels as configured by the select-seq load-balance-number command.

Examples

# Configure tunnel policy policy1 to use only LDP LSP tunnels, and set the load balancing number to 2.

<Sysname> system-view

[Sysname] tunnel-policy policy1

[Sysname-tunnel-policy-policy1] select-seq lsp load-balance-number 2

tunnel-policy

Use tunnel-policy to create a tunnel policy and enter tunnel policy view.

Use undo tunnel-policy to delete an existing tunnel policy.

Syntax

tunnel-policy tunnel-policy-name

undo tunnel-policy tunnel-policy-name

Default

No tunnel policy is configured on the device.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

tunnel-policy-name: Specifies a name for the tunnel policy, a case-sensitive string of 1 to 19 characters.

Examples

# Create tunnel policy policy1 and enter its view.

<Sysname> system-view

[Sysname] tunnel-policy policy1

[Sysname-tunnel-policy-policy1]

MPLS L3VPN commands

The MPLS L3VPN feature is available in Release 1138P01 and later versions.

address-family ipv4 (VPN instance view)

Use address-family ipv4 to enter IPv4 VPN view.

Use undo address-family ipv4 to remove all configurations from IPv4 VPN view.

Syntax

address-family ipv4

undo address-family ipv4

Views

VPN instance view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

In IPv4 VPN view, you can configure IPv4 VPN parameters such as inbound and outbound routing policies.

Examples

# Enter IPv4 VPN view.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] address-family ipv4

[Sysname-vpn-ipv4-vpn1]

address-family vpnv4

Use address-family vpnv4 to create the BGP VPNv4 address family or BGP-VPN VPNv4 address family and enter its view.

Use undo address-family vpnv4 to remove the BGP VPNv4 address family or BGP-VPN VPNv4 address family and all configurations in address family view.

Syntax

address-family vpnv4

undo address-family vpnv4

Default

The BGP VPNv4 address family or BGP-VPN VPNv4 address family is not created.

Views

BGP view, BGP-VPN instance view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

A VPNv4 address comprises an RD and an IPv4 prefix. VPNv4 routes comprise VPNv4 addresses.

For a PE to exchange BGP VPNv4 routes with a BGP peer, you must enable that peer by executing the peer enable command in BGP VPNv4 address family view or BGP-VPN VPNv4 address family view.

In BGP VPNv4 address family view, you can configure the following settings:

· BGP VPNv4 route attributes, such as the preferred value.

· Whether to allow the local AS number to appear in the AS_PATH attribute of received route updates.

The settings in BGP VPNv4 address family view control VPNv4 route exchange between PEs.

The settings in BGP-VPN VPNv4 address family view control VPNv4 route exchange between provider PE and provider CE in nested MPLS L3VPN.

Examples

# Create the BGP VPNv4 address family and enter its view.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp] address-family vpnv4

[Sysname-bgp-vpnv4]

# Create the BGP-VPN VPNv4 address family and enter its view.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp] ip vpn-instance vpn1

[Sysname-bgp-vpn1] address-family vpnv4

[Sysname-bgp-vpnv4-vpn1]

description (VPN instance view)

Use description to configure a description for a VPN instance.

Use undo description to delete the description.

Syntax

description text

undo description

Default

No description is configured for a VPN instance.

Views

VPN instance view

Predefined user roles

network-admin

mdc-admin

Parameters

text: Specifies a description for the VPN instance, a case-sensitive string of 1 to 79 characters.

Examples

# Configure a description of This is vpn1 for VPN instance vpn1.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] description This is vpn1

display bgp routing-table ipv4 unicast inlabel

Use display bgp routing-table ipv4 unicast inlabel to display incoming labels for BGP IPv4 unicast routes.

Syntax

display bgp routing-table ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] inlabel

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

Usage guidelines

This command displays incoming labels for BGP IPv4 unicast routes regardless of whether the unicast keyword is specified or not.

Examples

# Display incoming labels for all BGP IPv4 unicast routes on the public network.

<Sysname> display bgp routing-table ipv4 inlabel

Total number of routes: 1

BGP local router ID is 3.3.3.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Network NextHop OutLabel InLabel

* > 2.2.2.9/32 1.1.1.2 1151 1279

Table 59 Command output

Field	Description
BGP local router ID	Router ID of the local BGP router.
Status codes	Route status codes. See Table 61.
Origin	Route origin codes. See Table 61.
In/Out Label	Incoming/outgoing label.

display bgp routing-table ipv4 unicast outlabel

Use display bgp routing-table ipv4 unicast outlabel to display outgoing labels for BGP IPv4 unicast routes.

Syntax

In standalone mode:

display bgp routing-table ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] outlabel [ standby slot slot-number ]

In IRF mode:

display bgp routing-table ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] outlabel [ standby chassis chassis-number slot slot-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

standby: Displays BGP IPv4 unicast route outgoing labels for a standby BGP process. If you do not specify a standby BGP process, this command displays information for the active BGP process.

slot slot-number: Specifies the slot number of the card where the standby process resides. (In standalone mode.)

chassis chassis-number slot slot-number: Specifies the card where the standby process resides. The chassis-number argument represents the IRF member ID of the device. The slot-number argument represents the slot number of the card. (In IRF mode.)

Usage guidelines

The active BGP process backs up BGP peers and routing information to the standby BGP process only when BGP NSR is enabled. If BGP NSR is disabled, this command does not display anything when you execute it with the standby keyword.

This command displays outgoing labels for BGP IPv4 unicast routes regardless of whether the unicast keyword is specified or not.

Examples

# Display outgoing labels for all BGP IPv4 unicast routes for the active process on the public network.

<Sysname> display bgp routing-table ipv4 outlabel

Total number of routes: 1

BGP local router ID is 3.3.3.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Network NextHop OutLabel

* > 2.2.2.9/32 1.1.1.2 1151

Table 60 Command output

Field	Description
BGP local router ID	Router ID of the local BGP router.
Status codes	Route status codes. See Table 61.
Origin	Route origin codes. See Table 61.
OutLabel	Outgoing label.

display bgp routing-table vpnv4

Use display bgp routing-table vpnv4 to display BGP VPNv4 routing information.

Syntax

In standalone mode:

display bgp routing-table vpnv4 [ [ route-distinguisher route-distinguisher ] [ network-address [ { mask | mask-length } [ longest-match ] ] | network-address [ mask | mask-length ] advertise-info | as-path-acl as-path-acl-number | community-list { { basic-community-list-number | comm-list-name } [ whole-match ] | adv-community-list-number } ] | [ vpn-instance vpn-instance-name ] peer ip-address { advertised-routes | received-routes } [ network-address [ mask | mask-length ] | statistics ] | statistics ] [ standby slot slot-number ]

In IRF mode:

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

route-distinguisher route-distinguisher: Specifies an RD, a string of 3 to 21 characters in one of these formats:

· 16-bit AS number:32-bit user-defined number. For example, 101:3.

· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.

· 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1.

network-address: Specifies the destination network address.

mask: Specifies the network mask, in dotted decimal notation.

mask-length: Specifies the length of the network mask, in the range of 0 to 32.

longest-match: Displays the longest matching BGP VPNv4 route.

advertise-info: Displays advertisement information for BGP VPNv4 routes.

as-path-acl as-path-acl-number: Displays BGP VPNv4 routes that match the AS path list specified by its number in the range of 1 to 256.

community-list: Displays BGP VPNv4 routes that match a BGP community list.

basic-community-list-number: Specifies a basic community list by its number in the range of 1 to 99.

comm-list-name: Specifies a community list by its name, a case-sensitive string of 1 to 63 characters.

whole-match: Displays BGP VPNv4 routes exactly matching the specified community list. If you do not specify this keyword, the command displays BGP VPNv4 routes whose COMMUNITY attributes include the specified community list.

adv-community-list-number: Specifies an advanced community list by its number in the range of 100 to 199.

peer: Displays BGP VPNv4 routing information advertised to or received from a peer.

ip-address: Specifies the peer IP address.

advertised-routes: Displays BGP VPNv4 routing information advertised to the specified peer.

received-routes: Displays BGP VPNv4 routing information received from the specified peer.

statistics: Displays BGP VPNv4 routing statistics.

standby: Displays BGP VPNv4 routing information for a standby BGP process. If you do not specify a standby BGP process, this command displays information for the active BGP process.

slot slot-number: Specifies the slot number of the card where the standby process resides. (In standalone mode.)

Usage guidelines

If you do not any parameters, this command displays information about all BGP VPNv4 routes.

If you specify network-address mask or network-address mask-length, this command displays information about the BGP VPNv4 route that exactly matches the specified address and mask.

If you specify only network-address, the system ANDs the network address with the mask of a route. If the result matches the network address of the route, this command displays information about the BGP VPNv4 route.

Examples

# Display brief information about all BGP VPNv4 routes for the active process.

<Sysname> display bgp routing-table vpnv4

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Total number of routes from all PEs: 2

Route distinguisher: 100:1(vpn1)

Total number of routes: 6

Network NextHop MED LocPrf PrefVal Path/Ogn

* > 10.1.1.0/24 10.1.1.2 0 32768 ?

* e 10.1.1.1 0 0 65410?

* > 10.1.1.2/32 127.0.0.1 0 32768 ?

* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?

* >e 192.168.1.0 10.1.1.1 0 0 65410?

* i 3.3.3.9 0 100 0 65420?

Route distinguisher: 200:1

Total number of routes: 2

Network NextHop MED LocPrf PrefVal Path/Ogn

* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?

* >i 192.168.1.0 3.3.3.9 0 100 0 65420?

# Display brief information about BGP VPNv4 routes with RD 100:1 for the active process.

<Sysname> display bgp routing-table vpnv4 route-distinguisher 100:1

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Route distinguisher: 100:1(vpn1)

Total number of routes: 6

Network NextHop MED LocPrf PrefVal Path/Ogn

* > 10.1.1.0/24 10.1.1.2 0 32768 ?

* e 10.1.1.1 0 0 65410?

* > 10.1.1.2/32 127.0.0.1 0 32768 ?

* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?

* >e 192.168.1.0 10.1.1.1 0 0 65410?

* i 3.3.3.9 0 100 0 65420?

# Display information about BGP VPNv4 routes matching AS_PATH list 1 for the active process.

<Sysname> display bgp routing-table vpnv4 as-path-acl 1

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Total number of routes from all PEs: 2

Route distinguisher: 100:1(vpn1)

Total number of routes: 6

Network NextHop MED LocPrf PrefVal Path/Ogn

* > 10.1.1.0/24 10.1.1.2 0 32768 ?

* e 10.1.1.1 0 0 65410?

* > 10.1.1.2/32 127.0.0.1 0 32768 ?

* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?

* >e 192.168.1.0 10.1.1.1 0 0 65410?

* i 3.3.3.9 0 100 0 65420?

Route distinguisher: 200:1

Total number of routes: 2

Network NextHop MED LocPrf PrefVal Path/Ogn

* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?

* >i 192.168.1.0 3.3.3.9 0 100 0 65420?

# Display information about BGP VPNv4 routes matching BGP community list 100 for the active process.

<Sysname> display bgp routing-table vpnv4 community-list 100

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Total number of routes from all PEs: 2

Route distinguisher: 100:1(vpn1)

Total number of routes: 6

Network NextHop MED LocPrf PrefVal Path/Ogn

* > 10.1.1.0/24 10.1.1.2 0 32768 ?

* e 10.1.1.1 0 0 65410?

* > 10.1.1.2/32 127.0.0.1 0 32768 ?

* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?

* >e 192.168.1.0 10.1.1.1 0 0 65410?

* i 3.3.3.9 0 100 0 65420?

Route distinguisher: 200:1

Total number of routes: 2

Network NextHop MED LocPrf PrefVal Path/Ogn

* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?

* >i 192.168.1.0 3.3.3.9 0 100 0 65420?

# Display information about BGP VPNv4 routes advertised to peer 3.3.3.9 for the active process on the public network.

<Sysname> display bgp routing-table vpnv4 peer 3.3.3.9 advertised-routes

Total number of routes: 2

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Route distinguisher: 100:1

Total number of routes: 2

Network NextHop MED LocPrf Path/Ogn

* > 10.1.1.0/24 10.1.1.2 0 ?

* >e 192.168.1.0 10.1.1.1 0 65410?

# Display information about BGP VPNv4 routes received from peer 3.3.3.9 for the active process on the public network.

<Sysname> display bgp routing-table vpnv4 peer 3.3.3.9 received-routes

Total number of routes: 2

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Route distinguisher: 200:1

Total number of routes: 2

Network NextHop MED LocPrf PrefVal Path/Ogn

* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?

* >i 192.168.1.0 3.3.3.9 0 100 0 65420?

Table 61 Command output

Field	Description
BGP Local router ID	Router ID of the local BGP router.
Status codes	Route status codes: · * - valid—Valid route. · > - best—Common best route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route.
Origin	Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols.
Total number of routes from all PEs	Total number of VPNv4 routes from all PEs.
Network	Network address.
NextHop	Address of the next hop.
MED	MULTI_EXIT_DISC attribute.
LocPrf	Local preference value.
PrefVal	Preferred value.
Path/Ogn	AS_PATH and Origin attributes.

# Display detailed information about the BGP VPNv4 route destined for 10.3.1.0/24 for the active process.

<Sysname> display bgp routing-table vpnv4 10.3.1.0 24

BGP local router ID: 1.1.1.9

Local AS number: 100

Route distinguisher: 100:1(vpn1)

Total number of routes: 1

Paths: 1 available, 1 best

BGP routing table information of 10.3.1.0/24:

From : 3.3.3.9 (3.3.3.9)

Relay nexthop : 172.1.1.2

Original nexthop: 3.3.3.9

OutLabel : 1279

Ext-Community : <RT: 111:1>

AS-path : (null)

Origin : incomplete

Attribute value : MED 0, localpref 100, pref-val 0

State : valid, internal, best,

Route distinguisher: 200:1

Total number of routes: 1

Paths: 1 available, 1 best

BGP routing table information of 10.3.1.0/24:

From : 3.3.3.9 (3.3.3.9)

Relay nexthop : 172.1.1.2

Original nexthop: 3.3.3.9

OutLabel : 1279

Ext-Community : <RT: 111:1>

AS-path : (null)

Origin : incomplete

Attribute value : MED 0, localpref 100, pref-val 0

State : valid, internal, best,

# Display detailed information about the BGP VPNv4 route destined for 10.3.1.0/24 for the standby process.

<Sysname> display bgp routing-table vpnv4 10.3.1.0 24

BGP local router ID: 1.1.1.9

Local AS number: 100

Route distinguisher: 100:1(vpn1)

Total number of routes: 1

Paths: 1 available, 0 best

BGP routing table information of 10.3.1.0/24:

From : 3.3.3.9 (3.3.3.9)

Relay nexthop : 172.1.1.2

Original nexthop: 3.3.3.9

OutLabel : 1279

Ext-Community : <RT: 111:1>

AS-path : (null)

Origin : incomplete

Attribute value : MED 0, localpref 100, pref-val 0

State : valid, internal,

IP precedence : N/A

QoS local ID : N/A

Route distinguisher: 200:1

Total number of routes: 1

Paths: 1 available, 0 best

BGP routing table information of 10.3.1.0/24:

From : 3.3.3.9 (3.3.3.9)

Relay nexthop : 172.1.1.2

Original nexthop: 3.3.3.9

OutLabel : 1279

Ext-Community : <RT: 111:1>

AS-path : (null)

Origin : incomplete

Attribute value : MED 0, localpref 100, pref-val 0

State : valid, internal,

IP precedence : N/A

QoS local ID : N/A

# Display detailed information about the BGP VPNv4 route destined for 10.3.1.0/24 and with RD 100:1 for the active process.

<Sysname> display bgp routing-table vpnv4 route-distinguisher 100:1 10.3.1.0 24

BGP local router ID: 1.1.1.9

Local AS number: 100

Route distinguisher: 100:1(vpn1)

Total number of routes: 1

Paths: 1 available, 1 best

BGP routing table information of 10.3.1.0/24:

From : 3.3.3.9 (3.3.3.9)

Relay nexthop : 172.1.1.2

Original nexthop: 3.3.3.9

OutLabel : 1279

Ext-Community : <RT: 111:1>

AS-path : (null)

Origin : incomplete

Attribute value : MED 0, localpref 100, pref-val 0

State : valid, internal, best,

# Display detailed information about the BGP VPNv4 route destined for 10.3.1.0/24 and with RD 100:1 for the standby process.

<Sysname> display bgp routing-table vpnv4 route-distinguisher 100:1 10.3.1.0 24

BGP local router ID: 1.1.1.9

Local AS number: 100

Route distinguisher: 100:1(vpn1)

Total number of routes: 1

Paths: 1 available, 0 best

BGP routing table information of 10.3.1.0/24:

From : 3.3.3.9 (3.3.3.9)

Relay nexthop : 172.1.1.2

Original nexthop: 3.3.3.9

OutLabel : 1279

Ext-Community : <RT: 111:1>

AS-path : (null)

Origin : incomplete

Attribute value : MED 0, localpref 100, pref-val 0

State : valid, internal,

IP precedence : N/A

QoS local ID : N/A

Table 62 Command output

Field	Description
Relay Nexthop	Recursive next hop. If no recursive next hop is found, this field displays not resolved.
Original nexthop	Original next hop. If the route is learned from a BGP update, it is the next hop in the update message.
Ext-Community	Extended community attribute.
Attribute value	BGP route attribute information: · MED—MED attribute. · Localpref—Local preference. · pref-val—Preferred value. · pre—Protocol preference.
State	Route status: · valid—Valid route. · internal—Internal route. · external—External route. · local—Locally generated route. · synchronize—Synchronized route. · best—Best route.

# Display advertisement information for BGP VPNv4 routes to 10.1.1.0/24.

<Sysname> display bgp routing-table vpnv4 10.1.1.0 24 advertise-info

BGP local router ID: 1.1.1.9

Local AS number: 100

Route distinguisher: 100:1

Total number of routes: 1

Paths: 1 best

BGP routing table information of 10.1.1.0/24:

Advertised to VPN peers (1 in total):

3.3.3.9

Inlabel : 1279

Table 63 Command output

Field	Description
Paths	Number of routes to the specified destination network.
BGP routing table information of 10.1.1.0/24	Advertisement information for the BGP route to 10.1.1.0/24.
Advertised to VPN peers (1 in total)	VPNv4 peers to which the route is advertised, and the number of peers.
Inlabel	Incoming label of the route.

# Display statistics about BGP VPNv4 routes advertised to peer 3.3.3.9 for the active process on the public network.

<Sysname> display bgp routing-table vpnv4 peer 3.3.3.9 advertised-routes statistics

Advertised routes total: 2

# Display statistics about BGP VPNv4 routes received from peer 3.3.3.9 for the active process on the public network.

<Sysname> display bgp routing-table vpnv4 peer 3.3.3.9 received-routes statistic

Received routes total: 2

Table 64 Command output

Field	Description
Advertised routes total	Total number of routes advertised to the specified peer.
Received routes total	Total number of routes received from the specified peer.

# Display statistics about BGP VPNv4 routes on the public network.

<Sysname> display bgp routing-table vpnv4 statistics

Total number of routes from all PEs: 2

Route distinguisher: 100:1(vpn1)

Total number of routes: 6

Route distinguisher: 200:1

Total number of routes: 2

Table 65 Command output

Field	Description
Total number of routes from all PEs	Total number of VPNv4 routes from all PEs.
Total number of routes	Total number of VPNv4 routes with the specified RD.

Related commands

ip as-path (Layer 3—IP Routing Command Reference)

display bgp routing-table vpnv4 inlabel

Use display bgp routing-table vpnv4 inlabel to display incoming labels for BGP VPNv4 routes.

Syntax

display bgp routing-table vpnv4 inlabel

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Examples

# Display incoming labels for all BGP VPNv4 routes.

<Sysname> display bgp routing-table vpnv4 inlabel

Total number of routes: 2

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Route distinguisher: 100:1

Total number of routes: 2

Network NextHop OutLabel InLabel

* > 10.1.1.0/24 10.1.1.2 NULL 1279

* >e 192.168.1.0 10.1.1.1 NULL 1278

Table 66 Command output

Field	Description
BGP local router ID	Router ID of the local BGP router.
Status codes	Route status codes. See Table 61.
Origin	Route origin. See Table 61.

display bgp routing-table vpnv4 outlabel

Use display bgp routing-table vpnv4 outlabel to display outgoing labels for BGP VPNv4 routes.

Syntax

In standalone mode:

display bgp routing-table vpnv4 outlabel [ standby slot slot-number ]

In IRF mode:

display bgp routing-table vpnv4 outlabel [ standby chassis chassis-number slot slot-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

standby: Displays all BGP VPNv4 route outgoing labels for a standby BGP process. If you do not specify a standby BGP process, this command displays information for the active BGP process.

slot slot-number: Specifies the slot number of the card where the standby process resides. (In standalone mode.)

Usage guidelines

Examples

# Display outgoing labels for all BGP VPNv4 routes for the active process.

<Sysname> display bgp routing-table vpnv4 outlabel

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Total number of routes from all PEs: 2

Route distinguisher: 100:1(vpn1)

Total number of routes: 2

Network NextHop OutLabel

* >i 10.3.1.0/24 3.3.3.9 1279

* i 192.168.1.0 3.3.3.9 1278

Route distinguisher: 200:1

Total number of routes: 2

Network NextHop OutLabel

* >i 10.3.1.0/24 3.3.3.9 1279

* >i 192.168.1.0 3.3.3.9 1278

Table 67 Command output

Field	Description
BGP local router ID	Router ID of the local BGP router.
Status codes	Route status codes. See Table 61.
Origin	Route origin codes. See Table 61.
OutLabel	Outgoing label.

display ip vpn-instance

Use display ip vpn-instance to display information about VPN instances.

Syntax

display ip vpn-instance [ instance-name vpn-instance-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

instance-name vpn-instance-name: Displays information about the specified VPN instance. The vpn-instance-name is a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays brief information about all VPN instances.

Examples

# Display brief information about all VPN instances.

<Sysname> display ip vpn-instance

Total VPN-Instances configured : 1

VPN-Instance Name RD Create time

abc 1:1 2011/05/18 10:48:17

Table 68 Command output

Field	Description
VPN-Instance Name	Name of the VPN instance.
RD	RD of the VPN instance.
Create Time	Time when the VPN instance was created.

# Display detailed information about VPN instance vpn1.

<Sysname> display ip vpn-instance instance-name vpn1

VPN-Instance Name and Index : vpn1, 2

Route Distinguisher : 100:1

VPN ID : 1:1

Description : vpn1

Interfaces : Vlan-interface10

Address-family IPv4:

Export VPN Targets :

2:2

Import VPN Targets :

3:3

Export Route Policy : outpolicy

Import Route Policy : inpolicy

Tunnel Policy : tunnel1

Maximum Routes Limit : 5000

display ospf sham-link

Use display ospf sham-link to display OSPF sham link information.

Syntax

In standalone mode:

display ospf [ process-id ] sham-link [ area area-id ] [ standby slot slot-number ]

In IRF mode:

display ospf [ process-id ] sham-link [ area area-id ] [ standby chassis chassis-number slot slot-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

process-id: Displays sham link information for the OSPF process specified by its ID. The process ID is in the range of 1 to 65535. If you do not specify a process, this command displays sham link information for all OSPF processes.

area area-id: Displays sham link information for the OSPF area specified by its ID, which is an IP address, or an integer. The integer is in the range of 0 to 4294967295. If you do not specify an area, this command displays sham link information for all OSPF areas.

standby: Displays information about the standby OSPF process. If you do not specify this keyword, the command displays information about the active OSPF process.

slot slot-number: Specifies the slot number of the card where the standby process resides. (In standalone mode.)

Usage guidelines

If you do not specify any processes or areas, this command displays information about all OSPF sham links.

The active OSPF process backs up OSPF peers and routing information to the standby OSPF process only when OSPF NSR is enabled. If OSPF NSR is disabled, this command does not display anything when you execute it by using the standby keyword.

Examples

# Display information about all OSPF sham links.

<Sysname> display ospf sham-link

OSPF Process 1 with Router ID 125.1.1.1

Sham link

Area Neighbor ID Source IP Destination IP State Cost

0.0.0.0 95.1.1.1 125.2.1.1 95.2.1.1 P-2-P 1

# Display OSPF sham link information for OSPF area 1.

<Sysname> display ospf sham-link area 1

OSPF Process 1 with Router ID 125.1.1.1

Sham link: 125.2.1.1 --> 95.2.1.1

Neighbor ID: 95.1.1.1 State: Full

Area: 0.0.0.0

Cost: 1 State: P-2-P Type: Sham

Timers: Hello 10, Dead 40, Retransmit 5, Transmit Delay 1

Request list: 0 Retransmit list: 0

MD5 authentication enabled.

The last key is 3.

The rollover is in progress, 1 neighbor(s) left.

The timers for a sham link are in seconds.

domain-id

Use domain-id to configure an OSPF domain ID.

Use undo domain-id to restore the default.

Syntax

domain-id domain-id [ secondary ]

undo domain-id [ domain-id ]

Default

The OSPF domain ID is 0.

Views

OSPF view

Predefined user roles

network-admin

mdc-admin

Parameters

domain-id: Specifies an OSPF domain ID, in one of these formats:

· Integer, in the range of 0 to 4294967295. For example, 1.

· Dotted decimal notation. For example, 0.0.0.1.

· Dotted decimal notation:16-bit user-defined number in the range of 0 to 65535. For example, 0.0.0.1:512.

secondary: Specifies a secondary domain ID. If you do not specify this keyword, the command specifies a primary domain ID.

Usage guidelines

When you redistribute OSPF routes into BGP, BGP adds the primary domain ID to the redistributed BGP VPNv4 routes as a BGP extended community attribute. Then, BGP advertises the routes to the peer PE.

When the peer PE receives the routes, it compares the OSPF domain ID in the routes with the locally configured primary and secondary domain IDs. If the primary or secondary domain ID is the same as the received domain ID, and the received routes are intra-area routes, OSPF advertises these routes in Network Summary LSAs (Type 3). Otherwise, OSPF advertises these routes in AS External LSAs (Type 5) or NSSA External LSAs (Type 7).

If you do not specify any parameters, the undo domain-id command deletes all domain IDs.

Examples

# Configure the OSPF domain ID as 234.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] domain-id 234

export route-policy

Use export route-policy to apply an export routing policy to a VPN instance.

Use undo export route-policy to remove the application.

Syntax

export route-policy route-policy

undo export route-policy

Default

No export routing policy is applied to a VPN instance.

Views

VPN instance view, IPv4 VPN view

Predefined user roles

network-admin

mdc-admin

Parameters

route-policy: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.

Usage guidelines

You can specify an export routing policy to filter advertised routes or modify their route attributes for the VPN instance.

If you execute this command multiple times, the most recent configuration takes effect.

IPv4 VPN prefers the export routing policy specified in IPv4 VPN view over the one specified in VPN instance view.

Examples

# Apply export routing policy poly-1 to the VPN instance vpn1.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] export route-policy poly-1

# Apply export routing policy poly-2 to the IPv4 VPN vpn2.

<Sysname> system-view

[Sysname] ip vpn-instance vpn2

[Sysname-vpn-instance-vpn2] address-family ipv4

[Sysname-vpn-ipv4-vpn2] export route-policy poly-2

Related commands

· import route-policy

· route-policy (Layer 3—IP Routing Configuration Guide)

ext-community-type

Use ext-community-type to configure the type code of an OSPF extended community attribute.

Use undo ext-community-type to restore the default.

Syntax

ext-community-type { domain-id type-code1 | router-id type-code2 | route-type type-code3 }

undo ext-community-type [ domain-id | router-id | route-type ]

Default

The type codes for domain ID, router ID, and route type are hex numbers 0005, 0107, and 0306, respectively.

Views

OSPF view

Predefined user roles

network-admin

mdc-admin

Parameters

domain-id type-code1: Specifies the type code for domain ID. Valid values are hex numbers 0005, 0105, 0205, and 8005.

router-id type-code2: Specifies the type code for router ID. Valid values are hex numbers 0107 and 8001.

router-type type-code3: Specifies the type code for route type. Valid values are hex numbers 0306 and 8000.

Examples

# Configure the type codes of domain ID, router ID, and route type as hex numbers 8005, 8001, and 8000, respectively, for OSPF process 100.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] ext-community-type domain-id 8005

[Sysname-ospf-100] ext-community-type router-id 8001

[Sysname-ospf-100] ext-community-type route-type 8000

import route-policy

Use import route-policy to apply an import routing policy to a VPN instance.

Use undo import route-policy to remove the application.

Syntax

import route-policy route-policy

undo import route-policy

Default

No import routing policy is applied to a VPN instance. All routes matching the import target attribute are accepted.

Views

VPN instance view, IPv4 VPN view

Predefined user roles

network-admin

mdc-admin

Parameters

route-policy: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.

Usage guidelines

You can specify an import routing policy to filter received routes or modify their route attributes for the VPN instance.

If you execute this command multiple times, the most recent configuration takes effect.

IPv4 VPN prefers the import routing policy specified in IPv4 VPN view over the one specified in VPN instance view.

Examples

# Apply import routing policy poly-1 to the VPN instance vpn1.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] import route-policy poly-1

# Apply import routing policy poly-2 to the IPv4 VPN vpn2.

<Sysname> system-view

[Sysname] ip vpn-instance vpn2

[Sysname-vpn-instance-vpn2] address-family ipv4

[Sysname-vpn-ipv4-vpn2] import route-policy poly-2

Related commands

· export route-policy

· route-policy (Layer 3—IP Routing Configuration Guide)

ip binding vpn-instance

Use ip binding vpn-instance to associate an interface with a VPN instance.

Use undo ip binding vpn-instance to remove the association.

Syntax

ip binding vpn-instance vpn-instance-name

undo ip binding vpn-instance vpn-instance-name

Default

An interface is associated with no VPN instance and belongs to the public network.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters.

Usage guidelines

Use the command to associate the VPN instance with the interface connected to the CE.

This command or its undo form clears the IP address and routing protocol configuration on the interface. After executing this command or its undo form, use the display this command to view the current configuration and reconfigure the IP address and routing protocol on the interface.

The specified VPN instance must have been created by using the ip vpn-instance command in system view.

To associate a new VPN instance with an interface, you must remove the previous association by using the undo ip binding vpn-instance command and then use the ip binding vpn-instance command to associate the new VPN instance with the interface.

Examples

# Associate interface VLAN-interface 1 with the VPN instance vpn1.

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] ip binding vpn-instance vpn1

Related commands

ip vpn-instance (system view)

Use ip vpn-instance to create a VPN instance and enter VPN instance view.

Use undo ip vpn-instance to delete a VPN instance.

Syntax

ip vpn-instance vpn-instance-name

undo ip vpn-instance vpn-instance-name

Default

No VPN instance is created.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

vpn-instance-name: Specifies the name of the VPN instance, a case-sensitive string of 1 to 31 characters.

Usage guidelines

Before you create VPN instances, you must reserve local VLAN interface resources by executing the reserve-vlan-interface command. The device uses the reserved resources to create VPN instances. For more information about local VLAN interface resource reservation, see Layer 2—LAN Switching Configuration Guide.

Examples

# Create a VPN instance named vpn1 and enter its view.

<Sysname> system-view

[Sysname] reserve-vlan-interface 3000

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1]

Related commands

· reserve-vlan-interface (Layer 2—LAN Switching Command Reference)

· route-distinguisher

nesting-vpn

Use nesting-vpn to enable the nested VPN feature.

Use undo nesting-vpn to disable the nested VPN feature.

Syntax

nesting-vpn

undo nesting-vpn

Default

The nested VPN feature is disabled.

Views

BGP VPNv4 address family view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

To exchange VPNv4 routes with a peer in nested VPN, you must enable nested VPN and then execute the peer enable command to enable that peer in BGP VPNv4 view.

Examples

# Enable nested VPN.

<Sysname> system-view

[Sysname] bgp 10

[Sysname-bgp] address-family vpnv4

[Sysname-bgp-vpnv4] nesting-vpn

peer next-hop-invariable

Use peer next-hop-invariable to configure the device to not change the next hop of routes advertised to an EBGP peer or peer group.

Use undo peer next-hop-invariable to restore the default.

Syntax

peer { group-name | ip-address [ mask-length ] } next-hop-invariable

undo peer { group-name | ip-address [ mask-length ] } next-hop-invariable

Default

The device uses its address as the next hop of routes advertised to an EBGP peer or peer group.

Views

BGP VPNv4 address family view

Predefined user roles

network-admin

mdc-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters.

ip-address: Specifies a peer by its IP address.

mask-length: Specifies a mask length in the range of 0 to 32. You can use the ip-address and mask-length arguments together to specify a network. If you specify a network in this command, the device does not change the next hop of routes advertised to the dynamic peers in the network.

Usage guidelines

On an RR in an inter-AS option C scenario, you must configure next-hop-invariable to not change the next hop of VPNv4 routes advertised to EBGP peers and RR clients.

This command is exclusive with the peer next-hop-local command.

Examples

# Configure the device to not change the next hop of routes advertised to EBGP peer 1.1.1.1.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp] address-family vpnv4

[Sysname-bgp-af-vpnv4] peer 1.1.1.1 next-hop-invariable

Related commands

peer next-hop-local (Layer 3—IP Routing Command Reference)

peer upe

Use peer upe to configure a BGP peer or peer group as an HoVPN UPE in BGP VPNv4 address family view.

Use undo peer upe to remove the configuration.

Syntax

peer { group-name | ip-address [ mask-length ] } upe

undo peer { group-name | ip-address [ mask-length ] } upe

Default

No BGP peer or peer group is configured as a UPE.

Views

BGP VPNv4 address family view

Predefined user roles

network-admin

mdc-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The specified peer group must exist.

ip-address: Specifies a peer by its IP address. The specified peer must exist.

mask-length: Specifies a mask length in the range of 0 to 32. You can use the ip-address and mask-length arguments together to specify a network. If you specify a network, this command configures all dynamic peers in the network as UPEs.

Usage guidelines

A UPE is a special VPNv4 peer. It can accept one default route for each related VPN instance and routes permitted by the routing policy on the SPE. An SPE is a common VPN peer.

Examples

# Configure peer 1.1.1.1 as a UPE.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp] address-family vpnv4

[Sysname-bgp-vpnv4] peer 1.1.1.1 upe

peer upe route-policy

Use peer upe route-policy to advertise routes permitted by a routing policy to a UPE.

Use undo peer upe route-policy to restore the default.

Syntax

peer { group-name | ip-address [ mask-length ] } upe route-policy route-policy-name export

undo peer { group-name | ip-address [ mask-length ] } upe route-policy export

Default

No routes are advertised to any peer.

Views

BGP VPNv4 address family view

Predefined user roles

network-admin

mdc-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The specific peer group must exist.

ip-address: Specifies a peer by its IP address. The specific peer must exist.

mask-length: Specifies a mask length in the range of 0 to 32. You can use the ip-address and mask-length arguments together to specify a network. If you specify a network, this command advertises routes permitted by a routing policy to all dynamic peers in the network.

route-policy-name: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.

export: Applies the filtering policy to routes to be advertised.

Usage guidelines

This command must be used with the peer upe command.

Examples

# Configure peer 1.1.1.1 as a UPE, and advertise routes permitted by routing policy hope to peer 1.1.1.1.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp] peer 1.1.1.1 as-number 200

[Sysname-bgp] address-family vpnv4

[Sysname-bgp-vpnv4] peer 1.1.1.1 enable

[Sysname-bgp-vpnv4] peer 1.1.1.1 upe

[Sysname-bgp-vpnv4] peer 1.1.1.1 upe route-policy hope export

Related commands

· peer upe

· route-policy (Layer 3—IP Routing Configuration Guide)

policy vpn-target

Use policy vpn-target to enable route target filtering of received VPNv4 routes. Only VPNv4 routes whose route target attribute matches local import route target attribute are added to the routing table.

Use undo policy vpn-target to disable route target filtering, permitting all incoming VPNv4 routes.

Syntax

policy vpn-target

undo policy vpn-target

Default

The route target filtering feature is enabled for received VPNv4 routes.

Views

BGP VPNv4 address family view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

In an inter-AS option B scenario, an ASBR must save all incoming VPNv4 routes and advertises those routes to the peer ASBR. For this purpose, you must execute the undo policy vpn-target command on the ASBR to disable route target filtering.

Examples

# Disable route target filtering of received VPNv4 routes.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp] address-family vpnv4

[Sysname-bgp-vpnv4] undo policy vpn-target

route-distinguisher (VPN instance view)

Use route-distinguisher to configure an RD for a VPN instance.

Use undo route-distinguisher to remove the RD of a VPN instance.

Syntax

route-distinguisher route-distinguisher

undo route-distinguisher

Default

No RD is specified for a VPN instance.

Views

VPN instance view

Predefined user roles

network-admin

mdc-admin

Parameters

route-distinguisher: Specifies an RD for the VPN instance, a string of 3 to 21 characters in one of the following formats:

· 16-bit AS number:32-bit user-defined number. For example, 101:3.

· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.

· 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1.

Usage guidelines

RDs enable VPNs to use the same address space. An RD and an IPv4 prefix comprise a unique VPN IPv4 prefix.

To change the RD of a VPN instance, you must delete the RD with the undo route-distinguisher command, and then use the route-distinguisher command to configure a new RD.

Examples

# Configure RD 22:1 for VPN instance vpn1.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] route-distinguisher 22:1

route-tag

Use route-tag to configure an external route tag for redistributed VPN routes.

Use undo route-tag to restore the default.

Syntax

route-tag tag-value

undo route-tag

Default

If BGP runs within an MPLS backbone, and the BGP AS number is not greater than 65535, the first two octets of the external route tag are 0xD000, and the last two octets are the local BGP AS number. For example, if the local BGP AS number is 100, the external route tag value is 3489661028 (100 + the decimal value of 0xD0000000). If the AS number is greater than 65535, the external route tag is 0.

Views

OSPF view

Predefined user roles

network-admin

mdc-admin

Parameters

tag-value: Specifies the external route tag for redistributed VPN routes, in the range of 0 to 4294967295.

Usage guidelines

In a dual-homed scenario where OSPF runs between the CE and the connected PEs (PE-A and PE-B, for example), you can use external route tags to avoid routing loops.

When PE-A redistributes BGP routes from the peer PE into OSPF, and advertises these routes in the Type 5 or 7 LSAs to the CE, PE-A adds the locally configured external route tag to the LSAs.

When PE-B receives the Type 5 or 7 LSAs advertised by the CE, it compares the external route tag in the LSAs with the locally configured tag. If they are the same, PE-B ignores the LSA in route calculation to avoid routing loops.

The commands used to configure the external route tag (in the descending order of tag priority) are as follows:

· import-route

· route-tag

· default tag

As a best practice, configure the same external route tag for PEs in the same area.

An external route tag is not transferred in any BGP extended community attribute. It takes effect only on the PEs that receive BGP routes and generate OSPF Type 5 or 7 LSAs.

You can configure the same external route tag for different OSPF processes.

Examples

# In OSPF process 100, set the external route tag for redistributed VPN routes to 100.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] route-tag 100

Related commands

· default (Layer 3—IP Routing Command Reference)

· import-route (Layer 3—IP Routing Command Reference)

routing-table limit

Use routing-table limit to limit the maximum number of active routes in a VPN instance.

Use undo routing-table limit to restore the default.

Syntax

routing-table limit number { warn-threshold | simply-alert }

undo routing-table limit

Default

The maximum number of active routes is not limited.

Views

VPN instance view, IPv4 VPN view

Predefined user roles

network-admin

mdc-admin

Parameters

number: Specifies the maximum number of active routes. In VPN instance view, the value range is 1 to 10240. In IPv4 VPN view, the value range is 1 to 1048576. After the hardware-resource tcam normal command is executed, the value range is 1 to 32768 in IPv4 VPN view. For more information about the hardware-resource tcam command, see Fundamentals Command Reference. The hardware-resource tcam command is available in Release 1138P01 and later versions.

warn-threshold: Specifies a warning threshold in the range of 1 to 100 in percentage. When the percentage of the number of existing active routes to the maximum number of active routes exceeds the specified threshold, the system gives an alarm message but still allows new active routes. If active routes in the VPN instance reach the maximum, no more active routes are added.

simply-alert: Specifies that when active routes exceed the maximum number, the system still accepts active routes but generates a system log message.

Usage guidelines

IPv4 VPN prefers the limit configured in IPv4 VPN view over the limit configured in VPN instance view.

Examples

# Specify that VPN instance vpn1 supports up to 1000 active routes, and when active routes exceed the upper limit, can receive new active routes but generates a system log message.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] route-distinguisher 100:1

[Sysname-vpn-instance-vpn1] routing-table limit 1000 simply-alert

# Specify that the IPv4 VPN vpn2 supports up to 1000 active routes, and when active routes exceed the upper limit, can receive new active routes but generates a system log message.

<Sysname> system-view

[Sysname] ip vpn-instance vpn2

[Sysname-vpn-instance-vpn2] route-distinguisher 100:2

[Sysname-vpn-instance-vpn2] address-family ipv4

[Sysname-vpn-ipv4-vpn2] routing-table limit 1000 simply-alert

rr-filter

Use rr-filter to create an RR reflection policy so that only IBGP routes whose extended community attribute matches the specified extended community list are reflected.

Use undo rr-filter to restore the default.

Syntax

rr-filter extended-community-number

undo rr-filter

Default

An RR does not filter reflected routes.

Views

BGP VPNv4 address family view

Predefined user roles

network-admin

mdc-admin

Parameters

extended-community-number: Specifies an extended community number in the range of 1 to 199.

Usage guidelines

By configuring different RR reflection policies on RRs in a cluster, you can implement load balancing among the RRs.

Examples

# Configure the RR to only reflect VPNv4 routes with an extended community number of 10.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp] address-family vpnv4

[Sysname-bgp-vpnv4] rr-filter 10

sham-link

Use sham-link to create an OSPF sham link.

Use undo sham-link to remove an OSPF sham link or restore the defaults of specified parameters for a sham link.

Syntax

sham-link source-ip-address destination-ip-address [ cost cost | dead dead-interval | hello hello-interval | { { hmac-md5 | md5 } key-id { cipher cipher-string | plain plain-string } | simple { cipher cipher-string | plain plain-string } } | retransmit retrans-interval | trans-delay delay ] *

undo sham-link source-ip-address destination-ip-address [ cost | dead | hello | { { hmac-md5 | md5 } key-id | simple } | retransmit | trans-delay ] *

Default

No OSPF sham link is configured.

Views

OSPF area view

Predefined user roles

network-admin

mdc-admin

Parameters

source-ip-address: Specifies the source IP address of the sham link.

destination-ip-address: Specifies the destination IP address of the sham link.

cost cost: Specifies the cost of the sham link, in the range of 1 to 65535. The default cost is 1.

dead dead-interval: Specifies the dead interval in the range of 1 to 32768 seconds. The default is 40 seconds. The dead interval configured on the two ends of the sham link must be identical, and it must be at least four times the hello interval.

hello hello-interval: Specifies the interval for sending hello packets, in the range of 1 to 8192 seconds. The default is 10 seconds. The hello interval configured on the two ends of the sham link must be identical.

hmac-md5: Enables HMAC-MD5 authentication.

md5: Enables MD5 authentication.

simple: Enables simple authentication.

key-id: Specifies a key ID in the range of 1 to 255.

cipher: Sets a ciphertext key.

cipher-string: Specifies a ciphertext key. This argument is case sensitive. If simple is specified, it must be a string of 33 to 41 characters. If md5 or hmac-md5 is specified, it must be a string of 33 to 53 characters.

plain: Sets a plaintext key.

plain-string: Specifies a plaintext key. This argument is case sensitive. If simple is specified, it must be a string of 1 to 8 characters. If md5 or hmac-md5 is specified, it must be a string of 1 to 16 characters.

retransmit retrans-interval: Specifies the interval for retransmitting LSAs, in the range of 1 to 3600 seconds. The default is 5 seconds.

trans-delay delay: Specifies the delay interval before the interface sends an LSA, in the range of 1 to 3600 seconds. The default is 1 second.

Usage guidelines

When a backdoor link exists between the two sites of a VPN, traffic is forwarded through the backdoor link. To forward VPN traffic over the backbone, you can create a sham link between PEs. A sham link is considered an OSPF intra-area route.

This command can configure MD5/HMAC-MD5 or simple authentication for the sham link, but not both. For MD5/HMAC-MD5 authentication, you can configure multiple keys by executing this command multiple times, but a key-id can correspond with only one key.

To modify the MD5/HMAC-MD5 authentication key of a sham link, follow these steps:

1. Configure a new key for the sham link on the local device. If the neighbor on the sham link has not been configured with the new key, this configuration triggers a key rollover process, during which, OSPF advertises both the new and old keys so the neighbor can pass authentication and the neighbor relationship is maintained.

2. Configure the same key for the sham link on the neighbor. After the local device receives a packet carrying the new key from the neighbor, it quits the key rollover process.

3. Execute the undo sham-link command on the local device and the neighbor to remove the old key. This operation can avoid attacks to the sham link that uses the old key and reduce bandwidth consumption by key rollover.

You cannot configure a sham link with the same source and destination IP address for multiple OSPF processes in a VPN instance.

The sham links configured on the local and remote PEs must be in the same OSPF area. Otherwise, the OSPF neighbor relationship cannot be established.

Examples

# Create a sham link with the source address 1.1.1.1 and destination address 2.2.2.2.

<Sysname> system-view

[Sysname] ospf

[Sysname-ospf-1] area 0

[Sysname-ospf-1-area-0.0.0.0] sham-link 1.1.1.1 2.2.2.2

Related commands

display ospf sham-link

snmp-agent trap enable l3vpn

Use snmp-agent trap enable l3vpn to enable SNMP notifications for MPLS L3VPN.

Use undo snmp-agent trap enable l3vpn to disable SNMP notifications for MPLS L3VPN.

Syntax

snmp-agent trap enable l3vpn

undo snmp-agent trap enable l3vpn

Default

SNMP notifications for MPLS L3VPN are enabled.

Views

System view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

This feature enables MPLS L3VPN to generate SNMP notifications. The generated SNMP notifications are sent to the SNMP module.

For more information about SNMP notifications, see Network Management and Monitoring Configuration Guide.

Examples

# Enable SNMP notifications for MPLS L3VPN.

<Sysname> system-view

[Sysname] snmp-agent trap enable l3vpn

tnl-policy

Use tnl-policy to associate a VPN instance with a tunnel policy.

Use undo tnl-policy to remove the association.

Syntax

tnl-policy tunnel-policy-name

undo tnl-policy

Default

No tunnel policy is associated with a VPN instance.

Views

VPN instance view, IPv4 VPN view

Predefined user roles

network-admin

mdc-admin

Parameters

tunnel-policy-name: Specifies a tunnel policy by its name, a case-sensitive string of 1 to 19 characters.

Usage guidelines

The VPN instance uses the specified tunnel policy to select tunnels for traffic.

If a VPN instance is not associated with any tunnel policy or the associated tunnel policy is not configured, the VPN instance selects tunnels according to the default tunnel policy. The default tunnel policy selects only one tunnel in this order: LSP tunnel, CRLSP tunnel.

IPv4 VPN prefers the tunnel policy specified in IPv4 VPN view over the tunnel policy specified in VPN instance view.

Examples

# Associate the VPN instance vpn1 with the tunnel policy po1.

<Sysname> system-view

[Sysname] tunnel-policy po1

[Sysname-tunnel-policy-po1] select-seq lsp load-balance-number 1

[Sysname-tunnel-policy-po1] quit

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] route-distinguisher 22:33

[Sysname-vpn-instance-vpn1] tnl-policy po1

[Sysname-vpn-instance-vpn1] quit

# Associate the IPv4 VPN vpn2 with the tunnel policy po1.

[Sysname] ip vpn-instance vpn2

[Sysname-vpn-instance-vpn2] route-distinguisher 11:22

[Sysname-vpn-instance-vpn2] address-family ipv4

[Sysname-vpn-ipv4-vpn2] tnl-policy po1

[Sysname-vpn-ipv4-vpn2] quit

[Sysname-vpn-instance-vpn2] quit

Related commands

tunnel-policy

vpn popgo

Use vpn popgo to specify the VPN label processing mode as POPGO forwarding on an egress PE, which will pop the label for each packet and forward the packet out of the interface corresponding to the label.

Use undo vpn popgo to restore the default.

Syntax

vpn popgo

undo vpn popgo

Default

The VPN label processing mode is POP forwarding on an egress PE, which will pop the label for each packet and forward the packet through the FIB table.

Views

BGP view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

After you execute the vpn popgo command, the egress PE disconnects and re-establishes BGP sessions to re-learn VPN routes.

After the vpn popgo command is executed, the egress PE does not support load sharing among VPN BGP peers.

Examples

# Specify the VPN label processing mode on the egress PE as POPGO forwarding.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp] vpn popgo

# Specify the VPN label processing mode on the egress PE as POP forwarding.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp] undo vpn popgo

vpn-id

Use vpn-id to configure a VPN ID for a VPN instance.

Use undo vpn-id to remove the VPN ID of a VPN instance.

Syntax

vpn-id vpn-id

undo vpn-id

Default

No VPN ID is configured for a VPN instance.

Views

VPN instance view

Predefined user roles

network-admin

mdc-admin

Parameters

vpn-id: Specifies a VPN ID for the VPN instance, in the form of OUI:Index. Both OUI and Index are hex numbers. The OUI is in the range of 0 to FFFFFF, and the index is in the range of 0 to FFFFFFFF.

Usage guidelines

The VPN ID uniquely identifies the VPN instance. Different VPN instances must have different VPN IDs.

The VPN ID cannot be 0:0.

Examples

# Configure VPN ID 20:1 for the VPN instance vpn1.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] vpn-id 20:1

Related commands

display ip vpn-instance

vpn-target (VPN instance view/IPv4 VPN view)

Use vpn-target to configure route targets for a VPN instance.

Use undo vpn-target to remove the specified or all route targets of a VPN instance.

Syntax

vpn-target vpn-target&<1-8> [ both | export-extcommunity | import-extcommunity ]

undo vpn-target { all | vpn-target&<1-8> [ both | export-extcommunity | import-extcommunity ] }

Default

No route targets are configured for a VPN instance.

Views

VPN instance view, IPv4 VPN view

Predefined user roles

network-admin

mdc-admin

Parameters

vpn-target&<1-8>: Specifies a space-separated list of up to eight route targets.

A route target is a string of 3 to 21 characters in one of these formats:

· 16-bit AS number:32-bit user-defined number. For example, 101:3.

· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.

· 32-bit AS number:16-bit user-defined number, where the AS number must not be less than 65536. For example, 65536:1.

both: Uses the specified route targets as both import targets and export targets. The both keyword is also used when you do not specify any of the following keywords: both, export-extcommunity, and import-extcommunity.

export-extcommunity: Uses the specified route targets as export targets.

import-extcommunity: Uses the specified route targets as import targets.

all: Removes all route targets.

Usage guidelines

MPLS L3VPN uses route targets to control the advertisement of VPN routing information. A PE adds the configured export targets into the route target attribute of routes advertised to a peer. The peer uses the local import targets to match the route targets of received routes. If a match is found, the peer adds the routes to the routing table of the VPN instance.

Route targets configured in IPv4 VPN view take precedence over those configured in VPN instance view. If you configure route targets in both IPv4 VPN view and VPN instance view, the IPv4 VPN uses the route targets configured in IPv4 VPN view.

Examples

# Configure route targets for the VPN instance vpn1.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] vpn-target 3:3 export-extcommunity

[Sysname-vpn-instance-vpn1] vpn-target 4:4 import-extcommunity

[Sysname-vpn-instance-vpn1] vpn-target 5:5 both

# Configure route targets for the IPv4 VPN vpn2.

<Sysname> system-view

[Sysname] ip vpn-instance vpn2

[Sysname-vpn-instance-vpn2] address-family ipv4

[Sysname-vpn-ipv4-vpn2] vpn-target 3:3 export-extcommunity

[Sysname-vpn-ipv4-vpn2] vpn-target 4:4 import-extcommunity

[Sysname-vpn-ipv4-vpn2] vpn-target 5:5 both

MCE commands

Unless otherwise specified, the term "interface" in this chapter collectively refers to VLAN interfaces and Layer 3 Ethernet interfaces. You can set an Ethernet port as a Layer 3 interface by using the port link-mode route command (see Layer 2—LAN Switching Configuration Guide).

address-family ipv4 (VPN instance view)

Use address-family ipv4 to enter IPv4 VPN view.

Use undo address-family ipv4 to remove all configurations from IPv4 VPN view.

Syntax

address-family ipv4

undo address-family ipv4

Views

VPN instance view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

In IPv4 VPN view, you can configure IPv4 VPN parameters such as inbound and outbound routing policies.

Examples

# Enter IPv4 VPN view.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] address-family ipv4

[Sysname-vpn-ipv4-vpn1]

description (VPN instance view)

Use description to configure a description for a VPN instance.

Use undo description to delete the description.

Syntax

description text

undo description

Default

No description is configured for a VPN instance.

Views

VPN instance view

Predefined user roles

network-admin

mdc-admin

Parameters

text: Specifies a description for the VPN instance, a case-sensitive string of 1 to 79 characters.

Examples

# Configure a description of This is vpn1 for VPN instance vpn1.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] description This is vpn1

display ip vpn-instance

Use display ip vpn-instance to display VPN instance information.

Syntax

display ip vpn-instance [ instance-name vpn-instance-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

Examples

# Display brief information about all VPN instances.

<Sysname> display ip vpn-instance

Total VPN-Instances configured : 1

VPN-Instance Name RD Create time

abc 1:1 2011/05/18 10:48:17

Table 69 Command output

Field	Description
VPN-Instance Name	Name of the VPN instance.
RD	RD of the VPN instance.
Create Time	Time when the VPN instance was created.

# Display detailed information about VPN instance vpn1.

<Sysname> display ip vpn-instance instance-name vpn1

VPN-Instance Name and Index : vpn1, 2

Route Distinguisher : 100:1

VPN ID : 1:1

Description : vpn1

Interfaces : Vlan-interface2

Address-family IPv4:

Export VPN Targets :

2:2

Import VPN Targets :

3:3

Export Route Policy : outpolicy

Import Route Policy : inpolicy

Tunnel Policy : tunnel1

Maximum Routes Limit : 5000

domain-id

Use domain-id to configure an OSPF domain ID.

Use undo domain-id to restore the default.

Syntax

domain-id domain-id [ secondary ]

undo domain-id [ domain-id ]

Default

The OSPF domain ID is 0.

Views

OSPF view

Predefined user roles

network-admin

mdc-admin

Parameters

domain-id: Specifies an OSPF domain ID in one of the following formats:

· Integer, in the range of 0 to 4294967295. For example, 1.

· Dotted decimal notation. For example, 0.0.0.1.

· Dotted decimal notation:16-bit user-defined number in the range of 0 to 65535. For example, 0.0.0.1:512.

secondary: Specifies a secondary domain ID. If you do not specify this keyword, the command specifies a primary domain ID.

Usage guidelines

When you redistribute OSPF routes into BGP, BGP adds the configured OSPF domain ID to the redistributed BGP VPN routes as a BGP extended community attribute. Then, BGP advertises the routes to the peer PE.

When the peer PE receives the routes, it uses the OSPF domain ID to determine whether the routes belong to the same OSPF routing domain.

· If they do and they are intra-area routes, OSPF advertises these routes in Summary LSAs (Type 3).

· If they do but they are not intra-area routes, OSPF advertises these routes in AS External LSAs (Type 5) or NSSA External LSAs (Type 7).

· If the routes do not belong to the same OSPF routing domain, OSPF advertises them in Type 5 or Type 7 LSAs.

If you do not specify any parameters, the undo domain-id command deletes all domain IDs.

Examples

# Configure an OSPF domain ID.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] domain-id 234

export route-policy

Use export route-policy to apply an export routing policy to a VPN instance.

Use undo export route-policy to remove the application.

Syntax

export route-policy route-policy

undo export route-policy

Default

No export routing policy is applied to a VPN instance.

Views

VPN instance view, IPv4 VPN view

Predefined user roles

network-admin

mdc-admin

Parameters

route-policy: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.

Usage guidelines

You can specify an export routing policy to filter advertised routes or modify their route attributes for the VPN instance.

This command is available in VPN instance view and IPv4 VPN view.

An IPv4 VPN prefers the export routing policy specified in IPv4 VPN view over the one specified in VPN instance view.

Examples

# Apply export routing policy poly-1 to the VPN instance vpn1.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] export route-policy poly-1

# Apply export routing policy poly-2 to the IPv4 VPN vpn2.

<Sysname> system-view

[Sysname] ip vpn-instance vpn2

[Sysname-vpn-instance-vpn2] address-family ipv4

[Sysname-vpn-ipv4-vpn2] export route-policy poly-2

Related commands

· import route-policy

· route-policy (Layer 3—IP Routing Configuration Guide)

ext-community-type

Use ext-community-type to configure the type code of an OSPF extended community attribute.

Use undo ext-community-type to restore the default.

Syntax

ext-community-type { domain-id type-code1 | router-id type-code2 | route-type type-code3 }

undo ext-community-type [ domain-id | router-id | route-type ]

Default

The type codes for domain ID, router ID, and route type are 0x0005, 0x0107, and 0x0306, respectively.

Views

OSPF view

Predefined user roles

network-admin

mdc-admin

Parameters

domain-id type-code1: Specifies the type code for domain ID. Valid values are 0x0005, 0x0105, 0x0205, and 0x8005.

router-id type-code2: Specifies the type code for router ID. Valid values are 0x0107 and 0x8001.

router-type type-code3: Specifies the type code for route type. Valid values are 0x0306 and 0x8000.

Examples

# Configure the type codes of domain ID, router ID, and route type as 0x8005, 0x8001, and 0x8000, respectively, for OSPF process 100.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] ext-community-type domain-id 8005

[Sysname-ospf-100] ext-community-type router-id 8001

[Sysname-ospf-100] ext-community-type route-type 8000

import route-policy

Use import route-policy to apply an import routing policy to a VPN instance.

Use undo import route-policy to remove the application.

Syntax

import route-policy route-policy

undo import route-policy

Default

No import routing policy is applied to a VPN instance. All routes matching the import target attribute are accepted.

Views

VPN instance view, IPv4 VPN view

Predefined user roles

network-admin

mdc-admin

Parameters

route-policy: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.

Usage guidelines

You can specify an import routing policy to filter received routes or modify their route attributes for the VPN instance.

This command is available in VPN instance view and IPv4 VPN view.

An IPv4 VPN prefers the import routing policy specified in IPv4 VPN view over the one specified in VPN instance view.

Examples

# Apply import routing policy poly-1 to the VPN instance vpn1.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] import route-policy poly-1

# Apply import routing policy poly-2 to the IPv4 VPN vpn2.

<Sysname> system-view

[Sysname] ip vpn-instance vpn2

[Sysname-vpn-instance-vpn2] address-family ipv4

[Sysname-vpn-ipv4-vpn2] import route-policy poly-2

Related commands

· export route-policy

· route-policy (Layer 3—IP Routing Configuration Guide)

ip binding vpn-instance

Use ip binding vpn-instance to associate an interface with a VPN instance.

Use undo ip binding vpn-instance to remove the association.

Syntax

ip binding vpn-instance vpn-instance-name

undo ip binding vpn-instance vpn-instance-name

Default

An interface is associated with no VPN instance and belongs to the public network.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters.

Usage guidelines

Use the command on an MCE to associate the VPN instance with the interface connected to the site and the interface connected to the PE.

The specified VPN instance must have been created by using the ip vpn-instance command in system view.

To associate a new VPN instance with an interface, you must remove the previous association and then associate the new VPN instance with the interface.

Examples

# Associate interface VLAN-interface 1 with the VPN instance vpn1.

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] ip binding vpn-instance vpn1

Related commands

ip vpn-instance (system view)

Use ip vpn-instance to create a VPN instance and enter VPN instance view.

Use undo ip vpn-instance to delete a VPN instance.

Syntax

ip vpn-instance vpn-instance-name

undo ip vpn-instance vpn-instance-name

Default

No VPN instance is created.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

vpn-instance-name: Specifies the name of the VPN instance, a case-sensitive string of 1 to 31 characters.

Examples

# Create a VPN instance named vpn1 and enter its view.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1]

Related commands

route-distinguisher

route-distinguisher (VPN instance view)

Use route-distinguisher to configure an RD for a VPN instance.

Use undo route-distinguisher to remove the RD of a VPN instance.

Syntax

route-distinguisher route-distinguisher

undo route-distinguisher

Default

No RD is specified for a VPN instance.

Views

VPN instance view

Predefined user roles

network-admin

mdc-admin

Parameters

route-distinguisher: Specifies an RD for the VPN instance, a string of 3 to 21 characters in one of the following formats:

· 16-bit AS number:32-bit user-defined number. For example, 101:3.

· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.

· 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1.

Usage guidelines

RDs enable VPNs to use the same address space. An RD and an IPv4 prefix comprise a unique VPN IPv4 prefix. You can use RDs to identify different BGP VPN instances on an MCE.

To change the RD of a VPN instance, you must delete the RD with the undo route-distinguisher command, and then use the route-distinguisher command to configure a new RD.

Examples

# Configure RD 22:1 for the VPN instance vpn1.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] route-distinguisher 22:1

route-tag

Use route-tag to configure an external route tag for redistributed VPN routes.

Use undo route-tag to restore the default.

Syntax

route-tag tag-value

undo route-tag

Default

If the AS number is not greater than 65535, the first two octets of the default external route tag are 0xD000 and the last two octets are the local AS number. For example, if the local BGP AS number is 100, the default value of the external route tag is 3489661028. If the AS number is greater than 65535, the default external route tag is 0.

Views

OSPF view

Predefined user roles

network-admin

mdc-admin

Parameters

tag-value: Specifies the external route tag for redistributed VPN routes, in the range of 0 to 4294967295.

Usage guidelines

On an MCE device, you can configure a VPN route tag for a VPN instance bound to an OSPF process. The VPN route tag must be included in Type-5 or Type-7 LSAs. An external route tag can be configured by different commands and has different priorities. The commands used to configure the external route tag (in the descending order of tag priority) are as follows:

· import-route

· route-tag

· default tag

If the external route tag in a Type 5 or 7 LSA received by an MCE is the same as the locally configured external route tag, the MCE ignores the LSA in route calculation to avoid routing loops.

As a best practice, configure the same external route tag for MCEs in the same area.

An external route tag is not transferred in any BGP extended community attribute. It is only locally significant and takes effect only on the MCEs that receive BGP routes and generate OSPF Type 5 or 7 LSAs.

You can configure the same external route tag for different OSPF processes.

Examples

# In OSPF process 100, set the external route tag for redistributed VPN routes to 100.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] route-tag 100

Related commands

import-route

routing-table limit

Use routing-table limit to limit the maximum number of active routes in a VPN instance.

Use undo routing-table limit to restore the default.

Syntax

routing-table limit number { warn-threshold | simply-alert }

undo routing-table limit

Default

The maximum number of active routes in a VPN instance is not limited.

Views

VPN instance view, IPv4 VPN view

Predefined user roles

network-admin

mdc-admin

Parameters

simply-alert: Specifies that when active routes exceed the maximum number, the system still accepts active routes but generates a system log message.

Usage guidelines

This command is available in VPN instance view and IPv4 VPN view.

An IPv4 VPN prefers the limit configured in IPv4 VPN view over the limit configured in VPN instance view.

Examples

# Specify that VPN instance vpn1 supports up to 1000 active routes, and when active routes exceed the upper limit, can receive new active routes but generates a system log message.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] route-distinguisher 100:1

[Sysname-vpn-instance-vpn1] routing-table limit 1000 simply-alert

# Specify that the IPv4 VPN vpn2 supports up to 1000 active routes, and when active routes exceed the upper limit, can receive new active routes but generates a system log message.

<Sysname> system-view

[Sysname] ip vpn-instance vpn2

[Sysname-vpn-instance-vpn2] route-distinguisher 100:2

[Sysname-vpn-instance-vpn2] address-family ipv4

[Sysname-vpn-ipv4-vpn2] routing-table limit 1000 simply-alert

vpn-id

Use vpn-id to configure a VPN ID for a VPN instance.

Use undo vpn-id to remove the VPN ID of a VPN instance.

Syntax

vpn-id vpn-id

undo vpn-id

Default

No VPN ID is configured for a VPN instance.

Views

VPN instance view

Predefined user roles

network-admin

mdc-admin

Parameters

Usage guidelines

The VPN ID uniquely identifies the VPN instance. Different VPN instances must have different VPN IDs.

The VPN ID cannot be 0:0.

Examples

# Configure VPN ID 20:1 for the VPN instance vpn1.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] vpn-id 20:1

Related commands

display ip vpn-instance

vpn-instance-capability simple

Use vpn-instance-capability simple to disable routing loop detection for an OSPF VRF process.

Use undo vpn-instance-capability to restore the default.

Syntax

vpn-instance-capability simple

undo vpn-instance-capability

Default

Routing loop detection is enabled for an OSPF VRF process.

Views

OSPF view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

For the MCE to receive OSPF routes from the PE, you must disable routing loop detection for an OSPF VRF process on the MCE.

This command is applicable only to OSPF VRF processes.

Examples

# Disable routing loop detection for OSPF VRF process 100.

<Sysname> system-view

[Sysname] ospf 100 vpn-instance vpna

[Sysname-ospf-100] vpn-instance-capability simple

vpn-target (VPN instance view/IPv4 VPN view)

Use vpn-target to configure route targets for a VPN instance.

Use undo vpn-target to remove the specified or all route targets of a VPN instance.

Syntax

vpn-target vpn-target&<1-8> [ both | export-extcommunity | import-extcommunity ]

undo vpn-target { all | vpn-target&<1-8> [ both | export-extcommunity | import-extcommunity ] }

Default

No route targets are configured for a VPN instance.

Views

VPN instance view, IPv4 VPN view

Predefined user roles

network-admin

mdc-admin

Parameters

vpn-target&<1-8>: Specifies a space-separated list of up to eight route targets.

A route target is a string of 3 to 21 characters in one of the following formats:

· 16-bit AS number:32-bit user-defined number. For example, 101:3.

· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.

· 32-bit AS number:16-bit user-defined number, where the AS number must not be less than 65536. For example, 65536:1.

export-extcommunity: Uses the specified route targets as export targets.

import-extcommunity: Uses the specified route targets as import targets.

all: Removes all route targets.

Usage guidelines

This command is available in VPN instance view and IPv4 VPN view.

An IPv4 VPN prefers the route targets configured in IPv4 VPN view over those configured in VPN instance view.

Examples

# Configure route targets for the VPN instance vpn1.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] vpn-target 3:3 export-extcommunity

[Sysname-vpn-instance-vpn1] vpn-target 4:4 import-extcommunity

[Sysname-vpn-instance-vpn1] vpn-target 5:5 both

# Configure route targets for the IPv4 VPN vpn2.

<Sysname> system-view

[Sysname] ip vpn-instance vpn2

[Sysname-vpn-instance-vpn2] address-family ipv4

[Sysname-vpn-ipv4-vpn2] vpn-target 3:3 export-extcommunity

[Sysname-vpn-ipv4-vpn2] vpn-target 4:4 import-extcommunity

[Sysname-vpn-ipv4-vpn2] vpn-target 5:5 both

Index

A B D E F G H I K L M N P R S T V

accept-label,23

address-family ipv4 (VPN instance view),187

address-family ipv4 (VPN instance view),224

address-family vpnv4,187

advertise-label,24

authentication challenge,138

authentication key,139

authentication lifetime,140

authentication window-size,142

auto-bandwidth enable,59

auto-tunnel backup,60

backoff,25

description (VPN instance view),188

description (VPN instance view),224

destination,60

disable,61

display bgp routing-table ipv4 unicast inlabel,189

display bgp routing-table ipv4 unicast outlabel,190

display bgp routing-table vpnv4,191

display bgp routing-table vpnv4 inlabel,200

display bgp routing-table vpnv4 outlabel,201

display explicit-path,62

display interface tunnel,63

display ip vpn-instance,225

display ip vpn-instance,203

display isis mpls te advertisement,64

display isis mpls te configured-sub-tlvs,68

display isis mpls te network,68

display isis mpls te tunnel,70

display mpls forwarding ilm,1

display mpls forwarding nhlfe,3

display mpls interface,4

display mpls label,5

display mpls ldp discovery,26

display mpls ldp fec,28

display mpls ldp igp sync,30

display mpls ldp interface,31

display mpls ldp lsp,32

display mpls ldp parameter,33

display mpls ldp peer,35

display mpls ldp summary,38

display mpls lsp,6

display mpls lsp statistics,10

display mpls nib,11

display mpls nid,11

display mpls static-cr-lsp,133

display mpls static-lsp,19

display mpls summary,12

display mpls te ds-te,71

display mpls te link-management bandwidth-allocation,72

display mpls te tedb,73

display mpls te tunnel-interface,79

display mpls tunnel,183

display ospf mpls te advertisement,82

display ospf mpls te network,84

display ospf mpls te tunnel,85

display ospf sham-link,204

display rsvp,143

display rsvp authentication,146

display rsvp lsp,150

display rsvp peer,153

display rsvp request,154

display rsvp reservation,156

display rsvp sender,158

display rsvp statistics,162

domain-id,205

domain-id,226

dscp,165

ds-te bc-model,86

ds-te mode,89

ds-te te-class,87

explicit-path,89

export route-policy,206

export route-policy,227

ext-community-type,228

ext-community-type,207

fast-reroute timer,90

graceful-restart,39

graceful-restart enable,166

graceful-restart timer,40

hello interval,166

hello lost,167

igp sync delay,41

igp sync delay on-restart,42

import route-policy,228

import route-policy,208

interface tunnel,91

ip binding vpn-instance,229

ip binding vpn-instance,208

ip vpn-instance (system view),230

ip vpn-instance (system view),209

keep-multiplier,168

label-distribution,43

link-management periodic-flooding timer,92

loop-detect,44

lsp-trigger,45

lsr-id,46

maxhops,46

md5-authentication,47

mpls enable,13

mpls label advertise,14

mpls ldp,48

mpls ldp enable,49

mpls ldp igp sync disable,50

mpls ldp sync (IS-IS view),50

mpls ldp sync (OSPF view/OSPF area view),51

mpls ldp timer,52

mpls ldp transport-address,54

mpls lsr-id,15

mpls mtu,15

mpls te,93

mpls te affinity-attribute,93

mpls te auto-bandwidth,94

mpls te auto-tunnel backup disable,96

mpls te backup,96

mpls te backup bandwidth,97

mpls te backup-path,99

mpls te bandwidth,100

mpls te bandwidth change thresholds,101

mpls te bidirectional,102

mpls te enable (interface view),104

mpls te enable (IS-IS view),104

mpls te enable (OSPF area view),105

mpls te fast-reroute,106

mpls te fast-reroute bypass-tunnel,107

mpls te igp advertise,108

mpls te igp metric,109

mpls te igp shortcut,109

mpls te link-attribute,110

mpls te loop-detection,111

mpls te max-link-bandwidth,112

mpls te max-reservable-bandwidth,113

mpls te max-reservable-bandwidth mam,114

mpls te max-reservable-bandwidth rdm,115

mpls te metric,116

mpls te path,117

mpls te path-metric-type,118

mpls te priority,118

mpls te record-route,119

mpls te reoptimization (tunnel interface view),120

mpls te reoptimization (user view),121

mpls te resv-style,121

mpls te retry,122

mpls te route-pinning,123

mpls te signaling,124

mpls te static-cr-lsp,124

mpls te timer retry,125

mpls ttl expiration enable,16

mpls ttl propagate,17

nesting-vpn,210

nexthop,126

nhop-only,127

non-stop-routing,54

path-metric-type,128

peer,169

peer next-hop-invariable,211

peer upe,211

peer upe route-policy,212

policy vpn-target,213

preferred-path,184

pv-limit,55

refresh interval,170

reset mpls ldp,56

reset mpls te auto-bandwidth-adjustment timers,129

reset rsvp authentication,170

reset rsvp statistics,171

route-distinguisher (VPN instance view),231

route-distinguisher (VPN instance view),214

route-tag,231

route-tag,214

routing-table limit,232

routing-table limit,216

rr-filter,217

rsvp,172

rsvp authentication challenge,172

rsvp authentication key,174

rsvp authentication lifetime,175

rsvp authentication window-size,176

rsvp bfd enable,178

rsvp enable,178

rsvp hello enable,179

rsvp reduction retransmit increment,179

rsvp reduction retransmit interval,180

rsvp reduction srefresh,181

select-seq load-balance-number,185

sham-link,217

snmp-agent trap enable l3vpn,219

snmp-agent trap enable ldp,57

snmp-agent trap enable mpls,18

static-cr-lsp egress,134

static-cr-lsp ingress,135

static-cr-lsp transit,136

static-lsp egress,19

static-lsp ingress,20

static-lsp transit,21

te-subtlv,129

timers removal unused,130

tnl-policy,219

tunnel-number,131

tunnel-policy,185

vpn popgo,220

vpn-id,221

vpn-id,233

vpn-instance,57

vpn-instance-capability simple,234

vpn-target (VPN instance view/IPv4 VPN view),222

vpn-target (VPN instance view/IPv4 VPN view),235

07-MPLS Command Reference

Basic MPLS commands

mpls enable

md5-authentication

mpls ldp enable

snmp-agent trap enable ldp

MPLS TE commands

auto-bandwidth enable

auto-tunnel backup

display explicit-path

display interface tunnel

display mpls te link-management bandwidth-allocation

display mpls te tedb

display ospf mpls te advertisement

ds-te te-class

explicit-path

link-management periodic-flooding timer

mpls te auto-tunnel backup disable

mpls te bandwidth

mpls te enable (interface view)

mpls te enable (IS-IS view)

mpls te enable (OSPF area view)

mpls te igp metric

mpls te max-link-bandwidth

mpls te max-reservable-bandwidth mam

mpls te max-reservable-bandwidth rdm

mpls te metric

mpls te path

mpls te reoptimization (tunnel interface view)

mpls te signaling

authentication key

authentication lifetime

display rsvp lsp

display rsvp peer

display rsvp request

display rsvp reservation

keep-multiplier