- Table of Contents
- Related Documents
-
Title | Size | Download |
---|---|---|
01-Text | 1.09 MB |
mpls ldp sync (OSPF view/OSPF area view)
display isis mpls te advertisement
display isis mpls te configured-sub-tlvs
display mpls te link-management bandwidth-allocation
display mpls te tunnel-interface
display ospf mpls te advertisement
link-management periodic-flooding timer
mpls te auto-tunnel backup disable
mpls te bandwidth change thresholds
mpls te enable (interface view)
mpls te enable (OSPF area view)
mpls te fast-reroute bypass-tunnel
mpls te max-reservable-bandwidth
mpls te max-reservable-bandwidth mam
mpls te max-reservable-bandwidth rdm
mpls te reoptimization (tunnel interface view)
mpls te reoptimization (user view)
reset mpls te auto-bandwidth-adjustment timers
rsvp authentication window-size
rsvp reduction retransmit increment
rsvp reduction retransmit interval
select-seq load-balance-number
address-family ipv4 (VPN instance view)
description (VPN instance view)
display bgp routing-table ipv4 unicast inlabel
display bgp routing-table ipv4 unicast outlabel
display bgp routing-table vpnv4
display bgp routing-table vpnv4 inlabel
display bgp routing-table vpnv4 outlabel
route-distinguisher (VPN instance view)
vpn-target (VPN instance view/IPv4 VPN view)
address-family ipv4 (VPN instance view)
description (VPN instance view)
route-distinguisher (VPN instance view)
vpn-instance-capability simple
vpn-target (VPN instance view/IPv4 VPN view)
Basic MPLS commands
The basic MPLS feature is available in Release 1138P01 and later versions.
Unless otherwise specified, the tem "interface" in this chapter refers to a Layer 3 interface. It can be a VLAN interface or a Layer 3 Ethernet interface. Layer 3 Ethernet interfaces refer to the Ethernet interfaces that operate in Layer 3 mode. For information about switching the Ethernet interface operating mode, see Layer 2—LAN Switching Configuration Guide.
display mpls forwarding ilm
Use display mpls forwarding ilm to display Incoming Label Map (ILM) entries.
In standalone mode:
display mpls forwarding ilm [ label ] [ slot slot-number ]
In IRF mode:
display mpls forwarding ilm [ label ] [ chassis chassis-number slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
label: Displays the ILM entry with the specified incoming label. The value range for this argument is 16 to 1048575. If you do not specify an incoming label, this command displays information about all ILM entries.
slot slot-number: Specifies a card by its slot number. If you do not specify a card, this command displays ILM entries on the active MPU. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The chassis-number argument represents the member ID of the IRF member device. The slot-number argument represents the slot number of the card. If you do not specify a card, this command displays ILM entries for the global active MPU. (In IRF mode.)
Usage guidelines
An ILM entry records the label operation type, outgoing label, and other forwarding information.
After an LSR receives a labeled packet, it performs the following operations:
1. Identifies the ILM entry that matches the top label of the packet.
2. Performs the specified label operation.
3. Forwards the packet.
Examples
# Display the ILM entry with incoming label 30.
<Sysname> display mpls forwarding ilm 30
Flags: T - Forwarded through a tunnel
N - Forwarded through the outgoing interface to the nexthop IP address
B - Backup forwarding information
A - Active forwarding information
InLabel Oper VRF Flag SwapLabel Forwarding Info
--------------------------------------------------------------------------------
30 SWAP 0 T 1000 1024
# Display all ILM entries for the card in slot 3.
<Sysname> display mpls forwarding ilm slot 3
Total ILM entries: 3
Flags: T - Forwarded through a tunnel
N - Forwarded through the outgoing interface to the nexthop IP address
B - Backup forwarding information
A - Active forwarding information
InLabel Oper VRF Flag SwapLabel Forwarding Info
--------------------------------------------------------------------------------
30 SWAP 0 T 1000 1024
1279 POP 0 - - -
1407 SWAP 0 NA 1271 Vlan10 50.2.0.2
NB 1270 Tun0 0.0.0.0
Table 1 Command output
Field |
Description |
Total ILM entries |
Total number of ILM entries. |
InLabel |
Incoming label. |
Oper |
Operation type: · POP—Pops the label. · POPGO—Pops the label and forwards the packet to another tunnel. · SWAP—Swaps the label. |
VRF |
Index of a VPN instance. |
Flag |
Forwarding flag: · T—Forwarded through a tunnel. · N—Forwarded through the outgoing interface to the next hop IP address. · B—Backup forwarding information. · A—Active forwarding information. |
SwapLabel |
Outgoing label value. |
Forwarding Info |
Forwarding information: · When the forwarding flag is N, the forwarding information records the outgoing interface and the next hop. · When the forwarding flag is T, the forwarding information records the NID. |
display mpls forwarding nhlfe
Use display mpls forwarding nhlfe to display Next Hop Label Forwarding Entry (NHLFE) entries.
Syntax
In standalone mode:
display mpls forwarding nhlfe [ nid ] [ slot slot-number ]
In IRF mode:
display mpls forwarding nhlfe [ nid ] [ chassis chassis-number slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
nid: Displays the NHLFE entry with the specified NID. The NID value range is 0 to 4294967294. If you do not specify an NID, this command displays information about all NHLFE entries.
slot slot-number: Specifies a card by its slot number. If you do not specify a card, this command displays NHLFE entries on the active MPU. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The chassis-number argument represents the member ID of the IRF member device. The slot-number argument represents the slot number of the card. If you do not specify a card, this command displays NHLFE entries for the global active MPU. (In IRF mode.)
Usage guidelines
An NHLFE entry records label forwarding information, such as the outgoing label and outgoing interface. NHLFE entries are mainly used to add multiple labels to packets.
To add multiple labels to a packet, an LSR performs the following operations:
1. Obtains the bottom label and NID in the matching FIB or ILM entry.
2. Obtains the outer label in the NHLFE entry identified by the NID.
Examples
# Display the NHLFE entry with NID 2048.
<Sysname> display mpls forwarding nhlfe 2048
Flags: T - Forwarded through a tunnel
N - Forwarded through the outgoing interface to the nexthop IP address
B - Backup forwarding information
A - Active forwarding information
NID Tnl-Type Flag OutLabel Forwarding Info
--------------------------------------------------------------------------------
2048 LSP NA 2025 Vlan10 10.11.112.26
# Display all NHLFE entries for the card in slot 3.
<Sysname> display mpls forwarding nhlfe slot 3
Total NHLFE entries: 5
Flags: T - Forwarded through a tunnel
N - Forwarded through the outgoing interface to the nexthop IP address
B - Backup forwarding information
A - Active forwarding information
NID Tnl-Type Flag OutLabel Forwarding Info
--------------------------------------------------------------------------------
10 - TA - 2049
20 - TA - 2050
2048 LSP NA 2025 Vlan2 10.11.112.26
2049 LSP NA 3024 Vlan2 10.11.112.26
TB 3026 20
2050 LSP NA 3025 Vlan10 10.11.113.26
Table 2 Command output
Field |
Description |
Total NHLFE entries |
Total number of NHLFE entries. |
NID |
NHLFE entry index. |
Tnl-Type |
Tunnel type: · LOCAL—Direct LSP tunnel. · LSP—Static LSP tunnel, or LSP tunnel signaled using LDP or BGP. · TE—TE tunnel. · CRLSP—Static CRLSP tunnel or CRLSP tunnel signaled using RSVP. · - (a hyphen)—The tunnel type is invalid. |
Flag |
Forwarding flag: · T—Forwarded through a tunnel. · N—Forwarded through the outgoing interface to the next hop IP address. · B—Backup forwarding information. · A—Active forwarding information. |
OutLabel |
Outgoing label. |
Forwarding Info |
Forwarding information: · When the forwarding flag is N, the forwarding information records the outgoing interface and the next hop. · When the forwarding flag is T, the forwarding information records the NID. |
display mpls interface
Use display mpls interface to display MPLS interface information, including the interface name, interface status, and interface MPLS MTU.
Syntax
display mpls interface [ interface-type interface-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
interface-type interface-number: Specifies an interface by the interface type and number. If you do not specify an interface, this command displays MPLS information for all MPLS-enabled interfaces.
Examples
# Display all MPLS interfaces.
<Sysname> display mpls interface
Interface Status MPLS MTU
Vlan2 Up 1500
Vlan20 Up 1500
The MPLS MTU of an interface is in bytes.
Related commands
· mpls enable
· mpls mtu
display mpls label
Use display mpls label to display MPLS label usage information.
Syntax
display mpls label { label-value1 [ to label-value2 ] | all }
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
label-value1: Specifies a label value in the range of 16 to 1048575. If used with the label-value2 argument, the label-value1 argument represents the start label of a label range.
to label-value2: Specifies the end label of the label range. The value range for the end label is 16 to 1048575. If you specify a label range by using the label-value1 argument and the to label-value2 option, this command displays usage information for the specified range of labels.
all: Specifies all labels.
Examples
# Display usage information for labels 1025 through 1027.
<Sysname> display mpls label 1025 to 1027
Label Owner State
1025 LDP Alloc
1026 LDP Alloc
1027 LDP Inuse
Table 3 Command output
Field |
Description |
Label |
Label value. |
Owner |
Protocol that is using the label. Possible values include LDP, BGP, and RSVP. |
State |
Usage state of the label: · Idle—The label is idle. · Alloc—The label has been allocated. · Pending—The label has been released but is still used by an LSP entry. · Inuse—The label has been allocated and used by an LSP entry. |
display mpls lsp
Use display mpls lsp to display LSP information.
Syntax
display mpls lsp [ egress | in-label label-value | ingress | outgoing-interface interface-type interface-number | protocol { bgp | ldp | local | rsvp-te | static | static-cr } | transit ] [ vpn-instance vpn-instance-name ] [ ipv4-dest mask-length ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
egress: Displays the LSPs taking the current LSR as the egress.
in-label label-value: Displays the LSPs using the specified label as the incoming label, in the range of 0 to 1048575.
ingress: Displays the LSPs taking the current LSR as the ingress.
outgoing-interface interface-type interface-number: Displays the LSPs using the specified interface as the outgoing interface. The interface-type interface-number argument specifies an interface by its type and number.
protocol: Displays the LSPs established by a specific protocol.
bgp: Displays BGP LSPs.
ldp: Displays LDP LSPs.
local: Displays the direct LSP.
rsvp-te: Displays CRLSPs established by RSVP-TE.
static: Displays static LSPs.
static-cr: Displays static CRLSPs.
transit: Displays the LSPs taking the current LSR as a transit LSR.
vpn-instance vpn-instance-name: Displays LSPs for the specified VPN. The vpn-instance-name is a case-sensitive string of 1 to 31 characters. If you do not specify this option, the command displays LSPs for the public network.
ipv4-dest mask-length: Displays the IPv4 LSP for an FEC specified by an IPv4 address and a mask length. The value range for the mask length is 0 to 32.
verbose: Displays detailed LSP information. If you do not specify this keyword, the command displays brief LSP information.
Usage guidelines
If you do not specify any parameters, this command displays brief information about all LSPs. If you specify only the verbose keyword, this command displays detailed information about all LSPs.
Examples
# Display brief information about all IPv4 LSPs.
<Sysname> display mpls lsp
FEC Proto In/Out Label Interface/Out NHLFE
100.100.100.100/24 LDP -/1049 Vlan20
Backup -/1050 Vlan21
100.100.100.10/24 LDP -/1051 Vlan22
Backup -/1050 Vlan21
100.100.100.10/24 LDP -/1049 Vlan30
101.100.100.10/24 LDP 1026/1049 Vlan20
102.100.100.10/24 LDP 1027/- -
103.100.100.10/24 LDP 1028/1049 Tunnel10
110.100.100.20/24 BGP -/1049 Vlan20
111.100.100.10/24 BGP 2028/1049 Vlan20
112.100.100.10/24 BGP 2029/- Vlan20
113.100.100.10/24 BGP 2030/1049 NHLFE1500
114.100.100.10/24 BGP 2031/1050 Tunnel100
100.100.100.100 Local -/- Vlan20
101.101.101.101/32 Static -/100 Vlan20
- Static 100/200 Vlan20
- Static 101/- Vlan20
200.200.200.200/64000/64000 RSVP -/1030 Vlan10
201.200.200.200/64000/64000 RSVP 1024/1031 Vlan10
202.200.200.200/64000/64000 RSVP 1025/- -
150.140.150.100/64001/0 StaticCR -/1000 Vlan10
- StaticCR 50/1001 Vlan10
- StaticCR 51/- -
Table 4 Command output
Field |
Description |
FEC |
Forwarding equivalence class: · IP address/mask—Classifies FECs by destination address. · IP address—Classifies FECs by next hop. · IP address/Out Label—Classifies FECs by next hop and outgoing label. · Ingress LSR ID/Tunnel ID/LSP ID—RSVP TE FEC. · - (a hyphen)—The LSP is a static transit LSP, static egress LSP, static transit CRLSP, or static egress CRLSP. · Backup—If the LSP is a backup LSP of the previous LSP, this field displays Backup. |
Proto |
Label distribution protocol: · LDP. · BGP. · RSVP. · Static. · StaticCR—Static CRLSP. · Local—The LSP is a direct LSP. |
In/Out Label |
Incoming label/outgoing label. |
Interface/Out NHLFE |
Outgoing interface name or NHLFE entry index. NHLFEnumber specifies the outer LSP that carries the current LSP. The outer LSP is that matches the NHLFE entry with an NID of number. |
# Display detailed information about all LSPs.
<Sysname> display mpls lsp verbose
Destination : 56.10.10.2
FEC : 56.10.10.2/32
Protocol : LDP
LSR Type : Egress
Service : -
In-Label : 1024
State : Active
Destination : 56.10.10.4
FEC : 56.10.10.2/32
Protocol : LDP
LSR Type : Transit
Service : -
In-Label : 1026
Path ID : 0x40000000.1
State : Active
Out-Label : 1800
Nexthop : 10.1.1.2
Out-Interface: Vlan10
BkLabel : 1900
BkNexthop : 20.1.1.2
BkInterface : Vlan20
Destination : 56.10.10.4
FEC : 56.10.10.2/32
Protocol : LDP
LSR Type : Ingress
Service : -
NHLFE ID : 2000
State : Active
Out-Label : 1800
Nexthop : 10.1.1.2
Out-Interface: Vlan10
Table 5 Command output
Field |
Description |
Destination |
LSP destination address. |
FEC |
Forwarding equivalence class: · IP address/mask—Classifies FECs by destination address. · IP address—Classifies FECs by next hop. · IP address/Out Label—Classifies FECs by next hop and outgoing label. · Ingress LSR ID/Tunnel ID/LSP ID—RSVP TE FEC. · - (a hyphen)—The LSP is a static transit LSP, static egress LSP, static transit CRLSP, or static egress CRLSP. |
Protocol |
Label distribution protocol: · LDP. · BGP. · RSVP. · Static. · StaticCR—Static CRLSP. · Local—Direct LSP. |
LSR Type |
LSR type: · Ingress—The current LSR is the ingress node of the LSP. · Transit—The current LSR is a transit node of the LSP. · Egress—The current LSR is the egress node of the LSP. |
Service |
Service deployed on the LSP. This field is not supported in the current software release. |
Path ID |
Forwarding path. The value is in the format of 0xnn.m, where nn represents the NHLFE group ID of the outer LSPs that carry the current LSP, and m represents the sequence number of the equivalence path. |
NHLFE ID |
NHLFE entry index. |
State |
LSP state: · Active—The LSP is in use. · Inactive—The LSP is idle. |
BkLabel |
Outgoing label of the backup LSP. |
BkNexthop |
Next hop address of the backup LSP. |
BkInterface |
Outgoing interface of the backup LSP. |
Related commands
display mpls lsp statistics
display mpls lsp statistics
Use display mpls lsp statistics to display LSP statistics.
Syntax
display mpls lsp statistics
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Examples
# Display LSP statistics.
<Sysname> display mpls lsp statistics
LSP Type Ingress/Transit/Egress Active
Static LSP 0/0/0 0/0/0
Static CRLSP 0/0/0 0/0/0
LDP LSP 2/2/1 2/2/1
RSVP CRLSP 0/0/0 0/0/0
BGP LSP 0/0/0 0/0/0
Local LSP 2/0/0 2/0/0
-----------------------------------------------------
Total 4/2/1 4/2/1
Table 6 Command output
Field |
Description |
LSP Type |
LSP types: · Static LSP. · Static CRLSP. · LDP LSP. · Local LSP (direct LSP). · RSVP CRLSP. · BGP LSP. |
Total |
Total number of LSPs. |
Ingress |
Number of LSPs that take the local device as the ingress node. |
Transit |
Number of LSPs that take the local device as a transit node. |
Egress |
Number of LSPs that take the local device as the egress node. |
Active |
Number of active LSPs of a specific type. |
display mpls nib
Use display mpls nib to display MPLS Nexthop Information Base (NIB) information.
Syntax
display mpls nib [ nib-id ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
nib-id: Specifies a next hop ID in the range of 1 to FFFFFFFFFFFFFFFE. If you do not specify a next hop, this command displays information about all MPLS next hops.
Examples
# Display information about all MPLS next hops.
<Sysname> display mpls nib
NIB ID: 0x40000000
Users: 1
Status: Active
ECMP number: 1
Outgoing NHLFE ID: 1024
Backup outgoing NHLFE ID: 1027
Table 7 Command output
Field |
Description |
NIB ID |
ID of the next hop. |
Users |
Number of ILM entries that use this next hop. |
Status |
Next hop status: · Active—The next hop is active. · Dummy—The next hop is inactive . |
ECMP number |
Number of equal-cost NHLFE entries. |
Outgoing NHLFE ID |
ID of the NHLFE entry to which the next hop corresponds. |
Backup outgoing NHLFE ID |
ID of the backup NHLFE entry. |
display mpls nid
Use display mpls nid to display usage information for dynamic NIDs.
Syntax
display mpls nid [ nid-value1 [ to nid-value2 ] ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
nid-value1: Specifies an NID in the range of 0 to 65535. If used with the nid-value2 argument, the nid-value1 argument represents the start NID of an NID range.
to nid-value2: Specifies the end NID of the NID range. The value range for the end NID is 0 to 65535. If you specify an NID range by using the nid-value1 argument and the to nid-value2 option, this command displays usage information for the specified range of NIDs.
Usage guidelines
NIDs are 32-bit binary numbers. They include fixed NIDs and dynamic NIDs.
· Fixed NIDs—Generated for tunnel interfaces. The highest four bits are a value other than 0000.
· Dynamic NIDs—NIDs except fixed NIDs. The highest four bits are 0s.
If you do not specify any parameters, this command displays usage information for all dynamic NIDs.
Examples
# Display usage information for dynamic NIDs 1028 through 1500.
<Sysname> display mpls nid 1028 to 1500
NID alloc state: '.' means not used, '$' means used
1028 :...$.... ........ ........ ........ ........ ........ ........ ........
1092 :........ ........ ........ ........ ........ ........ ........ ........
1156 :........ ........ ........ ........ ........ ........ ........ ........
1220 :........ ........ ........ ........ ........ ........ ........ ........
1284 :........ ........ ........ ........ ........ ........ ........ ........
1348 :........ ........ ........ ........ ........ ........ ........ ........
1412 :........ ........ ........ ........ ........ ........ ........ ........
1476 :........ ........ ........ .
display mpls summary
Use display mpls summary to display MPLS summary information.
Syntax
display mpls summary
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Examples
# Display MPLS summary information.
<Sysname> display mpls summary
MPLS LSR ID : 2.2.2.2
Egress Label Type: Implicit-null
Labels:
Range Idle
16-1023 1008
1024-65535 64354
Protocols:
Type State
BGP Normal
Static Normal
Table 8 Command output
Field |
Description |
Egress Label Type |
Label type that the egress assigns to the penultimate hop: · Implicit-null. · Explicit-null. · Non-null. |
Labels |
Label information. |
Range |
Label range. |
Idle |
Number of idle labels in the label range. |
Protocols |
Running label distribution protocols and the related information. |
Type |
Protocol type: LDP, BGP, RSVP, Static, Static CRLSP, or TE. |
State |
Label distribution protocol running status: · Normal. · Recover—The protocol is in the GR process. |
mpls enable
Use mpls enable to enable MPLS on an interface.
Use undo mpls enable to disable MPLS on an interface.
Syntax
mpls enable
undo mpls enable
Default
MPLS is disabled on an interface.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Examples
# Enable MPLS on interface VLAN-interface 2.
<Sysname> System-view
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2] mpls enable
Related commands
display mpls interface
mpls label advertise
Use mpls label advertise to specify the type of label the egress will advertise to the penultimate hop.
Use undo mpls label advertise to restore the default.
Syntax
mpls label advertise { explicit-null | implicit-null | non-null }
undo mpls label advertise
Default
As an egress, the device advertises an implicit null label to the penultimate hop.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
explicit-null: Specifies the egress to advertise an explicit null label of 0 to the penultimate hop.
implicit-null: Specifies the egress to advertise an implicit null label of 3 to the penultimate hop.
non-null: Specifies the egress to advertise a normal label to the penultimate hop. The value range for a normal label is 16 to 1048575.
Usage guidelines
As a best practice, configure the egress to advertise an implicit null label to the penultimate hop if the penultimate hop supports PHP. If you want to simplify packet forwarding on the egress but keep labels to determine QoS policies, configure the egress to advertise an explicit null label to the penultimate hop. Use non-null labels only in particular scenarios. For example, when OAM is configured on the egress, the egress can get the OAM function entity status only through non-null labels.
As a penultimate hop, the device accepts the implicit null label, explicit null label, or normal label advertised by the egress device.
For LDP LSPs, the mpls label advertise command triggers LDP to delete the LSPs established before the command is executed and re-establishes new LSPs.
For BGP LSPs, the mpls label advertise command takes effect only for the BGP LSPs established after the command is executed. To apply the new setting to BGP LSPs established before the command is executed, delete the routes corresponding to the BGP LSPs, and then redistribute the routes.
Examples
# Configure the egress device to advertise an explicit null label to the penultimate hop.
<Sysname> system-view
[Sysname] mpls label advertise explicit-null
Related commands
reset mpls ldp
mpls lsr-id
Use mpls lsr-id to configure an LSR ID for the local LSR.
Use undo mpls lsr-id to delete the LSR ID of the local LSR.
Syntax
mpls lsr-id lsr-id
undo mpls lsr-id
Default
An LSR has no LSR ID.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
lsr-id: Specifies an ID for identifying the LSR, in dotted decimal notation.
Usage guidelines
As a best practice, use the address of a loopback interface on the LSR as the LSR ID.
Examples
# Configure the LSR ID as 3.3.3.3 for the local node.
<Sysname> system-view
[Sysname] mpls lsr-id 3.3.3.3
Related commands
lsr-id
mpls mtu
Use mpls mtu to configure the MPLS MTU for an interface.
Use undo mpls mtu to restore the default.
Syntax
mpls mtu value
undo mpls mtu
Default
The MPLS MTU of an interface is not configured. Fragmentation for MPLS packets is based on the MTU of the interface, and the length of a fragment does not include that of the MPLS label. Thus, after an MPLS label is added into a fragment, the length of the MPLS fragment might exceed the interface MTU.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
value: Specifies the MPLS MTU of the interface, in the range of 46 to 65535 bytes.
Usage guidelines
This command is effective only when MPLS is enabled on the interface.
If the MPLS MTU is larger than the interface MTU, data forwarding might fail.
MPLS TE tunnel interfaces do not support this command.
Examples
# Set the MPLS MTU of interface VLAN-interface 2 to 1000 bytes.
<Sysname> system-view
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2] mpls enable
[Sysname-Vlan-interface2] mpls mtu 1000
Related commands
display mpls interface
mpls ttl expiration enable
Use mpls ttl expiration enable to enable the sending of MPLS TTL-expired messages.
Use undo mpls ttl expiration enable to disable the sending of MPLS TTL-expired messages.
Syntax
mpls ttl expiration enable
undo mpls ttl expiration enable
Default
The MPLS TTL-expired messages sending function is enabled.
Views
System view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
The mpls ttl expiration enable command enables an LSR to generate an ICMP TTL-expired message upon receiving an MPLS packet with TTL being 1.
· If the MPLS packet has only one label, the LSR sends the ICMP TTL-expired message back to the source through IP routing.
· If the MPLS packet has multiple labels, the LSR forwards the ICMP TTL-expired message along the LSP of the MPLS packet to the egress, which then sends the message back to the source.
Examples
# Disable the MPLS TTL-expired messages sending function.
<Sysname> system-view
[Sysname] undo mpls ttl expiration enable
mpls ttl propagate
Use mpls ttl propagate to enable TTL propagation.
Use undo mpls ttl propagate to disable TTL propagation.
Syntax
mpls ttl propagate { public | vpn }
undo mpls ttl propagate { public | vpn }
Default
TTL propagation is enabled for public network packets and disabled for VPN packets.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
public: Specifies public network packets.
vpn: Specifies VPN packets.
Usage guidelines
When TTL propagation is enabled, MPLS performs the following operations:
· Copies the IP TTL to the label TTL for packets entering the MPLS network.
· Copies the label TTL to the IP TTL for packets leaving the MPLS network.
If you enable TTL propagation on both the ingress and egress, the IP tracert facility can show the real path in the MPLS network.
When TTL propagation is disabled, MPLS performs the following operations:
· Sets the label TTL to 255 for packets entering the MPLS network.
· Pops the label for packets leaving the MPLS network, without copying the label TTL value to the IP TTL.
The IP tracert facility cannot show the real path in the MPLS network.
After TTL propagation is enabled or disabled, execute the reset mpls ldp command to make the configuration take effect.
Within an MPLS network, TTL is always copied between the labels of an MPLS packet. The mpls ttl propagate command affects only the propagation between IP TTL and label TTL.
As a best practice, set the same TTL processing mode on all LSRs of an LSP.
To enable TTL propagation for a VPN, you must enable it on all PE devices in the VPN. This allows you to obtain the same traceroute result (hop count) from those PEs.
After TTL propagation is disabled, the device cannot map the DSCP precedence of packets entering the MPLS network to the EXP value of MPLS packets.
Examples
# Enable TTL propagation for VPN packets.
<Sysname> system-view
[Sysname] mpls ttl propagate vpn
Related commands
reset mpls ldp
snmp-agent trap enable mpls
Use snmp-agent trap enable mpls to enable SNMP notifications for MPLS.
Use undo snmp-agent trap enable mpls to disable SNMP notifications for MPLS.
Syntax
snmp-agent trap enable mpls
undo snmp-agent trap enable mpls
Default
SNMP notifications for MPLS are enabled.
Views
System view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
This command enables MPLS to generate SNMP notifications. The generated SNMP notifications are sent to the SNMP module.
For more information about SNMP notifications, see Network Management and Monitoring Configuration Guide.
Examples
# Enable SNMP notifications for MPLS.
<Sysname> system-view
[Sysname] snmp-agent trap enable mpls
Static LSP commands
The static LSP feature is available in Release 1138P01 and later versions.
display mpls static-lsp
Use display mpls static-lsp to display static LSP information.
Syntax
display mpls static-lsp [ lsp-name lsp-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
lsp-name lsp-name: Specifies a static LSP by its name, a case-sensitive string of 1 to 15 characters. If you do not specify a static LSP, this command displays information about all static LSPs.
Examples
# Display information about all static LSPs.
<Sysname> display mpls static-lsp
Total: 4
Name FEC In/Out Label Nexthop/Out Interface State
egress123 -/- 16/NULL - Up
ingress123 202.118.224.132/32 NULL/1022 100.100.100.19 Down
transit123 -/- 32/1022 100.100.100.17 Down
transit124 -/- 34/1020 10.2.1.1 Down
Table 9 Command output
Field |
Description |
Total |
Total number of static LSPs. |
Name |
Name of the static LSP. |
FEC |
Forwarding equivalence class—IP prefix and the prefix length. |
In/Out Label |
Incoming label/outgoing label. |
static-lsp egress
Use static-lsp egress to configure the egress node of a static LSP.
Use undo static-lsp egress to delete the egress node configuration of a static LSP.
Syntax
static-lsp egress lsp-name in-label in-label
undo static-lsp egress lsp-name
Default
No static LSP exists on the device.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
lsp-name: Specifies a name for the static LSP, a case-sensitive string of 1 to 15 characters.
in-label in-label: Specifies an incoming label in the range of 16 to 1023.
Examples
# Configure a static LSP on the egress node: specify the LSP's name as bj-sh and incoming label as 233.
<Sysname> system-view
[Sysname] static-lsp egress bj-sh in-label 233
Related commands
display mpls static-lsp
static-lsp ingress
Use static-lsp ingress to configure the ingress node of a static LSP.
Use undo static-lsp ingress to delete the ingress node configuration of a static LSP.
Syntax
static-lsp ingress lsp-name destination dest-addr { mask | mask-length } { nexthop next-hop-addr | outgoing-interface interface-type interface-number } out-label out-label
undo static-lsp ingress lsp-name
Default
No static LSP exists on the device.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
lsp-name: Specifies a name for the static LSP, a case-sensitive string of 1 to 15 characters.
destination dest-addr: Specifies a destination IP address for the LSP.
mask: Specifies the mask of the destination IP address.
mask-length: Specifies the mask length of the destination address, in the range of 0 to 32.
nexthop next-hop-addr: Specifies a next hop address.
outgoing-interface interface-type interface-number: Specifies an outgoing interface by its type and number. The specified interface must be a point-to-point interface.
out-label out-label: Specifies an outgoing label, a value of 0, 3, or in the range of 16 to 1023.
Usage guidelines
The next hop or outgoing interface specified for the LSP must be consistent with that of the optimal route destined for the specified address. If you configure a static IP route for the LSP, be sure to specify the same next hop or outgoing interface for the static route and the static LSP.
You must enable MPLS on the outgoing interface of the static LSP.
Examples
# Configure a static LSP on the ingress node: specify the LSP's name as bj-sh, destination address as 202.25.38.1/24, next hop address as 202.55.25.33, and outgoing label as 237.
<Sysname> system-view
[Sysname] static-lsp ingress bj-sh destination 202.25.38.1 24 nexthop 202.55.25.33 out-label 237
Related commands
display mpls static-lsp
static-lsp transit
Use static-lsp transit to configure the transit node of a static LSP.
Use undo static-lsp transit to delete the transit node configuration of a static LSP.
Syntax
static-lsp transit lsp-name in-label in-label { nexthop next-hop-addr | outgoing-interface interface-type interface-number } out-label out-label
undo static-lsp transit lsp-name
Default
No static LSP exists on the device.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
lsp-name: Specifies a name for the static LSP, a case-sensitive string of 1 to 15 characters.
in-label in-label: Specifies an incoming label in the range of 16 to 1023.
nexthop next-hop-addr: Specifies a next hop address.
outgoing-interface interface-type interface-number: Specifies an outgoing interface by its type and number. The specified interface must be a point-to-point interface.
out-label out-label: Specifies an outgoing label, a value of 0, 3, or in the range of 16 to 1023.
Usage guidelines
You must enable MPLS on the outgoing interface of the static LSP.
Examples
# Configure a static LSP on the transit node: specify the LSP's name as bj-sh, incoming label as 123, next hop address as 202.34.114.7, and outgoing label as 253.
<Sysname> system-view
[Sysname] static-lsp transit bj-sh in-label 123 nexthop 202.34.114.7 out-label 253
Related commands
display mpls static-lsp
LDP commands
The LDP feature is available in Release 1138P01 and later versions.
accept-label
Use accept-label to configure a label acceptance policy.
Use undo accept-label to remove the label acceptance policy.
Syntax
accept-label peer peer-lsr-id prefix-list prefix-list-name
undo accept-label peer peer-lsr-id
Default
No label acceptance policy is configured. LDP accepts all label mappings from all peers.
Views
LDP view, LDP-VPN instance view
Predefined user roles
network-admin
mdc-admin
Parameters
peer peer-lsr-id: Specifies an LDP peer by its LSR ID.
prefix-list prefix-list-name: Specifies an IP prefix list by its name, a case-sensitive string of 1 to 63 characters.
Usage guidelines
This feature enables you to control the number of FEC-label mappings received from peers. LDP accepts only the FEC-label mappings whose IP prefixes are permitted by the specified IP prefix list from the specified peer.
To accept the previously denied label mappings from a peer, use the undo accept-label command or change the IP prefix list for the peer. Then, execute the reset mpls ldp command to reset the LDP session with that peer to apply the new settings.
Using a label advertisement policy on an LSR or using a label acceptance policy on its upstream LSR can achieve the same purpose. As a best practice, use the label advertisement policy to reduce network load.
Examples
# Configure a label acceptance policy to accept only the FEC-label mappings containing prefixes 10.1.1.0/24 and 10.2.1.0/24 from the LDP peer 1.1.1.9.
<Sysname> system-view
[Sysname] ip prefix-list prefix-from-RTA index 1 permit 10.1.1.0 24
[Sysname] ip prefix-list prefix-from-RTA index 2 permit 10.2.1.0 24
[Sysname] mpls ldp
[Sysname-ldp] accept-label peer 1.1.1.9 prefix-list prefix-from-RTA
Related commands
· display mpls ldp peer verbose
· ip prefix-list (Layer 3—IP Routing Command Reference)
advertise-label
Use advertise-label to configure a label advertisement policy.
Use undo advertise-label to delete a label advertisement policy.
Syntax
advertise-label prefix-list prefix-list-name [ peer peer-prefix-list-name ]
undo advertise-label prefix-list prefix-list-name
Default
No label advertisement policy is configured. The device advertises label mappings permitted by the LSP generation policy to all peers.
Views
LDP view, LDP-VPN instance view
Predefined user roles
network-admin
mdc-admin
Parameters
prefix-list prefix-list-name: Specifies an IP prefix list by its name, a case-sensitive string of 1 to 63 characters. This prefix list filters advertised label mappings.
peer peer-prefix-list-name: Specifies an IP prefix list by its name, a case-sensitive string of 1 to 63 characters. This prefix list filters LDP peers. If you do not specify this option, the device advertises label mappings to all peers.
Usage guidelines
Use a label advertisement policy to filter label mappings advertised to peers.
Configure multiple label advertisement policies by executing this command multiple times.
If a label mapping is permitted by an advertisement policy, LDP advertises the mapping by following these rules:
· If the policy has no peer IP prefix list (peer peer-prefix-list-name not specified), LDP advertises the label mapping to all peers.
· If the policy has a peer IP prefix list, LDP advertises the label mapping to the peers permitted by the peer IP prefix list.
If a label mapping is permitted by multiple advertisement policies, LDP advertises the label mapping according to the first configured policy.
Using a label advertisement policy on an LSR or using a label acceptance policy on its upstream LSR can achieve the same purpose. As a best practice, use the label advertisement policy to reduce network load.
Examples
# Configure two label advertisement policies. One policy advertises only the label mapping for subnet 10.1.1.0/24 to the peer 3.3.3.9; the other policy advertises only the label mapping for subnet 10.2.1.0/24 to the peer 4.4.4.9.
<Sysname> system-view
[Sysname] ip prefix-list prefix-to-C permit 10.1.1.0 24
[Sysname] ip prefix-list prefix-to-D permit 10.2.1.0 24
[Sysname] ip prefix-list peer-C permit 3.3.3.9 32
[Sysname] ip prefix-list peer-D permit 4.4.4.9 32
[Sysname] mpls ldp
[Sysname-ldp] advertise-label prefix-list prefix-to-C peer peer-C
[Sysname-ldp] advertise-label prefix-list prefix-to-D peer peer-D
Related commands
· display mpls ldp fec
· ip prefix-list (Layer 3—IP Routing Command Reference)
· lsp-trigger
backoff
Use backoff to configure the LDP backoff initial delay time and maximum delay time.
Use undo backoff to restore the default.
Syntax
backoff initial initial-time maximum maximum-time
undo backoff
Default
The LDP backoff initial delay time is 15 seconds and the maximum delay time is 120 seconds.
Views
LDP view, LDP-VPN instance view
Predefined user roles
network-admin
mdc-admin
Parameters
initial initial-time: Specifies the LDP backoff initial delay time in the range of 15 to 50331 seconds.
maximum maximum-time: Specifies the LDP backoff maximum delay time in the range of 120 to 50331 seconds.
Usage guidelines
LDP peers continually negotiate with each other until a session is set up. If LDP peers use incompatible negotiation parameters (for example, different label advertisement modes), a large amount of negotiation traffic will enter the network. To suppress LDP session negotiation traffic, use this command to control the interval between negotiation attempts.
After LDP fails to establish a session with a peer LSR for the first time, LDP does not start another attempt until the initial delay timer expires. If the session setup fails again, LDP waits for two times the initial delay before the next attempt. This process continues until the maximum delay time is reached. After that, the maximum delay time always takes effect.
If you configure the initial delay time to be larger than the maximum delay time, the configuration does not take effect. LDP uses the maximum delay time as the initial delay time.
Examples
# Configure LDP backoff for the public network, and set the initial delay time to 100 seconds and the maximum delay time to 300 seconds.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] backoff initial 100 maximum 300
display mpls ldp discovery
Use display mpls ldp discovery to display LDP discovery information.
Syntax
In standalone mode:
display mpls ldp discovery [ vpn-instance vpn-instance-name ] [ interface interface-type interface-number | peer peer-lsr-id ] [ verbose ] [ standby slot slot-number ]
In IRF mode:
display mpls ldp discovery [ vpn-instance vpn-instance-name ] [ interface interface-type interface-number | peer peer-lsr-id ] [ verbose ] [ standby chassis chassis-number slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. The command displays LDP discovery information for the specified VPN. If you do not specify a VPN instance, this command displays LDP discovery information for the public network.
interface interface-type interface-number: Specifies an interface by its type and number.
peer peer-lsr-id: Specifies an LDP peer by its LSR ID.
verbose: Displays detailed LDP discovery information. If you do not specify this keyword, the command displays brief LDP discovery information.
standby: Displays backup LDP process information. If you do not specify this keyword, the command displays primary LDP process information.
slot slot-number: Specifies the slot number of the MPU where the standby process resides. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies the MPU where the standby process resides. The chassis-number argument represents the IRF member ID of the device. The slot-number argument represents the slot number of the MPU. (In IRF mode.)
Usage guidelines
If you do not specify the interface and peer parameters, this command displays all LDP discovery information.
Examples
# Display brief LDP discovery information for the public network.
<Sysname> display mpls ldp discovery
Type: L - Link Hello, T - Targeted Hello
Discovery Source Peer LDP ID Hello Sent/Rcvd
(L) Vlan17 100.100.100.18:0 83/80
200.100.100.18:0 83/60
Table 10 Command output
Field |
Description |
Type |
Type of LDP discovery. · L—Basic discovery, which sends Link Hellos to discover peers. · T—Extended discovery, which sends Targeted Hellos to discover peers. This type is not supported in the current software release. |
Discovery Source |
Discovery source. This field displays the interface that discovers the peer. |
Peer LDP ID |
LDP identifier of the LDP peer. |
Hello Sent/Rcvd |
Number of hellos sent to the peer/number of hellos received from the peer. |
# Display detailed LDP discovery information for the public network.
<Sysname> display mpls ldp discovery verbose
Link Hellos:
Interface Vlan-interface17
Hello Interval : 5000 ms Hello Sent/Rcvd : 83/160
Transport Address: 100.100.100.17
Peer LDP ID : 100.100.100.18:0
Source Address : 202.118.224.18 Transport Address: 100.100.100.18
Hello Hold Time: 15 sec (Local: 15 sec, Peer: 15 sec)
Peer LDP ID : 100.100.100.20:0
Source Address : 202.118.224.20 Transport Address: 100.100.100.20
Hello Hold Time: 15 sec (Local: 15 sec, Peer: 15 sec)
Table 11 Command output
Field |
Description |
Link Hellos |
Information about LDP discovery that sends Link Hellos on interfaces. In a non-point-to-point network, an interface might discover multiple peers. |
Interface |
Interface using basic discovery. |
Hello Interval |
Hello interval in milliseconds. |
Hello Sent/Rcvd |
Number of Hellos sent or received on the interface. |
Transport Address |
Local transport address. |
Peer LDP ID |
LDP identifier of the LDP peer. |
Source Address |
Source IP address of received Hello messages. |
Transport Address |
Transport address in the received Hello messages—the transport address of the LDP peer. |
Hello Hold Time |
Hello hold time in seconds. Local—Local hello hold time. Peer—Peer hello hold time. The negotiated hello hold time is the smaller value of the local and peer hold time values. |
display mpls ldp fec
Use display mpls ldp fec to display LDP FEC-label mappings.
Syntax
In standalone mode:
display mpls ldp fec [ vpn-instance vpn-instance-name ] [ destination-address mask-length | summary ] [ standby slot slot-number ]
In IRF mode:
display mpls ldp fec [ vpn-instance vpn-instance-name ] [ destination-address mask-length | summary ] [ standby chassis chassis-number slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. The command displays FEC-label mappings for the specified VPN. If you do not specify a VPN instance, this command displays FEC-label mappings for the public network.
destination-address mask-length: Specifies an FEC by an IP address and a mask in the range of 0 to 32.
summary: Displays summary information about all FEC-label mappings learned by LDP.
standby: Displays backup LDP process information. If you do not specify this keyword, the command displays primary LDP process information.
slot slot-number: Specifies the slot number of the MPU where the standby process resides. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies the MPU where the standby process resides. The chassis-number argument represents the IRF member ID of the device. The slot-number argument represents the slot number of the MPU. (In IRF mode.)
Usage guidelines
If you do not specify the destination-address mask-length and summary parameters, this command displays detailed information about all FEC-label mappings learned by LDP.
Examples
# Display detailed information about all FEC-label mappings learned by LDP for the public network.
<Sysname> display mpls ldp fec
FEC: 100.100.100.18/32
Flags: 0x02
In Label: 1531
Label Advertisement Policy:
FEC Prefix-list: Fec-prefix-list
Peer Prefix-list: Peer-prefix-list
Upstream Info:
Peer: 100.100.100.18:0 State: Established (stale)
Downstream Info:
Peer: 100.100.100.18:0
Out Label: 3 State: Established (stale)
Next Hops: 202.118.224.18 Vlan17
100.19.100.18 Vlan20
FEC: 200.100.100.18/32 (No route)
Flags: 0x0
In Label: 1532
Upstream Info:
Peer: 200.200.200.28:0 State: Established
Downstream Info:
Peer: 120.100.100.18:0
Out Label: 3 State: Idle
Table 12 Command output
Field |
Description |
FEC |
Forwarding equivalence class identified by an IP prefix. |
Flags |
FEC flags: · 0x01—Egress LSP. · 0x02—Ingress LSP. · 0x04—Waiting to add an outgoing label to RIB. · 0x08—Waiting to add an LSP to LSM. · 0x10—Non-egress LSP waiting for the recovery during a GR process. · 0x20—Ready to advertise labels. |
In Label |
Incoming label assigned by the local LSR to the FEC. |
Label Advertisement Policy |
Label advertisement policy. |
FEC Prefix-list |
IP prefix list for filtering FEC prefixes. |
Peer Prefix-list |
IP prefix list for filtering LDP peers. |
Upstream Info |
Upstream peer to which the local LSR advertised the FEC-label mapping and current state of the LSP. |
Peer |
LDP ID of an upstream peer. |
State |
Current state of the LSP established with the upstream peer: · Established—Active state. · Idle—Initial state. · Release Awaited—Waiting for a Release message. · Resource Awaited—Waiting for a label for the FEC. If the state is marked as stale, the FEC-label mapping is under a GR process. |
Downstream Info |
Downstream peer from which the local LSR received the FEC-label mapping, and current state of the LSP. |
Peer |
LDP ID of a downstream peer. |
Out Label |
Outgoing label assigned by the downstream LSR for the FEC. |
State |
Current state of the LSP established with the downstream peer: · Established—Active state. · Idle—Inactive state. If the state is marked as stale, the FEC-label mapping is under a GR process. |
Next Hops |
Next hops and outgoing interfaces. |
# Display summary information about all FEC-label mappings learned by LDP for the public network.
<Sysname> display mpls ldp fec summary
FECs : 3
Implicit Null: 1
Explicit Null: 0
Non-Null : 2
No Label : 0
No Route : 0
Sent : 3
Received : 3
Table 13 Command output
Field |
Description |
FECs |
Number of FECs that LDP has discovered from the routing protocol or FEC-label mappings advertised by peers. |
Implicit Null |
Number of FECs that are bound to the implicit null label. |
Explicit Null |
Number of FECs that are bound to the explicit null label. |
Non-Null |
Number of FECs that are bound to non-null labels. |
No Label |
Number of FECs without a label. |
No Route |
Number of FECs without matching routes. |
Sent |
Number of label mappings sent and being sent. |
Received |
Number of label mappings accepted. |
display mpls ldp igp sync
Use display mpls ldp igp sync to display LDP-IGP synchronization information.
Syntax
display mpls ldp igp sync [ interface interface-type interface-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
interface interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, this command displays LDP-IGP synchronization information for all interfaces.
Example
# Display LDP-IGP synchronization information for all interfaces.
<Sysname> display mpls ldp igp sync
Vlan2:
IGP protocols: OSPF
Sync status: Ready
Peers:
10.1.1.2:0
Vlan3:
IGP protocols: OSPF, IS-IS
Sync status: Delayed (24 sec remaining)
Peers:
20.1.1.2:0
Vlan4:
LDP-IGP synchronization is disabled on the interface
Table 14 Command output
Field |
Description |
IGP protocols |
IGP protocols that require LDP-IGP synchronization: OSPF and IS-IS. |
Sync status |
LDP-IGP synchronization state: · Ready—LDP is converged and is available for IGP. · Delayed—LDP is waiting to notify IGP of the convergence. remaining indicates the remaining time for the delay, in seconds. · Not ready—LDP is not converged and is not available for IGP. · LDP not enabled—LDP is not enabled on the interface. |
Peers |
LDP peer that completes LDP convergence on the interface. |
display mpls ldp interface
Use display mpls ldp interface to display LDP interface information.
Syntax
display mpls ldp interface [ interface-type interface-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, this command displays information about all LDP interfaces.
Examples
# Display information about all LDP interfaces.
<Sysname> display mpls ldp interface
Interface MPLS LDP Auto-config
Vlan17 Enabled Configured -
Vlan17 Enabled Configured -
Table 15 Command output
Field |
Description |
Interface |
Interface enabled with LDP. |
MPLS |
Whether the interface is enabled with MPLS. |
LDP |
Whether the interface is configured with the mpls ldp enable command. |
Auto-config |
LDP automatic configuration information. This field is not supported in the current software version and is reserved for future support. |
Related commands
· mpls ldp
· mpls ldp enable
display mpls ldp lsp
Use display mpls ldp lsp to display information about LSPs generated by LDP.
Syntax
display mpls ldp lsp [ vpn-instance vpn-instance-name ] [ destination-address mask-length ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. The command displays LDP LSP information for the specified VPN. If you do not specify a VPN instance, this command displays LDP LSP information for the public network.
destination-address mask-length: Specifies an FEC by an IP address and a mask length in the range of 0 to 32. If you do not specify an FEC, this command displays information about LDP LSPs for all FECs.
Examples
# Display LDP LSP information for the public network.
<Sysname> display mpls ldp lsp
Status Flags: * - stale, L - liberal, B - backup
Statistics:
FECs: 4 Ingress LSPs: 1 Transit LSPs: 1 Egress LSPs: 3
FEC In/Out Label Nexthop OutInterface
1.1.1.1/32 -/3 10.1.1.1 Vlan17
1151/3 10.1.1.1 Vlan20
-/1025(B) 30.1.1.1 Vlan30
1151/1025(B) 30.1.1.1 Vlan40
2.2.2.2/32 3/-
-/1151(L)
10.1.1.0/24 1149/-
-/1149(L)
192.168.1.0/24 1150/-
-/1150(L)
Table 16 Command output
Field |
Description |
Status Flags |
LSP status: · *—Stale, indicating the LSP is under a GR process. · L—Liberal, indicating the LSP is not available. · B—Backup, indicating a backup LSP. |
FECs |
Total number of FECs. |
Ingress LSPs |
Number of LSPs that take the local device as the ingress node. |
Transit LSPs |
Number of LSPs that take the local device as a transit node. |
Egress LSPs |
Number of LSPs that take the local device as the egress node. |
FEC |
Forwarding equivalence class identified by an IP prefix. |
In/Out Label |
Incoming/outgoing label. |
Nexthop |
Next hop address for the FEC. |
OutInterface |
Outgoing interface for the FEC. |
Related commands
display mpls lsp
display mpls ldp parameter
Use display mpls ldp parameter to display LDP running parameters.
Syntax
display mpls ldp parameter [ vpn-instance vpn-instance-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. The command displays the LDP running parameters for the specified VPN. If you do not specify a VPN instance, this command displays the LDP running parameters for the public network.
Examples
# Display LDP running parameters for the public network.
<Sysname> display mpls ldp parameter
Protocol Version : V1 IGP Sync Delay on Restart : 90 sec
Nonstop Routing : Off Graceful Restart : Off
Reconnect Time : 120 sec Forwarding State Hold Time: 360 sec
Instance Parameters:
Instance ID : 0 Instance State : Active
LSR ID : 0.0.0.0
Loop Detection : Off
Hop Count Limit : 32 Path Vector Limit : 32
Label Retention Mode: Liberal Label Distribution Control Mode: Ordered
IGP Sync Delay : 0 sec
Table 17 Command output
Field |
Description |
Global Parameters |
Global parameters for all LDP-enabled networks. |
Protocol Version |
LDP protocol version. |
IGP Sync Delay on Restart |
Maximum delay time (in seconds) that LDP must wait before it notifies IGP of an LDP session-up event when there is an LDP restart. |
Nonstop Routing |
Whether the nonstop routing function is enabled: · On—Enabled. · Off—Disabled. |
Graceful Restart |
Whether the GR function is enabled: · On—Enabled. · Off—Disabled. |
Reconnect Time |
Value of the Reconnect timer, in seconds. |
Forwarding State Hold Time |
Value of the MPLS Forwarding State Holding timer, in seconds. |
Instance Parameters |
Running parameters for a specific VPN instance or public network. |
Instance ID |
VPN instance ID. For the public network, this field displays 0. |
Instance State |
LDP status in the VPN instance, Active or Inactive. |
LSR ID |
LSR ID of the local device. |
Loop Detection |
Whether loop detection is enabled: · On—Enabled. · Off—Disabled. |
Hop Count Limit |
Hop count limit specified for loop detection. |
Path Vector Limit |
Path Vector length limit specified for loop detection. |
Label Retention Mode |
The device supports only the Liberal mode. |
IGP Sync Delay |
Delay time (in seconds) that LDP must wait before it notifies IGP of an LDP session-up event. |
display mpls ldp peer
Use display mpls ldp peer to display the LDP peer and session information.
Syntax
In standalone mode:
display mpls ldp peer [ vpn-instance vpn-instance-name ] [ peer-lsr-id ] [ verbose ] [ standby slot slot-number ]
In IRF mode:
display mpls ldp peer [ vpn-instance vpn-instance-name ] [ peer-lsr-id ] [ verbose ] [ standby chassis chassis-number slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. The command displays LDP peer and session information for the specified VPN. If you do not specify a VPN instance, this command displays the LDP peer and session information for the public network.
peer peer-lsr-id: Specifies an LDP peer by its LSR ID. If you do not specify this option, the command displays all LDP peers and related session information.
verbose: Displays detailed LDP peer and session information. If you do not specify this keyword, the command displays brief LDP peer and session information.
standby: Displays backup LDP process information. If you do not specify this keyword, the command displays primary LDP process information.
slot slot-number: Specifies the slot number of the MPU where the standby process resides. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies the MPU where the standby process resides. The chassis-number argument represents the IRF member ID of the device. The slot-number argument represents the slot number of the MPU. (In IRF mode.)
Examples
# Display brief information about all LDP peers and LDP sessions for the public network.
<Sysname> display mpls ldp peer
Total number of peers: 1
Peer LDP ID State Role GR MD5 KA Sent/Rcvd
2.2.2.9:0 Operational Passive Off Off 39/39
Table 18 Command output
Field |
Description |
Peer LDP ID |
LDP identifier of the peer. |
State |
State of the LDP session between the local LSR and the peer: · Non Existent—No TCP connection is established. · Initialized—A TCP connection has been established. · OpenRecv—LDP has received an acceptable initialization message. · OpenSent—LDP has sent an initialization message. · Operational—An LDP session has been established. |
Role |
Role of the local LSR in the session, Active or Passive. In a session, the LSR with a higher IP address takes the Active role. The Active LSR initiates a TCP connection to the passive LSR. |
GR |
Whether GR is enabled on the peer: · On—Enabled. · Off—Disabled. |
MD5 |
Whether MD5 authentication is enabled for the LDP session on the local device: · On—Enabled. · Off—Disabled. |
KA Sent/Rcvd |
Number of keepalive messages sent/received. |
# Display detailed information about all LDP peers and LDP sessions for the public network.
<Sysname> display mpls ldp peer verbose
Peer LDP ID : 100.100.100.20:0
Local LDP ID : 100.100.100.17:0
TCP Connection : 100.100.100.20:47515 -> 100.100.100.17:646
Session State : Operational Session Role : Passive
Session Up Time : 0000:00:03 (DD:HH:MM)
Max PDU Length : 4096 bytes (Local: 4096 bytes, Peer: 4096 bytes)
Keepalive Time : 45 sec (Local: 45 sec, Peer: 45 sec)
Keepalive Interval : 15 sec
Msgs Sent/Rcvd : 288/426
KA Sent/Rcvd : 13/13
Label Adv Mode : DU Graceful Restart : On
Reconnect Time : 120 sec Recovery Time : 360 sec
Loop Detection : On Path Vector Limit: 32
Discovery Sources:
Vlan-interface17
Hello Hold Time: 15 sec Hello Interval : 5000 ms
Label Acceptance Policy : prefix-from-20
Session Protection : Off
Addresses received from peer:
202.118.224.20 100.100.100.20 11.22.33.44 1.2.3.10
1.2.3.4
Table 19 Command output
Field |
Description |
Peer LDP ID |
LDP identifier of the peer. |
Local LDP ID |
LDP identifier of the local LSR. |
TCP connection |
TCP connection information for the session, including the IP addresses and port numbers used by both ends of the TCP connection, and whether MD5 authentication is enabled for the TCP connection. If MD5 authentication is enabled, MD5 On is displayed. If MD5 is not enabled, this field is blank. |
Session State |
State of the LDP session: · Non Existent—No TCP connection is established. · Initialized—A TCP connection has been established. · OpenRecv—LDP has received an acceptable initialization message. · OpenSent—LDP has sent an initialization message. · Operational—An LDP session has been established. |
Session Role |
Role the local LSR in the session, Active or Passive. |
Session Up time |
Duration of the session in Operational state. |
Max PDU Length |
Maximum PDU length negotiated, in bytes. Local—Maximum PDU length (in bytes) on the local LSR. Peer—Maximum PDU length (in bytes) on the peer. |
Keepalive Time |
Keepalive time negotiated, in seconds. Local—Locally configured Keepalive holding time, in seconds. Peer—Keepalive holding time (in seconds) configured on the peer. |
Keepalive Interval |
Keepalive interval in seconds. |
Msgs Sent/Rcvd |
Total number of LDP messages sent and received. |
KA Sent/Rcvd |
Total number of Keepalive messages sent and received. |
Label Adv Mode |
Label advertisement mode negotiated. The device only supports the DU mode. |
Graceful Restart |
Whether GR is enabled on the peer: · On—Enabled. · Off—Disabled. |
Reconnect Time |
Reconnect time negotiated, in seconds. |
Recovery Time |
Recovery time (in seconds) carried in packets sent by the peer. |
Loop Detection |
Whether loop detection is enabled on the peer: · On—Enabled. · Off—Disabled. |
Path Vector Limit |
Maximum Path Vector length configured on the peer. |
Discovery Sources |
Discovery source of the LDP peer. |
Vlan-interface17 |
Interface running LDP basic discovery. The device discovers the LDP peer by sending Link Hellos out of the interface. |
Hello Hold Time |
Hello hold time negotiated, in seconds. |
Hello Interval |
Current Hello interval, in milliseconds. |
Label Acceptance Policy |
Label acceptance policy used to filter label mappings received from the peer. |
Session Protection |
Whether session protection is enabled. This field is not supported in the current software release. |
Addresses received from peer |
IP addresses received from the peer. |
display mpls ldp summary
Use display mpls ldp summary to display LDP summary information.
Syntax
In standalone mode:
display mpls ldp summary [ all | vpn-instance vpn-instance-name ] [ standby slot slot-number ]
In IRF mode:
display mpls ldp summary [ all | vpn-instance vpn-instance-name ] [ standby chassis chassis-number slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
all: Displays LDP summary information for the public network and all VPN instances.
vpn-instance vpn-instance-name: Displays LDP summary information for the specified VPN. The vpn-instance-name argument is a case-sensitive string of 1 to 31 characters.
standby: Displays backup LDP process information. If you do not specify this keyword, the command displays primary LDP process information.
slot slot-number: Specifies the slot number of the MPU where the standby process resides. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies the MPU where the standby process resides. The chassis-number argument represents the IRF member ID of the device. The slot-number argument represents the slot number of the MPU. (In IRF mode.)
Usage guidelines
If you do not specify any parameters, this command displays LDP summary information for the public network.
Examples
# Display LDP summary information for the public network.
<Sysname> display mpls ldp summary
VPN Instance Name : Public
Instance ID : 0
Instance State : Active
Interfaces : 1 (1 active)
Targeted Peers : 0
Adjacencies : 1
Peers : 1
Operational : 1 (0 GR)
OpenSent : 0
OpenRecv : 0
Initialized : 0
Non-Existent: 0
Table 20 Command output
Field |
Description |
Instance ID |
VPN instance identifier. A value of 0 represents the public network. |
Instance State |
LDP status in the VPN instance, Active or Inactive. |
Interfaces |
Number of interfaces enabled with LDP. active: Number of interfaces running LDP. |
Targeted Peers |
Number of peers discovered by the LDP extended discovery mechanism, including the manually specified peers and the automatically established peers. This field is not supported in the current software release. |
Adjacencies |
Number of Hello adjacencies. |
Peers |
Total number of peers. |
Operational |
Number of peers in Operational state. GR: Number of GR-capable peers. |
OpenSent |
Number of peers in OpenSent state. |
OpenRecv |
Number of peers in OpenRecv state. |
Initialized |
Number of peers in Initialized state. |
Non-Existent |
Number of peers in Non-Existent state. |
graceful-restart
Use graceful-restart to enable Graceful Restart (GR) for LDP.
Use undo graceful-restart to disable LDP GR.
Syntax
graceful-restart
undo graceful-restart
Default
LDP GR is disabled.
Views
LDP view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
GR enables an LSR to retain MPLS forwarding entries during an LDP restart, ensuring continuous MPLS forwarding.
The graceful-restart command does not take effect for LDP sessions established before the command is executed. To apply the new setting, execute the reset mpls ldp command to re-establish LDP sessions.
Examples
# Enable GR for LDP.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] graceful-restart
Related commands
· display mpls ldp parameter
· reset mpls ldp
graceful-restart timer
Use graceful-restart timer to configure the MPLS Forwarding State Holding timer and the Reconnect timer for GR.
Use undo graceful-restart timer to restore the default.
Syntax
graceful-restart timer { forwarding-hold hold-time | reconnect reconnect-time }
undo graceful-restart timer { forwarding-hold | reconnect }
Default
The MPLS Forwarding State Holding timer is 180 seconds and the Reconnect timer is 120 seconds.
Views
LDP view
Predefined user roles
network-admin
mdc-admin
Parameters
forwarding-hold hold-time: Specifies the MPLS Forwarding State Holding time in the range of 60 to 600 seconds. This time specifies how long the local LSR retains its MPLS forwarding entries after the control plane of the local LSR restarts.
reconnect timeout: Specifies the Reconnect time in the range of 60 to 300 seconds. This time specifies the period the local LSR expects the peer to wait for LDP session re-establishment after the peer detects an LDP session failure. The local LSR sends the Reconnect time to the peer.
Usage guidelines
The MPLS Forwarding State Holding time must be greater than the Reconnect time.
In a GR process, the timers work as follows:
1. When LDP restarts, the GR restarter starts the MPLS Forwarding State Holding timer, and marks the MPLS forwarding entries as stale. When a GR helper detects that the LDP session with the GR restarter is down, it performs the following tasks:
a. Marks the FEC-label mappings learned from the session as stale.
b. Starts the Reconnect timer received from the GR restarter.
2. After the LDP restart, the GR restarter re-establishes an LDP session with the GR helper.
¡ If the LDP session is not set up before the Reconnect timer expires, the GR helper deletes stale FEC-label mappings and corresponding MPLS forwarding entries.
¡ If the LDP session is successfully set up before the Reconnect timer expires, the GR restarter sends the remaining time of the MPLS Forwarding State Holding timer to the GR helper.
The remaining time is sent as the LDP Recovery time.
3. After the LDP session is re-established, the GR helper starts the LDP Recovery timer.
4. The GR restarter and the GR helper exchange label mappings and update their MPLS forwarding tables.
The GR restarter compares each received label mapping against stale MPLS forwarding entries. If a match is found, the restarter deletes the stale mark for the matching entry. Otherwise, it adds a new entry for the label mapping.
The GR helper compares each received label mapping against stale FEC-label mappings. If a match is found, the helper deletes the stale mark for the matching mapping. Otherwise, it adds the received FEC-label mapping and a new MPLS forwarding entry for the mapping.
5. When the MPLS Forwarding State Holding timer expires, the GR restarter deletes all stale MPLS forwarding entries.
6. When the LDP Recovery timer expires, the GR helper deletes all stale FEC-label mappings.
Examples
# Set the MPLS Forwarding State Holding time to 200 seconds, and the Reconnect time to 100 seconds.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] graceful-restart timer forwarding-hold 200
[Sysname-ldp] graceful-restart timer reconnect 100
Related commands
· display mpls ldp parameter
· graceful-restart
igp sync delay
Use igp sync delay to configure the delay for LDP to notify IGP of the LDP convergence completion.
Use undo igp sync delay to restore the default.
Syntax
igp sync delay time
undo igp sync delay
Default
LDP immediately notifies IGP of the LDP convergence completion.
Views
LDP view
Predefined user roles
network-admin
mdc-admin
Parameters
time: Specifies the notification delay in the range of 5 to 300 seconds.
Usage guidelines
LDP convergence on a link is completed when the following conditions exist:
· The local device establishes an LDP session to at least one peer, and the LDP session is already in Operational state.
· The local device has distributed the label mappings to at least one peer.
If LDP notifies IGP immediately after convergence, MPLS traffic forwarding might be interrupted in one of the following scenarios:
· LDP peers use the Ordered label distribution control mode. When LDP notifies IGP of the LDP convergence, the device has not received a label mapping from downstream.
· A large number of label mappings are distributed from downstream. When LDP notifies IGP of the LDP convergence completion, label advertisement is not completed.
In these scenarios, you must use the igp sync delay command to configure the notification delay. When LDP convergence on a link is completed, LDP waits a delay time before notifying IGP of the LDP convergence completion to reduce traffic interruption.
Examples
# Configure a 30-second delay for LDP to notify IGP of the LDP convergence.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] igp sync delay 30
Related commands
· igp sync delay on-restart
· mpls ldp igp sync disable
· mpls ldp sync (IS-IS view)
· mpls ldp sync (OSPF view/OSPF area view)
igp sync delay on-restart
Use igp sync delay on-restart to configure the maximum delay for LDP to notify IGP of the LDP-IGP synchronization status after an LDP restart or an active/standby switchover occurs.
Use undo igp sync delay on-restart to restore the default.
Syntax
igp sync delay on-restart time
undo igp sync delay on-restart
Default
The maximum notification delay is 90 seconds.
Views
LDP view
Predefined user roles
network-admin
mdc-admin
Parameters
time: Specifies the maximum notification delay in the range of 60 to 600 seconds.
Usage guidelines
When an LDP restart or an active/standby switchover occurs, LDP takes time to converge. LDP notifies IGP of the LDP-IGP synchronization status as follows:
· If a notification delay is not configured, LDP immediately notifies IGP of the current synchronization states during convergence, and then updates the states after LDP convergence. This could impact IGP processing.
· If a notification delay is configured, LDP notifies IGP of the synchronization states in bulk when one of the following events occurs:
¡ LDP recovers to the state before the restart or switchover.
¡ The maximum delay timer expires.
Examples
# Configure a 300-second maximum delay for LDP to notify IGP of the LDP-IGP synchronization status after an LDP restart or active/standby switchover occurs.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] igp sync delay on-restart 300
Related commands
· igp sync delay
· mpls ldp igp sync disable
· mpls ldp sync (IS-IS view)
· mpls ldp sync (OSPF view/OSPF area view)
label-distribution
Use label-distribution to configure the label distribution control mode.
Use undo label-distribution to restore the default.
Syntax
label-distribution { independent | ordered }
undo label-distribution
Default
The label distribution control mode is ordered.
Views
LDP view, LDP-VPN instance view
Predefined user roles
network-admin
mdc-admin
Parameters
independent: Specifies Independent label distribution mode. In this mode, an LSR can distribute label mappings to the upstream LSR at any time.
ordered: Specifies Ordered label distribution mode. In this mode, an LSR distributes a label mapping for an FEC to the upstream LSR only when one of the following events occurs:
· The LSR receives a label mapping for that FEC from the downstream LSR.
· The LSR is the egress node of that FEC.
Usage guidelines
In Ordered mode, an LSR can determine that the downstream LSR has established an LSP when the LSR receives an FEC-label mapping from the downstream LSR.
The Independent mode enables faster LSP convergence because each LSR independently advertises labels without waiting for labels from downstream LSRs.
Examples
# Set the Independent LDP label distribution mode for the public network.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] label-distribution independent
Related commands
display mpls ldp parameter
loop-detect
Use loop-detect to enable loop detection.
Use undo loop-detect to disable loop detection.
Syntax
loop-detect
undo loop-detect
Default
Loop detection is disabled.
Views
LDP view, LDP-VPN instance view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
This command enables LDP to detect and terminate LSP loops. LDP loop detection uses one of the following methods:
· Hop count. For more information, see "maxhops."
· Path vector. For more information, see "pv-limit."
Use LDP loop detection only in networks with devices that do not support TTL mechanism such as ATM switches. Do not use LDP loop detection on other networks because it only results in extra LDP overhead.
Examples
# Enable LDP loop detection for the public network.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] loop-detect
Related commands
· display mpls ldp parameter
· maxhops
· pv-limit
lsp-trigger
Use lsp-trigger to configure an LSP generation policy.
Use undo lsp-trigger to restore the default.
Syntax
lsp-trigger { all | prefix-list prefix-list-name }
undo lsp-trigger
Default
LDP can only use host routes with a 32-bit mask to generate LSPs.
Views
LDP view, LDP-VPN instance view
Predefined user roles
network-admin
mdc-admin
Parameters
all: Enables LDP to use all routes to generate LSPs.
prefix-list prefix-name: Specifies an IP prefix list by its name, a case-sensitive string of 1 to 63 characters. LDP can only use the routes permitted by the IP prefix list to generate LSPs.
Usage guidelines
The default LSP generation policy depends on the label distribution control mode.
· In Ordered mode, LDP can only use the Loopback interface address routes with a 32-bit mask and the routes with a 32-bit mask that match the FECs of label mappings received from downstream LSRs to generate LSPs.
· In Independent mode, LDP can use all routes with a 32-bit mask to generate LSPs.
After you configure an LSP generation policy, LDP uses all routes or the routes permitted by the IP prefix list to generate LSPs, regardless of the label distribution control mode.
As a best practice, use the default LSP generation policy.
Examples
# Configure an LSP generation policy to use only routes 10.10.1.0/24 and 10.20.1.0/24 to establish LSPs for the public network.
<Sysname> system-view
[Sysname] ip prefix-list egress-fec-list index 1 permit 10.10.1.0 24
[Sysname] ip prefix-list egress-fec-list index 2 permit 10.20.1.0 24
[Sysname] mpls ldp
[Sysname-ldp] lsp-trigger prefix-list egress-fec-list
Related commands
ip prefix-list (Layer 3—IP Services Command Reference)
lsr-id
Use lsr-id to configure an LDP LSR ID.
Use undo lsr-id to delete the configured LDP LSR ID.
Syntax
lsr-id lsr-id
undo lsr-id
Default
No LDP LSR ID is configured. LDP uses the MPLS LSR ID configured by the mpls lsr-id command for both the public network and VPN instances.
Views
LDP view, LDP-VPN instance view
Predefined user roles
network-admin
mdc-admin
Parameters
lsr-id: Specifies an LDP LSR ID, in dotted decimal notation.
Usage guidelines
If you configure an LDP LSR ID by using the lsr-id command in LDP view or LDP-VPN instance view, LDP uses the LDP LSR ID. Otherwise, LDP uses the LSR-ID configured by the mpls lsr-id command.
LDP uses the same LSR ID for all sessions in the same VPN instance. After you configure a new LSR ID for a VPN instance, LDP does not use the new LSR ID unless the reset mpls ldp command is executed. The reset mpls ldp command re-establishes all LDP sessions in the VPN instance.
As a best practice, use the default LDP LSR ID configured by the mpls lsr-id command for the public network. If you want to configure an LDP LSR ID for the public network by using the lsr-id command, specify the IP address of a local Loopback interface as the LDP LSR ID for high reliability.
Examples
# Configure the LDP LSR ID as 2.2.2.2 for the public network.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] lsr-id 2.2.2.2
Related commands
· display mpls ldp parameter
· mpls lsr-id
maxhops
Use maxhops to specify the maximum hop count for loop detection.
Use undo maxhops to restore the default.
Syntax
maxhops hop-number
undo maxhops
Default
The maximum hop count for loop detection is 32.
Views
LDP view, LDP-VPN instance view
Predefined user roles
network-admin
mdc-admin
Parameters
hop-number: Specifies the maximum hop count for loop detection, in the range of 1 to 32.
Usage guidelines
LDP adds a hop count in a label request or label mapping message. The hop count increments by 1 on each LSR. When the hop count reaches the maximum hop count configured by this command, LDP considers that a loop occurs and terminates LSP establishment.
Set a proper maximum hop count according to the number of LSRs in your network. For example, set a smaller maximum hop count in small networks to allow for fast loop detection. Set a higher maximum hop count in large networks to make sure LSPs can be successfully established.
Examples
# Set the maximum hop count to 25 for loop detection in the public network.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] maxhops 25
Related commands
· display mpls ldp parameter
· loop-detect
· pv-limit
md5-authentication
Use md5-authentication to enable LDP MD5 authentication.
Use undo md5-authentication to disable LDP MD5 authentication.
Syntax
md5-authentication peer-lsr-id { cipher | plain } password
undo md5-authentication peer-lsr-id
Default
LDP MD5 authentication is disabled.
Views
LDP view, LDP-VPN instance view
Predefined user roles
network-admin
mdc-admin
Parameters
peer-lsr-id: Specifies the LSR ID of a peer.
cipher: Sets a ciphertext key.
plain: Sets a plaintext key.
password: Specifies a case-sensitive key string. If plain is specified, it must be a plaintext string of 1 to 16 characters. If cipher is specified, it must be a ciphertext string of 1 to 53 characters.
For security purposes, all keys, including keys configured in plain text, are saved in cipher text.
Usage guidelines
To improve security for LDP sessions, you can configure MD5 authentication for the underlying TCP connections to check the integrity of LDP messages.
The local LSR and the peer LSR must have the same key. Otherwise, they cannot establish a TCP connection.
After you change the MD5 authentication key, the local LSR uses the new key to re-establish an LDP session with the specified peer.
Examples
# Enable LDP MD5 authentication for peer 3.3.3.3 in the public network, and set a plaintext key of pass.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] md5-authentication 3.3.3.3 plain pass
Related commands
display mpls ldp peer
mpls ldp
Use mpls ldp to enable LDP globally for an LSR and enter LDP view.
Use undo mpls ldp to disable LDP globally for an LSR and delete all LDP-VPN instances.
Syntax
mpls ldp
undo mpls ldp
Default
LDP is globally disabled.
Views
System view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
You must enable LDP globally for an LSR to run LDP.
The NSR and GR commands are available only in LDP view. All other commands available in LDP view are also available in LDP-VPN instance view.
Commands executed in LDP view take effect only for the public network. Commands executed in LDP-VPN instance view take effect only for the specified VPN instance. The NSR and GR commands are global commands and take effect for all VPN instances and the public network.
Examples
# Enable LDP globally and enter LDP view.
<Sysname> System-view
[Sysname] mpls ldp
[Sysname-ldp]
Related commands
· mpls ldp enable
· vpn-instance
mpls ldp enable
Use mpls ldp enable to enable LDP for an interface.
Use undo mpls ldp enable to disable LDP for an interface.
Syntax
mpls ldp enable
undo mpls ldp enable
Default
LDP is disabled on an interface.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
Before you enable LDP for an interface, use the mpls ldp command in system view to enable LDP globally.
Disabling LDP on an interface terminates all LDP sessions on the interface, and removes all LSPs established through the sessions.
If the interface is bound with a VPN instance, you must also use the vpn-instance command to enable LDP for the VPN instance.
An up interface enabled with LDP and MPLS sends Link Hellos for neighbor discovery.
Examples
# Enable LDP for interface VLAN-interface 2.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] quit
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2] mpls ldp enable
Related commands
· display mpls ldp interface
· mpls enable
· mpls ldp
mpls ldp igp sync disable
Use mpls ldp igp sync disable to disable LDP-IGP synchronization on an interface.
Use undo mpls ldp igp sync disable to restore the default.
Syntax
mpls ldp igp sync disable
undo mpls ldp igp sync disable
Default
LDP-IGP synchronization is enabled on an interface.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
After you enable LDP-IGP synchronization for an OSPF area or an IS-IS process, LDP-IGP synchronization is enabled on the OSPF or IS-IS process interfaces by default. To disable LDP-IGP synchronization on an interface, execute the mpls ldp igp sync disable command on that interface.
Examples
# Disable LDP-IGP synchronization on VLAN-interface 2.
<Sysname> System-view
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2] mpls ldp igp sync disable
Related commands
· mpls ldp sync (IS-IS view)
· mpls ldp sync (OSPF view/OSPF area view)
mpls ldp sync (IS-IS view)
Use mpls ldp sync to enable LDP-ISIS synchronization.
Use undo mpls ldp sync to disable LDP-ISIS synchronization.
Syntax
mpls ldp sync [ level-1 | level-2 ]
undo mpls ldp sync [ level-1 | level-2 ]
Default
LDP-ISIS synchronization is disabled.
Views
IS-IS view
Predefined user roles
network-admin
mdc-admin
Parameters
level-1: Specifies Level-1 of the IS-IS process.
level-2: Specifies Level-2 of the IS-IS process.
Usage guidelines
LDP establishes LSPs based on the IGP optimal route. If LDP is not synchronized with IGP, MPLS traffic forwarding might be interrupted. The LDP-IGP synchronization function is used to solve the synchronization problem.
After LDP-IGP synchronization is enabled, IGP advertises the actual cost of a link only when LDP convergence on the link is completed. Before LDP is converged, IGP advertises the maximum cost of the link. As a result, the link is visible on the IGP topology, but IGP does not select the link as the optimal route when other links are available. In this way, the device can avoid discarding MPLS packets due to lack of LDP LSP on the optimal route.
LDP-IGP synchronization is not supported for an IS-IS process that belongs to a VPN instance.
If you do not specify any keywords, this command enables LDP-ISIS synchronization for both Level-1 and Level-2.
If you use this command multiple times, the most recent configuration takes effect. For example, if you execute the mpls ldp sync level-1 command after you execute the mpls ldp sync command, LDP-ISIS synchronization is enabled for Level-1 but disabled for Level-2.
Examples
# Enable LDP-ISIS synchronization for Level-2 of IS-IS process 1.
<Sysname> system-view
[Sysname] isis 1
[Sysname-isis-1] mpls ldp sync level-2
Related commands
· display mpls ldp igp sync
· igp sync delay
· igp sync delay on-restart
· mpls ldp igp sync disable
mpls ldp sync (OSPF view/OSPF area view)
Use mpls ldp sync to enable LDP-OSPF synchronization.
Use undo mpls ldp sync to disable LDP-OSPF synchronization.
Syntax
mpls ldp sync
undo mpls ldp sync
Default
LDP-OSPF synchronization is disabled.
Views
OSPF view, OSPF area view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
LDP establishes LSPs based on the IGP optimal route. If LDP is not synchronized with IGP, MPLS traffic forwarding might be interrupted. The LDP-IGP synchronization function is used to solve the synchronization problem.
After LDP-IGP synchronization is enabled, IGP advertises the actual cost of a link only when LDP convergence on the link is completed. Before LDP is converged, IGP advertises the maximum cost of the link. As a result, the link is visible on the IGP topology, but IGP does not select the link as the optimal route when other links are available. In this way, the device can avoid discarding MPLS packets due to lack of LDP LSP on the optimal route.
LDP-IGP synchronization is not supported for an OSPF process and its OSPF areas if the OSPF process belongs to a VPN instance.
To enable LDP-OSPF synchronization for an OSPF area, use this command in OSPF area view. To enable LDP-OSPF synchronization for all areas of an OSPF process, use this command in OSPF view.
Examples
# Enable LDP-OSPF synchronization for OSPF process 1.
<Sysname> system-view
[Sysname] ospf 1
[Sysname-ospf-1] mpls ldp sync
Related commands
· display mpls ldp igp sync
· igp sync delay
· igp sync delay on-restart
· mpls ldp igp sync disable
mpls ldp timer
Use mpls ldp timer to configure the Hello hold time, Hello interval, Keepalive hold time, and Keepalive interval.
Use undo mpls ldp timer to restore the default.
Syntax
mpls ldp timer { hello-hold timeout | hello-interval interval | keepalive-hold timeout | keepalive-interval interval }
undo mpls ldp timer { hello-hold | hello-interval | keepalive-hold | keepalive-interval }
Default
· The Link Hello hold time is 15 seconds.
· The Link Hello interval is 5 seconds.
· The Keepalive hold time is 45 seconds.
· The Keepalive interval is 15 seconds.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
hello-hold timeout: Specifies the Hello hold time in the range of 1 to 65535 seconds. LDP keeps the hello adjacency during the Hello hold time. The negotiated Hello hold time takes the smaller value of the local Hello hold time and the peer Hello hold time. If LDP receives no Hello message from the peer before the Hello hold timer expires, LDP deletes the Hello adjacency with the peer. If you set the Hello hold time to 65535, LDP permanently keeps the Hello adjacency.
hello-interval interval: Specifies the Hello interval in the range of 1 to 65535 seconds. LDP sends Hello messages at this interval.
keepalive-hold timeout: Specifies the Keepalive hold time in the range of 15 to 65535 seconds. LDP keeps the LDP session with the peer during the Keepalive hold time. The negotiated Keepalive hold time takes the smaller value of the local Keepalive hold time and the peer Keepalive hold time. If LDP receives no LDP message from the peer before the Keepalive hold timer expires, LDP deletes the LDP session with the peer.
keepalive-interval interval: Specifies the Keepalive interval in the range of 1 to 65535 seconds. LDP sends Keepalive messages to the peer at this interval.
Usage guidelines
If the Hello hold time and the Keepalive hold time values are too large, LDP cannot quickly detect link failures. If the values are too small, LDP might mistakenly consider a normal link failed. As a best practice, use the default values.
If two LSRs have multiple LDP links in between, make sure those links have the same Keepalive hold time.
During LDP session negotiation, an LSR compares the local Hello hold time with the peer LSR's Hello hold time carried in Hellos. Then, the LSR uses the smaller one as the negotiated Hello hold time. If the negotiated Hello hold time is larger than three times the local Hello interval, the LSR sends Hello messages at the local Hello interval. Otherwise, the LSR sends Hello messages at an interval 1/3 of the negotiated Hello hold time.
During LDP session negotiation, an LSR compares the local Keepalive hold time with the Keepalive hold time of the peer LSR by exchanging Initialization messages. Then, the LSR uses the smaller one as the negotiated Keepalive hold time. If the negotiated Keepalive hold time is larger than three times the local Keepalive interval, the LSR sends Keepalive messages at the local Keepalive interval. Otherwise, the LSR sends Keepalive messages at an interval 1/3 of the negotiated Keepalive hold time.
Examples
# On VLAN-interface 2, set the Link Hello hold time to 100 seconds, Link Hello interval to 20 seconds, Keepalive hold time to 50 seconds, and Keepalive interval to 10 seconds.
<Sysname> System-view
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2] mpls ldp timer hello-hold 100
[Sysname-Vlan-interface2] mpls ldp timer hello-interval 20
[Sysname-Vlan-interface2] mpls ldp timer keepalive-hold 50
[Sysname-Vlan-interface2] mpls ldp timer keepalive-interval 10
Related commands
· display mpls ldp discovery
· display mpls ldp peer
mpls ldp transport-address
Use mpls ldp transport-address to specify the LDP transport address.
Use undo mpls ldp transport-address to restore the default.
Syntax
mpls ldp transport-address { ip-address | interface }
undo mpls ldp transport-address
Default
If the interface belongs to the public network, the LDP transport address is the local LSR ID. If the interface belongs to a VPN, the LDP transport address is the primary IP address of the interface.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
ip-address: Specifies the LDP transport address.
interface: Uses the IP address of the current interface as the LDP transport address.
Usage guidelines
Before two LSRs establish an LDP session, they must establish a TCP connection by using the LDP transport address. LDP sends the local LDP transport address to the peer in Link Hello messages.
As a best practice, use the default transport address.
If two LSRs have multiple links in between and you want to establish an LDP session on each link, make sure all the links use the same transport address.
Examples
# On interface VLAN-interface 2, specify the transport address carried in Link Hellos as the IP address of the interface.
<Sysname> System-view
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2] mpls ldp transport-address interface
Related commands
display mpls ldp discovery
non-stop-routing
Use non-stop-routing to enable LDP NSR.
Use undo non-stop-routing to disable LDP NSR.
Syntax
non-stop-routing
undo non-stop-routing
Default
LDP NSR is disabled.
Views
LDP view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
LDP nonstop routing (NSR) backs up protocol states and data (including LDP session and LSP information) from the active process to the standby process. After the LDP active process fails, the standby process becomes active and takes over processing seamlessly. The LDP peers are not notified of the LDP interruption. The LDP session stays in Operational state, and the forwarding is not interrupted.
The LDP active process fails when one of the following events occurs:
· The active process restarts.
· The MPU where the active process resides fails.
· The MPU where the active process resides performs an ISSU.
Both LDP NSR and LDP GR ensure continuous traffic forwarding. Choose either feature as needed. They have the following differences:
· Device requirements—To use LDP NSR, the device must have two or more MPUs, and the active and standby processes for LDP reside on different MPUs. To use LDP GR, the device can have only one MPU on the device.
· LDP peer requirements—With LDP NSR, LDP peers of the local device are not aware of any switchover events on the local device. The local device does not require the help of a peer to restore the MPLS forwarding information. With LDP GR, the LDP peer must be able to identify the GR capability flag (in the Initialization message) of the GR restarter. The LDP peer acts as a GR helper to help the GR restarter to restore MPLS forwarding information.
Example
# Enable LDP NSR.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] non-stop-routing
Related commands
· display mpls ldp discovery
· display mpls ldp fec
· display mpls ldp peer
· display mpls ldp summary
pv-limit
Use pv-limit to specify the path vector limit.
Use undo pv-limit to restore the default.
Syntax
pv-limit pv-number
undo pv-limit
Default
The path vector limit is 32.
Views
LDP view, LDP-VPN instance view
Predefined user roles
network-admin
mdc-admin
Parameters
pv-number: Specifies the path vector limit in the range of 1 to 32.
Usage guidelines
LDP adds LSR ID information in a label request or label mapping message. Each LSR checks whether its LSR ID is contained in the message.
· If it is not, the LSR adds its own LSR ID into the message.
· If it is, the LSR considers that a loop occurs and terminates LSP establishment.
In addition, when the number of LSR IDs in the message reaches the path vector limit, LDP also considers that a loop occurs and terminates LSP establishment.
Examples
# Set the path vector limit to 3 for LDP loop detection in the public network.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] pv-limit 3
Related commands
· display mpls ldp parameter
· loop-detect
· maxhops
reset mpls ldp
Use reset mpls ldp to reset LDP sessions.
Syntax
reset mpls ldp [ vpn-instance vpn-instance-name ] [ peer peer-id ]
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. This command resets the LDP sessions in the specified VPN. If you do not specify a VPN instance, this command resets the LDP sessions in the public network.
peer peer-id: Specifies a peer by its LSR ID. If you do not specify a peer, this command resets all LDP sessions in the specified VPN instance or the public network.
Usage guidelines
Resetting an LDP session deletes and re-establishes the session and all LSPs based on the session.
Changes to LDP session parameters take effect only on new LDP sessions. To apply the changes to an existing LDP session on a network, you must reset all LDP sessions on that network by executing this command without the peer keyword. If you specify the peer keyword, this command resets the LDP session to the specified peer without applying the parameter changes to the session.
Examples
# Reset all LDP sessions in the public network.
<Sysname> reset mpls ldp
# Reset all LDP sessions in VPN instance vpn1.
<Sysname> reset mpls ldp vpn-instance vpn1
snmp-agent trap enable ldp
Use snmp-agent trap enable ldp to enable SNMP notifications for LDP.
Use undo snmp-agent trap enable ldp to disable SNMP notifications for LDP.
Syntax
snmp-agent trap enable ldp
undo snmp-agent trap enable ldp
Default
SNMP notifications for LDP are enabled.
Views
System view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
This command enables generating SNMP notifications for LDP upon LDP session changes, as defined in RFC 3815. The generated SNMP notifications are sent to the SNMP module.
For more information about SNMP notifications, see Network Management and Monitoring Configuration Guide.
Examples
# Enable SNMP notifications for LDP.
<Sysname> system-view
[Sysname] snmp-agent trap enable ldp
vpn-instance
Use vpn-instance to enable LDP for a VPN instance and enter LDP-VPN instance view.
Use undo vpn-instance to delete the LDP-VPN instance.
Syntax
vpn-instance vpn-instance-name
undo vpn-instance vpn-instance-name
Default
LDP is disabled for a VPN instance.
Views
LDP view
Predefined user roles
network-admin
mdc-admin
Parameters
vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters.
Usage guidelines
Enabling LDP for VPNs is used for the Carrier's Carrier network that uses LDP between the Level 1 carrier and Level 2 carrier PEs. In such a network, you must enable LDP for each VPN on each Level 1 carrier PE.
The VPN instance specified by this command must have been created by the ip vpn-instance command in system view.
The NSR and GR commands are available only in LDP view. All other commands available in LDP view are available in LDP-VPN instance view.
Commands executed in LDP view take effect only for the public network. Commands executed in LDP-VPN instance view take effect only for the specified VPN instance. The NSR and GR commands are global commands and take effect for all VPN instances and the public network.
Examples
# Enable LDP for the VPN instance vpn1 and enter LDP-VPN instance view.
<Sysname> System-view
[Sysname] mpls ldp
[Sysname-ldp] vpn-instance vpn1
[Sysname-ldp-vpn-instance-vpn1]
Related commands
· ip vpn-instance
· mpls ldp
MPLS TE commands
The MPLS TE feature is available in Release 1138P01 and later versions.
auto-bandwidth enable
Use auto-bandwidth enable to enable automatic bandwidth adjustment globally, and configure the output rate sampling interval.
Use undo auto-bandwidth enable to disable automatic bandwidth adjustment.
Syntax
auto-bandwidth enable [ sample-interval seconds ]
undo auto-bandwidth enable
Default
The global auto bandwidth adjustment is disabled.
Views
MPLS TE view
Predefined user roles
network-admin
mdc-admin
Parameters
sample-interval seconds: Specifies an output rate sample interval for tunnels enabled with automatic bandwidth adjustment, in the range of 1 to 604800 seconds. The default sample interval is 300 seconds. As a best practice, use the default sample interval.
Usage guidelines
The automatic bandwidth adjustment feature measures the average output rate of a tunnel, and periodically tunes the bandwidth assigned to the tunnel based on the measurement results.
The output rate sampling feature calculates the average output rate of a tunnel based on the traffic passed through the tunnel interface during a sampling interval.
To use the automatic bandwidth adjustment feature for an MPLS TE tunnel, perform the following tasks:
1. Execute the auto-bandwidth enable command to enable this feature globally.
2. Execute the mpls te auto-bandwidth adjustment command in the tunnel interface view.
Examples
# Enable global auto bandwidth adjustment, and configure the output rate sampling interval on MPLS TE tunnel interfaces as 600 seconds.
<Sysname> system-view
[Sysname] mpls te
[Sysname-te] auto-bandwidth enable sample-interval 600
Related commands
· mpls te auto-bandwidth
· reset mpls te auto-bandwidth-adjustment timers
auto-tunnel backup
Use auto-tunnel backup to enable the automatic bypass tunnel setup feature (also called auto FRR) globally, and enter MPLS TE auto-FRR view.
Use undo auto-tunnel backup to disable the auto FRR feature globally.
Syntax
auto-tunnel backup
undo auto-tunnel backup
Default
The auto FRR feature is disabled globally.
Views
MPLS TE view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
After you execute the auto-tunnel backup command, and specify an interface number range for bypass tunnels by using the tunnel-number command, the local device (the PLR) automatically sets up two bypass tunnels for each of its primary CRLSPs: one for link protection and the other for node protection.
If the PLR is the penultimate node of a primary CRLSP, the PLR does not create a node-protection bypass tunnel for the primary CRLSP.
Execution of the undo auto-tunnel backup command deletes all existing bypass tunnels automatically created for MPLS TE auto FRR.
Examples
# Enable the automatic bypass tunnel setup feature globally, and enter MPLS TE auto-tunnel backup view.
<Sysname> system-view
[Sysname] mpls te
[Sysname-te] auto-tunnel backup
[Sysname-te-auto-bk]
Related commands
· mpls te auto-backup disable
· nhop-only
· timers removal unused
· tunnel-number
destination
Use destination to configure the destination address for a tunnel interface.
Use undo destination to restore the default.
Syntax
destination ip-address
undo destination
Default
No destination address is specified for a tunnel interface.
Views
Tunnel interface view
Predefined user roles
network-admin
mdc-admin
Parameters
ip-address: Specifies the tunnel destination IPv4 address.
Examples
# Configure the destination address of the interface Tunnel 1 as 193.101.1.1.
<Sysname> system-view
[Sysname] interface tunnel 1 mode mpls-te
[Sysname-Tunnel1] destination 193.101.1.1
Related commands
interface tunnel
disable
Use disable to disable the current explicit path.
Use undo disable to restore the default.
Syntax
disable
undo disable
Default
The explicit path is enabled.
Views
Explicit path view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
You can use the disable command to prevent an explicit path from being used by a tunnel during explicit path configuration.
Examples
# Disable the explicit path named path1.
<Sysname> system-view
[Sysname] explicit-path path1
[Sysname-explicit-path-path1] disable
display explicit-path
Use display explicit-path to display information about explicit paths.
Syntax
display explicit-path [ path-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
path-name: Displays information about the explicit path specified by its name, a case-sensitive string of 1 to 31 characters. If you do not specify an explicit path, this command displays information about all explicit paths.
Examples
# Display information about all explicit paths.
<Sysname> display explicit-path
Path Name: path1 Hop Count: 3 Path Status: Enabled
Index IP Address Hop Type Hop Attribute
1 1.1.1.1 Strict Include
101 2.2.2.2 Loose Include
201 3.3.3.3 - Exclude
Table 21 Command output
Field |
Description |
Path Name |
Name of the explicit path. |
Hop Count |
Number of nodes specified in the explicit path. |
Path Status |
Explicit path status: · Enabled—The explicit path is available. · Disabled—The explicit path is not available. |
Index |
Index of a node on the explicit path. |
IP Address |
IP address of a node on the explicit path. |
Hop Type |
Node type: · Strict—The node must be connected directly to its previous hop. · Loose—The node can be connected indirectly to its previous hop. |
Hop Attribute |
Node attribute: · Include—The node must be included in the explicit path. · Exclude—The node must not be included in the explicit path. |
display interface tunnel
Use display interface tunnel to display tunnel interface information, including destination address and tunnel mode.
Syntax
display interface [ tunnel [ number ] ] [ brief [ description | down ] ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
number: Specifies the number of an existing tunnel interface. If you do not specify the tunnel keyword, this command displays information about all interfaces on the device. If you specify the tunnel keyword without the number argument, this command displays information about all existing tunnel interfaces.
brief: Displays brief interface information. If you do not specify this keyword, the command displays detailed interface information.
description: Displays complete interface descriptions. If you do not specify this keyword, the command displays only the first 27 characters of interface descriptions.
down: Displays information about interfaces in the physical state of DOWN and the causes. If you do not specify this keyword, the command displays information about interfaces in all states.
Examples
# Display detailed information about interface Tunnel 1.
<Sysname> display interface tunnel 1
Tunnel1
Current state: UP
Line protocol state: UP
Description: Tunnel1 Interface
Bandwidth: 64kbps
Maximum Transmit Unit: 1496
Internet Address is 6.1.1.1/24 Primary
Tunnel source unknown, destination 3.3.3.3
Tunnel TTL 255
Tunnel protocol/transport CR_LSP
Output queue - Urgent queuing: Size/Length/Discards 0/100/0
Output queue - Protocol queuing: Size/Length/Discards 0/500/0
Output queue - FIFO queuing: Size/Length/Discards 0/75/0
Last clearing of counters: Never
Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec
Last 300 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec
Input: 0 packets, 0 bytes, 0 drops
Output: 0 packets, 0 bytes, 0 drops
Table 22 Command output
Field |
Description |
Tunnel1 |
Information about the tunnel interface Tunnel 1. |
Current state |
Physical link state of the tunnel interface: · Administratively DOWN—The interface has been shut down by using the shutdown command. · DOWN—The interface is administratively up, but its physical state is down (possibly because no physical link exists or the link has failed). · UP—The interface is both administratively and physically up. |
Line protocol state |
Data link layer state of the interface. The state is determined through automatic parameter negotiation at the data link layer. · UP—The data link layer protocol is up. · UP (spoofing)—The data link layer protocol is up, but the link is an on-demand link or does not exist. This attribute is typical of null interfaces and loopback interfaces. · DOWN—The data link layer protocol is down. |
Description |
Description of the tunnel interface. |
Bandwidth |
Expected bandwidth of the tunnel interface. |
Maximum Transmit Unit |
MTU of the tunnel interface. |
Internet protocol processing: Disabled |
The tunnel interface is not assigned an IP address and cannot process IP packets. |
Internet Address |
IP address of the tunnel interface. The primary attribute indicates that the address is the primary IP address. |
Tunnel source |
Source address of the tunnel. |
destination |
Destination address of the tunnel. |
Tunnel TTL |
TTL of tunneled packets. |
Tunnel protocol/transport |
Tunnel mode and transport protocol. The value is CR_LSP that indicates the MPLS TE tunnel mode. |
Last clearing of counters |
Last time when counters were cleared. |
Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec |
Average input rate in the last 300 seconds. |
Last 300 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec |
Average output rate in the last 300 seconds. |
Related commands
· destination
· interface tunnel
display isis mpls te advertisement
Use display isis mpls te advertisement to display link and node information in an IS-IS TEDB.
Syntax
display isis mpls te advertisement [ [ level-1 | level-2 ] | [ originate-system system-id | local ] | verbose ] * [ process-id ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
level-1: Displays link and node information for Level-1 routers.
level-2: Displays link and node information for Level-2 routers.
originate-system system-id: Displays link and node information advertised by the system specified by its system ID, in the format of XXXX.XXXX.XXXX.
local: Displays link and node information advertised by the local device.
verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information.
process-id: Specifies an IS-IS process by its ID in the range of 1 to 65535. If you do not specify an IS-IS process, this command displays link and node information for all IS-IS processes.
Usage guidelines
If you do not specify the level-1 or level-2 keyword, this command displays link and node information for both Level-1 and Level-2 routers.
If you do not specify the originate-system system-id option or the local keyword, this command displays link and node information advertised by all systems.
Examples
# Display brief link and node information in the IS-IS TEDB for Level-1 routers.
<Sysname> display isis mpls te advertisement level-1
TE information for IS-IS(1)
---------------------------
Level-1 TE node and link information
-------------------------------
Node total count : 2
Node index : 0
System ID : 0000.0000.0004
MPLS LSR ID : 4.4.4.4
Node flags : -/-/R/-
Link total count : 1
Link information :
Neighbour Frag ID Link Type Local Address Remote Address
0000.0000.0004.04 0x00 Broadcast 1.1.1.3
Node index : 1
System ID : 0000.0000.0001
MPLS LSR ID : 1.1.1.1
Node flags : -/-/R/-
Link total count : 1
Link information :
Neighbour Frag ID Link Type Local Address Remote Address
0000.0000.0004.04 0x00 Broadcast 1.1.1.1 --
# Display detailed link and node information in the IS-IS TEDB for Level-1 routers.
<Sysname> display isis mpls te advertisement level-1 local verbose
TE information for IS-IS(1)
---------------------------
Level-1 TE node and link information
-------------------------------
Node total count : 2
Node index : 0
System ID : 0000.0000.0004
MPLS LSR ID : 4.4.4.4
Node flags : -/-/R/-
Link total count : 1
Link information :
Link index : 0
Neighbor : 0000.0000.0004.04 Frag ID : 0x00
Link type : Broadcast Admin group : 0x00000000
IGP metric : 10 TE metric : 10
Link flags : -/-/-
Physical bandwidth: 12500000 bytes/sec
Reservable bandwidth: 0 bytes/sec
Unreserved bandwidth for each TE class:
TE class 0: 0 bytes/sec TE class 1: 0 bytes/sec
TE class 2: 0 bytes/sec TE class 3: 0 bytes/sec
TE class 4: 0 bytes/sec TE class 5: 0 bytes/sec
TE class 6: 0 bytes/sec TE class 7: 0 bytes/sec
TE class 8: 0 bytes/sec TE class 9: 0 bytes/sec
TE class 10: 0 bytes/sec TE class 11: 0 bytes/sec
TE class 12: 0 bytes/sec TE class 13: 0 bytes/sec
TE class 14: 0 bytes/sec TE class 15: 0 bytes/sec
Bandwidth constraint model: Prestandard DS-TE RDM
Bandwidth constraints:
BC[00]: 0 bytes/sec BC[01]: 0 bytes/sec
Local address: 1.1.1.3
Node index : 1
System ID : 0000.0000.0001
MPLS LSR ID : 1.1.1.1
Node flags : -/-/-/-
Link total count : 1
Link information :
Link index : 0
Neighbor : 0000.0000.0004.04 Frag ID : 0x00
Link type : Broadcast Admin group : 0x00000000
IGP metric: 10 TE metric : 10
Link flags: -/-/-
Physical bandwidth: 12500000 bytes/sec
Reservable bandwidth: 0 bytes/sec
Unreserved bandwidth for each TE class:
TE class 0: 0 bytes/sec TE class 1: 0 bytes/sec
TE class 2: 0 bytes/sec TE class 3: 0 bytes/sec
TE class 4: 0 bytes/sec TE class 5: 0 bytes/sec
TE class 6: 0 bytes/sec TE class 7: 0 bytes/sec
TE class 8: 0 bytes/sec TE class 9: 0 bytes/sec
TE class 10: 0 bytes/sec TE class 11: 0 bytes/sec
TE class 12: 0 bytes/sec TE class 13: 0 bytes/sec
TE class 14: 0 bytes/sec TE class 15: 0 bytes/sec
Bandwidth constraint model: Prestandard DS-TE RDM
Bandwidth constraints:
BC[00]: 0 bytes/sec BC[01]: 0 bytes/sec
Local address: 1.1.1.1
Table 23 Command output
Field |
Description |
|
TE information for IS-IS(1) |
TE information for IS-IS process 1. |
|
Node total count |
Total number of nodes that advertises TE information. |
|
Node flags |
Node information flags: · A—Already synchronizes the node information with CSPF. · S—Ready to synchronize the node information with CSPF again after the previous synchronization failed. · R—The node is reachable. · O—The node is overloaded. |
|
Link total count |
Total number of links advertised by the node. |
|
Link information |
Link information advertised by the node. |
|
Neighbor |
System ID of the neighbor. |
|
Frag ID |
LSP fragment number. |
|
Link type |
Link type, broadcast or P2P. |
|
Admin group |
Administrator group attribute of the link. |
|
Link flags |
Link information flags: · A—Already synchronizes link information with CSPF. · U—Ready to update link information with CSPF again after the previous update failed. · D—Ready to delete link information from CSPF again after the previous deletion failed. |
|
Bandwidth constraint model |
Bandwidth constraint model: · Prestandard DS-TE RDM. · IETF DS-TE RDM. · IETF DS-TE MAM. |
|
Local address |
Local IP address of the link. |
|
Remote address |
Remote IP address of the link. |
|
display isis mpls te configured-sub-tlvs
Use display isis mpls te configured-sub-tlvs to display sub-TLV information for IS-IS TE.
Syntax
display isis mpls te configured-sub-tlvs [ process-id ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
process-id: Specifies an IS-IS process by its ID in the range of 1 to 65535. If you do not specify an IS-IS process, this command displays sub-TLV information for all IS-IS processes.
Examples
# Display sub-TLV information for IS-IS TE.
<Sysname> display isis mpls te configured-sub-tlvs
TE sub-TLV information for IS-IS(1)
-----------------------------------
Type value of the unreserved sub-pool bandwidth sub-TLV : 251
Type value of the bandwidth constraint sub-TLV : 252
Table 24 Command output
Field |
Description |
TE Sub-TLV Information for IS-IS(1) |
DS-TE sub-TLV information for IS-IS process 1. |
display isis mpls te network
Use display isis mpls te network to display network information in an IS-IS TEDB.
Syntax
display isis mpls te network [ [ level-1 | level-2 ] | local | lsp-id lsp-id ] * [ process-id ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
level-1: Displays network information for Level-1 routers.
level-2: Displays network information for Level-2 routers.
local: Displays network information advertised by the local device.
lsp-id lsp-id: Displays network information for an LSP. The lsp-id argument is the LSP ID in the format of SYSID.Pseudonode ID-fragment num. SYSID represents the system ID of the node or pseudonode that generates the LSP. Pseudonode ID represents ID of the pseudonode. fragment num represents the fragment number of the LSP.
process-id: Specifies an IS-IS process by its ID in the range of 1 to 65535. If you do not specify an IS-IS process, this command displays network information for all IS-IS processes.
Usage guidelines
If you do not specify the level-1 or level-2 keyword, this command displays network information for both Level-1 and Level-2 routers.
If you do not specify the local keyword or the lsp-id lsp-id option, this command displays all TE network information.
Examples
# Display network information in IS-IS TEDBs.
<Sysname> display isis mpls te network
TE information for IS-IS(1)
--------------------------
Level-1 network information
---------------------------
LAN ID : 0000.0000.0004.04
Frag ID : 0x00
Flags : -/-/-
Attached routers : 0000.0000.0001
0000.0000.0004
Level-2 Network Information
---------------------------
LAN ID : 0000.0000.0004.04
Frag ID : 0x00
Flags : -/-/-
Attached routers : 0000.0000.0001
0000.0000.0004
Table 25 Command output
Field |
Description |
TE information for IS-IS(1) |
TE information for IS-IS process 1. |
LAN ID |
Broadcast network ID, in the format of System-ID.Pseudonode-ID. |
Frag ID |
LSP fragment number. |
Flags |
State flag for network information: · A—Already synchronizes network information with CSPF. · U—Ready to update network information with CSPF again after the previous update failed. · D—Ready to delete network information from CSPF again after the previous deletion failed. |
display isis mpls te tunnel
Use display isis mpls te tunnel to display MPLS TE tunnel interface information for IS-IS.
Syntax
display isis mpls te tunnel [ level-1 | level-2 ] [ process-id ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
level-1: Displays tunnel interface information for Level-1 routers.
level-2: Displays tunnel interface information for Level-2 routers.
process-id: Specifies an IS-IS process by its ID in the range of 1 to 65535. If you do not specify an IS-IS process, this command displays tunnel information for all IS-IS processes.
Usage guidelines
If you do not specify the level-1 or level-2 keyword, this command displays MPLS TE tunnel interface information for both IS-IS Level-1 and IS-IS Level-2 routers.
Examples
# Display MPLS TE tunnel interface information for IS-IS.
<Sysname> display isis mpls te tunnel
MPLS-TE tunnel information for IS-IS(1)
---------------------------------------
Level-1 Tunnel Statistics
-------------------------
Tunnel Name Auto Route Destination Metric
-----------------------------------------------------------------------
Tun0 Advertise 2.2.2.2 Relative 0
Level-2 Tunnel Statistics
-------------------------
Tunnel Name Auto Route Destination Metric
-----------------------------------------------------------------------
Tun0 Advertise 2.2.2.2 Relative 0
Table 26 Command output
Field |
Description |
MPLS-TE tunnel information for IS-IS(1) |
MPLS TE tunnel interface information for IS-IS process 1. |
Auto Route |
Automatic route advertisement method on the tunnel interface: · Advertise—Forwarding adjacency. · Shortcut—IGP shortcut. |
Destination |
Tunnel destination address. |
Metric |
Metric type and value configured on the tunnel interface: · Relative. · Absolute. |
display mpls te ds-te
Use display mpls te ds-te to display DS-TE information, including the DS-TE mode, bandwidth constraint (BC) model, and TE classes.
Syntax
display mpls te ds-te
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Examples
# Display DS-TE information.
<Sysname> display mpls te ds-te
MPLS LSR ID : 0.0.0.0
MPLS DS-TE mode : Prestandard
MPLS DS-TE BC model : RDM
TE Class Class Type Priority
0 0 0
1 0 1
2 0 2
3 0 3
4 0 4
5 0 5
6 0 6
7 0 7
8 1 0
9 1 1
10 1 2
11 1 3
12 1 4
13 1 5
14 1 6
15 1 7
Table 27 Command output
Field |
Description |
MPLS LSR ID |
MPLS LSR ID of the device. |
MPLS DS-TE mode |
DS-TE mode: Prestandard or IETF. |
MPLS DS-TE BC model |
DS-TE BC model: · RDM—Russian Dolls Model. · MAM—Maximum Allocation Model. |
TE Class |
Serial number of a TE class. |
display mpls te link-management bandwidth-allocation
Use display mpls te link-management bandwidth-allocation to display bandwidth information on MPLS TE-enabled interfaces.
Syntax
display mpls te link-management bandwidth-allocation [ interface interface-type interface-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
interface interface-type interface-number: Displays bandwidth information on the interface specified by its type and number. If you do not specify this option, the command displays bandwidth information on all interfaces enabled with MPLS TE.
Examples
# Display bandwidth information on all interfaces enabled with MPLS TE.
<Sysname> display mpls te link-management bandwidth-allocation
Interface: Vlan1
Max Link Bandwidth : 3200000 kbps
Max Reservable Bandwidth of Prestandard RDM : 2000000 kbps
Max Reservable Bandwidth of IETF RDM : 200000 kbps
Max Reservable Bandwidth of IETF MAM : 300000 kbps
Allocated Bandwidth-Item Count :1
Allocated Bandwidth :1000 kbps
Physical Link Status : Up
BC Prestandard RDM(kbps) IETF RDM(kbps) IETF MAM(kbps)
0 2000000 200000 2000
1 1000000 150000 2000
2 0 100000 2000
3 0 50000 2000
TE Class Class Type Priority BW Reserved(kbps) BW Available(kbps)
0 0 0 0 2000000
1 0 1 0 2000000
2 0 2 0 2000000
3 0 3 0 2000000
4 0 4 0 2000000
5 0 5 0 2000000
6 0 6 0 2000000
7 0 7 1000 1999000
8 1 0 0 1000000
9 1 1 0 1000000
10 1 2 0 1000000
11 1 3 0 1000000
12 1 4 0 1000000
13 1 5 0 1000000
14 1 6 0 1000000
15 1 7 0 1000000
Field |
Description |
Interface |
Interface enabled with MPLS TE. |
Max Link Bandwidth |
Maximum link bandwidth for MPLS TE traffic. |
Allocated Bandwidth-Item Count |
Number of CRLSPs that have successfully obtained bandwidth. |
· mpls te max-link-bandwidth
· mpls te max-reservable-bandwidth
· mpls te max-reservable-bandwidth mam
· mpls te max-reservable-bandwidth rdm
display mpls te tedb
Use display mpls te tedb to display MPLS TE database (TEDB) information.
Syntax
display mpls te tedb { { isis { level-1 | level-2 } | ospf area area-id } | link ip-address | network | node [ local | mpls-lsr-id ] | summary }
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
isis: Displays TEDB information for IS-IS.
level-1: Displays TEDB information for Level-1 routers.
level-2: Displays TEDB information for Level-2 routers.
ospf area area-id: Displays TEDB information for an OSPF area. The value range for the OSPF area ID is 0 to 4294967295.
link ip-address: Displays TEDB information for a link. The ip-address argument represents the IP address of the local interface on the link.
network: Displays TEDB information for all broadcast and NBMA networks.
node: Displays TEDB information for the local or specified node. If you do not specify the local keyword or the mpls-lsr-id argument, this command displays TEDB information for all nodes.
local: Displays TEDB information for the local node.
mpls-lsr-id: Displays TEDB information for the node specified by its MPLS LSR ID.
summary: Displays summary TEDB information.
Examples
# Display TEDB information for all broadcast and NBMA networks.
<Sysname> display mpls te tedb network
DR MPLS LSR-ID DR-address IGP Process-ID Area/Level Neighbors
8.1.1.2 3.0.0.2 OSPF 100 0 1.1.1.1
2.1.1.1
8.1.1.2
2.1.1.1 3.0.0.3 OSPF 100 0 2.1.1.1
3.1.1.1
2.1.1.2
3.1.1.2 3.0.0.4 OSPF 100 0 3.1.1.1
4.1.1.1
3.1.1.2
4.1.1.2 3.0.0.5 OSPF 100 0 4.1.1.1
5.1.1.1
4.1.1.2
5.1.1.2 3.0.0.6 OSPF 100 0 5.1.1.1
6.1.1.1
5.1.1.2
6.1.1.2 3.0.0.9 OSPF 100 0 6.1.1.1
7.1.1.1
6.1.1.2
7.1.1.1 12.0.0.7 OSPF 100 0 3.1.1.1
7.1.1.1
7.1.1.2
Table 29 Command output
Field |
Description |
DR MPLS LSR-ID |
MPLS LSR ID of a designated router (DR), in dotted decimal notation. |
DR-address |
Interface address of the DR. |
IGP |
Internal gateway protocol: OSPF or IS-IS. |
Process-ID |
IGP process ID. |
Area/Level |
OSPF area or IS-IS level of the router. |
Neighbors |
Router IDs of the routers that have formed full adjacencies with the DR, and router ID of the DR itself. |
# Display summary TEDB information.
<Sysname> display mpls te tedb summary
MPLS LSR-ID IGP Process-ID Area/Level Links-Count
1.1.1.1 OSPF 100 1001 20
1002 30
1003 40
1004 50
1007 70
1010 80
2.1.1.1 ISIS 100 Level-1 20
Level-1 30
3.1.1.1 OSPF 100 0 4
Table 30 Command output
Field |
Description |
MPLS LSR-ID |
MPLS LSR ID of a router, in dotted decimal notation. |
IGP |
Internal gateway protocol: OSPF or IS-IS. |
Process-ID |
IGP process ID. |
Area/Level |
OSPF area or IS-IS level of the router. |
Links-Count |
Number of links in an OSPF area or IS-IS level. |
# Display TEDB information for an OSPF area.
<Sysname> display mpls te tedb ospf area 1
Node information for OSPF area 1:
MPLS LSR-ID IGP Process-ID Area Links-Count
2.2.2.2 OSPF 100 1 1
3.3.3.3 OSPF 100 1 1
Network information for OSPF area 1:
DR MPLS LSR-ID DR-address IGP Process-ID Area Neighbors
3.3.3.3 20.1.1.2 OSPF 100 1 2.2.2.2
3.3.3.3
Table 31 Command output
Field |
Description |
MPLS LSR-ID |
MPLS LSR ID of a router, in dotted decimal notation. |
IGP |
Internal gateway protocol: OSPF or IS-IS. |
Process-ID |
IGP process ID. |
Area |
OSPF area of the router. |
Level |
IS-IS level of the router. |
Links-Count |
Number of links in the OSPF area or IS-IS level. |
DR MPLS LSR-ID |
MPLS LSR ID of a DR. |
DR-address |
Interface address of the DR. |
Neighbors |
Router IDs of the routers that have formed full adjacencies with the DR, and router ID of the DR itself. |
# Display TEDB information for the local node in prestandard mode.
<Sysname> display mpls te tedb node local
MPLS LSR-ID: 1.1.1.1
IGP Type: OSPF Process ID: 100 Area: 1
Link[1]:
Local IP Address: 2.0.1.33
Neighbor IP Address: 2.0.1.2
Neighbor MPLS LSR-ID: 1.1.1.2
Link Type: P2P Link Status: Inactive
IGP Metric: 100 TE Metric: 100 Link Attribute: 0xff
Maximum Link Bandwidth: 100 kbps
Maximum Reservable Bandwidth: 20 kbps
Bandwidth Constraint Model: Prestandard DS-TE RDM
Bandwidth Constraints:
BC[0]: 100 kbps
BC[1]: 20 kbps
Unreserved Bandwidth for each TE class:
TE class 0: 10 kbps
TE class 1: 10 kbps
TE class 2: 10 kbps
TE class 3: 10 kbps
TE class 4: 10 kbps
TE class 5: 10 kbps
TE class 6: 10 kbps
TE class 7: 10 kbps
TE class 8: 10 kbps
TE class 9: 10 kbps
TE class 10: 10 kbps
TE class 11: 10 kbps
TE class 12: 10 kbps
TE class 13: 10 kbps
TE class 14: 10 kbps
TE class 15: 10 kbps
MPLS LSR-ID: 1.1.1.1
IGP Type: ISIS Process ID: 100 Level: Level-1
Link[1]:
Local IP Address: 2.0.1.33
Neighbor IP Address: 2.0.1.2
Neighbor MPLS LSR-ID: 1.1.1.2
Link Type: P2P Link Status: Active
IGP Metric: 10 TE Metric: 10 Link Attribute: 0x11
Maximum Bandwidth: 100 (kbps)
Maximum Reservable Bandwidth: 100 (kbps)
Bandwidth Constraint Model: Prestandard DS-TE RDM
Bandwidth Constraints:
BC[0]: 100 kbps
BC[1]: 20 kbps
Unreserved Bandwidth for each TE Class:
TE class 0: 10 kbps
TE class 1: 10 kbps
TE class 2: 10 kbps
TE class 3: 10 kbps
TE class 4: 10 kbps
TE class 5: 10 kbps
TE class 6: 10 kbps
TE class 7: 10 kbps
TE class 8: 10 kbps
TE class 9: 10 kbps
TE class 10: 10 kbps
TE class 11: 10 kbps
TE class 12: 10 kbps
TE class 13: 10 kbps
TE class 14: 10 kbps
TE class 15: 10 kbps
Table 32 Command output
Field |
Description |
MPLS LSR-ID |
MPLS LSR ID of a router, in dotted decimal notation. |
IGP Type |
Internal gateway protocol: OSPF or IS-IS. |
Process ID |
IGP process ID. |
Area |
OSPF area of the router. |
Level |
IS-IS level of the router: Level-1 or Level-2. |
Link[n] |
Information about a link. n is the number of the link. |
Local IP Address |
Local interface address. |
Neighbor IP Address |
Remote interface address for a P2P or P2MP link. For an NBMA or a broadcast link, this field is blank. |
Link Type |
Link type: · P2P. · P2MP. · NBMA. · Broadcast. |
Link Status |
Link status: Active or Inactive. |
Bandwidth Constraint Model |
Bandwidth constraint model: · Prestandard DS-TE RDM. · IETF DS-TE RDM. · IETF DS-TE MAM. |
# Display TEDB information for the link connected to interface 20.1.1.1 in IETF DS-TE RDM model.
<Sysname> display mpls te tedb link 20.1.1.1
MPLS LSR-ID: 2.2.2.2
IGP Type: ISIS Process ID: 100 Level: Level-1
Local IP Address: 20.1.1.1
Neighbor MPLS LSR-ID: 20.1.1.2
Link Type: Broadcast Link Status: Active
IGP Metric: 10 TE Metric: 0 Link Attribute: 0x0
Maximum Bandwidth: 0 kbps
Maximum Reservable Bandwidth: 0 kbps
Bandwidth Constraint Model: IETF DS-TE RDM
Bandwidth Constraints:
BC[0] : 0 kbps
BC[1] : 0 kbps
BC[2] : 0 kbps
BC[3] : 0 kbps
Unreserved Bandwidth for each TE class:
TE class 0: 0 kbps
TE class 1: 0 kbps
TE class 2: 0 kbps
TE class 3: 0 kbps
TE class 4: 0 kbps
TE class 5: 0 kbps
TE class 6: 0 kbps
TE class 7: 0 kbps
Table 33 Command output
Field |
Description |
MPLS LSR-ID |
MPLS LSR ID of a router, in dotted decimal notation. |
IGP Type |
Internal gateway protocol: OSPF or IS-IS. |
Process ID |
IGP process ID. |
Area |
OSPF area of the router. |
Level |
IS-IS level of the router: Level-1 or Level-2. |
Local IP Address |
Local interface address. |
Neighbor IP Address |
Remote interface address for a P2P or P2MP link. For an NBMA or a broadcast link, this field is blank. |
Link Type |
Link type: · P2P. · P2MP. · NBMA. · Broadcast. |
Link Status |
Link status: Active or Inactive. |
Bandwidth Constraint Mode |
Bandwidth constraint model: · Prestandard DS-TE RDM. · IETF DS-TE RDM. · IETF DS-TE MAM. |
display mpls te tunnel-interface
Use display mpls te tunnel-interface to display information about MPLS TE tunnel interfaces.
Syntax
display mpls te tunnel-interface [ tunnel number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
tunnel number: Displays information about the tunnel interface specified by its number. The tunnel interface must already have been created. If you do not specify this option, the command displays information about all MPLS TE tunnel interfaces.
Examples
# Display information about all MPLS TE tunnel interfaces.
<Sysname> display mpls te tunnel-interface
Tunnel Name : Tunnel 0
Tunnel State : Up (Main CRLSP up)
Tunnel Attributes :
LSP ID : 1 Tunnel ID : 0
Admin State : Normal
Ingress LSR ID : 1.1.1.1 Egress LSR ID : 3.3.3.3
Signaling : Static Static CRLSP Name : static-cr-lsp-1
Resv Style : -
Tunnel mode : -
Reverse-LSP name : -
Reverse-LSP LSR ID : - Reverse-LSP Tunnel ID: -
Class Type : - Tunnel Bandwidth : -
Reserved Bandwidth : -
Setup Priority : 0 Holding Priority : 0
Affinity Attr/Mask : -/-
Explicit Path : -
Backup Explicit Path : -
Metric Type : TE
Record Route : - Record Label : -
FRR Flag : - Bandwidth Protection : Disabled
Backup Bandwidth Flag: Disabled Backup Bandwidth Type: -
Backup Bandwidth : -
Bypass Tunnel : No Auto Created : No
Route Pinning : -
Retry Limit : 10 Retry Interval : 2 sec
Reoptimization : - Reoptimization Freq : -
Backup Type : - Backup LSP ID : -
Auto Bandwidth : - Auto Bandwidth Freq : -
Min Bandwidth : - Max Bandwidth : -
Collected Bandwidth : -
Table 34 Command output
Field |
Description |
Tunnel Name |
Name of the tunnel interface. |
Tunnel State |
Running state of the tunnel: Down or Up. Description information includes: · Main CRLSP down. · Main CRLSP up. · Main CRLSP being set up. · Shared-resource CRLSP down. · Shared-resource CRLSP up. · Shared-resource CRLSP being set up. · Shared-resource CRLSP being activated. · Shared-resource CRLSP switching to Main CRLSP. · Backup CRLSP down. · Backup CRLSP up. · Backup CRLSP being set up. · Reverse CRLSP down. · Reverse CRLSP up. · Reverse CRLSP being set up. |
Admin State |
Administrative state of the tunnel interface: · Normal—The interface is not shut down by the shutdown command. · Shutdown—The tunnel interface is shut down by the shutdown command. |
Signaling |
Signaling protocol used to set up the tunnel: RSVP-TE or Static. |
Static CRLSP Name |
Static CRLSP referenced by the tunnel. |
Resv Style |
Resource reservation style: FF or SE. |
Tunnel Mode |
Tunnel mode of the bidirectional tunnel: · Co-routed, active—The device is the active end of the co-routed bidirectional tunnel. · Co-routed, passive—The device is the passive end of the co-routed bidirectional tunnel. · Associated—The tunnel is an associated bidirectional tunnel. |
Reverse-LSP Name |
Name of the associated reverse LSP. |
Reverse-LSP LSR ID |
LSR ID of the reverse LSP. This field has a value for the LSR of an associated reverse LSP and the passive end of the co-routed bidirectional tunnel. For other LSPs, this field displays a hyphen (-). |
Reverse-LSP Tunnel ID |
Tunnel ID of the reverse LSP. This field has a value for an associated reverse LSP and the passive end of the co-routed bidirectional tunnel. For other LSPs, this field displays a hyphen (-). |
Class Type |
CT of the tunnel: CT 0, CT 1, CT 2, or CT 3. |
Tunnel Bandwidth |
Bandwidth required by the tunnel, in kbps. |
Reserved Bandwidth |
Bandwidth reserved for the tunnel, in kbps. |
Setup Priority |
Tunnel setup priority. |
Holding Priority |
Tunnel holding priority. |
Affinity Attr/Mask |
Tunnel affinity attribute and mask. |
Explicit Path Name |
Name of the explicit path referenced by the tunnel. If the path used by the tunnel is not an explicit path, this field displays a hyphen (-). |
Backup Explicit Path |
Name of the explicit path referenced by the backup tunnel. If the path used by the backup tunnel is not an explicit path, this field displays a hyphen (-). |
Metric Type |
Link metric type used for tunnel path selection, TE or IGP. |
Bandwidth Protection |
Whether FRR needs bandwidth protection, Enabled or Disabled. |
Backup Bandwidth Flag |
Whether the bandwidth and the type of CRLSPs that the bypass tunnel can protect have been configured (by using the mpls te backup bandwidth command): · Enabled—Configured. · Disabled—Not configured. |
Backup Bandwidth Type |
Class type of the traffic on the primary tunnel that the bypass tunnel can protect. |
Backup Bandwidth |
Bandwidth that the bypass tunnel can protect, in kbps. |
Bypass Tunnel |
Whether it is a bypass tunnel: Yes or No. |
Auto Created |
Whether the bypass tunnel is automatically created: Yes or No. |
Retry Limit |
Maximum number of tunnel setup retries. |
Retry Interval |
Tunnel setup retry interval, in seconds. |
Reoptimization Freq |
Tunnel reoptimization frequency, in seconds. |
Backup Type |
CRLSP backup mode: · None—CRLSP backup is disabled. · Hot Standby. · Ordinary. |
Backup LSP ID |
LSP ID of the backup tunnel. |
Auto Bandwidth |
State of the automatic bandwidth adjustment feature. |
Auto Bandwidth Freq |
Automatic bandwidth adjustment interval, in seconds. |
Min Bandwidth |
Minimum bandwidth (in kbps) that can be applied to the tunnel by automatic bandwidth adjustment. |
Max Bandwidth |
Maximum bandwidth (in kbps) that can be applied to the tunnel by automatic bandwidth adjustment. |
Collected Bandwidth |
Current output rate, in kbps. |
display ospf mpls te advertisement
Use display ospf mpls te advertisement to display link and node information in an OSPF TEDB.
Syntax
display ospf [ process-id ] [ area area-id ] mpls te advertisement [ originate-router advertising-router-id | self-originate ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
process-id: Specifies an OSPF process ID in the range of 1 to 65535. If you do not specify this argument, the command displays information about all OSPF processes.
area area-id: Specifies an area by its ID, an IP address or a decimal integer, in the range of 0 to 4294967295. If you specify an integer, the system will translate the integer into the IP address format. If you do not specify this option, the command displays information about all areas.
originate-router advertising-router-id: Displays information originated from a router specified by its router ID.
self-originate: Displays information generated by the local router.
Examples
# Display link and node information for all processes in all areas.
<Sysname> display ospf mpls te advertisement
OSPF Process 1 with Router ID 2.2.2.2
Traffic Engineering Database
Area: 0.0.0.1
Adv Router ID : 1.1.1.1
MPLS LSR ID : 1.1.1.1
Flags : A/S/R
Router Address Count : 1
Router Address Index : 0
Instance ID : 0.0.0.0
MPLS LSR ID : 1.1.1.1
Link Count : 1
Link Index : 0
Link Type : Broadcast
Instance ID : 0.0.0.1
Link Flags : -/U/-
Link ID : 197.168.1.1
TE Metric : 1000
IGP Metric : 1000
Maximum Bandwidth : 12500000 bytes/sec
Maximum Reservable BW : 0 bytes/sec
Administrative Group : 0x0
Unreserved Bandwidth for each TE Class:
TE class 0 = 0 bytes/sec
TE class 1 = 0 bytes/sec
TE class 2 = 0 bytes/sec
TE class 3 = 0 bytes/sec
TE class 4 = 0 bytes/sec
TE class 5 = 0 bytes/sec
TE class 6 = 0 bytes/sec
TE class 7 = 0 bytes/sec
TE class 8 = 0 bytes/sec
TE class 9 = 0 bytes/sec
TE class 10 = 0 bytes/sec
TE class 11 = 0 bytes/sec
TE class 12 = 0 bytes/sec
TE class 13 = 0 bytes/sec
TE class 14 = 0 bytes/sec
TE class 15 = 0 bytes/sec
Bandwidth Constraint Model: Prestandard DS-TE RDM
Bandwidth Constraints:
BC [ 0] = 0 bytes/sec
BC [ 1] = 0 bytes/sec
Local Interface Address : 197.168.1.1
Remote Interface Address : 197.168.1.11
Table 35 Command output
Field |
Description |
Adv Router ID |
ID of the router that advertises the information. |
MPLS LSR ID |
MPLS LSR ID of the router that advertises the information. |
Flags |
TE information flags: · A—Already synchronizes the information with CSPF. · S—Be ready to synchronize the information with CSPF. · R—The route to the router that advertises the information is reachable. |
Router Address Count |
Number of Router TLV messages in TEDB. |
Router Address Index |
Index of the current Router TLV message. |
Instance ID |
LSA instance ID. |
Link Count |
Number of Link TLV messages in TEDB. |
Link Index |
Index of the current Link TLV message. |
Link Type |
Link types: · Point to Point. · Point to Multi Point. · Broadcast. · NBMA. |
Link Flags |
Link information flags: · A—Already synchronizes the information with CSPF. · U—Updates the information with CSPF again after the previous update failed. · D—Deletes the information from CSPF again after the previous deletion failed. |
Link ID |
Link state ID. |
IGP Metric |
OSPF protocol metric. |
Administrative Group |
Link attributes. |
Bandwidth Constraint Model |
Bandwidth constraint model, Prestandard DS-TE RDM, IETF DS-TE RDM, or IETF DS-TE MAM. |
Bandwidth Constraints |
This field takes effect only on DS-TEs. |
BC |
Bandwidth constraint value. The Prestandard mode supports two BCs, and the IETF mode supports four BCs. |
display ospf mpls te network
Use display ospf mpls te network to display network information in an OSPF TEDB.
Syntax
display ospf [ process-id ] [ area area-id ] mpls te network [ originate-router advertising-router-id | self-originate ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
process-id: Specifies an OSPF process ID in the range of 1 to 65535. If you do not specify this argument, the command displays information about all OSPF processes.
area area-id: Specifies an area by its ID, an IP address or a decimal integer, in the range of 0 to 4294967295. If you specify an integer, the system will translate the integer into the IP address format. If you do not specify this option, the command displays information about all areas.
originate-router advertising-router-id: Displays information originated from a router specified by its router ID.
self-originate: Displays information generated by the local router.
Examples
# Display network information for all processes in all areas.
<Sysname> display ospf mpls te network
OSPF Process 1 with Router ID 12.1.1.1
Traffic Engineering Network
Area: 0.0.0.0
Adv Router ID : 1.1.1.1
Designated Router : 197.168.1.1
Flags : -/U/-
Attached Router 2.2.2.2
Attached Router 1.1.1.1
Table 36 Command output
Field |
Description |
Adv Router ID |
ID of the router that advertises the information. |
Designated Router |
IP address of the designated router. |
Flag |
Network information flags: · A—Already synchronizes the information with CSPF. · U—Updates the information with CSPF again after the previous update fails. · D—Deletes the information from CSPF again after the previous deletion fails. |
Attached Router |
ID of the attached router. |
display ospf mpls te tunnel
Use display ospf mpls te tunnel to display MPLS TE tunnel interface information for OSPF.
Syntax
display ospf [ process-id ] [ area area-id ] mpls te tunnel
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
process-id: Specifies an OSPF process ID in the range of 1 to 65535. If you do not specify this argument, the command displays information about all OSPF processes.
area area-id: Specifies an area by its ID, an IP address or a decimal integer, in the range of 0 to 4294967295 . If you specify an integer, the system will translate the integer into the IP address format. If you do not specify this option, the command displays information about all areas.
Examples
# Display MPLS TE tunnel interface information for all OSPF processes in all areas.
<Sysname> display ospf mpls te tunnel
OSPF Process 1 with Router ID 2.2.2.2
Traffic Engineering Tunnel
Area: 0.0.0.1
Interface: Tunnel1 (12.1.1.2)
State: Inactive
Neighbor ID: 0.0.0.0 Cost: 0
Destination: 125.1.1.1
Auto Route: IGP Shortcut
Metric: Relative 10
Table 37 Command output
Field |
Description |
Interface |
Name and IP address of a tunnel interface. |
State |
Tunnel interface states: · Inactive—The tunnel interface is not used to forward packets, because the tunnel route is not the optimal route. · Active—The tunnel interface is used to forward packets, because the tunnel route is the optimal route. |
Neighbor ID |
Router ID for the tunnel destination. |
Cost |
Route cost of the tunnel interface. |
Destination |
LSR ID for the tunnel destination. |
Auto Route |
Automatic route advertisement method, IGP Shortcut or IGP Advertise. IGP Advertise indicates that forwarding adjacency is enabled. |
Metric |
Absolute or relative metric of the MPLS TE tunnel. |
ds-te bc-model
Use ds-te bc-model to specify the bandwidth constraint (BC) model used in IETF DS-TE.
Use undo ds-te bc-model to restore the default.
Syntax
ds-te bc-model mam
undo ds-te bc-model
Default
The BC model of IETF DS-TE is Russian Dolls Model (RDM).
Views
MPLS TE view
Predefined user roles
network-admin
mdc-admin
Parameters
mam: Specifies the BC model as Maximum Allocation Model (MAM).
Usage guidelines
RDM does not define the bandwidth for one class type (CT) but limits the shared bandwidth for multiple CTs. In cooperation with priority preemption, the RDM model can also implement the isolation between CTs, ensuring each CT its share of bandwidth. RDM is suitable for networks where traffic is unstable and traffic bursts might occur.
MAM constrains the bandwidth for only one CT on an interface. This ensures isolation between CTs no matter whether preemption is used or not. Compared with RDM, MAM is easy to understand and configure. MAM is suitable for networks where traffic of each CT is stable.
This command applies only to IETF DS-TE. The prestandard DS-TE only uses RDM.
After you change the BC model in IETF DS-TE mode, all nonzero-bandwidth CRLSPs on the device are deleted and then re-established.
Examples
# Specify the BC model of IETF DS-TE as MAM.
<Sysname> system-view
[Sysname] mpls te
[Sysname-te] ds-te bc-model mam
Related commands
· display mpls te ds-te
· ds-te mode
ds-te te-class
Use ds-te te-class to configure a TE class used in IETF DS-TE mode.
Use undo ds-te te-class to restore the default.
Syntax
ds-te te-class te-class-index class-type class-type-number priority priority-number
undo ds-te te-class te-class-index
Default
Table 38 Default TE classes in IETF mode
TE class |
CT |
Priority |
0 |
0 |
7 |
1 |
1 |
7 |
2 |
2 |
7 |
3 |
3 |
7 |
4 |
0 |
0 |
5 |
1 |
0 |
6 |
2 |
0 |
7 |
3 |
0 |
Views
MPLS TE view
Predefined user roles
network-admin
mdc-admin
Parameters
te-class-index: Specifies a TE class index in the range of 0 to 7.
class-type class-type-number: Specifies a CT by its number in the range of 0 to 3. The system supports four CTs, CT 0 through CT 3.
priority priority-number: Specifies a priority number in the range of 0 to 7.
Usage guidelines
For a traffic trunk from a CT, the setup or/and holding priority of the LSP transporting the traffic trunk must be the priority specified for the CT in the TE class.
Follow these guidelines:
· When you use the ds-te te-class command to configure a TE class, make sure to specify a CT-priority pair different from that in any existing TE class.
· When you use the undo ds-te te-class command to restore the default settings for a TE class, make sure the default CT and priority values of the TE class are not the same as those of an existing TE class.
· After a TE class is modified, the device notifies the IGP to re-advertise the bandwidth information of all TE interfaces, and removes and then re-establishes the CRLSPs of the TE class on all TE interfaces.
Examples
# Specify CT 2 and priority 3 for TE class 7 in IETF DS-TE mode.
<Sysname> system-view
[Sysname] mpls te
[Sysname-mpls] ds-te te-class 7 class-type 2 priority 3
Related commands
· display mpls te ds-te
· ds-te mode
ds-te mode
Use ds-te mode to configure the DS-TE mode.
Use undo ds-te mode to restore the default.
Syntax
ds-te mode ietf
undo ds-te mode
Default
The DS-TE mode is prestandard.
Views
MPLS TE view
Predefined user roles
network-admin
mdc-admin
Parameters
ietf: Specifies the DS-TE mode as IETF.
Usage guidelines
The prestandard and IETF modes of DS-TE have the following differences:
· The prestandard mode supports two CTs (CT 0 and CT 1), eight priorities, and up to 16 TE classes. The IETF mode supports four CTs (CT 0 through CT 3), eight priorities, and up to eight TE classes.
· The prestandard mode does not allow you to configure TE classes. The IETF mode allows for TE class configuration.
· The prestandard mode supports only RDM. The IETF mode supports both RDM and MAM.
· A device operating in prestandard mode cannot communicate with devices from some vendors. A device operating in IETF mode can communicate with devices from other vendors.
Be aware of these differences and choose a proper DS-TE mode as needed.
After the DS-TE mode is changed, all CRLSPs on the device are deleted and then re-established.
Examples
# Configure the DS-TE mode as IETF.
<Sysname> system-view
[Sysname] mpls te
[Sysname-te] ds-te mode ietf
Related commands
· display mpls te ds-te
· ds-te bc-model
explicit-path
Use explicit-path to create an explicit path and enter its view.
Use undo explicit-path to remove an explicit path.
Syntax
explicit-path path-name
undo explicit-path path-name
Default
No explicit path exists on the device.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
path-name: Specifies a name for the explicit path, a case-sensitive string of 1 to 31 characters.
Usage guidelines
In explicit path view, you can use the nexthop command to explicitly specify a node or link that a tunnel must or must not traverse.
Examples
# Create an explicit path named path1 and enter its view.
<Sysname> system-view
[Sysname] explicit-path path1
[Sysname-explicit-path-path1]
Related commands
· display explicit-path
· mpls te backup-path
· mpls te path
· nexthop
fast-reroute timer
Use fast-reroute timer to configure the interval for selecting an optimal bypass tunnel.
Use undo fast-reroute timer to restore the default.
Syntax
fast-reroute timer interval
undo fast-reroute timer
Default
The optimal bypass tunnel selection interval is 300 seconds.
Views
MPLS TE view
Predefined user roles
network-admin
mdc-admin
Parameters
interval: Specifies the interval for selecting an optimal bypass tunnel, in the range of 0 to 604800 seconds. If you set the interval to 0 seconds, RSVP does not periodically select an optimal bypass tunnel.
Usage guidelines
If you have specified multiple bypass tunnels for a primary CRLSP, MPLS TE selects an optimal bypass tunnel to protect the primary CRLSP. Sometimes, a bypass tunnel might become better than the current optimal bypass tunnel because, for example, the reservable bandwidth changes. Therefore, MPLS TE needs to poll the bypass tunnels periodically to update the optimal bypass tunnel.
|
NOTE: After traffic is switched from the primary CRLSP to a bypass tunnel, MPLS TE no longer periodically selects optimal bypass tunnels for the primary CRLSP. |
Examples
# Set the optimal bypass tunnel selection interval to 120 seconds.
<Sysname> system-view
[Sysname] mpls te
[Sysname-te] fast-reroute timer 120
interface tunnel
Use interface tunnel to create a tunnel interface, specify the tunnel mode, and enter tunnel interface view.
Use undo interface tunnel to delete a tunnel interface.
Syntax
interface tunnel tunnel-number [ mode mpls-te ]
undo interface tunnel tunnel-number
Default
No tunnel interfaces exist.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
tunnel-number: Specifies the number of the tunnel interface.
mode mpls-te: Specifies the MPLS TE tunnel mode.
Usage guidelines
To create a new tunnel interface, you must specify the tunnel mode in this command. To enter the view of an existing tunnel interface, you do not need to specify the tunnel mode.
A tunnel interface number is locally significant. The tunnel interfaces on the two ends of a tunnel can use the same or different interface numbers.
Examples
# Create the MPLS TE tunnel interface Tunnel 1 and enter tunnel interface view.
<Sysname> system-view
[Sysname] interface tunnel 1 mode mpls-te
[Sysname-Tunnel1]
Related commands
destination
link-management periodic-flooding timer
Use link-management periodic-flooding timer to configure the interval at which IGP floods TE information.
Use undo link-management periodic-flooding timer to restore the default.
Syntax
link-management periodic-flooding timer interval
undo link-management periodic-flooding timer
Default
The IGP floods TE information every 180 seconds.
Views
MPLS TE view
Predefined user roles
network-admin
mdc-admin
Parameters
interval: Specifies the interval at which IGP floods TE information, in the range of 0 to 3600, in seconds.
Usage guidelines
When the reservable bandwidth of a link changes, IGP floods the link TE information to notify network devices of the change. You can use the mpls te bandwidth change thresholds command to configure IGP to flood only significant bandwidth changes of a link to prevent excessive IGP flooding. The bandwidth changes that cannot trigger immediate flooding are flooded at the interval configured by the link-management periodic-flooding timer command.
If you set the interval to 0, the periodical flooding feature is disabled. If you set the interval to a value less than 30 seconds (1 to 29 seconds), the device automatically sets the interval to 30 seconds.
After you execute this command, the configured interval takes effect immediately.
Examples
# Configure IGP to flood TE information every 100 seconds.
<Sysname> system-view
[Sysname] mpls te
[Sysname-te] link-management periodic-flooding timer 100
Related commands
mpls te bandwidth change thresholds
mpls te
Use mpls te to enable MPLS TE for the local node and enter MPLS TE view.
Use undo mpls te to disable MPLS TE for the local node.
Syntax
mpls te
undo mpls te
Default
MPLS TE is disabled.
Views
System view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
Disabling MPLS TE also deletes all CRLSPs on the device and MPLS TE configurations on all interfaces.
Examples
# Enable MPLS TE for the local node and enter MPLS TE view.
<Sysname> system-view
[Sysname] mpls lsr-id 1.1.1.9
[Sysname] mpls te
[Sysname-te]
Related commands
mpls te enable
mpls te affinity-attribute
Use mpls te affinity-attribute to configure an affinity for a tunnel.
Use undo mpls te affinity-attribute to restore the default.
Syntax
mpls te affinity-attribute attribute-value [ mask mask-value ]
undo mpls te affinity-attribute
Default
The affinity is 0x00000000, and the mask is 0x00000000. That is, a tunnel can use any link.
Views
Tunnel interface view
Predefined user roles
network-admin
mdc-admin
Parameters
attribute-value: Specifies the affinity value in the range of 0x00000000 to 0xFFFFFFFF. An affinity is a 32-bit binary number. Each bit of the affinity represents an attribute, which takes a value of 0 or 1.
mask mask-value: Specifies the mask of the affinity bits, in the range of 0x00000000 to 0xFFFFFFFF. A mask is a 32-bit binary number. Each bit of the mask determines whether to check the corresponding bit of the link attribute. If the mask bit is 1, the corresponding link attribute bit must be checked with the affinity bit and the link can be used by the tunnel only when the link attribute bit meets certain requirements. If the mask bit is 0, the corresponding link attribute bit is not checked.
Usage guidelines
Affinity determines which links a tunnel can use. The affinity attribute and its mask, and the link attribute are all 32-bit long. A link is available for a tunnel if the link attribute meets the following requirements:
· The link attribute bits corresponding to the affinity attribute's 1 bits whose mask bits are 1 must have at least one bit set to 1.
· The link attribute bits corresponding to the affinity attribute's 0 bits whose mask bits are 1 must have no bit set to 1.
The link attribute bits corresponding to the 0 bits in the affinity mask are not checked.
For example, if the affinity is 0xFFFFFFF0 and the mask is 0x0000FFFF, a link is available for the tunnel when its attribute bits meet the following requirements:
· The highest 16 bits each can be 0 or 1 (no requirements).
· The 17th through 28th bits must have at least one bit whose value is 1.
· The lowest four bits must be 0.
Examples
# Configure the tunnel affinity as 0x101 and mask as 0x303, so a link is available for the tunnel only when the link attribute bits (from left to right) meet the following requirements: the 23rd bit is 0, the 31st bit is 0, and at least one bit from the 24th to 32nd bits must be 1.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te affinity-attribute 101 mask 303
Related commands
· display mpls te tunnel-interface
· mpls te link-attribute
mpls te auto-bandwidth
Use mpls te auto-bandwidth to enable automatic bandwidth adjustment or output rate collection for an MPLS TE tunnel.
Use undo mpls te auto-bandwidth to disable automatic bandwidth adjustment or output rate collection for an MPLS TE tunnel.
Syntax
mpls te auto-bandwidth { adjustment [ frequency seconds ] [ max-bw max-bandwidth | min-bw min-bandwidth ] * | collect-bw [ frequency seconds ] }
undo mpls te auto-bandwidth
Default
Automatic bandwidth adjustment and output rate collection are disabled for an MPLS TE tunnel.
Views
Tunnel interface view
Predefined user roles
network-admin
mdc-admin
Parameters
adjustment: Enables automatic bandwidth adjustment for the tunnel.
collect-bw: Enables output rate collection for the tunnel, but does not adjust the tunnel's bandwidth.
frequency seconds: Specifies the automatic bandwidth adjustment interval (with the adjustment keyword) or the output rate collection interval (with the collect-bw keyword). The value range for the seconds argument is 300 to 604800, in seconds. The default interval is 86400 seconds (24 hours).
max-bw max-bandwidth: Specifies the maximum automatic bandwidth for the tunnel, in the range of 1 to 4294967295, in kbps. If you do not specify this option, TE does not limit the maximum bandwidth value.
min-bw min-bandwidth: Specifies the minimum automatic bandwidth for the tunnel, in the range of 1 to 4294967295, in kbps. If you do not specify this option, TE does not limit the minimum bandwidth value.
Usage guidelines
Automatic bandwidth adjustment functions as follows:
1. Samples the tunnel interface output rate at regular intervals.
The sampling interval is specified by using the auto-bandwidth enable command.
2. Calculates the average output rate in each sampling interval.
3. Adjusts the MPLS TE tunnel bandwidth to the maximum average output rate when the automatic bandwidth adjustment interval is reached.
The maximum average output rate refers to the largest of all average output rates calculated in the sampling intervals during the automatic bandwidth adjustment interval. As a best practice, set the bandwidth adjustment interval to a value at least 3 times the sampling interval to get the accurate output rate.
4. Establishes a new CRLSP based on the adjusted bandwidth.
5. Switches traffic to the new CRLSP, and then deletes the old CRLSP.
The output rate collection feature collects the tunnel output rate regularly at the specified collection interval. The collected output rate is the largest of all average output rates calculated in the sampling intervals during the collection interval.
To enable MPLS TE to adjust bandwidth or samples the output rate for an MPLS TE tunnel, perform the following tasks:
· Enable the global automatic bandwidth adjustment by using the auto-bandwidth enable command in MPLS TE view.
· Enable automatic bandwidth adjustment or output rate sampling for the MPLS TE tunnel by using the mpls te auto-bandwidth command.
In the same tunnel interface view, the mpls te auto-bandwidth command is mutually exclusive with these commands: mpls te reoptimization, mpls te route-pinning, mpls te backup, and mpls te resv-style ff.
Examples
# Enable automatic bandwidth adjustment for MPLS TE tunnel 0, and set the adjustment interval to 3600 seconds.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te auto-bandwidth adjustment frequency 3600
Related commands
· display mpls te tunnel-interface
· auto-bandwidth enable
· reset mpls te auto-bandwidth-adjustment timers
mpls te auto-tunnel backup disable
Use mpls te auto-tunnel backup disable to disable the auto FRR feature on an interface.
Use undo mpls te auto-tunnel backup disable to enable the auto FRR feature on an interface.
Syntax
mpls te auto-tunnel backup disable
undo mpls te auto-tunnel backup disable
Default
The auto FRR feature is enabled on all RSVP-enabled interfaces after it is enabled globally.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
The auto FRR feature allows an interface to automatically set up a node-protection bypass tunnel and a link-protection bypass tunnel for each of its primary CRLSPs. The egress interface of the primary CRLSPs is the interface itself.
Bypass tunnels are set up before the primary CRLSP fails. Therefore, they use extra bandwidth. To save network bandwidth, configure auto FRR only for key interfaces. On other interfaces, use the mpls te auto-tunnel backup disable command to disable the interfaces from automatically setting up bypass tunnels.
Execution of the mpls te auto-tunnel backup disable command deletes all existing bypass tunnels automatically created on the interface.
Examples
# Disable auto FRR for interface VLAN-interface 10.
<Sysname> system-view
[Sysname] interface vlan-interface 10
[Sysname-Vlan-interface10] mpls te auto-tunnel backup disable
Related commands
auto-tunnel backup
mpls te backup
Use mpls te backup to enable CRLSP backup and specify the backup mode for a tunnel.
Use undo mpls te backup to disable CRLSP tunnel backup.
Syntax
mpls te backup { hot-standby | ordinary }
undo mpls te backup
Default
Tunnel backup is disabled.
Views
Tunnel interface view
Predefined user roles
network-admin
mdc-admin
Parameters
hot-standby: Enables hot backup for the tunnel. In this mode, a backup CRLSP is established immediately after the primary CRLSP is established. When the primary CRLSP fails, MPLS TE immediately switches traffic to the backup CRLSP.
ordinary: Enables ordinary backup for the tunnel. In this mode, a backup CRLSP is established after the primary CRLSP fails.
Usage guidelines
When backup is enabled for a tunnel, the record route flag is automatically set for the tunnel, regardless of whether the mpls te record-route command is configured.
In the same tunnel interface view, the mpls te backup command cannot be used together with the mpls te reoptimization, mpls te auto-bandwidth adjustment, and mpls te resv-style ff commands.
Examples
# Enable hot backup for tunnel 0.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te backup hot-standby
Related commands
mpls te backup-path
mpls te backup bandwidth
Use mpls te backup bandwidth to configure the bandwidth and the CT that the bypass tunnel can protect.
Use undo mpls te backup bandwidth to restore the default.
Syntax
mpls te backup bandwidth [ ct0 | ct1 | ct2 | ct3 ] { bandwidth | un-limited }
undo mpls te backup bandwidth
Default
The bandwidth and the CT that the bypass tunnel can protect are not specified.
Views
Tunnel interface view
Predefined user roles
network-admin
mdc-admin
Parameters
bandwidth: Specifies the total bandwidth that the bypass tunnel can protect, in the range of 1 to 4294967295, in kbps.
ct0: Specifies the bypass tunnel to protect only CRLSPs of CT 0.
ct1: Specifies the bypass tunnel to protect only CRLSPs of CT 1.
ct2: Specifies the bypass tunnel to protect only CRLSPs of CT 2.
ct3: Specifies the bypass tunnel to protect only CRLSPs of CT 3.
un-limited: Puts no limit on total protected bandwidth. This keyword means the bypass tunnel does not provide bandwidth protection.
Usage guidelines
If you specify the un-limited keyword, the bypass tunnel does not provide bandwidth protection. FRR does not guarantee the bandwidth of the protected tunnels. If the sum of traffic of the protected tunnels exceeds the actual bandwidth of the bypass tunnel, traffic of protected tunnels might be lost. The primary CRLSP that does not need bandwidth protection prefers this type of bypass tunnels over other types of bypass tunnels.
If you specify the bandwidth argument, the bypass tunnel provides bandwidth protection. The primary CRLSP that needs bandwidth protection prefers this type of bypass tunnels over other types of bypass tunnels. If you set the value for the bandwidth argument to 0, the bypass tunnel performs best-effort forwarding for the traffic of primary CRLSP, and the occupied bandwidth is not fixed. Therefore, this type of bypass tunnel cannot protect a primary CRLSP with the bandwidth 0 or a primary CRLSP whose bandwidth exceeds the protected bandwidth.
If no CT is specified, CRLSPs of all CTs can use the bypass tunnel.
The bandwidth value specified is used only for calculating and determining the bandwidth protection relationship between a primary CRLSP and a bypass tunnel. The bandwidth is not reserved on the bypass tunnel.
The specified bandwidth value must be less than the actual bandwidth of the bypass tunnel. Otherwise, the bypass tunnel will be overwhelmed after FRR, and the protected tunnel might be torn down.
After an FRR, the primary CRLSP will be down if you modify the bandwidth that the bypass tunnel can protect and your modification results in one of the following:
· The CT type changes.
· The bypass tunnel cannot protect adequate bandwidth as configured.
· FRR protection type (whether or not to provide bandwidth protection for the primary CRLSP) changes.
After you configure the mpls te backup bandwidth command for a tunnel, the record route flag is automatically set for the tunnel, regardless of whether the mpls te record-route command is configured.
Examples
# Configure Tunnel 0 to provide protection for CRLSPs of CT 0 without constraining the protected bandwidth. Configure Tunnel 1 to provide protection for CRLSPs of CT 1 and protect up to 1000 kbps bandwidth.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te backup bandwidth ct0 un-limited
[Sysname-Tunnel0] quit
[Sysname] interface tunnel 1
[Sysname-Tunnel1] mpls te backup bandwidth ct1 1000
Related commands
· display mpls te tunnel-interface
· mpls te fast-reroute
mpls te backup-path
Use mpls te backup-path to specify a path for the backup CRLSP and set the preference of the path.
Use undo mpls te backup-path to delete a path for the backup CRLSP.
Syntax
mpls te backup-path preference value { dynamic | explicit-path path-name } [ no-cspf ]
undo mpls te backup-path preference value
Default
MPLS TE uses the dynamically calculated path to establish the backup CRLSP.
Views
Tunnel interface view
Predefined user roles
network-admin
mdc-admin
Parameters
preference value: Sets a preference value for the specified path, in the range of 1 to 10. A smaller value represents a higher preference.
dynamic: Uses the dynamically calculated path to establish the backup CRLSP.
explicit-path path-name: Uses the specified explicit path to establish the backup CRLSP. The path-name argument specifies the name of an explicit path, a case-sensitive string of 1 to 31 characters.
no-cspf: Calculates the path by searching the routing table instead of using the CSPF algorithm.
Usage guidelines
You can specify up to 10 backup paths for a tunnel interface. The backup paths must have different preferences.
When establishing a backup CRLSP, MPLS TE performs CSPF calculations using the specified paths in the preference order from high to low until the backup CRLSP is established successfully. If the CSPF calculations for all paths are failed, the backup CRLSP cannot be established.
This command takes effect only when backup has been enabled for the current tunnel by using the mpls te backup command.
Examples
# Configure that interface Tunnel 0 can use explicit path path1 and the dynamically calculated path to establish a backup CRLSP, and set a higher preference for the explicit path.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te backup-path preference 1 explicit-path path1
[Sysname-Tunnel0] mpls te backup-path preference 2 dynamic
Related commands
· display mpls te tunnel-interface
· mpls te backup
· mpls te path
mpls te bandwidth
Use mpls te bandwidth to assign bandwidth to the MPLS TE tunnel and specify a class type (CT) for the tunnel.
Use undo mpls te bandwidth to restore the default.
Syntax
mpls te bandwidth [ ct0 | ct1 | ct2 | ct3 ] bandwidth
undo mpls te bandwidth
Default
No bandwidth (0 bps) is assigned to an MPLS TE tunnel and the tunnel is available for CT 0.
Views
Tunnel interface view
Predefined user roles
network-admin
mdc-admin
Parameters
ct0: Specifies CT 0 for the tunnel.
ct1: Specifies CT 1 for the tunnel.
ct2: Specifies CT 2 for the tunnel.
ct3: Specifies CT 3 for the tunnel.
bandwidth: Specifies the bandwidth required by the MPLS TE tunnel, in the range of 1 to 4294967295, in kbps.
Usage guidelines
If you do not specify a CT for the tunnel, the tunnel is available for CT 0.
If the bandwidth required by the MPLS TE tunnel is more than 1024 kbps, set the bandwidth to a multiple of 1024 kbps.
This command applies only to the MPLS TE tunnels established by RSVP-TE. The bandwidth and CT of an MPLS TE tunnel established by using a static CRLSP are determined by the static-cr-lsp ingress command.
Examples
# Assign 1000 kbps bandwidth to MPLS TE tunnel 0 and specify the CT of the tunnel as CT 1.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te bandwidth ct1 1000
Related commands
· display mpls te tunnel-interface
· mpls te max-link-bandwidth
· mpls te max-reservable-bandwidth
· mpls te max-reservable-bandwidth mam
· mpls te max-reservable-bandwidth rdm
mpls te bandwidth change thresholds
Use mpls te bandwidth change thresholds to configure the bandwidth up/down threshold for the IGP to flood TE information.
Use undo mpls te bandwidth change thresholds to restore the default.
Syntax
mpls te bandwidth change thresholds { down | up } percent
undo mpls te bandwidth change thresholds { down | up }
Default
The IGP floods the TE information when the bandwidth increases or decreases by 10% of the link reservable bandwidth.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
down: Configures the bandwidth decrease percentage threshold that triggers the IGP to flood TE information. When the percentage of the link reservable-bandwidth decrease to the maximum link reservable bandwidth reaches or exceeds the threshold, the IGP floods the TE information and updates the TE database (TEDB).
up: Configures the bandwidth increase percentage threshold that triggers the IGP to flood TE information. When the percentage of the link reservable-bandwidth increase to the maximum link reservable bandwidth reaches or exceeds the threshold, the IGP floods the TE information and updates the TEDB.
percent: Specifies the IGP flooding threshold in the range of 0% to 100%.
Usage guidelines
When the reservable bandwidth of a link changes, the IGP floods the link TE information to notify network devices of the change. To avoid frequent TE information flooding from affecting the network performance, you can use this command to configure the IGP to flood only significant bandwidth changes of a link.
Examples
# On interface VLAN-interface 10, configure the IGP to flood TE information when the link available bandwidth decreases by 100%.
<Sysname> system-view
[Sysname] interface vlan-interface 10
[Sysname-Vlan-interface10] mpls te bandwidth change thresholds down 100
Related commands
link-management periodic-flooding timer
mpls te bidirectional
Use mpls te bidirectional to enable the bidirectional tunnel feature on an MPLS TE tunnel interface.
Use undo mpls te bidirectional to restore the default.
Syntax
mpls te bidirectional { associated reverse-lsp { lsp-name lsp-name | lsr-id ingress-lsr-id tunnel-id tunnel-id } | co-routed { active | passive reverse-lsp lsr-id ingress-lsr-id tunnel-id tunnel-id } }
undo mpls te bidirectional
Default
The bidirectional tunnel feature is disabled on an MPLS TE tunnel interface. A tunnel established on an MPLS TE tunnel interface is a unidirectional MPLS TE tunnel.
Views
Tunnel interface view
Predefined user roles
network-admin
mdc-admin
Parameters
associated reverse-lsp lsp-name lsp-name: Configures an associated bidirectional MPLS TE tunnel, and specifies the associated reverse CRLSP. The lsp-name argument specifies the name of a static CRLSP (the reverse CRLSP), a case-sensitive string of 1 to 15 characters.
associated reverse-lsp lsr-id ingress-lsr-id tunnel-id tunnel-id: Configures an associated bidirectional MPLS TE tunnel, and specifies the associated reverse CRLSP. The ingress-lsr-id argument specifies the LSR ID of the ingress node of the reverse CRLSP and the tunnel-id argument specifies the tunnel ID of the reverse CRLSP.
co-routed: Configures a co-routed bidirectional MPLS TE tunnel.
active: Specifies the local end as the active end of the co-routed bidirectional MPLS TE tunnel.
passive reverse-lsp lsr-id ingress-lsr-id tunnel-id tunnel-id: Specifies the local end as the passive end of the co-routed bidirectional MPLS TE tunnel, and specifies the associated reverse CRLSP. The ingress-lsr-id argument specifies the LSR ID of the ingress node of the reverse CRLSP and the tunnel-id argument specifies the tunnel ID of the reverse CRLSP. You must specify a reverse CRLSP on the passive end, so that the CRLSP and the reverse CRLSP are associated to form a bidirectional MPLS TE tunnel.
Usage guidelines
A bidirectional MPLS TE tunnel can be established in co-routed mode or associated mode.
· Co-routed mode uses the extended RSVP-TE protocol to establish a bidirectional MPLS TE tunnel. To establish a co-routed bidirectional MPLS TE tunnel, you must configure one end of the tunnel as the active end and the other as the passive end.
· In associated mode, you establish a bidirectional MPLS TE tunnel by binding two unidirectional CRLSPs in opposite directions. The two CRLSPs can be established in different modes and use different paths. For example, one CR-LSP is established statically and the other CR-LSP is established dynamically by RSVP-TE.
Follow these guidelines when setting up a bidirectional MPLS TE tunnel:
· To create a bidirectional MPLS TE tunnel, you must disable the PHP feature on both ends of the tunnel to assign non-null labels to the penultimate hop.
· To set up a bidirectional MPLS TE tunnel in co-routed mode, you must specify the signaling protocol as RSVP-TE, and configure the resources reservation style as FF for the tunnel.
· To set up a bidirectional MPLS TE tunnel in associated mode and use RSVP-TE to set up one CRLSP of the tunnel, you must configure the resources reservation style as FF for the CRLSP.
Examples
· Configure an MPLS TE bidirectional tunnel between Sysname1 and Sysname2 in co-routed mode:
# Configure Sysname1 as follows:
¡ Enable the MPLS TE bidirectional tunnel feature on tunnel interface Tunnel 0.
¡ Configure Sysname1 as the active end of the co-routed bidirectional tunnel.
<Sysname1> system-view
[Sysname1] interface tunnel 0 mode mpls-te
[Sysname1-Tunnel0] destination 10.0.0.2
[Sysname1-Tunnel0] mpls te bidirectional co-routed active
# Configure Sysname2 as follows:
¡ Enable the MPLS TE bidirectional tunnel feature on tunnel interface Tunnel 1.
¡ Configure Sysname2 as the passive end of the co-routed bidirectional tunnel.
¡ Specify the ingress node's LSR ID of the reverse CRLSP as 10.0.0.1—the LSR ID of Sysname1.
¡ Specify the tunnel ID of the reverse CRLSP as 0—the tunnel ID configured on Sysname1.
<Sysname2> system-view
[Sysname2] interface tunnel 1 mode mpls-te
[Sysname2-Tunnel1] destination 10.0.0.1
[Sysname2-Tunnel1] mpls te bidirectional co-routed passive reverse-lsp lsr-id 10.0.0.1 tunnel-id 0
· Configure an MPLS TE bidirectional tunnel between Sysname1 and Sysname2 in associated mode:
# Configure Sysname1 as follows:
¡ Enable the MPLS TE bidirectional tunnel feature on tunnel interface Tunnel 0.
¡ Configure the tunnel establishment mode as associated.
¡ Specify the ingress node's LSR ID of the reverse CRLSP as 10.0.0.2—the LSR ID of Sysname2.
¡ Specify the tunnel ID of the reverse CRLSP as 1—the tunnel ID configured on Sysname2.
<Sysname1> system-view
[Sysname1] interface tunnel 0 mode mpls-te
[Sysname1-Tunnel0] destination 10.0.0.2
[Sysname1-Tunnel0] mpls te bidirectional associated reverse-lsp lsr-id 10.0.0.2 tunnel-id 1
# Configure Sysname2 as follows:
¡ Enable the MPLS TE bidirectional tunnel feature on tunnel interface Tunnel 1.
¡ Configure the tunnel establishment mode as associated.
¡ Specify the ingress node's LSR ID of the reverse CRLSP as 10.0.0.1—the LSR ID of Sysname1.
¡ Specify the tunnel ID of the reverse CRLSP as 0—the tunnel ID configured on Sysname1.
<Sysname2> system-view
[Sysname2] interface tunnel 1 mode mpls-te
[Sysname2-Tunnel1] destination 10.0.0.1
[Sysname2-Tunnel1] mpls te bidirectional associated reverse-lsp lsr-id 10.0.0.1 tunnel-id 0
Related commands
display mpls te tunnel-interface
mpls te enable (interface view)
Use mpls te enable to enable MPLS TE on an interface.
Use undo mpls te enable to disable MPLS TE on an interface.
Syntax
mpls te enable
undo mpls te enable
Default
MPLS TE is disabled on an interface.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
After you enable MPLS TE on an interface by using the mpls te enable command, the interface can serve as part of an MPLS TE tunnel.
After you execute the undo mpls te enable command on an interface, MPLS TE is disabled on the interface and all CRLSPs on the interface are deleted.
Examples
# Enable MPLS TE on interface VLAN-interface 10.
<Sysname> system-view
[Sysname] interface vlan-interface 10
[Sysname-Vlan-interface10] mpls te enable
Related commands
· display mpls te link-management bandwidth-allocation
· mpls te
mpls te enable (IS-IS view)
Use mpls te enable to enable MPLS TE for the current IS-IS process.
Use undo mpls te enable to restore the default.
Syntax
mpls te enable [ level-1 | level-2 ]
undo mpls te enable [ level-1 | level-2 ]
Default
MPLS TE is disabled for an IS-IS process.
Views
IS-IS view
Predefined user roles
network-admin
mdc-admin
Parameters
level-1: Enables MPLS TE for IS-IS at Level-1.
level-2: Enables MPLS TE for IS-IS at Level-2.
Usage guidelines
If you do not specify an IS-IS level, this command enables MPLS TE for IS-IS at both Level-1 and Level-2.
IS-IS TE uses a sub-TLV of the extended IS reachability TLV (type 22) to carry TE attributes. Because the extended IS reachability TLV carries wide metrics, specify a wide metric-compatible metric style for the IS-IS process before enabling IS-IS TE. Available metric styles for IS-IS TE include wide, compatible, or wide-compatible. For more information about IS-IS, see Layer 3—IP Routing Configuration Guide.
If you execute this command multiple times, the most recent configuration takes effect. For example, if you first execute the mpls te enable command and then the mpls te enable level-1 command, MPLS TE is enabled for Level-1 and disabled for Level-2.
After you enable MPLS TE for both Level-1 and Level-2 by using the mpls te enable command, executing the undo mpls te enable level-1 command disables MPLS TE for Level-1, and MPLS TE is still enabled for Level-2. Similarly, the undo mpls te enable level-2 command only disables MPLS TE for Level-2.
Examples
# Enable MPLS TE for IS-IS process 1 at Level-2.
<Sysname> system-view
[Sysname] isis 1
[Sysname-isis-1] cost-style compatible
[Sysname-isis-1] mpls te enable level-2
Related commands
cost-style (Layer 3—IP Routing Command Reference)
mpls te enable (OSPF area view)
Use mpls te enable to enable MPLS TE for an OSPF area.
Use undo mpls te enable to restore the default.
Syntax
mpls te enable
undo mpls te enable
Default
MPLS TE is disabled for an OSPF area.
Views
OSPF area view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
OSPF TE uses Type-10 opaque LSAs to carry the TE attributes for a link. Before you configure OSPF TE, you must enable opaque LSA advertisement and reception by using the opaque-capability enable command. For more information about opaque LSA advertisement and reception, see Layer 3—IP Routing Configuration Guide.
Examples
# Enable MPLS TE for OSPF process 1 in OSPF area 1.
<Sysname> system-view
[Sysname] ospf 1
[Sysname-ospf-1] area 1
[Sysname-ospf-1-area-0.0.0.1] mpls te enable
Related commands
opaque-capability enable (Layer 3—IP Routing Command Reference)
mpls te fast-reroute
Use mpls te fast-reroute to enable the fast reroute (FRR) feature.
Use undo mpls te fast-reroute to disable FRR.
Syntax
mpls te fast-reroute [ bandwidth ]
undo mpls te fast-reroute
Default
Views
Tunnel interface view
Predefined user roles
network-admin
mdc-admin
Parameters
bandwidth: Provides bandwidth protection for the primary CRLSP. If you do not specify this keyword, bandwidth protection is not provided for the primary CRLSP.
Usage guidelines
FRR provides a quick link or node protection on a CRLSP. FRR traffic switching can happen in as fast as 50 milliseconds, minimizing data loss.
After FRR is enabled for an MPLS TE tunnel, once a link or node fails on the primary CRLSP, FRR reroutes the traffic to a bypass tunnel and the ingress node attempts to set up a new CRLSP. After the new CRLSP is set up successfully, traffic is forwarded on the new CRLSP.
When a primary CRLSP does not need bandwidth protection, it prefers to use a bypass tunnel that does not provide bandwidth protection. No bandwidth guarantee is required after FRR.
When a primary CRLSP needs bandwidth protection, it prefers to use the bypass tunnel that can protect bandwidth as much as possible to provide bandwidth guarantee after FRR.
Regardless of whether or not a primary CRLSP requires bandwidth protection, the following will occur when the primary CRLSP is bound to a bypass tunnel that provides bandwidth protection:
· The bypass tunnel will reserve the protected bandwidth for the primary CRLSP.
· The RRO message of the PLR will carry the bandwidth protection flag.
After FRR is enabled for a tunnel, the label recording feature is automatically enabled for the tunnel, regardless of whether the mpls te record-route label command is configured.
In the same tunnel interface view, FRR cannot be used together with the mpls te resv-style ff command.
Examples
# Enable FRR for interface Tunnel 0.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te fast-reroute
Related commands
· display mpls te tunnel-interface
· mpls te backup bandwidth
mpls te fast-reroute bypass-tunnel
Use mpls te fast-reroute bypass-tunnel to specify a bypass tunnel for an interface.
Use undo mpls te fast-reroute bypass-tunnel to delete a bypass tunnel for an interface.
Syntax
mpls te fast-reroute bypass-tunnel tunnel tunnel-number
undo mpls te fast-reroute bypass-tunnel tunnel tunnel-number
Default
No bypass tunnel is specified for an interface.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
tunnel tunnel-number: Specifies a bypass tunnel by the tunnel interface number in the range of 0 to 9214.
Usage guidelines
The protected interface (where the command is executed) is the outgoing interface of a primary CRLSP. When the outgoing interface is down or a neighbor failure is detected through the BFD or hello mechanism, the traffic of the primary CRLSP is switched to the bypass tunnel.
When you use this command, follow these restrictions and guidelines:
· You can specify up to three bypass tunnels for an interface.
· A bypass tunnel can protect up to three interfaces.
· The bypass tunnel specified by this command must be established by RSVP.
· The protected interface must not be the outgoing interface of a bypass tunnel.
Examples
# Configure tunnel interface Tunnel 0 as the bypass tunnel for VLAN-interface 10.
<Sysname> system-view
[Sysname] interface vlan-interface 10
[Sysname-Vlan-interface10] mpls te fast-reroute bypass-tunnel tunnel 0
Related commands
fast-reroute timer
mpls te igp advertise
Use mpls te igp advertise to enable forwarding adjacency for an MPLS TE tunnel, so IGP advertises the MPLS TE tunnel as a link in the IGP network.
Use undo mpls te igp advertise to restore the default.
Syntax
mpls te igp advertise [ hold-time value ]
undo mpls te igp advertise
Default
Forwarding adjacency is disabled for an MPLS TE tunnel and IGP does not advertise the tunnel as a link.
Views
Tunnel interface view
Predefined user roles
network-admin
mdc-admin
Parameters
hold-time value: Specifies the period of time that IGP waits to advertise an MPLS TE tunnel up/down state change. The value range is 0 to 4294967295 milliseconds. The default value is 0, which means when the MPLS TE tunnel state changes, IGP immediately advertises the state change.
Usage guidelines
Forwarding adjacency is an approach to direct traffic to an MPLS TE tunnel.
After forwarding adjacency is enabled on the tunnel ingress node, the ingress node advertises the MPLS TE tunnel as a link in the network through the IGP. Therefore, all devices in the IGP network can use the MPLS TE tunnel in their IGP route calculation.
To make forwarding adjacency take effect, you must establish two MPLS TE tunnels in opposite directions between two nodes, and enable forwarding adjacency on both the nodes.
On the same tunnel interface, the mpls te igp advertise command and the mpls te igp shortcut command cannot both take effect. The newly configured command overwrites the previous command.
Examples
# Enable forwarding adjacency for MPLS TE tunnel 0, and configure the wait time before advertising a tunnel state change as 10000 milliseconds.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te igp advertise hold-time 10000
Related commands
· mpls te igp metric
· mpls te igp shortcut
mpls te igp metric
Use mpls te igp metric to assign a metric to an MPLS TE tunnel.
Use undo mpls te igp metric to restore the default.
Syntax
mpls te igp metric { absolute value | relative value }
undo mpls te igp metric
Default
The metric of an MPLS TE tunnel equals its IGP metric.
Views
Tunnel interface view
Predefined user roles
network-admin
mdc-admin
Parameters
absolute value: Assigns an absolute metric to the MPLS TE tunnel, an integer in the range of 1 to 65535. An absolute metric is directly used as the MPLS TE tunnel's metric.
relative value: Assigns a relative metric to the MPLS TE tunnel, an integer in the range of –10 to +10. The MPLS TE tunnel's metric is the assigned metric value plus the IGP metric.
Usage guidelines
When IGP shortcut is enabled for an MPLS TE tunnel, the tunnel is included in the IGP route calculation as a link. You can use this command to configure the metric of this link used for IGP route calculation.
Examples
# Assign MPLS TE tunnel interface Tunnel0 a relative metric of –1 for route calculation in IGP shortcut mechanism.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te igp metric relative -1
Related commands
mpls te igp shortcut
mpls te igp shortcut
Use mpls te igp shortcut to enable IGP shortcut for an MPLS TE tunnel. The tunnel ingress node includes the MPLS TE tunnel in the IGP route calculation as a link.
Use undo mpls te igp shortcut to restore the default.
Syntax
mpls te igp shortcut [ isis | ospf ]
undo mpls te igp shortcut
Default
IGP shortcut is disabled for an MPLS TE tunnel. The ingress node does not include the MPLS TE tunnel in the IGP route calculation.
Views
Tunnel interface view
Predefined user roles
network-admin
mdc-admin
Parameters
isis: Specifies IS-IS as the IGP.
ospf: Specifies OSPF as the IGP.
Usage guidelines
IGP shortcut is a method to direct traffic to an MPLS TE tunnel.
After IGP shortcut is enabled on the tunnel ingress node, IGP shortcut does not advertise the MPLS TE tunnel as a link through the IGP. Only the ingress node includes the MPLS TE tunnel in route calculation. Other devices do not consider the MPLS TE tunnel in route calculation.
If you do not specify the IGP in this command, both OSPF and IS-IS will include the MPLS TE tunnel in route calculation.
On the same tunnel interface, the mpls te igp advertise command and the mpls te igp shortcut command cannot both take effect. The newly configured command overwrites the previous command.
Examples
# Enable IGP shortcut for MPLS TE tunnel 0, so the ingress node of the tunnel considers the tunnel as a link in the OSPF and IS-IS route calculation.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te igp shortcut
Related commands
· mpls te igp advertise
· mpls te igp metric
mpls te link-attribute
Use mpls te link-attribute to configure the link attribute.
Use undo mpls te link-attribute to restore the default.
Syntax
mpls te link-attribute attribute-value
undo mpls te link-attribute
Default
The link attribute value is 0x00000000.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
attribute-value: Specifies the link attribute value in the range of 0x00000000 to 0xFFFFFFFF. A link attribute value is a 32-bit binary number. Each bit represents an attribute with a value of 0 or 1.
Usage guidelines
The TE information of a link advertised by the IGP includes the link attribute configured by this command. After receiving the link TE information, the ingress node of an MPLS TE tunnel determines whether the link can be used to establish the MPLS TE tunnel according to the configured tunnel affinity attribute, the affinity mask, and the link attribute. A link is available for a tunnel if the following requirements are met:
· The link attribute bits corresponding to the affinity attribute's 1 bits whose mask bits are 1 must have at least one bit set to 1.
· The link attribute bits corresponding to the affinity attribute's 0 bits whose mask bits are 1 must have no bit set to 1.
The link attribute bits corresponding to the 0 bits in the affinity mask are not checked.
For example, if the affinity is 0xFFFFFFF0 and the mask is 0x0000FFFF, a link is available for the tunnel when its link attribute bits meet the following requirements:
· The highest 16 bits each can be 0 or 1 (no requirements).
· The 17th through 28th bits must have at least one bit whose value is 1.
· The lowest four bits must be 0.
Examples
# On interface VLAN-interface 10, configure the link attribute as 0x00000101.
<Sysname> system-view
[Sysname] interface vlan-interface 10
[Sysname-Vlan-interface10] mpls te link-attribute 101
Related commands
mpls te affinity-attribute
mpls te loop-detection
Use mpls te loop-detection to enable loop detection during establishment of an MPLS TE tunnel.
Use undo mpls te loop-detection to disable loop detection for the MPLS TE tunnel.
Syntax
mpls te loop-detection
undo mpls te loop-detection
Default
Loop detection is disabled for an MPLS TE tunnel.
Views
Tunnel interface view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
When loop detection is enabled on the ingress node of an MPLS TE tunnel, the route recording feature is automatically enabled for the tunnel, regardless of whether you have configured the mpls te record-route command. When establishing the MPLS TE tunnel, each node of the tunnel detects whether a loop has occurred according to the recorded route information.
Examples
# Enable loop detection for establishing MPLS TE tunnel 0.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te loop-detection
mpls te max-link-bandwidth
Use mpls te max-link-bandwidth to configure the maximum bandwidth for MPLS TE traffic on an interface.
Use undo mpls te max-link-bandwidth to restore the default.
Syntax
mpls te max-link-bandwidth bandwidth-value
undo mpls te max-link-bandwidth
Default
The maximum link bandwidth for MPLS TE traffic is 0 kbps.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
bandwidth-value: Specifies the maximum link bandwidth in the range of 1 to 4294967295 kbps.
Usage guidelines
The device carries the maximum link bandwidth in advertised IGP routes. The tunnel ingress node can obtain the information and use the information in CSPF calculation to select a path that meets the tunnel bandwidth requirements.
Examples
# On interface VLAN-interface 10, configure the maximum link bandwidth for MPLS TE traffic as 1158 kbps.
<Sysname> system-view
[Sysname] interface vlan-interface 10
[Sysname-Vlan-interface10] mpls te max-link-bandwidth 1158
Related commands
· display mpls te link-management bandwidth-allocation
· mpls te bandwidth
· mpls te max-reservable-bandwidth
· mpls te max-reservable-bandwidth mam
· mpls te max-reservable-bandwidth rdm
mpls te max-reservable-bandwidth
Use mpls te max-reservable-bandwidth to configure the maximum reservable bandwidth of the link (BC 0) and BC 1 in prestandard DS-TE RDM model.
Use undo mpls te max-reservable-bandwidth to restore the default.
Syntax
mpls te max-reservable-bandwidth bandwidth-value [ bc1 bc1-bandwidth ]
undo mpls te max-reservable-bandwidth
Default
The maximum reservable bandwidth of a link is 0 kbps and BC 1 is 0 kbps.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
bandwidth-value: Specifies the maximum reservable bandwidth of the link (the value of BC 0), in the range of 1 to 4294967295 kbps.
bc1 bc1-bandwidth: Specifies the value of BC 1, in the range of 1 to 4294967295 kbps. The default value is 0.
Usage guidelines
The device carries the bandwidth values configured by this command in IGP route advertisements. The tunnel ingress node can obtain the information and use the information in CSPF calculation to select a path that meets the tunnel bandwidth requirements.
The maximum reservable bandwidth of a link (bandwidth-value) cannot be greater than the maximum bandwidth of the link (configured with the mpls te max-link-bandwidth command). The value of BC 1 (bc1-bandwidth) cannot be greater than the maximum reservable bandwidth of the link (bandwidth-value).
The bandwidth values configured by this command are only for MPLS TE traffic.
Examples
# Configure the link maximum reservable bandwidth as 1158 kbps and BC 1 as 200 kbps for MPLS TE traffic in prestandard DS-TE RDM model.
<Sysname> system-view
[Sysname] interface vlan-interface 10
[Sysname-Vlan-interface10] mpls te max-reservable-bandwidth 1158 bc1 200
Related commands
· display mpls te link-management bandwidth-allocation
· mpls te bandwidth
· mpls te max-link-bandwidth
· mpls te max-reservable-bandwidth mam
· mpls te max-reservable-bandwidth rdm
mpls te max-reservable-bandwidth mam
Use mpls te max-reservable-bandwidth mam to configure the maximum reservable bandwidth of the link and the BCs in MAM model of the IETF DS-TE.
Use undo mpls te max-reservable-bandwidth mam to restore the default.
Syntax
mpls te max-reservable-bandwidth mam bandwidth-value { bc0 bc0-bandwidth | bc1 bc1-bandwidth | bc2 bc2-bandwidth | bc3 bc3-bandwidth } *
undo mpls te max-reservable-bandwidth mam
Default
The maximum reservable bandwidth of a link is 0 kbps and each BC is 0 kbps.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
bandwidth-value: Specifies the maximum reservable bandwidth of the link, in the range of 1 to 4294967295 kbps.
bc0 bc0-bandwidth: Specifies the value of BC 0, in the range of 1 to 4294967295 kbps. By default, BC 0 is 0 kbps.
bc1 bc1-bandwidth: Specifies the value of BC 1, in the range of 1 to 4294967295 kbps. By default, BC 1 is 0 kbps.
bc2 bc2-bandwidth: Specifies the value of BC 2, in the range of 1 to 4294967295 kbps. By default, BC 2 is 0 kbps.
bc3 bc3-bandwidth: Specifies the value of BC 3, in the range of 1 to 4294967295 kbps. By default, BC 3 is 0 kbps.
Usage guidelines
The device carries the bandwidth values configured by this command in IGP route advertisements. The tunnel ingress node can obtain the information and use the information in CSPF calculation to select a path that meets the tunnel bandwidth requirements.
The maximum reservable bandwidth of a link (bandwidth-value) cannot be greater than the maximum bandwidth of the link (configured with the mpls te max-link-bandwidth command). Each BC (bc0-bandwidth, bc1-bandwidth, bc2-bandwidth and bc3-bandwidth) cannot be greater than the maximum reservable bandwidth of the link (bandwidth-value).
The maximum reservable bandwidth and BCs configured by this command are only for MPLS TE traffic.
Examples
# Configure the link maximum reservable bandwidth as 1158 kbps and BC 0 through BC 3 as 500 kbps, 300 kbps, 400 kbps, and 100 kbps for MPLS TE traffic in IETF DS-TE MAM model.
<Sysname> system-view
[Sysname] interface vlan-interface 10
[Sysname-Vlan-interface10] mpls te max-reservable-bandwidth mam 1158 bc0 500 bc1 300 bc2 400 bc3 100
Related commands
· display mpls te link-management bandwidth-allocation
· mpls te bandwidth
· mpls te max-link-bandwidth
· mpls te max-reservable-bandwidth
· mpls te max-reservable-bandwidth rdm
mpls te max-reservable-bandwidth rdm
Use mpls te max-reservable-bandwidth rdm to configure the BCs in IETF DS-TE RDM model.
Use undo mpls te max-reservable-bandwidth rdm to restore the default.
Syntax
mpls te max-reservable-bandwidth rdm bandwidth-value [ bc1 bc1-bandwidth ] [ bc2 bc2-bandwidth ] [ bc3 bc3-bandwidth ]
undo mpls te max-reservable-bandwidth rdm
Default
Each BC is 0 kbps.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
bandwidth-value: Specifies the maximum reservable bandwidth of the link, or, the value of BC 0, in the range of 1 to 4294967295 kbps.
bc1 bc1-bandwidth: Specifies the value of BC 1, in the range of 1 to 4294967295 kbps. By default, BC 1 is 0 kbps.
bc2 bc2-bandwidth: Specifies the value of BC 2, in the range of 1 to 4294967295 kbps. By default, BC 2 is 0 kbps.
bc3 bc3-bandwidth: Specifies the value of BC 3, in the range of 1 to 4294967295 kbps. By default, BC 3 is 0 kbps.
Usage guidelines
The device carries the bandwidth values configured by this command in IGP route advertisements. The tunnel ingress node can obtain the information and use the information in CSPF calculation to select a path that meets the tunnel bandwidth requirements.
BC 0 (bandwidth-value) must be smaller than or equal to the maximum bandwidth of the link (configured with the mpls te max-link-bandwidth command). BC 0 must be greater than or equal to BC 1. BC 1 must be greater than or equal to BC 2. BC 2 must be greater than or equal to BC 3.
The BCs configured by this command are only for MPLS TE traffic.
Examples
# Set BC 0 in IETF RDM model to 500 kbps, BC 1 to 400 kbps, BC 2 to 300 kbps, and BC 3 to 100 kbps.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] mpls te max-reservable-bandwidth rdm 500 bc1 400 bc2 300 bc3 100
Related commands
· display mpls te link-management bandwidth-allocation
· mpls te bandwidth
· mpls te max-link-bandwidth
· mpls te max-reservable-bandwidth
· mpls te max-reservable-bandwidth mam
mpls te metric
Use mpls te metric to assign a TE metric to the link.
Use undo mpls te metric to restore the default.
Syntax
mpls te metric value
undo mpls te metric
Default
A link uses its IGP metric as its TE metric.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
value: Specifies a TE metric for the link, in the range of 1 to 4294967295.
Usage guidelines
The device carries two types of metrics (IGP metric and TE metric) of a link in the advertised IGP routes. You can use this command to configure the TE metric. When the tunnel ingress node receives the link metrics, it uses the IGP metric or the TE metric for path selection according to the configuration of the mpls te path-metric-type command or the path-metric-type command.
Examples
# Assign a TE metric of 20 to the link on VLAN-interface 10.
<Sysname> system-view
[Sysname] interface vlan-interface 10
[Sysname-Vlan-interface10] mpls te metric 20
Related commands
· mpls te path metric-type
· path metric-type
mpls te path
Use mpls te path to specify a path for the tunnel and set the preference of the path.
Use undo mpls te path to delete a path for the tunnel.
Syntax
mpls te path preference value { dynamic | explicit-path path-name } [ no-cspf ]
undo mpls te path preference value
Default
MPLS TE uses the dynamically calculated path to establish a CRLSP.
Views
Tunnel interface view
Predefined user roles
network-admin
mdc-admin
Parameters
preference value: Sets a preference value for the specified path, in the range of 1 to 10. A smaller value represents a higher preference.
dynamic: Uses the dynamically calculated path to establish the CRLSP.
explicit-path path-name: Uses the specified explicit path to establish the CRLSP. The path-name argument specifies the name of an explicit path, a case-sensitive string of 1 to 31 characters.
no-cspf: Calculates the path by searching the routing table instead of using the CSPF algorithm.
Usage guidelines
You can specify up to 10 paths for a tunnel interface. The paths must have different preferences.
When establishing a CRLSP, MPLS TE performs CSPF calculations according to the specified paths in the preference order from high to low until the CRLSP is established successfully. If the CSPF calculations for all paths are failed, the CRLSP cannot be established.
Examples
# Configure that interface Tunnel 0 can use explicit path path1 and the dynamically calculated path to establish a CRLSP, and set a higher preference for the explicit path.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te path preference 1 explicit-path path1
[Sysname-Tunnel0] mpls te path preference 2 dynamic
Related commands
· display mpls te tunnel-interface
· mpls te backup-path
mpls te path-metric-type
Use mpls te path-metric-type to specify the link metric type for a tunnel.
Use undo mpls te path-metric-type to restore the default.
Syntax
mpls te path-metric-type { igp | te }
undo mpls te path-metric-type
Default
No link metric type is specified for path selection of a tunnel.
Views
Tunnel interface view
Predefined user roles
network-admin
mdc-admin
Parameters
igp: Uses the IGP metric.
te: Uses the TE metric.
Usage guidelines
Each MPLS TE link has two metrics: IGP metric and TE metric. By using the two metrics, you can select different tunnels for different classes of traffic. For example, use the IGP metric to represent a link delay (a smaller IGP metric value indicates a lower link delay), and use the TE metric to represent a link bandwidth value (a smaller TE metric value indicates a bigger link bandwidth value).
You can establish two MPLS TE tunnels: Tunnel1 for voice traffic and Tunnel2 for video traffic. Configure Tunnel1 to use IGP metrics for path selection, and configure Tunnel2 to use TE metrics for path selection. As a result, the video traffic travels through the path that has larger bandwidth and the voice service travels through the path that has lower delay.
If you specify a metric type for a tunnel by using this command in tunnel interface view, the tunnel uses the specified metric type for path selection. Otherwise, the tunnel uses the metric type specified by the path-metric-type command in MPLS TE view for path selection.
Examples
# Configure Tunnel 0 to use the IGP metric for path selection.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te path-metric-type igp
Related commands
· display mpls te tunnel-interface
· mpls te metric
· path-metric-type
mpls te priority
Use mpls te priority to configure a setup priority and a holding priority for an MPLS TE tunnel.
Use undo mpls te priority to restore the default.
Syntax
mpls te priority setup-priority [ hold-priority ]
undo mpls te priority
Default
The setup priority and the holding priority of an MPLS TE tunnel are both 7.
Views
Tunnel interface view
Predefined user roles
network-admin
mdc-admin
Parameters
setup-priority: Specifies the setup priority in the range of 0 to 7. A smaller number represents a higher priority.
hold-priority: Specifies the holding priority in the range of 0 to 7. A smaller number represents a higher priority. If you do not specify this argument, the holding priority is the same as the setup priority.
Usage guidelines
The setup priority and holding priority of an MPLS TE tunnel determines the importance of the tunnel. A tunnel that has a higher setup priority than the holding priority of another tunnel can preempt the resources of the second.
The setup priority and holding priority can be applied to the following scenarios:
· Multiple MPLS TE tunnels use the same path but the path does not have enough bandwidth for all the tunnels. You can configure different setup and holding priorities for different tunnels to make sure important tunnels can be established first.
· Before an important tunnel is established, multiple less-important MPLS TE tunnels have existed on the network, occupying the bandwidth resources and the optimal path. You can assign a higher setup priority to the import tunnel, so the tunnel can preempt the resources of the existing tunnels and use the optimal path.
The setup priority of a tunnel must not be set higher than its holding priority, namely, the setup priority value must be equal to or greater than the holding priority value.
Examples
# Set both the setup priority and holding priority of tunnel 0 to 1.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te priority 1 1
Related commands
display mpls te tunnel-interface
mpls te record-route
Use mpls te record-route to enable route recording and label recording for the tunnel.
Use undo mpls te record-route to restore the default.
Syntax
mpls te record-route [ label ]
undo mpls te record-route
Default
A tunnel does not support route recording or label recording.
Views
Tunnel interface view
Predefined user roles
network-admin
mdc-admin
Parameters
label: Enables both route recording and label recording. If you do not specify this keyword, the command enables only route recording.
Usage guidelines
Route recording records the nodes that an MPLS TE tunnel traverses. Label recording records the label assigned by each node. The recorded information helps you know about the path used by the MPLS TE tunnel and the label distribution information, and when the tunnel fails, it helps you locate the fault.
Examples
# Enable route recording for MPLS TE tunnel 0.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te record-route
Related commands
display mpls te tunnel-interface
mpls te reoptimization (tunnel interface view)
Use mpls te reoptimization to enable tunnel reoptimization.
Use undo mpls te reoptimization to disable tunnel reoptimization.
Syntax
mpls te reoptimization [ frequency seconds ]
undo mpls te reoptimization
Default
Reoptimization is disabled.
Views
Tunnel interface view
Predefined user roles
network-admin
mdc-admin
Parameters
frequency seconds: Specifies the tunnel reoptimization frequency in the range of 1 to 604800 seconds. The default is 3600 seconds.
Usage guidelines
MPLS TE uses the tunnel reoptimization feature to implement dynamic CRLSP optimization. For example, when MPLS TE sets up a tunnel, if a link on the optimal path does not have enough reservable bandwidth, MPLS TE sets up the tunnel on another path. When the link has enough bandwidth, tunnel optimization can automatically switch the tunnel to the optimal path.
You can configure the ingress to perform tunnel reoptimization periodically. Or, you can use the mpls te reoptimization command in user view to trigger the ingress to perform a tunnel reoptimization at any time.
On the same tunnel interface, the mpls te reoptimization command cannot be used together with these commands: mpls te auto-bandwidth adjustment, mpls te route-pinning, mpls te backup, and mpls te resv-style ff.
Examples
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te reoptimization frequency 43200
Related commands
· display mpls te tunnel-interface
· mpls te reoptimization (user view)
mpls te reoptimization (user view)
Use mpls te reoptimization to reoptimize all reoptimization-enabled MPLS TE tunnels.
Syntax
mpls te reoptimization
Views
User view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
After reoptimization is enabled for a tunnel by using the mpls te reoptimization command in tunnel interface view, you can use this command in user view to trigger the ingress node to immediately reselect an optimal path for the tunnel.
Examples
# Reoptimize all reoptimization-enabled MPLS TE tunnels.
<Sysname> mpls te reoptimization
Related commands
mpls te reoptimization (tunnel interface view)
mpls te resv-style
Use mpls te resv-style to configure the resource reservation style for the MPLS TE tunnel.
Use undo mpls te resv-style to restore the default.
Syntax
mpls te resv-style { ff | se }
undo mpls te resv-style
Default
The resource reservation style is SE.
Views
Tunnel interface view
Predefined user roles
network-admin
mdc-admin
Parameters
ff: Specifies the resource reservation style as fixed filter (FF).
se: Specifies the resource reservation style as shared explicit (SE).
Usage guidelines
This command applies only to MPLS TE tunnels established by RSVP-TE.
FF—Resources are reserved for individual senders and cannot be shared among senders on the same session.
SE—Resources are reserved for senders on the same session and shared among them.
Examples
# Use the FF reservation style to establish MPLS TE tunnel 0.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te resv-style ff
Related commands
· display mpls te tunnel-interface
· mpls te signaling
mpls te retry
Use mpls te retry to configure the maximum number of tunnel setup attempts.
Use undo mpls te retry to restore the default.
Syntax
mpls te retry times
undo mpls te retry
Default
The maximum number of tunnel setup attempts is 3.
Views
Tunnel interface view
Predefined user roles
network-admin
mdc-admin
Parameters
times: Specifies the number of tunnel setup attempts, in the range of 1 to 4294967295.
Usage guidelines
After failing to establish an MPLS TE tunnel, the tunnel ingress node waits for the tunnel setup retry interval (configured by the mpls te timer retry command). Then it tries to set up the tunnel until the tunnel is established successfully or the number of tunnel setup attempts reaches the maximum. If the tunnel cannot be established when the number of attempts reaches the maximum, the ingress waits for a longer period and then repeats the previous process.
Examples
# Set the maximum number of tunnel setup attempts to 20.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te retry 20
Related commands
· display mpls te tunnel-interface
· mpls te timer retry
mpls te route-pinning
Use mpls te route-pinning to enable route pinning.
Use undo mpls te route-pinning to restore the default.
Syntax
mpls te route-pinning
undo mpls te route-pinning
Default
Route pinning is disabled.
Views
Tunnel interface view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
When route pinning is enabled, an established CRLSP does not re-select an optimal path even if the optimal route has changed.
On a network where routes are often changed, to avoid CRLSPs from changing frequently with the routes, you can use this feature to make sure the established CRLSPs are not re-established as long as they are available.
In the same tunnel interface view, the mpls te route-pinning command cannot be used together with the mpls te reoptimization and mpls te auto-bandwidth adjustment commands.
Examples
# Enable route pinning for Tunnel 0.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te route-pinning
Related commands
display mpls te tunnel-interface
mpls te signaling
Use mpls te signaling to configure the signaling protocol for an MPLS TE tunnel interface.
Use undo mpls te signaling to restore the default.
Syntax
mpls te signaling { rsvp-te | static }
undo mpls te signaling
Default
MPLS TE uses RSVP-TE to establish tunnels.
Views
Tunnel interface view
Predefined user roles
network-admin
mdc-admin
Parameters
rsvp-te: Uses the RSVP-TE signaling protocol to establish a tunnel.
static: Uses a static CRLSP to establish a tunnel.
Usage guidelines
To use RSVP-TE to establish an MPLS TE tunnel, you must enable MPLS TE and RSVP on each node and interface that the MPLS TE tunnel traverses.
To establish an MPLS TE tunnel over a static CRLSP, you must configure the tunnel to reference the static CRLSP by using the mpls te static-cr-lsp command.
Examples
# Use RSVP-TE to establish the MPLS TE tunnel 0.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te signaling rsvp-te
Related commands
· display mpls te tunnel-interface
· mpls te static-cr-lsp
mpls te static-cr-lsp
Use mpls te static-cr-lsp to reference a static CRLSP for a tunnel.
Use undo mpls te static-cr-lsp to remove the reference of the specified static CRLSP.
Syntax
mpls te static-cr-lsp lsp-name
undo mpls te static-cr-lsp lsp-name
Default
A tunnel does not reference any static CRLSP.
Views
Tunnel interface view
Predefined user roles
network-admin
mdc-admin
Parameters
lsp-name: Specifies a static CRLSP by its name, a case-sensitive string of 1 to 15 characters.
Usage guidelines
This command takes effect only when the mpls te signaling static command has been configured in tunnel interface view.
Execute this command on the ingress node. The static CRLSP specified must have been created by using the static-cr-lsp ingress command.
Examples
# Configure tunnel 0 to reference static CRLSP named static-te-3.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te static-cr-lsp static-te-3
Related commands
· display mpls te tunnel-interface
· mpls te signaling
· static-cr-lsp egress
· static-cr-lsp ingress
· static-cr-lsp transit
mpls te timer retry
Use mpls te timer retry to configure the tunnel setup retry interval.
Use undo mpls te timer retry to restore the default.
Syntax
mpls te timer retry seconds
undo mpls te timer retry
Default
The retry interval is 2 seconds.
Views
Tunnel interface view
Predefined user roles
network-admin
mdc-admin
Parameters
seconds: Specifies the interval at which MPLS TE tries to re-establish the tunnel, in the range of 1 to 604800 seconds.
Usage guidelines
After failing to establish an MPLS TE tunnel, the tunnel ingress node waits for the tunnel setup retry interval. Then it tries to set up the tunnel until the tunnel is established successfully or the number of tunnel setup attempts reaches the maximum (configured by the mpls te retry command). If the tunnel cannot be established when the number of attempts reaches the maximum, the ingress waits for a longer period and then repeats the previous process.
Examples
# Configure the setup retry interval as 20 seconds for tunnel 0.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te timer retry 20
Related commands
· display mpls te tunnel-interface
· mpls te retry
nexthop
Use nexthop to add or modify a node in an explicit path, and configure the attributes of the node.
Use undo nexthop to delete the specified node in an explicit path.
Syntax
nexthop [ index index-number ] ip-address [ exclude | include [ loose | strict ] ]
undo nexthop index index-number
Default
An explicit path does not include any nodes.
Views
Explicit path view
Predefined user roles
network-admin
mdc-admin
Parameters
index index-number: Specifies an index for the node in the explicit path, in the range of 1 to 65535. If you do not specify an index, MPLS TE automatically calculates an index for the node, the value of which is the current maximum index value plus 100.
ip-address: Specifies a node by its IP address in dotted decimal notation.
exclude: Excludes the specified node from the explicit path.
include: Includes the specified node on the explicit path.
loose: Specifies the node as a loose node, which means the specified node and its previous hop can be connected indirectly.
strict: Specifies the node as a strict node, which means the node and its previous hop must be directly connected.
Usage guidelines
The IP address specified in this command can be one of the following:
· Link IP address—IP address of an interface on the device, identifying a link.
· Device LSR ID—Identifies the device.
The address of a strict node must be a link IP address. The address of a loose node can be a link IP address or the device LSR ID.
CSPF excludes the links or devices specified by exclude from path calculation, and uses the links specified by include in ascending order of indexes to establish a CRLSP.
When you execute the nexthop command, follow these guidelines:
· If you specify an existing index, the command modifies the IP address or attribute of the node identified by that index.
· If you specify neither include nor exclude, the include keyword is used by default.
· If you specify neither loose nor strict, the strict keyword is used by default.
Examples
# Exclude IP address 10.0.0.125 from the MPLS TE explicit path named path1.
<Sysname> system-view
[Sysname] explicit-path path1
[Sysname-explicit-path-path1] next-hop 10.0.0.125 exclude
Related commands
display explicit-path
nhop-only
Use nhop-only to configure the PLR to create only link-protection bypass tunnels.
Use undo nhop-only to restore the default.
Syntax
nhop-only
undo nhop-only
Default
The PLR automatically creates both link-protection and node-protection bypass tunnels.
Views
MPLS TE auto-FRR view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
Execution of the nhop-only command deletes all existing node-protection bypass tunnels automatically created for MPLS TE auto FRR.
Examples
# Configure the device to automatically create only link-protection bypass tunnels.
<Sysname> system-view
[Sysname] mpls te
[Sysname-te] auto-tunnel backup
[Sysname-te-auto-bk] nhop-only
Related commands
· auto-tunnel backup
· tunnel-number
path-metric-type
Use path-metric-type to specify the link metric type to be used for path selection when a metric type is not explicitly specified for a tunnel.
Use undo path-metric-type to restore the default.
Syntax
path-metric-type { igp | te }
undo path-metric-type
Default
A tunnel uses TE metrics of links for path selection when no metric type is specified for the tunnel.
Views
MPLS TE view
Predefined user roles
network-admin
mdc-admin
Parameters
igp: Uses the IGP metric.
te: Uses the TE metric.
Usage guidelines
Each MPLS TE link has two metrics: IGP metric and TE metric. By correctly planning the two metrics, you can select different tunnels for different classes of traffic. For example, use the IGP metric to represent a link delay (a smaller IGP metric value indicates a lower link delay), and use the TE metric to represent a link bandwidth value (a smaller TE metric value indicates a bigger link bandwidth value).
You can establish two MPLS TE tunnels: Tunnel1 for voice traffic and Tunnel2 for video traffic. Configure Tunnel1 to use IGP metrics for path selection, and configure Tunnel2 to use TE metrics for path selection. As a result, the video traffic travels through the path that has larger bandwidth and the voice traffic travels through the path that has lower delay.
If you have specified a metric type for a tunnel by using the mpls te path-metric-type command in tunnel interface view, the tunnel uses the specified metric type for path selection. Otherwise, the tunnel uses the metric type specified by the path-metric-type command for path selection.
Examples
# Configure MPLS TE tunnels that are not explicitly specified with a metric type to use the IGP metric for path selection.
<Sysname> system-view
[Sysname] mpls te
[Sysname-te] path-metric-type igp
Related commands
· mpls te metric
· mpls te path-metric-type
reset mpls te auto-bandwidth-adjustment timers
Use reset mpls te auto-bandwidth-adjustment timers to reset the automatic bandwidth adjustment feature.
Syntax
reset mpls te auto-bandwidth-adjustment timers
Views
User view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
After this command is executed, the system clears the output rate sampling information and the remaining time to the next bandwidth adjustment. Then it starts new output rate sampling and bandwidth adjustment.
Examples
# Reset the automatic bandwidth adjustment feature.
<Sysname> reset mpls te auto-bandwidth-adjustment timers
Related commands
· mpls te auto-bandwidth
· auto-bandwidth enable
te-subtlv
Use te-subtlv to specify the types of the sub-TLVs for carrying DS-TE parameters.
Use undo te-subtlv to restore the default.
Syntax
te-subtlv { bw-constraint value | unreserved-subpool-bw value } *
undo te-subtlv { bw-constraint | unreserved-subpool-bw } *
Default
The bw-constraint parameter is carried in sub-TLV 252, and the unreserved-subpool-bw parameter is carried in sub-TLV 251.
Views
IS-IS view
Predefined user roles
network-admin
mdc-admin
Parameters
bw-constraint value: Specifies the type value of the sub-TLV that carries the bandwidth constraints, in the range of 23 to 254.
unreserved-subpool-bw value: Specifies the type value of the sub-TLV that carries the unreserved subpool bandwidth, in the range of 23 to 254.
Usage guidelines
This command takes effect when the DS-TE mode is prestandard. It does not take effect when the DE-TE mode is IETF.
In prestandard mode, no standard sub-TLV type values are defined to carry DS-TE parameters. Different vendors might use different type values. To communicate with devices from other vendors, use this command to specify the sub-TLV type values.
Examples
# For IS-IS process 1, specify the sub-TLV type value 200 for bw-constraint, and 202 for unreserved-subpool-bw.
<Sysname> system-view
[Sysname] isis 1
[Sysname-isis-1] te-subtlv bw-constraint 200 unreserved-subpool-bw 202
Related commands
display isis mpls te configured-sub-tlvs
timers removal unused
Use timers removal unused to configure a removal timer for unused bypass tunnels.
Use undo timers removal unused to restore the default.
Syntax
timers removal unused seconds
undo timers removal unused
Default
A bypass tunnel is removed after it is unused for 3600 seconds.
Views
MPLS TE auto-FRR view
Predefined user roles
network-admin
mdc-admin
Parameters
seconds: Specifies the period of time after which an unused bypass tunnel is removed, in the range of 300 to 604800 seconds. You can also set this argument to 0, which means not to remove unused bypass tunnels.
Usage guidelines
An automatically created bypass tunnel can protect multiple primary CRLSPs. A bypass tunnel is unused when all primary CRLSPs protected by the bypass tunnel are removed. When a bypass tunnel is unused for the period of time configured by this command, MPLS TE removes the bypass tunnel to release the occupied bandwidth and tunnel interface number.
Configure a removal timer according to your network conditions, with the following considerations:
· Save resources—If the timer value is too big, unused bypass tunnels occupy bandwidth and interface numbers for a long time.
· Keep network stability—If the timer value is too small, bypass tunnels might be set up and removed frequently.
Examples
# Configure the removal timer for unused bypass tunnels to 60000 seconds (100 minutes).
<Sysname> system-view
[Sysname] mpls te
[Sysname-te] auto-tunnel backup
[Sysname-te-auto-bk] timers removal unused 60000
Related commands
· auto-tunnel backup
· tunnel-number
tunnel-number
Use tunnel-number to specify an interface number range for automatically created bypass tunnels.
Use undo tunnel-number to restore the default.
Syntax
tunnel-number min min-number max max-number
undo tunnel-number
Default
No interface number range is specified, and the PLR cannot set up a bypass tunnel automatically.
Views
MPLS TE auto-FRR view
Predefined user roles
network-admin
mdc-admin
Parameters
min min-number: Specifies the minimum interface number for automatically created bypass tunnels. The value range for the min-number argument is 0 to 9214.
max max-number: Specifies the maximum interface number for automatically created bypass tunnels. The value range for the max-number argument is 0 to 9214.
Usage guidelines
To enable the PLR to automatically create bypass tunnels, you must enable auto FRR globally by using the auto-tunnel backup command, and then specify the interface number range for bypass tunnels by using the tunnel-number command. The PLR uses the interface numbers in the specified range in ascending order for the bypass tunnels.
When you use the tunnel-number command, follow these restrictions and guidelines:
· The min-number must be smaller than or equal to the max-number.
· The specified range must include less than 1000 interface numbers. Otherwise, this command cannot be executed successfully.
· If you execute this command multiple times, the most recent configuration takes effect.
· When you execute this command, if bypass tunnels are already created automatically, make sure the min-number is not greater than the minimum interface number used by the existing bypass tunnels, and the max-number is not smaller than the maximum interface number used by the existing bypass tunnels.
· The interface number range specified by this command can include the interface numbers used by the tunnel interfaces created by the interface tunnel command. However, those interface numbers cannot be used for bypass tunnels, unless they are released by the undo interface tunnel command.
Examples
# Specify interface numbers 800 to 900 for automatically created bypass tunnels.
<Sysname> system-view
[Sysname] mpls te
[Sysname-te] auto-tunnel backup
[Sysname-te-auto-bk] tunnel-number min 800 max 900
Related commands
auto-tunnel backup
Static CRLSP commands
The static CRLSP feature is available in Release 1138P01 and later versions.
display mpls static-cr-lsp
Use display mpls static-cr-lsp to display information about static CRLSPs.
Syntax
display mpls static-cr-lsp [ lsp-name lsp-name ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
lsp-name lsp-name: Displays information about the static CRLSP specified by its name, a case-sensitive string of 1 to 15 characters. If you do not specify this option, this command displays information about all static CRLSPs.
verbose: Displays detailed information about static CRLSPs.
Examples
# Display brief information about static CRLSPs.
<Sysname> display mpls static-cr-lsp
Name LSR Type In/Out Label Out Interface State
static-cr-lsp-1 Ingress Null/20 Vlan10 Up
Table 39 Command output
Field |
Description |
Name |
Name of the static CRLSP. |
LSR Type |
LSR type of the local node on the static CRLSP: Ingress, Transit, or Egress. |
In/Out Label |
Incoming label/outgoing label. |
Out Interface |
Outgoing interface. |
State |
Current state of the static CRLSP: · Down—The static CRLSP is not available. · Up—The static CRLSP is available. |
# Display detailed information about static CRLSPs.
<Sysname> display mpls static-cr-lsp verbose
LSP Name : Tunnel0
LSR Type : Ingress
In-Label : Null
Out-Label : 60
Out-Interface : Vlan10
Nexthop : 20.1.1.2
Class Type : -
Bandwidth : -
LSP State : Up
Table 40 Command output
Field |
Description |
LSP Name |
Name of the static CRLSP. |
LSR Type |
LSR type of the local node on the static CRLSP: Ingress, Transit, or Egress. |
In-Label |
Incoming label. |
Out-Label |
Outgoing label. |
Out-Interface |
Outgoing interface. |
Nexthop |
Next hop address. |
Class Type |
Class type of the static CRLSP. This field is not supported in the current software version and is reserved for future support. |
Bandwidth |
Bandwidth required by the static CRLSP, in kbps. This field is not supported in the current software version. |
LSP State |
Current state of the static CRLSP: · Down—The CRLSP is not available. · Up—The CRLSP is available. |
Related commands
· static-cr-lsp egress
· static-cr-lsp ingress
· static-cr-lsp transit
static-cr-lsp egress
Use static-cr-lsp egress to configure the egress node of a static CRLSP.
Use undo static-cr-lsp egress to delete the egress node configuration of a static CRLSP.
Syntax
static-cr-lsp egress lsp-name in-label in-label-value
undo static-cr-lsp egress lsp-name
Default
No static CRLSP exists on the device.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
lsp-name: Specifies a name for the static CRLSP, a case-sensitive string of 1 to 15 characters.
in-label in-label-value: Specifies the incoming label in the range of 16 to 1023.
Examples
# On the egress node, configure a static CRLSP with the name static-te-1 and incoming label 233.
<Sysname> system-view
[Sysname] static-cr-lsp egress static-te-1 in-label 233
Related commands
· display mpls static-cr-lsp
· static-cr-lsp ingress
· static-cr-lsp transit
static-cr-lsp ingress
Use static-cr-lsp ingress to configure the ingress node of a static CRLSP.
Use undo static-cr-lsp ingress to delete the ingress node configuration of a static CRLSP.
Syntax
static-cr-lsp ingress lsp-name { nexthop next-hop-addr | outgoing-interface interface-type interface-number } out-label out-label-value [ bandwidth [ ct0 | ct1 | ct2 | ct3 ] bandwidth-value ]
undo static-cr-lsp ingress lsp-name
Default
No static CRLSP exists on the device.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
lsp-name: Specifies a name for the static CRLSP, a case-sensitive string of 1 to 15 characters.
nexthop next-hop-addr: Specifies the next hop IP address.
outgoing-interface interface-type interface-number: Specifies an outgoing interface by its type and number. The specified interface must be a P2P tunnel interface.
out-label out-label-value: Specifies the outgoing label, a value of 0, 3, or from 16 through 1023.
bandwidth: Specifies the CT and required bandwidth for the static CRLSP. If you do not specify this keyword, the bandwidth required by the static CRLSP is 0 kbps. If you specify this keyword but do not specify a CT, the static CRLSP belongs to CT 0.
ct0: Specifies CT 0 for the static CRLSP.
ct1: Specifies CT 1 for the static CRLSP.
ct2: Specifies CT 2 for the static CRLSP.
ct3: Specifies CT 3 for the static CRLSP.
bandwidth-value: Specifies the bandwidth required by the static CRLSP, in the range of 1 to 4294967295 kbps. The default is 0 kbps.
Usage guidelines
The next hop address specified for the static CRLSP cannot be a public IP address on the local device.
CT 2 and CT 3 are valid only in IETF DS-TE mode. In prestandard DS-TE mode, CT 2 and CT 3 are invalid and the tunnel cannot be established.
Examples
# Configure a static CRLSP on the ingress node, and configure its name as static-te-2, next hop IP address as 202.55.25.33, and outgoing label as 237.
<Sysname> system-view
[Sysname] static-cr-lsp ingress static-te-2 nexthop 202.55.25.33 out-label 237
Related commands
· display mpls static-cr-lsp
· static-cr-lsp egress
· static-cr-lsp transit
static-cr-lsp transit
Use static-cr-lsp transit to configure a transit node for a static CRLSP.
Use undo static-cr-lsp transit to delete the transit node configuration of a static CRLSP.
Syntax
static-cr-lsp transit lsp-name in-label in-label-value { nexthop next-hop-addr | outgoing-interface interface-type interface-number } out-label out-label-value [ bandwidth [ ct0 | ct1 | ct2 | ct3 ] bandwidth-value ]
undo static-cr-lsp transit lsp-name
Default
No static CRLSP exists on the device.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
lsp-name: Specifies a name for the static CRLSP, a case-sensitive string of 1 to 15 characters.
in-label in-label-value: Specifies the incoming label in the range of 16 to 1023.
nexthop next-hop-addr: Specifies the next hop IP address.
outgoing-interface interface-type interface-number: Specifies an outgoing interface by its type and number. The specified interface must be a P2P tunnel interface.
out-label out-label-value: Specifies the outgoing label, a value of 0, 3, or in the range of 16 to 1023.
bandwidth: Specifies the CT and required bandwidth for the static CRLSP. If you do not specify this keyword, the bandwidth required by the static CRLSP is 0 kbps. If you specify this keyword but do not specify a CT, the static CRLSP belongs to CT 0.
ct0: Specifies CT 0 for the static CRLSP.
ct1: Specifies CT 1 for the static CRLSP.
ct2: Specifies CT 2 for the static CRLSP.
ct3: Specifies CT 3 for the static CRLSP.
bandwidth-value: Specifies the bandwidth required by the static CRLSP, in the range of 1 to 4294967295 kbps. The default is 0 kbps.
Usage guidelines
The next hop address specified for the static CRLSP cannot be a public IP address on the local device.
CT 2 and CT 3 are valid only in IETF DS-TE mode. In prestandard DS-TE mode, CT 2 and CT 3 are invalid and the tunnel cannot be established.
Examples
# Configure a static CRLSP on the transit node, and configure its name as static-te-3, incoming label as 123, next hop IP address as 1.1.1.1, and outgoing label as 253.
<Sysname> system-view
[Sysname] static-cr-lsp transit static-te-3 in-label 123 nexthop 1.1.1.1 out-label 253
Related commands
· display mpls static-cr-lsp
· static-cr-lsp egress
· static-cr-lsp ingress
RSVP commands
The RSVP feature is available in Release 1138P01 and later versions.
authentication challenge
Use authentication challenge to enable the RSVP challenge-response handshake function globally or for an RSVP neighbor.
Use undo authentication challenge to disable the challenge-response handshake function globally or for an RSVP neighbor.
Syntax
authentication challenge
undo authentication challenge
Default
The RSVP challenge-response handshake function is disabled.
Views
RSVP view, RSVP neighbor view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
To prevent packet replay attacks, RSVP requires received authentication messages to carry incremental sequence numbers. To verify the subsequent messages, RSVP saves the sequence number of the last valid message in a receive-type security association.
However, when RSVP creates a new receive-type security association, it cannot obtain the sequence number of the sender. To successfully establish the receive-type security association, RSVP sets the receive sequence number to 0 by default, so the association can receive a message with any sequence number from the peer. Because this introduces a vulnerability to replay attacks, you should execute the authentication challenge command. When RSVP creates a receive-type security association, it will perform a challenge-response handshake to obtain the sequence number of the sender.
RSVP challenge-response handshake can be configured in the following views:
· RSVP view—Configuration applies to all RSVP security associations.
· RSVP neighbor view—Configuration applies only to RSVP security associations with the specified neighbor.
· Interface view—Configuration applies only to RSVP security associations established on the current interface.
Examples
# Enable RSVP challenge-response handshake globally.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp] authentication challenge
# Enable challenge-response handshake for RSVP neighbor 1.1.1.9.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp] peer 1.1.1.9
[Sysname-rsvp-peer-1.1.1.9] authentication challenge
Related commands
· authentication key
· authentication lifetime
· authentication window-size
· display rsvp authentication
· reset rsvp authentication
· rsvp authentication challenge
· rsvp authentication key
· rsvp authentication lifetime
· rsvp authentication window-size
authentication key
Use authentication key to enable RSVP authentication globally or for an RSVP neighbor, and configure the authentication key.
Use undo authentication key to disable RSVP authentication.
Syntax
authentication key { cipher | plain } auth-key
undo authentication key
Default
RSVP authentication is disabled.
Views
RSVP view, RSVP neighbor view
Predefined user roles
network-admin
mdc-admin
Parameters
cipher: Sets a ciphertext authentication key.
plain: Sets a plaintext authentication key.
auth-key: Specifies the authentication key. This argument is case sensitive. If the cipher keyword is specified, it must be a ciphertext string of 1 to 53 characters. If the plain keyword is specified, it must be a plaintext string of 1 to 16 characters.
Usage guidelines
RSVP authentication ensures integrity of RSVP messages, and prevents false resource reservation requests from occupying network resources.
With RSVP authentication, the sender uses the MD5 algorithm and the authentication key to calculate a message digest for an RSVP message. The sender inserts the message digest to the RSVP message. When the receiver receives the message, it performs the same calculation and compares the result with the message digest received. If they match, the receiver accepts the message. Otherwise, it drops the message.
RSVP authentication can be configured in the following views:
· RSVP view—Configuration applies to all RSVP security associations.
· RSVP neighbor view—Configuration applies only to RSVP security associations with the specified RSVP neighbor.
· Interface view—Configuration applies only to RSVP security associations established on the current interface.
Configurations in RSVP neighbor view, interface view, and RSVP view are in descending order of priority. For example, if you have enabled RSVP authentication for a neighbor in both RSVP neighbor view and RSVP view but configured different authentication keys, the authentication key configured in RSVP neighbor view is used to authenticate the RSVP messages between the local device and the neighbor.
To re-establish a security association, you must delete the authentication key used by the current security association or delete the current security association (using the reset rsvp authentication command). Then the device can re-establish a security association by looking up a new authentication key in order of priorities.
When using this command, follow these guidelines:
· After you enable RSVP authentication on the local device, you must also enable RSVP authentication and configure the same authentication key on the corresponding RSVP neighbor.
· For security purposes, all keys, including keys configured in plain text, are saved in cipher text.
Examples
# Enable RSVP authentication globally, and configure the authentication key as a plaintext string of abcdefgh.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp] authentication key plain abcdefgh
# Enable RSVP authentication for neighbor 1.1.1.9, and configure the authentication key as a plaintext string of abcdefgh.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp] peer 1.1.1.9
[Sysname-rsvp-peer-1.1.1.9] authentication key plain abcdefgh
Related commands
· authentication challenge
· authentication lifetime
· authentication window-size
· display rsvp authentication
· reset rsvp authentication
· rsvp authentication challenge
· rsvp authentication key
· rsvp authentication lifetime
· rsvp authentication window-size
authentication lifetime
Use authentication lifetime in RSVP view to configure the global idle timeout for RSVP security associations.
Use authentication lifetime in RSVP neighbor view to configure the idle timeout for RSVP security associations with an RSVP neighbor.
Use undo authentication lifetime to restore the default.
Syntax
authentication lifetime life-time
undo authentication lifetime
Default
The idle timeout for an RSVP security association is 1800 seconds.
Views
RSVP view, RSVP neighbor view
Predefined user roles
network-admin
mdc-admin
Parameters
life-time: Specifies the RSVP security association idle timeout in the range of 30 to 86400 seconds.
Usage guidelines
When RSVP authentication is enabled, the device dynamically establishes security associations when receiving and sending RSVP messages.
To release memory resources, each security association has an idle timeout. When a security association is idle for the specified timeout time, the device deletes the security association. When the device sends or receives an authenticated RSVP message, it resets the idle timeout timer for the corresponding security association.
The RSVP authentication idle timeout can be configured in the following views:
· RSVP view—Configuration applies to all RSVP security associations.
· RSVP neighbor view—Configuration applies only to RSVP security associations with the specified RSVP neighbor.
· Interface view—Configuration applies only to RSVP security associations established on the current interface.
An RSVP security association established by using the authentication key configured in a view uses the idle timeout configured in the same view.
A modification to the idle timeout affects only security associations established after the modification. To apply the new setting to existing security associations, you must execute the reset rsvp authentication command to delete and then re-establish the security associations.
Examples
# Configure the global idle timeout as 100 seconds for RSVP security associations.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp] authentication lifetime 100
# Configure the idle timeout as 100 seconds for the security associations with RSVP neighbor 1.1.1.9.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp] peer 1.1.1.9
[Sysname-rsvp-peer-1.1.1.9] authentication lifetime 100
Related commands
· authentication challenge
· authentication key
· authentication window-size
· display rsvp authentication
· reset rsvp authentication
· rsvp authentication challenge
· rsvp authentication key
· rsvp authentication lifetime
· rsvp authentication window-size
authentication window-size
Use authentication window-size in RSVP view to configure the global RSVP authentication window size, which is the maximum number of authenticated RSVP messages that can be received out of sequence.
Use authentication window-size in RSVP neighbor view to configure the RSVP authentication window size for an RSVP neighbor.
Use undo authentication window-size to restore the default.
Syntax
authentication window-size number
undo authentication window-size
Default
Only one authenticated RSVP message can be received out of sequence.
Views
RSVP view, RSVP neighbor view
Predefined user roles
network-admin
mdc-admin
Parameters
number: Specifies the maximum number of authenticated RSVP messages that can be received out of sequence, in the range of 1 to 64.
Usage guidelines
To protect against replay attacks, the sender places a unique sequence number in each RSVP message that contains authentication information. The sender increases the value of the sequence number by one each time it sends an RSVP message. If the sequence number of a received message is in the specified authentication window size, the receiver accepts the message. Otherwise, the receiver discards the message.
When the receiver receives an RSVP message, it compares the sequence number of the last accepted RSVP message with the sequence number of the newly received RSVP message.
· If the new sequence number is greater than the last sequence number, RSVP accepts the message and updates the last sequence number with the new sequence number.
· If the new sequence number equals the last sequence number, RSVP regards the message a replay message and discards the message.
· If the new sequence number is smaller than the last sequence number but greater than the last sequence number minus the window size, and has never been received before, RSVP accepts the message. If the new sequence number has been received before, RSVP regards the message a replay message and discards the message.
· If the new sequence number is smaller than or equal to the last sequence number minus the window size, RSVP regards the message invalid and discards the message.
By default, the authentication window size is 1. If the sequence number of a newly received RSVP message is smaller than that of the last accepted message, the device discards the message. However, if the sender sends multiple RSVP messages in a short time, these messages might arrive at the neighbor out of sequence. If you use the default window size, the out-of-sequence messages will be discarded. To solve this problem, you can use the authentication window-size command to configure a correct window size.
A security association established by using the authentication key configured in a view uses the window size configured in that view.
A modification to the window size affects only security associations established after the modification. To apply the new setting to existing security associations, you must execute the reset rsvp authentication command to delete and then re-establish the security associations.
Examples
# In RSVP view, set the maximum number of out-of-sequence authenticated RSVP messages that can be received to 10.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp] authentication window-size 10
# Set the maximum number of out-of-sequence authenticated RSVP messages that can be received from the RSVP neighbor 1.1.1.9 to 10.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp] peer 1.1.1.9
[Sysname-rsvp-peer-1.1.1.9] authentication window-size 10
Related commands
· authentication challenge
· authentication key
· authentication lifetime
· display rsvp authentication
· reset rsvp authentication
· rsvp authentication challenge
· rsvp authentication key
· rsvp authentication lifetime
· rsvp authentication window-size
display rsvp
Use display rsvp to display RSVP information.
Syntax
display rsvp [ interface [ interface-type interface-number ] ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
interface: Displays RSVP information on interfaces.
interface-type interface-number: Displays RSVP information on the interface specified by its type and number.
Usage guidelines
If you do not specify the interface keyword, this command displays the global RSVP information.
If you specify the interface keyword but do not specify the interface-type interface-number argument, this command displays RSVP information for all interfaces.
If you specify the interface interface-type interface-number option, this command displays RSVP information for the specified interface.
Examples
# Display global RSVP information.
LSR ID: 50.0.0.1 Fast Reroute time: 300 sec
Refresh interval: 30 sec Keep multiplier: 3
Hello interval: 3 sec Hello lost: 4
Graceful Restart: Disabled DSCP value: 48
Authentication: Enabled
Lifetime: 300 sec
Window size: 64
Challenge: Enabled
Statistics:
PSB number: 5 RSB number: 5
LSP number: 5 Request number: 5
Peer number: 5 SA number: 5
Table 41 Command output
Field |
Description |
Fast Reroute time |
Interval for detecting whether a better bypass CRLSP is available for a primary CRLSP, in seconds. |
Refresh interval |
Interval for refreshing Path and Resv messages, in seconds. |
Keep multiplier |
PSB and RSB timeout multiplier. |
Hello interval |
Interval for sending hello requests, in seconds. |
Hello lost |
Maximum number of consecutive lost or erroneous hellos allowed. |
DSCP value |
DSCP value for outgoing RSVP packets. |
Authentication |
RSVP authentication state. |
Lifetime |
Idle timeout for RSVP security associations, in seconds. |
Window size |
Maximum number of out-of-sequence authenticated RSVP messages that can be received. |
Challenge |
State of the challenge-response handshake function. |
Statistics |
RSVP statistics. |
PSB number |
Total number of PSBs. |
RSB number |
Total number of RSBs. |
LSP number |
Total number of LSPs established by RSVP. |
Request number |
Total number of RSVP request data blocks. |
Peer number |
Total number of RSVP neighbors. |
SA number |
Total number of security associations. |
# Display RSVP information for all interfaces.
<Sysname> display rsvp interface
Interface: Vlan10 Logical interface handle: 0x19a5
State: Up IP address: 50.1.0.1
MPLS TE: Enabled RSVP: Enabled
Hello: Enabled BFD: Enabled
Summary Refresh: Enabled Reliability: Disabled
Retransmit interval: 500 ms Retransmit increment: 1
Authentication: Enabled
Lifetime: 300 sec
Window size: 64
Challenge: Enabled
Bypass tunnels: Tunnel0
Interface: Vlan11 Logical interface handle: 0x19a6
State: Up IP address: 50.2.0.1
MPLS TE: Enabled RSVP: Enabled
Hello: Enabled BFD: Enabled
Summary Refresh: Disabled Reliability: Disabled
Retransmit interval: 500 ms Retransmit increment: 1
Authentication: Enabled
Lifetime: 300 sec
Window size: 64
Challenge: Enabled
Bypass tunnels: Tunnel0, Tunnel1, Tunnel2
Table 42 Command output
Field |
Description |
Logical interface handle |
Logical interface handle, used to distinguish logical outgoing interfaces on the RSVP interface. |
State |
Interface state recorded by RSVP: UP or Down. |
IP address |
IP address of the current interface used by RSVP. |
MPLS TE |
MPLS TE state on the interface. |
RSVP |
RSVP state on the interface. |
Hello |
State of the hello extension function on the interface. |
BFD |
BFD state on the interface. |
Summary Refresh |
State of the summary refresh function on the interface. |
Reliability |
State of the reliable RSVP message delivery function on the interface. |
Retransmit interval |
Initial retransmission interval for reliable RSVP message delivery, in milliseconds. |
Retransmit increment |
Retransmission increment value for reliable RSVP message delivery. |
Authentication |
RSVP authentication state on the interface. |
Lifetime |
Idle timeout for RSVP security associations, in seconds. |
Window size |
Maximum number of out-of-sequence authenticated RSVP messages that can be received. |
Challenge |
State of the challenge-response handshake function on the interface. |
Bypass tunnels |
Bypass tunnels configured on the interface for fast reroute (FRR). If no bypass tunnels are configured, this field displays None. |
display rsvp authentication
Use display rsvp authentication to display information about the security associations established with RSVP neighbors.
Syntax
display rsvp authentication [ from ip-address ] [ to ip-address ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
from ip-address: Displays information about the security associations with the specified source IP address.
to ip-address: Displays information about the security associations with the specified destination IP address.
verbose: Displays detailed information about RSVP security associations. If you do not specify this keyword, the command displays brief information about RSVP security associations.
Usage guidelines
If you do not specify the from ip-address to ip-address options, this command displays information about the security associations established with all RSVP neighbors.
After RSVP authentication is enabled, the device automatically establishes security associations when sending and receiving RSVP messages. A security association includes the following information:
· IP address of the authentication source node.
· IP address of the authentication destination node.
· Authentication direction.
· Authentication type.
· Authentication key.
· Authentication expiration time.
The device obtains the RSVP authentication source and destination IP addresses from the IP header or RSVP message objects, as shown in Table 43.
Table 43 How to get RSVP authentication source and destination IP addresses
Message type received or sent |
Authentication source IP |
Authentication destination IP |
Path |
Address in the HOP object of the RSVP message. |
Address in the SESSION object of the RSVP message. |
PathTear |
Address in the HOP object of the RSVP message. |
Address in the SESSION object of the RSVP message. |
PathError |
Source IP address in the IP header |
Destination IP address in the IP header |
Resv |
Address in the HOP object of the RSVP message. |
Destination IP address in the IP header |
ResvTear |
Address in the HOP object of the RSVP message. |
Destination IP address in the IP header |
ResvError |
Address in the HOP object of the RSVP message. |
Destination IP address in the IP header |
ResvConfirm |
Source IP address in the IP header |
Address in the CONFIRM object of the RSVP message. |
ACK |
Source IP address in the IP header |
Destination IP address in the IP header |
Srefresh |
Source IP address in the IP header |
Destination IP address in the IP header |
Hello |
Source IP address in the IP header |
Destination IP address in the IP header |
Examples
# Display brief information about the security associations established with all RSVP neighbors.
<Sysname> display rsvp authentication
From To Mode Type Key-ID Expiration
57.10.10.1 57.10.10.2 Receive Interface 000103000000 280s
57.10.10.2 57.10.10.1 Send Interface 000103000000 280s
Table 44 Command output
Field |
Description |
From |
RSVP authentication source IP address. |
To |
RSVP authentication destination IP address. |
Mode |
Direction of the security association: · Receive—Receive security association, used to authenticate messages received from an RSVP neighbor. · Send—Send security association, used to authenticate messages sent to an RSVP neighbor. |
Type |
Type of the security association: · Peer—Security association established in RSVP neighbor view. · Interface—Security association established in interface view. · Global—Security association established in RSVP view. |
Key-ID |
Key ID of the security association. · For a send security association, this field displays the local key ID. · For a receive security association, this field displays the key ID received from the peer. |
Expiration |
Idle timeout remaining time of the security association, in seconds. |
# Display detailed information about the security associations established with all RSVP neighbors.
<Sysname> display rsvp authentication verbose
From: 20.1.1.1 To: 4.4.4.9
Mode: Send Type: Interface
Challenge: Supported Peer: 20.1.1.2
Local key ID: 0x000104000000 Peer key ID: 0x0
Lifetime: 1800 sec Expiration time: 1781 sec
Window size: 1
Last sent sequence number:
5781735195480686593
From: 20.1.1.2 To: 20.1.1.1
Mode: Receive Type: Interface
Challenge: Not configured Peer: 20.1.1.2
Local key ID: 0x0 Peer key ID: 0x000104000000
Lifetime: 1800 sec Expiration time: 1798 sec
Window size: 1
Received sequence numbers:
5781742445385482241
Table 45 Command output
Field |
Description |
From |
RSVP authentication source IP address. |
To |
RSVP authentication destination IP address. |
Mode |
Direction of the security association: · Receive—Receive security association, used to authenticate messages received from an RSVP neighbor. · Send—Send security association, used to authenticate messages sent to an RSVP neighbor. |
Type |
Type of the security association: · Peer—Security association established in RSVP neighbor view. · Interface—Security association established in interface view. · Global—Security association established in RSVP view. |
Challenge |
State of the authentication challenge-response function: · Not configured—The challenge-response handshake function is disabled locally. (For a receive security association.) · Configured—The challenge-response handshake function is enabled locally. (For a receive security association.) · In progress—The local device has sent an Integrity Challenge message to the peer and is waiting for the Integrity Response message from the peer. · Completed—The local device has received an Integrity Response message from the peer and the message has passed the authentication. · Failed—The Failed state is displayed when one of the following events occurs: ¡ The local device has received an Integrity Response message from the peer but the message failed the authentication. ¡ The local device has not received any valid Integrity Response after sending three Integrity Challenge messages to the peer. ¡ The challenge-response function is disabled on the peer. · Supported—The local device supports the challenge-response function. (For a send security association.) |
Peer |
IP address of the authentication neighbor. |
Local key ID |
Local key ID, for a send security association. |
Peer key ID |
Peer key ID, for a receive security association. |
Lifetime |
Idle timeout of the security association, in seconds. |
Expiration time |
Idle timeout remaining time of the security association, in seconds. |
Window size |
Maximum number of out-of-sequence authenticated RSVP messages that can be received. |
Received sequence numbers |
Sequence numbers of the received messages. This field can display the sequence numbers for up to window-size messages. |
Last sent sequence number |
Sequence number of the last sent message. |
Related commands
· authentication challenge
· authentication key
· authentication lifetime
· authentication window-size
· reset rsvp authentication
· rsvp authentication challenge
· rsvp authentication key
· rsvp authentication lifetime
· rsvp authentication window-size
display rsvp lsp
Use display rsvp lsp to display information about CRLSPs established by RSVP.
Syntax
display rsvp lsp [ destination ip-address ] [ source ip-address ] [ tunnel-id tunnel-id ] [ lsp-id lsp-id ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
destination ip-address: Displays information about the CRLSP with the specified tunnel destination address.
source ip-address: Displays information about the CRLSP with the specified tunnel source address. The tunnel source address is the extended tunnel ID in the Session object of an RSVP message.
tunnel-id tunnel-id: Displays information about the CRLSP with the specified tunnel ID in the range of 0 to 65535.
lsp-id lsp-id: Displays information about the CRLSP with the specified LSP ID in the range of 0 to 65535.
verbose: Displays detailed information about CRLSPs. If you do not specify this keyword, the command displays brief information about CRLSPs.
Examples
# Display brief information about all CRLSPs established by RSVP.
<Sysname> display rsvp lsp
Destination Source Tunnel-ID LSP-ID Direction Tunnel-name
50.0.0.1 50.0.0.3 0 1 Uni Sysname_t0
50.0.0.1 50.0.0.3 1 2 Bi-Down Sysname_t1
Table 46 Command output
Field |
Description |
Destination |
Tunnel destination address. |
Source |
Tunnel source address. |
Direction |
Tunnel direction: · Uni—Unidirectional tunnel. · Bi-Down—Forward CRLSP of a bidirectional tunnel. · Bi-Up—Backward CRLSP of a bidirectional tunnel. |
Tunnel-name |
The value for a tunnel name is Sysname_ttunnel-ID, where Sysname represents the device name, and tunnel-ID represents the ID of the tunnel. You can configure the device name by executing the sysname command in system view. This field contains a maximum of 80 characters, and displays the first 77 characters and three dots (.) if the name contains more than 80 characters. |
# Display detailed information about all CRLSPs established by RSVP.
<Sysname> display rsvp lsp verbose
Tunnel name: Sysname_t1
Destination: 3.3.3.9 Source: 1.1.1.9
Tunnel ID: 1 LSP ID: 5
LSR type: Transit Direction: Unidirectional
Setup priority: 7 Holding priority: 7
In-Label: 1146 Out-Label: 3
In-Interface: Vlan10 Out-Interface: Vlan30
Nexthop: 57.20.20.1 Exclude-any: 0
Include-Any: 0 Include-all: 0
Mean rate (CIR): 0.00 kbps Mean burst size (CBS): 1000.00 bytes
Path MTU: 1500 Class type: CT0
RRO number: 8
57.10.10.1/32 Flag: 0x00 (No FRR)
57.10.10.2/32 Flag: 0x40 (No FRR/In-Int)
1146 Flag: 0x01 (Global label)
2.2.2.9/32 Flag: 0x20 (No FRR/Node-ID)
57.20.20.2/32 Flag: 0x00 (No FRR)
57.20.20.1/32 Flag: 0x40 (No FRR/In-Int)
3 Flag: 0x01 (Global label)
3.3.3.9/32 Flag: 0x20 (No FRR/Node-ID)
Fast Reroute protection: Ready
FRR inner label: 3 Bypass tunnel: Tunnel253
Tunnel name: Sysname_t253
Destination: 3.3.3.9 Source: 2.2.2.9
Tunnel ID: 253 LSP ID: 17767
LSR type: Ingress Direction: Bidirectional, Downstream
Setup priority: 7 Holding priority: 7
In-Label: - Out-Label: 1025
In-Interface: - Out-Interface: Vlan15
Nexthop: 10.11.112.135 Exclude-any: 0
Include-Any: 0 Include-all: 0
Mean rate (CIR): 125.00 kbps Mean burst size (CBS): 0.00 bytes
Path MTU: 0 Class type: CT0
RRO number: 8
10.11.112.140/32 Flag: 0x00 (No FRR)
10.11.112.135/32 Flag: 0x40 (No FRR/In-Int)
1025 Flag: 0x01 (Global label)
5.5.5.9/32 Flag: 0x20 (No FRR/Node-ID)
57.40.40.3/32 Flag: 0x00 (No FRR)
57.40.40.1/32 Flag: 0x40 (No FRR/In-Int)
3 Flag: 0x01 (Global label)
3.3.3.9/32 Flag: 0x20 ((No FRR/Node-ID)
Fast Reroute protection: None
Table 47 Command output
Field |
Description |
Tunnel name |
The value for a tunnel name is Sysname_ttunnel-ID, where Sysname represents the device name, and tunnel-ID represents the ID of the tunnel. You can configure the device name by executing the sysname command in system view. |
Destination |
Tunnel destination address. |
Source |
Tunnel source address. |
Direction |
Tunnel direction: · Unidirectional—Unidirectional tunnel. · Bidirectional, Downstream—Forward CRLSP of a bidirectional tunnel. · Bidirectional, Upstream—Backward CRLSP of a bidirectional tunnel. |
Exclude-any |
Affinity representing a set of attribute filters. Matching any filter renders a link unacceptable. |
Include-any |
Affinity representing a set of attribute filters. Matching any filter renders a link acceptable. |
Include-all |
Affinity representing a set of attribute filters. All filters must be present for a link to be acceptable. |
Class type |
CT of the LSP. |
RRO number |
Number of Record Route Objects (RROs). If the number is not 0, the subsequent output displays the IP addresses or labels recorded in the RROs. The RRO information is displayed only when route recording is configured on the tunnel interface. |
Flag |
Flag value and its meaning in an RRO: · No FRR—FRR is not configured. · FRR Avail—FRR is available. · In use—FRR has occurred. · BW—Bandwidth protection. · Node-Prot—Node protection. · Node-ID—The IP address in the RRO is the LSR ID of the node. · In-Int—The IP address in the RRO is address of the incoming interface. · Global label—Per-platform label space. |
Fast Reroute protection |
Whether the tunnel has been bound to an FRR bypass tunnel: · None—Not bound to a bypass tunnel. · Ready—Bound to a bypass tunnel. No FRR has occurred. · Active—Bound to a bypass tunnel. An FRR has occurred. |
FRR inner label |
Incoming label of the FRR bypass tunnel. This field is displayed only when a bypass tunnel is bound. |
Bypass tunnel |
Name of the bypass tunnel. This field is displayed only when a bypass tunnel is bound. |
Related commands
· display rsvp request
· display rsvp reservation
· display rsvp sender
display rsvp peer
Use display rsvp peer to display RSVP neighbor information.
Syntax
display rsvp peer [ interface interface-type interface-number ] [ ip ip-address ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
interface interface-type interface-number: Displays information about RSVP neighbors connected to the interface specified by its type and number.
ip ip-address: Displays information about the RSVP neighbor specified by its IP address.
verbose: Displays detailed information about RSVP neighbors. If you do not specify this keyword, the command displays brief information about RSVP neighbors.
Examples
# Display brief information about all RSVP neighbors.
<Sysname> display rsvp peer
Peer Interface State Type Reduction
57.10.10.1 Vlan10 Idle Active Enabled
57.20.20.1 Vlan11 Init Passive Disabled
Table 48 Command output
Field |
Description |
Peer |
Address of the RSVP neighbor. |
Interface |
Interface connecting the RSVP neighbor. |
State |
Local hello state: · Idle—Hello extension is disabled. · Init—Hello extension is enabled. The local device failed to exchange hellos with the neighbor or hello exchanges are in progress. · Up—Hello extension is enabled. The local device successfully exchanged hellos with the neighbor. |
Type |
Role of the local device in the neighbor relationship: · Active—The local device actively sends hello requests to the neighbor. · Passive—The local end passively receives hello requests from the neighbor and replies with hello ACK messages. |
Reduction |
State of the Srefresh function on the neighbor: enabled or disabled. |
# Display detailed information about all RSVP neighbors.
<Sysname> display rsvp peer verbose
Peer: 57.10.10.1 Interface: Vlan10
Hello state: Idle Hello type: Active
PSB count: 1 RSB count: 0
Src instance: 0x32e Dst instance: 0x0
Refresh reduction: Enabled Graceful Restart state: Invalid
Peer GR restart time: 0 ms Peer GR recovery time: 0 ms
Peer: 57.20.20.1 Interface: Vlan11
Hello state: Init Hello type: Active
PSB count: 0 RSB count: 1
Src instance: 0x32e Dst instance: 0x0
Refresh reduction: Disabled Graceful Restart state: Ready
Peer GR restart time: 0 ms Peer GR recovery time: 0 ms
Table 49 Command output
Field |
Description |
Peer |
Address of the RSVP neighbor. |
Interface |
Interface connecting the RSVP neighbor. |
Hello state |
Local hello state: · Idle—Hello extension is disabled locally. · Init—Hello extension is enabled locally. The local device failed to exchange hellos with the neighbor or hello exchanges are in progress. · Up—Hello extension is enabled locally. The local device successfully exchanged hellos with the neighbor. |
Hello type |
Role of the local device in the neighbor relationship: · Active—The local device actively sends hello requests to the neighbor. · Passive—The local end passively receives hello requests from the neighbor and replies with hello ACK messages. |
PSB count |
Number of PSBs for the neighbor. |
RSB count |
Number of RSBs for the neighbor. |
Src instance |
Local device instance carried in the hello sent to the neighbor. |
Dst instance |
Neighbor device instance carried in the last hello received from the neighbor. |
Refresh reduction |
State of the Srefresh function on the neighbor: enabled or disabled. |
Graceful Restart state |
GR state of the neighbor: · Invalid—Neighbor is not GR capable, or GR is disabled locally. · Ready—Neighbor is GR capable. · Restarting—Neighbor is restarting. · Recovering—Neighbor is recovering. |
Peer GR restart time |
GR restart period of the neighbor, in milliseconds. |
Peer GR recovery time |
GR recovery period of the neighbor, in milliseconds. |
display rsvp request
Use display rsvp request to display information about RSVP resource reservation requests sent to upstream devices.
Syntax
display rsvp request [ destination ip-address ] [ source ip-address ] [ tunnel-id tunnel-id ] [ prev-hop ip-address ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
destination ip-address: Displays information about the RSVP resource reservation requests with the specified tunnel destination address.
source ip-address: Displays information about the RSVP resource reservation requests with the specified tunnel source address. The tunnel source address is the extended tunnel ID in the Session object of an RSVP message.
tunnel-id tunnel-id: Displays information about the RSVP resource reservation requests with the specified tunnel ID. The value range for a tunnel ID is 0 to 65535.
prev-hop ip-address: Displays information about the RSVP resource reservation requests sent to the specified upstream device. The ip-address argument is the address of the destination device of the RSVP resource reservation requests, which is the address of the previous hop on the tunnel.
verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information.
Examples
# Display brief information about the RSVP resource reservation requests sent to all upstream devices.
<Sysname> display rsvp request
Destination Source Tunnel-ID Previous-hop Style
3.3.3.9 1.1.1.9 1 57.10.10.1 SE
Table 50 Command output
Field |
Description |
Destination |
Tunnel destination address. |
Source |
Tunnel source address. |
Style |
Resource reservation style: · SE—Shared-explicit style. · FF—Fixed-filter style. |
# Display detailed information about the RSVP resource reservation requests sent to all upstream devices.
<Sysname> display rsvp request verbose
Destination: 3.3.3.9 Source: 1.1.1.9
Tunnel ID: 1 Style: SE
Previous hop: 57.10.10.1 Previous hop LIH: 0xf0008
Sent message epoch: 0 Sent message ID: 0
Out-Interface: Vlan10 Refresh interval: 30000 ms
Unknown object number: 0
Flow descriptor 1:
Flow specification:
Mean rate (CIR): 50.00 kbps Mean burst size (CBS): 1000.00 bytes
Path MTU: 1500 QoS service: Controlled-Load
Filter specification 1:
Sender address: 1.1.1.9 LSP ID: 23
Label: 1110
Table 51 Command output
Field |
Description |
Destination |
Tunnel destination address. |
Source |
Tunnel source address. |
Style |
Resource reservation style: · SE—Shared-explicit style. · FF—Fixed-filter style. |
Previous hop LIH |
Logical interface handle of the previous hop. |
Sent message epoch |
Value of the Epoch field in the Message ID object of the sent message. |
Sent message ID |
Message ID in the sent message. |
Out-Interface |
Outgoing interface of the message. |
Refresh interval |
Refresh interval for Path and Resv messages, in milliseconds. |
Unknown object number |
Number of unknown objects. |
QoS service |
QoS service type: Controlled-Load or Guaranteed. |
Sender address |
Sender address identifies the tunnel source end. |
Label |
Incoming label of the forward LSP. |
Related commands
· display rsvp lsp
· display rsvp reservation
· display rsvp sender
display rsvp reservation
Use display rsvp reservation to display information about RSVP resource reservation states.
Syntax
display rsvp reservation [ destination ip-address ] [ source ip-address ] [ tunnel-id tunnel-id ] [ nexthop ip-address ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
destination ip-address: Displays information about the RSVP resource reservation states with the specified tunnel destination address.
source ip-address: Displays information about the RSVP resource reservation states with the specified tunnel source address. The tunnel source address is the extended tunnel ID in the Session object of an RSVP message.
tunnel-id tunnel-id: Displays information about the RSVP resource reservation states with the specified tunnel ID. The value range for a tunnel ID is 0 to 65535.
nexthop ip-address: Displays information about the RSVP resource reservation states received from the specified downstream device. The ip-address argument is the address of the device that sent the RSVP resource reservation states, which is the address of the next hop on the tunnel.
verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information.
Examples
# Display brief information about all RSVP resource reservation states.
<Sysname> display rsvp reservation
Destination Source Tunnel-ID Nexthop Style
3.3.3.9 1.1.1.9 1 57.20.20.1 SE
Table 52 Command output
Field |
Description |
Destination |
Tunnel destination address. |
Source |
Tunnel source address. |
Style |
Resource reservation style: · SE—Shared-explicit style. · FF—Fixed-filter style. |
# Display detailed information about all RSVP resource reservation states.
<Sysname> display rsvp reservation verbose
Destination: 3.3.3.9 Source: 1.1.1.9
Tunnel ID: 1 Style: SE
Nexthop: 57.20.20.1 Nexthop LIH: 0x35
Received message epoch: 0 Received message ID: 0
In-Interface: Vlan10 Unknown object number: 0
Flow descriptor 1:
Flow specification:
Mean rate (CIR): 50.00 kbps Mean burst size (CBS): 1000.00 bytes
Path MTU: 1500 QoS service: Controlled-Load
Filter specification 1:
Sender address: 1.1.1.9 LSP ID: 23
Label: 3
RRO number: 3
57.20.20.1/32 Flag: 0x40 (No FRR/In-Int)
3 Flag: 0x01 (Global label)
3.3.3.9/32 Flag: 0x20 (No FRR/Node-ID)
Table 53 Command output
Field |
Description |
Destination |
Tunnel destination address. |
Source |
Tunnel source address. |
Style |
Resource reservation style: · SE—Shared-explicit style. · FF—Fixed-filter style. |
Nexthop LIH |
Logical interface handle of the local outgoing interface for the next hop. |
Received message epoch |
Value of the Epoch field in the Message ID object of the received message. |
Received message ID |
Message ID in the received message. |
In-Interface |
Incoming interface of the message. |
Unknown object number |
Number of unknown objects. |
QoS service |
QoS service type: Controlled-Load or Guaranteed. |
Sender address |
Sender address identifies the tunnel source end. |
Label |
Outgoing label of the forward LSP. |
RRO number |
Number of RROs. If the number is not 0, the subsequent output displays the IP addresses or labels recorded in the RROs. The RRO information is displayed only when route recording is configured on the tunnel interface. |
Flag |
Flag value and its meaning in an RRO: · No FRR—FRR is not configured. · FRR Avail—FRR is available. · In use—FRR has occurred. · BW—Bandwidth protection. · Node-Prot—Node protection. · Node-ID—The IP address in the RRO is the LSR ID of the node. · In-Int—The IP address in the RRO is that of the incoming interface. · Global label—Per-platform label space. |
Related commands
· display rsvp lsp
· display rsvp request
· display rsvp sender
display rsvp sender
Use display rsvp sender to display information about RSVP path states.
Syntax
display rsvp sender [ destination ip-address ] [ source ip-address ] [ tunnel-id tunnel-id ] [ lsp-id lsp-id ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
destination ip-address: Displays information about the RSVP path states with the specified tunnel destination address.
source ip-address: Displays information about the RSVP path states with the specified tunnel source address. The tunnel source address is the extended tunnel ID in the Session object of an RSVP message.
tunnel-id tunnel-id: Displays information about the RSVP path states with the specified tunnel ID. The value range for a tunnel ID is 0 to 65535.
lsp-id lsp-id: Displays information about the RSVP path states with the specified LSP ID. The lsp-id argument specifies the ID of a CRLSP, in the range of 0 to 65535.
verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information.
Examples
# Display brief information about all RSVP path states.
<Sysname> display rsvp sender
Destination Source Tunnel-ID LSP-ID Style Bitrate
3.3.3.9 1.1.1.9 1 5 SE 0.00
3.3.3.9 2.2.2.9 253 17767 SE 125.00
Table 54 Command output
Field |
Description |
Destination |
Tunnel destination address. |
Source |
Tunnel source address. |
Style |
Resource reservation style: · SE—Shared-explicit style. · FF—Fixed-filter style. |
Bitrate |
Tunnel bandwidth in kbps. |
# Display detailed information about all RSVP path states.
<Sysname> display rsvp sender verbose
Destination: 3.3.3.9 Source: 1.1.1.9
Tunnel ID: 1 Style: SE
Sender address: 1.1.1.9 LSP ID: 5
Setup priority: 7 Holding priority: 7
FRR desired: Yes BW protection desired: Yes
Received upstream label: 1051 Sent upstream label: 1051
Previous hop: 57.10.10.1 Previous hop LIH: 0xf0008
Mean rate (CIR): 0.00 kbps Mean burst size (CBS): 1000.00 bytes
MTU: 1500 Qos service: Controlled-Load
Received message epoch: 0 Received message ID: 0
Sent message epoch: 0 Sent message ID: 0
In-Interface: Vlan10 Local LIH: 0x35
Local address: 57.20.20.2 Refresh interval: 30000 ms
Out-Interface: Vlan11 Nexthop: 57.20.20.1
Unknown object number: 0
Received ERO number: 2
57.10.10.2/32 Strict
57.20.20.1/32 Loose
Sent ERO number: 1
57.20.20.1/32 Loose
XRO number: 2
67.10.10.1/32
67.20.20.1/32
RRO number: 1
57.10.10.1/32 Flag: 0x00 (No FRR)
Fast Reroute PLR: Active
FRR inner label: 3 Bypass tunnel: Tunnel253
Sender Template:
Sender address: 10.11.112.140 LSP ID: 5
FRR ERO number: 1
3.3.3.9/32 Strict
Fast Reroute MP: None
Destination: 3.3.3.9 Source: 2.2.2.9
Tunnel ID: 253 Style: SE
Sender address: 2.2.2.9 LSP ID: 17767
Setup priority: 7 Holding priority: 7
FRR desired: Yes BW protection desired: Yes
Received upstream label: 1115 Sent upstream label: 1115
Previous hop: 57.10.10.1 Previous hop LIH: 0xf0008
Mean rate (CIR): 125.00 kbps Mean burst size (CBS): 0.00 bytes
MTU: 1500 Qos service: Controlled-Load
Received message epoch: 0 Received message ID: 0
Sent message epoch: 0 Sent message ID: 0
In-Interface: Vlan15 Local LIH: 0x67
Local address: 10.11.112.140 Refresh interval: 30000 ms
Out-Interface: Vlan18 Nexthop: 10.11.112.135
Unknown object number: 0
Received ERO number: 5
2.2.2.9/32 Strict
10.11.112.140/32 Strict
10.11.112.135/32 Strict
57.40.40.3/32 Strict
57.40.40.1/32 Strict
Sent ERO number: 3
10.11.112.135/32 Strict
57.40.40.3/32 Strict
57.40.40.1/32 Strict
XRO number: 1
67.40.40.1/32
RRO number: 0
Fast Reroute PLR: None
Fast Reroute MP: Active
In-Interface: Vlan20
Sender Template:
Sender address: 10.11.112.140 LSP ID: 5
Table 55 Command output
Field |
Description |
Destination |
Tunnel destination address. |
Source |
LSR ID of the device at the tunnel source end. |
Style |
Resource reservation style: · SE—Shared-explicit style. · FF—Fixed-filter style. |
Sender address |
Sender address identifies the tunnel source end. |
FRR desired |
State of FRR: Yes or No. |
BW protection desired |
State of bandwidth protection, Yes or No. |
Received upstream label |
Backward LSP label received from the upstream device. |
Sent upstream label |
Backward LSP label sent to the downstream device. |
Previous hop LIH |
Logical interface handle of the previous hop. |
QoS service |
QoS service type: Controlled-Load or Guaranteed. |
Received message Epoch |
Value of the Epoch field in the Message ID object of the received message. |
Received message ID |
Message ID in the received message. |
Sent message epoch |
Value of the Epoch field in the Message ID object of the sent message. |
Sent message ID |
Message ID in the sent message. |
In-Interface |
Incoming interface of the message. |
Local LIH |
Local logical interface handle. |
Local address |
IP address of the outgoing interface of the Path message. |
Refresh interval |
Refresh interval for Path and Resv messages, in milliseconds. |
Out-Interface |
Outgoing interface of the message. |
Unknown object number |
Number of unknown objects. |
Received ERO number |
Number of received Explicit Route Objects (EROs) and the ERO information. ERO information includes the addresses of the nodes on the explicit path, and whether the current node is a loose or strict next hop. |
Sent ERO number |
Number of sent EROs and the ERO information. ERO information includes the addresses of the nodes on the explicit path, and whether the current node is a loose or strict next hop. |
XRO number |
Number of Exclude Route Objects (XROs). If the number is not 0, the subsequent output displays the IP addresses in the XROs. The IP addresses are the addresses of interfaces or the LSR IDs of the nodes that are to be excluded from routes. The addresses in the XROs are non-sequenced. |
RRO number |
Number of RROs. If the number is not 0, the subsequent output displays the IP addresses or labels recorded in the RROs. The RRO information is displayed only when route recording is configured on the tunnel interface. |
Flag |
Flag value and its meaning in an RRO: · No FRR—FRR is not configured. · FRR Avail—FRR is available. · In use—FRR has occurred. · BW—Bandwidth protection. · Node-Prot—Node protection. · Node-ID—The IP address in the RRO is the LSR ID of the node. · In-Int—The IP address in the RRO is that of the incoming interface. · Global label—Per-platform label space. |
Fast Reroute PLR |
Point of Local Repair (PLR) information: · None—Not bound to an FRR bypass tunnel. · Ready—Bound to an FRR bypass tunnel. No FRR has occurred. · Active—Bound to an FRR bypass tunnel. An FRR has occurred. |
FRR inner label |
Incoming label of the FRR bypass tunnel. Only the PLR node displays this field. |
Bypass tunnel |
Name of the bypass tunnel. Only the PLR node displays this field. |
Sender address |
Address of the path message sender after an FRR. The value of this field is the address of the outgoing interface of the bypass tunnel on the PLR node. |
LSP ID |
LSP ID carried in the path message after an FRR. |
Fast Reroute MP |
Merge Point (MP) information: · Active—The node is an MP and an FRR has occurred. · None—The node is not an MP, or the node is an MP but no FRR has occurred. |
In-Interface |
Incoming interface of the message. |
Related commands
· display rsvp lsp
· display rsvp request
· display rsvp reservation
display rsvp statistics
Use display rsvp statistics to display RSVP statistics.
Syntax
display rsvp statistics [ interface [ interface-type interface-number ] ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
interface: Displays RSVP statistics on interfaces.
interface-type interface-number: Displays RSVP statistics on the interface specified by its type and number.
Usage guidelines
If you do not specify the interface keyword, this command displays global RSVP statistics.
If you specify the interface keyword without the interface-type interface-number argument, this command displays RSVP statistics on all RSVP-enabled interfaces.
If you specify the interface interface-type interface-number option, this command displays RSVP statistics on the specified interface.
Examples
# Display global RSVP statistics.
<Sysname> display rsvp statistics
Object Added Deleted
PSB 3 1
RSB 3 1
LSP 3 1
Packet Received Sent
Path 5 5
Resv 5 5
PathError 0 0
ResvError 0 0
PathTear 0 0
ResvTear 0 0
ResvConf 0 0
Bundle 0 0
Ack 0 0
Srefresh 0 0
Hello 0 0
Challenge 0 0
Response 0 0
Error 0 0
# Display RSVP statistics on interfaces.
<Sysname> display rsvp statistics interface
Vlan10:
Packet Received Sent
Path 2 2
Resv 2 2
PathError 0 0
ResvError 0 0
PathTear 0 0
ResvTear 0 0
ResvConf 0 0
Bundle 0 0
Ack 0 0
Srefresh 0 0
Hello 0 0
Challenge 0 0
Response 0 0
Error 0 0
Vlan11:
Packet Received Sent
Path 3 3
Resv 3 3
PathError 0 0
ResvError 0 0
PathTear 0 0
ResvTear 0 0
ResvConf 0 0
Bundle 0 0
Ack 0 0
Srefresh 0 0
Hello 0 0
Challenge 0 0
Response 0 0
Error 0 0
Table 56 Command output
Field |
Description |
PSB |
Number of added/deleted PSBs. |
RSB |
Number of added/deleted RSBs. |
LSP |
Number of added/deleted LSPs. |
Path |
Number of received/sent Path messages. |
Resv |
Number of received/sent Resv messages. |
PathError |
Number of received/sent Path Error messages. |
ResvError |
Number of received/sent Resv Error messages. |
PathTear |
Number of received/sent Path Tear messages. |
ResvTear |
Number of received/sent Resv Tear messages. |
ResvConf |
Number of received/sent Resv Conf messages. |
Bundle |
Number of received/sent Bundle messages. |
Ack |
Number of received/sent Ack messages. |
Srefresh |
Number of received/sent Srefresh messages. |
Hello |
Number of received/sent Hello messages. |
Challenge |
Number of received/sent Integrity Challenge messages. |
Response |
Number of received/sent Integrity Response messages. |
Error |
Number of received/sent error messages. |
Related commands
reset rsvp statistics
dscp
Use dscp to specify a DSCP value for outgoing RSVP packets.
Use undo dscp to restore the default.
Syntax
dscp dscp-value
undo dscp
Default
The DSCP value for outgoing RSVP packets is 48.
Views
RSVP view
Predefined user roles
network-admin
mdc-admin
Parameters
dscp-value: Specifies a DSCP value in the range of 0 to 63.
Usage guidelines
The DSCP value of an IP packet specifies the priority level of the packet and affects the transmission priority of the packet.
Examples
# Set the DSCP value for outgoing RSVP packets to 56.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp] dscp 56
Related commands
display rsvp
graceful-restart enable
Use graceful-restart enable to enable RSVP GR.
Use undo graceful-restart enable to disable RSVP GR.
Syntax
graceful-restart enable
undo graceful-restart enable
Default
RSVP GR is disabled.
Views
RSVP view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
RSVP supports only the GR helper function. The device is not able to perform GR, but it can help neighbor devices to perform GR.
Nonstop forwarding (NSF) is implemented between active and standby processes on the device.
The local device can act as a GR helper for the RSVP neighbor connected to an interface only after the RSVP GR function and the RSVP hello extension function are enabled on that interface by using the graceful-restart enable command and the rsvp hello enable command, respectively.
Examples
# Enable RSVP GR globally.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp] graceful-restart enable
Related commands
rsvp hello enable
hello interval
Use hello interval to configure the interval for sending hello requests.
Use undo hello interval to restore the default.
Syntax
hello interval interval
undo hello interval
Default
Hello request messages are sent at an interval of 5 seconds.
Views
RSVP view
Predefined user roles
network-admin
mdc-admin
Parameters
interval: Specifies the interval at which RSVP sends hello requests, in the range of 1 to 60, in seconds.
Usage guidelines
If no hello request is received from a neighbor within the hello interval, the device sends a hello request to the neighbor. If the device receives a hello request from a neighbor within the interval, it immediately replies the neighbor with a hello ACK message.
The hello interval command takes effect only on interfaces that have the RSVP hello extension function enabled (by using the rsvp hello enable command).
Examples
# Set the interval for sending hello request messages to 10 seconds.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp] hello interval 10
Related commands
· hello lost
· rsvp hello enable
hello lost
Use hello lost to configure the maximum number of consecutive lost or erroneous hellos.
Use undo hello lost to restore the default.
Syntax
hello lost times
undo hello lost
Default
The maximum number of consecutive lost or erroneous hellos is 4.
Views
RSVP view
Predefined user roles
network-admin
mdc-admin
Parameters
times: Specifies the maximum number of consecutive lost or erroneous hellos, in the range of 3 to 10.
Usage guidelines
When a device sends a hello to a neighbor but the device does not receive any reply within an interval, the hello is lost. The device considers that the neighbor fails when it does not receive hellos or receives erroneous hellos from the neighbor in three consecutive hello intervals.
If RSVP GR is enabled, the local device acts as a GR helper to help the neighbor to perform GR. If RSVP GR is disabled but FRR is enabled on the local device, it performs an FRR.
If the maximum number is too big, neighbor failures cannot be promptly detected. If the maximum number is too small, an operating neighbor might be regarded failed.
This command takes effect only after the RSVP hello extension function has been enabled by using the rsvp hello enable command.
Examples
# Set the maximum number of consecutive lost or erroneous hellos to 6.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp] hello lost 6
Related commands
· hello interval
· rsvp hello enable
keep-multiplier
Use keep-multiplier to configure the PSB and RSB timeout multiplier.
Use undo keep-multiplier to restore the default.
Syntax
keep-multiplier number
undo keep-multiplier
Default
The PSB and RSB timeout multiplier is 3.
Views
RSVP view
Predefined user roles
network-admin
mdc-admin
Parameters
number: Specifies the PSB and RSB timeout multiplier in the range of 3 to 255.
Usage guidelines
The PSB and RSB timeout is computed in this formula: Timeout = (keep-multiplier+0.5) × 1.5 × refresh-time. Refresh-time is the interval at which the peer device advertises the Path and Resv messages to the local device.
To prevent too many PSBs and RSBs from occupying system resources, the device removes a PSB or RSB if no Path or Resv message is received within the timeout interval.
Examples
# Set the PSB and RSB timeout multiplier to 5.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp] keep-multiplier 5
Related commands
refresh interval
peer
Use peer to create an RSVP authentication neighbor and enter RSVP neighbor view.
Use undo peer to delete the specified RSVP authentication neighbor.
Syntax
peer ip-address
undo peer ip-address
Default
The device does not have any RSVP authentication neighbors.
Views
RSVP view
Predefined user roles
network-admin
mdc-admin
Parameters
ip-address: Specifies an RSVP authentication neighbor by its IP address.
Usage guidelines
After you enter RSVP neighbor view by using this command, you can configure RSVP authentication information for the specified RSVP neighbor, such as the authentication key and idle timeout of the security association.
After the device receives an RSVP message with an authentication object, it checks whether it has an RSVP authentication neighbor that matches the IP address in PHOP of the message (Path or Path Tear message) or matches the source IP address in the message (message other than Path and Path Tear). If a matching neighbor exists and an authentication key has been configured for the neighbor, the device verifies the validity of the message according to the key. Otherwise, the device uses the authentication key configured in interface view or RSVP view to verify the message validity. If no authentication key is configured in any view, the device ignores the authentication object carried in the message and accepts the message.
When sending an RSVP message, the device checks whether it has a matching authentication neighbor according to the next hop address of the destination address in the RSVP message. If a matching neighbor exists and an authentication key has been configured for the neighbor, the device sets the authentication object of the message according to the key. Otherwise, the device uses the authentication key configured in interface view or RSVP view to set the authentication object. If no authentication key is configured in any view, the device does not add an authentication object in the message.
If an FRR occurs, the downstream authentication neighbor of the PLR node is the destination IP address of the bypass tunnel. The upstream authentication neighbor of the MP node is the IP address of the physical outgoing interface of the bypass tunnel on the PLR.
Examples
# Create RSVP authentication neighbor 1.1.1.1, enter RSVP neighbor view, and configure a plaintext authentication key abcdfegh for the neighbor.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp] peer 1.1.1.1
[Sysname-rsvp-peer-1.1.1.1] authentication key plain abcdfegh
Related commands
· authentication challenge
· authentication key
· authentication lifetime
· authentication window-size
refresh interval
Use refresh interval to configure the refresh interval for Path and Resv messages.
Use undo refresh interval to restore the default.
Syntax
refresh interval interval
undo refresh interval
Default
The refresh interval for Path and Resv messages is 30 seconds.
Views
RSVP view
Predefined user roles
network-admin
mdc-admin
Parameters
interval: Specifies the interval at which RSVP refreshes Path and Resv messages, in the range of 10 to 65535 seconds.
Usage guidelines
This command does the following:
· Determines the interval for sending Path and Resv messages.
· Adds the locally configured refresh interval in the sent Path and Resv messages, so the peer device can use this value to calculate the PSB and RSB timeout.
Examples
# Configure the refresh interval for Path and Resv messages as 60 seconds.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp] refresh interval 60
Related commands
keep-multiplier
reset rsvp authentication
Use reset rsvp authentication to clear RSVP security associations.
Syntax
reset rsvp authentication [ from ip-address to ip-address ]
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
from ip-address: Clears the RSVP security associations with the specified authentication source IP address.
to ip-address: Clears the RSVP security associations with the specified authentication destination IP address.
Usage guidelines
If you do not specify the from ip-address to ip-address options, this command clears the security associations established with all RSVP neighbors.
Examples
# Clear all RSVP security associations.
<Sysname> reset rsvp authentication
# Clear the RSVP security association sourced from 1.1.1.1 to 2.2.2.2.
<Sysname> reset rsvp authentication from 1.1.1.1 to 2.2.2.2
Related commands
display rsvp authentication
reset rsvp statistics
Use reset rsvp statistics to clear RSVP statistics.
Syntax
reset rsvp statistics [ interface [ interface-type interface-number ] ]
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
interface: Clears RSVP statistics on interfaces.
interface-type interface-number: Clears RSVP statistics on the interface specified by its type and number.
Usage guidelines
If you do not specify the interface keyword, this command clears global RSVP statistics.
If you specify the interface keyword without the interface-type interface-number argument, this command clears RSVP statistics on all RSVP-enabled interfaces.
If you specify the interface interface-type interface-number option, this command clears RSVP statistics on the specified interface.
Examples
# Clear global RSVP statistics.
<Sysname> reset rsvp statistics
# Clear RSVP statistics on all RSVP-enabled interfaces.
<Sysname> reset rsvp statistics interface
Related commands
display rsvp statistics
rsvp
Use rsvp to enable RSVP globally and enter RSVP view.
Use undo rsvp to disable RSVP globally.
Syntax
rsvp
undo rsvp
Default
RSVP is disabled globally.
Views
System view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
To enable global RSVP, you must enable both global RSVP (by using the rsvp command) and global MPLS TE (by using the mpls te command).
Examples
# Enable RSVP globally and enter RSVP view.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp]
Related commands
· mpls te
· rsvp enable
rsvp authentication challenge
Use rsvp authentication challenge to enable RSVP challenge-response handshake on an interface.
Use undo rsvp authentication challenge to disable RSVP challenge-response handshake on an interface.
Syntax
rsvp authentication challenge
undo rsvp authentication challenge
Default
RSVP challenge-response handshake is disabled on an interface.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
To prevent packet replay attacks, RSVP requires received authentication messages to carry incremental sequence numbers. RSVP saves the sequence number of the last valid message in a receive-type security association to verify the subsequent messages. However, when RSVP creates a new receive-type security association, it cannot obtain the sequence number of the sender. To successfully establish the receive-type security association, RSVP sets the receive sequence number to 0 by default, so the association can receive a message with any sequence number from the peer. Because this introduces a vulnerability to replay attacks, you should execute the authentication challenge command. When RSVP creates a receive-type security association, it will perform a challenge-response handshake to obtain the sequence number of the sender.
RSVP challenge-response handshake can be configured in the following views:
· RSVP view—Configuration applies to all RSVP security associations.
· RSVP neighbor view—Configuration applies only to RSVP security associations with the specified RSVP neighbor.
· Interface view—Configuration applies only to RSVP security associations established on the current interface.
Examples
# Enable RSVP challenge-response handshake on VLAN-interface 10.
<Sysname> system-view
[Sysname] interface vlan-interface 10
[Sysname-Vlan-interface10] rsvp authentication challenge
Related commands
· authentication challenge
· authentication key
· authentication lifetime
· authentication window-size
· display rsvp authentication
· reset rsvp authentication
· rsvp authentication key
· rsvp authentication lifetime
· rsvp authentication window-size
rsvp authentication key
Use rsvp authentication key to enable RSVP authentication on an interface, and configure the authentication key.
Use undo rsvp authentication key to disable RSVP authentication on an interface.
Syntax
rsvp authentication key { cipher | plain } auth-key
undo rsvp authentication key
Default
RSVP authentication is disabled.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
cipher: Sets a ciphertext authentication key.
plain: Sets a plaintext authentication key.
auth-key: Specifies the authentication key. This argument is case sensitive. If the cipher keyword is specified, it must be a ciphertext string of 1 to 53 characters. If the plain keyword is specified, it must be a plaintext string of 1 to 16 characters.
Usage guidelines
RSVP authentication ensures integrity of RSVP messages, preventing fake resource reservation requests from occupying network resources.
RSVP uses MD5 to calculate a digest for the authentication key and the message body, adds the digest to the message, and sends the message. When the peer receives the message, it performs the same calculation and compares the calculated digest with the digest in the message. If the two digests are the same, the message passes the RSVP authentication and is accepted. Otherwise, the peer device discards the message.
RSVP authentication can be configured in the following views:
· RSVP view—Configuration applies to all RSVP security associations.
· RSVP neighbor view—Configuration applies only to RSVP security associations with the specified RSVP neighbor.
· Interface view—Configuration applies only to RSVP security associations established on the current interface.
Configurations in RSVP neighbor view, interface view, and RSVP view are in descending order of priority. If RSVP authentication for a neighbor is enabled in both RSVP neighbor view and RSVP view, the authentication key configured in RSVP neighbor view is used.
To re-establish a security association, you must delete the authentication key used by the current security association or delete the current security association (using the reset rsvp authentication command). Then the device can re-establish a security association by looking up a new authentication key in order of priorities.
When using this command, follow these guidelines:
· After RSVP authentication is enabled on the local device, you must also enable RSVP authentication and configure the same authentication key on the RSVP neighbor.
· For security purposes, all keys, including keys configured in plain text, are saved in cipher text.
Examples
# Enable RSVP authentication and configure the authentication key as abcdefgh on VLAN-interface 10.
<Sysname> system-view
[Sysname] interface vlan-interface 10
[Sysname-Vlan-interface10] rsvp authentication key plain abcdefgh
Related commands
· authentication challenge
· authentication key
· authentication lifetime
· authentication window-size
· display rsvp authentication
· reset rsvp authentication
· rsvp authentication challenge
· rsvp authentication lifetime
· rsvp authentication window-size
rsvp authentication lifetime
Use rsvp authentication lifetime to configure the idle timeout for RSVP security associations on an interface.
Use undo rsvp authentication lifetime to restore the default.
Syntax
rsvp authentication lifetime life-time
undo rsvp authentication lifetime
Default
The idle timeout for RSVP security associations is 1800 seconds on an interface.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
life-time: Specifies the RSVP security association idle timeout in the range of 30 to 86400 seconds.
Usage guidelines
When RSVP authentication is enabled, the device dynamically establishes security associations when receiving and sending RSVP messages to record the message sequence numbers, which are used in RSVP authentication.
To release memory resources, each security association has an idle timeout. When a security association is idle for the specified timeout time, the device deletes the security association. When the device sends or receives an authenticated RSVP message, it resets the idle timeout timer for the corresponding security association.
The RSVP authentication idle timeout can be configured in the following views:
· RSVP view—Configuration applies to all RSVP security associations.
· RSVP neighbor view—Configuration applies only to RSVP security associations with the specified RSVP neighbor.
· Interface view—Configuration applies only to RSVP security associations established on the current interface.
An RSVP security association established by using the authentication key configured in a view uses the idle timeout configured in the same view.
A modification to the idle timeout affects only security associations established after the modification. To apply the modification to existing security associations, you must execute the reset rsvp authentication command to delete and then re-establish the security associations.
Examples
# Configure the idle timeout for RSVP security associations on VLAN-interface 10 as 100 seconds.
<Sysname> system-view
[Sysname] interface vlan-interface 10
[Sysname-Vlan-interface10] rsvp authentication lifetime 100
Related commands
· authentication challenge
· authentication key
· authentication lifetime
· authentication window-size
· display rsvp authentication
· reset rsvp authentication
· rsvp authentication challenge
· rsvp authentication key
· rsvp authentication window-size
rsvp authentication window-size
Use rsvp authentication window-size to configure the RSVP authentication window size, which is the maximum number of authenticated RSVP messages that can be received out of sequence on an interface.
Use undo rsvp authentication window-size to restore the default.
Syntax
rsvp authentication window-size number
undo rsvp authentication window-size
Default
Only one authenticated RSVP message can be received out of sequence on an interface.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
number: Specifies the maximum number of authenticated RSVP messages that can be received out of sequence, in the range of 1 to 64.
Usage guidelines
To protect against replay attacks, the sender places a unique sequence number in each RSVP message that contains authentication information. The sender increases the value of the sequence number by one each time it sends an RSVP message. If the sequence number of a received message is in the specified authentication window size, the receiver accepts the message. Otherwise, the receiver discards the message.
When the receiver receives an RSVP message, it compares the sequence number of the last accepted RSVP message with the sequence number of the newly received RSVP message.
· If the new sequence number is greater than the last sequence number, RSVP accepts the message and updates the last sequence number with the new sequence number.
· If the received sequence number equals the last sequence number, RSVP regards the message a replay message and discards the message.
· If the new sequence number is smaller than the last sequence number but greater than the new sequence number minus the window size, and has never been received before, RSVP accepts the message. If the new sequence number has been received before, RSVP regards the message a replay message and discards the message.
· If the new sequence number is smaller than the new sequence number minus the window size, RSVP regards the message invalid and discards the message.
By default, the authentication window size is 1. If the sequence number of a newly received RSVP message is smaller than that of the last accepted message, the device discards the message.
If the sender sends multiple RSVP messages in a short time, these messages might arrive at the neighbor out of sequence. If you use the default window size, the out-of-sequence messages will be discarded. To solve this problem, you can use the rsvp authentication window-size command to configure a correct window size.
A security association established by using the authentication key configured in a view uses the window size configured in that view.
A modification to the window size affects only security associations established after the modification. To apply the new setting to existing security associations, you must execute the reset rsvp authentication command to delete and then re-establish the security associations.
Examples
# Set the maximum number of out-of-sequence authenticated RSVP messages that can be received on VLAN-interface 10 to 10.
<Sysname> system-view
[Sysname] interface vlan-interface 10
[Sysname-Vlan-interface10] rsvp authentication window-size 10
Related commands
· authentication challenge
· authentication key
· authentication lifetime
· authentication window-size
· display rsvp authentication
· reset rsvp authentication
· rsvp authentication challenge
· rsvp authentication key
· rsvp authentication lifetime
rsvp bfd enable
Use rsvp bfd enable to enable BFD for RSVP on an interface.
Use undo rsvp bfd enable to restore the default.
Syntax
rsvp bfd enable
undo rsvp bfd enable
Default
RSVP-TE does not use BFD to detect the link status to an RSVP neighbor.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
By sending hellos, RSVP cannot promptly detect neighbor status. By executing this command on an interface, a BFD session is established to detect the link status to the RSVP neighbor on the interface. When the neighbor fails, BFD can quickly detect the failure and notify RSVP of the failure so RSVP can respond as configured, for example, performs an FRR.
Examples
# Enable BFD to detect the link status to the RSVP neighbor on VLAN-interface 10.
<Sysname> system-view
[Sysname] interface vlan-interface 10
[Sysname-Vlan-interface10] rsvp bfd enable
rsvp enable
Use rsvp enable to enable RSVP for an interface.
Use undo rsvp enable to disable RSVP for an interface.
Syntax
rsvp enable
undo rsvp enable
Default
RSVP is disabled on an interface.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
Before you enable RSVP for an interface, you must first enable RSVP globally by using the rsvp command in system view.
Examples
# Enable RSVP for VLAN-interface 10.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp] quit
[Sysname] interface vlan-interface 10
[Sysname-Vlan-interface10] rsvp enable
Related commands
rsvp
rsvp hello enable
Use rsvp hello enable to enable RSVP hello extension.
Use undo rsvp hello enable to disable RSVP hello extension.
Syntax
rsvp hello enable
undo rsvp hello enable
Default
RSVP hello extension is disabled.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
With RSVP hello extension enabled, an interface sends and receives hello messages to detect the neighbor status.
Examples
# Enable RSVP hello extension on VLAN-interface 10.
<Sysname> system-view
[Sysname] interface vlan-interface 10
[Sysname-Vlan-interface10] rsvp hello enable
Related commands
· hello lost
· hello interval
rsvp reduction retransmit increment
Use rsvp reduction retransmit increment to configure the RSVP message retransmission increment value.
Use undo rsvp reduction retransmit increment to restore the default.
Syntax
rsvp reduction retransmit increment increment-value
undo rsvp reduction retransmit increment
Default
The RSVP message retransmission increment is 1.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
increment-value: Specifies the RSVP message retransmission increment in the range of 1 to 10.
Usage guidelines
After the reliable RSVP message delivery function is enabled by using the rsvp reduction srefresh reliability command, the retransmission increment and retransmission interval together determine the time for the next transmission of the RSVP message. For more information, see the usage guidelines in the rsvp reduction srefresh command.
Examples
# On VLAN-interface 10, set the RSVP message retransmission increment value to 2.
<Sysname> system-view
[Sysname] interface vlan-interface 10
[Sysname-Vlan-interface10] rsvp reduction retransmit increment 2
Related commands
· rsvp reduction retransmit interval
· rsvp reduction srefresh
rsvp reduction retransmit interval
Use rsvp reduction retransmit interval to configure the RSVP message retransmission interval.
Use undo rsvp reduction retransmit interval to restore the default.
Syntax
rsvp reduction retransmit interval retrans-timer-value
undo rsvp reduction retransmit interval
Default
The RSVP message retransmission interval is 500 milliseconds.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
retrans-timer-value: Specifies the RSVP message retransmission interval in the range of 500 to 3000 milliseconds.
Usage guidelines
After the reliable RSVP message delivery function is enabled by using the rsvp reduction srefresh reliability command, the retransmission increment and retransmission interval together determine the time for the next transmission of the RSVP message. For more information, see the usage guidelines in the rsvp reduction srefresh command.
Examples
# On VLAN-interface 10, configure the RSVP message retransmission interval as 1000 milliseconds.
<Sysname> system-view
[Sysname] interface vlan-interface 10
[Sysname-Vlan-interface10] rsvp reduction retransmit interval 1000
Related commands
· rsvp reduction retransmit increment
· rsvp reduction srefresh
rsvp reduction srefresh
Use rsvp reduction srefresh to enable summary refresh and reliable RSVP message delivery.
Use undo rsvp reduction srefresh to disable summary refresh and reliable RSVP message delivery.
Syntax
rsvp reduction srefresh [ reliability ]
Default
Summary refresh and reliable RSVP message delivery are disabled.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
reliability: Enables reliable RSVP message delivery. If you do not specify this keyword, the command enables only the summary refresh function.
Usage guidelines
RSVP sends Path and Resv messages with the same states and objects to maintain the path and reservation states at a specific interval (configured by the refresh interval command). These messages are collectively referred to as refresh messages. Refresh messages are used to synchronize the path and reservation states on RSVP neighbors and to recover from lost RSVP messages.
When multiple RSVP sessions exist on a network, the periodically sent refresh messages can cause network degradation. In this case, the refreshing interval of Path and Resv messages should not be too short. However, delay sensitive applications want to recover from lost RSVP messages through the refresh messages as soon as possible. In this case, the refreshing interval should not be too long. You can use the summary refresh (Srefresh) and the reliable RSVP message delivery functions to find the appropriate balance.
Srefresh is implemented by adding a Message_ID object to a Path or Resv message to uniquely identify the message. To refresh Path and Resv states, RSVP does not need to send standard Path and Resv messages. Instead, it can send a summary refresh message that carries a set of Message_ID objects that identify the Path and Resv states to be refreshed. The Srefresh function reduces the number of refresh messages on the network and speeds up the refresh message processing.
Reliable RSVP message delivery requires the peer device to acknowledge each RSVP message received from the local device. If no acknowledgment is received, the local device retransmits the message.
To implement reliable RSVP message delivery, a node sends an RSVP message that includes a Message_ID object in which the ACK_Desired flag is set. The receiver needs to confirm the delivery by sending back a message that includes the Message_ID_ACK object. If the sender does not receive a Message_ID_ACK within the retransmission interval (Rf), it retransmits the message when Rf expires and sets the next transmission interval to (1 + delta) × Rf. The sender repeats this process until it receives the Message_ID_ACK before the retransmission time expires or it has transmitted the message three times.
The initial value of Rf is configured by the rsvp reduction retransmit interval command. The delta value is configured by the rsvp reduction retransmit increment command.
After the summary refresh is enabled, RSVP maintains the path and reservation states by sending Srefresh messages rather than standard refresh messages. The Srefresh message sending interval is configured by the refresh interval command.
Examples
# On VLAN-interface 10, enable summary refresh and reliable RSVP message delivery.
<Sysname> system-view
[Sysname] interface vlan-interface 10
[Sysname-Vlan-interface10] rsvp reduction srefresh reliability
Related commands
· refresh interval
· rsvp reduction retransmit increment
· rsvp reduction retransmit interval
Tunnel policy commands
The tunnel policy feature is available in Release 1138P01 and later versions.
display mpls tunnel
Use display mpls tunnel to display tunnel information.
Syntax
display mpls tunnel { all | statistics | [ vpn-instance vpn-instance-name ] destination tunnel-ipv4-dest }
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
all: Displays all tunnels.
statistics: Displays tunnel statistics.
vpn-instance vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays tunnel information for the public network.
destination tunnel-ipv4-dest: Specifies the tunnel destination IPv4 address.
Examples
# Display information about all tunnels.
<Sysname> display mpls tunnel all
Destination Type Tunnel/NHLFE VPN Instance
2.2.2.2 LSP NHLFE1024
3.3.3.3 CRLSP Tunnel2
Table 57 Command output
Field |
Description |
Destination |
Tunnel destination address. |
Type |
Tunnel type: LSP or CRLSP (MPLS TE tunnel). |
Tunnel/NHLFE |
Tunnel or NHLFE entry. NHLFEnumber represents the ingress LSP that matches the NHLFE entry with NID of number. |
VPN Instance |
VPN instance name. If the tunnel belongs to the public network, this field is blank. |
# Display tunnel statistics.
<Sysname> display mpls tunnel statistics
LSP : 1
GRE : 0
CRLSP: 0
Table 58 Command output
Field |
Description |
LSP |
Number of LSP tunnels. |
GRE |
Number of GRE tunnels. This field is not supported in the current software release. |
CRLSP |
Number of CRLSP (MPLS TE) tunnels. |
preferred-path
Use preferred-path to specify a preferred tunnel in a tunnel policy.
Use undo preferred-path to restore the default.
Syntax
preferred-path tunnel number
undo preferred-path tunnel number
Default
No preferred tunnel is specified.
Views
Tunnel policy view
Predefined user roles
network-admin
mdc-admin
Parameters
number: Specifies a tunnel interface by its number in the range of 0 to 9214.
Usage guidelines
As a best practice, specify a preferred tunnel and make sure the destination address of the tunnel interface identifies the peer PE for an MPLS VPN. In this method, the local PE forwards traffic destined for the peer PE over the tunnel.
For a tunnel policy to solely use a tunnel, do not specify the tunnel as the preferred tunnel in other tunnel policies.
If you specify multiple preferred tunnels that have the same destination address in a tunnel policy, only the first configured tunnel takes effect. If the first tunnel is not available, the second tunnel is used, and so forth. No load balancing will be performed on these tunnels.
Examples
# Configure tunnel 1 and tunnel 2 as preferred tunnels for tunnel policy policy1.
<Sysname> system-view
[Sysname] tunnel-policy policy1
[Sysname-tunnel-policy-policy1] preferred-path tunnel 1
[Sysname-tunnel-policy-policy1] preferred-path tunnel 2
select-seq load-balance-number
Use select-seq load-balance-number to configure the tunnel selection order and the number of tunnels for load balancing.
Use undo select-seq load-balance-number to restore the default.
Syntax
select-seq { cr-lsp | lsp } * load-balance-number number
undo select-seq
Default
The device selects only one tunnel in LSP-CRLSP order.
Views
Tunnel policy view
Predefined user roles
network-admin
mdc-admin
Parameters
cr-lsp: Uses CRLSP tunnels.
lsp: Uses LSP tunnels.
load-balance-number number: Specifies the number of tunnels for load balancing. The value range for the number argument is 1 to n, where n equals the maximum number of ECMP routes set by the max-ecmp-num command. For more information about the max-ecmp-num command, see Layer 3—IP Routing Command Reference.
Usage guidelines
A tunnel type closer to the select-seq keyword has a higher priority, and only the tunnel types specified in this command can be used. For example, the select-seq lsp cr-lsp load-balance-number 3 command gives LSP higher priority over CRLSP. If no LSP is available or the number of LSPs is less than 3, VPN uses CRLSP tunnels.
Tunnels selected by this method are not fixed, making it hard to plan VPN traffic. As a best practice, do not use this method.
When you configure both the select-seq load-balance-number and preferred-path commands for a tunnel policy, the tunnel policy selects tunnels in the following steps:
1. If the destination address of the preferred tunnel identifies a peer PE, the tunnel policy uses the preferred tunnel to forward traffic destined for the peer PE without using any other tunnels.
2. If not, the tunnel policy selects tunnels as configured by the select-seq load-balance-number command.
Examples
# Configure tunnel policy policy1 to use only LDP LSP tunnels, and set the load balancing number to 2.
<Sysname> system-view
[Sysname] tunnel-policy policy1
[Sysname-tunnel-policy-policy1] select-seq lsp load-balance-number 2
tunnel-policy
Use tunnel-policy to create a tunnel policy and enter tunnel policy view.
Use undo tunnel-policy to delete an existing tunnel policy.
Syntax
tunnel-policy tunnel-policy-name
undo tunnel-policy tunnel-policy-name
Default
No tunnel policy is configured on the device.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
tunnel-policy-name: Specifies a name for the tunnel policy, a case-sensitive string of 1 to 19 characters.
Examples
# Create tunnel policy policy1 and enter its view.
<Sysname> system-view
[Sysname] tunnel-policy policy1
[Sysname-tunnel-policy-policy1]
MPLS L3VPN commands
The MPLS L3VPN feature is available in Release 1138P01 and later versions.
address-family ipv4 (VPN instance view)
Use address-family ipv4 to enter IPv4 VPN view.
Use undo address-family ipv4 to remove all configurations from IPv4 VPN view.
Syntax
address-family ipv4
undo address-family ipv4
Views
VPN instance view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
In IPv4 VPN view, you can configure IPv4 VPN parameters such as inbound and outbound routing policies.
Examples
# Enter IPv4 VPN view.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] address-family ipv4
[Sysname-vpn-ipv4-vpn1]
address-family vpnv4
Use address-family vpnv4 to create the BGP VPNv4 address family or BGP-VPN VPNv4 address family and enter its view.
Use undo address-family vpnv4 to remove the BGP VPNv4 address family or BGP-VPN VPNv4 address family and all configurations in address family view.
Syntax
address-family vpnv4
undo address-family vpnv4
Default
The BGP VPNv4 address family or BGP-VPN VPNv4 address family is not created.
Views
BGP view, BGP-VPN instance view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
A VPNv4 address comprises an RD and an IPv4 prefix. VPNv4 routes comprise VPNv4 addresses.
For a PE to exchange BGP VPNv4 routes with a BGP peer, you must enable that peer by executing the peer enable command in BGP VPNv4 address family view or BGP-VPN VPNv4 address family view.
In BGP VPNv4 address family view, you can configure the following settings:
· BGP VPNv4 route attributes, such as the preferred value.
· Whether to allow the local AS number to appear in the AS_PATH attribute of received route updates.
The settings in BGP VPNv4 address family view control VPNv4 route exchange between PEs.
The settings in BGP-VPN VPNv4 address family view control VPNv4 route exchange between provider PE and provider CE in nested MPLS L3VPN.
Examples
# Create the BGP VPNv4 address family and enter its view.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] address-family vpnv4
[Sysname-bgp-vpnv4]
# Create the BGP-VPN VPNv4 address family and enter its view.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] ip vpn-instance vpn1
[Sysname-bgp-vpn1] address-family vpnv4
[Sysname-bgp-vpnv4-vpn1]
description (VPN instance view)
Use description to configure a description for a VPN instance.
Use undo description to delete the description.
Syntax
description text
undo description
Default
No description is configured for a VPN instance.
Views
VPN instance view
Predefined user roles
network-admin
mdc-admin
Parameters
text: Specifies a description for the VPN instance, a case-sensitive string of 1 to 79 characters.
Examples
# Configure a description of This is vpn1 for VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] description This is vpn1
display bgp routing-table ipv4 unicast inlabel
Use display bgp routing-table ipv4 unicast inlabel to display incoming labels for BGP IPv4 unicast routes.
Syntax
display bgp routing-table ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] inlabel
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
vpn-instance vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays incoming labels for BGP IPv4 unicast routes on the public network.
Usage guidelines
This command displays incoming labels for BGP IPv4 unicast routes regardless of whether the unicast keyword is specified or not.
Examples
# Display incoming labels for all BGP IPv4 unicast routes on the public network.
<Sysname> display bgp routing-table ipv4 inlabel
Total number of routes: 1
BGP local router ID is 3.3.3.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop OutLabel InLabel
* > 2.2.2.9/32 1.1.1.2 1151 1279
Table 59 Command output
Field |
Description |
BGP local router ID |
Router ID of the local BGP router. |
Status codes |
Route status codes. See Table 61. |
Origin |
Route origin codes. See Table 61. |
In/Out Label |
Incoming/outgoing label. |
display bgp routing-table ipv4 unicast outlabel
Use display bgp routing-table ipv4 unicast outlabel to display outgoing labels for BGP IPv4 unicast routes.
Syntax
In standalone mode:
display bgp routing-table ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] outlabel [ standby slot slot-number ]
In IRF mode:
display bgp routing-table ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] outlabel [ standby chassis chassis-number slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
vpn-instance vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays outgoing labels for BGP IPv4 unicast routes on the public network.
standby: Displays BGP IPv4 unicast route outgoing labels for a standby BGP process. If you do not specify a standby BGP process, this command displays information for the active BGP process.
slot slot-number: Specifies the slot number of the card where the standby process resides. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies the card where the standby process resides. The chassis-number argument represents the IRF member ID of the device. The slot-number argument represents the slot number of the card. (In IRF mode.)
Usage guidelines
The active BGP process backs up BGP peers and routing information to the standby BGP process only when BGP NSR is enabled. If BGP NSR is disabled, this command does not display anything when you execute it with the standby keyword.
This command displays outgoing labels for BGP IPv4 unicast routes regardless of whether the unicast keyword is specified or not.
Examples
# Display outgoing labels for all BGP IPv4 unicast routes for the active process on the public network.
<Sysname> display bgp routing-table ipv4 outlabel
Total number of routes: 1
BGP local router ID is 3.3.3.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop OutLabel
* > 2.2.2.9/32 1.1.1.2 1151
Table 60 Command output
Field |
Description |
BGP local router ID |
Router ID of the local BGP router. |
Status codes |
Route status codes. See Table 61. |
Origin |
Route origin codes. See Table 61. |
OutLabel |
Outgoing label. |
display bgp routing-table vpnv4
Use display bgp routing-table vpnv4 to display BGP VPNv4 routing information.
Syntax
In standalone mode:
display bgp routing-table vpnv4 [ [ route-distinguisher route-distinguisher ] [ network-address [ { mask | mask-length } [ longest-match ] ] | network-address [ mask | mask-length ] advertise-info | as-path-acl as-path-acl-number | community-list { { basic-community-list-number | comm-list-name } [ whole-match ] | adv-community-list-number } ] | [ vpn-instance vpn-instance-name ] peer ip-address { advertised-routes | received-routes } [ network-address [ mask | mask-length ] | statistics ] | statistics ] [ standby slot slot-number ]
In IRF mode:
display bgp routing-table vpnv4 [ [ route-distinguisher route-distinguisher ] [ network-address [ { mask | mask-length } [ longest-match ] ] | network-address [ mask | mask-length ] advertise-info | as-path-acl as-path-acl-number | community-list { { basic-community-list-number | comm-list-name } [ whole-match ] | adv-community-list-number } ] | [ vpn-instance vpn-instance-name ] peer ip-address { advertised-routes | received-routes } [ network-address [ mask | mask-length ] | statistics ] | statistics ] [ standby chassis chassis-number slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
route-distinguisher route-distinguisher: Specifies an RD, a string of 3 to 21 characters in one of these formats:
· 16-bit AS number:32-bit user-defined number. For example, 101:3.
· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.
· 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1.
network-address: Specifies the destination network address.
mask: Specifies the network mask, in dotted decimal notation.
mask-length: Specifies the length of the network mask, in the range of 0 to 32.
longest-match: Displays the longest matching BGP VPNv4 route.
advertise-info: Displays advertisement information for BGP VPNv4 routes.
as-path-acl as-path-acl-number: Displays BGP VPNv4 routes that match the AS path list specified by its number in the range of 1 to 256.
community-list: Displays BGP VPNv4 routes that match a BGP community list.
basic-community-list-number: Specifies a basic community list by its number in the range of 1 to 99.
comm-list-name: Specifies a community list by its name, a case-sensitive string of 1 to 63 characters.
whole-match: Displays BGP VPNv4 routes exactly matching the specified community list. If you do not specify this keyword, the command displays BGP VPNv4 routes whose COMMUNITY attributes include the specified community list.
adv-community-list-number: Specifies an advanced community list by its number in the range of 100 to 199.
vpn-instance vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays BGP VPNv4 routes advertised to or received from the specified peer on the public network.
peer: Displays BGP VPNv4 routing information advertised to or received from a peer.
ip-address: Specifies the peer IP address.
advertised-routes: Displays BGP VPNv4 routing information advertised to the specified peer.
received-routes: Displays BGP VPNv4 routing information received from the specified peer.
statistics: Displays BGP VPNv4 routing statistics.
standby: Displays BGP VPNv4 routing information for a standby BGP process. If you do not specify a standby BGP process, this command displays information for the active BGP process.
slot slot-number: Specifies the slot number of the card where the standby process resides. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies the card where the standby process resides. The chassis-number argument represents the IRF member ID of the device. The slot-number argument represents the slot number of the card. (In IRF mode.)
Usage guidelines
If you do not any parameters, this command displays information about all BGP VPNv4 routes.
If you specify network-address mask or network-address mask-length, this command displays information about the BGP VPNv4 route that exactly matches the specified address and mask.
If you specify only network-address, the system ANDs the network address with the mask of a route. If the result matches the network address of the route, this command displays information about the BGP VPNv4 route.
The active BGP process backs up BGP peers and routing information to the standby BGP process only when BGP NSR is enabled. If BGP NSR is disabled, this command does not display anything when you execute it with the standby keyword.
Examples
# Display brief information about all BGP VPNv4 routes for the active process.
<Sysname> display bgp routing-table vpnv4
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Total number of routes from all PEs: 2
Route distinguisher: 100:1(vpn1)
Total number of routes: 6
Network NextHop MED LocPrf PrefVal Path/Ogn
* > 10.1.1.0/24 10.1.1.2 0 32768 ?
* e 10.1.1.1 0 0 65410?
* > 10.1.1.2/32 127.0.0.1 0 32768 ?
* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?
* >e 192.168.1.0 10.1.1.1 0 0 65410?
* i 3.3.3.9 0 100 0 65420?
Route distinguisher: 200:1
Total number of routes: 2
Network NextHop MED LocPrf PrefVal Path/Ogn
* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?
* >i 192.168.1.0 3.3.3.9 0 100 0 65420?
# Display brief information about BGP VPNv4 routes with RD 100:1 for the active process.
<Sysname> display bgp routing-table vpnv4 route-distinguisher 100:1
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Route distinguisher: 100:1(vpn1)
Total number of routes: 6
Network NextHop MED LocPrf PrefVal Path/Ogn
* > 10.1.1.0/24 10.1.1.2 0 32768 ?
* e 10.1.1.1 0 0 65410?
* > 10.1.1.2/32 127.0.0.1 0 32768 ?
* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?
* >e 192.168.1.0 10.1.1.1 0 0 65410?
* i 3.3.3.9 0 100 0 65420?
# Display information about BGP VPNv4 routes matching AS_PATH list 1 for the active process.
<Sysname> display bgp routing-table vpnv4 as-path-acl 1
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Total number of routes from all PEs: 2
Route distinguisher: 100:1(vpn1)
Total number of routes: 6
Network NextHop MED LocPrf PrefVal Path/Ogn
* > 10.1.1.0/24 10.1.1.2 0 32768 ?
* e 10.1.1.1 0 0 65410?
* > 10.1.1.2/32 127.0.0.1 0 32768 ?
* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?
* >e 192.168.1.0 10.1.1.1 0 0 65410?
* i 3.3.3.9 0 100 0 65420?
Route distinguisher: 200:1
Total number of routes: 2
Network NextHop MED LocPrf PrefVal Path/Ogn
* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?
* >i 192.168.1.0 3.3.3.9 0 100 0 65420?
# Display information about BGP VPNv4 routes matching BGP community list 100 for the active process.
<Sysname> display bgp routing-table vpnv4 community-list 100
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Total number of routes from all PEs: 2
Route distinguisher: 100:1(vpn1)
Total number of routes: 6
Network NextHop MED LocPrf PrefVal Path/Ogn
* > 10.1.1.0/24 10.1.1.2 0 32768 ?
* e 10.1.1.1 0 0 65410?
* > 10.1.1.2/32 127.0.0.1 0 32768 ?
* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?
* >e 192.168.1.0 10.1.1.1 0 0 65410?
* i 3.3.3.9 0 100 0 65420?
Route distinguisher: 200:1
Total number of routes: 2
Network NextHop MED LocPrf PrefVal Path/Ogn
* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?
* >i 192.168.1.0 3.3.3.9 0 100 0 65420?
# Display information about BGP VPNv4 routes advertised to peer 3.3.3.9 for the active process on the public network.
<Sysname> display bgp routing-table vpnv4 peer 3.3.3.9 advertised-routes
Total number of routes: 2
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Route distinguisher: 100:1
Total number of routes: 2
Network NextHop MED LocPrf Path/Ogn
* > 10.1.1.0/24 10.1.1.2 0 ?
* >e 192.168.1.0 10.1.1.1 0 65410?
# Display information about BGP VPNv4 routes received from peer 3.3.3.9 for the active process on the public network.
<Sysname> display bgp routing-table vpnv4 peer 3.3.3.9 received-routes
Total number of routes: 2
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Route distinguisher: 200:1
Total number of routes: 2
Network NextHop MED LocPrf PrefVal Path/Ogn
* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?
* >i 192.168.1.0 3.3.3.9 0 100 0 65420?
Field |
Description |
BGP Local router ID |
Router ID of the local BGP router. |
Status codes |
Route status codes: · * - valid—Valid route. · > - best—Common best route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route. |
Origin |
Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols. |
Total number of routes from all PEs |
Total number of VPNv4 routes from all PEs. |
Network |
Network address. |
NextHop |
Address of the next hop. |
MED |
MULTI_EXIT_DISC attribute. |
LocPrf |
Local preference value. |
PrefVal |
Preferred value. |
Path/Ogn |
AS_PATH and Origin attributes. |
# Display detailed information about the BGP VPNv4 route destined for 10.3.1.0/24 for the active process.
<Sysname> display bgp routing-table vpnv4 10.3.1.0 24
BGP local router ID: 1.1.1.9
Local AS number: 100
Route distinguisher: 100:1(vpn1)
Total number of routes: 1
Paths: 1 available, 1 best
BGP routing table information of 10.3.1.0/24:
From : 3.3.3.9 (3.3.3.9)
Relay nexthop : 172.1.1.2
Original nexthop: 3.3.3.9
OutLabel : 1279
Ext-Community : <RT: 111:1>
AS-path : (null)
Origin : incomplete
Attribute value : MED 0, localpref 100, pref-val 0
State : valid, internal, best,
Route distinguisher: 200:1
Total number of routes: 1
Paths: 1 available, 1 best
BGP routing table information of 10.3.1.0/24:
From : 3.3.3.9 (3.3.3.9)
Relay nexthop : 172.1.1.2
Original nexthop: 3.3.3.9
OutLabel : 1279
Ext-Community : <RT: 111:1>
AS-path : (null)
Origin : incomplete
Attribute value : MED 0, localpref 100, pref-val 0
State : valid, internal, best,
# Display detailed information about the BGP VPNv4 route destined for 10.3.1.0/24 for the standby process.
<Sysname> display bgp routing-table vpnv4 10.3.1.0 24
BGP local router ID: 1.1.1.9
Local AS number: 100
Route distinguisher: 100:1(vpn1)
Total number of routes: 1
Paths: 1 available, 0 best
BGP routing table information of 10.3.1.0/24:
From : 3.3.3.9 (3.3.3.9)
Relay nexthop : 172.1.1.2
Original nexthop: 3.3.3.9
OutLabel : 1279
Ext-Community : <RT: 111:1>
AS-path : (null)
Origin : incomplete
Attribute value : MED 0, localpref 100, pref-val 0
State : valid, internal,
IP precedence : N/A
QoS local ID : N/A
Route distinguisher: 200:1
Total number of routes: 1
Paths: 1 available, 0 best
BGP routing table information of 10.3.1.0/24:
From : 3.3.3.9 (3.3.3.9)
Relay nexthop : 172.1.1.2
Original nexthop: 3.3.3.9
OutLabel : 1279
Ext-Community : <RT: 111:1>
AS-path : (null)
Origin : incomplete
Attribute value : MED 0, localpref 100, pref-val 0
State : valid, internal,
IP precedence : N/A
QoS local ID : N/A
# Display detailed information about the BGP VPNv4 route destined for 10.3.1.0/24 and with RD 100:1 for the active process.
<Sysname> display bgp routing-table vpnv4 route-distinguisher 100:1 10.3.1.0 24
BGP local router ID: 1.1.1.9
Local AS number: 100
Route distinguisher: 100:1(vpn1)
Total number of routes: 1
Paths: 1 available, 1 best
BGP routing table information of 10.3.1.0/24:
From : 3.3.3.9 (3.3.3.9)
Relay nexthop : 172.1.1.2
Original nexthop: 3.3.3.9
OutLabel : 1279
Ext-Community : <RT: 111:1>
AS-path : (null)
Origin : incomplete
Attribute value : MED 0, localpref 100, pref-val 0
State : valid, internal, best,
# Display detailed information about the BGP VPNv4 route destined for 10.3.1.0/24 and with RD 100:1 for the standby process.
<Sysname> display bgp routing-table vpnv4 route-distinguisher 100:1 10.3.1.0 24
BGP local router ID: 1.1.1.9
Local AS number: 100
Route distinguisher: 100:1(vpn1)
Total number of routes: 1
Paths: 1 available, 0 best
BGP routing table information of 10.3.1.0/24:
From : 3.3.3.9 (3.3.3.9)
Relay nexthop : 172.1.1.2
Original nexthop: 3.3.3.9
OutLabel : 1279
Ext-Community : <RT: 111:1>
AS-path : (null)
Origin : incomplete
Attribute value : MED 0, localpref 100, pref-val 0
State : valid, internal,
IP precedence : N/A
QoS local ID : N/A
Table 62 Command output
Field |
Description |
Relay Nexthop |
Recursive next hop. If no recursive next hop is found, this field displays not resolved. |
Original nexthop |
Original next hop. If the route is learned from a BGP update, it is the next hop in the update message. |
Ext-Community |
Extended community attribute. |
Attribute value |
BGP route attribute information: · MED—MED attribute. · Localpref—Local preference. · pref-val—Preferred value. · pre—Protocol preference. |
State |
Route status: · valid—Valid route. · internal—Internal route. · external—External route. · local—Locally generated route. · synchronize—Synchronized route. · best—Best route. |
# Display advertisement information for BGP VPNv4 routes to 10.1.1.0/24.
<Sysname> display bgp routing-table vpnv4 10.1.1.0 24 advertise-info
BGP local router ID: 1.1.1.9
Local AS number: 100
Route distinguisher: 100:1
Total number of routes: 1
Paths: 1 best
BGP routing table information of 10.1.1.0/24:
Advertised to VPN peers (1 in total):
3.3.3.9
Inlabel : 1279
Table 63 Command output
Field |
Description |
Paths |
Number of routes to the specified destination network. |
BGP routing table information of 10.1.1.0/24 |
Advertisement information for the BGP route to 10.1.1.0/24. |
Advertised to VPN peers (1 in total) |
VPNv4 peers to which the route is advertised, and the number of peers. |
Inlabel |
Incoming label of the route. |
# Display statistics about BGP VPNv4 routes advertised to peer 3.3.3.9 for the active process on the public network.
<Sysname> display bgp routing-table vpnv4 peer 3.3.3.9 advertised-routes statistics
Advertised routes total: 2
# Display statistics about BGP VPNv4 routes received from peer 3.3.3.9 for the active process on the public network.
<Sysname> display bgp routing-table vpnv4 peer 3.3.3.9 received-routes statistic
Received routes total: 2
Table 64 Command output
Field |
Description |
Advertised routes total |
Total number of routes advertised to the specified peer. |
Received routes total |
Total number of routes received from the specified peer. |
# Display statistics about BGP VPNv4 routes on the public network.
<Sysname> display bgp routing-table vpnv4 statistics
Total number of routes from all PEs: 2
Route distinguisher: 100:1(vpn1)
Total number of routes: 6
Route distinguisher: 200:1
Total number of routes: 2
Table 65 Command output
Field |
Description |
Total number of routes from all PEs |
Total number of VPNv4 routes from all PEs. |
Total number of routes |
Total number of VPNv4 routes with the specified RD. |
Related commands
ip as-path (Layer 3—IP Routing Command Reference)
display bgp routing-table vpnv4 inlabel
Use display bgp routing-table vpnv4 inlabel to display incoming labels for BGP VPNv4 routes.
Syntax
display bgp routing-table vpnv4 inlabel
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Examples
# Display incoming labels for all BGP VPNv4 routes.
<Sysname> display bgp routing-table vpnv4 inlabel
Total number of routes: 2
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Route distinguisher: 100:1
Total number of routes: 2
Network NextHop OutLabel InLabel
* > 10.1.1.0/24 10.1.1.2 NULL 1279
* >e 192.168.1.0 10.1.1.1 NULL 1278
Table 66 Command output
Field |
Description |
BGP local router ID |
Router ID of the local BGP router. |
Status codes |
Route status codes. See Table 61. |
Origin |
Route origin. See Table 61. |
display bgp routing-table vpnv4 outlabel
Use display bgp routing-table vpnv4 outlabel to display outgoing labels for BGP VPNv4 routes.
Syntax
In standalone mode:
display bgp routing-table vpnv4 outlabel [ standby slot slot-number ]
In IRF mode:
display bgp routing-table vpnv4 outlabel [ standby chassis chassis-number slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
standby: Displays all BGP VPNv4 route outgoing labels for a standby BGP process. If you do not specify a standby BGP process, this command displays information for the active BGP process.
slot slot-number: Specifies the slot number of the card where the standby process resides. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies the card where the standby process resides. The chassis-number argument represents the IRF member ID of the device. The slot-number argument represents the slot number of the card. (In IRF mode.)
Usage guidelines
The active BGP process backs up BGP peers and routing information to the standby BGP process only when BGP NSR is enabled. If BGP NSR is disabled, this command does not display anything when you execute it with the standby keyword.
Examples
# Display outgoing labels for all BGP VPNv4 routes for the active process.
<Sysname> display bgp routing-table vpnv4 outlabel
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Total number of routes from all PEs: 2
Route distinguisher: 100:1(vpn1)
Total number of routes: 2
Network NextHop OutLabel
* >i 10.3.1.0/24 3.3.3.9 1279
* i 192.168.1.0 3.3.3.9 1278
Route distinguisher: 200:1
Total number of routes: 2
Network NextHop OutLabel
* >i 10.3.1.0/24 3.3.3.9 1279
* >i 192.168.1.0 3.3.3.9 1278
Table 67 Command output
Field |
Description |
BGP local router ID |
Router ID of the local BGP router. |
Status codes |
Route status codes. See Table 61. |
Origin |
Route origin codes. See Table 61. |
OutLabel |
Outgoing label. |
display ip vpn-instance
Use display ip vpn-instance to display information about VPN instances.
Syntax
display ip vpn-instance [ instance-name vpn-instance-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
instance-name vpn-instance-name: Displays information about the specified VPN instance. The vpn-instance-name is a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays brief information about all VPN instances.
Examples
# Display brief information about all VPN instances.
<Sysname> display ip vpn-instance
Total VPN-Instances configured : 1
VPN-Instance Name RD Create time
abc 1:1 2011/05/18 10:48:17
Table 68 Command output
Field |
Description |
VPN-Instance Name |
Name of the VPN instance. |
RD |
RD of the VPN instance. |
Create Time |
Time when the VPN instance was created. |
# Display detailed information about VPN instance vpn1.
<Sysname> display ip vpn-instance instance-name vpn1
VPN-Instance Name and Index : vpn1, 2
Route Distinguisher : 100:1
VPN ID : 1:1
Description : vpn1
Interfaces : Vlan-interface10
Address-family IPv4:
Export VPN Targets :
2:2
Import VPN Targets :
3:3
Export Route Policy : outpolicy
Import Route Policy : inpolicy
Tunnel Policy : tunnel1
Maximum Routes Limit : 5000
display ospf sham-link
Use display ospf sham-link to display OSPF sham link information.
Syntax
In standalone mode:
display ospf [ process-id ] sham-link [ area area-id ] [ standby slot slot-number ]
In IRF mode:
display ospf [ process-id ] sham-link [ area area-id ] [ standby chassis chassis-number slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
process-id: Displays sham link information for the OSPF process specified by its ID. The process ID is in the range of 1 to 65535. If you do not specify a process, this command displays sham link information for all OSPF processes.
area area-id: Displays sham link information for the OSPF area specified by its ID, which is an IP address, or an integer. The integer is in the range of 0 to 4294967295. If you do not specify an area, this command displays sham link information for all OSPF areas.
standby: Displays information about the standby OSPF process. If you do not specify this keyword, the command displays information about the active OSPF process.
slot slot-number: Specifies the slot number of the card where the standby process resides. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies the card where the standby process resides. The chassis-number argument represents the IRF member ID of the device. The slot-number argument represents the slot number of the card. (In IRF mode.)
Usage guidelines
If you do not specify any processes or areas, this command displays information about all OSPF sham links.
The active OSPF process backs up OSPF peers and routing information to the standby OSPF process only when OSPF NSR is enabled. If OSPF NSR is disabled, this command does not display anything when you execute it by using the standby keyword.
Examples
# Display information about all OSPF sham links.
<Sysname> display ospf sham-link
OSPF Process 1 with Router ID 125.1.1.1
Sham link
Area Neighbor ID Source IP Destination IP State Cost
0.0.0.0 95.1.1.1 125.2.1.1 95.2.1.1 P-2-P 1
# Display OSPF sham link information for OSPF area 1.
<Sysname> display ospf sham-link area 1
OSPF Process 1 with Router ID 125.1.1.1
Sham link: 125.2.1.1 --> 95.2.1.1
Neighbor ID: 95.1.1.1 State: Full
Area: 0.0.0.0
Cost: 1 State: P-2-P Type: Sham
Timers: Hello 10, Dead 40, Retransmit 5, Transmit Delay 1
Request list: 0 Retransmit list: 0
MD5 authentication enabled.
The last key is 3.
The rollover is in progress, 1 neighbor(s) left.
The timers for a sham link are in seconds.
domain-id
Use domain-id to configure an OSPF domain ID.
Use undo domain-id to restore the default.
Syntax
domain-id domain-id [ secondary ]
undo domain-id [ domain-id ]
Default
The OSPF domain ID is 0.
Views
OSPF view
Predefined user roles
network-admin
mdc-admin
Parameters
domain-id: Specifies an OSPF domain ID, in one of these formats:
· Integer, in the range of 0 to 4294967295. For example, 1.
· Dotted decimal notation. For example, 0.0.0.1.
· Dotted decimal notation:16-bit user-defined number in the range of 0 to 65535. For example, 0.0.0.1:512.
secondary: Specifies a secondary domain ID. If you do not specify this keyword, the command specifies a primary domain ID.
Usage guidelines
When you redistribute OSPF routes into BGP, BGP adds the primary domain ID to the redistributed BGP VPNv4 routes as a BGP extended community attribute. Then, BGP advertises the routes to the peer PE.
When the peer PE receives the routes, it compares the OSPF domain ID in the routes with the locally configured primary and secondary domain IDs. If the primary or secondary domain ID is the same as the received domain ID, and the received routes are intra-area routes, OSPF advertises these routes in Network Summary LSAs (Type 3). Otherwise, OSPF advertises these routes in AS External LSAs (Type 5) or NSSA External LSAs (Type 7).
If you do not specify any parameters, the undo domain-id command deletes all domain IDs.
Examples
# Configure the OSPF domain ID as 234.
<Sysname> system-view
[Sysname] ospf 100
[Sysname-ospf-100] domain-id 234
export route-policy
Use export route-policy to apply an export routing policy to a VPN instance.
Use undo export route-policy to remove the application.
Syntax
export route-policy route-policy
undo export route-policy
Default
No export routing policy is applied to a VPN instance.
Views
VPN instance view, IPv4 VPN view
Predefined user roles
network-admin
mdc-admin
Parameters
route-policy: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.
Usage guidelines
You can specify an export routing policy to filter advertised routes or modify their route attributes for the VPN instance.
If you execute this command multiple times, the most recent configuration takes effect.
IPv4 VPN prefers the export routing policy specified in IPv4 VPN view over the one specified in VPN instance view.
Examples
# Apply export routing policy poly-1 to the VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] export route-policy poly-1
# Apply export routing policy poly-2 to the IPv4 VPN vpn2.
<Sysname> system-view
[Sysname] ip vpn-instance vpn2
[Sysname-vpn-instance-vpn2] address-family ipv4
[Sysname-vpn-ipv4-vpn2] export route-policy poly-2
Related commands
· import route-policy
· route-policy (Layer 3—IP Routing Configuration Guide)
ext-community-type
Use ext-community-type to configure the type code of an OSPF extended community attribute.
Use undo ext-community-type to restore the default.
Syntax
ext-community-type { domain-id type-code1 | router-id type-code2 | route-type type-code3 }
undo ext-community-type [ domain-id | router-id | route-type ]
Default
The type codes for domain ID, router ID, and route type are hex numbers 0005, 0107, and 0306, respectively.
Views
OSPF view
Predefined user roles
network-admin
mdc-admin
Parameters
domain-id type-code1: Specifies the type code for domain ID. Valid values are hex numbers 0005, 0105, 0205, and 8005.
router-id type-code2: Specifies the type code for router ID. Valid values are hex numbers 0107 and 8001.
router-type type-code3: Specifies the type code for route type. Valid values are hex numbers 0306 and 8000.
Examples
# Configure the type codes of domain ID, router ID, and route type as hex numbers 8005, 8001, and 8000, respectively, for OSPF process 100.
<Sysname> system-view
[Sysname] ospf 100
[Sysname-ospf-100] ext-community-type domain-id 8005
[Sysname-ospf-100] ext-community-type router-id 8001
[Sysname-ospf-100] ext-community-type route-type 8000
import route-policy
Use import route-policy to apply an import routing policy to a VPN instance.
Use undo import route-policy to remove the application.
Syntax
import route-policy route-policy
undo import route-policy
Default
No import routing policy is applied to a VPN instance. All routes matching the import target attribute are accepted.
Views
VPN instance view, IPv4 VPN view
Predefined user roles
network-admin
mdc-admin
Parameters
route-policy: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.
Usage guidelines
You can specify an import routing policy to filter received routes or modify their route attributes for the VPN instance.
If you execute this command multiple times, the most recent configuration takes effect.
IPv4 VPN prefers the import routing policy specified in IPv4 VPN view over the one specified in VPN instance view.
Examples
# Apply import routing policy poly-1 to the VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] import route-policy poly-1
# Apply import routing policy poly-2 to the IPv4 VPN vpn2.
<Sysname> system-view
[Sysname] ip vpn-instance vpn2
[Sysname-vpn-instance-vpn2] address-family ipv4
[Sysname-vpn-ipv4-vpn2] import route-policy poly-2
Related commands
· export route-policy
· route-policy (Layer 3—IP Routing Configuration Guide)
ip binding vpn-instance
Use ip binding vpn-instance to associate an interface with a VPN instance.
Use undo ip binding vpn-instance to remove the association.
Syntax
ip binding vpn-instance vpn-instance-name
undo ip binding vpn-instance vpn-instance-name
Default
An interface is associated with no VPN instance and belongs to the public network.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters.
Usage guidelines
Use the command to associate the VPN instance with the interface connected to the CE.
This command or its undo form clears the IP address and routing protocol configuration on the interface. After executing this command or its undo form, use the display this command to view the current configuration and reconfigure the IP address and routing protocol on the interface.
The specified VPN instance must have been created by using the ip vpn-instance command in system view.
To associate a new VPN instance with an interface, you must remove the previous association by using the undo ip binding vpn-instance command and then use the ip binding vpn-instance command to associate the new VPN instance with the interface.
Examples
# Associate interface VLAN-interface 1 with the VPN instance vpn1.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] ip binding vpn-instance vpn1
Related commands
ip vpn-instance (system view)
ip vpn-instance (system view)
Use ip vpn-instance to create a VPN instance and enter VPN instance view.
Use undo ip vpn-instance to delete a VPN instance.
Syntax
ip vpn-instance vpn-instance-name
undo ip vpn-instance vpn-instance-name
Default
No VPN instance is created.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
vpn-instance-name: Specifies the name of the VPN instance, a case-sensitive string of 1 to 31 characters.
Usage guidelines
Before you create VPN instances, you must reserve local VLAN interface resources by executing the reserve-vlan-interface command. The device uses the reserved resources to create VPN instances. For more information about local VLAN interface resource reservation, see Layer 2—LAN Switching Configuration Guide.
Examples
# Create a VPN instance named vpn1 and enter its view.
<Sysname> system-view
[Sysname] reserve-vlan-interface 3000
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1]
Related commands
· reserve-vlan-interface (Layer 2—LAN Switching Command Reference)
· route-distinguisher
nesting-vpn
Use nesting-vpn to enable the nested VPN feature.
Use undo nesting-vpn to disable the nested VPN feature.
Syntax
nesting-vpn
undo nesting-vpn
Default
The nested VPN feature is disabled.
Views
BGP VPNv4 address family view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
To exchange VPNv4 routes with a peer in nested VPN, you must enable nested VPN and then execute the peer enable command to enable that peer in BGP VPNv4 view.
Examples
# Enable nested VPN.
<Sysname> system-view
[Sysname] bgp 10
[Sysname-bgp] address-family vpnv4
[Sysname-bgp-vpnv4] nesting-vpn
peer next-hop-invariable
Use peer next-hop-invariable to configure the device to not change the next hop of routes advertised to an EBGP peer or peer group.
Use undo peer next-hop-invariable to restore the default.
Syntax
peer { group-name | ip-address [ mask-length ] } next-hop-invariable
undo peer { group-name | ip-address [ mask-length ] } next-hop-invariable
Default
The device uses its address as the next hop of routes advertised to an EBGP peer or peer group.
Views
BGP VPNv4 address family view
Predefined user roles
network-admin
mdc-admin
Parameters
group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters.
ip-address: Specifies a peer by its IP address.
mask-length: Specifies a mask length in the range of 0 to 32. You can use the ip-address and mask-length arguments together to specify a network. If you specify a network in this command, the device does not change the next hop of routes advertised to the dynamic peers in the network.
Usage guidelines
On an RR in an inter-AS option C scenario, you must configure next-hop-invariable to not change the next hop of VPNv4 routes advertised to EBGP peers and RR clients.
This command is exclusive with the peer next-hop-local command.
Examples
# Configure the device to not change the next hop of routes advertised to EBGP peer 1.1.1.1.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] address-family vpnv4
[Sysname-bgp-af-vpnv4] peer 1.1.1.1 next-hop-invariable
Related commands
peer next-hop-local (Layer 3—IP Routing Command Reference)
peer upe
Use peer upe to configure a BGP peer or peer group as an HoVPN UPE in BGP VPNv4 address family view.
Use undo peer upe to remove the configuration.
Syntax
peer { group-name | ip-address [ mask-length ] } upe
undo peer { group-name | ip-address [ mask-length ] } upe
Default
No BGP peer or peer group is configured as a UPE.
Views
BGP VPNv4 address family view
Predefined user roles
network-admin
mdc-admin
Parameters
group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The specified peer group must exist.
ip-address: Specifies a peer by its IP address. The specified peer must exist.
mask-length: Specifies a mask length in the range of 0 to 32. You can use the ip-address and mask-length arguments together to specify a network. If you specify a network, this command configures all dynamic peers in the network as UPEs.
Usage guidelines
A UPE is a special VPNv4 peer. It can accept one default route for each related VPN instance and routes permitted by the routing policy on the SPE. An SPE is a common VPN peer.
Examples
# Configure peer 1.1.1.1 as a UPE.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] address-family vpnv4
[Sysname-bgp-vpnv4] peer 1.1.1.1 upe
peer upe route-policy
Use peer upe route-policy to advertise routes permitted by a routing policy to a UPE.
Use undo peer upe route-policy to restore the default.
Syntax
peer { group-name | ip-address [ mask-length ] } upe route-policy route-policy-name export
undo peer { group-name | ip-address [ mask-length ] } upe route-policy export
Default
No routes are advertised to any peer.
Views
BGP VPNv4 address family view
Predefined user roles
network-admin
mdc-admin
Parameters
group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The specific peer group must exist.
ip-address: Specifies a peer by its IP address. The specific peer must exist.
mask-length: Specifies a mask length in the range of 0 to 32. You can use the ip-address and mask-length arguments together to specify a network. If you specify a network, this command advertises routes permitted by a routing policy to all dynamic peers in the network.
route-policy-name: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.
export: Applies the filtering policy to routes to be advertised.
Usage guidelines
This command must be used with the peer upe command.
Examples
# Configure peer 1.1.1.1 as a UPE, and advertise routes permitted by routing policy hope to peer 1.1.1.1.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] peer 1.1.1.1 as-number 200
[Sysname-bgp] address-family vpnv4
[Sysname-bgp-vpnv4] peer 1.1.1.1 enable
[Sysname-bgp-vpnv4] peer 1.1.1.1 upe
[Sysname-bgp-vpnv4] peer 1.1.1.1 upe route-policy hope export
Related commands
· peer upe
· route-policy (Layer 3—IP Routing Configuration Guide)
policy vpn-target
Use policy vpn-target to enable route target filtering of received VPNv4 routes. Only VPNv4 routes whose route target attribute matches local import route target attribute are added to the routing table.
Use undo policy vpn-target to disable route target filtering, permitting all incoming VPNv4 routes.
Syntax
policy vpn-target
undo policy vpn-target
Default
The route target filtering feature is enabled for received VPNv4 routes.
Views
BGP VPNv4 address family view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
In an inter-AS option B scenario, an ASBR must save all incoming VPNv4 routes and advertises those routes to the peer ASBR. For this purpose, you must execute the undo policy vpn-target command on the ASBR to disable route target filtering.
Examples
# Disable route target filtering of received VPNv4 routes.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] address-family vpnv4
[Sysname-bgp-vpnv4] undo policy vpn-target
route-distinguisher (VPN instance view)
Use route-distinguisher to configure an RD for a VPN instance.
Use undo route-distinguisher to remove the RD of a VPN instance.
Syntax
route-distinguisher route-distinguisher
undo route-distinguisher
Default
No RD is specified for a VPN instance.
Views
VPN instance view
Predefined user roles
network-admin
mdc-admin
Parameters
route-distinguisher: Specifies an RD for the VPN instance, a string of 3 to 21 characters in one of the following formats:
· 16-bit AS number:32-bit user-defined number. For example, 101:3.
· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.
· 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1.
Usage guidelines
RDs enable VPNs to use the same address space. An RD and an IPv4 prefix comprise a unique VPN IPv4 prefix.
To change the RD of a VPN instance, you must delete the RD with the undo route-distinguisher command, and then use the route-distinguisher command to configure a new RD.
Examples
# Configure RD 22:1 for VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] route-distinguisher 22:1
route-tag
Use route-tag to configure an external route tag for redistributed VPN routes.
Use undo route-tag to restore the default.
Syntax
route-tag tag-value
undo route-tag
Default
If BGP runs within an MPLS backbone, and the BGP AS number is not greater than 65535, the first two octets of the external route tag are 0xD000, and the last two octets are the local BGP AS number. For example, if the local BGP AS number is 100, the external route tag value is 3489661028 (100 + the decimal value of 0xD0000000). If the AS number is greater than 65535, the external route tag is 0.
Views
OSPF view
Predefined user roles
network-admin
mdc-admin
Parameters
tag-value: Specifies the external route tag for redistributed VPN routes, in the range of 0 to 4294967295.
Usage guidelines
In a dual-homed scenario where OSPF runs between the CE and the connected PEs (PE-A and PE-B, for example), you can use external route tags to avoid routing loops.
When PE-A redistributes BGP routes from the peer PE into OSPF, and advertises these routes in the Type 5 or 7 LSAs to the CE, PE-A adds the locally configured external route tag to the LSAs.
When PE-B receives the Type 5 or 7 LSAs advertised by the CE, it compares the external route tag in the LSAs with the locally configured tag. If they are the same, PE-B ignores the LSA in route calculation to avoid routing loops.
The commands used to configure the external route tag (in the descending order of tag priority) are as follows:
· import-route
· route-tag
· default tag
As a best practice, configure the same external route tag for PEs in the same area.
An external route tag is not transferred in any BGP extended community attribute. It takes effect only on the PEs that receive BGP routes and generate OSPF Type 5 or 7 LSAs.
You can configure the same external route tag for different OSPF processes.
Examples
# In OSPF process 100, set the external route tag for redistributed VPN routes to 100.
<Sysname> system-view
[Sysname] ospf 100
[Sysname-ospf-100] route-tag 100
Related commands
· default (Layer 3—IP Routing Command Reference)
· import-route (Layer 3—IP Routing Command Reference)
routing-table limit
Use routing-table limit to limit the maximum number of active routes in a VPN instance.
Use undo routing-table limit to restore the default.
Syntax
routing-table limit number { warn-threshold | simply-alert }
undo routing-table limit
Default
The maximum number of active routes is not limited.
Views
VPN instance view, IPv4 VPN view
Predefined user roles
network-admin
mdc-admin
Parameters
number: Specifies the maximum number of active routes. In VPN instance view, the value range is 1 to 10240. In IPv4 VPN view, the value range is 1 to 1048576. After the hardware-resource tcam normal command is executed, the value range is 1 to 32768 in IPv4 VPN view. For more information about the hardware-resource tcam command, see Fundamentals Command Reference. The hardware-resource tcam command is available in Release 1138P01 and later versions.
warn-threshold: Specifies a warning threshold in the range of 1 to 100 in percentage. When the percentage of the number of existing active routes to the maximum number of active routes exceeds the specified threshold, the system gives an alarm message but still allows new active routes. If active routes in the VPN instance reach the maximum, no more active routes are added.
simply-alert: Specifies that when active routes exceed the maximum number, the system still accepts active routes but generates a system log message.
Usage guidelines
IPv4 VPN prefers the limit configured in IPv4 VPN view over the limit configured in VPN instance view.
Examples
# Specify that VPN instance vpn1 supports up to 1000 active routes, and when active routes exceed the upper limit, can receive new active routes but generates a system log message.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] route-distinguisher 100:1
[Sysname-vpn-instance-vpn1] routing-table limit 1000 simply-alert
# Specify that the IPv4 VPN vpn2 supports up to 1000 active routes, and when active routes exceed the upper limit, can receive new active routes but generates a system log message.
<Sysname> system-view
[Sysname] ip vpn-instance vpn2
[Sysname-vpn-instance-vpn2] route-distinguisher 100:2
[Sysname-vpn-instance-vpn2] address-family ipv4
[Sysname-vpn-ipv4-vpn2] routing-table limit 1000 simply-alert
rr-filter
Use rr-filter to create an RR reflection policy so that only IBGP routes whose extended community attribute matches the specified extended community list are reflected.
Use undo rr-filter to restore the default.
Syntax
rr-filter extended-community-number
undo rr-filter
Default
An RR does not filter reflected routes.
Views
BGP VPNv4 address family view
Predefined user roles
network-admin
mdc-admin
Parameters
extended-community-number: Specifies an extended community number in the range of 1 to 199.
Usage guidelines
By configuring different RR reflection policies on RRs in a cluster, you can implement load balancing among the RRs.
Examples
# Configure the RR to only reflect VPNv4 routes with an extended community number of 10.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] address-family vpnv4
[Sysname-bgp-vpnv4] rr-filter 10
sham-link
Use sham-link to create an OSPF sham link.
Use undo sham-link to remove an OSPF sham link or restore the defaults of specified parameters for a sham link.
Syntax
sham-link source-ip-address destination-ip-address [ cost cost | dead dead-interval | hello hello-interval | { { hmac-md5 | md5 } key-id { cipher cipher-string | plain plain-string } | simple { cipher cipher-string | plain plain-string } } | retransmit retrans-interval | trans-delay delay ] *
undo sham-link source-ip-address destination-ip-address [ cost | dead | hello | { { hmac-md5 | md5 } key-id | simple } | retransmit | trans-delay ] *
Default
No OSPF sham link is configured.
Views
OSPF area view
Predefined user roles
network-admin
mdc-admin
Parameters
source-ip-address: Specifies the source IP address of the sham link.
destination-ip-address: Specifies the destination IP address of the sham link.
cost cost: Specifies the cost of the sham link, in the range of 1 to 65535. The default cost is 1.
dead dead-interval: Specifies the dead interval in the range of 1 to 32768 seconds. The default is 40 seconds. The dead interval configured on the two ends of the sham link must be identical, and it must be at least four times the hello interval.
hello hello-interval: Specifies the interval for sending hello packets, in the range of 1 to 8192 seconds. The default is 10 seconds. The hello interval configured on the two ends of the sham link must be identical.
hmac-md5: Enables HMAC-MD5 authentication.
md5: Enables MD5 authentication.
simple: Enables simple authentication.
key-id: Specifies a key ID in the range of 1 to 255.
cipher: Sets a ciphertext key.
cipher-string: Specifies a ciphertext key. This argument is case sensitive. If simple is specified, it must be a string of 33 to 41 characters. If md5 or hmac-md5 is specified, it must be a string of 33 to 53 characters.
plain: Sets a plaintext key.
plain-string: Specifies a plaintext key. This argument is case sensitive. If simple is specified, it must be a string of 1 to 8 characters. If md5 or hmac-md5 is specified, it must be a string of 1 to 16 characters.
retransmit retrans-interval: Specifies the interval for retransmitting LSAs, in the range of 1 to 3600 seconds. The default is 5 seconds.
trans-delay delay: Specifies the delay interval before the interface sends an LSA, in the range of 1 to 3600 seconds. The default is 1 second.
Usage guidelines
When a backdoor link exists between the two sites of a VPN, traffic is forwarded through the backdoor link. To forward VPN traffic over the backbone, you can create a sham link between PEs. A sham link is considered an OSPF intra-area route.
This command can configure MD5/HMAC-MD5 or simple authentication for the sham link, but not both. For MD5/HMAC-MD5 authentication, you can configure multiple keys by executing this command multiple times, but a key-id can correspond with only one key.
To modify the MD5/HMAC-MD5 authentication key of a sham link, follow these steps:
1. Configure a new key for the sham link on the local device. If the neighbor on the sham link has not been configured with the new key, this configuration triggers a key rollover process, during which, OSPF advertises both the new and old keys so the neighbor can pass authentication and the neighbor relationship is maintained.
2. Configure the same key for the sham link on the neighbor. After the local device receives a packet carrying the new key from the neighbor, it quits the key rollover process.
3. Execute the undo sham-link command on the local device and the neighbor to remove the old key. This operation can avoid attacks to the sham link that uses the old key and reduce bandwidth consumption by key rollover.
You cannot configure a sham link with the same source and destination IP address for multiple OSPF processes in a VPN instance.
The sham links configured on the local and remote PEs must be in the same OSPF area. Otherwise, the OSPF neighbor relationship cannot be established.
Examples
# Create a sham link with the source address 1.1.1.1 and destination address 2.2.2.2.
<Sysname> system-view
[Sysname] ospf
[Sysname-ospf-1] area 0
[Sysname-ospf-1-area-0.0.0.0] sham-link 1.1.1.1 2.2.2.2
Related commands
display ospf sham-link
snmp-agent trap enable l3vpn
Use snmp-agent trap enable l3vpn to enable SNMP notifications for MPLS L3VPN.
Use undo snmp-agent trap enable l3vpn to disable SNMP notifications for MPLS L3VPN.
Syntax
snmp-agent trap enable l3vpn
undo snmp-agent trap enable l3vpn
Default
SNMP notifications for MPLS L3VPN are enabled.
Views
System view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
This feature enables MPLS L3VPN to generate SNMP notifications. The generated SNMP notifications are sent to the SNMP module.
For more information about SNMP notifications, see Network Management and Monitoring Configuration Guide.
Examples
# Enable SNMP notifications for MPLS L3VPN.
<Sysname> system-view
[Sysname] snmp-agent trap enable l3vpn
tnl-policy
Use tnl-policy to associate a VPN instance with a tunnel policy.
Use undo tnl-policy to remove the association.
Syntax
tnl-policy tunnel-policy-name
undo tnl-policy
Default
No tunnel policy is associated with a VPN instance.
Views
VPN instance view, IPv4 VPN view
Predefined user roles
network-admin
mdc-admin
Parameters
tunnel-policy-name: Specifies a tunnel policy by its name, a case-sensitive string of 1 to 19 characters.
Usage guidelines
The VPN instance uses the specified tunnel policy to select tunnels for traffic.
If a VPN instance is not associated with any tunnel policy or the associated tunnel policy is not configured, the VPN instance selects tunnels according to the default tunnel policy. The default tunnel policy selects only one tunnel in this order: LSP tunnel, CRLSP tunnel.
IPv4 VPN prefers the tunnel policy specified in IPv4 VPN view over the tunnel policy specified in VPN instance view.
Examples
# Associate the VPN instance vpn1 with the tunnel policy po1.
<Sysname> system-view
[Sysname] tunnel-policy po1
[Sysname-tunnel-policy-po1] select-seq lsp load-balance-number 1
[Sysname-tunnel-policy-po1] quit
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] route-distinguisher 22:33
[Sysname-vpn-instance-vpn1] tnl-policy po1
[Sysname-vpn-instance-vpn1] quit
# Associate the IPv4 VPN vpn2 with the tunnel policy po1.
[Sysname] ip vpn-instance vpn2
[Sysname-vpn-instance-vpn2] route-distinguisher 11:22
[Sysname-vpn-instance-vpn2] address-family ipv4
[Sysname-vpn-ipv4-vpn2] tnl-policy po1
[Sysname-vpn-ipv4-vpn2] quit
[Sysname-vpn-instance-vpn2] quit
Related commands
tunnel-policy
vpn popgo
Use vpn popgo to specify the VPN label processing mode as POPGO forwarding on an egress PE, which will pop the label for each packet and forward the packet out of the interface corresponding to the label.
Use undo vpn popgo to restore the default.
Syntax
vpn popgo
undo vpn popgo
Default
The VPN label processing mode is POP forwarding on an egress PE, which will pop the label for each packet and forward the packet through the FIB table.
Views
BGP view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
After you execute the vpn popgo command, the egress PE disconnects and re-establishes BGP sessions to re-learn VPN routes.
After the vpn popgo command is executed, the egress PE does not support load sharing among VPN BGP peers.
Examples
# Specify the VPN label processing mode on the egress PE as POPGO forwarding.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] vpn popgo
# Specify the VPN label processing mode on the egress PE as POP forwarding.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp] undo vpn popgo
vpn-id
Use vpn-id to configure a VPN ID for a VPN instance.
Use undo vpn-id to remove the VPN ID of a VPN instance.
Syntax
vpn-id vpn-id
undo vpn-id
Default
No VPN ID is configured for a VPN instance.
Views
VPN instance view
Predefined user roles
network-admin
mdc-admin
Parameters
vpn-id: Specifies a VPN ID for the VPN instance, in the form of OUI:Index. Both OUI and Index are hex numbers. The OUI is in the range of 0 to FFFFFF, and the index is in the range of 0 to FFFFFFFF.
Usage guidelines
The VPN ID uniquely identifies the VPN instance. Different VPN instances must have different VPN IDs.
The VPN ID cannot be 0:0.
Examples
# Configure VPN ID 20:1 for the VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] vpn-id 20:1
Related commands
display ip vpn-instance
vpn-target (VPN instance view/IPv4 VPN view)
Use vpn-target to configure route targets for a VPN instance.
Use undo vpn-target to remove the specified or all route targets of a VPN instance.
Syntax
vpn-target vpn-target&<1-8> [ both | export-extcommunity | import-extcommunity ]
undo vpn-target { all | vpn-target&<1-8> [ both | export-extcommunity | import-extcommunity ] }
Default
No route targets are configured for a VPN instance.
Views
VPN instance view, IPv4 VPN view
Predefined user roles
network-admin
mdc-admin
Parameters
vpn-target&<1-8>: Specifies a space-separated list of up to eight route targets.
A route target is a string of 3 to 21 characters in one of these formats:
· 16-bit AS number:32-bit user-defined number. For example, 101:3.
· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.
· 32-bit AS number:16-bit user-defined number, where the AS number must not be less than 65536. For example, 65536:1.
both: Uses the specified route targets as both import targets and export targets. The both keyword is also used when you do not specify any of the following keywords: both, export-extcommunity, and import-extcommunity.
export-extcommunity: Uses the specified route targets as export targets.
import-extcommunity: Uses the specified route targets as import targets.
all: Removes all route targets.
Usage guidelines
MPLS L3VPN uses route targets to control the advertisement of VPN routing information. A PE adds the configured export targets into the route target attribute of routes advertised to a peer. The peer uses the local import targets to match the route targets of received routes. If a match is found, the peer adds the routes to the routing table of the VPN instance.
Route targets configured in IPv4 VPN view take precedence over those configured in VPN instance view. If you configure route targets in both IPv4 VPN view and VPN instance view, the IPv4 VPN uses the route targets configured in IPv4 VPN view.
Examples
# Configure route targets for the VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] vpn-target 3:3 export-extcommunity
[Sysname-vpn-instance-vpn1] vpn-target 4:4 import-extcommunity
[Sysname-vpn-instance-vpn1] vpn-target 5:5 both
# Configure route targets for the IPv4 VPN vpn2.
<Sysname> system-view
[Sysname] ip vpn-instance vpn2
[Sysname-vpn-instance-vpn2] address-family ipv4
[Sysname-vpn-ipv4-vpn2] vpn-target 3:3 export-extcommunity
[Sysname-vpn-ipv4-vpn2] vpn-target 4:4 import-extcommunity
[Sysname-vpn-ipv4-vpn2] vpn-target 5:5 both
MCE commands
address-family ipv4 (VPN instance view)
Use address-family ipv4 to enter IPv4 VPN view.
Use undo address-family ipv4 to remove all configurations from IPv4 VPN view.
Syntax
address-family ipv4
undo address-family ipv4
Views
VPN instance view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
In IPv4 VPN view, you can configure IPv4 VPN parameters such as inbound and outbound routing policies.
Examples
# Enter IPv4 VPN view.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] address-family ipv4
[Sysname-vpn-ipv4-vpn1]
description (VPN instance view)
Use description to configure a description for a VPN instance.
Use undo description to delete the description.
Syntax
description text
undo description
Default
No description is configured for a VPN instance.
Views
VPN instance view
Predefined user roles
network-admin
mdc-admin
Parameters
text: Specifies a description for the VPN instance, a case-sensitive string of 1 to 79 characters.
Examples
# Configure a description of This is vpn1 for VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] description This is vpn1
display ip vpn-instance
Use display ip vpn-instance to display VPN instance information.
Syntax
display ip vpn-instance [ instance-name vpn-instance-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
instance-name vpn-instance-name: Displays information about the specified VPN instance. The vpn-instance-name is a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays brief information about all VPN instances.
Examples
# Display brief information about all VPN instances.
<Sysname> display ip vpn-instance
Total VPN-Instances configured : 1
VPN-Instance Name RD Create time
abc 1:1 2011/05/18 10:48:17
Table 69 Command output
Field |
Description |
VPN-Instance Name |
Name of the VPN instance. |
RD |
RD of the VPN instance. |
Create Time |
Time when the VPN instance was created. |
# Display detailed information about VPN instance vpn1.
<Sysname> display ip vpn-instance instance-name vpn1
VPN-Instance Name and Index : vpn1, 2
Route Distinguisher : 100:1
VPN ID : 1:1
Description : vpn1
Interfaces : Vlan-interface2
Address-family IPv4:
Export VPN Targets :
2:2
Import VPN Targets :
3:3
Export Route Policy : outpolicy
Import Route Policy : inpolicy
Tunnel Policy : tunnel1
Maximum Routes Limit : 5000
domain-id
Use domain-id to configure an OSPF domain ID.
Use undo domain-id to restore the default.
Syntax
domain-id domain-id [ secondary ]
undo domain-id [ domain-id ]
Default
The OSPF domain ID is 0.
Views
OSPF view
Predefined user roles
network-admin
mdc-admin
Parameters
domain-id: Specifies an OSPF domain ID in one of the following formats:
· Integer, in the range of 0 to 4294967295. For example, 1.
· Dotted decimal notation. For example, 0.0.0.1.
· Dotted decimal notation:16-bit user-defined number in the range of 0 to 65535. For example, 0.0.0.1:512.
secondary: Specifies a secondary domain ID. If you do not specify this keyword, the command specifies a primary domain ID.
Usage guidelines
When you redistribute OSPF routes into BGP, BGP adds the configured OSPF domain ID to the redistributed BGP VPN routes as a BGP extended community attribute. Then, BGP advertises the routes to the peer PE.
When the peer PE receives the routes, it uses the OSPF domain ID to determine whether the routes belong to the same OSPF routing domain.
· If they do and they are intra-area routes, OSPF advertises these routes in Summary LSAs (Type 3).
· If they do but they are not intra-area routes, OSPF advertises these routes in AS External LSAs (Type 5) or NSSA External LSAs (Type 7).
· If the routes do not belong to the same OSPF routing domain, OSPF advertises them in Type 5 or Type 7 LSAs.
If you do not specify any parameters, the undo domain-id command deletes all domain IDs.
Examples
# Configure an OSPF domain ID.
<Sysname> system-view
[Sysname] ospf 100
[Sysname-ospf-100] domain-id 234
export route-policy
Use export route-policy to apply an export routing policy to a VPN instance.
Use undo export route-policy to remove the application.
Syntax
export route-policy route-policy
undo export route-policy
Default
No export routing policy is applied to a VPN instance.
Views
VPN instance view, IPv4 VPN view
Predefined user roles
network-admin
mdc-admin
Parameters
route-policy: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.
Usage guidelines
You can specify an export routing policy to filter advertised routes or modify their route attributes for the VPN instance.
This command is available in VPN instance view and IPv4 VPN view.
An IPv4 VPN prefers the export routing policy specified in IPv4 VPN view over the one specified in VPN instance view.
Examples
# Apply export routing policy poly-1 to the VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] export route-policy poly-1
# Apply export routing policy poly-2 to the IPv4 VPN vpn2.
<Sysname> system-view
[Sysname] ip vpn-instance vpn2
[Sysname-vpn-instance-vpn2] address-family ipv4
[Sysname-vpn-ipv4-vpn2] export route-policy poly-2
Related commands
· import route-policy
· route-policy (Layer 3—IP Routing Configuration Guide)
ext-community-type
Use ext-community-type to configure the type code of an OSPF extended community attribute.
Use undo ext-community-type to restore the default.
Syntax
ext-community-type { domain-id type-code1 | router-id type-code2 | route-type type-code3 }
undo ext-community-type [ domain-id | router-id | route-type ]
Default
The type codes for domain ID, router ID, and route type are 0x0005, 0x0107, and 0x0306, respectively.
Views
OSPF view
Predefined user roles
network-admin
mdc-admin
Parameters
domain-id type-code1: Specifies the type code for domain ID. Valid values are 0x0005, 0x0105, 0x0205, and 0x8005.
router-id type-code2: Specifies the type code for router ID. Valid values are 0x0107 and 0x8001.
router-type type-code3: Specifies the type code for route type. Valid values are 0x0306 and 0x8000.
Examples
# Configure the type codes of domain ID, router ID, and route type as 0x8005, 0x8001, and 0x8000, respectively, for OSPF process 100.
<Sysname> system-view
[Sysname] ospf 100
[Sysname-ospf-100] ext-community-type domain-id 8005
[Sysname-ospf-100] ext-community-type router-id 8001
[Sysname-ospf-100] ext-community-type route-type 8000
import route-policy
Use import route-policy to apply an import routing policy to a VPN instance.
Use undo import route-policy to remove the application.
Syntax
import route-policy route-policy
undo import route-policy
Default
No import routing policy is applied to a VPN instance. All routes matching the import target attribute are accepted.
Views
VPN instance view, IPv4 VPN view
Predefined user roles
network-admin
mdc-admin
Parameters
route-policy: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.
Usage guidelines
You can specify an import routing policy to filter received routes or modify their route attributes for the VPN instance.
This command is available in VPN instance view and IPv4 VPN view.
An IPv4 VPN prefers the import routing policy specified in IPv4 VPN view over the one specified in VPN instance view.
Examples
# Apply import routing policy poly-1 to the VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] import route-policy poly-1
# Apply import routing policy poly-2 to the IPv4 VPN vpn2.
<Sysname> system-view
[Sysname] ip vpn-instance vpn2
[Sysname-vpn-instance-vpn2] address-family ipv4
[Sysname-vpn-ipv4-vpn2] import route-policy poly-2
Related commands
· export route-policy
· route-policy (Layer 3—IP Routing Configuration Guide)
ip binding vpn-instance
Use ip binding vpn-instance to associate an interface with a VPN instance.
Use undo ip binding vpn-instance to remove the association.
Syntax
ip binding vpn-instance vpn-instance-name
undo ip binding vpn-instance vpn-instance-name
Default
An interface is associated with no VPN instance and belongs to the public network.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters.
Usage guidelines
Use the command on an MCE to associate the VPN instance with the interface connected to the site and the interface connected to the PE.
This command or its undo form clears the IP address and routing protocol configuration on the interface. After executing this command or its undo form, use the display this command to view the current configuration and reconfigure the IP address and routing protocol on the interface.
The specified VPN instance must have been created by using the ip vpn-instance command in system view.
To associate a new VPN instance with an interface, you must remove the previous association and then associate the new VPN instance with the interface.
Examples
# Associate interface VLAN-interface 1 with the VPN instance vpn1.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] ip binding vpn-instance vpn1
Related commands
ip vpn-instance (system view)
ip vpn-instance (system view)
Use ip vpn-instance to create a VPN instance and enter VPN instance view.
Use undo ip vpn-instance to delete a VPN instance.
Syntax
ip vpn-instance vpn-instance-name
undo ip vpn-instance vpn-instance-name
Default
No VPN instance is created.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
vpn-instance-name: Specifies the name of the VPN instance, a case-sensitive string of 1 to 31 characters.
Examples
# Create a VPN instance named vpn1 and enter its view.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1]
Related commands
route-distinguisher
route-distinguisher (VPN instance view)
Use route-distinguisher to configure an RD for a VPN instance.
Use undo route-distinguisher to remove the RD of a VPN instance.
Syntax
route-distinguisher route-distinguisher
undo route-distinguisher
Default
No RD is specified for a VPN instance.
Views
VPN instance view
Predefined user roles
network-admin
mdc-admin
Parameters
route-distinguisher: Specifies an RD for the VPN instance, a string of 3 to 21 characters in one of the following formats:
· 16-bit AS number:32-bit user-defined number. For example, 101:3.
· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.
· 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1.
Usage guidelines
RDs enable VPNs to use the same address space. An RD and an IPv4 prefix comprise a unique VPN IPv4 prefix. You can use RDs to identify different BGP VPN instances on an MCE.
To change the RD of a VPN instance, you must delete the RD with the undo route-distinguisher command, and then use the route-distinguisher command to configure a new RD.
Examples
# Configure RD 22:1 for the VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] route-distinguisher 22:1
route-tag
Use route-tag to configure an external route tag for redistributed VPN routes.
Use undo route-tag to restore the default.
Syntax
route-tag tag-value
undo route-tag
Default
If the AS number is not greater than 65535, the first two octets of the default external route tag are 0xD000 and the last two octets are the local AS number. For example, if the local BGP AS number is 100, the default value of the external route tag is 3489661028. If the AS number is greater than 65535, the default external route tag is 0.
Views
OSPF view
Predefined user roles
network-admin
mdc-admin
Parameters
tag-value: Specifies the external route tag for redistributed VPN routes, in the range of 0 to 4294967295.
Usage guidelines
On an MCE device, you can configure a VPN route tag for a VPN instance bound to an OSPF process. The VPN route tag must be included in Type-5 or Type-7 LSAs. An external route tag can be configured by different commands and has different priorities. The commands used to configure the external route tag (in the descending order of tag priority) are as follows:
· import-route
· route-tag
· default tag
If the external route tag in a Type 5 or 7 LSA received by an MCE is the same as the locally configured external route tag, the MCE ignores the LSA in route calculation to avoid routing loops.
As a best practice, configure the same external route tag for MCEs in the same area.
An external route tag is not transferred in any BGP extended community attribute. It is only locally significant and takes effect only on the MCEs that receive BGP routes and generate OSPF Type 5 or 7 LSAs.
You can configure the same external route tag for different OSPF processes.
Examples
# In OSPF process 100, set the external route tag for redistributed VPN routes to 100.
<Sysname> system-view
[Sysname] ospf 100
[Sysname-ospf-100] route-tag 100
Related commands
import-route
routing-table limit
Use routing-table limit to limit the maximum number of active routes in a VPN instance.
Use undo routing-table limit to restore the default.
Syntax
routing-table limit number { warn-threshold | simply-alert }
undo routing-table limit
Default
The maximum number of active routes in a VPN instance is not limited.
Views
VPN instance view, IPv4 VPN view
Predefined user roles
network-admin
mdc-admin
Parameters
number: Specifies the maximum number of active routes. In VPN instance view, the value range is 1 to 10240. In IPv4 VPN view, the value range is 1 to 1048576. After the hardware-resource tcam normal command is executed, the value range is 1 to 32768 in IPv4 VPN view. For more information about the hardware-resource tcam command, see Fundamentals Command Reference. The hardware-resource tcam command is available in Release 1138P01 and later versions.
warn-threshold: Specifies a warning threshold in the range of 1 to 100 in percentage. When the percentage of the number of existing active routes to the maximum number of active routes exceeds the specified threshold, the system gives an alarm message but still allows new active routes. If active routes in the VPN instance reach the maximum, no more active routes are added.
simply-alert: Specifies that when active routes exceed the maximum number, the system still accepts active routes but generates a system log message.
Usage guidelines
This command is available in VPN instance view and IPv4 VPN view.
An IPv4 VPN prefers the limit configured in IPv4 VPN view over the limit configured in VPN instance view.
Examples
# Specify that VPN instance vpn1 supports up to 1000 active routes, and when active routes exceed the upper limit, can receive new active routes but generates a system log message.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] route-distinguisher 100:1
[Sysname-vpn-instance-vpn1] routing-table limit 1000 simply-alert
# Specify that the IPv4 VPN vpn2 supports up to 1000 active routes, and when active routes exceed the upper limit, can receive new active routes but generates a system log message.
<Sysname> system-view
[Sysname] ip vpn-instance vpn2
[Sysname-vpn-instance-vpn2] route-distinguisher 100:2
[Sysname-vpn-instance-vpn2] address-family ipv4
[Sysname-vpn-ipv4-vpn2] routing-table limit 1000 simply-alert
vpn-id
Use vpn-id to configure a VPN ID for a VPN instance.
Use undo vpn-id to remove the VPN ID of a VPN instance.
Syntax
vpn-id vpn-id
undo vpn-id
Default
No VPN ID is configured for a VPN instance.
Views
VPN instance view
Predefined user roles
network-admin
mdc-admin
Parameters
vpn-id: Specifies a VPN ID for the VPN instance, in the form of OUI:Index. Both OUI and Index are hex numbers. The OUI is in the range of 0 to FFFFFF, and the index is in the range of 0 to FFFFFFFF.
Usage guidelines
The VPN ID uniquely identifies the VPN instance. Different VPN instances must have different VPN IDs.
The VPN ID cannot be 0:0.
Examples
# Configure VPN ID 20:1 for the VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] vpn-id 20:1
Related commands
display ip vpn-instance
vpn-instance-capability simple
Use vpn-instance-capability simple to disable routing loop detection for an OSPF VRF process.
Use undo vpn-instance-capability to restore the default.
Syntax
vpn-instance-capability simple
undo vpn-instance-capability
Default
Routing loop detection is enabled for an OSPF VRF process.
Views
OSPF view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
For the MCE to receive OSPF routes from the PE, you must disable routing loop detection for an OSPF VRF process on the MCE.
This command is applicable only to OSPF VRF processes.
Examples
# Disable routing loop detection for OSPF VRF process 100.
<Sysname> system-view
[Sysname] ospf 100 vpn-instance vpna
[Sysname-ospf-100] vpn-instance-capability simple
vpn-target (VPN instance view/IPv4 VPN view)
Use vpn-target to configure route targets for a VPN instance.
Use undo vpn-target to remove the specified or all route targets of a VPN instance.
Syntax
vpn-target vpn-target&<1-8> [ both | export-extcommunity | import-extcommunity ]
undo vpn-target { all | vpn-target&<1-8> [ both | export-extcommunity | import-extcommunity ] }
Default
No route targets are configured for a VPN instance.
Views
VPN instance view, IPv4 VPN view
Predefined user roles
network-admin
mdc-admin
Parameters
vpn-target&<1-8>: Specifies a space-separated list of up to eight route targets.
A route target is a string of 3 to 21 characters in one of the following formats:
· 16-bit AS number:32-bit user-defined number. For example, 101:3.
· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.
· 32-bit AS number:16-bit user-defined number, where the AS number must not be less than 65536. For example, 65536:1.
both: Uses the specified route targets as both import targets and export targets. The both keyword is also used when you do not specify any of the following keywords: both, export-extcommunity, and import-extcommunity.
export-extcommunity: Uses the specified route targets as export targets.
import-extcommunity: Uses the specified route targets as import targets.
all: Removes all route targets.
Usage guidelines
MPLS L3VPN uses route targets to control the advertisement of VPN routing information. A PE adds the configured export targets into the route target attribute of routes advertised to a peer. The peer uses the local import targets to match the route targets of received routes. If a match is found, the peer adds the routes to the routing table of the VPN instance.
This command is available in VPN instance view and IPv4 VPN view.
An IPv4 VPN prefers the route targets configured in IPv4 VPN view over those configured in VPN instance view.
Examples
# Configure route targets for the VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] vpn-target 3:3 export-extcommunity
[Sysname-vpn-instance-vpn1] vpn-target 4:4 import-extcommunity
[Sysname-vpn-instance-vpn1] vpn-target 5:5 both
# Configure route targets for the IPv4 VPN vpn2.
<Sysname> system-view
[Sysname] ip vpn-instance vpn2
[Sysname-vpn-instance-vpn2] address-family ipv4
[Sysname-vpn-ipv4-vpn2] vpn-target 3:3 export-extcommunity
[Sysname-vpn-ipv4-vpn2] vpn-target 4:4 import-extcommunity
[Sysname-vpn-ipv4-vpn2] vpn-target 5:5 both
accept-label,23
address-family ipv4 (VPN instance view),187
address-family ipv4 (VPN instance view),224
address-family vpnv4,187
advertise-label,24
authentication challenge,138
authentication key,139
authentication lifetime,140
authentication window-size,142
auto-bandwidth enable,59
auto-tunnel backup,60
backoff,25
description (VPN instance view),188
description (VPN instance view),224
destination,60
disable,61
display bgp routing-table ipv4 unicast inlabel,189
display bgp routing-table ipv4 unicast outlabel,190
display bgp routing-table vpnv4,191
display bgp routing-table vpnv4 inlabel,200
display bgp routing-table vpnv4 outlabel,201
display explicit-path,62
display interface tunnel,63
display ip vpn-instance,225
display ip vpn-instance,203
display isis mpls te advertisement,64
display isis mpls te configured-sub-tlvs,68
display isis mpls te network,68
display isis mpls te tunnel,70
display mpls forwarding ilm,1
display mpls forwarding nhlfe,3
display mpls interface,4
display mpls label,5
display mpls ldp discovery,26
display mpls ldp fec,28
display mpls ldp igp sync,30
display mpls ldp interface,31
display mpls ldp lsp,32
display mpls ldp parameter,33
display mpls ldp peer,35
display mpls ldp summary,38
display mpls lsp,6
display mpls lsp statistics,10
display mpls nib,11
display mpls nid,11
display mpls static-cr-lsp,133
display mpls static-lsp,19
display mpls summary,12
display mpls te ds-te,71
display mpls te link-management bandwidth-allocation,72
display mpls te tedb,73
display mpls te tunnel-interface,79
display mpls tunnel,183
display ospf mpls te advertisement,82
display ospf mpls te network,84
display ospf mpls te tunnel,85
display ospf sham-link,204
display rsvp,143
display rsvp authentication,146
display rsvp lsp,150
display rsvp peer,153
display rsvp request,154
display rsvp reservation,156
display rsvp sender,158
display rsvp statistics,162
domain-id,205
domain-id,226
dscp,165
ds-te bc-model,86
ds-te mode,89
ds-te te-class,87
explicit-path,89
export route-policy,206
export route-policy,227
ext-community-type,228
ext-community-type,207
fast-reroute timer,90
graceful-restart,39
graceful-restart enable,166
graceful-restart timer,40
hello interval,166
hello lost,167
igp sync delay,41
igp sync delay on-restart,42
import route-policy,228
import route-policy,208
interface tunnel,91
ip binding vpn-instance,229
ip binding vpn-instance,208
ip vpn-instance (system view),230
ip vpn-instance (system view),209
keep-multiplier,168
label-distribution,43
link-management periodic-flooding timer,92
loop-detect,44
lsp-trigger,45
lsr-id,46
maxhops,46
md5-authentication,47
mpls enable,13
mpls label advertise,14
mpls ldp,48
mpls ldp enable,49
mpls ldp igp sync disable,50
mpls ldp sync (IS-IS view),50
mpls ldp sync (OSPF view/OSPF area view),51
mpls ldp timer,52
mpls ldp transport-address,54
mpls lsr-id,15
mpls mtu,15
mpls te,93
mpls te affinity-attribute,93
mpls te auto-bandwidth,94
mpls te auto-tunnel backup disable,96
mpls te backup,96
mpls te backup bandwidth,97
mpls te backup-path,99
mpls te bandwidth,100
mpls te bandwidth change thresholds,101
mpls te bidirectional,102
mpls te enable (interface view),104
mpls te enable (IS-IS view),104
mpls te enable (OSPF area view),105
mpls te fast-reroute,106
mpls te fast-reroute bypass-tunnel,107
mpls te igp advertise,108
mpls te igp metric,109
mpls te igp shortcut,109
mpls te link-attribute,110
mpls te loop-detection,111
mpls te max-link-bandwidth,112
mpls te max-reservable-bandwidth,113
mpls te max-reservable-bandwidth mam,114
mpls te max-reservable-bandwidth rdm,115
mpls te metric,116
mpls te path,117
mpls te path-metric-type,118
mpls te priority,118
mpls te record-route,119
mpls te reoptimization (tunnel interface view),120
mpls te reoptimization (user view),121
mpls te resv-style,121
mpls te retry,122
mpls te route-pinning,123
mpls te signaling,124
mpls te static-cr-lsp,124
mpls te timer retry,125
mpls ttl expiration enable,16
mpls ttl propagate,17
nesting-vpn,210
nexthop,126
nhop-only,127
non-stop-routing,54
path-metric-type,128
peer,169
peer next-hop-invariable,211
peer upe,211
peer upe route-policy,212
policy vpn-target,213
preferred-path,184
pv-limit,55
refresh interval,170
reset mpls ldp,56
reset mpls te auto-bandwidth-adjustment timers,129
reset rsvp authentication,170
reset rsvp statistics,171
route-distinguisher (VPN instance view),231
route-distinguisher (VPN instance view),214
route-tag,231
route-tag,214
routing-table limit,232
routing-table limit,216
rr-filter,217
rsvp,172
rsvp authentication challenge,172
rsvp authentication key,174
rsvp authentication lifetime,175
rsvp authentication window-size,176
rsvp bfd enable,178
rsvp enable,178
rsvp hello enable,179
rsvp reduction retransmit increment,179
rsvp reduction retransmit interval,180
rsvp reduction srefresh,181
select-seq load-balance-number,185
sham-link,217
snmp-agent trap enable l3vpn,219
snmp-agent trap enable ldp,57
snmp-agent trap enable mpls,18
static-cr-lsp egress,134
static-cr-lsp ingress,135
static-cr-lsp transit,136
static-lsp egress,19
static-lsp ingress,20
static-lsp transit,21
te-subtlv,129
timers removal unused,130
tnl-policy,219
tunnel-number,131
tunnel-policy,185
vpn popgo,220
vpn-id,221
vpn-id,233
vpn-instance,57
vpn-instance-capability simple,234
vpn-target (VPN instance view/IPv4 VPN view),222
vpn-target (VPN instance view/IPv4 VPN view),235