- Table of Contents
- Related Documents
-
Title | Size | Download |
---|---|---|
01-Text | 357.83 KB |
Contents
bfd multi-hop authentication-mode
bfd multi-hop destination-port
bfd multi-hop detect-multiplier
bfd multi-hop min-receive-interval
bfd multi-hop min-transmit-interval
DLDP commands
display dldp
Use display dldp to display DLDP configuration.
Syntax
display dldp [ interface interface-type interface-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
interface interface-type interface-number: Specifies an interface by its type and number.
Usage guidelines
If no port is specified, this command displays global and port-specific DLDP configuration. If a port is specified, this command displays only the DLDP configuration on the port.
Examples
# Display global and port-specific DLDP configuration.
<Sysname> display dldp
DLDP global status: Enabled
DLDP advertisement interval: 5s
DLDP authentication-mode: Simple
DLDP authentication-password: ******
DLDP unidirectional-shutdown mode: Auto
DLDP delaydown-timer value: 1s
Number of enabled ports: 2
Interface FortyGigE1/0/1
DLDP port state: Bidirectional
Number of the port’s neighbors: 1
Neighbor MAC address: 0023-8956-3600
Neighbor port index: 79
Neighbor state: Confirmed
Neighbor aged time: 13s
Interface FortyGigE1/0/2
DLDP port state: Inactive
Number of the port’s neighbors: 0 (Maximum number ever detected: 1)
# Display the DLDP configuration of FortyGigE 1/0/1.
<Sysname> display dldp interface fortygige 1/0/1
Interface FortyGigE1/0/1
DLDP port state: Bidirectional
Number of the port’s neighbors: 1
Neighbor MAC address: 0023-8956-3600
Neighbor port index: 79
Neighbor state: Confirmed
Neighbor aged time: 13s
Table 1 Command output
Field |
Description |
DLDP global status |
Global DLDP state (Enabled or Disabled). |
DLDP advertisement interval |
Interval for sending Advertisement packets (in seconds) to maintain neighbor relations. |
DLDP authentication-mode |
DLDP authentication mode (None, Simple, or md5). |
DLDP authentication-password |
Password for DLDP authentication: · ******—The password has been configured. · Not configured—The authentication mode has been configured but no password is configured. |
DLDP unidirectional-shutdown mode |
Port shutdown mode (Auto or Manual) after unidirectional links are detected. |
DLDP delaydown-timer value |
Setting of the DelayDown timer, in seconds. |
Number of enabled ports |
Number of the DLDP-enabled ports. |
Interface |
Index of a DLDP-enabled port. |
DLDP port state |
DLDP state on a port: · Bidirectional. · Inactive. · Initial. · Unidirectional. |
Number of the port’s neighbors |
Current number of neighbors. |
Maximum number ever detected |
Maximum number of neighbors once detected on the port. This field appears only when the current number of neighbors is different from the maximum number of neighbors once detected. |
Neighbor MAC address |
MAC address of the neighbor. |
Neighbor port index |
Neighbor port index. |
Neighbor state |
Neighbor state (Confirmed or Unconfirmed). |
Neighbor aged time |
Neighbor aging time. |
display dldp statistics
Use display dldp statistics to display the statistics on the DLDP packets passing through a port.
Syntax
display dldp statistics [ interface interface-type interface-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
interface interface-type interface-number: Specifies a port by its type and number.
Usage guidelines
If no port is specified, this command displays the statistics on the DLDP packets passing through all the DLDP-enabled ports.
Examples
# Display the statistics on the DLDP packets passing through all the DLDP-enabled ports.
<Sysname> display dldp statistics
Interface FortyGigE1/0/1
Packets sent: 6
Packets received: 5
Invalid packets received: 2
Loopback packets received: 0
Authentication-failed packets received: 0
Valid packets received: 3
Interface FortyGigE1/0/2
Packets sent: 7
Packets received: 7
Invalid packets received: 3
Loopback packets received: 0
Authentication-failed packets received: 0
Valid packets received: 4
Table 2 Command output
Field |
Description |
Interface |
Port index. |
Packets sent |
Total number of DLDP packets sent. |
Packets received |
Total number of DLDP packets received. |
Invalid packets received |
Number of the invalid packets received. |
Loop packets received |
Number of the loopback packets received. |
Authentication failed packets received |
Number of the received packets that failed to pass the authentication. |
Valid packets received |
Number of the valid packets received. |
Related commands
reset dldp statistics
dldp authentication-mode
Use dldp authentication-mode to configure DLDP authentication.
Use undo dldp authentication-mode to restore the default.
Syntax
dldp authentication-mode { md5 | none | simple }
undo dldp authentication-mode
Default
The DLDP authentication mode is none.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
md5: Specifies the MD5 authentication mode.
none: Specifies not to perform authentication.
simple: Specifies the plain text authentication mode.
Usage guidelines
To enable DLDP to operate correctly, make sure the DLDP authentication modes and the passwords configured on the two ends of a link are the same.
If you do not configure the authentication password after you configure the authentication mode, the authentication mode is none no matter which authentication mode you configure.
Examples
# Configure to perform plain text authentication and set the password to abc (assuming that Device A and Device B are connected by a DLDP link).
· Configure Device A:
<DeviceA> system-view
[DeviceA] dldp authentication-mode simple
[DeviceA] dldp authentication-password simple abc
· Configure Device B:
<DeviceB> system-view
[DeviceB] dldp authentication-mode simple
[DeviceB] dldp authentication-password simple abc
Related commands
· display dldp
· dldp authentication-password
dldp authentication-password
Use dldp authentication-password to configure the password for DLDP authentication.
Use undo dldp authentication-password to restore the default.
Syntax
dldp authentication-password { cipher cipher | simple simple }
undo dldp authentication-password
Default
No DLDP authentication password is configured.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
cipher cipher: Sets a ciphertext password. The cipher argument is a case-sensitive string of 1 to 53 characters.
simple simple: Sets a plaintext password. The simple argument is a case-sensitive string of 1 to 16 characters.
Usage guidelines
For security purposes, all DLDP authentication passwords, including passwords configured in plain text, are saved in cipher text.
To enable DLDP to operate correctly, make sure the DLDP authentication modes and the passwords configured on the two ends of a link are the same.
If you do not configure the authentication password after you configure the authentication mode, the authentication mode is none no matter which authentication mode you configure.
Examples
# Configure to perform plain text authentication and set the password to abc (assuming that Device A and Device B are connected by a DLDP link).
· Configure Device A:
<DeviceA> system-view
[DeviceA] dldp authentication-mode simple
[DeviceA] dldp authentication-password simple abc
· Configure Device B:
<DeviceB> system-view
[DeviceB] dldp authentication-mode simple
[DeviceB] dldp authentication-password simple abc
Related commands
· display dldp
· dldp authentication-mode
dldp delaydown-timer
Use dldp delaydown-timer to set the DelayDown timer.
Use undo dldp delaydown-timer to restore the default.
Syntax
dldp delaydown-timer time
undo dldp delaydown-timer
Default
The setting of the DelayDown timer is 1 second.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
time: Specifies the DelayDown timer in the range of 1 to 5 seconds.
Usage guidelines
The DelayDown timer configured by using this command applies to all DLDP-enabled ports.
Examples
# Set the DelayDown timer to 2 seconds.
<Sysname> system-view
[Sysname] dldp delaydown-timer 2
Related commands
display dldp
dldp enable
Use dldp enable to enable DLDP on a port.
Use undo dldp enable to disable DLDP on a port.
Syntax
dldp enable
undo dldp enable
Default
DLDP is disabled on a port.
Views
Layer 2 Ethernet interface view, Layer 3 Ethernet interface view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
DLDP can take effect only after you enable it globally and on a port.
Examples
# Enable DLDP globally, and then enable DLDP on FortyGigE 1/0/1.
<Sysname> system-view
[Sysname] dldp global enable
[Sysname] interface fortygige 1/0/1
[Sysname-FortyGigE1/0/1] dldp enable
Related commands
· display dldp
· dldp global enable
dldp global enable
Use dldp global enable to enable DLDP globally.
Use undo dldp global enable to disable DLDP globally.
Syntax
dldp global enable
undo dldp global enable
Default
DLDP is disabled globally.
Views
System view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
DLDP can take effect only after you enable it globally and on a port.
Examples
# Enable DLDP globally.
<Sysname> system-view
[Sysname] dldp global enable
Related commands
· display dldp
· dldp enable
dldp interval
Use dldp interval to set the interval for sending Advertisement packets.
Use undo dldp interval to restore the default.
Syntax
dldp interval time
undo dldp interval
Default
The interval for sending Advertisement packets is 5 seconds.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
time: Specifies Advertisement packets sending interval in the range of 1 to 100 seconds.
Usage guidelines
This command applies to all DLDP-enabled ports.
To enable DLDP to operate correctly, make sure the intervals for sending Advertisement packets configured on the two ends of a link are the same.
Examples
# Set the interval for sending Advertisement packets to 20 seconds.
<Sysname> system-view
[Sysname] dldp interval 20
Related commands
display dldp
dldp unidirectional-shutdown
Use dldp unidirectional-shutdown to set the port shutdown mode.
Use undo dldp unidirectional-shutdown to restore the default.
Syntax
dldp unidirectional-shutdown { auto | manual }
undo dldp unidirectional-shutdown
Default
The port shutdown mode is auto mode.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
auto: Configures the port shutdown mode as auto mode. In this mode, when DLDP detects a unidirectional link, it shuts down the Unidirectional port.
manual: Configures the port shutdown mode as manual mode. In this mode, when DLDP detects a unidirectional link, DLDP does not shut down the involved port but you need to manually shut it down. When the link state is restored to Bidirectional, you must manually bring up the port.
Examples
# Set the port shutdown mode to manual mode.
<Sysname> system-view
[Sysname] dldp unidirectional-shutdown manual
display dldp
reset dldp statistics
Use reset dldp statistics to clear the statistics on DLDP packets passing through a port.
Syntax
reset dldp statistics [ interface interface-type interface-number ]
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
interface interface-type interface-number: Clears the statistics on DLDP packets passing through a port. interface-type interface-number represents a port by its type and number.
Usage guidelines
If no port is specified, this command clears the statistics on the DLDP packets passing through all the DLDP-enabled ports.
Examples
# Clear the statistics on the DLDP packets passing through all the DLDP-enabled ports.
<Sysname> reset dldp statistics
Related commands
display dldp statistics
VRRP commands
The term "interface" in this chapter refers to VLAN interfaces, Layer 3 Ethernet interfaces, Layer 3 aggregate interfaces, Layer 3 Ethernet subinterfaces, and Layer 3 aggregate subinterfaces. You can configure an Ethernet port as a Layer 3 interface by using the port link-mode route command (see Layer 2—LAN Switching Configuration Guide).
VRRP cannot be configured on member ports of aggregation groups.
In VRRP load balancing mode, the virtual MAC address is determined by the virtual router ID and the VF number. Each VF in VRRP groups with different virtual router IDs on a device is associated with a unique virtual MAC address. An FE or FX card can have a maximum of 8 virtual MAC addresses. The maximum number of VRRP groups with different virtual router IDs on a device multiplied by the maximum number of VFs among all VRRP groups cannot be larger than 8.
IPv4 VRRP commands
display vrrp
Use display vrrp to display the states of IPv4 VRRP groups.
Syntax
display vrrp [ interface interface-type interface-number [ vrid virtual-router-id ] ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
interface interface-type interface-number: Specifies an interface by its type and number.
vrid virtual-router-id: Specifies an IPv4 VRRP group by its virtual router ID. The value range for the virtual-router-id argument varies as follows:
Cards |
VRRP operating mode |
Value range |
FC cards |
VRRP standard mode. NOTE: VRRP load balancing mode is not supported on FC cards. |
The valid value range is 1 to 7. |
FE and FX cards |
VRRP standard mode. |
In versions earlier than Release 1138P01, the valid value range is 1 to 7. In Release 1138P01 and later versions, the valid value range is 1 to 255. A device can have a maximum of 8 VRRP groups with different virtual router IDs. |
VRRP load balancing mode. |
The valid value range is 1 to 255. The maximum number of VRRP groups with different virtual router IDs on a device multiplied by the maximum number of VFs among all VRRP groups cannot be larger than 8. |
verbose: Displays detailed IPv4 VRRP group information. If the verbose keyword is not specified, this command displays brief IPv4 VRRP group information.
Usage guidelines
· If no interface or VRRP group is specified, this command displays the states of all IPv4 VRRP groups.
· If only an interface is specified, this command displays the states of all IPv4 VRRP groups on the specified interface.
· If both an interface and an IPv4 VRRP group are specified, this command displays the states of the specified IPv4 VRRP group on the specified interface.
Examples
# Display brief information about all IPv4 VRRP groups on the device when VRRP operates in standard mode.
<Sysname> display vrrp
IPv4 Virtual Router Information:
Running Mode : Standard
Total number of virtual routers : 1
Interface VRID State Running Adver Auth Virtual
Pri Timer Type IP
---------------------------------------------------------------------
Vlan1 1 Master 150 100 Simple 1.1.1.1
Table 3 Command output (in standard mode)
Field |
Description |
Running Mode |
VRRP operating mode (standard mode). |
Total number of virtual routers |
Total number of VRRP groups. |
Interface |
Interface where the VRRP group is configured. |
VRID |
Virtual router ID (VRRP group number). |
State |
Status of the router in the VRRP group: · Master. · Backup. · Initialize. · Inactive. |
Running Pri |
Current priority of the router. When a track entry is associated with a VRRP group on the router, the router's priority changes when the track entry's status changes. |
Adver Timer |
VRRP advertisement sending interval in centiseconds. |
Auth Type |
Authentication type: · None—No authentication. · Simple—Simple text authentication. · MD5—MD5 authentication. |
Virtual IP |
Virtual IP address of the VRRP group. |
# Display detailed information about all IPv4 VRRP groups on the device when VRRP operates in standard mode.
<Sysname> display vrrp verbose
IPv4 Virtual Router Information:
Running Mode : Standard
Total number of virtual routers : 2
Interface Vlan-interface2
VRID : 1 Adver Timer : 100
Admin Status : Up State : Master
Config Pri : 150 Running Pri : 150
Preempt Mode : Yes Delay Time : 5
Auth Type : Simple Key : ******
Virtual IP : 1.1.1.1
Virtual MAC : 0000-5e00-0101
Master IP : 1.1.1.2
VRRP Track Information:
Track Object : 1 State : Positive Pri Reduced : 50
Interface Vlan-interface2
VRID : 11 Adver Timer : 100
Admin Status : Up State : Backup
Config Pri : 80 Running Pri : 80
Preempt Mode : Yes Delay Time : 0
Become Master : 2370ms left
Auth Type : None
Virtual IP : 1.1.1.11
Virtual MAC : 0000-5e00-010b
Master IP : 1.1.1.12
Table 4 Command output (in standard mode)
Field |
Description |
Running Mode |
VRRP operating mode (standard mode). |
Total number of virtual routers |
Total number of VRRP groups. |
Interface |
Interface where the VRRP group is configured. |
VRID |
Virtual router ID (VRRP group number). |
Adver Timer |
VRRP advertisement sending interval in centiseconds. |
Admin Status |
Administrative status: up or down. |
State |
Status of the router in the VRRP group: · Master. · Backup. · Initialize. · Inactive. |
Config Pri |
Configured priority of the router, which is configured through the vrrp vrid priority command. |
Running Pri |
Current priority of the router. When a track entry is associated with a VRRP group on the router, the router's priority changes when the track entry's status changes. |
Preempt Mode |
Preemptive mode: · Yes. · No. |
Delay Time |
Preemption delay time in centiseconds. |
Become Master |
Time, in milliseconds, that a backup router has to wait before it becomes the master. |
Auth Type |
Authentication type: · None—No authentication. · Simple—Simple text authentication. · MD5—MD5 authentication. |
Key |
Authentication key, which is not displayed if no authentication is required. |
Virtual IP |
Virtual IP address of the VRRP group. |
Virtual MAC |
Virtual MAC address of the VRRP group's virtual IP address, which is displayed when the router is the master. |
Master IP |
Primary IP address of the interface where the master resides. |
VRRP Track Information |
Track entry information. This field is displayed only after you have configured the vrrp vrid track command. |
Track Object |
Track entry which is associated with the VRRP group. |
State |
Track entry state: · Negative. · Positive. · NotReady. |
Pri Reduced |
Value by which the priority decreases when the status of the associated track entry becomes negative. |
Switchover |
Switchover mode. When the status of the associated track entry becomes negative, the backup immediately becomes the master. |
# Display brief information about all IPv4 VRRP groups on the device when VRRP operates in load balancing mode.
<Sysname> display vrrp
IPv4 Virtual Router Information:
Running Mode : Load Balance
Total number of virtual routers : 1
Interface VRID State Running Address Active
Pri
----------------------------------------------------------------------
Vlan1 1 Master 150 1.1.1.1 Local
----- VF 1 Active 255 000f-e2ff-0011 Local
Table 5 Command output (in load balancing mode)
Field |
Description |
Running Mode |
VRRP operating mode (load balancing mode). |
Total number of virtual routers |
Total number of VRRP groups. |
Interface |
Interface where the VRRP group is configured. |
VRID |
Virtual router ID (VRRP group number) or virtual forwarder (VF) ID. |
State |
· For a VRRP group (when the VRID is a virtual router ID), this field indicates the state of the router in the VRRP group, which is Master, Backup, Initialize, or Inactive. · For a VF (when the VRID is a VF ID), this field indicates the state of the VF in the VRRP group, which is Active, Listening, or Initialize. |
Running Pri |
· For a VRRP group (when the VRID is a virtual router ID), this field indicates the running priority of the router. When a track entry is associated with a VRRP group on the router, the router's priority changes when the track entry's status changes. · For a VF (when the VRID is a VF ID), this field indicates the running priority of the VF. When a track entry is associated with a VF, the priority of the VF changes if the state of the monitored track entry changes. |
Address |
· For a VRRP group (when the VRID is a virtual router ID), this field indicates the virtual IP address of the VRRP group. · For a VF (when the VRID is a VF ID), this field indicates the virtual MAC address of the VF. |
Active |
· For a VRRP group (when the VRID is a virtual router ID), this field indicates the IP address of the interface where the master resides. If the current router is the master, local is displayed. · For a VF (when the VRID is a VF ID), this field indicates the IP address of the interface where the active virtual forwarder (AVF) resides. If the current VF is the AVF, local is displayed. |
# Display detailed information about all IPv4 VRRP groups on the device when VRRP operates in load balancing mode.
<Sysname> display vrrp verbose
IPv4 Virtual Router Information:
Running Mode : Load Balance
Total number of virtual routers : 2
Interface Vlan-interface
VRID : 1 Adver Timer : 100
Admin Status : Up State : Master
Config Pri : 150 Running Pri : 150
Preempt Mode : Yes Delay Time : 5
Auth Type : None
Virtual IP : 10.1.1.1
10.1.1.2
10.1.1.3
Member IP List : 10.1.1.10 (Local, Master)
10.1.1.20 (Backup)
VRRP Track Information:
Track Object : 1 State : Positive Pri Reduced : 50
Forwarder Information: 2 Forwarders 1 Active
Config Weight : 255
Running Weight : 255
Forwarder 01
State : Active
Virtual MAC : 000f-e2ff-0011 (Owner)
Owner ID : 0000-5e01-1101
Priority : 255
Active : local
Forwarder 02
State : Listening
Virtual MAC : 000f-e2ff-0012 (Learnt)
Owner ID : 0000-5e01-1103
Priority : 127
Active : 10.1.1.20
Forwarder Weight Track Information:
Track Object : 1 State : Positive Weight Reduced : 250
Interface Vlan-interface2
VRID : 11 Adver Timer : 100
Admin Status : Up State : Backup
Config Pri : 80 Running Pri : 80
Preempt Mode : Yes Delay Time : 0
Become Master : 2370ms left
Auth Type : None
Virtual IP : 10.1.1.11
10.1.1.12
10.1.1.13
Member IP List : 10.1.1.10 (Local, Backup)
10.1.1.15 (Master)
Forwarder Information: 2 Forwarders 1 Active
Config Weight : 255
Running Weight : 255
Forwarder 01
State : Active
Virtual MAC : 000f-e2ff-40b1 (Learnt)
Owner ID : 0000-5e01-1103
Priority : 127
Active : 10.1.1.15
Forwarder 02
State : Listening
Virtual MAC : 000f-e2ff-40b2 (Owner)
Owner ID : 0000-5e01-1101
Priority : 255
Active : local
Table 6 Command output (in load balancing mode)
Field |
Description |
Running Mode |
VRRP operating mode (load balancing mode). |
Total number of virtual routers |
Total number of VRRP groups. |
Interface |
Interface where the VRRP group is configured. |
VRID |
Virtual router ID (VRRP group number). |
Adver Timer |
VRRP advertisement sending interval in centiseconds. |
Admin Status |
Administrative status: up or down. |
State |
Status of the router in the VRRP group: · Master. · Backup. · Initialize. · Inactive. |
Config Pri |
Configured priority of the router, which is configured by using the vrrp vrid priority command. |
Running Pri |
Current priority of the router. When a track entry is associated with a VRRP group on the router, the router's priority changes when the track entry's status changes. |
Preempt Mode |
Preemptive mode: · Yes. · No. |
Delay Time |
Preemption delay time in centiseconds. |
Become Master |
Time, in milliseconds, that a backup router has to wait before it becomes the master. |
Auth Type |
Authentication type: · None—No authentication. · Simple—Simple text authentication. · MD5—MD5 authentication. |
Key |
Authentication key, which is not displayed if no authentication is required. |
Virtual IP |
Virtual IP address list of the VRRP group. |
Member IP List |
IP addresses of the member devices in the VRRP group: · Local—IP address of the local router. · Master—IP address of the master. · Backup—IP address of the backup. |
VRRP Track Information |
Track entry which is associated with the VRRP group. This field is displayed only after you have configured the vrrp vrid track command. |
Track Object |
Track entry to be monitored. |
State |
Track entry state: · Negative. · Positive. · NotReady. |
Pri Reduced |
Value by which the priority decreases when the status of the associated track entry becomes negative. This field is displayed only after you have configured vrrp vrid track command. |
Switchover |
Switchover mode. When the status of the associated track entry becomes negative, the backup immediately becomes the master. |
Forwarder Information: 2 Forwarders 1 Active |
VF information: Two VFs exist, and one is the AVF. |
Config Weight |
Configured weight of the VF: 255. |
Running Weight |
Current weight of the VF. When a track entry is associated with the VFs of a VRRP group, the VFs' weights change when the track entry's status changes. |
Forwarder 01 |
Information about VF 01. |
State |
VF state: · Active. · Listening. · Initialize. |
Virtual MAC |
Virtual MAC address of the VF. |
Owner ID |
Real MAC address of the VF owner. |
Priority |
VF priority in the range of 1 to 255. |
Active |
IP address of the interface where the AVF resides. If the current VF is the AVF, local is displayed. |
Forwarder Weight Track Configuration |
VF weight Track configuration. The field is displayed only after you have configured the vrrp vrid weight track command. |
Track Object |
Track entry which is associated with the VFs. The field is displayed only after you have configured the vrrp vrid weight track command. |
State |
Track entry state: · Negative. · Positive. · NotReady. |
Weight Reduced |
Value by which the weights of the VFs decrease when the state of the associated track entry changes to negative. The field is displayed only after you configure the vrrp vrid weight track command. |
display vrrp statistics
Use display vrrp statistics to display statistics for IPv4 VRRP groups.
Syntax
display vrrp statistics [ interface interface-type interface-number [ vrid virtual-router-id ] ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
interface interface-type interface-number: Specifies an interface by its type and number.
vrid virtual-router-id: Specifies an IPv4 VRRP group by its virtual router ID. The value range for the virtual-router-id argument varies as follows:
Cards |
VRRP operating mode |
Value range |
FC cards |
VRRP standard mode. NOTE: VRRP load balancing mode is not supported on FC cards. |
The valid value range is 1 to 7. |
FE and FX cards |
VRRP standard mode. |
In versions earlier than Release 1138P01, the valid value range is 1 to 7. In Release 1138P01 and later versions, the valid value range is 1 to 255. A device can have a maximum of 8 VRRP groups with different virtual router IDs. |
VRRP load balancing mode. |
The valid value range is 1 to 255. The maximum number of VRRP groups with different virtual router IDs on a device multiplied by the maximum number of VFs among all VRRP groups cannot be larger than 8. |
Usage guidelines
· If no interface or VRRP group is specified, this command displays statistics for all IPv4 VRRP groups.
· If only an interface is specified, this command displays statistics for all IPv4 VRRP groups on the specified interface.
· If both an interface and an IPv4 VRRP group are specified, this command displays statistics for the specified IPv4 VRRP group on the specified interface.
You can use the reset vrrp statistics command to clear statistics for IPv4 VRRP groups.
Examples
# Display statistics for all IPv4 VRRP groups when VRRP operates in standard mode.
<Sysname> display vrrp statistics
Interface : Vlan-interface2
VRID : 1
CheckSum Errors : 0 Version Errors : 0
Invalid Pkts Rcvd : 0 Unexpected Pkts Rcvd : 0
IP TTL Errors : 0 Advertisement Interval Errors : 0
Invalid Auth Type : 0 Auth Failures : 0
Packet Length Errors : 0 Auth Type Mismatch : 0
Become Master : 1 Address List Errors : 0
Adver Rcvd : 0 Priority Zero Pkts Rcvd : 0
Adver Sent : 807 Priority Zero Pkts Sent : 0
Global statistics
CheckSum Errors : 0
Version Errors : 0
VRID Errors : 0
# Display statistics for all IPv4 VRRP groups when VRRP operates in load balancing mode.
<Sysname> display vrrp statistics
Interface : Vlan-interface2
VRID : 1
CheckSum Errors : 0 Version Errors : 0
Invalid Pkts Rcvd : 0 Unexpected Pkts Rcvd : 0
IP TTL Errors : 0 Advertisement Interval Errors : 0
Invalid Auth Type : 0 Auth Failures : 0
Packet Length Errors : 0 Auth Type Mismatch : 0
Become Master : 39 Address List Errors : 0
Become AVF : 13 Packet Option Errors : 0
Adver Rcvd : 2562 Priority Zero Pkts Rcvd : 1
Adver Sent : 16373 Priority Zero Pkts Sent : 49
Request Rcvd : 2 Reply Rcvd : 10
Request Sent : 12 Reply Sent : 2
Release Rcvd : 0 VF Priority Zero Pkts Rcvd : 1
Release Sent : 0 VF Priority Zero Pkts Sent : 11
Redirect Timer Expires : 1 Time-out Timer Expires : 0
Global statistics
CheckSum Errors : 0
Version Errors : 0
VRID Errors : 0
Table 7 Command output (in standard mode)
Field |
Description |
Interface |
Interface where the VRRP group is configured. |
VRID |
VRRP group number. |
CheckSum Errors |
Number of packets with checksum errors. |
Version Errors |
Number of packets with version errors. |
Invalid Pkts Rcvd |
Number of received packets of invalid packet types. |
Unexpected Pkts Rcvd |
Number of received unexpected packets. |
Advertisement Interval Errors |
Number of packets with advertisement interval errors. |
IP TTL Errors |
Number of packets with TTL errors. |
Auth Failures |
Number of packets with authentication failures. |
Invalid Auth Type |
Number of packets with authentication failures because of invalid authentication types. |
Auth Type Mismatch |
Number of packets with authentication failures because of mismatching authentication types. |
Packet Length Errors |
Number of packets with VRRP packet length errors. |
Address List Errors |
Number of packets with virtual IP address list errors. |
Become Master |
Number of times that the router elected as the master. |
Priority Zero Pkts Rcvd |
Number of received advertisements with the router priority of 0. |
Adver Rcvd |
Number of received advertisements. |
Priority Zero Pkts Sent |
Number of sent advertisements with the router priority of 0. |
Adver Sent |
Number of sent advertisements. |
Global statistics |
Global statistics for all VRRP groups. |
CheckSum Errors |
Total number of packets with checksum errors. |
Version Errors |
Total number of packets with version errors. |
VRID Errors |
Total number of packets with VRID errors. |
Table 8 Command output (in load balancing mode)
Field |
Description |
Interface |
Interface where the VRRP group is configured. |
VRID |
VRRP group number. |
CheckSum Errors |
Number of packets with checksum errors. |
Version Errors |
Number of packets with version errors. |
Invalid Pkts Rcvd |
Number of received packets of invalid packet types. |
Unexpected Pkts Rcvd |
Number of received unexpected packets. |
Advertisement Interval Errors |
Number of packets with advertisement interval errors. |
IP TTL Errors |
Number of packets with TTL errors. |
Auth Failures |
Number of packets with authentication failures. |
Invalid Auth Type |
Number of packets with authentication failures because of invalid authentication types. |
Auth Type Mismatch |
Number of packets with authentication failures because of mismatching authentication types. |
Packet Length Errors |
Number of packets with VRRP packet length errors. |
Address List Errors |
Number of packets with virtual IP address list errors. |
Become Master |
Number of times that the router elected as the master. |
Redirect Timer Expires |
Number of times that the redirect timer expired. |
Become AVF |
Number of times that the VF elected as the AVF. |
Time-out Timer Expires |
Number of times that the time-out timer expired. |
Adver Rcvd |
Number of received advertisements. |
Request Rcvd |
Number of received requests. |
Adver Sent |
Number of sent advertisements. |
Request Sent |
Number of sent requests. |
Reply Rcvd |
Number of received replies. |
Release Rcvd |
Number of received release packets. |
Reply Sent |
Number of sent replies. |
Release Sent |
Number of sent release packets. |
Priority Zero Pkts Rcvd |
Number of received advertisements with the router priority of 0. |
VF Priority Zero Pkts Rcvd |
Number of received advertisements with the VF priority of 0. |
Priority Zero Pkts Sent |
Number of sent advertisements with the router priority of 0. |
VF Priority Zero Pkts Sent |
Number of sent advertisements with the VF priority of 0. |
Packet Option Errors |
Number of packet option errors. |
Global statistics |
Global statistics for all IPv4 VRRP groups. |
CheckSum Errors |
Total number of packets with checksum errors. |
Version Errors |
Total number of packets with version errors. |
VRID Errors |
Total number of packets with VRID errors. |
Related commands
reset vrrp statistics
reset vrrp statistics
Use reset vrrp statistics to clear statistics for IPv4 VRRP groups.
Syntax
reset vrrp statistics [ interface interface-type interface-number [ vrid virtual-router-id ] ]
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
interface interface-type interface-number: Specifies an interface by its type and number.
vrid virtual-router-id: Specifies an IPv4 VRRP group by its virtual router ID. The value range for the virtual-router-id argument varies as follows:
Cards |
VRRP operating mode |
Value range |
FC cards |
VRRP standard mode. NOTE: VRRP load balancing mode is not supported on FC cards. |
The valid value range is 1 to 7. |
FE and FX cards |
VRRP standard mode. |
In versions earlier than Release 1138P01, the valid value range is 1 to 7. In Release 1138P01 and later versions, the valid value range is 1 to 255. A device can have a maximum of 8 VRRP groups with different virtual router IDs. |
VRRP load balancing mode. |
The valid value range is 1 to 255. The maximum number of VRRP groups with different virtual router IDs on a device multiplied by the maximum number of VFs among all VRRP groups cannot be larger than 8. |
Usage guidelines
· If no interface or VRRP group is specified, this command clears statistics for all IPv4 VRRP groups.
· If only an interface is specified, this command clears statistics for all IPv4 VRRP groups on the specified interface.
· If both an interface and an IPv4 VRRP group are specified, this command clears statistics for the specified IPv4 VRRP group on the specified interface.
Examples
# Clear statistics for all IPv4 VRRP groups on all interfaces.
<Sysname> reset vrrp statistics
Related commands
display vrrp statistics
snmp-agent trap enable vrrp
Use snmp-agent trap enable vrrp to enable SNMP notifications for VRRP globally.
Use undo snmp-agent trap enable vrrp to disable SNMP notifications for VRRP globally.
Syntax
snmp-agent trap enable vrrp [ auth-failure | new-master ]
undo snmp-agent trap enable vrrp [ auth-failure | new-master ]
Default
SNMP notifications for VRRP are enabled.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
auth-failure: Generates notifications as defined in RFC 2787 when the device in a VRRP group receives a VRRP advertisement with the authentication type or key not matching the local configuration.
new-master: Generates notifications as defined in RFC 2787 when the state of a device in a VRRP group changes from Initialize or Backup to Master.
Usage guidelines
When the notification feature is enabled, the device can send notifications to the destination host. To specify the notification type (inform or trap) and target host, use the snmp-agent target-host command.
Examples
# Generate notifications as defined in RFC 2787 when the device in a VRRP group receives a VRRP advertisement with the authentication type or key not matching the local configuration.
<Sysname> system-view
[Sysname] snmp-agent trap enable vrrp auth-failure
vrrp check-ttl enable
Use vrrp check-ttl enable to enable TTL check for IPv4 VRRP packets.
Use undo vrrp check-ttl enable to disable TTL check for IPv4 VRRP packets.
Syntax
vrrp check-ttl enable
undo vrrp check-ttl enable
Default
TTL check for IPv4 VRRP packets is enabled.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
The master in an IPv4 VRRP group periodically sends VRRP advertisements to declare its presence. The VRRP advertisements are multicast in the local subnet and cannot be forwarded by routers, so the TTL value is not changed. When the master sends VRRP advertisements, it sets the TTL value to 255. If you enable TTL check, the backups drop the VRRP advertisements with TTL other than 255, preventing attacks from other subnets.
Devices from different vendors might implement VRRP differently. When the device is interoperating with devices of other vendors, TTL check on VRRP packets might result in unexpected dropping of packets. In this scenario, use the undo vrrp check-ttl enable command to disable TTL check on VRRP packets.
Examples
# Disable TTL check for IPv4 VRRP packets.
<Sysname> system-view
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2] undo vrrp check-ttl enable
vrrp dscp
Use vrrp dscp to set a DSCP value for VRRP packets.
Use undo vrrp dscp to restore the default.
Syntax
vrrp dscp dscp-value
undo vrrp dscp
Default
The DSCP value for VRRP packets is 48.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
dscp-value: Specifies a DSCP value for VRRP packets, in the range of 0 to 63.
Usage guidelines
The DSCP value identifies the packet priority during transmission. A greater DSCP value means a higher packet priority.
Examples
# Set the DSCP value to 30 for VRRP packets.
<Sysname> system-view
[Sysname] vrrp dscp 30
vrrp mode
Use vrrp mode to specify the operating mode for IPv4 VRRP.
Use undo vrrp mode to restore the default.
Syntax
vrrp mode load-balance [ version-8 ]
undo vrrp mode
Default
IPv4 VRRP operates in standard mode.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
load-balance: Specifies the load balancing mode.
version-8: Specifies the version carried in VRRP packets as 8.
Usage guidelines
After you create IPv4 VRRP groups on the router, you can specify their operating mode by using this command. All IPv4 VRRP groups on the router operate in the specified mode.
The version-8 keyword takes effect only when the version of IPv4 VRRP configured on the interface is VRRPv2. The version-8 keyword is required in the following conditions:
· A router running Comware V5 software or software with version earlier than Comware V7 exists in the VRRP group.
To display the software version, use the display version command.
· All routers in the IPv4 VRRP group are operating in load balancing mode.
· All routers in the IPv4 VRRP group are configured with the version of VRRPv2.
Examples
# Specify the load balancing mode for IPv4 VRRP.
<Sysname> system-view
[Sysname] vrrp mode load-balance
Related commands
display vrrp
vrrp version
Use vrrp version to specify the version of IPv4 VRRP on an interface.
Use undo vrrp version to restore the default.
Syntax
vrrp version version-number
undo vrrp version
Default
VRRPv3 is used.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
version-number: Specifies a VRRP version. The version number is 2 or 3, where 2 indicates VRRPv2 (described in RFC 3768), and 3 indicates VRRPv3 (described in RFC 5798).
Usage guidelines
The version of VRRP on all routers in an IPv4 VRRP group must be the same.
Examples
# Specify VRRPv2 to run on VLAN-interface 10.
<Sysname> system-view
[Sysname] interface vlan-interface 10
[Sysname-Vlan-interface10] vrrp version 2
vrrp vrid authentication-mode
Use vrrp vrid authentication-mode to configure the authentication mode and the authentication key for an IPv4 VRRP group to send and receive VRRP packets.
Use undo vrrp vrid authentication-mode to restore the default.
Syntax
vrrp vrid virtual-router-id authentication-mode { md5 | simple } { cipher | plain } key
undo vrrp vrid virtual-router-id authentication-mode
Default
Authentication is disabled when a VRRP group sends and receives VRRP packets.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
virtual-router-id: Specifies an IPv4 VRRP group by its virtual router ID. The value range for the virtual-router-id argument varies as follows:
Cards |
VRRP operating mode |
Value range |
FC cards |
VRRP standard mode. NOTE: VRRP load balancing mode is not supported on FC cards. |
The valid value range is 1 to 7. |
FE and FX cards |
VRRP standard mode. |
In versions earlier than Release 1138P01, the valid value range is 1 to 7. In Release 1138P01 and later versions, the valid value range is 1 to 255. A device can have a maximum of 8 VRRP groups with different virtual router IDs. |
VRRP load balancing mode. |
The valid value range is 1 to 255. The maximum number of VRRP groups with different virtual router IDs on a device multiplied by the maximum number of VFs among all VRRP groups cannot be larger than 8. |
md5: Specifies the MD5 authentication mode.
simple: Specifies the simple authentication mode.
cipher: Sets a ciphertext authentication key.
plain: Sets a plaintext authentication key.
key: Sets the authentication key. This argument is case sensitive. It must be a ciphertext string of 1 to 41 characters if the cipher keyword is specified or a plaintext string of 1 to 8 characters if the plain keyword is specified.
Usage guidelines
To avoid attacks from unauthorized users, VRRP member routers add authentication keys in VRRP packets to authenticate one another. VRRP provides the following authentication modes:
· simple—Simple text authentication.
The sender fills an authentication key into the VRRP packet, and the receiver compares the received authentication key with its local authentication key. If the two authentication keys are the same, the received VRRP packet is legitimate. Otherwise, the received packet is illegitimate.
· md5—MD5 authentication.
The sender computes a digest for the packet to be sent by using the authentication key and MD5 algorithm, and it saves the result in the authentication header. The receiver performs the same operation by using the authentication key and MD5 algorithm, and it compares the result with the content in the authentication header. If the results are the same, the received VRRP packet is legitimate. Otherwise, the received packet is illegitimate.
The MD5 authentication is more secure than the simple text authentication, but it costs more resources.
For security purposes, all keys, including keys configured in plain text, are saved in cipher text.
IMPORTANT: · You can configure different authentication modes and authentication keys for the VRRP groups on an interface. However, members of the same VRRP group must use the same authentication mode and authentication key. · For VRRPv3, this command does not take effect. |
Examples
# Set the authentication mode to simple and the authentication key to Sysname for VRRP group 1 on VLAN-interface 2.
<Sysname> system-view
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2] vrrp vrid 1 authentication-mode simple plain Sysname
Related commands
· display vrrp
· vrrp version
vrrp vrid preempt-mode
Use vrrp vrid preempt-mode to enable the preemptive mode for the device in an IPv4 VRRP group and set the preemption delay.
Use undo vrrp vrid preempt-mode to disable the preemptive mode for the device in an IPv4 VRRP group.
Use undo vrrp vrid preempt-mode delay to restore the default preemption delay.
Syntax
vrrp vrid virtual-router-id preempt-mode [ delay delay-value ]
undo vrrp vrid virtual-router-id preempt-mode [ delay ]
Default
The device operates in preemptive mode and the preemption delay is 0 centiseconds.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
virtual-router-id: Specifies an IPv4 VRRP group by its virtual router ID. The value range for the virtual-router-id argument varies as follows:
Cards |
VRRP operating mode |
Value range |
FC cards |
VRRP standard mode. NOTE: VRRP load balancing mode is not supported on FC cards. |
The valid value range is 1 to 7. |
FE and FX cards |
VRRP standard mode. |
In versions earlier than Release 1138P01, the valid value range is 1 to 7. In Release 1138P01 and later versions, the valid value range is 1 to 255. A device can have a maximum of 8 VRRP groups with different virtual router IDs. |
VRRP load balancing mode. |
The valid value range is 1 to 255. The maximum number of VRRP groups with different virtual router IDs on a device multiplied by the maximum number of VFs among all VRRP groups cannot be larger than 8. |
delay delay-value: Specifies a preemption delay time in the range of 0 to 180000 in centiseconds. The default setting is 0 centiseconds.
Usage guidelines
In non-preemptive mode, when a device in the IPv4 VRRP group becomes the master, it acts as the master as long as it operates correctly, even if a backup is assigned a higher priority later. The non-preemptive mode helps avoid frequent switchover between the master and backups.
In preemptive mode, a backup takes over as the master and sends VRRP advertisements when it detects that it has a higher priority than the master. The previous master then becomes a backup. This mechanism makes sure the master is always the device with the highest priority.
To avoid frequent state changes among members in a VRRP group and to provide the backups enough time to collect information (such as routing information), a backup does not immediately become the master after it receives an advertisement with lower priority than the local priority. Instead, it waits for a period of time before taking over as the master.
Examples
# Enable the preemptive mode for VLAN-interface 2, and set the preemption delay time to 500 centiseconds.
<Sysname> system-view
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2] vrrp vrid 1 preempt-mode delay 500
Related commands
display vrrp
vrrp vrid priority
Use vrrp vrid priority to set the priority of the device in an IPv4 VRRP group.
Use undo vrrp vrid priority to restore the default.
Syntax
vrrp vrid virtual-router-id priority priority-value
undo vrrp vrid virtual-router-id priority
Default
The priority of a device in an IPv4 VRRP group is 100.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
virtual-router-id: Specifies an IPv4 VRRP group by its virtual router ID. The value range for the virtual-router-id argument varies as follows:
Cards |
VRRP operating mode |
Value range |
FC cards |
VRRP standard mode. NOTE: VRRP load balancing mode is not supported on FC cards. |
The valid value range is 1 to 7. |
FE and FX cards |
VRRP standard mode. |
In versions earlier than Release 1138P01, the valid value range is 1 to 7. In Release 1138P01 and later versions, the valid value range is 1 to 255. A device can have a maximum of 8 VRRP groups with different virtual router IDs. |
VRRP load balancing mode. |
The valid value range is 1 to 255. The maximum number of VRRP groups with different virtual router IDs on a device multiplied by the maximum number of VFs among all VRRP groups cannot be larger than 8. |
priority-value: Specifies a priority value in the range of 1 to 254. A higher number indicates a higher priority.
Usage guidelines
VRRP determines the role (master or backup) of each device in a VRRP group by priority. A device with a higher priority is more likely to become the master.
VRRP priority is in the range of 0 to 255, and a greater number represents a higher priority. Priorities 1 to 254 are configurable. Priority 0 is reserved for special uses, and priority 255 is for the IP address owner. The device acting as the IP address owner in a VRRP group always has a running priority of 255 and acts as the master as long as it works correctly.
Examples
# Set the priority of the switch to 150 in VRRP group 1 on VLAN-interface 2.
<Sysname> system-view
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2] vrrp vrid 1 priority 150
Related commands
· display vrrp
· vrrp vrid track
vrrp vrid shutdown
Use vrrp vrid shutdown to disable an IPv4 VRRP group.
Use undo vrrp vrid shutdown to restore the default.
Syntax
vrrp vrid virtual-router-id shutdown
undo vrrp vrid virtual-router-id shutdown
Default
An IPv4 VRRP group is enabled.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
virtual-router-id: Specifies an IPv4 VRRP group by its virtual router ID. The value range for the virtual-router-id argument varies as follows:
Cards |
VRRP operating mode |
Value range |
FC cards |
VRRP standard mode. NOTE: VRRP load balancing mode is not supported on FC cards. |
The valid value range is 1 to 7. |
FE and FX cards |
VRRP standard mode. |
In versions earlier than Release 1138P01, the valid value range is 1 to 7. In Release 1138P01 and later versions, the valid value range is 1 to 255. A device can have a maximum of 8 VRRP groups with different virtual router IDs. |
VRRP load balancing mode. |
The valid value range is 1 to 255. The maximum number of VRRP groups with different virtual router IDs on a device multiplied by the maximum number of VFs among all VRRP groups cannot be larger than 8. |
Usage guidelines
You can use this command to temporarily disable an IPv4 VRRP group. After this command is configured, the VRRP group stays in initialized state, and its configurations remain unchanged. You can change its configuration and your changes take effect when you enable the VRRP group again.
Examples
# Disable IPv4 VRRP group 1.
<Sysname> system-view
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2] vrrp vrid 1 shutdown
vrrp vrid source-interface
Use vrrp vrid source-interface to specify the source interface for an IPv4 VRRP group. This interface, instead of the interface where the VRRP group resides, sends and receives VRRP packets.
Use undo vrrp source-interface to cancel the specified source interface.
Syntax
vrrp vrid virtual-router-id source-interface interface-type interface-number
undo vrrp vrid virtual-router-id source-interface
Default
No source interface is specified for a VRRP group. The interface where the VRRP group resides sends and receives VRRP packets.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
virtual-router-id: Specifies an IPv4 VRRP group by its virtual router ID. The value range for the virtual-router-id argument varies as follows:
Cards |
VRRP operating mode |
Value range |
FC cards |
VRRP standard mode. NOTE: VRRP load balancing mode is not supported on FC cards. |
The valid value range is 1 to 7. |
FE and FX cards |
VRRP standard mode. |
In versions earlier than Release 1138P01, the valid value range is 1 to 7. In Release 1138P01 and later versions, the valid value range is 1 to 255. A device can have a maximum of 8 VRRP groups with different virtual router IDs. |
VRRP load balancing mode. |
The valid value range is 1 to 255. The maximum number of VRRP groups with different virtual router IDs on a device multiplied by the maximum number of VFs among all VRRP groups cannot be larger than 8. |
interface-type interface-number: Specifies an interface by its type and number.
Usage guidelines
If VRRP group members cannot exchange VRRP packets through the interfaces where the VRRP group resides, you can use this command to enable VRRP packet exchange among VRRP group members through the specified source interfaces.
Examples
# Specify VLAN-interface 20 as the source interface for VRRP packet exchange in IPv4 VRRP group 10.
<Sysname> system-view
[Sysname] interface vlan-interface 10
[Sysname-Vlan-interface10] vrrp vrid 10 source-interface vlan-interface 20
vrrp vrid timer advertise
Use vrrp vrid timer advertise to set the interval at which the master in an IPv4 VRRP group sends VRRP advertisements.
Use undo vrrp vrid timer advertise to restore the default.
Syntax
vrrp vrid virtual-router-id timer advertise adver-interval
undo vrrp vrid virtual-router-id timer advertise
Default
The master in an IPv4 VRRP group sends VRRP advertisements at an interval of 100 centiseconds.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
virtual-router-id: Specifies an IPv4 VRRP group by its virtual router ID. The value range for the virtual-router-id argument varies as follows:
Cards |
VRRP operating mode |
Value range |
FC cards |
VRRP standard mode. NOTE: VRRP load balancing mode is not supported on FC cards. |
The valid value range is 1 to 7. |
FE and FX cards |
VRRP standard mode. |
In versions earlier than Release 1138P01, the valid value range is 1 to 7. In Release 1138P01 and later versions, the valid value range is 1 to 255. A device can have a maximum of 8 VRRP groups with different virtual router IDs. |
VRRP load balancing mode. |
The valid value range is 1 to 255. The maximum number of VRRP groups with different virtual router IDs on a device multiplied by the maximum number of VFs among all VRRP groups cannot be larger than 8. |
adver-interval: Specifies an interval for the master in the specified IPv4 VRRP group to send VRRP advertisements. The value range for this argument is 10 to 4095 centiseconds. For VRRPv2, the value of the adver-interval argument can only be a multiple of 100. For example, if you configure values in the range of 10 to 100, 101 to 200, and 4001 to 4095, the actual values are 100, 200, and 4100, respectively. For VRRPv3, the value of the adver-interval argument that you configured takes effect.
Usage guidelines
The master in an IPv4 VRRP group periodically sends VRRP advertisements to declare its presence. You can use this command to configure the interval at which the master sends VRRP advertisements.
As a best practice, set the VRRP advertisement interval to be greater than 100 centiseconds to maintain system stability.
In VRRPv2, all routers in an IPv4 VRRP group must have the same interval for sending VRRP advertisements.
In VRRPv3, the routers in an IPv4 VRRP group can have different intervals for sending VRRP advertisements. The master in the VRRP group sends VRRP advertisements at the specified interval and carries the interval attribute in the advertisements. After a backup receives the advertisement, it records the interval in the advertisement. If the backup does not receive a new VRRP advertisement from the master when the timer (3 × recorded interval + Skew_Time) expires, it regards the master as failed and takes over as the master.
Large network traffic might disable a backup from receiving VRRP advertisements from the master within the specified time and trigger an unexpected master switchover. To solve this problem, you can use this command to configure a larger interval.
Examples
# Configure the master in IPv4 VRRP group 1 to send VRRP advertisements at an interval of 500 centiseconds.
<Sysname> system-view
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2] vrrp vrid 1 timer advertise 500
Related commands
display vrrp
vrrp vrid track
Use vrrp vrid track to associate a VRRP group with a track entry and control master switchover or AVF switchover in the VRRP group in response to changes (such as uplink state changes) detected by the track entry.
Use undo vrrp vrid track to remove the association between a VRRP group and a track entry. If no track entry is specified, the association between the VRRP group and any track entry is removed.
Syntax
Default
A VRRP group and the VFs in a VRRP group are not associated with any track entry.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
virtual-router-id: Specifies an IPv4 VRRP group by its virtual router ID. The value range for the virtual-router-id argument varies as follows:
Cards |
VRRP operating mode |
Value range |
FC cards |
VRRP standard mode. NOTE: VRRP load balancing mode is not supported on FC cards. |
The valid value range is 1 to 7. |
FE and FX cards |
VRRP standard mode. |
In versions earlier than Release 1138P01, the valid value range is 1 to 7. In Release 1138P01 and later versions, the valid value range is 1 to 255. A device can have a maximum of 8 VRRP groups with different virtual router IDs. |
VRRP load balancing mode. |
The valid value range is 1 to 255. The maximum number of VRRP groups with different virtual router IDs on a device multiplied by the maximum number of VFs among all VRRP groups cannot be larger than 8. |
track-entry-number: Specifies a track entry. The track-entry-number argument is in the range of 1 to 1024.
forwarder-switchover member-ip ip-address: Enables the LVF on the router to take over the role of the AVF at the specified IP address immediately after the specified track entry changes to the negative state. You can use the display vrrp verbose command to view the IP addresses of VFs.
priority reduced priority-reduced: Reduces the priority of the router in the VRRP group by a specific value when the state of the specified track entry changes to negative. The priority-reduced argument is in the range of 1 to 255, and the default is 10.
switchover: Enables the router in backup state to take over as the master immediately after the specified track entry changes to the negative state.
weight reduced priority-reduced: Reduces the weight of all VFs on the router in the VRRP group by a specific value when the state of the specified track entry changes to negative. The weight-reduced argument is in the range of 1 to 255, and the default is 30.
Usage guidelines
When the associated track entry changes to the negative state, one of the following events occurs, depending on your configuration:
· The priority of the router in the VRRP group decreases by a specific value.
· The weight of VFs decreases by a specific value.
· The router immediately takes over as the master if it is a backup.
· The LVF on the router immediately takes over the role of the AVF at the specified IP address.
Before executing this command, create a VRRP group on the interface and assign a virtual IP address to it.
The forwarder-switchover member-ip ip-address or weight reduced weight-reduced option takes effect only when the IPv4 VRRP group is operating in load balancing mode.
If the priority reduced keyword is specified but the priority-reduced argument is not specified, the priority of the router in the VRRP group decreases by 10 when the track entry changes to negative.
If the weight reduced keyword is specified but the weight-reduced argument is not specified, the weight of the VFs on the router in the VRRP group decreases by 30 when the track entry changes to negative.
The weight of a VF is 255, and its lower limit of failure is 10.
When the weight of a VF owner is higher than or equal to the lower limit of failure, its priority is always 255 and does not change with the weight. To guarantee that an LVF can take over the VF owner as the AVF when the upstream link of the VF owner fails, the reduced weight for the VF owner must be higher than 245 so the weight of the VF owner can drop below the lower limit of failure.
When the track entry changes from Negative to Positive or NotReady, the router automatically restores its priority or VF weight. The failed master router becomes the master again, or the failed AVF becomes active again.
IMPORTANT: · The vrrp vrid track priority reduced or vrrp vrid track switchover command cannot take effect on an IP address owner. If you have configured the command on an IP address owner, the configuration takes effect after the router changes to be a non-IP address owner. · You can create a track entry with the track command before or after you associate it with a VRRP group. For more information about configuring track entries, see High Availability Configuration Guide. |
Examples
# Associate VRRP group 1 on VLAN-interface 2 with track entry 1 and decrease the priority of the router in the VRRP group by 50 when the state of track entry 1 changes to negative.
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2] vrrp vrid 1 track 1 priority reduced 50
# Associate VRRP group 1 on VLAN-interface 2 with track entry 1 and enable the VF in listening state whose AVF is on the member device with the IP address of 10.1.1.3 to take over immediately after the specified track entry changes to the negative state.
[Sysname-Vlan-interface2] vrrp vrid 1 track 1 forwarder-switchover member-ip 10.1.1.3
# Associate VRRP group 1 on VLAN-interface 2 with track entry 1 and decrease the weight of all VFs on the router in the VRRP group by 50 when the state of track entry 1 changes to negative.
[Sysname-Vlan-interface2] vrrp vrid 1 track 1 weight reduced 50
Related commands
display vrrp
vrrp vrid
Use vrrp vrid to create an IPv4 VRRP group and assign a virtual IP address to the IPv4 VRRP group or assign a virtual IP address to an existing IPv4 VRRP group.
Use undo vrrp vrid to remove all configurations of an existing IPv4 VRRP group or to remove a virtual IP address from an existing IPv4 VRRP group.
Syntax
vrrp vrid virtual-router-id virtual-ip virtual-address
undo vrrp vrid virtual-router-id [ virtual-ip [ virtual-address ] ]
Default
No IPv4 VRRP group is created.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
virtual-router-id: Specifies an IPv4 VRRP group by its virtual router ID. The value range for the virtual-router-id argument varies as follows:
Cards |
VRRP operating mode |
Value range |
FC cards |
VRRP standard mode. NOTE: VRRP load balancing mode is not supported on FC cards. |
The valid value range is 1 to 7. |
FE and FX cards |
VRRP standard mode. |
In versions earlier than Release 1138P01, the valid value range is 1 to 7. In Release 1138P01 and later versions, the valid value range is 1 to 255. A device can have a maximum of 8 VRRP groups with different virtual router IDs. |
VRRP load balancing mode. |
The valid value range is 1 to 255. The maximum number of VRRP groups with different virtual router IDs on a device multiplied by the maximum number of VFs among all VRRP groups cannot be larger than 8. |
virtual-ip virtual-address: Specifies a virtual IP address, which cannot be an all-zero address (0.0.0.0); a broadcast address (255.255.255.255); a loopback address; an IP address of other than Class A, Class B, and Class C; or an invalid IP address (for example, 0.0.0.1). If this argument is not specified, the undo vrrp vrid command removes all virtual IP addresses from the existing IPv4 VRRP group.
Usage guidelines
You can assign up to 16 virtual IP addresses to an IPv4 VRRP group.
If you create an IPv4 VRRP group but do not assign any virtual IP address to it, the VRRP group stays in inactive state and does not function.
The virtual IP addresses of an IPv4 VRRP group and the downlink interface IP address of the VRRP group must be in the same subnet. Otherwise, the hosts in the subnet might fail to access external networks.
In load balancing mode, the virtual IP address of an IPv4 VRRP group cannot be the IP address of any interface in the VRRP group. Otherwise, the load balancing mode cannot operate correctly.
Examples
# Create IPv4 VRRP group 1 and assign virtual IP address 10.10.10.10 to the VRRP group. Then assign virtual IP address 10.10.10.11 to the VRRP group.
<Sysname> system-view
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2] vrrp vrid 1 virtual-ip 10.10.10.10
[Sysname-Vlan-interface2] vrrp vrid 1 virtual-ip 10.10.10.11
Related commands
BFD commands
The term "interface" in this chapter collectively refers to Layer 3 interfaces, including VLAN interfaces and Layer 3 Ethernet interfaces. You can set an Ethernet port as a Layer 3 interface by using the port link-mode route command (see Layer 2—LAN Switching Configuration Guide).
bfd authentication-mode
Use bfd authentication-mode to configure the BFD authentication mode for single-hop BFD control packets.
Use undo bfd authentication-mode to restore the default.
Syntax
bfd authentication-mode { m-md5 | m-sha1 | md5 | sha1 | simple } key-id { cipher cipher-string | plain plain-string }
undo bfd authentication-mode
Default
Single-hop BFD control packets are not authenticated.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
m-md5: Specifies the Meticulous MD5 algorithm.
m-sha1: Specifies the Meticulous SHA1 algorithm.
md5: Specifies the MD5 algorithm.
sha1: Specifies the SHA1 algorithm.
simple: Specifies the simple authentication mode.
key-id: Sets the authentication key ID in the range of 1 to 255.
cipher: Sets a ciphertext password.
cipher-string: Ciphertext password, which is a case-sensitive string of 33 to 53 characters.
plain: Sets a ciphertext password.
plain-string: Plaintext password, which is a case-sensitive string of 1 to 16 characters.
Usage guidelines
Use this command to enhance BFD session security.
For security purposes, all authentication passwords, including passwords configured in plain text, are saved in cipher text.
Examples
# Configure VLAN-interface 11 to perform simple authentication for single-hop BFD control packets, setting the authentication key ID to 1 and password to 123456.
<Sysname> system-view
[Sysname] interface vlan-interface 11
[Sysname-Vlan-interface11] bfd authentication-mode simple 1 plain 123456
bfd demand enable
Use bfd demand enable to enable the Demand BFD session mode.
Use undo bfd demand enable to restore the default.
Syntax
bfd demand enable
undo bfd demand enable
Default
The BFD session is in Asynchronous mode.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
In demand mode, no BFD control packets are exchanged after the session is established. When the connectivity to another system needs to be verified explicitly, a system sends several BFD control packets that have the Poll (P) bit set at the negotiated transmit interval. If no response is received within the detection interval, the session is considered down. If the connectivity is found to be up, no more BFD control packets are sent until the next command is issued.
In asynchronous mode, both endpoints periodically send BFD control packets to each other. BFD considers that the session is down if it receives no BFD control packets within a specific interval.
Examples
# Enable the Demand BFD session mode on VLAN-interface 11.
<Sysname> system-view
[Sysname] interface vlan-interface 11
[Sysname-Vlan-interface11] bfd demand enable
bfd detect-multiplier
Use bfd detect-multiplier to set the single-hop detection time multiplier.
Use undo bfd detect-multiplier to restore the default.
Syntax
bfd detect-multiplier value
undo bfd detect-multiplier
Default
The single-hop detection time multiplier is 5.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
value: Specifies a single-hop detection time multiplier in the range of 3 to 50.
Usage guidelines
The detection time multiplier determines the maximum number of concurrent BFD packets (including control packets and echo packets) that can be discarded.
Table 9 Detection interval calculation method
Mode |
Detection interval |
Echo packet mode |
Detection time multiplier of the sender × actual packet sending interval of the sender |
Control packet mode BFD session in asynchronous mode |
Detection time multiplier of the receiver × actual packet sending interval of the receiver |
Control packet mode BFD session in demand mode |
Detection time multiplier of the sender × actual packet sending interval of the sender |
Examples
# Set the single-hop detection time multiplier to 6 on VLAN-interface 11.
<Sysname> system-view
[Sysname] interface vlan-interface 11
[Sysname-Vlan-interface11] bfd detect-multiplier 6
bfd echo enable
Use bfd echo enable to enable the echo packet mode.
Use undo bfd echo enable to restore the default.
Syntax
bfd echo enable
undo bfd echo enable
Default
The echo packet mode is disabled.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
If you enable the echo packet mode for a BFD session in which control packets are sent and the session comes up, BFD does the following:
· Periodically sends echo packets to detect link connectivity.
· Decreases the control packet receiving rate at the same time.
Examples
# Enable the echo packet mode on VLAN-interface 11.
<Sysname> system-view
[Sysname] interface vlan-interface 11
[Sysname-Vlan-interface11] bfd echo enable
bfd echo-source-ip
Use bfd echo-source-ip to configure the source IP address of BFD echo packets.
Use undo bfd echo-source-ip to remove the configured source IP address of BFD echo packets.
Syntax
bfd echo-source-ip ip-address
undo bfd echo-source-ip
Default
No source IP address is configured for BFD echo packets.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
ip-address: Specifies the source IP address of BFD echo packets.
Usage guidelines
The source IP address cannot be on the same network segment as any local interface's IP address. Otherwise, a large number of ICMP redirect packets might be sent from the peer, resulting in link congestion.
Examples
# Configure the source IP address of BFD echo packets as 8.8.8.8.
<Sysname> system-view
[Sysname] bfd echo-source-ip 8.8.8.8
bfd min-echo-receive-interval
Use bfd min-echo-receive-interval to set the minimum interval for receiving BFD echo packets.
Use undo bfd min-echo-receive-interval to restore the default.
Syntax
bfd min-echo-receive-interval value
undo bfd min-echo-receive-interval
Default
The minimum interval for receiving BFD echo packets is 400 milliseconds.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
value: Specifies a minimum interval for receiving BFD echo packets, in milliseconds. The value takes 0 or is in the range of 10 to 1000.
Usage guidelines
This command sets the BFD echo packet receiving interval, which is the actual BFD echo packet sending interval.
Examples
# Set the minimum interval for receiving BFD echo packets to 500 milliseconds on VLAN-interface 11.
<Sysname> system-view
[Sysname] interface vlan-interface 11
[Sysname-Vlan-interface11] bfd min-echo-receive-interval 500
bfd min-receive-interval
Use bfd min-receive-interval to set the minimum interval for receiving single-hop BFD control packets.
Use undo bfd min-receive-interval to restore the default.
Syntax
bfd min-receive-interval value
undo bfd min-receive-interval
Default
The minimum interval for receiving single-hop BFD control packets is 400 milliseconds.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
value: Specifies the minimum interval for receiving single-hop BFD control packets, in milliseconds. The value range for this argument is 10 to 1000.
Usage guidelines
Configure this command to prevent the control packet sending rate of the peer end from exceeding the control packet receiving rate of the local end.
The actual control packet sending interval of the peer end takes the greater value between the minimum interval for transmitting BFD control packets on the peer end and the minimum interval for receiving BFD control packets on the local end.
Examples
# Set the minimum interval for receiving single-hop BFD control packets to 500 milliseconds on VLAN-interface 11.
<Sysname> system-view
[Sysname] interface vlan-interface 11
[Sysname-Vlan-interface11] bfd min-receive-interval 500
bfd min-transmit-interval
Use bfd min-transmit-interval to set the minimum interval for transmitting single-hop BFD control packets.
Use undo bfd min-transmit-interval to restore the default.
Syntax
bfd min-transmit-interval value
undo bfd min-transmit-interval
Default
The minimum interval for transmitting single-hop BFD control packets is 400 milliseconds.
Views
Interface view
Predefined user roles
network-admin
mdc-admin
Parameters
value: Specifies the minimum interval for transmitting single-hop BFD control packets, in milliseconds. The value range for this argument is 10 to 1000.
Usage guidelines
Use this command to make sure that the BFD packet sending rate does not exceed the device capability. The actual BFD control packet transmitting interval on the local end is the greater value between the minimum interval for transmitting BFD control packets on the local end and the minimum interval for receiving BFD control packets on the peer end.
Examples
# Set the minimum interval for transmitting single-hop BFD control packets to 500 milliseconds on VLAN-interface 11.
<Sysname> system-view
[Sysname] interface vlan-interface 11
[Sysname-Vlan-interface11] bfd min-transmit-interval 500
bfd multi-hop authentication-mode
Use bfd multi-hop authentication-mode to configure the authentication mode for multi-hop BFD control packets.
Use undo bfd multi-hop authentication-mode to restore the default.
Syntax
bfd multi-hop authentication-mode { m-md5 | m-sha1 | md5 | sha1 | simple } key-id { cipher cipher-string | plain plain-string }
undo bfd multi-hop authentication-mode
Default
No authentication is performed.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
m-md5: Specifies the Meticulous MD5 algorithm.
m-sha1: Specifies the Meticulous SHA1 algorithm.
md5: Specifies the MD5 algorithm.
sha1: Specifies the SHA1 algorithm.
simple: Specifies the simple authentication mode.
key-id: Sets the authentication key ID in the range of 1 to 255.
cipher: Sets a ciphertext password.
cipher-string: Sets the ciphertext password, which is a case-sensitive string of 33 to 53 characters.
plain: Sets a plaintext password.
plain-string: Sets the plaintext password, which is a case-sensitive string of 1 to 16 characters.
Usage guidelines
Use this command to enhance BFD session security.
For security purposes, all authentication passwords, including passwords configured in plain text, are saved in cipher text.
Examples
# Configure the simple authentication mode for multi-hop BFD control packets, setting the authentication key ID to 1 and password to 123456.
<Sysname> system-view
[Sysname] bfd multi-hop authentication-mode simple 1 plain 123456
bfd multi-hop destination-port
Use bfd multi-hop destination-port to configure the destination port number for multi-hop BFD control packets.
Use undo bfd multi-hop destination-port to restore the default.
Syntax
bfd multi-hop destination-port port-number
undo bfd multi-hop destination-port
Default
The destination port number for multi-hop BFD control packets is 4784.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
port-number: Specifies the destination port number of multi-hop BFD control packets, 3784 or 4784.
Examples
# Configure the destination port number for multi-hop BFD control packets as 3784.
<Sysname> system-view
[Sysname] bfd multi-hop destination-port 3784
bfd multi-hop detect-multiplier
Use bfd multi-hop detect-multiplier to set the multi-hop detection time multiplier.
Use undo bfd multi-hop detect-multiplier to restore the default.
Syntax
bfd multi-hop detect-multiplier value
undo bfd multi-hop detect-multiplier
Default
The multi-hop detection time multiplier is 5.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
value: Specifies the multi-hop detection time multiplier in the range of 3 to 50.
Usage guidelines
The detection time multiplier determines the maximum number of concurrent BFD control packets that can be discarded.
Table 10 Detection interval calculation method
Mode |
Detection interval |
Control packet mode BFD session in asynchronous mode |
Detection time multiplier of the receiver × actual packet sending interval of the receiver |
Control packet mode BFD session in demand mode |
Detection time multiplier of the sender × actual packet sending interval of the sender |
Examples
# Set the multi-hop detection time multiplier to 6.
<Sysname> system-view
[Sysname] bfd multi-hop detect-multiplier 6
bfd multi-hop min-receive-interval
Use bfd multi-hop min-receive-interval to set the minimum interval for receiving multi-hop BFD control packets.
Use undo bfd multi-hop min-receive-interval to restore the default.
Syntax
bfd multi-hop min-receive-interval value
undo bfd multi-hop min-receive-interval
Default
The minimum interval for receiving multi-hop BFD control packets is 400 milliseconds.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
value: Specifies the minimum interval for receiving multi-hop BFD control packets, in milliseconds. The value range for this argument is 10 to 1000.
Usage guidelines
When the packet sending rate of the peer end exceeds the packet receiving capability (minimum control packet receiving interval) of the local end, the peer end dynamically adjusts the BFD control packet sending interval to the minimum control packet receiving interval of the local end.
Examples
# Set the minimum interval for receiving multi-hop BFD control packets to 500 milliseconds.
<Sysname> system-view
[Sysname] bfd multi-hop min-receive-interval 500
bfd multi-hop min-transmit-interval
Use bfd multi-hop min-transmit-interval to set the minimum interval for transmitting multi-hop BFD control packets.
Use undo bfd multi-hop min-transmit-interval to restore the default.
Syntax
bfd multi-hop min-transmit-interval value
undo bfd multi-hop min-transmit-interval
Default
The minimum interval for transmitting multi-hop BFD control packets is 400 milliseconds.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
value: Specifies the minimum interval for transmitting multi-hop BFD control packets, in milliseconds. The value range for this argument is 10 to 1000.
Usage guidelines
Use this command to make sure that the BFD packet sending rate does not exceed the device capability. The actual BFD control packet transmitting interval on the local end is the greater value between the minimum interval for transmitting BFD control packets on the local end and the minimum interval for receiving BFD control packets on the peer end.
Examples
# Set the minimum interval for transmitting multi-hop BFD control packets to 500 milliseconds.
<Sysname> system-view
[Sysname] bfd multi-hop min-transmit-interval 500
bfd session init-mode
Use bfd session init-mode to configure the mode for establishing a BFD session.
Use undo bfd session init-mode to restore the default.
Syntax
bfd session init-mode { active | passive }
undo bfd session init-mode
Default
BFD uses the active mode.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
active: Uses the active mode. In active mode, BFD actively transmits BFD control packets to the remote device, regardless of whether it receives a BFD control packet from the remote device.
passive: Uses the passive mode. In passive mode, BFD does not actively transmit a BFD control packet to the remote end; it transmits a BFD control packet only after receiving a BFD control packet from the remote end.
Usage guidelines
At least one end must operate in active mode for a BFD session to be established.
Examples
# Configure the session establishment mode as passive.
<Sysname> system-view
[Sysname] bfd session init-mode passive
display bfd session
Use display bfd session to display BFD session information.
Syntax
display bfd session [ discriminator value | verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
discriminator value: Specifies a local ID in the range of 1 to 4294967295. If this option is not specified, the command displays brief information about all BFD sessions.
verbose: Displays detailed BFD session information. If this keyword is not specified, the command displays brief BFD session information.
Examples
# Display all IPv4 BFD session information.
<Sysname> display bfd session
Total Session Num: 1 Up Session Num: 1 Init Mode: Active
IPv4 Session Working Under Ctrl Mode:
LD/RD SourceAddr DestAddr State Holdtime Interface
513/513 1.1.1.1 1.1.1.2 Up 2297ms Vlan11
# Display detailed IPv4 BFD session information.
<Sysname> display bfd session verbose
Total Session Num: 1 Up Session Num: 1 Init Mode: Active
IPv4 Session Working Under Ctrl Mode:
Local Discr: 513 Remote Discr: 513
Source IP: 1.1.1.1 Destination IP: 1.1.1.2
Session State: Up Interface: Vlan-interface11
Min Tx Inter: 500ms Act Tx Inter: 500ms
Min Rx Inter: 500ms Detect Inter: 2500ms
Rx Count: 42 Tx Count: 43
Connect Type: Direct Running Up for: 00:00:20
Hold Time: 2078ms Auth mode: None
Detect Mode: Async Slot: 1
Protocol: OSPF
Diag Info: No Diagnostic
Table 11 Command output
Field |
Description |
Total Session Num |
Total number of BFD sessions. |
Up Session Num |
Total number of active BFD sessions. |
Init Mode |
BFD operating mode, active or passive. |
Session Working Under Ctrl Mode |
BFD session mode: · Ctrl—Control packet mode. · Echo—Echo packet mode. |
Local Discr/LD |
Local ID of the session. |
Remote Discr/RD |
Remote ID of the session. |
Source IP/SourceAddr |
Source IP address of the session. |
Destination IP/DestAddr |
Destination IP address of the session. |
Session State/State |
Session state: up or down. |
Interface |
Name of the interface of the session. |
Min Tx Inter |
Minimum transmit interval. |
Min Rx Inter |
Minimum receive interval. |
Act Tx Inter |
Actual transmit interval. |
Detect Inter |
Actual session detection timer. |
Rx Count |
Number of packets received. |
Tx Count |
Number of packets sent. |
Hold Time/Holdtime |
Length of time before session detection timer expires. |
Auth mode |
Session authentication mode (only simple is supported). |
Connect Type |
Connection type of the interface, direct or indirect. |
Running up for |
Time interval for which the session has been up. |
Detect Mode |
Detection mode: · Async—Asynchronous mode. · Demand—Demand mode. |
Slot |
Slot number. |
Diag Info |
Diagnostic information about the session. |
reset bfd session statistics
Use reset bfd session statistics to clear the BFD session statistics.
Syntax
reset bfd session statistics
Views
User view
Predefined user roles
network-admin
mdc-admin
Examples
# Clear the BFD session statistics.
<Sysname> reset bfd session statistics
Track commands
display track
Use display track to display track entry information.
Syntax
display track { track-entry-number | all }
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
track-entry-number: Displays information about the specified track entry. The value range for the track-entry-number argument is 1 to 1024.
all: Displays information about all track entries.
Examples
# Display information about all track entries.
<Sysname> display track all
Track ID: 1
State: Positive (notify 13 seconds later)
Duration: 0 days 0 hours 0 minutes 7 seconds
Notification delay: Positive 20, Negative 30 (in seconds)
Tracked object:
NQA entry: admin test
Reaction: 10
Track ID: 2
State: NotReady
Duration: 0 days 0 hours 0 minutes 32 seconds
Notification delay: Positive 20, Negative 30 (in seconds)
Tracked object:
BFD session mode: Echo
Outgoing interface: Vlan-interface2
VPN instance name: -
Remote IP: 192.168.40.1
Local IP: 192.168.40.2
Track ID: 3
State: Negative
Duration: 0 days 0 hours 0 minutes 32 seconds
Notification delay: Positive 20, Negative 30 (in seconds)
Tracked object:
Interface: Vlan-interface3
Protocol: IPv4
Table 12 Command output
Field |
Description |
Track ID |
ID of a track entry. |
State |
States of a track entry: · Positive—The tracked object operates correctly. · NotReady—The tracked object is invalid. · Negative—The tracked object is abnormal. |
notify 13 seconds later |
The Track module notifies the application modules of the track entry state change 13 seconds later. The information is not displayed after the Track module notifies the application modules. |
Duration |
Time period during which the track entry stays in the state. |
Notification delay: Positive 20, Negative 30 (in seconds) |
· The Track module notifies the application modules that the status of the track entry changes to Positive after a delay time of 20 seconds. · The Track module notifies the application modules that the status of the track entry changes to Negative after a delay time of 30 seconds. |
Tracked object |
Tracked object associated with the track entry. |
NQA entry |
NQA operation associated with the track entry. |
Reaction |
Reaction entry associated with the track entry. |
BFD session mode |
BFD session mode. Only echo mode is supported. |
Outgoing interface |
Outgoing interface of BFD echo packets. |
VPN instance name |
Name of VPN instance to which BFD session packets belong. If the packets belong to the public network, this field displays a hyphen (-). |
Remote IP |
Remote IP address of the BFD echo packets. |
Local IP |
Local IP address of the BFD echo packets. |
Interface |
Interface to be monitored. |
Protocol |
Link states or Layer 3 protocol states of the monitored interface: · None—Link status of the monitored interface. · IPv4—IPv4 protocol status of the monitored Layer 3 interface. |
Related commands
· track bfd
· track interface
· track interface protocol
· track nqa
track bfd
Use track bfd to create a track entry and associate it with a BFD session.
Use undo track to remove the track entry.
Syntax
track track-entry-number bfd echo interface interface-type interface-number remote ip remote-ip local ip local-ip [ delay { negative negative-time | positive positive-time } * ]
undo track track-entry-number
Default
No track entry exists.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
track-entry-number: Specifies the track entry ID in the range of 1 to 1024.
interface interface-type interface-number: Specifies the outgoing interface by its type and number of the BFD echo packets.
remote ip remote-ip: Specifies the destination IP address of the BFD echo packets.
local ip local-ip: Specifies the source IP address of the BFD echo packets.
delay: Specifies the delay before the Track module notifies the application modules of the track entry state change. If you do not specify this keyword, the Track module notifies the application modules immediately when the track entry state changes.
negative negative-time: Specifies the delay before the Track module notifies the application modules that the track entry state has changed to Negative. The negative-time argument represents the delay time in the range of 1 to 300 seconds.
positive positive-time: Specifies the delay before the Track module notifies the application modules that the track entry state has changed to Positive. The positive-time argument represents the delay time in the range of 1 to 300 seconds.
Usage guidelines
After a track entry is created, you can only use the track bfd delay command to modify its notification delay settings. To modify other settings, you must delete the entry and create a new one.
When you configure collaboration between Track and BFD, do not configure the virtual IP address of a VRRP group as the local or remote address of a BFD session.
Examples
# Create track entry 1, which uses BFD to monitor the link between local IP address 1.1.1.2 and remote IP address 1.1.1.1 by sending BFD echo packets out from the VLAN-interface 2.
<Sysname> system-view
[Sysname] track 1 bfd echo interface vlan-interface 2 remote ip 1.1.1.1 local ip 1.1.1.2
Related commands
display track
track interface
Use track interface to create a track entry and associate it with the link state of the specified interface.
Use undo track to remove the track entry.
Syntax
track track-entry-number interface interface-type interface-number [ delay { negative negative-time | positive positive-time } * ]
undo track track-entry-number
Default
No track entry exists.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
track-entry-number: Specifies the track entry ID in the range of 1 to 1024.
interface-type interface-number: Specifies an interface by its type and number.
delay: Specifies the delay before the Track module notifies the application modules of the track entry state change. If you do not specify this keyword, the Track module notifies the application modules immediately when the track entry state changes.
negative negative-time: Specifies the delay before the Track module notifies the application modules that the track entry state has changed to Negative. The negative-time argument represents the delay time in the range of 1 to 300 seconds.
positive positive-time: Specifies the delay before the Track module notifies the application modules that the track entry state has changed to Positive. The positive-time argument represents the delay time in the range of 1 to 300 seconds.
Usage guidelines
When you associate Track with interface management to monitor the link status of an interface, the track entry state changes as follows:
· The state of the track entry is Positive if the link state of the interface is up.
· The state of the track entry is Negative if the link state of the interface is down.
To display the link state of an interface, use the display ip interface brief command.
After you create a track entry, you can only use the track interface delay command to modify its notification delay settings. To modify other settings, you must delete the entry and create a new one.
Examples
# Create track entry 1, and associate it with the link state of VLAN-interface 10.
<Sysname> system-view
[Sysname] track 1 interface vlan-interface 10
Related commands
· display track
· display ip interface brief (Layer 3—IP Services Command Reference)
track interface protocol
Use track interface protocol to create a track entry and associate it with the protocol state of the specified interface.
Use undo track to remove the track entry.
Syntax
track track-entry-number interface interface-type interface-number protocol ipv4 [ delay { negative negative-time | positive positive-time } * ]
undo track track-entry-number
Default
No track entry exists.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
track-entry-number: Specifies the track entry ID in the range of 1 to 1024.
interface-type interface-number: Specifies an interface by its type and number.
ipv4: Monitors the IPv4 protocol state. When the IPv4 protocol state of an interface is up, the state of the track object is Positive. When the IPv4 protocol state of an interface is down, the state of the track object is Negative. To display the IPv4 protocol state of an interface, use the display ip interface brief command.
delay: Specifies the delay before the Track module notifies the application modules of the track entry state change. If you do not specify this keyword, the Track module notifies the application modules immediately when the track entry state changes.
negative negative-time: Specifies the delay before the Track module notifies the application modules that the track entry state has changed to Negative. The negative-time argument represents the delay time in the range of 1 to 300 seconds.
positive positive-time: Specifies the delay before the Track module notifies the application modules that the track entry state has changed to Positive. The positive-time argument represents the delay time in the range of 1 to 300 seconds.
Usage guidelines
After a track entry is created, you can only use the track interface protocol delay command to modify its notification delay settings. To modify other settings, you must delete the entry and create a new one.
Examples
# Create track entry 1, and associate it with the IPv4 protocol state of VLAN-interface 2.
<Sysname> system-view
[Sysname] track 1 interface vlan-interface 2 protocol ipv4
Related commands
· display track
· display ip interface brief (Layer 3—IP Services Command Reference)
track nqa
Use track nqa to create a track entry and associate it with the specified reaction entry of the NQA operation.
Use undo track to remove the track entry.
Syntax
track track-entry-number nqa entry admin-name operation-tag reaction item-number [ delay { negative negative-time | positive positive-time } * ]
undo track track-entry-number
Default
No track entry exists.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
track-entry-number: Specifies the track entry ID in the range of 1 to 1024.
entry admin-name operation-tag: Specifies the NQA operation to be associated with the track entry. The admin-name argument is the name of the NQA operation administrator who creates the NQA operation, and is a case-insensitive string of 1 to 32 characters. The operation-tag argument is the NQA operation tag, a case-insensitive string of 1 to 32 characters.
reaction item-number: Specifies the reaction entry to be associated with the track entry. The item-number argument is the reaction entry ID in the range of 1 to 10.
delay: Specifies the delay before the Track module notifies the application modules of the track entry state change. If you do not specify this keyword, the Track module notifies the application modules immediately when the track entry state changes.
negative negative-time: Specifies the delay before the Track module notifies the application modules that the track entry state has changed to Negative. The negative-time argument represents the delay time in the range of 1 to 300 seconds.
positive positive-time: Specifies the delay before the Track module notifies the application modules that the track entry state has changed to Positive. The positive-time argument represents the delay time in the range of 1 to 300 seconds.
Usage guidelines
After a track entry is created, you can only use the track nqa delay command to modify its notification delay settings. To modify other settings, you must delete the entry and create a new one.
Examples
# Create track entry 1, and associate it with reaction entry 3 of the NQA operation admin-test.
<Sysname> system-view
[Sysname] track 1 nqa entry admin test reaction 3
Related commands
display track
bfd authentication-mode,38
bfd demand enable,39
bfd detect-multiplier,39
bfd echo enable,40
bfd echo-source-ip,41
bfd min-echo-receive-interval,41
bfd min-receive-interval,42
bfd min-transmit-interval,43
bfd multi-hop authentication-mode,43
bfd multi-hop destination-port,44
bfd multi-hop detect-multiplier,45
bfd multi-hop min-receive-interval,46
bfd multi-hop min-transmit-interval,46
bfd session init-mode,47
display bfd session,47
display dldp,1
display dldp statistics,2
display track,50
display vrrp,10
display vrrp statistics,17
dldp authentication-mode,4
dldp authentication-password,4
dldp delaydown-timer,5
dldp enable,6
dldp global enable,7
dldp interval,7
dldp unidirectional-shutdown,8
reset bfd session statistics,49
reset dldp statistics,9
reset vrrp statistics,21
snmp-agent trap enable vrrp,22
track bfd,51
track interface,52
track interface protocol,54
track nqa,55
vrrp check-ttl enable,23
vrrp dscp,23
vrrp mode,24
vrrp version,25
vrrp vrid,35
vrrp vrid authentication-mode,25
vrrp vrid preempt-mode,27
vrrp vrid priority,28
vrrp vrid shutdown,30
vrrp vrid source-interface,31
vrrp vrid timer advertise,32
vrrp vrid track,33