10-High Availability Command Reference

HomeSupportResource CenterReference GuidesCommand ReferencesH3C S12500-X & S12500X-AF Switch Series Command References-Release 113x-6W10110-High Availability Command Reference
Table of Contents
Related Documents
01-Text
Title Size Download
01-Text 357.83 KB

DLDP commands

display dldp

Use display dldp to display DLDP configuration.

Syntax

display dldp [ interface interface-type interface-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

interface interface-type interface-number: Specifies an interface by its type and number.

Usage guidelines

If no port is specified, this command displays global and port-specific DLDP configuration. If a port is specified, this command displays only the DLDP configuration on the port.

Examples

# Display global and port-specific DLDP configuration.

<Sysname> display dldp

 DLDP global status: Enabled

 DLDP advertisement interval: 5s

 DLDP authentication-mode: Simple

 DLDP authentication-password: ******

 DLDP unidirectional-shutdown mode: Auto

 DLDP delaydown-timer value: 1s

 Number of enabled ports: 2

 

Interface FortyGigE1/0/1

 DLDP port state: Bidirectional

 Number of the port’s neighbors: 1

  Neighbor MAC address: 0023-8956-3600

  Neighbor port index: 79

  Neighbor state: Confirmed

  Neighbor aged time: 13s

 

Interface FortyGigE1/0/2

 DLDP port state: Inactive

 Number of the port’s neighbors: 0 (Maximum number ever detected: 1)

# Display the DLDP configuration of FortyGigE 1/0/1.

<Sysname> display dldp interface fortygige 1/0/1

Interface FortyGigE1/0/1

 DLDP port state: Bidirectional

 Number of the port’s neighbors: 1

  Neighbor MAC address: 0023-8956-3600

  Neighbor port index: 79

  Neighbor state: Confirmed

  Neighbor aged time: 13s

Table 1 Command output

Field

Description

DLDP global status

Global DLDP state (Enabled or Disabled).

DLDP advertisement interval

Interval for sending Advertisement packets (in seconds) to maintain neighbor relations.

DLDP authentication-mode

DLDP authentication mode (None, Simple, or md5).

DLDP authentication-password

Password for DLDP authentication:

·     ******—The password has been configured.

·     Not configured—The authentication mode has been configured but no password is configured.

DLDP unidirectional-shutdown mode

Port shutdown mode (Auto or Manual) after unidirectional links are detected.

DLDP delaydown-timer value

Setting of the DelayDown timer, in seconds.

Number of enabled ports

Number of the DLDP-enabled ports.

Interface

Index of a DLDP-enabled port.

DLDP port state

DLDP state on a port:

·     Bidirectional.

·     Inactive.

·     Initial.

·     Unidirectional.

Number of the port’s neighbors

Current number of neighbors.

Maximum number ever detected

Maximum number of neighbors once detected on the port. This field appears only when the current number of neighbors is different from the maximum number of neighbors once detected.

Neighbor MAC address

MAC address of the neighbor.

Neighbor port index

Neighbor port index.

Neighbor state

Neighbor state (Confirmed or Unconfirmed).

Neighbor aged time

Neighbor aging time.

 

display dldp statistics

Use display dldp statistics to display the statistics on the DLDP packets passing through a port.

Syntax

display dldp statistics [ interface interface-type interface-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

interface interface-type interface-number: Specifies a port by its type and number.

Usage guidelines

If no port is specified, this command displays the statistics on the DLDP packets passing through all the DLDP-enabled ports.

Examples

# Display the statistics on the DLDP packets passing through all the DLDP-enabled ports.

<Sysname> display dldp statistics

Interface FortyGigE1/0/1

 Packets sent: 6

 Packets received: 5

 Invalid packets received: 2

 Loopback packets received: 0

 Authentication-failed packets received: 0

 Valid packets received: 3

 

Interface FortyGigE1/0/2

 Packets sent: 7

 Packets received: 7

 Invalid packets received: 3

 Loopback packets received: 0

 Authentication-failed packets received: 0

 Valid packets received: 4

Table 2 Command output

Field

Description

Interface

Port index.

Packets sent

Total number of DLDP packets sent.

Packets received

Total number of DLDP packets received.

Invalid packets received

Number of the invalid packets received.

Loop packets received

Number of the loopback packets received.

Authentication failed packets received

Number of the received packets that failed to pass the authentication.

Valid packets received

Number of the valid packets received.

 

Related commands

reset dldp statistics

dldp authentication-mode

Use dldp authentication-mode to configure DLDP authentication.

Use undo dldp authentication-mode to restore the default.

Syntax

dldp authentication-mode { md5 | none | simple }

undo dldp authentication-mode

Default

The DLDP authentication mode is none.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

md5: Specifies the MD5 authentication mode.

none: Specifies not to perform authentication.

simple: Specifies the plain text authentication mode.

Usage guidelines

To enable DLDP to operate correctly, make sure the DLDP authentication modes and the passwords configured on the two ends of a link are the same.

If you do not configure the authentication password after you configure the authentication mode, the authentication mode is none no matter which authentication mode you configure.

Examples

# Configure to perform plain text authentication and set the password to abc (assuming that Device A and Device B are connected by a DLDP link).

·     Configure Device A:

<DeviceA> system-view

[DeviceA] dldp authentication-mode simple

[DeviceA] dldp authentication-password simple abc

·     Configure Device B:

<DeviceB> system-view

[DeviceB] dldp authentication-mode simple

[DeviceB] dldp authentication-password simple abc

Related commands

·     display dldp

·     dldp authentication-password

dldp authentication-password

Use dldp authentication-password to configure the password for DLDP authentication.

Use undo dldp authentication-password to restore the default.

Syntax

dldp authentication-password { cipher cipher | simple simple }

undo dldp authentication-password

Default

No DLDP authentication password is configured.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

cipher cipher: Sets a ciphertext password. The cipher argument is a case-sensitive string of 1 to 53 characters.

simple simple: Sets a plaintext password. The simple argument is a case-sensitive string of 1 to 16 characters.

Usage guidelines

For security purposes, all DLDP authentication passwords, including passwords configured in plain text, are saved in cipher text.

To enable DLDP to operate correctly, make sure the DLDP authentication modes and the passwords configured on the two ends of a link are the same.

If you do not configure the authentication password after you configure the authentication mode, the authentication mode is none no matter which authentication mode you configure.

Examples

# Configure to perform plain text authentication and set the password to abc (assuming that Device A and Device B are connected by a DLDP link).

·     Configure Device A:

<DeviceA> system-view

[DeviceA] dldp authentication-mode simple

[DeviceA] dldp authentication-password simple abc

·     Configure Device B:

<DeviceB> system-view

[DeviceB] dldp authentication-mode simple

[DeviceB] dldp authentication-password simple abc

Related commands

·     display dldp

·     dldp authentication-mode

dldp delaydown-timer

Use dldp delaydown-timer to set the DelayDown timer.

Use undo dldp delaydown-timer to restore the default.

Syntax

dldp delaydown-timer time

undo dldp delaydown-timer

Default

The setting of the DelayDown timer is 1 second.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

time: Specifies the DelayDown timer in the range of 1 to 5 seconds.

Usage guidelines

The DelayDown timer configured by using this command applies to all DLDP-enabled ports.

Examples

# Set the DelayDown timer to 2 seconds.

<Sysname> system-view

[Sysname] dldp delaydown-timer 2

Related commands

display dldp

dldp enable

Use dldp enable to enable DLDP on a port.

Use undo dldp enable to disable DLDP on a port.

Syntax

dldp enable

undo dldp enable

Default

DLDP is disabled on a port.

Views

Layer 2 Ethernet interface view, Layer 3 Ethernet interface view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

DLDP can take effect only after you enable it globally and on a port.

Examples

# Enable DLDP globally, and then enable DLDP on FortyGigE 1/0/1.

<Sysname> system-view

[Sysname] dldp global enable

[Sysname] interface fortygige 1/0/1

[Sysname-FortyGigE1/0/1] dldp enable

Related commands

·     display dldp

·     dldp global enable

dldp global enable

Use dldp global enable to enable DLDP globally.

Use undo dldp global enable to disable DLDP globally.

Syntax

dldp global enable

undo dldp global enable

Default

DLDP is disabled globally.

Views

System view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

DLDP can take effect only after you enable it globally and on a port.

Examples

# Enable DLDP globally.

<Sysname> system-view

[Sysname] dldp global enable

Related commands

·     display dldp

·     dldp enable

dldp interval

Use dldp interval to set the interval for sending Advertisement packets.

Use undo dldp interval to restore the default.

Syntax

dldp interval time

undo dldp interval

Default

The interval for sending Advertisement packets is 5 seconds.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

time: Specifies Advertisement packets sending interval in the range of 1 to 100 seconds.

Usage guidelines

This command applies to all DLDP-enabled ports.

To enable DLDP to operate correctly, make sure the intervals for sending Advertisement packets configured on the two ends of a link are the same.

Examples

# Set the interval for sending Advertisement packets to 20 seconds.

<Sysname> system-view

[Sysname] dldp interval 20

Related commands

display dldp

dldp unidirectional-shutdown

Use dldp unidirectional-shutdown to set the port shutdown mode.

Use undo dldp unidirectional-shutdown to restore the default.

Syntax

dldp unidirectional-shutdown { auto | manual }

undo dldp unidirectional-shutdown

Default

The port shutdown mode is auto mode.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

auto: Configures the port shutdown mode as auto mode. In this mode, when DLDP detects a unidirectional link, it shuts down the Unidirectional port.

manual: Configures the port shutdown mode as manual mode. In this mode, when DLDP detects a unidirectional link, DLDP does not shut down the involved port but you need to manually shut it down. When the link state is restored to Bidirectional, you must manually bring up the port.

Examples

# Set the port shutdown mode to manual mode.

<Sysname> system-view

[Sysname] dldp unidirectional-shutdown manual

Related commands

display dldp

reset dldp statistics

Use reset dldp statistics to clear the statistics on DLDP packets passing through a port.

Syntax

reset dldp statistics [ interface interface-type interface-number ]

Views

User view

Predefined user roles

network-admin

mdc-admin

Parameters

interface interface-type interface-number: Clears the statistics on DLDP packets passing through a port. interface-type interface-number represents a port by its type and number.

Usage guidelines

If no port is specified, this command clears the statistics on the DLDP packets passing through all the DLDP-enabled ports.

Examples

# Clear the statistics on the DLDP packets passing through all the DLDP-enabled ports.

<Sysname> reset dldp statistics

Related commands

display dldp statistics


VRRP commands

The term "interface" in this chapter refers to VLAN interfaces, Layer 3 Ethernet interfaces, Layer 3 aggregate interfaces, Layer 3 Ethernet subinterfaces, and Layer 3 aggregate subinterfaces. You can configure an Ethernet port as a Layer 3 interface by using the port link-mode route command (see Layer 2—LAN Switching Configuration Guide).

VRRP cannot be configured on member ports of aggregation groups.

In VRRP load balancing mode, the virtual MAC address is determined by the virtual router ID and the VF number. Each VF in VRRP groups with different virtual router IDs on a device is associated with a unique virtual MAC address. An FE or FX card can have a maximum of 8 virtual MAC addresses. The maximum number of VRRP groups with different virtual router IDs on a device multiplied by the maximum number of VFs among all VRRP groups cannot be larger than 8.

IPv4 VRRP commands

display vrrp

Use display vrrp to display the states of IPv4 VRRP groups.

Syntax

display vrrp [ interface interface-type interface-number [ vrid virtual-router-id ] ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

interface interface-type interface-number: Specifies an interface by its type and number.

vrid virtual-router-id: Specifies an IPv4 VRRP group by its virtual router ID. The value range for the virtual-router-id argument varies as follows:

 

Cards

VRRP operating mode

Value range

FC cards

VRRP standard mode.

NOTE:

VRRP load balancing mode is not supported on FC cards.

The valid value range is 1 to 7.

FE and FX cards

VRRP standard mode.

In versions earlier than Release 1138P01, the valid value range is 1 to 7.

In Release 1138P01 and later versions, the valid value range is 1 to 255. A device can have a maximum of 8 VRRP groups with different virtual router IDs.

VRRP load balancing mode.

The valid value range is 1 to 255. The maximum number of VRRP groups with different virtual router IDs on a device multiplied by the maximum number of VFs among all VRRP groups cannot be larger than 8.

 

verbose: Displays detailed IPv4 VRRP group information. If the verbose keyword is not specified, this command displays brief IPv4 VRRP group information.

Usage guidelines

·     If no interface or VRRP group is specified, this command displays the states of all IPv4 VRRP groups.

·     If only an interface is specified, this command displays the states of all IPv4 VRRP groups on the specified interface.

·     If both an interface and an IPv4 VRRP group are specified, this command displays the states of the specified IPv4 VRRP group on the specified interface.

Examples

# Display brief information about all IPv4 VRRP groups on the device when VRRP operates in standard mode.

<Sysname> display vrrp

IPv4 Virtual Router Information:

 Running Mode      : Standard

 Total number of virtual routers : 1

 Interface          VRID  State        Running Adver   Auth     Virtual

                                       Pri     Timer   Type        IP

 ---------------------------------------------------------------------

 Vlan1              1     Master       150     100     Simple   1.1.1.1

Table 3 Command output (in standard mode)

Field

Description

Running Mode

VRRP operating mode (standard mode).

Total number of virtual routers

Total number of VRRP groups.

Interface

Interface where the VRRP group is configured.

VRID

Virtual router ID (VRRP group number).

State

Status of the router in the VRRP group:

·     Master.

·     Backup.

·     Initialize.

·     Inactive.

Running Pri

Current priority of the router.

When a track entry is associated with a VRRP group on the router, the router's priority changes when the track entry's status changes.

Adver Timer

VRRP advertisement sending interval in centiseconds.

Auth Type

Authentication type:

·     NoneNo authentication.

·     SimpleSimple text authentication.

·     MD5MD5 authentication.

Virtual IP

Virtual IP address of the VRRP group.

 

# Display detailed information about all IPv4 VRRP groups on the device when VRRP operates in standard mode.

<Sysname> display vrrp verbose

IPv4 Virtual Router Information:

 Running Mode      : Standard

 Total number of virtual routers : 2

   Interface Vlan-interface2

     VRID           : 1                    Adver Timer  : 100

     Admin Status   : Up                   State        : Master

     Config Pri     : 150                  Running Pri  : 150

     Preempt Mode   : Yes                  Delay Time   : 5

     Auth Type      : Simple               Key          : ******

     Virtual IP     : 1.1.1.1

     Virtual MAC    : 0000-5e00-0101

     Master IP      : 1.1.1.2

   VRRP Track Information:

     Track Object   : 1                    State : Positive   Pri Reduced : 50

   Interface Vlan-interface2

     VRID           : 11                   Adver Timer  : 100

     Admin Status   : Up                   State        : Backup

     Config Pri     : 80                   Running Pri  : 80

     Preempt Mode   : Yes                  Delay Time   : 0

     Become Master  : 2370ms left

     Auth Type      : None

     Virtual IP     : 1.1.1.11

     Virtual MAC    : 0000-5e00-010b

     Master IP      : 1.1.1.12

Table 4 Command output (in standard mode)

Field

Description

Running Mode

VRRP operating mode (standard mode).

Total number of virtual routers

Total number of VRRP groups.

Interface

Interface where the VRRP group is configured.

VRID

Virtual router ID (VRRP group number).

Adver Timer

VRRP advertisement sending interval in centiseconds.

Admin Status

Administrative status: up or down.

State

Status of the router in the VRRP group:

·     Master.

·     Backup.

·     Initialize.

·     Inactive.

Config Pri

Configured priority of the router, which is configured through the vrrp vrid priority command.

Running Pri

Current priority of the router.

When a track entry is associated with a VRRP group on the router, the router's priority changes when the track entry's status changes.

Preempt Mode

Preemptive mode:

·     Yes.

·     No.

Delay Time

Preemption delay time in centiseconds.

Become Master

Time, in milliseconds, that a backup router has to wait before it becomes the master.

Auth Type

Authentication type:

·     NoneNo authentication.

·     SimpleSimple text authentication.

·     MD5MD5 authentication.

Key

Authentication key, which is not displayed if no authentication is required.

Virtual IP

Virtual IP address of the VRRP group.

Virtual MAC

Virtual MAC address of the VRRP group's virtual IP address, which is displayed when the router is the master.

Master IP

Primary IP address of the interface where the master resides.

VRRP Track Information

Track entry information. This field is displayed only after you have configured the vrrp vrid track command.

Track Object

Track entry which is associated with the VRRP group.

State

Track entry state:

·     Negative.

·     Positive.

·     NotReady.

Pri Reduced

Value by which the priority decreases when the status of the associated track entry becomes negative.

Switchover

Switchover mode. When the status of the associated track entry becomes negative, the backup immediately becomes the master.

 

# Display brief information about all IPv4 VRRP groups on the device when VRRP operates in load balancing mode.

<Sysname> display vrrp

IPv4 Virtual Router Information:

 Running Mode      : Load Balance

 Total number of virtual routers : 1

 Interface          VRID  State        Running Address             Active

                                       Pri

 ----------------------------------------------------------------------

 Vlan1              1     Master       150     1.1.1.1             Local

 -----              VF 1  Active       255     000f-e2ff-0011      Local

Table 5 Command output (in load balancing mode)

Field

Description

Running Mode

VRRP operating mode (load balancing mode).

Total number of virtual routers

Total number of VRRP groups.

Interface

Interface where the VRRP group is configured.

VRID

Virtual router ID (VRRP group number) or virtual forwarder (VF) ID.

State

·     For a VRRP group (when the VRID is a virtual router ID), this field indicates the state of the router in the VRRP group, which is Master, Backup, Initialize, or Inactive.

·     For a VF (when the VRID is a VF ID), this field indicates the state of the VF in the VRRP group, which is Active, Listening, or Initialize.

Running Pri

·     For a VRRP group (when the VRID is a virtual router ID), this field indicates the running priority of the router. When a track entry is associated with a VRRP group on the router, the router's priority changes when the track entry's status changes.

·     For a VF (when the VRID is a VF ID), this field indicates the running priority of the VF. When a track entry is associated with a VF, the priority of the VF changes if the state of the monitored track entry changes.

Address

·     For a VRRP group (when the VRID is a virtual router ID), this field indicates the virtual IP address of the VRRP group.

·     For a VF (when the VRID is a VF ID), this field indicates the virtual MAC address of the VF.

Active

·     For a VRRP group (when the VRID is a virtual router ID), this field indicates the IP address of the interface where the master resides. If the current router is the master, local is displayed.

·     For a VF (when the VRID is a VF ID), this field indicates the IP address of the interface where the active virtual forwarder (AVF) resides. If the current VF is the AVF, local is displayed.

 

# Display detailed information about all IPv4 VRRP groups on the device when VRRP operates in load balancing mode.

<Sysname> display vrrp verbose

IPv4 Virtual Router Information:

 Running Mode      : Load Balance

 Total number of virtual routers : 2

   Interface Vlan-interface

     VRID           : 1                    Adver Timer  : 100

     Admin Status   : Up                   State        : Master

     Config Pri     : 150                  Running Pri  : 150

     Preempt Mode   : Yes                  Delay Time   : 5

     Auth Type      : None

     Virtual IP     : 10.1.1.1

                      10.1.1.2

                      10.1.1.3

     Member IP List : 10.1.1.10 (Local, Master)

                      10.1.1.20 (Backup)

   VRRP Track Information:

     Track Object   : 1                    State : Positive   Pri Reduced : 50

   Forwarder Information: 2 Forwarders 1 Active

     Config Weight  : 255

     Running Weight : 255

    Forwarder 01

     State          : Active

     Virtual MAC    : 000f-e2ff-0011 (Owner)

     Owner ID       : 0000-5e01-1101

     Priority       : 255

     Active         : local

    Forwarder 02

     State          : Listening

     Virtual MAC    : 000f-e2ff-0012 (Learnt)

     Owner ID       : 0000-5e01-1103

     Priority       : 127

     Active         : 10.1.1.20

   Forwarder Weight Track Information:

     Track Object   : 1          State : Positive   Weight Reduced : 250

   Interface Vlan-interface2

     VRID           : 11                   Adver Timer  : 100

     Admin Status   : Up                   State        : Backup

     Config Pri     : 80                   Running Pri  : 80

     Preempt Mode   : Yes                  Delay Time   : 0

     Become Master  : 2370ms left

     Auth Type      : None

     Virtual IP     : 10.1.1.11

                      10.1.1.12

                      10.1.1.13

     Member IP List : 10.1.1.10 (Local, Backup)

                      10.1.1.15 (Master)

   Forwarder Information: 2 Forwarders 1 Active

     Config Weight  : 255

     Running Weight : 255

    Forwarder 01

     State          : Active

     Virtual MAC    : 000f-e2ff-40b1 (Learnt)

     Owner ID       : 0000-5e01-1103

     Priority       : 127

     Active         : 10.1.1.15

    Forwarder 02

     State          : Listening

     Virtual MAC    : 000f-e2ff-40b2 (Owner)

     Owner ID       : 0000-5e01-1101

     Priority       : 255

     Active         : local

Table 6 Command output (in load balancing mode)

Field

Description

Running Mode

VRRP operating mode (load balancing mode).

Total number of virtual routers

Total number of VRRP groups.

Interface

Interface where the VRRP group is configured.

VRID

Virtual router ID (VRRP group number).

Adver Timer

VRRP advertisement sending interval in centiseconds.

Admin Status

Administrative status: up or down.

State

Status of the router in the VRRP group:

·     Master.

·     Backup.

·     Initialize.

·     Inactive.

Config Pri

Configured priority of the router, which is configured by using the vrrp vrid priority command.

Running Pri

Current priority of the router.

When a track entry is associated with a VRRP group on the router, the router's priority changes when the track entry's status changes.

Preempt Mode

Preemptive mode:

·     Yes.

·     No.

Delay Time

Preemption delay time in centiseconds.

Become Master

Time, in milliseconds, that a backup router has to wait before it becomes the master.

Auth Type

Authentication type:

·     NoneNo authentication.

·     SimpleSimple text authentication.

·     MD5MD5 authentication.

Key

Authentication key, which is not displayed if no authentication is required.

Virtual IP

Virtual IP address list of the VRRP group.

Member IP List

IP addresses of the member devices in the VRRP group:

·     LocalIP address of the local router.

·     MasterIP address of the master.

·     BackupIP address of the backup.

VRRP Track Information

Track entry which is associated with the VRRP group. This field is displayed only after you have configured the vrrp vrid track command.

Track Object

Track entry to be monitored.

State

Track entry state:

·     Negative.

·     Positive.

·     NotReady.

Pri Reduced

Value by which the priority decreases when the status of the associated track entry becomes negative. This field is displayed only after you have configured vrrp vrid track command.

Switchover

Switchover mode. When the status of the associated track entry becomes negative, the backup immediately becomes the master.

Forwarder Information: 2 Forwarders 1 Active

VF information: Two VFs exist, and one is the AVF.

Config Weight

Configured weight of the VF: 255.

Running Weight

Current weight of the VF.

When a track entry is associated with the VFs of a VRRP group, the VFs' weights change when the track entry's status changes.

Forwarder 01

Information about VF 01.

State

VF state:

·     Active.

·     Listening.

·     Initialize.

Virtual MAC

Virtual MAC address of the VF.

Owner ID

Real MAC address of the VF owner.

Priority

VF priority in the range of 1 to 255.

Active

IP address of the interface where the AVF resides. If the current VF is the AVF, local is displayed.

Forwarder Weight Track Configuration

VF weight Track configuration.

The field is displayed only after you have configured the vrrp vrid weight track command.

Track Object

Track entry which is associated with the VFs.

The field is displayed only after you have configured the vrrp vrid weight track command.

State

Track entry state:

·     Negative.

·     Positive.

·     NotReady.

Weight Reduced

Value by which the weights of the VFs decrease when the state of the associated track entry changes to negative.

The field is displayed only after you configure the vrrp vrid weight track command.

 

display vrrp statistics

Use display vrrp statistics to display statistics for IPv4 VRRP groups.

Syntax

display vrrp statistics [ interface interface-type interface-number [ vrid virtual-router-id ] ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

interface interface-type interface-number: Specifies an interface by its type and number.

vrid virtual-router-id: Specifies an IPv4 VRRP group by its virtual router ID. The value range for the virtual-router-id argument varies as follows:

 

Cards

VRRP operating mode

Value range

FC cards

VRRP standard mode.

NOTE:

VRRP load balancing mode is not supported on FC cards.

The valid value range is 1 to 7.

FE and FX cards

VRRP standard mode.

In versions earlier than Release 1138P01, the valid value range is 1 to 7.

In Release 1138P01 and later versions, the valid value range is 1 to 255. A device can have a maximum of 8 VRRP groups with different virtual router IDs.

VRRP load balancing mode.

The valid value range is 1 to 255. The maximum number of VRRP groups with different virtual router IDs on a device multiplied by the maximum number of VFs among all VRRP groups cannot be larger than 8.

 

Usage guidelines

·     If no interface or VRRP group is specified, this command displays statistics for all IPv4 VRRP groups.

·     If only an interface is specified, this command displays statistics for all IPv4 VRRP groups on the specified interface.

·     If both an interface and an IPv4 VRRP group are specified, this command displays statistics for the specified IPv4 VRRP group on the specified interface.

You can use the reset vrrp statistics command to clear statistics for IPv4 VRRP groups.

Examples

# Display statistics for all IPv4 VRRP groups when VRRP operates in standard mode.

<Sysname> display vrrp statistics

 Interface               : Vlan-interface2

 VRID                    : 1

 CheckSum Errors         : 0          Version Errors                : 0

 Invalid Pkts Rcvd       : 0          Unexpected Pkts Rcvd          : 0

 IP TTL Errors           : 0          Advertisement Interval Errors : 0

 Invalid Auth Type       : 0          Auth Failures                 : 0

 Packet Length Errors    : 0          Auth Type Mismatch            : 0

 Become Master           : 1          Address List Errors           : 0

 Adver Rcvd              : 0          Priority Zero Pkts Rcvd       : 0

 Adver Sent              : 807        Priority Zero Pkts Sent       : 0

 

 Global statistics

 CheckSum Errors         : 0

 Version Errors          : 0

 VRID Errors             : 0

# Display statistics for all IPv4 VRRP groups when VRRP operates in load balancing mode.

<Sysname> display vrrp statistics

 Interface               : Vlan-interface2

 VRID                    : 1

 CheckSum Errors         : 0          Version Errors                : 0

 Invalid Pkts Rcvd       : 0          Unexpected Pkts Rcvd          : 0

 IP TTL Errors           : 0          Advertisement Interval Errors : 0

 Invalid Auth Type       : 0          Auth Failures                 : 0

 Packet Length Errors    : 0          Auth Type Mismatch            : 0

 Become Master           : 39         Address List Errors           : 0

 Become AVF              : 13         Packet Option Errors          : 0

 Adver Rcvd              : 2562       Priority Zero Pkts Rcvd       : 1

 Adver Sent              : 16373      Priority Zero Pkts Sent       : 49

 Request Rcvd            : 2          Reply Rcvd                    : 10

 Request Sent            : 12         Reply Sent                    : 2

 Release Rcvd            : 0          VF Priority Zero Pkts Rcvd    : 1

 Release Sent            : 0          VF Priority Zero Pkts Sent    : 11

 Redirect Timer Expires  : 1          Time-out Timer Expires        : 0

 

 Global statistics

 CheckSum Errors         : 0

 Version Errors          : 0

 VRID Errors             : 0

Table 7 Command output (in standard mode)

Field

Description

Interface

Interface where the VRRP group is configured.

VRID

VRRP group number.

CheckSum Errors

Number of packets with checksum errors.

Version Errors

Number of packets with version errors.

Invalid Pkts Rcvd

Number of received packets of invalid packet types.

Unexpected Pkts Rcvd

Number of received unexpected packets.

Advertisement Interval Errors

Number of packets with advertisement interval errors.

IP TTL Errors

Number of packets with TTL errors.

Auth Failures

Number of packets with authentication failures.

Invalid Auth Type

Number of packets with authentication failures because of invalid authentication types.

Auth Type Mismatch

Number of packets with authentication failures because of mismatching authentication types.

Packet Length Errors

Number of packets with VRRP packet length errors.

Address List Errors

Number of packets with virtual IP address list errors.

Become Master

Number of times that the router elected as the master.

Priority Zero Pkts Rcvd

Number of received advertisements with the router priority of 0.

Adver Rcvd

Number of received advertisements.

Priority Zero Pkts Sent

Number of sent advertisements with the router priority of 0.

Adver Sent

Number of sent advertisements.

Global statistics

Global statistics for all VRRP groups.

CheckSum Errors

Total number of packets with checksum errors.

Version Errors

Total number of packets with version errors.

VRID Errors

Total number of packets with VRID errors.

 

Table 8 Command output (in load balancing mode)

Field

Description

Interface

Interface where the VRRP group is configured.

VRID

VRRP group number.

CheckSum Errors

Number of packets with checksum errors.

Version Errors

Number of packets with version errors.

Invalid Pkts Rcvd

Number of received packets of invalid packet types.

Unexpected Pkts Rcvd

Number of received unexpected packets.

Advertisement Interval Errors

Number of packets with advertisement interval errors.

IP TTL Errors

Number of packets with TTL errors.

Auth Failures

Number of packets with authentication failures.

Invalid Auth Type

Number of packets with authentication failures because of invalid authentication types.

Auth Type Mismatch

Number of packets with authentication failures because of mismatching authentication types.

Packet Length Errors

Number of packets with VRRP packet length errors.

Address List Errors

Number of packets with virtual IP address list errors.

Become Master

Number of times that the router elected as the master.

Redirect Timer Expires

Number of times that the redirect timer expired.

Become AVF

Number of times that the VF elected as the AVF.

Time-out Timer Expires

Number of times that the time-out timer expired.

Adver Rcvd

Number of received advertisements.

Request Rcvd

Number of received requests.

Adver Sent

Number of sent advertisements.

Request Sent

Number of sent requests.

Reply Rcvd

Number of received replies.

Release Rcvd

Number of received release packets.

Reply Sent

Number of sent replies.

Release Sent

Number of sent release packets.

Priority Zero Pkts Rcvd

Number of received advertisements with the router priority of 0.

VF Priority Zero Pkts Rcvd

Number of received advertisements with the VF priority of 0.

Priority Zero Pkts Sent

Number of sent advertisements with the router priority of 0.

VF Priority Zero Pkts Sent

Number of sent advertisements with the VF priority of 0.

Packet Option Errors

Number of packet option errors.

Global statistics

Global statistics for all IPv4 VRRP groups.

CheckSum Errors

Total number of packets with checksum errors.

Version Errors

Total number of packets with version errors.

VRID Errors

Total number of packets with VRID errors.

 

Related commands

reset vrrp statistics

reset vrrp statistics

Use reset vrrp statistics to clear statistics for IPv4 VRRP groups.

Syntax

reset vrrp statistics [ interface interface-type interface-number [ vrid virtual-router-id ] ]

Views

User view

Predefined user roles

network-admin

mdc-admin

Parameters

interface interface-type interface-number: Specifies an interface by its type and number.

vrid virtual-router-id: Specifies an IPv4 VRRP group by its virtual router ID. The value range for the virtual-router-id argument varies as follows:

 

Cards

VRRP operating mode

Value range

FC cards

VRRP standard mode.

NOTE:

VRRP load balancing mode is not supported on FC cards.

The valid value range is 1 to 7.

FE and FX cards

VRRP standard mode.

In versions earlier than Release 1138P01, the valid value range is 1 to 7.

In Release 1138P01 and later versions, the valid value range is 1 to 255. A device can have a maximum of 8 VRRP groups with different virtual router IDs.

VRRP load balancing mode.

The valid value range is 1 to 255. The maximum number of VRRP groups with different virtual router IDs on a device multiplied by the maximum number of VFs among all VRRP groups cannot be larger than 8.

 

Usage guidelines

·     If no interface or VRRP group is specified, this command clears statistics for all IPv4 VRRP groups.

·     If only an interface is specified, this command clears statistics for all IPv4 VRRP groups on the specified interface.

·     If both an interface and an IPv4 VRRP group are specified, this command clears statistics for the specified IPv4 VRRP group on the specified interface.

Examples

# Clear statistics for all IPv4 VRRP groups on all interfaces.

<Sysname> reset vrrp statistics

Related commands

display vrrp statistics

snmp-agent trap enable vrrp

Use snmp-agent trap enable vrrp to enable SNMP notifications for VRRP globally.

Use undo snmp-agent trap enable vrrp to disable SNMP notifications for VRRP globally.

Syntax

snmp-agent trap enable vrrp [ auth-failure | new-master ]

undo snmp-agent trap enable vrrp [ auth-failure | new-master ]

Default

SNMP notifications for VRRP are enabled.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

auth-failure: Generates notifications as defined in RFC 2787 when the device in a VRRP group receives a VRRP advertisement with the authentication type or key not matching the local configuration.

new-master: Generates notifications as defined in RFC 2787 when the state of a device in a VRRP group changes from Initialize or Backup to Master.

Usage guidelines

When the notification feature is enabled, the device can send notifications to the destination host. To specify the notification type (inform or trap) and target host, use the snmp-agent target-host command.

Examples

# Generate notifications as defined in RFC 2787 when the device in a VRRP group receives a VRRP advertisement with the authentication type or key not matching the local configuration.

<Sysname> system-view

[Sysname] snmp-agent trap enable vrrp auth-failure

vrrp check-ttl enable

Use vrrp check-ttl enable to enable TTL check for IPv4 VRRP packets.

Use undo vrrp check-ttl enable to disable TTL check for IPv4 VRRP packets.

Syntax

vrrp check-ttl enable

undo vrrp check-ttl enable

Default

TTL check for IPv4 VRRP packets is enabled.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

The master in an IPv4 VRRP group periodically sends VRRP advertisements to declare its presence. The VRRP advertisements are multicast in the local subnet and cannot be forwarded by routers, so the TTL value is not changed. When the master sends VRRP advertisements, it sets the TTL value to 255. If you enable TTL check, the backups drop the VRRP advertisements with TTL other than 255, preventing attacks from other subnets.

Devices from different vendors might implement VRRP differently. When the device is interoperating with devices of other vendors, TTL check on VRRP packets might result in unexpected dropping of packets. In this scenario, use the undo vrrp check-ttl enable command to disable TTL check on VRRP packets.

Examples

# Disable TTL check for IPv4 VRRP packets.

<Sysname> system-view

[Sysname] interface vlan-interface 2

[Sysname-Vlan-interface2] undo vrrp check-ttl enable

vrrp dscp

Use vrrp dscp to set a DSCP value for VRRP packets.

Use undo vrrp dscp to restore the default.

Syntax

vrrp dscp dscp-value

undo vrrp dscp

Default

The DSCP value for VRRP packets is 48.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

dscp-value: Specifies a DSCP value for VRRP packets, in the range of 0 to 63.

Usage guidelines

The DSCP value identifies the packet priority during transmission. A greater DSCP value means a higher packet priority.

Examples

# Set the DSCP value to 30 for VRRP packets.

<Sysname> system-view

[Sysname] vrrp dscp 30

vrrp mode

Use vrrp mode to specify the operating mode for IPv4 VRRP.

Use undo vrrp mode to restore the default.

Syntax

vrrp mode load-balance [ version-8 ]

undo vrrp mode

Default

IPv4 VRRP operates in standard mode.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

load-balance: Specifies the load balancing mode.

version-8: Specifies the version carried in VRRP packets as 8.

Usage guidelines

After you create IPv4 VRRP groups on the router, you can specify their operating mode by using this command. All IPv4 VRRP groups on the router operate in the specified mode.

The version-8 keyword takes effect only when the version of IPv4 VRRP configured on the interface is VRRPv2. The version-8 keyword is required in the following conditions:

·     A router running Comware V5 software or software with version earlier than Comware V7 exists in the VRRP group.

To display the software version, use the display version command.

·     All routers in the IPv4 VRRP group are operating in load balancing mode.

·     All routers in the IPv4 VRRP group are configured with the version of VRRPv2.

Examples

# Specify the load balancing mode for IPv4 VRRP.

<Sysname> system-view

[Sysname] vrrp mode load-balance

Related commands

display vrrp

vrrp version

Use vrrp version to specify the version of IPv4 VRRP on an interface.

Use undo vrrp version to restore the default.

Syntax

vrrp version version-number

undo vrrp version

Default

VRRPv3 is used.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

version-number: Specifies a VRRP version. The version number is 2 or 3, where 2 indicates VRRPv2 (described in RFC 3768), and 3 indicates VRRPv3 (described in RFC 5798).

Usage guidelines

The version of VRRP on all routers in an IPv4 VRRP group must be the same.

Examples

# Specify VRRPv2 to run on VLAN-interface 10.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] vrrp version 2

vrrp vrid authentication-mode

Use vrrp vrid authentication-mode to configure the authentication mode and the authentication key for an IPv4 VRRP group to send and receive VRRP packets.

Use undo vrrp vrid authentication-mode to restore the default.

Syntax

vrrp vrid virtual-router-id authentication-mode { md5 | simple } { cipher | plain } key

undo vrrp vrid virtual-router-id authentication-mode

Default

Authentication is disabled when a VRRP group sends and receives VRRP packets.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

virtual-router-id: Specifies an IPv4 VRRP group by its virtual router ID. The value range for the virtual-router-id argument varies as follows:

 

Cards

VRRP operating mode

Value range

FC cards

VRRP standard mode.

NOTE:

VRRP load balancing mode is not supported on FC cards.

The valid value range is 1 to 7.

FE and FX cards

VRRP standard mode.

In versions earlier than Release 1138P01, the valid value range is 1 to 7.

In Release 1138P01 and later versions, the valid value range is 1 to 255. A device can have a maximum of 8 VRRP groups with different virtual router IDs.

VRRP load balancing mode.

The valid value range is 1 to 255. The maximum number of VRRP groups with different virtual router IDs on a device multiplied by the maximum number of VFs among all VRRP groups cannot be larger than 8.

 

md5: Specifies the MD5 authentication mode.

simple: Specifies the simple authentication mode.

cipher: Sets a ciphertext authentication key.

plain: Sets a plaintext authentication key.

key: Sets the authentication key. This argument is case sensitive. It must be a ciphertext string of 1 to 41 characters if the cipher keyword is specified or a plaintext string of 1 to 8 characters if the plain keyword is specified.

Usage guidelines

To avoid attacks from unauthorized users, VRRP member routers add authentication keys in VRRP packets to authenticate one another. VRRP provides the following authentication modes:

·     simple—Simple text authentication.

The sender fills an authentication key into the VRRP packet, and the receiver compares the received authentication key with its local authentication key. If the two authentication keys are the same, the received VRRP packet is legitimate. Otherwise, the received packet is illegitimate.

·     md5—MD5 authentication.

The sender computes a digest for the packet to be sent by using the authentication key and MD5 algorithm, and it saves the result in the authentication header. The receiver performs the same operation by using the authentication key and MD5 algorithm, and it compares the result with the content in the authentication header. If the results are the same, the received VRRP packet is legitimate. Otherwise, the received packet is illegitimate.

The MD5 authentication is more secure than the simple text authentication, but it costs more resources.

For security purposes, all keys, including keys configured in plain text, are saved in cipher text.

 

IMPORTANT

IMPORTANT:

·     You can configure different authentication modes and authentication keys for the VRRP groups on an interface. However, members of the same VRRP group must use the same authentication mode and authentication key.

·     For VRRPv3, this command does not take effect.

 

Examples

# Set the authentication mode to simple and the authentication key to Sysname for VRRP group 1 on VLAN-interface 2.

<Sysname> system-view

[Sysname] interface vlan-interface 2

[Sysname-Vlan-interface2] vrrp vrid 1 authentication-mode simple plain Sysname

Related commands

·     display vrrp

·     vrrp version

vrrp vrid preempt-mode

Use vrrp vrid preempt-mode to enable the preemptive mode for the device in an IPv4 VRRP group and set the preemption delay.

Use undo vrrp vrid preempt-mode to disable the preemptive mode for the device in an IPv4 VRRP group.

Use undo vrrp vrid preempt-mode delay to restore the default preemption delay.

Syntax

vrrp vrid virtual-router-id preempt-mode [ delay delay-value ]

undo vrrp vrid virtual-router-id preempt-mode [ delay ]

Default

The device operates in preemptive mode and the preemption delay is 0 centiseconds.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

virtual-router-id: Specifies an IPv4 VRRP group by its virtual router ID. The value range for the virtual-router-id argument varies as follows:

 

Cards

VRRP operating mode

Value range

FC cards

VRRP standard mode.

NOTE:

VRRP load balancing mode is not supported on FC cards.

The valid value range is 1 to 7.

FE and FX cards

VRRP standard mode.

In versions earlier than Release 1138P01, the valid value range is 1 to 7.

In Release 1138P01 and later versions, the valid value range is 1 to 255. A device can have a maximum of 8 VRRP groups with different virtual router IDs.

VRRP load balancing mode.

The valid value range is 1 to 255. The maximum number of VRRP groups with different virtual router IDs on a device multiplied by the maximum number of VFs among all VRRP groups cannot be larger than 8.

 

delay delay-value: Specifies a preemption delay time in the range of 0 to 180000 in centiseconds. The default setting is 0 centiseconds.

Usage guidelines

In non-preemptive mode, when a device in the IPv4 VRRP group becomes the master, it acts as the master as long as it operates correctly, even if a backup is assigned a higher priority later. The non-preemptive mode helps avoid frequent switchover between the master and backups.

In preemptive mode, a backup takes over as the master and sends VRRP advertisements when it detects that it has a higher priority than the master. The previous master then becomes a backup. This mechanism makes sure the master is always the device with the highest priority.

To avoid frequent state changes among members in a VRRP group and to provide the backups enough time to collect information (such as routing information), a backup does not immediately become the master after it receives an advertisement with lower priority than the local priority. Instead, it waits for a period of time before taking over as the master.

Examples

# Enable the preemptive mode for VLAN-interface 2, and set the preemption delay time to 500 centiseconds.

<Sysname> system-view

[Sysname] interface vlan-interface 2

[Sysname-Vlan-interface2] vrrp vrid 1 preempt-mode delay 500

Related commands

display vrrp

vrrp vrid priority

Use vrrp vrid priority to set the priority of the device in an IPv4 VRRP group.

Use undo vrrp vrid priority to restore the default.

Syntax

vrrp vrid virtual-router-id priority priority-value

undo vrrp vrid virtual-router-id priority

Default

The priority of a device in an IPv4 VRRP group is 100.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

virtual-router-id: Specifies an IPv4 VRRP group by its virtual router ID. The value range for the virtual-router-id argument varies as follows:

 

Cards

VRRP operating mode

Value range

FC cards

VRRP standard mode.

NOTE:

VRRP load balancing mode is not supported on FC cards.

The valid value range is 1 to 7.

FE and FX cards

VRRP standard mode.

In versions earlier than Release 1138P01, the valid value range is 1 to 7.

In Release 1138P01 and later versions, the valid value range is 1 to 255. A device can have a maximum of 8 VRRP groups with different virtual router IDs.

VRRP load balancing mode.

The valid value range is 1 to 255. The maximum number of VRRP groups with different virtual router IDs on a device multiplied by the maximum number of VFs among all VRRP groups cannot be larger than 8.

 

priority-value: Specifies a priority value in the range of 1 to 254. A higher number indicates a higher priority.

Usage guidelines

VRRP determines the role (master or backup) of each device in a VRRP group by priority. A device with a higher priority is more likely to become the master.

VRRP priority is in the range of 0 to 255, and a greater number represents a higher priority. Priorities 1 to 254 are configurable. Priority 0 is reserved for special uses, and priority 255 is for the IP address owner. The device acting as the IP address owner in a VRRP group always has a running priority of 255 and acts as the master as long as it works correctly.

Examples

# Set the priority of the switch to 150 in VRRP group 1 on VLAN-interface 2.

<Sysname> system-view

[Sysname] interface vlan-interface 2

[Sysname-Vlan-interface2] vrrp vrid 1 priority 150

Related commands

·     display vrrp

·     vrrp vrid track

vrrp vrid shutdown

Use vrrp vrid shutdown to disable an IPv4 VRRP group.

Use undo vrrp vrid shutdown to restore the default.

Syntax

vrrp vrid virtual-router-id shutdown

undo vrrp vrid virtual-router-id shutdown

Default

An IPv4 VRRP group is enabled.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

virtual-router-id: Specifies an IPv4 VRRP group by its virtual router ID. The value range for the virtual-router-id argument varies as follows:

 

Cards

VRRP operating mode

Value range

FC cards

VRRP standard mode.

NOTE:

VRRP load balancing mode is not supported on FC cards.

The valid value range is 1 to 7.

FE and FX cards

VRRP standard mode.

In versions earlier than Release 1138P01, the valid value range is 1 to 7.

In Release 1138P01 and later versions, the valid value range is 1 to 255. A device can have a maximum of 8 VRRP groups with different virtual router IDs.

VRRP load balancing mode.

The valid value range is 1 to 255. The maximum number of VRRP groups with different virtual router IDs on a device multiplied by the maximum number of VFs among all VRRP groups cannot be larger than 8.

 

Usage guidelines

You can use this command to temporarily disable an IPv4 VRRP group. After this command is configured, the VRRP group stays in initialized state, and its configurations remain unchanged. You can change its configuration and your changes take effect when you enable the VRRP group again.

Examples

# Disable IPv4 VRRP group 1.

<Sysname> system-view

[Sysname] interface vlan-interface 2

[Sysname-Vlan-interface2] vrrp vrid 1 shutdown

vrrp vrid source-interface

Use vrrp vrid source-interface to specify the source interface for an IPv4 VRRP group. This interface, instead of the interface where the VRRP group resides, sends and receives VRRP packets.

Use undo vrrp source-interface to cancel the specified source interface.

Syntax

vrrp vrid virtual-router-id source-interface interface-type interface-number

undo vrrp vrid virtual-router-id source-interface

Default

No source interface is specified for a VRRP group. The interface where the VRRP group resides sends and receives VRRP packets.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

virtual-router-id: Specifies an IPv4 VRRP group by its virtual router ID. The value range for the virtual-router-id argument varies as follows:

 

Cards

VRRP operating mode

Value range

FC cards

VRRP standard mode.

NOTE:

VRRP load balancing mode is not supported on FC cards.

The valid value range is 1 to 7.

FE and FX cards

VRRP standard mode.

In versions earlier than Release 1138P01, the valid value range is 1 to 7.

In Release 1138P01 and later versions, the valid value range is 1 to 255. A device can have a maximum of 8 VRRP groups with different virtual router IDs.

VRRP load balancing mode.

The valid value range is 1 to 255. The maximum number of VRRP groups with different virtual router IDs on a device multiplied by the maximum number of VFs among all VRRP groups cannot be larger than 8.

 

interface-type interface-number: Specifies an interface by its type and number.

Usage guidelines

If VRRP group members cannot exchange VRRP packets through the interfaces where the VRRP group resides, you can use this command to enable VRRP packet exchange among VRRP group members through the specified source interfaces.

Examples

# Specify VLAN-interface 20 as the source interface for VRRP packet exchange in IPv4 VRRP group 10.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] vrrp vrid 10 source-interface vlan-interface 20

vrrp vrid timer advertise

Use vrrp vrid timer advertise to set the interval at which the master in an IPv4 VRRP group sends VRRP advertisements.

Use undo vrrp vrid timer advertise to restore the default.

Syntax

vrrp vrid virtual-router-id timer advertise adver-interval

undo vrrp vrid virtual-router-id timer advertise

Default

The master in an IPv4 VRRP group sends VRRP advertisements at an interval of 100 centiseconds.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

virtual-router-id: Specifies an IPv4 VRRP group by its virtual router ID. The value range for the virtual-router-id argument varies as follows:

 

Cards

VRRP operating mode

Value range

FC cards

VRRP standard mode.

NOTE:

VRRP load balancing mode is not supported on FC cards.

The valid value range is 1 to 7.

FE and FX cards

VRRP standard mode.

In versions earlier than Release 1138P01, the valid value range is 1 to 7.

In Release 1138P01 and later versions, the valid value range is 1 to 255. A device can have a maximum of 8 VRRP groups with different virtual router IDs.

VRRP load balancing mode.

The valid value range is 1 to 255. The maximum number of VRRP groups with different virtual router IDs on a device multiplied by the maximum number of VFs among all VRRP groups cannot be larger than 8.

 

adver-interval: Specifies an interval for the master in the specified IPv4 VRRP group to send VRRP advertisements. The value range for this argument is 10 to 4095 centiseconds. For VRRPv2, the value of the adver-interval argument can only be a multiple of 100. For example, if you configure values in the range of 10 to 100, 101 to 200, and 4001 to 4095, the actual values are 100, 200, and 4100, respectively. For VRRPv3, the value of the adver-interval argument that you configured takes effect.

Usage guidelines

The master in an IPv4 VRRP group periodically sends VRRP advertisements to declare its presence. You can use this command to configure the interval at which the master sends VRRP advertisements.

As a best practice, set the VRRP advertisement interval to be greater than 100 centiseconds to maintain system stability.

In VRRPv2, all routers in an IPv4 VRRP group must have the same interval for sending VRRP advertisements.

In VRRPv3, the routers in an IPv4 VRRP group can have different intervals for sending VRRP advertisements. The master in the VRRP group sends VRRP advertisements at the specified interval and carries the interval attribute in the advertisements. After a backup receives the advertisement, it records the interval in the advertisement. If the backup does not receive a new VRRP advertisement from the master when the timer (3 × recorded interval + Skew_Time) expires, it regards the master as failed and takes over as the master.

Large network traffic might disable a backup from receiving VRRP advertisements from the master within the specified time and trigger an unexpected master switchover. To solve this problem, you can use this command to configure a larger interval.

Examples

# Configure the master in IPv4 VRRP group 1 to send VRRP advertisements at an interval of 500 centiseconds.

<Sysname> system-view

[Sysname] interface vlan-interface 2

[Sysname-Vlan-interface2] vrrp vrid 1 timer advertise 500

Related commands

display vrrp

vrrp vrid track

Use vrrp vrid track to associate a VRRP group with a track entry and control master switchover or AVF switchover in the VRRP group in response to changes (such as uplink state changes) detected by the track entry.

Use undo vrrp vrid track to remove the association between a VRRP group and a track entry. If no track entry is specified, the association between the VRRP group and any track entry is removed.

Syntax

vrrp vrid virtual-router-id track track-entry-number { forwarder-switchover member-ip ip-address | priority reduced [ priority-reduced ] | switchover | weight reduced [ weight-reduced ] }

undo vrrp vrid virtual-router-id track [ track-entry-number [ forwarder-switchover | priority reduced | switchover | weight reduced ] ]

Default

A VRRP group and the VFs in a VRRP group are not associated with any track entry.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

virtual-router-id: Specifies an IPv4 VRRP group by its virtual router ID. The value range for the virtual-router-id argument varies as follows:

 

Cards

VRRP operating mode

Value range

FC cards

VRRP standard mode.

NOTE:

VRRP load balancing mode is not supported on FC cards.

The valid value range is 1 to 7.

FE and FX cards

VRRP standard mode.

In versions earlier than Release 1138P01, the valid value range is 1 to 7.

In Release 1138P01 and later versions, the valid value range is 1 to 255. A device can have a maximum of 8 VRRP groups with different virtual router IDs.

VRRP load balancing mode.

The valid value range is 1 to 255. The maximum number of VRRP groups with different virtual router IDs on a device multiplied by the maximum number of VFs among all VRRP groups cannot be larger than 8.

 

track-entry-number: Specifies a track entry. The track-entry-number argument is in the range of 1 to 1024.

forwarder-switchover member-ip ip-address: Enables the LVF on the router to take over the role of the AVF at the specified IP address immediately after the specified track entry changes to the negative state. You can use the display vrrp verbose command to view the IP addresses of VFs.

priority reduced priority-reduced: Reduces the priority of the router in the VRRP group by a specific value when the state of the specified track entry changes to negative. The priority-reduced argument is in the range of 1 to 255, and the default is 10.

switchover: Enables the router in backup state to take over as the master immediately after the specified track entry changes to the negative state.

weight reduced priority-reduced: Reduces the weight of all VFs on the router in the VRRP group by a specific value when the state of the specified track entry changes to negative. The weight-reduced argument is in the range of 1 to 255, and the default is 30.

Usage guidelines

When the associated track entry changes to the negative state, one of the following events occurs, depending on your configuration:

·     The priority of the router in the VRRP group decreases by a specific value.

·     The weight of VFs decreases by a specific value.

·     The router immediately takes over as the master if it is a backup.

·     The LVF on the router immediately takes over the role of the AVF at the specified IP address.

Before executing this command, create a VRRP group on the interface and assign a virtual IP address to it.

The forwarder-switchover member-ip ip-address or weight reduced weight-reduced option takes effect only when the IPv4 VRRP group is operating in load balancing mode.

If the priority reduced keyword is specified but the priority-reduced argument is not specified, the priority of the router in the VRRP group decreases by 10 when the track entry changes to negative.

If the weight reduced keyword is specified but the weight-reduced argument is not specified, the weight of the VFs on the router in the VRRP group decreases by 30 when the track entry changes to negative.

The weight of a VF is 255, and its lower limit of failure is 10.

When the weight of a VF owner is higher than or equal to the lower limit of failure, its priority is always 255 and does not change with the weight. To guarantee that an LVF can take over the VF owner as the AVF when the upstream link of the VF owner fails, the reduced weight for the VF owner must be higher than 245 so the weight of the VF owner can drop below the lower limit of failure.

When the track entry changes from Negative to Positive or NotReady, the router automatically restores its priority or VF weight. The failed master router becomes the master again, or the failed AVF becomes active again.

 

IMPORTANT

IMPORTANT:

·     The vrrp vrid track priority reduced or vrrp vrid track switchover command cannot take effect on an IP address owner. If you have configured the command on an IP address owner, the configuration takes effect after the router changes to be a non-IP address owner.

·     You can create a track entry with the track command before or after you associate it with a VRRP group. For more information about configuring track entries, see High Availability Configuration Guide.

 

Examples

# Associate VRRP group 1 on VLAN-interface 2 with track entry 1 and decrease the priority of the router in the VRRP group by 50 when the state of track entry 1 changes to negative.

<Sysname> system-view

[Sysname] interface vlan-interface 2

[Sysname-Vlan-interface2] vrrp vrid 1 track 1 priority reduced 50

# Associate VRRP group 1 on VLAN-interface 2 with track entry 1 and enable the VF in listening state whose AVF is on the member device with the IP address of 10.1.1.3 to take over immediately after the specified track entry changes to the negative state.

[Sysname-Vlan-interface2] vrrp vrid 1 track 1 forwarder-switchover member-ip 10.1.1.3

# Associate VRRP group 1 on VLAN-interface 2 with track entry 1 and decrease the weight of all VFs on the router in the VRRP group by 50 when the state of track entry 1 changes to negative.

[Sysname-Vlan-interface2] vrrp vrid 1 track 1 weight reduced 50

Related commands

display vrrp

vrrp vrid

Use vrrp vrid to create an IPv4 VRRP group and assign a virtual IP address to the IPv4 VRRP group or assign a virtual IP address to an existing IPv4 VRRP group.

Use undo vrrp vrid to remove all configurations of an existing IPv4 VRRP group or to remove a virtual IP address from an existing IPv4 VRRP group.

Syntax

vrrp vrid virtual-router-id virtual-ip virtual-address

undo vrrp vrid virtual-router-id [ virtual-ip [ virtual-address ] ]

Default

No IPv4 VRRP group is created.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

virtual-router-id: Specifies an IPv4 VRRP group by its virtual router ID. The value range for the virtual-router-id argument varies as follows:

 

Cards

VRRP operating mode

Value range

FC cards

VRRP standard mode.

NOTE:

VRRP load balancing mode is not supported on FC cards.

The valid value range is 1 to 7.

FE and FX cards

VRRP standard mode.

In versions earlier than Release 1138P01, the valid value range is 1 to 7.

In Release 1138P01 and later versions, the valid value range is 1 to 255. A device can have a maximum of 8 VRRP groups with different virtual router IDs.

VRRP load balancing mode.

The valid value range is 1 to 255. The maximum number of VRRP groups with different virtual router IDs on a device multiplied by the maximum number of VFs among all VRRP groups cannot be larger than 8.

 

virtual-ip virtual-address: Specifies a virtual IP address, which cannot be an all-zero address (0.0.0.0); a broadcast address (255.255.255.255); a loopback address; an IP address of other than Class A, Class B, and Class C; or an invalid IP address (for example, 0.0.0.1). If this argument is not specified, the undo vrrp vrid command removes all virtual IP addresses from the existing IPv4 VRRP group.

Usage guidelines

You can assign up to 16 virtual IP addresses to an IPv4 VRRP group.

If you create an IPv4 VRRP group but do not assign any virtual IP address to it, the VRRP group stays in inactive state and does not function.

The virtual IP addresses of an IPv4 VRRP group and the downlink interface IP address of the VRRP group must be in the same subnet. Otherwise, the hosts in the subnet might fail to access external networks.

In load balancing mode, the virtual IP address of an IPv4 VRRP group cannot be the IP address of any interface in the VRRP group. Otherwise, the load balancing mode cannot operate correctly.

Examples

# Create IPv4 VRRP group 1 and assign virtual IP address 10.10.10.10 to the VRRP group. Then assign virtual IP address 10.10.10.11 to the VRRP group.

<Sysname> system-view

[Sysname] interface vlan-interface 2

[Sysname-Vlan-interface2] vrrp vrid 1 virtual-ip 10.10.10.10

[Sysname-Vlan-interface2] vrrp vrid 1 virtual-ip 10.10.10.11

Related commands

display vrrp


BFD commands

The term "interface" in this chapter collectively refers to Layer 3 interfaces, including VLAN interfaces and Layer 3 Ethernet interfaces. You can set an Ethernet port as a Layer 3 interface by using the port link-mode route command (see Layer 2—LAN Switching Configuration Guide).

bfd authentication-mode

Use bfd authentication-mode to configure the BFD authentication mode for single-hop BFD control packets.

Use undo bfd authentication-mode to restore the default.

Syntax

bfd authentication-mode { m-md5 | m-sha1 | md5 | sha1 | simple } key-id { cipher cipher-string | plain plain-string }

undo bfd authentication-mode

Default

Single-hop BFD control packets are not authenticated.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

m-md5: Specifies the Meticulous MD5 algorithm.

m-sha1: Specifies the Meticulous SHA1 algorithm.

md5: Specifies the MD5 algorithm.

sha1: Specifies the SHA1 algorithm.

simple: Specifies the simple authentication mode.

key-id: Sets the authentication key ID in the range of 1 to 255.

cipher: Sets a ciphertext password.

cipher-string: Ciphertext password, which is a case-sensitive string of 33 to 53 characters.

plain: Sets a ciphertext password.

plain-string: Plaintext password, which is a case-sensitive string of 1 to 16 characters.

Usage guidelines

Use this command to enhance BFD session security.

For security purposes, all authentication passwords, including passwords configured in plain text, are saved in cipher text.

Examples

# Configure VLAN-interface 11 to perform simple authentication for single-hop BFD control packets, setting the authentication key ID to 1 and password to 123456.

<Sysname> system-view

[Sysname] interface vlan-interface 11

[Sysname-Vlan-interface11] bfd authentication-mode simple 1 plain 123456

bfd demand enable

Use bfd demand enable to enable the Demand BFD session mode.

Use undo bfd demand enable to restore the default.

Syntax

bfd demand enable

undo bfd demand enable

Default

The BFD session is in Asynchronous mode.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

In demand mode, no BFD control packets are exchanged after the session is established. When the connectivity to another system needs to be verified explicitly, a system sends several BFD control packets that have the Poll (P) bit set at the negotiated transmit interval. If no response is received within the detection interval, the session is considered down. If the connectivity is found to be up, no more BFD control packets are sent until the next command is issued.

In asynchronous mode, both endpoints periodically send BFD control packets to each other. BFD considers that the session is down if it receives no BFD control packets within a specific interval.

Examples

# Enable the Demand BFD session mode on VLAN-interface 11.

<Sysname> system-view

[Sysname] interface vlan-interface 11

[Sysname-Vlan-interface11] bfd demand enable

bfd detect-multiplier

Use bfd detect-multiplier to set the single-hop detection time multiplier.

Use undo bfd detect-multiplier to restore the default.

Syntax

bfd detect-multiplier value

undo bfd detect-multiplier

Default

The single-hop detection time multiplier is 5.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

value: Specifies a single-hop detection time multiplier in the range of 3 to 50.

Usage guidelines

The detection time multiplier determines the maximum number of concurrent BFD packets (including control packets and echo packets) that can be discarded.

Table 9 Detection interval calculation method

Mode

Detection interval

Echo packet mode

Detection time multiplier of the sender × actual packet sending interval of the sender

Control packet mode BFD session in asynchronous mode

Detection time multiplier of the receiver × actual packet sending interval of the receiver

Control packet mode BFD session in demand mode

Detection time multiplier of the sender × actual packet sending interval of the sender

 

Examples

# Set the single-hop detection time multiplier to 6 on VLAN-interface 11.

<Sysname> system-view

[Sysname] interface vlan-interface 11

[Sysname-Vlan-interface11] bfd detect-multiplier 6

bfd echo enable

Use bfd echo enable to enable the echo packet mode.

Use undo bfd echo enable to restore the default.

Syntax

bfd echo enable

undo bfd echo enable

Default

The echo packet mode is disabled.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

If you enable the echo packet mode for a BFD session in which control packets are sent and the session comes up, BFD does the following:

·     Periodically sends echo packets to detect link connectivity.

·     Decreases the control packet receiving rate at the same time.

Examples

# Enable the echo packet mode on VLAN-interface 11.

<Sysname> system-view

[Sysname] interface vlan-interface 11

[Sysname-Vlan-interface11] bfd echo enable

bfd echo-source-ip

Use bfd echo-source-ip to configure the source IP address of BFD echo packets.

Use undo bfd echo-source-ip to remove the configured source IP address of BFD echo packets.

Syntax

bfd echo-source-ip ip-address

undo bfd echo-source-ip

Default

No source IP address is configured for BFD echo packets.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

ip-address: Specifies the source IP address of BFD echo packets.

Usage guidelines

The source IP address cannot be on the same network segment as any local interface's IP address. Otherwise, a large number of ICMP redirect packets might be sent from the peer, resulting in link congestion.

Examples

# Configure the source IP address of BFD echo packets as 8.8.8.8.

<Sysname> system-view

[Sysname] bfd echo-source-ip 8.8.8.8

bfd min-echo-receive-interval

Use bfd min-echo-receive-interval to set the minimum interval for receiving BFD echo packets.

Use undo bfd min-echo-receive-interval to restore the default.

Syntax

bfd min-echo-receive-interval value

undo bfd min-echo-receive-interval

Default

The minimum interval for receiving BFD echo packets is 400 milliseconds.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

value: Specifies a minimum interval for receiving BFD echo packets, in milliseconds. The value takes 0 or is in the range of 10 to 1000.

Usage guidelines

This command sets the BFD echo packet receiving interval, which is the actual BFD echo packet sending interval.

Examples

# Set the minimum interval for receiving BFD echo packets to 500 milliseconds on VLAN-interface 11.

<Sysname> system-view

[Sysname] interface vlan-interface 11

[Sysname-Vlan-interface11] bfd min-echo-receive-interval 500

bfd min-receive-interval

Use bfd min-receive-interval to set the minimum interval for receiving single-hop BFD control packets.

Use undo bfd min-receive-interval to restore the default.

Syntax

bfd min-receive-interval value

undo bfd min-receive-interval

Default

The minimum interval for receiving single-hop BFD control packets is 400 milliseconds.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

value: Specifies the minimum interval for receiving single-hop BFD control packets, in milliseconds. The value range for this argument is 10 to 1000.

Usage guidelines

Configure this command to prevent the control packet sending rate of the peer end from exceeding the control packet receiving rate of the local end.

The actual control packet sending interval of the peer end takes the greater value between the minimum interval for transmitting BFD control packets on the peer end and the minimum interval for receiving BFD control packets on the local end.

Examples

# Set the minimum interval for receiving single-hop BFD control packets to 500 milliseconds on VLAN-interface 11.

<Sysname> system-view

[Sysname] interface vlan-interface 11

[Sysname-Vlan-interface11] bfd min-receive-interval 500

bfd min-transmit-interval

Use bfd min-transmit-interval to set the minimum interval for transmitting single-hop BFD control packets.

Use undo bfd min-transmit-interval to restore the default.

Syntax

bfd min-transmit-interval value

undo bfd min-transmit-interval

Default

The minimum interval for transmitting single-hop BFD control packets is 400 milliseconds.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

value: Specifies the minimum interval for transmitting single-hop BFD control packets, in milliseconds. The value range for this argument is 10 to 1000.

Usage guidelines

Use this command to make sure that the BFD packet sending rate does not exceed the device capability. The actual BFD control packet transmitting interval on the local end is the greater value between the minimum interval for transmitting BFD control packets on the local end and the minimum interval for receiving BFD control packets on the peer end.

Examples

# Set the minimum interval for transmitting single-hop BFD control packets to 500 milliseconds on VLAN-interface 11.

<Sysname> system-view

[Sysname] interface vlan-interface 11

[Sysname-Vlan-interface11] bfd min-transmit-interval 500

bfd multi-hop authentication-mode

Use bfd multi-hop authentication-mode to configure the authentication mode for multi-hop BFD control packets.

Use undo bfd multi-hop authentication-mode to restore the default.

Syntax

bfd multi-hop authentication-mode { m-md5 | m-sha1 | md5 | sha1 | simple } key-id { cipher cipher-string | plain plain-string }

undo bfd multi-hop authentication-mode

Default

No authentication is performed.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

m-md5: Specifies the Meticulous MD5 algorithm.

m-sha1: Specifies the Meticulous SHA1 algorithm.

md5: Specifies the MD5 algorithm.

sha1: Specifies the SHA1 algorithm.

simple: Specifies the simple authentication mode.

key-id: Sets the authentication key ID in the range of 1 to 255.

cipher: Sets a ciphertext password.

cipher-string: Sets the ciphertext password, which is a case-sensitive string of 33 to 53 characters.

plain: Sets a plaintext password.

plain-string: Sets the plaintext password, which is a case-sensitive string of 1 to 16 characters.

Usage guidelines

Use this command to enhance BFD session security.

For security purposes, all authentication passwords, including passwords configured in plain text, are saved in cipher text.

Examples

# Configure the simple authentication mode for multi-hop BFD control packets, setting the authentication key ID to 1 and password to 123456.

<Sysname> system-view

[Sysname] bfd multi-hop authentication-mode simple 1 plain 123456

bfd multi-hop destination-port

Use bfd multi-hop destination-port to configure the destination port number for multi-hop BFD control packets.

Use undo bfd multi-hop destination-port to restore the default.

Syntax

bfd multi-hop destination-port port-number

undo bfd multi-hop destination-port

Default

The destination port number for multi-hop BFD control packets is 4784.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

port-number: Specifies the destination port number of multi-hop BFD control packets, 3784 or 4784.

Examples

# Configure the destination port number for multi-hop BFD control packets as 3784.

<Sysname> system-view

[Sysname] bfd multi-hop destination-port 3784

bfd multi-hop detect-multiplier

Use bfd multi-hop detect-multiplier to set the multi-hop detection time multiplier.

Use undo bfd multi-hop detect-multiplier to restore the default.

Syntax

bfd multi-hop detect-multiplier value

undo bfd multi-hop detect-multiplier

Default

The multi-hop detection time multiplier is 5.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

value: Specifies the multi-hop detection time multiplier in the range of 3 to 50.

Usage guidelines

The detection time multiplier determines the maximum number of concurrent BFD control packets that can be discarded.

Table 10 Detection interval calculation method

Mode

Detection interval

Control packet mode BFD session in asynchronous mode

Detection time multiplier of the receiver × actual packet sending interval of the receiver

Control packet mode BFD session in demand mode

Detection time multiplier of the sender × actual packet sending interval of the sender

 

Examples

# Set the multi-hop detection time multiplier to 6.

<Sysname> system-view

[Sysname] bfd multi-hop detect-multiplier 6

bfd multi-hop min-receive-interval

Use bfd multi-hop min-receive-interval to set the minimum interval for receiving multi-hop BFD control packets.

Use undo bfd multi-hop min-receive-interval to restore the default.

Syntax

bfd multi-hop min-receive-interval value

undo bfd multi-hop min-receive-interval

Default

The minimum interval for receiving multi-hop BFD control packets is 400 milliseconds.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

value: Specifies the minimum interval for receiving multi-hop BFD control packets, in milliseconds. The value range for this argument is 10 to 1000.

Usage guidelines

When the packet sending rate of the peer end exceeds the packet receiving capability (minimum control packet receiving interval) of the local end, the peer end dynamically adjusts the BFD control packet sending interval to the minimum control packet receiving interval of the local end.

Examples

# Set the minimum interval for receiving multi-hop BFD control packets to 500 milliseconds.

<Sysname> system-view

[Sysname] bfd multi-hop min-receive-interval 500

bfd multi-hop min-transmit-interval

Use bfd multi-hop min-transmit-interval to set the minimum interval for transmitting multi-hop BFD control packets.

Use undo bfd multi-hop min-transmit-interval to restore the default.

Syntax

bfd multi-hop min-transmit-interval value

undo bfd multi-hop min-transmit-interval

Default

The minimum interval for transmitting multi-hop BFD control packets is 400 milliseconds.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

value: Specifies the minimum interval for transmitting multi-hop BFD control packets, in milliseconds. The value range for this argument is 10 to 1000.

Usage guidelines

Use this command to make sure that the BFD packet sending rate does not exceed the device capability. The actual BFD control packet transmitting interval on the local end is the greater value between the minimum interval for transmitting BFD control packets on the local end and the minimum interval for receiving BFD control packets on the peer end.

Examples

# Set the minimum interval for transmitting multi-hop BFD control packets to 500 milliseconds.

<Sysname> system-view

[Sysname] bfd multi-hop min-transmit-interval 500

bfd session init-mode

Use bfd session init-mode to configure the mode for establishing a BFD session.

Use undo bfd session init-mode to restore the default.

Syntax

bfd session init-mode { active | passive }

undo bfd session init-mode

Default

BFD uses the active mode.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

active: Uses the active mode. In active mode, BFD actively transmits BFD control packets to the remote device, regardless of whether it receives a BFD control packet from the remote device.

passive: Uses the passive mode. In passive mode, BFD does not actively transmit a BFD control packet to the remote end; it transmits a BFD control packet only after receiving a BFD control packet from the remote end.

Usage guidelines

At least one end must operate in active mode for a BFD session to be established.

Examples

# Configure the session establishment mode as passive.

<Sysname> system-view

[Sysname] bfd session init-mode passive

display bfd session

Use display bfd session to display BFD session information.

Syntax

display bfd session [ discriminator value | verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

discriminator value: Specifies a local ID in the range of 1 to 4294967295. If this option is not specified, the command displays brief information about all BFD sessions.

verbose: Displays detailed BFD session information. If this keyword is not specified, the command displays brief BFD session information.

Examples

# Display all IPv4 BFD session information.

<Sysname> display bfd session

 Total Session Num: 1     Up Session Num: 1     Init Mode: Active

 

 IPv4 Session Working Under Ctrl Mode:

 

 LD/RD          SourceAddr      DestAddr        State    Holdtime    Interface

 513/513        1.1.1.1         1.1.1.2         Up       2297ms      Vlan11

# Display detailed IPv4 BFD session information.

<Sysname> display bfd session verbose

 Total Session Num: 1     Up Session Num: 1     Init Mode: Active

 

 IPv4 Session Working Under Ctrl Mode:

 

       Local Discr: 513                  Remote Discr: 513

         Source IP: 1.1.1.1            Destination IP: 1.1.1.2

     Session State: Up                      Interface: Vlan-interface11

      Min Tx Inter: 500ms                Act Tx Inter: 500ms

      Min Rx Inter: 500ms                Detect Inter: 2500ms

          Rx Count: 42                       Tx Count: 43

      Connect Type: Direct             Running Up for: 00:00:20

         Hold Time: 2078ms                  Auth mode: None

       Detect Mode: Async                        Slot: 1

          Protocol: OSPF

         Diag Info: No Diagnostic

Table 11 Command output

Field

Description

Total Session Num

Total number of BFD sessions.

Up Session Num

Total number of active BFD sessions.

Init Mode

BFD operating mode, active or passive.

Session Working Under Ctrl Mode

BFD session mode:

·     Ctrl—Control packet mode.

·     Echo—Echo packet mode.

Local Discr/LD

Local ID of the session.

Remote Discr/RD

Remote ID of the session.

Source IP/SourceAddr

Source IP address of the session.

Destination IP/DestAddr

Destination IP address of the session.

Session State/State

Session state: up or down.

Interface

Name of the interface of the session.

Min Tx Inter

Minimum transmit interval.

Min Rx Inter

Minimum receive interval.

Act Tx Inter

Actual transmit interval.

Detect Inter

Actual session detection timer.

Rx Count

Number of packets received.

Tx Count

Number of packets sent.

Hold Time/Holdtime

Length of time before session detection timer expires.

Auth mode

Session authentication mode (only simple is supported).

Connect Type

Connection type of the interface, direct or indirect.

Running up for

Time interval for which the session has been up.

Detect Mode

Detection mode:

·     Async—Asynchronous mode.

·     Demand—Demand mode.

Slot

Slot number.

Diag Info

Diagnostic information about the session.

 

reset bfd session statistics

Use reset bfd session statistics to clear the BFD session statistics.

Syntax

reset bfd session statistics

Views

User view

Predefined user roles

network-admin

mdc-admin

Examples

# Clear the BFD session statistics.

<Sysname> reset bfd session statistics


Track commands

display track

Use display track to display track entry information.

Syntax

display track { track-entry-number | all }

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

track-entry-number: Displays information about the specified track entry. The value range for the track-entry-number argument is 1 to 1024.

all: Displays information about all track entries.

Examples

# Display information about all track entries.

<Sysname> display track all

Track ID: 1

  State: Positive (notify 13 seconds later)

  Duration: 0 days 0 hours 0 minutes 7 seconds

  Notification delay: Positive 20, Negative 30 (in seconds)

  Tracked object:

    NQA entry: admin test

    Reaction: 10

Track ID: 2

  State: NotReady

  Duration: 0 days 0 hours 0 minutes 32 seconds

  Notification delay: Positive 20, Negative 30 (in seconds)

  Tracked object:

    BFD session mode: Echo

    Outgoing interface: Vlan-interface2

    VPN instance name: -

    Remote IP: 192.168.40.1

    Local IP: 192.168.40.2

Track ID: 3

  State: Negative

  Duration: 0 days 0 hours 0 minutes 32 seconds

  Notification delay: Positive 20, Negative 30 (in seconds)

  Tracked object:

    Interface:  Vlan-interface3

    Protocol: IPv4

Table 12 Command output

Field

Description

Track ID

ID of a track entry.

State

States of a track entry:

·     PositiveThe tracked object operates correctly.

·     NotReadyThe tracked object is invalid.

·     NegativeThe tracked object is abnormal.

notify 13 seconds later

The Track module notifies the application modules of the track entry state change 13 seconds later. The information is not displayed after the Track module notifies the application modules.

Duration

Time period during which the track entry stays in the state.

Notification delay: Positive 20, Negative 30 (in seconds)

·     The Track module notifies the application modules that the status of the track entry changes to Positive after a delay time of 20 seconds.

·     The Track module notifies the application modules that the status of the track entry changes to Negative after a delay time of 30 seconds.

Tracked object

Tracked object associated with the track entry.

NQA entry

NQA operation associated with the track entry.

Reaction

Reaction entry associated with the track entry.

BFD session mode

BFD session mode. Only echo mode is supported.

Outgoing interface

Outgoing interface of BFD echo packets.

VPN instance name

Name of VPN instance to which BFD session packets belong. If the packets belong to the public network, this field displays a hyphen (-).

Remote IP

Remote IP address of the BFD echo packets.

Local IP

Local IP address of the BFD echo packets.

Interface

Interface to be monitored.

Protocol

Link states or Layer 3 protocol states of the monitored interface:

·     None—Link status of the monitored interface.

·     IPv4IPv4 protocol status of the monitored Layer 3 interface.

 

Related commands

·     track bfd

·     track interface

·     track interface protocol

·     track nqa

track bfd

Use track bfd to create a track entry and associate it with a BFD session.

Use undo track to remove the track entry.

Syntax

track track-entry-number bfd echo interface interface-type interface-number remote ip remote-ip local ip local-ip [ delay { negative negative-time | positive positive-time } * ]

undo track track-entry-number

Default

No track entry exists.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

track-entry-number: Specifies the track entry ID in the range of 1 to 1024.

interface interface-type interface-number: Specifies the outgoing interface by its type and number of the BFD echo packets.

remote ip remote-ip: Specifies the destination IP address of the BFD echo packets.

local ip local-ip: Specifies the source IP address of the BFD echo packets.

delay: Specifies the delay before the Track module notifies the application modules of the track entry state change. If you do not specify this keyword, the Track module notifies the application modules immediately when the track entry state changes.

negative negative-time: Specifies the delay before the Track module notifies the application modules that the track entry state has changed to Negative. The negative-time argument represents the delay time in the range of 1 to 300 seconds.

positive positive-time: Specifies the delay before the Track module notifies the application modules that the track entry state has changed to Positive. The positive-time argument represents the delay time in the range of 1 to 300 seconds.

Usage guidelines

After a track entry is created, you can only use the track bfd delay command to modify its notification delay settings. To modify other settings, you must delete the entry and create a new one.

When you configure collaboration between Track and BFD, do not configure the virtual IP address of a VRRP group as the local or remote address of a BFD session.

Examples

# Create track entry 1, which uses BFD to monitor the link between local IP address 1.1.1.2 and remote IP address 1.1.1.1 by sending BFD echo packets out from the VLAN-interface 2.

<Sysname> system-view

[Sysname] track 1 bfd echo interface vlan-interface 2 remote ip 1.1.1.1 local ip 1.1.1.2

Related commands

display track

track interface

Use track interface to create a track entry and associate it with the link state of the specified interface.

Use undo track to remove the track entry.

Syntax

track track-entry-number interface interface-type interface-number [ delay { negative negative-time | positive positive-time } * ]

undo track track-entry-number

Default

No track entry exists.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

track-entry-number: Specifies the track entry ID in the range of 1 to 1024.

interface-type interface-number: Specifies an interface by its type and number.

delay: Specifies the delay before the Track module notifies the application modules of the track entry state change. If you do not specify this keyword, the Track module notifies the application modules immediately when the track entry state changes.

negative negative-time: Specifies the delay before the Track module notifies the application modules that the track entry state has changed to Negative. The negative-time argument represents the delay time in the range of 1 to 300 seconds.

positive positive-time: Specifies the delay before the Track module notifies the application modules that the track entry state has changed to Positive. The positive-time argument represents the delay time in the range of 1 to 300 seconds.

Usage guidelines

When you associate Track with interface management to monitor the link status of an interface, the track entry state changes as follows:

·     The state of the track entry is Positive if the link state of the interface is up.

·     The state of the track entry is Negative if the link state of the interface is down.

To display the link state of an interface, use the display ip interface brief command.

After you create a track entry, you can only use the track interface delay command to modify its notification delay settings. To modify other settings, you must delete the entry and create a new one.

Examples

# Create track entry 1, and associate it with the link state of VLAN-interface 10.

<Sysname> system-view

[Sysname] track 1 interface vlan-interface 10

Related commands

·     display track

·     display ip interface brief (Layer 3—IP Services Command Reference)

track interface protocol

Use track interface protocol to create a track entry and associate it with the protocol state of the specified interface.

Use undo track to remove the track entry.

Syntax

track track-entry-number interface interface-type interface-number protocol ipv4 [ delay { negative negative-time | positive positive-time } * ]

undo track track-entry-number

Default

No track entry exists.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

track-entry-number: Specifies the track entry ID in the range of 1 to 1024.

interface-type interface-number: Specifies an interface by its type and number.

ipv4: Monitors the IPv4 protocol state. When the IPv4 protocol state of an interface is up, the state of the track object is Positive. When the IPv4 protocol state of an interface is down, the state of the track object is Negative. To display the IPv4 protocol state of an interface, use the display ip interface brief command.

delay: Specifies the delay before the Track module notifies the application modules of the track entry state change. If you do not specify this keyword, the Track module notifies the application modules immediately when the track entry state changes.

negative negative-time: Specifies the delay before the Track module notifies the application modules that the track entry state has changed to Negative. The negative-time argument represents the delay time in the range of 1 to 300 seconds.

positive positive-time: Specifies the delay before the Track module notifies the application modules that the track entry state has changed to Positive. The positive-time argument represents the delay time in the range of 1 to 300 seconds.

Usage guidelines

After a track entry is created, you can only use the track interface protocol delay command to modify its notification delay settings. To modify other settings, you must delete the entry and create a new one.

Examples

# Create track entry 1, and associate it with the IPv4 protocol state of VLAN-interface 2.

<Sysname> system-view

[Sysname] track 1 interface vlan-interface 2 protocol ipv4

Related commands

·     display track

·     display ip interface brief (Layer 3—IP Services Command Reference)

track nqa

Use track nqa to create a track entry and associate it with the specified reaction entry of the NQA operation.

Use undo track to remove the track entry.

Syntax

track track-entry-number nqa entry admin-name operation-tag reaction item-number [ delay { negative negative-time | positive positive-time } * ]

undo track track-entry-number

Default

No track entry exists.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

track-entry-number: Specifies the track entry ID in the range of 1 to 1024.

entry admin-name operation-tag: Specifies the NQA operation to be associated with the track entry. The admin-name argument is the name of the NQA operation administrator who creates the NQA operation, and is a case-insensitive string of 1 to 32 characters. The operation-tag argument is the NQA operation tag, a case-insensitive string of 1 to 32 characters.

reaction item-number: Specifies the reaction entry to be associated with the track entry. The item-number argument is the reaction entry ID in the range of 1 to 10.

delay: Specifies the delay before the Track module notifies the application modules of the track entry state change. If you do not specify this keyword, the Track module notifies the application modules immediately when the track entry state changes.

negative negative-time: Specifies the delay before the Track module notifies the application modules that the track entry state has changed to Negative. The negative-time argument represents the delay time in the range of 1 to 300 seconds.

positive positive-time: Specifies the delay before the Track module notifies the application modules that the track entry state has changed to Positive. The positive-time argument represents the delay time in the range of 1 to 300 seconds.

Usage guidelines

After a track entry is created, you can only use the track nqa delay command to modify its notification delay settings. To modify other settings, you must delete the entry and create a new one.

Examples

# Create track entry 1, and associate it with reaction entry 3 of the NQA operation admin-test.

<Sysname> system-view

[Sysname] track 1 nqa entry admin test reaction 3

Related commands

display track


Index

B D R S T V


B

bfd authentication-mode,38

bfd demand enable,39

bfd detect-multiplier,39

bfd echo enable,40

bfd echo-source-ip,41

bfd min-echo-receive-interval,41

bfd min-receive-interval,42

bfd min-transmit-interval,43

bfd multi-hop authentication-mode,43

bfd multi-hop destination-port,44

bfd multi-hop detect-multiplier,45

bfd multi-hop min-receive-interval,46

bfd multi-hop min-transmit-interval,46

bfd session init-mode,47

D

display bfd session,47

display dldp,1

display dldp statistics,2

display track,50

display vrrp,10

display vrrp statistics,17

dldp authentication-mode,4

dldp authentication-password,4

dldp delaydown-timer,5

dldp enable,6

dldp global enable,7

dldp interval,7

dldp unidirectional-shutdown,8

R

reset bfd session statistics,49

reset dldp statistics,9

reset vrrp statistics,21

S

snmp-agent trap enable vrrp,22

T

track bfd,51

track interface,52

track interface protocol,54

track nqa,55

V

vrrp check-ttl enable,23

vrrp dscp,23

vrrp mode,24

vrrp version,25

vrrp vrid,35

vrrp vrid authentication-mode,25

vrrp vrid preempt-mode,27

vrrp vrid priority,28

vrrp vrid shutdown,30

vrrp vrid source-interface,31

vrrp vrid timer advertise,32

vrrp vrid track,33


 

  • Cloud & AI
  • InterConnect
  • Intelligent Computing
  • Security
  • SMB Products
  • Intelligent Terminal Products
  • Product Support Services
  • Technical Service Solutions
All Services
  • Resource Center
  • Policy
  • Online Help
All Support
  • Become a Partner
  • Partner Resources
  • Partner Business Management
All Partners
  • Profile
  • News & Events
  • Online Exhibition Center
  • Contact Us
All About Us
新华三官网