Contents

mGRE commands· 1

display mgre session· 1

display nhrp map· 4

display nhrp statistics· 5

nhrp authentication· 7

nhrp holdtime· 7

nhrp network-id· 8

nhrp nhs· 9

reset mgre session· 9

reset mgre statistics· 10

reset nhrp statistics· 10

 

mGRE commands

display mgre session

Use display mgre session to display mGRE session information.

Syntax

display mgre session [ interface tunnel interface-number [ peer ipv4-address ] ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

interface tunnel interface-number: Specifies an mGRE tunnel interface by its number. The value range for the interface-number argument is 0 to 10239. If you do not specify this option, the command displays mGRE session information for all mGRE tunnel interfaces.

peer ipv4-address: Specifies a peer public address. If you do not specify this option, the command displays all mGRE session information for the specified mGRE tunnel interface.

verbose: Displays detailed information about IPv4 mGRE sessions. If you do not specify this keyword, the command displays brief information about mGRE sessions.

Usage guidelines

If you do not specify any parameters, this command displays brief information about all mGRE sessions on all tunnel interfaces.

Examples

# Display brief information about all mGRE sessions.

<Sysname> display mgre session

Interface        : Tunnel1

Number of sessions: 2

Peer NBMA address  Peer protocol address    Type   State         State duration

10.0.0.3           192.168.180.136          C-S    Succeeded     00:30:01

10.0.1.4           192.168.180.137          C-C    Establishing  00:30:02

# Display brief information about the mGRE session with the specified peer address.

<Sysname> display mgre session interface tunnel 1 peer 10.0.0.3

Interface         : Tunnel1

Number of sessions: 1

Peer NBMA address  Peer protocol address    Type   State       State duration

10.0.0.3           192.168.180.136          C-S    Succeeded   00:30:01

Table 1 Command output

Field	Description
Interface	Name of the mGRE tunnel interface.
Number of sessions	Total number of mGRE sessions on the tunnel interface.
Peer NBMA address	Public address of the peer.
Peer protocol address	IP address of the peer tunnel interface.
Type	mGRE session type: ·     C-S—The local end is an NHC, and the peer end is the NHS. ·     C-C—Both the local and peer ends are NHCs. ·     UNKNOWN—The local end is an NHC, and the peer end type is unknown.
State	mGRE session state: ·     Succeeded. ·     Establishing.
State duration	Duration of the current session state, in the format of hh:mm:ss.

 

# Display detailed information about all mGRE sessions.

<Sysname> display mgre session verbose

Interface         : Tunnel1

Link protocol     : GRE

Number of sessions: 2

  Peer NBMA address    : 10.0.1.3

  Peer protocol address: 192.168.180.136

  Session type         : C-S

  State                : Succeeded

  State duration       : 00:30:01

  Input : 2201 packets, 218 data packets, 3 control packets

          2191 multicasts, 0 errors

  Output: 2169 packets, 2168 data packets, 1 control packets

          2163 multicasts, 0 errors

 

  Peer NBMA address    : 10.0.1.4

  Peer protocol address: 192.168.180.137

  Session type         : C-S

  State                : Succeeded

  State duration       : 00:31:01

  Input : 1 packets, 0 data packets, 1 control packets

          0 multicasts, 0 errors

  Output: 16 packets, 0 data packets, 16 control packets

          0 multicasts, 0 errors

 

Interface         : Tunnel2

Link protocol     : IPsec-GRE

Number of sessions: 1

  Peer NBMA address     : 20.0.0.3

  Peer protocol address : 192.168.181.137

  Behind NAT            : No

  Session type          : C-C

  SA's SPI              :

      Inbound : 187199087 (0xb286e6f) [ESP]

      Outbound: 3562274487 (0xd453feb7) [ESP]

  State                 : Establishing

  State duration        : 00:31:01

  Input : 0 packets, 0 data packets, 0 control packets

         0 multicasts, 0 errors

  Output: 1 packets, 0 data packets, 1 control packets

         0 multicasts, 0 errors

Table 2 Command output

Field	Description
Interface	Name of the mGRE tunnel interface.
Link protocol	Encapsulation protocol used by the mGRE tunnel: ·     GRE. ·     IPsec-GRE.
Number of sessions	Total number of mGRE sessions on the tunnel interface.
Peer NBMA address	Public address of the peer.
Peer protocol address	IP address of the peer tunnel interface.
SA's SPI	SPI of the inbound and outbound SAs. This field is available when the mGRE tunnel is carried over IPsec.
Behind NAT	Whether the peer NHC has traversed a NAT device.
Session type	mGRE session type: ·     C-S—The local end is an NHC, and the peer end is the NHS. ·     C-C—Both the local and peer ends are NHCs.
State	mGRE session state: ·     Succeeded. ·     Establishing.
State duration	Duration of the current session state, in the format of hh:mm:ss.
Input	Statistics on received packets: ·     packets—Total number of packets. ·     data packets—Number of data packets. ·     control packets—Number of control packets. ·     multicasts—Number of multicast packets. ·     errors—Number of error packets.
Output	Statistics on sent packets: ·     packets—Total number of packets. ·     data packets—Number of data packets. ·     control packets—Number of control packets. ·     multicasts—Number of multicast packets. ·     errors—Number of error packets.

 

Related commands

reset mgre session

display nhrp map

Use display nhrp map to display information about NHRP mapping entries.

Syntax

display nhrp map [ interface tunnel interface-number [ peer ipv4-address ] ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

interface tunnel interface-number: Specifies an mGRE tunnel interface by its number. The value range for the interface-number argument is 0 to 10239. If you do not specify this option, the command displays NHRP mapping table information for all mGRE tunnel interfaces.

peer ipv4-address: Specifies a peer public address. If you do not specify this option, the command displays NHRP mapping entries for all peers.

verbose: Displays detailed information about NHRP mapping entries. If you do not specify this keyword, the command displays brief information about NHRP mapping entries.

Usage guidelines

If you do not specify any parameters, this command displays brief information about all NHRP mapping entries.

Examples

# Display brief information about all NHRP mapping entries.

<Sysname> display nhrp map

Destination/mask   Next hop       NBMA address    Type     Interface

172.16.1.1/32      172.16.1.1     105.112.100.4   cached   Tunnel0

172.16.1.2/32      172.16.1.2     105.112.100.92  cached   Tunnel0

 

# Display detailed information about all NHRP mapping entries.

<Sysname> display nhrp map verbose

Interface   : Tunnel0

  Destination/mask    : 172.16.1.1/32

  Next hop            : 172.16.1.1

  Creation time       : 00:38:44

  Expiration time     : 01:21:15

  Type                : cached

  Flags               : unique up used

  NBMA address        : 105.112.100.4

 

Interface   : Tunnel0

  Destination/mask    : 172.16.1.2/32

  Next hop            : 172.16.1.2

  Creation time       : 00:25:53

  Expiration time     : 01:34:06

  Type                : cached

  Flags               : unique up used ipsec

  NBMA address        : 105.112.100.92

Table 3 Command output

Field	Description
Destination/mask	Destination tunnel interface address and mask.
Next hop	Next hop address to reach the destination network.
Creation time	Period of time for which the mapping entry has been created.
Expiration time	Period of time in which the mapping entry will expire.
Type	Mapping entry type: ·     static—The entry is statically configured. ·     cached—The entry is dynamically obtained. ·     Incomplete—The entry is dynamic and incomplete.
Flags	Mapping entry flags: ·     unique—The mapping entry in the registration request cannot be overwritten by a mapping entry that has the same private address and different public addresses. A client can register the new entry with the server only after the mapping entry on the server expires. ·     used—This mapping entry is used for packet forwarding. ·     up—This mapping entry can be used for packet forwarding. ·     ipsec—IPsec negotiation succeeded. Packets will be protected by IPsec. ·     init—Initialization state.

 

display nhrp statistics

Use display nhrp statistics to display NHRP packet statistics for a tunnel interface.

Syntax

display nhrp statistics [ interface tunnel interface-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

interface tunnel interface-number: Specifies an mGRE tunnel interface by its number. The value range for the interface-number argument is 0 to 10239. If you do not specify this option, the command displays NHRP packet statistics for all tunnel interfaces.

Examples

# Display NHRP packet statistics.

<Sysname> display nhrp statistics

Tunnel0:

  NHRP packets sent       : 815

    Resolution requests   : 15

    Resolution replies    : 1

    Registration requests : 0

    Registration replies  : 797

    Purge requests        : 2

    Purge replies         : 0

    Error indications     : 0

    Traffic indications   : 0

 

  NHRP packets received   : 1453

    Resolution requests   : 15

    Resolution replies    : 1

    Registration requests : 1435

    Registration replies  : 2

    Purge requests        : 0

    Purge replies         : 0

    Error indications     : 0

    Traffic indications   : 0

 

Tunnel1:

  NHRP packets sent       : 3

    Resolution Requests   : 0

    Resolution replies    : 0

    Registration requests : 0

    Registration replies  : 3

    Purge requests        : 0

    Purge replies         : 0

    Error indications     : 0

    Traffic indications   : 0

 

  NHRP packets received   : 3

    Resolution requests   : 0

    Resolution replies    : 0

    Registration requests : 3

    Registration replies  : 0

    Purge requests        : 0

    Purge replies         : 0

    Error indications     : 0

    Traffic indications   : 0

Related commands

reset nhrp statistics

nhrp authentication

Use nhrp authentication to configure an NHRP packet authentication key.

Use undo nhrp authentication to restore the default.

Syntax

nhrp authentication { cipher | simple } string

undo nhrp authentication

Default

No NHRP packet authentication key is configured. NHRP nodes do not authenticate NHRP packets received from each other.

Views

mGRE tunnel interface view

Predefined user roles

network-admin

Parameters

cipher: Specifies an authentication key in encrypted form.

simple: Specifies an authentication key in plaintext form. For security purposes, the key specified in plaintext form will be stored in encrypted form.

string: Specifies the key string. Its plaintext form is a case-sensitive string of 1 to 8 characters. Its encrypted form is a case-sensitive string of 1 to 41 characters.

Usage guidelines

After an NHRP packet authentication key is configured for a tunnel interface, the tunnel interface adds the key in packets sent to the peer. The tunnel interface also uses the key to authenticate NHRP packets it receives. If a packet fails the authentication, the packet will be dropped.

For mGRE tunnels to be established successfully, configure the same NHRP authentication key for all NHCs and NHSs in the same mGRE network.

Examples

# On interface Tunnel1, set the NHRP packet authentication key to 123456.

<Sysname> system-view

[Sysname] interface tunnel 1 mode mgre

[Sysname-Tunnel1] nhrp authentication simple 123456

nhrp holdtime

Use nhrp holdtime to configure the holdtime for NHRP mapping entries.

Use undo nhrp holdtime to restore the default.

Syntax

nhrp holdtime seconds

undo nhrp holdtime

Default

The holdtime of NHRP mapping entries is 7200 seconds.

Views

mGRE tunnel interface view

Predefined user roles

network-admin

Parameters

seconds: Specifies the holdtime in the range of 1 to 65535 seconds.

Usage guidelines

After the holdtime is configured, the local NHRP holdtime carried in outgoing packets is updated to the configured holdtime.

Examples

# On interface Tunnel1, set the holdtime of NHRP mapping entries to 600 seconds

<Sysname> system-view

[Sysname] interface tunnel 1 mode mgre

[Sysname-Tunnel1] nhrp holdtime 600

Related commands

interface tunnel (Layer 3—IP Services Command Reference)

nhrp network-id

Use nhrp network-id to configure an NHRP network ID for an mGRE tunnel.

Use undo nhrp network-id to restore the default.

Syntax

nhrp network-id number

undo nhrp network-id

Default

No NHRP network ID is configured for an mGRE tunnel.

Views

mGRE tunnel interface view

Predefined user roles

network-admin

Parameters

number: Specifies an NHRP network ID in the range of 1 to 4294967295.

Usage guidelines

A network ID is only locally significant. You can configure different NHRP network IDs for different tunnel interfaces on the device. The NHC and NHS can have different NHRP network IDs.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Set the NHRP network ID to 10 for mGRE tunnel interface Tunnel1.

<Sysname> system-view

[Sysname] interface tunnel 1 mode mgre

[Sysname-Tunnel1] nhrp network-id 10

nhrp nhs

Use nhrp nhs to configure an NHS private-to-public address mapping.

Use undo nhrp nhs to delete an NHS private-to-public address mapping.

Syntax

nhrp nhs nhs-address nbma nbma-address

undo nhrp nhs nhs-address nbma nbma-address

Default

No NHS private-to-public address mappings are configured.

Views

mGRE tunnel interface view

Predefined user roles

network-admin

Parameters

nhs-address: Specifies the private address of an NHS.

nbma-address: Specifies the public address (NBMA address) of the NHS.

Usage guidelines

You can execute this command multiple times to configure multiple NHSs for redundancy. If multiple NHSs are configured, NHCs register with all the NHSs.

Examples

# On interface Tunnel1, configure the NHS private address as 1.1.1.1 and public address as 120.1.1.120.

<Sysname> system-view

[Sysname] interface tunnel 1 mode mgre

[Sysname-Tunnel1] nhrp nhs 1.1.1.1 nbma 120.1.1.120

Related commands

interface tunnel (Layer 3—IP Services Command Reference)

reset mgre session

Use reset mgre session to reset dynamic mGRE sessions.

Syntax

reset mgre session [ interface tunnel interface-number [ peer ipv4-address ] ]

Views

User view

Predefined user roles

network-admin

Parameters

interface tunnel interface-number: Specifies an mGRE tunnel interface by its number. The value range for the interface-number argument is 0 to 10239. If you do not specify this option, the command resets dynamic mGRE sessions for all mGRE tunnel interfaces.

peer ipv4-address: Specifies a peer public address. If you do not specify this option, the command resets all dynamic mGRE sessions for the specified mGRE tunnel interface.

Usage guidelines

When an mGRE session is reset, the NHC reregisters with the NHS.

Examples

# Reset the mGRE sessions on interface Tunnel1.

<Sysname> reset mgre session interface tunnel 1

# Reset the mGRE session with peer address 202.12.12.12 on interface Tunnel1.

<Sysname> reset mgre session interface tunnel 1 peer 202.12.12.12

Related commands

display mgre session

reset mgre statistics

Use reset mgre statistics to clear mGRE session statistics.

Syntax

reset mgre statistics [ interface tunnel interface-number [ peer ipv4-address ] ]

Views

User view

Predefined user roles

network-admin

Parameters

interface tunnel interface-number: Specifies an mGRE tunnel interface by its number. The value range for the interface-number argument is 0 to 10239. If you do not specify this option, the command clears mGRE session statistics for all mGRE tunnel interfaces.

peer ipv4-address: Specifies a peer public address. If you do not specify this option, the command clears statistics about all mGRE sessions on the specified mGRE tunnel interface.

Examples

# Clear statistics about mGRE sessions on interface Tunnel1.

<Sysname> reset mgre statistics interface tunnel 1

# Clear statistics about the mGRE session with peer public address 192.168.1.200 on interface Tunnel1.

<Sysname> reset mgre statistics interface tunnel 1 peer 192.168.1.200

reset nhrp statistics

Use reset nhrp statistics to clear NHRP packet statistics.

Syntax

reset nhrp statistics [ interface tunnel interface-number ]

Views

User view

Predefined user roles

network-admin

Parameters

interface tunnel interface-number: Specifies an mGRE tunnel interface by its number. The value range for the interface-number argument is 0 to 10239. If you do not specify this option, the command clears NHRP packet statistics for all mGRE tunnel interfaces.

Examples

# Clear NHRP packet statistics for interface Tunnel1.

<Sysname> reset nhrp statistics interface tunnel 1

Related commands

display nhrp statistics