- Table of Contents
- Related Documents
-
Title | Size | Download |
---|---|---|
01-Text | 1.94 MB |
mpls-forwarding statistics prefix-list
mpls ldp sync (OSPF view/OSPF area view)
display isis mpls te advertisement
display isis mpls te configured-sub-tlvs
display mpls te link-management bandwidth-allocation
display mpls te pce statistics
display mpls te tunnel-interface
display ospf mpls te advertisement
link-management periodic-flooding timer
mpls te auto-tunnel backup disable
mpls te bandwidth change thresholds
mpls te enable (interface view)
mpls te enable (OSPF area view)
mpls te fast-reroute bypass-tunnel
mpls te max-reservable-bandwidth
mpls te max-reservable-bandwidth mam
mpls te max-reservable-bandwidth rdm
mpls te reoptimization (tunnel interface view)
mpls te reoptimization (user view)
reset mpls te auto-bandwidth-adjustment timers
rsvp authentication window-size
rsvp reduction retransmit increment
rsvp reduction retransmit interval
select-seq load-balance-number
address-family ipv4 (VPN instance view)
description (VPN instance view)
display bgp routing-table ipv4 unicast inlabel
display bgp routing-table ipv4 unicast outlabel
display bgp routing-table vpnv4
display bgp routing-table vpnv4 inlabel
display bgp routing-table vpnv4 outlabel
ext-community-type (OSPF view)
route-distinguisher (VPN instance view)
rr-filter (BGP VPNv4 address family view)
vpn-target (VPN instance view/IPv4 VPN view/IPv6 VPN view)
address-family ipv6 (VPN instance view)
display bgp routing-table vpnv6
display bgp routing-table vpnv6 inlabel
display bgp routing-table vpnv6 outlabel
ext-community-type (OSPFv3 view)
rr-filter (BGP VPNv6 address family view)
description (cross-connect group view)
pw-class (auto-discovery cross-connect group view)
shutdown (cross-connect group view)
tunnel-policy (auto-discovery cross-connect view)
L2VPN access to L3VPN or IP backbone commands
mpls periodic-tracert (for LSP)
MPLS protection switching commands
display interface tunnel-bundle
display mpls forwarding protection
interface tunnel-bundle protection
protection switching-mode bidirectional
address-family ipv4 (VPN instance view)
description (VPN instance view)
route-distinguisher (VPN instance view)
vpn-instance-capability simple (OSPF view)
vpn-target (VPN instance view/IPv4 VPN view/IPv6 VPN view)
address-family ipv6 (VPN instance view)
vpn-instance-capability simple (OSPFv3 view)
display mpls static-sr-mpls prefix
Basic MPLS commands
The following matrix shows the feature and hardware compatibility:
Hardware |
Basic MPLS compatibility |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
MSR2600-6-X1/2600-10-X1 |
Yes |
MSR 2630 |
Yes |
MSR3600-28/3600-51 |
Yes |
MSR3600-28-SI/3600-51-SI |
Yes |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
MSR5620/5660/5680 |
Yes |
Hardware |
Basic MPLS compatibility |
MSR810-LM-GL |
No |
MSR810-W-LM-GL |
No |
MSR830-6EI-GL |
No |
MSR830-10EI-GL |
No |
MSR830-6HI-GL |
No |
MSR830-10HI-GL |
No |
MSR2600-6-X1-GL |
Yes |
MSR3600-28-SI-GL |
Yes |
Commands and descriptions for centralized devices apply to the following routers:
· MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/ 810-LMS/810-LUS.
· MSR2600-6-X1/2600-10-X1.
· MSR 2630.
· MSR3600-28/3600-51.
· MSR3600-28-SI/3600-51-SI.
· MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC.
· MSR 3610/3620/3620-DP/3640/3660.
Commands and descriptions for distributed devices apply to the following routers:
· MSR5620.
· MSR 5660.
· MSR 5680.
IPv6-related parameters are not supported on the MSR3600-28-SI/3600-51-SI routers.
display mpls forwarding ilm
Use display mpls forwarding ilm to display Incoming Label Map (ILM) entries.
Centralized devices in standalone mode:
display mpls forwarding ilm [ label ]
Distributed devices in standalone mode/centralized devices in IRF mode:
display mpls forwarding ilm [ label ] [ slot slot-number ]
Distributed devices in IRF mode:
display mpls forwarding ilm [ label ] [ chassis chassis-number slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
label: Displays the ILM entry with the specified incoming label. The value range for this argument is 16 to 1048575. If you do not specify an incoming label, this command displays information about ILM entry information for all incoming labels.
slot slot-number: Specifies a card by its slot number. If you do not specify a card, this command displays ILM entries for the active MPU. (Distributed devices in standalone mode.)
slot slot-number: Specifies an IRF member device by its member ID. If you do not specify a member device, this command displays ILM entries for the master device. (Centralized devices in IRF mode.)
chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The chassis-number argument represents the member ID of the IRF member device. The slot-number argument represents the slot number of the card. If you do not specify a card, this command displays ILM entries for the global active MPU. (Distributed devices in IRF mode.)
Usage guidelines
An ILM entry records the label operation type, outgoing label, and other forwarding information.
After an LSR receives a labeled packet, it performs the following operations:
1. Identifies the ILM entry that matches the top label of the packet.
2. Performs the specified label operation.
3. Forwards the packet.
Examples
# Display all ILM entries.
<Sysname> display mpls forwarding ilm
Total ILM entries: 3
Flags: T - Forwarded through a tunnel
N - Forwarded through the outgoing interface to the nexthop IP address
B - Backup forwarding information
A - Active forwarding information
InLabel Oper VRF Flag SwapLabel Forwarding Info
--------------------------------------------------------------------------------
30 SWAP 0 T 1300 1024
1279 POP 0 - - -
1407 SWAP 0 NA 1271 GE2/0/3 50.2.0.2
NB 1270 Tun0 0.0.0.0
Table 1 Command output
Field |
Description |
Total ILM entries |
Total number of ILM entries. |
InLabel |
Incoming label. |
Oper |
Operation type: · POP—Pops the label. · POPGO—Pops the label and forwards the packet to another tunnel. · SWAP—Swaps the label. |
VRF |
Index of a VPN instance. |
Flag |
Forwarding flag: · T—Forwarded through a tunnel. · N—Forwarded through the outgoing interface to the next hop IP address. · B—Backup forwarding information. · A—Active forwarding information. |
SwapLabel |
Outgoing label value. |
Forwarding Info |
Forwarding information: · When the forwarding flag is N, the forwarding information records the outgoing interface and the next hop. · When the forwarding flag is T, the forwarding information records the NID. |
display mpls forwarding nhlfe
Use display mpls forwarding nhlfe to display Next Hop Label Forwarding Entry (NHLFE) entries.
Syntax
Centralized devices in standalone mode:
display mpls forwarding nhlfe [ nid ]
Distributed devices in standalone mode/centralized devices in IRF mode:
display mpls forwarding nhlfe [ nid ] [ slot slot-number ]
Distributed devices in IRF mode:
display mpls forwarding nhlfe [ nid ] [ chassis chassis-number slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
nid: Displays the NHLFE entry with the specified NID. The NID value is in the range of 0 to 4294967294. If you do not specify an NID, this command displays NHLFE entry information for all NIDs.
slot slot-number: Specifies a card by its slot number. If you do not specify a card, this command displays NHLFE entries for the active MPU. (Distributed devices in standalone mode.)
slot slot-number: Specifies an IRF member device by its member ID. If you do not specify a member device, this command displays NHLFE entries for the master device. (Centralized devices in IRF mode.)
chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The chassis-number argument represents the member ID of the IRF member device. The slot-number argument represents the slot number of the card. If you do not specify a card, this command displays NHLFE entries for the global active MPU. (Distributed devices in IRF mode.)
Usage guidelines
An NHLFE entry records label forwarding information, such as the outgoing label and outgoing interface. NHLFE entries are mainly used to add multiple labels to packets.
To add multiple labels to a packet, an LSR performs the following operations:
1. Obtains the bottom label and NID in the matching FIB or ILM entry.
2. Obtains the outer label in the NHLFE entry identified by the NID.
Examples
# Display the NHLFE entry with NID 2048.
<Sysname> display mpls forwarding nhlfe 2048
Flags: T - Forwarded through a tunnel
N - Forwarded through the outgoing interface to the nexthop IP address
B - Backup forwarding information
A - Active forwarding information
NID Tnl-Type Flag OutLabel Forwarding Info
--------------------------------------------------------------------------------
2048 LSP NA 2025 GE2/0/2 10.11.112.26
# Display all NHLFE entries.
<Sysname> display mpls forwarding nhlfe
Total NHLFE entries: 5
Flags: T - Forwarded through a tunnel
N - Forwarded through the outgoing interface to the nexthop IP address
B - Backup forwarding information
A - Active forwarding information
NID Tnl-Type Flag OutLabel Forwarding Info
--------------------------------------------------------------------------------
10 - TA - 2049
20 - TA - 2050
2048 LSP NA 2025 GE2/0/2 10.11.112.26
2049 LSP NA 3024 GE2/0/2 10.11.112.26
TB 3026 20
2050 LSP NA 3025 GE2/0/1 10.11.113.26
Table 2 Command output
Field |
Description |
Total NHLFE entries |
Total number of NHLFE entries. |
NID |
NHLFE entry index. |
Tnl-Type |
Tunnel type: · LOCAL—Direct LSP tunnel. · LSP—Static LSP tunnel, or LSP tunnel signaled using LDP or BGP. · TE—TE tunnel. · GRE—GRE tunnel. · CRLSP—Static CRLSP/SRLSP tunnel or CRLSP tunnel signaled using RSVP. · - (a hyphen)—The tunnel type is invalid. |
Flag |
Forwarding flag: · T—Forwarded through a tunnel. · N—Forwarded through the outgoing interface to the next hop IP address. · B—Backup forwarding information. · A—Active forwarding information. |
OutLabel |
Outgoing label. |
Forwarding Info |
Forwarding information: · When the forwarding flag is N, the forwarding information records the outgoing interface and the next hop. · When the forwarding flag is T, the forwarding information records the NID. |
display mpls interface
Use display mpls interface to display MPLS interface information, including the interface name, interface status, and interface MPLS MTU.
Syntax
display mpls interface [ interface-type interface-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
interface-type interface-number: Specifies an interface by the interface type and number. If you do not specify an interface, this command displays MPLS information for all MPLS-enabled interfaces.
Examples
# Display all MPLS interfaces.
<Sysname> display mpls interface
Interface Status MPLS MTU
GE2/0/1 Up 1514
GE2/0/2 Up 1514
The MPLS MTU of an interface is in bytes.
Related commands
mpls enable
mpls mtu
display mpls label
Use display mpls label to display MPLS label usage information.
Syntax
display mpls label { label-value1 [ to label-value2 ] | all }
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
label-value1: Specifies a label value in the range of 16 to 1048575. If used with the label-value2 argument, the label-value1 argument represents the start label of a label range.
to label-value2: Specifies the end label of the label range. The value range for the end label is 16 to 1048575. If you specify a label range by using the label-value1 argument and the to label-value2 option, this command displays usage information for the specified range of labels.
all: Specifies all labels.
Examples
# Display usage information for labels 900 through 902.
<Sysname> display mpls label 900 to 902
Label Owner State
900 - Idle
901 - Idle
902 LDP Alloc
Table 3 Command output
Field |
Description |
Label |
Label value. |
Owner |
Protocol that is using the label: · Static—Static LSP. · LDP. · BGP. · StaticCR—Static CRLSP or static SRLSP. · RSVP. · L2VPN. This field displays a hyphen (-) when the label state is Idle. |
State |
Usage state of the label: · Idle—The label is idle. · Alloc—The label has been allocated. · Pending—The label has been released but is still used by an LSP entry. · Inuse—The label has been allocated and used by an LSP entry. |
display mpls lsp
Use display mpls lsp to display LSP information.
Syntax
display mpls lsp [ egress | in-label label-value | ingress | outgoing-interface interface-type interface-number | protocol { bgp | ldp | local | rsvp-te | static | static-cr } | transit ] [ vpn-instance vpn-instance-name ] [ ipv4-address mask-length | ipv6 [ ipv6-address prefix-length ] ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
egress: Displays the LSPs taking the current LSR as egress.
in-label label-value: Displays the LSPs using the specified label as the incoming label, in the range of 0 to 1048575.
ingress: Displays the LSPs taking the current LSR as ingress.
outgoing-interface interface-type interface-number: Displays the LSPs using the specified interface as the outgoing interface. The interface-type interface-number argument specifies an interface by its type and number.
protocol: Displays the LSPs established by a protocol.
bgp: Displays BGP LSPs.
ldp: Displays LDP LSPs.
local: Displays the LSPs to the direct next hops, or displays the LSPs that use the local MPLS TE tunnel interfaces or tunnel bundle interfaces as the LSP heads.
rsvp-te: Displays CRLSPs established by RSVP-TE.
The following matrix shows the rsvp-te keyword and hardware compatibility:
Hardware |
Keyword compatibility |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
MSR2600-6-X1/2600-10-X1 |
Yes |
MSR 2630 |
Yes |
MSR3600-28/3600-51 |
Yes |
MSR3600-28-SI/3600-51-SI |
No |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
MSR5620/5660/5680 |
Yes |
Hardware |
Keyword compatibility |
MSR810-LM-GL |
No |
MSR810-W-LM-GL |
No |
MSR830-6EI-GL |
No |
MSR830-10EI-GL |
No |
MSR830-6HI-GL |
No |
MSR830-10HI-GL |
No |
MSR2600-6-X1-GL |
Yes |
MSR3600-28-SI-GL |
No |
static: Displays static LSPs.
static-cr: Displays static CRLSPs and static SRLSPs.
The following matrix shows the static-cr keyword and hardware compatibility:
Hardware |
Keyword compatibility |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
MSR2600-6-X1/2600-10-X1 |
Yes |
MSR 2630 |
Yes |
MSR3600-28/3600-51 |
Yes |
MSR3600-28-SI/3600-51-SI |
No |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
MSR5620/5660/5680 |
Yes |
transit: Displays the LSPs taking the current LSR as a transit LSR.
vpn-instance vpn-instance-name: Displays LSPs for the specified VPN instance. The vpn-instance-name is a case-sensitive string of 1 to 31 characters. If you do not specify this option, the command displays LSPs for the public network.
ipv4-address mask-length: Displays the IPv4 LSP for an FEC specified by an IPv4 address and a mask length. The value range for the mask length is 0 to 32.
ipv6: Displays IPv6 LSP information. If you do not specify this keyword, the command displays IPv4 LSP information.
ipv6-address prefix-length: Displays the IPv6 LSP for an FEC specified by an IPv6 address and a prefix length. The value range for the prefix length is 0 to 128.
verbose: Displays detailed LSP information. If you do not specify this keyword, the command displays brief LSP information.
Usage guidelines
If you do not specify any parameters, this command displays brief information about all LSPs. If you specify only the verbose keyword, this command displays detailed information about all LSPs.
Examples
# Display brief information about all IPv4 LSPs.
<Sysname> display mpls lsp
FEC Proto In/Out Label Interface/Out NHLFE
100.100.100.100/24 LDP -/1049 GE2/0/1
Backup -/1050 GE2/0/2
100.100.100.10/24 LDP -/1051 GE2/0/3
Backup -/1050 GE2/0/2
100.100.100.10/24 LDP -/1049 GE2/0/3
101.100.100.10/24 LDP 1026/1049 GE2/0/1
102.100.100.10/24 LDP 1027/- -
103.100.100.10/24 LDP 1028/1049 Tunnel10
110.100.100.20/24 BGP -/1049 GE2/0/1
111.100.100.10/24 BGP 2028/1049 GE2/0/1
112.100.100.10/24 BGP 2029/- GE2/0/1
113.100.100.10/24 BGP 2030/1049 NHLFE1500
114.100.100.10/24 BGP 2031/1050 Tunnel100
100.100.100.100 Local -/- GE2/0/1
101.101.101.101/32 Static -/100 GE2/0/1
- Static 100/200 GE2/0/1
- Static 101/- GE2/0/1
200.200.200.200/64000/64000 RSVP -/1030 GE2/0/2
201.200.200.200/64000/64000 RSVP 1024/1031 GE2/0/2
202.200.200.200/64000/64000 RSVP 1025/- -
150.140.150.100/64001/0 StaticCR -/1000 GE2/0/2
- StaticCR 50/1001 GE2/0/2
- StaticCR 51/- -
Table 4 Command output
Field |
Description |
FEC |
Forwarding equivalence class: · IP address/mask—Classifies FECs by destination address. · IP address—Classifies FECs by next hop. · IP address/Out Label—Classifies FECs by next hop and outgoing label. · Ingress LSR ID/Tunnel ID/LSP ID—RSVP TE FEC. · - (a hyphen)—The LSP is a static transit LSP, static egress LSP, adjacency path for static SRLSPs, static transit CRLSP, or static egress CRLSP. · Backup—The LSP is a backup LSP of the previous LSP. |
Proto |
Label distribution protocol: · LDP. · BGP. · RSVP. · Static. · StaticCR—Static CRLSP or static SRLSP. · Local—LSP to a direct next hop, or LSP that uses a local MPLS TE tunnel interface or tunnel bundle interface as the LSP head. |
In/Out Label |
Incoming label/outgoing label. |
Interface/Out NHLFE |
Outgoing interface name or NHLFE entry index. NHLFEnumber specifies the outer LSP that carries the current LSP. The outer LSP is that matches the NHLFE entry with an NID of number. |
# Display IPv6 LSP information.
<Sysname> display mpls lsp ipv6
FEC : 100:100:100:100:100:100:100:100/128
Protocol : BGP In-Label : 2050
Out-Label: 10003 Out-Interface: GE2/0/1
BkLabel : 10004 BkInterface : GE2/0/2
Table 5 Command output
Field |
Description |
FEC |
Forwarding equivalence class: · IP address/mask—Classifies FECs by destination address. · IP address—Classifies FECs by next hop. · IP address/Out Label—Classifies FECs by next hop and outgoing label. · Ingress LSR ID/Tunnel ID/LSP ID—RSVP TE FEC. · - (a hyphen)—The LSP is a static transit LSP, static egress LSP, static transit CRLSP, or static egress CRLSP. |
Protocol |
Label distribution protocol: · LDP. · BGP. · RSVP. · Static. · StaticCR—Static CRLSP or static SRLSP. · Local—LSP to a direct next hop, or LSP that uses a local MPLS TE tunnel interface or tunnel bundle interface as the LSP head. |
BkLabel |
Outgoing label of the backup LSP. |
BkInterface |
Outgoing interface of the backup LSP. |
# Display detailed information about all LSPs.
<Sysname> display mpls lsp verbose
Destination : 56.10.10.2
FEC : 56.10.10.2/32
Protocol : LDP
LSR Type : Egress
Service : Statistics
In-Label : 1024
State : Active
Inbound Statistics:
Octets : 13000
Packets : 100
Errors : 0
Discards : 0
Destination : 56.10.10.4
FEC : 56.10.10.2/32
Protocol : LDP
LSR Type : Transit
Service : Statistics
In-Label : 1026
Inbound Statistics:
Octets : 10600
Packets : 100
Errors : 0
Discards : 0
Path ID : 0x40000000.1
State : Active
Out-Label : 1800
Nexthop : 10.1.1.2
Out-Interface: GE2/0/1
BkLabel : 1900
BkNexthop : 20.1.1.2
BkInterface : GE2/0/2
Outbound Statistics:
Octets : 12600
Packets : 100
Errors : 0
Discards : 0
Destination : 56.10.10.4
FEC : 56.10.10.2/32
Protocol : LDP
LSR Type : Ingress
Service : -
NHLFE ID : 2000
State : Active
Out-Label : 1800
Nexthop : 10.1.1.2
Out-Interface: GE2/0/1
Table 6 Command output
Field |
Description |
Destination |
LSP destination address. |
FEC |
Forwarding equivalence class: · IP address/mask—Classifies FECs by destination address. · IP address—Classifies FECs by next hop. · IP address/Out Label—Classifies FECs by next hop and outgoing label. · Ingress LSR ID/Tunnel ID/LSP ID—RSVP TE FEC. · - (a hyphen)—The LSP is a static transit LSP, static egress LSP, static transit CRLSP, or static egress CRLSP. |
Protocol |
Label distribution protocol: · LDP. · BGP (instance-name)—The instance-name specifies a BGP instance name. The value of default represents the default BGP instance. · RSVP. · Static. · StaticCR—Static CRLSP. · Local—LSP to a direct next hop, or LSP that uses a local MPLS TE tunnel interface or tunnel bundle interface as the LSP head. |
LSR Type |
LSR type: · Ingress—The current LSR is the ingress node of the LSP. · Transit—The current LSR is a transit node of the LSP. · Egress—The current LSR is the egress node of the LSP. |
Service |
Service deployed on the LSP. The service can only be Statistics, which indicates the MPLS forwarding statistics feature. |
Path ID |
Forwarding path. The value is in the format of 0xnn.m. The nn represents the NHLFE group ID of the outer LSPs that carry the current LSP, and m represents the sequence number of the equivalence path. |
NHLFE ID |
NHLFE entry index. |
State |
LSP state: · Active—The LSP is in use. · Inactive—The LSP is idle. |
Inbound Statistics |
MPLS forwarding statistics in inbound direction: · Octets—Number of received octets. · Packets—Number of received packets. · Errors—Number of received error packets. · Discards—Number of discarded packets. |
BkLabel |
Outgoing label of the backup LSP. |
BkNexthop |
Next hop address of the backup LSP. |
BkInterface |
Outgoing interface of the backup LSP. |
Outbound Statistics |
MPLS forwarding statistics in outbound direction: · Octets—Number of sent octets. · Packets—Number of sent packets. · Errors—Number of error packets. · Discards—Number of discarded packets. |
Related commands
display mpls lsp statistics
display mpls lsp statistics
Use display mpls lsp statistics to display LSP statistics.
Syntax
display mpls lsp statistics [ ipv6 ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
ipv6: Displays IPv6 LSP statistics. If you do not specify this keyword, the command displays IPv4 LSP statistics.
Examples
# Display IPv4 LSP statistics.
<Sysname> display mpls lsp statistics
LSP Type Ingress/Transit/Egress Active
Static LSP 0/0/0 0/0/0
Static CRLSP 0/0/0 0/0/0
LDP LSP 2/2/1 2/2/1
RSVP CRLSP 0/0/0 0/0/0
BGP LSP 0/0/0 0/0/0
Local LSP 2/0/0 2/0/0
-----------------------------------------------------
Total 4/2/1 4/2/1
# Display IPv6 LSP statistics.
<Sysname> display mpls lsp statistics ipv6
LSP Type Ingress/Transit/Egress Active
Static LSP 0/0/0 0/0/0
Static CRLSP 0/0/0 0/0/0
LDP LSP 6/6/2 6/6/2
RSVP CRLSP 0/0/0 0/0/0
BGP LSP 0/0/0 0/0/0
Local LSP 2/0/0 2/0/0
-----------------------------------------------------
Total 8/6/2 8/6/2
Table 7 Command output
Field |
Description |
LSP Type |
LSP types: · Static LSP. · Static CRLSP—Static CRLSP or static SRLSP. · LDP LSP. · Local LSP—LSP to a direct next hop, or LSP that uses a local MPLS TE tunnel interface or tunnel bundle interface as the LSP head. · RSVP CRLSP. · BGP LSP. |
Total |
Total number of LSPs. |
Ingress |
Number of LSPs that take the local device as the ingress node. |
Transit |
Number of LSPs that take the local device as a transit node. |
Egress |
Number of LSPs that take the local device as the egress node. |
Active |
Number of active LSPs of a type. |
display mpls nib
Use display mpls nib to display MPLS Nexthop Information Base (NIB) information.
Syntax
display mpls nib [ nib-id ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
nib-id: Specifies a next hop ID in the range of 1 to FFFFFFFFFFFFFFFE. If you do not specify a next hop, this command displays information about all MPLS next hops.
Examples
# Display information about all MPLS next hops.
<Sysname> display mpls nib
NIB ID: 0x40000000
Users: 1
Status: Active
ECMP number: 1
Outgoing NHLFE ID: 1024
Backup outgoing NHLFE ID: 1027
Table 8 Command output
Field |
Description |
NIB ID |
ID of the next hop. |
Users |
Number of ILM entries that use this next hop. |
Status |
Next hop status: · Active—The next hop is active. · Dummy—The next hop is inactive. |
ECMP number |
Number of equal-cost NHLFE entries. |
Outgoing NHLFE ID |
ID of the NHLFE entry to which the next hop corresponds. |
Backup outgoing NHLFE ID |
ID of the backup NHLFE entry. |
display mpls nid
Use display mpls nid to display usage information for NIDs.
Syntax
display mpls nid [ nid-value1 [ to nid-value2 ] ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
nid-value1: Specifies an NID. The value range for this argument is 0 to 65535. If used with the nid-value2 argument, the nid-value1 argument represents the start NID of an NID range.
to nid-value2: Specifies the end NID of the NID range. The value range for the end NID is 0 to 65535. If you specify an NID range by using the nid-value1 argument and the to nid-value2 option, this command displays usage information for the specified range of NIDs.
Usage guidelines
NIDs are 32-bit binary numbers. They include fixed NIDs and dynamic NIDs.
· Fixed NIDs—Generated for tunnel interfaces or tunnel bundle interfaces. The highest four bits are a value other than 0000.
· Dynamic NIDs—NIDs except fixed NIDs. The highest four bits are 0s.
This command displays usage information only for dynamic NIDs.
If you do not specify any parameters, this command displays usage information for all dynamic NIDs.
Examples
# Display usage information for dynamic NIDs 1028 through 1500.
<Sysname> display mpls nid 1028 to 1500
NID alloc state: '.' means not used, '$' means used
1028 :...$.... ........ ........ ........ ........ ........ ........ ........
1092 :........ ........ ........ ........ ........ ........ ........ ........
1156 :........ ........ ........ ........ ........ ........ ........ ........
1220 :........ ........ ........ ........ ........ ........ ........ ........
1284 :........ ........ ........ ........ ........ ........ ........ ........
1348 :........ ........ ........ ........ ........ ........ ........ ........
1412 :........ ........ ........ ........ ........ ........ ........ ........
1476 :........ ........ ........ .
display mpls summary
Use display mpls summary to display MPLS summary information.
Syntax
display mpls summary
Views
Any view
Predefined user roles
network-admin
network-operator
Examples
# Display MPLS summary information.
<Sysname> display mpls summary
MPLS LSR ID : 1.1.1.1
Egress Label Type: Implicit-null
Labels:
Range Idle
16-2047 2030
2048-699999 697952
700000-709999 10000
710000-774999 65000
775000-1039999 265000
1040000-1048000 8001
Protocols:
Type State
LDP Normal
RSVP Normal
BGP(default) Normal
Static Normal
CCC Normal
StaticCR Normal
Local Normal
BGP(xy) Normal
BGP(abc) Normal
Table 9 Command output
Field |
Description |
Egress Label Type |
Label type that the egress assigns to the penultimate hop: · Implicit-null. · Explicit-null. · Non-null. |
Labels |
Label information. |
Range |
Label range. |
Idle |
Number of idle labels in the label range. |
Protocols |
Label distribution protocols that generated LSPs and their running states. |
Type |
Protocol type: LDP, BGP (instance-name), RSVP, Static, StaticCR, TE, or CCC. The instance-name specifies a BGP instance name. The value of default represents the default BGP instance. |
State |
Label distribution protocol running state: · Normal. · Recover—The protocol is in the GR process. |
ftn enable
Use ftn enable to enable the device to maintain FEC-to-NHLFE map (FTN) entries in the RIB.
Use undo ftn enable to disable the device to maintain FTN entries in the RIB.
Syntax
ftn enable
undo ftn enable
Default
The device does not maintain FTN entries in the RIB.
Views
RIB IPv4 address family view
Predefined user roles
network-admin
Usage guidelines
FTN entries are FIB entries that contain outgoing labels. When an LSR receives an unlabeled packet, it searches the corresponding FTN entry based on the destination IP address. If a match is found, the LSR adds the outgoing label in the FTN entry to the packet and forwards the labeled packet.
For the device to collect FTN forwarding statistics, you must execute the ftn enable command first, and then use the mpls-forwarding statistics prefix-list command to enable FTN forwarding statistics.
Examples
# Enable the device to maintain FTN entries in the RIB.
<Sysname> system-view
[Sysname] rib
[system-rib] address-family ipv4
[system-rib-ipv4] ftn enable
mpls-forwarding statistics prefix-list
mpls enable
Use mpls enable to enable MPLS on an interface.
Use undo mpls enable to disable MPLS on an interface.
Syntax
mpls enable
undo mpls enable
Default
MPLS is disabled on an interface.
Views
Interface view
Predefined user roles
network-admin
Examples
# Enable MPLS on interface GigabitEthernet 2/0/1.
<Sysname> System-view
[Sysname] interface gigabitethernet 2/0/1
[Sysname-GigabitEthernet2/0/1] mpls enable
Related commands
display mpls interface
mpls forwarding split-horizon
Use mpls forwarding split-horizon to enable split horizon for MPLS forwarding.
Use undo mpls forwarding split-horizon to disable split horizon for MPLS forwarding.
Syntax
mpls forwarding split-horizon
undo mpls forwarding split-horizon
Default
Split horizon is disabled for MPLS forwarding.
Views
System view
Predefined user roles
network-admin
Examples
# Enable split horizon for MPLS forwarding.
<Sysname> system-view
[Sysname] mpls forwarding split-horizon
mpls label advertise
Use mpls label advertise to specify the type of label the egress will advertise to the penultimate hop.
Use undo mpls label advertise to restore the default.
Syntax
mpls label advertise { explicit-null | implicit-null | non-null }
undo mpls label advertise
Default
As an egress, the device advertises an implicit null label to the penultimate hop.
Views
System view
Predefined user roles
network-admin
Parameters
explicit-null: Specifies the egress to advertise an explicit null label of 0 to the penultimate hop. implicit-null: Specifies the egress to advertise an implicit null label of 3 to the penultimate hop.
non-null: Specifies the egress to advertise a non-null label to the penultimate hop.
Usage guidelines
As a best practice, configure the egress node to advertise an implicit null label to the penultimate hop if the penultimate hop supports PHP.
If you want to simplify packet forwarding on the egress but keep labels to determine QoS policies, configure the egress node to advertise an explicit null label to the penultimate hop.
Use non-null labels only in particular scenarios. For example, when OAM is configured on the egress node, the egress node can get the OAM function entity status only through non-null labels.
As a penultimate hop, the device accepts the implicit null label, explicit null label, or non-null label advertised by the egress device.
For LDP LSPs, the mpls label advertise command triggers LDP to delete the LSPs established before the command is executed and re-establishes new LSPs.
For BGP LSPs, the mpls label advertise command takes effect only on the BGP LSPs established after the command is executed. To apply the new setting to BGP LSPs established before the command is executed, delete the routes corresponding to the BGP LSPs, and then redistribute the routes.
Examples
# Configure the egress device to advertise an explicit null label to the penultimate hop.
<Sysname> system-view
[Sysname] mpls label advertise explicit-null
Related commands
reset mpls ldp
mpls lsr-id
Use mpls lsr-id to configure an LSR ID for the local LSR.
Use undo mpls lsr-id to restore the default.
Syntax
mpls lsr-id lsr-id
undo mpls lsr-id
Default
An LSR has no LSR ID.
Views
System view
Predefined user roles
network-admin
Parameters
lsr-id: Specifies an ID for identifying the LSR, in dotted decimal notation.
Usage guidelines
As a best practice, use the address of a loopback interface on the LSR as the LSR ID.
Examples
# Configure the LSR ID as 3.3.3.3 for the local node.
<Sysname> system-view
[Sysname] mpls lsr-id 3.3.3.3
Related commands
lsr-id
mpls mtu
Use mpls mtu to set the MPLS MTU for an interface.
Use undo mpls mtu to restore the default.
Syntax
mpls mtu size
undo mpls mtu
Default
The MPLS MTU of an interface is not configured. Fragmentation for MPLS packets is based on the IP MTU. If IP MTU is not configured, fragmentation for MPLS packets is based on the MTU of the interface. The length of a fragment does not include that of the MPLS label. Thus, after an MPLS label is added into a fragment, the length of the MPLS fragment might exceed the interface MTU.
Views
Interface view
Predefined user roles
network-admin
Parameters
size: Specifies the MPLS MTU of the interface, in the range of 46 to 65535 bytes.
Usage guidelines
This command is effective only when MPLS is enabled on the interface.
If the MPLS MTU is larger than the interface MTU, data forwarding might fail.
MPLS TE tunnel interfaces do not support this command.
Examples
# Set the MPLS MTU of interface GigabitEthernet 2/0/1 to 1000 bytes.
<Sysname> system-view
[Sysname] interface gigabitethernet 2/0/1
[Sysname-GigabitEthernet2/0/1] mpls enable
[Sysname-GigabitEthernet2/0/1] mpls mtu 1000
Related commands
display mpls interface
mpls statistics
Use mpls statistics to enable MPLS label forwarding statistics for LSPs.
Use undo mpls statistics to disable MPLS label forwarding statistics for LSPs.
Syntax
mpls statistics { all | [ vpn-instance vpn-instance-name ] { ipv4 ipv4-address mask-length | ipv6 ipv6-address prefix-length } | static | te ingress-lsr-id tunnel-id }
undo mpls statistics { all | [ vpn-instance vpn-instance-name ] { ipv4 ipv4-address mask-length | ipv6 ipv6-address prefix-length } | static | te ingress-lsr-id tunnel-id }
Default
MPLS label forwarding statistics are disabled for all LSPs.
Views
System view
Predefined user roles
network-admin
Parameters
all: Specifies all LSPs.
vpn-instance vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command enables MPLS forwarding statistics for public LSPs.
ipv4 ipv4-address mask-length: Specifies the IPv4 LSP for an FEC specified by an IPv4 address and a mask length. The mask length is in the range of 0 to 32.
ipv6 ipv6-address prefix-length: Specifies the BGP-IPv6 LSP for an FEC specified by an IPv6 address and a prefix length. The prefix length is in the range of 0 to 128.
static: Specifies static LSPs, static CRLSPs, and static SRLSPs.
te ingress-lsr-id tunnel-id: Specifies an RSVP-TE tunnel. The ingress-lsr-id represents the LSR ID of the ingress node of the tunnel. The tunnel-id argument represents the ID of the tunnel.
The following matrix shows the tunnel-id argument and hardware compatibility:
Hardware |
Argument compatibility |
Value range |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
N/A |
MSR2600-6-X1/2600-10-X1 |
Yes |
0 to 10239 |
MSR 2630 |
Yes |
0 to 10239 |
MSR3600-28/3600-51 |
Yes |
0 to 10239 |
MSR3600-28-SI/3600-51-SI |
No |
N/A |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
0 to 10239 |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
0 to 10239 |
MSR5620/5660/5680 |
Yes |
0 to 10239 |
Hardware |
Argument compatibility |
Value range |
MSR810-LM-GL |
No |
N/A |
MSR810-W-LM-GL |
No |
N/A |
MSR830-6EI-GL |
No |
N/A |
MSR830-10EI-GL |
No |
N/A |
MSR830-6HI-GL |
No |
N/A |
MSR830-10HI-GL |
No |
N/A |
MSR2600-6-X1-GL |
Yes |
0 to 10239 |
MSR3600-28-SI-GL |
No |
N/A |
Usage guidelines
MPLS label forwarding forwards a labeled packet based on its incoming label. MPLS label forwarding statistics is enabled by this command.
FTN forwarding adds a label to an unlabeled packet, and forwards the labeled packet. FTN forwarding statistics collection is enabled by the mpls-forwarding statistics prefix-list command in RIB IPv4 address family view.
To display MPLS label forwarding statistics by using the display mpls lsp verbose command, you must perform the following tasks:
1. Use the mpls statistics command to enable the MPLS label forwarding statistics feature.
2. Use the mpls statistics interval command to enable the MPLS statistics reading feature.
Examples
# Enable MPLS label forwarding statistics for the LSP destined for 2.2.2.2/32.
<Sysname> system-view
[Sysname] mpls statistics ipv4 2.2.2.2 32
Related commands
display mpls lsp verbose
mpls statistics interval
reset mpls statistics
mpls statistics interval
Use mpls statistics interval to enable MPLS label forwarding statistics reading and set the reading interval.
Use undo mpls statistics interval to disable MPLS label forwarding statistics reading.
Syntax
mpls statistics interval interval
undo mpls statistics interval
Default
MPLS forwarding statistics reading is disabled.
Views
System view
Predefined user roles
network-admin
Parameters
interval: Specifies the MPLS label forwarding statistics reading interval in the range of 30 to 65535 seconds.
Usage guidelines
To display MPLS label forwarding statistics by using the display mpls lsp verbose command, you must perform the following tasks:
1. Use the mpls statistics command to enable the MPLS label forwarding statistics feature.
2. Use the mpls statistics interval command to enable the MPLS statistics reading feature.
Examples
# Enable MPLS label forwarding statistics reading and set the reading interval to 30 seconds.
<Sysname> system-view
[Sysname] mpls statistics interval 30
Related commands
display mpls lsp verbose
mpls statistics
reset mpls statistics
mpls ttl expiration enable
Use mpls ttl expiration enable to enable sending MPLS TTL-expired messages.
Use undo mpls ttl expiration enable to disable sending MPLS TTL-expired messages.
Syntax
mpls ttl expiration enable
undo mpls ttl expiration enable
Default
The MPLS TTL-expired messages sending feature is enabled.
Views
System view
Predefined user roles
network-admin
Usage guidelines
This command enables an LSR to generate an ICMP TTL-expired message upon receiving an MPLS packet with TTL being 1.
· If the MPLS packet has only one label, the LSR sends the ICMP TTL-expired message back to the source through IP routing.
· If the MPLS packet has multiple labels, the LSR forwards the ICMP TTL-expired message along the LSP of the MPLS packet to the egress. Then, the egress sends the message back to the source.
Examples
# Disable sending MPLS TTL-expired messages.
<Sysname> system-view
[Sysname] undo mpls ttl expiration enable
mpls ttl propagate
Use mpls ttl propagate to enable TTL propagation.
Use undo mpls ttl propagate to disable TTL propagation.
Syntax
mpls ttl propagate { public | vpn }
undo mpls ttl propagate { public | vpn }
Default
TTL propagation is enabled for public network packets and is disabled for VPN packets.
Views
System view
Predefined user roles
network-admin
Parameters
public: Specifies public network packets.
vpn: Specifies VPN packets.
Usage guidelines
When TTL propagation is enabled, MPLS performs the following operations:
· Copies the IP TTL to the label TTL for packets entering the MPLS network.
· Copies the label TTL to the IP TTL for packets leaving the MPLS network.
If you enable TTL propagation on both the ingress and egress, the IP tracert facility can show the real path in the MPLS network.
When TTL propagation is disabled, MPLS performs the following operations:
· Sets the label TTL to 255 for packets entering the MPLS network.
· Pops the label for packets leaving the MPLS network, without copying the label TTL value to the IP TTL.
The IP tracert facility cannot show the real path in the MPLS network.
Within an MPLS network, TTL is always copied between the labels of an MPLS packet. The mpls ttl propagate command affects only the propagation between IP TTL and label TTL.
As a best practice, set the same TTL processing mode on all LSRs of an LSP.
To enable TTL propagation for a VPN, you must enable it on all PE devices in the VPN. This allows you to obtain the same traceroute result (hop count) from those PEs.
Examples
# Enable TTL propagation for VPN packets.
<Sysname> system-view
[Sysname] mpls ttl propagate vpn
mpls-forwarding statistics prefix-list
Use mpls-forwarding statistics prefix-list to enable FTN forwarding statistics for a destination network.
Use undo mpls-forwarding statistics prefix-list to disable FTN forwarding statistics for a destination network.
Syntax
mpls-forwarding statistics prefix-list prefix-list-name
undo mpls-forwarding statistics prefix-list prefix-list-name
Default
FTN forwarding statistics are disabled for all destination networks.
Views
RIB IPv4 address family view
Predefined user roles
network-admin
Parameter
prefix-list-name: Specifies an IPv4 address prefix list, a case-sensitive string of 1 to 63 characters. This command applies only to the destination networks that permitted by the prefix list.
Usage guidelines
FTN forwarding adds a label to an unlabeled packet, and forwards the labeled packet. FTN forwarding statistics collection is enabled by this command.
MPLS label forwarding forwards a labeled packet based on its incoming label. MPLS label forwarding statistics collection is enabled by the mpls statistics command.
Before executing this command, use the ftn enable command to enable the device to maintain FTN entries in the RIB.
Examples
# Enable FTN forwarding statistics for destination network 2.2.2.0/24.
<Sysname> system-view
[Sysname] ip prefix-list abc permit 2.2.2.0 24
[Sysname] rib
[system-rib] address-family ipv4
[system-rib-ipv4] ftn enable
[system-rib-ipv4] mpls-forwarding statistics prefix-list abc
Related commands
ftn enable
mpls statistics
mpls statistics interval
reset mpls statistics
Use reset mpls statistics to clear MPLS forwarding statistics for the specified LSPs.
Syntax
reset mpls statistics { all | [ vpn-instance vpn-instance-name ] { ipv4 ipv4-address mask-length | ipv6 ipv6-address prefix-length } | static | te ingress-lsr-id tunnel-id }
Views
User view
Predefined user roles
network-admin
Parameters
all: Specifies all LSPs.
vpn-instance vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command clears MPLS forwarding statistics for public LSPs.
ipv4 ipv4-address mask-length: Specifies the IPv4 LSP for an FEC specified by an IPv4 address and a mask length. The mask length is in the range of 0 to 32.
ipv6 ipv6-address prefix-length: Specifies the BGP-IPv6 LSP for an FEC specified by an IPv6 address and a prefix length. The prefix length is in the range of 0 to 128.
static: Specifies static LSPs and static CRLSPs.
te ingress-lsr-id tunnel-id: Specifies an RSVP-TE tunnel. The ingress-lsr-id argument represents the LSR ID of the ingress node of the tunnel. The tunnel-id argument represents the ID of the tunnel.
The following matrix shows the tunnel-id argument and hardware compatibility:
Hardware |
Argument compatibility |
Value range |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
N/A |
MSR2600-6-X1/2600-10-X1 |
Yes |
0 to 10239 |
MSR 2630 |
Yes |
0 to 10239 |
MSR3600-28/3600-51 |
Yes |
0 to 10239 |
MSR3600-28-SI/3600-51-SI |
No |
N/A |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
0 to 10239 |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
0 to 10239 |
MSR5620/5660/5680 |
Yes |
0 to 10239 |
Hardware |
Argument compatibility |
Value range |
MSR810-LM-GL |
No |
N/A |
MSR810-W-LM-GL |
No |
N/A |
MSR830-6EI-GL |
No |
N/A |
MSR830-10EI-GL |
No |
N/A |
MSR830-6HI-GL |
No |
N/A |
MSR830-10HI-GL |
No |
N/A |
MSR2600-6-X1-GL |
Yes |
0 to 10239 |
MSR3600-28-SI-GL |
No |
N/A |
Examples
# Clear MPLS forwarding statistics for the LSP destined for 2.2.2.2/32.
<Sysname> reset mpls statistics ipv4 2.2.2.2 32
Related commands
display mpls lsp verbose
mpls statistics
mpls statistics interval
snmp-agent trap enable mpls
Use snmp-agent trap enable mpls to enable SNMP notifications for MPLS.
Use undo snmp-agent trap enable mpls to disable SNMP notifications for MPLS.
Syntax
snmp-agent trap enable mpls
undo snmp-agent trap enable mpls
Default
SNMP notifications for MPLS are disabled.
Views
System view
Predefined user roles
network-admin
Usage guidelines
To report critical MPLS events to an NMS, enable SNMP notifications for MPLS. For MPLS event notifications to be sent correctly, you must also configure SNMP on the device. For more information about SNMP configuration, see the network management and monitoring configuration guide for the device.
Examples
# Enable SNMP notifications for MPLS.
<Sysname> system-view
[Sysname] snmp-agent trap enable mpls
Static LSP commands
The following matrix shows the feature and hardware compatibility:
Hardware |
Static LSP compatibility |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
MSR2600-6-X1/2600-10-X1 |
Yes |
MSR 2630 |
Yes |
MSR3600-28/3600-51 |
Yes |
MSR3600-28-SI/3600-51-SI |
Yes |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
MSR5620/5660/5680 |
Yes |
Hardware |
Static LSP compatibility |
MSR810-LM-GL |
No |
MSR810-W-LM-GL |
No |
MSR830-6EI-GL |
No |
MSR830-10EI-GL |
No |
MSR830-6HI-GL |
No |
MSR830-10HI-GL |
No |
MSR2600-6-X1-GL |
Yes |
MSR3600-28-SI-GL |
Yes |
display mpls static-lsp
Use display mpls static-lsp to display static LSP information.
Syntax
display mpls static-lsp [ lsp-name lsp-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
lsp-name lsp-name: Specifies a static LSP by its name, a case-sensitive string of 1 to 15 characters. If you do not specify a static LSP, this command displays information about all static LSPs.
Examples
# Display information about all static LSPs.
<Sysname> display mpls static-lsp
Total: 3
Name FEC In/Out Label Nexthop/Out Interface State
egress123 -/- 16/NULL - Up
ingress123 202.118.224.132/32 NULL/1022 100.100.100.19 Down
transit123 -/- 32/1022 100.100.100.17 Down
Table 10 Command output
Field |
Description |
Total |
Total number of static LSPs. |
Name |
Name of the static LSP. |
FEC |
Forwarding equivalence class—IP prefix and the prefix length. |
In/Out Label |
Incoming label/outgoing label. |
Nexthop/Out Interface |
Next hop address or outgoing interface specified for an ingress node or a transit node. |
State |
Current state of the static LSP: · Up—The static LSP is available. · Down—The static LSP is not available. · Idle—The incoming label of the static LSP is not available. · Dup—The incoming label of the static LSP is used by a static CRLSP or a static PW. |
static-lsp egress
Use static-lsp egress to configure the egress node of a static LSP.
Use undo static-lsp egress to delete the egress node configuration of a static LSP.
Syntax
static-lsp egress lsp-name in-label in-label [ destination ip-address { mask | mask-length } ]
undo static-lsp egress lsp-name
Default
No static LSPs exist.
Views
System view
Predefined user roles
network-admin
Parameters
lsp-name: Specifies a name for the static LSP, a case-sensitive string of 1 to 15 characters.
in-label in-label: Specifies an incoming label in the range of 16 to 1023.
destination ip-address: Specifies a destination IP address for the LSP.
mask: Specifies the mask of the destination IP address.
mask-length: Specifies the mask length of the destination address, in the range of 0 to 32.
Usage guidelines
You must specify the incoming label on the egress node if PHP is not configured. If PHP is not configured, an egress node pops the incoming label of a packet, and performs label forwarding according to the inner label or IP forwarding.
To associate a static LSP with an LDP LSP, you must specify the incoming label and destination address on the egress node of the static LSP.
You can associate a static LSP with an LDP LSP to simplify packet processing when the following conditions are met:
· Packets are forwarded over the static LSP and the LDP LSP to the destination.
· The egress node of the static LSP is also the ingress node of the LDP LSP.
After receiving a packet with the specified incoming label, the egress node of the static LSP swaps the label with the outgoing label for the LDP LSP. Then, the node forwards the packet to the next hop.
A static LSP must have a different incoming label than an existing static CRLSP or static PW. If they are the same, the static LSP is not available, even if you change the incoming label of the static CRLSP or the static PW. To make the static LSP available, delete the static LSP, and reconfigure it with an unused incoming label.
Examples
# Configure a static LSP on the egress node: specify the LSP's name as bj-sh and incoming label as 233.
<Sysname> system-view
[Sysname] static-lsp egress bj-sh in-label 233
Related commands
display mpls static-lsp
static-lsp ingress
Use static-lsp ingress to configure the ingress node of a static LSP.
Use undo static-lsp ingress to delete the ingress node configuration of a static LSP.
Syntax
static-lsp ingress lsp-name destination ip-address { mask | mask-length } { nexthop next-hop-ip-address | outgoing-interface interface-type interface-number } out-label out-label
undo static-lsp ingress lsp-name
Default
No static LSPs exist.
Views
System view
Predefined user roles
network-admin
Parameters
lsp-name: Specifies a name for the static LSP, a case-sensitive string of 1 to 15 characters.
destination ip-address: Specifies a destination IP address for the LSP.
mask: Specifies the mask of the destination IP address.
mask-length: Specifies the mask length of the destination address, in the range of 0 to 32.
nexthop next-hop-ip-address: Specifies a next hop address.
outgoing-interface interface-type interface-number: Specifies an outgoing interface by its type and number. The specified interface must be a point-to-point interface.
out-label out-label: Specifies an outgoing label. The label value can be 0, 3, or an integer in the range of 16 to 1048575.
Usage guidelines
The next hop or outgoing interface specified for the LSP must be consistent with that of the optimal route destined for the specified address. If you configure a static IP route for the LSP, be sure to specify the same next hop or outgoing interface for the static route and the static LSP.
You must enable MPLS on the outgoing interface of the static LSP.
Examples
# Configure a static LSP on the ingress node: specify the LSP's name as bj-sh, destination address as 202.25.38.1/24, next hop address as 202.55.25.33, and outgoing label as 237.
<Sysname> system-view
[Sysname] static-lsp ingress bj-sh destination 202.25.38.1 24 nexthop 202.55.25.33 out-label 237
Related commands
display mpls static-lsp
static-lsp transit
Use static-lsp transit to configure the transit node of a static LSP.
Use undo static-lsp transit to delete the transit node configuration of a static LSP.
Syntax
static-lsp transit lsp-name in-label in-label { nexthop next-hop-ip-address | outgoing-interface interface-type interface-number } out-label out-label
undo static-lsp transit lsp-name
Default
No static LSPs exist.
Views
System view
Predefined user roles
network-admin
Parameters
lsp-name: Specifies a name for the static LSP, a case-sensitive string of 1 to 15 characters.
in-label in-label: Specifies an incoming label in the range of 16 to 1023.
nexthop next-hop-ip-address: Specifies a next hop address.
outgoing-interface interface-type interface-number: Specifies an outgoing interface by its type and number. The specified interface must be a point-to-point interface.
out-label out-label: Specifies an outgoing label. The label value can be 0, 3, or an integer in the range of 16 to 1048575.
Usage guidelines
You must enable MPLS on the outgoing interface of the static LSP.
A static LSP must have a different incoming label than an existing static CRLSP or static PW. If they are the same, the static LSP is not available, even if you change the incoming label of the static CRLSP or the static PW. To make the static LSP available, delete the static LSP, and reconfigure it with an unused incoming label.
Examples
# Configure a static LSP on the transit node: specify the LSP's name as bj-sh, incoming label as 123, next hop address as 202.34.114.7, and outgoing label as 253.
<Sysname> system-view
[Sysname] static-lsp transit bj-sh in-label 123 nexthop 202.34.114.7 out-label 253
Related commands
display mpls static-lsp
LDP commands
The following matrix shows the feature and hardware compatibility:
Hardware |
LDP compatibility |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
MSR2600-6-X1/2600-10-X1 |
Yes |
MSR 2630 |
Yes |
MSR3600-28/3600-51 |
Yes |
MSR3600-28-SI/3600-51-SI |
Yes |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
MSR5620/5660/5680 |
Yes |
Hardware |
LDP compatibility |
MSR810-LM-GL |
No |
MSR810-W-LM-GL |
No |
MSR830-6EI-GL |
No |
MSR830-10EI-GL |
No |
MSR830-6HI-GL |
No |
MSR830-10HI-GL |
No |
MSR2600-6-X1-GL |
Yes |
MSR3600-28-SI-GL |
Yes |
Commands and descriptions for centralized devices apply to the following routers:
· MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS.
· MSR2600-6-X1/2600-10-X1.
· MSR 2630.
· MSR3600-28/3600-51.
· MSR3600-28-SI/3600-51-SI.
· MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC.
· MSR 3610/3620/3620-DP/3640/3660.
Commands and descriptions for distributed devices apply to the following routers:
· MSR5620.
· MSR 5660.
· MSR 5680.
IPv6-related parameters are not supported on the MSR3600-28-SI/3600-51-SI routers.
LDP common commands
backoff
Use backoff to set the LDP backoff initial delay time and maximum delay time.
Use undo backoff to restore the default.
Syntax
backoff initial initial-time maximum maximum-time
undo backoff
Default
The LDP backoff initial delay time is 15 seconds, and the maximum delay time is 120 seconds.
Views
LDP view
LDP-VPN instance view
Predefined user roles
network-admin
Parameters
initial initial-time: Specifies the LDP backoff initial delay time in the range of 15 to 50331 seconds.
maximum maximum-time: Specifies the LDP backoff maximum delay time in the range of 120 to 50331 seconds.
Usage guidelines
LDP peers continually negotiate with each other until a session is set up. If LDP peers use incompatible negotiation parameters (for example, different label advertisement modes), a large amount of negotiation traffic will enter the network. To suppress LDP session negotiation traffic, use this command to control the interval between negotiation attempts.
After LDP fails to establish a session to a peer LSR for the first time, LDP does not start another attempt until the initial delay timer expires. If the session setup fails again, LDP waits for two times the previous delay before the next attempt. This process continues until the maximum delay time is reached. After that, the maximum delay time always takes effect.
If you configure the initial delay time to be larger than the maximum delay time, the configuration does not take effect. LDP uses the maximum delay time as the initial delay time.
Examples
# Configure LDP backoff for the public network, and set the initial delay time to 100 seconds and the maximum delay time to 300 seconds.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] backoff initial 100 maximum 300
display mpls ldp discovery
Use display mpls ldp discovery to display LDP discovery information.
Syntax
display mpls ldp discovery [ vpn-instance vpn-instance-name ] [ [ interface interface-type interface-number | peer peer-lsr-id ] [ ipv6 ] | [ targeted-peer { ipv4-address | ipv6-address } ] ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. This command displays LDP discovery information for the specified VPN instance. If you do not specify a VPN instance, this command displays LDP discovery information for the public network.
interface interface-type interface-number: Specifies an interface by its type and number. This command displays information about basic discovery that uses the interface to send Link Hellos.
peer peer-lsr-id: Specifies an LDP peer by its LSR ID. This command displays information about both basic discovery and extended discovery that have discovered the specified LDP peer.
ipv6: Displays LDP IPv6 basic and extended discovery information. If you do not specify this keyword, the command displays LDP IPv4 basic and extended discovery information.
targeted-peer { ipv4-address | ipv6-address }: Specifies an LDP peer by its IPv4/IPv6 address. This command displays information about extended discovery that has sent Targeted Hellos to the specified LDP peer.
verbose: Displays detailed LDP discovery information. If you do not specify this keyword, the command displays brief LDP discovery information.
Usage guidelines
If you do not specify any parameters, this command displays all LDP IPv4 basic and extended discovery information.
Examples
# Display brief LDP IPv4 discovery information for the public network.
<Sysname> display mpls ldp discovery
Type: L - Link Hello, T - Targeted Hello
Discovery Source Hello Sent/Rcvd Peer LDP ID
(L) GE2/0/2 83/80 100.100.100.18:0
200.100.100.18:0
(T) 100.100.100.18 23/20 100.100.100.18:0
Table 11 Command output
Field |
Description |
Type |
Type of LDP discovery: · L—Basic discovery, which sends Link Hellos to discover peers. · T—Extended discovery, which sends Targeted Hellos to discover peers. |
Discovery Source |
Discovery source. · If the LDP discovery type is L, this field displays the interface that discovers the peer. · If the LDP discovery type is T, this field displays the IPv4 address of the peer. |
Hello Sent/Rcvd |
Number of hellos sent to the peer/number of hellos received from the peer. |
Peer LDP ID |
LDP identifier of the LDP peer. |
# Display brief LDP IPv6 discovery information for the public network.
<Sysname> display mpls ldp discovery ipv6
Interface: GigabitEthernet2/0/2
Hello Sent/Rcvd: 12/12
Peer LDP ID: 100.100.100.18:0
Peer LDP ID: 200.200.200.28:0
Targeted Hellos: 2001:0000:130F::09C0:876A:130B ->
2005:130F::09C0:876A:130B
Hello Sent/Rcvd: 93/80
Peer LDP ID: 100.100.100.180:0
Table 12 Command output
Field |
Description |
Interface |
Interface that discovers the LDP peer by using basic discovery. |
Hello Sent/Rcvd |
Number of hellos sent to the peer/number of hellos received from the peer. |
Peer LDP ID |
LDP identifier of the LDP peer. |
Targeted Hellos |
Extended LDP discovery information. The address before -> is the local IP address. The address after -> is the peer IP address. |
# Display detailed LDP IPv4 discovery information for the public network.
<Sysname> display mpls ldp discovery verbose
Link Hellos:
Interface GigabitEthernet2/0/2
Hello Interval : 5000 ms Hello Sent/Rcvd : 83/160
Transport Address: 100.100.100.17
Peer LDP ID : 100.100.100.18:0
Source Address : 202.118.224.18 Transport Address: 100.100.100.18
Hello Hold Time: 15 sec (Local: 15 sec, Peer: 15 sec)
Peer LDP ID : 100.100.100.20:0
Source Address : 202.118.224.20 Transport Address: 100.100.100.20
Hello Hold Time: 15 sec (Local: 15 sec, Peer: 15 sec)
Targeted Hellos:
100.100.100.17 -> 100.100.100.18 (Active, Passive)
Hello Interval : 15000 ms Hello Sent/Rcvd : 23/20
Transport Address: 100.100.100.17
Peer LDP ID : 100.100.100.18:0
Source Address : 100.100.100.18 Transport Address: 100.100.100.18
Hello Hold Time: 45 sec (Local: 45 sec, Peer: 45 sec)
100.100.100.17 -> 100.100.100.20 (Active, Passive)
Hello Interval : 15000 ms Hello Sent/Rcvd : 23/22
Transport Address: 100.100.100.17
Peer LDP ID : 100.100.100.20:0
Source Address : 100.100.100.20 Transport Address: 100.100.100.20
Hello Hold Time: 45 sec (Local: 45 sec, Peer: 45 sec)
# Display detailed LDP IPv6 discovery information for the public network.
<Sysname> display mpls ldp discovery ipv6 verbose
Link Hellos:
Interface GigabitEthernet2/0/2
Hello Interval : 5000 ms Hello Sent/Rcvd : 83/160
Transport Address: 2001::2
Peer LDP ID : 100.100.100.18:0
Source Address : FE80:130F:20C0:29FF:FEED:9E60:876A:130B
Transport Address: 2001::1
Hello Hold Time: 15 sec (Local: 15 sec, Peer: 15 sec)
Targeted Hellos:
2001:0000:130F::09C0:876A:130B ->
2005:130F::09C0:876A:130B(Active, Passive)
Hello Interval : 15000 ms Hello Sent/Rcvd : 23/22
Transport Address: 2001:0000:130F::09C0:876A:130B
Peer LDP ID : 100.100.100.18:0
Source Address : 2005:130F::09C0:876A:130B
Destination Address : 2001:0000:130F::09C0:876A:130B
Transport Address : 2005:130F::09C0:876A:130B
Hello Hold Time: 45 sec (Local: 45 sec, Peer: 45 sec)
Table 13 Command output
Field |
Description |
Link Hellos |
Information about basic discovery that sends Link Hellos on interfaces. In a non-point-to-point network, an interface might discover multiple peers. |
Interface |
Interface using basic discovery. |
Hello Interval |
Hello interval in milliseconds. |
Hello Sent/Rcvd |
Number of Hellos sent or received on the interface. |
Transport Address |
Local transport address. |
Peer LDP ID |
LDP identifier of the LDP peer. |
Source Address |
Source IP address of received Hello messages. |
Destination Address |
Destination IP address of received Hello messages. |
Transport Address |
Transport address in the received Hello messages—the transport address of the LDP peer. |
Hello Hold Time |
Hello hold time in seconds. Local—Local hello hold time. Peer—Peer hello hold time. The negotiated hello hold time is the smaller value of the local and peer hold time values. |
Targeted Hellos |
Information about extended LDP discovery that sends Targeted Hellos to peers. |
100.100.100.17 -> 100.100.100.18 (Active, Passive) |
· The address before -> (100.100.100.17 in this example) is the local IP address. · The address after -> (100.100.100.18 in this example) is the peer IP address. · (Active) indicates that the local LSR is the Targeted Hello sender. · (Passive) indicates that the local LSR is the Targeted Hello receiver. · (Active, Passive) indicates that the local LSR is both the Targeted Hello sender and receiver. |
display mpls ldp fec
Use display mpls ldp fec to display LDP FEC-label mappings.
Syntax
display mpls ldp fec [ vpn-instance vpn-instance-name ] [ ipv4-address mask-length | ipv6-address prefix-length | [ ipv6 ] [ summary ] ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. This command displays FEC-label mappings for the specified VPN instance. If you do not specify a VPN instance, this command displays FEC-label mappings for the public network.
ipv4-address mask-length: Specifies an IPv4 FEC by an IPv4 address and a mask length in the range of 0 to 32.
ipv6-address prefix-length: Specifies an IPv6 FEC by an IPv6 address and a prefix length in the range of 0 to 128.
ipv6: Displays IPv6 FEC-label mappings.
summary: Displays summary information about all FEC-label mappings learned by LDP.
Usage guidelines
If you specify only the ipv6 keyword, this command displays detailed information about all IPv6 FEC-label mappings.
If you specify only the summary keyword, this command displays summary information about IPv4 FEC-label mappings.
If you specify only the summary and ipv6 keywords, this command displays summary information about all IPv6 FEC-label mappings.
If you do not specify the ipv4-address mask-length, ipv6-address prefix-length, ipv6, and summary parameters, this command displays detailed information about IPv4 FEC-label mappings.
Examples
# Display detailed information about all IPv4 FEC-label mappings learned by LDP for the public network.
<Sysname> display mpls ldp fec
FEC: 100.100.100.18/32
Flags: 0x02
In Label: 1531
Label Advertisement Policy:
FEC Prefix-list: Fec-prefix-list
Peer Prefix-list: Peer-prefix-list
Upstream Info:
Peer: 100.100.100.18:0 State: Established (stale)
Downstream Info:
Peer: 100.100.100.18:0
Out Label: 3 State: Established (stale)
Next Hops: 202.118.224.18 GE2/0/2
100.19.100.18 GE2/0/3
FEC: 200.100.100.18/32 (No route)
Flags: 0x0
In Label: 1532
Upstream Info:
Peer: 200.200.200.28:0 State: Established
Downstream Info:
Peer: 120.100.100.18:0
Out Label: 3 State: Idle
# Display detailed information about all IPv6 FEC-label mappings learned by LDP for the public network.
<Sysname> display mpls ldp fec ipv6
FEC: 2005:130F::09C0/128
Flags: 0x02
In Label: 1026
Label Advertisement Policy:
FEC Prefix-list: Fec-ipv6-prefix-list
Peer Prefix-list: Peer-ipv6-prefix-list
Upstream Info:
Peer: 100.100.100.18:0 State: Established (stale)
Downstream Info:
Peer: 100.100.100.18:0
Out Label: 3 State: Established (stale)
Next Hops:
FE80:130F:20C0:29FF:FEED:9E60:876A:130B GE2/0/2
Table 14 Command output
Field |
Description |
FEC |
Forwarding equivalence class identified by an IP prefix. |
Flags |
FEC flags: · 0x01—Egress LSP. · 0x02—Ingress LSP. · 0x04—Waiting to add an outgoing label to RIB. · 0x08—Waiting to add an LSP to LSM. · 0x10—Non-egress LSP waiting for the recovery during a GR process. · 0x20—Ready to advertise labels. This field displays the sum of the flags. For example, if the FEC has flags 0x01 and 0x20, this field displays 0x21. |
In Label |
Incoming label assigned by the local LSR to the FEC. |
Label Advertisement Policy |
Label advertisement policy. |
FEC Prefix-list |
IP prefix list for filtering FEC prefixes. |
Peer Prefix-list |
IP prefix list for filtering LDP peers. |
Upstream Info |
Upstream peer to which the local LSR advertised the FEC-label mapping and current state of the LSP. |
Peer |
LDP ID of an upstream peer. |
State |
Current state of the LSP established with the upstream peer: · Established—Active state. · Idle—Initial state. · Release Awaited—Waiting for a Release message. · Resource Awaited—Waiting for a label for the FEC. If the state is marked as stale, the FEC-label mapping is under a GR process. |
Downstream Info |
Downstream peer from which the local LSR received the FEC-label mapping, and current state of the LSP. |
Peer |
LDP ID of a downstream peer. |
Out Label |
Outgoing label assigned by the downstream LSR for the FEC. |
State |
Current state of the LSP established with the downstream peer: · Established—Active state. · Idle—Inactive state. If the state is marked as stale, the FEC-label mapping is under a GR process. |
Next Hops |
Next hops and outgoing interfaces. |
# Display summary information about all IPv4 FEC-label mappings learned by LDP for the public network.
<Sysname> display mpls ldp fec summary
FECs : 3
Implicit Null: 1
Explicit Null: 0
Non-Null : 2
No Label : 0
No Route : 0
Sent : 3
Received : 3
# Display summary information about all IPv6 FEC-label mappings learned by LDP for the public network.
<Sysname> display mpls ldp fec ipv6 summary
FECs : 4
Implicit Null: 0
Explicit Null: 0
Non-Null : 4
No Label : 0
No Route : 0
Sent : 3
Received : 3
Table 15 Command output
Field |
Description |
FECs |
Number of FECs that LDP has discovered from the routing protocol or FEC-label mappings advertised by peers. |
Implicit Null |
Number of FECs that are bound to the implicit null label. |
Explicit Null |
Number of FECs that are bound to the explicit null label. |
Non-Null |
Number of FECs that are bound to non-null labels. |
No Label |
Number of FECs without a label. |
No Route |
Number of FECs without matching routes. The reason why an FEC has no matching route might be one of the following: · No matching route exists in the routing table. · The matching route exists in the routing table, but it is not redistributed into LDP. · (For IPv6) The mpls ldp ipv6 enable or targeted-peer ipv6-address command is not configured on the device. In this case, an FEC is considered to have no route even though the matching IPv6 route exists in the routing table and has been redistributed into LDP. |
Sent |
Number of label mappings sent and being sent. |
Received |
Number of label mappings accepted. |
display mpls ldp interface
Use display mpls ldp interface to display LDP interface information.
Syntax
display mpls ldp interface [ vpn-instance vpn-instance-name ] [ interface-type interface-number ] [ ipv6 ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. This command displays LDP interface information for the specified VPN instance. If you do not specify a VPN instance, this command displays LDP interface information for the public network.
interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, this command displays information about all LDP interfaces.
ipv6: Displays information about interfaces enabled with IPv6 LDP. If you do not specify this keyword, the command displays information about interfaces enabled with IPv4 LDP.
Examples
# Display information about all interfaces enabled with IPv4 LDP for the public network.
<Sysname> display mpls ldp interface
Interface MPLS LDP Auto-config
GE2/0/2 Enabled Configured -
GE2/0/3 Enabled Configured -
# Display information about all interfaces enabled with IPv6 LDP for the public network.
<Sysname> display mpls ldp interface ipv6
Interface MPLS LDP Auto-config
GE2/0/2 Enabled Not Configured -
GE2/0/3 Enabled Not Configured -
Table 16 Command output
Field |
Description |
Interface |
Interface enabled with LDP. |
MPLS |
Whether the interface is enabled with MPLS. |
LDP |
Whether the interface is configured with the mpls ldp enable command or the mpls ldp ipv6 enable command. |
Auto-config |
LDP automatic configuration information: · If LDP autoconfiguration is enabled, this field displays IGP process information, such as OSPF process ID and OSPF area ID. · If LDP autoconfiguration is disabled, this field displays a hyphen (-). |
Related commands
mpls ldp
mpls ldp enable
mpls ldp ipv6 enable
display mpls ldp lsp
Use display mpls ldp lsp to display information about LSPs generated by LDP.
Syntax
display mpls ldp lsp [ vpn-instance vpn-instance-name ] [ ipv4-address mask-length | ipv6-address prefix-length | ipv6 ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. This command displays LDP LSP information for the specified VPN instance. If you do not specify a VPN instance, this command displays LDP LSP information for the public network.
ipv4-address mask-length: Specifies an IPv4 FEC by an IPv4 address and a mask length in the range of 0 to 32.
ipv6-address prefix-length: Specifies an IPv6 FEC by an IPv6 address and a mask length in the range of 0 to 128.
ipv6: Displays information about LDP LSPs for IPv6 FECs.
Usage guidelines
If you do not specify the ipv4-address mask-length, ipv6-address prefix-length, and ipv6 parameters, this command displays information about LDP LSPs for all IPv4 FECs.
Examples
# Display LDP LSP information for IPv4 FECs on the public network.
<Sysname> display mpls ldp lsp
Status Flags: * - stale, L - liberal, B - backup
FECs: 4 Ingress: 1 Transit: 1 Egress: 3
FEC In/Out Label Nexthop OutInterface
1.1.1.1/32 -/3 10.1.1.1 GE2/0/2
1151/3 10.1.1.1 GE2/0/2
-/1025(B) 30.1.1.1 GE2/0/3
1151/1025(B) 30.1.1.1 GE2/0/3
2.2.2.2/32 3/-
-/1151(L)
10.1.1.0/24 1149/-
-/1149(L)
192.168.1.0/24 1150/-
# Display LDP LSP information for IPv6 FECs on the public network.
<Sysname> display mpls ldp lsp ipv6
Status Flags: * - stale, L - liberal, B - backup
FECs: 2 Ingress: 1 Transit: 1 Egress: 1
FEC: 2080::29FF:FEED:9E60:876A:130B/128
In/Out Label: -/3 OutInterface : GE2/0/2
Nexthop : FE80:12F:C0::130B
In/Out Label: 1151/3 OutInterface : GE2/0/2
Nexthop : FE80:12F:C0::130B
In/Out Label: -/1026(L) OutInterface : -
Nexthop : -
FEC: 2001::1/128
In/Out Label: 3/- OutInterface : -
Nexthop : -
Table 17 Command output
Field |
Description |
Status Flags |
LSP status: · *—Stale, indicating that the LSP is under a GR process. · L—Liberal, indicating that the LSP is not available. · B—Backup, indicating a backup LSP. |
FECs |
Total number of FECs. |
Ingress |
Number of LSPs that take the local device as the ingress node. |
Transit |
Number of LSPs that take the local device as a transit node. |
Egress |
Number of LSPs that take the local device as the egress node. |
FEC |
Forwarding equivalence class identified by an IP prefix. |
In/Out Label |
Incoming/outgoing label. |
Nexthop |
Next hop address for the FEC. |
OutInterface |
Outgoing interface for the FEC. |
Related commands
display mpls lsp
display mpls ldp parameter
Use display mpls ldp parameter to display LDP running parameters.
Syntax
display mpls ldp parameter [ vpn-instance vpn-instance-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. This command displays LDP running parameters for the specified VPN instance. If you do not specify a VPN instance, this command displays LDP running parameters for the public network.
Usage guidelines
This command displays the following LDP running parameters:
· Global parameters, which are applicable to all LDP networks.
· Instance parameters, which are applicable to a specific LDP network.
Examples
# Display LDP running parameters for the public network.
<Sysname> display mpls ldp parameter
Protocol Version : V1 IGP Sync Delay on Restart : 90 sec
Nonstop Routing : Off Nonstop Routing State : Not Ready
Graceful Restart : Off Forwarding State Hold Time: 360 sec
Reconnect Time : 120 sec DSCP Value : 48
Instance Parameters:
Instance ID : 0
LSR ID : 0.0.0.0
Loop Detection : Off
Hop Count Limit : 32 Path Vector Limit : 32
Label Retention Mode: Liberal Label Distribution Control Mode: Ordered
IGP Sync Delay : 0 sec
Table 18 Command output
Field |
Description |
Global Parameters |
LDP running parameters for all LDP-enabled networks. |
Protocol Version |
LDP protocol version. |
IGP Sync Delay on Restart |
Maximum delay time (in seconds) that LDP must wait before it notifies IGP of an LDP session-up event when there is an LDP restart. |
Nonstop Routing |
Whether the nonstop routing feature is enabled: · On—Enabled. · Off—Disabled. |
Nonstop Routing State |
LDP NSR state: · Ready—NSR is enabled, and LDP session and LSP information has been synchronized to the standby process. If an active/standby switchover occurs, the LDP session stays in Operational state, and the forwarding is not interrupted. · Not Ready—NSR is not enabled, or NSR is enabled but LDP session and LSP information synchronization to the standby process is not completed. If an active/standby switchover occurs, the LDP session might not be able to stay in Operational state, and the forwarding might be interrupted. |
Graceful Restart |
Whether the GR feature is enabled: · On—Enabled. · Off—Disabled. |
Forwarding State Hold Time |
MPLS Forwarding State Holding time in seconds. |
Reconnect Time |
Reconnect time in seconds. |
DSCP Value |
DSCP value for outgoing LDP packets. |
Instance Parameters |
LDP running parameters for a VPN instance or public network. |
Instance ID |
VPN instance ID. For the public network, this field displays 0. |
LSR ID |
LSR ID of the local device. |
Loop Detection |
Whether loop detection is enabled: · On—Enabled. · Off—Disabled. |
Hop Count Limit |
Hop count limit specified for loop detection. |
Path Vector Limit |
Path Vector length limit specified for loop detection. |
Label Retention Mode |
The device supports only the Liberal mode. |
Label Distribution Control Mode |
Label distribution control mode: Ordered or Independent. |
IGP Sync Delay |
Delay time (in seconds) that LDP must wait before it notifies IGP of an LDP session-up event. |
display mpls ldp peer
Use display mpls ldp peer to display LDP peer and session information.
Syntax
display mpls ldp peer [ vpn-instance vpn-instance-name ] [ peer-lsr-id ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. This command displays LDP peer and session information for the specified VPN instance. If you do not specify a VPN instance, this command displays LDP peer and session information for the public network.
peer peer-lsr-id: Specifies an LDP peer by its LSR ID. If you do not specify this option, the command displays all LDP peers and related session information.
verbose: Displays detailed LDP peer and session information. If you do not specify this keyword, the command displays brief LDP peer and session information.
Examples
# Display brief information about all LDP peers and LDP sessions for the public network.
<Sysname> display mpls ldp peer
Total number of peers: 1
Peer LDP ID State Role GR MD5 KA Sent/Rcvd
2.2.2.9:0 Operational Passive Off Off 39/39
Table 19 Command output
Field |
Description |
Peer LDP ID |
LDP identifier of the peer. |
State |
State of the LDP session between the local LSR and the peer: · Non Existent—No TCP connection is established. · Initialized—A TCP connection has been established. · OpenRecv—LDP has received an acceptable initialization message. · OpenSent—LDP has sent an initialization message. · Operational—An LDP session has been established. |
Role |
Role of the local LSR in the session: Active or Passive. In a session, the LSR with a higher IP address takes the Active role. The Active LSR initiates a TCP connection to the passive LSR. |
GR |
Whether GR is enabled on the peer: · On—Enabled. · Off—Disabled. |
MD5 |
Whether MD5 authentication is enabled for the LDP session on the local device: · On—Enabled. · Off—Disabled. |
KA Sent/Rcvd |
Number of keepalive messages sent/received. |
# Display detailed information about all LDP peers and LDP sessions for the public network.
<Sysname> display mpls ldp peer verbose
Peer LDP ID : 100.100.100.20:0
Local LDP ID : 100.100.100.17:0
TCP Connection : 100.100.100.20:47515 -> 100.100.100.17:646
Session State : Operational Session Role : Passive
Session Up Time : 0000:00:03 (DD:HH:MM)
Max PDU Length : 4096 bytes (Local: 4096 bytes, Peer: 4096 bytes)
Keepalive Time : 45 sec (Local: 45 sec, Peer: 45 sec)
Keepalive Interval : 15 sec
Msgs Sent/Rcvd : 288/426
KA Sent/Rcvd : 13/13
Label Adv Mode : DU Graceful Restart : On
Reconnect Time : 120 sec Recovery Time : 360 sec
Loop Detection : On Path Vector Limit: 32
Discovery Sources:
Targeted Hello 100.100.100.17 -> 100.100.100.20 (Active, Passive)
Hello Hold Time: 45 sec Hello Interval : 15000 ms
Targeted Hello 2005:130F::09C0:876A:130B ->
2001:0000:130F:0000:0000:09C0:876A:130B (Active, Passive)
Hello Hold Time: 45 sec Hello Interval : 15000 ms
GigabitEthernet2/0/2
Hello Hold Time: 15 sec Hello Interval : 5000 ms
GigabitEthernet2/0/2 (v6)
Hello Hold Time: 15 sec Hello Interval : 5000 ms
Label Acceptance Policy :
prefix-from-20
prefix-from-30(v6)
Session Protection : On
State : Ready Duration : 120 sec
Addresses received from peer:
202.118.224.20 100.100.100.20 11.22.33.44 1.2.3.10
1.2.3.4
2005:130F::09C0:876A:130B
Table 20 Command output
Field |
Description |
Peer LDP ID |
LDP identifier of the peer. |
Local LDP ID |
LDP identifier of the local LSR. |
TCP connection |
TCP connection information for the session. It includes the IP addresses and port numbers used by both ends of the TCP connection, and whether MD5 authentication is enabled for the TCP connection. If MD5 authentication is enabled, this field displays MD5 On. If MD5 is not enabled, this field does not display MD5 information. |
Session State |
State of the LDP session: · Non Existent—No TCP connection is established. · Initialized—A TCP connection has been established. · OpenRecv—LDP has received an acceptable initialization message. · OpenSent—LDP has sent an initialization message. · Operational—An LDP session has been established. |
Session Role |
Role the local LSR in the session: Active or Passive. |
Session Up time |
Duration of the session in Operational state. |
Max PDU Length |
Maximum PDU length negotiated, in bytes. Local—Maximum PDU length (in bytes) on the local LSR. Peer—Maximum PDU length (in bytes) on the peer. |
Keepalive Time |
Keepalive time negotiated, in seconds. Local—Locally configured Keepalive holding time in seconds. Peer—Keepalive holding time (in seconds) configured on the peer. |
Keepalive Interval |
Keepalive interval in seconds. |
Msgs Sent/Rcvd |
Total number of LDP messages sent and received. |
KA Sent/Rcvd |
Total number of Keepalive messages sent and received. |
Label Adv Mode |
Label advertisement mode negotiated. The device only supports the DU mode. |
Graceful Restart |
Whether GR is enabled on the peer: · On—Enabled. · Off—Disabled. |
Reconnect Time |
Reconnect time negotiated, in seconds. |
Recovery Time |
Recovery time (in seconds) carried in packets sent by the peer. |
Loop Detection |
Whether loop detection is enabled on the peer: · On—Enabled. · Off—Disabled. |
Path Vector Limit |
Maximum Path Vector length configured on the peer. |
Discovery Sources |
Discovery source of the LDP peer. |
Targeted Hello |
LDP peer discovered by the extended discovery mechanism. · The address before -> (100.100.100.17 in this example) is the local IP address. · The address after -> (100.100.100.20 in this example) is the peer IP address. · (Active) indicates that the local LSR is the active end. It actively sends Targeted Hellos to its peer. · (Passive) indicates that the local LSR is the passive end. It passively responds to the Targeted Hellos from its peer. · (Active, Passive) indicates that the local LSR acts as both the active end and the passive end. |
GigabitEthernet2/0/2 |
Interface running LDP basic discovery. The device discovers the LDP peer by sending Link Hellos out of the interface. (v6) indicates that the LDP peer is discovered by sending IPv6 Link Hellos. |
Hello Hold Time |
Hello hold time negotiated, in seconds. |
Hello Interval |
Current Hello interval, in milliseconds. |
Label Acceptance Policy |
Label acceptance policy used to filter label mappings received from the peer. (v6) indicates that the label acceptance policy uses IPv6 prefixes to filter label mappings. |
Session Protection |
Whether session protection is enabled: · On—Enabled. · Off—Disabled. |
State |
Session protection state: · Incomplete—Session protection is not ready. · Ready—Session protection is ready. · Protecting—The session is under protection. |
Duration |
Local session protection duration, in seconds. Infinite indicates that session protection takes effect permanently. |
Holdup time remaining |
Remaining time of the session hold timer, in seconds. This field is displayed only when the session protection state is Protecting. A value of Infinite indicates that session protection takes effect permanently. |
Addresses received from peer |
IPv4/IPv6 addresses received from the peer. |
display mpls ldp summary
Use display mpls ldp summary to display LDP summary information.
Syntax
display mpls ldp summary [ all | vpn-instance vpn-instance-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
all: Displays LDP summary information for the public network and all VPN instances.
vpn-instance vpn-instance-name: Displays LDP summary information for the specified VPN instance. The vpn-instance-name argument is a case-sensitive string of 1 to 31 characters.
Usage guidelines
If you do not specify any parameters, this command displays LDP summary information for the public network.
Examples
# Display LDP summary information for the public network.
<Sysname> display mpls ldp summary
VPN Instance Name : Public
Instance ID : 0
Instance State : Active
Interfaces : 1 (1 active)
Targeted Peers : 0
Targeted Peers(v6) : 0
Adjacencies : 1
Adjacencies(v6) : 1
Peers : 1
Operational : 1 (0 GR)
OpenSent : 0
OpenRecv : 0
Initialized : 0
Non-Existent: 0
Table 21 Command output
Field |
Description |
Instance ID |
VPN instance identifier. A value of 0 represents the public network. |
Instance State |
LDP status in the VPN instance, Active or Inactive. |
Interfaces |
Number of interfaces enabled with LDP. active: Number of interfaces running LDP. |
Targeted Peers |
Number of LDP IPv4 peers discovered by the LDP extended discovery mechanism, including the manually specified peers and the automatically established peers. |
Targeted Peers(v6) |
Number of LDP IPv6 peers discovered by the LDP extended discovery mechanism, including the manually specified peers and the automatically established peers. |
Adjacencies |
Number of IPv4 Hello adjacencies. |
Adjacencies(v6) |
Number of IPv6 Hello adjacencies. |
Peers |
Total number of peers. |
Operational |
Number of peers in Operational state. GR: Number of GR-capable peers. |
OpenSent |
Number of peers in OpenSent state. |
OpenRecv |
Number of peers in OpenRecv state. |
Initialized |
Number of peers in Initialized state. |
Non-Existent |
Number of peers in Non-Existent state. |
dscp
Use dscp to set a DSCP value for outgoing LDP packets.
Use undo dscp to restore the default.
Syntax
dscp dscp-value
undo dscp
Default
The DSCP value for outgoing LDP packets is 48.
Views
LDP view
Predefined user roles
network-admin
Parameters
dscp-value: Specifies the DSCP value for outgoing LDP packets, in the range of 0 to 63.
Usage guidelines
To control the transmission preference of outgoing LDP packets, set a DSCP value for outgoing LDP packets.
Examples
# Set the DSCP value for outgoing LDP packets to 56.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] dscp 56
Related commands
display mpls ldp parameter
graceful-restart
Use graceful-restart to enable Graceful Restart (GR) for LDP.
Use undo graceful-restart to disable LDP GR.
Syntax
graceful-restart
undo graceful-restart
Default
LDP GR is disabled.
Views
LDP view
Predefined user roles
network-admin
Usage guidelines
LDP GR enables an LSR to retain MPLS forwarding entries during an LDP restart, ensuring continuous MPLS forwarding.
The configuration of this command takes effect only on new LDP sessions. To apply the configuration to existing LDP sessions, you must reset the LDP sessions by using the reset mpls ldp command.
Examples
# Enable GR for LDP.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] graceful-restart
Related commands
display mpls ldp parameter
reset mpls ldp
graceful-restart timer
Use graceful-restart timer to set the MPLS Forwarding State Holding timer and the Reconnect timer for GR.
Use undo graceful-restart timer to restore the default.
Syntax
graceful-restart timer { forwarding-hold hold-time | reconnect reconnect-time }
undo graceful-restart timer { forwarding-hold | reconnect }
Default
The MPLS Forwarding State Holding timer is 180 seconds and the Reconnect timer is 120 seconds.
Views
LDP view
Predefined user roles
network-admin
Parameters
forwarding-hold hold-time: Specifies the MPLS Forwarding State Holding time in the range of 60 to 600 seconds. This time specifies how long the local LSR retains its MPLS forwarding entries after the control plane of the local LSR restarts.
reconnect reconnect-time: Specifies the Reconnect time in the range of 60 to 300 seconds. This time specifies the period the local LSR expects the peer to wait for LDP session re-establishment after the peer detects an LDP session failure. The local LSR sends the Reconnect time to the peer.
Usage guidelines
In a GR process, the timers operate as follows:
1. When LDP restarts, the GR restarter starts the MPLS Forwarding State Holding timer, and marks the MPLS forwarding entries as stale. When a GR helper detects that the LDP session to the GR restarter is down, it performs the following operations:
a. Marks the FEC-label mappings learned from the session as stale.
b. Starts the Reconnect timer received from the GR restarter.
2. After the LDP restart, the GR restarter re-establishes an LDP session to the GR helper.
¡ If the LDP session is not set up before the Reconnect timer expires, the GR helper deletes stale FEC-label mappings and corresponding MPLS forwarding entries.
¡ If the LDP session is successfully set up before the Reconnect timer expires, the GR restarter sends the remaining time of the MPLS Forwarding State Holding timer to the GR helper.
The remaining time is sent as the LDP Recovery time.
3. After the LDP session is re-established, the GR helper starts the LDP Recovery timer.
4. The GR restarter and the GR helper exchange label mappings and update their MPLS forwarding tables.
The GR restarter compares each received label mapping against stale MPLS forwarding entries. If a match is found, the restarter deletes the stale mark for the matching entry. If no match is found, it adds a new entry for the label mapping.
The GR helper compares each received label mapping against stale FEC-label mappings. If a match is found, the helper deletes the stale mark for the matching mapping. If no match is found, it adds the received FEC-label mapping and a new MPLS forwarding entry for the mapping.
5. When the MPLS Forwarding State Holding timer expires, the GR restarter deletes all stale MPLS forwarding entries.
6. When the LDP Recovery timer expires, the GR helper deletes all stale FEC-label mappings.
The MPLS Forwarding State Holding time must be greater than the Reconnect time.
The configuration of this command takes effect only on new LDP sessions. To apply the configuration to existing LDP sessions, you must reset the LDP sessions by using the reset mpls ldp command.
Examples
# Set the MPLS Forwarding State Holding time to 200 seconds, and the Reconnect time to 100 seconds.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] graceful-restart timer forwarding-hold 200
[Sysname-ldp] graceful-restart timer reconnect 100
Related commands
display mpls ldp parameter
graceful-restart
label-distribution
Use label-distribution to configure the label distribution control mode.
Use undo label-distribution to restore the default.
Syntax
label-distribution { independent | ordered }
undo label-distribution
Default
The label distribution control mode is ordered.
Views
LDP view
LDP-VPN instance view
Predefined user roles
network-admin
Parameters
independent: Specifies Independent label distribution mode. In this mode, an LSR can distribute label mappings to the upstream LSR at any time.
ordered: Specifies Ordered label distribution mode. In this mode, an LSR distributes a label mapping for an FEC to the upstream LSR only when one of the following events occurs:
· The LSR receives a label mapping for that FEC from the downstream LSR.
· The LSR is the egress node of that FEC.
Usage guidelines
In Ordered mode, an LSR can determine that the downstream LSR has established an LSP when the LSR receives an FEC-label mapping from the downstream LSR.
The Independent mode enables faster LSP convergence because each LSR independently advertises labels without waiting for labels from downstream LSRs.
Examples
# Set the Independent LDP label distribution mode for the public network.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] label-distribution independent
Related commands
display mpls ldp parameter
loop-detect
Use loop-detect to enable loop detection.
Use undo loop-detect to disable loop detection.
Syntax
loop-detect
undo loop-detect
Default
Loop detection is disabled.
Views
LDP view
LDP-VPN instance view
Predefined user roles
network-admin
Usage guidelines
The LDP loop detection feature enables LDP to detect loops during an LSP establishment. If LDP detects a loop, it terminates the LSP establishment. This feature is applicable to an MPLS network where most of the devices do not support the TTL mechanism, such as ATM switches.
LDP uses hop count (see "maxhops") and path vector (see "pv-limit") for loop detection.
To use this feature, you must enable it on all LSRs that the LSP passes through.
To avoid extra LDP overhead, do not use this feature if most of the devices in an MPLS network support the TTL mechanism. Using the TTL mechanism can prevent endless routing loops.
The configuration of this command takes effect only on new LDP sessions. To apply the configuration to existing LDP sessions, you must reset the LDP sessions by using the reset mpls ldp command.
Examples
# Enable LDP loop detection for the public network.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] loop-detect
Related commands
display mpls ldp parameter
maxhops
pv-limit
lsr-id
Use lsr-id to configure an LDP LSR ID.
Use undo lsr-id to restore the default.
Syntax
lsr-id lsr-id
undo lsr-id
Default
No LDP LSR ID is configured. LDP uses the MPLS LSR ID configured by the mpls lsr-id command for both the public network and VPN instances.
Views
LDP view
LDP-VPN instance view
Predefined user roles
network-admin
Parameters
lsr-id: Specifies an LDP LSR ID, in dotted decimal notation.
Usage guidelines
If you configure an LDP LSR ID by using the lsr-id command in LDP view or LDP-VPN instance view, LDP uses the LDP LSR ID. If no LDP LSR ID is configured, LDP uses the LSR ID configured by the mpls lsr-id command.
LDP uses the same LSR ID for all sessions in the same VPN instance. After you configure a new LSR ID for a VPN instance, LDP does not use the new LSR ID unless the reset mpls ldp command is executed. The reset mpls ldp command re-establishes all LDP sessions in the VPN instance.
As a best practice, use the default LDP LSR ID configured by the mpls lsr-id command for the public network. If the lsr-id command is required to configure an LDP LSR ID for the public network, specify the IP address of a local loopback interface as the LDP LSR ID.
Examples
# Configure the LDP LSR ID as 2.2.2.2 for the public network.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] lsr-id 2.2.2.2
Related commands
display mpls ldp parameter
mpls lsr-id
maxhops
Use maxhops to set the maximum hop count for loop detection.
Use undo maxhops to restore the default.
Syntax
maxhops hop-number
undo maxhops
Default
The maximum hop count for loop detection is 32.
Views
LDP view
LDP-VPN instance view
Predefined user roles
network-admin
Parameters
hop-number: Specifies the maximum hop count for loop detection, in the range of 1 to 32.
Usage guidelines
LDP adds a hop count in a label request or label mapping message. The hop count increments by 1 on each LSR. When the hop count reaches the maximum hop count configured by this command, LDP considers that a loop occurs and terminates LSP establishment.
Set a proper maximum hop count according to the number of LSRs in your network. For example, set a smaller maximum hop count in small networks to allow for fast loop detection. Set a higher maximum hop count in large networks to ensure that LSPs can be successfully established.
The configuration of this command takes effect only on new LDP sessions. To apply the configuration to existing LDP sessions, you must reset the LDP sessions by using the reset mpls ldp command.
Examples
# Set the maximum hop count to 25 for loop detection on the public network.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] maxhops 25
Related commands
display mpls ldp parameter
loop-detect
pv-limit
md5-authentication
Use md5-authentication to enable LDP MD5 authentication.
Use undo md5-authentication to disable LDP MD5 authentication.
Syntax
md5-authentication peer-lsr-id { cipher | plain } string
undo md5-authentication peer-lsr-id
Default
LDP MD5 authentication is disabled.
Views
LDP view
LDP-VPN instance view
Predefined user roles
network-admin
Parameters
peer-lsr-id: Specifies the LSR ID of a peer.
cipher: Specifies a key in encrypted form.
plain: Specifies a key in plaintext form. For security purposes, the key specified in plaintext form will be stored in encrypted form.
string: Specifies the key. Its plaintext form is a case-sensitive string of 1 to 16 characters. Its encrypted form is a case-sensitive string of 1 to 53 characters.
Usage guidelines
To improve security for LDP sessions, you can configure MD5 authentication for the underlying TCP connections to check the integrity of LDP messages.
For the local LSR and the peer LSR to establish a TCP connection, they must have the same key.
MD5 authentication key settings take effect only on new LDP sessions. To apply the new settings to existing LDP sessions, you must reset the LDP sessions by using the reset mpls ldp command.
Examples
# Enable LDP MD5 authentication for peer 3.3.3.3 on the public network, and set a key of pass in plaintext form.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] md5-authentication 3.3.3.3 plain pass
Related commands
display mpls ldp peer
mpls ldp
Use mpls ldp to enable LDP globally for an LSR and enter LDP view.
Use undo mpls ldp to disable LDP globally for an LSR and delete all LDP-VPN instances.
Syntax
mpls ldp
undo mpls ldp
Default
LDP is globally disabled.
Views
System view
Predefined user roles
network-admin
Usage guidelines
You must enable LDP globally for an LSR to run LDP.
The NSR and GR commands, the session protection command, and the targeted-peer command are available only in LDP view. All other commands available in LDP view are also available in LDP-VPN instance view.
Commands executed in LDP view take effect only on the public network. Commands executed in LDP-VPN instance view take effect only on the specified VPN instance. The NSR and GR commands are global commands and take effect on all VPN instances and the public network.
Examples
# Enable LDP globally and enter LDP view.
<Sysname> System-view
[Sysname] mpls ldp
[Sysname-ldp]
Related commands
mpls ldp enable
vpn-instance
mpls ldp timer
Use mpls ldp timer to set the Hello hold time, Hello interval, Keepalive hold time, and Keepalive interval.
Use undo mpls ldp timer to restore the default.
Syntax
mpls ldp timer { hello-hold timeout | hello-interval interval | keepalive-hold timeout | keepalive-interval interval }
undo mpls ldp timer { hello-hold | hello-interval | keepalive-hold | keepalive-interval }
Default
· The Link Hello hold time is 15 seconds.
· The Link Hello interval is 5 seconds.
· The Targeted Hello hold time is 45 seconds.
· The Targeted Hello interval is 15 seconds.
· The Keepalive hold time is 45 seconds.
· The Keepalive interval is 15 seconds.
Views
Interface view
LDP peer view
Predefined user roles
network-admin
Parameters
hello-hold timeout: Specifies the Hello hold time in the range of 1 to 65535 seconds. LDP keeps the hello adjacency during the Hello hold time. The negotiated Hello hold time takes the smaller value of the local Hello hold time and the peer Hello hold time. If LDP receives no Hello message from the peer before the Hello hold timer expires, LDP deletes the Hello adjacency with the peer. If you set the Hello hold time to 65535, LDP permanently keeps the Hello adjacency.
hello-interval interval: Specifies the Hello interval in the range of 1 to 65535 seconds. LDP sends Hello messages at this interval.
keepalive-hold timeout: Specifies the Keepalive hold time in the range of 15 to 65535 seconds. LDP keeps the LDP session to the peer during the Keepalive hold time. The negotiated Keepalive hold time takes the smaller value of the local Keepalive hold time and the peer Keepalive hold time. If LDP receives no LDP message from the peer before the Keepalive hold timer expires, LDP deletes the LDP session to the peer.
keepalive-interval interval: Specifies the Keepalive interval in the range of 1 to 65535 seconds. LDP sends Keepalive messages to the peer at this interval.
Usage guidelines
In interface view, this command sets a Link Hello hold time and a Link Hello interval.
In LDP peer view, this command sets a Targeted Hello hold time and a Targeted Hello interval.
LDP automatically sends Targeted Hellos to the specified peer after one of the following features is configured:
· LDP session protection.
· LDP over MPLS TE.
· MPLS L2VPN LDP PW.
· VPLS LDP PW.
To modify the Targeted Hello/Keepalive hold time and interval, you must use the targeted-peer command to create the LDP peer, and then perform the modification in the LDP peer view.
If the local Hello hold time and local Keepalive hold time are different from those of a peer LSR, the negotiation is as follows:
· During LDP peer discovery, an LSR compares the local Hello hold time with the peer LSR's Hello hold time carried in Hellos. Then, the LSR uses the smaller one as the negotiated Hello hold time.
¡ If the negotiated Hello hold time is larger than three times the local Hello interval, the LSR sends Hello messages at the local Hello interval.
¡ If it is not larger than three times the local Hello interval, the LSR sends Hello messages at an interval 1/3 of the negotiated Hello hold time.
· During LDP session negotiation, an LSR compares the local Keepalive hold time with the Keepalive hold time of the peer LSR by exchanging Initialization messages. Then, the LSR uses the smaller one as the negotiated Keepalive hold time.
¡ If the negotiated Keepalive hold time is larger than three times the local Keepalive interval, the LSR sends Keepalive messages at the local Keepalive interval.
¡ If it is not larger than three times the local Keepalive interval, the LSR sends Keepalive messages at an interval 1/3 of the negotiated Keepalive hold time.
If the Hello hold time and the Keepalive hold time values are too large, LDP cannot quickly detect link failures. If the values are too small, LDP might mistakenly consider a normal link failed. As a best practice, use the default values.
Make sure all links between two LSRs have the same Keepalive hold time as the one configured in LDP peer view in either of the following situations:
· Multiple Link Hello adjacencies exist when the two LSRs are directly connected through multiple links.
· Both a Link Hello adjacency and a Targeted Hello adjacency exist between the two LSRs.
Keepalive hold time and keepalive interval settings take effect only on new LDP sessions. To apply the settings to existing LDP sessions, you must reset the LDP sessions by using the reset mpls ldp command.
Examples
# Set the Targeted Hello hold time to 1000 seconds, Targeted Hello interval to 50 seconds, Keepalive hold time to 1000 seconds, and Keepalive interval to 50 seconds for peer 3.3.3.3.
<Sysname> System-view
[Sysname] mpls ldp
[Sysname-ldp] targeted-peer 3.3.3.3
[Sysname-ldp-peer-3.3.3.3] mpls ldp timer hello-hold 1000
[Sysname-ldp-peer-3.3.3.3] mpls ldp timer hello-interval 50
[Sysname-ldp-peer-3.3.3.3] mpls ldp timer keepalive-hold 1000
[Sysname-ldp-peer-3.3.3.3] mpls ldp timer keepalive-interval 50
# On GigabitEthernet 2/0/1, set the Link Hello hold time to 100 seconds, Link Hello interval to 20 seconds, Keepalive hold time to 50 seconds, and Keepalive interval to 10 seconds.
<Sysname> System-view
[Sysname] interface gigabitethernet 2/0/1
[Sysname-GigabitEthernet2/0/1] mpls ldp timer hello-hold 100
[Sysname-GigabitEthernet2/0/1] mpls ldp timer hello-interval 20
[Sysname-GigabitEthernet2/0/1] mpls ldp timer keepalive-hold 50
[Sysname-GigabitEthernet2/0/1] mpls ldp timer keepalive-interval 10
Related commands
display mpls ldp discovery
display mpls ldp peer
non-stop-routing
Use non-stop-routing to enable LDP NSR.
Use undo non-stop-routing to disable LDP NSR.
Syntax
non-stop-routing
undo non-stop-routing
Default
LDP NSR is disabled.
Views
LDP view
Predefined user roles
network-admin
Usage guidelines
The following matrix shows the command and hardware compatibility:
Hardware |
Command compatibility |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
MSR2600-6-X1/2600-10-X1 |
· In standalone mode: No · In IRF mode: Yes |
MSR 2630 |
· In standalone mode: No · In IRF mode: Yes |
MSR3600-28/3600-51 |
· In standalone mode: No · In IRF mode: Yes |
MSR3600-28-SI/3600-51-SI |
No |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
· In standalone mode: No · In IRF mode: Yes |
MSR 3610/3620/3620-DP/3640/3660 |
· In standalone mode: No · In IRF mode: Yes |
MSR5620/5660/5680 |
Yes |
Hardware |
Command compatibility |
MSR810-LM-GL |
No |
MSR810-W-LM-GL |
No |
MSR830-6EI-GL |
No |
MSR830-10EI-GL |
No |
MSR830-6HI-GL |
No |
MSR830-10HI-GL |
No |
MSR2600-6-X1-GL |
No |
MSR3600-28-SI-GL |
No |
LDP nonstop routing (NSR) backs up protocol states and data (including LDP session and LSP information) from the active process to the standby process. After the LDP active process fails, the standby process becomes active and takes over processing seamlessly. The LDP peers are not notified of the LDP interruption. The LDP session stays in Operational state, and the forwarding is not interrupted.
The LDP active process fails when one of the following events occurs:
· The active process restarts.
· The MPU where the active process resides fails.
· The MPU where the active process resides performs an ISSU.
· An active/standby process switchover occurs when the position determined by process placement is different from the position where the process operates.
To use LDP NSR, the device must have two or more MPUs, and the active and standby processes for LDP reside on different MPUs. To use LDP GR, the device can have only one MPU on the device.
Example
# Enable LDP NSR.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] non-stop-routing
Related commands
display mpls ldp discovery
display mpls ldp fec
display mpls ldp peer
display mpls ldp summary
pv-limit
Use pv-limit to set the path vector limit.
Use undo pv-limit to restore the default.
Syntax
pv-limit pv-number
undo pv-limit
Default
The path vector limit is 32.
Views
LDP view
LDP-VPN instance view
Predefined user roles
network-admin
Parameters
pv-number: Specifies the path vector limit in the range of 1 to 32.
Usage guidelines
LDP adds LSR ID information in a label request or label mapping message. Each LSR checks whether its LSR ID is contained in the message.
· If it is not, the LSR adds its own LSR ID into the message.
· If it is, the LSR considers that a loop occurs and terminates LSP establishment.
In addition, when the number of LSR IDs in the message reaches the path vector limit, LDP also considers that a loop occurs and terminates LSP establishment.
The configuration of this command takes effect only on new LDP sessions. To apply the configuration to existing LDP sessions, you must reset the LDP sessions by using the reset mpls ldp command.
Examples
# Set the path vector limit to 3 for LDP loop detection on the public network.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] pv-limit 3
Related commands
display mpls ldp parameter
loop-detect
maxhops
reset mpls ldp
Use reset mpls ldp to reset LDP sessions.
Syntax
reset mpls ldp [ vpn-instance vpn-instance-name ] [ peer peer-id ]
Views
User view
Predefined user roles
network-admin
Parameters
vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. This command resets the LDP sessions in the specified VPN instance. If you do not specify a VPN instance, this command resets the LDP sessions in the public network.
peer peer-id: Specifies a peer by its LSR ID. If you do not specify a peer, this command resets all LDP sessions in the specified VPN instance or the public network.
Usage guidelines
Resetting an LDP session deletes and re-establishes the session and all LSPs based on the session.
Changes to LDP session parameters take effect only on new LDP sessions. To apply the changes to an existing LDP session on a network, you must reset all LDP sessions on that network by executing this command without the peer keyword. If you specify the peer keyword, this command resets the LDP session to the specified peer without applying the parameter changes to the session.
Examples
# Reset all LDP sessions in the public network.
<Sysname> reset mpls ldp
# Reset all LDP sessions in VPN instance vpn1.
<Sysname> reset mpls ldp vpn-instance vpn1
snmp-agent trap enable ldp
Use snmp-agent trap enable ldp to enable SNMP notifications for LDP.
Use undo snmp-agent trap enable ldp to disable SNMP notifications for LDP.
Syntax
snmp-agent trap enable ldp
undo snmp-agent trap enable ldp
Default
SNMP notifications for LDP are enabled.
Views
System view
Predefined user roles
network-admin
Usage guidelines
This command enables generating SNMP notifications for LDP upon LDP session changes, as defined in RFC 3815. For LDP event notifications to be sent correctly, you must also configure SNMP on the device. For more information about SNMP configuration, see the network management and monitoring configuration guide for the device.
Examples
# Enable SNMP notifications for LDP.
<Sysname> system-view
[Sysname] snmp-agent trap enable ldp
vpn-instance
Use vpn-instance to enable LDP for a VPN instance and enter LDP-VPN instance view, or enter the view of an existing LDP-VPN instance.
Use undo vpn-instance to delete the LDP-VPN instance.
Syntax
vpn-instance vpn-instance-name
undo vpn-instance vpn-instance-name
Default
LDP is disabled for a VPN instance.
Views
LDP view
Predefined user roles
network-admin
Parameters
vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. The VPN instance must have been created by the ip vpn-instance command in system view.
Usage guidelines
Enabling LDP for VPN instances is used for the Carrier's Carrier network that uses LDP between the Level 1 carrier and Level 2 carrier PEs. In such a network, you must enable LDP for each VPN instance on each Level 1 carrier PE.
The NSR, GR, and LDP-IGP synchronization commands, the dscp command, the session protection command, and the targeted-peer command are available only in LDP view. All other commands available in LDP view are available in LDP-VPN instance view.
Commands executed in LDP view take effect only on the public network. Commands executed in LDP-VPN instance view take effect only on the specified VPN instance. The dscp command, NSR commands, and GR commands are global commands and take effect on all VPN instances and the public network.
Examples
# Enable LDP for VPN instance vpn1 and enter LDP-VPN instance view.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] vpn-instance vpn1
[Sysname-ldp-vpn-instance-vpn1]
Related commands
ip vpn-instance
mpls ldp
IPv4 LDP commands
accept-label
Use accept-label to configure a label acceptance policy.
Use undo accept-label to delete a label acceptance policy.
Syntax
accept-label peer peer-lsr-id prefix-list prefix-list-name
undo accept-label peer peer-lsr-id
Default
No label acceptance policy is configured. LDP accepts all IPv4 FEC-label mappings from all peers.
Views
LDP view
LDP-VPN instance view
Predefined user roles
network-admin
Parameters
peer peer-lsr-id: Specifies an LDP peer by its LSR ID.
prefix-list prefix-list-name: Specifies an IPv4 prefix list by its name, a case-sensitive string of 1 to 63 characters.
Usage guidelines
This feature enables you to control the number of FEC-label mappings received from peers. LDP accepts only the FEC-label mappings whose IPv4 prefixes are permitted by the specified IPv4 prefix list from the specified peer.
To accept the previously denied label mappings from a peer, use the undo accept-label command or change the IPv4 prefix list for the peer. Then, execute the reset mpls ldp command to reset the LDP session to that peer to apply the new settings.
Using a label advertisement policy on an LSR or using a label acceptance policy on its upstream LSR can achieve the same purpose. As a best practice, use the label advertisement policy to reduce network load.
Examples
# Configure a label acceptance policy to accept only the FEC-label mappings containing IPv4 prefixes 10.1.1.0/24 and 10.2.1.0/24 from the LDP peer 1.1.1.9.
<Sysname> system-view
[Sysname] ip prefix-list prefix-from-RTA index 1 permit 10.1.1.0 24
[Sysname] ip prefix-list prefix-from-RTA index 2 permit 10.2.1.0 24
[Sysname] mpls ldp
[Sysname-ldp] accept-label peer 1.1.1.9 prefix-list prefix-from-RTA
Related commands
display mpls ldp peer verbose
ip prefix-list (Layer 3—IP Routing Command Reference)
advertise-label
Use advertise-label to configure a label advertisement policy.
Use undo advertise-label to delete a label advertisement policy.
Syntax
advertise-label prefix-list prefix-list-name [ peer peer-prefix-list-name ]
undo advertise-label prefix-list prefix-list-name
Default
No label advertisement policy is configured. The device advertises IPv4 FEC-label mappings permitted by the LSP generation policy to all peers.
Views
LDP view
LDP-VPN instance view
Predefined user roles
network-admin
Parameters
prefix-list prefix-list-name: Specifies an IPv4 prefix list by its name, a case-sensitive string of 1 to 63 characters. This prefix list filters advertised label mappings.
peer peer-prefix-list-name: Specifies an IPv4 prefix list by its name, a case-sensitive string of 1 to 63 characters. This prefix list filters LDP peers. If you do not specify this option, the device advertises label mappings to all peers.
Usage guidelines
Use a label advertisement policy to filter label mappings advertised to peers.
Configure multiple label advertisement policies by executing this command multiple times.
If a label mapping is permitted by an advertisement policy, LDP advertises the mapping by following these rules:
· If the policy has no peer IPv4 prefix list (peer peer-prefix-list-name not specified), LDP advertises the label mapping to all peers.
· If the policy has a peer IPv4 prefix list, LDP advertises the label mapping to the peers permitted by the peer IPv4 prefix list.
If a label mapping is permitted by multiple advertisement policies, LDP advertises the label mapping according to the first configured policy.
Using a label advertisement policy on an LSR or using a label acceptance policy on its upstream LSR can achieve the same purpose. As a best practice, use the label advertisement policy to reduce network load.
Examples
# Configure two label advertisement policies. One policy advertises only the label mapping for subnet 10.1.1.0/24 to the peer 3.3.3.9. The other policy advertises only the label mapping for subnet 10.2.1.0/24 to the peer 4.4.4.9.
<Sysname> system-view
[Sysname] ip prefix-list prefix-to-C permit 10.1.1.0 24
[Sysname] ip prefix-list prefix-to-D permit 10.2.1.0 24
[Sysname] ip prefix-list peer-C permit 3.3.3.9 32
[Sysname] ip prefix-list peer-D permit 4.4.4.9 32
[Sysname] mpls ldp
[Sysname-ldp] advertise-label prefix-list prefix-to-C peer peer-C
[Sysname-ldp] advertise-label prefix-list prefix-to-D peer peer-D
Related commands
display mpls ldp fec
ip prefix-list (Layer 3—IP Routing Command Reference)
lsp-trigger
display mpls ldp igp sync
Use display mpls ldp igp sync to display LDP-IGP synchronization information.
Syntax
display mpls ldp igp sync [ interface interface-type interface-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
interface interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, this command displays LDP-IGP synchronization information for all interfaces.
Example
# Display LDP-IGP synchronization information for all interfaces.
<Sysname> display mpls ldp igp sync
GigabitEthernet2/0/2:
IGP protocols: OSPF
Sync status: Ready
Peers:
10.1.1.2:0
GigabitEthernet2/0/3:
IGP protocols: OSPF, IS-IS
Sync status: Delayed (24 sec remaining)
Peers:
20.1.1.2:0
GigabitEthernet2/0/1:
LDP-IGP synchronization is disabled on the interface
Table 22 Command output
Field |
Description |
IGP protocols |
IGP protocols that require LDP-IGP synchronization: OSPF and IS-IS. |
Sync status |
LDP-IGP synchronization state: · Ready—LDP is converged and is available for IGP. · Delayed—LDP is waiting to notify IGP of the convergence. remaining indicates the remaining time for the delay, in seconds. · Not ready—LDP is not converged and is not available for IGP. · LDP not enabled—LDP is not enabled on the interface. |
Peers |
LDP peer that completes LDP convergence on the interface. |
igp sync delay
Use igp sync delay to set the delay for LDP to notify IGP of the LDP convergence completion.
Use undo igp sync delay to restore the default.
Syntax
igp sync delay time
undo igp sync delay
Default
LDP immediately notifies IGP of the LDP convergence completion.
Views
LDP view
Predefined user roles
network-admin
Parameters
time: Specifies the notification delay in the range of 5 to 300 seconds.
Usage guidelines
LDP convergence on a link is completed when the following conditions exist:
· The local device establishes an LDP session to a minimum of one peer, and the LDP session is already in Operational state.
· The local device has distributed the label mappings to a minimum of one peer.
If LDP notifies IGP immediately after convergence, MPLS traffic forwarding might be interrupted in one of the following scenarios:
· LDP peers use the Ordered label distribution control mode. When LDP notifies IGP of the LDP convergence, the device has not received a label mapping from downstream.
· A large number of label mappings are distributed from downstream. When LDP notifies IGP of the LDP convergence completion, label advertisement is not completed.
In these scenarios, you must use the igp sync delay command to configure the notification delay. When LDP convergence on a link is completed, LDP waits a delay time before notifying IGP of the LDP convergence completion to reduce traffic interruption.
Examples
# Set a 30-second delay for LDP to notify IGP of the LDP convergence.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] igp sync delay 30
Related commands
igp sync delay on-restart
mpls ldp igp sync disable
mpls ldp sync (IS-IS view)
mpls ldp sync (OSPF view/OSPF area view)
igp sync delay on-restart
Use igp sync delay on-restart to set the maximum delay for LDP to notify IGP of the LDP-IGP synchronization status after an LDP restart or an active/standby switchover occurs.
Use undo igp sync delay on-restart to restore the default.
Syntax
igp sync delay on-restart time
undo igp sync delay on-restart
Default
The maximum notification delay is 90 seconds.
Views
LDP view
Predefined user roles
network-admin
Parameters
time: Specifies the maximum notification delay in the range of 60 to 600 seconds.
Usage guidelines
When an LDP restart or an active/standby switchover occurs, LDP takes time to converge. LDP notifies IGP of the LDP-IGP synchronization status as follows:
· If a notification delay is not configured, LDP immediately notifies IGP of the current synchronization states during convergence, and then updates the states after LDP convergence. This could impact IGP processing.
· If a notification delay is configured, LDP notifies IGP of the synchronization states in bulk when one of the following events occurs:
¡ LDP recovers to the state before the restart or switchover.
¡ The maximum delay timer expires.
Examples
# Set a 300-second maximum delay for LDP to notify IGP of the LDP-IGP synchronization status after an LDP restart or active/standby switchover occurs.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] igp sync delay on-restart 300
Related commands
igp sync delay
mpls ldp igp sync disable
mpls ldp sync (IS-IS view)
mpls ldp sync (OSPF view/OSPF area view)
import bgp
Use import bgp to enable LDP to redistribute BGP IPv4 unicast routes.
Use undo import bgp to disable LDP from redistributing BGP IPv4 unicast routes.
Syntax
import bgp [ as-number ]
undo import bgp
Default
LDP does not redistribute BGP IPv4 unicast routes.
Views
LDP view
LDP-VPN instance view
Predefined user roles
network-admin
Parameters
as-number: Redistributes BGP IPv4 unicast routes in the specified AS. An AS number is in the range of 1 to 4294967295. If you do not specify an AS number, this command enables LDP to redistribute all BGP IPv4 unicast routes.
Usage guidelines
CAUTION: Use this command only if necessary. Execution of this command will increase the number of routes redistributed to LDP. A large number of redistributed routes will use a large amount of labels and memory. |
By default, LDP automatically redistributes IPv4 IGP routes, including the BGP IPv4 unicast routes that have been redistributed into IGP. Then, LDP assigns labels to the IGP routes and labeled BGP routes if these routes are permitted by an LSP generation policy. LDP does not automatically redistribute BGP IPv4 unicast routes if the routes are not redistributed into the IGP.
For example, on a carrier's carrier network where IGP is not configured between a PE of a Level 1 carrier and a CE of a Level 2 carrier, LDP cannot redistribute BGP IPv4 unicast routes to assign labels to them. For this network to operate correctly, you can enable LDP to redistribute BGP IPv4 unicast routes. If the routes are permitted by an LSP generation policy, LDP assigns labels to them to establish LSPs. For more information about carrier's carrier, see MPLS Configuration Guide.
If you execute this command multiple times, the most recent configuration takes effect.
Examples
# Enable LDP to redistribute BGP IPv4 unicast routes in AS 100 on the public network.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] import bgp 100
Related commands
lsp-trigger
lsp-trigger
Use lsp-trigger to configure an LSP generation policy for IPv4 FECs.
Use undo lsp-trigger to restore the default.
Syntax
lsp-trigger { all | prefix-list prefix-list-name }
undo lsp-trigger
Default
LDP only uses redistributed IPv4 host routes with a 32-bit mask to generate LSPs.
Views
LDP view
LDP-VPN instance view
Predefined user roles
network-admin
Parameters
all: Enables LDP to use all redistributed routes to generate LSPs.
prefix-list prefix-name: Specifies an IPv4 prefix list by its name, a case-sensitive string of 1 to 63 characters. LDP uses only the redistributed routes permitted by the IPv4 prefix list to generate LSPs.
Usage guidelines
LDP assigns labels to the routes that have been redistributed into LDP to generate LSPs. An LSP generation policy specifies the routes that LDP uses to generate LSPs.
The default LSP generation policy depends on the label distribution control mode.
· In Ordered mode, LDP can only use the following routes to generate LSPs:
¡ Loopback interface address routes with a 32-bit mask.
¡ The routes with a 32-bit mask that match the FECs of label mappings received from downstream LSRs.
· In Independent mode, LDP can use all routes with a 32-bit mask to generate LSPs.
After you configure an LSP generation policy, LDP uses all redistributed routes or those permitted by the IPv4 prefix list to generate LSPs, regardless of the label distribution control mode.
As a best practice, use the default LSP generation policy.
Examples
# Configure an LSP generation policy that enables LDP to use only redistributed routes 10.10.1.0/24 and 10.20.1.0/24 to establish LSPs for the public network.
<Sysname> system-view
[Sysname] ip prefix-list egress-fec-list index 1 permit 10.10.1.0 24
[Sysname] ip prefix-list egress-fec-list index 2 permit 10.20.1.0 24
[Sysname] mpls ldp
[Sysname-ldp] lsp-trigger prefix-list egress-fec-list
Related commands
import bgp
ip prefix-list (Layer 3—IP Services Command Reference)
mpls ldp enable
Use mpls ldp enable to enable IPv4 LDP on an interface.
Use undo mpls ldp enable to disable IPv4 LDP on an interface.
Syntax
mpls ldp enable
undo mpls ldp enable
Default
IPv4 LDP is disabled on an interface.
Views
Interface view
Predefined user roles
network-admin
Usage guidelines
An up interface enabled with IPv4 LDP and MPLS sends IPv4 Link Hellos for neighbor discovery.
On an LDP over MPLS TE network, an up MPLS TE tunnel interface enabled with LDP sends Targeted Hellos to the tunnel destination. The interface establishes a session to the tunnel peer to set up an LDP LSP over the MPLS TE tunnel.
Before you enable IPv4 LDP on an interface, use the mpls ldp command in system view to enable LDP globally. If the interface is bound to a VPN instance, you must also use the vpn-instance command to enable LDP for the VPN instance.
Disabling LDP on an interface terminates all LDP sessions on the interface, and removes all LSPs established through the sessions.
An interface can be enabled with both IPv4 LDP and IPv6 LDP.
Examples
# Enable IPv4 LDP on interface GigabitEthernet 2/0/1.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] quit
[Sysname] interface gigabitethernet 2/0/1
[Sysname-GigabitEthernet2/0/1] mpls ldp enable
Related commands
display mpls ldp interface
mpls enable
mpls ldp
mpls ldp ipv6 enable
mpls ldp igp sync disable
Use mpls ldp igp sync disable to disable LDP-IGP synchronization on an interface.
Use undo mpls ldp igp sync disable to enable LDP-IGP synchronization on an interface.
Syntax
mpls ldp igp sync disable
undo mpls ldp igp sync disable
Default
LDP-IGP synchronization is enabled on an interface.
Views
Interface view
Predefined user roles
network-admin
Usage guidelines
After you enable LDP-IGP synchronization for an OSPF area or an IS-IS process, LDP-IGP synchronization is enabled on the OSPF or IS-IS process interfaces by default. To disable LDP-IGP synchronization on an interface, execute the mpls ldp igp sync disable command on that interface.
Examples
# Disable LDP-IGP synchronization on GigabitEthernet 2/0/1.
<Sysname> System-view
[Sysname] interface gigabitethernet 2/0/1
[Sysname-GigabitEthernet2/0/1] mpls ldp igp sync disable
Related commands
mpls ldp sync (IS-IS view)
mpls ldp sync (OSPF view/OSPF area view)
mpls ldp sync (IS-IS view)
Use mpls ldp sync to enable LDP-ISIS synchronization.
Use undo mpls ldp sync to disable LDP-ISIS synchronization.
Syntax
mpls ldp sync [ level-1 | level-2 ]
undo mpls ldp sync [ level-1 | level-2 ]
Default
LDP-ISIS synchronization is disabled.
Views
IS-IS view
Predefined user roles
network-admin
Parameters
level-1: Specifies Level-1 of the IS-IS process.
level-2: Specifies Level-2 of the IS-IS process.
Usage guidelines
LDP establishes LSPs based on the IGP optimal route. If LDP is not synchronized with IGP, MPLS traffic forwarding might be interrupted. The LDP-IGP synchronization feature is used to solve the synchronization problem.
After LDP-IGP synchronization is enabled, IGP advertises the actual cost of a link only when LDP convergence on the link is completed. Before LDP is converged, IGP advertises the maximum cost of the link. As a result, the link is visible on the IGP topology, but IGP does not select the link as the optimal route when other links are available. In this way, the device can avoid discarding MPLS packets due to lack of LDP LSP on the optimal route.
LDP-IGP synchronization is not supported for an IS-IS process that belongs to a VPN instance.
If you do not specify any keywords, this command enables LDP-ISIS synchronization for both Level-1 and Level-2.
If you execute this command multiple times, the most recent configuration takes effect. For example, if you execute the mpls ldp sync level-1 command after you execute the mpls ldp sync command, LDP-ISIS synchronization is enabled for Level-1 but disabled for Level-2.
Examples
# Enable LDP-ISIS synchronization for Level-2 of IS-IS process 1.
<Sysname> system-view
[Sysname] isis 1
[Sysname-isis-1] mpls ldp sync level-2
Related commands
display mpls ldp igp sync
igp sync delay
igp sync delay on-restart
mpls ldp igp sync disable
mpls ldp sync (OSPF view/OSPF area view)
Use mpls ldp sync to enable LDP-OSPF synchronization.
Use undo mpls ldp sync to disable LDP-OSPF synchronization.
Syntax
mpls ldp sync
undo mpls ldp sync
Default
LDP-OSPF synchronization is disabled.
Views
OSPF view
OSPF area view
Predefined user roles
network-admin
Usage guidelines
LDP establishes LSPs based on the IGP optimal route. If LDP is not synchronized with IGP, MPLS traffic forwarding might be interrupted. The LDP-IGP synchronization feature is used to solve the synchronization problem.
After LDP-IGP synchronization is enabled, IGP advertises the actual cost of a link only when LDP convergence on the link is completed. Before LDP is converged, IGP advertises the maximum cost of the link. As a result, the link is visible on the IGP topology, but IGP does not select the link as the optimal route when other links are available. In this way, the device can avoid discarding MPLS packets due to lack of LDP LSP on the optimal route.
LDP-IGP synchronization is not supported for an OSPF process and its OSPF areas if the OSPF process belongs to a VPN instance.
To enable LDP-OSPF synchronization for an OSPF area, use this command in OSPF area view. To enable LDP-OSPF synchronization for all areas of an OSPF process, use this command in OSPF view.
Examples
# Enable LDP-OSPF synchronization for OSPF process 1.
<Sysname> system-view
[Sysname] ospf 1
[Sysname-ospf-1] mpls ldp sync
Related commands
display mpls ldp igp sync
igp sync delay
igp sync delay on-restart
mpls ldp igp sync disable
mpls ldp transport-address
Use mpls ldp transport-address to specify the LDP transport address.
Use undo mpls ldp transport-address to remove the configuration.
Syntax
In interface view:
mpls ldp transport-address { ipv4-address | interface }
undo mpls ldp transport-address { ipv4-address | interface }
In LDP peer view:
mpls ldp transport-address ipv4-address
undo mpls ldp transport-address
Default
In interface view, if the interface belongs to the public network, the LDP transport address is the local LSR ID. If the interface belongs to a VPN, the LDP transport address is the primary IP address of the interface.
In LDP peer view, the LDP transport address is the local LSR ID.
Views
Interface view
LDP peer view
Predefined user roles
network-admin
Parameters
ipv4-address: Specifies the LDP IPv4 transport address.
interface: Uses the IPv4 address of the current interface as the LDP IPv4 transport address.
Usage guidelines
Before two LSRs establish an IPv4 LDP session, they must establish a TCP connection by using the LDP IPv4 transport address.
As a best practice, use the default transport address.
If two LSRs have multiple links in between and you want to establish an IPv4 LDP session on each link, make sure all the links use the same IPv4 transport address.
Examples
# Specify the LDP transport address carried in Targeted Hellos sent to peer 3.3.3.3 as 2.2.2.2.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] targeted-peer 3.3.3.3
[Sysname-ldp-peer-3.3.3.3] mpls ldp transport-address 2.2.2.2
# On interface GigabitEthernet 2/0/1, specify the LDP transport address carried in Link Hellos as the IP address of the interface.
<Sysname> system-view
[Sysname] interface gigabitethernet 2/0/1
[Sysname-GigabitEthernet2/0/1] mpls ldp transport-address interface
Related commands
display mpls ldp discovery
targeted-peer
session protection
Use session protection to enable session protection.
Use undo session protection to disable session protection.
Syntax
session protection [ duration time ] [ peer peer-prefix-list-name ]
undo session protection
Default
Session protection is disabled.
Views
LDP view
Predefined user roles
network-admin
Parameters
duration time: Specifies the session protection duration time in the range of 30 to 2147483 seconds. If you do not specify the duration, session protection always takes effect.
peer peer-prefix-list-name: Specifies an IP prefix list by its name, a case-sensitive string of 1 to 63 characters. Sessions to the peers whose LSR IDs are permitted by the specified IP prefix list are protected. If you do not specify this option, all sessions established by the Basic Discovery mechanism are protected.
Usage guidelines
If two LDP peers have both a direct link and an indirect link in between, you can configure this feature to protect their LDP session when the direct link fails.
LDP establishes both a Link Hello adjacency over the direct link and a Targeted Hello adjacency over the indirect link with the peer. When the direct link fails, LDP deletes the Link Hello adjacency but still maintains the Targeted Hello adjacency. In this way, the LDP session between the two peers is kept available, and the FEC-label mappings based on this session are not deleted. When the direct link recovers, the LDP peers do not need to re-establish the LDP session or re-learn the FEC-label mappings.
When you enable the session protection feature, you can specify the session protection duration. If the Link Hello adjacency does not recover within the duration, LDP deletes the Targeted Hello adjacency and the LDP session. If you do not specify the session protection duration, the two peers always maintain the LDP session over the Targeted Hello adjacency.
Examples
# Enable protection for the session to the peer 3.3.3.3, and set the session protection duration to 120 seconds.
<Sysname> system-view
[Sysname] ip prefix-list protected-peer-list index 1 permit 3.3.3.3 32
[Sysname] mpls ldp
[Sysname-ldp] session protection duration 120 peer protected-peer-list
Related commands
display mpls ldp peer
targeted-peer
Use targeted-peer to create a targeted IPv4 LDP peer and enter its view, or enter the view of an existing targeted IPv4 LDP peer. The device can send unsolicited IPv4 Targeted Hellos to the peer and can respond to IPv4 Targeted Hellos received from the peer.
Use undo targeted-peer to cancel the configuration.
Syntax
targeted-peer ipv4-address
undo targeted-peer ipv4-address
Default
No targeted LDP peers exist. The device does not send IPv4 Targeted Hellos to any peers, or respond to IPv4 Targeted Hellos received from any peers.
Views
LDP view
Predefined user roles
network-admin
Parameters
ipv4-address: Specifies the peer IPv4 address.
Usage guidelines
If you do not specify the LDP transport address, LDP sends the local LSR ID to the peer specified by this command in IPv4 Targeted Hellos.
To ensure a successful IPv4 Targeted Hello adjacency, make sure the following requirements are met:
· The peer IPv4 address configured on the local LSR is the same as the IPv4 transport address configured in LDP peer view on the peer.
· A route exists between the local IPv4 transport address and the peer IPv4 address.
LDP automatically sends Targeted Hellos to the specified peer after one of the following features is configured:
· LDP session protection.
· LDP over MPLS TE.
· MPLS L2VPN LDP PW.
· VPLS LDP PW.
To modify the Targeted Hello/Keepalive hold time and interval, you must use this command to create the LDP peer, and then perform the modification in the LDP peer view.
Examples
# Configure the device to send IPv4 Targeted Hellos to the peer 3.3.3.3, and enter LDP peer view.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] targeted-peer 3.3.3.3
[Sysname-ldp-peer-3.3.3.3]
Related commands
display mpls ldp discovery
display mpls ldp peer
IPv6 LDP commands
ipv6 accept-label
Use ipv6 accept-label to configure a label acceptance policy.
Use undo ipv6 accept-label to delete a label acceptance policy.
Syntax
ipv6 accept-label peer peer-lsr-id prefix-list prefix-list-name
undo ipv6 accept-label peer peer-lsr-id
Default
No label acceptance policy is configured. LDP accepts all IPv6 FEC-label mappings from all peers.
Views
LDP view
LDP-VPN instance view
Predefined user roles
network-admin
Parameters
peer peer-lsr-id: Specifies an LDP peer by its LSR ID.
prefix-list prefix-list-name: Specifies an IPv6 prefix list by its name, a case-sensitive string of 1 to 63 characters.
Usage guidelines
This feature enables you to control the number of FEC-label mappings received from peers. LDP accepts only the FEC-label mappings whose IPv6 prefixes are permitted by the specified IPv6 prefix list from the specified peer.
To accept the previously denied label mappings from a peer, use the undo ipv6 accept-label command or change the IPv6 prefix list for the peer. Then, execute the reset mpls ldp command to reset the LDP session to that peer to apply the new settings.
Using a label advertisement policy on an LSR or using a label acceptance policy on its upstream LSR can achieve the same purpose. As a best practice, use the label advertisement policy to reduce network load.
Examples
# Configure a label acceptance policy to accept only the FEC-label mappings containing IPv6 prefix 2001:D00::/32 and a prefix length greater than or equal to 32 bits from the LDP peer 1.1.1.9.
<Sysname> system-view
[Sysname] ipv6 prefix-list prefix-from-RTA permit 2001:D00:: 32 less-equal 128
[Sysname] mpls ldp
[Sysname-ldp] ipv6 accept-label peer 1.1.1.9 prefix-list prefix-from-RTA
Related commands
display mpls ldp peer verbose
ipv6 prefix-list (Layer 3—IP Routing Command Reference)
ipv6 advertise-label
Use ipv6 advertise-label to configure a label advertisement policy.
Use undo ipv6 advertise-label to delete a label advertisement policy.
Syntax
ipv6 advertise-label prefix-list prefix-list-name [ peer peer-prefix-list-name ]
undo ipv6 advertise-label prefix-list prefix-list-name
Default
No label advertisement policy is configured. The device advertises IPv6 FEC-label mappings permitted by the LSP generation policy to all peers.
Views
LDP view
LDP-VPN instance view
Predefined user roles
network-admin
Parameters
prefix-list prefix-list-name: Specifies an IPv6 prefix list by its name, a case-sensitive string of 1 to 63 characters. This prefix list filters advertised label mappings.
peer peer-prefix-list-name: Specifies an IPv6 prefix list by its name, a case-sensitive string of 1 to 63 characters. This prefix list filters LDP peers. If you do not specify this option, the device advertises label mappings to all peers.
Usage guidelines
Use a label advertisement policy to filter label mappings advertised to peers.
Configure multiple label advertisement policies by executing this command multiple times.
If a label mapping is permitted by an advertisement policy, LDP advertises the mapping by following these rules:
· If the policy has no peer IPv6 prefix list (peer peer-prefix-list-name not specified), LDP advertises the label mapping to all peers.
· If the policy has a peer IPv6 prefix list, LDP advertises the label mapping to the peers permitted by the peer IPv6 prefix list.
If a label mapping is permitted by multiple advertisement policies, LDP advertises the label mapping according to the first configured policy.
Using a label advertisement policy on an LSR or using a label acceptance policy on its upstream LSR can achieve the same purpose. As a best practice, use the label advertisement policy to reduce network load.
Examples
# Configure two label advertisement policies. One policy advertises only the label mapping for subnet 2001::1/64 to the peer 3.3.3.9. The other policy advertises only the label mapping for subnet 3001::1/64 to the peer 4.4.4.9.
<Sysname> system-view
[Sysname] ipv6 prefix-list prefix-to-C permit 2001::1 64
[Sysname] ipv6 prefix-list prefix-to-D permit 3001::1 64
[Sysname] ip prefix-list peer-C permit 3.3.3.9 32
[Sysname] ip prefix-list peer-D permit 4.4.4.9 32
[Sysname] mpls ldp
[Sysname-ldp] ipv6 advertise-label prefix-list prefix-to-C peer peer-C
[Sysname-ldp] ipv6 advertise-label prefix-list prefix-to-D peer peer-D
Related commands
display mpls ldp fec
ipv6 prefix-list (Layer 3—IP Routing Command Reference)
ipv6 lsp-trigger
ipv6 lsp-trigger
Use ipv6 lsp-trigger to configure an LSP generation policy for IPv6 FECs.
Use undo ipv6 lsp-trigger to restore the default.
Syntax
ipv6 lsp-trigger { all | prefix-list prefix-list-name }
undo ipv6 lsp-trigger
Default
LDP only uses redistributed IPv6 host routes with a 128-bit mask to generate LSPs.
Views
LDP view
LDP-VPN instance view
Predefined user roles
network-admin
Parameters
all: Enables LDP to use all redistributed routes to generate LSPs.
prefix-list prefix-name: Specifies an IPv6 prefix list by its name, a case-sensitive string of 1 to 63 characters. LDP uses only the redistributed routes permitted by the IPv6 prefix list to generate LSPs.
Usage guidelines
LDP assigns labels to the routes that have been redistributed into LDP to generate LSPs. An LSP generation policy specifies the routes that LDP uses to generate LSPs.
The default LSP generation policy depends on the label distribution control mode.
· In Ordered mode, LDP can only use the following routes to generate LSPs:
¡ Loopback interface address routes with a 128-bit mask.
¡ The routes with a 128-bit mask that match the FECs of label mappings received from downstream LSRs.
· In Independent mode, LDP can use all routes with a 128-bit mask to generate LSPs.
After you configure an LSP generation policy, LDP uses all redistributed routes or those permitted by the IPv6 prefix list to generate LSPs, regardless of the label distribution control mode.
As a best practice, use the default LSP generation policy.
Examples
# Configure an LSP generation policy that enables LDP to use only redistributed routes 2001::1/64 to establish LSPs for the public network.
<Sysname> system-view
[Sysname] ipv6 prefix-list egress-fec-list permit 2001::1 64
[Sysname] mpls ldp
[Sysname-ldp] ipv6 lsp-trigger prefix-list egress-fec-list
Related commands
ipv6 import bgp
ipv6 prefix-list (Layer 3—IP Services Command Reference)
ipv6 import bgp
Use ipv6 import bgp to enable LDP to redistribute BGP IPv6 unicast routes.
Use undo ipv6 import bgp to disable LDP from redistributing BGP IPv6 unicast routes.
Syntax
ipv6 import bgp [ as-number ]
undo ipv6 import bgp
Default
LDP does not redistribute BGP IPv6 unicast routes.
Views
LDP view
LDP-VPN instance view
Predefined user roles
network-admin
Parameters
as-number: Redistributes BGP IPv6 unicast routes in the specified AS. An AS number is in the range of 1 to 4294967295. If you do not specify an AS number, this command enables LDP to redistribute all BGP IPv6 unicast routes.
Usage guidelines
CAUTION: Use this command only if necessary. Execution of this command will increase the number of routes redistributed to LDP. A large number of redistributed routes use a large amount of labels and memory. |
By default, LDP automatically redistributes IPv6 IGP routes, including the BGP IPv6 unicast routes that have been redistributed into IGP. Then, LDP assigns labels to the IGP routes and labeled BGP routes if these routes are permitted by an LSP generation policy. LDP does not automatically redistribute BGP IPv6 unicast routes if the routes are not redistributed into the IGP.
For example, on a carrier's carrier network where IGP is not configured between a PE of a Level 1 carrier and a CE of a Level 2 carrier, LDP cannot redistribute BGP IPv6 unicast routes to assign labels to them. For this network to operate correctly, enable LDP to redistribute BGP IPv6 unicast routes. If the routes are permitted by an LSP generation policy, LDP assigns labels to them to establish LSPs. For more information about carrier's carrier, see MPLS Configuration Guide.
If you execute this command multiple times, the most recent configuration takes effect.
Examples
# Enable LDP to redistribute BGP IPv6 unicast routes in AS 100 on the public network.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] ipv6 import bgp 100
Related commands
ipv6 lsp-trigger
mpls ldp ipv6 enable
Use mpls ldp ipv6 enable to enable IPv6 LDP on an interface.
Use undo mpls ldp ipv6 enable to disable IPv6 LDP on an interface.
Syntax
mpls ldp ipv6 enable
undo mpls ldp ipv6 enable
Default
IPv6 LDP is disabled on an interface.
Views
Interface view
Predefined user roles
network-admin
Usage guidelines
An up interface enabled with IPv6 LDP and MPLS sends IPv6 Link Hellos for neighbor discovery.
Before you enable IPv6 LDP on an interface, use the mpls ldp command in system view to enable LDP globally. If the interface is bound to a VPN instance, you must also use the vpn-instance command to enable LDP for the VPN instance.
An interface can be enabled with both IPv4 LDP and IPv6 LDP.
If an interface is enabled with only IPv6 LDP, LDP can send IPv6 Hellos only after you specify the LDP transport address by using the mpls ldp transport-address command.
Examples
# Enable IPv6 LDP on interface GigabitEthernet 2/0/1.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] quit
[Sysname] interface gigabitethernet 2/0/1
[Sysname-GigabitEthernet2/0/1] mpls ldp ipv6 enable
Related commands
display mpls ldp interface
mpls enable
mpls ldp
mpls ldp enable
mpls ldp transport-address
Use mpls ldp transport-address to specify the IPv6 LDP transport address.
Use undo mpls ldp transport-address to remove the configuration.
Syntax
In interface view:
mpls ldp transport-address ipv6-address
undo mpls ldp transport-address ipv6-address
In LDP peer view:
mpls ldp transport-address ipv6-address
undo mpls ldp transport-address
Default
No LDP IPv6 transport address is configured.
Views
Interface view
LDP peer view
Predefined user roles
network-admin
Parameters
ipv6-address: Specifies the LDP IPv6 transport address.
Usage guidelines
Before two LSRs establish an IPv6 LDP session, they must establish a TCP connection by using the IPv6 LDP transport address.
The local LSR sends the IPv6 transport address carried in IPv6 Link Hellos or IPv6 Targeted Hellos to the peer.
Examples
# Specify the LDP transport address as 2002::1 for the TCP connection established with peer 2001::1.
<Sysname> System-view
[Sysname] mpls ldp
[Sysname-ldp] targeted-peer 2001::1
[Sysname-ldp-peer-2001::1] mpls ldp transport-address 2002::1
Related commands
display mpls ldp discovery
targeted-peer
targeted-peer
Use targeted-peer to create a targeted IPv6 LDP peer and enter its view, or enter the view of an existing targeted IPv6 LDP peer. The device can send unsolicited IPv6 Targeted Hellos to the peer and can respond to IPv6 Targeted Hellos received from the peer.
Use undo targeted-peer to cancel the configuration.
Syntax
targeted-peer ipv6-address
undo targeted-peer ipv6-address
Default
No targeted LDP peers exist. The device does not send IPv6 Targeted Hellos to any peers, or respond to IPv6 Targeted Hellos received from any peers.
Views
LDP view
Predefined user roles
network-admin
Parameters
ipv6-address: Specifies the peer IPv6 address.
Usage guidelines
After a targeted IPv6 LDP peer is created, LDP does not send IPv6 Targeted Hellos to the peer until you specify the LDP IPv6 transport address in LDP peer view.
To ensure a successful IPv6 Targeted Hello adjacency, make sure the following requirements are met:
· The peer IPv6 address configured on the local LSR is the same as the IPv6 transport address configured in LDP peer view on the peer.
· A route exists between the local IPv6 transport address and the peer IPv6 address.
Examples
# Configure the device to send IPv6 Targeted Hellos to the peer 2001::1, and enter LDP peer view.
<Sysname> system-view
[Sysname] mpls ldp
[Sysname-ldp] targeted-peer 2001::1
[Sysname-ldp-peer-2001::1]
Related commands
display mpls ldp discovery
display mpls ldp peer
MPLS TE commands
The following matrix shows the feature and hardware compatibility:
Hardware |
MPLS TE compatibility |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
MSR2600-6-X1/2600-10-X1 |
Yes |
MSR 2630 |
Yes |
MSR3600-28/3600-51 |
Yes |
MSR3600-28-SI/3600-51-SI |
No |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
MSR5620/5660/5680 |
Yes |
Hardware |
MPLS TE compatibility |
MSR810-LM-GL |
No |
MSR810-W-LM-GL |
No |
MSR830-6EI-GL |
No |
MSR830-10EI-GL |
No |
MSR830-6HI-GL |
No |
MSR830-10HI-GL |
No |
MSR2600-6-X1-GL |
Yes |
MSR3600-28-SI-GL |
No |
auto-bandwidth enable
Use auto-bandwidth enable to enable automatic bandwidth adjustment globally, and set the output rate sampling interval.
Use undo auto-bandwidth enable to disable automatic bandwidth adjustment.
Syntax
auto-bandwidth enable [ sample-interval interval ]
undo auto-bandwidth enable
Default
The global automatic bandwidth adjustment is disabled.
Views
MPLS TE view
Predefined user roles
network-admin
Parameters
sample-interval interval: Specifies an output rate sampling interval for tunnels enabled with automatic bandwidth adjustment, in the range of 1 to 604800 seconds. The default sampling interval is 300 seconds. As a best practice, use the default sampling interval.
Usage guidelines
The automatic bandwidth adjustment feature measures the average output rate of a tunnel, and periodically tunes the bandwidth assigned to the tunnel based on the measurement results.
The output rate sampling feature calculates the average output rate of a tunnel based on the traffic passed through the tunnel interface during a sampling interval.
To use the automatic bandwidth adjustment feature for an MPLS TE tunnel, you must perform the following tasks:
1. Execute the auto-bandwidth enable command to enable this feature globally.
2. Execute the mpls te auto-bandwidth adjustment command in the tunnel interface view.
Examples
# Enable global automatic bandwidth adjustment, and set the output rate sampling interval to 600 seconds on MPLS TE tunnel interfaces.
<Sysname> system-view
[Sysname] mpls te
[Sysname-te] auto-bandwidth enable sample-interval 600
Related commands
mpls te auto-bandwidth
reset mpls te auto-bandwidth-adjustment timers
auto-tunnel backup
Use auto-tunnel backup to enable the automatic bypass tunnel setup feature (also called auto FRR) globally, and enter MPLS TE auto FRR view.
Use undo auto-tunnel backup to disable the auto FRR feature globally.
Syntax
auto-tunnel backup
undo auto-tunnel backup
Default
The auto FRR feature is disabled globally.
Views
MPLS TE view
Predefined user roles
network-admin
Usage guidelines
This feature enables the device to automatically set up two bypass tunnels for each primary CRLSP: one for link protection and the other for node protection. For the tunnels to be set up, you must also use the tunnel-number command to specify a tunnel interface number range.
Execution of the undo auto-tunnel backup command deletes all existing bypass tunnels automatically created for MPLS TE auto FRR.
If the PLR is the penultimate node of a primary CRLSP, the PLR does not create a node-protection bypass tunnel for the primary CRLSP.
Examples
# Enable the automatic bypass tunnel setup feature globally, and enter MPLS TE auto FRR view.
<Sysname> system-view
[Sysname] mpls te
[Sysname-te] auto-tunnel backup
[Sysname-te-auto-bk]
Related commands
mpls te auto-backup disable
nhop-only
timers removal unused
tunnel-number
destination
Use destination to configure the destination address for a tunnel bundle interface.
Use undo destination to restore the default.
Syntax
destination ip-address
undo destination
Default
No destination address is specified for a tunnel bundle interface.
Views
Tunnel bundle interface view
Predefined user roles
network-admin
Parameters
ip-address: Specifies the destination IPv4 address.
Usage guidelines
When the remote PE have the same address as the tunnel bundle destination, the tunnel bundle can be used as the public tunnel for MPLS L3VPN, MPLS L2VPN, and VPLS.
As a best practice, configure the same destination address for a tunnel bundle interface and its member interfaces. If a tunnel bundle interface and its member interfaces have different destination addresses, traffic cannot be forwarded unless the member interfaces can reach the tunnel bundle interface's destination address.
Examples
# Configure the destination address for tunnel bundle interface Tunnel-Bundle 2 as 2.2.2.2.
<Sysname> system-view
[Sysname] interface tunnel-bundle 2
[Sysname-tunnel-bundle2] destination 2.2.2.2
Related commands
display tunnel-bundle
disable
Use disable to disable the current explicit path.
Use undo disable to restore the default.
Syntax
disable
undo disable
Default
The explicit path is enabled.
Views
Explicit path view
Predefined user roles
network-admin
Usage guidelines
You can use the disable command to prevent an explicit path from being used by a tunnel during explicit path configuration.
Examples
# Disable the explicit path named path1.
<Sysname> system-view
[Sysname] explicit-path path1
[Sysname-explicit-path-path1] disable
display explicit-path
Use display explicit-path to display explicit path information.
Syntax
display explicit-path [ path-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
path-name: Displays information about the explicit path specified by its name, a case-sensitive string of 1 to 31 characters. If you do not specify this argument, the command displays information about all explicit paths.
Examples
# Display information about all explicit paths.
<Sysname> display explicit-path
Path Name: path1 Hop Count: 3 Path Status: Enabled
Index IP Address Hop Type Hop Attribute
1 1.1.1.1 Strict Include
101 2.2.2.2 Loose Include
201 3.3.3.3 - Exclude
Table 23 Command output
Field |
Description |
Path Name |
Name of the explicit path. |
Hop Count |
Number of nodes specified in the explicit path. |
Path Status |
Explicit path status: · Enabled—The explicit path is available. · Disabled—The explicit path is not available. |
Index |
Index of a node on the explicit path. |
IP Address |
IP address of a node on the explicit path. |
Hop Type |
Node type: · Strict—The node must be connected directly to its previous hop. · Loose—The node can be connected indirectly to its previous hop. |
Hop Attribute |
Node attribute: · Include—The node must be included in the explicit path. · Exclude—The node must not be included in the explicit path. |
display isis mpls te advertisement
Use display isis mpls te advertisement to display link and node information in an IS-IS TEDB.
Syntax
display isis mpls te advertisement [ [ level-1 | level-2 ] | [ originate-system system-id | local ] | verbose ] * [ process-id ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
level-1: Displays link and node information for Level-1 routers.
level-2: Displays link and node information for Level-2 routers.
originate-system system-id: Displays link and node information advertised by the system specified by its system ID, in the format of XXXX.XXXX.XXXX.
local: Displays link and node information advertised by the local device.
verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information.
process-id: Specifies an IS-IS process by its ID in the range of 1 to 65535. If you do not specify an IS-IS process, this command displays link and node information for all IS-IS processes.
Usage guidelines
If you do not specify the level-1 or level-2 keyword, this command displays link and node information for both Level-1 and Level-2 routers.
If you do not specify the originate-system system-id option or the local keyword, this command displays link and node information advertised by all systems.
Examples
# Display brief link and node information in the IS-IS TEDB for Level-1 routers.
<Sysname> display isis mpls te advertisement level-1
TE information for IS-IS(1)
---------------------------
Level-1 TE node and link information
-------------------------------
Node total count : 2
Node index : 0
System ID : 0000.0000.0004
MPLS LSR ID : 4.4.4.4
Node flags : -/-/R/-
Link total count : 1
Link information :
Neighbour Frag ID Link Type Local Address Remote Address
0000.0000.0004.04 0x00 Broadcast 1.1.1.3
Node index : 1
System ID : 0000.0000.0001
MPLS LSR ID : 1.1.1.1
Node flags : -/-/R/-
Link total count : 1
Link information :
Neighbour Frag ID Link Type Local Address Remote Address
0000.0000.0004.04 0x00 Broadcast 1.1.1.1 --
# Display detailed link and node information in the IS-IS TEDB for Level-1 routers.
<Sysname> display isis mpls te advertisement level-1 local verbose
TE information for IS-IS(1)
---------------------------
Level-1 TE node and link information
-------------------------------
Node total count : 2
Node index : 0
System ID : 0000.0000.0004
MPLS LSR ID : 4.4.4.4
Node flags : -/-/R/-
Link total count : 1
Link information :
Link index : 0
Neighbor : 0000.0000.0004.04 Frag ID : 0x00
Link type : Broadcast Admin group : 0x00000000
IGP metric : 10 TE metric : 10
Link flags : -/-/-
Physical bandwidth: 12500000 bytes/sec
Reservable bandwidth: 0 bytes/sec
Unreserved bandwidth for each TE class:
TE class 0: 0 bytes/sec TE class 1: 0 bytes/sec
TE class 2: 0 bytes/sec TE class 3: 0 bytes/sec
TE class 4: 0 bytes/sec TE class 5: 0 bytes/sec
TE class 6: 0 bytes/sec TE class 7: 0 bytes/sec
TE class 8: 0 bytes/sec TE class 9: 0 bytes/sec
TE class 10: 0 bytes/sec TE class 11: 0 bytes/sec
TE class 12: 0 bytes/sec TE class 13: 0 bytes/sec
TE class 14: 0 bytes/sec TE class 15: 0 bytes/sec
Bandwidth constraint model: Prestandard DS-TE RDM
Bandwidth constraints:
BC[00]: 0 bytes/sec BC[01]: 0 bytes/sec
Local address: 1.1.1.3
Node index : 1
System ID : 0000.0000.0001
MPLS LSR ID : 1.1.1.1
Node flags : -/-/-/-
Link total count : 1
Link information :
Link index : 0
Neighbor : 0000.0000.0004.04 Frag ID : 0x00
Link type : Broadcast Admin group : 0x00000000
IGP metric: 10 TE metric : 10
Link flags: -/-/-
Physical bandwidth: 12500000 bytes/sec
Reservable bandwidth: 0 bytes/sec
Unreserved bandwidth for each TE class:
TE class 0: 0 bytes/sec TE class 1: 0 bytes/sec
TE class 2: 0 bytes/sec TE class 3: 0 bytes/sec
TE class 4: 0 bytes/sec TE class 5: 0 bytes/sec
TE class 6: 0 bytes/sec TE class 7: 0 bytes/sec
TE class 8: 0 bytes/sec TE class 9: 0 bytes/sec
TE class 10: 0 bytes/sec TE class 11: 0 bytes/sec
TE class 12: 0 bytes/sec TE class 13: 0 bytes/sec
TE class 14: 0 bytes/sec TE class 15: 0 bytes/sec
Bandwidth constraint model: Prestandard DS-TE RDM
Bandwidth constraints:
BC[00]: 0 bytes/sec BC[01]: 0 bytes/sec
Local address: 1.1.1.1
Table 24 Command output
Field |
Description |
|
TE information for IS-IS(1) |
TE information for IS-IS process 1. |
|
Node total count |
Total number of nodes that advertised TE information. |
|
Node flags |
Node information flags: · A—Already synchronized node information with CSPF. · S—Ready to synchronize node information with CSPF again after the previous synchronization failed. · R—The node is reachable. · O—The node is overloaded. |
|
Link total count |
Total number of links advertised by the node. |
|
Link information |
Link information advertised by the node. |
|
Neighbor |
System ID of the neighbor. |
|
Frag ID |
LSP fragment number. |
|
Link type |
Link type: Broadcast or P2P. |
|
Admin group |
Administrator group attribute of the link. |
|
Link flags |
Link information flags: · A—Already synchronized link information with CSPF. · U—Ready to update link information with CSPF again after the previous update failed. · D—Ready to delete link information from CSPF again after the previous deletion failed. |
|
Bandwidth constraint model |
Bandwidth constraint model: · Prestandard DS-TE RDM. · IETF DS-TE RDM. · IETF DS-TE MAM. |
|
Local address |
Local IP address of the link. |
|
Remote address |
Remote IP address of the link. |
|
display isis mpls te configured-sub-tlvs
Use display isis mpls te configured-sub-tlvs to display sub-TLV information for IS-IS TE.
Syntax
display isis mpls te configured-sub-tlvs [ process-id ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
process-id: Specifies an IS-IS process by its ID in the range of 1 to 65535. If you do not specify an IS-IS process, this command displays sub-TLV information for all IS-IS processes.
Examples
# Display sub-TLV information for IS-IS TE.
<Sysname> display isis mpls te configured-sub-tlvs
TE sub-TLV information for IS-IS(1)
-----------------------------------
Type value of the unreserved sub-pool bandwidth sub-TLV : 251
Type value of the bandwidth constraint sub-TLV : 252
Table 25 Command output
Field |
Description |
TE Sub-TLV Information for IS-IS(1) |
DS-TE sub-TLV information for IS-IS process 1. |
display isis mpls te network
Use display isis mpls te network to display network information in an IS-IS TEDB.
Syntax
display isis mpls te network [ [ level-1 | level-2 ] | local | lsp-id lsp-id ] * [ process-id ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
level-1: Displays network information for Level-1 routers.
level-2: Displays network information for Level-2 routers.
local: Displays network information advertised by the local device.
lsp-id lsp-id: Displays network information for an LSP. The lsp-id argument is the LSP ID in the format of SYSID.Pseudonode ID-fragment num. SYSID represents the system ID of the node or pseudonode that generates the LSP. Pseudonode ID represents ID of the pseudonode. fragment num represents the fragment number of the LSP.
process-id: Specifies an IS-IS process by its ID in the range of 1 to 65535. If you do not specify an IS-IS process, this command displays network information for all IS-IS processes.
Usage guidelines
If you do not specify the level-1 or level-2 keyword, this command displays network information for both Level-1 and Level-2 routers.
If you do not specify the local keyword or the lsp-id lsp-id option, this command displays all TE network information.
Examples
# Display network information in IS-IS TEDBs.
<Sysname> display isis mpls te network
TE information for IS-IS(1)
--------------------------
Level-1 network information
---------------------------
LAN ID : 0000.0000.0004.04
Frag ID : 0x00
Flags : -/-/-
Attached routers : 0000.0000.0001
0000.0000.0004
Level-2 Network Information
---------------------------
LAN ID : 0000.0000.0004.04
Frag ID : 0x00
Flags : -/-/-
Attached routers : 0000.0000.0001
0000.0000.0004
Table 26 Command output
Field |
Description |
TE information for IS-IS(1) |
TE information for IS-IS process 1. |
LAN ID |
Broadcast network ID, in the format of System-ID.Pseudonode-ID. |
Frag ID |
LSP fragment number. |
Flags |
State flag for network information: · A—Already synchronizes network information with CSPF. · U—Ready to update network information with CSPF again after the previous update failed. · D—Ready to delete network information from CSPF again after the previous deletion failed. |
display isis mpls te tunnel
Use display isis mpls te tunnel to display MPLS TE tunnel interface information for IS-IS.
Syntax
display isis mpls te tunnel [ level-1 | level-2 ] [ process-id ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
level-1: Displays tunnel interface information for Level-1 routers.
level-2: Displays tunnel interface information for Level-2 routers.
process-id: Specifies an IS-IS process by its ID in the range of 1 to 65535. If you do not specify an IS-IS process, this command displays tunnel information for all IS-IS processes.
Usage guidelines
If you do not specify the level-1 or level-2 keyword, this command displays IS-IS tunnel interface information for both IS-IS Level-1 and IS-IS Level-2 routers.
Examples
# Display MPLS TE tunnel interface information for IS-IS.
<Sysname> display isis mpls te tunnel
MPLS-TE tunnel information for IS-IS(1)
---------------------------------------
Level-1 Tunnel Statistics
-------------------------
Tunnel Name Auto Route Destination Metric
-----------------------------------------------------------------------
Tun0 Advertise 2.2.2.2 Relative 0
Level-2 Tunnel Statistics
-------------------------
Tunnel Name Auto Route Destination Metric
-----------------------------------------------------------------------
Tun0 Advertise 2.2.2.2 Relative 0
Table 27 Command output
Field |
Description |
MPLS-TE tunnel information for IS-IS(1) |
MPLS TE tunnel interface information for IS-IS process 1. |
Auto Route |
Automatic route advertisement method on the tunnel interface: · Advertise—Forwarding adjacency. · Shortcut—IGP shortcut. |
Destination |
Tunnel destination address. |
Metric |
Metric type and value configured on the tunnel interface: · Relative. · Absolute. |
display mpls te ds-te
Use display mpls te ds-te to display DS-TE information, including the DS-TE mode, bandwidth constraint (BC) model, and TE classes.
Syntax
display mpls te ds-te
Views
Any view
Predefined user roles
network-admin
network-operator
Examples
# Display DS-TE information.
<Sysname> display mpls te ds-te
MPLS LSR ID : 0.0.0.0
MPLS DS-TE mode : Prestandard
MPLS DS-TE BC model : RDM
TE Class Class Type Priority
0 0 0
1 0 1
2 0 2
3 0 3
4 0 4
5 0 5
6 0 6
7 0 7
8 1 0
9 1 1
10 1 2
11 1 3
12 1 4
13 1 5
14 1 6
15 1 7
Table 28 Command output
Field |
Description |
MPLS LSR ID |
MPLS LSR ID of the device. |
MPLS DS-TE mode |
DS-TE mode: Prestandard or IETF. |
MPLS DS-TE BC model |
DS-TE BC model: · RDM—Russian Dolls Model. · MAM—Maximum Allocation Model. |
TE Class |
Serial number of a TE class. |
display mpls te link-management bandwidth-allocation
Use display mpls te link-management bandwidth-allocation to display bandwidth information on MPLS TE-enabled interfaces.
Syntax
display mpls te link-management bandwidth-allocation [ interface interface-type interface-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
interface interface-type interface-number: Displays bandwidth information on the interface specified by its type and number. If you do not specify this option, the command displays bandwidth information on all MPLS TE-enabled interfaces.
Examples
# Display bandwidth information on all MPLS TE-enabled interfaces.
<Sysname> display mpls te link-management bandwidth-allocation
Interface: GigabitEthernet2/0/1
Max Link Bandwidth : 3200000 kbps
Max Reservable Bandwidth of Prestandard RDM : 2000000 kbps
Max Reservable Bandwidth of IETF RDM : 200000 kbps
Max Reservable Bandwidth of IETF MAM : 300000 kbps
Allocated Bandwidth-Item Count :1
Allocated Bandwidth :1000 kbps
Physical Link Status : Up
BC Prestandard RDM(kbps) IETF RDM(kbps) IETF MAM(kbps)
0 2000000 200000 2000
1 1000000 150000 2000
2 0 100000 2000
3 0 50000 2000
TE Class Class Type Priority BW Reserved(kbps) BW Available(kbps)
0 0 0 0 2000000
1 0 1 0 2000000
2 0 2 0 2000000
3 0 3 0 2000000
4 0 4 0 2000000
5 0 5 0 2000000
6 0 6 0 2000000
7 0 7 1000 1999000
8 1 0 0 1000000
9 1 1 0 1000000
10 1 2 0 1000000
11 1 3 0 1000000
12 1 4 0 1000000
13 1 5 0 1000000
14 1 6 0 1000000
15 1 7 0 1000000
Field |
Description |
Interface |
Interface enabled with MPLS TE. |
Max Link Bandwidth |
Maximum link bandwidth for MPLS TE traffic. |
Allocated Bandwidth-Item Count |
Number of CRLSPs that have successfully obtained bandwidth. |
mpls te max-link-bandwidth
mpls te max-reservable-bandwidth
mpls te max-reservable-bandwidth mam
mpls te max-reservable-bandwidth rdm
display mpls te pce discovery
Use display mpls te pce discovery to display information about discovered PCEs.
Syntax
display mpls te pce discovery [ ip-address ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
ip-address: Specifies a PCE by its IP address. If you do not specify this argument, the command displays information about all discovered PCEs.
verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information.
Examples
# Display brief information about PCE 100.100.100.150.
<Sysname> display mpls te pce discovery 100.100.100.150
Total number of PCEs: 1
Peer address Discovery methods
100.100.100.150 Static, OSPF
# Display brief information about all discovered PCEs.
<Sysname> display mpls te pce discovery
Total number of PCEs: 3
Peer address Discovery methods
100.100.100.10 OSPF
100.100.100.150 Static, OSPF
100.100.100.160 Static
Table 30 Command output
Field |
Description |
Peer address |
IP address of the PCE. |
Discovery methods |
PCE discovery methods: · Static—The PCE is specified by command. · OSPF—The PCE is discovered automatically by OSPF. |
# Display detailed information about PCE 2.2.2.9.
<Sysname> display mpls te pce discovery 2.2.2.9 verbose
PCE address: 2.2.2.9
Discovery methods: OSPF
Path scopes:
Path scope Preference
Compute intra-area paths 7
Act as PCE for inter-area TE LSP computation 6
Act as a default PCE for inter-area TE LSP computation 6
Capabilities:
Bidirectional path computation
Support for request prioritization
Support for multiple requests per message
Domains:
OSPF 1 area 0.0.0.0
OSPF 1 area 0.0.0.1
# Display detailed information about all discovered PCEs.
<Sysname> display mpls te pce discovery verbose
PCE address: 2.2.2.9
Discovery methods: OSPF
Path scopes:
Path scope Preference
Compute intra-area paths 7
Act as PCE for inter-area TE LSP computation 6
Act as a default PCE for inter-area TE LSP computation 6
Capabilities:
Bidirectional path computation
Support for request prioritization
Support for multiple requests per message
Domains:
OSPF 1 area 0.0.0.0
OSPF 1 area 0.0.0.1
PCE address: 4.4.4.9
Discovery methods: OSPF
Path scopes:
Path scope Preference
Compute intra-area paths 7
Act as PCE for inter-area TE LSP computation 6
Capabilities:
Bidirectional path computation
Support for request prioritization
Support for multiple requests per message
Domains:
OSPF 1 area 0.0.0.2
Neighbor domains:
OSPF 1 area 0.0.0.0
Table 31 Command output
Field |
Description |
Discovery methods |
PCE discovery methods: · Static—The PCE is specified by command. · OSPF—The PCE is discovered automatically by OSPF. |
Path scopes |
Scope of PCE path computation: · Compute intra-area paths. · Act as PCE for inter-area TE LSP computation. · Act as a default PCE for inter-area TE LSP computation. · Act as PCE for inter-AS TE LSP. · Act as a default PCE for inter-AS TE LSP. · Act as PCE for inter-layer TE LSP. |
Preference |
Preference of the PCE path scope, in the range of 0 to 7. A higher value represents a higher priority. |
Capabilities |
PCE capability: · Path computation with GMPLS link constraints. · Bidirectional path computation. · Diverse path computation. · Load-balanced path computation. · Synchronized path computation. · Support for multiple objective functions. · Support for additive path constraints. · Support for request prioritization. · Support for multiple requests per message. |
display mpls te pce peer
Use display mpls te pce peer to display information about peers that are establishing or have established PCEP sessions to the local device.
Syntax
display mpls te pce peer [ ip-address ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
ip-address: Specifies a peer by its IP address. If you do not specify this argument, the command displays information about all peers.
verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information.
Examples
# Display brief information about all peers.
<Sysname> display mpls te pce peer
Total number of peers: 1
Peer address Peer type State Mastership Role
100.100.100.100 PCE UP Normal Active
Table 32 Command output
Field |
Description |
Peer type |
Peer type, PCC or PCE. |
State |
PCEP session state: · Idle—Initial state. · TCPPending—Waiting for the TCP connection to be set up. · OpenWait—Waiting for an Open message from the peer. · KeepWait—Waiting for a Keepalive message from the peer. · UP—The PCEP session is established. |
Mastership |
Peer role: · Normal—Normal PCC or PCE. · Primary—Primary PCE to which the CRLSP is delegated. This role is not supported in the current software version. · Backup—Backup PCE to which the CRLSP is delegated. This role is not supported in the current software version. |
Role |
Role of the local device in the PCEP session: · Active—Initiator of the PCEP session. · Passive—Responder of the PCEP session. |
# Display detailed information about all peers.
<Sysname> display mpls te pce peer verbose
Peer address: 100.100.100.20
TCP Connection : 100.100.100.20:5696 -> 100.100.100.10:4189
Peer type : PCC
Session type : Active stateful
Session state : UP
Mastership : Normal
Role : active
Session up time : 0000 days 01 hours 03 minutes
Session ID : Local 1, Peer 1
Keepalive interval : Local 0 sec, Peer 0 sec
Recommended DeadTimer : Local 0 sec, Peer 0 sec
Tolerance:
Min keepalive interval: 10 sec
Max unknown messages : 10
Request timeout : 50 sec
Table 33 Command output
Field |
Description |
Peer type |
Peer type, PCC or PCE. |
Session type |
PCEP session type: · Stateless. · Passive stateful. This type is not supported in the current software version. · Active stateful. This type is not supported in the current software version. |
Session state |
PCEP session state: · Idle—Initial state. · TCPPending—Waiting for the TCP connection to be set up. · OpenWait—Waiting for an Open message from the peer. · KeepWait—Waiting for a Keepalive message from the peer. · UP—The PCEP session is established. |
Mastership |
Peer role: · Normal—Normal PCC or PCE. · Primary—Primary PCE to which the CRLSP is delegated. This role is not supported in the current software version. · Backup—Backup PCE to which the CRLSP is delegated. This role is not supported in the current software version. |
Role |
Role of the local device in the PCEP session: · Active—Initiator of the PCEP session. · Passive—Responder of the PCEP session. |
Min keepalive interval |
Minimum acceptable keepalive interval in seconds. |
Max unknown messages |
Maximum number of unknown messages allowed in one minute. |
Request timeout |
Request timeout time in seconds. |
display mpls te pce statistics
Use display mpls te pce statistics to display PCC and PCE statistics.
Syntax
display mpls te pce statistics [ ip-address ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
ip-address: Specifies a PCC or PCE by its IP address. If you do not specify this argument, the command displays statistics about all PCEs and PCCs.
Examples
# Display statistics about all PCCs and PCEs.
<Sysname> display mpls te pce statistics
PCE address: 2.2.2.9
Keepalive messages sent/received : 70/75
Open messages sent/received : 1/1
PCReq messages sent/received : 0/0
PCRep messages sent/received : 0/0
PCErr messages sent/received : 0/0
PCNtf messages sent/received : 0/0
Session setup failures : 0
Unknown messages received : 0
Unknown requests received : 0
Unknown responses received : 0
Requests sent : 0
Response is pending : 0
Response with ERO received : 0
Response with NO-PATH received : 0
Canceled by peer sending a PCNtf : 0
Canceled by peer sending a PCErr : 0
Canceled by local speaker sending a PCNtf: 0
Implicitly canceled (session down) : 0
Timeout : 0
Requests received : 0
Response is pending : 0
Response with ERO sent : 0
Response with NO-PATH sent : 0
Canceled by local speaker sending a PCNtf: 0
Canceled by local speaker sending a PCErr: 0
Canceled by peer sending a PCNtf : 0
Implicitly canceled (session down) : 0
Table 34 Command output
Field |
Description |
Unknown requests received |
Number of unknown requests (the request ID carried in the RP object is 0) received. |
Unknown responses received |
Number of unknown responses (the request ID in the response does not match the one in the request) received. |
Requests sent |
Total number of sent requests. |
Response is pending |
Number of requests that are waiting for responses. |
Response with ERO received |
Number of requests that have received responses with ERO. |
Response with NO-PATH received |
Number of requests that have received responses with NO-PATH. |
Cancelled by peer sending a PCNtf |
Number of requests canceled byPCNtf messages sent by the peer. |
Canceled by peer sending a PCErr |
Number of requests canceled byPCErr messages sent by the peer. |
Canceled by local speaker sending a PCNtf |
Number of requests canceled by PCNtf messages sent by the local device. |
Implicitly canceled(session down) |
Number of requests that became invalid because the PCEP session was down. |
Timeout |
Number of requests that became invalid because of request timeout. |
Requests received |
Total number of received requests. |
Response is pending |
Number of requests whose responses are not sent yet. |
Response with ERO sent |
Number of responses sent with ERO. |
Response with NO-PATH sent |
Number of responses sent with NO-PATH. |
Canceled by local speaker sending a PCNtf |
Number of PCNtf messages for request cancellation sent by the local device. |
Canceled by local speaker sending a PCErr |
Number of PCErr messages for request cancellation sent by the local device. |
Canceled by peer sending a PCNtf |
Number of PCNtf messages for request cancellation sent by the peer. |
Implicitly canceled(session down) |
Number of requests that became invalid because the PCEP session was down. |
display mpls te tedb
Use display mpls te tedb to display MPLS TE database (TEDB) information.
Syntax
display mpls te tedb { { isis { level-1 | level-2 } | ospf area area-id } | link ip-address | network | node [ local | mpls-lsr-id ] | summary }
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
isis: Displays TEDB information for IS-IS.
level-1: Displays TEDB information for Level-1 routers.
level-2: Displays TEDB information for Level-2 routers.
ospf area area-id: Displays TEDB information for an OSPF area. The value range for the OSPF area ID is 0 to 4294967295.
link ip-address: Displays TEDB information for a link. The ip-address argument represents the IP address of the local interface on the link.
network: Displays TEDB information for all broadcast and NBMA networks.
node: Displays TEDB information for the local or specified node. If you do not specify the local keyword or the mpls-lsr-id argument, this command displays TEDB information for all nodes.
local: Displays TEDB information for the local node.
mpls-lsr-id: Displays TEDB information for the node specified by its MPLS LSR ID.
summary: Displays summary TEDB information.
Examples
# Display TEDB information for all broadcast and NBMA networks.
<Sysname> display mpls te tedb network
DR MPLS LSR-ID DR-address IGP Process-ID Area/Level Neighbors
8.1.1.2 3.0.0.2 OSPF 100 0 1.1.1.1
2.1.1.1
8.1.1.2
2.1.1.1 3.0.0.3 OSPF 100 0 2.1.1.1
3.1.1.1
2.1.1.2
3.1.1.2 3.0.0.4 OSPF 100 0 3.1.1.1
4.1.1.1
3.1.1.2
4.1.1.2 3.0.0.5 OSPF 100 0 4.1.1.1
5.1.1.1
4.1.1.2
5.1.1.2 3.0.0.6 OSPF 100 0 5.1.1.1
6.1.1.1
5.1.1.2
6.1.1.2 3.0.0.9 OSPF 100 0 6.1.1.1
7.1.1.1
6.1.1.2
7.1.1.1 12.0.0.7 OSPF 100 0 3.1.1.1
7.1.1.1
7.1.1.2
Table 35 Command output
Field |
Description |
DR MPLS LSR-ID |
MPLS LSR ID of a designated router (DR), in dotted decimal notation. |
DR-address |
Interface address of the DR. |
IGP |
Internal gateway protocol: OSPF or IS-IS. |
Process-ID |
IGP process ID. |
Area/Level |
OSPF area or IS-IS level of the router. |
Neighbors |
Router IDs of the routers that have formed full adjacencies with the DR, and router ID of the DR itself. |
# Display summary TEDB information.
<Sysname> display mpls te tedb summary
MPLS LSR-ID IGP Process-ID Area/Level Links-Count
1.1.1.1 OSPF 100 1001 20
1002 30
1003 40
1004 50
1007 70
1010 80
2.1.1.1 ISIS 100 Level-1 20
Level-1 30
3.1.1.1 OSPF 100 0 4
Table 36 Command output
Field |
Description |
MPLS LSR-ID |
MPLS LSR ID of a router, in dotted decimal notation. |
IGP |
Internal gateway protocol: OSPF or IS-IS. |
Process-ID |
IGP process ID. |
Area/Level |
OSPF area or IS-IS level of the router. |
Links-Count |
Number of links in an OSPF area or IS-IS level. |
# Display TEDB information for an OSPF area.
<Sysname> display mpls te tedb ospf area 1
Node information for OSPF area 1:
MPLS LSR-ID IGP Process-ID Area Links-Count
2.2.2.2 OSPF 100 1 1
3.3.3.3 OSPF 100 1 1
Network information for OSPF area 1:
DR MPLS LSR-ID DR-address IGP Process-ID Area Neighbors
3.3.3.3 20.1.1.2 OSPF 100 1 2.2.2.2
3.3.3.3
Table 37 Command output
Field |
Description |
MPLS LSR-ID |
MPLS LSR ID of a router, in dotted decimal notation. |
IGP |
Internal gateway protocol: OSPF or IS-IS. |
Process-ID |
IGP process ID. |
Area |
OSPF area of the router. |
Links-Count |
Number of links in the OSPF area or IS-IS level. |
DR MPLS LSR-ID |
MPLS LSR ID of a DR. |
DR-address |
Interface address of the DR. |
Neighbors |
Router IDs of the routers that have formed full adjacencies with the DR, and router ID of the DR itself. |
# Display TEDB information for the local node in prestandard mode.
<Sysname> display mpls te tedb node local
MPLS LSR-ID: 1.1.1.1
IGP Type: OSPF Process ID: 100 Area: 1
Link[1]:
Local IP Address: 2.0.1.33
Neighbor IP Address: 2.0.1.2
Neighbor MPLS LSR-ID: 1.1.1.2
Link Type: P2P Link Status: Inactive
IGP Metric: 100 TE Metric: 100 Link Attribute: 0xff
Maximum Link Bandwidth: 100 kbps
Maximum Reservable Bandwidth: 20 kbps
Bandwidth Constraint Model: Prestandard DS-TE RDM
Bandwidth Constraints:
BC[0]: 100 kbps
BC[1]: 20 kbps
Unreserved Bandwidth for each TE class:
TE class 0: 10 kbps
TE class 1: 10 kbps
TE class 2: 10 kbps
TE class 3: 10 kbps
TE class 4: 10 kbps
TE class 5: 10 kbps
TE class 6: 10 kbps
TE class 7: 10 kbps
TE class 8: 10 kbps
TE class 9: 10 kbps
TE class 10: 10 kbps
TE class 11: 10 kbps
TE class 12: 10 kbps
TE class 13: 10 kbps
TE class 14: 10 kbps
TE class 15: 10 kbps
MPLS LSR-ID: 1.1.1.1
IGP Type: ISIS Process ID: 100 Level: Level-1
Link[1]:
Local IP Address: 2.0.1.33
Neighbor IP Address: 2.0.1.2
Neighbor MPLS LSR-ID: 1.1.1.2
Link Type: P2P Link Status: Active
IGP Metric: 10 TE Metric: 10 Link Attribute: 0x11
Maximum Bandwidth: 100 (kbps)
Maximum Reservable Bandwidth: 100 (kbps)
Bandwidth Constraint Model: Prestandard DS-TE RDM
Bandwidth Constraints:
BC[0]: 100 kbps
BC[1]: 20 kbps
Unreserved Bandwidth for each TE Class:
TE class 0: 10 kbps
TE class 1: 10 kbps
TE class 2: 10 kbps
TE class 3: 10 kbps
TE class 4: 10 kbps
TE class 5: 10 kbps
TE class 6: 10 kbps
TE class 7: 10 kbps
TE class 8: 10 kbps
TE class 9: 10 kbps
TE class 10: 10 kbps
TE class 11: 10 kbps
TE class 12: 10 kbps
TE class 13: 10 kbps
TE class 14: 10 kbps
TE class 15: 10 kbps
Table 38 Command output
Field |
Description |
MPLS LSR-ID |
MPLS LSR ID of a router, in dotted decimal notation. |
IGP Type |
Internal gateway protocol: OSPF or IS-IS. |
Process ID |
IGP process ID. |
Area |
OSPF area of the router. |
Level |
IS-IS level of the router: Level-1 or Level-2. |
Link[n] |
Information about a link. n is the number of the link. |
Local IP Address |
Local interface address. |
Neighbor IP Address |
Remote interface address for a P2P or P2MP link. For an NBMA or a broadcast link, this field displays a hyphen (-). |
Link Type |
Link type: · P2P. · P2MP. · NBMA. · Broadcast. |
Link Status |
Link status: Active or Inactive. |
Bandwidth Constraint Model |
Bandwidth constraint model: · Prestandard DS-TE RDM. · IETF DS-TE RDM. · IETF DS-TE MAM. |
# Display TEDB information for the link connected to interface 20.1.1.1 in IETF DS-TE RDM model.
<Sysname> display mpls te tedb link 20.1.1.1
MPLS LSR-ID: 2.2.2.2
IGP Type: ISIS Process ID: 100 Level: Level-1
Local IP Address: 20.1.1.1
Neighbor MPLS LSR-ID: 20.1.1.2
Link Type: Broadcast Link Status: Active
IGP Metric: 10 TE Metric: 0 Link Attribute: 0x0
Maximum Bandwidth: 0 kbps
Maximum Reservable Bandwidth: 0 kbps
Bandwidth Constraint Model: IETF DS-TE RDM
Bandwidth Constraints:
BC[0] : 0 kbps
BC[1] : 0 kbps
BC[2] : 0 kbps
BC[3] : 0 kbps
Unreserved Bandwidth for each TE class:
TE class 0: 0 kbps
TE class 1: 0 kbps
TE class 2: 0 kbps
TE class 3: 0 kbps
TE class 4: 0 kbps
TE class 5: 0 kbps
TE class 6: 0 kbps
TE class 7: 0 kbps
Table 39 Command output
Field |
Description |
MPLS LSR-ID |
MPLS LSR ID of a router, in dotted decimal notation. |
IGP Type |
Internal gateway protocol: OSPF or IS-IS. |
Process ID |
IGP process ID. |
Area |
OSPF area of the router. |
Level |
IS-IS level of the router: Level-1 or Level-2. |
Local IP Address |
Local interface address. |
Neighbor IP Address |
Remote interface address for a P2P or P2MP link. For an NBMA or a broadcast link, this field is not displayed. |
Link Type |
Link type: · P2P. · P2MP. · NBMA. · Broadcast. |
Link Status |
Link status: Active or Inactive. |
Bandwidth Constraint Mode |
Bandwidth constraint model: · Prestandard DS-TE RDM. · IETF DS-TE RDM. · IETF DS-TE MAM. |
display mpls te tunnel-interface
Use display mpls te tunnel-interface to display information about MPLS TE tunnel interfaces.
Syntax
display mpls te tunnel-interface [ tunnel number ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
tunnel number: Displays information about the tunnel interface specified by its number. If you do not specify this option, the command displays information about all MPLS TE tunnel interfaces.
The following matrix shows the value ranges for the number argument:
Hardware |
Argument compatibility |
Value range |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
N/A |
MSR2600-6-X1/2600-10-X1 |
Yes |
0 to 10239 |
MSR 2630 |
Yes |
0 to 10239 |
MSR3600-28/3600-51 |
Yes |
0 to 10239 |
MSR3600-28-SI/3600-51-SI |
No |
N/A |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
0 to 10239 |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
0 to 10239 |
MSR5620/5660/5680 |
Yes |
0 to 10239 |
Hardware |
Argument compatibility |
Value range |
MSR810-LM-GL |
No |
N/A |
MSR810-W-LM-GL |
No |
N/A |
MSR830-6EI-GL |
No |
N/A |
MSR830-10EI-GL |
No |
N/A |
MSR830-6HI-GL |
No |
N/A |
MSR830-10HI-GL |
No |
N/A |
MSR2600-6-X1-GL |
Yes |
0 to 10239 |
MSR3600-28-SI-GL |
No |
N/A |
Examples
# Display information about all MPLS TE tunnel interfaces.
<Sysname> display mpls te tunnel-interface
Tunnel Name : Tunnel 0
Tunnel State : Up (Main CRLSP up)
Tunnel Attributes :
LSP ID : 1 Tunnel ID : 0
Admin State : Normal
Ingress LSR ID : 1.1.1.1 Egress LSR ID : 3.3.3.3
Signaling : Static Static CRLSP Name : static-cr-lsp-1
Static SRLSP Name : -/-
Resv Style : -
Tunnel mode : -
Reverse-LSP name : -
Reverse-LSP LSR ID : - Reverse-LSP Tunnel ID: -
Class Type : - Tunnel Bandwidth : -
Reserved Bandwidth : -
Setup Priority : 0 Holding Priority : 0
Affinity Attr/Mask : -/-
Explicit Path : -
Backup Explicit Path : -
Metric Type : TE
Record Route : - Record Label : -
FRR Flag : - Bandwidth Protection : -
Backup Bandwidth Flag: - Backup Bandwidth Type: -
Backup Bandwidth : -
Bypass Tunnel : - Auto Created : -
Route Pinning : -
Retry Limit : 10 Retry Interval : 2 sec
Reoptimization : - Reoptimization Freq : -
Backup Type : - Backup LSP ID : -
Auto Bandwidth : - Auto Bandwidth Freq : -
Min Bandwidth : - Max Bandwidth : -
Collected Bandwidth : - Service-Class : -
Table 40 Command output
Field |
Description |
Tunnel Name |
Name of the tunnel interface. |
Tunnel State |
Running state of the tunnel: Down or Up. Description information includes: · Main CRLSP down. · Main CRLSP up. · Main CRLSP being set up. · Shared-resource CRLSP down. · Shared-resource CRLSP up. · Shared-resource CRLSP being set up. · Shared-resource CRLSP being activated. · Shared-resource CRLSP switching to Main CRLSP. · Backup CRLSP down. · Backup CRLSP up. · Backup CRLSP being set up. · Reverse CRLSP down. · Reverse CRLSP up. · Reverse CRLSP being set up. |
Admin State |
Administrative state of the tunnel interface: · Normal—The interface is not shut down by the shutdown command. · Shutdown—The tunnel interface is shut down by the shutdown command. |
Signaling |
Signaling protocol used to set up the tunnel: RSVP-TE or Static. |
Static CRLSP Name |
Static CRLSP used by the tunnel. |
Static SRLSP Name |
Static SRLSP used by the tunnel. |
Resv Style |
Resource reservation style for the CRLSPs. This field displays FF or SE for an MPLS TE tunnel that uses dynamic CRLSPs, and displays a hyphen (-) for an MPLS TE tunnel that uses static CRLSPs. |
Tunnel Mode |
Tunnel mode of the bidirectional tunnel: · Co-routed, active—The device is the active end of the co-routed bidirectional tunnel. · Co-routed, passive—The device is the passive end of the co-routed bidirectional tunnel. · Associated—The tunnel is an associated bidirectional tunnel. |
Reverse-LSP Name |
Name of the associated reverse LSP. |
Reverse-LSP LSR ID |
LSR ID of the reverse LSP. This field has a value for the LSR of an associated reverse LSP and the passive end of the co-routed bidirectional tunnel. For other LSPs, this field displays a hyphen (-). |
Reverse-LSP Tunnel ID |
Tunnel ID of the reverse LSP. This field has a value for an associated reverse LSP and the passive end of the co-routed bidirectional tunnel. For other LSPs, this field displays a hyphen (-). |
Class Type |
CT of the tunnel: CT 0, CT 1, CT 2, or CT 3. |
Tunnel Bandwidth |
Bandwidth required by the tunnel, in kbps. |
Reserved Bandwidth |
Bandwidth reserved for the tunnel, in kbps. |
Setup Priority |
Tunnel setup priority. |
Holding Priority |
Tunnel holding priority. |
Affinity Attr/Mask |
Tunnel affinity attribute and mask. |
Explicit Path Name |
Name of the explicit path used by the tunnel. If the path used by the tunnel is not an explicit path, this field displays a hyphen (-). |
Backup Explicit Path |
Name of the explicit path used by the backup tunnel. If the path used by the backup tunnel is not an explicit path, this field displays a hyphen (-). |
Metric Type |
Link metric type used for tunnel path selection, TE or IGP. |
Bandwidth Protection |
Whether FRR needs bandwidth protection, Enabled or Disabled. |
Backup Bandwidth Flag |
Whether the bandwidth and the type of CRLSPs that the bypass tunnel can protect have been configured (by using the mpls te backup bandwidth command): · Enabled—Configured. · Disabled—Not configured. |
Backup Bandwidth Type |
Class type of the traffic on the primary tunnel that the bypass tunnel can protect. |
Backup Bandwidth |
Bandwidth that the bypass tunnel can protect, in kbps. |
Bypass Tunnel |
Whether it is a bypass tunnel: Yes or No. |
Auto Created |
Whether the bypass tunnel is automatically created: Yes or No. |
Retry Limit |
Maximum number of tunnel setup retries. |
Retry Interval |
Tunnel setup retry interval, in seconds. |
Reoptimization Freq |
Tunnel reoptimization frequency, in seconds. |
Backup Type |
CRLSP backup mode: · None—CRLSP backup is disabled. · Hot Standby. · Ordinary. |
Backup LSP ID |
LSP ID of the backup tunnel. |
Auto Bandwidth |
State of the automatic bandwidth adjustment feature. |
Auto Bandwidth Freq |
Automatic bandwidth adjustment interval, in seconds. |
Min Bandwidth |
Minimum bandwidth (in kbps) that can be applied to the tunnel by automatic bandwidth adjustment. |
Max Bandwidth |
Maximum bandwidth (in kbps) that can be applied to the tunnel by automatic bandwidth adjustment. |
Collected Bandwidth |
Current output rate, in kbps. |
display ospf mpls te advertisement
Use display ospf mpls te advertisement to display link and node information in an OSPF TEDB.
Syntax
display ospf [ process-id ] [ area area-id ] mpls te advertisement [ originate-router advertising-router-id | self-originate ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
process-id: Specifies an OSPF process ID in the range of 1 to 65535. If you do not specify this argument, the command displays information about all OSPF processes.
area area-id: Specifies an area by its ID, an IP address or a decimal integer. The integer is in the range of 0 to 4294967295. If you specify an integer, the system will translate the integer into the IP address format. If you do not specify this option, the command displays information about all areas.
originate-router advertising-router-id: Displays information originated from a router specified by its router ID.
self-originate: Displays information generated by the local router.
Examples
# Display link and node information for all processes in all areas.
<Sysname> display ospf mpls te advertisement
OSPF Process 1 with Router ID 2.2.2.2
Traffic Engineering Database
Area: 0.0.0.1
Adv Router ID : 1.1.1.1
MPLS LSR ID : 1.1.1.1
Flags : A/S/R
Router Address Count : 1
Router Address Index : 0
Instance ID : 0.0.0.0
MPLS LSR ID : 1.1.1.1
Link Count : 1
Link Index : 0
Link Type : Broadcast
Instance ID : 0.0.0.1
Link Flags : -/U/-
Link ID : 197.168.1.1
TE Metric : 1000
IGP Metric : 1000
Maximum Bandwidth : 12500000 bytes/sec
Maximum Reservable BW : 0 bytes/sec
Administrative Group : 0x0
Unreserved Bandwidth for each TE Class:
TE class 0 = 0 bytes/sec
TE class 1 = 0 bytes/sec
TE class 2 = 0 bytes/sec
TE class 3 = 0 bytes/sec
TE class 4 = 0 bytes/sec
TE class 5 = 0 bytes/sec
TE class 6 = 0 bytes/sec
TE class 7 = 0 bytes/sec
TE class 8 = 0 bytes/sec
TE class 9 = 0 bytes/sec
TE class 10 = 0 bytes/sec
TE class 11 = 0 bytes/sec
TE class 12 = 0 bytes/sec
TE class 13 = 0 bytes/sec
TE class 14 = 0 bytes/sec
TE class 15 = 0 bytes/sec
Bandwidth Constraint Model: Prestandard DS-TE RDM
Bandwidth Constraints:
BC [ 0] = 0 bytes/sec
BC [ 1] = 0 bytes/sec
Local Interface Address : 197.168.1.1
Remote Interface Address : 197.168.1.11
Table 41 Command output
Field |
Description |
Adv Router ID |
ID of the router that advertised TE information. |
MPLS LSR ID |
MPLS LSR ID of the router that advertised TE information. |
Flags |
TE information flags: · A—Already synchronized information with CSPF. · S—Ready to synchronize information with CSPF. · R—The router that advertised information is reachable. |
Router Address Count |
Number of Router TLV messages in TEDB. |
Router Address Index |
Index of the current Router TLV message. |
Instance ID |
LSA instance ID. |
Link Count |
Number of Link TLV messages in TEDB. |
Link Index |
Index of the current Link TLV message. |
Link Type |
Link types: · Point to Point. · Point to Multi Point. · Broadcast. · NBMA. |
Link Flags |
Link information flags: · A—Already synchronized information with CSPF. · U—Ready to update information with CSPF again after the previous update failed. · D—Ready to delete information from CSPF again after the previous deletion failed. |
Link ID |
Link state ID. |
IGP Metric |
OSPF protocol metric. |
Administrative Group |
Link attributes. |
Bandwidth Constraint Model |
Bandwidth constraint model: Prestandard DS-TE RDM, IETF DS-TE RDM, or IETF DS-TE MAM. |
Bandwidth Constraints |
This field takes effect only on DS-TEs. |
BC |
Bandwidth constraint value. The Prestandard mode supports two BCs, and the IETF mode supports four BCs. |
display ospf mpls te network
Use display ospf mpls te network to display network information in an OSPF TEDB.
Syntax
display ospf [ process-id ] [ area area-id ] mpls te network [ originate-router advertising-router-id | self-originate ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
process-id: Specifies an OSPF process ID in the range of 1 to 65535. If you do not specify this argument, the command displays information about all OSPF processes.
area area-id: Specifies an area by its ID, an IP address or a decimal integer, in the range of 0 to 4294967295. If you specify an integer, the system will translate the integer into the IP address format. If you do not specify this option, the command displays information about all areas.
originate-router advertising-router-id: Displays information originated from a router specified by its router ID.
self-originate: Displays information generated by the local router.
Examples
# Display network information for all processes in all areas.
<Sysname> display ospf mpls te network
OSPF Process 1 with Router ID 12.1.1.1
Traffic Engineering Network
Area: 0.0.0.0
Adv Router ID : 1.1.1.1
Designated Router : 197.168.1.1
Flags : -/U/-
Attached Router 2.2.2.2
Attached Router 1.1.1.1
Table 42 Command output
Field |
Description |
Adv Router ID |
ID of the router that advertised the TE network information. |
Designated Router |
IP address of the designated router. |
Flag |
Network information flags: · A—Already synchronized information with CSPF. · U—Ready to update information with CSPF again after the previous update failed. · D—Ready to delete information from CSPF again after the previous deletion failed. |
Attached Router |
ID of the attached router. |
display ospf mpls te pce
Use display ospf mpls te pce to display information about PCEs discovered by OSPF.
Syntax
display ospf [ process-id ] [ area area-id ] mpls te pce [ originate-router advertising-router-id | self-originate ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
process-id: Specifies an OSPF process ID in the range of 1 to 65535. If you do not specify this argument, the command displays information about all OSPF processes.
area area-id: Specifies an area by its ID, an IP address or a decimal integer. The integer is in the range of 0 to 4294967295. If you specify an integer, the system will translate the integer into the IP address format. If you do not specify this option, the command displays information about all areas.
originate-router advertising-router-id: Displays information originated from a router specified by its router ID.
self-originate: Displays information generated by the local router.
Examples
# Display PCE information for all processes in all areas.
<Sysname> display ospf mpls te pce
OSPF Process 1 with Router ID 2.1.1.1
Path Computation Element
Area: 0.0.0.1
Adv Router ID : 2.1.1.1
PCE Address : 5.6.7.8
Flags : A/-/R/E
PCE Path Scopes:
Path Scope Preference
L (PCE for intra-area) 7
R (PCE for inter-area) 6
PCE Capabilities:
Bidirectional path computation
Support for request prioritization
Support for multiple requests per message
PCE Domain List:
Area 0.0.0.1
Area 0.0.0.3
PCE Neighbor Domain List:
Area 0.0.0.2
Table 43 Command output
Field |
Description |
Adv Router ID |
ID of the router that advertised the information. |
Flags |
PCE information flag: · A—Already synchronized information with PCEP. · U—Ready to update information with PCEP again after the previous update failed. · D—Ready to delete information from PCEP again after the previous deletion failed. · R—The router that advertised information is reachable. · E—PCE information is valid. |
Path Scope |
PCE path scope: · L (PCE for intra-area). · R (PCE for inter-area). · Rd (Default PCE for inter-area). · S (PCE for inter-AS). · Sd (Default PCE for inter-AS). · Y (PCE for inter-layer). |
Preference |
Preference of the PCE path scope, in the range of 0 to 7. A higher value represents a higher priority. |
PCE Capabilities |
PCE capability: · Path computation with GMPLS link constraints. · Bidirectional path computation. · Diverse path computation. · Load-balanced path computation. · Synchronized path computation. · Support for multiple objective functions. · Support for additive path constraints. · Support for request prioritization. · Support for multiple requests per message. |
PCE Domain List |
List of local domains that support TE on the PCE. |
PCE Neighbor Domain List |
List of neighbor domains that support TE on the PCE. |
Area |
Area that supports TE. |
AS |
AS that supports TE. |
display ospf mpls te tunnel
Use display ospf mpls te tunnel to display MPLS TE tunnel interface information for OSPF.
Syntax
display ospf [ process-id ] [ area area-id ] mpls te tunnel
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
process-id: Specifies an OSPF process ID in the range of 1 to 65535. If you do not specify this argument, the command displays information about all OSPF processes.
area area-id: Specifies an area by its ID, an IP address or a decimal integer. The integer is in the range of 0 to 4294967295. If you specify an integer, the system will translate the integer into the IP address format. If you do not specify this option, the command displays information about all areas.
Examples
# Display MPLS TE tunnel interface information for all OSPF processes in all areas.
<Sysname> display ospf mpls te tunnel
OSPF Process 1 with Router ID 2.2.2.2
Traffic Engineering Tunnel
Area: 0.0.0.1
Interface: Tunnel1 (12.1.1.2)
State: Inactive
Neighbor ID: 0.0.0.0 Cost: 0
Destination: 125.1.1.1
Auto Route: IGP Shortcut
Metric: Relative 10
Table 44 Command output
Field |
Description |
Interface |
Name and IP address of a tunnel interface. |
State |
Tunnel interface states: · Inactive—The tunnel interface is not used to forward packets, because the tunnel route is not the optimal route. · Active—The tunnel interface is used to forward packets, because the tunnel route is the optimal route. |
Neighbor ID |
Router ID for the tunnel destination. |
Cost |
Route cost of the tunnel interface. |
Destination |
LSR ID for the tunnel destination. |
Auto Route |
Automatic route advertisement method: IGP Shortcut or IGP Advertise. IGP Advertise indicates that forwarding adjacency is enabled. |
Metric |
Absolute or relative metric of the MPLS TE tunnel. |
display tunnel-bundle
Use display tunnel-bundle to display information about tunnel bundle interfaces and their member interfaces.
Syntax
display tunnel-bundle [ number ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
number: Specifies a tunnel bundle interface and its member interfaces by the tunnel bundle interface number. If you do not specify this argument, the command displays information about all tunnel bundle interfaces and their member interfaces.
The following matrix shows the value ranges for the number argument:
Hardware |
Argument compatibility |
Value range |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
N/A |
MSR2600-6-X1/2600-10-X1 |
Yes |
0 to 1023 |
MSR 2630 |
Yes |
0 to 1023 |
MSR3600-28/3600-51 |
Yes |
0 to 1023 |
MSR3600-28-SI/3600-51-SI |
No |
N/A |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
0 to 2047 |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
0 to 2047 |
MSR5620/5660/5680 |
Yes |
0 to 4095 |
Hardware |
Argument compatibility |
Value range |
MSR810-LM-GL |
No |
N/A |
MSR810-W-LM-GL |
No |
N/A |
MSR830-6EI-GL |
No |
N/A |
MSR830-10EI-GL |
No |
N/A |
MSR830-6HI-GL |
No |
N/A |
MSR830-10HI-GL |
No |
N/A |
MSR2600-6-X1-GL |
Yes |
0 to 1023 |
MSR3600-28-SI-GL |
No |
N/A |
Examples
# Display information about all tunnel bundle interfaces and their member interfaces.
<Sysname> display tunnel-bundle
Total number of tunnel bundles: 1, 1 up, 0 down
Tunnel bundle name: Tunnel-Bundle 1
Bundle state : Up
Bundle attributes :
Working mode : Load Balancing
Tunnel type : CR-LSP
Tunnel destination : 2.2.2.2
Bundle members:
Member State Load-share
Tunnel2 Up 2
Tunnel3 Down 3
Tunnel6 Down 3
Table 45 Command output
Field |
Description |
Working mode |
Tunnel bundle interface operating modes: · Load Balancing. · 1+1—1+1 protection switching mode. · 1:1—1:1 protection switching mode. For more information about 1+1 and 1:1 protection switching modes, see MPLS Configuration Guide. |
Tunnel type |
This field supports only CRLSP. |
Tunnel destination |
Destination address for the tunnel bundle interface. |
Load-share |
Weight of the interface for load sharing. This field is displayed when the tunnel bundle interface operates in Load Balancing mode. |
Role |
Role of a member interface. This field is displayed when the tunnel bundle interface operates in 1+1 or 1:1 mode. · Working—The tunnel for the member interface is the working tunnel. · Protection—The tunnel for the member interface is the protection tunnel. |
ds-te bc-model
Use ds-te bc-model to specify the bandwidth constraint (BC) model used in IETF DS-TE.
Use undo ds-te bc-model to restore the default.
Syntax
ds-te bc-model mam
undo ds-te bc-model
Default
The BC model of IETF DS-TE is Russian Dolls Model (RDM).
Views
MPLS TE view
Predefined user roles
network-admin
Parameters
mam: Specifies the BC model as Maximum Allocation Model (MAM).
Usage guidelines
RDM does not define the bandwidth for one class type (CT) but limits the shared bandwidth for multiple CTs. In cooperation with priority preemption, the RDM model can also implement the isolation between CTs, ensuring each CT its share of bandwidth. RDM is suitable for networks where traffic is unstable and traffic bursts might occur.
MAM constrains the bandwidth for only one CT on an interface. This ensures isolation between CTs no matter whether preemption is used or not. Compared with RDM, MAM is easy to understand and configure. MAM is suitable for networks where traffic of each CT is stable.
This command applies only to IETF DS-TE. The prestandard DS-TE only uses RDM.
After you change the BC model in IETF DS-TE mode, all nonzero-bandwidth CRLSPs on the device are deleted and then re-established.
Examples
# Specify the BC model of IETF DS-TE as MAM.
<Sysname> system-view
[Sysname] mpls te
[Sysname-te] ds-te bc-model mam
Related commands
display mpls te ds-te
ds-te mode
ds-te te-class
Use ds-te te-class to configure a TE class used in IETF DS-TE mode.
Use undo ds-te te-class to restore the default.
Syntax
ds-te te-class te-class-index class-type class-type-number priority priority
undo ds-te te-class te-class-index
Default
Table 46 Default TE classes in IETF mode
TE class |
CT |
Priority |
0 |
0 |
7 |
1 |
1 |
7 |
2 |
2 |
7 |
3 |
3 |
7 |
4 |
0 |
0 |
5 |
1 |
0 |
6 |
2 |
0 |
7 |
3 |
0 |
Views
MPLS TE view
Predefined user roles
network-admin
Parameters
te-class-index: Specifies a TE class index in the range of 0 to 7.
class-type class-type-number: Specifies a CT by its number in the range of 0 to 3. The system supports four CTs, CT 0 through CT 3.
priority priority: Specifies a priority number in the range of 0 to 7.
Usage guidelines
The setup or/and holding priority of the LSP transporting a traffic trunk from a CT must be the priority specified for the CT in the TE class.
When you configure a TE class, make sure to specify a CT-priority pair different from that in any existing TE class.
When you restore the default settings for a TE class, make sure the default CT-priority pair is different from the CT-priority pair of an existing TE class.
After a TE class is modified, the device performs the following operations:
1. Notifies the IGP to re-advertise the bandwidth information for all TE interfaces.
2. Removes and then re-establishes the CRLSPs of the TE class on all TE interfaces.
Examples
# Specify CT 2 and priority 3 for TE class 7 in IETF DS-TE mode.
<Sysname> system-view
[Sysname] mpls te
[Sysname-mpls] ds-te te-class 7 class-type 2 priority 3
Related commands
display mpls te ds-te
ds-te mode
ds-te mode
Use ds-te mode to configure the DS-TE mode.
Use undo ds-te mode to restore the default.
Syntax
ds-te mode ietf
undo ds-te mode
Default
The DS-TE mode is prestandard.
Views
MPLS TE view
Predefined user roles
network-admin
Parameters
ietf: Specifies the DS-TE mode as IETF.
Usage guidelines
The prestandard and IETF modes of DS-TE have the following differences:
· The prestandard mode supports two CTs (CT 0 and CT 1), eight priorities, and a maximum of 16 TE classes. The IETF mode supports four CTs (CT 0 through CT 3), eight priorities, and a maximum of eight TE classes.
· The prestandard mode does not allow you to configure TE classes. The IETF mode allows for TE class configuration.
· The prestandard mode supports only RDM. The IETF mode supports both RDM and MAM.
· A device operating in prestandard mode cannot communicate with devices from some vendors. A device operating in IETF mode can communicate with devices from other vendors.
Be aware of these differences and choose a proper DS-TE mode as needed.
After the DS-TE mode is changed, all CRLSPs on the device are deleted and then re-established.
Examples
# Configure the DS-TE mode as IETF.
<Sysname> system-view
[Sysname] mpls te
[Sysname-te] ds-te mode ietf
Related commands
display mpls te ds-te
ds-te bc-model
explicit-path
Use explicit-path to create an explicit path and enter its view, or enter the view of an existing explicit path.
Use undo explicit-path to remove an explicit path.
Syntax
explicit-path path-name
undo explicit-path path-name
Default
No explicit paths exist.
Views
System view
Predefined user roles
network-admin
Parameters
path-name: Specifies a name for the explicit path, a case-sensitive string of 1 to 31 characters.
Usage guidelines
In explicit path view, you can use the nexthop command to explicitly specify a node or link that a tunnel must or must not traverse.
After a tunnel is associated with an explicit path, the record route flag is automatically set for the tunnel, regardless of the mpls te record-route command setting.
Examples
# Create an explicit path named path1 and enter its view.
<Sysname> system-view
[Sysname] explicit-path path1
[Sysname-explicit-path-path1]
Related commands
display explicit-path
mpls te backup-path
mpls te path
nexthop
fast-reroute timer
Use fast-reroute timer to set the interval for selecting an optimal bypass tunnel.
Use undo fast-reroute timer to restore the default.
Syntax
fast-reroute timer interval
undo fast-reroute timer
Default
The optimal bypass tunnel selection interval is 300 seconds.
Views
MPLS TE view
Predefined user roles
network-admin
Parameters
interval: Specifies the interval for selecting an optimal bypass tunnel, in the range of 0 to 604800 seconds. If you set the interval to 0 seconds, RSVP does not periodically select an optimal bypass tunnel.
Usage guidelines
If you have specified multiple bypass tunnels for a primary CRLSP, MPLS TE selects an optimal bypass tunnel to protect the primary CRLSP. Sometimes, a bypass tunnel might become better than the current optimal bypass tunnel because, for example, the reservable bandwidth changes. Therefore, MPLS TE must poll the bypass tunnels periodically to update the optimal bypass tunnel.
|
NOTE: After traffic is switched from the primary CRLSP to a bypass tunnel, MPLS TE no longer periodically selects optimal bypass tunnels for the primary CRLSP. |
Examples
# Set the optimal bypass tunnel selection interval to 120 seconds.
<Sysname> system-view
[Sysname] mpls te
[Sysname-te] fast-reroute timer 120
interface tunnel-bundle
Use interface tunnel-bundle to create a tunnel bundle interface in load sharing mode, and enter tunnel bundle interface view, or enter the view of an existing tunnel bundle interface.
Use undo interface tunnel-bundle to delete a tunnel bundle interface.
Syntax
interface tunnel-bundle number
undo interface tunnel-bundle number
Default
No tunnel bundle interfaces exist.
Views
System view
Predefined user roles
network-admin
Parameters
number: Specifies the tunnel bundle interface number.
The following matrix shows the value ranges for the number argument:
Hardware |
Argument compatibility |
Value range |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
N/A |
MSR2600-6-X1/2600-10-X1 |
Yes |
0 to 1023 |
MSR 2630 |
Yes |
0 to 1023 |
MSR3600-28/3600-51 |
Yes |
0 to 1023 |
MSR3600-28-SI/3600-51-SI |
No |
N/A |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
0 to 2047 |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
0 to 2047 |
MSR5620/5660/5680 |
Yes |
0 to 4095 |
Hardware |
Argument compatibility |
Value range |
MSR810-LM-GL |
No |
N/A |
MSR810-W-LM-GL |
No |
N/A |
MSR830-6EI-GL |
No |
N/A |
MSR830-10EI-GL |
No |
N/A |
MSR830-6HI-GL |
No |
N/A |
MSR830-10HI-GL |
No |
N/A |
MSR2600-6-X1-GL |
Yes |
0 to 1023 |
MSR3600-28-SI-GL |
No |
N/A |
Usage guidelines
You can specify multiple member interfaces (MPLS TE tunnel interfaces) for a tunnel bundle interface. The member interfaces form a tunnel bundle. When the outgoing interface is the tunnel bundle interface, traffic can be forwarded through multiple MPLS TE tunnels, and load sharing is implemented.
Examples
# Create tunnel bundle interface Tunnel-Bundle 2 in load sharing mode, and enter the interface's view.
<Sysname> system-view
[Sysname] interface tunnel-bundle 2
[Sysname-tunnel-bundle2]
Related commands
destination
display tunnel-bundle
member interface
link-management periodic-flooding timer
Use link-management periodic-flooding timer to set the interval at which IGP floods TE information.
Use undo link-management periodic-flooding timer to restore the default.
Syntax
link-management periodic-flooding timer interval
undo link-management periodic-flooding timer
Default
The IGP floods TE information every 180 seconds.
Views
MPLS TE view
Predefined user roles
network-admin
Parameters
interval: Specifies the interval at which IGP floods TE information, in the range of 0 to 3600 seconds.
Usage guidelines
When the reservable bandwidth of a link changes, IGP floods the link TE information to notify network devices of the change. You can use the mpls te bandwidth change thresholds command to configure IGP to flood only significant bandwidth changes of a link to prevent excessive IGP flooding. The bandwidth changes that cannot trigger immediate flooding are flooded at the interval configured by the link-management periodic-flooding timer command.
If you set the interval to 0, the periodical flooding feature is disabled. If you set the interval to a value less than 30 seconds (1 to 29 seconds), the device automatically sets the interval to 30 seconds.
After you execute this command, the configured interval takes effect immediately.
Examples
# Configure IGP to flood TE information every 100 seconds.
<Sysname> system-view
[Sysname] mpls te
[Sysname-te] link-management periodic-flooding timer 100
Related commands
mpls te bandwidth change thresholds
member interface
Use member interface to specify a member interface for a tunnel bundle interface.
Use undo member interface to delete a member interface from a tunnel bundle interface.
Syntax
member interface tunnel tunnel-number [ load-share value ]
undo member interface tunnel tunnel-number
Default
No member interface is specified for a tunnel bundle interface.
Views
Tunnel bundle interface view
Predefined user roles
network-admin
Parameters
tunnel tunnel-number: Specifies a member interface by its interface number.
The following matrix shows the value ranges for the tunnel-number argument:
Hardware |
Argument compatibility |
Value range |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
N/A |
MSR2600-6-X1/2600-10-X1 |
Yes |
0 to 10239 |
MSR 2630 |
Yes |
0 to 10239 |
MSR3600-28/3600-51 |
Yes |
0 to 10239 |
MSR3600-28-SI/3600-51-SI |
No |
N/A |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
0 to 10239 |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
0 to 10239 |
MSR5620/5660/5680 |
Yes |
0 to 10239 |
Hardware |
Argument compatibility |
Value range |
MSR810-LM-GL |
No |
N/A |
MSR810-W-LM-GL |
No |
N/A |
MSR830-6EI-GL |
No |
N/A |
MSR830-10EI-GL |
No |
N/A |
MSR830-6HI-GL |
No |
N/A |
MSR830-10HI-GL |
No |
N/A |
MSR2600-6-X1-GL |
Yes |
0 to 10239 |
MSR3600-28-SI-GL |
No |
N/A |
load-share value: Configures a weight for a member interface, in the range of 1 to 65535. The default value is 1.
Usage guidelines
You can specify multiple member interfaces for a tunnel bundle interface.
Traffic is shared on the member interfaces in proportion of their weights. If the member interfaces have the same weight, they will share the same load.
For example, a tunnel bundle interface has three member interfaces. The weights for the member interfaces are 1, 1, and 2, respectively. The proportions of traffic forwarded by the member interfaces are 1/4, 1/4, and 1/2, respectively. If you configure the weights for the member interfaces as 2, 2, and 4, the traffic forwarding proportions of the member interfaces are still 1/4, 1/4, and 1/2, respectively.
Examples
# Specify Tunnel 1 and Tunnel 2 as the member interfaces for Tunnel-Bundle 2, and configure the weights of the member interfaces as 1 and 3, respectively.
<Sysname> system-view
[Sysname] interface tunnel-bundle 2
[Sysname-tunnel-bundle2] member interface tunnel 1
[Sysname-tunnel-bundle2] member interface tunnel 2 load-share 3
Related commands
display tunnel-bundle
mpls te
Use mpls te to enable MPLS TE for the local node and enter MPLS TE view.
Use undo mpls te to disable MPLS TE for the local node.
Syntax
mpls te
undo mpls te
Default
MPLS TE is disabled.
Views
System view
Predefined user roles
network-admin
Usage guidelines
Disabling MPLS TE also deletes all CRLSPs on the device and MPLS TE configurations on all interfaces.
Examples
# Enable MPLS TE for the local node and enter MPLS TE view.
<Sysname> system-view
[Sysname] mpls lsr-id 1.1.1.9
[Sysname] mpls te
[Sysname-te]
Related commands
mpls te enable
mpls te affinity-attribute
Use mpls te affinity-attribute to set an affinity for a tunnel.
Use undo mpls te affinity-attribute to restore the default.
Syntax
mpls te affinity-attribute attribute-value [ mask mask-value ]
undo mpls te affinity-attribute
Default
The affinity is 0x00000000, and the mask is 0x00000000. That is, a tunnel can use any link.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
attribute-value: Specifies the affinity value in the range of 0x00000000 to 0xFFFFFFFF. An affinity is a 32-bit binary number. Each bit of the affinity represents an attribute, which takes a value of 0 or 1.
mask mask-value: Specifies the mask of the affinity bits, in the range of 0x00000000 to 0xFFFFFFFF. A mask is a 32-bit binary number. Each bit of the mask determines whether to check the corresponding bit of the link attribute. If the mask bit is 1, the corresponding link attribute bit must be checked with the affinity bit. The link can be used by the tunnel only when the link attribute bit meets certain requirements. If the mask bit is 0, the corresponding link attribute bit is not checked.
Usage guidelines
Affinity determines which links a tunnel can use. The affinity attribute and its mask, and the link attribute are all 32-bit long. A link is available for a tunnel if the link attribute meets the following requirements:
· The link attribute bits corresponding to the affinity attribute's 1 bits whose mask bits are 1 must have a minimum of one bit set to 1.
· The link attribute bits corresponding to the affinity attribute's 0 bits whose mask bits are 1 must have no bit set to 1.
The link attribute bits corresponding to the 0 bits in the affinity mask are not checked.
For example, if the affinity is 0xFFFFFFF0 and the mask is 0x0000FFFF, a link is available for the tunnel when its attribute bits meet the following requirements:
· The highest 16 bits each can be 0 or 1 (no requirements).
· The 17th through 28th bits must have a minimum of one bit whose value is 1.
· The lowest four bits must be 0.
Examples
# Set the tunnel affinity to 0x101 and mask to 0x303. Then, a link is available for the tunnel only when the link attribute bits (from left to right) meet the following requirements:
· The 23rd bit is 0.
· The 31st bit is 0.
· A minimum of one bit from the 24th to 32nd bits must be 1.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te affinity-attribute 101 mask 303
Related commands
display mpls te tunnel-interface
mpls te link-attribute
mpls te auto-bandwidth
Use mpls te auto-bandwidth to enable automatic bandwidth adjustment or output rate collection for an MPLS TE tunnel.
Use undo mpls te auto-bandwidth to disable automatic bandwidth adjustment or output rate collection for an MPLS TE tunnel.
Syntax
mpls te auto-bandwidth { adjustment [ frequency seconds ] [ max-bw max-bandwidth | min-bw min-bandwidth ] * | collect-bw [ frequency seconds ] }
undo mpls te auto-bandwidth
Default
Automatic bandwidth adjustment and output rate collection are disabled for an MPLS TE tunnel.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
adjustment: Enables automatic bandwidth adjustment for the tunnel.
collect-bw: Enables output rate collection for the tunnel, but does not adjust the tunnel's bandwidth.
frequency seconds: Specifies the automatic bandwidth adjustment interval (with the adjustment keyword) or the output rate collection interval (with the collect-bw keyword). The value range for the seconds argument is 300 to 604800, in seconds. The default interval is 86400 seconds.
max-bw max-bandwidth: Specifies the maximum automatic bandwidth for the tunnel, in the range of 1 to 4294967295, in kbps. If you do not specify this option, TE does not limit the maximum bandwidth value.
min-bw min-bandwidth: Specifies the minimum automatic bandwidth for the tunnel, in the range of 1 to 4294967295, in kbps. If you do not specify this option, TE does not limit the minimum bandwidth value.
Usage guidelines
Automatic bandwidth adjustment functions as follows:
1. Samples the tunnel interface output rate at regular intervals.
The sampling interval is specified by using the auto-bandwidth enable command.
2. Calculates the average output rate in each sampling interval.
3. Adjusts the MPLS TE tunnel bandwidth to the maximum average output rate when the automatic bandwidth adjustment interval is reached.
The maximum average output rate refers to the largest of all average output rates calculated in the sampling intervals during the automatic bandwidth adjustment interval. As a best practice, set the bandwidth adjustment interval to a value a minimum of 3 times the sampling interval to get the accurate output rate.
4. Establishes a new CRLSP based on the adjusted bandwidth.
5. Switches traffic to the new CRLSP, and then deletes the old CRLSP.
The output rate collection feature collects the tunnel output rate regularly at the specified collection interval. The collected output rate is the largest of all average output rates calculated in the sampling intervals during the collection interval.
To enable MPLS TE to adjust bandwidth or collects the output rate for an MPLS TE tunnel, perform the following tasks:
· Enable the global automatic bandwidth adjustment by using the auto-bandwidth enable command in MPLS TE view.
· Enable automatic bandwidth adjustment or output rate collection for the MPLS TE tunnel by using the mpls te auto-bandwidth command.
In the same tunnel interface view, the mpls te auto-bandwidth command is mutually exclusive with these commands: mpls te reoptimization, mpls te route-pinning, and mpls te backup.
If both the mpls te auto-bandwidth and mpls te bidirectional commands are configured, only the mpls te bidirectional command takes effect.
Examples
# Enable automatic bandwidth adjustment for MPLS TE Tunnel 0, and set the adjustment interval to 3600 seconds.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te auto-bandwidth adjustment frequency 3600
Related commands
auto-bandwidth enable
display mpls te tunnel-interface
reset mpls te auto-bandwidth-adjustment timers
mpls te auto-tunnel backup disable
Use mpls te auto-tunnel backup disable to disable the auto FRR feature on an RSVP-enabled interface.
Use undo mpls te auto-tunnel backup disable to enable the auto FRR feature on an RSVP-enabled interface.
Syntax
mpls te auto-tunnel backup disable
undo mpls te auto-tunnel backup disable
Default
The auto FRR feature is enabled on all RSVP-enabled interfaces after it is enabled globally.
Views
Interface view
Predefined user roles
network-admin
Usage guidelines
The auto FRR feature allows an interface to automatically set up a node-protection bypass tunnel and a link-protection bypass tunnel for each of its primary CRLSPs. The egress interface of the primary CRLSPs is the interface itself.
Bypass tunnels are set up before the primary CRLSP fails. Therefore, they use extra bandwidth. To save network bandwidth, configure auto FRR only for key interfaces. On other interfaces, use the mpls te auto-tunnel backup disable command to disable the interfaces from automatically setting up bypass tunnels.
Execution of the mpls te auto-tunnel backup disable command deletes all existing bypass tunnels automatically created on the interface.
Examples
# Disable auto FRR on interface GigabitEthernet 2/0/1.
<Sysname> system-view
[Sysname] interface gigabitethernet 2/0/1
[Sysname-GigabitEthernet2/0/1] mpls te auto-tunnel backup disable
Related commands
auto-tunnel backup
mpls te backup
Use mpls te backup to enable tunnel backup and specify the backup mode for a tunnel.
Use undo mpls te backup to disable tunnel backup.
Syntax
mpls te backup { hot-standby | ordinary }
undo mpls te backup
Default
Tunnel backup is disabled.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
hot-standby: Enables hot backup for the tunnel. In this mode, a backup CRLSP is established immediately after the primary CRLSP is established. When the primary CRLSP fails, MPLS TE immediately switches traffic to the backup CRLSP.
ordinary: Enables ordinary backup for the tunnel. In this mode, a backup CRLSP is established after the primary CRLSP fails.
Usage guidelines
In the same tunnel interface view, the mpls te backup command is mutually exclusive with the mpls te reoptimization and mpls te auto-bandwidth adjustment commands.
If both the mpls te backup and mpls te bidirectional commands are configured, only the mpls te bidirectional command takes effect.
Examples
# Enable hot backup for Tunnel 0.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te backup hot-standby
Related commands
mpls te backup-path
mpls te backup bandwidth
Use mpls te backup bandwidth to configure the bandwidth and the CT that the bypass tunnel can protect.
Use undo mpls te backup bandwidth to restore the default.
Syntax
mpls te backup bandwidth [ ct0 | ct1 | ct2 | ct3 ] { bandwidth | un-limited }
undo mpls te backup bandwidth
Default
The bandwidth and the CT that the bypass tunnel can protect are not specified.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
bandwidth: Specifies the total bandwidth that the bypass tunnel can protect, in the range of 1 to 4294967295, in kbps.
ct0: Specifies the bypass tunnel to protect only CRLSPs of CT 0.
ct1: Specifies the bypass tunnel to protect only CRLSPs of CT 1.
ct2: Specifies the bypass tunnel to protect only CRLSPs of CT 2.
ct3: Specifies the bypass tunnel to protect only CRLSPs of CT 3.
un-limited: Puts no limit on total protected bandwidth. This keyword means the bypass tunnel does not provide bandwidth protection.
Usage guidelines
If you specify the un-limited keyword, the bypass tunnel does not provide bandwidth protection. FRR does not guarantee the bandwidth of the protected tunnels. If the sum of traffic of the protected tunnels exceeds the actual bandwidth of the bypass tunnel, traffic of protected tunnels might be lost. The primary CRLSP that does not need bandwidth protection prefers this type of bypass tunnels over other types of bypass tunnels.
If you specify the bandwidth argument, the bypass tunnel provides bandwidth protection. The primary CRLSP that needs bandwidth protection prefers this type of bypass tunnels over other types of bypass tunnels. If you set the value for the bandwidth argument to 0, the bypass tunnel performs best-effort forwarding for the traffic of primary CRLSP, and the occupied bandwidth is not fixed. Therefore, this type of bypass tunnel cannot protect a primary CRLSP with the bandwidth 0 or a primary CRLSP whose bandwidth exceeds the protected bandwidth.
The specified bandwidth value must be less than the actual bandwidth of the bypass tunnel. Otherwise, the bypass tunnel will be overwhelmed after FRR, and the protected tunnel might be torn down.
After an FRR, the primary CRLSP will be down if you modify the bandwidth that the bypass tunnel can protect and your modification results in one of the following:
· The CT type changes.
· The bypass tunnel cannot protect adequate bandwidth as configured.
· FRR protection type (whether or not to provide bandwidth protection for the primary CRLSP) changes.
The bandwidth value specified is used only for calculating and determining the bandwidth protection relationship between a primary CRLSP and a bypass tunnel. The bandwidth is not reserved on the bypass tunnel.
If no CT is specified, CRLSPs of all CTs can use the bypass tunnel.
After you execute this command for a tunnel, the record route flag is automatically set for the tunnel, regardless of whether the mpls te record-route command is configured.
Examples
# Configure Tunnel 0 to provide protection for CRLSPs of CT 0 without constraining the protected bandwidth. Configure Tunnel 1 to provide protection for CRLSPs of CT 1 and protect a maximum of 1000 kbps bandwidth.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te backup bandwidth ct0 un-limited
[Sysname-Tunnel0] quit
[Sysname] interface tunnel 1 mode mpls-te
[Sysname-Tunnel1] mpls te backup bandwidth ct1 1000
Related commands
display mpls te tunnel-interface
mpls te fast-reroute
mpls te backup-path
Use mpls te backup-path to specify a path for the backup CRLSP and set the preference of the path.
Use undo mpls te backup-path to delete the specified path for the backup CRLSP.
Syntax
mpls te backup-path preference value { dynamic [ pce [ ip-address ]&<0-8> ] | explicit-path path-name } [ no-cspf ]
undo mpls te backup-path preference value
Default
MPLS TE uses the dynamically calculated path to establish the backup CRLSP.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
preference value: Specifies a preference value for a path, in the range of 1 to 10. A smaller value represents a higher preference.
dynamic: Uses the path dynamically calculated by CSPF to establish the backup CRLSP.
pce: Uses the path calculated by PCEs to establish the CRLSP. If you do not specify this keyword, the local LSR uses the path dynamically calculated by CSPF.
[ ip-address ]&<0-8>: Specifies a space-separated list of a maximum of eight PCE addresses. If you do not specify a PCE address, the system automatically selects a PCE from the discovered PCEs. If you specify more than one PCE address, a BRPC calculation will be performed on the specified PCEs in configuration order.
explicit-path path-name: Uses the specified explicit path to establish the backup CRLSP. The path-name argument specifies the name of an explicit path, a case-sensitive string of 1 to 31 characters.
no-cspf: Calculates the path by searching the routing table instead of using the CSPF algorithm.
Usage guidelines
You can specify a maximum of 10 backup paths for a tunnel interface. The backup paths must have different preferences.
When establishing a backup CRLSP, MPLS TE performs CSPF calculations using the specified paths in the descending order of preference until the backup CRLSP is established successfully. If the CSPF calculations for all paths are failed, the backup CRLSP cannot be established.
This command takes effect only when backup has been enabled for the current tunnel by using the mpls te backup command.
If you specify PCE addresses in this command or in the mpls te path command, the local device establishes PCEP sessions to the specified PCEs. If you do not specify a PCE address, the local device establishes PCEP sessions to all discovered PCEs.
Examples
# Configure interface Tunnel 0 to use explicit path path1 and the path calculated by PCEs to establish a backup CRLSP. Set a higher preference for the path calculated by PCEs.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te backup-path preference 2 explicit-path path1
[Sysname-Tunnel0] mpls te backup-path preference 1 dynamic pce 1.1.1.9 2.2.2.9
Related commands
display mpls te tunnel-interface
mpls te backup
mpls te path
mpls te bandwidth
Use mpls te bandwidth to assign bandwidth to the MPLS TE tunnel and specify a class type (CT) for the tunnel.
Use undo mpls te bandwidth to restore the default.
Syntax
mpls te bandwidth [ ct0 | ct1 | ct2 | ct3 ] bandwidth
undo mpls te bandwidth
Default
No bandwidth (0 bps) is assigned to an MPLS TE tunnel and the tunnel is available for CT 0.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
ct0: Specifies CT 0 for the tunnel.
ct1: Specifies CT 1 for the tunnel.
ct2: Specifies CT 2 for the tunnel.
ct3: Specifies CT 3 for the tunnel.
bandwidth: Specifies the bandwidth required by the MPLS TE tunnel, in the range of 1 to 4294967295, in kbps.
Usage guidelines
If you do not specify a CT for the tunnel, the tunnel is available for CT 0.
If the bandwidth required by the MPLS TE tunnel is more than 1024 kbps, set the bandwidth to a multiple of 1024 kbps.
This command applies only to the MPLS TE tunnels established by RSVP-TE. The bandwidth and CT of an MPLS TE tunnel established by using a static CRLSP are determined by the static-cr-lsp ingress command.
Examples
# Assign 1000 kbps bandwidth to MPLS TE Tunnel 0 and specify the CT of the tunnel as CT 1.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te bandwidth ct1 1000
Related commands
display mpls te tunnel-interface
mpls te max-link-bandwidth
mpls te max-reservable-bandwidth
mpls te max-reservable-bandwidth mam
mpls te max-reservable-bandwidth rdm
mpls te bandwidth change thresholds
Use mpls te bandwidth change thresholds to set the bandwidth up/down threshold for the IGP to flood TE information.
Use undo mpls te bandwidth change thresholds to restore the default.
Syntax
mpls te bandwidth change thresholds { down | up } percent
undo mpls te bandwidth change thresholds { down | up }
Default
The IGP floods the TE information when the bandwidth increases or decreases by 10% of the link reservable bandwidth.
Views
Interface view
Predefined user roles
network-admin
Parameters
down: Specifies the bandwidth decrease percentage threshold that triggers the IGP to flood TE information. When the percentage of the link reservable-bandwidth decrease to the maximum link reservable bandwidth reaches or exceeds the threshold, the IGP floods the TE information and updates the TEDB.
up: Specifies the bandwidth increase percentage threshold that triggers the IGP to flood TE information. When the percentage of the link reservable-bandwidth increase to the maximum link reservable bandwidth reaches or exceeds the threshold, the IGP floods the TE information and updates the TEDB.
percent: Specifies the IGP flooding threshold in the range of 0% to 100%.
Usage guidelines
When the reservable bandwidth of a link changes, the IGP floods the link TE information to notify network devices of the change. To avoid frequent TE information flooding from affecting network performance, you can use this command to configure the IGP to flood only significant bandwidth changes of a link.
Examples
# On interface GigabitEthernet 2/0/1, configure the IGP to flood TE information when the link available bandwidth decreases by 100%.
<Sysname> system-view
[Sysname] interface gigabitethernet 2/0/1
[Sysname-GigabitEthernet2/0/1] mpls te bandwidth change thresholds down 100
Related commands
link-management periodic-flooding timer
mpls te bidirectional
Use mpls te bidirectional to enable the bidirectional tunnel feature on an MPLS TE tunnel interface.
Use undo mpls te bidirectional to disable the bidirectional tunnel feature on an MPLS TE tunnel interface.
Syntax
mpls te bidirectional { associated reverse-lsp { lsp-name lsp-name | lsr-id ingress-lsr-id tunnel-id tunnel-id } | co-routed { active | passive reverse-lsp lsr-id ingress-lsr-id tunnel-id tunnel-id } }
undo mpls te bidirectional
Default
The bidirectional tunnel feature is disabled on an MPLS TE tunnel interface. A tunnel established on an MPLS TE tunnel interface is a unidirectional MPLS TE tunnel.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
associated reverse-lsp lsp-name lsp-name: Configures an associated bidirectional MPLS TE tunnel, and specifies the associated reverse CRLSP. The lsp-name argument specifies the name of a static CRLSP (the reverse CRLSP), a case-sensitive string of 1 to 15 characters.
associated reverse-lsp lsr-id ingress-lsr-id tunnel-id tunnel-id: Configures an associated bidirectional MPLS TE tunnel, and specifies the associated reverse CRLSP. The ingress-lsr-id argument specifies the LSR ID of the ingress node on the reverse CRLSP and the tunnel-id argument specifies the tunnel ID of the reverse CRLSP. The value range for the tunnel-id argument is 0 to 65535.
co-routed: Configures a co-routed bidirectional MPLS TE tunnel.
active: Specifies the local end as the active end of the co-routed bidirectional MPLS TE tunnel.
passive reverse-lsp lsr-id ingress-lsr-id tunnel-id tunnel-id: Specifies the local end as the passive end of the co-routed bidirectional MPLS TE tunnel, and specifies the associated reverse CRLSP. The ingress-lsr-id argument specifies the LSR ID of the ingress node on the reverse CRLSP and the tunnel-id argument specifies the tunnel ID of the reverse CRLSP. The value range for the tunnel-id argument is 0 to 65535. You must specify a reverse CRLSP on the passive end, so that the CRLSP and the reverse CRLSP are associated to form a bidirectional MPLS TE tunnel.
Usage guidelines
A bidirectional MPLS TE tunnel can be established in co-routed mode or associated mode.
· Co-routed mode uses the extended RSVP-TE protocol to establish a bidirectional MPLS TE tunnel. To establish a co-routed bidirectional MPLS TE tunnel, you must perform the following tasks:
¡ Specify the signaling protocol as RSVP-TE.
¡ Configure one end of the tunnel as the active end and the other as the passive end.
· In associated mode, you establish a bidirectional MPLS TE tunnel by binding two unidirectional CRLSPs in opposite directions. The two CRLSPs can be established in different modes and use different paths. For example, one CRLSP is established statically and the other CRLSP is established dynamically by RSVP-TE.
To create a bidirectional MPLS TE tunnel, you must disable the PHP feature on both ends of the tunnel to assign non-null labels to the penultimate hop.
If the mpls te bidirectional command is configured together with one of the following commands, only the mpls te bidirectional command takes effect:
· mpls te backup
· mpls te auto-bandwidth
· mpls te reoptimization
· mpls te fast-reroute
Examples
· Configure an MPLS TE bidirectional tunnel between Sysname1 and Sysname2 in co-routed mode:
# Configure Sysname1 as follows:
¡ Enable the MPLS TE bidirectional tunnel feature on tunnel interface Tunnel 0.
¡ Configure Sysname1 as the active end of the co-routed bidirectional tunnel.
<Sysname1> system-view
[Sysname1] interface tunnel 0 mode mpls-te
[Sysname1-Tunnel0] destination 10.0.0.2
[Sysname1-Tunnel0] mpls te bidirectional co-routed active
# Configure Sysname2 as follows:
¡ Enable the MPLS TE bidirectional tunnel feature on tunnel interface Tunnel 1.
¡ Configure Sysname2 as the passive end of the co-routed bidirectional tunnel.
¡ Specify the ingress node's LSR ID of the reverse CRLSP as 10.0.0.1—the LSR ID of Sysname1.
¡ Specify the tunnel ID of the reverse CRLSP as 0—the tunnel ID configured on Sysname1.
<Sysname2> system-view
[Sysname2] interface tunnel 1 mode mpls-te
[Sysname2-Tunnel1] destination 10.0.0.1
[Sysname2-Tunnel1] mpls te bidirectional co-routed passive reverse-lsp lsr-id 10.0.0.1 tunnel-id 0
· Configure an MPLS TE bidirectional tunnel between Sysname1 and Sysname2 in associated mode:
# Configure Sysname1 as follows:
¡ Enable the MPLS TE bidirectional tunnel feature on tunnel interface Tunnel 0.
¡ Configure the tunnel establishment mode as associated.
¡ Specify the ingress node's LSR ID of the reverse CRLSP as 10.0.0.2—the LSR ID of Sysname2.
¡ Specify the tunnel ID of the reverse CRLSP as 1—the tunnel ID configured on Sysname2.
<Sysname1> system-view
[Sysname1] interface tunnel 0 mode mpls-te
[Sysname1-Tunnel0] destination 10.0.0.2
[Sysname1-Tunnel0] mpls te bidirectional associated reverse-lsp lsr-id 10.0.0.2 tunnel-id 1
# Configure Sysname2 as follows:
¡ Enable the MPLS TE bidirectional tunnel feature on tunnel interface Tunnel 1.
¡ Configure the tunnel establishment mode as associated.
¡ Specify the ingress node's LSR ID of the reverse CRLSP as 10.0.0.1—the LSR ID of Sysname1.
¡ Specify the tunnel ID of the reverse CRLSP as 0—the tunnel ID configured on Sysname1.
<Sysname2> system-view
[Sysname2] interface tunnel 1 mode mpls-te
[Sysname2-Tunnel1] destination 10.0.0.1
[Sysname2-Tunnel1] mpls te bidirectional associated reverse-lsp lsr-id 10.0.0.1 tunnel-id 0
Related commands
display mpls te tunnel-interface
mpls te enable (interface view)
Use mpls te enable to enable MPLS TE on an interface.
Use undo mpls te enable to disable MPLS TE on an interface.
Syntax
mpls te enable
undo mpls te enable
Default
MPLS TE is disabled on an interface.
Views
Interface view
Predefined user roles
network-admin
Usage guidelines
After you enable MPLS TE on an interface by using the mpls te enable command, the interface can act as part of an MPLS TE tunnel.
After you execute the undo mpls te enable command on an interface, MPLS TE is disabled on the interface and all CRLSPs on the interface are deleted.
Examples
# Enable MPLS TE on interface GigabitEthernet 2/0/1.
<Sysname> system-view
[Sysname] interface gigabitethernet 2/0/1
[Sysname-GigabitEthernet2/0/1] mpls te enable
Related commands
display mpls te link-management bandwidth-allocation
mpls te
mpls te enable (IS-IS view)
Use mpls te enable to enable MPLS TE for an IS-IS process.
Use undo mpls te enable to disable MPLS TE for an IS-IS process.
Syntax
mpls te enable [ level-1 | level-2 ]
undo mpls te enable [ level-1 | level-2 ]
Default
MPLS TE is disabled for an IS-IS process.
Views
IS-IS view
Predefined user roles
network-admin
Parameters
level-1: Enables MPLS TE for IS-IS at Level-1.
level-2: Enables MPLS TE for IS-IS at Level-2.
Usage guidelines
If you do not specify an IS-IS level, this command enables MPLS TE for IS-IS at both Level-1 and Level-2.
IS-IS TE uses a sub-TLV of the extended IS reachability TLV (type 22) to carry TE attributes. Because the extended IS reachability TLV carries wide metrics, specify a wide metric-compatible metric style for the IS-IS process before enabling IS-IS TE. Available metric styles for IS-IS TE include wide, compatible, or wide-compatible. For more information about IS-IS, see Layer 3—IP Routing Configuration Guide.
If you execute this command multiple times, the most recent configuration takes effect. For example, if you execute the mpls te enable command and then the mpls te enable level-1 command, MPLS TE is enabled for Level-1 and disabled for Level-2.
After you enable MPLS TE for both Level-1 and Level-2, executing the undo mpls te enable level-1 command disables MPLS TE for Level-1. MPLS TE is still enabled for Level-2. Similarly, the undo mpls te enable level-2 command only disables MPLS TE for Level-2.
IS-IS messages cannot be fragmented at the IP layer. For IS-IS TE to operate correctly, make sure the following requirements are met:
· The Link State PDU size is large enough so that the Link State PDUs can carry TE information. To set the maximum size of Level-1 and Level-2 Link State PDUs, use the lsp-length originate command.
· The MTU of an IS-IS enabled interface is greater than or equal to the size of IS-IS Link State PDUs with TE information. To set the interface MTU, use the mtu command.
Examples
# Enable MPLS TE for IS-IS process 1 at Level-2.
<Sysname> system-view
[Sysname] isis 1
[Sysname-isis-1] cost-style compatible
[Sysname-isis-1] mpls te enable level-2
Related commands
cost-style (Layer 3—IP Routing Command Reference)
mpls te enable (OSPF area view)
Use mpls te enable to enable MPLS TE for an OSPF area.
Use undo mpls te enable to disable MPLS TE for an OSPF area.
Syntax
mpls te enable
undo mpls te enable
Default
MPLS TE is disabled for an OSPF area.
Views
OSPF area view
Predefined user roles
network-admin
Usage guidelines
OSPF TE uses Type-10 opaque LSAs to carry the TE attributes for a link. Before you configure OSPF TE, you must enable opaque LSA advertisement and reception by using the opaque-capability enable command. For more information about opaque LSA advertisement and reception, see Layer 3—IP Routing Configuration Guide.
Examples
# Enable MPLS TE for OSPF process 1 in OSPF area 1.
<Sysname> system-view
[Sysname] ospf 1
[Sysname-ospf-1] area 1
[Sysname-ospf-1-area-0.0.0.1] mpls te enable
Related commands
opaque-capability enable (Layer 3—IP Routing Command Reference)
mpls te fast-reroute
Use mpls te fast-reroute to enable fast reroute (FRR).
Use undo mpls te fast-reroute to disable FRR.
Syntax
mpls te fast-reroute [ bandwidth ]
undo mpls te fast-reroute
Default
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
bandwidth: Provides bandwidth protection for the primary CRLSP. If you do not specify this keyword, bandwidth protection is not provided for the primary CRLSP.
Usage guidelines
FRR provides a quick link or node protection on a CRLSP. FRR traffic switching can happen in as fast as 50 milliseconds, minimizing data loss.
After FRR is enabled for an MPLS TE tunnel, once a link or node fails on the primary CRLSP, the following events occur:
· FRR reroutes the traffic to a bypass tunnel.
· The ingress node attempts to set up a new CRLSP.
After the new CRLSP is set up successfully, traffic is forwarded on the new CRLSP.
When a primary CRLSP does not need bandwidth protection, it prefers to use a bypass tunnel that does not provide bandwidth protection. No bandwidth guarantee is required after FRR.
When a primary CRLSP needs bandwidth protection, it prefers to use the bypass tunnel that can protect bandwidth as much as possible to provide bandwidth guarantee after FRR.
Regardless of whether a primary CRLSP requires bandwidth protection, the following will occur when the primary CRLSP is bound to a bypass tunnel that provides bandwidth protection:
· The bypass tunnel will reserve the protected bandwidth for the primary CRLSP.
· The RRO message of the PLR will carry the bandwidth protection flag.
After FRR is enabled for a tunnel, the label recording feature is automatically enabled for the tunnel, regardless of whether the mpls te record-route label command is configured.
If both the mpls te fast-reroute and mpls te bidirectional commands are configured, only the mpls te bidirectional command takes effect.
Examples
# Enable FRR for interface Tunnel 0.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te fast-reroute
Related commands
display mpls te tunnel-interface
mpls te backup bandwidth
mpls te fast-reroute bypass-tunnel
Use mpls te fast-reroute bypass-tunnel to specify a bypass tunnel for an interface.
Use undo mpls te fast-reroute bypass-tunnel to delete a bypass tunnel from an interface.
Syntax
mpls te fast-reroute bypass-tunnel tunnel tunnel-number
undo mpls te fast-reroute bypass-tunnel tunnel tunnel-number
Default
No bypass tunnel is specified for an interface.
Views
Interface view
Predefined user roles
network-admin
Parameters
tunnel tunnel-number: Specifies a bypass tunnel by the tunnel interface number.
The following matrix shows the value ranges for the tunnel-number argument:
Hardware |
Argument compatibility |
Value range |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
N/A |
MSR2600-6-X1/2600-10-X1 |
Yes |
0 to 10239 |
MSR 2630 |
Yes |
0 to 10239 |
MSR3600-28/3600-51 |
Yes |
0 to 10239 |
MSR3600-28-SI/3600-51-SI |
No |
N/A |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
0 to 10239 |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
0 to 10239 |
MSR5620/5660/5680 |
Yes |
0 to 10239 |
Hardware |
Argument compatibility |
Value range |
MSR810-LM-GL |
No |
N/A |
MSR810-W-LM-GL |
No |
N/A |
MSR830-6EI-GL |
No |
N/A |
MSR830-10EI-GL |
No |
N/A |
MSR830-6HI-GL |
No |
N/A |
MSR830-10HI-GL |
No |
N/A |
MSR2600-6-X1-GL |
Yes |
0 to 10239 |
MSR3600-28-SI-GL |
No |
N/A |
Usage guidelines
The protected interface (where the command is executed) is the outgoing interface of a primary CRLSP. When the outgoing interface is down or a neighbor failure is detected through the BFD or hello mechanism, traffic of the primary CRLSP is switched to the bypass tunnel.
When you use this command, follow these restrictions and guidelines:
· You can specify a maximum of three bypass tunnels for an interface.
· A bypass tunnel can protect a maximum of three interfaces.
· The bypass tunnel specified by this command must be established by RSVP.
· The protected interface must not be the outgoing interface of a bypass tunnel.
Examples
# Configure tunnel interface Tunnel 0 as the bypass tunnel for GigabitEthernet 2/0/1.
<Sysname> system-view
[Sysname] interface gigabitethernet 2/0/1
[Sysname-GigabitEthernet2/0/1] mpls te fast-reroute bypass-tunnel tunnel 0
Related commands
fast-reroute timer
mpls te igp advertise
Use mpls te igp advertise to enable forwarding adjacency for an MPLS TE tunnel or tunnel bundle, so IGP advertises the tunnel as a link in the IGP network.
Use undo mpls te igp advertise to disable forwarding adjacency for an MPLS TE tunnel or tunnel bundle.
Syntax
Tunnel interface view:
mpls te igp advertise [ hold-time value ]
undo mpls te igp advertise
Tunnel bundle interface view:
mpls te igp advertise
undo mpls te igp advertise
Default
Forwarding adjacency is disabled for an MPLS TE tunnel or tunnel bundle, and IGP does not advertise the tunnel as a link in the IGP network.
Views
Tunnel interface view
Tunnel bundle interface view
Predefined user roles
network-admin
Parameters
hold-time value: Specifies the period of time that IGP waits to advertise an MPLS TE tunnel up/down state change. The value range is 0 to 4294967295 milliseconds. The default value is 0, which means when the MPLS TE tunnel state changes, IGP immediately advertises the state change.
Usage guidelines
Forwarding adjacency is a method to direct traffic to an MPLS TE tunnel or tunnel bundle.
After forwarding adjacency is enabled on the tunnel ingress node, the ingress node advertises the MPLS TE tunnel or tunnel bundle as a link in the network through the IGP. Therefore, all devices in the IGP network can use the MPLS TE tunnel or tunnel bundle in their IGP route calculation.
To make forwarding adjacency take effect, you must establish two MPLS TE tunnels or tunnel bundles in opposite directions between two nodes, and enable forwarding adjacency on both nodes.
On the same tunnel interface or tunnel bundle interface, the mpls te igp advertise command and the mpls te igp shortcut command cannot both take effect. The most recent configuration takes effect.
After a tunnel interface becomes a tunnel bundle member interface, the hold-time configuration for the tunnel interface still takes effect. As a best practice, remove the hold-time configuration by using the undo mpls te igp advertise command in tunnel interface view to avoid impact on the tunnel bundle interface.
Examples
# Enable forwarding adjacency for MPLS TE Tunnel 0, and set the wait time before advertising a tunnel state change to 10000 milliseconds.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te igp advertise hold-time 10000
Related commands
mpls te igp metric
mpls te igp shortcut
mpls te igp metric
Use mpls te igp metric to assign a metric to an MPLS TE tunnel or tunnel bundle.
Use undo mpls te igp metric to restore the default.
Syntax
mpls te igp metric { absolute value | relative value }
undo mpls te igp metric
Default
The metric of an MPLS TE tunnel or tunnel bundle equals its IGP metric.
Views
Tunnel interface view
Tunnel bundle interface view
Predefined user roles
network-admin
Parameters
absolute value: Assigns an absolute metric to the MPLS TE tunnel or tunnel bundle, an integer in the range of 1 to 65535. An absolute metric is directly used as the MPLS TE tunnel or tunnel bundle's metric.
relative value: Assigns a relative metric to the MPLS TE tunnel or tunnel bundle, an integer in the range of –10 to +10. The MPLS TE tunnel or tunnel bundle's metric is the assigned metric value plus the IGP metric.
Usage guidelines
When IGP shortcut is enabled for an MPLS TE tunnel or tunnel bundle, the tunnel is included in the IGP route calculation as a link. You can use this command to configure the metric of this link used for IGP route calculation.
Examples
# Assign MPLS TE tunnel interface Tunnel 0 a relative metric of –1 for route calculation in IGP shortcut mechanism.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te igp metric relative -1
Related commands
mpls te igp shortcut
mpls te igp shortcut
Use mpls te igp shortcut to enable IGP shortcut for an MPLS TE tunnel or tunnel bundle. The tunnel ingress node includes the MPLS TE tunnel or tunnel bundle in the IGP route calculation as a link.
Use undo mpls te igp shortcut to disable IGP shortcut for an MPLS TE tunnel or tunnel bundle.
Syntax
mpls te igp shortcut [ isis | ospf ]
undo mpls te igp shortcut
Default
IGP shortcut is disabled for an MPLS TE tunnel or tunnel bundle. The ingress node does not include the MPLS TE tunnel or tunnel bundle in the IGP route calculation as a link.
Views
Tunnel interface view
Tunnel bundle interface view
Predefined user roles
network-admin
Parameters
isis: Specifies IS-IS as the IGP.
ospf: Specifies OSPF as the IGP.
Usage guidelines
IGP shortcut is a method to direct traffic to an MPLS TE tunnel or tunnel bundle.
After IGP shortcut is enabled on the tunnel ingress node, IGP shortcut does not advertise the MPLS TE tunnel or tunnel bundle as a link through the IGP. Only the ingress node includes the MPLS TE tunnel or tunnel bundle in route calculation. Other devices do not consider the MPLS TE tunnel or tunnel bundle in route calculation.
If you do not specify the IGP in this command, both OSPF and IS-IS will include the MPLS TE tunnel or tunnel bundle in route calculation.
On the same tunnel interface or tunnel bundle interface, the mpls te igp advertise command and the mpls te igp shortcut command cannot both take effect. The most recent configuration takes effect.
Examples
# Enable IGP shortcut for MPLS TE Tunnel 0, so the tunnel ingress node considers the tunnel as a link in the OSPF and IS-IS route calculation.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te igp shortcut
Related commands
mpls te igp advertise
mpls te igp metric
mpls te link-attribute
Use mpls te link-attribute to set the link attribute.
Use undo mpls te link-attribute to restore the default.
Syntax
mpls te link-attribute attribute-value
undo mpls te link-attribute
Default
The link attribute value is 0x00000000.
Views
Interface view
Predefined user roles
network-admin
Parameters
attribute-value: Specifies the link attribute value in the range of 0x00000000 to 0xFFFFFFFF. A link attribute value is a 32-bit binary number. Each bit represents an attribute with a value of 0 or 1.
Usage guidelines
The TE information for a link advertised by the IGP includes the link attribute configured by this command. After receiving the link TE information, the ingress node of an MPLS TE tunnel determines whether the link can be used for MPLS TE tunnel establishment according to the following settings:
· The configured tunnel affinity attribute.
· The affinity mask.
· The link attribute.
A link is available for a tunnel if the following requirements are met:
· The link attribute bits corresponding to the affinity attribute's 1 bits whose mask bits are 1 must have a minimum of one bit set to 1.
· The link attribute bits corresponding to the affinity attribute's 0 bits whose mask bits are 1 must have no bit set to 1.
The link attribute bits corresponding to the 0 bits in the affinity mask are not checked.
For example, if the affinity is 0xFFFFFFF0 and the mask is 0x0000FFFF, a link is available for the tunnel when its link attribute bits meet the following requirements:
· The highest 16 bits each can be 0 or 1 (no requirements).
· The 17th through 28th bits must have a minimum of one bit whose value is 1.
· The lowest four bits must be 0.
Examples
# On interface GigabitEthernet 2/0/1, set the link attribute to 0x00000101.
<Sysname> system-view
[Sysname] interface gigabitethernet 2/0/1
[Sysname-GigabitEthernet2/0/1] mpls te link-attribute 101
Related commands
mpls te affinity-attribute
mpls te loop-detection
Use mpls te loop-detection to enable loop detection during establishment of an MPLS TE tunnel.
Use undo mpls te loop-detection to disable loop detection for the MPLS TE tunnel.
Syntax
mpls te loop-detection
undo mpls te loop-detection
Default
Loop detection is disabled for an MPLS TE tunnel.
Views
Tunnel interface view
Predefined user roles
network-admin
Usage guidelines
When loop detection is enabled on the ingress node of an MPLS TE tunnel, the route recording feature is automatically enabled for the tunnel, regardless of whether the mpls te record-route command is configured. When establishing the MPLS TE tunnel, each node of the tunnel detects whether a loop has occurred according to the recorded route information.
Examples
# Enable loop detection for establishing MPLS TE Tunnel 0.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te loop-detection
mpls te max-link-bandwidth
Use mpls te max-link-bandwidth to set the maximum bandwidth for MPLS TE traffic on an interface.
Use undo mpls te max-link-bandwidth to restore the default.
Syntax
mpls te max-link-bandwidth bandwidth-value
undo mpls te max-link-bandwidth
Default
The maximum link bandwidth for MPLS TE traffic is 0 kbps.
Views
Interface view
Predefined user roles
network-admin
Parameters
bandwidth-value: Specifies the maximum link bandwidth in the range of 1 to 4294967295 kbps.
Usage guidelines
The device carries the maximum link bandwidth in advertised IGP routes. The tunnel ingress node can obtain the information and use the information in CSPF calculation to select a path that meets the tunnel bandwidth requirements.
Examples
# On interface GigabitEthernet 2/0/1, set the maximum link bandwidth for MPLS TE traffic to 1158 kbps.
<Sysname> system-view
[Sysname] interface gigabitethernet 2/0/1
[Sysname-GigabitEthernet2/0/1] mpls te max-link-bandwidth 1158
Related commands
display mpls te link-management bandwidth-allocation
mpls te bandwidth
mpls te max-reservable-bandwidth
mpls te max-reservable-bandwidth mam
mpls te max-reservable-bandwidth rdm
mpls te max-reservable-bandwidth
Use mpls te max-reservable-bandwidth to set the maximum reservable bandwidth of the link (BC 0) and BC 1 in prestandard DS-TE RDM model.
Use undo mpls te max-reservable-bandwidth to restore the default.
Syntax
mpls te max-reservable-bandwidth bandwidth-value [ bc1 bc1-bandwidth ]
undo mpls te max-reservable-bandwidth
Default
The maximum reservable bandwidth of a link is 0 kbps and BC 1 is 0 kbps.
Views
Interface view
Predefined user roles
network-admin
Parameters
bandwidth-value: Specifies the maximum reservable bandwidth of the link (the value of BC 0), in the range of 1 to 4294967295 kbps.
bc1 bc1-bandwidth: Specifies the value of BC 1, in the range of 1 to 4294967295 kbps. The default value is 0.
Usage guidelines
The device carries the bandwidth values configured by this command in IGP route advertisements. The tunnel ingress node can obtain the information and use the information in CSPF calculation to select a path that meets the tunnel bandwidth requirements.
The maximum reservable bandwidth of a link (bandwidth-value) cannot be greater than the maximum bandwidth of the link (configured with the mpls te max-link-bandwidth command). The value of BC 1 (bc1-bandwidth) cannot be greater than the maximum reservable bandwidth of the link (bandwidth-value).
The bandwidth values configured by this command are only for MPLS TE traffic.
Examples
# Set the link maximum reservable bandwidth to 1158 kbps and BC 1 to 200 kbps for MPLS TE traffic in prestandard DS-TE RDM model.
<Sysname> system-view
[Sysname] interface gigabitethernet 2/0/1
[Sysname-GigabitEthernet2/0/1] mpls te max-reservable-bandwidth 1158 bc1 200
Related commands
display mpls te link-management bandwidth-allocation
mpls te bandwidth
mpls te max-link-bandwidth
mpls te max-reservable-bandwidth mam
mpls te max-reservable-bandwidth rdm
mpls te max-reservable-bandwidth mam
Use mpls te max-reservable-bandwidth mam to set the maximum reservable bandwidth of the link and the BCs in MAM model of the IETF DS-TE.
Use undo mpls te max-reservable-bandwidth mam to restore the default.
Syntax
mpls te max-reservable-bandwidth mam bandwidth-value { bc0 bc0-bandwidth | bc1 bc1-bandwidth | bc2 bc2-bandwidth | bc3 bc3-bandwidth } *
undo mpls te max-reservable-bandwidth mam
Default
The maximum reservable bandwidth of a link is 0 kbps and each BC is 0 kbps.
Views
Interface view
Predefined user roles
network-admin
Parameters
bandwidth-value: Specifies the maximum reservable bandwidth of the link, in the range of 1 to 4294967295 kbps.
bc0 bc0-bandwidth: Specifies the value of BC 0, in the range of 1 to 4294967295 kbps. By default, BC 0 is 0 kbps.
bc1 bc1-bandwidth: Specifies the value of BC 1, in the range of 1 to 4294967295 kbps. By default, BC 1 is 0 kbps.
bc2 bc2-bandwidth: Specifies the value of BC 2, in the range of 1 to 4294967295 kbps. By default, BC 2 is 0 kbps.
bc3 bc3-bandwidth: Specifies the value of BC 3, in the range of 1 to 4294967295 kbps. By default, BC 3 is 0 kbps.
Usage guidelines
The device carries the bandwidth values configured by this command in IGP route advertisements. The tunnel ingress node can obtain the information and use the information in CSPF calculation to select a path that meets the tunnel bandwidth requirements.
The maximum reservable bandwidth of a link (bandwidth-value) cannot be greater than the maximum bandwidth of the link (configured with the mpls te max-link-bandwidth command). Each BC (bc0-bandwidth, bc1-bandwidth, bc2-bandwidth and bc3-bandwidth) cannot be greater than the maximum reservable bandwidth of the link (bandwidth-value).
The maximum reservable bandwidth and BCs configured by this command are only for MPLS TE traffic.
Examples
# Set the link maximum reservable bandwidth to 1158 kbps and BC 0 through BC 3 to 500 kbps, 300 kbps, 400 kbps, and 100 kbps for MPLS TE traffic in IETF DS-TE MAM model.
<Sysname> system-view
[Sysname] interface gigabitethernet 2/0/1
[Sysname-GigabitEthernet2/0/1] mpls te max-reservable-bandwidth mam 1158 bc0 500 bc1 300 bc2 400 bc3 100
Related commands
display mpls te link-management bandwidth-allocation
mpls te bandwidth
mpls te max-link-bandwidth
mpls te max-reservable-bandwidth
mpls te max-reservable-bandwidth rdm
mpls te max-reservable-bandwidth rdm
Use mpls te max-reservable-bandwidth rdm to set the BCs in IETF DS-TE RDM model.
Use undo mpls te max-reservable-bandwidth rdm to restore the default.
Syntax
mpls te max-reservable-bandwidth rdm bandwidth-value [ bc1 bc1-bandwidth ] [ bc2 bc2-bandwidth ] [ bc3 bc3-bandwidth ]
undo mpls te max-reservable-bandwidth rdm
Default
Each BC is 0 kbps.
Views
Interface view
Predefined user roles
network-admin
Parameters
bandwidth-value: Specifies the maximum reservable bandwidth of the link, or, the value of BC 0, in the range of 1 to 4294967295 kbps.
bc1 bc1-bandwidth: Specifies the value of BC 1, in the range of 1 to 4294967295 kbps. By default, BC 1 is 0 kbps.
bc2 bc2-bandwidth: Specifies the value of BC 2, in the range of 1 to 4294967295 kbps. By default, BC 2 is 0 kbps.
bc3 bc3-bandwidth: Specifies the value of BC 3, in the range of 1 to 4294967295 kbps. By default, BC 3 is 0 kbps.
Usage guidelines
BC 0 (bandwidth-value) must be smaller than or equal to the maximum bandwidth of the link (configured with the mpls te max-link-bandwidth command). BC 0 must be greater than or equal to BC 1. BC 1 must be greater than or equal to BC 2. BC 2 must be greater than or equal to BC 3.
The BCs configured by this command are only for MPLS TE traffic.
Examples
# Set BC 0 in IETF RDM model to 500 kbps, BC 1 to 400 kbps, BC 2 to 300 kbps, and BC 3 to 100 kbps.
<Sysname> system-view
[Sysname] interface gigabitethernet 2/0/1
[Sysname-GigabitEthernet2/0/1] mpls te max-reservable-bandwidth rdm 500 bc1 400 bc2 300 bc3 100
Related commands
display mpls te link-management bandwidth-allocation
mpls te bandwidth
mpls te max-link-bandwidth
mpls te max-reservable-bandwidth
mpls te max-reservable-bandwidth mam
mpls te metric
Use mpls te metric to assign a TE metric to the link.
Use undo mpls te metric to restore the default.
Syntax
mpls te metric value
undo mpls te metric
Default
A link uses its IGP metric as its TE metric.
Views
Interface view
Predefined user roles
network-admin
Parameters
value: Specifies a TE metric for the link, in the range of 1 to 4294967295.
Usage guidelines
The device carries two types of metrics (IGP metric and TE metric) of a link in the advertised IGP routes. You can use this command to configure the TE metric. When the tunnel ingress receives the link metrics, it uses the IGP or TE metric for path selection according to the configuration of the mpls te path-metric-type or path-metric-type command.
Examples
# Assign a TE metric of 20 to the link on GigabitEthernet 2/0/1.
<Sysname> system-view
[Sysname] interface gigabitethernet 2/0/1
[Sysname-GigabitEthernet2/0/1] mpls te metric 20
Related commands
mpls te path metric-type
path metric-type
mpls te path
Use mpls te path to specify a path for the tunnel and set the preference of the path.
Use undo mpls te path to delete the specified path for the tunnel.
Syntax
mpls te path preference value { dynamic [ pce [ ip-address ]&<0-8> ] | explicit-path path-name } [ no-cspf ]
undo mpls te path preference value
Default
MPLS TE uses the dynamically calculated path to establish a CRLSP.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
preference value: Specifies a preference value for a path, in the range of 1 to 10. A smaller value represents a higher preference.
dynamic: Uses the path dynamically calculated by CSPF to establish the CRLSP.
pce: Uses the path calculated by PCEs to establish the CRLSP. If you do not specify this keyword, the local LSR uses the path dynamically calculated by CSPF.
[ ip-address ]&<0-8>: Specifies a space-separated list of a maximum of eight PCE addresses. If you do not specify a PCE address, the system automatically selects a PCE from discovered PCEs. If you specify more than one PCE address, a BRPC calculation will be performed on the specified PCEs in configuration order.
explicit-path path-name: Uses the specified explicit path to establish the CRLSP. The path-name argument specifies the name of an explicit path, a case-sensitive string of 1 to 31 characters.
no-cspf: Calculates the path by searching the routing table instead of using the CSPF algorithm.
Usage guidelines
You can specify a maximum of 10 paths for a tunnel interface. The paths must have different preferences.
When establishing a CRLSP, MPLS TE performs CSPF calculations according to the specified paths in a descending order of preference until the CRLSP is established successfully. If the CSPF calculations for all paths are failed, the CRLSP cannot be established.
If you specify PCE addresses in this command or in the mpls te backup-path command, the local device establishes PCEP sessions to the specified PCEs. If you do not specify a PCE address, the local device establishes PCEP sessions to all discovered PCEs.
Examples
# Configure Tunnel 0 to use explicit path path1 and the path calculated by PCEs for CRLSP establishment. Set a higher preference for the path calculated by PCEs.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te path preference 2 explicit-path path1
[Sysname-Tunnel0] mpls te path preference 1 dynamic pce 1.1.1.9 2.2.2.9
Related commands
display mpls te tunnel-interface
mpls te backup-path
mpls te path-metric-type
Use mpls te path-metric-type to specify the link metric type for path selection of a tunnel.
Use undo mpls te path-metric-type to restore the default.
Syntax
mpls te path-metric-type { igp | te }
undo mpls te path-metric-type
Default
No link metric type is specified for path selection of a tunnel.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
igp: Uses the IGP metric.
te: Uses the TE metric.
Usage guidelines
Each MPLS TE link has two metrics: IGP metric and TE metric. By using the two metrics, you can select different tunnels for different classes of traffic. For example, use the IGP metric to represent a link delay (a smaller IGP metric value indicates a lower link delay). Use the TE metric to represent a link bandwidth value (a smaller TE metric value indicates a bigger link bandwidth value).
You can establish two MPLS TE tunnels: Tunnel1 for voice traffic and Tunnel2 for video traffic. Configure Tunnel1 to use IGP metrics for path selection, and configure Tunnel2 to use TE metrics for path selection. As a result, the video traffic travels through the path that has larger bandwidth and the voice service travels through the path that has lower delay.
If you specify a metric type for a tunnel by using this command, the tunnel uses the specified metric type for path selection. If you do not specify a metric type, the tunnel uses the metric type specified by the path-metric-type command in MPLS TE view for path selection.
Examples
# Configure Tunnel 0 to use the IGP metric for path selection.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te path-metric-type igp
Related commands
display mpls te tunnel-interface
mpls te metric
path-metric-type
mpls te priority
Use mpls te priority to set a setup priority and a holding priority for an MPLS TE tunnel.
Use undo mpls te priority to restore the default.
Syntax
mpls te priority setup-priority [ hold-priority ]
undo mpls te priority
Default
The setup priority and the holding priority of an MPLS TE tunnel are both 7.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
setup-priority: Specifies the setup priority in the range of 0 to 7. A smaller number represents a higher priority.
hold-priority: Specifies the holding priority in the range of 0 to 7. A smaller number represents a higher priority. If you do not specify this argument, the holding priority is the same as the setup priority.
Usage guidelines
The setup priority and holding priority of an MPLS TE tunnel determines the importance of the tunnel. A tunnel that has a higher setup priority than the holding priority of another tunnel can preempt the resources of the second.
The setup priority and holding priority can be applied to the following scenarios:
· Multiple MPLS TE tunnels use the same path but the path does not have enough bandwidth for all the tunnels. You can configure different setup and holding priorities for different tunnels to make sure important tunnels can be established first.
· Before an important tunnel is established, multiple less-important MPLS TE tunnels have existed on the network, occupying the bandwidth resources and the optimal path. You can assign a higher setup priority to the import tunnel, so the tunnel can preempt the resources of the existing tunnels and use the optimal path.
The setup priority of a tunnel must not be higher than its holding priority. Configure the setup priority value to be equal to or greater than the holding priority value.
Examples
# Set both the setup priority and holding priority of Tunnel 0 to 1.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te priority 1 1
Related commands
display mpls te tunnel-interface
mpls te record-route
Use mpls te record-route to enable route recording and label recording for a tunnel.
Use undo mpls te record-route to disable route recording and label recording for a tunnel.
Syntax
mpls te record-route [ label ]
undo mpls te record-route
Default
Route recording or label recording is disabled for a tunnel.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
label: Enables both route recording and label recording. If you do not specify this keyword, the command enables only route recording.
Usage guidelines
Route recording records the nodes that an MPLS TE tunnel traverses. Label recording records the label assigned by each node. The recorded information helps you know about the path used by the MPLS TE tunnel and the label distribution information. When the tunnel fails, the recorded information helps you locate the fault.
Examples
# Enable route recording for MPLS TE tunnel 0.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te record-route
Related commands
display explicit-path
display mpls te tunnel-interface
mpls te reoptimization (tunnel interface view)
Use mpls te reoptimization to enable tunnel reoptimization.
Use undo mpls te reoptimization to disable tunnel reoptimization.
Syntax
mpls te reoptimization [ frequency seconds ]
undo mpls te reoptimization
Default
Tunnel reoptimization is disabled.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
frequency seconds: Specifies the tunnel reoptimization frequency in the range of 1 to 604800 seconds. The default is 3600 seconds.
Usage guidelines
MPLS TE uses the tunnel reoptimization feature to implement dynamic CRLSP optimization. For example, if a link on the optimal path does not have enough reservable bandwidth during tunnel setup, MPLS TE sets up the tunnel on another path. When the link has enough bandwidth, tunnel optimization can automatically switch the tunnel to the optimal path.
You can configure the ingress to perform tunnel reoptimization periodically. Or, you can use the mpls te reoptimization command in user view to trigger the ingress to perform a tunnel reoptimization at any time.
On the same tunnel interface, the mpls te reoptimization command is mutually exclusive with these commands: mpls te auto-bandwidth adjustment, mpls te route-pinning, and mpls te backup.
If both the mpls te reoptimization and mpls te bidirectional commands are configured, only the mpls te bidirectional command takes effect.
Examples
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te reoptimization frequency 43200
Related commands
display mpls te tunnel-interface
mpls te reoptimization (user view)
mpls te reoptimization (user view)
Use mpls te reoptimization to reoptimize all reoptimization-enabled MPLS TE tunnels.
Syntax
mpls te reoptimization
Views
User view
Predefined user roles
network-admin
Usage guidelines
After this command is executed in tunnel interface view, you can execute it in user view to trigger the ingress node to immediately reselect an optimal path for a tunnel.
Examples
# Reoptimize all reoptimization-enabled MPLS TE tunnels.
<Sysname> mpls te reoptimization
Related commands
mpls te reoptimization (tunnel interface view)
mpls te resv-style
Use mpls te resv-style to configure the resource reservation style for the MPLS TE tunnel.
Use undo mpls te resv-style to restore the default.
Syntax
mpls te resv-style { ff | se }
undo mpls te resv-style
Default
The resource reservation style is SE.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
ff: Specifies the resource reservation style as fixed filter (FF). For this style, resources are reserved for individual senders and cannot be shared among senders on the same session.
se: Specifies the resource reservation style as shared explicit (SE). For this style, resources are reserved for senders on the same session and shared among them.
Usage guidelines
This command applies only to MPLS TE tunnels established by RSVP-TE.
Examples
# Use the FF reservation style to establish MPLS TE tunnel 0.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te resv-style ff
Related commands
display mpls te tunnel-interface
mpls te signaling
mpls te retry
Use mpls te retry to set the maximum number of tunnel setup attempts.
Use undo mpls te retry to restore the default.
Syntax
mpls te retry retries
undo mpls te retry
Default
The maximum number of tunnel setup attempts is 3.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
retries: Specifies the number of tunnel setup attempts, in the range of 1 to 4294967295.
Usage guidelines
After failing to establish an MPLS TE tunnel, the tunnel ingress node waits for the tunnel setup retry interval (configured by the mpls te timer retry command). Then it tries to set up the tunnel until the tunnel is established successfully. If the tunnel cannot be established when the number of attempts reaches the maximum, the ingress waits for a longer period and then repeats the previous process.
Examples
# Set the maximum number of tunnel setup attempts to 20.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te retry 20
Related commands
display mpls te tunnel-interface
mpls te timer retry
mpls te route-pinning
Use mpls te route-pinning to enable route pinning.
Use undo mpls te route-pinning to restore the default.
Syntax
mpls te route-pinning
undo mpls te route-pinning
Default
Route pinning is disabled.
Views
Tunnel interface view
Predefined user roles
network-admin
Usage guidelines
When route pinning is enabled, an established CRLSP does not re-select an optimal path even if the optimal route has changed.
Use this feature to avoid CRLSPs from changing frequently on an unstable network. This feature ensures that the established CRLSPs are not re-established as long as they are available.
In the same tunnel interface view, the mpls te route-pinning command cannot be used together with the mpls te reoptimization and mpls te auto-bandwidth adjustment commands.
Examples
# Enable route pinning for Tunnel 0.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te route-pinning
Related commands
display mpls te tunnel-interface
mpls te service-class
Use mpls te service-class to set a service class for an MPLS TE tunnel.
Use undo mpls te service-class to delete the service class of an MPLS TE tunnel.
Syntax
mpls te service-class service-class-value
undo mpls te service-class
Default
No service class is set for an MPLS TE tunnel.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
service-class-value: Specifies a service class for an MPLS TE tunnel, in the range of 0 to 7. The smaller service class value, the lower tunnel priority. An MPLS TE tunnel that is not assigned a service class has the lowest priority.
Usage guidelines
Class Based Tunnel Selection (CBTS) compares the service class of the traffic with the service classes of MPLS TE tunnels. CBTS uses the following rules to select a tunnel to forward the traffic:
· If the traffic matches an MPLS TE tunnel, CBTS uses this tunnel.
· If the traffic matches multiple MPLS TE tunnels, CBTS randomly selects a matching tunnel.
· If the traffic does not match any MPLS TE tunnels, CBTS randomly selects a tunnel from all tunnels with the lowest priority.
To set a service class for traffic, use the remark service-class command in traffic behavior view. For information about the remark service-class command, see QoS commands in ACL and QoS Command Reference.
Examples
# Specify the service class of Tunnel 0 to 5.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te service-class 5
remark service-class (ACL and QoS Command Reference)
mpls te signaling
Use mpls te signaling to configure the signaling protocol for an MPLS TE tunnel interface.
Use undo mpls te signaling to restore the default.
Syntax
mpls te signaling { rsvp-te | static }
undo mpls te signaling
Default
MPLS TE uses RSVP-TE to establish tunnels.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
rsvp-te: Uses the RSVP-TE signaling protocol to establish a tunnel.
static: Uses a static CRLSP to establish a tunnel.
Usage guidelines
To use RSVP-TE to establish an MPLS TE tunnel, you must enable MPLS TE and RSVP on each node and interface that the MPLS TE tunnel traverses.
To establish an MPLS TE tunnel over a static CRLSP, you must configure the tunnel to use the static CRLSP by using the mpls te static-cr-lsp command.
Examples
# Use RSVP-TE to establish the MPLS TE tunnel 0.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te signaling rsvp-te
Related commands
display mpls te tunnel-interface
mpls te static-cr-lsp
mpls te static-cr-lsp
Use mpls te static-cr-lsp to specify a static CRLSP for a tunnel.
Use undo mpls te static-cr-lsp to remove the configuration.
Syntax
mpls te static-cr-lsp lsp-name
undo mpls te static-cr-lsp lsp-name
Default
A tunnel does not use any static CRLSP.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
lsp-name: Specifies a static CRLSP by its name, a case-sensitive string of 1 to 15 characters.
Usage guidelines
This command takes effect only when the mpls te signaling static command has been configured in tunnel interface view.
Execute this command on the ingress node. The static CRLSP specified must have been created by using the static-cr-lsp ingress command.
Examples
# Configure tunnel 0 to use static CRLSP named static-te-3.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te static-cr-lsp static-te-3
Related commands
display mpls te tunnel-interface
mpls te signaling
static-cr-lsp egress
static-cr-lsp ingress
static-cr-lsp transit
mpls te timer retry
Use mpls te timer retry to set the tunnel setup retry interval.
Use undo mpls te timer retry to restore the default.
Syntax
mpls te timer retry seconds
undo mpls te timer retry
Default
The retry interval is 2 seconds.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
seconds: Specifies the interval at which MPLS TE tries to re-establish the tunnel, in the range of 1 to 604800 seconds.
Usage guidelines
After failing to establish an MPLS TE tunnel, the tunnel ingress node waits for the tunnel setup retry interval. Then, it tries to set up the tunnel until the tunnel is established successfully. If the tunnel cannot be established when the number of attempts reaches the maximum (configured by the mpls te retry command), the ingress waits for a longer period. Then, it repeats the previous process.
Examples
# Set the setup retry interval to 20 seconds for tunnel 0.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te timer retry 20
Related commands
display mpls te tunnel-interface
mpls te retry
nexthop
Use nexthop to add or modify a node in an explicit path, and configure the attributes of the node.
Use undo nexthop to delete a node in an explicit path.
Syntax
nexthop [ index index-number ] ip-address [ exclude | include [ loose | strict ] ]
undo nexthop index index-number
Default
An explicit path does not include any nodes.
Views
Explicit path view
Predefined user roles
network-admin
Parameters
index index-number: Specifies an index for the node in the explicit path, in the range of 1 to 65535. If you do not specify an index, MPLS TE automatically calculates an index for the node, the value of which is the current maximum index value plus 100.
ip-address: Specifies a node by its IP address in dotted decimal notation.
exclude: Excludes the specified node from the explicit path.
include: Includes the specified node on the explicit path.
loose: Specifies the node as a loose node, which means the specified node and its previous hop can be indirectly connected.
strict: Specifies the node as a strict node, which means the node and its previous hop must be directly connected.
Usage guidelines
The IP address specified in this command can be one of the following:
· Link IP address—IP address of an interface on the device, identifying a link.
· Device LSR ID—Identifies the device.
The address of a strict node must be a link IP address. The address of a loose node can be a link IP address or the device LSR ID.
CSPF excludes the links or devices specified by exclude from path calculation, and uses the links specified by include in ascending order of indexes to establish a CRLSP.
When you execute the nexthop command, follow these guidelines:
· If you specify an existing index, the command modifies the IP address or attribute of the node identified by that index.
· If you specify neither include nor exclude, the include keyword is used by default.
· If you specify neither loose nor strict, the strict keyword is used by default.
Examples
# Exclude IP address 10.0.0.125 from the MPLS TE explicit path named path1.
<Sysname> system-view
[Sysname] explicit-path path1
[Sysname-explicit-path-path1] nexthop 10.0.0.125 exclude
Related commands
display explicit-path
nhop-only
Use nhop-only to configure the PLR to create only link-protection bypass tunnels.
Use undo nhop-only to restore the default.
Syntax
nhop-only
undo nhop-only
Default
The PLR automatically creates both link-protection and node-protection bypass tunnels.
Views
MPLS TE auto FRR view
Predefined user roles
network-admin
Usage guidelines
Execution of the nhop-only command deletes all existing node-protection bypass tunnels automatically created for MPLS TE auto FRR.
Examples
# Configure the device to automatically create only link-protection bypass tunnels.
<Sysname> system-view
[Sysname] mpls te
[Sysname-te] auto-tunnel backup
[Sysname-te-auto-bk] nhop-only
Related commands
auto-tunnel backup
tunnel-number
path-metric-type
Use path-metric-type to specify the link metric type to be used for path selection when a metric type is not explicitly specified for a tunnel.
Use undo path-metric-type to restore the default.
Syntax
path-metric-type { igp | te }
undo path-metric-type
Default
A tunnel uses TE metrics of links for path selection when no metric type is specified for the tunnel.
Views
MPLS TE view
Predefined user roles
network-admin
Parameters
igp: Uses the IGP metric.
te: Uses the TE metric.
Usage guidelines
Each MPLS TE link has two metrics: IGP metric and TE metric. By correctly planning the two metrics, you can select different tunnels for different classes of traffic. For example, use the IGP metric to represent a link delay (a smaller IGP metric value indicates a lower link delay). Use the TE metric to represent a link bandwidth value (a smaller TE metric value indicates a bigger link bandwidth value).
You can establish two MPLS TE tunnels: Tunnel1 for voice traffic and Tunnel2 for video traffic. Configure Tunnel1 to use IGP metrics for path selection, and configure Tunnel2 to use TE metrics for path selection. As a result, the video traffic travels through the path that has larger bandwidth and the voice traffic travels through the path that has lower delay.
If you specify a metric type for a tunnel by using the mpls te path-metric-type command, the tunnel uses the specified metric type for path selection. If you do not specify a metric type, the tunnel uses the metric type specified by the path-metric-type command for path selection.
Examples
# Configure MPLS TE tunnels that are not explicitly specified with a metric type to use the IGP metric for path selection.
<Sysname> system-view
[Sysname] mpls te
[Sysname-te] path-metric-type igp
Related commands
mpls te metric
mpls te path-metric-type
pce address
Use pce address to configure an IP address for a PCE.
Use undo pce address to restore the default.
Syntax
pce address ip-address
undo pce address
Default
No PCE IP address is configured.
Views
MPLS TE view
Predefined user roles
network-admin
Parameters
ip-address: Specifies the PCE IP address.
Usage guidelines
For the device to act as a PCE, use this command to specify a PCE IP address for the device.
As a best practice, configure the loopback interface address as the PCE address. For a PCE to be discovered, enable OSPF TE on the loopback interface to advertise the PCE address or manually specify the PCE on PCCs.
If no PCE address is configured, the local device can only act as a PCC and use the MPLS LSR ID to communicate with the PCE. A PCC sends a PCEP connection request to a PCE, but it does not accept a request from a PCE.
Examples
# Specify the local device as a PCE and configure the IP address for the PCE as 10.10.10.10.
<Sysname> system-view
[Sysname] mpls te
[Sysname-te] pce address 10.10.10.10
pce deadtimer
Use pce deadtimer to set the PCEP session deadtimer.
Use undo pce deadtimer to restore the default.
Syntax
pce deadtimer value
undo pce deadtimer
Default
The PCEP session deadtimer is 120 seconds.
Views
MPLS TE view
Predefined user roles
network-admin
Parameters
value: Specifies the PCEP session deadtimer in the range of 0 to 255 seconds. Value 0 indicates that the PCEP session will never time out.
Usage guidelines
The local device sends the deadtimer setting to its peer. If the local device does not receive a PCEP message from its peer before the deadtimer expires, it tears down the PCEP session. Then, the local device tries to establish a new PCEP session to its peer.
The deadtimer must be greater than the keepalive interval.
Examples
# Set the PCEP session deadtimer to 180 seconds.
<Sysname> system-view
[Sysname] mpls te
[Sysname-te] pce deadtimer 180
Related commands
display mpls te pce peer
pce keepalive
pce keepalive
Use pce keepalive to set the keepalive interval for PCEP sessions.
Use undo pce keepalive to restore the default.
Syntax
pce keepalive interval
undo pce keepalive
Default
The keepalive interval is 30 seconds.
Views
MPLS TE view
Predefined user roles
network-admin
Parameters
interval: Specifies the keepalive interval in the range of 0 to 255 seconds. Value 0 indicates that no keepalive messages will be sent once the PCEP session is established.
Usage guidelines
If the keepalive interval for the local device is less than the min-keepalive setting on the peer device, the local device uses the peer's min-keepalive setting as the keepalive interval.
If the keepalive interval is set to 0 on the local device, configure the min-keepalive value as 0 on the peer device to avoid session establishment failure.
For more information about the min-keepalive setting, see the pce tolerance command.
Examples
# Set the keepalive interval to 60 seconds.
<Sysname> system-view
[Sysname] mpls te
[Sysname-te] pce keepalive 60
Related commands
display mpls te pce peer
pce deadtimer
pce tolerance
pce request-timeout
Use pce request-timeout to set the path calculation request timeout time.
Use undo pce request-timeout to restore the default.
Syntax
pce request-timeout value
undo pce request-timeout
Default
The request timeout time is 10 seconds.
Views
MPLS TE view
Predefined user roles
network-admin
Parameters
value: Specifies the request timeout time in the range of 5 to 100 seconds.
Usage guidelines
In EPC calculation, if a PCC does not receive a calculation reply within the configured timeout time, it resends calculation requests to the PCE until it receives a reply.
In BRPC calculation, if a PCC does not receive a calculation reply from the PCE within the configured timeout time, the PCC does not resend a request. If a PCE does not receive a calculation reply from its downstream PCE within the timeout time, it sends the local calculation result to its upstream device as a reply. The PCE does not wait for a reply from its downstream PCE.
Examples
# Set the request timeout time to 20 seconds.
<Sysname> system-view
[Sysname] mpls te
[Sysname-te] pce request-timeout 20
Related commands
display mpls te pce peer
pce static
Use pce static to specify a PCE as a peer on a PCC or PCE.
Use undo pce static to delete the specified PCE peer.
Syntax
pce static ip-address
undo pce static ip-address
Default
No PCE peers exist.
Views
MPLS TE view
Predefined user roles
network-admin
Parameters
ip-address: Specifies the IP address of a PCE peer.
Examples
# Specify the PCE 10.10.10.10 as a peer.
<Sysname> system-view
[Sysname] mpls te
[Sysname-te] pce static 10.10.10.10
Related commands
display mpls te pce discovery
pce tolerance
Use pce tolerance to set the minimum acceptable keepalive interval and the maximum number of allowed unknown messages received from the peer.
Use undo pce tolerance to restore the default.
Syntax
pce tolerance { min-keepalive value | max-unknown-messages value }
undo pce tolerance { min-keepalive | max-unknown-messages }
Default
The minimum acceptable keepalive interval is 10 seconds, and the maximum number of allowed unknown messages in a minute is 5.
Views
MPLS TE view
Predefined user roles
network-admin
Parameters
min-keepalive value: Specifies the minimum acceptable keepalive interval in the range of 0 to 255 seconds. Value 0 indicates that any keepalive interval is acceptable.
max-unknown-messages value: Limits the maximum number of allowed unknown messages in a minute, in the range of 0 to 16384. Value 0 indicates that no limit is enforced.
Usage guidelines
If the keepalive interval set on the peer device is less than the min-keepalive setting on the local device, the peer device uses the min-keepalive setting as the keepalive interval.
If the number of unknown messages received from the peer in a minute exceeds the max-unknown-messages setting on the local device, the local device tears down the PCEP session.
Examples
# Set the minimum acceptable keepalive interval to 20 seconds and the maximum number of allowed unknown messages to 10.
<Sysname> system-view
[Sysname] mpls te
[Sysname-te] pce tolerance min-keepalive 20
[Sysname-te] pce tolerance max-unknown-messages 10
Related commands
display mpls te pce peer
pce keepalive
reset mpls te auto-bandwidth-adjustment timers
Use reset mpls te auto-bandwidth-adjustment timers to reset the automatic bandwidth adjustment feature.
Syntax
reset mpls te auto-bandwidth-adjustment timers
Views
User view
Predefined user roles
network-admin
Usage guidelines
After this command is executed, the system clears the output rate sampling information and the remaining time to the next bandwidth adjustment. Then, it starts new output rate sampling and bandwidth adjustment.
Examples
# Reset the automatic bandwidth adjustment feature.
<Sysname> reset mpls te auto-bandwidth-adjustment timers
Related commands
auto-bandwidth enable
mpls te auto-bandwidth
reset mpls te pce statistics
Use reset mpls te pce statistics to clear PCC and PCE statistics.
Syntax
reset mpls te pce statistics [ ip-address ]
Views
User view
Predefined user roles
network-admin
Parameters
ip-address: Specifies a PCC or PCE by its IP address. If you do not specify this argument, the command clears statistics about all PCEs and PCCs.
Examples
# Clear statistics about PCE 10.10.10.10.
<Sysname> reset mpls te pce statistics 10.10.10.10
Related commands
display mpls te pce statistics
snmp-agent trap enable te
Use snmp-agent trap enable te to enable SNMP notifications for MPLS TE.
Use undo snmp-agent trap enable te to disable SNMP notifications for MPLS TE.
Syntax
snmp-agent trap enable te
undo snmp-agent trap enable te
Default
SNMP notifications for MPLS TE are disabled.
Views
System view
Predefined user roles
network-admin
Usage guidelines
This command enables generating SNMP notifications for MPLS TE upon MPLS TE tunnel status changes, as defined in RFC 3812. For MPLS TE event notifications to be sent correctly, you must also configure SNMP on the device. For more information about SNMP configuration, see the network management and monitoring configuration guide for the device.
Examples
# Enable SNMP notifications for MPLS TE.
<Sysname> system-view
[Sysname] snmp-agent trap enable te
te-subtlv
Use te-subtlv to specify the types of the sub-TLVs for carrying DS-TE parameters.
Use undo te-subtlv to restore the default.
Syntax
te-subtlv { bw-constraint value | unreserved-subpool-bw value } *
undo te-subtlv { bw-constraint | unreserved-subpool-bw } *
Default
The bw-constraint parameter is carried in sub-TLV 252, and the unreserved-subpool-bw parameter is carried in sub-TLV 251.
Views
IS-IS view
Predefined user roles
network-admin
Parameters
bw-constraint value: Specifies the type value of the sub-TLV that carries the bandwidth constraints, in the range of 23 to 254.
unreserved-subpool-bw value: Specifies the type value of the sub-TLV that carries the unreserved subpool bandwidth, in the range of 23 to 254.
Usage guidelines
This command takes effect when the DS-TE mode is prestandard. It does not take effect when the DE-TE mode is IETF.
In prestandard mode, no standard sub-TLV type values are defined to carry DS-TE parameters. Different vendors might use different type values. To communicate with devices from other vendors, use this command to specify the sub-TLV type values.
Examples
# For IS-IS process 1, specify the sub-TLV type value 200 for bw-constraint, and 202 for unreserved-subpool-bw.
<Sysname> system-view
[Sysname] isis 1
[Sysname-isis-1] te-subtlv bw-constraint 200 unreserved-subpool-bw 202
Related commands
display isis mpls te configured-sub-tlvs
timers removal unused
Use timers removal unused to set a removal timer for unused bypass tunnels.
Use undo timers removal unused to restore the default.
Syntax
timers removal unused seconds
undo timers removal unused
Default
A bypass tunnel is removed after it is unused for 3600 seconds.
Views
MPLS TE auto FRR view
Predefined user roles
network-admin
Parameters
seconds: Specifies the period of time after which an unused bypass tunnel is removed, in the range of 300 to 604800 seconds. You can also set this argument to 0, which means not to remove unused bypass tunnels.
Usage guidelines
An automatically created bypass tunnel can protect multiple primary CRLSPs. A bypass tunnel is unused when the bypass tunnel is not bound to any primary CRLSP. When a bypass tunnel is unused for the period of time configured by this command, MPLS TE removes the bypass tunnel to release the occupied bandwidth and tunnel interface number.
Configure a removal timer according to your network conditions, with the following considerations:
· Save resources—If the timer value is too big, unused bypass tunnels occupy bandwidth and interface numbers for a long time.
· Keep network stability—If the timer value is too small, bypass tunnels might be set up and removed frequently.
Examples
# Set the removal timer to 60000 seconds (100 minutes) for unused bypass tunnels.
<Sysname> system-view
[Sysname] mpls te
[Sysname-te] auto-tunnel backup
[Sysname-te-auto-bk] timers removal unused 60000
Related commands
auto-tunnel backup
tunnel-number
tunnel route-static
Use tunnel route-static to configure automatic static route advertisement.
Use undo tunnel route-static to restore the default.
Syntax
tunnel route-static [ preference preference-value ]
undo tunnel route-static
Default
Automatic static route advertisement is not configured.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
preference preference-value: Specifies a preference for the static route to be advertised, in the range of 1 to 255. The default value is 60.
Usage guidelines
IGP shortcut or forwarding adjacency is usually configured to direct traffic to an MPLS TE tunnel. On a network that contains multiple IGP areas, however, configuring IGP shortcut and forwarding adjacency causes route convergence failure. As a result, traffic cannot be forwarded over the MPLS TE tunnel. To direct traffic to an MPLS TE tunnel in this scenario, you can execute the tunnel route-static command on the ingress node of the MPLS TE tunnel. This command creates a static route whose destination address and output interface are the tunnel destination address and the tunnel interface, respectively.
Examples
# Configure automatic static route advertisement on Tunnel 1 and set the preference to 3.
<Sysname> system-view
[Sysname] interface tunnel 1 mode mpls-te
[Sysname-Tunnel1] tunnel route-static preference 3
Related commands
mpls te igp advertise
mpls te igp shortcut
tunnel-number
Use tunnel-number to specify an interface number range for automatically created bypass tunnels.
Use undo tunnel-number to restore the default.
Syntax
tunnel-number min min-number max max-number
undo tunnel-number
Default
No interface number range is specified, and the PLR cannot set up a bypass tunnel automatically.
Views
MPLS TE auto FRR view
Predefined user roles
network-admin
Parameters
min min-number max max-number: Specifies a range of interface numbers for automatically created bypass tunnels. The min-number must be smaller than or equal to the max-number, and the specified interface number range must include no more than 1000 interface numbers.
The following matrix shows the value ranges for the min-number argument:
Hardware |
Argument compatibility |
Value range |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
N/A |
MSR2600-6-X1/2600-10-X1 |
Yes |
0 to 10239 |
MSR 2630 |
Yes |
0 to 10239 |
MSR3600-28/3600-51 |
Yes |
0 to 10239 |
MSR3600-28-SI/3600-51-SI |
No |
N/A |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
0 to 10239 |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
0 to 10239 |
MSR5620/5660/5680 |
Yes |
0 to 10239 |
Hardware |
Argument compatibility |
Value range |
MSR810-LM-GL |
No |
N/A |
MSR810-W-LM-GL |
No |
N/A |
MSR830-6EI-GL |
No |
N/A |
MSR830-10EI-GL |
No |
N/A |
MSR830-6HI-GL |
No |
N/A |
MSR830-10HI-GL |
No |
N/A |
MSR2600-6-X1-GL |
Yes |
0 to 10239 |
MSR3600-28-SI-GL |
No |
N/A |
The following matrix shows the value ranges for the max-number argument:
Hardware |
Argument compatibility |
Value range |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
N/A |
MSR2600-6-X1/2600-10-X1 |
Yes |
0 to 10239 |
MSR 2630 |
Yes |
0 to 10239 |
MSR3600-28/3600-51 |
Yes |
0 to 10239 |
MSR3600-28-SI/3600-51-SI |
No |
N/A |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
0 to 10239 |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
0 to 10239 |
MSR5620/5660/5680 |
Yes |
0 to 10239 |
Hardware |
Argument compatibility |
Value range |
MSR810-LM-GL |
No |
N/A |
MSR810-W-LM-GL |
No |
N/A |
MSR830-6EI-GL |
No |
N/A |
MSR830-10EI-GL |
No |
N/A |
MSR830-6HI-GL |
No |
N/A |
MSR830-10HI-GL |
No |
N/A |
MSR2600-6-X1-GL |
Yes |
0 to 10239 |
MSR3600-28-SI-GL |
No |
N/A |
Usage guidelines
To enable the PLR to automatically create bypass tunnels, you must perform the following tasks:
1. Enable auto FRR globally by using the auto-tunnel backup command.
2. Specify the interface number range for bypass tunnels by using the tunnel-number command.
The PLR uses the interface numbers in the specified range in ascending order for the bypass tunnels.
When you use the tunnel-number command, follow these restrictions and guidelines:
· If you execute this command multiple times, the most recent configuration takes effect.
· If bypass tunnels are already created automatically, make sure the min-number is not greater than the minimum interface number used by the existing bypass tunnels. The max-number is not smaller than the maximum interface number used by the existing bypass tunnels.
· The interface number range specified by this command can include the interface numbers used by the tunnel interfaces created by the interface tunnel command. However, those interface numbers cannot be used for bypass tunnels, unless they are released by the undo interface tunnel command.
Examples
# Specify interface numbers 800 to 900 for automatically created bypass tunnels.
<Sysname> system-view
[Sysname] mpls te
[Sysname-te] auto-tunnel backup
[Sysname-te-auto-bk] tunnel-number min 800 max 900
Related commands
auto-tunnel backup
Static CRLSP commands
The following matrix shows the feature and hardware compatibility:
Hardware |
Static CRLSP compatibility |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
MSR2600-6-X1/2600-10-X1 |
Yes |
MSR 2630 |
Yes |
MSR3600-28/3600-51 |
Yes |
MSR3600-28-SI/3600-51-SI |
No |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
MSR5620/5660/5680 |
Yes |
Hardware |
Static CRLSP compatibility |
MSR810-LM-GL |
No |
MSR810-W-LM-GL |
No |
MSR830-6EI-GL |
No |
MSR830-10EI-GL |
No |
MSR830-6HI-GL |
No |
MSR830-10HI-GL |
No |
MSR2600-6-X1-GL |
Yes |
MSR3600-28-SI-GL |
No |
display mpls static-cr-lsp
Use display mpls static-cr-lsp to display information about static CRLSPs.
Syntax
display mpls static-cr-lsp [ lsp-name lsp-name ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
lsp-name lsp-name: Displays information about the static CRLSP specified by its name, a case-sensitive string of 1 to 15 characters. If you do not specify a static CRLSP, this command displays information about all static CRLSPs.
verbose: Displays detailed information about static CRLSPs. If you do not specify this keyword, the command displays brief information about static CRLSPs.
Examples
# Display brief information about static CRLSPs.
<Sysname> display mpls static-cr-lsp
Name LSR Type In/Out Label Out Interface State
static-cr-lsp-1 Ingress Null/20 GE2/0/1 Up
Table 47 Command output
Field |
Description |
Name |
Name of the static CRLSP. |
LSR Type |
LSR type of the local node on the static CRLSP: Ingress, Transit, or Egress. |
In/Out Label |
Incoming label/outgoing label. |
Out Interface |
Output interface. |
State |
Current state of the static CRLSP: · Down—The static CRLSP is not available. · Up—The static CRLSP is available. · Idle—The incoming label of the static CRLSP is not available. · Dup—The incoming label of the static CRLSP is being used by a static LSP or a static PW. |
# Display detailed information about static CRLSPs.
<Sysname> display mpls static-cr-lsp verbose
LSP Name : Tunnel0
LSR Type : Ingress
In-Label : -
Out-Label : 60
Out-Interface : GE2/0/1
Nexthop : 20.1.1.2
Class Type : CT0
Bandwidth : 0 kbps
LSP State : Up
Table 48 Command output
Field |
Description |
LSP Name |
Name of the static CRLSP. |
LSR Type |
LSR type of the local node on the static CRLSP: Ingress, Transit, or Egress. |
In-Label |
Incoming label. |
Out-Label |
Outgoing label. |
Out-Interface |
Output interface. |
Nexthop |
Next hop address. |
Class Type |
Class type of the static CRLSP: CT0, CT1, CT2, or CT3. |
Bandwidth |
Bandwidth required by the static CRLSP, in kbps. |
LSP State |
Current state of the static CRLSP: · Down—The static CRLSP is not available. · Up—The static CRLSP is available. · Idle—The incoming label of the static CRLSP is not available. · Duplicate—The incoming label of the static CRLSP is being used by a static LSP or a static PW. |
Related commands
static-cr-lsp egress
static-cr-lsp ingress
static-cr-lsp transit
static-cr-lsp egress
Use static-cr-lsp egress to configure the egress node of a static CRLSP.
Use undo static-cr-lsp egress to delete the egress node configuration of a static CRLSP.
Syntax
static-cr-lsp egress lsp-name in-label in-label-value
undo static-cr-lsp egress lsp-name
Default
No static CRLSPs exist.
Views
System view
Predefined user roles
network-admin
Parameters
lsp-name: Specifies a name for the static CRLSP, a case-sensitive string of 1 to 15 characters.
in-label in-label-value: Specifies an incoming label. The value range for the in-label-value argument is 16 to 1023.
Usage guidelines
A static CRLSP must have a different incoming label than an existing static LSP or static PW. If they are the same, the static CRLSP is not available, even if you change the incoming label of the static LSP or the static PW. To make the static CRLSP available, delete the static CRLSP, and reconfigure it with an unused incoming label.
Examples
# On the egress node, configure a static CRLSP with the name static-te-1 and incoming label 233.
<Sysname> system-view
[Sysname] static-cr-lsp egress static-te-1 in-label 233
Related commands
display mpls static-cr-lsp
static-cr-lsp ingress
static-cr-lsp transit
static-cr-lsp ingress
Use static-cr-lsp ingress to configure the ingress node of a static CRLSP.
Use undo static-cr-lsp ingress to delete the ingress node configuration of a static CRLSP.
Syntax
static-cr-lsp ingress lsp-name { nexthop ip-address | outgoing-interface interface-type interface-number } out-label out-label-value [ bandwidth [ ct0 | ct1 | ct2 | ct3 ] bandwidth-value ]
undo static-cr-lsp ingress lsp-name
Default
No static CRLSPs exist.
Views
System view
Predefined user roles
network-admin
Parameters
lsp-name: Specifies a name for the static CRLSP, a case-sensitive string of 1 to 15 characters.
nexthop ip-address: Specifies the next hop IP address. The address cannot be a public IP address on the local device.
outgoing-interface interface-type interface-number: Specifies an outgoing interface by its type and number. The specified interface must be a P2P interface.
out-label out-label-value: Specifies an outgoing label. The label value can be 0, 3, or an integer in the range of 16 to 1048575.
bandwidth: Specifies the CT and required bandwidth for the static CRLSP. If you do not specify this keyword, the bandwidth required by the static CRLSP is 0 kbps. If you specify this keyword but do not specify a CT, the static CRLSP belongs to CT 0.
ct0: Specifies CT 0 for the static CRLSP.
ct1: Specifies CT 1 for the static CRLSP.
ct2: Specifies CT 2 for the static CRLSP.
ct3: Specifies CT 3 for the static CRLSP.
bandwidth-value: Specifies the bandwidth required by the static CRLSP, in the range of 1 to 4294967295 kbps. The default is 0 kbps.
Usage guidelines
CT 2 and CT 3 are valid only in IETF DS-TE mode. In prestandard DS-TE mode, CT 2 and CT 3 are invalid and the tunnel cannot be established.
Examples
# Configure a static CRLSP on the ingress node: specify its name as static-te-2, next hop IP address as 202.55.25.33, outgoing label as 237, CT as CT 0, and required bandwidth as 20 kbps.
<Sysname> system-view
[Sysname] static-cr-lsp ingress static-te-2 nexthop 202.55.25.33 out-label 237 bandwidth ct0 20
Related commands
display mpls static-cr-lsp
static-cr-lsp egress
static-cr-lsp transit
static-cr-lsp transit
Use static-cr-lsp transit to configure a transit node for a static CRLSP.
Use undo static-cr-lsp transit to delete the transit node configuration of a static CRLSP.
Syntax
static-cr-lsp transit lsp-name in-label in-label-value { nexthop ip-address | outgoing-interface interface-type interface-number } out-label out-label-value [ bandwidth [ ct0 | ct1 | ct2 | ct3 ] bandwidth-value ]
undo static-cr-lsp transit lsp-name
Default
No static CRLSPs exist.
Views
System view
Predefined user roles
network-admin
Parameters
lsp-name: Specifies a name for the static CRLSP, a case-sensitive string of 1 to 15 characters.
in-label in-label-value: Specifies an incoming label in the range of 16 to 1023.
nexthop ip-address: Specifies the next hop IP address. The address cannot be a public IP address on the local device.
outgoing-interface interface-type interface-number: Specifies an outgoing interface by its type and number. The specified interface must be a P2P interface.
out-label out-label-value: Specifies an outgoing label. The label value can be 0, 3, or an integer in the range of 16 to 1048575.
bandwidth: Specifies the CT and required bandwidth for the static CRLSP. If you do not specify this keyword, the bandwidth required by the static CRLSP is 0 kbps. If you specify this keyword but do not specify a CT, the static CRLSP belongs to CT 0.
ct0: Specifies CT 0 for the static CRLSP.
ct1: Specifies CT 1 for the static CRLSP.
ct2: Specifies CT 2 for the static CRLSP.
ct3: Specifies CT 3 for the static CRLSP.
bandwidth-value: Specifies the bandwidth required by the static CRLSP, in the range of 1 to 4294967295 kbps. The default is 0 kbps.
Usage guidelines
CT 2 and CT 3 are valid only in IETF DS-TE mode. In prestandard DS-TE mode, CT 2 and CT 3 are invalid and the tunnel cannot be established.
A static CRLSP must have a different incoming label than an existing static LSP or static PW. If they are the same, the static CRLSP is not available, even if you change the incoming label of the static LSP or the static PW. To make the static CRLSP available, delete the static CRLSP, and reconfigure it with an unused incoming label.
Examples
# Configure a static CRLSP on the transit node: specify its name as static-te-3, incoming label as 123, next hop IP address as 1.1.1.1, outgoing label as 253, CT as CT 0, and required bandwidth as 20 kbps.
<Sysname> system-view
[Sysname] static-cr-lsp transit static-te-3 in-label 123 nexthop 1.1.1.1 out-label 253 bandwidth ct0 20
Related commands
display mpls static-cr-lsp
static-cr-lsp egress
static-cr-lsp ingress
RSVP commands
The following matrix shows the feature and hardware compatibility:
Hardware |
RSVP compatibility |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
MSR2600-6-X1/2600-10-X1 |
Yes |
MSR 2630 |
Yes |
MSR3600-28/3600-51 |
Yes |
MSR3600-28-SI/3600-51-SI |
No |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
MSR5620/5660/5680 |
Yes |
Hardware |
RSVP compatibility |
MSR810-LM-GL |
No |
MSR810-W-LM-GL |
No |
MSR830-6EI-GL |
No |
MSR830-10EI-GL |
No |
MSR830-6HI-GL |
No |
MSR830-10HI-GL |
No |
MSR2600-6-X1-GL |
Yes |
MSR3600-28-SI-GL |
No |
authentication challenge
Use authentication challenge to enable the RSVP challenge-response handshake feature globally or for an RSVP neighbor.
Use undo authentication challenge to disable the challenge-response handshake feature globally or for an RSVP neighbor.
Syntax
authentication challenge
undo authentication challenge
Default
The RSVP challenge-response handshake feature is disabled.
Views
RSVP view
RSVP neighbor view
Predefined user roles
network-admin
Usage guidelines
To prevent packet replay attacks, RSVP requires received authentication messages to carry incremental sequence numbers. To verify the subsequent messages, RSVP saves the sequence number of the last valid message in a receive-type security association.
However, when RSVP creates a new receive-type security association, it cannot obtain the sequence number of the sender. To successfully establish the receive-type security association, RSVP sets the receive sequence number to 0 by default. Then, the association can receive a message with any sequence number from the peer. Because this introduces a vulnerability to replay attacks, you should execute the authentication challenge command. When RSVP creates a receive-type security association, it will perform a challenge-response handshake to obtain the sequence number of the sender.
RSVP challenge-response handshake can be configured in the following views:
· RSVP view—Configuration applies to all RSVP security associations.
· RSVP neighbor view—Configuration applies only to RSVP security associations with the specified neighbor.
· Interface view—Configuration applies only to RSVP security associations established on the current interface.
The execution of this command affects only security associations established after the execution. To apply the setting to existing security associations, you must execute the reset rsvp authentication command to delete and then re-establish the security associations.
Examples
# Enable RSVP challenge-response handshake globally.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp] authentication challenge
# Enable challenge-response handshake for RSVP neighbor 1.1.1.9.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp] peer 1.1.1.9
[Sysname-rsvp-peer-1.1.1.9] authentication challenge
Related commands
authentication key
authentication lifetime
authentication window-size
display rsvp authentication
reset rsvp authentication
rsvp authentication challenge
rsvp authentication key
rsvp authentication lifetime
rsvp authentication window-size
authentication key
Use authentication key to enable RSVP authentication globally or for an RSVP neighbor, and configure the authentication key.
Use undo authentication key to disable RSVP authentication.
Syntax
authentication key { cipher | plain } string
undo authentication key
Default
RSVP authentication is disabled.
Views
RSVP view
RSVP neighbor view
Predefined user roles
network-admin
Parameters
cipher: Specifies an authentication key in encrypted form.
plain: Specifies an authentication key in plaintext form. For security purposes, the key specified in plaintext form will be stored in encrypted form.
string: Specifies the authentication key. Its plaintext form is a case-sensitive string of 1 to 16 characters. Its encrypted form is a case-sensitive string of 1 to 53 characters.
Usage guidelines
RSVP authentication ensures integrity of RSVP messages, and prevents false resource reservation requests from occupying network resources.
With RSVP authentication, the sender uses the MD5 algorithm and the authentication key to calculate a message digest for an RSVP message. The sender inserts the message digest to the RSVP message. When the receiver receives the message, it performs the same calculation and compares the result with the message digest received. If the two digests match, the receiver accepts the message. If the two digests do not match, it drops the message.
RSVP authentication can be configured in the following views:
· RSVP view—Configuration applies to all RSVP security associations.
· RSVP neighbor view—Configuration applies only to RSVP security associations with the specified RSVP neighbor.
· Interface view—Configuration applies only to RSVP security associations established on the current interface.
Configurations in RSVP neighbor view, interface view, and RSVP view are in descending order of priority. If RSVP authentication for a neighbor is enabled in both RSVP neighbor view and RSVP view with different authentication keys configured, the key configured in RSVP neighbor view is used.
To re-establish a security association, you must delete the authentication key used by the current security association or delete the current security association (using the reset rsvp authentication command). Then, the device can re-establish a security association by looking up a new authentication key in order of priorities.
After you enable RSVP authentication on the local device, you must also enable RSVP authentication and configure the same authentication key on the RSVP neighbor.
Examples
# Enable RSVP authentication globally, and configure the authentication key as a plaintext string of abcdefgh.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp] authentication key plain abcdefgh
# Enable RSVP authentication for the neighbor 1.1.1.9, and configure the authentication key as a plaintext string of abcdefgh.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp] peer 1.1.1.9
[Sysname-rsvp-peer-1.1.1.9] authentication key plain abcdefgh
Related commands
authentication challenge
authentication lifetime
authentication window-size
display rsvp authentication
reset rsvp authentication
rsvp authentication challenge
rsvp authentication key
rsvp authentication lifetime
rsvp authentication window-size
authentication lifetime
Use authentication lifetime in RSVP view to set the global idle timeout for RSVP security associations.
Use authentication lifetime in RSVP neighbor view to set the idle timeout for RSVP security associations with an RSVP neighbor.
Use undo authentication lifetime to restore the default.
Syntax
authentication lifetime life-time
undo authentication lifetime
Default
The idle timeout for an RSVP security association is 1800 seconds.
Views
RSVP view
RSVP neighbor view
Predefined user roles
network-admin
Parameters
life-time: Specifies the RSVP security association idle timeout in the range of 30 to 86400 seconds.
Usage guidelines
When RSVP authentication is enabled, the device dynamically establishes security associations when receiving and sending RSVP messages.
To release memory resources, each security association has an idle timeout. When a security association is idle for the specified timeout time, the device deletes the security association. When the device sends or receives an authenticated RSVP message, it resets the idle timeout timer for the corresponding security association.
The RSVP authentication idle timeout can be configured in the following views:
· RSVP view—Configuration applies to all RSVP security associations.
· RSVP neighbor view—Configuration applies only to RSVP security associations with the specified RSVP neighbor.
· Interface view—Configuration applies only to RSVP security associations established on the current interface.
An RSVP security association established by using the authentication key configured in a view uses the idle timeout configured in the same view.
A modification to the idle timeout affects only security associations established after the modification. To apply the new setting to existing security associations, you must execute the reset rsvp authentication command to delete and then re-establish the security associations.
Examples
# Set the global idle timeout to 100 seconds for RSVP security associations.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp] authentication lifetime 100
# Set the idle timeout to 100 seconds for the security associations with the RSVP neighbor 1.1.1.9.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp] peer 1.1.1.9
[Sysname-rsvp-peer-1.1.1.9] authentication lifetime 100
Related commands
authentication challenge
authentication key
authentication window-size
display rsvp authentication
reset rsvp authentication
rsvp authentication challenge
rsvp authentication key
rsvp authentication lifetime
rsvp authentication window-size
authentication window-size
Use authentication window-size in RSVP view to set the global RSVP authentication window size, which is the maximum number of authenticated RSVP messages that can be received out of sequence.
Use authentication window-size in RSVP neighbor view to set the RSVP authentication window size for an RSVP neighbor.
Use undo authentication window-size to restore the default.
Syntax
authentication window-size number
undo authentication window-size
Default
Only one authenticated RSVP message can be received out of sequence.
Views
RSVP view
RSVP neighbor view
Predefined user roles
network-admin
Parameters
number: Specifies the maximum number of authenticated RSVP messages that can be received out of sequence, in the range of 1 to 64.
Usage guidelines
To protect against replay attacks, the sender places a unique sequence number in each RSVP message that contains authentication information. The sender increases the value of the sequence number by one each time it sends an RSVP message. If the sequence number of a received message is in the specified authentication window size, the receiver accepts the message. If it is not in the specified authentication window size, the receiver discards the message.
When the receiver receives an RSVP message, it compares the sequence number of the last accepted RSVP message with the sequence number of the newly received RSVP message.
· If the new sequence number is greater than the last sequence number, RSVP accepts the message and updates the last sequence number with the new sequence number.
· If the new sequence number equals the last sequence number, RSVP regards the message a replay message and discards the message.
· If the new sequence number is smaller than the last sequence number but greater than the last sequence number minus the window size, and has never been received before, RSVP accepts the message. If the new sequence number has been received before, RSVP regards the message a replay message and discards the message.
· If the new sequence number is smaller than or equal to the last sequence number minus the window size, RSVP regards the message invalid and discards the message.
By default, the authentication window size is 1. If the sequence number of a newly received RSVP message is smaller than that of the last accepted message, the device discards the message. However, if the sender sends multiple RSVP messages in a short time, these messages might arrive at the neighbor out of sequence. If you use the default window size, the out-of-sequence messages will be discarded. To solve this problem, you can use the authentication window-size command to configure a correct window size.
A security association established by using the authentication key configured in a view uses the window size configured in that view.
A modification to the window size affects only security associations established after the modification. To apply the new setting to existing security associations, you must execute the reset rsvp authentication command to delete and then re-establish the security associations.
Examples
# In RSVP view, set the maximum number of out-of-sequence authenticated RSVP messages that can be received to 10.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp] authentication window-size 10
# In RSVP neighbor view, set the maximum number of out-of-sequence authenticated RSVP messages that can be received from the RSVP neighbor 1.1.1.9 to 10.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp] peer 1.1.1.9
[Sysname-rsvp-peer-1.1.1.9] authentication window-size 10
Related commands
authentication challenge
authentication key
authentication lifetime
display rsvp authentication
reset rsvp authentication
rsvp authentication challenge
rsvp authentication key
rsvp authentication lifetime
rsvp authentication window-size
display rsvp
Use display rsvp to display RSVP information.
Syntax
display rsvp [ interface [ interface-type interface-number ] ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
interface: Displays RSVP information on interfaces.
interface-type interface-number: Displays RSVP information on the interface specified by its type and number.
Usage guidelines
If you do not specify the interface keyword, this command displays global RSVP information.
If you specify the interface keyword but do not specify the interface-type interface-number argument, this command displays RSVP information for all interfaces.
If you specify the interface interface-type interface-number option, this command displays RSVP information for the specified interface.
Examples
# Display global RSVP information.
LSR ID: 50.0.0.1 Fast Reroute time: 300 sec
Refresh interval: 30 sec Keep multiplier: 3
Hello interval: 3 sec Hello lost: 4
Graceful Restart: Disabled DSCP value: 48
Authentication: Enabled
Lifetime: 300 sec
Window size: 64
Challenge: Enabled
Statistics:
PSB number: 5 RSB number: 5
LSP number: 5 Request number: 5
Peer number: 5 SA number: 5
Table 49 Command output
Field |
Description |
Fast Reroute time |
Interval for detecting whether a better bypass CRLSP is available for a primary CRLSP, in seconds. |
Refresh interval |
Interval for refreshing Path and Resv messages, in seconds. |
Keep multiplier |
PSB and RSB timeout multiplier. |
Hello interval |
Interval for sending hello requests, in seconds. |
Hello lost |
Maximum number of consecutive lost or erroneous hellos allowed. |
DSCP value |
DSCP value for outgoing RSVP packets. |
Authentication |
RSVP authentication state. |
Lifetime |
Idle timeout for RSVP security associations, in seconds. |
Window size |
Maximum number of out-of-sequence authenticated RSVP messages that can be received. |
Challenge |
State of the challenge-response handshake feature. |
Statistics |
RSVP statistics. |
PSB number |
Total number of PSBs. |
RSB number |
Total number of RSBs. |
LSP number |
Total number of LSPs established by RSVP. |
Request number |
Total number of RSVP request data blocks. |
Peer number |
Total number of RSVP neighbors. |
SA number |
Total number of security associations. |
# Display RSVP information for all interfaces.
<Sysname> display rsvp interface
Interface: GE2/0/1 Logical interface handle: 0x3
State: Up IP address: 50.1.0.1
MPLS TE: Enabled RSVP: Enabled
Hello: Enabled BFD: Enabled
Summary refresh: Enabled Reliability: Disabled
Retransmit interval: 500 ms Retransmit increment: 1
Authentication: Enabled
Lifetime: 300 sec
Window size: 64
Challenge: Enabled
Bypass tunnels: Tunnel0
Interface: GE2/0/2 Logical interface handle: 0x67
State: Up IP address: 50.2.0.1
MPLS TE: Enabled RSVP: Enabled
Hello: Enabled BFD: Enabled
Summary refresh: Disabled Reliability: Disabled
Retransmit interval: 500 ms Retransmit increment: 1
Authentication: Enabled
Lifetime: 300 sec
Window size: 64
Challenge: Enabled
Bypass tunnels: Tunnel0, Tunnel1, Tunnel2
Table 50 Command output
Field |
Description |
Logical interface handle |
Logical interface handle, used to distinguish logical outgoing interfaces on the RSVP interface. |
State |
Interface state recorded by RSVP: UP or Down. |
IP address |
IP address of the current interface used by RSVP. |
MPLS TE |
MPLS TE state on the interface. |
RSVP |
RSVP state on the interface. |
Hello |
State of the hello extension feature on the interface. |
BFD |
BFD state on the interface. |
Summary refresh |
State of the summary refresh feature on the interface. |
Reliability |
State of the reliable RSVP message delivery feature on the interface. |
Retransmit interval |
Initial retransmission interval for reliable RSVP message delivery, in milliseconds. |
Retransmit increment |
Retransmission increment value for reliable RSVP message delivery. |
Authentication |
RSVP authentication state on the interface. |
Lifetime |
Idle timeout for RSVP security associations, in seconds. |
Window size |
Maximum number of out-of-sequence authenticated RSVP messages that can be received. |
Challenge |
State of the challenge-response handshake feature on the interface. |
Bypass tunnels |
Bypass tunnels configured on the interface for fast reroute (FRR). If no bypass tunnels are configured, this field displays None. |
display rsvp authentication
Use display rsvp authentication to display information about the security associations established with RSVP neighbors.
Syntax
display rsvp authentication [ from ip-address ] [ to ip-address ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
from ip-address: Displays information about the security associations with the specified source IP address.
to ip-address: Displays information about the security associations with the specified destination IP address.
verbose: Displays detailed information about RSVP security associations. If you do not specify this keyword, the command displays brief information about RSVP security associations.
Usage guidelines
After RSVP authentication is enabled, the device automatically establishes security associations when sending and receiving RSVP messages. A security association includes the following information:
· IP address of the authentication source node.
· IP address of the authentication destination node.
· Authentication direction.
· Authentication type.
· Authentication key.
· Authentication expiration time.
The device obtains the RSVP authentication source and destination IP addresses from the IP header or RSVP message objects, as shown in Table 51.
Table 51 How to get RSVP authentication source and destination IP addresses
Message type received or sent |
Authentication source IP |
Authentication destination IP |
Path |
Address in the HOP object of the RSVP message. |
Address in the SESSION object of the RSVP message. |
PathTear |
Address in the HOP object of the RSVP message. |
Address in the SESSION object of the RSVP message. |
PathError |
Source IP address in the IP header |
Destination IP address in the IP header |
Resv |
Address in the HOP object of the RSVP message. |
Destination IP address in the IP header |
ResvTear |
Address in the HOP object of the RSVP message. |
Destination IP address in the IP header |
ResvError |
Address in the HOP object of the RSVP message. |
Destination IP address in the IP header |
ResvConfirm |
Source IP address in the IP header |
Address in the CONFIRM object of the RSVP message. |
ACK |
Source IP address in the IP header |
Destination IP address in the IP header |
Srefresh |
Source IP address in the IP header |
Destination IP address in the IP header |
Hello |
Source IP address in the IP header |
Destination IP address in the IP header |
If you do not specify the from ip-address to ip-address options, this command displays information about the security associations established with all RSVP neighbors.
Examples
# Display brief information about the security associations established with all RSVP neighbors.
<Sysname> display rsvp authentication
From To Mode Type Key-ID Expiration
57.10.10.1 57.10.10.2 Receive Interface 000103000000 280s
57.10.10.2 57.10.10.1 Send Interface 000103000000 280s
Table 52 Command output
Field |
Description |
From |
RSVP authentication source IP address. |
To |
RSVP authentication destination IP address. |
Mode |
Direction of the security association: · Receive—Receive security association, used to authenticate messages received from an RSVP neighbor. · Send—Send security association, used to authenticate messages sent to an RSVP neighbor. |
Type |
Type of the security association: · Peer—Security association established in RSVP neighbor view. · Interface—Security association established in interface view. · Global—Security association established in RSVP view. |
Key-ID |
Key ID of the security association. · For a send security association, this field displays the local key ID. · For a receive security association, this field displays the key ID received from the peer. |
Expiration |
Idle timeout remaining time of the security association, in seconds. |
# Display detailed information about the security associations established with all RSVP neighbors.
<Sysname> display rsvp authentication verbose
From: 20.1.1.1 To: 4.4.4.9
Mode: Send Type: Interface
Challenge: Supported Peer: 20.1.1.2
Local key ID: 0x000104000000 Peer key ID: 0x0
Lifetime: 1800 sec Expiration time: 1781 sec
Window size: 1
Last sent sequence number:
5781735195480686593
From: 20.1.1.2 To: 20.1.1.1
Mode: Receive Type: Interface
Challenge: Not configured Peer: 20.1.1.2
Local key ID: 0x0 Peer key ID: 0x000104000000
Lifetime: 1800 sec Expiration time: 1798 sec
Window size: 1
Received sequence numbers:
5781742445385482241
Table 53 Command output
Field |
Description |
From |
RSVP authentication source IP address. |
To |
RSVP authentication destination IP address. |
Mode |
Direction of the security association: · Receive—Receive security association, used to authenticate messages received from an RSVP neighbor. · Send—Send security association, used to authenticate messages sent to an RSVP neighbor. |
Type |
Type of the security association: · Peer—Security association established in RSVP neighbor view. · Interface—Security association established in interface view. · Global—Security association established in RSVP view. |
Challenge |
State of the authentication challenge-response feature: · Not configured—The challenge-response handshake feature is disabled locally. (For a receive security association.) · Configured—The challenge-response handshake feature is enabled locally. (For a receive security association.) · In progress—The local device has sent an Integrity Challenge message to the peer and is waiting for the Integrity Response message from the peer. · Completed—The local device has received an Integrity Response message from the peer and the message has passed the authentication. · Failed—The Failed state is displayed when one of the following events occurs: ¡ The local device has received an Integrity Response message from the peer but the message failed the authentication. ¡ The local device has not received any valid Integrity Response after sending three Integrity Challenge messages to the peer. ¡ The challenge-response feature is disabled on the peer. · Supported—The local device supports the challenge-response feature. (For a send security association.) |
Peer |
IP address of the authentication neighbor. |
Local key ID |
Local key ID, for a send security association. |
Peer key ID |
Peer key ID, for a receive security association. |
Lifetime |
Idle timeout of the security association, in seconds. |
Expiration time |
Idle timeout remaining time of the security association, in seconds. |
Window size |
Maximum number of out-of-sequence authenticated RSVP messages that can be received. |
Received sequence numbers |
Sequence numbers of the received messages. This field can display the sequence numbers for a maximum of window-size messages. |
Last sent sequence number |
Sequence number of the last sent message. |
Related commands
authentication challenge
authentication key
authentication lifetime
authentication window-size
reset rsvp authentication
rsvp authentication challenge
rsvp authentication key
rsvp authentication lifetime
rsvp authentication window-size
display rsvp lsp
Use display rsvp lsp to display information about CRLSPs established by RSVP.
Syntax
display rsvp lsp [ destination ip-address ] [ source ip-address ] [ tunnel-id tunnel-id ] [ lsp-id lsp-id ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
destination ip-address: Displays information about the CRLSP with the specified tunnel destination address.
source ip-address: Displays information about the CRLSP with the specified tunnel source address. The tunnel source address is the extended tunnel ID in the Session object of an RSVP message.
tunnel-id tunnel-id: Displays information about the CRLSP with the specified tunnel ID in the range of 0 to 65535.
lsp-id lsp-id: Displays information about the CRLSP with the specified LSP ID in the range of 0 to 65535.
verbose: Displays detailed information about CRLSPs. If you do not specify this keyword, the command displays brief information about CRLSPs.
Examples
# Display brief information about all CRLSPs established by RSVP.
<Sysname> display rsvp lsp
Destination Source Tunnel-ID LSP-ID Direction Tunnel-name
50.0.0.1 50.0.0.3 0 1 Uni Sysname_t0
50.0.0.1 50.0.0.3 1 2 Bi-Down Sysname_t1
Table 54 Command output
Field |
Description |
Destination |
Tunnel destination address. |
Source |
Tunnel source address. |
Direction |
Tunnel direction: · Uni—Unidirectional tunnel. · Bi-Down—Forward CRLSP of a bidirectional tunnel. · Bi-Up—Backward CRLSP of a bidirectional tunnel. |
Tunnel-name |
The value for a tunnel name is Sysname_ttunnel-ID, where Sysname represents the device name, and tunnel-ID represents the ID of the tunnel. You can configure the device name by executing the sysname command in system view. This field contains a maximum of 80 characters, and displays the first 77 characters and three dots (.) if the name contains more than 80 characters. |
# Display detailed information about all CRLSPs established by RSVP.
<Sysname> display rsvp lsp verbose
Tunnel name: Sysname_t1
Destination: 3.3.3.9 Source: 1.1.1.9
Tunnel ID: 1 LSP ID: 5
LSR type: Transit Direction: Unidirectional
Setup priority: 7 Holding priority: 7
In-Label: 1146 Out-Label: 3
In-Interface: GE2/0/2 Out-Interface: GE2/0/4
Nexthop: 57.20.20.1 Exclude-any: 0
Include-Any: 0 Include-all: 0
Mean rate (CIR): 0.00 kbps Mean burst size (CBS): 1000.00 bytes
Path MTU: 1500 Class type: CT0
RRO number: 8
57.10.10.1/32 Flag: 0x00 (No FRR)
57.10.10.2/32 Flag: 0x40 (No FRR/In-Int)
1146 Flag: 0x01 (Global label)
2.2.2.9/32 Flag: 0x20 (No FRR/Node-ID)
57.20.20.2/32 Flag: 0x00 (No FRR)
57.20.20.1/32 Flag: 0x40 (No FRR/In-Int)
3 Flag: 0x01 (Global label)
3.3.3.9/32 Flag: 0x20 (No FRR/Node-ID)
Fast Reroute protection: Ready
FRR inner label: 3 Bypass tunnel: Tunnel253
Tunnel name: Sysname_t253
Destination: 3.3.3.9 Source: 2.2.2.9
Tunnel ID: 253 LSP ID: 17767
LSR type: Ingress Direction: Bidirectional, Downstream
Setup priority: 7 Holding priority: 7
In-Label: - Out-Label: 1025
In-Interface: - Out-Interface: GE2/0/6
Nexthop: 10.11.112.135 Exclude-any: 0
Include-Any: 0 Include-all: 0
Mean rate (CIR): 125.00 kbps Mean burst size (CBS): 0.00 bytes
Path MTU: 0 Class type: CT0
RRO number: 8
10.11.112.140/32 Flag: 0x00 (No FRR)
10.11.112.135/32 Flag: 0x40 (No FRR/In-Int)
1025 Flag: 0x01 (Global label)
5.5.5.9/32 Flag: 0x20 (No FRR/Node-ID)
57.40.40.3/32 Flag: 0x00 (No FRR)
57.40.40.1/32 Flag: 0x40 (No FRR/In-Int)
3 Flag: 0x01 (Global label)
3.3.3.9/32 Flag: 0x20 ((No FRR/Node-ID)
Fast Reroute protection: None
Table 55 Command output
Field |
Description |
Tunnel name |
The value for a tunnel name is Sysname_ttunnel-ID, where Sysname represents the device name, and tunnel-ID represents the ID of the tunnel. You can configure the device name by executing the sysname command in system view. |
Destination |
Tunnel destination address. |
Source |
Tunnel source address. |
Direction |
Tunnel direction: · Unidirectional—Unidirectional tunnel. · Bidirectional, Downstream—Forward CRLSP of a bidirectional tunnel. · Bidirectional, Upstream—Backward CRLSP of a bidirectional tunnel. |
Exclude-any |
Affinity representing a set of attribute filters. Matching any filter renders a link unacceptable. |
Include-any |
Affinity representing a set of attribute filters. Matching any filter renders a link acceptable. |
Include-all |
Affinity representing a set of attribute filters. All filters must be present for a link to be acceptable. |
Class type |
CT of the LSP. |
RRO number |
Number of Record Route Objects (RROs). If the number is not 0, the subsequent output displays the IP addresses or labels recorded in the RROs. The RRO information is displayed only when route recording is configured on the tunnel interface. |
Flag |
Flag value and its meaning in an RRO: · No FRR—FRR is not configured. · FRR Avail—FRR is available. · In use—FRR has occurred. · BW—Bandwidth protection. · Node-Prot—Node protection. · Node-ID—The IP address in the RRO is the LSR ID of the node. · In-Int—The IP address in the RRO is address of the incoming interface. · Global label—Per-platform label space. |
Fast Reroute protection |
Whether the tunnel has been bound to an FRR bypass tunnel: · None—Not bound to a bypass tunnel. · Ready—Bound to a bypass tunnel. No FRR has occurred. · Active—Bound to a bypass tunnel. An FRR has occurred. |
FRR inner label |
Incoming label of the FRR bypass tunnel. This field is displayed only when a bypass tunnel is bound. |
Bypass tunnel |
Name of the bypass tunnel. This field is displayed only when a bypass tunnel is bound. |
Related commands
display rsvp request
display rsvp reservation
display rsvp sender
display rsvp peer
Use display rsvp peer to display RSVP neighbor information.
Syntax
display rsvp peer [ interface interface-type interface-number ] [ ip ip-address ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
interface interface-type interface-number: Displays information about RSVP neighbors connected to the interface specified by its type and number.
ip ip-address: Displays information about the RSVP neighbor specified by its IP address.
verbose: Displays detailed information about RSVP neighbors. If you do not specify this keyword, the command displays brief information about RSVP neighbors.
Examples
# Display brief information about all RSVP neighbors.
<Sysname> display rsvp peer
Peer Interface State Type Summary refresh
57.10.10.1 GE2/0/1 Idle Active Enabled
57.20.20.1 GE2/0/2 Init Passive Disabled
Table 56 Command output
Field |
Description |
Peer |
Address of the RSVP neighbor. |
Interface |
Interface connected to the RSVP neighbor. |
State |
Local hello state: · Idle—Hello extension is disabled. · Init—Hello extension is enabled. The local device failed to exchange hellos with the neighbor or hello exchanges are in progress. · Up—Hello extension is enabled. The local device successfully exchanged hellos with the neighbor. |
Type |
Role of the local device in the neighbor relationship: · Active—The local device actively sends hello requests to the neighbor. · Passive—The local end passively receives hello requests from the neighbor and replies with hello ACK messages. |
Summary refresh |
State of the Srefresh feature on the neighbor, Enabled or Disabled. |
# Display detailed information about all RSVP neighbors.
<Sysname> display rsvp peer verbose
Peer: 57.10.10.1 Interface: GE2/0/2
Hello state: Idle Hello type: Active
PSB count: 1 RSB count: 0
Src instance: 0x32e Dst instance: 0x0
Summary refresh: Enabled Graceful Restart state: Invalid
Peer GR restart time: 0 ms Peer GR recovery time: 0 ms
Peer: 57.20.20.1 Interface: GE2/0/4
Hello state: Init Hello type: Active
PSB count: 0 RSB count: 1
Src instance: 0x32e Dst instance: 0x0
Summary refresh: Disabled Graceful Restart state: Ready
Peer GR restart time: 0 ms Peer GR recovery time: 0 ms
Table 57 Command output
Field |
Description |
Peer |
Address of the RSVP neighbor. |
Interface |
Interface connected to the RSVP neighbor. |
Hello state |
Local hello state: · Idle—Hello extension is disabled locally. · Init—Hello extension is enabled locally. The local device failed to exchange hellos with the neighbor or hello exchanges are in progress. · Up—Hello extension is enabled locally. The local device successfully exchanged hellos with the neighbor. |
Hello type |
Role of the local device in the neighbor relationship: · Active—The local device actively sends hello requests to the neighbor. · Passive—The local device passively receives hello requests from the neighbor and replies with hello ACK messages. |
PSB count |
Number of PSBs for the neighbor. |
RSB count |
Number of RSBs for the neighbor. |
Src instance |
Local device instance carried in the hello sent to the neighbor. |
Dst instance |
Neighbor device instance carried in the last hello received from the neighbor. |
Summary refresh |
State of the Srefresh feature on the neighbor, Enabled or Disabled. |
Graceful Restart state |
GR state of the neighbor: · Invalid—Neighbor is not GR capable, or GR is disabled locally. · Ready—Neighbor is GR capable. · Restarting—Neighbor is restarting. · Recovering—Neighbor is recovering. |
Peer GR restart time |
GR restart period of the neighbor, in milliseconds. |
Peer GR recovery time |
GR recovery period of the neighbor, in milliseconds. |
display rsvp request
Use display rsvp request to display information about RSVP resource reservation requests sent to upstream devices.
Syntax
display rsvp request [ destination ip-address ] [ source ip-address ] [ tunnel-id tunnel-id ] [ prevhop ip-address ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
destination ip-address: Displays information about the RSVP resource reservation requests with the specified tunnel destination address.
source ip-address: Displays information about the RSVP resource reservation requests with the specified tunnel source address. The tunnel source address is the extended tunnel ID in the Session object of an RSVP message.
tunnel-id tunnel-id: Displays information about the RSVP resource reservation requests with the specified tunnel ID. The value range for a tunnel ID is 0 to 65535.
prevhop ip-address: Displays information about the RSVP resource reservation requests sent to the specified upstream device. The ip-address argument is the address of the destination device of the RSVP resource reservation requests, which is the address of the previous hop on the tunnel.
verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information.
Examples
# Display brief information about the RSVP resource reservation requests sent to all upstream devices.
<Sysname> display rsvp request
Destination Source Tunnel-ID Previous-hop Style
3.3.3.9 1.1.1.9 1 57.10.10.1 SE
Table 58 Command output
Field |
Description |
Destination |
Tunnel destination address. |
Source |
Tunnel source address. |
Style |
Resource reservation style: · SE—Shared-explicit style. · FF—Fixed-filter style. |
# Display detailed information about the RSVP resource reservation requests sent to all upstream devices.
<Sysname> display rsvp request verbose
Destination: 3.3.3.9 Source: 1.1.1.9
Tunnel ID: 1 Style: SE
Previous hop: 57.10.10.1 Previous hop LIH: 0xf0008
Sent message epoch: 0 Sent message ID: 0
Out-Interface: GE2/0/2 Refresh interval: 30000 ms
Unknown object number: 0
Flow descriptor 1:
Flow specification:
Mean rate (CIR): 50.00 kbps Mean burst size (CBS): 1000.00 bytes
Path MTU: 1500 QoS service: Controlled-Load
Filter specification 1:
Sender address: 1.1.1.9 LSP ID: 23
Label: 1110
Table 59 Command output
Field |
Description |
Destination |
Tunnel destination address. |
Source |
Tunnel source address. |
Style |
Resource reservation style: · SE—Shared-explicit style. · FF—Fixed-filter style. |
Previous hop LIH |
Logical interface handle of the previous hop. |
Sent message epoch |
Value of the Epoch field in the Message ID object of the sent message. |
Sent message ID |
Message ID in the sent message. |
Out-Interface |
Outgoing interface of the message. |
Refresh interval |
Refresh interval for Path and Resv messages, in milliseconds. |
Unknown object number |
Number of unknown objects. |
QoS service |
QoS service type: Controlled-Load or Guaranteed. |
Sender address |
Sender address identifies the tunnel source end. |
Label |
Incoming label of the forward LSP. |
Related commands
display rsvp lsp
display rsvp reservation
display rsvp sender
display rsvp reservation
Use display rsvp reservation to display information about RSVP resource reservation states.
Syntax
display rsvp reservation [ destination ip-address ] [ source ip-address ] [ tunnel-id tunnel-id ] [ nexthop ip-address ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
destination ip-address: Displays information about the RSVP resource reservation states with the specified tunnel destination address.
source ip-address: Displays information about the RSVP resource reservation states with the specified tunnel source address. The tunnel source address is the extended tunnel ID in the Session object of an RSVP message.
tunnel-id tunnel-id: Displays information about the RSVP resource reservation states with the specified tunnel ID. The value range for a tunnel ID is 0 to 65535.
nexthop ip-address: Displays information about the RSVP resource reservation states received from the specified downstream device. The ip-address argument is the address of the device that sent the RSVP resource reservation states, which is the address of the next hop on the tunnel.
verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information.
Examples
# Display brief information about all RSVP resource reservation states.
<Sysname> display rsvp reservation
Destination Source Tunnel-ID Nexthop Style
3.3.3.9 1.1.1.9 1 57.20.20.1 SE
Table 60 Command output
Field |
Description |
Destination |
Tunnel destination address. |
Source |
Tunnel source address. |
Style |
Resource reservation style: · SE—Shared-explicit style. · FF—Fixed-filter style. |
# Display detailed information about all RSVP resource reservation states.
<Sysname> display rsvp reservation verbose
Destination: 3.3.3.9 Source: 1.1.1.9
Tunnel ID: 1 Style: SE
Nexthop: 57.20.20.1 Nexthop LIH: 0x35
Received message epoch: 0 Received message ID: 0
In-Interface: GE2/0/4 Unknown object number: 0
Flow descriptor 1:
Flow specification:
Mean rate (CIR): 50.00 kbps Mean burst size (CBS): 1000.00 bytes
Path MTU: 1500 QoS service: Controlled-Load
Filter specification 1:
Sender address: 1.1.1.9 LSP ID: 23
Label: 3
RRO number: 3
57.20.20.1/32 Flag: 0x40 (No FRR/In-Int)
3 Flag: 0x01 (Global label)
3.3.3.9/32 Flag: 0x20 (No FRR/Node-ID)
Table 61 Command output
Field |
Description |
Destination |
Tunnel destination address. |
Source |
Tunnel source address. |
Style |
Resource reservation style: · SE—Shared-explicit style. · FF—Fixed-filter style. |
Nexthop LIH |
Logical interface handle of the local outgoing interface for the next hop. |
Received message epoch |
Value of the Epoch field in the Message ID object of the received message. |
Received message ID |
Message ID in the received message. |
In-Interface |
Incoming interface of the message. |
Unknown object number |
Number of unknown objects. |
QoS service |
QoS service type: Controlled-Load or Guaranteed. |
Sender address |
Sender address identifies the tunnel source end. |
Label |
Outgoing label of the forward LSP. |
RRO number |
Number of RROs. If the number is not 0, the subsequent output displays the IP addresses or labels recorded in the RROs. The RRO information is displayed only when route recording is configured on the tunnel interface. |
Flag |
Flag value and its meaning in an RRO: · No FRR—FRR is not configured. · FRR Avail—FRR is available. · In use—FRR has occurred. · BW—Bandwidth protection. · Node-Prot—Node protection. · Node-ID—The IP address in the RRO is the LSR ID of the node. · In-Int—The IP address in the RRO is that of the incoming interface. · Global label—Per-platform label space. |
Related commands
display rsvp lsp
display rsvp request
display rsvp sender
display rsvp sender
Use display rsvp sender to display information about RSVP path states.
Syntax
display rsvp sender [ destination ip-address ] [ source ip-address ] [ tunnel-id tunnel-id ] [ lsp-id lsp-id ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
destination ip-address: Displays information about the RSVP path states with the specified tunnel destination address.
source ip-address: Displays information about the RSVP path states with the specified tunnel source address. The tunnel source address is the extended tunnel ID in the Session object of an RSVP message.
tunnel-id tunnel-id: Displays information about the RSVP path states with the specified tunnel ID. The value range for a tunnel ID is 0 to 65535.
lsp-id lsp-id: Displays information about the RSVP path states with the specified LSP ID. The lsp-id argument specifies the ID of a CRLSP, in the range of 0 to 65535.
verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information.
Examples
# Display brief information about all RSVP path states.
<Sysname> display rsvp sender
Destination Source Tunnel-ID LSP-ID Style Bitrate
3.3.3.9 1.1.1.9 1 5 SE 0.00
3.3.3.9 2.2.2.9 253 17767 SE 125.00
Table 62 Command output
Field |
Description |
Destination |
Tunnel destination address. |
Source |
Tunnel source address. |
Style |
Resource reservation style: · SE—Shared-explicit style. · FF—Fixed-filter style. |
Bitrate |
Tunnel bandwidth in kbps. |
# Display detailed information about all RSVP path states.
<Sysname> display rsvp sender verbose
Destination: 3.3.3.9 Source: 1.1.1.9
Tunnel ID: 1 Style: SE
Sender address: 1.1.1.9 LSP ID: 5
Setup priority: 7 Holding priority: 7
FRR desired: Yes BW protection desired: Yes
Received upstream label: 1051 Sent upstream label: 1051
Previous hop: 57.10.10.1 Previous hop LIH: 0xf0008
Mean rate (CIR): 0.00 kbps Mean burst size (CBS): 1000.00 bytes
MTU: 1500 Qos service: Controlled-Load
Received message epoch: 0 Received message ID: 0
Sent message epoch: 0 Sent message ID: 0
In-Interface: GE2/0/2 Local LIH: 0x35
Local address: 57.20.20.2 Refresh interval: 30000 ms
Out-Interface: GE2/0/4 Nexthop: 57.20.20.1
Unknown object number: 0
Received ERO number: 2
57.10.10.2/32 Strict
57.20.20.1/32 Loose
XRO number: 2
67.10.10.1/32
67.20.20.1/32
Sent ERO number: 1
57.20.20.1/32 Loose
RRO number: 1
57.10.10.1/32 Flag: 0x00 (No FRR)
Fast Reroute PLR: Active
FRR inner label: 3 Bypass tunnel: Tunnel253
Sender Template:
Sender address: 10.11.112.140 LSP ID: 5
FRR ERO number: 1
3.3.3.9/32 Strict
Fast Reroute MP: None
Destination: 3.3.3.9 Source: 2.2.2.9
Tunnel ID: 253 Style: SE
Sender address: 2.2.2.9 LSP ID: 17767
Setup priority: 7 Holding priority: 7
FRR desired: Yes BW protection desired: Yes
Received upstream label: 1115 Sent upstream label: 1115
Previous hop: 57.10.10.1 Previous hop LIH: 0xf0008
Mean rate (CIR): 125.00 kbps Mean burst size (CBS): 0.00 bytes
MTU: 1500 Qos service: Controlled-Load
Received message epoch: 0 Received message ID: 0
Sent message epoch: 0 Sent message ID: 0
In-Interface: GE2/0/2 Local LIH: 0x67
Local address: 10.11.112.140 Refresh interval: 30000 ms
Out-Interface: GE2/0/3 Nexthop: 10.11.112.135
Unknown object number: 0
Received ERO number: 5
2.2.2.9/32 Strict
10.11.112.140/32 Strict
10.11.112.135/32 Strict
57.40.40.3/32 Strict
57.40.40.1/32 Strict
Sent ERO number: 3
10.11.112.135/32 Strict
57.40.40.3/32 Strict
57.40.40.1/32 Strict
XRO number: 1
67.40.40.1/32
RRO number: 0
Fast Reroute PLR: None
Fast Reroute MP: Active
In-Interface: GE2/0/2
Sender Template:
Sender address: 10.11.112.140 LSP ID: 5
Table 63 Command output
Field |
Description |
Destination |
Tunnel destination address. |
Source |
LSR ID of the device at the tunnel source end. |
Style |
Resource reservation style: · SE—Shared-explicit style. · FF—Fixed-filter style. |
Sender address |
Sender address identifies the tunnel source end. |
FRR desired |
State of FRR, Yes or No. |
BW protection desired |
State of bandwidth protection, Yes or No. |
Received upstream label |
Backward LSP label received from the upstream device. |
Sent upstream label |
Backward LSP label sent to the downstream device. |
Previous hop LIH |
Logical interface handle of the previous hop. |
QoS service |
QoS service type: Controlled-Load or Guaranteed. |
Received message Epoch |
Value of the Epoch field in the Message ID object of the received message. |
Received message ID |
Message ID in the received message. |
Sent message epoch |
Value of the Epoch field in the Message ID object of the sent message. |
Sent message ID |
Message ID in the sent message. |
In-Interface |
Incoming interface of the message. |
Local LIH |
Local logical interface handle. |
Local address |
IP address of the outgoing interface of the Path message. |
Refresh interval |
Refresh interval for Path and Resv messages, in milliseconds. |
Out-Interface |
Outgoing interface of the message. |
Unknown object number |
Number of unknown objects. |
Received ERO number |
Number of received Explicit Route Objects (EROs) and the ERO information. ERO information includes the addresses of the nodes on the explicit path, and whether the current node is a loose or strict next hop. |
Sent ERO number |
Number of sent EROs and the ERO information. ERO information includes the addresses of the nodes on the explicit path, and whether the current node is a loose or strict next hop. |
XRO number |
Number of Exclude Route Objects (XROs). If the number is not 0, the subsequent output displays the IP addresses in the XROs. The IP addresses are the addresses of interfaces or the LSR IDs of the nodes that are to be excluded from routes. The addresses in the XROs are non-sequenced. |
RRO number |
Number of Record Route Objects (RROs). If the number is not 0, the subsequent output displays the IP addresses or labels recorded in the RROs. The RRO information is displayed only when route recording is configured on the tunnel interface. |
Flag |
Flag value and its meaning in an RRO: · No FRR—FRR is not configured. · FRR Avail—FRR is available. · In use—FRR has occurred. · BW—Bandwidth protection. · Node-Prot—Node protection. · Node-ID—The IP address in the RRO is the LSR ID of the node. · In-Int—The IP address in the RRO is that of the incoming interface. · Global label—Per-platform label space. |
Fast Reroute PLR |
Point of Local Repair (PLR) information: · None—Not bound to an FRR bypass tunnel. · Ready—Bound to an FRR bypass tunnel. No FRR has occurred. · Active—Bound to an FRR bypass tunnel. An FRR has occurred. |
FRR inner label |
Incoming label of the FRR bypass tunnel. Only the PLR node displays this field. |
Bypass tunnel |
Name of the bypass tunnel. Only the PLR node displays this field. |
Sender address |
Address of the path message sender after an FRR. The value of this field is the address of the outgoing interface of the bypass tunnel on the PLR node. |
LSP ID |
LSP ID carried in the path message after an FRR. |
Fast Reroute MP |
Merge Point (MP) information: · Active—The node is an MP and an FRR has occurred. · None—The node is not an MP, or the node is an MP but no FRR has occurred. |
In-Interface |
Incoming interface of the message. |
Related commands
display rsvp lsp
display rsvp request
display rsvp reservation
display rsvp statistics
Use display rsvp statistics to display RSVP statistics.
Syntax
display rsvp statistics [ interface [ interface-type interface-number ] ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
interface: Displays RSVP statistics on interfaces.
interface-type interface-number: Displays RSVP statistics on the interface specified by its type and number.
Usage guidelines
If you do not specify the interface keyword, this command displays global RSVP statistics.
If you specify the interface keyword without the interface-type interface-number argument, this command displays RSVP statistics on all RSVP-enabled interfaces.
If you specify the interface interface-type interface-number option, this command displays RSVP statistics on the specified interface.
Examples
# Display global RSVP statistics.
<Sysname> display rsvp statistics
Object Added Deleted
PSB 3 1
RSB 3 1
LSP 3 1
Packet Received Sent
Path 5 5
Resv 5 5
PathError 0 0
ResvError 0 0
PathTear 0 0
ResvTear 0 0
ResvConf 0 0
Bundle 0 0
Ack 0 0
Srefresh 0 0
Hello 0 0
Challenge 0 0
Response 0 0
Error 0 0
# Display RSVP statistics on interfaces.
<Sysname> display rsvp statistics interface
GE2/0/2:
Packet Received Sent
Path 2 2
Resv 2 2
PathError 0 0
ResvError 0 0
PathTear 0 0
ResvTear 0 0
ResvConf 0 0
Bundle 0 0
Ack 0 0
Srefresh 0 0
Hello 0 0
Challenge 0 0
Response 0 0
Error 0 0
GE2/0/4:
Packet Received Sent
Path 3 3
Resv 3 3
PathError 0 0
ResvError 0 0
PathTear 0 0
ResvTear 0 0
ResvConf 0 0
Bundle 0 0
Ack 0 0
Srefresh 0 0
Hello 0 0
Challenge 0 0
Response 0 0
Error 0 0
Table 64 Command output
Field |
Description |
PSB |
Number of added/deleted PSBs. |
RSB |
Number of added/deleted RSBs. |
LSP |
Number of added/deleted LSPs. |
Path |
Number of received/sent Path messages. |
Resv |
Number of received/sent Resv messages. |
PathError |
Number of received/sent Path Error messages. |
ResvError |
Number of received/sent Resv Error messages. |
PathTear |
Number of received/sent Path Tear messages. |
ResvTear |
Number of received/sent Resv Tear messages. |
ResvConf |
Number of received/sent Resv Conf messages. |
Bundle |
Number of received/sent Bundle messages. |
Ack |
Number of received/sent Ack messages. |
Srefresh |
Number of received/sent Srefresh messages. |
Hello |
Number of received/sent Hello messages. |
Challenge |
Number of received/sent Integrity Challenge messages. |
Response |
Number of received/sent Integrity Response messages. |
Error |
Number of received/sent error messages. |
Related commands
reset rsvp statistics
dscp
Use dscp to set a DSCP value for outgoing RSVP packets.
Use undo dscp to restore the default.
Syntax
dscp dscp-value
undo dscp
Default
The DSCP value for outgoing RSVP packets is 48.
Views
RSVP view
Predefined user roles
network-admin
Parameters
dscp-value: Specifies a DSCP value in the range of 0 to 63.
Usage guidelines
The DSCP value of an IP packet specifies the priority level of the packet and affects the transmission priority of the packet.
Examples
# Set the DSCP value for outgoing RSVP packets to 56.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp] dscp 56
Related commands
display rsvp
graceful-restart enable
Use graceful-restart enable to enable RSVP GR.
Use undo graceful-restart enable to disable RSVP GR.
Syntax
graceful-restart enable
undo graceful-restart enable
Default
RSVP GR is disabled.
Views
RSVP view
Predefined user roles
network-admin
Usage guidelines
RSVP supports only the GR helper feature. The device is not able to perform GR, but it can help neighbor devices to perform GR.
Nonstop forwarding (NSF) is implemented between active and standby processes on the device.
The local device can act as a GR helper for the RSVP neighbor connected to an interface only after the following features are enabled on that interface:
· RSVP GR (configured by the graceful-restart enable command).
· RSVP hello extension (configured by the rsvp hello enable command).
Examples
# Enable RSVP GR globally.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp] graceful-restart enable
Related commands
rsvp hello enable
hello interval
Use hello interval to set the interval for sending hello requests.
Use undo hello interval to restore the default.
Syntax
hello interval interval
undo hello interval
Default
Hello request messages are sent at an interval of 5 seconds.
Views
RSVP view
Predefined user roles
network-admin
Parameters
interval: Specifies the interval at which RSVP sends hello requests, in the range of 1 to 60 seconds.
Usage guidelines
If no hello request is received from a neighbor within the hello interval, the device sends a hello request to the neighbor. If the device receives a hello request from a neighbor within the interval, it immediately replies the neighbor with a hello ACK message.
The hello interval command takes effect only on interfaces that have the RSVP hello extension feature enabled (by using the rsvp hello enable command).
Examples
# Set the interval for sending hello request messages to 10 seconds.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp] hello interval 10
Related commands
hello lost
rsvp hello enable
hello lost
Use hello lost to set the maximum number of consecutive lost or erroneous hellos.
Use undo hello lost to restore the default.
Syntax
hello lost times
undo hello lost
Default
The maximum number of consecutive lost or erroneous hellos is 4.
Views
RSVP view
Predefined user roles
network-admin
Parameters
times: Specifies the maximum number of consecutive lost or erroneous hellos, in the range of 3 to 10.
Usage guidelines
When a device sends a hello to a neighbor but the device does not receive any replies within an interval, the hello is lost. The device determines that the neighbor fails when the number of consecutive lost hellos or erroneous hellos from the neighbor reaches the maximum (configured by this command).
If RSVP GR is enabled, the local device acts as a GR helper to help the neighbor to perform GR. If RSVP GR is disabled but FRR is enabled on the local device, it performs an FRR.
If the maximum number is too big, neighbor failures cannot be promptly detected. If the maximum number is too small, an operating neighbor might be regarded failed.
This command takes effect only after the RSVP hello extension feature has been enabled by using the rsvp hello enable command.
Examples
# Set the maximum number of consecutive lost or erroneous hellos to 6.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp] hello lost 6
Related commands
hello interval
rsvp hello enable
keep-multiplier
Use keep-multiplier to set the PSB and RSB timeout multiplier.
Use undo keep-multiplier to restore the default.
Syntax
keep-multiplier number
undo keep-multiplier
Default
The PSB and RSB timeout multiplier is 3.
Views
RSVP view
Predefined user roles
network-admin
Parameters
number: Specifies the PSB and RSB timeout multiplier in the range of 3 to 255.
Usage guidelines
The PSB and RSB timeout is computed in this formula: Timeout = (keep-multiplier+0.5) × 1.5 × refresh-time. Refresh-time is the interval at which the peer device advertises the Path and Resv messages to the local device.
To prevent too many PSBs and RSBs from occupying system resources, the device removes a PSB or RSB if no Path or Resv message is received within the timeout interval.
Examples
# Set the PSB and RSB timeout multiplier to 5.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp] keep-multiplier 5
Related commands
refresh interval
peer
Use peer to create an RSVP authentication neighbor and enter its view, or enter the view of an existing RSVP authentication neighbor.
Use undo peer to delete an RSVP authentication neighbor.
Syntax
peer ip-address
undo peer ip-address
Default
No RSVP authentication neighbors exist.
Views
RSVP view
Predefined user roles
network-admin
Parameters
ip-address: Specifies an RSVP authentication neighbor by its IP address.
Usage guidelines
After this command is executed, you can configure RSVP authentication information for the specified RSVP neighbor, such as the authentication key and idle timeout of the security association.
After the device receives an RSVP message with an authentication object, it checks whether it has an RSVP authentication neighbor that matches one of the following addresses:
· The IP address in PHOP of the message (Path or Path Tear message).
· The source IP address in the message (message other than Path and Path Tear).
If a matching neighbor exists and an authentication key has been configured for the neighbor, the device verifies the validity of the message according to the key. Otherwise, the device uses the authentication key configured in interface view or RSVP view to verify the message validity. If no authentication key is configured in any view, the device ignores the authentication object carried in the message and accepts the message.
When sending an RSVP message, the device checks whether it has a matching authentication neighbor according to the next hop address for the destination address in the RSVP message. If a matching neighbor exists and an authentication key has been configured for the neighbor, the device sets the authentication object of the message according to the key. Otherwise, the device uses the authentication key configured in interface view or RSVP view to set the authentication object. If no authentication key is configured in any view, the device does not add an authentication object in the message.
If an FRR occurs, the downstream authentication neighbor of the PLR node is the destination IP address of the bypass tunnel. The upstream authentication neighbor of the MP node is the IP address of the physical outgoing interface of the bypass tunnel on the PLR.
Examples
# Create RSVP authentication neighbor 1.1.1.1, enter RSVP neighbor view, and configure a plaintext authentication key abcdfegh for the neighbor.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp] peer 1.1.1.1
[Sysname-rsvp-peer-1.1.1.1] authentication key plain abcdfegh
Related commands
authentication challenge
authentication key
authentication lifetime
authentication window-size
refresh interval
Use refresh interval to set the refresh interval for Path and Resv messages.
Use undo refresh interval to restore the default.
Syntax
refresh interval interval
undo refresh interval
Default
The refresh interval for Path and Resv messages is 30 seconds.
Views
RSVP view
Predefined user roles
network-admin
Parameters
interval: Specifies the interval at which RSVP refreshes Path and Resv messages, in the range of 10 to 65535 seconds.
Usage guidelines
This command performs the following operations:
· Determines the interval for sending Path and Resv messages.
· Adds the locally configured refresh interval in the sent Path and Resv messages, so the peer device can use this value to calculate the PSB and RSB timeout.
Examples
# Set the refresh interval for Path and Resv messages to 60 seconds.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp] refresh interval 60
Related commands
keep-multiplier
reset rsvp authentication
Use reset rsvp authentication to clear RSVP security associations.
Syntax
reset rsvp authentication [ from ip-address to ip-address ]
Views
User view
Predefined user roles
network-admin
Parameters
from ip-address: Clears the RSVP security associations with the specified authentication source IP address.
to ip-address: Clears the RSVP security associations with the specified authentication destination IP address.
Usage guidelines
If you do not specify the from ip-address to ip-address options, this command clears the security associations established with all RSVP neighbors.
Examples
# Clear all RSVP security associations.
<Sysname> reset rsvp authentication
# Clear the RSVP security association sourced from 1.1.1.1 to 2.2.2.2.
<Sysname> reset rsvp authentication from 1.1.1.1 to 2.2.2.2
Related commands
display rsvp authentication
reset rsvp statistics
Use reset rsvp statistics to clear RSVP statistics.
Syntax
reset rsvp statistics [ interface [ interface-type interface-number ] ]
Views
User view
Predefined user roles
network-admin
Parameters
interface: Clears RSVP statistics on interfaces.
interface-type interface-number: Clears RSVP statistics on the interface specified by its type and number.
Usage guidelines
If you do not specify the interface keyword, this command clears global RSVP statistics.
If you specify the interface keyword without the interface-type interface-number argument, this command clears RSVP statistics on all RSVP-enabled interfaces.
If you specify the interface interface-type interface-number option, this command clears RSVP statistics on the specified interface.
Examples
# Clear global RSVP statistics.
<Sysname> reset rsvp statistics
# Clear RSVP statistics on all RSVP-enabled interfaces.
<Sysname> reset rsvp statistics interface
Related commands
display rsvp statistics
rsvp
Use rsvp to enable RSVP globally and enter RSVP view.
Use undo rsvp to disable RSVP globally.
Syntax
rsvp
undo rsvp
Default
RSVP is disabled globally.
Views
System view
Predefined user roles
network-admin
Usage guidelines
To enable global RSVP, you must enable both global RSVP (by using the rsvp command) and global MPLS TE (by using the mpls te command).
Examples
# Enable RSVP globally and enter RSVP view.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp]
Related commands
mpls te
rsvp enable
rsvp authentication challenge
Use rsvp authentication challenge to enable RSVP challenge-response handshake on an interface.
Use undo rsvp authentication challenge to disable RSVP challenge-response handshake on an interface.
Syntax
rsvp authentication challenge
undo rsvp authentication challenge
Default
RSVP challenge-response handshake is disabled on an interface.
Views
Interface view
Predefined user roles
network-admin
Usage guidelines
To prevent packet replay attacks, RSVP requires received authentication messages to carry incremental sequence numbers. RSVP saves the sequence number of the last valid message in a receive-type security association to verify the subsequent messages. However, when RSVP creates a new receive-type security association, it cannot obtain the sequence number of the sender. To successfully establish the receive-type security association, RSVP sets the receive sequence number to 0 by default. Then, the association can receive a message with any sequence number from the peer. Because this introduces a vulnerability to replay attacks, you should execute the authentication challenge command. When RSVP creates a receive-type security association, it will perform a challenge-response handshake to obtain the sequence number of the sender.
RSVP challenge-response handshake can be configured in the following views:
· RSVP view—Configuration applies to all RSVP security associations.
· RSVP neighbor view—Configuration applies only to RSVP security associations with the specified RSVP neighbor.
· Interface view—Configuration applies only to RSVP security associations established on the current interface.
Examples
# Enable RSVP challenge-response handshake on interface GigabitEthernet 2/0/1.
<Sysname> system-view
[Sysname] interface gigabitethernet 2/0/1
[Sysname-GigabitEthernet2/0/1] rsvp authentication challenge
Related commands
authentication challenge
authentication key
authentication lifetime
authentication window-size
display rsvp authentication
reset rsvp authentication
rsvp authentication key
rsvp authentication lifetime
rsvp authentication window-size
rsvp authentication key
Use rsvp authentication key to enable RSVP authentication on an interface and configure the authentication key.
Use undo rsvp authentication key to disable RSVP authentication on an interface.
Syntax
rsvp authentication key { cipher | plain } string
undo rsvp authentication key
Default
RSVP authentication is disabled.
Views
Interface view
Predefined user roles
network-admin
Parameters
cipher: Specifies an authentication key in encrypted form.
plain: Specifies an authentication key in plaintext form. For security purposes, the key specified in plaintext form will be stored in encrypted form.
string: Specifies the authentication key. Its plaintext form is a case-sensitive string of 1 to 16 characters. Its encrypted form is a case-sensitive string of 1 to 53 characters.
Usage guidelines
RSVP authentication ensures integrity of RSVP messages, preventing fake resource reservation requests from occupying network resources.
RSVP uses MD5 to calculate a digest for the authentication key and the message body, adds the digest to the message, and sends the message. When the peer receives the message, it performs the same calculation and compares the calculated digest with the digest in the message. If the two digests are the same, the message passes the RSVP authentication and is accepted. If the two digests are different, the peer device discards the message.
RSVP authentication can be configured in the following views:
· RSVP view—Configuration applies to all RSVP security associations.
· RSVP neighbor view—Configuration applies only to RSVP security associations with the specified RSVP neighbor.
· Interface view—Configuration applies only to RSVP security associations established on the current interface.
Configurations in RSVP neighbor view, interface view, and RSVP view are in descending order of priority. If RSVP authentication for a neighbor is enabled in both RSVP neighbor view and RSVP view, the authentication key configured in RSVP neighbor view is used.
To re-establish a security association, you must delete the authentication key used by the current security association or delete the current security association (using the reset rsvp authentication command). Then, the device can re-establish a security association by looking up a new authentication key in order of priorities.
After RSVP authentication is enabled on the local device, you must also enable RSVP authentication and configure the same authentication key on the RSVP neighbor.
Examples
# Enable RSVP authentication and configure the authentication key as abcdefgh on interface GigabitEthernet 2/0/1.
<Sysname> system-view
[Sysname] interface gigabitethernet 2/0/1
[Sysname-GigabitEthernet2/0/1] rsvp authentication key plain abcdefgh
Related commands
authentication challenge
authentication key
authentication lifetime
authentication window-size
display rsvp authentication
reset rsvp authentication
rsvp authentication challenge
rsvp authentication lifetime
rsvp authentication window-size
rsvp authentication lifetime
Use rsvp authentication lifetime to set the idle timeout for RSVP security associations on an interface.
Use undo rsvp authentication lifetime to restore the default.
Syntax
rsvp authentication lifetime life-time
undo rsvp authentication lifetime
Default
The idle timeout for RSVP security associations is 1800 seconds on an interface.
Views
Interface view
Predefined user roles
network-admin
Parameters
life-time: Specifies the RSVP security association idle timeout in the range of 30 to 86400 seconds.
Usage guidelines
When RSVP authentication is enabled, the device dynamically establishes security associations when receiving and sending RSVP messages to record the message sequence numbers, which are used in RSVP authentication.
To release memory resources, each security association has an idle timeout. When a security association is idle for the specified timeout time, the device deletes the security association. When the device sends or receives an authenticated RSVP message, it resets the idle timeout timer for the corresponding security association.
The RSVP authentication idle timeout can be configured in the following views:
· RSVP view—Configuration applies to all RSVP security associations.
· RSVP neighbor view—Configuration applies only to RSVP security associations with the specified RSVP neighbor.
· Interface view—Configuration applies only to RSVP security associations established on the current interface.
An RSVP security association established by using the authentication key configured in a view uses the idle timeout configured in the same view.
A modification to the idle timeout affects only security associations established after the modification. To apply the modification to existing security associations, you must execute the reset rsvp authentication command to delete and then re-establish the security associations.
Examples
# Set the idle timeout for RSVP security associations to 100 seconds on interface GigabitEthernet 2/0/1.
<Sysname> system-view
[Sysname] interface gigabitethernet 2/0/1
[Sysname-GigabitEthernet2/0/1] rsvp authentication lifetime 100
Related commands
authentication challenge
authentication key
authentication lifetime
authentication window-size
display rsvp authentication
reset rsvp authentication
rsvp authentication challenge
rsvp authentication key
rsvp authentication window-size
rsvp authentication window-size
Use rsvp authentication window-size to set the RSVP authentication window size, which is the maximum number of authenticated RSVP messages that can be received out of sequence on an interface.
Use undo rsvp authentication window-size to restore the default.
Syntax
rsvp authentication window-size number
undo rsvp authentication window-size
Default
Only one authenticated RSVP message can be received out of sequence on an interface.
Views
Interface view
Predefined user roles
network-admin
Parameters
number: Specifies the maximum number of authenticated RSVP messages that can be received out of sequence, in the range of 1 to 64.
Usage guidelines
To protect against replay attacks, the sender places a unique sequence number in each RSVP message that contains authentication information. The sender increases the value of the sequence number by one each time it sends an RSVP message. If the sequence number of a received message is in the specified authentication window size, the receiver accepts the message. If it is not in the specified authentication window size, the receiver discards the message.
When the receiver receives an RSVP message, it compares the sequence number of the last accepted RSVP message with the sequence number of the newly received RSVP message.
· If the new sequence number is greater than the last sequence number, RSVP accepts the message and updates the last sequence number with the new sequence number.
· If the received sequence number equals the last sequence number, RSVP regards the message a replay message and discards the message.
· If the new sequence number is smaller than the last sequence number but greater than the new sequence number minus the window size, and has never been received before, RSVP accepts the message. If the new sequence number has been received before, RSVP regards the message a replay message and discards the message.
· If the new sequence number is smaller than the new sequence number minus the window size, RSVP regards the message invalid and discards the message.
By default, the authentication window size is 1. If the sequence number of a newly received RSVP message is smaller than that of the last accepted message, the device discards the message.
If the sender sends multiple RSVP messages in a short time, these messages might arrive at the neighbor out of sequence. If you use the default window size, the out-of-sequence messages will be discarded. To solve this problem, you can use the rsvp authentication window-size command to configure a correct window size.
A security association established by using the authentication key configured in a view uses the window size configured in that view.
A modification to the window size affects only security associations established after the modification. To apply the new setting to existing security associations, you must execute the reset rsvp authentication command to delete and then re-establish the security associations.
Examples
# Set the maximum number of out-of-sequence authenticated RSVP messages that can be received on interface GigabitEthernet 2/0/1 to 10.
<Sysname> system-view
[Sysname] interface gigabitethernet 2/0/1
[Sysname-GigabitEthernet2/0/1] rsvp authentication window-size 10
Related commands
authentication challenge
authentication key
authentication lifetime
authentication window-size
display rsvp authentication
reset rsvp authentication
rsvp authentication challenge
rsvp authentication key
rsvp authentication lifetime
rsvp bfd enable
Use rsvp bfd enable to enable BFD for RSVP on an interface.
Use undo rsvp bfd enable to restore the default.
Syntax
rsvp bfd enable
undo rsvp bfd enable
Default
RSVP-TE does not use BFD to detect the link status to an RSVP neighbor.
Views
Interface view
Predefined user roles
network-admin
Usage guidelines
By sending hellos, RSVP cannot promptly detect neighbor status. By executing this command on an interface, a BFD session is established to detect the link status to the RSVP neighbor on the interface. When the neighbor fails, BFD can quickly detect the failure and notify RSVP of the failure so RSVP can respond as configured, for example, performs an FRR.
Examples
# Enable BFD to detect the link status to the RSVP neighbor on interface GigabitEthernet 2/0/1.
<Sysname> system-view
[Sysname] interface gigabitethernet 2/0/1
[Sysname-GigabitEthernet2/0/1] rsvp bfd enable
rsvp enable
Use rsvp enable to enable RSVP on an interface.
Use undo rsvp enable to disable RSVP on an interface.
Syntax
rsvp enable
undo rsvp enable
Default
RSVP is disabled on an interface.
Views
Interface view
Predefined user roles
network-admin
Usage guidelines
Before you enable RSVP on an interface, you must first enable RSVP globally by using the rsvp command in system view.
Examples
# Enable RSVP on interface GigabitEthernet 2/0/1.
<Sysname> system-view
[Sysname] rsvp
[Sysname-rsvp] quit
[Sysname] interface gigabitethernet 2/0/1
[Sysname-GigabitEthernet2/0/1] rsvp enable
Related commands
rsvp
rsvp hello enable
Use rsvp hello enable to enable RSVP hello extension.
Use undo rsvp hello enable to disable RSVP hello extension.
Syntax
rsvp hello enable
undo rsvp hello enable
Default
RSVP hello extension is disabled.
Views
Interface view
Predefined user roles
network-admin
Usage guidelines
With RSVP hello extension enabled, an interface sends and receives hello messages to detect the neighbor status.
Examples
# Enable RSVP hello extension on interface GigabitEthernet 2/0/1.
<Sysname> system-view
[Sysname] interface gigabitethernet 2/0/1
[Sysname-GigabitEthernet2/0/1] rsvp hello enable
Related commands
hello interval
hello lost
rsvp reduction retransmit increment
Use rsvp reduction retransmit increment to set the RSVP message retransmission increment value.
Use undo rsvp reduction retransmit increment to restore the default.
Syntax
rsvp reduction retransmit increment increment-value
undo rsvp reduction retransmit increment
Default
The RSVP message retransmission increment is 1.
Views
Interface view
Predefined user roles
network-admin
Parameters
increment-value: Specifies the RSVP message retransmission increment in the range of 1 to 10.
Usage guidelines
After the rsvp reduction srefresh reliability command is executed, the retransmission increment and retransmission interval together determine the time for the next transmission of the RSVP message. For more information, see the usage guidelines in the rsvp reduction srefresh command.
Examples
# On interface GigabitEthernet 2/0/1, set the RSVP message retransmission increment value to 2.
<Sysname> system-view
[Sysname] interface gigabitethernet 2/0/1
[Sysname-GigabitEthernet2/0/1] rsvp reduction retransmit increment 2
Related commands
rsvp reduction retransmit interval
rsvp reduction srefresh
rsvp reduction retransmit interval
Use rsvp reduction retransmit interval to set the RSVP message retransmission interval.
Use undo rsvp reduction retransmit interval to restore the default.
Syntax
rsvp reduction retransmit interval interval
undo rsvp reduction retransmit interval
Default
The RSVP message retransmission interval is 500 milliseconds.
Views
Interface view
Predefined user roles
network-admin
Parameters
interval: Specifies the RSVP message retransmission interval in the range of 500 to 3000 milliseconds.
Usage guidelines
After the rsvp reduction srefresh reliability command is executed, the retransmission increment and retransmission interval together determine the time for the next transmission of the RSVP message. For more information, see the usage guidelines in the rsvp reduction srefresh command.
Examples
# On interface GigabitEthernet 2/0/1, set the RSVP message retransmission interval to 1000 milliseconds.
<Sysname> system-view
[Sysname] interface gigabitethernet 2/0/1
[Sysname-GigabitEthernet2/0/1] rsvp reduction retransmit interval 1000
Related commands
rsvp reduction retransmit increment
rsvp reduction srefresh
rsvp reduction srefresh
Use rsvp reduction srefresh to enable summary refresh and reliable RSVP message delivery.
Use undo rsvp reduction srefresh to disable summary refresh and reliable RSVP message delivery.
Syntax
rsvp reduction srefresh [ reliability ]
Default
Summary refresh and reliable RSVP message delivery are disabled.
Views
Interface view
Predefined user roles
network-admin
Parameters
reliability: Enables reliable RSVP message delivery. If you do not specify this keyword, the command enables only the summary refresh feature.
Usage guidelines
RSVP sends Path and Resv messages with the same states and objects to maintain the path and reservation states at intervals (configured by the refresh interval command). These messages are collectively referred to as refresh messages. Refresh messages are used to synchronize the path and reservation states on RSVP neighbors and to recover from lost RSVP messages.
When multiple RSVP sessions exist on a network, the periodically sent refresh messages can cause network degradation. In this case, the refreshing interval of Path and Resv messages should not be too short. However, delay sensitive applications want to recover from lost RSVP messages through the refresh messages as soon as possible. In this case, the refreshing interval should not be too long. You can use the summary refresh (Srefresh) and the reliable RSVP message delivery features to find the appropriate balance.
Srefresh is implemented by adding a Message_ID object to a Path or Resv message to uniquely identify the message. To refresh Path and Resv states, RSVP does not need to send standard Path and Resv messages. Instead, it can send a summary refresh message at regular intervals (configured by the refresh interval command). The message carries a set of Message_ID objects that identify the Path and Resv states to be refreshed. The Srefresh feature reduces the number of refresh messages on the network and speeds up the refresh message processing.
Reliable RSVP message delivery requires the peer device to acknowledge each RSVP message received from the local device. If no acknowledgment is received, the local device retransmits the message.
To implement reliable RSVP message delivery, a node sends an RSVP message that includes a Message_ID object in which the ACK_Desired flag is set. The receiver needs to confirm the delivery by sending back a message that includes the Message_ID_ACK object. If the sender does not receive a Message_ID_ACK within the retransmission interval (Rf), it performs the following operations:
· Retransmits the message when Rf expire.
· Sets the next transmission interval to (1 + delta) × Rf.
The sender repeats this process until it receives the Message_ID_ACK before the retransmission time expires or it has transmitted the message three times.
The initial value of Rf is configured by the rsvp reduction retransmit interval command. The delta value is configured by the rsvp reduction retransmit increment command.
After the summary refresh is enabled, RSVP maintains the path and reservation states by sending Srefresh messages rather than standard refresh messages.
Examples
# On interface GigabitEthernet 2/0/1, enable summary refresh and reliable RSVP message delivery.
<Sysname> system-view
[Sysname] interface gigabitethernet 2/0/1
[Sysname-GigabitEthernet2/0/1] rsvp reduction srefresh reliability
Related commands
refresh interval
rsvp reduction retransmit increment
rsvp reduction retransmit interval
Tunnel policy commands
The following matrix shows the feature and hardware compatibility:
Hardware |
Tunnel policy compatibility |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
MSR2600-6-X1/2600-10-X1 |
Yes |
MSR 2630 |
Yes |
MSR3600-28/3600-51 |
Yes |
MSR3600-28-SI/3600-51-SI |
No |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
MSR5620/5660/5680 |
Yes |
Hardware |
Tunnel policy compatibility |
MSR810-LM-GL |
No |
MSR810-W-LM-GL |
No |
MSR830-6EI-GL |
No |
MSR830-10EI-GL |
No |
MSR830-6HI-GL |
No |
MSR830-10HI-GL |
No |
MSR2600-6-X1-GL |
Yes |
MSR3600-28-SI-GL |
No |
display mpls tunnel
Use display mpls tunnel to display tunnel information.
Syntax
display mpls tunnel { all | statistics | [ vpn-instance vpn-instance-name ] destination { ipv4-address | ipv6-address } }
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
all: Displays all tunnels. GRE and MPLS TE tunnels are displayed only when the network layer is up.
statistics: Displays tunnel statistics.
vpn-instance vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays tunnel information for the public network.
destination: Displays the tunnel destined for the specified address.
ipv4-address: Specifies the tunnel destination IPv4 address.
ipv6-address: Specifies the tunnel destination IPv6 address.
Examples
# Display information about all tunnels.
<Sysname> display mpls tunnel all
Destination Type Tunnel/NHLFE VPN Instance
2.2.2.2 LSP NHLFE1024 -
3.3.3.3 CRLSP Tunnel2 -
3.3.3.3 GRE Tunnel3 -
4.4.4.4 CRLSP Tunnel-Bundle0 -
Table 65 Command output
Field |
Description |
Destination |
Tunnel destination address. |
Type |
Tunnel type: LSP, GRE, or CRLSP (MPLS TE tunnel). |
Tunnel/NHLFE |
Tunnel, tunnel bundle, or NHLFE entry. NHLFEnumber represents the ingress LSP that matches the NHLFE entry with NID of number. |
VPN Instance |
VPN instance name. If the tunnel belongs to the public network, this field displays a hyphen (-). |
# Display tunnel statistics.
<Sysname> display mpls tunnel statistics
LSP : 1
GRE : 0
CRLSP: 0
Table 66 Command output
Field |
Description |
LSP |
Number of LSP tunnels. |
GRE |
Number of GRE tunnels. |
CRLSP |
Number of CRLSPs (MPLS TE tunnels). |
preferred-path
Use preferred-path to configure a tunnel or a tunnel bundle as a preferred tunnel.
Use undo preferred-path to remove a preferred tunnel.
Syntax
preferred-path { tunnel number | tunnel-bundle number }
undo preferred-path { tunnel number | tunnel-bundle number }
Default
No preferred tunnels are configured.
Views
Tunnel policy view
Predefined user roles
network-admin
Parameters
tunnel number: Specifies an MPLS TE tunnel or a GRE tunnel by its tunnel interface number.
The following matrix shows the value ranges for the number argument:
Hardware |
Argument compatibility |
Value range |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
N/A |
MSR2600-6-X1/2600-10-X1 |
Yes |
0 to 10239 |
MSR 2630 |
Yes |
0 to 1023 |
MSR3600-28/3600-51 |
Yes |
0 to 1023 |
MSR3600-28-SI/3600-51-SI |
No |
N/A |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
0 to 2047 |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
0 to 2047 |
MSR5620/5660/5680 |
Yes |
0 to 4095 |
Hardware |
Argument compatibility |
Value range |
MSR810-LM-GL |
No |
N/A |
MSR810-W-LM-GL |
No |
N/A |
MSR830-6EI-GL |
No |
N/A |
MSR830-10EI-GL |
No |
N/A |
MSR830-6HI-GL |
No |
N/A |
MSR830-10HI-GL |
No |
N/A |
MSR2600-6-X1-GL |
Yes |
0 to 10239 |
MSR3600-28-SI-GL |
No |
N/A |
tunnel-bundle number: Specifies a tunnel bundle by its tunnel bundle interface number.
The following matrix shows the value ranges for the number argument:
Hardware |
Argument |
Value range |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
N/A |
MSR2600-6-X1/2600-10-X1 |
Yes |
0 to 10239 |
MSR 2630 |
Yes |
0 to 1023 |
MSR3600-28/3600-51 |
Yes |
0 to 1023 |
MSR3600-28-SI/3600-51-SI |
No |
N/A |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
0 to 2047 |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
0 to 2047 |
MSR5620/5660/5680 |
Yes |
0 to 4095 |
Hardware |
Argument compatibility |
Value range |
MSR810-LM-GL |
No |
N/A |
MSR810-W-LM-GL |
No |
N/A |
MSR830-6EI-GL |
No |
N/A |
MSR830-10EI-GL |
No |
N/A |
MSR830-6HI-GL |
No |
N/A |
MSR830-10HI-GL |
No |
N/A |
MSR2600-6-X1-GL |
Yes |
0 to 1023 |
MSR3600-28-SI-GL |
No |
N/A |
Usage guidelines
As a best practice, configure a preferred tunnel and make sure the destination address of the tunnel/tunnel bundle interface identifies the peer PE for an MPLS VPN. In this method, the local PE forwards traffic destined for the peer PE over the tunnel/tunnel bundle.
For a tunnel policy to solely use a tunnel or tunnel bundle, do not configure the tunnel or tunnel bundle as the preferred tunnel in other tunnel policies.
If you configure multiple preferred tunnels that have the same destination address in a tunnel policy, only the first configured tunnel takes effect. If the first tunnel is not available, the second tunnel is used, and so forth. No load balancing will be performed on these tunnels.
You can configure a maximum of 128 preferred tunnels in a tunnel policy.
Examples
# Configure tunnel 1 and tunnel 2 as preferred tunnels for tunnel policy policy1.
<Sysname> system-view
[Sysname] tunnel-policy policy1
[Sysname-tunnel-policy-policy1] preferred-path tunnel 1
[Sysname-tunnel-policy-policy1] preferred-path tunnel 2
select-seq load-balance-number
Use select-seq load-balance-number to configure the tunnel selection order and set the number of tunnels for load balancing.
Use undo select-seq to restore the default.
Syntax
select-seq { cr-lsp | gre | lsp } * load-balance-number number
undo select-seq
Default
The device selects only one tunnel in LSP-GRE-CRLSP order.
Views
Tunnel policy view
Predefined user roles
network-admin
Parameters
cr-lsp: Uses CRLSP tunnels.
gre: Uses GRE tunnels..
lsp: Uses LSP tunnels.
load-balance-number number: Specifies the number of tunnels for load balancing, in the range of 1 to 32.
Usage guidelines
A tunnel type closer to the select-seq keyword has a higher priority, and only the tunnel types specified in this command can be used. For example, the select-seq lsp gre load-balance-number 3 command gives LSP higher priority over GRE. If no LSP is available or the number of LSPs is less than 3, VPN uses GRE tunnels.
Tunnels selected by this method are not fixed, making it hard to plan VPN traffic. As a best practice, do not use this method.
When you configure both the select-seq load-balance-number and preferred-path commands for a tunnel policy, the tunnel policy selects tunnels in the following steps:
1. If the destination address of the preferred tunnel identifies a peer PE, the tunnel policy uses the preferred tunnel to forward traffic destined for the peer PE.
2. If not, the tunnel policy selects tunnels as configured by the select-seq load-balance-number command.
Examples
# Configure tunnel policy policy1 to use only GRE tunnels, and set the load balancing number to 2.
<Sysname> system-view
[Sysname] tunnel-policy policy1
[Sysname-tunnel-policy-policy1] select-seq gre load-balance-number 2
tunnel-policy
Use tunnel-policy to create a tunnel policy and enter its view, or enter the view of an existing tunnel policy.
Use undo tunnel-policy to delete a tunnel policy.
Syntax
tunnel-policy tunnel-policy-name
undo tunnel-policy tunnel-policy-name
Default
No tunnel policies exist.
Views
System view
Predefined user roles
network-admin
Parameters
tunnel-policy-name: Specifies a name for the tunnel policy, a case-sensitive string of 1 to 19 characters.
Examples
# Create tunnel policy policy1 and enter its view.
<Sysname> system-view
[Sysname] tunnel-policy policy1
[Sysname-tunnel-policy-policy1]
MPLS L3VPN commands
The following matrix shows the feature and hardware compatibility:
Hardware |
MPLS L3VPN compatibility |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
MSR2600-6-X1/2600-10-X1 |
Yes |
MSR 2630 |
Yes |
MSR3600-28/3600-51 |
Yes |
MSR3600-28-SI/3600-51-SI |
Yes |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
MSR5620/5660/5680 |
Yes |
Hardware |
MPLS L3VPN compatibility |
MSR810-LM-GL |
No |
MSR810-W-LM-GL |
No |
MSR830-6EI-GL |
No |
MSR830-10EI-GL |
No |
MSR830-6HI-GL |
No |
MSR830-10HI-GL |
No |
MSR2600-6-X1-GL |
Yes |
MSR3600-28-SI-GL |
Yes |
address-family ipv4 (VPN instance view)
Use address-family ipv4 to enter IPv4 VPN view.
Use undo address-family ipv4 to remove all configurations from IPv4 VPN view.
Syntax
address-family ipv4
undo address-family ipv4
Views
VPN instance view
Predefined user roles
network-admin
Usage guidelines
In IPv4 VPN view, you can configure IPv4 VPN parameters such as inbound and outbound routing policies.
Examples
# Enter IPv4 VPN view.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] address-family ipv4
[Sysname-vpn-ipv4-vpn1]
Related commands
address-family ipv6 (VPN instance view)
address-family vpnv4
Use address-family vpnv4 in BGP view to create the BGP VPNv4 address family and enter its view, or enter the view of the existing BGP VPNv4 address family.
Use address-family vpnv4 in BGP-VPN instance view to create the BGP-VPN VPNv4 address family and enter its view, or enter the view of the existing BGP-VPN VPNv4 address family.
Use undo address-family vpnv4 to remove the BGP VPNv4 address family or BGP-VPN VPNv4 address family, and all settings in address family view.
Syntax
address-family vpnv4
undo address-family vpnv4
Default
The BGP VPNv4 address family or BGP-VPN VPNv4 address family does not exist.
Views
BGP instance view
BGP-VPN instance view
Predefined user roles
network-admin
Usage guidelines
A VPNv4 address consists of an RD and an IPv4 prefix. VPNv4 routes are routes that carry VPNv4 addresses.
For a PE to exchange BGP VPNv4 routes with a BGP peer, enable that peer by executing the peer enable command in BGP VPNv4 or BGP-VPN VPNv4 address family view.
In BGP VPNv4 address family view, you can configure the following settings:
· BGP VPNv4 route attributes, such as the preferred value.
· Whether to allow the local AS number to appear in the AS_PATH attribute of received route updates.
The settings in BGP VPNv4 address family view control VPNv4 route exchange between PEs.
The settings in BGP-VPN VPNv4 address family view control VPNv4 route exchange between provider PE and provider CE in nested MPLS L3VPN.
Examples
# In BGP instance default, create the BGP VPNv4 address family and enter its view.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp-default] address-family vpnv4
[Sysname-bgp-default-vpnv4]
# In BGP instance default, create the BGP-VPN VPNv4 address family and enter its view.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp-default] ip vpn-instance vpn1
[Sysname-bgp-default-vpn1] address-family vpnv4
[Sysname-bgp-default-vpnv4-vpn1]
description (VPN instance view)
Use description to configure a description for a VPN instance.
Use undo description to restore the default.
Syntax
description text
undo description
Default
No description is configured for a VPN instance.
Views
VPN instance view
Predefined user roles
network-admin
Parameters
text: Specifies a description, a case-sensitive string of 1 to 79 characters.
Examples
# Configure a description of This is vpn1 for VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] description This is vpn1
display bgp routing-table ipv4 unicast inlabel
Use display bgp routing-table ipv4 unicast inlabel to display incoming labels for BGP IPv4 unicast routes.
Syntax
display bgp [ instance instance-name ] routing-table ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] inlabel
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
instance instance-name: Specifies a BGP instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a BGP instance, this command displays incoming labels for BGP IPv4 unicast routes in the default BGP instance.
vpn-instance vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays incoming labels for BGP IPv4 unicast routes on the public network.
Usage guidelines
This command displays incoming labels for BGP IPv4 unicast routes regardless of whether the unicast keyword is specified or not.
Examples
# Display incoming labels for all BGP IPv4 unicast routes on the public network.
<Sysname> display bgp routing-table ipv4 inlabel
Total number of routes: 1
BGP local router ID is 3.3.3.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop OutLabel InLabel
* > 2.2.2.9/32 1.1.1.2 1151 1279
Table 67 Command output
Field |
Description |
BGP local router ID |
Router ID of the local BGP router. |
Status codes |
Route status codes: · * - valid—Valid route. · > - best—Common optimal route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route. |
Origin |
Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols. |
OutLabel |
Outgoing label. |
InLabel |
Incoming label. |
display bgp routing-table ipv4 unicast outlabel
Use display bgp routing-table ipv4 unicast outlabel to display outgoing labels for BGP IPv4 unicast routes.
Syntax
display bgp [ instance instance-name ] routing-table ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] outlabel
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
instance instance-name: Specifies a BGP instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a BGP instance, this command displays outgoing labels for BGP IPv4 unicast routes in the default BGP instance.
vpn-instance vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays outgoing labels for BGP IPv4 unicast routes on the public network.
Usage guidelines
This command displays outgoing labels for BGP IPv4 unicast routes regardless of whether the unicast keyword is specified or not.
Examples
# Display outgoing labels for all public BGP IPv4 unicast routes in the default BGP instance.
<Sysname> display bgp routing-table ipv4 outlabel
Total number of routes: 1
BGP local router ID is 3.3.3.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Network NextHop OutLabel
* > 2.2.2.9/32 1.1.1.2 1151
Table 68 Command output
Field |
Description |
BGP local router ID |
Router ID of the local BGP router. |
Status codes |
Route status codes: · * - valid—Valid route. · > - best—Common optimal route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route. |
Origin |
Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols. |
OutLabel |
Outgoing label. |
display bgp routing-table vpnv4
Use display bgp routing-table vpnv4 to display BGP VPNv4 routing information.
Syntax
display bgp [ instance instance-name ] routing-table vpnv4 [ [ route-distinguisher route-distinguisher ] [ ipv4-address [ { mask | mask-length } [ longest-match ] ] | ipv4-address [ mask | mask-length ] advertise-info | as-path-acl as-path-acl-number | community-list { { basic-community-list-number | comm-list-name } [ whole-match ] | adv-community-list-number } ] | [ vpn-instance vpn-instance-name ] peer ipv4-address { advertised-routes | received-routes } [ ipv4-address [ mask | mask-length ] | statistics ] | statistics ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
instance instance-name: Specifies a BGP instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a BGP instance, this command displays BGP VPNv4 routes in the default BGP instance.
route-distinguisher route-distinguisher: Specifies an RD, a string of 3 to 21 characters in one of the following formats:
· 16-bit AS number:32-bit user-defined number. For example, 101:3.
· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.
· 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1.
ipv4-address: Specifies the destination IPv4 address.
mask: Specifies the network mask, in dotted decimal notation.
mask-length: Specifies the length of the network mask, in the range of 0 to 32.
longest-match: Displays the longest matching BGP VPNv4 route. The longest matching BGP VPNv4 route is selected through the following steps:
1. ANDs the specified network address with the mask of each route.
2. Matches a route if the AND result is the same as the network address of the route and the mask of the route is shorter than or equal to the specified mask.
3. Selects the route with the longest mask among the matching routes.
advertise-info: Displays advertisement information for BGP VPNv4 routes.
as-path-acl as-path-acl-number: Displays BGP VPNv4 routes that match the AS path list specified by its number in the range of 1 to 256.
community-list: Displays BGP VPNv4 routes that match a BGP community list.
basic-community-list-number: Specifies a basic community list by its number in the range of 1 to 99.
comm-list-name: Specifies a community list by its name, a case-sensitive string of 1 to 63 characters.
whole-match: Displays BGP VPNv4 routes exactly matching the specified community list. If you do not specify this keyword, the command displays BGP VPNv4 routes whose COMMUNITY attributes include the specified community list.
adv-community-list-number: Specifies an advanced community list by its number in the range of 100 to 199.
vpn-instance vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays BGP VPNv4 routes advertised to or received from the specified peer on the public network.
peer: Displays BGP VPNv4 routing information advertised to or received from a peer.
ipv4-address: Specifies the peer IPv4 address.
advertised-routes: Displays BGP VPNv4 routing information advertised to the specified peer.
received-routes: Displays BGP VPNv4 routing information received from the specified peer.
statistics: Displays BGP VPNv4 routing statistics.
Usage guidelines
If you do not specify any parameters, this command displays brief information about all BGP VPNv4 routes.
If you specify ipv4-address mask or ipv4-address mask-length, this command displays detailed information about the BGP VPNv4 route that exactly matches the specified address and mask.
If you specify only ipv4-address, the system ANDs the network address with the mask of a route. If the result matches the network address of the route, this command displays detailed information about the BGP VPNv4 route.
Examples
# Display brief information about all BGP VPNv4 routes in the default BGP instance.
<Sysname> display bgp routing-table vpnv4
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Total number of routes from all PEs: 2
Route distinguisher: 100:1(vpn1)
Total number of routes: 6
Network NextHop MED LocPrf PrefVal Path/Ogn
* > 10.1.1.0/24 10.1.1.2 0 32768 ?
* e 10.1.1.1 0 0 65410?
* > 10.1.1.2/32 127.0.0.1 0 32768 ?
* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?
* >e 192.168.1.0 10.1.1.1 0 0 65410?
* i 3.3.3.9 0 100 0 65420?
Route distinguisher: 200:1
Total number of routes: 2
Network NextHop MED LocPrf PrefVal Path/Ogn
* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?
* >i 192.168.1.0 3.3.3.9 0 100 0 65420?
# Display brief information about BGP VPNv4 routes with RD 100:1 in the default BGP instance.
<Sysname> display bgp routing-table vpnv4 route-distinguisher 100:1
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Route distinguisher: 100:1(vpn1)
Total number of routes: 6
Network NextHop MED LocPrf PrefVal Path/Ogn
* > 10.1.1.0/24 10.1.1.2 0 32768 ?
* e 10.1.1.1 0 0 65410?
* > 10.1.1.2/32 127.0.0.1 0 32768 ?
* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?
* >e 192.168.1.0 10.1.1.1 0 0 65410?
* i 3.3.3.9 0 100 0 65420?
# Display information about BGP VPNv4 routes matching AS_PATH list 1 in the default BGP instance.
<Sysname> display bgp routing-table vpnv4 as-path-acl 1
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Total number of routes from all PEs: 2
Route distinguisher: 100:1(vpn1)
Total number of routes: 6
Network NextHop MED LocPrf PrefVal Path/Ogn
* > 10.1.1.0/24 10.1.1.2 0 32768 ?
* e 10.1.1.1 0 0 65410?
* > 10.1.1.2/32 127.0.0.1 0 32768 ?
* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?
* >e 192.168.1.0 10.1.1.1 0 0 65410?
* i 3.3.3.9 0 100 0 65420?
Route distinguisher: 200:1
Total number of routes: 2
Network NextHop MED LocPrf PrefVal Path/Ogn
* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?
* >i 192.168.1.0 3.3.3.9 0 100 0 65420?
# Display information about BGP VPNv4 routes matching BGP community list 100 in the default BGP instance.
<Sysname> display bgp routing-table vpnv4 community-list 100
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Total number of routes from all PEs: 2
Route distinguisher: 100:1(vpn1)
Total number of routes: 6
Network NextHop MED LocPrf PrefVal Path/Ogn
* > 10.1.1.0/24 10.1.1.2 0 32768 ?
* e 10.1.1.1 0 0 65410?
* > 10.1.1.2/32 127.0.0.1 0 32768 ?
* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?
* >e 192.168.1.0 10.1.1.1 0 0 65410?
* i 3.3.3.9 0 100 0 65420?
Route distinguisher: 200:1
Total number of routes: 2
Network NextHop MED LocPrf PrefVal Path/Ogn
* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?
* >i 192.168.1.0 3.3.3.9 0 100 0 65420?
# Display information about public BGP VPNv4 routes advertised to peer 3.3.3.9 in the default BGP instance.
<Sysname> display bgp routing-table vpnv4 peer 3.3.3.9 advertised-routes
Total number of routes: 2
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Route distinguisher: 100:1
Total number of routes: 2
Network NextHop MED LocPrf Path/Ogn
* > 10.1.1.0/24 10.1.1.2 0 ?
* >e 192.168.1.0 10.1.1.1 0 65410?
# Display information about public BGP VPNv4 routes received from peer 3.3.3.9 in the default BGP instance.
<Sysname> display bgp routing-table vpnv4 peer 3.3.3.9 received-routes
Total number of routes: 2
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Route distinguisher: 200:1
Total number of routes: 2
Network NextHop MED LocPrf PrefVal Path/Ogn
* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?
* >i 192.168.1.0 3.3.3.9 0 100 0 65420?
Field |
Description |
BGP local router ID |
Router ID of the local BGP router. |
Status codes |
Route status codes: · * - valid—Valid route. · > - best—Common optimal route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route. |
Origin |
Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols. |
Total number of routes from all PEs |
Total number of VPNv4 routes from all PEs. |
Network |
Network address. |
NextHop |
Next hop address. |
MED |
MULTI_EXIT_DISC attribute. |
LocPrf |
Local preference value. |
PrefVal |
Preferred value. |
Path/Ogn |
AS_PATH and Origin attributes. |
# Display detailed information about BGP VPNv4 routes to 10.3.1.0/24 in the default BGP instance.
<Sysname> display bgp routing-table vpnv4 10.3.1.0 24
BGP local router ID: 1.1.1.9
Local AS number: 100
Route distinguisher: 100:1(vpn1)
Total number of routes: 1
Paths: 1 available, 1 best
BGP routing table information of 10.3.1.0/24:
From : 3.3.3.9 (3.3.3.9)
Rely nexthop : 172.1.1.2
Original nexthop: 3.3.3.9
OutLabel : 1279
Ext-Community : <RT: 111:1>
AS-path : (null)
Origin : incomplete
Attribute value : MED 0, localpref 100, pref-val 0
State : valid, internal, best
IP precedence : N/A
QoS local ID : N/A
Traffic index : N/A
VPN-Peer UserID : N/A
DSCP : N/A
Route distinguisher: 200:1
Total number of routes: 1
Paths: 1 available, 1 best
BGP routing table information of 10.3.1.0/24:
From : 3.3.3.9 (3.3.3.9)
Rely nexthop : 172.1.1.2
Original nexthop: 3.3.3.9
OutLabel : 1279
Ext-Community : <RT: 111:1>
AS-path : (null)
Origin : incomplete
Attribute value : MED 0, localpref 100, pref-val 0
State : valid, internal, best
IP precedence : N/A
QoS local ID : N/A
Traffic index : N/A
VPN-Peer UserID : N/A
DSCP : N/A
# Display detailed information about the BGP VPNv4 route to 10.3.1.0/24 and with RD 100:1 in the default BGP instance.
<Sysname> display bgp routing-table vpnv4 route-distinguisher 100:1 10.3.1.0 24
BGP local router ID: 1.1.1.9
Local AS number: 100
Route distinguisher: 100:1(vpn1)
Total number of routes: 1
Paths: 1 available, 1 best
BGP routing table information of 10.3.1.0/24:
From : 3.3.3.9 (3.3.3.9)
Rely nexthop : 172.1.1.2
Original nexthop: 3.3.3.9
OutLabel : 1279
Ext-Community : <RT: 111:1>
AS-path : (null)
Origin : incomplete
Attribute value : MED 0, localpref 100, pref-val 0
State : valid, internal, best
IP precedence : N/A
QoS local ID : N/A
Traffic index : N/A
VPN-Peer UserID : N/A
DSCP : N/A
Table 70 Command output
Field |
Description |
Rely Nexthop |
Recursive next hop. If no recursive next hop is found, this field displays not resolved. |
Original nexthop |
Original next hop. If the route is learned from a BGP update, it is the next hop in the update message. |
Ext-Community |
Extended community attribute. |
Origin |
Route origin: · igp—Originated in the AS. The origin of routes advertised by the network command is IGP. · egp—Learned through EGP. · incomplete—Redistributed from IGP protocols. |
Attribute value |
BGP route attribute information: · MED—MED attribute. · localpref—Local preference. · pref-val—Preferred value. · pre—Protocol preference. |
State |
Route status: · valid—Valid route. · internal—Internal route. · external—External route. · local—Locally generated route. · synchronize—Synchronized route. · best—Optimal route. |
IP precedence |
IP priority of a route, in the range of 0 to 7. N/A indicates that the route does not support this field. |
QoS local ID |
QoS local ID attribute of a route, in the range of 1 to 4095. N/A indicates that the route does not support this field. |
Traffic index |
Index of the traffic, in the range of 1 to 64. N/A indicates that the route does not support this field. |
VPN-Peer UserID |
VPN peer ID in the range of 1 to 134217727. N/A indicates that the route does not support this field. |
DSCP |
DSCP value in the range of 0 to 63. N/A indicates that the route does not support this field. |
# Display advertisement information for BGP VPNv4 routes to 10.1.1.0/24 in the default BGP instance.
<Sysname> display bgp routing-table vpnv4 10.1.1.0 24 advertise-info
BGP local router ID: 1.1.1.9
Local AS number: 100
Route distinguisher: 100:1
Total number of routes: 1
Paths: 1 best
BGP routing table information of 10.1.1.0/24:
Advertised to VPN peers (1 in total):
3.3.3.9
Inlabel : 1279
Table 71 Command output
Field |
Description |
Paths |
Number of routes to the specified destination network. |
BGP routing table information of 10.1.1.0/24 |
Advertisement information for the BGP route to 10.1.1.0/24. |
Advertised to VPN peers (1 in total) |
VPNv4 peers to which the route is advertised, and the number of peers. |
Inlabel |
Incoming label of the route. |
# Display statistics about public BGP VPNv4 routes advertised to peer 3.3.3.9 in the default BGP instance.
<Sysname> display bgp routing-table vpnv4 peer 3.3.3.9 advertised-routes statistics
Advertised routes total: 2
# Display statistics about public BGP VPNv4 routes received from peer 3.3.3.9 in the default BGP instance.
<Sysname> display bgp routing-table vpnv4 peer 3.3.3.9 received-routes statistic
Received routes total: 2
Table 72 Command output
Field |
Description |
Advertised routes total |
Total number of routes advertised to the specified peer. |
Received routes total |
Total number of routes received from the specified peer. |
# Display statistics about public BGP VPNv4 routes in the default BGP instance.
<Sysname> display bgp routing-table vpnv4 statistics
Total number of routes from all PEs: 2
Route distinguisher: 100:1(vpn1)
Total number of routes: 6
Route distinguisher: 200:1
Total number of routes: 2
Table 73 Command output
Field |
Description |
Total number of routes from all PEs |
Total number of VPNv4 routes from all PEs. |
Total number of routes |
Total number of VPNv4 routes with the specified RD. |
Related commands
ip as-path (Layer 3—IP Routing Command Reference)
display bgp routing-table vpnv4 inlabel
Use display bgp routing-table vpnv4 inlabel to display incoming labels for BGP VPNv4 routes.
Syntax
display bgp [ instance instance-name ] routing-table vpnv4 inlabel
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
instance instance-name: Specifies a BGP instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a BGP instance, this command displays incoming labels for all BGP VPNv4 routes in the default BGP instance.
Examples
# Display incoming labels for all BGP VPNv4 routes in the default BGP instance.
<Sysname> display bgp routing-table vpnv4 inlabel
Total number of routes: 2
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Route distinguisher: 100:1
Total number of routes: 2
Network NextHop OutLabel InLabel
* > 10.1.1.0/24 10.1.1.2 NULL 1279
* >e 192.168.1.0 10.1.1.1 NULL 1278
Table 74 Command output
Field |
Description |
BGP local router ID |
Router ID of the local BGP router. |
Status codes |
Route status codes: · * - valid—Valid route. · > - best—Common optimal route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route. |
Origin |
Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols. |
display bgp routing-table vpnv4 outlabel
Use display bgp routing-table vpnv4 outlabel to display outgoing labels for BGP VPNv4 routes.
Syntax
display bgp [ instance instance-name ] routing-table vpnv4 outlabel
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
instance instance-name: Specifies a BGP instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a BGP instance, this command displays outgoing labels for all BGP VPNv4 routes in the default BGP instance.
Examples
# Display outgoing labels for all BGP VPNv4 routes in the default BGP instance.
<Sysname> display bgp routing-table vpnv4 outlabel
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Total number of routes from all PEs: 2
Route distinguisher: 100:1(vpn1)
Total number of routes: 2
Network NextHop OutLabel
* >i 10.3.1.0/24 3.3.3.9 1279
* i 192.168.1.0 3.3.3.9 1278
Route distinguisher: 200:1
Total number of routes: 2
Network NextHop OutLabel
* >i 10.3.1.0/24 3.3.3.9 1279
* >i 192.168.1.0 3.3.3.9 1278
Table 75 Command output
Field |
Description |
BGP local router ID |
Router ID of the local BGP router. |
Status codes |
Route status codes: · * - valid—Valid route. · > - best—Common optimal route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route. |
Origin |
Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols. |
OutLabel |
Outgoing label. If the peer PE assigns an explicit null label, this field displays exp-null. |
display ip vpn-instance
Use display ip vpn-instance to display information about VPN instances.
Syntax
display ip vpn-instance [ instance-name vpn-instance-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
instance-name vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays brief information about all VPN instances.
Examples
# Display brief information about all VPN instances.
<Sysname> display ip vpn-instance
Total VPN-Instances configured : 1
VPN-Instance Name RD Create time
abc 1:1 2011/05/18 10:48:17
Table 76 Command output
Field |
Description |
VPN-Instance Name |
Name of the VPN instance. |
RD |
RD of the VPN instance. |
Create Time |
Time when the VPN instance was created. |
# Display detailed information about VPN instance vpn1.
<Sysname> display ip vpn-instance instance-name vpn1
VPN-Instance Name and Index : vpn1, 2
Route Distinguisher : 100:1
VPN ID : 1:1
Description : vpn1
Interfaces : GigabitEthernet2/0/2
Address-family IPv4:
Export VPN Targets :
2:2
Import VPN Targets :
3:3
Export Route Policy : outpolicy
Import Route Policy : inpolicy
Tunnel Policy : tunnel1
Maximum Routes Limit : 500
Threshold Value(%): 50
Address-family IPv6:
Export VPN Targets :
2:2
Import VPN Targets :
3:3
Export Route Policy : outpolicy
Import Route Policy : inpolicy
Tunnel Policy : tunnel1
Maximum Routes Limit :500
Threshold Value(%): 50
display ospf sham-link
Use display ospf sham-link to display OSPF sham link information.
Syntax
display ospf [ process-id ] sham-link [ area area-id ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
process-id: Specifies an OSPF process by its ID. The process ID is in the range of 1 to 65535. If you do not specify a process, this command displays sham link information for all OSPF processes.
area area-id: Specifies an OSPF area by its ID, which is an IP address, or an integer. The integer is in the range of 0 to 4294967295. If you do not specify an area, this command displays sham link information for all OSPF areas.
Usage guidelines
If you do not specify any processes or areas, this command displays information about all OSPF sham links.
Examples
# Display information about all OSPF sham links.
<Sysname> display ospf sham-link
OSPF Process 1 with Router ID 125.1.1.1
Sham link
Area Neighbor ID Source IP Destination IP State Cost
0.0.0.0 95.1.1.1 125.2.1.1 95.2.1.1 P-2-P 1
# Display OSPF sham link information for OSPF area 1.
<Sysname> display ospf sham-link area 1
OSPF Process 100 with Router ID 100.1.1.2
Sham link: 3.3.3.3 --> 5.5.5.5
Neighbor ID: 120.1.1.2 State: Full
Area: 0.0.0.1
Cost: 1 State: P-2-P Type: Sham
Timers: Hello 10, Dead 40, Retransmit 5, Transmit Delay 1
Request list: 0 Retransmit list: 0
GTSM: Enabled, maximum number of hops: 2
MD5 authentication enabled.
The last key is 3.
The rollover is in progress, 1 neighbor(s) left.
Table 77 Command output
Field |
Description |
State |
Neighbor state for the sham link, Down, Init, 2-way, ExStart, Exchange, Loading, or Full. |
Cost |
Cost of the sham link. |
State |
Sham link state: Down or P-2-P. |
Timers |
Timers for the sham link, in seconds. The timers include Hello timer, Dead timer, Retransmit timer, and Transmit Delay timer. |
GTSM: Enabled, maximum number of hops: 2 |
OSPF GTSM is enabled, and the maximum number of hops is 2. If OSPF GTSM is disabled, this field displays GTSM: Disabled. |
domain-id (OSPF view)
Use domain-id to set an OSPF domain ID.
Use undo domain-id to delete an OSPF domain ID.
Syntax
domain-id domain-id [ secondary ]
undo domain-id [ domain-id ]
Default
The OSPF domain ID is 0.
Views
OSPF view
Predefined user roles
network-admin
Parameters
domain-id: Specifies an OSPF domain ID, in one of the following formats:
· Integer, in the range of 0 to 4294967295. For example, 1.
· Dotted decimal notation. For example, 0.0.0.1.
· Dotted decimal notation:16-bit user-defined number in the range of 0 to 65535. For example, 0.0.0.1:512.
secondary: Specifies a secondary domain ID. If you do not specify this keyword, the command specifies a primary domain ID.
Usage guidelines
When you redistribute OSPF routes into BGP, BGP adds the primary domain ID to the redistributed BGP VPNv4 routes as a BGP extended community attribute. Then, BGP advertises the routes to the peer PE.
When the peer PE receives the routes, it compares the OSPF domain ID in the routes with the locally configured primary and secondary domain IDs. OSPF advertises these routes in Network Summary LSAs (Type 3) if both the following conditions exist:
· The primary or secondary domain ID is the same as the received domain ID.
· The received routes are intra-area or inter-area routes.
Otherwise, OSPF advertises these routes in AS External LSAs (Type 5) or NSSA External LSAs (Type 7).
If you do not specify any parameters, the undo domain-id command restores the default.
Examples
# Set the OSPF domain ID to 234.
<Sysname> system-view
[Sysname] ospf 100
[Sysname-ospf-100] domain-id 234
export route-policy
Use export route-policy to apply an export routing policy to a VPN instance.
Use undo export route-policy to restore the default.
Syntax
export route-policy route-policy
undo export route-policy
Default
No export routing policy is applied to a VPN instance.
Views
VPN instance view
IPv4 VPN view
IPv6 VPN view
Predefined user roles
network-admin
Parameters
route-policy: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.
Usage guidelines
You can specify an export routing policy to filter advertised routes or modify their route attributes for the VPN instance.
If you execute this command multiple times, the most recent configuration takes effect.
An export routing policy specified in VPN instance view applies to both IPv4 VPN and IPv6 VPN.
An export routing policy specified in IPv4 VPN view or IPv6 VPN view applies only to IPv4 VPN or IPv6 VPN.
IPv4 VPN prefers the export routing policy specified in IPv4 VPN view over the one specified in VPN instance view. IPv6 VPN prefers the export routing policy specified in IPv6 VPN view over the one specified in VPN instance view.
Examples
# Apply the export routing policy poly-1 to VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] export route-policy poly-1
# Apply the export routing policy poly-2 to IPv4 VPN vpn2.
<Sysname> system-view
[Sysname] ip vpn-instance vpn2
[Sysname-vpn-instance-vpn2] address-family ipv4
[Sysname-vpn-ipv4-vpn2] export route-policy poly-2
# Apply the export routing policy poly-3 to IPv6 VPN vpn3.
<Sysname> system-view
[Sysname] ip vpn-instance vpn3
[Sysname-vpn-instance-vpn3] address-family ipv6
[Sysname-vpn-ipv6-vpn3] export route-policy poly-3
Related commands
import route-policy
route-policy (Layer 3—IP Routing Command Reference)
ext-community-type (OSPF view)
Use ext-community-type to configure the type code of an OSPF extended community attribute.
Use undo ext-community-type to restore the default.
Syntax
ext-community-type { domain-id type-code1 | router-id type-code2 | route-type type-code3 }
undo ext-community-type [ domain-id | router-id | route-type ]
Default
The type codes for domain ID, router ID, and route type are hex numbers 0005, 0107, and 0306, respectively.
Views
OSPF view
Predefined user roles
network-admin
Parameters
domain-id type-code1: Specifies the type code for domain ID. Valid values are hex numbers 0005, 0105, 0205, and 8005.
router-id type-code2: Specifies the type code for router ID. Valid values are hex numbers 0107 and 8001.
route-type type-code3: Specifies the type code for route type. Valid values are hex numbers 0306 and 8000.
Examples
# Configure the type codes of domain ID, router ID, and route type as hex numbers 8005, 8001, and 8000, respectively, for OSPF process 100.
<Sysname> system-view
[Sysname] ospf 100
[Sysname-ospf-100] ext-community-type domain-id 8005
[Sysname-ospf-100] ext-community-type router-id 8001
[Sysname-ospf-100] ext-community-type route-type 8000
import route-policy
Use import route-policy to apply an import routing policy to a VPN instance.
Use undo import route-policy to restore the default.
Syntax
import route-policy route-policy
undo import route-policy
Default
All routes matching the import target attribute are accepted.
Views
VPN instance view
IPv4 VPN view
IPv6 VPN view
Predefined user roles
network-admin
Parameters
route-policy: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.
Usage guidelines
You can specify an import routing policy to filter received routes or modify their route attributes for the VPN instance.
If you execute this command multiple times, the most recent configuration takes effect.
An import routing policy specified in VPN instance view applies to both IPv4 VPN and IPv6 VPN.
An import routing policy specified in IPv4 VPN view or IPv6 VPN view applies only to the IPv4 VPN or IPv6 VPN.
IPv4 VPN prefers the import routing policy specified in IPv4 VPN view over the one specified in VPN instance view. IPv6 VPN prefers the import routing policy specified in IPv6 VPN view over the one specified in VPN instance view.
Examples
# Apply the import routing policy poly-1 to VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] import route-policy poly-1
# Apply the import routing policy poly-2 to IPv4 VPN vpn2.
<Sysname> system-view
[Sysname] ip vpn-instance vpn2
[Sysname-vpn-instance-vpn2] address-family ipv4
[Sysname-vpn-ipv4-vpn2] import route-policy poly-2
# Apply the import routing policy poly-3 to IPv6 VPN vpn3.
<Sysname> system-view
[Sysname] ip vpn-instance vpn3
[Sysname-vpn-instance-vpn3] address-family ipv6
[Sysname-vpn-ipv6-vpn3] import route-policy poly-3
Related commands
export route-policy
route-policy (Layer 3—IP Routing Command Reference)
ip binding vpn-instance
Use ip binding vpn-instance to associate an interface with a VPN instance.
Use undo ip binding vpn-instance to restore the default.
Syntax
ip binding vpn-instance vpn-instance-name
undo ip binding vpn-instance
Default
An interface is associated with no VPN instance and belongs to the public network.
Views
Interface view
Predefined user roles
network-admin
Parameters
vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters.
Usage guidelines
Use this command to associate the VPN instance with the interface connected to the CE.
This command or its undo form clears the IP address and routing protocol configuration on the interface. The specified VPN instance must have been created by using the ip vpn-instance command in system view.
To associate a new VPN instance with an interface, first execute the undo ip binding vpn-instance command to remove the existing association.
Examples
# Associate interface GigabitEthernet 2/0/1 with VPN instance vpn1.
<Sysname> system-view
[Sysname] interface gigabitethernet 2/0/1
[Sysname-GigabitEthernet2/0/1] ip binding vpn-instance vpn1
Related commands
ip vpn-instance (system view)
ip vpn-instance (system view)
Use ip vpn-instance to create a VPN instance and enter its view, or enter the view of an existing VPN instance.
Use undo ip vpn-instance to delete a VPN instance.
Syntax
ip vpn-instance vpn-instance-name
undo ip vpn-instance vpn-instance-name
Default
No VPN instances exist.
Views
System view
Predefined user roles
network-admin
Parameters
vpn-instance-name: Specifies a VPN instance name, a case-sensitive string of 1 to 31 characters.
Examples
# Create a VPN instance named vpn1 and enter its view.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1]
Related commands
route-distinguisher
nesting-vpn
Use nesting-vpn to enable the nested VPN feature.
Use undo nesting-vpn to disable the nested VPN feature.
Syntax
nesting-vpn
undo nesting-vpn
Default
The nested VPN feature is disabled.
Views
BGP VPNv4 address family view
Predefined user roles
network-admin
Usage guidelines
To exchange VPNv4 routes with a peer in nested VPN, enable nested VPN, and then execute the peer enable command to enable that peer in BGP-VPN VPNv4 address family view.
Examples
# Enable nested VPN for BGP instance default.
<Sysname> system-view
[Sysname] bgp 10
[Sysname-bgp-default] address-family vpnv4
[Sysname-bgp-default-vpnv4] nesting-vpn
peer next-hop-invariable
Use peer next-hop-invariable to configure the device to not change the next hop of routes advertised to BGP peers.
Use undo peer next-hop-invariable to configure the device to use its address as the next hop of routes advertised to BGP peers.
Syntax
peer { group-name | ip-address [ mask-length ] } next-hop-invariable
undo peer { group-name | ip-address [ mask-length ] } next-hop-invariable
Default
The device uses its address as the next hop of routes advertised to BGP peers.
Views
BGP VPNv4 address family view
Predefined user roles
network-admin
Parameters
group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters.
ip-address: Specifies a peer by its IP address.
mask-length: Specifies a mask length in the range of 0 to 32. You can use the ip-address and mask-length arguments together to specify a subnet. If you specify a subnet in this command, the device does not change the next hop of routes advertised to the dynamic peers in the subnet.
Usage guidelines
On an RR in an inter-AS option C scenario, you must configure next-hop-invariable to not change the next hop of VPNv4 routes advertised to BGP peers and RR clients.
This command is exclusive with the peer next-hop-local command.
Examples
# Configure the device to not change the next hop of routes advertised to BGP peer 1.1.1.1 in BGP instance default.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp-default] address-family vpnv4
[Sysname-bgp-default-af-vpnv4] peer 1.1.1.1 next-hop-invariable
Related commands
peer next-hop-local (Layer 3—IP Routing Command Reference)
peer upe
Use peer upe to configure BGP peers as HoVPN UPEs.
Use undo peer upe to delete HoVPN UPEs.
Syntax
peer { group-name | ip-address [ mask-length ] } upe
undo peer { group-name | ip-address [ mask-length ] } upe
Default
No BGP peer is configured as a UPE.
Views
BGP VPNv4 address family view
Predefined user roles
network-admin
Parameters
group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The specified peer group must exist.
ip-address: Specifies a peer by its IP address. The specified peer must exist.
mask-length: Specifies a mask length in the range of 0 to 32. You can use the ip-address and mask-length arguments together to specify a subnet. If you specify a subnet, this command configures all dynamic peers in the subnet as UPEs.
Usage guidelines
A UPE is a special VPNv4 peer. It can accept one default route for each related VPN instance and routes permitted by the routing policy on the SPE. An SPE is a common VPN peer.
Examples
# Configure peer 1.1.1.1 as a UPE in BGP instance default.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp-default] address-family vpnv4
[Sysname-bgp-default-vpnv4] peer 1.1.1.1 upe
peer upe route-policy
Use peer upe route-policy to advertise routes permitted by a routing policy to UPEs.
Use undo peer upe route-policy to remove the configuration.
Syntax
peer { group-name | ip-address [ mask-length ] } upe route-policy route-policy-name export
undo peer { group-name | ip-address [ mask-length ] } upe route-policy export
Default
No routes are advertised to any peers.
Views
BGP VPNv4 address family view
Predefined user roles
network-admin
Parameters
group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must exist.
ip-address: Specifies a peer by its IP address. The peer must exist.
mask-length: Specifies a mask length in the range of 0 to 32. You can use the ip-address and mask-length arguments together to specify a subnet. If you specify a subnet, this command advertises routes permitted by a routing policy to all dynamic peers in the subnet.
route-policy-name: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.
export: Applies the filtering policy to routes to be advertised.
Usage guidelines
This command must be used with the peer upe command.
Examples
# Configure peer 1.1.1.1 as a UPE, and advertise routes permitted by routing policy hope to peer 1.1.1.1 in BGP instance default.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp-default] peer 1.1.1.1 as-number 200
[Sysname-bgp-default] address-family vpnv4
[Sysname-bgp-default-vpnv4] peer 1.1.1.1 enable
[Sysname-bgp-default-vpnv4] peer 1.1.1.1 upe
[Sysname-bgp-default-vpnv4] peer 1.1.1.1 upe route-policy hope export
Related commands
peer upe
route-policy (Layer 3—IP Routing Command Reference)
policy vpn-target
Use policy vpn-target to enable route target filtering of received VPNv4 routes. Only VPNv4 routes whose export route target attribute matches local import route target attribute are added to the routing table.
Use undo policy vpn-target to disable route target filtering, permitting all incoming VPNv4 routes.
Syntax
policy vpn-target
undo policy vpn-target
Default
The route target filtering feature is enabled for received VPNv4 routes.
Views
BGP VPNv4 address family view
Predefined user roles
network-admin
Usage guidelines
In an inter-AS option B scenario, an ASBR must save all incoming VPNv4 routes and advertise those routes to the peer ASBR. For this purpose, you must execute the undo policy vpn-target command on the ASBR to disable route target filtering.
Examples
# Disable route target filtering of received VPNv4 routes in BGP instance default.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp-default] address-family vpnv4
[Sysname-bgp-default-vpnv4] undo policy vpn-target
route-distinguisher (VPN instance view)
Use route-distinguisher to configure a route distinguisher (RD) for a VPN instance.
Use undo route-distinguisher to restore the default.
Syntax
route-distinguisher route-distinguisher
undo route-distinguisher
Default
No RD is configured for a VPN instance.
Views
VPN instance view
Predefined user roles
network-admin
Parameters
route-distinguisher: Specifies an RD for the VPN instance, a string of 3 to 21 characters in one of the following formats:
· 16-bit AS number:32-bit user-defined number. For example, 101:3.
· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.
· 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1.
Usage guidelines
RDs enable VPNs to use the same address space. An RD and an IPv4 prefix comprise a unique VPN IPv4 prefix.
To modify an RD, execute the undo route-distinguisher command to remove the RD and then execute the route-distinguisher command.
Examples
# Configure RD 22:1 for VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] route-distinguisher 22:1
route-replicate
Use route-replicate to enable a VPN instance to replicate routes from the public network or other VPN instances.
Use undo route-replicate to cancel the configuration.
Syntax
route-replicate from { public | vpn-instance vpn-instance-name } protocol bgp as-number [ route-policy route-policy-name ]
route-replicate from { public | vpn-instance vpn-instance-name } protocol { direct | static | { isis | ospf | rip } process-id } [ advertise ] [ route-policy route-policy-name ]
undo route-replicate from { public | vpn-instance vpn-instance-name } protocol { direct | static | bgp as-number | { isis | ospf | rip } process-id }
Default
A VPN instance cannot replicate routes of the public network or other VPN instances.
Views
IPv4 VPN view
Predefined user roles
network-admin
Parameters
public: Replicates routes from the public network.
vpn-instance vpn-instance-name: Replicates routes from a VPN instance. The vpn-instance-name argument specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters.
protocol: Replicates routes of the specified routing protocol.
bgp: Replicates BGP routes.
as-number: Specifies an AS number in the range of 1 to 4294967295.
direct: Replicates direct routes.
static: Replicates static routes.
isis: Replicates IS-IS routes.
ospf: Replicates OSPF routes.
rip: Replicates RIP routes.
process-id: Specifies a process by its ID, in the range of 1 to 65535.
advertise: Allows the VPN instance to advertise replicated routes. If you do not specify this keyword, the VPN instance cannot advertise replicated routes.
route-policy route-policy-name: Applies a routing policy to replicated routes. The route-policy-name argument specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.
Usage guidelines
In a BGP/MPLS L3VPN network, only VPN instances that have matching route targets can communicate with each other.
This command allows a VPN instance to communicate with the public network or other VPN instances by replicating routing information of the public network or other VPN instances.
In an intelligent traffic control network, traffic of different tenants is assigned to different VPNs. To enable the tenants to communicate with the public network, configure this command to replicate routes from the public network to the VPN instances.
Examples
# Replicates OSPF routes from the public network to VPN instance vpn1.
<Sysname> system-view
[Sysname]ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] address-family ipv4
[Sysname-vpn-ipv4-vpn1] route-replicate from public protocol ospf 1
route-tag (OSPF view)
Use route-tag to configure an external route tag for redistributed VPN routes.
Use undo route-tag to restore the default.
Syntax
route-tag tag-value
undo route-tag
Default
If BGP runs within an MPLS backbone, and the BGP AS number is not greater than 65535, the first two octets of the external route tag are 0xD000, and the last two octets are the local BGP AS number. For example, if the local BGP AS number is 100, the external route tag value is 3489661028 (100 + the decimal value of 0xD0000000). If the AS number is greater than 65535, the external route tag is 0.
Views
OSPF view
Predefined user roles
network-admin
Parameters
tag-value: Specifies the external route tag for redistributed VPN routes, in the range of 0 to 4294967295.
Usage guidelines
In a dual-homed scenario where OSPF runs between the CE and the connected PEs (PE-A and PE-B, for example), you can use external route tags to avoid routing loops.
PE-A redistributes BGP routes from the peer PE into OSPF, and advertises these routes in the Type 5 or 7 LSAs to the CE. In these LSAs, PE-A adds the local external route tag.
When PE-B receives the Type 5 or 7 LSAs advertised by the CE, it compares the external route tag in the LSAs with the local external route tag. If the two tags have the same value (including the value of 0), PE-B ignores the LSA in route calculation to avoid routing loops.
The commands used to configure the external route tag (in the descending order of tag priority) are as follows:
· import-route
· route-tag (for PEs) and default tag (for CEs and MCEs)
As a best practice, configure the same external route tag for PEs in the same area.
An external route tag is not transferred in any BGP extended community attribute. It takes effect only on the PEs that receive BGP routes and generate OSPF Type 5 or 7 LSAs.
You can configure the same external route tag for different OSPF processes.
Examples
# In OSPF process 100, set the external route tag to 100 for redistributed VPN routes.
<Sysname> system-view
[Sysname] ospf 100
[Sysname-ospf-100] route-tag 100
Related commands
default (Layer 3—IP Routing Command Reference)
import-route (Layer 3—IP Routing Command Reference)
routing-table limit
Use routing-table limit to set the maximum number of active routes in a VPN instance.
Use undo routing-table limit to restore the default.
Syntax
routing-table limit number { warn-threshold | simply-alert }
undo routing-table limit
Default
The maximum number of active routes varies by device model. For more information, see the matrix table for the number argument.
Views
VPN instance view
IPv4 VPN view
IPv6 VPN view
Predefined user roles
network-admin
Parameters
number: Specifies the maximum number of active routes.
The following matrix shows the number argument and hardware compatibility:
Hardware |
Argument compatibility |
Value range |
Default |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
N/A |
N/A |
MSR2600-6-X1/2600-10-X1 |
Yes |
1 to 51024 |
51024 |
MSR 2630 |
Yes |
1 to 51024 |
51024 |
MSR3600-28/3600-51 |
Yes |
1 to 51024 |
51024 |
MSR3600-28-SI/3600-51-SI |
No |
N/A |
N/A |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
1 to 101024 |
101024 |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
1 to 101024 |
101024 |
MSR5620/5660/5680 |
Yes |
1 to 101024 |
101024 |
Hardware |
Argument compatibility |
Value range |
Default |
MSR810-LM-GL |
No |
N/A |
N/A |
MSR810-W-LM-GL |
No |
N/A |
N/A |
MSR830-6EI-GL |
No |
N/A |
N/A |
MSR830-10EI-GL |
No |
N/A |
N/A |
MSR830-6HI-GL |
No |
N/A |
N/A |
MSR830-10HI-GL |
No |
N/A |
N/A |
MSR2600-6-X1-GL |
Yes |
1 to 51024 |
51024 |
MSR3600-28-SI-GL |
No |
N/A |
N/A |
warn-threshold: Specifies a warning threshold in the range of 1 to 100 in percentage. When the percentage of the existing active routes to the maximum active routes exceeds the threshold, the system gives a log message but still allows new active routes. If active routes in the VPN instance reach the maximum, no more active routes are added.
simply-alert: Specifies that when active routes exceed the maximum number, the system still accepts active routes but generates a log message.
Usage guidelines
Setting the maximum number of active routes for a VPN instance can prevent a PE from learning too many routes.
A limit configured in VPN instance view applies to both the IPv4 VPN and the IPv6 VPN.
A limit configured in IPv4 VPN view or IPv6 VPN view applies to only the IPv4 VPN or the IPv6 VPN.
IPv4 VPN prefers the limit configured in IPv4 VPN view over the limit configured in VPN instance view. IPv6 VPN prefers the limit configured in IPv6 VPN view over the limit configured in VPN instance view.
Examples
# Specify that VPN instance vpn1 supports a maximum of 1000 active routes. When active routes exceed this limit, the device can receive new active routes but generates a log message.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] route-distinguisher 100:1
[Sysname-vpn-instance-vpn1] routing-table limit 1000 simply-alert
# Specify that IPv4 VPN vpn2 supports a maximum of 1000 active routes. When active routes exceed this limit, the device can receive new active routes but generates a log message.
<Sysname> system-view
[Sysname] ip vpn-instance vpn2
[Sysname-vpn-instance-vpn2] route-distinguisher 100:2
[Sysname-vpn-instance-vpn2] address-family ipv4
[Sysname-vpn-ipv4-vpn2] routing-table limit 1000 simply-alert
# Specify that IPv6 VPN vpn3 supports a maximum of 1000 active routes. When active routes exceed this limit, the device can receive new active routes but generates a log message.
<Sysname> system-view
[Sysname] ip vpn-instance vpn3
[Sysname-vpn-instance-vpn3] route-distinguisher 100:3
[Sysname-vpn-instance-vpn3] address-family ipv6
[Sysname-vpn-ipv4-vpn3] routing-table limit 1000 simply-alert
rr-filter (BGP VPNv4 address family view)
Use rr-filter to create a route reflector (RR) reflection policy. Only IBGP routes whose extended community attribute matches the specified extended community list are reflected.
Use undo rr-filter to restore the default.
Syntax
rr-filter ext-comm-list-number
undo rr-filter
Default
An RR does not filter reflected routes.
Views
BGP VPNv4 address family view
BGP-VPN VPNv4 address family view
Predefined user roles
network-admin
Parameters
ext-comm-list-number: Specifies an extended community list number in the range of 1 to 65535.
Usage guidelines
By configuring different RR reflection policies on RRs in a cluster, you can implement load balancing among the RRs.
Examples
# Configure the RR to reflect only VPNv4 routes that are permitted by extended community list 10 in BGP instance default.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp-default] address-family vpnv4
[Sysname-bgp-default-vpnv4] rr-filter 10
sham-link (OSPF area view)
Use sham-link to create an OSPF sham link.
Use undo sham-link to remove an OSPF sham link or restore the defaults of specified parameters for an OSPF sham link.
Syntax
sham-link source-ip-address destination-ip-address [ cost cost-value | dead dead-interval | hello hello-interval | { { hmac-md5 | md5 } key-id { cipher | plain } string | simple { cipher | plain } string } | retransmit retrans-interval | trans-delay delay | ttl-security hops hop-count ] *
undo sham-link source-ip-address destination-ip-address [ cost | dead | hello | { { hmac-md5 | md5 } key-id | simple } | retransmit | trans-delay | ttl-security ] *
Default
No OSPF sham links exist.
Views
OSPF area view
Predefined user roles
network-admin
Parameters
source-ip-address: Specifies the source IP address of the sham link.
destination-ip-address: Specifies the destination IP address of the sham link.
cost cost-value: Specifies the cost of the sham link, in the range of 1 to 65535. The default cost is 1.
dead dead-interval: Specifies the dead interval in the range of 1 to 32768 seconds. The default is 40 seconds. The dead interval configured on the two ends of the sham link must be identical, and it must be at least four times the hello interval.
hello hello-interval: Specifies the interval for sending hello packets, in the range of 1 to 8192 seconds. The default is 10 seconds. The hello interval configured on the two ends of the sham link must be identical.
hmac-md5: Enables HMAC-MD5 authentication.
md5: Enables MD5 authentication.
simple: Enables simple authentication.
key-id: Specifies a key ID in the range of 1 to 255.
cipher: Specifies a key in encrypted form.
plain: Specifies a key in plaintext form. For security purposes, the key specified in plaintext form will be stored in encrypted form.
string: Specifies the key. This argument is case sensitive.
· In simple authentication mode, the plaintext form of the key is a string of 1 to 8 characters. The encrypted form of the key is a string of 33 to 41 characters.
· In MD5/HMAC-MD5 authentication mode, the plaintext form of the key is a string of 1 to 16 characters. The encrypted form of the key is a string of 33 to 53 characters.
retransmit retrans-interval: Specifies the interval for retransmitting LSAs, in the range of 1 to 3600 seconds. The default is 5 seconds.
trans-delay delay: Specifies the delay interval before the interface sends an LSA, in the range of 1 to 3600 seconds. The default is 1 second.
ttl-security hops hop-count: Enables OSPF GTSM and specifies the maximum number of hops to the sham link neighbor. The value range for the hop-count argument is 1 to 254. By default, OSPF GTSM is disabled.
Usage guidelines
When a backdoor link exists between the two sites of a VPN, traffic is forwarded through the backdoor link. To forward VPN traffic over the backbone, you can create a sham link between PEs. A sham link is considered an OSPF intra-area route.
This command can configure MD5/HMAC-MD5 or simple authentication for the sham link, but not both. For MD5/HMAC-MD5 authentication, you can configure multiple keys by executing this command multiple times, but a key-id can correspond with only one key.
To modify the MD5/HMAC-MD5 authentication key of a sham link, perform the following tasks:
1. Configure a new key for the sham link on the local device. If the neighbor on the sham link has not been configured with the new key, this configuration triggers a key rollover process, during which, OSPF advertises both the new and old keys so the neighbor can pass authentication and the neighbor relationship is maintained.
2. Configure the same key for the sham link on the neighbor. After the local device receives a packet carrying the new key from the neighbor, it quits the key rollover process.
3. Execute the undo sham-link command on the local device and the neighbor to remove the old key. This operation can avoid attacks to the sham link that uses the old key and reduce bandwidth consumption by key rollover.
OSPF GTSM protects the device from being attacked by CPU-utilization attacks. When OSPF GTSM is enabled for a sham link, the device compares the TTL value of an OSPF packet received from the sham link against the valid TTL range. If the TTL value is within the valid TTL range, the packet is accepted. If not, the packet is discarded. The valid TTL range is from "255 – the configured hop count + 1" to 255. For packets sent to the sham link, the device sets the packet TTL value to 255.
You cannot configure a sham link with the same source and destination IP address for multiple OSPF processes in a VPN instance.
For an OSPF neighbor relationship to be successfully established, the sham links configured on the local and remote PEs must be in the same OSPF area.
To use GTSM, you must configure GTSM on both the local and peer devices. You can specify different hop-count values on the devices.
Examples
# Create a sham link with the source address 1.1.1.1 and destination address 2.2.2.2.
<Sysname> system-view
[Sysname] ospf
[Sysname-ospf-1] area 0
[Sysname-ospf-1-area-0.0.0.0] sham-link 1.1.1.1 2.2.2.2
Related commands
display ospf sham-link
snmp context-name
Use snmp context-name to configure an SNMP context for a VPN instance.
Use undo snmp context-name to restore the default.
Syntax
snmp context-name context-name
undo snmp context-name
Default
No SNMP context is configured for a VPN instance.
Views
VPN instance view
Predefined user roles
network-admin
Parameters
context-name: Specifies an SNMP context, a case-sensitive string of 1 to 32 characters.
Usage guidelines
VPN-aware features such as AAA and NAT do not know the VPN instance to which a managed MIB node belongs. To resolve this issue, configure different SNMP contexts for different VPN instances.
The device selects a MIB for an SNMP packet according to the context (for SNMPv3) or community name (for SNMPv1/v2c) in the following ways:
· For an SNMPv3 packet:
¡ The device selects the public MIB if the packet does not carry a context.
¡ The device selects the MIB of a VPN instance if the packet meets the following conditions:
- Carries a context that was configured with the snmp-agent context command in system view.
- Matches the context of the VPN instance.
¡ The device does not process any MIBs in other situations.
· For an SNMPv1/v2c packet:
¡ The device selects the public MIB if no SNMP community to SNMP context mapping was configured with the snmp-agent community-map command in system view.
¡ The device selects the MIB of a VPN instance if the SNMP community is mapped to an SNMP context and the context matches the context of the VPN instance.
¡ The device does not process any MIBs in other situations.
For more information about SNMP context and community name, see Network Management and Monitoring Configuration Guide.
Do not configure the same SNMP context for different VPN instances.
If you execute this command multiple times, the most recent configuration takes effect.
Examples
# Configure SNMP context vpna for VPN instance vpna.
<Sysname> system-view
[Sysname] snmp-agent context vpna
[Sysname] ip vpn-instance vpna
[Sysname-vpn-instance-vpna] route-distinguisher 22:33
[Sysname-vpn-instance-vpna] snmp context-name vpna
Related commands
snmp-agent community-map (Network Management and Monitoring Command Reference)
snmp-agent context (Network Management and Monitoring Command Reference)
snmp-agent trap enable l3vpn
Use snmp-agent trap enable l3vpn to enable SNMP notifications for MPLS L3VPN.
Use undo snmp-agent trap enable l3vpn to disable SNMP notifications for MPLS L3VPN.
Syntax
snmp-agent trap enable l3vpn
undo snmp-agent trap enable l3vpn
Default
SNMP notifications for MPLS L3VPN are enabled.
Views
System view
Predefined user roles
network-admin
Usage guidelines
To report critical MPLS L3VPN events to an NMS, enable SNMP notifications for MPLS L3VPN. For MPLS L3VPN event notifications to be sent correctly, you must also configure SNMP on the device. For more information about SNMP configuration, see the network management and monitoring configuration guide for the device.
Examples
# Enable SNMP notifications for MPLS L3VPN.
<Sysname> system-view
[Sysname] snmp-agent trap enable l3vpn
tnl-policy
Use tnl-policy to associate a VPN instance with a tunnel policy.
Use undo tnl-policy to restore the default.
Syntax
tnl-policy tunnel-policy-name
undo tnl-policy
Default
No tunnel policy is associated with a VPN instance.
Views
VPN instance view
IPv4 VPN view
IPv6 VPN view
Predefined user roles
network-admin
Parameters
tunnel-policy-name: Specifies a tunnel policy by its name, a case-sensitive string of 1 to 19 characters.
Usage guidelines
The VPN instance uses the specified tunnel policy to select tunnels for traffic.
If a VPN instance is not associated with any tunnel policies or the associated tunnel policy is not configured, the VPN instance selects tunnels according to the default tunnel policy. The default tunnel policy selects only one tunnel in this order: LSP tunnel, GRE tunnel, CRLSP tunnel.
A tunnel policy specified in VPN instance view applies to both the IPv4 VPN and the IPv6 VPN.
A tunnel policy specified in IPv4 VPN view or IPv6 VPN view applies only to the IPv4 VPN or IPv6 VPN.
IPv4 VPN prefers the tunnel policy specified in IPv4 VPN view over the tunnel policy specified in VPN instance view. IPv6 VPN prefers the tunnel policy specified in IPv6 VPN view over the tunnel policy specified in VPN instance view.
Examples
# Associate VPN instance vpn1 with tunnel policy po1.
<Sysname> system-view
[Sysname] tunnel-policy po1
[Sysname-tunnel-policy-po1] select-seq lsp load-balance-number 1
[Sysname-tunnel-policy-po1] quit
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] route-distinguisher 22:33
[Sysname-vpn-instance-vpn1] tnl-policy po1
[Sysname-vpn-instance-vpn1] quit
# Associate the IPv4 VPN vpn2 with tunnel policy po1.
[Sysname] ip vpn-instance vpn2
[Sysname-vpn-instance-vpn2] route-distinguisher 11:22
[Sysname-vpn-instance-vpn2] address-family ipv4
[Sysname-vpn-ipv4-vpn2] tnl-policy po1
[Sysname-vpn-ipv4-vpn2] quit
[Sysname-vpn-instance-vpn2] quit
# Associate the IPv6 VPN vpn3 with tunnel policy po1.
[Sysname] ip vpn-instance vpn3
[Sysname-vpn-instance-vpn3] route-distinguisher 11:33
[Sysname-vpn-instance-vpn3] address-family ipv6
[Sysname-vpn-ipv6-vpn3] tnl-policy po1
Related commands
tunnel-policy
vpn popgo
Use vpn popgo to specify the VPN label processing mode as POPGO forwarding on an egress PE. In POPGO forwarding mode, the egress PE pops the label for each packet and forwards the packet out of the interface corresponding to the label.
Use undo vpn popgo to restore the default.
Syntax
vpn popgo
undo vpn popgo
Default
The VPN label processing mode is POP forwarding on an egress PE, which will pop the label for each packet and forward the packet through the FIB table.
Views
BGP instance view
Predefined user roles
network-admin
Usage guidelines
After you execute the vpn popgo command, the egress PE disconnects and re-establishes BGP sessions to re-learn VPN routes, and it does not support load sharing among VPN BGP peers.
The vpn popgo and label-allocation-mode per-vrf commands are mutually exclusive. Do not configure both commands in a BGP instance.
Examples
# Specify the VPN label processing mode on the egress PE as POPGO forwarding for the BGP instance default.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp-default] vpn popgo
# Specify the VPN label processing mode on the egress PE as POP forwarding for the BGP instance default.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp-default] undo vpn popgo
Related commands
label-allocation-mode (Layer 3—IP Routing Command Reference)
vpn-id
Use vpn-id to configure a VPN ID for a VPN instance.
Use undo vpn-id to restore the default.
Syntax
vpn-id vpn-id
undo vpn-id
Default
No VPN ID is configured for a VPN instance.
Views
VPN instance view
Predefined user roles
network-admin
Parameters
vpn-id: Specifies a VPN ID for the VPN instance, in the form of OUI:Index. Both OUI and Index are hex numbers. The OUI is in the range of 0 to FFFFFF, and the index is in the range of 0 to FFFFFFFF.
Usage guidelines
A VPN ID uniquely identifies a VPN instance. Different VPN instances must have different VPN IDs.
A VPN ID cannot be 0:0.
Examples
# Configure VPN ID 20:1 for VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] vpn-id 20:1
Related commands
display ip vpn-instance
vpn-route cross multipath
Use vpn-route cross multipath to enable ECMP VPN route redistribution.
Use undo vpn-route cross multipath to disable ECMP VPN route redistribution.
Syntax
vpn-route cross multipath
undo vpn-route cross multipath
Default
ECMP VPN route redistribution is disabled. If multiple routes have the same prefix and RD, a VPN redistributes only the optimal route to its routing table.
Views
BGP IPv4 unicast address family view
BGP IPv6 unicast address family view
BGP-VPN IPv4 unicast address family view
BGP-VPN IPv6 unicast address family view
Predefined user roles
network-admin
Usage guidelines
This feature enables a VPN instance to redistribute multiple routes that have the same prefix and RD into its routing table. Then, you can configure load sharing among the ECMP routes or MPLS L3VPN FRR.
Examples
# In BGP-VPN IPv4 unicast address family view, enable ECMP route redistribution.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp-default] ip vpn-instance vpn1
[Sysname-bgp-default-vpn1] address-family ipv4
[Sysname-bgp-default-ipv4-vpn1] vpn-route cross multipath
vpn-target (VPN instance view/IPv4 VPN view/IPv6 VPN view)
Use vpn-target to configure route targets for a VPN instance.
Use undo vpn-target to remove the specified or all route targets of a VPN instance.
Syntax
vpn-target vpn-target&<1-8> [ both | export-extcommunity | import-extcommunity ]
undo vpn-target { all | vpn-target&<1-8> [ both | export-extcommunity | import-extcommunity ] }
Default
No route targets are configured for a VPN instance.
Views
VPN instance view
IPv4 VPN view
IPv6 VPN view
Predefined user roles
network-admin
Parameters
vpn-target&<1-8>: Specifies a space-separated list of route targets. You can specify a maximum of eight route targets each time you execute the command.
A route target is a string of 3 to 21 characters in one of the following formats:
· 16-bit AS number:32-bit user-defined number. For example, 101:3.
· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.
· 32-bit AS number:16-bit user-defined number, where the AS number must not be less than 65536. For example, 65536:1.
both: Uses the specified route targets as both import targets and export targets. The both keyword is also used when you do not specify any of the following keywords: both, export-extcommunity, and import-extcommunity.
export-extcommunity: Uses the specified route targets as export targets.
import-extcommunity: Uses the specified route targets as import targets.
all: Removes all route targets.
Usage guidelines
MPLS L3VPN uses route targets to control the advertisement of VPN routing information. A PE adds the configured export targets into the route target attribute of routes advertised to a peer. The peer uses the local import targets to match the route targets of received routes. If a match is found, the peer adds the routes to the routing table of the VPN instance.
Route targets configured in VPN instance view applies to both the IPv4 VPN and the IPv6 VPN.
Route targets configured in IPv4 VPN view or IPv6 VPN view applies only to the IPv4 VPN or IPv6 VPN.
Route targets configured in IPv4 VPN view or IPv6 VPN view take precedence over those configured in VPN instance view. If you configure route targets in both IPv4 VPN view and VPN instance view, the IPv4 VPN uses the route targets configured in IPv4 VPN view. If you configure route targets in both IPv6 VPN view and VPN instance view, the IPv6 VPN uses the route targets configured in IPv6 VPN view.
Examples
# Configure route targets for VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] vpn-target 3:3 export-extcommunity
[Sysname-vpn-instance-vpn1] vpn-target 4:4 import-extcommunity
[Sysname-vpn-instance-vpn1] vpn-target 5:5 both
# Configure route targets for IPv4 VPN vpn2.
<Sysname> system-view
[Sysname] ip vpn-instance vpn2
[Sysname-vpn-instance-vpn2] address-family ipv4
[Sysname-vpn-ipv4-vpn2] vpn-target 3:3 export-extcommunity
[Sysname-vpn-ipv4-vpn2] vpn-target 4:4 import-extcommunity
[Sysname-vpn-ipv4-vpn2] vpn-target 5:5 both
# Configure route targets for IPv6 VPN vpn3.
<Sysname> system-view
[Sysname] ip vpn-instance vpn3
[Sysname-vpn-instance-vpn3] address-family ipv6
[Sysname-vpn-ipv6-vpn3] vpn-target 3:3 export-extcommunity
[Sysname-vpn-ipv6-vpn3] vpn-target 4:4 import-extcommunity
[Sysname-vpn-ipv6-vpn3] vpn-target 5:5 both
IPv6 MPLS L3VPN commands
This chapter describes only IPv6 MPLS L3VPN-specific commands. For information about the commands available for both IPv4 MPLS L3VPN and IPv6 MPLS L3VPN, see "MPLS L3VPN commands."
The following matrix shows the feature and hardware compatibility:
Hardware |
IPv6 MPLS L3VPN compatibility |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
MSR2600-6-X1/2600-10-X1 |
Yes |
MSR 2630 |
Yes |
MSR3600-28/3600-51 |
Yes |
MSR3600-28-SI/3600-51-SI |
No |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
MSR5620/5660/5680 |
Yes |
Hardware |
IPv6 MPLS L3VPN compatibility |
MSR810-LM-GL |
No |
MSR810-W-LM-GL |
No |
MSR830-6EI-GL |
No |
MSR830-10EI-GL |
No |
MSR830-6HI-GL |
No |
MSR830-10HI-GL |
No |
MSR2600-6-X1-GL |
Yes |
MSR3600-28-SI-GL |
No |
address-family ipv6 (VPN instance view)
Use address-family ipv6 to enter IPv6 VPN view.
Use undo address-family ipv6 to remove all configurations from IPv6 VPN view.
Syntax
address-family ipv6
undo address-family ipv6
Views
VPN instance view
Predefined user roles
network-admin
Usage guidelines
In IPv6 VPN view, you can configure IPv6 VPN parameters such as inbound and outbound routing policies.
Examples
# Enter IPv6 VPN view.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] address-family ipv6
[Sysname-vpn-ipv6-vpn1]
Related commands
address-family ipv4 (VPN instance view)
address-family vpnv6
Use address-family vpnv6 to create the BGP VPNv6 address family and enter its view, or enter the view of the existing BGP VPNv6 address family.
Use undo address-family vpnv6 to remove the BGP VPNv6 address family and all configurations in address family view.
Syntax
address-family vpnv6
undo address-family vpnv6
Default
The BGP VPNv6 address family is not created.
Views
BGP instance view
Predefined user roles
network-admin
Usage guidelines
A VPNv6 address consists of an RD and an IPv6 prefix. In IPv6 MPLS L3VPNs, PEs exchange BGP VPNv6 routes.
For a PE to exchange BGP VPNv6 routes with a BGP peer, you must enable that peer by executing the peer enable command in BGP VPNv6 address family view.
In BGP VPNv6 address family view, you can configure the following settings:
· BGP VPNv6 route attributes, such as the preferred value.
· Whether to allow the local AS number to appear in the AS_PATH attribute of received route updates.
Examples
# In BGP instance default, create the BGP VPNv6 address family and enter its view.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp-default] address-family vpnv6
[Sysname-bgp-default-af-vpnv6]
disable-dn-bit-check
Use disable-dn-bit-check to ignore the DN bit in OSPFv3 LSAs.
Use undo disable-dn-bit-check to restore the default.
Syntax
disable-dn-bit-check
undo disable-dn-bit-check
Default
A PE checks the DN bit in OSPFv3 LSAs.
Views
OSPFv3 view
Predefined user roles
network-admin
Usage guidelines
When a PE redistributes BGP routes into OSPFv3 and creates OSPFv3 LSAs, it sets the DN bit for the LSAs. When receiving the LSAs whose DN bit is set, the other PEs ignore the LSAs in route calculation to avoid routing loops.
If all LSAs from other PEs, including the LSAs whose DN bit is set, are required for route calculation, use the disable-dn-bit-check command to ignore the DN bit.
Before using this command, make sure it does not cause any routing loops.
This command takes effect only for a VPN OSPFv3 process that is not configured with the vpn-instance-capability simple command.
Examples
# Ignore the DN bit in LSAs for VPN OSPFv3 process 100.
<Sysname> system-view
[Sysname] ospfv3 100 vpn-instance vpn1
[Sysname-ospfv3-100] disable-dn-bit-check
Related commands
disable-dn-bit-set
display ospfv3 (Layer 3—IP Routing Command Reference)
disable-dn-bit-set
Use disable-dn-bit-set to disable setting the DN bit in OSPFv3 LSAs.
Use undo disable-dn-bit-set to restore the default.
Syntax
disable-dn-bit-set
undo disable-dn-bit-set
Default
When a PE redistributes BGP routes into OSPFv3 and creates OSPFv3 LSAs, it sets the DN bit for the LSAs.
Views
OSPFv3 view
Predefined user roles
network-admin
Usage guidelines
When a PE redistributes BGP routes into OSPFv3 and creates OSPFv3 LSAs, it sets the DN bit for the LSAs. When receiving the LSAs whose DN bit is set, the other PEs ignore the LSAs in route calculation to avoid routing loops.
If other PEs require all LSAs from a local PE for route calculation, use the disable-dn-bit-set command to disable setting the DN bit in the LSAs.
Before using this command, make sure it does not cause any routing loops.
This command takes effect only for a VPN OSPFv3 process that is not configured with the vpn-instance-capability simple command.
Examples
# Disable setting the DN bit in LSAs for VPN OSPFv3 process 100.
<Sysname> system-view
[Sysname] ospfv3 100 vpn-instance vpn1
[Sysname-ospfv3-100] disable-dn-bit-set
Related commands
disable-dn-bit-check
display ospfv3 (Layer 3—IP Routing Command Reference)
display bgp routing-table vpnv6
Use display bgp routing-table vpnv6 to display BGP VPNv6 routing information.
Syntax
display bgp [ instance instance-name ] routing-table vpnv6 [ [ route-distinguisher route-distinguisher ] [ ipv6-address prefix-length [ advertise-info ] | as-path-acl as-path-acl-number | community-list { { basic-community-list-number | comm-list-name } [ whole-match ] | adv-community-list-number } ] | peer ipv4-address { advertised-routes | received-routes } [ ipv6-address prefix-length | statistics ] | statistics ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
instance instance-name: Specifies a BGP instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a BGP instance, this command displays BGP VPNv6 routes in the default BGP instance.
route-distinguisher route-distinguisher: Specifies an RD, a string of 3 to 21 characters in one of the following formats:
· 16-bit AS number:32-bit user-defined number. For example, 101:3.
· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.
· 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1.
ipv6-address prefix-length: Displays detailed information about the BGP VPNv6 route that exactly matches the specified network address and prefix length. The prefix length is in the range of 0 to 128. If you do not specify this argument, the command displays brief information about all BGP VPNv6 routes.
advertise-info: Displays BGP VPNv6 route advertisement information.
as-path-acl as-path-acl-number: Displays BGP VPNv6 routes that match the AS path list specified by its number in the range of 1 to 256.
community-list: Displays BGP VPNv6 routes that match a BGP community list.
basic-community-list-number: Specifies a basic community list by its number in the range of 1 to 99.
comm-list-name: Specifies a community list by its name, a case-sensitive string of 1 to 63 characters.
whole-match: Displays BGP VPNv6 routes exactly matching the specified community list. If you do not specify this keyword, the command displays BGP VPNv6 routes whose COMMUNITY attributes include the specified community list.
adv-community-list-number: Specifies an advanced community list by its number in the range of 100 to 199.
peer: Displays BGP VPNv6 routing information advertised to or received from a peer.
ipv4-address: Specifies the peer IP address.
advertised-routes: Displays BGP VPNv6 routing information advertised to the specified peer.
received-routes: Displays BGP VPNv6 routing information received from the specified peer.
statistics: Displays BGP VPNv6 routing statistics.
Usage guidelines
If you do not specify any parameters, this command displays brief information about all BGP VPNv6 routes.
Examples
# Display brief information about all BGP VPNv6 routes in the default BGP instance.
<Sysname> display bgp routing-table vpnv6
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Total number of routes from all PEs: 1
Route distinguisher: 100:1(vpn1)
Total number of routes: 4
* > Network : 2001:1:: PrefixLen : 96
NextHop : :: LocPrf :
PrefVal : 32768 OutLabel : NULL
MED : 0
Path/Ogn: ?
* e Network : 2001:1:: PrefixLen : 96
NextHop : 2001:1::1 LocPrf :
PrefVal : 0 OutLabel : NULL
MED : 0
Path/Ogn: 65410?
* > Network : 2001:1::2 PrefixLen : 128
NextHop : ::1 LocPrf :
PrefVal : 32768 OutLabel : NULL
MED : 0
Path/Ogn: ?
* >i Network : 2001:3:: PrefixLen : 96
NextHop : ::FFFF:3.3.3.9 LocPrf : 100
PrefVal : 0 OutLabel : 1279
MED : 0
Path/Ogn: ?
Route distinguisher: 200:1
Total number of routes: 1
* >i Network : 2001:3:: PrefixLen : 96
NextHop : ::FFFF:3.3.3.9 LocPrf : 100
PrefVal : 0 OutLabel : 1279
MED : 0
Path/Ogn: ?
# Display information about BGP VPNv6 routes matching the AS_PATH list 1 in the default BGP instance.
<Sysname> display bgp routing-table vpnv6 as-path-acl 1
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Total number of routes from all PEs: 1
Route distinguisher: 100:1(vpn1)
Total number of routes: 4
* > Network : 2001:1:: PrefixLen : 96
NextHop : :: LocPrf :
PrefVal : 32768 OutLabel : NULL
MED : 0
Path/Ogn: ?
* e Network : 2001:1:: PrefixLen : 96
NextHop : 2001:1::1 LocPrf :
PrefVal : 0 OutLabel : NULL
MED : 0
Path/Ogn: 65410?
* > Network : 2001:1::2 PrefixLen : 128
NextHop : ::1 LocPrf :
PrefVal : 32768 OutLabel : NULL
MED : 0
Path/Ogn: ?
* >i Network : 2001:3:: PrefixLen : 96
NextHop : ::FFFF:3.3.3.9 LocPrf : 100
PrefVal : 0 OutLabel : 1279
MED : 0
Path/Ogn: ?
Route distinguisher: 200:1
Total number of routes: 1
* >i Network : 2001:3:: PrefixLen : 96
NextHop : ::FFFF:3.3.3.9 LocPrf : 100
PrefVal : 0 OutLabel : 1279
MED : 0
Path/Ogn: ?
# Display information about BGP VPNv6 routes matching the BGP community list 100 in the default BGP instance.
<Sysname> display bgp routing-table vpnv6 community-list 100
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Total number of routes from all PEs: 1
Route distinguisher: 100:1(vpn1)
Total number of routes: 4
* > Network : 2001:1:: PrefixLen : 96
NextHop : :: LocPrf :
PrefVal : 32768 OutLabel : NULL
MED : 0
Path/Ogn: ?
* e Network : 2001:1:: PrefixLen : 96
NextHop : 2001:1::1 LocPrf :
PrefVal : 0 OutLabel : NULL
MED : 0
Path/Ogn: 65410?
* > Network : 2001:1::2 PrefixLen : 128
NextHop : ::1 LocPrf :
PrefVal : 32768 OutLabel : NULL
MED : 0
Path/Ogn: ?
* >i Network : 2001:3:: PrefixLen : 96
NextHop : ::FFFF:3.3.3.9 LocPrf : 100
PrefVal : 0 OutLabel : 1279
MED : 0
Path/Ogn: ?
Route distinguisher: 200:1
Total number of routes: 1
* >i Network : 2001:3:: PrefixLen : 96
NextHop : ::FFFF:3.3.3.9 LocPrf : 100
PrefVal : 0 OutLabel : 1279
MED : 0
Path/Ogn: ?
# Display information about public BGP VPNv6 routes advertised to 3.3.3.9 in the default BGP instance.
<Sysname> display bgp routing-table vpnv6 peer 3.3.3.9 advertised-routes
Total number of routes: 1
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Route distinguisher: 100:1
Total number of routes: 1
* > Network : 2001:1:: PrefixLen : 96
NextHop : :: LocPrf :
MED : 0 OutLabel : NULL
Path/Ogn: ?
# Display information about public BGP VPNv6 routes received from 3.3.3.9 in the default BGP instance.
<Sysname> display bgp routing-table vpnv6 peer 3.3.3.9 received-routes
Total number of routes: 1
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Route distinguisher: 200:1
Total number of routes: 1
* >i Network : 2001:3:: PrefixLen : 96
NextHop : ::FFFF:3.3.3.9 LocPrf : 100
PrefVal : 0 OutLabel : 1279
MED : 0
Path/Ogn: ?
Field |
Description |
BGP local router ID |
Router ID of the local BGP router. |
Status codes |
Route status codes: · * - valid—Valid route. · > - best—Common optimal route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route. |
Origin |
Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols. |
Total number of routes from all PEs |
Total number of VPNv6 routes from all PEs. |
Network |
Network address. |
PrefixLen |
Prefix length. |
NextHop |
Address of the next hop. |
LocPrf |
Local preference value. |
PrefVal |
Preferred value. |
MED |
MULTI_EXIT_DISC attribute. |
Path/Ogn |
AS_PATH and Origin attributes. |
# Display detailed information about BGP VPNv6 routes to 2::/64 in the default BGP instance.
<Sysname> display bgp routing-table vpnv6 2:: 64
BGP local router ID: 192.168.1.135
Local AS number: 200
Paths: 2 available, 1 best
BGP routing table information of 2::/64:
From : 10.1.1.1 (192.168.1.136)
Rely nexthop : ::FFFF:10.1.1.1
Original nexthop: ::FFFF:10.1.1.1
OutLabel : NULL
AS-path : 100
Origin : igp
Attribute value : MED 0, pref-val 0
State : valid, external, best
IP precedence : N/A
QoS local ID : N/A
Traffic index : N/A
Backup route.
From : 1::1 (192.168.1.136)
Rely nexthop : 1::1
Original nexthop: 1::1
OutLabel : NULL
AS-path : 100
Origin : igp
Attribute value : MED 0, pref-val 0
State : valid, external
IP precedence : N/A
QoS local ID : N/A
Traffic index : N/A
Table 79 Command output
Field |
Description |
BGP local router ID |
Router ID of the local BGP router. |
Paths |
Number of routes: · available—Available routes. · best—Optimal routes. |
BGP routing table information of 2::/64 |
Routing information for the BGP routes to 2::/64. |
From |
IP address of the BGP peer that advertises the route. |
Rely Nexthop |
Recursive next hop. If no recursive next hop is found, this field displays not resolved. |
Original nexthop |
Original next hop. If the route is learned from a BGP update, it is the next hop in the update message. |
Origin |
Route origin: · igp—Originated in the AS. The origin of routes advertised by the network command is IGP. · egp—Learned through EGP. · incomplete—Redistributed from IGP protocols. |
Attribute value |
BGP route attribute information: · MED—MED attribute. · localpref—Local preference. · pref-val—Preferred value. · pre—Protocol preference. |
State |
Route status: · valid—Valid route. · internal—Internal route. · external—External route. · local—Locally generated route. · best—Optimal route. |
IP precedence |
IP priority of a route, in the range of 0 to 7. N/A indicates that the route does not support this field. |
QoS local ID |
QoS local ID attribute of a route, in the range of 1 to 4095. N/A indicates that the route does not support this field. |
Traffic index |
Index of the traffic, in the range of 1 to 64. N/A indicates that the route does not support this field. |
# Display advertisement information for BGP VPNv6 routes to 2001:1::/96 in the default BGP instance.
<Sysname> display bgp routing-table vpnv6 2001:1:: 96 advertise-info
BGP local router ID: 1.1.1.9
Local AS number: 100
Route distinguisher: 100:1
Total number of routes: 1
Paths: 1 best
BGP routing table information of 2001:1::/96:
Advertised to VPN peers (1 in total):
3.3.3.9
Inlabel : 1279
Table 80 Command output
Field |
Description |
Paths |
Number of routes to the specified destination network. |
BGP routing table information of 2001:1::/96 |
Advertisement information for the BGP route to 2001:1::/96. |
Advertised to VPN peers (1 in total) |
VPNv6 peers to which the route is advertised, and the number of peers. |
Inlabel |
Incoming label of the route. |
# Display statistics about public BGP VPNv6 routes advertised to peer 3.3.3.9 in the default BGP instance.
<Sysname> display bgp routing-table vpnv6 peer 3.3.3.9 advertised-routes statistics
Advertised routes total: 2
# Display statistics about public BGP VPNv6 routes received from peer 3.3.3.9 in the default BGP instance.
<Sysname> display bgp routing-table vpnv6 peer 3.3.3.9 received-routes statistic
Received routes total: 2
Table 81 Command output
Field |
Description |
Advertised routes total |
Total number of routes advertised to the specified peer. |
Received routes total |
Total number of routes received from the specified peer. |
# Display statistics about public BGP VPNv6 routes in the default BGP instance.
<Sysname> display bgp routing-table vpnv6 statistics
Total number of routes from all PEs: 1
Route distinguisher: 100:1(vpn1)
Total number of routes: 4
Route distinguisher: 200:1
Total number of routes: 1
Table 82 Command output
Field |
Description |
Total number of routes from all PEs |
Total number of VPNv6 routes from all PEs. |
Total number of routes |
Total number of VPNv6 routes with the specified RD. |
Related commands
ip as-path (Layer 3—IP Routing Command Reference)
display bgp routing-table vpnv6 inlabel
Use display bgp routing-table vpnv6 inlabel to display incoming labels for all BGP VPNv6 routes.
Syntax
display bgp [ instance instance-name ] routing-table vpnv6 inlabel
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
instance instance-name: Specifies a BGP instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a BGP instance, this command displays incoming labels for all BGP VPNv6 routes in the default BGP instance.
Examples
# Display incoming labels for all BGP VPNv6 routes.
<Sysname> display bgp routing-table vpnv6 inlabel
Total number of routes: 1
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Route distinguisher: 100:1
Total number of routes: 1
* > Network : 2001:1:: PrefixLen : 96
NextHop : :: OutLabel : NULL
InLabel : 1279
Table 83 Command output
Field |
Description |
BGP local router ID |
Router ID of the local BGP router. |
Status codes |
Route status codes: · * - valid—Valid route. · > - best—Common optimal route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route. |
Origin |
Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols. |
OutLabel |
Outgoing label. If the peer PE assigns a null label, this field displays NULL. |
InLabel |
Incoming label. |
display bgp routing-table vpnv6 outlabel
Use display bgp routing-table vpnv6 outlabel to display outgoing labels for BGP VPNv6 routes.
Syntax
display bgp [ instance instance-name ] routing-table vpnv6 outlabel
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
instance instance-name: Specifies a BGP instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a BGP instance, this command displays outgoing labels for all BGP VPNv6 routes in the default BGP instance.
Examples
# Display outgoing labels for all BGP VPNv6 routes in the default BGP instance.
<Sysname> display bgp routing-table vpnv6 outlabel
BGP local router ID is 1.1.1.9
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Total number of routes from all PEs: 1
Route distinguisher: 100:1(vpn1)
Total number of routes: 1
* >i Network : 2001:3:: PrefixLen : 96
NextHop : ::FFFF:3.3.3.9 OutLabel : 1279
Route distinguisher: 200:1
Total number of routes: 1
* >i Network : 2001:3:: PrefixLen : 96
NextHop : ::FFFF:3.3.3.9 OutLabel : 1279
Table 84 Command output
Field |
Description |
BGP local router ID |
Router ID of the local BGP router. |
Status |
Route status codes: · * - valid—Valid route. · > - best—Common optimal route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route. |
Origin |
Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols. |
OutLabel |
Outgoing label. If the peer PE assigns an explicit null label, this field displays exp-null. |
display ospfv3 sham-link
Use display ospfv3 sham-link to display OSPFv3 sham link information.
Syntax
display ospfv3 [ process-id ] [ area area-id ] sham-link [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
process-id: Specifies an OSPFv3 process by its ID. The process ID is in the range of 1 to 65535. If you do not specify a process, this command displays sham link information for all OSPFv3 processes.
area area-id: Specifies an OSPFv3 area by its ID, which is an IP address, or an integer. The integer is in the range of 0 to 4294967295. If you do not specify an area, this command displays sham link information for all OSPFv3 areas.
verbose: Displays detailed sham link information. If you do not specify this keyword, the command displays brief sham link information.
Examples
# Display brief information about all OSPFv3 sham links.
<Sysname> display ospfv3 sham-link
OSPFv3 Process 1 with Router ID 125.0.0.1
Sham-link (Area: 0.0.0.1)
Neighbor ID State Instance ID Destination address
0.0.0.0 Down 1 1:1::58
95.0.0.1 P-2-P 1 1:1::95
# Display detailed information about all OSPFv3 sham links.
<Sysname> display ospfv3 sham-link verbose
OSPFv3 Process 1 with Router ID 125.0.0.1
Sham-link (Area: 0.0.0.1)
Source : 1:1::125
Destination : 1:1::58
Interface ID: 2147483649
Neighbor ID : 0.0.0.0, Neighbor state: Down
Cost: 1 State: Down Type: Sham Instance ID: 1
Timers: Hello 10, Dead 40, Retransmit 5, Transmit delay 1
Request list: 0 Retransmit list: 0
Source : 1:1::125
Destination : 1:1::95
Interface ID: 2147483650
Neighbor ID : 95.0.0.1, Neighbor state: Full
Cost: 1 State: P-2-P Type: Sham Instance ID: 1
Timers: Hello 10, Dead 40, Retransmit 5, Transmit delay 1
Request list: 0 Retransmit list: 0
IPsec profile name: profile001
Table 85 Command output
Field |
Description |
Neighbor state |
Neighbor state for the sham link, Down, Init, 2-Way, ExStart, Exchange, Loading, or Full. |
Request list |
Number of LSAs in the request list. |
Retransmit list |
Number of LSAs in the retransmit list. |
IPsec profile name |
Name of the IPsec profile used by the sham link. |
domain-id (OSPFv3 view)
Use domain-id to set an OSPFv3 domain ID.
Use undo domain-id to delete an OSPFv3 domain ID.
Syntax
domain-id { domain-id [ secondary ] | null }
undo domain-id [ domain-id | null ]
Default
The OSPFv3 domain ID is 0.
Views
OSPFv3 view
Predefined user roles
network-admin
Parameters
domain-id: Specifies an OSPFv3 domain ID, in one of the following formats:
· Integer, in the range of 0 to 4294967295. For example, 1.
· Dotted decimal notation. For example, 0.0.0.1.
· Dotted decimal notation:16-bit user-defined number in the range of 0 to 65535. For example, 0.0.0.1:512.
secondary: Specifies a secondary domain ID. If you do not specify this keyword, the command specifies a primary domain ID.
null: Carries no domain ID in the community attribute.
Usage guidelines
When you redistribute OSPFv3 routes into BGP, BGP adds the primary domain ID to the redistributed BGP VPNv6 routes as a BGP extended community attribute. Then, BGP advertises the routes to the peer PE.
When the peer PE receives the routes, it compares the OSPFv3 domain ID in the routes with the locally configured primary and secondary domain IDs. OSPFv3 advertises these routes in Inter-Area-Prefix LSAs (Type 3 LSAs) if both the following conditions exist:
· The primary or secondary domain ID is the same as the received domain ID.
· The received routes are intra-area or inter-area routes.
Otherwise, OSPFv3 advertises these routes in AS External LSAs (Type 5 LSAs) or NSSA External LSAs (Type 7 LSAs).
A null domain ID and a domain ID of 0 are considered the same in domain ID comparison.
You cannot configure a secondary domain ID when the primary domain ID is configured as 0.
If you do not specify any parameters, the undo domain-id command restores the default.
This command takes effect only for a VPN OSPFv3 process that is not configured with the vpn-instance-capability simple command.
Examples
# Set the primary domain ID for VPN OSPFv3 process 100 to 1.1.1.1.
<Sysname> system-view
[Sysname] ospfv3 100 vpn-instance vpn1
[Sysname-ospfv3-100] domain-id 1.1.1.1
Related commands
display ospfv3 (Layer 3—IP Routing Command Reference)
ext-community-type (OSPFv3 view)
Use ext-community-type to configure the type code of an OSPFv3 extended community attribute.
Use undo ext-community-type to restore the default.
Syntax
ext-community-type { domain-id type-code1 | route-type type-code2 | router-id type-code3 }
undo ext-community-type [ domain-id | route-type | router-id ]
Default
The type codes for domain ID, route type, and router ID are hex numbers 0005, 0306, and 0107, respectively.
Views
OSPFv3 view
Predefined user roles
network-admin
Parameters
domain-id type-code1: Specifies the type code for domain ID. Valid values are hex numbers 0005, 0105, 0205, and 8005.
route-type type-code2: Specifies the type code for route type. Valid values are hex numbers 0306 and 8000.
router-id type-code3: Specifies the type code for router ID. Valid values are hex numbers 0107 and 8001.
Examples
# Configure the type codes of domain ID, route type, and router ID as hex numbers 8005, 8000, and 8001, respectively, for VPN OSPFv3 process 100.
<Sysname> system-view
[Sysname] ospfv3 100 vpn-instance vpn1
[Sysname-ospfv3-100] ext-community-type domain-id 8005
[Sysname-ospfv3-100] ext-community-type route-type 8000
[Sysname-ospfv3-100] ext-community-type router-id 8001
Related commands
display ospfv3 (Layer 3—IP Routing Command Reference)
peer next-hop-invariable
Use peer next-hop-invariable to configure the device to not change the next hop of routes advertised to BGP peers.
Use undo peer next-hop-invariable to configure the device to use its address as the next hop of routes advertised to BGP peers.
Syntax
peer { group-name | ip-address [ mask-length ] } next-hop-invariable
undo peer { group-name | ip-address [ mask-length ] } next-hop-invariable
Default
The device uses its address as the next hop of routes advertised to BGP peers.
Views
BGP VPNv6 address family view
Predefined user roles
network-admin
Parameters
group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters.
ip-address: Specifies a peer by its IP address.
mask-length: Specifies a mask length in the range of 0 to 32. You can use the ip-address and mask-length arguments together to specify a network. If you specify a network in this command, the device does not change the next hop of routes advertised to the dynamic peers in the network.
Usage guidelines
On an RR in an inter-AS option C scenario, you must configure this command to not change the next hop of VPNv6 routes advertised to BGP peers and RR clients.
Examples
# In BGP VPNv6 address family view of BGP instance default, configure the device to not change the next hop of routes advertised to peer 1.1.1.1.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp-default] address-family vpnv6
[Sysname-bgp-default-af-vpnv6] peer 1.1.1.1 next-hop-invariable
policy vpn-target
Use policy vpn-target to enable route target filtering of received VPNv6 routes. Only VPNv6 routes whose export route target attribute matches local import route target attribute are added to the routing table.
Use undo policy vpn-target to disable route target filtering, permitting all incoming VPNv6 routes.
Syntax
policy vpn-target
undo policy vpn-target
Default
The route target filtering feature is enabled for received VPNv6 routes.
Views
BGP VPNv6 address family view
Predefined user roles
network-admin
Usage guidelines
In an inter-AS option B scenario, an ASBR must save all incoming VPNv4 routes and advertise those routes to the peer ASBR. For this purpose, you must execute the undo policy vpn-target command on the ASBR to disable route target filtering.
Examples
# Disable route target filtering of received VPNv6 routes in BGP instance default.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp-default] address-family vpnv6
[Sysname-bgp-default-af-vpnv6] undo policy vpn-target
route-tag (OSPFv3 view)
Use route-tag to configure an external route tag for redistributed VPN routes.
Use undo route-tag to restore the default.
Syntax
route-tag tag-value
undo route-tag
Default
If BGP runs within an MPLS backbone, and the BGP AS number is not greater than 65535, the first two octets of the external route tag are 0xD000, and the last two octets are the local BGP AS number. For example, if the local BGP AS number is 100, the external route tag value is 3489661028 (100 + the decimal value of 0xD0000000). If the AS number is greater than 65535, the external route tag is 0.
Views
OSPFv3 view
Predefined user roles
network-admin
Parameters
tag-value: Specifies the external route tag for redistributed VPN routes, in the range of 0 to 4294967295.
Usage guidelines
In a dual-homed scenario where OSPFv3 runs between the CE and the connected PEs (PE-A and PE-B, for example), you can use external route tags to avoid routing loops.
PE-A redistributes BGP VPNv6 routes from the peer PE into OSPFv3, and advertises these routes in the Type 5 or 7 LSAs to the CE. In these LSAs, PE-A adds the locally configured external route tag.
If the route-tag-check enable command is configured on the PE-B, it compares the external route tag in the receiving Type 5 or 7 LSAs with the locally configured tag. If they are the same, PE-B ignores the LSA in route calculation to avoid routing loops.
The commands used to configure the external route tag (in the descending order of tag priority) are as follows:
· import-route
· route-tag (for PEs) and default tag (for CEs and MCEs)
As a best practice, configure the same external route tag for PEs in the same area.
An external route tag is not transferred in any BGP extended community attribute. It takes effect only on PEs that receive BGP routes and generate OSPF Type 5 or 7 LSAs.
You can configure the same external route tag for different OSPF processes.
This command takes effect only for a VPN OSPFv3 process that is not configured with the vpn-instance-capability simple command.
Examples
# Set the external route tag for redistributed VPN routes to 100 for VPN OSPFv3 process 100.
<Sysname> system-view
[Sysname] ospfv3 100 vpn-instance vpn1
[Sysname-ospfv3-100] route-tag 100
Related commands
default tag (Layer 3—IP Routing Command Reference)
display ospfv3 (Layer 3—IP Routing Command Reference)
import-route (Layer 3—IP Routing Command Reference)
route-tag-check enable
route-tag-check enable
Use route-tag-check enable to enable external route check for OSPFv3 LSAs.
Use undo route-tag-check enable to disable external route check for OSPFv3 LSAs.
Syntax
route-tag-check enable
undo route-tag-check enable
Default
The external route check feature is disabled for OSPFv3 LSAs.
Views
OSPFv3 view
Predefined user roles
network-admin
Usage guidelines
In a dual-homed scenario where OSPFv3 runs between the CE and the connected PEs (PE-A and PE-B, for example), you can use external route tags to avoid routing loops.
PE-A redistributes BGP VPNv6 routes from the peer PE into OSPFv3, and advertises these routes in the Type 5 or 7 LSAs to the CE. In these LSAs, PE-A adds the locally configured external route tag.
If external route check for OSPFv3 LSAs is enabled on PE-B, it compares the external route tag in the receiving Type 5 or 7 LSAs with the locally configured tag. If they are the same, PE-B ignores the LSA in route calculation to avoid routing loops.
Use the external route tag check feature only when the device does not support the DN bit. Otherwise, use the DN bit to avoid routing loops.
This command takes effect only for a VPN OSPFv3 process that is not configured with the vpn-instance-capability simple command.
Examples
# Enable external route check in OSPFv3 LSAs for VPN OSPFv3 process 100.
<Sysname> system-view
[Sysname] ospfv3 100 vpn-instance vpn1
[Sysname-ospfv3-100] route-tag-check enable
Related commands
display ospfv3 (Layer 3—IP Routing Command Reference)
route-tag
rr-filter (BGP VPNv6 address family view)
Use rr-filter to create an RR reflection policy. Only IBGP routes whose extended community attribute matches the specified extended community list are reflected.
Use undo rr-filter to restore the default.
Syntax
rr-filter ext-comm-list-number
undo rr-filter
Default
An RR does not filter reflected routes.
Views
BGP VPNv6 address family view
BGP-VPN VPNv4 address family view
Predefined user roles
network-admin
Parameters
ext-comm-list-number: Specifies an extended community list number in the range of 1 to 65535.
Usage guidelines
By configuring different RR reflection policies on RRs in a cluster, you can implement load balancing among the RRs.
Examples
# Configure the RR to reflect only VPNv6 routes that are permitted by extended community list 10 in BGP instance default.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp-default] address-family vpnv6
[Sysname-bgp-default-vpnv6] rr-filter 10
sham-link (OSPFv3 area view)
Use sham-link to create an OSPFv3 sham link.
Use undo sham-link to remove an OSPFv3 sham link or restore the defaults of specified parameters for an OSPFv3 sham link.
Syntax
sham-link source-ipv6-address destination-ipv6-address [ cost cost-value | dead dead-interval | hello hello-interval | instance instance-id | ipsec-profile profile-name | retransmit retrans-interval | trans-delay delay ] *
undo sham-link source-ipv6-address destination-ipv6-address [ cost | dead | hello | ipsec-profile | retransmit | trans-delay ] *
Default
No OSPFv3 sham links exist.
Views
OSPFv3 area view
Predefined user roles
network-admin
Parameters
source-ipv6-address: Specifies the source IPv6 address of the sham link.
destination-ipv6-address: Specifies the destination IPv6 address of the sham link.
cost cost-value: Specifies the cost of the sham link, in the range of 1 to 65535. The default cost is 1.
dead dead-interval: Specifies the dead interval in the range of 1 to 32768 seconds. The default is 40 seconds. The dead interval configured on each end of the sham link must be identical, and it must be at least four times the hello interval.
hello hello-interval: Specifies the interval for sending hello packets, in the range of 1 to 8192 seconds. The default is 10 seconds. The hello interval configured on each end of the sham link must be identical.
instance instance-id: Specifies the instance ID of the sham link, in the range of 0 to 255. The default value is 0.
ipsec-profile profile-name: Specifies the IPsec profile for the sham link. The profile-name argument specifies the profile by its name, a case-insensitive string of 1 to 63 characters.
retransmit retrans-interval: Specifies the interval for retransmitting LSAs, in the range of 1 to 3600 seconds. The default is 5 seconds.
trans-delay delay: Specifies the delay interval before the interface sends an LSA, in the range of 1 to 3600 seconds. The default is 1 second.
Usage guidelines
When a backdoor link exists between the two sites of a VPN, traffic is forwarded through the backdoor link. To forward VPN traffic over the backbone, you can create a sham link between PEs. A sham link is considered an OSPFv3 intra-area route.
Examples
# Create a sham link with the source address 1::1 and destination address 2::2.
<Sysname> system-view
[Sysname] ospfv3 100 vpn-instance vpn1
[Sysname-ospfv3-100] area 0
[Sysname-ospfv3-100-area-0.0.0.0] sham-link 1::1 2::2
Related commands
display ospfv3 sham-link
MPLS L2VPN commands
The following matrix shows the feature and hardware compatibility:
Hardware |
MPLS L2VPN compatibility |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
MSR2600-6-X1/2600-10-X1 |
Yes |
MSR 2630 |
Yes |
MSR3600-28/3600-51 |
Yes |
MSR3600-28-SI/3600-51-SI |
No |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
MSR5620/5660/5680 |
Yes |
Hardware |
MPLS L2VPN compatibility |
MSR810-LM-GL |
No |
MSR810-W-LM-GL |
No |
MSR830-6EI-GL |
No |
MSR830-10EI-GL |
No |
MSR830-6HI-GL |
No |
MSR830-10HI-GL |
No |
MSR2600-6-X1-GL |
Yes |
MSR3600-28-SI-GL |
No |
Commands and descriptions for centralized devices apply to the following routers:
· MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/ 810-LMS/810-LUS.
· MSR2600-6-X1/2600-10-X1.
· MSR 2630.
· MSR3600-28/3600-51.
· MSR3600-28-SI/3600-51-SI.
· MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC.
· MSR 3610/3620/3620-DP/3640/3660.
Commands and descriptions for distributed devices apply to the following routers:
· MSR5620.
· MSR 5660.
· MSR 5680.
ac interface
Use ac interface to bind a Layer 3 interface to a cross-connect.
Use undo ac interface to remove the binding.
Syntax
ac interface interface-type interface-number [ track track-entry-number&<1-3> ]
undo ac interface interface-type interface-number
Default
No Layer 3 interface is bound to a cross-connect.
Views
Cross-connect view
Auto-discovery cross-connect view
Predefined user roles
network-admin
Parameters
interface-type interface-number: Specifies an interface by its type and number.
track track-entry-number&<1-3>: Specifies a space-separated list of up to three track entry numbers in the range of 1 to 1024. The AC is up only if a minimum of one associated track entry is in positive state.
Usage guidelines
After you execute this command, packets received from the Layer 3 interface are forwarded to the bound PW or another AC.
Related commands
connection
display l2vpn interface
pw-type
address-family l2vpn
Use address-family l2vpn to create the BGP L2VPN address family and enter its view, or enter the view of the existing BGP L2VPN address family view.
Use undo address-family l2vpn to delete the BGP L2VPN address family and all settings from BGP L2VPN address family view.
Syntax
address-family l2vpn
undo address-family l2vpn
Default
No BGP L2VPN address family exists.
Views
BGP instance view
Predefined user roles
network-admin
Usage guidelines
To establish a BGP PW to a remote PE, you must execute the peer enable command in BGP L2VPN address family view to enable the remote PE.
Examples
# In BGP instance default, create the BGP L2VPN address family and enter BGP L2VPN address family view.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp-default] address-family l2vpn
[Sysname-bgp-default-l2vpn]
# In BGP instance abc, create the BGP L2VPN address family and enter BGP L2VPN address family view.
<Sysname> system-view
[Sysname] bgp 100 instance abc
[Sysname-bgp-abc] address-family l2vpn
[Sysname-bgp-abc-l2vpn]
peer enable (Layer 3—IP Routing Command Reference)
auto-discovery
Use auto-discovery to enable a cross-connect group to automatically discover neighbors and create PWs through BGP, and enter auto-discovery cross-connect group view.
Use undo auto-discovery to restore the default.
Syntax
auto-discovery bgp
undo auto-discovery
Default
A cross-connect group does not use BGP to automatically discover neighbors and create PWs.
Views
Cross-connect group view
Predefined user roles
network-admin
Parameters
bgp: Enables the cross-connect group to automatically discover neighbors and create PWs through BGP.
Usage guidelines
In auto-discovery cross-connect group view, you can configure parameters such as the local site, remote site, and route target for BGP. The local PE can use BGP to discover remote PEs and create PWs.
Examples
# Enable cross-connect group bbb to automatically discover neighbors and create PWs through BGP, and enter auto-discovery cross-connect group view.
<Sysname> system-view
[Sysname] xconnect-group bbb
[Sysname-xcg-bbb] auto-discovery bgp
[Sysname-xcg-bbb-auto]
Related commands
display l2vpn pw
display l2vpn xconnect-group
backup-peer
Use backup-peer to configure a backup PW for a cross-connect and enter cross-connect backup PW view, or enter the view of an existing cross-connect backup PW.
Use undo backup-peer to restore the default.
Syntax
backup-peer ip-address pw-id pw-id [ in-label label-value out-label label-value ] [ pw-class class-name | tunnel-policy tunnel-policy-name ] *
undo backup-peer ip-address pw-id pw-id
Default
No backup PW exists for a cross-connect.
Views
Cross-connect PW view
Predefined user roles
network-admin
Parameters
ip-address: Specifies the LSR ID of the peer PE on the backup PW.
pw-id pw-id: Specifies a PW ID for the backup PW, in the range of 1 to 4294967295.
in-label label-value: Specifies the incoming label for the backup PW, in the range of 0 to 1023.
out-label label-value: Specifies the outgoing label for the backup PW, in the range of 16 to 1048575.
pw-class class-name: Specifies a PW class by its name, a case-sensitive string of 1 to 19 characters. You can specify a PW class to configure the PW type and control word for the backup PW. If you do not specify a PW class, the PW type is determined by the link type of the AC interface. The control word feature is not supported for PW types that do not require using control word.
tunnel-policy tunnel-policy-name: Specifies a tunnel policy by its name, a case-sensitive string of 1 to 19 characters. If you do not specify a tunnel policy, the default tunnel policy is used.
Usage guidelines
This command configures a backup PW to implement PW redundancy. The backup PW is used when the primary PW fails.
To configure a backup static PW, you must specify the in-label and out-label. To configure a backup LDP PW, you do not need to specify the in-label and out-label.
The peer LSR ID and PW ID for a backup PW must be different from those for an existing VPLS PW or PW bound to a cross-connect.
PW redundancy is mutually exclusive from the multi-segment PW feature. If you have configured two PWs by using the peer command in cross-connect view, you cannot configure a backup PW by using the backup-peer command in cross-connect PW view, and vice versa.
A static PW must have a different incoming label than an existing static LSP or static CRLSP. If they are the same, the static PW is not available, even if you change the incoming label of the static LSP or the static CRLSP. To make the static PW available, delete the static PW, and reconfigure it with an unused incoming label.
Examples
# Configure a primary PW and a backup PW for cross-connect pw2pw in cross-connect group vpn2. The primary PW is destined to 6.6.6.6 and has a PW ID of 100. The backup PW is destined to 7.7.7.7 and has a PW ID of 200.
<Sysname> system-view
[Sysname] xconnect-group vpn2
[Sysname-xcg-vpn2] connection pw2pw
[Sysname-xcg-vpn2-pw2pw] peer 6.6.6.6 pw-id 100 in-label 16 out-label 17
[Sysname-xcg-vpn2-pw2pw-6.6.6.6-100] backup-peer 7.7.7.7 pw-id 200 in-label 18 out-label 19
[Sysname-xcg-vpn2-pw2pw-6.6.6.6-100-backup]
Related commands
display l2vpn ldp
display l2vpn pw
bandwidth
Use bandwidth to set the expected bandwidth for a PW.
Use undo bandwidth to restore the default.
Syntax
bandwidth bandwidth-value
undo bandwidth
Default
The expected bandwidth is 10000000 kbps.
Views
Cross-connect PW view
Predefined user roles
network-admin
Parameters
bandwidth-value: Specifies the expected bandwidth in the range of 1 to 10000000 kbps.
Examples
# Set the expected bandwidth to 10000 kbps for a PW.
<Sysname> system-view
[Sysname] xconnect-group vpn1
[Sysname-xcg-vpn1] connection pw2pw
[Sysname-xcg-vpn1-pw2pw] peer 1.1.1.1 pw-id 1
[Sysname-xcg-vpn1-pw2pw-1.1.1.1-1] bandwidth 10000
ccc
Use ccc to create a remote Circuit Cross Connect (CCC) connection.
Use undo ccc to restore the default.
Syntax
ccc in-label in-label-value out-label out-label-value { nexthop nexthop | out-interface interface-type interface-number } [ pw-class class-name ]
undo ccc
Default
No remote CCC connections exist.
Views
Cross-connect view
Predefined user roles
network-admin
Parameters
in-label in-label-value: Specifies an incoming label in the range of 16 to 1023.
out-label out-label-value: Specifies an outgoing label in the range of 16 to 1048575.
nexthop nexthop: Specifies the IP address of the next hop.
out-interface interface-type interface-number: Specifies the outgoing interface by its type and number.
pw-class class-name: Specifies a PW class by its name, a case-sensitive string of 1 to 19 characters. You can specify a PW class to configure the PW type and control word. If you do not specify a PW class, the PW type is determined by the interface type. The control word feature is not supported for PW types that do not require using control word.
Usage guidelines
A remote CCC connection is a static L2VPN connection that is manually created by specifying the incoming and outgoing labels on two PEs. A remote CCC connection does not need a public tunnel, but it requires configuring two static LSPs in opposite directions on each P device between the two PEs. CCC employs only one level of label to transfer packets. The static LSPs on the P devices transfer data only for the CCC connection.
This command must be configured on both the local and remote PEs to create a remote CCC connection. The outgoing label specified on a device must be the same as the incoming label specified on the next hop device.
After you create a remote CCC connection, you must execute the ac interface command to bind an interface. The PE can forward packets received from the interface to the remote CCC connection.
Use the out-interface keyword to specify the outgoing interface only on a point-to-point link. On other interfaces, for example, Layer 3 Ethernet interfaces, you must use the nexthop keyword to specify the next hop IP address.
For the PEs to forward packets over a CCC connection, make sure the two PEs have the same CCC connection settings such as the encapsulation type and control word feature.
Examples
# Create a remote CCC connection that has incoming label 100, outgoing label 200, and next hop 10.1.1.1, and uses PW class pwc1.
<Sysname> system-view
[Sysname] xconnect-group bbb
[Sysname-xcg-bbb] connection ccc1
[Sysname-xcg-bbb-ccc1] ccc in-label 100 out-label 200 nexthop 10.1.1.1 pw-class pwc1
# Create a remote CCC connection that has incoming label 100, outgoing label 200, outgoing interface Serial2/1/0, and uses PW class pwc1.
<Sysname> system-view
[Sysname] xconnect-group bbb
[Sysname-xcg-bbb] connection ccc1
[Sysname-xcg-bbb-ccc1] ccc in-label 100 out-label 200 out-interface serial 2/1/0 pw-class pwc1
Related commands
ac interface
display l2vpn pw
connection
Use connection to create a cross-connect and enter its view, or enter the view of an existing cross-connect.
Use undo connection to remove a cross-connect.
Syntax
connection connection-name
undo connection connection-name
Default
No cross-connects exist.
Views
Cross-connect group view
Predefined user roles
network-admin
Parameters
connection-name: Specifies the name of the cross-connect, a case-sensitive string of 1 to 20 characters, excluding hyphens.
Usage guidelines
A cross-connect is a point-to-point connection.
You can perform the following operations in cross-connect view:
· Execute ac interface and peer to connect an AC to a PW, so the PE can forward packets between the AC and the PW.
· Execute ac interface twice to connect two ACs, so the PE can forward packets between the two ACs.
· Execute peer twice to connect two PWs to form a multi-segment PW.
· Execute ac interface and ccc to connect an AC to a remote CCC connection, so the PE can forward packets between the AC and the remote CCC connection.
Examples
# Create cross-connect ac2pw for cross-connect group vpn1 and enter cross-connect view.
<Sysname> system-view
[Sysname] xconnect-group vpn1
[Sysname-xcg-vpn1] connection ac2pw
[Sysname-xcg-vpn1-ac2pw]
connection remote-site-id
Use connection remote-site-id to create an auto-discovery cross-connect and enter its view, or enter the view of an existing auto-discovery cross-connect.
Use undo connection remote-site-id to remove the auto-discovery cross-connect.
Syntax
connection remote-site-id remote-site-id
undo connection remote-site-id remote-site-id
Default
No auto-discovery cross-connects exist.
Views
Site view
Predefined user roles
network-admin
Parameters
remote-site-id: Specifies a remote site by its ID in the range of 0 to 256.
Usage guidelines
This command creates an auto-discovery cross-connect that uses BGP to establish a PW from the local site to the specified remote site.
In auto-discovery cross-connect view, you can execute ac interface to bind an AC to the auto-discovery cross-connect. The PE can forward packets between the AC and the PW.
Examples
# Create an auto-discovery cross-connect from site 1 to site 3 in site view, and enter auto-discovery cross-connect view.
<Sysname> system-view
[Sysname] xconnect-group bbb
[Sysname-xcg-bbb] auto-discovery bgp
[Sysname-xcg-bbb-auto] site 1 range 10
[Sysname-xcg-bbb-auto-1] connection remote-site-id 3
[Sysname-xcg-bbb-auto-1-3]
control-word enable
Use control-word enable to enable the control word feature.
Use undo control-word enable to disable the control word feature.
Syntax
control-word enable
undo control-word enable
Default
The control word feature is disabled.
Views
PW class view
Predefined user roles
network-admin
Usage guidelines
The control word field is between the MPLS label stack and the Layer 2 data. It carries control information for the Layer 2 frame, for example, the sequence number.
The control word feature has the following functions:
· Avoids fragment disorder. In multipath forwarding, fragments received might be disordered. You can configure the control word feature so the device reorders the fragments according to the sequence number carried in the control word field.
· Transfers specific Layer 2 frame flags, such as the FECN bit and BECN bit of Frame Relay.
· Identifies the original payload length for packets that include padding.
When the PW type is FR DLCI or ATM AAL5 SDU VCC, packets on the PW always carry the control word field, and the control word feature cannot be disabled.
When the PW type is Ethernet or VLAN, the control word field is optional. Packets transmitted on the PW carry the control word field only when control word is enabled on both PEs.
Examples
# Enable the control word feature for PW class pw100.
<Sysname> system-view
[Sysname] pw-class pw100
[Sysname-pw-pw100] control-word enable
Related commands
display l2vpn pw-class
default-nexthop
Use default-nexthop to specify the default next hop.
Use undo default-nexthop to restore the default.
Syntax
default-nexthop { ip ip-address | mac { mac-address | broadcast } }
undo default-nexthop
Default
No default next hop is specified.
Views
Interface view
Predefined user roles
network-admin
Parameters
ip ip-address: Specifies the IP address of the default next hop.
mac: Specifies the MAC address of the default next hop.
mac-address: Specifies the MAC address of the default next hop.
broadcast: Uses the broadcast MAC address as the MAC address of the default next hop.
Usage guidelines
If a CE is connected to a PE through an Ethernet link in an MPLS L2VPN interworking scenario, configure the default next hop on the PE. This allows the PE to encapsulate a link layer header for the packets to be sent to the CE.
If you specify the CE's MAC address or a broadcast MAC address as the default next hop, the PE uses this MAC address as the destination address of the outgoing packets. If you specify the CE's IP address as the default next hop, the PE performs the following operations:
1. Resolves the IP address to a MAC address through ARP.
2. Uses the resolved MAC address as the destination MAC address of the outgoing packets.
Examples
# Specify the default next hop IP address as 1.1.1.1 on GigabitEthernet 2/0/1 (PE's interface connected to the CE).
<Sysname> system-view
[Sysname] interface gigabitethernet 2/0/1
[Sysname-GigabitEthernet2/0/1] default-nexthop ip 1.1.1.1
description (cross-connect group view)
Use description to configure a description for a cross-connect group.
Use undo description to restore the default.
Syntax
description text
undo description
Default
No description is configured for a cross-connect group.
Views
Cross-connect group view
Predefined user roles
network-admin
Parameters
text: Specifies a description, a case-sensitive string of 1 to 80 characters.
Examples
# Configure a description of vpws for vpn2 for cross-connect group vpn2.
<Sysname> system-view
[Sysname] xconnect-group vpn2
[Sysname-xcg-vpn2] description vpws for vpn2
Related commands
display l2vpn xconnect-group
display bgp l2vpn signaling
Use display bgp l2vpn signaling to display MPLS L2VPN label block information discovered by BGP.
Syntax
display bgp [ instance instance-name ] l2vpn signaling [ peer ip-address { advertised | received } [ statistics ] | route-distinguisher route-distinguisher [ site-id site-id [ label-offset label-offset [ advertise-info ] ] ] | statistics ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
instance instance-name: Displays MPLS L2VPN label block information in a BGP instance. The instance-name argument specifies the BGP instance name, a case-sensitive string of 1 to 31 characters. If you do not specify a BGP instance, this command displays MPLS L2VPN label block information in the default BGP instance.
peer ip-address: Displays MPLS L2VPN label block information advertised to or received from a BGP peer. The ip-address argument specifies the peer IP address.
advertised: Displays MPLS L2VPN label block information advertised to the BGP peer.
received: Displays MPLS L2VPN label block information received from the BGP peer.
statistics: Displays BGP MPLS L2VPN label block statistics.
route-distinguisher route-distinguisher: Displays BGP MPLS L2VPN label block information for the route distinguisher (RD), which is a string of 3 to 21 characters. You can specify an RD in one of the following formats:
· 16-bit AS number:32-bit user-defined number. For example, 101:3.
· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.
· 32-bit AS number:16-bit user-defined number, where the AS number must be equal to or greater than 65536. For example, 65536:1.
site-id site-id: Displays BGP MPLS L2VPN label block information for a site. The site-id argument specifies the site ID in the range of 0 to 65535.
label-offset label-offset: Displays information about the BGP MPLS L2VPN label block with an offset. The label-offset argument specifies the offset in the range of 0 to 65535.
advertise-info: Displays BGP MPLS L2VPN label block advertisement information.
Usage guidelines
If you do not specify any parameters, this command displays brief information about all BGP MPLS L2VPN label blocks.
Examples
# Display brief information about all BGP MPLS L2VPN label blocks in the default BGP instance.
<Sysname> display bgp l2vpn signaling
BGP local router ID is 192.168.1.135
Status codes: * - valid, > - best, d - dampened, h - history,
s - suppressed, S - stale, i - internal, e - external
Origin: i - IGP, e - EGP, ? - incomplete
Total number of label blocks: 2
Route distinguisher: 2:2
Total number of label blocks: 2
Site ID LB offset LB range LB base Nexthop
* > 1 0 10 1034 0.0.0.0
* >i 2 0 10 1162 192.3.3.3
Table 86 Command output
Field |
Description |
Status codes |
Status codes: · * – valid—Valid route. · > – best—Best route. · d – damped—Dampened route. · h – history—History route. · s – suppressed—Suppressed route. · S – Stale—Stale route. · i – internal—Internal route. · e – external—External route. |
Origin |
Origin of the label block: · i – IGP—Originated in the AS. · e – EGP—Learned through EGP. · ? – incomplete—Unknown origin. |
LB offset |
Offset of the label block. |
LB range |
Size of the label block. |
LB base |
Initial value of the label block. |
<Sysname> display bgp l2vpn signaling route-distinguisher 2:2 site-id 2 label-offset 0
BGP local router ID: 192.168.1.135
Local AS number: 100
Route distinguisher: 2:2
Total number of label blocks: 1
Paths: 1 available, 1 best
From : 192.3.3.3 (192.168.1.140)
Original nexthop: 192.3.3.3
Ext-Community : <RT: 2:2>, <L2VPN info: MTU 1500, Encap type VLAN>
AS-path : (null)
Origin : igp
Attribute value : localpref 100, pref-val 0
Site ID : 2
LB offset : 0
LB base : 1162
LB range : 10
State : valid, internal, best
CSV : 0x01000ABFFF
Table 87 Command output
Field |
Description |
Paths |
Number of label block messages: · available—Number of available label block messages. · best—Number of best label block messages. |
From |
IP address of the peer from which the label block was received. |
Original nexthop |
Original next hop. If the label block was obtained from a BGP route update, this field displays the next hop address in that BGP route update. |
Ext-Community |
Extended community attribute: · RT—Route target. · L2VPN info—L2VPN information, including the MTU and encapsulation type. |
AS-path |
AS path attribute, which records all ASs that the label block passed to prevent routing loops. |
Origin |
Origin of the label block: · igp—Originated in the AS. · egp—Learned through EGP. · incomplete—Unknown origin. |
Attribute value |
Attribute of the label block: · MED—Multi-Exit Discriminator attribute. · localpref—Local preference value. · pref-val—Preferred value. · pre—Preference value. |
LB offset |
Offset of the label block. |
LB base |
Initial value of the label block. |
LB range |
Size of the label block. |
State |
State of the label block: · valid. · internal. · external. · local. · best. |
CSV |
Circuit status vector. |
# Display BGP advertisement information for the specified MPLS L2VPN label block in the default BGP instance.
<Sysname> display bgp l2vpn signaling route-distinguisher 2:2 site-id 1 label-offset 0 advertise-info
BGP local router ID: 192.168.1.135
Local AS number: 100
Route distinguisher: 2:2
Total number of label blocks: 1
Paths: 1 best
Site ID : 1
LB offset : 0
LB base : 1034
LB range : 10
CSV : 0x01000ADFFF
Advertised to peers (1 in total):
192.3.3.3
Table 88 Command output
Field |
Description |
Paths |
Number of label block messages: · available—Number of available label block messages. · best—Number of best label block messages. |
LB offset |
Offset of the label block. |
LB base |
Initial value of the label block. |
LB range |
Size of the label block. |
CSV |
Circuit status vector. |
Advertised to peers (1 in total) |
Peers to which the label block has been advertised. |
display l2vpn bgp
Use display l2vpn bgp to display MPLS L2VPN label block information.
Syntax
display l2vpn bgp [ local | peer ip-address ] [ xconnect-group group-name ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
local: Displays local MPLS L2VPN label block information.
peer ip-address: Displays MPLS L2VPN label block information received from the remote peer.
xconnect-group group-name: Displays MPLS L2VPN label block information for a cross-connect group. The group-name argument specifies the cross-connect group name, a case-sensitive string of 1 to 31 characters. If you do not specify a cross-connect group, this command displays MPLS L2VPN label block information for all cross-connect groups.
verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information.
Usage guidelines
If you specify a peer, this command displays both the label block received from the peer and the local label block that matches the received label block.
If you do not specify a peer or local, this command displays label blocks received from all peers and local label blocks that match the received ones. If no local label block matches the received ones, the command only displays the label blocks received from all peers.
A local label block matches a received label block if the following condition is met: local label block LO ≤ remote site ID ≤ local label block LO + local label block LR – 1.
Examples
# Display brief information about label blocks received from all peers.
<Sysname> display l2vpn bgp
Total number of BGP PWs: 1, 1 up, 0 down
Xconnect-group Name: vpnb, Site ID:1
Rmt Site Offset RD Nexthop In/Out Label State
2 0 2:2 192.3.3.3 1036/1163 Up
Table 89 Command output
Field |
Description |
Rmt Site |
ID of the remote site. |
Offset |
Offset of the label block. |
# Display detailed information about label blocks received from all peers.
<Sysname> display l2vpn bgp verbose
Xconnect-group Name: vpnb, Site ID:1
Remote Site ID : 2
Offset : 0
RD : 2:2
PW State : Up
Encapsulation : VLAN
MTU : 1500
Nexthop : 192.3.3.3
Local VC Label : 1036
Remote VC Label : 1163
Link ID : 1
Local Label Block : 1034/10/0
Remote Label Block : 1162/10/0
Export Route Target: 2:2
Table 90 Command output
Field |
Description |
Local VC Label |
Incoming label of the PW. |
Remote VC Label |
Outgoing label of the PW. |
Link ID |
Link ID of the PW. |
Local Label Block |
Local label block: label base/label range/Label-block offset. |
Remote Label Block |
Remote label block: label base/label range/Label-block offset. |
Export Route Target |
Route target of the remote label block. |
# Display brief information about all local label blocks.
<Sysname> display l2vpn bgp local
Xconnect-group Name: vpnb
Site Offset Range Label Base RD
1 0 10 1034 2:2
# Display detailed information about all local label blocks.
<Sysname> display l2vpn bgp local verbose
Xconnect-group Name: vpnb
Site ID : 1
Offset : 0
RD : 2:2
Range : 10
Label Base : 1034
Link ID : 1
Table 91 Command output
Field |
Description |
Offset |
Offset of the label block. |
RD |
RD of the label block. If no RD is configured, this field displays a hyphen (-). |
Range |
Range of the label block. |
Label Base |
Initial value of the label block. |
Link ID |
Link ID of the PW established using the label block. The link ID is fixed to 1 because an MPLS L2VPN cross-connect can establish only one BGP PW. |
Related commands
display l2vpn pw
display l2vpn forwarding
Use display l2vpn forwarding to display cross-connect forwarding information.
Syntax
Centralized devices in standalone mode:
display l2vpn forwarding { ac | pw } [ xconnect-group group-name ] [ verbose ]
Distributed devices in standalone mode/centralized devices in IRF mode:
display l2vpn forwarding { ac | pw } [ xconnect-group group-name ] [ slot slot-number ] [ verbose ]
Distributed devices in IRF mode:
display l2vpn forwarding { ac | pw } [ xconnect-group group-name ] [ chassis chassis-number slot slot-number ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
ac: Displays AC forwarding information.
pw: Displays PW forwarding information.
xconnect-group group-name: Displays forwarding information for a cross-connect group. The group-name argument specifies the cross-connect group name, a case-sensitive string of 1 to 31 characters. If you do not specify a group, this command displays forwarding information for all cross-connect groups.
slot slot-number: Specifies a card by its slot number. If you do not specify a card, this command displays cross-connect forwarding information on the active MPU. (Distributed devices in standalone mode.)
slot slot-number: Specifies an IRF member device by its member ID. If you do not specify a member device, this command displays cross-connect forwarding information for the master device. (Centralized devices in IRF mode.)
chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The chassis-number argument represents the member ID of the IRF member device. The slot-number argument represents the slot number of the card. If you do not specify a card, this command displays cross-connect forwarding information for the global active MPU. (Distributed devices in IRF mode.)
verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information.
Examples
# Display brief AC forwarding information for all cross-connect groups.
<Sysname> display l2vpn forwarding ac
Total number of cross-connections: 2
Total number of ACs: 2
AC Xconnect-group Name Link ID
GE2/0/2 vpn1 0
GE2/0/3 vpn2 0
Table 92 Command output
Field |
Description |
Total number of cross-connections |
Total number of cross-connects, including cross-connects not bound to any ACs. |
AC |
AC type. The value is a Layer 3 interface. |
# Display detailed AC forwarding information for all cross-connect groups.
<Sysname> display l2vpn forwarding ac verbose
Xconnect-group Name: vpws1
Connection Name: actopw
Interface: GE2/0/1
Link ID : 1
Access Mode : Ethernet
Connection Name: actoac
Interface: GE2/0/2
Link ID : 0
Access Mode : Ethernet
Interface: GE2/0/3
Link ID : 1
Access Mode : Ethernet
Reflectors :
IP Address MAC Address Src Port Dst Port State
100.1.1.4 8850-fc51-5cee 200 201 Succeeded
100.1.2.5 3aad-0b9f-0116 49184 7 Succeeded
Table 93 Command output
Field |
Description |
Xconnect-group Name |
Cross-connect group name. |
Connection Name |
Cross-connect name. |
Service Instance |
The field is available only when the AC is an Ethernet service instance on a Layer 2 interface. This field is not supported in the current software version. |
Access Mode |
AC access mode: · VLAN. · Ethernet. |
Encapsulation |
Match criterion of the Ethernet service instance. This field is displayed only when the AC type is Ethernet service instance on a Layer 2 interface. This field is not supported in the current software version. |
# Display brief PW forwarding information for all cross-connect groups.
<Sysname> display l2vpn forwarding pw
Total number of cross-connections: 1
Total number of PWs: 2, 2 up, 0 blocked, 0 down
Xconnect-group Name In/Out Label NID Link ID State
vpn1 1279/1151 1025 0 Up
vpn1 1278/1151 1027 1 Up
Table 94 Command output
Field |
Description |
Total number of cross-connections |
Total number of cross-connects, including those not bound to any PW. |
NID |
NHLFE ID for the public tunnel that carries the PW. If equal-cost tunnels are available, this field displays multiple NIDs. If no tunnel is available, this field displays None. |
State |
PW state: Up, Down, Blocked, or BFD Defect. Blocked indicates that the PW is a backup PW. BFD Defect indicates BFD has detected a defect on the PW. |
# Display detailed PW forwarding information for all cross-connect groups.
<Sysname> display l2vpn forwarding pw verbose
Xconnect-group Name: vpn1
Connection Name: ldp
Link ID: 0
PW Type : VLAN PW State : Up
In Label : 1279 Out Label: 1151
MTU : 1500
PW Attributes : Main
VCCV CC : Router-Alert
VCCV BFD : Fault Detection with BFD
Tunnel Group ID : 0x60000000
Tunnel NHLFE IDs: 1025
Link ID: 1
PW Type : VLAN PW State : Up
In Label : 1278 Out Label: 1151
MTU : 1500
PW Attributes : Main
VCCV CC : Router-Alert
VCCV BFD : Fault Detection with BFD
Tunnel Group ID : 0x160000001
Tunnel NHLFE IDs: 1027
Table 95 Command output
Field |
Description |
PW State |
PW state: Up, Down, Blocked, or BFD Defect. Blocked indicates that the PW is a backup PW. BFD Defect indicates BFD has detected a defect on the PW. |
PW Attributes |
PW attribute: · Main—The PW is the primary PW. · Backup—The PW is the backup PW. |
VCCV CC |
VCCV CC type: · Control-Word—Control word. · Router-Alert—MPLS Router Alert Label. This field displays a hyphen (-) if no VCCV CC type is specified. |
VCCV BFD |
VCCV BFD type: · Fault Detection with BFD. BFD packets use IP/UDP encapsulation (with IP/UDP headers). · Fault Detection with Raw-BFD. BFD packets use PW-ACH encapsulation (without IP/UDP headers). This field displays a hyphen (-) if BFD is not used to verify PW connectivity. |
Tunnel Group ID |
ID of the tunnel group for the PW. |
Tunnel NHLFE IDs |
NHLFE IDs of the public tunnels that carry the PW. If equal-cost tunnels are available, this field displays multiple tunnel NHLFE IDs. If no tunnel is available, this field displays None. |
display l2vpn interface
Use display l2vpn interface to display L2VPN information for Layer 3 interfaces bound to cross-connects.
Syntax
display l2vpn interface [ xconnect-group group-name | interface-type interface-number ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
xconnect-group group-name: Displays L2VPN information for Layer 3 interfaces bound to cross-connects in a cross-connect group. The group-name argument specifies the cross-connect group name, a case-sensitive string of 1 to 31 characters.
interface-type interface-number: Displays L2VPN information for the specified interface.
verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information.
Usage guidelines
If you do not specify any parameters, this command displays L2VPN information for all Layer 3 interfaces bound to cross-connects.
Examples
# Display brief L2VPN information for all Layer 3 interfaces bound to cross-connects.
<Sysname> display l2vpn interface
Total number of interfaces: 2, 2 up, 0 down
Interface Owner Link ID State Type
GE2/0/1 vpws1 1 Up VPWS
GE2/0/2 vpws2 1 Up VPWS
# Display detailed L2VPN information for all Layer 3 interfaces bound to cross-connects.
<Sysname> display l2vpn interface verbose
Interface : GE2/0/1
Owner : vpws1
Link ID : 1
State : UP
Type : VPWS
Interface : GE2/0/2
Owner : vpws2
Link ID : 1
State : UP
Type : VPWS
Table 96 Command output
Field |
Description |
Owner |
Cross-connect group name. |
Link ID |
Link ID of the AC. |
Type |
L2VPN type. The value can only be VPWS for an MPLS L2VPN network. |
display l2vpn ldp
Use display l2vpn ldp to display LDP PW label information.
Syntax
display l2vpn ldp [ peer ip-address [ pw-id pw-id ] | xconnect-group group-name ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
peer ip-address: Displays LDP PW label information advertised by a peer PE. The ip-address argument specifies the LSR ID of the peer PE. If you do not specify a peer PE, this command displays LDP PW label information advertised by all peer PEs.
pw-id pw-id: Displays LDP PW label information for a PW. The pw-id argument specifies the PW ID in the range of 1 to 4294967295. If you specify peer ip-address without this option, the command displays all LDP PW label information advertised by the peer PE.
xconnect-group group-name: Displays LDP PW label information for a cross-connect group. The group-name argument specifies the cross-connect group name, a case-sensitive string of 1 to 31 characters. If you do not specify a cross-connect group, this command displays LDP PW label information for all cross-connect groups.
verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information.
Examples
# Display brief information about all LDP PW labels.
<Sysname> display l2vpn ldp
Total number of LDP PWs: 5, 4 up, 1 down
Peer PW ID/VPLS ID In/Out Label State Owner
192.3.3.3 1001 775125/775126 Up vpws1
192.3.3.3 1001 775125/775126 Up vpws1
192.3.3.3 1003 775117/775122 Up vpws3
192.3.3.3 1004 775120/775120 Up vpws4
192.4.4.4 1000 775116/unknown Down vpws5
Table 97 Command output
Field |
Description |
PW ID/VPLS ID |
This field displays the PW ID for FEC 128, and displays the VPLS ID for FEC 129. Only VPLS supports FEC 129. |
Owner |
Cross-connect group of the PW. |
# Display detailed information about all LDP PW labels.
<Sysname> display l2vpn ldp verbose
Peer: 192.2.2.2 PW ID: 1000
Xconnect-group: vpn1
Connection : ldp
PW State : Up
PW Status Communication: Notification method
PW ID FEC (Local/Remote):
PW Type : VLAN/VLAN
Group ID : 0/0
Label : 1151/1279
Control Word: Disabled/Disabled
VCCV CC Type: -/-
VCCV CV Type: -/-
MTU : 1500/1500
PW Status : PW forwarding/PW forwarding
Table 98 Command output
Field |
Description |
Xconnect-group |
Cross-connect group of the PW. |
Connection |
Cross-connect of the PW. |
PW Status Communication |
PW state communicate: · Notification method—Uses notifications to communicate PW states. · Label withdraw method—Assigns a PW label to the PW when the AC is up and withdraws the PW label when the AC goes down. |
VCCV CC Type |
VCCV CC type: · Control-Word—Control word. · Router-Alert—MPLS Router Alert Label. This field displays a hyphen (-) if no VCCV CC type is specified. For information about VCCV, see MPLS Configuration Guide. |
VCCV CV Type |
VCCV CV type: · LSP Ping—Uses MPLS LSP ping to verify PW connectivity. · BFD—Uses BFD to verify PW connectivity. BFD packets use IP/UDP encapsulation (with IP/UDP headers). · Raw-BFD—Uses BFD to verify PW connectivity. BFD packets use PW-ACH encapsulation (without IP/UDP headers). This field displays a hyphen (-) if VCCV is not performed on the PW. |
display l2vpn pw
Use display l2vpn pw to display L2VPN PW information.
Syntax
display l2vpn pw [ xconnect-group group-name ] [ protocol { bgp | ldp | static } ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
xconnect-group group-name: Displays L2VPN PW information for a cross-connect group. The group-name argument specifies the cross-connect group name, a case-sensitive string of 1 to 31 characters. If you do not specify a group, this command displays L2VPN PW information for all cross-connect groups.
protocol: Displays L2VPN PW information established by a protocol. If you do not specify a protocol, this command displays L2VPN PW information established by all protocols.
bgp: Displays BGP PW information.
ldp: Displays LDP PW information.
static: Displays static PW information, including remote CCC connections.
verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information.
Examples
# Display brief information about all L2VPN PWs.
<Sysname> display l2vpn pw
Flags: M - main, B - backup, BY - bypass, H - hub link, S - spoke link, N - no split horizon
Total number of PWs: 2
2 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate
Xconnect-group Name: ldp
Peer PW ID/Rmt Site In/Out Label Proto Flag Link ID State
192.3.3.3 500 1299/1299 LDP M 0 Up
Xconnect-group Name: vpnb
Peer PW ID/Rmt Site In/Out Label Proto Flag Link ID State
192.3.3.3 2 1036/1163 BGP M 1 Up
Table 99 Command output
Field |
Description |
Flags |
PW flag. |
PW ID/Rmt Site |
This field displays the PW ID for a static or LDP PW, and displays the remote site ID for a BGP PW. |
Proto |
Protocol that established the PW: LDP, Static, or BGP. |
Link ID |
Link ID of the PW. |
State |
PW state: · Up—The PW is available. · Down—The PW is not available. · Blocked—The PW is a backup PW. · Defect—BFD has detected a defect on the PW. · Idle—The incoming label of the PW is not available. · Dup—The incoming label of the static PW is used by a static LSP or a static CRLSP. |
# Display detailed information about all PWs.
<Sysname> display l2vpn pw verbose
Xconnect-group Name: ldp
Connection Name: ldp
Peer: 192.3.3.3 PW ID: 500
Signaling Protocol : LDP
Link ID : 0 PW State : Up
In Label : 1299 Out Label: 1299
MTU : 1500
PW Attributes : Main
VCCV CC : -
VCCV BFD : -
Tunnel Group ID : 0x800000160000000
Tunnel NHLFE IDs : 1026
Xconnect-group Name: vpnb
Connection of auto-discovery: Site 1
Peer: 192.3.3.3 Remote Site: 2
Signaling Protocol : BGP
Link ID : 1 PW State : Up
In Label : 1036 Out Label: 1163
MTU : 1500
PW Attributes : Main
VCCV CC : -
VCCV BFD : -
Tunnel Group ID : 0x800000160000000
Tunnel NHLFE IDs : 1026
Table 100 Command output
Field |
Description |
|
Xconnect-group Name |
Cross-connect group name. |
|
Connection Name |
Cross-connect name, which is displayed for LDP and static PWs. |
|
Peer |
IP address of the peer PE of the PW. |
|
Signaling Protocol |
Protocol that established the PW: LDP, Static, or BGP. |
|
PW State |
PW state: · Up—The PW is available. · Down—The PW is not available. · Blocked—The PW is a backup PW. · Defect—BFD has detected a defect on the PW. · Idle—The incoming label of the PW is not available. · Duplicate—The incoming label of the static PW is used by a static LSP or a static CRLSP. |
|
Wait to Restore Time |
Wait time to switch traffic from the backup PW to the primary PW when the primary PW recovers, in seconds. If the switchover is disabled, this field displays Infinite. This field is available when both primary and backup PW exist, and is displayed only for the primary PW. |
|
Remaining Time |
Remaining wait time for traffic switchover, in seconds. |
|
PW Attributes |
PW attribute: · Main—Primary PW. · Backup—Backup PW. |
|
VCCV CC |
VCCV CC type: · Control-Word—Control word. · Router-Alert—MPLS Router Alert Label. This field displays a hyphen (-) if no VCCV CC type is specified. |
|
VCCV BFD |
VCCV BFD type: · Fault Detection with BFD. BFD packets use IP/UDP encapsulation (with IP/UDP headers). · Fault Detection with Raw-BFD. BFD packets use PW-ACH encapsulation (without IP/UDP headers). This field displays a hyphen (-) if BFD is not used to verify PW connectivity. |
|
Tunnel Group ID |
ID of the tunnel group for the PW. |
|
Tunnel NHLFE IDs |
NHLFE IDs of the public tunnels that carry the PW. If equal-cost tunnels are available, this field displays multiple tunnel NHLFE IDs. If no tunnel is available, this field displays None. |
|
Connection of auto-discovery |
The PW is a BGP PW. |
|
Site |
Local site ID. |
|
Remote site |
Remote site ID. |
|
display l2vpn pw-class
Use display l2vpn pw-class to display PW class information.
Syntax
display l2vpn pw-class [ class-name ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
class-name: Displays information about the PW class specified by its name, a case-sensitive string of 1 to 19 characters. If you do not specify a PW class, this command displays information about all PW classes.
verbose: Displays detailed information. If you do not specify this keyword, the command displays brief PW class information.
Examples
# Display information about all PW classes.
<Sysname> display l2vpn pw-class
Total number of PW classes: 2
PW Class Name PW Type Control Word VCCV CC VCCV BFD
pw1 Ethernet Enabled Control-Word Raw-BFD
pw2 VLAN Disabled Router-Alert BFD
Table 101 Command output
Field |
Description |
PW Type |
PW type: Ethernet, VLAN, TDM-CESoPSN-Basic, or TDM-SAToP-E1. |
VCCV CC |
VCCV CC type: · Control-Word—Control word. · Router-Alert—MPLS Router Alert Label. This field displays a hyphen (-) if no VCCV CC type is specified. |
VCCV BFD |
VCCV BFD type: · BFD—BFD packets use IP/UDP encapsulation (with IP/UDP headers). · Raw-BFD—BFD packets use PW-ACH encapsulation (without IP/UDP headers). This field displays a hyphen (-) if BFD is not used to verify PW connectivity. |
# Display detailed information about all PW classes.
<Sysname> display l2vpn pw-class verbose
PW Class Name : pw1
PW Type : Ethernet
Control Word: Enabled
VCCV CC : Control-Word
VCCV BFD : Raw-BFD
Sequencing : Both
PW Class Name : pw2
PW Type : VLAN
Control Word: Disabled
VCCV CC : Router-Alert
VCCV BFD : BFD
Sequencing : -
Table 102 Command output
Field |
Description |
PW Type |
PW type: Ethernet, VLAN, TDM-CESoPSN-Basic, or TDM-SAToP-E1. |
Control Word |
Whether control word is enabled. |
VCCV CC |
VCCV CC type: · Control-Word—Control word. · Router-Alert—MPLS Router Alert Label. This field displays a hyphen (-) if no VCCV CC type is specified. |
VCCV BFD |
VCCV BFD type: · BFD—BFD packets use IP/UDP encapsulation (with IP/UDP headers). · Raw-BFD—BFD packets use PW-ACH encapsulation (without IP/UDP headers). This field displays a hyphen (-) if BFD is not used to verify PW connectivity. |
Sequencing |
Sequencing on the PW. The value is Both, which means sequencing is enabled for both incoming and outgoing packets on a PW. A hyphen (-) in this field indicates that sequencing is disabled on the PW. |
Related commands
pw-class
display l2vpn xconnect-group
Use display l2vpn xconnect-group to display cross-connect group information.
Syntax
display l2vpn xconnect-group [ name group-name ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
name group-name: Displays information about a cross-connect group. The group-name argument specifies the cross-connect group name, a case-sensitive sting of 1 to 31 characters. If you do not specify a group, this command displays information about all cross-connect groups.
verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information.
Examples
# Display brief information about all cross-connect groups.
<Sysname> display l2vpn xconnect-group
Total number of cross-connections: 3, 0 up, 3 down, 0 admin down
Xconnect-group Name Connection ID MTU State
abc 0 1500 Down
vpn1 2 1500 Down
vpn2 1 1500 Down
Table 103 Command output
Field |
Description |
Connection ID |
Cross-connect ID. |
State |
Cross-connect group state: Up, Down, or Admin down. Admin down indicates that the cross-connect group has been shut down by using the shutdown command. |
# Display detailed information about all cross-connect groups.
<Sysname> display l2vpn xconnect-group verbose
Xconnect-group Name: vpnb
Connection of auto-discovery: Site 1, Remote Site 2
Connection ID : 0
State : Up
MTU : 1500
BGP PWs:
Peer Remote Site Link ID State
192.3.3.3 2 1 Up
ACs:
AC Link ID State
GE2/0/4 0 Up
Table 104 Command output
Field |
Description |
Xconnect-group Name |
Cross-connect group name. |
Description |
Description for the cross-connect group. If no description is configured, this field is not displayed. |
Connection Name |
Cross-connect name. |
Connection of auto-discovery |
Auto-discovery cross-connect. |
Site |
Local site ID. |
Remote site |
Remote site ID. |
Connection ID |
Cross-connect ID. |
State |
Cross-connect group state: Up, Down, or Admin down. Admin down indicates the cross-connect group has been shut down by using the shutdown command. |
Interworking IPv4 |
IPv4 interworking state: Enabled or Disabled. |
State |
PW state: Up, Down, Blocked, or Defect. |
AC |
AC type. The value is a Layer 3 interface. |
Related commands
xconnect-group
interworking
Use interworking to enable interworking for a cross-connect.
Use undo interworking to disable interworking for a cross-connect.
Syntax
interworking ipv4
undo interworking
Default
Interworking is disabled for a cross-connect.
Views
Cross-connect view
Predefined user roles
network-admin
Parameters
ipv4: Specifies IPv4 interworking.
Usage guidelines
Interworking enables a PW to connect ACs that have different link types. In an IPv4 interworking scenario, a PE extracts IPv4 packets from frames received from the AC and sends the packets to the peer PE through the PW. The peer PE uses the link protocol of the connected AC to encapsulate the IPv4 packets and sends the packets through the AC. This method hides the link types of ACs at the two ends.
IPv4 interworking discards non-IPv4 packets received from the AC.
When interworking is enabled, the PW type configuration does not take effect.
Examples
# Enable IPv4 interworking for cross-connect ac2pw in cross-connect group vpn1.
<Sysname> system-view
[Sysname] xconnect-group vpn1
[Sysname-xcg-vpn1] connection ac2pw
[Sysname-xcg-vpn1-ac2pw] interworking ipv4
l2vpn enable
Use l2vpn enable to enable L2VPN.
Use undo l2vpn enable to disable L2VPN.
Syntax
l2vpn enable
undo l2vpn enable
Default
L2VPN is disabled.
Views
System view
Predefined user roles
network-admin
Usage guidelines
You must enable L2VPN before configuring other L2VPN settings.
Examples
# Enable L2VPN.
<Sysname> system-view
[Sysname] l2vpn enable
l2vpn switchover
Use l2vpn switchover to switch traffic from the specified PW to its backup or primary PW.
Syntax
l2vpn switchover peer ip-address pw-id pw-id
Views
User view
Predefined user roles
network-admin
Parameters
peer ip-address: Specifies the LSR ID of the peer PE.
pw-id pw-id: Specifies a PW by its ID in the range of 1 to 4294967295.
Usage guidelines
The specified LSR ID and PW ID uniquely identify a PW.
If a PW has a backup PW or primary PW, this command switches traffic from the PW to the backup or primary PW. If the PW does not have a backup or primary PW, this command does not perform the switchover.
Examples
# Switch traffic from PW 100 destined for 3.3.3.3 to its backup PW.
<Sysname> l2vpn switchover peer 3.3.3.3 pw-id 100
mtu
Use mtu to set an MTU for PWs established on a cross-connect or auto-discovery cross-connect.
Use undo mtu to restore the default.
Syntax
mtu size
undo mtu
Default
A PW has an MTU of 1500 bytes.
Views
Cross-connect view
Auto-discovery cross-connect group view
Predefined user roles
network-admin
Parameters
size: Specifies an MTU value in the range of 300 to 65535 bytes.
Usage guidelines
The specified MTU applies to all PWs established in the cross-connect view or the auto-discovery cross-connect group view.
The MTU specifies the maximum packet length, including the control word, PW label, and network layer packet.
For an LDP PW to come up, the PEs at the two ends of the PW must have the same MTU.
Examples
# Set the MTU to 1400 bytes for cross-connect ac2pw in cross-connect group vpn1.
<Sysname> system-view
[Sysname] xconnect-group vpn1
[Sysname-xcg-vpn1] connection ac2pw
[Sysname-xcg-vpn1-ac2pw] mtu 1400
# Set the MTU to 1400 bytes for the auto-discovery cross-connect in cross-connect group bbb.
<Sysname> system-view
[Sysname] xconnect-group bbb
[Sysname-xcg-bbb] auto-discovery bgp
[Sysname-xcg-bbb-auto] mtu 1400
Related commands
display l2vpn xconnect-group
peer
Use peer to configure a PW for a cross-connect and enter cross-connect PW view, or enter the view of an existing cross-connect PW.
Use undo peer to delete a PW for a cross-connect.
Syntax
peer ip-address pw-id pw-id [ in-label label-value out-label label-value ] [ pw-class class-name | tunnel-policy tunnel-policy-name ] *
undo peer ip-address pw-id pw-id
Default
No PWs exist for a cross-connect.
Views
Cross-connect view
Predefined user roles
network-admin
Parameters
ip-address: Specifies the LSR ID of the peer PE.
pw-id pw-id: Specifies a PW ID for the PW, in the range of 1 to 4294967295.
in-label label-value: Specifies the incoming label of the PW, in the range of 16 to 1023.
out-label label-value: Specifies the outgoing label of the PW, in the range of 16 to 1048575.
pw-class class-name: Specifies a PW class by its name, a case-sensitive string of 1 to 19 characters. You can specify a PW class to configure the PW type and control word. If you do not specify a PW class, the PW type is determined by the interface type. The control word feature is not supported for PW types that do not require using control word.
tunnel-policy tunnel-policy-name: Specifies a tunnel policy by its name, a case-sensitive string of 1 to 19 characters. If you do not specify a tunnel policy, the default tunnel policy is used.
Usage guidelines
To create a static PW, you must specify the incoming and outgoing labels. To enter the view of an existing static PW, you do not need to specify the incoming and outgoing labels.
If you do not specify the incoming and outgoing labels when you create a new PW, LDP is used to create the PW.
The PW ID for a PW must be the same on the PEs at the ends of the PW.
On a PE, the LSR ID of the peer PE and the PW ID uniquely identify a PW. The peer LSR ID and PW ID combination of a PW must be unique among all VPLS PWs and cross-connect PWs.
PW redundancy is mutually exclusive with the multi-segment PW feature. If you have configured two PWs by using the peer command in cross-connect view, you cannot configure a backup PW by using the backup-peer command in cross-connect PW view, and vice versa.
A static PW must have a different incoming label than an existing static LSP or static CRLSP. If they are the same, the static PW is not available, even if you change the incoming label of the static LSP or the static CRLSP. To make the static PW available, delete the static PW, and reconfigure it with an unused incoming label.
Examples
# Configure an LDP PW destined to 4.4.4.4 for cross-connect pw2pw in cross-connect group vpn1 and enter cross-connect PW view. The PW ID is 200.
<Sysname> system-view
[Sysname] xconnect-group vpn1
[Sysname-xcg-vpn1] connection pw2pw
[Sysname-xcg-vpn1-pw2pw] peer 4.4.4.4 pw-id 200
[Sysname-xcg-vpn1-pw2pw-4.4.4.4-200]
# Configure a static PW destined to 5.5.5.5 for cross-connect pw2pw in cross-connect group vpn1 and enter cross-connect PW view. The static PW has an ID of 200, an incoming label of 100, and an outgoing label of 200.
<Sysname> system-view
[Sysname] xconnect-group vpn1
[Sysname-xcg-vpn1] connection pw2pw
[Sysname-xcg-vpn1-pw2pw] peer 5.5.5.5 pw-id 200 in-label 100 out-label 200
[Sysname-xcg-vpn1-pw2pw-5.5.5.5-200]
Related commands
display l2vpn ldp
display l2vpn pw
pw-class
peer signaling
Use peer signaling to enable BGP to exchange label block information with the specified peer or peer group.
Use undo peer signaling to disable BGP to exchange label block information with the specified peer or peer group.
Syntax
peer { group-name | ip-address [ mask-length ] } signaling [ non-standard ]
undo peer { group-name | ip-address [ mask-length ] } signaling
Default
BGP can exchange label block information with an L2VPN peer or peer group through RFC 4761 MP_REACH_NLRI.
Views
BGP L2VPN address family view
Predefined user roles
network-admin
Parameters
group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The specified peer group must have been created.
ip-address: Specifies a peer by its IP address. The specified peer must have been created.
mask-length: Specifies a mask length in the range of 0 to 32. You can use the ip-address and mask-length arguments together to specify a subnet. If you specify a subnet, this command enables BGP to exchange label block information with all dynamic peers in the subnet.
non-standard: Uses draft-kompella-ppvpn-l2vpn-03 MP_REACH_NLRI to exchange label block information. If you do not specify this keyword, RFC 4761 MP_REACH_NLRI is used to exchange label block information.
Usage guidelines
L2VPN uses MP-BGP to exchange label blocks when creating a BGP PW.
To enable BGP to exchange label blocks with the specified peers through RFC 4761 MP_REACH_NLRI, you can also use the peer enable command in BGP L2VPN address family view. To disable the capability, use the undo peer signaling command.
Examples
# Enable BGP to exchange label block information with the peer 3.3.3.9 through draft-kompella-ppvpn-l2vpn-03 MP_REACH_NLRI in BGP instance default.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp-default] address-family l2vpn
[Sysname-bgp-default-l2vpn] peer 3.3.3.9 signaling non-standard
# Enable BGP to exchange label block information with the peer 3.3.3.9 through draft-kompella-ppvpn-l2vpn-03 MP_REACH_NLRI in BGP instance abc.
<Sysname> system-view
[Sysname] bgp 100 instance abc
[Sysname-bgp-abc] address-family l2vpn
[Sysname-bgp-abc-l2vpn] peer 3.3.3.9 signaling non-standard
Related commands
display bgp l2vpn signaling
policy vpn-target
Use policy vpn-target to enable route target-based filtering of incoming BGP L2VPN information.
Use undo policy vpn-target to disable route target-based filtering of incoming BGP L2VPN information.
Syntax
policy vpn-target
undo policy vpn-target
Default
Route target-based filtering of incoming BGP L2VPN information is enabled.
Views
BGP L2VPN address family view
Predefined user roles
network-admin
Usage guidelines
If route target-based filtering is enabled, L2VPN accepts only the incoming BGP L2VPN information whose export route target attribute matches the local import route target attribute. If route target-based filtering is disabled, L2VPN accepts all incoming BGP L2VPN information.
To establish a BGP PW between two MP-IBGP peers that use a route reflector, you must disable route target-based filtering of incoming BGP L2VPN information on the route reflector.
Examples
# Disable route target-based filtering of incoming BGP L2VPN information in BGP instance default.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp-default] address-family l2vpn
[Sysname-bgp-default-l2vpn] undo policy vpn-target
# Disable route target-based filtering of incoming BGP L2VPN information in BGP instance abc.
<Sysname> system-view
[Sysname] bgp 100 instance abc
[Sysname-bgp-abc] address-family l2vpn
[Sysname-bgp-abc-l2vpn] undo policy vpn-target
ppp ipcp ignore local-ip
Use ppp ipcp ignore local-ip to configure PPP to support IPCP negotiation without an IP address.
Use undo ppp ipcp ignore local-ip to restore the default.
Syntax
ppp ipcp ignore local-ip
undo ppp ipcp ignore local-ip
Default
PPP does not support IPCP negotiation without an IP address, and the local interface must be configured with an IP address to perform IPCP negotiation with the peer.
Views
Interface view
Predefined user roles
network-admin
Usage guidelines
In an MPLS L2VPN interworking scenario, link layer negotiation packets cannot be delivered on the network, and Layer 2 connections cannot be established directly between CEs. Therefore, PEs must establish Layer 2 connections with the connected CEs. For example, on a PPP link, the PE and its connected CE perform PPP negotiation to establish a PPP connection.
If the PE's interface that is connected to the CE has an IP address, IPCP negotiation is performed.
If the interface does not have an IP address, use this command to ensure a successful IPCP negotiation without an IP address. The configuration for IPCP negotiation without an IP address takes precedence over the IPCP proxy IP address configuration.
Examples
# Configure PPP to support IPCP negotiation without an IP address on Serial 2/1/0.
<Sysname> system-view
[Sysname] interface serial 2/1/0
[Sysname-Serial2/1/0] link-protocol ppp
[Sysname-Serial2/1/0] ppp ipcp ignore local-ip
Related commands
ppp ipcp proxy
ppp ipcp proxy
Use ppp ipcp proxy to specify an IPCP proxy IP address.
Use undo ppp ipcp proxy to restore the default.
Syntax
ppp ipcp proxy ip-address
undo ppp ipcp proxy
Default
No IPCP proxy IP address is specified.
Views
Interface view
Predefined user roles
network-admin
Parameters
ip-address: Specifies an IPCP proxy IP address.
Usage guidelines
In an MPLS L2VPN interworking scenario, link layer negotiation packets cannot be delivered on the network, and Layer 2 connections cannot be established directly between CEs. Therefore, PEs must establish Layer 2 connections with the connected CEs. For example, on a PPP link, the PE and its connected CE perform PPP negotiation to establish a PPP connection.
If the PE's interface that is connected to the CE has an IP address, IPCP negotiation is performed.
If the interface does not have an IP address, use this command to specify the IPCP proxy IP address as the IP address of the peer CE. This ensures a successful IPCP negotiation. The configuration for IPCP negotiation without an IP address takes precedence over the IPCP proxy IP address configuration.
Examples
# Specify the IPCP proxy IP address as 1.1.1.1.
<Sysname> system-view
[Sysname] interface serial 2/1/0
[Sysname-Serial2/1/0] link-protocol ppp
[Sysname-Serial2/1/0] ppp ipcp proxy 1.1.1.1
Related commands
ppp ipcp ignore local-ip
protection dual-receive
Use protection dual-receive to enable the dual receive feature for PW redundancy. After the dual receive feature is enabled, both the primary and backup PWs can receive packets, but only the primary PW sends packets.
Use undo protection dual-receive to restore the default.
Syntax
protection dual-receive
undo protection dual-receive
Default
The dual receive feature is disabled. When the primary PW is normal, the backup PW does not send or receive packets.
Views
Cross-connect view
Predefined user roles
network-admin
Examples
# Enable the dual receive feature for cross-connect ac2pw in cross-connect group vpn1.
<Sysname> system-view
[Sysname] xconnect-group vpn1
[Sysname-xcg-vpn1] connection ac2pw
[Sysname-xcg-vpn1-ac2pw] protection dual-receive
pw-class (auto-discovery cross-connect group view)
Use pw-class to specify a PW class for an auto-discovery cross-connect group.
Use undo pw-class to restore the default.
Syntax
pw-class class-name
undo pw-class
Default
No PW class is specified.
Views
Auto-discovery cross-connect group view
Predefined user roles
network-admin
Parameters
class-name: Specifies a PW class by its name, a case-sensitive string of 1 to 19 characters.
Usage guidelines
The specified PW class will be used to establish all PWs in the auto-discovery cross-connect group.
Examples
# Specify a PW class named pw100 for auto-discovery cross-connect group bbb.
<Sysname> system-view
[Sysname] pw-class pw100
[Sysname-pw-pw100] quit
[Sysname] xconnect-group bbb
[Sysname-xcg-bbb] auto-discovery bgp
[Sysname-xcg-bbb-auto] pw-class pw100
Related commands
control-word enable
display l2vpn pw-class
pw-class
pw-type
pw-class (system view)
Use pw-class to create a PW class and enter its view, or enter the view of an existing PW class.
Use undo pw-class to delete a PW class.
Syntax
pw-class class-name
undo pw-class class-name
Default
No PW classes exist.
Views
System view
Predefined user roles
network-admin
Parameters
class-name: Specifies a name for the PW class, a case-sensitive string of 1 to 19 characters.
Usage guidelines
In PW class view, you can configure PW attributes such as the PW type and whether to enable control word. You can configure PWs to use the same PW class to simplify PW attribute configuration.
Examples
# Create a PW class named pw100 and enter PW view.
<Sysname> system-view
[Sysname] pw-class pw100
[Sysname-pw-pw100]
Related commands
control-word enable
display l2vpn pw-class
pw-type
pw-type
Use pw-type to specify a PW type for a PW class.
Use undo pw-type to restore the default.
Syntax
pw-type { ethernet | tdm-cesopsn-basic | tdm-satop-e1 | vlan }
undo pw-type
Default
The PW type is VLAN.
Views
PW class view
Predefined user roles
network-admin
Parameters
ethernet: Specifies the PW type as Ethernet.
tdm-cesopsn-basic: Specifies the PW type as TDM-CESoPSN-Basic.
tdm-satop-e1: Specifies the PW type as TDM-SAToP-E1.
vlan: Specifies the PW type as VLAN.
Usage guidelines
Packets are forwarded between the AC and PW as follows according to the PW type:
· Ethernet—P-tag is not transferred on a PW.
¡ For a packet from a CE:
- If the packet contains a P-tag, the PE removes the P-tag, and adds a PW label and an outer tag into the packet before forwarding it.
- If the packet contains no P-tag, the PE directly adds a PW label and an outer tag into the packet before forwarding it.
¡ For a packet to a CE:
- If the access mode is configured as VLAN by using the ac interface command, the PE adds a P-tag into the packet before sending it to the CE.
- If the access mode is configured as Ethernet by using the ac interface command, the PE directly sends the packet to the CE.
You cannot rewrite or remove existing tags.
· VLAN—Packets transmitted over a PW must carry a P-tag.
¡ For a packet from a CE:
- If the peer PE does not require the ingress to rewrite the P-tag, the PE keeps the P-tag unchanged for the packet, and then encapsulates the packet. If the packet contains no P-tag, the PE adds a null label (the label value is 0) into the packet, and then encapsulates the packet.
- If the peer PE requires the ingress to rewrite the P-tag, the PE changes the P-tag to the expected VLAN tag (the tag value might be 0), and then adds a PW label and an outer tag into the packet. If the packet contains no P-tag, the PE adds a VLAN tag expected by the peer PE (the tag value might be 0), and then adds a PW label and an outer tag into the packet.
¡ For a packet to a CE:
- If the access mode is configured as VLAN by using the ac interface command, the PE rewrites or retains the P-tag before forwarding the packet.
- If the access mode is configured as Ethernet by using the ac interface command, the PE removes the P-tag before forwarding the packet.
· TDM-CESoPSN-Basic—Provides structured TDM transport of E1 or T1 frames through a PW.
· TDM-SAToP-E1—Provides unstructured, transparent TDM transport of E1 frames through a PW over the MPLS backbone. All time slots on an E1 interface are forwarded through the same PW.
Examples
# Configure the PW type as Ethernet.
<Sysname> system-view
[Sysname] pw-class pw100
[Sysname-pw-pw100] pw-type ethernet
Related commands
ac-interface
display l2vpn pw-class
revertive
Use revertive to specify the switchover mode and set the switchover wait time.
Use undo revertive to restore the default.
Syntax
revertive { wtr wtr-time | never }
undo revertive { wtr | never }
Default
The switchover mode is revertive and the switchover wait time is 0 seconds. When the primary PW recovers, traffic is immediately switched from the backup PW to the primary PW.
Views
Cross-connect view
Predefined user roles
network-admin
Parameters
wtr wtr-time: Specifies the switchover mode as revertive and specifies the wait time in the range of 0 to 3600 seconds. When the primary PW recovers, the PE waits for the specified time before switching traffic from the backup PW to the primary PW.
never: Specifies the switchover mode as non-revertive. After the primary PW recovers, traffic is not switched from the backup PW to the primary PW.
Examples
# Specify the revertive mode and set the switchover wait time to 120 seconds for cross-connect ac2pw in cross-connect group vpn1.
<Sysname> system-view
[Sysname] xconnect-group vpn1
[Sysname-xcg-vpn1] connection ac2pw
[Sysname-xcg-vpn1-ac2pw] revertive wtr 120
Related commands
display l2vpn pw
route-distinguisher
Use route-distinguisher to configure a route distinguisher (RD) for a BGP cross-connect group.
Use undo route-distinguisher to restore the default.
Syntax
route-distinguisher route-distinguisher
undo route-distinguisher
Default
No RD is configured for a BGP cross-connect group.
Views
Auto-discovery cross-connect group view
Predefined user roles
network-admin
Parameters
route-distinguisher: Specifies an RD, a string of 3 to 21 characters. An RD can be in one of the following formats:
· 16-bit AS number:32-bit user-defined number. For example, 101:3.
· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.
· 32-bit AS number:16-bit user-defined number, where the AS number must be equal to or greater than 65536. For example, 65536:1.
Usage guidelines
MPLS L2VPN uses RDs to differentiate the sites with the same site ID but in different VPNs.
BGP adds the configured RD before the site ID. The RD and the site ID uniquely identify a VPN site.
You cannot configure the same RD for different BGP cross-connect groups.
To modify an RD, execute the undo route-distinguisher command to remove the RD, and then execute the route-distinguisher command.
Examples
# Configure RD 22:2 for BGP cross-connect group bbb.
<Sysname> system-view
[Sysname] xconnect-group bbb
[Sysname-xcg-bbb] auto-discovery bgp
[Sysname-xcg-bbb-auto] route-distinguisher 22:2
rr-filter
Use rr-filter to create a route reflector (RR) reflection policy. Only the L2VPN information that contains the specified extended community number is reflected.
Use undo rr-filter to restore the default.
Syntax
rr-filter extended-community-number
undo rr-filter
Default
An RR does not filter reflected L2VPN information.
Views
BGP L2VPN address family view
Predefined user roles
network-admin
Parameters
extended-community-number: Specifies an extended community number in the range of 1 to 199.
Usage guidelines
By configuring different RR reflection policies on RRs in a cluster, you can implement load balancing among the RRs.
Examples
# Configure the RR to reflect only the BGP L2VPN information that contains the extended community number 10 in BGP instance default.
<Sysname> system-view
[Sysname] bgp 100
[Sysname-bgp-default] address-family l2vpn
[Sysname-bgp-default-l2vpn] rr-filter 10
# Configure the RR to reflect only the BGP L2VPN information that contains the extended community number 10 in BGP instance abc.
<Sysname> system-view
[Sysname] bgp 100 instance abc
[Sysname-bgp-abc] address-family l2vpn
[Sysname-bgp-abc-l2vpn] rr-filter 10
sequencing
Use sequencing to enable sequencing for packets on a PW.
Use undo sequencing to restore the default.
Syntax
sequencing both
undo sequencing both
Default
Sequencing is disabled for packets on a PW.
Views
PW class view
Predefined user roles
network-admin
Parameters
both: Enables sequencing for both incoming and outgoing packets on a PW.
Usage guidelines
During packet switching, packet disorder might occur due to load balancing or heavy forwarding load. To ensure that packets are forwarded correctly, enable packet sequencing on the ingress and egress PEs. Then, the ingress PE adds a sequence number to each packet on the PW, and the egress PE resequences the packets according to the sequence numbers.
If packet sequencing is enabled on the remote PE, not on the local PE, the local PE does not sequence the received packets with sequence numbers.
Examples
# Enable sequencing for both incoming and outgoing packets on PWs that use PW class aaa.
<Sysname> system-view
[Sysname] pw-class aaa
[Sysname-pwc-aaa] sequencing both
shutdown (cross-connect group view)
Use shutdown to disable a cross-connect group.
Use undo shutdown to enable a cross-connect group.
Syntax
shutdown
undo shutdown
Default
A cross-connect group is enabled.
Views
Cross-connect group view
Predefined user roles
network-admin
Usage guidelines
After you disable a cross-connect group, all cross-connects in the group cannot provide L2VPN services.
Use the shutdown command when you want to temporarily disable L2VPN. When a cross-connect group is disabled, you can still configure the cross-connect group. After the configuration, use the undo shutdown command to enable the cross-connect group. The cross-connect group will provide L2VPN services using the new settings.
Examples
# Disable cross-connect group vpn2.
<Sysname> system-view
[Sysname] xconnect-group vpn2
[Sysname-xcg-vpn2] shutdown
Related commands
display l2vpn xconnect-group
site
Use site to create a local site and enter its view, or enter the view of an existing local site.
Use undo site to delete a local site.
Syntax
site site-id [ range range-value ] [ default-offset default-offset ]
undo site site-id
Default
No sites exist.
Views
Auto-discovery cross-connect group view
Predefined user roles
network-admin
Parameters
site-id: Specifies a local site ID in the range of 0 to 256.
range range-value: Specifies the maximum number of sites in a VPN, in the range of 2 to 257. The default value is 10.
default-offset default-offset: Specifies the start site ID, 0 or 1. The default value is 0.
Usage guidelines
The range range-value and default-offset default-offset options determine the label block of the site.
· If you execute the site command with the range-value of range1, a label block with LR of range1 and LO of default-offset is assigned to the site.
· If you execute another site command with range-value of range2 (range2 is larger than range1), a second label block with LR of range2 to range1 and LO being range1 + default-offset is assigned to the site.
For example, if you execute the following commands, three label blocks LB1/0/10, LB2/10/12, and LB3/22/14 are assigned to site 1. LB1, LB2, and LB3 are automatically selected.
site 1 range 10 default-offset 0
site 1 range 22
site 1 range 36
You can create multiple local sites for a cross-connect group.
You can use the site command to increase the range value for an existing site. You cannot decrease the range value for an existing site with the site command. To decrease the range value, execute the undo site command to delete the site and then execute the site command.
Select a large range value to reduce future modifications for VPN expansion.
You cannot modify the default-offset for a site with the site command. To modify it, execute the undo site command to delete the site and then execute the site command.
Examples
# Create site 1, configure the VPN to contain a maximum of 30 sites, set the start site ID to 0 for cross-connect group bbb, and enter site view.
<Sysname> system-view
[Sysname] xconnect-group bbb
[Sysname-xcg-bbb] auto-discovery bgp
[Sysname-xcg-bbb-auto] site 1 range 30 default-offset 0
[Sysname-xcg-bbb-auto-1]
Related commands
display l2vpn pw
display l2vpn xconnect-group
snmp-agent trap enable l2vpn
Use snmp-agent trap enable l2vpn to enable SNMP notifications for L2VPN PW.
Use undo snmp-agent trap enable l2vpn to disable SNMP notifications for L2VPN PW.
Syntax
snmp-agent trap enable l2vpn [ pw-delete | pw-switch | pw-up-down ] *
undo snmp-agent trap enable l2vpn [ pw-delete | pw-switch | pw-up-down ] *
Default
SNMP notifications for L2VPN PW are disabled.
Views
System view
Predefined user roles
network-admin
Parameters
pw-delete: Enables PW deletion notifications.
pw-switch: Enables PW primary/backup switchover notifications.
pw-up-down: Enables PW up/down notifications.
Usage guidelines
This feature enables L2VPN to generate SNMP notifications when PW deletions, PW status changes, or PW switchovers occur. For L2VPN event notifications to be sent correctly, you must also configure SNMP on the device. For more information about SNMP configuration, see the network management and monitoring configuration guide for the device.
If you do not specify a notification, this command enables all notifications for L2VPN PW.
Examples
# Enable PW up/down notifications.
<Sysname> system-view
[Sysname] snmp-agent trap enable l2vpn pw-up-down
Related commands
display snmp-agent trap-list (Network Management and Monitoring Command Reference)
tunnel-policy (auto-discovery cross-connect view)
Use tunnel-policy to specify a tunnel policy for an auto-discovery cross-connect.
Use undo tunnel-policy to restore the default.
Syntax
tunnel-policy tunnel-policy-name
undo tunnel-policy
Default
No tunnel policy is specified.
Views
Auto-discovery cross-connect view
Predefined user roles
network-admin
Parameters
tunnel-policy-name: Specifies a tunnel policy by its name, a case-sensitive string of 1 to 19 characters.
Usage guidelines
The PWs on the auto-discovery cross-connect use the specified tunnel policy to select public tunnels.
If you do not specify a tunnel policy or specify a nonexistent tunnel policy, the default tunnel policy applies. The default tunnel policy selects only one public tunnel for a PW in this order: LSP tunnel, GRE tunnel, CRLSP tunnel.
Examples
# Specify tunnel policy policy1 for the auto-discovery cross-connect in cross-connect group bbb.
<Sysname> system-view
[Sysname] tunnel-policy policy1
[Sysname-tunnel-policy-policy1] quit
[Sysname] xconnect-group bbb
[Sysname-xcg-bbb] auto-discovery bgp
[Sysname-xcg-bbb-auto] site 2 range 10 default-offset 0
[Sysname-xcg-bbb-auto-2] connection remote-site-id 3
[Sysname-xcg-bbb-auto-2-3] tunnel-policy policy1
Related commands
tunnel-policy (system view)
vpn-target
Use vpn-target to configure route targets for a cross-connect group.
Use undo vpn-target to remove the specified or all route targets for a cross-connect group.
Syntax
vpn-target vpn-target&<1-8> [ both | export-extcommunity | import-extcommunity ]
undo vpn-target { vpn-target&<1-8> | all } [ both | export-extcommunity | import-extcommunity ]
Default
No route targets are configured for a cross-connect group.
Views
Auto-discovery cross-connect group view
Predefined user roles
network-admin
Parameters
vpn-target&<1-8>: Specifies a space-separated list of route targets. You can specify a maximum of eight route targets each time you execute this command.
A route target is a string of 3 to 21 characters in one of the following formats:
· 16-bit AS number:32-bit user-defined number. For example, 101:3.
· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.
· 32-bit AS number:16-bit user-defined number, where the AS number must be equal to or greater than 65536. For example, 65536:1.
both: Uses the specified route targets as both import targets and export targets. The both keyword is used when you do not specify any of both, export-extcommunity, and import-extcommunity.
export-extcommunity: Uses the specified route targets as export targets.
import-extcommunity: Uses the specified route targets as import targets.
all: Removes all route targets.
Usage guidelines
A local PE sets the route targets as export targets in BGP update messages when it advertises L2VPN information through the update messages to a remote peer. The peer uses its import targets to match the received export targets. If a match is found, the peer accepts the L2VPN information.
Examples
# Configure import route targets as 10:1 100:1 1000:1 and export route targets as 20:1 200:1 2000:1 for BGP cross-connect group bbb.
<Sysname> system-view
[Sysname] xconnect-group bbb
[Sysname-xcg-bbb] auto-discovery bgp
[Sysname-xcg-bbb-auto] vpn-target 10:1 100:1 1000:1 import-extcommunity
[Sysname-xcg-bbb-auto] vpn-target 20:1 200:1 2000:1 export-extcommunity
xconnect-group
Use xconnect-group to create a cross-connect group and enter its view, or enter the view of an existing cross-connect group.
Use undo xconnect-group to delete a cross-connect group.
Syntax
xconnect-group group-name
undo xconnect-group group-name
Default
No cross-connect groups exist.
Views
System view
Predefined user roles
network-admin
Parameters
group-name: Specifies a name for the cross-connect group, a case-sensitive string of 1 to 31 characters excluding hyphens.
Usage guidelines
L2VPN can create multiple LDP, BGP, and static PWs for a cross-connect group.
Examples
# Create a cross-connect group named vpn1 and enter cross-connect group view.
<Sysname> system-view
[Sysname] xconnect-group vpn1
[Sysname-xcg-vpn1]
Related commands
display l2vpn xconnect-group
L2VPN access to L3VPN or IP backbone commands
The following matrix shows the feature and hardware compatibility:
Hardware |
L2VPN access to L3VPN or IP backbone compatibility |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
MSR2600-6-X1/2600-10-X1 |
Yes |
MSR 2630 |
Yes |
MSR3600-28/3600-51 |
Yes |
MSR3600-28-SI/3600-51-SI |
No |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
MSR5620/5660/5680 |
Yes |
Hardware |
L2VPN access to L3VPN or IP backbone compatibility |
MSR810-LM-GL |
No |
MSR810-W-LM-GL |
No |
MSR830-6EI-GL |
No |
MSR830-10EI-GL |
No |
MSR830-6HI-GL |
No |
MSR830-10HI-GL |
No |
MSR2600-6-X1-GL |
Yes |
MSR3600-28-SI-GL |
No |
bandwidth
Use bandwidth to set the expected bandwidth for an interface.
Use undo bandwidth to restore the default.
Syntax
bandwidth bandwidth-value
undo bandwidth
Default
The expected bandwidth is 100000 kbps.
Views
L2VE interface view
L3VE interface view
Predefined user roles
network-admin
Parameters
bandwidth-value: Specifies the expected bandwidth in the range of 1 to 400000000 kbps.
Usage guidelines
The expected bandwidth for an interface affects the CBQ bandwidth and the link costs in OSPF, OSPFv3, and IS-IS. For more information, see ACL and QoS Configuration Guide and Layer 3—IP Routing Configuration Guide.
Examples
# Set the expected bandwidth for VE-L2VPN 100 to 10000 kbps.
<Sysname> system-view
[Sysname] interface ve-l2vpn 100
[Sysname-VE-L2VPN100] bandwidth 10000
# Set the expected bandwidth for VE-L3VPN 100 to 10000 kbps.
<Sysname> system-view
[Sysname] interface ve-l3vpn 100
[Sysname-VE-L3VPN100] bandwidth 10000
default
Use default to restore the default settings for an interface.
Syntax
default
Views
L2VE interface view
L3VE interface view
Predefined user roles
network-admin
Usage guidelines
CAUTION: The default command might interrupt ongoing network services. Make sure you are fully aware of the impact of this command when you use it on a live network. |
This command might fail to restore the default settings for some commands for reasons such as command dependencies or system restrictions. Use the display this command in interface view to identify these commands. Use their undo forms or follow the command reference to restore their default settings. If your restoration attempt still fails, follow the error message instructions to resolve the problem.
Examples
# Restore the default settings for interface VE-L2VPN 100.
<Sysname> system-view
[Sysname] interface ve-l2vpn 100
[Sysname-VE-L2VPN100] default
This command will restore the default settings. Continue? [Y/N]:y
# Restore the default settings for interface VE-L3VPN 100.
<Sysname> system-view
[Sysname] interface ve-l3vpn 100
[Sysname-VE-L3VPN100] default
This command will restore the default settings. Continue? [Y/N]:y
description
Use description to configure a description for an interface.
Use undo description to restore the default.
Syntax
description text
undo description
Default
The description for an interface is VE-L2VPNnumber Interface, for example, VE-L2VPN100 Interface.
Views
L2VE interface view
L3VE interface view
Predefined user roles
network-admin
Parameters
text: Specifies a description, a case-sensitive string of 1 to 255 characters.
Usage guidelines
Configure descriptions for different interfaces for identification and management purposes.
You can use the display interface command to display the configured interface description.
Examples
# Configure a description for interface VE-L2VPN 100 as L2VPN-Terminate.
<Sysname> system-view
[Sysname] interface ve-l2vpn 100
[Sysname-VE-L2VPN100] description L2VPN-Terminate
# Configure a description for interface VE-L3VPN 100 as L3VPN-Access.
<Sysname> system-view
[Sysname] interface ve-l3vpn 100
[Sysname-VE-L3VPN100] description L3VPN-Access
display interface
Use display interface to display interface information.
Syntax
display interface [ ve-l2vpn [ interface-number ] | ve-l3vpn [ interface-number ] ] [ brief [ description | down ] ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
ve-l2vpn: Displays information about L2VE interfaces.
ve-l3vpn: Displays information about L3VE interfaces.
interface-number: Specifies the number of an existing L2VE interface or an L3VE interface.
brief: Displays brief interface information. If you do not specify this keyword, the command displays detailed interface information.
description: Displays complete interface descriptions. If you do not specify this keyword, the command displays only the first 27 characters of interface descriptions.
down: Displays information about interfaces in the physical state of DOWN and the causes. If you do not specify this keyword, the command displays information about interfaces in all states.
Usage guidelines
If you do not specify an interface type, this command displays information about both L2VE and L3VE interfaces on the device.
If you specify an interface type but no interface number, this command displays information about all interfaces of the specified type.
If you specify both an interface type and an interface number, this command displays information about the specified interface.
Examples
# Display information about interface VE-L2VPN 100.
<Sysname> display interface ve-l2vpn 100
VE-L2VPN100
Current state: UP
Line protocol state: UP
Description: VE-L2VPN100 Interface
Bandwidth: 100000kbps
Maximum Transmit Unit: 1500
Internet protocol processing: disabled
IP Packet Frame Type:PKTFMT_ETHNT_2, Hardware Address: 0011-2200-0202
IPv6 Packet Frame Type:PKTFMT_ETHNT_2, Hardware Address: 0011-2200-0202
Link service is PWE3 ethernet mode
Physical: L2VE, baudrate: 100000000 bps
Last clearing of counters: Never
Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec
Last 300 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec
Input: 0 packets, 0 bytes, 0 drops
Output: 0 packets, 0 bytes, 0 drops
Table 105 Command output
Field |
Description |
VE-L2VPN100 |
Information about interface VE-L2VPN 100. |
Current state |
State of the interface: · Administratively DOWN—The interface has been shut down by using the shutdown command. · DOWN—The interface is administratively up, but its physical state is down. · UP—Both the administrative and physical states of the interface are up. |
Line protocol state |
Link layer protocol state of the interface. The value is determined by parameter negotiation on the link layer. · UP—The protocol state of the interface is up. · UP (spoofing)—The link protocol state of the interface is up, but the link is temporarily set up on demand or does not exist. This attribute is available for null interfaces and loopback interfaces. · DOWN—The protocol state of the interface is down. |
Description |
Description for the interface. |
Bandwidth |
Expected bandwidth for the interface, in kbps. |
Maximum Transmit Unit |
MTU of the interface. |
Internet protocol processing |
IP address of the interface. If no IP address is assigned to the interface, this field displays Internet protocol processing: disabled, and the interface cannot process packets. Primary indicates that it is the primary IP address of the interface. |
Link service |
Link service mode: · VPLS mode—This mode is available when the interface is bound with a VPLS instance. For more information about VPLS instances, see "Configuring VPLS." · PWE3 ethernet mode—This mode is available when the interface is associated with a PW whose encapsulation type is Ethernet. For more information about PWs, see "Configuring MPLS L2VPN." · PWE3 vlan mode—This mode is available when the interface is associated with a PW whose encapsulation type is VLAN. For more information about PWs, see "Configuring MPLS L2VPN." |
Physical |
Physical type of the interface: · L2VE—L2VE interface for terminating an MPLS L2VPN. · L3VE—L3VE interface for accessing an MPLS L3VPN or IP backbone. |
Baudrate |
Baud rate of the interface. |
Last clearing of counters |
Last time the counters were cleared by using the reset counters interface command. If the reset counters interface command has never been executed since the device started up, this field displays Never. |
Last 300 seconds input rate |
Average input rate in the last 300 seconds. |
Last 300 seconds output rate |
Average output rate in the last 300 seconds. |
# Display brief information about all L2VE interfaces.
<Sysname> display interface ve-l2vpn brief
Brief information of interface(s) under route mode:
Link: ADM - administratively down; Stby - standby
Protocol: (s) - spoofing
Interface Link Protocol Main IP Description
L2VE20 DOWN DOWN --
# Display brief information about interface VE-L2VPN 2, including the entire interface description.
<Sysname> display interface ve-l2vpn 2 brief description
Brief information of interface(s) under route mode:
Link: ADM - administratively down; Stby - standby
Protocol: (s) - spoofing
Interface Link Protocol Main IP Description
L2VE2 UP UP 1.1.1.1 L2VPN-Terminate
# Display information about interfaces in the physical state of DOWN and the causes.
<Sysname> display interface brief down
Brief information of interface(s) under route mode:
Link: ADM - administratively down; Stby - standby
Interface Link Cause
L2VE20 DOWN Administratively
L3VE20 DOWN Administratively
Table 106 Command output
Field |
Description |
Brief information of interface(s) under route mode: |
Brief information about Layer 3 interfaces. |
Link: ADM - administratively down; Stby - standby |
Link status: · ADM—The interface has been administratively shut down. To bring it up, use the undo shutdown command. · Stby—The interface is a backup interface. To show the primary interface, use the display interface-backup state command. |
Protocol: (s) - spoofing |
(s) indicates that the link layer protocol state is UP, but the link is not available because it is an on-demand link or not present at all. |
Interface |
Abbreviated interface name. |
Link |
Link state of the interface: · UP—The link is physically up. · DOWN—The link is physically down. · ADM—The link has been administratively shut down. To bring it up, use the undo shutdown command. · Stby—The interface is a backup interface. To display the primary interface, use the display interface-backup state command. |
Protocol |
Link layer protocol state whose value is determined by parameter negotiation on the link layer: · UP—The protocol state of the interface is up. · UP (s)—The link protocol state of the interface is up, but the link is temporarily set up on demand or does not exist. This attribute is available for null interfaces and loopback interfaces. · DOWN—The protocol state of the interface is down. |
Main IP |
Primary IP address of the interface. |
Description |
Description for the interface. |
Cause |
Causes for the link state of DOWN: · Administratively—The link has been shut down by using the shutdown command. To bring it up, use the undo shutdown command. · Not connected—The tunnel is not established. |
reset counters interface
interface ve-l2vpn
Use interface ve-l2vpn to create an L2VE interface and enter its view, or enter the view of an existing L2VE interface.
Use undo interface ve-l2vpn to delete an L2VE interface.
Syntax
interface ve-l2vpn interface-number
undo interface ve-l2vpn interface-number
Default
No L2VE interfaces exist.
Views
System view
Predefined user roles
network-admin
Parameters
interface-number: Specifies the L2VE interface number in the range of 1 to 8192.
Usage guidelines
A VE-L2VPN interface (an L2VE interface) terminates MPLS L2VPN packets. The L2VE interface performs the following operations:
· Removes the MPLS label from an MPLS L2VPN packet.
· Sends the original Layer 2 packet to an L3VE interface that has the same interface number as the L2VE interface.
Examples
# Create L2VE interface VE-L2VPN 100, and enter L2VE interface view.
<Sysname> system-view
[Sysname] interface ve-l2vpn 100
[Sysname-VE-L2VPN100]
interface ve-l3vpn
Use interface ve-l3vpn to create an L3VE interface and enter its view, or enter the view of an existing L3VE interface.
Use undo interface ve-l3vpn to delete an L3VE interface.
Syntax
interface ve-l3vpn interface-number
undo interface ve-l3vpn interface-number
Default
No L3VE interfaces exist.
Views
System view
Predefined user roles
network-admin
Parameters
interface-number: Specifies the L3VE interface number in the range of 1 to 8192.
Usage guidelines
A VE-L3VPN interface (an L3VE interface) provides access to an MPLS L3VPN or IP backbone for packets. The L3VE interface forwards packets received from the backbone to an L2VE interface that has the same interface number as the L3VE interface.
Examples
# Create L3VE interface VE-L3VPN 100, and enter L3VE interface view.
<Sysname> system-view
[Sysname] interface ve-l3vpn 100
[Sysname-VE-L3VPN100] quit
mtu
Use mtu to set the MTU for an interface.
Use undo mtu to restore the default.
Syntax
mtu size
undo mtu
Default
The MTU of an interface is 1500 bytes.
Views
L2VE interface view
L3VE interface view
Predefined user roles
network-admin
Parameters
mtu-size: Specifies the MTU in the range of 46 to 1560 bytes.
Examples
# Set the MTU for interface VE-L2VPN 100 to 1430 bytes.
<Sysname> system-view
[Sysname] interface ve-l2vpn 100
[Sysname-VE-L2VPN100] mtu 1430
# Set the MTU for interface VE-L3VPN 100 to 1430 bytes.
<Sysname> system-view
[Sysname] interface ve-l3vpn 100
[Sysname-VE-L3VPN100] mtu 1430
reset counters interface
Use reset counters interface to clear interface statistics.
Syntax
reset counters interface [ ve-l2vpn [ interface-number ] | ve-l3vpn [ interface-number ] ]
Views
User view
Predefined user roles
network-admin
Parameters
ve-l2vpn: Clears statistics for L2VE interfaces.
ve-l3vpn: Clears statistics for L3VE interfaces.
interface-number: Specifies the number of an existing L2VE interface or an L3VE interface.
Usage guidelines
If you do not specify an interface type, this command clears statistics for both L2VE and L3VE interfaces on the device.
If you specify an interface type but no interface number, this command clears statistics for all interfaces of the specified type.
If you specify both an interface type and an interface number, this command clears statistics for the specified interface.
Examples
# Clear statistics for interface VE-L2VPN 100.
<Sysname> reset counters interface ve-l2vpn 100
# Clear statistics for interface VE-L3VPN 100.
<Sysname> reset counters interface ve-l3vpn 100
Related commands
display interface
shutdown
Use shutdown to shut down an interface.
Use undo shutdown to bring up an interface.
Syntax
shutdown
undo shutdown
Default
L2VE interfaces and L3VE interfaces are up.
Views
L2VE interface view
L3VE interface view
Predefined user roles
network-admin
Examples
# Shut down interface VE-L2VPN 100.
<Sysname> system-view
[Sysname] interface ve-l2vpn 100
[Sysname-VE-L2VPN100] shutdown
# Shut down interface VE-L3VPN 100.
<Sysname> system-view
[Sysname] interface ve-l3vpn 100
[Sysname-VE-L3VPN100] shutdown
MPLS OAM commands
The following matrix shows the feature and hardware compatibility:
Hardware |
MPLS OAM compatibility |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
MSR2600-6-X1/2600-10-X1 |
Yes |
MSR 2630 |
Yes |
MSR3600-28/3600-51 |
Yes |
MSR3600-28-SI/3600-51-SI |
No |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
MSR5620/5660/5680 |
Yes |
Hardware |
MPLS OAM compatibility |
MSR810-LM-GL |
No |
MSR810-W-LM-GL |
No |
MSR830-6EI-GL |
No |
MSR830-10EI-GL |
No |
MSR830-6HI-GL |
No |
MSR830-10HI-GL |
No |
MSR2600-6-X1-GL |
Yes |
MSR3600-28-SI-GL |
No |
bfd discriminator
Use bfd discriminator to set local and remote discriminators for the BFD session used to verify PW connectivity.
Use undo bfd discriminator to restore the default.
Syntax
bfd discriminator local local-id remote remote-id
undo bfd discriminator
Default
No local or remote discriminators are set for the BFD session used to verify PW connectivity. The system automatically assigns local and remote discriminators to the BFD session.
Views
Cross-connect backup PW view
Cross-connect PW view
VSI LDP backup PW view
VSI LDP PW view
VSI static backup PW view
VSI static PW view
Predefined user roles
network-admin
Parameters
local local-id: Specifies the local discriminator value for the BFD session.
The following matrix shows the value ranges for the local-id argument:
Hardware |
Argument compatibility |
Value range |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
N/A |
MSR2600-6-X1/2600-10-X1 |
Yes |
1 to 32 |
MSR 2630 |
Yes |
1 to 32 |
MSR3600-28/3600-51 |
Yes |
1 to 32 |
MSR3600-28-SI/3600-51-SI |
No |
N/A |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
1 to 512 |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
1 to 512 |
MSR5620/5660/5680 |
Yes |
1 to 1024 |
Hardware |
Argument compatibility |
Value range |
MSR810-LM-GL |
No |
N/A |
MSR810-W-LM-GL |
No |
N/A |
MSR830-6EI-GL |
No |
N/A |
MSR830-10EI-GL |
No |
N/A |
MSR830-6HI-GL |
No |
N/A |
MSR830-10HI-GL |
No |
N/A |
MSR2600-6-X1-GL |
Yes |
1 to 32 |
MSR3600-28-SI-GL |
No |
N/A |
remote remote-id: Specifies the remote discriminator value for the BFD session, in the range of 1 to 4294967295.
Usage guidelines
A BFD session for PW connectivity verification can be established in one of the following modes:
· Static mode—Specify the local and remote discriminator values by using the bfd discriminator command. You must specify the discriminators on both the local and remote PEs. Make sure the local discriminator and remote discriminator on the local PE are the same as the remote discriminator and local discriminator on the remote PE, respectively. Otherwise, the BFD session cannot be established for the PW.
· Dynamic mode—If you do not specify local and remote discriminators, the system automatically runs MPLS ping to negotiate the discriminator values.
Examples
# In VSI LDP PW view, set both the local and remote discriminator values to 1 for the BFD session used to verify PW connectivity.
<Sysname> system-view
[Sysname] vsi ttt
[Sysname-vsi-ttt] pwsignaling ldp
[Sysname-vsi-ttt-ldp] peer 22.22.2.2 pw-id 1 pw-class ttt
[Sysname-vsi-ttt-ldp-22.22.2.2-1] bfd discriminator local 1 remote 1
Related commands
display l2vpn pw bfd
mpls bfd enable
vccv bfd
vccv cc
bfd ip-router-alert
Use bfd ip-router-alert to add the Router Alert option in BFD packets for LSP connectivity verification.
Use undo bfd ip-router-alert to remove the Router Alert option in BFD packets for LSP connectivity verification.
Syntax
bfd ip-router-alert
undo bfd ip-router-alert
Default
The device sends BFD packets carrying the Router Alert option to detect an LSP.
Views
System view
Predefined user roles
network-admin
network-operator
Usage guidelines
Execute the undo bfd ip-router-alert command on the local device if the peer device cannot identify the Router Alert option in BFD packets.
This command takes effect only on BFD sessions that come up after this command is executed.
Examples
# Remove the Router Alert option in BFD packets.
<Sysname> system-view
[Sysname] undo bfd ip-router-alert
display l2vpn pw bfd
Use display l2vpn pw bfd to display BFD information for PWs.
Syntax
display l2vpn pw bfd [ peer peer-ip pw-id pw-id ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
peer peer-ip pw-id pw-id: Specifies a PW. The peer-ip argument specifies the LSR ID for the peer PE of the PW. The pw-id argument specifies the PW ID in the range of 1 to 4294967295. If you do not specify a PW, this command displays BFD information for all PWs.
Examples
# Display BFD information for all PWs.
<Sysname> display l2vpn pw bfd
Total number of sessions: 1, 1 up, 0 down, 0 init
FEC Type: PW FEC-128
FEC Info:
Peer IP: 22.22.2.2
PW ID: 1
VSI Index: 0 Link ID: 8
Local Discr: 514 Remote Discr: 514
Source IP: 11.11.1.1 Destination IP: 127.0.0.2
Session State: Up Session Role: Active
Template Name: -
Table 107 Command output
Field |
Description |
Peer IP |
LSR ID of the peer PE. |
VSI Index |
Index of the VSI to which the PW belongs. This field is displayed when the PW is a VPLS PW. |
Connection ID |
ID of the cross-connect to which the PW belongs. This field is displayed when the PW is a VPWS PW. |
Link ID |
Link ID of the PW. |
Local Discr |
Local discriminator of the BFD session. |
Remote Discr |
Remote discriminator of the BFD session. |
Source IP |
Source IP of the BFD session, which is the MPLS LSR ID of the local PE. |
Destination IP |
Destination IP address of the BFD session, which is on subnet 127.0.0.0/8. |
Session State |
BFD session state: · Init—BFD session is in initialization state. · Up—BFD session is up. · Down—BFD session is down. |
Session Role |
Role of the local PE in the BFD session: · Active—Sender of the BFD session. · Passive—Receiver of the BFD session. |
Template Name |
Name of the BFD session parameter template. |
Related commands
bfd discriminator
vccv bfd
vccv cc
display mpls bfd
Use display mpls bfd to display BFD information for LSP tunnels or MPLS TE tunnels.
Syntax
display mpls bfd [ ipv4 ipv4-address mask-length | te tunnel tunnel-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
ipv4 ipv4-address mask-length: Specifies an FEC by a destination IP address and mask length. The mask length is in the range of 0 to 32.
te tunnel tunnel-number: Specifies an MPLS TE tunnel by the tunnel interface number.
Usage guidelines
If you do not specify any parameters, this command displays BFD information for all LSP tunnels and all MPLS TE tunnels.
Examples
# Display BFD information for the LSPs to destination 22.22.2.2/32.
<Sysname> display mpls bfd ipv4 22.22.2.2 32
Total number of sessions: 1, 1 up, 0 down, 0 init
FEC Type: LSP
FEC Info:
Destination: 22.22.2.2
Mask Length: 32
NHLFE ID: 1025
Local Discr: 513 Remote Discr: 513
Source IP: 11.11.1.1 Destination IP: 127.0.0.1
Session State: Up Session Role: Passive
Template Name: -
# Display BFD information for the MPLS TE tunnel interface tunnel 1.
<Sysname> display mpls bfd te tunnel 1
Total number of sessions: 1, 1 up, 0 down, 0 init
FEC Type: TE Tunnel
FEC Info:
Source : 100.1.1.1
Destination: 200.1.1.1
Tunnel ID : 1
LSP ID : 100
NHLFE ID: 1025
Local Discr: 513 Remote Discr: 513
Source IP: 11.11.1.1 Destination IP: 127.0.0.1
Session State: Up Session Role: Passive
Template Name: -
Table 108 Command output
Field |
Description |
Local Discr |
Local discriminator of the BFD session. |
Remote Discr |
Remote discriminator of the BFD session. |
Source IP |
Source IP of the BFD session, which is the MPLS LSR ID of the local PE. |
Destination IP |
Destination IP address of the BFD session. At the ingress node, it is an address on subnet 127.0.0.0/8. At the egress node, it is the MPLS LSR ID of the ingress node. |
Session State |
BFD session state: · Init—BFD session is in initialization state. · Up—BFD session is up. · Down—BFD session is down. |
Session Role |
Role of the local PE in the BFD session: · Active—Initiator of the BFD session. · Passive—Responder of the BFD session. |
Template Name |
Name of the BFD session parameter template. |
mpls bfd (for LSP)
mpls bfd (for TE tunnel)
mpls bfd enable
Use mpls bfd enable to enable BFD for MPLS.
Use undo mpls bfd enable to disable BFD for MPLS.
Syntax
mpls bfd enable
undo mpls bfd enable
Default
BFD for MPLS is disabled.
Views
System view
Predefined user roles
network-admin
Usage guidelines
To use BFD to verify LSP, PW, or TE tunnel connectivity, you must use this command to enable BFD for MPLS. Otherwise, the BFD session cannot be established after you execute the mpls bfd (for LSP), mpls bfd (for TE tunnel), or vccv bfd command.
Examples
# Enable BFD for MPLS.
<Sysname> system-view
[Sysname] mpls bfd enable
mpls bfd (for LSP)
Use mpls bfd to enable BFD for LSPs associated with an FEC.
Use undo mpls bfd to disable BFD for LSPs associated with an FEC.
Syntax
mpls bfd dest-addr mask-length [ nexthop nexthop-address [ discriminator local local-id remote remote-id ] ] [ template template-name ]
undo mpls bfd dest-addr mask-length [ nexthop nexthop-address ]
Default
BFD is not used to verify LSP connectivity for an FEC.
Views
System view
Predefined user roles
network-admin
Parameters
dest-addr mask-length: Specifies an FEC by a destination IP address and mask length. The mask length is in the range of 0 to 32.
nexthop nexthop-address: Specifies the next hop address of the FEC. If you specify the FEC next hop, BFD verifies the specified LSP. If you do not specify a next hop, BFD verifies all LSPs for the FEC.
discriminator: Specifies discriminator values for the BFD session.
local local-id: Specifies the local discriminator value for the BFD session.
The following matrix shows the value ranges for the local-id argument:
Hardware |
Argument compatibility |
Value range |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
N/A |
MSR2600-6-X1/2600-10-X1 |
Yes |
1 to 32 |
MSR 2630 |
Yes |
1 to 32 |
MSR3600-28/3600-51 |
Yes |
1 to 32 |
MSR3600-28-SI/3600-51-SI |
No |
N/A |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
1 to 512 |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
1 to 512 |
MSR5620/5660/5680 |
Yes |
1 to 1024 |
Hardware |
Argument compatibility |
Value range |
MSR810-LM-GL |
No |
N/A |
MSR810-W-LM-GL |
No |
N/A |
MSR830-6EI-GL |
No |
N/A |
MSR830-10EI-GL |
No |
N/A |
MSR830-6HI-GL |
No |
N/A |
MSR830-10HI-GL |
No |
N/A |
MSR2600-6-X1-GL |
Yes |
1 to 32 |
MSR3600-28-SI-GL |
No |
N/A |
remote remote-id: Specifies the remote discriminator value for the BFD session, in the range of 1 to 4294967295.
template template-name: Specifies a BFD session parameter template by its name, a case-sensitive string of 1 to 63 characters. If you do not specify a template, BFD uses the multihop BFD session parameters configured in system view.
Usage guidelines
After you enable BFD for MPLS and execute the mpls bfd command, the device creates a BFD session for each LSP associated with the specified FEC. When an LSP fails, BFD can quickly detect the failure and notify the device to take an action, such as switching traffic to the backup LSP.
A BFD session for LSP connectivity verification can be established in one of the following modes:
· Static mode—Specify the local and remote discriminator values by using the discriminator keyword in the mpls bfd command. You must enable BFD for MPLS and configure the mpls bfd command on both the local and remote devices. Make sure the discriminators configured on the local device match those configured on the remote device. A static BFD session verifies connectivity of a pair of LSPs in opposite directions between two devices.
· Dynamic mode—If you do not specify local and remote discriminators, the system automatically runs MPLS ping to negotiate the discriminator values. You must enable BFD for MPLS on both the local and remote devices, but the mpls bfd command is not needed on the remote PE. A dynamic BFD session verifies the connectivity of a unidirectional LSP from the local device to the remote device.
The source address of the BFD session is the MPLS LSR ID of the local device. Before configuring BFD for the LSP tunnel, perform the following tasks:
1. Configure an MPLS LSR ID for the local device.
2. Make sure a route is available on the remote device to reach the MPLS LSR ID.
Examples
# Use BFD to verify the connectivity of the LSPs to destination 22.22.2.2/32.
<Sysname> system-view
[Sysname] mpls bfd enable
[Sysname] mpls bfd 22.22.2.2 32
# Use BFD to verify the connectivity of the LSP with destination 22.22.2.2/32 and next hop 12.0.0.2.
<Sysname> system-view
[Sysname] mpls bfd enable
[Sysname] mpls bfd 22.22.2.2 32 nexthop 12.0.0.2
# Use BFD to verify the connectivity of the LSP with destination 22.22.2.2/32 and next hop 12.0.0.2. Set both the local and remote discriminators to 1, and use the BFD session parameter template test.
<Sysname> system-view
[Sysname] mpls bfd enable
[Sysname] mpls bfd 22.22.2.2 32 nexthop 12.0.0.2 discriminator local 1 remote 1 template test
Related commands
display mpls bfd
mpls bfd enable
mpls bfd (for TE tunnel)
Use mpls bfd to enable BFD on an MPLS TE tunnel.
Use undo mpls bfd to restore the default.
Syntax
mpls bfd [ discriminator local local-id remote remote-id ] [ template template-name ]
undo mpls bfd
Default
BFD is not enabled on an MPLS TE tunnel.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
discriminator: Specifies discriminator values for the BFD session.
local local-id: Specifies the local discriminator value for the BFD session.
The following matrix shows the value ranges for the local-id argument:
Hardware |
Argument compatibility |
Value range |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
N/A |
MSR2600-6-X1/2600-10-X1 |
Yes |
1 to 32 |
MSR 2630 |
Yes |
1 to 32 |
MSR3600-28/3600-51 |
Yes |
1 to 32 |
MSR3600-28-SI/3600-51-SI |
No |
N/A |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
1 to 512 |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
1 to 512 |
MSR5620/5660/5680 |
Yes |
1 to 1024 |
Hardware |
Argument compatibility |
Value range |
MSR810-LM-GL |
No |
N/A |
MSR810-W-LM-GL |
No |
N/A |
MSR830-6EI-GL |
No |
N/A |
MSR830-10EI-GL |
No |
N/A |
MSR830-6HI-GL |
No |
N/A |
MSR830-10HI-GL |
No |
N/A |
MSR2600-6-X1-GL |
Yes |
1 to 32 |
MSR3600-28-SI-GL |
No |
N/A |
remote remote-id: Specifies the remote discriminator value for the BFD session, in the range of 1 to 4294967295.
template template-name: Specifies a BFD session parameter template by its name, a case-sensitive string of 1 to 63 characters. If you do not specify a template, BFD uses the BFD session parameters configured in tunnel interface view.
Usage guidelines
After you enable BFD for MPLS and execute the mpls bfd command, the device creates a BFD session on the MPLS TE tunnel. When the MPLS TE tunnel fails, BFD can quickly detect the failure and notify the device to take an action, such as switching traffic to the backup tunnel.
A BFD session can be established in one of the following modes:
· Static mode—Specify the local and remote discriminators by using the discriminator keyword in the mpls bfd command. You must enable BFD for MPLS and configure the mpls bfd command on both the local and remote devices. Make sure the local discriminator and remote discriminator on the local device are the same as the remote discriminator and local discriminator on the remote device, respectively. A static BFD session verifies the connectivity of a pair of MPLS TE tunnels in opposite directions between two devices.
· Dynamic mode—If you do not specify local and remote discriminators, the system automatically runs MPLS ping to negotiate the discriminator values. You must enable BFD for MPLS on both the local and remote devices, but the mpls bfd command is not needed on the remote device. A dynamic BFD session verifies the connectivity of a unidirectional MPLS TE tunnel from the local device to the remote device.
The source address of the BFD session is the MPLS LSR ID of the local device. Before configuring BFD for the MPLS TE tunnel, perform the following tasks:
1. Configure an MPLS LSR ID for the local device.
2. Make sure a route is available on the remote device to reach the MPLS LSR ID.
Examples
# Enable BFD for the MPLS TE tunnel interface Tunnel 1, and use the BFD session parameter template test.
<Sysname> system-view
[Sysname] mpls bfd enable
[Sysname] interface Tunnel 1
[Sysname-Tunnel1] mpls bfd template test
# Enable BFD for the MPLS TE tunnel interface Tunnel 1, and set the local and remote discriminators both to 1.
<Sysname> system-view
[Sysname] mpls bfd enable
[Sysname] interface Tunnel 1
[Sysname-Tunnel1] mpls bfd discriminator local 1 remote 1
Related commands
display mpls bfd
mpls bfd enable
mpls periodic-tracert (for LSP)
Use mpls periodic-tracert to enable periodic tracert of LSPs for an FEC.
Use undo mpls periodic-tracert to disable periodic tracert of LSPs for an FEC.
Syntax
mpls periodic-tracert dest-addr mask-length [ -a source-ip | -exp exp-value | -h ttl-value | -m wait-time | -rtos tos-value | -t time-out | -u retry-attempt | fec-check ] *
undo mpls periodic-tracert dest-addr mask-length
Default
Periodic tracert of LSPs for an FEC is disabled.
Views
System view
Predefined user roles
network-admin
Parameters
dest-addr mask-length: Specifies an FEC by a destination IP address and mask length. The mask length is in the range of 0 to 32.
-a source-ip: Specifies the source address for MPLS echo request packets. If you do not specify this option, the device uses the MPLS LSR ID as the source address for MPLS echo requests.
-exp exp-value: Specifies the EXP value for MPLS echo request packets, in the range of 0 to 7. The default is 0.
-h ttl-value: Specifies the maximum TTL value for MPLS echo request packets (the maximum number of hops to be inspected). The value range for the ttl-value argument is 1 to 255, and the default is 30.
-m wait-time: Specifies the interval at which tracert is performed. The value range is 15 to 120 minutes. The default is 60 minutes.
-rtos tos-value: Specifies the ToS value in the IP header of an MPLS echo reply packet. The value range is 0 to 7, and the default value is 6.
-t time-out: Specifies the timeout interval for the reply to an MPLS echo request. The value range is 0 to 65535 milliseconds, and the default is 2000 milliseconds.
-u retry-attempt: Specifies the maximum number of retransmissions of an MPLS echo request if no reply is received. The value range is 1 to 9, and the default value is 3.
fec-check: Checks the FEC stack at transit nodes.
Usage guidelines
The periodic MPLS tracert feature automatically traces an LSP tunnel at intervals. It locates errors on the LSP tunnel, verifies the consistency of the data plane and control plane, and records the detected errors into system logs. You can check the logs to monitor LSP connectivity.
If both BFD and periodic MPLS tracert are configured for an LSP, both feature take effect. When periodic MPLS tracert detects a data plane failure or an inconsistency between data plane and control plane, the device performs the following operations:
1. Deletes the BFD session for the LSP.
2. Re-establishes the BFD session based on the control plane.
Before you execute this command, execute the mpls bfd enable command.
Examples
# Enable periodic tracert for LSPs to destination 11.11.1.1/32.
<Sysname> system-view
[Sysname] mpls bfd enable
[Sysname] mpls periodic-tracert 11.11.1.1 32
Related commands
mpls bfd enable
mpls bfd (for LSP)
ping mpls ipv4
Use ping mpls ipv4 to verify MPLS LSP connectivity for an IPv4 prefix.
Syntax
ping mpls [ -a source-ip | -c count | -exp exp-value | -h ttl-value | -m wait-time | -r reply-mode | -rtos tos-value | -s packet-size | -t time-out | -v ] * ipv4 ipv4-address mask-length [ destination start-address [ end-address [ address-increment ] ] ]
Views
Any view
Predefined user roles
network-admin
Parameters
-a source-ip: Specifies the source address for MPLS echo request packets. If you do not specify this option, the device uses the primary IP address of the outgoing interface as the source address for MPLS echo requests.
-c count: Specifies the number of MPLS echo request packets to be sent with the same destination address in the IP header. The value range is 1 to 4294967295. The default is 5.
-exp exp-value: Specifies the EXP value for MPLS echo request packets, in the range of 0 to 7. The default is 0.
-h ttl-value: Specifies the TTL value for MPLS echo request packets, in the range of 1 to 255. The default is 255.
-m wait-time: Specifies the interval for sending MPLS echo request packets, in the range of 1 to 10000 milliseconds. The default is 200 milliseconds.
-r reply-mode: Specifies the reply mode of the receiver in response to MPLS echo request packets. The reply-mode argument can be 1, 2, 3, or 4. The default value is 2.
· Reply mode 1 means "Do not reply."
· Reply mode 2 means "Reply by using a UDP packet."
· Reply mode 3 means "Reply by using a UDP packet that carries the Router Alert option."
· Reply mode 4 means "Reply by using a VCCV packet." Reply mode 4 does not apply to MPLS LSP connectivity detection for an IPv4 prefix. If you specify this mode, the receiver does not reply.
-rtos tos-value: Specifies the ToS value in the IP header of an MPLS echo reply packet. The value range is 0 to 7, and the default value is 6.
-s packet-size: Specifies the length (excluding the IP header and UDP header) of an MPLS echo request packet. The value for the packet-size argument is 65 to 8100 bytes, and the default is 100 bytes.
-t time-out: Specifies the timeout interval for the reply to an MPLS echo request. The value range is 0 to 65535 milliseconds, and the default is 2000 milliseconds.
-v: Displays detailed reply information. If you do not specify this keyword, the command displays brief reply information.
ipv4-address mask-length: Specifies an FEC by a destination IP address and mask length. The mask length is in the range of 0 to 32.
destination: Specifies the destination address in the IP header of MPLS echo requests. The default is 127.0.0.1.
start-address: Specifies the destination address or the start destination address. This address must be an address on subnet 127.0.0.0/8—a local loopback address. If you specify the start-address argument without the end-address argument, the start-address is the destination address in the IP header. The number of MPLS echo requests to be sent is determined by the -c count keyword. If you specify both start-address and end-address, you specify a range of destination addresses. The destination address increments by the value specified for the address-increment argument, starting from the start-address to the end-address. The number of MPLS echo requests to be sent with each of the destination addresses is determined by the -c count keyword.
end-address: Specifies the end destination address. This address must be an address on subnet 127.0.0.0/8—a local loopback address.
address-increment: Specifies the increment value by which the destination address in the IP header increases in turn. The value range is 1 to 16777215 and the default value is 1.
Examples
# Verify the connectivity of LSPs to destination 3.3.3.9/32.
<Sysname> ping mpls ipv4 3.3.3.9 32
MPLS ping FEC 3.3.3.9/32 with 100 bytes of data:
100 bytes from 100.1.2.1: Sequence=1 time=49 ms
100 bytes from 100.1.2.1: Sequence=2 time=44 ms
100 bytes from 100.1.2.1: Sequence=3 time=60 ms
100 bytes from 100.1.2.1: Sequence=4 time=60 ms
100 bytes from 100.1.2.1: Sequence=5 time=76 ms
--- Ping statistics for FEC 3.3.3.9/32 ---
5 packets transmitted, 5 packets received, 0.0% packet loss
Round-trip min/avg/max = 44/57/76 ms
# Verify the connectivity of LSPs to destination 3.3.3.9/32, and specify the following parameters:
· Set the number of MPLS echo requests to be sent with the same destination address to 3.
· Display detailed reply information.
· Specify the range of destination addresses in IP headers as 127.0.0.1 to 127.0.0.3, and set the destination address increment value to 2. With these settings, the destination addresses are 127.0.0.1 and 127.0.0.3.
<Sysname> ping mpls –c 3 –v ipv4 3.3.3.9 32 destination 127.0.0.1 127.0.0.3 2
MPLS ping FEC 3.3.3.9/32 with 100 bytes of data:
Destination address 127.0.0.1
100 bytes from 100.1.2.1: Sequence=1 time=49 ms Return Code=3(1)
Destination address 127.0.0.3
100 bytes from 100.1.2.1: Sequence=2 time=44 ms Return Code=3(1)
Destination address 127.0.0.1
100 bytes from 100.1.2.1: Sequence=3 time=60 ms Return Code=3(1)
Destination address 127.0.0.3
100 bytes from 100.1.2.1: Sequence=4 time=60 ms Return Code=3(1)
Destination address 127.0.0.1
100 bytes from 100.1.2.1: Sequence=5 time=76 ms Return Code=3(1)
Destination address 127.0.0.3
100 bytes from 100.1.2.1: Sequence=6 time=57 ms Return Code=3(1)
--- Ping statistics for FEC 3.3.3.9/32 ---
6 packets transmitted, 6 packets received, 0.0% packet loss
Round-trip min/avg/max = 44/57/76 ms
Field |
Description |
MPLS Ping FEC: 3.3.3.9/32 : 100 data bytes |
Verify LSP connectivity for FEC 3.3.3.9/32 by sending 100-byte MPLS echo requests. |
Destination address |
Destination IP address in the IP header. |
100 bytes from 100.1.2.1 |
Received a 100-byte reply from 100.1.2.1. |
Sequence |
Sequence number of the reply, for determination of packet loss, disorder, or duplicate. |
time |
Packet round-trip delay. |
Return Code |
Return code. The number in parentheses represents a return subcode. |
Ping statistics for FEC 3.3.3.9/32 |
LSP verification statistics. |
packets transmitted |
Number of MPLS echo requests sent. |
packets received |
Number of MPLS echo replies received. |
packet loss |
Percentage of unreplied packets to total request packets. |
Round-trip min/avg/max |
Minimum, average, and maximum round-trip delay. |
ping mpls pw
Use ping mpls pw to verify LDP PW or static PW connectivity.
Syntax
ping mpls [ -a source-ip | -c count | -exp exp-value | -h ttl-value | -m wait-time | -r reply-mode | -rtos tos-value | -s packet-size | -t time-out | -v ] * pw ip-address pw-id pw-id
Views
Any view
Predefined user roles
network-admin
Parameters
-a source-ip: Specifies the source address for MPLS echo request packets. If you do not specify this option, the device uses the MPLS LSR ID of the device as the source address for MPLS echo requests.
-c count: Specifies the number of MPLS echo request packets to be sent. The value range is 1 to 4294967295. The default is 5.
-exp exp-value: Specifies the EXP value for MPLS echo request packets, in the range of 0 to 7. The default is 0.
-h ttl-value: Specifies the TTL value for MPLS echo request packets, in the range of 1 to 255. The default is 255.
-m wait-time: Specifies the interval for sending MPLS echo request packets, in the range of 1 to 10000 milliseconds. The default is 200 milliseconds.
-r reply-mode: Specifies the reply mode of the receiver in response to MPLS echo request packets. The reply-mode argument can be 1, 2, 3, or 4. The default value is 2.
· Reply mode 1 means "Do not reply."
· Reply mode 2 means "Reply by using a UDP packet."
· Reply mode 3 means "Reply by using a UDP packet that carries the Router Alert option."
· Reply mode 4 means "Reply by using a VCCV packet."
-rtos tos-value: Specifies the ToS value in the IP header of an MPLS echo reply packet. The value range is 0 to 7, and the default value is 6.
-s packet-size: Specifies the length (excluding the IP header and UDP header) of an MPLS echo request packet. The value for the packet-size argument is 65 to 8100 bytes, and the default is 100 bytes.
-t time-out: Specifies the timeout interval for the reply to an MPLS echo request. The value range is 0 to 65535 milliseconds, and the default is 2000 milliseconds.
-v: Displays detailed reply information. If you do not specify this keyword, the command displays brief reply information.
ip-address: Specifies the IP address of the peer PE.
pw-id pw-id: Specifies the ID of the PW to the peer PE, in the range of 1 to 4294967295.
Examples
# Verify the connectivity of PW 301 to peer PE 3.3.3.9.
<Sysname> ping mpls pw 3.3.3.9 pw-id 301
MPLS ping PW 3.3.3.9 301 with 100 bytes of data:
100 bytes from 100.1.2.1: Sequence=1 time=49 ms
100 bytes from 100.1.2.1: Sequence=2 time=44 ms
100 bytes from 100.1.2.1: Sequence=3 time=60 ms
100 bytes from 100.1.2.1: Sequence=4 time=60 ms
100 bytes from 100.1.2.1: Sequence=5 time=76 ms
--- Ping statistics for PW 3.3.3.9 301 ---
5 packets transmitted, 5 packets received, 0.0% packet loss
Round-trip min/avg/max = 44/57/76 ms
For the command output, see Table 109.
ping mpls te
Use ping mpls te to verify MPLS TE tunnel connectivity.
Syntax
ping mpls [ -a source-ip | -c count | -exp exp-value | -h ttl-value | -m wait-time | -r reply-mode | -rtos tos-value | -s packet-size | -t time-out | -v ] * te tunnel interface-number
Views
Any view
Predefined user roles
network-admin
Parameter
-a source-ip: Specifies the source address for MPLS echo request packets. If you do not specify this option, the device uses the primary IP address of the outgoing interface as the source address for MPLS echo requests.
-c count: Specifies the number of MPLS echo request packets to be sent, in the range of 1 to 4294967295. The default is 5.
-exp exp-value: Specifies the EXP value for MPLS echo request packets, in the range of 0 to 7. The default is 0.
-h ttl-value: Specifies the TTL value for MPLS echo request packets, in the range of 1 to 255. The default is 255.
-m wait-time: Specifies the interval for sending MPLS echo request packets, in the range of 1 to 10000 milliseconds. The default is 200 milliseconds.
-r reply-mode: Specifies the reply mode of the receiver in response to MPLS echo request packets. The reply-mode argument can be 1, 2, 3, or 4. The default value is 2.
· Reply mode 1 means "Do not reply."
· Reply mode 2 means "Reply by using a UDP packet."
· Reply mode 3 means "Reply by using a UDP packet that carries the Router Alert option."
· Reply mode 4 means "Reply by using a VCCV packet." Reply mode 4 does not apply to MPLS TE tunnel connectivity detection. If you specify this mode, the receiver does not reply.
-rtos tos-value: Specifies the ToS value in the IP header of an MPLS echo reply packet. The value range is 0 to 7, and the default is 6.
-s packet-size: Specifies the length (excluding the IP header and UDP header) of an MPLS echo request packet. The value range for the packet-size argument is 65 to 8100 bytes, and the default is 100 bytes.
-t time-out: Specifies the timeout interval for the reply to an MPLS echo request. The value range is 0 to 65535 milliseconds, and the default is 2000 milliseconds.
-v: Displays detailed reply information. If you do not specify this keyword, the command displays brief reply information.
tunnel interface-number: Specifies an MPLS TE tunnel interface by the interface number. The specified MPLS TE tunnel interface must have already been created.
Examples
# Verify the connectivity of the MPLS TE tunnel for tunnel interface Tunnel 1.
<Sysname> ping mpls te tunnel 1
MPLS ping TE tunnel Tunnel1 with 100 bytes of data:
100 bytes from 100.1.2.1: Sequence=1 time=49 ms
100 bytes from 100.1.2.1: Sequence=2 time=44 ms
100 bytes from 100.1.2.1: Sequence=3 time=60 ms
100 bytes from 100.1.2.1: Sequence=4 time=60 ms
100 bytes from 100.1.2.1: Sequence=5 time=76 ms
--- Ping statistics for TE tunnel Tunnel1 ---
5 packets transmitted, 5 packets received, 0.0% packet loss
Round-trip min/avg/max = 44/57/76 ms
For the command output, see Table 109.
tracert mpls ipv4
Use tracert mpls ipv4 to trace MPLS LSPs from the ingress node to the egress node for an IPv4 prefix. You can locate the error node according to the reply information.
Syntax
tracert mpls [ -a source-ip | -exp exp-value | -h ttl-value | -r reply-mode | -rtos tos-value | -t time-out | -v | fec-check ] * ipv4 ipv4-address mask-length [ destination start-address [ end-address [ address-increment ] ] ]
Views
Any view
Predefined user roles
network-admin
Parameters
-a source-ip: Specifies the source address for MPLS echo request packets. If you do not specify this option, the command uses the primary IP address of the outgoing interface as the source address for MPLS echo requests.
-exp exp-value: Specifies the EXP value for MPLS echo request packets, in the range of 0 to 7. The default is 0.
-h ttl-value: Specifies the maximum TTL value for MPLS echo request packets (the maximum number of hops to be inspected). The value range for the ttl-value argument is 1 to 255, and the default is 30.
-r reply-mode: Specifies the reply mode of the receiver in response to MPLS echo request packets. The reply-mode argument can be 1, 2, or 3. 1 means "Do not reply," 2 means "Reply by using a UDP packet," and 3 means "reply by using a UDP packet that carries the Router Alert option." The default is 2.
-rtos tos-value: Specifies the ToS value in the IP header of an MPLS echo reply packet. The value range is 0 to 7, and the default value is 6.
-t time-out: Specifies the timeout interval for the reply to an MPLS echo request. The value range is 0 to 65535 milliseconds, and the default is 2000 milliseconds.
-v: Displays detailed reply information. If you do not specify this keyword, the command displays brief reply information.
fec-check: Checks the FEC stack at transit nodes.
ipv4-address mask-length: Specifies an FEC by an IPv4 destination address and a mask length. The value range for the mask-length argument is 0 to 32.
destination: Specifies the destination address in the IP header of MPLS echo requests. The default is 127.0.0.1.
start-address: Specifies the destination address or the start destination address. This address must be an address on subnet 127.0.0.0/8—a local loopback address. If you specify the start-address argument without the end-address argument, the start-address is the destination address in the IP header. If you specify both start-address and end-address, you specify a range of destination addresses. The destination address increments by the value specified for the address-increment argument, starting from the start-address to the end-address. The command performs a tracert for each of the destination addresses.
end-address: Specifies the end destination address. This address must be an address on subnet 127.0.0.0/8—a local loopback address.
address-increment: Specifies the increment value by which the destination address in the IP header increases in turn. The value range is 1 to 16777215 and the default value is 1.
Examples
# Trace the path that the LSP (for FEC 5.5.5.9/32) traverses from the ingress node to the egress node. Specify the IP header destination address range as 127.1.1.1 to 127.1.1.2 and set the address increment value to 1. With these settings, the device performs a tracert for 127.1.1.1 and 127.1.1.2.
<Sysname> tracert mpls ipv4 5.5.5.9 32 destination 127.1.1.1 127.1.1.2 1
MPLS trace route FEC 5.5.5.9/32
Destination address 127.1.1.1
TTL Replier Time Type Downstream
0 Ingress 100.1.2.1/[1025]
1 100.1.2.1 1 ms Transit 100.2.4.1/[1024]
2 100.2.4.1 63 ms Transit 100.4.5.1/[3]
3 100.4.5.1 129 ms Egress
Destination address 127.1.1.2
TTL Replier Time Type Downstream
0 Ingress 100.1.3.1/[1030]
1 100.1.3.1 1 ms Transit 100.3.4.1/[1024]
2 100.3.4.1 51 ms Transit 100.4.5.1/[3]
3 100.4.5.1 80 ms Egress
# Trace the path that the LSP (for FEC 5.5.5.9/32) traverses from the ingress node to the egress node. Display detailed reply information, specify the IP header destination address range as 127.1.1.1 to 127.1.1.2, and set the address increment value to 1. With these settings, the device performs a tracert for 127.1.1.1 and 127.1.1.2.
<Sysname> tracert mpls –v ipv4 5.5.5.9 32 destination 127.1.1.1 127.1.1.2 1
MPLS trace route FEC 5.5.5.9/32
Destination address 127.1.1.1
TTL Replier Time Type Downstream
0 Ingress 100.1.2.1/[1025]
1 100.1.2.1 1 ms Transit 100.2.4.1/[1024] ReturnCode 8(1)
2 100.2.4.1 63 ms Transit 100.4.5.1/[3] ReturnCode 8(1)
3 100.4.5.1 129 ms Egress ReturnCode 3(1)
Destination address 127.1.1.2
TTL Replier Time Type Downstream
0 Ingress 100.1.3.1/[1030]
1 100.1.3.1 1 ms Transit 100.3.4.1/[1024] ReturnCode 8(1)
2 100.3.4.1 51 ms Transit 100.4.5.1/[3] ReturnCode 8(1)
3 100.4.5.1 80 ms Egress ReturnCode 3(1)
Field |
Description |
MPLS trace route FEC |
Trace the LSPs for the specified FEC. |
Destination address |
Destination IP address in the IP header. |
TTL |
Number of hops. |
Replier |
Address of the LSR that replied the request. |
Time |
Time used to receive the reply, in milliseconds. |
Type |
LSR type: Ingress, Transit, or Egress. |
Downstream |
Address of the downstream LSR and the label assigned by the downstream LSR. |
ReturnCode |
Return code. The number in parentheses represents a return subcode. |
tracert mpls te
Use tracert mpls te to trace an MPLS TE tunnel from the ingress node to the egress node. You can locate the error node according to the reply information.
Syntax
tracert mpls [ -a source-ip | -exp exp-value | -h ttl-value | -r reply-mode | -rtos tos-value | -t time-out | -v | fec-check ] * te tunnel interface-number
Views
Any view
Predefined user roles
network-admin
Parameters
-a source-ip: Specifies the source address for MPLS echo request packets. If you do not specify this option, the command uses the primary IP address of the outgoing interface as the source address for MPLS echo requests.
-exp exp-value: Specifies the EXP value for MPLS echo request packets, in the range of 0 to 7. The default is 0.
-h ttl-value: Specifies the maximum TTL value for MPLS echo request packets (the maximum number of hops to be inspected). The value range for the ttl-value argument is 1 to 255, and the default is 30.
-r reply-mode: Specifies the reply mode of the receiver in response to MPLS echo request packets. The reply-mode argument can be 2 or 3. 2 means "Reply by using a UDP packet," and 3 means "reply by using a UDP packet that carries the Router Alert option." The default is 2.
-rtos tos-value: Specifies the ToS value in the IP header of an MPLS echo reply packet. The value range is 0 to 7, and the default value is 6.
-t time-out: Specifies the timeout interval for the reply to an MPLS echo request. The value range is 0 to 65535 milliseconds, and the default is 2000 milliseconds.
-v: Displays detailed reply information. If you do not specify this keyword, the command displays brief reply information.
fec-check: Checks the FEC stack at transit nodes.
tunnel interface-number: Specifies an existing MPLS TE tunnel interface by the interface number.
Examples
# Trace the path that MPLS TE tunnel 1 traverses from the ingress node to the egress node.
<Sysname> tracert mpls te tunnel 1
MPLS trace route TE tunnel Tunnel1
TTL Replier Time Type Downstream
0 Ingress 10.4.5.1/[1025]
1 10.4.5.1 1 ms Transit 100.3.4.1/[1024]
2 100.3.4.1 63 ms Transit 100.1.2.1/[3]
3 100.1.2.1 129 ms Egress
For the command output, see Table 110.
vccv bfd
Use vccv bfd to configure BFD to verify PW connectivity.
Use undo vccv bfd to restore the default.
Syntax
vccv bfd [ raw-bfd ] [ template template-name ]
undo vccv bfd
Default
BFD is not used to verify PW connectivity.
Views
PW class view
Predefined user roles
network-admin
Parameters
raw-bfd: Specifies the BFD packets to use PW-ACH encapsulation (without IP/UDP headers). This keyword takes effect only when the CC type is control word. If you do not specify this keyword, the BFD packets use IP/UDP encapsulation (with IP/UDP headers).
template template-name: Specifies a BFD session parameter template by its name, a case-sensitive string of 1 to 63 characters. If you do not specify a template, BFD uses the multihop BFD session parameters configured in system view.
Usage guidelines
After you execute this command and specify the PW class for a PW, the PEs use the specified encapsulation type to verify PW connectivity when the following conditions are met:
· Both PEs of the PW have configured BFD for the PW.
· The PEs use the same encapsulation type for BFD packets.
If any of the previous conditions are not met, the PEs do not use BFD to verify PW connectivity.
To use BFD for PW connectivity verification, you must execute the vccv bfd and mpls bfd enable commands on both ends of the PW.
Examples
# Configure BFD to verify PW connectivity, specify the BFD packet encapsulation type as raw-bfd, and specify the BFD session parameter template as aaa.
<Sysname> system-view
[Sysname] pw-class test
[Sysname-pw-test] vccv bfd raw-bfd template aaa
Related commands
display l2vpn pw bfd
mpls bfd enable
vccv cc
vccv cc
Use vccv cc to specify the VCCV control channel (CC) type.
Use undo vccv cc to restore the default.
Syntax
vccv cc { control-word | router-alert }
undo vccv cc
Default
No VCCV CC type is specified.
Views
PW class view
Predefined user roles
network-admin
Parameters
control-word: Specifies the VCCV CC type as control word.
router-alert: Specifies the VCCV CC type as MPLS router alert label.
Usage guidelines
The packets used to verify PW connectivity are collectively referred to as VCCV packets. A PE transfers VCCV packets through a CC.
CCs include the following types:
· Control word—Identifies VCCV packets through the control word (PW-ACH, PW Associated Channel Header). You can use this CC type only when the PW supports control word. For more information about control word, see MPLS Configuration Guide.
· MPLS router alert label—Identifies a VCCV packet by adding an MPLS router alert label before the PW label.
After you execute this command and specify the PW class for a PW, the specified CC is used if both PEs have specified the same VCCV CC type. Otherwise, the PEs do not use any CC and they cannot establish a BFD session for the PW.
Examples
# Specify the VCCV CC type as control word.
<Sysname> system-view
[Sysname] pw-class test
[Sysname-pw-test] vccv cc control-word
Related commands
display l2vpn pw bfd
mpls bfd enable
vccv bfd
MPLS protection switching commands
The following matrix shows the feature and hardware compatibility:
Hardware |
MPLS protection switching compatibility |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
MSR2600-6-X1/2600-10-X1 |
Yes |
MSR 2630 |
Yes |
MSR3600-28/3600-51 |
Yes |
MSR3600-28-SI/3600-51-SI |
No |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
MSR5620/5660/5680 |
Yes |
Hardware |
MPLS protection switching compatibility |
MSR810-LM-GL |
No |
MSR810-W-LM-GL |
No |
MSR830-6EI-GL |
No |
MSR830-10EI-GL |
No |
MSR830-6HI-GL |
No |
MSR830-10HI-GL |
No |
MSR2600-6-X1-GL |
Yes |
MSR3600-28-SI-GL |
No |
Commands and descriptions for centralized devices apply to the following routers:
· MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS.
· MSR2600-6-X1/2600-10-X1.
· MSR 2630.
· MSR3600-28/3600-51.
· MSR3600-28-SI/3600-51-SI.
· MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC.
· MSR 3610/3620/3620-DP/3640/3660.
Commands and descriptions for distributed devices apply to the following routers:
· MSR5620.
· MSR 5660.
· MSR 5680.
bandwidth
Use bandwidth to set the expected bandwidth for an interface.
Use undo bandwidth to restore the default.
Syntax
bandwidth bandwidth-value
undo bandwidth
Default
The expected bandwidth is 64 kbps.
Views
Tunnel bundle interface view
Predefined user roles
network-admin
Parameters
bandwidth-value: Specifies the expected bandwidth in the range of 1 to 400000000 kbps.
Usage guidelines
The expected bandwidth for an interface affects the CBQ bandwidth, and the link costs in OSPF, OSPFv3, and IS-IS. For more information about the CBQ bandwidth, see ACL and QoS Configuration Guide. For more information about the link costs, see Layer 3—IP Routing Configuration Guide.
Examples
# Set the expected bandwidth to 1000 kbps for Tunnel-Bundle 2.
<Sysname> system-view
[Sysname] interface tunnel-bundle 2
[Sysname-tunnel-bundle2] bandwidth 1000
Related commands
display interface tunnel-bundle
default
Use default to restore the default settings for a tunnel bundle interface.
Syntax
default
Views
Tunnel bundle interface view
Predefined user roles
network-admin
Usage guidelines
CAUTION: The default command might interrupt ongoing network services. Make sure you are fully aware of the impact of this command when you use it on a live network. |
This command might fail to restore the default settings for some commands for reasons such as command dependencies or system restrictions. Use the display this command in interface view to identify these commands. Use their undo forms or follow the command reference to restore their default settings. If your restoration attempt still fails, follow the error message instructions to resolve the problem.
Examples
# Restore the default settings of interface Tunnel-Bundle 2.
<Sysname> system-view
[Sysname] interface tunnel-bundle 2
[Sysname-tunnel-bundle2] default
description
Use description to configure a description for a tunnel bundle interface.
Use undo description to restore the default.
Syntax
description text
undo description
Default
The description for a tunnel bundle interface is Tunnel-Bundlenumber Interface, for example, Tunnel-Bundle1 Interface.
Views
Tunnel bundle interface view
Predefined user roles
network-admin
Parameters
text: Specifies a description, a case-sensitive string of 1 to 255 characters.
Usage guidelines
Configure descriptions for interfaces for identification and management purposes.
You can use the display interface command to display the configured interface descriptions.
Examples
# Configure the description for interface Tunnel-Bundle 2 as tunnel-bundle2.
<Sysname> system-view
[Sysname] interface tunnel-bundle 2
[Sysname-tunnel-bundle2] description tunnel-bundle2
Related commands
display interface tunnel-bundle
destination
Use destination to specify the destination address for a tunnel bundle interface.
Use undo destination to restore the default.
Syntax
destination ip-address
undo destination
Default
No tunnel destination address is configured.
Views
Tunnel bundle interface view
Predefined user roles
network-admin
Parameters
ip-address: Specifies the tunnel destination IPv4 address.
Usage guidelines
For MPLS L3VPN, MPLS L2VPN, and VPLS, the tunnel destination address in this command determines whether the tunnel bundle can be the public tunnel to carry VPN services. When the remote PE address is the same as the tunnel destination address for a tunnel bundle interface, the tunnel bundle can be the public tunnel.
As a best practice, configure the same tunnel destination address for a tunnel bundle interface and its member interfaces. If they have different tunnel destination addresses, make sure the member interfaces have a route to the tunnel bundle interface for successful traffic forwarding.
Examples
# Specify 2.2.2.2 as the destination address for Tunnel-Bundle 2.
<Sysname> system-view
[Sysname] interface tunnel-bundle 2
[Sysname-tunnel-bundle2] destination 2.2.2.2
Related commands
display interface tunnel-bundle
display tunnel-bundle
display interface tunnel-bundle
Use display interface tunnel-bundle to display tunnel bundle interface information.
Syntax
display interface [ tunnel-bundle [ number ] ] [ brief [ description | down ] ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
number: Specifies the number of an existing tunnel bundle interface.
brief: Displays brief interface information. If you do not specify this keyword, the command displays detailed interface information.
description: Displays complete interface descriptions. If you do not specify this keyword, the command displays only the first 27 characters of interface descriptions.
down: Displays information about interfaces in the physical state of DOWN and the causes. If you do not specify this keyword, the command displays information about interfaces in all states.
Usage guidelines
If you do not specify the tunnel-bundle keyword, this command displays information about all interfaces on the device.
If you specify the tunnel-bundle keyword without the number argument, this command displays information about all existing tunnel bundle interfaces.
Examples
# Display detailed information about interface Tunnel-Bundle 100.
<Sysname> display interface tunnel-bundle 100
Tunnel-Bundle100
Current state: UP
Line protocol state: UP
Description: Tunnel-Bundle100 Interface
Bandwidth: 64kbps
Maximum Transmit Unit: 1500
Internet protocol processing: disabled
Tunnel-Bundle destination unknown
Tunnel type: CRLSP
Last clearing of counters: Never
Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec
Last 300 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec
Input: 0 packets, 0 bytes, 0 drops
Output: 0 packets, 0 bytes, 0 drops
Table 111 Command output
Field |
Description |
Tunnel-Bundle100 |
Information about the tunnel bundle interface Tunnel-Bundle 100. |
Current state |
State of the tunnel bundle interface: · Administratively DOWN—The interface has been shut down by using the shutdown command. · DOWN—The interface is administratively up, but its physical state is down. · UP—Both the administrative and physical states of the interface are up. |
Line protocol state |
Link layer protocol state of the tunnel bundle interface. The value is determined by parameter negotiation on the link layer. · UP—The link protocol state of the interface is up. · UP (spoofing)—The link protocol state of the interface is up, but the link is temporarily set up on demand or does not exist. This attribute is available for null interfaces and loopback interfaces. · DOWN—The link protocol state of the interface is down. |
Description |
Description for the tunnel bundle interface. |
Bandwidth |
Expected bandwidth for the tunnel bundle interface. |
Maximum Transmit Unit |
MTU of the tunnel bundle interface. |
Internet protocol processing |
IP address of the tunnel bundle interface. If no IP address is assigned to the interface, this field displays Internet protocol processing: disabled. The tunnel bundle interface cannot process packets. Primary indicates that it is the primary IP address of the interface. |
Tunnel-Bundle destination |
Destination address of the tunnel bundle interface. unknown indicates that no destination address is assigned to the interface. |
Tunnel type |
Tunnel mode for the tunnel bundle interface. The value can only be CRLSP. |
Last clearing of counters |
Last time when counters were cleared. |
Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec |
Average input rate in the last 300 seconds. |
Last 300 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec |
Average output rate in the last 300 seconds. |
# Display brief information about interface Tunnel-Bundle 100.
<Sysname> display interface tunnel-bundle 100 brief
Brief information on interface(s) under route mode:
Link: ADM - administratively down; Stby - standby
Protocol: (s) - spoofing
Interface Link Protocol Main IP Description
Tunnel-B100 UP UP -- aaaaaaaaaaaaaaaaaaaaaaaaaaa
# Display brief information about interface Tunnel-Bundle 100, including the complete interface description.
<Sysname> display interface tunnel-bundle 100 brief description
Brief information on interface(s) under route mode:
Link: ADM - administratively down; Stby - standby
Protocol: (s) - spoofing
Interface Link Protocol Main IP Description
Tunnel-B100 UP UP -- aaaaaaaaaaaaaaaaaaaaaaaaaaaaa
Aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
# Display information about interfaces in DOWN state and the causes.
<Sysname> display interface tunnel-bundle brief down
Brief information on interface(s) under route mode:
Link: ADM - administratively down; Stby - standby
Interface Link Cause
Tunnel-B100 DOWN Not connected
Tunnel-B101 DOWN Not connected
Table 112 Command output
Field |
Description |
Brief information on interface(s) under route mode |
Brief information about Layer 3 interfaces. |
Link: ADM - administratively down; Stby - standby |
Link state: · ADM—The interface has been administratively shut down. To bring it up, use the undo shutdown command. · Stby—The interface is a backup interface. To show the primary interface, use the display interface-backup state command. |
Protocol: (s) - spoofing |
(s) indicates that the link layer protocol state is UP, but the link is not available because it is an on-demand link or not present at all. |
Interface |
Abbreviated interface name. |
Link |
Link state of the interface: · UP—The link is physically up. · DOWN—The link is physically down. · ADM—The link has been administratively shut down. To bring it up, use the undo shutdown command. |
Protocol |
Link layer protocol state whose value is determined by parameter negotiation on the link layer: · UP—The protocol state of the interface is up. · UP (spoofing)—The link protocol state of the interface is up, but the link is temporarily set up on demand or does not exist. This attribute is available for null interfaces and loopback interfaces. · DOWN—The protocol state of the interface is down. |
Main IP |
Primary IP address of the interface. |
Description |
Description for the interface. |
Cause |
Causes for the physical state of DOWN: · Administratively—The link has been shut down by using the shutdown command. To bring it up, use the undo shutdown command. · Not connected—The tunnel bundle is not established. |
display mpls forwarding protection
Use display mpls forwarding protection to display forwarding state information for MPLS protection groups.
Syntax
Centralized devices in standalone mode:
display mpls forwarding protection [ tunnel-bundle number ]
Distributed devices in standalone mode/centralized devices in IRF mode:
display mpls forwarding protection [ tunnel-bundle number ] [ slot slot-number ]
Distributed devices in IRF mode:
display mpls forwarding protection [ tunnel-bundle number ] [ chassis chassis-number slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
tunnel-bundle number: Specifies an existing tunnel bundle interface by its number. If you do not specify this option, the command displays forwarding state information for all MPLS protection groups.
slot slot-number: Specifies a card by its slot number. If you do not specify a card, this command displays information on the active MPU. (Distributed devices in standalone mode.)
slot slot-number: Specifies an IRF member device by its member ID. If you do not specify a member device, this command displays information for the master device. (Centralized devices in IRF mode.)
chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The chassis-number argument represents the member ID of the IRF member device. The slot-number argument represents the slot number of the card. If you do not specify a card, this command displays information for the global active MPU. (Distributed devices in IRF mode.)
Examples
# Display forwarding state information for all MPLS protection groups.
<Sysname> display mpls forwarding protection
Total number of protection groups: 1
State:
N: Normal UA: Unavailable PA: Protecting administrative
PF: Protecting failure WTR: Wait-to-Restore DNR: Do-not-Revert
M: Manual switch F: Forced switch P: Protection tunnel failure
W: Working tunnel failure HO: Hold off LO: Lockout of protection
L: Local R: Remote
Group ID Working tunnel Protection tunnel State
2 100 200 UA:LO:R
Table 113 Command output
Field |
Description |
Group ID |
ID of the protection group. |
Working tunnel |
ID of the working tunnel. |
Protection tunnel |
ID of the protection tunnel. |
State |
This field contains the current protection group state, the cause, and the cause source. Current protection group state: · N—Normal state. The working and protection tunnels operate correctly, and traffic travels along the working tunnel. · UA—Unavailable state. The protection tunnel is unavailable. · PA—Protecting administrative state. The externally configured switching action enables traffic to travel along the protection tunnel. · PF—Protecting failure state. The working tunnel fails, and traffic is switched to the protection tunnel. · WTR—Wait-to-Restore state. The device is waiting for the wait time to switch traffic from the protection tunnel to the working tunnel after the working tunnel recovers. · DNR—Do-not-Revert state. Traffic is not switched from the protection tunnel to the working tunnel after the working tunnel recovers. Cause for the current protection group state: · LO—Lockout of protection. · P—A failure on the protection tunnel is detected by a signaling protocol. · W—A failure on the working tunnel is detected by a signaling protocol. · F—Forced switch. · M—Manual switch. · HO—Hold off. The device is waiting for the holdoff time to switch traffic from the working tunnel to the protection tunnel after the working tunnel fails. Cause source: · L—Local. · R—Remote. For example, UA:LO:L indicates that the protection group becomes unavailable because lockout of protection is performed on the local device. |
display mpls protection
Use display mpls protection to display current state and related information for MPLS protection groups.
Syntax
display mpls protection [ tunnel-bundle number ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
tunnel-bundle number: Specifies an existing tunnel bundle interface by its number. If you do not specify this option, the command displays current state and related information for all MPLS protection groups.
verbose: Displays detailed information about MPLS protection groups. If you do not specify this keyword, the command displays brief information about MPLS protection groups.
Examples
# Display current state and related information for all MPLS protection groups.
<Sysname> display mpls protection
Total number of protection groups: 1
State:
N: Normal UA: Unavailable PA: Protecting administrative
PF: Protecting failure WTR: Wait-to-Restore DNR: Do-not-Revert
M: Manual switch F: Forced switch P: Protection tunnel failure
W: Working tunnel failure HO: Hold off LO: Lockout of protection
L: Local R: Remote
Group ID Type Working tunnel Protection tunnel State
2 Tunnel bundle 100 200 UA:LO:R
Table 114 Command output
Field |
Description |
Group ID |
ID of the protection group. |
Type |
Tunnel type. The value can only be Tunnel bundle. |
Working tunnel |
ID of the working tunnel. |
Protection tunnel |
ID of the protection tunnel. |
State |
This field contains the current protection group state, the cause, and the cause source. Current protection group state: · N—Normal state. The working and protection tunnels operate correctly, and traffic travels along the working tunnel. · UA—Unavailable state. The protection tunnel is unavailable. · PA—Protecting administrative state. The externally configured switching action enables traffic to travel along the protection tunnel. · PF—Protecting failure state. The working tunnel fails, and traffic is switched to the protection tunnel. · WTR—Wait-to-Restore state. The device is waiting for the wait time to switch traffic from the protection tunnel to the working tunnel after the working tunnel recovers. · DNR—Do-not-Revert state. Traffic is not switched from the protection tunnel to the working tunnel after the working tunnel recovers. Cause for the current protection group state: · LO—Lockout of protection. · P—A failure on the protection tunnel is detected by a signaling protocol. · W—A failure on the working tunnel is detected by a signaling protocol. · F—Forced switch. · M—Manual switch. · HO—Hold off. The device is waiting for the holdoff time to switch traffic from the working tunnel to the protection tunnel after the working tunnel fails. Cause source: · L—Local. · R—Remote. For example, UA:LO:L indicates that the protection group becomes unavailable because lockout of protection is performed on the local device. |
# Display brief information about MPLS protection groups.
<Sysname> display mpls protection verbose
Protection group ID : 2
Protection group type : Tunnel bundle
Tunnel bundle name : Tunnel-Bundle200
Working tunnel : Tunnel100
Protection tunnel : Tunnel200
Protection mode : 1:1
Switching mode : Bidirectional
Tunnel in use : Working-path
Working tunnel state : No defect
Protection tunnel state : Signal fail
Holdoff time : 5s (Remaining: 3s)
Wait to restore time : 30s (Remaining: 10s)
Message interval : 5s
Revertive mode : Revertive
State : Unavailable (UA),
Protection tunnel failure (P),
Local (L)
Table 115 Command output
Field |
Description |
Protection group ID |
ID of the protection group. |
Protection group type |
Tunnel type. The value can only be Tunnel bundle. |
Tunnel bundle name |
Name of the tunnel bundle interface name for the protection group. |
Working tunnel |
Tunnel interface name for the working tunnel. |
Protection tunnel |
Tunnel interface name for the protection tunnel. |
Protection mode |
Protection mode: 1+1 or 1:1. |
Switching mode |
Switching mode: Bidirectional or Unidirectional. |
Tunnel in use |
Tunnel in use: Working-path or Protection-path. |
Working tunnel state |
Working tunnel state: · No defect. · Signal fail—A failure is detected by a signaling protocol. · OAM defect—A failure is detected by the OAM mechanism. · Remote defect—A failure is received from the remote device. |
Protection tunnel state |
Protection tunnel state: · No defect. · Signal fail—A failure is detected by a signaling protocol. · OAM defect—A failure is detected by the OAM mechanism. · Remote defect—A failure is received from the remote device. |
Holdoff time |
Holdoff time and the remaining holdoff time in seconds. |
Wait to restore time |
Wait time for the switchover from the protection tunnel to the working tunnel, and the remaining wait time, in seconds. |
Message interval |
PSC message sending interval in seconds. |
Revertive mode |
Revertive mode: Revertive or Non-revertive. |
State |
This field contains the current protection group state, the cause, and the cause source. Current protection group state: · Normal (N)—The working and protection tunnels operate correctly, and traffic travels along the working tunnel. · Unavailable (UA)—The protection tunnel is unavailable. · Protecting administrative (PA)—The externally configured switching action enables traffic to travel along the protection tunnel. · Protecting failure (PF)—The working tunnel fails, and traffic is switched to the protection tunnel. · Wait-to-Restore (WTR)—The device is waiting for the wait time to switch traffic from the protection tunnel to the working tunnel after the working tunnel recovers. · Do-not-Revert (DNR)—Traffic is not switched from the protection tunnel to the working tunnel after the working tunnel recovers. Cause for the current protection group state: · Lockout of protection (LO). · Protection tunnel failure (P)—A failure on the protection tunnel is detected by a signaling protocol. · Working tunnel failure (W)—A failure on the working tunnel is detected by a signaling protocol. · Forced switch (F). · Manual switch (M). · Hold off (HO)—The device is waiting for the holdoff time to switch traffic from the working tunnel to the protection tunnel after the working tunnel fails. Cause source, Local (L) or Remote (R). For example, UA:LO:L indicates that the protection group becomes unavailable because lockout of protection is performed on the local device. |
display tunnel-bundle
Use display tunnel-bundle to display information about tunnel bundle interfaces and their member interfaces.
Syntax
display tunnel-bundle [ number ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
number: Specifies an existing tunnel bundle interface and its member interfaces by the tunnel bundle interface number. If you do not specify this argument, the command displays information about all tunnel bundle interfaces and their member interfaces.
Examples
# Display information about all tunnel bundle interfaces and their member interfaces.
<Sysname> display tunnel-bundle
Total number of tunnel bundles: 1, 1 up, 0 down
Tunnel bundle name: Tunnel-Bundle 2
Bundle state : Up
Bundle attributes :
Working mode : 1:1
Tunnel type : CR-LSP
Tunnel destination : 3.3.3.3
Bundle members:
Member State Role
Tunnel4 Up Working
Tunnel5 Up Protection
Table 116 Command output
Field |
Description |
Total number of tunnel bundles |
Total number of tunnel bundle interfaces in up and down states. |
Working mode |
Tunnel bundle interface operating mode: · Load Balancing. · 1+1—1+1 protection switching mode. · 1:1—1:1 protection switching mode. For more information about 1+1 and 1:1 protection switching modes, see MPLS Configuration Guide. |
Tunnel type |
The tunnel type can only be CRLSP. |
Tunnel destination |
Tunnel destination address of the tunnel bundle interface. |
Role |
Role of a member interface: · Working—The tunnel for the member interface is the working tunnel. · Protection—The tunnel for the member interface is the protection tunnel. |
interface tunnel-bundle protection
Use interface tunnel-bundle protection to create a tunnel bundle interface in protection switching mode and enter its view, or enter the view of an existing tunnel bundle interface.
Use undo interface tunnel-bundle to delete a tunnel bundle interface.
Syntax
interface tunnel-bundle number [ protection { oneplusone | onetoone } ]
undo interface tunnel-bundle number
Default
No tunnel bundle interfaces exist.
Views
System view
Predefined user roles
network-admin
Parameters
number: Specifies the tunnel bundle interface number.
The following matrix shows the value ranges for the number argument:
Hardware |
Argument compatibility |
Value range |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
N/A |
MSR2600-6-X1/2600-10-X1 |
Yes |
0 to 10239 |
MSR 2630 |
Yes |
0 to 10239 |
MSR3600-28/3600-51 |
Yes |
0 to 10239 |
MSR3600-28-SI/3600-51-SI |
No |
N/A |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
0 to 10239 |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
0 to 10239 |
MSR5620/5660/5680 |
Yes |
0 to 10239 |
Hardware |
Argument compatibility |
Value range |
MSR810-LM-GL |
No |
N/A |
MSR810-W-LM-GL |
No |
N/A |
MSR830-6EI-GL |
No |
N/A |
MSR830-10EI-GL |
No |
N/A |
MSR830-6HI-GL |
No |
N/A |
MSR830-10HI-GL |
No |
N/A |
MSR2600-6-X1-GL |
Yes |
0 to 1023 |
MSR3600-28-SI-GL |
No |
N/A |
protection { oneplusone | onetoone }: Specifies a protection switching mode. To create a tunnel bundle interface, you must specify the protection switching mode. To enter the view of an existing tunnel bundle interface, you do not need to specify the protection switching mode.
· oneplusone: Specifies the 1+1 protection switching mode.
· onetoone: Specifies the 1:1 protection switching mode.
Usage guidelines
After you create a tunnel bundle interface in protection switching mode, you must specify a working tunnel and a protection tunnel for the tunnel bundle interface. The two tunnels comprise an MPLS TE tunnel bundle, which is an MPLS TE protection group. In the group, the device determines the tunnel for traffic forwarding according to the external switching command and the signal fail indication. For information about specifying the working tunnel and protection tunnel, see the member interface command.
The device supports the following protection switching modes:
· 1:1 protection switching—Typically, traffic travels along the working tunnel. When either of the following situations occurs, the ingress node selects the traffic forwarding tunnel (working or protection tunnel) according to the protection state:
¡ The ingress or the egress node detects a failure on the working tunnel.
¡ An external switching command is executed on the node.
· 1+1 protection switching—Typically, traffic travels along both the working and protection tunnels, and the egress node receives traffic from the working tunnel. When either of the following situations occurs, the egress node determines from which tunnel it receives traffic according to the protection state:
¡ The ingress or egress node detects a failure on the working tunnel.
¡ An external switching command is executed on the node.
|
NOTE: · The tunnel ingress or egress node can detect tunnel failures through BFD for MPLS or other detection mechanisms. For more information about BFD for MPLS, see MPLS Configuration Guide. · The protection state indicates the comprehensive status of a PS protection group. For more information, see the display mpls forwarding protection command. |
To modify the protection switching mode for a tunnel bundle interface, execute the undo interface tunnel-bundle command to delete the interface and then execute the interface tunnel-bundle protection command.
Examples
# Create tunnel bundle interface Tunnel-Bundle 2 in 1:1 protection switching mode, and enter the tunnel bundle interface view.
<Sysname> system-view
[Sysname] interface tunnel-bundle 2 protection onetoone
[Sysname-tunnel-bundle2]
Related commands
destination
display tunnel bundle
member interface
mpls protection
member interface
Use member interface to specify a member interface for a tunnel bundle interface.
Use undo member interface to delete a member interface from a tunnel bundle interface.
Syntax
member interface tunnel tunnel-number [ protection ]
undo member interface tunnel tunnel-number
Default
No member interfaces exist for a tunnel bundle interface.
Views
Tunnel bundle interface view
Predefined user roles
network-admin
Parameters
tunnel tunnel-number: Specifies a member interface by the interface number. The tunnel interface must have been created.
protection: Specifies a member interface as the backup member interface. If you do not specify this keyword, the specified member interface is the primary member interface. The tunnel for the primary member interface is the working tunnel, and the tunnel for the backup member interface is the protection tunnel.
Usage guidelines
You can specify only one primary member interface and one backup member interface for a tunnel bundle interface in protection switching mode. The device selects a member interface for traffic forwarding according to the external switching command and the signal fail indication.
Examples
# Specify interface Tunnel 1 as the primary member interface, and Tunnel 2 as the backup member interface for Tunnel-Bundle 2.
<Sysname> system-view
[Sysname] interface tunnel-bundle 2 protection onetoone
[Sysname-tunnel-bundle2] member interface tunnel 1
[Sysname-tunnel-bundle2] member interface tunnel 2 protection
Related commands
display mpls protection
display tunnel-bundle
mpls protection
Use mpls protection to enable MPLS protection switching and enter MPLS protection switching view.
Use undo mpls protection to disable MPLS protection switching.
Syntax
mpls protection
undo mpls protection
Default
MPLS protection switching is disabled.
Views
System view
Predefined user roles
network-admin
Usage guidelines
Enable MPLS protection switching by using the mpls protection command before you execute other MPLS protection switching commands.
When MPLS protection switching is disabled, the display mpls protection command does not display the protection group information for a tunnel bundle interface. However, the tunnel bundle interface can forward traffic according to the specified protection switching mode (1:1 or 1+1).
After MPLS protection switching is enabled, you can configure the tunnel bundle interface for PS as needed, for example, configuring an external switching command and configuring PS state coordination.
Examples
# Enable MPLS protection switching and enter MPLS protection switching view.
<Sysname> system-view
[Sysname] mpls protection
[Sysname-mpls-protection]
protection holdoff
Use protection holdoff to set the holdoff time when a working tunnel failure is detected.
Use undo protection holdoff to restore the default.
Syntax
protection holdoff holdoff-time
undo protection holdoff
Default
The holdoff time is 0 seconds. When the working tunnel fails, traffic is immediately switched from the working tunnel to the protection tunnel.
Views
Tunnel bundle interface view
Predefined user roles
network-admin
Parameters
holdoff-time: Specifies the holdoff time in the range of 0 to 10 seconds.
Usage guidelines
When the working tunnel fails, the tunnel bundle interface waits for the holdoff time to switch traffic from the working tunnel to the protection tunnel.
To avoid repeated switches on unstable networks, traffic is not switched from the working tunnel to the protection tunnel if the working tunnel recovers within the holdoff time.
You can execute this command only after MPLS protection switching is enabled by using the mpls protection command.
You can execute this command only for tunnel bundle interfaces in protection switching mode.
Examples
# Set the holdoff time to 3 seconds for Tunnel-Bundle 2.
<Sysname> system-view
[Sysname] interface tunnel-bundle 2 protection onetoone
[Sysname-tunnel-bundle2] protection holdoff 3
Related commands
mpls protection
protection revertive
Use protection revertive to specify the switchover mode and set the switchover wait time.
Use undo protection revertive to restore the default.
Syntax
protection revertive { never | wtr [ wtr-time ] }
undo protection revertive
Default
When the working tunnel recovers, traffic is immediately switched from the protection tunnel to the working tunnel.
Views
Tunnel bundle interface view
Predefined user roles
network-admin
Parameters
never: Specifies the switchover mode as non-revertive. After the working tunnel recovers, the protection group continues to use the protection tunnel as long as the protection group is operating correctly.
wtr: Specifies the switchover mode as revertive. In revertive mode, traffic is switched from the protection tunnel to the working tunnel when the working tunnel recovers.
wtr-time: Specifies the wait time in the range of 0 to 3600 seconds. The default value is 600 seconds. When the working tunnel recovers, the wait timer starts. If the working tunnel is still operating correctly when the wait timer expires, traffic is switched from the protection tunnel to the working tunnel.
Usage guidelines
Typically, traffic preferentially uses the working tunnel when both the working and protection tunnels are operating correctly. When the working tunnel recovers, traffic should be immediately switched from the protection tunnel to the working tunnel. However, on an unstable network, the immediate switchover might affect traffic forwarding and burden the device. To resolve the problem, use this command to specify the switchover mode and the wait time for the switchover.
Both ends of a tunnel must have the same switchover mode (revertive or non-revertive) and wait time.
You can execute this command only after MPLS protection switching is enabled by using the mpls protection command.
You can execute this command only for tunnel bundle interfaces in protection switching mode.
Examples
# Specify the revertive mode for Tunnel-Bundle 2, and set the wait time to 10 seconds.
<Sysname> system-view
[Sysname] interface tunnel-bundle 2 protection onetoone
[Sysname-tunnel-bundle2] protection revertive wtr 10
Related commands
mpls protection
protection switching-mode bidirectional
protection switch
Use protection switch to execute an external command for protection switching on a tunnel bundle interface.
Syntax
protection switch { clear | force | lock | manual }
Default
No external command is configured.
Views
Tunnel bundle interface view
Predefined user roles
network-admin
Parameters
clear: Specifies the Clear command. This command clears the active external command.
force: Specifies the Forced Switch command. This command forces traffic to travel on the protection tunnel.
lock: Specifies the Lockout of Protection command. This command locks protection switching. Traffic is always forwarded by the working tunnel.
manual: Specifies the Manual Switch command. This command switches traffic from the working tunnel to the protection tunnel. If the protection tunnel is not available, traffic switching is not performed.
Usage guidelines
The following shows the protection switching triggers in the descending order of priority:
· Clear.
· Lockout of protection.
· Forced switch.
· Signal fail on the protection tunnel—The signaling protocol detected a failure on the protection tunnel.
· Signal fail on the working tunnel—The signaling protocol detected a failure on the working tunnel.
· Clear signal fail—The signaling protocol detected that the working or protection tunnel has recovered.
· Manual switch.
If multiple triggers exist, the one with the highest priority determines the tunnel for traffic forwarding.
Before configuring this command, you must enable MPLS protection switching by using the mpls protection command.
You can execute this command only for tunnel bundle interfaces in protection switching mode.
If you execute this command multiple times to specify multiple external commands, the external command with higher priority overwrites the one with lower priority. To change an external command to one with lower priority, first execute the clear command to clear the active external command.
Examples
# On Tunnel-Bundle 2, force traffic to travel on the protection tunnel.
<Sysname> system-view
[Sysname] interface tunnel-bundle 2 protection oneplusone
[Sysname-tunnel-bundle2] protection switch force
Related commands
mpls protection
protection switching-mode bidirectional
Use protection switching-mode bidirectional to configure a protection group to use bidirectional switching.
Use undo protection switching-mode bidirectional to restore the default.
Syntax
protection switching-mode bidirectional
undo protection switching-mode bidirectional
Default
A protection group uses unidirectional switching.
Views
Tunnel bundle interface view
Predefined user roles
network-admin
Usage guidelines
A bidirectional MPLS TE tunnel switches the traffic forwarding path in one of the following modes:
· Unidirectional switching—When an external command or a signal fail indication triggers protection switching for traffic in one direction, PS switches the traffic forwarding tunnel only in this direction. The traffic forwarding tunnel in the other direction does not change.
· Bidirectional switching—When an external command or a signal fail indication triggers protection switching for traffic in one direction, PS switches the traffic forwarding tunnels in both directions.
To implement bidirectional switching, the ingress node and the egress node periodically send Protection State Coordination (PSC) packets to each other to coordinate the protection state. When one tunnel end performs a PS, the other end also performs a PS.
1:1 protection switching supports both unidirectional and bidirectional switching. 1+1 protection switching supports only bidirectional switching.
Bidirectional path switching requires that the working and protection tunnels are both bidirectional tunnels. For bidirectional path switching to function correctly, you must configure bidirectional path switching on both ends of the working tunnel.
Before configuring this command, you must enable MPLS protection switching by using the mpls protection command.
You can execute this command only for tunnel bundle interfaces in protection switching mode.
Examples
# Configure the protection group for interface Tunnel-Bundle 2 to use the bidirectional switching mode.
<Sysname> system-view
[Sysname] interface tunnel-bundle 2 protection onetoone
[Sysname-tunnel-bundle2] protection switching-mode bidirectional
Related commands
mpls protection
protection holdoff
psc message-interval
psc message-interval
Use psc message-interval to set the interval for sending PSC messages.
Use undo psc message-interval to restore the default.
Syntax
psc message-interval interval
undo psc message-interval
Default
The PSC message sending interval is 5 seconds.
Views
MPLS protection switching view
Predefined user roles
network-admin
Parameters
interval: Specifies the PSC message sending interval in the range of 1 to 65535 seconds.
Usage guidelines
The two ends of a tunnel periodically send PSC messages to coordinate the protection state for bidirectional path switching.
You can prevent PSC messages from occupying too many system and bandwidth resources by modifying the sending interval as needed.
You can execute this command only after MPLS protection switching is enabled by using the mpls protection command.
Examples
# Set the PSC message sending interval to 10 seconds.
<Sysname> system-view
[Sysname] mpls protection
[sys-mpls-protection] psc message-interval 10
Related commands
mpls protection
protection switching-mode bidirectional
reset counters interface
Use reset counters interface to clear interface statistics.
Syntax
reset counters interface [ tunnel-bundle [ number ] ]
Views
User view
Predefined user roles
network-admin
Parameters
tunnel-bundle: Specifies a tunnel bundle interface.
number: Specifies the tunnel bundle interface number. The tunnel bundle interface must have been created.
Usage guidelines
Use this command to clear old statistics so you can observe new traffic statistics on a tunnel bundle interface.
· If you do not specify the tunnel-bundle keyword, this command clears statistics for all interfaces.
· If you specify only the tunnel-bundle keyword, this command clears statistics for all tunnel bundle interfaces.
· If you specify both the tunnel-bundle keyword and the number argument, this command clears statistics for the specified tunnel bundle interface.
Examples
# Clear statistics for interface Tunnel-Bundle 2.
<Sysname> reset counters tunnel-bundle 2
Related commands
display interface tunnel-bundle
interface tunnel-bundle
service
Use service to specify a primary traffic processing slot for an interface.
Use undo service to restore the default.
Syntax
Distributed devices in standalone mode/centralized devices in IRF mode:
service slot slot-number
undo service slot
Distributed devices in IRF mode:
service chassis chassis-number slot slot-number
undo service chassis
Default
No primary traffic processing slot is specified for an interface.
Views
Tunnel bundle interface view
Predefined user roles
network-admin
Parameters
slot slot-number: Specifies a card by its slot number. (Distributed devices in standalone mode.)
slot slot-number: Specifies an IRF member device by its member ID. (Centralized devices in IRF mode.)
chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The chassis-number argument represents the member ID of the IRF member device. The slot-number argument represents the slot number of the card. (Distributed devices in IRF mode.)
Usage guidelines
The following matrix shows the command and hardware compatibility:
Hardware |
Command compatibility |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
MSR2600-6-X1/2600-10-X1 |
No |
MSR 2630 |
· In standalone mode: No · In IRF mode: Yes |
MSR3600-28/3600-51 |
· In standalone mode: No · In IRF mode: Yes |
MSR3600-28-SI/3600-51-SI |
No |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
· In standalone mode: No · In IRF mode: Yes |
MSR 3610/3620/3620-DP/3640/3660 |
· In standalone mode: No · In IRF mode: Yes |
MSR5620/5660/5680 |
Yes |
Hardware |
Command compatibility |
MSR810-LM-GL |
No |
MSR810-W-LM-GL |
No |
MSR830-6EI-GL |
No |
MSR830-10EI-GL |
No |
MSR830-6HI-GL |
No |
MSR830-10HI-GL |
No |
MSR2600-6-X1-GL |
No |
MSR3600-28-SI-GL |
No |
Specify a traffic processing slot if MPLS protection switching requires that all traffic on a tunnel bundle interface be processed on the same slot.
For high availability, you can specify one primary and one backup traffic processing slot by using the service command and the service standby command, respectively.
To avoid processing slot switchover, specify the primary slot before specifying the backup slot. If you specify the backup slot before specifying the primary slot, traffic is switched over to the primary slot immediately after you specify the primary slot.
If you specify both primary and backup slots for an interface, traffic on that interface is processed as follows:
· The backup slot takes over when the primary slot becomes unavailable. The backup slot continues to process traffic for the interface after the primary slot becomes available again. The switchover will not occur until the backup slot becomes unavailable.
· When no specified traffic processing slots are available, the traffic is processed on the slot at which it arrives. Then, the processing slot that first becomes available again takes over.
If you do not specify a primary or a backup traffic processing slot for an interface, traffic on that interface is processed on the slot at which the traffic arrives.
Examples
# (Distributed devices in standalone mode.) Specify a primary traffic processing slot for Tunnel-Bundle 2.
<Sysname> system-view
[Sysname] interface tunnel-bundle 2
[Sysname-tunnel-bundle2] service slot 2
# (Centralized devices in IRF mode.) Specify a primary traffic processing slot for Tunnel-Bundle 2.
<Sysname> system-view
[Sysname] interface tunnel-bundle 2
[Sysname-tunnel-bundle2] service slot 2
# (Distributed devices in IRF mode.) Specify a primary traffic processing slot for Tunnel-Bundle 2.
<Sysname> system-view
[Sysname] interface tunnel-bundle 2
[Sysname-tunnel-bundle2] service chassis 2 slot 2
Related commands
service standby
service standby
Use service standby to specify a backup traffic processing slot for an interface.
Use undo service standby to restore the default.
Syntax
Distributed devices in standalone mode/centralized devices in IRF mode:
service standby slot slot-number
undo service standby slot
Distributed devices in IRF mode:
service standby chassis chassis-number slot slot-number
undo service standby chassis
Default
No backup traffic processing slot is specified for an interface.
Views
Tunnel bundle interface view
Predefined user roles
network-admin
Parameters
slot slot-number: Specifies a card by its slot number. (Distributed devices in standalone mode.)
slot slot-number: Specifies an IRF member device by its member ID. (Centralized devices in IRF mode.)
chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The chassis-number argument represents the member ID of the IRF member device. The slot-number argument represents the slot number of the card. (Distributed devices in IRF mode.)
Usage guidelines
The following matrix shows the command and hardware compatibility:
Hardware |
Command compatibility |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
MSR2600-6-X1/2600-10-X1 |
No |
MSR 2630 |
· In standalone mode: No · In IRF mode: Yes |
MSR3600-28/3600-51 |
· In standalone mode: No · In IRF mode: Yes |
MSR3600-28-SI/3600-51-SI |
No |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
· In standalone mode: No · In IRF mode: Yes |
MSR 3610/3620/3620-DP/3640/3660 |
· In standalone mode: No · In IRF mode: Yes |
MSR5620/5660/5680 |
Yes |
Hardware |
Command compatibility |
MSR810-LM-GL |
No |
MSR810-W-LM-GL |
No |
MSR830-6EI-GL |
No |
MSR830-10EI-GL |
No |
MSR830-6HI-GL |
No |
MSR830-10HI-GL |
No |
MSR2600-6-X1-GL |
No |
MSR3600-28-SI-GL |
No |
Specify a traffic processing slot if MPLS protection switching requires that all traffic on a tunnel bundle interface be processed on the same slot.
For high availability, you can specify one primary and one backup traffic processing slot by using the service command and the service standby command, respectively.
To avoid processing slot switchover, specify the primary slot before specifying the backup slot. If you specify the backup slot before specifying the primary slot, traffic is switched over to the primary slot immediately after you specify the primary slot.
If you specify both primary and backup slots for an interface, traffic on that interface is processed as follows:
· The backup slot takes over when the primary slot becomes unavailable. The backup slot continues to process traffic for the interface after the primary slot becomes available again. The switchover will not occur until the backup slot becomes unavailable.
· When no specified traffic processing slots are available, the traffic is processed on the slot at which it arrives. Then, the processing slot that first becomes available again takes over.
If you do not specify a primary or a backup traffic processing slot for an interface, traffic on that interface is processed on the slot at which the traffic arrives.
Examples
# (Distributed devices in standalone mode.) Specify a primary and a backup traffic processing slot for Tunnel-Bundle 2.
<Sysname> system-view
[Sysname] interface tunnel-bundle 2
[Sysname-tunnel-bundle2] service slot 2
[Sysname-tunnel-bundle2] service standby slot 3
# (Distributed devices in standalone mode.) Specify a primary and a backup traffic processing slot for Tunnel-Bundle 2.
<Sysname> system-view
[Sysname] interface tunnel-bundle 2
[Sysname-tunnel-bundle2] service slot 1
[Sysname-tunnel-bundle2] service standby slot 2
# (Distributed devices in standalone mode.) Specify a primary and a backup traffic processing slot for Tunnel-Bundle 2.
<Sysname> system-view
[Sysname] interface tunnel-bundle 2
[Sysname-tunnel-bundle2] service chassis 2 slot 2
[Sysname-tunnel-bundle2] service standby chassis 1 slot 2
Related commands
service
shutdown
Use shutdown to shut down a tunnel bundle interface and its member interfaces.
Use undo shutdown to bring up a tunnel bundle interface.
Syntax
shutdown
undo shutdown
Default
A tunnel bundle interface is up.
Views
Tunnel bundle interface view
Predefined user roles
network-admin
Examples
# Shut down interface Tunnel-Bundle 2.
<Sysname> system-view
[Sysname] interface tunnel-bundle 2
[Sysname-tunnel-bundle2] shutdown
MCE commands
The following matrix shows the feature and hardware compatibility:
Hardware |
MCE compatibility |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
MSR2600-6-X1/2600-10-X1 |
Yes |
MSR 2630 |
Yes |
MSR3600-28/3600-51 |
Yes |
MSR3600-28-SI/3600-51-SI |
No |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
MSR5620/5660/5680 |
Yes |
Hardware |
MCE compatibility |
MSR810-LM-GL |
No |
MSR810-W-LM-GL |
No |
MSR830-6EI-GL |
No |
MSR830-10EI-GL |
No |
MSR830-6HI-GL |
No |
MSR830-10HI-GL |
No |
MSR2600-6-X1-GL |
Yes |
MSR3600-28-SI-GL |
No |
address-family ipv4 (VPN instance view)
Use address-family ipv4 to enter IPv4 VPN view.
Use undo address-family ipv4 to remove all configurations from IPv4 VPN view.
Syntax
address-family ipv4
undo address-family ipv4
Views
VPN instance view
Predefined user roles
network-admin
Usage guidelines
In IPv4 VPN view, you can configure IPv4 VPN parameters such as inbound and outbound routing policies.
Examples
# Enter IPv4 VPN view.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] address-family ipv4
[Sysname-vpn-ipv4-vpn1]
Related commands
address-family ipv6 (VPN instance view)
description (VPN instance view)
Use description to configure a description for a VPN instance.
Use undo description to restore the default.
Syntax
description text
undo description
Default
No description is configured for a VPN instance.
Views
VPN instance view
Predefined user roles
network-admin
Parameters
text: Specifies a description, a case-sensitive string of 1 to 79 characters.
Usage guidelines
If you execute this command multiple times, the most recent configuration takes effect.
Examples
# Configure a description of This is vpn1 for VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] description This is vpn1
display ip vpn-instance
Use display ip vpn-instance to display information about VPN instances.
Syntax
display ip vpn-instance [ instance-name vpn-instance-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
instance-name vpn-instance-name: Displays information about the specified VPN instance. The vpn-instance-name argument is a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays brief information about all VPN instances.
Examples
# Display brief information about all VPN instances.
<Sysname> display ip vpn-instance
Total VPN-Instances configured : 1
VPN-Instance Name RD Create time
abc 1:1 2011/05/18 10:48:17
Table 117 Command output
Field |
Description |
VPN-Instance Name |
Name of the VPN instance. |
RD |
RD of the VPN instance. |
Create Time |
Time when the VPN instance was created. |
# Display detailed information about VPN instance vpn1.
<Sysname> display ip vpn-instance instance-name vpn1
VPN-Instance Name and Index : vpn1, 2
Route Distinguisher : 100:1
VPN ID : 1:1
Description : vpn1
Interfaces : GigabitEthernet2/0/2
Address-family IPv4:
Export VPN Targets :
2:2
Import VPN Targets :
3:3
Export Route Policy : outpolicy
Import Route Policy : inpolicy
Tunnel Policy : tunnel1
Maximum Routes Limit : 500
Threshold Value(%): 50
Address-family IPv6:
Export VPN Targets :
2:2
Import VPN Targets :
3:3
Export Route Policy : outpolicy
Import Route Policy : inpolicy
Tunnel Policy : tunnel1
Maximum Routes Limit :500
Threshold Value(%): 50
export route-policy
Use export route-policy to apply an export routing policy to a VPN instance.
Use undo export route-policy to restore the default.
Syntax
export route-policy route-policy
undo export route-policy
Default
No export routing policy is applied to a VPN instance.
Views
VPN instance view
IPv4 VPN view
IPv6 VPN view
Predefined user roles
network-admin
Parameters
route-policy: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.
Usage guidelines
You can specify an export routing policy to filter advertised routes or modify their route attributes for the VPN instance.
If you execute this command multiple times, the most recent configuration takes effect.
An export routing policy specified in VPN instance view applies to both IPv4 VPN and IPv6 VPN.
An export routing policy specified in IPv4 VPN view or IPv6 VPN view applies only to IPv4 VPN or IPv6 VPN.
If you have specified export routing policies in both IPv4 VPN view and VPN instance view, IPv4 VPN uses the export routing policy specified in IPv4 VPN view.
If you have specified export routing policies in both IPv6 VPN view and VPN instance view, IPv6 VPN uses the export routing policy specified in IPv6 VPN view.
Examples
# Apply export routing policy poly-1 to VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] export route-policy poly-1
# Apply export routing policy poly-2 to IPv4 VPN vpn2.
<Sysname> system-view
[Sysname] ip vpn-instance vpn2
[Sysname-vpn-instance-vpn2] address-family ipv4
[Sysname-vpn-ipv4-vpn2] export route-policy poly-2
# Apply export routing policy poly-3 to IPv6 VPN vpn3.
<Sysname> system-view
[Sysname] ip vpn-instance vpn3
[Sysname-vpn-instance-vpn3] address-family ipv6
[Sysname-vpn-ipv6-vpn3] export route-policy poly-3
Related commands
import route-policy
route-policy (Layer 3—IP Routing Command Reference)
import route-policy
Use import route-policy to apply an import routing policy to a VPN instance.
Use undo import route-policy to restore the default.
Syntax
import route-policy route-policy
undo import route-policy
Default
All routes matching the import target attribute are accepted.
Views
VPN instance view
IPv4 VPN view
IPv6 VPN view
Predefined user roles
network-admin
Parameters
route-policy: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.
Usage guidelines
You can specify an import routing policy to filter received routes or modify their route attributes for the VPN instance.
If you execute this command multiple times, the most recent configuration takes effect.
An import routing policy specified in VPN instance view applies to both IPv4 VPN and IPv6 VPN.
An import routing policy specified in IPv4 VPN view or IPv6 VPN view applies only to the IPv4 VPN or IPv6 VPN.
If you have specified import routing policies in both IPv4 VPN view and VPN instance view, IPv4 VPN uses the import routing policy specified in IPv4 VPN view.
If you have specified import routing policies in both IPv6 VPN view and VPN instance view, IPv6 VPN uses the import routing policy specified in IPv6 VPN view.
Examples
# Apply import routing policy poly-1 to VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] import route-policy poly-1
# Apply import routing policy poly-2 to IPv4 VPN vpn2.
<Sysname> system-view
[Sysname] ip vpn-instance vpn2
[Sysname-vpn-instance-vpn2] address-family ipv4
[Sysname-vpn-ipv4-vpn2] import route-policy poly-2
# Apply import routing policy poly-3 to IPv6 VPN vpn3.
<Sysname> system-view
[Sysname] ip vpn-instance vpn3
[Sysname-vpn-instance-vpn3] address-family ipv6
[Sysname-vpn-ipv6-vpn3] import route-policy poly-3
Related commands
export route-policy
route-policy (Layer 3—IP Routing Command Reference)
ip binding vpn-instance
Use ip binding vpn-instance to associate an interface with a VPN instance.
Use undo ip binding vpn-instance to restore the default.
Syntax
ip binding vpn-instance vpn-instance-name
undo ip binding vpn-instance
Default
An interface is associated with no VPN instance and belongs to the public network.
Views
Interface view
Predefined user roles
network-admin
Parameters
vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters.
Usage guidelines
Use this command to associate the VPN instance with the interface connected to the CE.
This command or its undo form clears the IP address and routing protocol configuration on the interface.
The specified VPN instance must have been created by using the ip vpn-instance command in system view.
To associate a new VPN instance with an interface, first execute the undo ip binding vpn-instance command to remove the existing association.
Examples
# Associate interface GigabitEthernet 2/0/1 with VPN instance vpn1.
<Sysname> system-view
[Sysname] interface gigabitethernet 2/0/1
[Sysname-GigabitEthernet2/0/1] ip binding vpn-instance vpn1
Related commands
ip vpn-instance (system view)
ip vpn-instance (system view)
Use ip vpn-instance to create a VPN instance and enter its view, or enter the view of an existing VPN instance.
Use undo ip vpn-instance to delete a VPN instance.
Syntax
ip vpn-instance vpn-instance-name
undo ip vpn-instance vpn-instance-name
Default
No VPN instances exist.
Views
System view
Predefined user roles
network-admin
Parameters
vpn-instance-name: Specifies a VPN instance name, a case-sensitive string of 1 to 31 characters.
Examples
# Create a VPN instance named vpn1 and enter its view.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1]
Related commands
route-distinguisher
route-distinguisher (VPN instance view)
Use route-distinguisher to configure an RD for a VPN instance.
Use undo route-distinguisher to restore the default.
Syntax
route-distinguisher route-distinguisher
undo route-distinguisher
Default
No RD is specified for a VPN instance.
Views
VPN instance view
Predefined user roles
network-admin
Parameters
route-distinguisher: Specifies an RD for the VPN instance, a string of 3 to 21 characters in one of the following formats:
· 16-bit AS number:32-bit user-defined number. For example, 101:3.
· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.
· 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1.
Usage guidelines
RDs enable VPNs to use the same address space. An RD and an IPv4 prefix comprise a unique VPN IPv4 prefix.
To modify an RD, execute the undo route-distinguisher command to remove the RD and then execute the route-distinguisher command.
Examples
# Configure RD 22:1 for VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] route-distinguisher 22:1
routing-table limit
Use routing-table limit to set the maximum number of active routes in a VPN instance.
Use undo routing-table limit to restore the default.
Syntax
routing-table limit number { warn-threshold | simply-alert }
undo routing-table limit
Default
The maximum number of active routes varies by device model. For more information, see the matrix table for the number argument.
Views
VPN instance view
IPv4 VPN view
IPv6 VPN view
Predefined user roles
network-admin
Parameters
number: Specifies the maximum number of active routes.
The following matrix shows the number argument and hardware compatibility:
Hardware |
Argument compatibility |
Value range |
Default |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
N/A |
N/A |
MSR2600-6-X1/2600-10-X1 |
Yes |
1 to 51024 |
51024 |
MSR 2630 |
Yes |
1 to 51024 |
51024 |
MSR3600-28/3600-51 |
Yes |
1 to 51024 |
51024 |
MSR3600-28-SI/3600-51-SI |
No |
N/A |
N/A |
MSR3610-X1/3610-X1-DP/3610-X1-DC/ 3610-X1-DP-DC |
Yes |
1 to 101024 |
101024 |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
1 to 101024 |
101024 |
MSR5620/5660/5680 |
Yes |
1 to 101024 |
101024 |
Hardware |
Argument compatibility |
Value range |
Default |
MSR810-LM-GL |
No |
N/A |
N/A |
MSR810-W-LM-GL |
No |
N/A |
N/A |
MSR830-6EI-GL |
No |
N/A |
N/A |
MSR830-10EI-GL |
No |
N/A |
N/A |
MSR830-6HI-GL |
No |
N/A |
N/A |
MSR830-10HI-GL |
No |
N/A |
N/A |
MSR2600-6-X1-GL |
Yes |
1 to 51024 |
51024 |
MSR3600-28-SI-GL |
No |
N/A |
N/A |
warn-threshold: Specifies a warning threshold in the range of 1 to 100 in percentage. When the percentage of the existing active routes to the maximum active routes exceeds the threshold, the system gives a log message but still allows new active routes. If active routes in the VPN instance reach the maximum, no more active routes are added.
simply-alert: Specifies that when active routes exceed the maximum number, the system still accepts active routes but generates a log message.
Usage guidelines
Setting the maximum number of active routes for a VPN instance can prevent a PE from learning too many routes.
A limit configured in VPN instance view applies to both the IPv4 VPN and the IPv6 VPN.
A limit configured in IPv4 VPN view or IPv6 VPN view applies only to the IPv4 VPN or the IPv6 VPN.
If you have specified limits in both IPv4 VPN view and VPN instance view, IPv4 VPN uses the limit specified in IPv4 VPN view.
If you have specified limits in both IPv6 VPN view and VPN instance view, IPv6 VPN uses the limit specified in IPv6 VPN view.
Examples
# Specify that VPN instance vpn1 supports a maximum of 1000 active routes. When active routes exceed this limit, the device can receive new active routes but generates a log message.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] route-distinguisher 100:1
[Sysname-vpn-instance-vpn1] routing-table limit 1000 simply-alert
# Specify that the IPv4 VPN vpn2 supports a maximum of 1000 active routes. When active routes exceed this limit, the device can receive new active routes but generates a log message.
<Sysname> system-view
[Sysname] ip vpn-instance vpn2
[Sysname-vpn-instance-vpn2] route-distinguisher 100:2
[Sysname-vpn-instance-vpn2] address-family ipv4
[Sysname-vpn-ipv4-vpn2] routing-table limit 1000 simply-alert
# Specify that the IPv6 VPN vpn3 supports a maximum of 1000 active routes. When active routes exceed this limit, the device can receive new active routes but generates a log message.
<Sysname> system-view
[Sysname] ip vpn-instance vpn3
[Sysname-vpn-instance-vpn3] route-distinguisher 100:3
[Sysname-vpn-instance-vpn3] address-family ipv6
[Sysname-vpn-ipv4-vpn3] routing-table limit 1000 simply-alert
vpn-id
Use vpn-id to configure a VPN ID for a VPN instance.
Use undo vpn-id to restore the default.
Syntax
vpn-id vpn-id
undo vpn-id
Default
No VPN ID is configured for a VPN instance.
Views
VPN instance view
Predefined user roles
network-admin
Parameters
vpn-id: Specifies a VPN ID for the VPN instance, in the form of OUI:Index. Both OUI and Index are hex numbers. The OUI is in the range of 0 to FFFFFF, and the index is in the range of 0 to FFFFFFFF.
Usage guidelines
A VPN ID uniquely identifies a VPN instance. Different VPN instances must have different VPN IDs.
A VPN ID cannot be 0:0.
Examples
# Configure VPN ID 20:1 for VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] vpn-id 20:1
Related commands
display ip vpn-instance
vpn-instance-capability simple (OSPF view)
Use vpn-instance-capability simple to disable routing loop detection for a VPN OSPF process.
Use undo vpn-instance-capability to enable routing loop detection for a VPN OSPF process.
Syntax
vpn-instance-capability simple
undo vpn-instance-capability
Default
Routing loop detection is enabled for a VPN OSPF process.
Views
OSPF view
Predefined user roles
network-admin
Usage guidelines
For the MCE to receive OSPF routes from the PE, you must disable routing loop detection for a VPN OSPF process on the MCE.
This command is applicable only to VPN OSPF processes.
Examples
# Disable routing loop detection for VPN OSPF process 100.
<Sysname> system-view
[Sysname] ospf 100 vpn-instance vpna
[Sysname-ospf-100] vpn-instance-capability simple
vpn-target (VPN instance view/IPv4 VPN view/IPv6 VPN view)
Use vpn-target to configure route targets for a VPN instance.
Use undo vpn-target to remove the specified or all route targets of a VPN instance.
Syntax
vpn-target vpn-target&<1-8> [ both | export-extcommunity | import-extcommunity ]
undo vpn-target { all | vpn-target&<1-8> [ both | export-extcommunity | import-extcommunity ] }
Default
No route targets are configured for a VPN instance.
Views
VPN instance view
IPv4 VPN view
IPv6 VPN view
Predefined user roles
network-admin
Parameters
vpn-target&<1-8>: Specifies a space-separated list of route targets. You can specify a maximum of eight route targets each time you execute this command.
A route target is a string of 3 to 21 characters in one of the following formats:
· 16-bit AS number:32-bit user-defined number. For example, 101:3.
· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.
· 32-bit AS number:16-bit user-defined number, where the AS number must not be less than 65536. For example, 65536:1.
both: Uses the specified route targets as both import targets and export targets. The both keyword is also used when you do not specify any of the following keywords: both, export-extcommunity, and import-extcommunity.
export-extcommunity: Uses the specified route targets as export targets.
import-extcommunity: Uses the specified route targets as import targets.
all: Removes all route targets.
Usage guidelines
MPLS L3VPN uses route targets to control the advertisement of VPN routing information. A PE adds the configured export targets into the route target attribute of routes advertised to a peer. The peer uses the local import targets to match the route targets of received routes. If a match is found, the peer adds the routes to the routing table of the VPN instance.
Route targets configured in VPN instance view are applicable to both the IPv4 VPN and the IPv6 VPN.
Route targets configured in IPv4 VPN view or IPv6 VPN view are applicable only to the IPv4 VPN or IPv6 VPN.
Route targets configured in IPv4 VPN view or IPv6 VPN view take precedence over those configured in VPN instance view. If you configure route targets in both IPv4 VPN view and VPN instance view, the IPv4 VPN uses the route targets configured in IPv4 VPN view. If you configure route targets in both IPv6 VPN view and VPN instance view, the IPv6 VPN uses the route targets configured in IPv6 VPN view.
Examples
# Configure route targets for VPN instance vpn1.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] vpn-target 3:3 export-extcommunity
[Sysname-vpn-instance-vpn1] vpn-target 4:4 import-extcommunity
[Sysname-vpn-instance-vpn1] vpn-target 5:5 both
# Configure route targets for IPv4 VPN vpn2.
<Sysname> system-view
[Sysname] ip vpn-instance vpn2
[Sysname-vpn-instance-vpn2] address-family ipv4
[Sysname-vpn-ipv4-vpn2] vpn-target 3:3 export-extcommunity
[Sysname-vpn-ipv4-vpn2] vpn-target 4:4 import-extcommunity
[Sysname-vpn-ipv4-vpn2] vpn-target 5:5 both
# Configure route targets for IPv6 VPN vpn3.
<Sysname> system-view
[Sysname] ip vpn-instance vpn3
[Sysname-vpn-instance-vpn3] address-family ipv6
[Sysname-vpn-ipv6-vpn3] vpn-target 3:3 export-extcommunity
[Sysname-vpn-ipv6-vpn3] vpn-target 4:4 import-extcommunity
[Sysname-vpn-ipv6-vpn3] vpn-target 5:5 both
IPv6 MCE commands
This chapter describes only IPv6 MCE-specific commands. For information about the commands available for both IPv4 MCE and IPv6 MCE, see "MCE commands."
The following matrix shows the feature and hardware compatibility:
Hardware |
IPv6 MCE compatibility |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
MSR2600-6-X1/2600-10-X1 |
Yes |
MSR 2630 |
Yes |
MSR3600-28/3600-51 |
Yes |
MSR3600-28-SI/3600-51-SI |
No |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
MSR5620/5660/5680 |
Yes |
address-family ipv6 (VPN instance view)
Use address-family ipv6 to enter IPv6 VPN view.
Use undo address-family ipv6 to remove all configurations from IPv6 VPN view.
Syntax
address-family ipv6
undo address-family ipv6
Views
VPN instance view
Predefined user roles
network-admin
Usage guidelines
In IPv6 VPN view, you can configure IPv6 VPN parameters such as inbound and outbound routing policies.
Examples
# Enter IPv6 VPN view.
<Sysname> system-view
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] address-family ipv6
[Sysname-vpn-ipv6-vpn1]
Related commands
address-family ipv4 (VPN instance view)
vpn-instance-capability simple (OSPFv3 view)
Use vpn-instance-capability simple to disable routing loop detection for a VPN OSPFv3 process.
Use undo vpn-instance-capability to enable routing loop detection for a VPN OSPFv3 process.
Syntax
vpn-instance-capability simple
undo vpn-instance-capability
Default
Routing loop detection is enabled for a VPN OSPFv3 process.
Views
OSPFv3 view
Predefined user roles
network-admin
Usage guidelines
For the MCE to receive OSPFv3 routes from the PE, you must disable routing loop detection for a VPN OSPFv3 process on the MCE.
This command is applicable only to VPN OSPFv3 processes.
Examples
# Disable routing loop detection for VPN OSPFv3 process 100.
<Sysname> system-view
[Sysname] ospfv3 100 vpn-instance vpn1
[Sysname-ospfv3-100] vpn-instance-capability simple
Static SR over MPLS commands
The following matrix shows the feature and hardware compatibility:
Hardware |
Static SR over MPLS compatibility |
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS |
No |
MSR2600-6-X1/2600-10-X1 |
Yes |
MSR 2630 |
Yes |
MSR3600-28/3600-51 |
Yes |
MSR3600-28-SI/3600-51-SI |
No |
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC |
Yes |
MSR 3610/3620/3620-DP/3640/3660 |
Yes |
MSR5620/5660/5680 |
Yes |
Hardware |
Static SR over MPLS compatibility |
MSR810-LM-GL |
No |
MSR810-W-LM-GL |
No |
MSR830-6EI-GL |
No |
MSR830-10EI-GL |
No |
MSR830-6HI-GL |
No |
MSR830-10HI-GL |
No |
MSR2600-6-X1-GL |
Yes |
MSR3600-28-SI-GL |
No |
display mpls static-sr-mpls
Use display mpls static-sr-mpls to display static SRLSP and adjacency segment information.
Syntax
display mpls static-sr-mpls { lsp [ lsp-name ] | adjacency [ adjacency-path-name ] }
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
lsp lsp-name: Specifies a static SRLSP by its name, a case-sensitive string of 1 to 15 characters. If you do not specify the lsp-name argument, the command displays information about all static SRLSPs.
adjacency adjacency-path-name: Specifies an adjacency segment by its name, a case-sensitive string of 1 to 15 characters. If you do not specify the adjacency-path-name argument, the command displays information about all adjacency segments.
Examples
# Display information about static SRLSP lsp1.
<Sysname> display mpls static-sr-mpls lsp lsp1
Name : lsp1
Type : LSP
In-Label : -
Out-Label : 60,70,80
Out-Interface : GE1/0/1
Nexthop : 20.1.1.2
State : Up
Table 118 Command output
Field |
Description |
Name |
Name of the static SRLSP or adjacency segment. |
Type |
Information type: · LSP—Static SRLSP information. · Adjacency—Adjacency segment information. |
In-Label |
Incoming label. |
Out-Label |
Outgoing label. |
Out-Interface |
Output interface. |
Nexthop |
Next hop address. |
State |
Status of the static SRLSP or adjacency segment: · Down. · Up. |
Related commands
static-sr-mpls lsp
static-sr-mpls adjacency
display mpls static-sr-mpls prefix
Use display mpls static-sr-mpls prefix to display prefix segment information.
Syntax
display mpls static-sr-mpls prefix [ path prefix-path-name | destination ip-address [ mask | mask-length ] ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
path prefix-path-name: Specifies a prefix segment by its name, a case-sensitive string of 1 to 15 characters.
destination ip-address: Specifies the destination IP address of the prefix segment.
mask: Specifies the mask.
mask-length: Specifies the mask length, in the range of 0 to 32.
Usage guidelines
If you do not specify any parameters, this command displays information about all prefix segments.
Examples
# Display information about all prefix segments.
<Sysname> display mpls static-sr-mpls prefix
Prefix Name : prefixname
Destination : 2.2.2.2/32
In-Label : 1024
Active : Yes(1)
Out-Interface : GE0/0/1
Nexthop : 10.0.0.2
Out-Label : 600000
Status : up
Out-Interface : GE0/0/2
Nexthop : 11.0.0.2
Out-Label : 600002
Status : down(No Route)
Out-Interface : GE0/0/3
Nexthop : 12.0.0.2
Out-Label : 600001
Status : down(No Mpls)
Table 119 Command output
Field |
Description |
Prefix Name |
Name of the prefix segment. |
Destination |
Destination IP address of the prefix segment. |
In-Label |
Incoming label of the prefix segment. |
Active |
Status of the prefix segment: · Yes(count)—The prefix segment is active. The value of count represents the number of egresses in up status. · No—The prefix segment is inactive. |
Out-Label |
Outgoing label of the prefix segment. |
Status |
Status of the egress: · down—The egress is inactive. The cause is displayed in brackets, which can be No Route or No Mpls. No Route means that the device has no route to reach the destination IP address over the output interface. No Mpls means that MPLS is disabled on the output interface. · up—The egress is active. · duplicate—An egress conflict has occurred because the output interface is already used by another prefix segment. |
Related commands
static-sr-mpls prefix
mpls te static-sr-mpls
Use mpls te static-sr-mpls to bind a static SRLSP to an MPLS TE tunnel interface.
Use undo mpls te static-sr-mpls to unbind a static SRLSP from an MPLS TE tunnel interface.
Syntax
mpls te static-sr-mpls lsp-name [ backup ]
undo mpls te static-sr-mpls lsp-name
Default
An MPLS TE tunnel interface does not use any static SRLSPs.
Views
Tunnel interface view
Predefined user roles
network-admin
Parameters
lsp-name: Specifies a static SRLSP by its name, a case-sensitive string of 1 to 15 characters. The specified static SRLSP must be already created by using the static-sr-mpls lsp command.
backup: Specifies the backup static SRLSP. If you do not specify this keyword, this command specifies the main static SRLSP.
Usage guidelines
This command takes effect only if you have configured the mpls te signaling static command in tunnel interface view.
Execute this command only on the ingress node of a static SRLSP.
If you execute the mpls te static-sr-mpls and mpls te static-cr-lsp commands on a device, only the mpls te static-cr-lsp command takes effect. For the mpls te static-sr-mpls command to take effect, execute the undo mpls te static-cr-lsp command.
Examples
# Bind static SRLSP static-sr-3 to MPLS TE tunnel interface 0.
<Sysname> system-view
[Sysname] interface tunnel 0 mode mpls-te
[Sysname-Tunnel0] mpls te static-sr-mpls static-sr-3
Related commands
display mpls te tunnel-interface
mpls te signaling
static-sr-mpls lsp
static-sr-mpls adjacency
Use static-sr-mpls adjacency to configure an adjacency segment for static SR.
Use undo static-sr-mpls adjacency to delete an adjacency segment.
Syntax
static-sr-mpls adjacency adjacency-path-name in-label label-value { nexthop ip-address | outgoing-interface interface-type interface-number }
undo static-sr-mpls adjacency adjacency-path-name
Default
No adjacency segments exist.
Views
System view
Predefined user roles
network-admin
Parameters
adjacency-path-name: Specifies the adjacency segment name, a case-sensitive string of 1 to 15 characters.
in-label label-value: Specifies the incoming label in the range of 16 to 1023.
nexthop ip-address: Specifies the next hop address.
outgoing-interface interface-type interface-number: Specifies an output interface by its type and number. The output interface must be a P2P interface.
Usage guidelines
Execute this command on all nodes of a static SRLSP.
If you specify the next hop address, make sure the following requirements are met:
· The device has a route to reach the next hop address.
· MPLS is enabled on the output interface of the route.
If you specify an output interface, make sure the following requirements are met:
· The interface is up.
· The interface can receive direct routes.
· MPLS is enabled on the interface.
On a device, the incoming label specified by this command must be different than other static LSPs, static PWs, and static CRLSPs. If not, the configured adjacency segment is unavailable. The adjacency segment cannot become available even if you change the incoming label of the static LSP, static PW, or static CRLSP. To resolve this problem, you must delete the existing adjacency segment and configure a new one with a different incoming label.
Examples
# Configure adjacency segment adj1, and specify the incoming label as 100 and the next hop address as 12.2.1.2.
<Sysname> system-view
[Sysname] static-sr-mpls adjacency adj1 in-label 100 nexthop 12.2.1.2
Related commands
static-sr-mpls lsp
display static-sr-mpls
static-sr-mpls lsp
Use static-sr-mpls lsp to configure a static SRLSP.
Use undo static-sr-mpls lsp to delete a static SRLSP.
Syntax
static-sr-mpls lsp lsp-name out-label out-label-value&<1-5>
undo static-sr-mpls lsp lsp-name
Default
No static SRLSPs exist.
Views
System view
Predefined user roles
network-admin
Parameters
lsp-name: Specifies the static SRLSP name, a case-sensitive string of 1 to 15 characters.
out-label out-label-value&<1-5>: Specifies a space-separated list of up to five outgoing labels from outer to inner in the label stack. The value range for the out-label-value argument is 0, 3, and 16 to 1048575.
Usage guidelines
Execute this command only on the ingress node of a static SRLSP.
The outgoing labels specified by this command represent the incoming labels of the adjacency segments that a static SRLSP traverses in sequence. The outermost label must use the incoming label of the first adjacency segment that the static SRLSP traverses.
Examples
# Configure static SRLSP lsp1, and specify the outgoing labels as 100 and 200.
<Sysname> system-view
[Sysname] static-sr-mpls lsp lsp1 out-label 100 200
Related commands
static-sr-mpls adjacency
display static-sr-mpls
static-sr-mpls prefix
Use static-sr-mpls prefix to configure a prefix segment for static SR.
Use undo static-sr-mpls prefix to delete a prefix segment.
Syntax
static-sr-mpls prefix prefix-path-name destination ip-address { mask | mask-length } in-label in-label-value [ { nexthop ip-address | output-interface interface-type interface-number } out-label out-label-value ]
undo static-sr-mpls prefix prefix-path-name [ destination ip-address { mask | mask-length } in-label in-label-value [ nexthop ip-address | output-interface interface-type interface-number ] ]
Default
No prefix segments exist.
Views
System view
Predefined user roles
network-admin
Parameters
prefix-path-name: Specifies the prefix segment name, a case-sensitive string of 1 to 15 characters.
destination ip-address: Specifies the destination IP address.
mask: Specifies the mask.
mask-length: Specifies the mask length, in the range of 0 to 32.
in-label label-value: Specifies the incoming label. The value range depends on the device model.
nexthop ip-address: Specifies the next hop address.
outgoing-interface interface-type interface-number: Specifies an output interface by its type and number. The output interface must be a P2P interface.
out-label out-label-value: Specifies the outgoing label, in the range of 0, 3, and 16 to 1048575.
Usage guidelines
Execute this command on all nodes of a static SRLSP.
A prefix segment must use the next hop or output interface of the optimal route to the destination address of the prefix segment. You can configure multiple prefix segments to the destination address for load sharing if the optimal route has more than one next hops or output interfaces. To avoid configuration failure, make sure all prefix segments use the same prefix segment name, incoming label, and outgoing label.
If you specify only the prefix-path-name argument, the undo static-sr-mpls prefix command deletes all prefix segments with the specified name. If you specify all parameters, only the prefix segment that matches the specified name, destination IP address, and next hop or output interface is deleted.
Examples
# Configure prefix segment prefix1, set the destination IP address, incoming label, outgoing label, and next hop to 2.2.2.2, 16000, 16001, and 10.0.0.2, respectively.
<Sysname> system-view
[Sysname] static-sr-mpls prefix prefix1 destination 2.2.2.2 32 in-label 16000 nexthop 10.0.0.2 out-label 16001
Related commands
display mpls static-sr-mpls prefix
ac interface,293
accept-label,63
address-family ipv4 (VPN instance view),395
address-family ipv4 (VPN instance view),229
address-family ipv6 (VPN instance view),407
address-family ipv6 (VPN instance view),270
address-family l2vpn,294
address-family vpnv4,230
address-family vpnv6,271
advertise-label,64
authentication challenge,180
authentication key,181
authentication lifetime,183
authentication window-size,184
auto-bandwidth enable,84
auto-discovery,295
auto-tunnel backup,85
backoff,32
backup-peer,295
bandwidth,370
bandwidth,297
bandwidth,339
bfd discriminator,349
bfd ip-router-alert,350
ccc,297
connection,299
connection remote-site-id,299
control-word enable,300
default,371
default,340
default-nexthop,301
description,340
description,372
description (cross-connect group view),302
description (VPN instance view),395
description (VPN instance view),231
destination,86
destination,372
disable,86
disable-dn-bit-check,271
disable-dn-bit-set,272
display bgp l2vpn signaling,302
display bgp routing-table ipv4 unicast inlabel,231
display bgp routing-table ipv4 unicast outlabel,232
display bgp routing-table vpnv4,234
display bgp routing-table vpnv4 inlabel,242
display bgp routing-table vpnv4 outlabel,243
display bgp routing-table vpnv6,273
display bgp routing-table vpnv6 inlabel,281
display bgp routing-table vpnv6 outlabel,282
display explicit-path,87
display interface,341
display interface tunnel-bundle,373
display ip vpn-instance,245
display ip vpn-instance,396
display isis mpls te advertisement,88
display isis mpls te configured-sub-tlvs,91
display isis mpls te network,92
display isis mpls te tunnel,93
display l2vpn bgp,306
display l2vpn forwarding,308
display l2vpn interface,311
display l2vpn ldp,312
display l2vpn pw,314
display l2vpn pw bfd,351
display l2vpn pw-class,317
display l2vpn xconnect-group,318
display mpls bfd,352
display mpls forwarding ilm,1
display mpls forwarding nhlfe,3
display mpls forwarding protection,376
display mpls interface,5
display mpls label,5
display mpls ldp discovery,33
display mpls ldp fec,36
display mpls ldp igp sync,65
display mpls ldp interface,40
display mpls ldp lsp,41
display mpls ldp parameter,43
display mpls ldp peer,44
display mpls ldp summary,48
display mpls lsp,6
display mpls lsp statistics,12
display mpls nib,13
display mpls nid,14
display mpls protection,378
display mpls static-cr-lsp,175
display mpls static-lsp,27
display mpls static-sr-mpls,409
display mpls static-sr-mpls prefix,410
display mpls summary,15
display mpls te ds-te,94
display mpls te link-management bandwidth-allocation,95
display mpls te pce discovery,96
display mpls te pce peer,99
display mpls te pce statistics,101
display mpls te tedb,102
display mpls te tunnel-interface,108
display mpls tunnel,224
display ospf mpls te advertisement,111
display ospf mpls te network,113
display ospf mpls te pce,114
display ospf mpls te tunnel,116
display ospf sham-link,246
display ospfv3 sham-link,283
display rsvp,186
display rsvp authentication,188
display rsvp lsp,192
display rsvp peer,195
display rsvp request,196
display rsvp reservation,198
display rsvp sender,200
display rsvp statistics,204
display tunnel-bundle,381
display tunnel-bundle,117
domain-id (OSPF view),247
domain-id (OSPFv3 view),285
dscp,207
dscp,49
ds-te bc-model,119
ds-te mode,121
ds-te te-class,120
explicit-path,122
export route-policy,397
export route-policy,248
ext-community-type (OSPF view),249
ext-community-type (OSPFv3 view),286
fast-reroute timer,122
ftn enable,16
graceful-restart,50
graceful-restart enable,207
graceful-restart timer,50
hello interval,208
hello lost,209
igp sync delay,66
igp sync delay on-restart,67
import bgp,68
import route-policy,398
import route-policy,250
interface tunnel-bundle,123
interface tunnel-bundle protection,382
interface ve-l2vpn,344
interface ve-l3vpn,345
interworking,320
ip binding vpn-instance,399
ip binding vpn-instance,251
ip vpn-instance (system view),400
ip vpn-instance (system view),252
ipv6 accept-label,77
ipv6 advertise-label,78
ipv6 import bgp,80
ipv6 lsp-trigger,79
keep-multiplier,209
l2vpn enable,321
l2vpn switchover,321
label-distribution,52
link-management periodic-flooding timer,124
loop-detect,53
lsp-trigger,69
lsr-id,53
maxhops,54
md5-authentication,55
member interface,125
member interface,384
mpls bfd (for LSP),354
mpls bfd (for TE tunnel),356
mpls bfd enable,354
mpls enable,17
mpls forwarding split-horizon,17
mpls label advertise,18
mpls ldp,56
mpls ldp enable,70
mpls ldp igp sync disable,71
mpls ldp ipv6 enable,81
mpls ldp sync (IS-IS view),72
mpls ldp sync (OSPF view/OSPF area view),73
mpls ldp timer,57
mpls ldp transport-address,81
mpls ldp transport-address,73
mpls lsr-id,19
mpls mtu,19
mpls periodic-tracert (for LSP),358
mpls protection,384
mpls statistics,20
mpls statistics interval,21
mpls te,126
mpls te affinity-attribute,127
mpls te auto-bandwidth,128
mpls te auto-tunnel backup disable,129
mpls te backup,130
mpls te backup bandwidth,131
mpls te backup-path,132
mpls te bandwidth,134
mpls te bandwidth change thresholds,135
mpls te bidirectional,135
mpls te enable (interface view),138
mpls te enable (IS-IS view),138
mpls te enable (OSPF area view),139
mpls te fast-reroute,140
mpls te fast-reroute bypass-tunnel,141
mpls te igp advertise,142
mpls te igp metric,143
mpls te igp shortcut,144
mpls te link-attribute,145
mpls te loop-detection,146
mpls te max-link-bandwidth,147
mpls te max-reservable-bandwidth,147
mpls te max-reservable-bandwidth mam,148
mpls te max-reservable-bandwidth rdm,150
mpls te metric,151
mpls te path,151
mpls te path-metric-type,152
mpls te priority,153
mpls te record-route,154
mpls te reoptimization (tunnel interface view),155
mpls te reoptimization (user view),156
mpls te resv-style,156
mpls te retry,157
mpls te route-pinning,158
mpls te service-class,158
mpls te signaling,159
mpls te static-cr-lsp,160
mpls te static-sr-mpls,411
mpls te timer retry,161
mpls ttl expiration enable,22
mpls ttl propagate,23
mpls-forwarding statistics prefix-list,24
mtu,322
mtu,346
nesting-vpn,252
nexthop,161
nhop-only,162
non-stop-routing,59
path-metric-type,163
pce address,164
pce deadtimer,165
pce keepalive,165
pce request-timeout,166
pce static,167
pce tolerance,168
peer,323
peer,210
peer next-hop-invariable,287
peer next-hop-invariable,253
peer signaling,324
peer upe,254
peer upe route-policy,254
ping mpls ipv4,359
ping mpls pw,362
ping mpls te,363
policy vpn-target,287
policy vpn-target,325
policy vpn-target,255
ppp ipcp ignore local-ip,326
ppp ipcp proxy,326
preferred-path,225
protection dual-receive,327
protection holdoff,385
protection revertive,386
protection switch,387
protection switching-mode bidirectional,388
psc message-interval,389
pv-limit,60
pw-class (auto-discovery cross-connect group view),328
pw-class (system view),329
pw-type,329
refresh interval,211
reset counters interface,346
reset counters interface,390
reset mpls ldp,61
reset mpls statistics,24
reset mpls te auto-bandwidth-adjustment timers,168
reset mpls te pce statistics,169
reset rsvp authentication,212
reset rsvp statistics,213
revertive,331
route-distinguisher,331
route-distinguisher (VPN instance view),401
route-distinguisher (VPN instance view),256
route-replicate,257
route-tag (OSPF view),258
route-tag (OSPFv3 view),288
route-tag-check enable,289
routing-table limit,259
routing-table limit,402
rr-filter,332
rr-filter (BGP VPNv4 address family view),260
rr-filter (BGP VPNv6 address family view),290
rsvp,213
rsvp authentication challenge,214
rsvp authentication key,215
rsvp authentication lifetime,216
rsvp authentication window-size,218
rsvp bfd enable,219
rsvp enable,220
rsvp hello enable,220
rsvp reduction retransmit increment,221
rsvp reduction retransmit interval,222
rsvp reduction srefresh,222
select-seq load-balance-number,227
sequencing,333
service,390
service standby,392
session protection,75
sham-link (OSPF area view),261
sham-link (OSPFv3 area view),291
shutdown,394
shutdown,347
shutdown (cross-connect group view),334
site,334
snmp context-name,263
snmp-agent trap enable l2vpn,335
snmp-agent trap enable l3vpn,264
snmp-agent trap enable ldp,62
snmp-agent trap enable mpls,26
snmp-agent trap enable te,169
static-cr-lsp egress,177
static-cr-lsp ingress,177
static-cr-lsp transit,178
static-lsp egress,28
static-lsp ingress,29
static-lsp transit,30
static-sr-mpls adjacency,412
static-sr-mpls lsp,413
static-sr-mpls prefix,414
targeted-peer,76
targeted-peer,82
te-subtlv,170
timers removal unused,171
tnl-policy,264
tracert mpls ipv4,364
tracert mpls te,366
tunnel route-static,171
tunnel-number,172
tunnel-policy,227
tunnel-policy (auto-discovery cross-connect view),336
vccv bfd,367
vccv cc,368
vpn popgo,266
vpn-id,403
vpn-id,266
vpn-instance,62
vpn-instance-capability simple (OSPF view),404
vpn-instance-capability simple (OSPFv3 view),408
vpn-route cross multipath,267
vpn-target,337
vpn-target (VPN instance view/IPv4 VPN view/IPv6 VPN view),268
vpn-target (VPN instance view/IPv4 VPN view/IPv6 VPN view),404
xconnect-group,338