Hardware	Basic MPLS compatibility
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No
MSR2600-6-X1/2600-10-X1	Yes
MSR 2630	Yes
MSR3600-28/3600-51	Yes
MSR3600-28-SI/3600-51-SI	Yes
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes
MSR 3610/3620/3620-DP/3640/3660	Yes
MSR5620/5660/5680	Yes

Hardware	Basic MPLS compatibility
MSR810-LM-GL	No
MSR810-W-LM-GL	No
MSR830-6EI-GL	No
MSR830-10EI-GL	No
MSR830-6HI-GL	No
MSR830-10HI-GL	No
MSR2600-6-X1-GL	Yes
MSR3600-28-SI-GL	Yes

Commands and descriptions for centralized devices apply to the following routers:

· MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/ 810-LMS/810-LUS.

· MSR2600-6-X1/2600-10-X1.

· MSR 2630.

· MSR3600-28/3600-51.

· MSR3600-28-SI/3600-51-SI.

· MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC.

· MSR 3610/3620/3620-DP/3640/3660.

Commands and descriptions for distributed devices apply to the following routers:

· MSR5620.

· MSR 5660.

· MSR 5680.

IPv6-related parameters are not supported on the MSR3600-28-SI/3600-51-SI routers.

display mpls forwarding ilm

Use display mpls forwarding ilm to display Incoming Label Map (ILM) entries.

Syntax

Centralized devices in standalone mode:

display mpls forwarding ilm [ label ]

Distributed devices in standalone mode/centralized devices in IRF mode:

display mpls forwarding ilm [ label ] [ slot slot-number ]

Distributed devices in IRF mode:

display mpls forwarding ilm [ label ] [ chassis chassis-number slot slot-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

label: Displays the ILM entry with the specified incoming label. The value range for this argument is 16 to 1048575. If you do not specify an incoming label, this command displays information about ILM entry information for all incoming labels.

slot slot-number: Specifies a card by its slot number. If you do not specify a card, this command displays ILM entries for the active MPU. (Distributed devices in standalone mode.)

slot slot-number: Specifies an IRF member device by its member ID. If you do not specify a member device, this command displays ILM entries for the master device. (Centralized devices in IRF mode.)

chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The chassis-number argument represents the member ID of the IRF member device. The slot-number argument represents the slot number of the card. If you do not specify a card, this command displays ILM entries for the global active MPU. (Distributed devices in IRF mode.)

Usage guidelines

An ILM entry records the label operation type, outgoing label, and other forwarding information.

After an LSR receives a labeled packet, it performs the following operations:

1. Identifies the ILM entry that matches the top label of the packet.

2. Performs the specified label operation.

3. Forwards the packet.

Examples

# Display all ILM entries.

<Sysname> display mpls forwarding ilm

Total ILM entries: 3

Flags: T - Forwarded through a tunnel

N - Forwarded through the outgoing interface to the nexthop IP address

B - Backup forwarding information

A - Active forwarding information

InLabel Oper VRF Flag SwapLabel Forwarding Info

--------------------------------------------------------------------------------

30 SWAP 0 T 1300 1024

1279 POP 0 - - -

1407 SWAP 0 NA 1271 GE2/0/3 50.2.0.2

NB 1270 Tun0 0.0.0.0

Table 1 Command output

Field	Description
Total ILM entries	Total number of ILM entries.
InLabel	Incoming label.
Oper	Operation type: · POP—Pops the label. · POPGO—Pops the label and forwards the packet to another tunnel. · SWAP—Swaps the label.
VRF	Index of a VPN instance.
Flag	Forwarding flag: · T—Forwarded through a tunnel. · N—Forwarded through the outgoing interface to the next hop IP address. · B—Backup forwarding information. · A—Active forwarding information.
SwapLabel	Outgoing label value.
Forwarding Info	Forwarding information: · When the forwarding flag is N, the forwarding information records the outgoing interface and the next hop. · When the forwarding flag is T, the forwarding information records the NID.

display mpls forwarding nhlfe

Use display mpls forwarding nhlfe to display Next Hop Label Forwarding Entry (NHLFE) entries.

Syntax

Centralized devices in standalone mode:

display mpls forwarding nhlfe [ nid ]

Distributed devices in standalone mode/centralized devices in IRF mode:

display mpls forwarding nhlfe [ nid ] [ slot slot-number ]

Distributed devices in IRF mode:

display mpls forwarding nhlfe [ nid ] [ chassis chassis-number slot slot-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

nid: Displays the NHLFE entry with the specified NID. The NID value is in the range of 0 to 4294967294. If you do not specify an NID, this command displays NHLFE entry information for all NIDs.

slot slot-number: Specifies a card by its slot number. If you do not specify a card, this command displays NHLFE entries for the active MPU. (Distributed devices in standalone mode.)

slot slot-number: Specifies an IRF member device by its member ID. If you do not specify a member device, this command displays NHLFE entries for the master device. (Centralized devices in IRF mode.)

chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The chassis-number argument represents the member ID of the IRF member device. The slot-number argument represents the slot number of the card. If you do not specify a card, this command displays NHLFE entries for the global active MPU. (Distributed devices in IRF mode.)

Usage guidelines

An NHLFE entry records label forwarding information, such as the outgoing label and outgoing interface. NHLFE entries are mainly used to add multiple labels to packets.

To add multiple labels to a packet, an LSR performs the following operations:

1. Obtains the bottom label and NID in the matching FIB or ILM entry.

2. Obtains the outer label in the NHLFE entry identified by the NID.

Examples

# Display the NHLFE entry with NID 2048.

<Sysname> display mpls forwarding nhlfe 2048

Flags: T - Forwarded through a tunnel

N - Forwarded through the outgoing interface to the nexthop IP address

B - Backup forwarding information

A - Active forwarding information

NID Tnl-Type Flag OutLabel Forwarding Info

--------------------------------------------------------------------------------

2048 LSP NA 2025 GE2/0/2 10.11.112.26

# Display all NHLFE entries.

<Sysname> display mpls forwarding nhlfe

Total NHLFE entries: 5

Flags: T - Forwarded through a tunnel

N - Forwarded through the outgoing interface to the nexthop IP address

B - Backup forwarding information

A - Active forwarding information

NID Tnl-Type Flag OutLabel Forwarding Info

--------------------------------------------------------------------------------

10 - TA - 2049

20 - TA - 2050

2048 LSP NA 2025 GE2/0/2 10.11.112.26

2049 LSP NA 3024 GE2/0/2 10.11.112.26

TB 3026 20

2050 LSP NA 3025 GE2/0/1 10.11.113.26

Table 2 Command output

Field	Description
Total NHLFE entries	Total number of NHLFE entries.
NID	NHLFE entry index.
Tnl-Type	Tunnel type: · LOCAL—Direct LSP tunnel. · LSP—Static LSP tunnel, or LSP tunnel signaled using LDP or BGP. · TE—TE tunnel. · GRE—GRE tunnel. · CRLSP—Static CRLSP/SRLSP tunnel or CRLSP tunnel signaled using RSVP. · - (a hyphen)—The tunnel type is invalid.
Flag	Forwarding flag: · T—Forwarded through a tunnel. · N—Forwarded through the outgoing interface to the next hop IP address. · B—Backup forwarding information. · A—Active forwarding information.
OutLabel	Outgoing label.
Forwarding Info	Forwarding information: · When the forwarding flag is N, the forwarding information records the outgoing interface and the next hop. · When the forwarding flag is T, the forwarding information records the NID.

display mpls interface

Use display mpls interface to display MPLS interface information, including the interface name, interface status, and interface MPLS MTU.

Syntax

display mpls interface [ interface-type interface-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

interface-type interface-number: Specifies an interface by the interface type and number. If you do not specify an interface, this command displays MPLS information for all MPLS-enabled interfaces.

Examples

# Display all MPLS interfaces.

<Sysname> display mpls interface

Interface Status MPLS MTU

GE2/0/1 Up 1514

GE2/0/2 Up 1514

The MPLS MTU of an interface is in bytes.

Related commands

mpls enable

mpls mtu

display mpls label

Use display mpls label to display MPLS label usage information.

Syntax

display mpls label { label-value1 [ to label-value2 ] | all }

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

label-value1: Specifies a label value in the range of 16 to 1048575. If used with the label-value2 argument, the label-value1 argument represents the start label of a label range.

to label-value2: Specifies the end label of the label range. The value range for the end label is 16 to 1048575. If you specify a label range by using the label-value1 argument and the to label-value2 option, this command displays usage information for the specified range of labels.

all: Specifies all labels.

Examples

# Display usage information for labels 900 through 902.

<Sysname> display mpls label 900 to 902

Label Owner State

900 - Idle

901 - Idle

902 LDP Alloc

Table 3 Command output

Field	Description
Label	Label value.
Owner	Protocol that is using the label: · Static—Static LSP. · LDP. · BGP. · StaticCR—Static CRLSP or static SRLSP. · RSVP. · L2VPN. This field displays a hyphen (-) when the label state is Idle.
State	Usage state of the label: · Idle—The label is idle. · Alloc—The label has been allocated. · Pending—The label has been released but is still used by an LSP entry. · Inuse—The label has been allocated and used by an LSP entry.

display mpls lsp

Use display mpls lsp to display LSP information.

Syntax

display mpls lsp [ egress | in-label label-value | ingress | outgoing-interface interface-type interface-number | protocol { bgp | ldp | local | rsvp-te | static | static-cr } | transit ] [ vpn-instance vpn-instance-name ] [ ipv4-address mask-length | ipv6 [ ipv6-address prefix-length ] ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

egress: Displays the LSPs taking the current LSR as egress.

in-label label-value: Displays the LSPs using the specified label as the incoming label, in the range of 0 to 1048575.

ingress: Displays the LSPs taking the current LSR as ingress.

outgoing-interface interface-type interface-number: Displays the LSPs using the specified interface as the outgoing interface. The interface-type interface-number argument specifies an interface by its type and number.

protocol: Displays the LSPs established by a protocol.

bgp: Displays BGP LSPs.

ldp: Displays LDP LSPs.

local: Displays the LSPs to the direct next hops, or displays the LSPs that use the local MPLS TE tunnel interfaces or tunnel bundle interfaces as the LSP heads.

rsvp-te: Displays CRLSPs established by RSVP-TE.

The following matrix shows the rsvp-te keyword and hardware compatibility:

Hardware	Keyword compatibility
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No
MSR2600-6-X1/2600-10-X1	Yes
MSR 2630	Yes
MSR3600-28/3600-51	Yes
MSR3600-28-SI/3600-51-SI	No
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes
MSR 3610/3620/3620-DP/3640/3660	Yes
MSR5620/5660/5680	Yes

Hardware	Keyword compatibility
MSR810-LM-GL	No
MSR810-W-LM-GL	No
MSR830-6EI-GL	No
MSR830-10EI-GL	No
MSR830-6HI-GL	No
MSR830-10HI-GL	No
MSR2600-6-X1-GL	Yes
MSR3600-28-SI-GL	No

static: Displays static LSPs.

static-cr: Displays static CRLSPs and static SRLSPs.

The following matrix shows the static-cr keyword and hardware compatibility:

Hardware	Keyword compatibility
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No
MSR2600-6-X1/2600-10-X1	Yes
MSR 2630	Yes
MSR3600-28/3600-51	Yes
MSR3600-28-SI/3600-51-SI	No
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes
MSR 3610/3620/3620-DP/3640/3660	Yes
MSR5620/5660/5680	Yes

transit: Displays the LSPs taking the current LSR as a transit LSR.

vpn-instance vpn-instance-name: Displays LSPs for the specified VPN instance. The vpn-instance-name is a case-sensitive string of 1 to 31 characters. If you do not specify this option, the command displays LSPs for the public network.

ipv4-address mask-length: Displays the IPv4 LSP for an FEC specified by an IPv4 address and a mask length. The value range for the mask length is 0 to 32.

ipv6: Displays IPv6 LSP information. If you do not specify this keyword, the command displays IPv4 LSP information.

ipv6-address prefix-length: Displays the IPv6 LSP for an FEC specified by an IPv6 address and a prefix length. The value range for the prefix length is 0 to 128.

verbose: Displays detailed LSP information. If you do not specify this keyword, the command displays brief LSP information.

Usage guidelines

If you do not specify any parameters, this command displays brief information about all LSPs. If you specify only the verbose keyword, this command displays detailed information about all LSPs.

Examples

# Display brief information about all IPv4 LSPs.

<Sysname> display mpls lsp

FEC Proto In/Out Label Interface/Out NHLFE

100.100.100.100/24 LDP -/1049 GE2/0/1

Backup -/1050 GE2/0/2

100.100.100.10/24 LDP -/1051 GE2/0/3

Backup -/1050 GE2/0/2

100.100.100.10/24 LDP -/1049 GE2/0/3

101.100.100.10/24 LDP 1026/1049 GE2/0/1

102.100.100.10/24 LDP 1027/- -

103.100.100.10/24 LDP 1028/1049 Tunnel10

110.100.100.20/24 BGP -/1049 GE2/0/1

111.100.100.10/24 BGP 2028/1049 GE2/0/1

112.100.100.10/24 BGP 2029/- GE2/0/1

113.100.100.10/24 BGP 2030/1049 NHLFE1500

114.100.100.10/24 BGP 2031/1050 Tunnel100

100.100.100.100 Local -/- GE2/0/1

101.101.101.101/32 Static -/100 GE2/0/1

- Static 100/200 GE2/0/1

- Static 101/- GE2/0/1

200.200.200.200/64000/64000 RSVP -/1030 GE2/0/2

201.200.200.200/64000/64000 RSVP 1024/1031 GE2/0/2

202.200.200.200/64000/64000 RSVP 1025/- -

150.140.150.100/64001/0 StaticCR -/1000 GE2/0/2

- StaticCR 50/1001 GE2/0/2

- StaticCR 51/- -

Table 4 Command output

Field	Description
FEC	Forwarding equivalence class: · IP address/mask—Classifies FECs by destination address. · IP address—Classifies FECs by next hop. · IP address/Out Label—Classifies FECs by next hop and outgoing label. · Ingress LSR ID/Tunnel ID/LSP ID—RSVP TE FEC. · - (a hyphen)—The LSP is a static transit LSP, static egress LSP, adjacency path for static SRLSPs, static transit CRLSP, or static egress CRLSP. · Backup—The LSP is a backup LSP of the previous LSP.
Proto	Label distribution protocol: · LDP. · BGP. · RSVP. · Static. · StaticCR—Static CRLSP or static SRLSP. · Local—LSP to a direct next hop, or LSP that uses a local MPLS TE tunnel interface or tunnel bundle interface as the LSP head.
In/Out Label	Incoming label/outgoing label.
Interface/Out NHLFE	Outgoing interface name or NHLFE entry index. NHLFEnumber specifies the outer LSP that carries the current LSP. The outer LSP is that matches the NHLFE entry with an NID of number.

# Display IPv6 LSP information.

<Sysname> display mpls lsp ipv6

FEC : 100:100:100:100:100:100:100:100/128

Protocol : BGP In-Label : 2050

Out-Label: 10003 Out-Interface: GE2/0/1

BkLabel : 10004 BkInterface : GE2/0/2

Table 5 Command output

Field	Description
FEC	Forwarding equivalence class: · IP address/mask—Classifies FECs by destination address. · IP address—Classifies FECs by next hop. · IP address/Out Label—Classifies FECs by next hop and outgoing label. · Ingress LSR ID/Tunnel ID/LSP ID—RSVP TE FEC. · - (a hyphen)—The LSP is a static transit LSP, static egress LSP, static transit CRLSP, or static egress CRLSP.
Protocol	Label distribution protocol: · LDP. · BGP. · RSVP. · Static. · StaticCR—Static CRLSP or static SRLSP. · Local—LSP to a direct next hop, or LSP that uses a local MPLS TE tunnel interface or tunnel bundle interface as the LSP head.
BkLabel	Outgoing label of the backup LSP.
BkInterface	Outgoing interface of the backup LSP.

# Display detailed information about all LSPs.

<Sysname> display mpls lsp verbose

Destination : 56.10.10.2

FEC : 56.10.10.2/32

Protocol : LDP

LSR Type : Egress

Service : Statistics

In-Label : 1024

State : Active

Inbound Statistics:

Octets : 13000

Packets : 100

Errors : 0

Discards : 0

Destination : 56.10.10.4

FEC : 56.10.10.2/32

Protocol : LDP

LSR Type : Transit

Service : Statistics

In-Label : 1026

Inbound Statistics:

Octets : 10600

Packets : 100

Errors : 0

Discards : 0

Path ID : 0x40000000.1

State : Active

Out-Label : 1800

Nexthop : 10.1.1.2

Out-Interface: GE2/0/1

BkLabel : 1900

BkNexthop : 20.1.1.2

BkInterface : GE2/0/2

Outbound Statistics:

Octets : 12600

Packets : 100

Errors : 0

Discards : 0

Destination : 56.10.10.4

FEC : 56.10.10.2/32

Protocol : LDP

LSR Type : Ingress

Service : -

NHLFE ID : 2000

State : Active

Out-Label : 1800

Nexthop : 10.1.1.2

Out-Interface: GE2/0/1

Table 6 Command output

Field	Description
Destination	LSP destination address.
FEC	Forwarding equivalence class: · IP address/mask—Classifies FECs by destination address. · IP address—Classifies FECs by next hop. · IP address/Out Label—Classifies FECs by next hop and outgoing label. · Ingress LSR ID/Tunnel ID/LSP ID—RSVP TE FEC. · - (a hyphen)—The LSP is a static transit LSP, static egress LSP, static transit CRLSP, or static egress CRLSP.
Protocol	Label distribution protocol: · LDP. · BGP (instance-name)—The instance-name specifies a BGP instance name. The value of default represents the default BGP instance. · RSVP. · Static. · StaticCR—Static CRLSP. · Local—LSP to a direct next hop, or LSP that uses a local MPLS TE tunnel interface or tunnel bundle interface as the LSP head.
LSR Type	LSR type: · Ingress—The current LSR is the ingress node of the LSP. · Transit—The current LSR is a transit node of the LSP. · Egress—The current LSR is the egress node of the LSP.
Service	Service deployed on the LSP. The service can only be Statistics, which indicates the MPLS forwarding statistics feature.
Path ID	Forwarding path. The value is in the format of 0xnn.m. The nn represents the NHLFE group ID of the outer LSPs that carry the current LSP, and m represents the sequence number of the equivalence path.
NHLFE ID	NHLFE entry index.
State	LSP state: · Active—The LSP is in use. · Inactive—The LSP is idle.
Inbound Statistics	MPLS forwarding statistics in inbound direction: · Octets—Number of received octets. · Packets—Number of received packets. · Errors—Number of received error packets. · Discards—Number of discarded packets.
BkLabel	Outgoing label of the backup LSP.
BkNexthop	Next hop address of the backup LSP.
BkInterface	Outgoing interface of the backup LSP.
Outbound Statistics	MPLS forwarding statistics in outbound direction: · Octets—Number of sent octets. · Packets—Number of sent packets. · Errors—Number of error packets. · Discards—Number of discarded packets.

Related commands

display mpls lsp statistics

Use display mpls lsp statistics to display LSP statistics.

Syntax

display mpls lsp statistics [ ipv6 ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

ipv6: Displays IPv6 LSP statistics. If you do not specify this keyword, the command displays IPv4 LSP statistics.

Examples

# Display IPv4 LSP statistics.

<Sysname> display mpls lsp statistics

LSP Type Ingress/Transit/Egress Active

Static LSP 0/0/0 0/0/0

Static CRLSP 0/0/0 0/0/0

LDP LSP 2/2/1 2/2/1

RSVP CRLSP 0/0/0 0/0/0

BGP LSP 0/0/0 0/0/0

Local LSP 2/0/0 2/0/0

-----------------------------------------------------

Total 4/2/1 4/2/1

# Display IPv6 LSP statistics.

<Sysname> display mpls lsp statistics ipv6

LSP Type Ingress/Transit/Egress Active

Static LSP 0/0/0 0/0/0

Static CRLSP 0/0/0 0/0/0

LDP LSP 6/6/2 6/6/2

RSVP CRLSP 0/0/0 0/0/0

BGP LSP 0/0/0 0/0/0

Local LSP 2/0/0 2/0/0

-----------------------------------------------------

Total 8/6/2 8/6/2

Table 7 Command output

Field	Description
LSP Type	LSP types: · Static LSP. · Static CRLSP—Static CRLSP or static SRLSP. · LDP LSP. · Local LSP—LSP to a direct next hop, or LSP that uses a local MPLS TE tunnel interface or tunnel bundle interface as the LSP head. · RSVP CRLSP. · BGP LSP.
Total	Total number of LSPs.
Ingress	Number of LSPs that take the local device as the ingress node.
Transit	Number of LSPs that take the local device as a transit node.
Egress	Number of LSPs that take the local device as the egress node.
Active	Number of active LSPs of a type.

display mpls nib

Use display mpls nib to display MPLS Nexthop Information Base (NIB) information.

Syntax

display mpls nib [ nib-id ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

nib-id: Specifies a next hop ID in the range of 1 to FFFFFFFFFFFFFFFE. If you do not specify a next hop, this command displays information about all MPLS next hops.

Examples

# Display information about all MPLS next hops.

<Sysname> display mpls nib

NIB ID: 0x40000000

Users: 1

Status: Active

ECMP number: 1

Outgoing NHLFE ID: 1024

Backup outgoing NHLFE ID: 1027

Table 8 Command output

Field	Description
NIB ID	ID of the next hop.
Users	Number of ILM entries that use this next hop.
Status	Next hop status: · Active—The next hop is active. · Dummy—The next hop is inactive.
ECMP number	Number of equal-cost NHLFE entries.
Outgoing NHLFE ID	ID of the NHLFE entry to which the next hop corresponds.
Backup outgoing NHLFE ID	ID of the backup NHLFE entry.

display mpls nid

Use display mpls nid to display usage information for NIDs.

Syntax

display mpls nid [ nid-value1 [ to nid-value2 ] ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

nid-value1: Specifies an NID. The value range for this argument is 0 to 65535. If used with the nid-value2 argument, the nid-value1 argument represents the start NID of an NID range.

to nid-value2: Specifies the end NID of the NID range. The value range for the end NID is 0 to 65535. If you specify an NID range by using the nid-value1 argument and the to nid-value2 option, this command displays usage information for the specified range of NIDs.

Usage guidelines

NIDs are 32-bit binary numbers. They include fixed NIDs and dynamic NIDs.

· Fixed NIDs—Generated for tunnel interfaces or tunnel bundle interfaces. The highest four bits are a value other than 0000.

· Dynamic NIDs—NIDs except fixed NIDs. The highest four bits are 0s.

This command displays usage information only for dynamic NIDs.

If you do not specify any parameters, this command displays usage information for all dynamic NIDs.

Examples

# Display usage information for dynamic NIDs 1028 through 1500.

<Sysname> display mpls nid 1028 to 1500

NID alloc state: '.' means not used, '$' means used

1028 :...$.... ........ ........ ........ ........ ........ ........ ........

1092 :........ ........ ........ ........ ........ ........ ........ ........

1156 :........ ........ ........ ........ ........ ........ ........ ........

1220 :........ ........ ........ ........ ........ ........ ........ ........

1284 :........ ........ ........ ........ ........ ........ ........ ........

1348 :........ ........ ........ ........ ........ ........ ........ ........

1412 :........ ........ ........ ........ ........ ........ ........ ........

1476 :........ ........ ........ .

display mpls summary

Use display mpls summary to display MPLS summary information.

Syntax

display mpls summary

Views

Any view

Predefined user roles

network-admin

network-operator

Examples

# Display MPLS summary information.

<Sysname> display mpls summary

MPLS LSR ID : 1.1.1.1

Egress Label Type: Implicit-null

Labels:

Range Idle

16-2047 2030

2048-699999 697952

700000-709999 10000

710000-774999 65000

775000-1039999 265000

1040000-1048000 8001

Protocols:

Type State

LDP Normal

RSVP Normal

BGP(default) Normal

Static Normal

CCC Normal

StaticCR Normal

Local Normal

BGP(xy) Normal

BGP(abc) Normal

Table 9 Command output

Field	Description
Egress Label Type	Label type that the egress assigns to the penultimate hop: · Implicit-null. · Explicit-null. · Non-null.
Labels	Label information.
Range	Label range.
Idle	Number of idle labels in the label range.
Protocols	Label distribution protocols that generated LSPs and their running states.
Type	Protocol type: LDP, BGP (instance-name), RSVP, Static, StaticCR, TE, or CCC. The instance-name specifies a BGP instance name. The value of default represents the default BGP instance.
State	Label distribution protocol running state: · Normal. · Recover—The protocol is in the GR process.

ftn enable

Use ftn enable to enable the device to maintain FEC-to-NHLFE map (FTN) entries in the RIB.

Use undo ftn enable to disable the device to maintain FTN entries in the RIB.

Syntax

ftn enable

undo ftn enable

Default

The device does not maintain FTN entries in the RIB.

Views

RIB IPv4 address family view

Predefined user roles

network-admin

Usage guidelines

FTN entries are FIB entries that contain outgoing labels. When an LSR receives an unlabeled packet, it searches the corresponding FTN entry based on the destination IP address. If a match is found, the LSR adds the outgoing label in the FTN entry to the packet and forwards the labeled packet.

For the device to collect FTN forwarding statistics, you must execute the ftn enable command first, and then use the mpls-forwarding statistics prefix-list command to enable FTN forwarding statistics.

Examples

# Enable the device to maintain FTN entries in the RIB.

<Sysname> system-view

[Sysname] rib

[system-rib] address-family ipv4

[system-rib-ipv4] ftn enable

Related commands

mpls-forwarding statistics prefix-list

mpls enable

Use mpls enable to enable MPLS on an interface.

Use undo mpls enable to disable MPLS on an interface.

Syntax

mpls enable

undo mpls enable

Default

MPLS is disabled on an interface.

Views

Interface view

Predefined user roles

network-admin

Examples

# Enable MPLS on interface GigabitEthernet 2/0/1.

<Sysname> System-view

[Sysname] interface gigabitethernet 2/0/1

[Sysname-GigabitEthernet2/0/1] mpls enable

Related commands

display mpls interface

mpls forwarding split-horizon

Use mpls forwarding split-horizon to enable split horizon for MPLS forwarding.

Use undo mpls forwarding split-horizon to disable split horizon for MPLS forwarding.

Syntax

mpls forwarding split-horizon

undo mpls forwarding split-horizon

Default

Split horizon is disabled for MPLS forwarding.

Views

System view

Predefined user roles

network-admin

Examples

# Enable split horizon for MPLS forwarding.

<Sysname> system-view

[Sysname] mpls forwarding split-horizon

mpls label advertise

Use mpls label advertise to specify the type of label the egress will advertise to the penultimate hop.

Use undo mpls label advertise to restore the default.

Syntax

mpls label advertise { explicit-null | implicit-null | non-null }

undo mpls label advertise

Default

As an egress, the device advertises an implicit null label to the penultimate hop.

Views

System view

Predefined user roles

network-admin

Parameters

explicit-null: Specifies the egress to advertise an explicit null label of 0 to the penultimate hop. implicit-null: Specifies the egress to advertise an implicit null label of 3 to the penultimate hop.

non-null: Specifies the egress to advertise a non-null label to the penultimate hop.

Usage guidelines

As a best practice, configure the egress node to advertise an implicit null label to the penultimate hop if the penultimate hop supports PHP.

If you want to simplify packet forwarding on the egress but keep labels to determine QoS policies, configure the egress node to advertise an explicit null label to the penultimate hop.

Use non-null labels only in particular scenarios. For example, when OAM is configured on the egress node, the egress node can get the OAM function entity status only through non-null labels.

As a penultimate hop, the device accepts the implicit null label, explicit null label, or non-null label advertised by the egress device.

For LDP LSPs, the mpls label advertise command triggers LDP to delete the LSPs established before the command is executed and re-establishes new LSPs.

For BGP LSPs, the mpls label advertise command takes effect only on the BGP LSPs established after the command is executed. To apply the new setting to BGP LSPs established before the command is executed, delete the routes corresponding to the BGP LSPs, and then redistribute the routes.

Examples

# Configure the egress device to advertise an explicit null label to the penultimate hop.

<Sysname> system-view

[Sysname] mpls label advertise explicit-null

Related commands

reset mpls ldp

mpls lsr-id

Use mpls lsr-id to configure an LSR ID for the local LSR.

Use undo mpls lsr-id to restore the default.

Syntax

mpls lsr-id lsr-id

undo mpls lsr-id

Default

An LSR has no LSR ID.

Views

System view

Predefined user roles

network-admin

Parameters

lsr-id: Specifies an ID for identifying the LSR, in dotted decimal notation.

Usage guidelines

As a best practice, use the address of a loopback interface on the LSR as the LSR ID.

Examples

# Configure the LSR ID as 3.3.3.3 for the local node.

<Sysname> system-view

[Sysname] mpls lsr-id 3.3.3.3

Related commands

lsr-id

mpls mtu

Use mpls mtu to set the MPLS MTU for an interface.

Use undo mpls mtu to restore the default.

Syntax

mpls mtu size

undo mpls mtu

Default

The MPLS MTU of an interface is not configured. Fragmentation for MPLS packets is based on the IP MTU. If IP MTU is not configured, fragmentation for MPLS packets is based on the MTU of the interface. The length of a fragment does not include that of the MPLS label. Thus, after an MPLS label is added into a fragment, the length of the MPLS fragment might exceed the interface MTU.

Views

Interface view

Predefined user roles

network-admin

Parameters

size: Specifies the MPLS MTU of the interface, in the range of 46 to 65535 bytes.

Usage guidelines

This command is effective only when MPLS is enabled on the interface.

If the MPLS MTU is larger than the interface MTU, data forwarding might fail.

MPLS TE tunnel interfaces do not support this command.

Examples

# Set the MPLS MTU of interface GigabitEthernet 2/0/1 to 1000 bytes.

<Sysname> system-view

[Sysname] interface gigabitethernet 2/0/1

[Sysname-GigabitEthernet2/0/1] mpls enable

[Sysname-GigabitEthernet2/0/1] mpls mtu 1000

Related commands

display mpls interface

mpls statistics

Use mpls statistics to enable MPLS label forwarding statistics for LSPs.

Use undo mpls statistics to disable MPLS label forwarding statistics for LSPs.

Syntax

mpls statistics { all | [ vpn-instance vpn-instance-name ] { ipv4 ipv4-address mask-length | ipv6 ipv6-address prefix-length } | static | te ingress-lsr-id tunnel-id }

undo mpls statistics { all | [ vpn-instance vpn-instance-name ] { ipv4 ipv4-address mask-length | ipv6 ipv6-address prefix-length } | static | te ingress-lsr-id tunnel-id }

Default

MPLS label forwarding statistics are disabled for all LSPs.

Views

System view

Predefined user roles

network-admin

Parameters

all: Specifies all LSPs.

vpn-instance vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command enables MPLS forwarding statistics for public LSPs.

ipv4 ipv4-address mask-length: Specifies the IPv4 LSP for an FEC specified by an IPv4 address and a mask length. The mask length is in the range of 0 to 32.

ipv6 ipv6-address prefix-length: Specifies the BGP-IPv6 LSP for an FEC specified by an IPv6 address and a prefix length. The prefix length is in the range of 0 to 128.

static: Specifies static LSPs, static CRLSPs, and static SRLSPs.

te ingress-lsr-id tunnel-id: Specifies an RSVP-TE tunnel. The ingress-lsr-id represents the LSR ID of the ingress node of the tunnel. The tunnel-id argument represents the ID of the tunnel.

The following matrix shows the tunnel-id argument and hardware compatibility:

Hardware	Argument compatibility	Value range
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No	N/A
MSR2600-6-X1/2600-10-X1	Yes	0 to 10239
MSR 2630	Yes	0 to 10239
MSR3600-28/3600-51	Yes	0 to 10239
MSR3600-28-SI/3600-51-SI	No	N/A
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes	0 to 10239
MSR 3610/3620/3620-DP/3640/3660	Yes	0 to 10239
MSR5620/5660/5680	Yes	0 to 10239

Hardware	Argument compatibility	Value range
MSR810-LM-GL	No	N/A
MSR810-W-LM-GL	No	N/A
MSR830-6EI-GL	No	N/A
MSR830-10EI-GL	No	N/A
MSR830-6HI-GL	No	N/A
MSR830-10HI-GL	No	N/A
MSR2600-6-X1-GL	Yes	0 to 10239
MSR3600-28-SI-GL	No	N/A

Usage guidelines

MPLS label forwarding forwards a labeled packet based on its incoming label. MPLS label forwarding statistics is enabled by this command.

FTN forwarding adds a label to an unlabeled packet, and forwards the labeled packet. FTN forwarding statistics collection is enabled by the mpls-forwarding statistics prefix-list command in RIB IPv4 address family view.

To display MPLS label forwarding statistics by using the display mpls lsp verbose command, you must perform the following tasks:

1. Use the mpls statistics command to enable the MPLS label forwarding statistics feature.

2. Use the mpls statistics interval command to enable the MPLS statistics reading feature.

Examples

# Enable MPLS label forwarding statistics for the LSP destined for 2.2.2.2/32.

<Sysname> system-view

[Sysname] mpls statistics ipv4 2.2.2.2 32

Related commands

display mpls lsp verbose

mpls statistics interval

reset mpls statistics

mpls statistics interval

Use mpls statistics interval to enable MPLS label forwarding statistics reading and set the reading interval.

Use undo mpls statistics interval to disable MPLS label forwarding statistics reading.

Syntax

mpls statistics interval interval

undo mpls statistics interval

Default

MPLS forwarding statistics reading is disabled.

Views

System view

Predefined user roles

network-admin

Parameters

interval: Specifies the MPLS label forwarding statistics reading interval in the range of 30 to 65535 seconds.

Usage guidelines

To display MPLS label forwarding statistics by using the display mpls lsp verbose command, you must perform the following tasks:

1. Use the mpls statistics command to enable the MPLS label forwarding statistics feature.

2. Use the mpls statistics interval command to enable the MPLS statistics reading feature.

Examples

# Enable MPLS label forwarding statistics reading and set the reading interval to 30 seconds.

<Sysname> system-view

[Sysname] mpls statistics interval 30

Related commands

display mpls lsp verbose

mpls statistics

reset mpls statistics

mpls ttl expiration enable

Use mpls ttl expiration enable to enable sending MPLS TTL-expired messages.

Use undo mpls ttl expiration enable to disable sending MPLS TTL-expired messages.

Syntax

mpls ttl expiration enable

undo mpls ttl expiration enable

Default

The MPLS TTL-expired messages sending feature is enabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

This command enables an LSR to generate an ICMP TTL-expired message upon receiving an MPLS packet with TTL being 1.

· If the MPLS packet has only one label, the LSR sends the ICMP TTL-expired message back to the source through IP routing.

· If the MPLS packet has multiple labels, the LSR forwards the ICMP TTL-expired message along the LSP of the MPLS packet to the egress. Then, the egress sends the message back to the source.

Examples

# Disable sending MPLS TTL-expired messages.

<Sysname> system-view

[Sysname] undo mpls ttl expiration enable

mpls ttl propagate

Use mpls ttl propagate to enable TTL propagation.

Use undo mpls ttl propagate to disable TTL propagation.

Syntax

mpls ttl propagate { public | vpn }

undo mpls ttl propagate { public | vpn }

Default

TTL propagation is enabled for public network packets and is disabled for VPN packets.

Views

System view

Predefined user roles

network-admin

Parameters

public: Specifies public network packets.

vpn: Specifies VPN packets.

Usage guidelines

When TTL propagation is enabled, MPLS performs the following operations:

· Copies the IP TTL to the label TTL for packets entering the MPLS network.

· Copies the label TTL to the IP TTL for packets leaving the MPLS network.

If you enable TTL propagation on both the ingress and egress, the IP tracert facility can show the real path in the MPLS network.

When TTL propagation is disabled, MPLS performs the following operations:

· Sets the label TTL to 255 for packets entering the MPLS network.

· Pops the label for packets leaving the MPLS network, without copying the label TTL value to the IP TTL.

The IP tracert facility cannot show the real path in the MPLS network.

Within an MPLS network, TTL is always copied between the labels of an MPLS packet. The mpls ttl propagate command affects only the propagation between IP TTL and label TTL.

As a best practice, set the same TTL processing mode on all LSRs of an LSP.

To enable TTL propagation for a VPN, you must enable it on all PE devices in the VPN. This allows you to obtain the same traceroute result (hop count) from those PEs.

Examples

# Enable TTL propagation for VPN packets.

<Sysname> system-view

[Sysname] mpls ttl propagate vpn

mpls-forwarding statistics prefix-list

Use mpls-forwarding statistics prefix-list to enable FTN forwarding statistics for a destination network.

Use undo mpls-forwarding statistics prefix-list to disable FTN forwarding statistics for a destination network.

Syntax

mpls-forwarding statistics prefix-list prefix-list-name

undo mpls-forwarding statistics prefix-list prefix-list-name

Default

FTN forwarding statistics are disabled for all destination networks.

Views

RIB IPv4 address family view

Predefined user roles

network-admin

Parameter

prefix-list-name: Specifies an IPv4 address prefix list, a case-sensitive string of 1 to 63 characters. This command applies only to the destination networks that permitted by the prefix list.

Usage guidelines

FTN forwarding adds a label to an unlabeled packet, and forwards the labeled packet. FTN forwarding statistics collection is enabled by this command.

MPLS label forwarding forwards a labeled packet based on its incoming label. MPLS label forwarding statistics collection is enabled by the mpls statistics command.

Before executing this command, use the ftn enable command to enable the device to maintain FTN entries in the RIB.

Examples

# Enable FTN forwarding statistics for destination network 2.2.2.0/24.

<Sysname> system-view

[Sysname] ip prefix-list abc permit 2.2.2.0 24

[Sysname] rib

[system-rib] address-family ipv4

[system-rib-ipv4] ftn enable

[system-rib-ipv4] mpls-forwarding statistics prefix-list abc

Related commands

ftn enable

mpls statistics

mpls statistics interval

reset mpls statistics

Use reset mpls statistics to clear MPLS forwarding statistics for the specified LSPs.

Syntax

reset mpls statistics { all | [ vpn-instance vpn-instance-name ] { ipv4 ipv4-address mask-length | ipv6 ipv6-address prefix-length } | static | te ingress-lsr-id tunnel-id }

Views

User view

Predefined user roles

network-admin

Parameters

all: Specifies all LSPs.

vpn-instance vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command clears MPLS forwarding statistics for public LSPs.

ipv4 ipv4-address mask-length: Specifies the IPv4 LSP for an FEC specified by an IPv4 address and a mask length. The mask length is in the range of 0 to 32.

ipv6 ipv6-address prefix-length: Specifies the BGP-IPv6 LSP for an FEC specified by an IPv6 address and a prefix length. The prefix length is in the range of 0 to 128.

static: Specifies static LSPs and static CRLSPs.

te ingress-lsr-id tunnel-id: Specifies an RSVP-TE tunnel. The ingress-lsr-id argument represents the LSR ID of the ingress node of the tunnel. The tunnel-id argument represents the ID of the tunnel.

The following matrix shows the tunnel-id argument and hardware compatibility:

Hardware	Argument compatibility	Value range
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No	N/A
MSR2600-6-X1/2600-10-X1	Yes	0 to 10239
MSR 2630	Yes	0 to 10239
MSR3600-28/3600-51	Yes	0 to 10239
MSR3600-28-SI/3600-51-SI	No	N/A
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes	0 to 10239
MSR 3610/3620/3620-DP/3640/3660	Yes	0 to 10239
MSR5620/5660/5680	Yes	0 to 10239

Hardware	Argument compatibility	Value range
MSR810-LM-GL	No	N/A
MSR810-W-LM-GL	No	N/A
MSR830-6EI-GL	No	N/A
MSR830-10EI-GL	No	N/A
MSR830-6HI-GL	No	N/A
MSR830-10HI-GL	No	N/A
MSR2600-6-X1-GL	Yes	0 to 10239
MSR3600-28-SI-GL	No	N/A

Examples

# Clear MPLS forwarding statistics for the LSP destined for 2.2.2.2/32.

<Sysname> reset mpls statistics ipv4 2.2.2.2 32

Related commands

display mpls lsp verbose

mpls statistics

mpls statistics interval

snmp-agent trap enable mpls

Use snmp-agent trap enable mpls to enable SNMP notifications for MPLS.

Use undo snmp-agent trap enable mpls to disable SNMP notifications for MPLS.

Syntax

snmp-agent trap enable mpls

undo snmp-agent trap enable mpls

Default

SNMP notifications for MPLS are disabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

To report critical MPLS events to an NMS, enable SNMP notifications for MPLS. For MPLS event notifications to be sent correctly, you must also configure SNMP on the device. For more information about SNMP configuration, see the network management and monitoring configuration guide for the device.

Examples

# Enable SNMP notifications for MPLS.

<Sysname> system-view

[Sysname] snmp-agent trap enable mpls

Static LSP commands

The following matrix shows the feature and hardware compatibility:

Hardware	Static LSP compatibility
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No
MSR2600-6-X1/2600-10-X1	Yes
MSR 2630	Yes
MSR3600-28/3600-51	Yes
MSR3600-28-SI/3600-51-SI	Yes
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes
MSR 3610/3620/3620-DP/3640/3660	Yes
MSR5620/5660/5680	Yes

Hardware	Static LSP compatibility
MSR810-LM-GL	No
MSR810-W-LM-GL	No
MSR830-6EI-GL	No
MSR830-10EI-GL	No
MSR830-6HI-GL	No
MSR830-10HI-GL	No
MSR2600-6-X1-GL	Yes
MSR3600-28-SI-GL	Yes

display mpls static-lsp

Use display mpls static-lsp to display static LSP information.

Syntax

display mpls static-lsp [ lsp-name lsp-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

lsp-name lsp-name: Specifies a static LSP by its name, a case-sensitive string of 1 to 15 characters. If you do not specify a static LSP, this command displays information about all static LSPs.

Examples

# Display information about all static LSPs.

<Sysname> display mpls static-lsp

Total: 3

Name FEC In/Out Label Nexthop/Out Interface State

egress123 -/- 16/NULL - Up

ingress123 202.118.224.132/32 NULL/1022 100.100.100.19 Down

transit123 -/- 32/1022 100.100.100.17 Down

Table 10 Command output

Field	Description
Total	Total number of static LSPs.
Name	Name of the static LSP.
FEC	Forwarding equivalence class—IP prefix and the prefix length.
In/Out Label	Incoming label/outgoing label.
Nexthop/Out Interface	Next hop address or outgoing interface specified for an ingress node or a transit node.
State	Current state of the static LSP: · Up—The static LSP is available. · Down—The static LSP is not available. · Idle—The incoming label of the static LSP is not available. · Dup—The incoming label of the static LSP is used by a static CRLSP or a static PW.

static-lsp egress

Use static-lsp egress to configure the egress node of a static LSP.

Use undo static-lsp egress to delete the egress node configuration of a static LSP.

Syntax

static-lsp egress lsp-name in-label in-label [ destination ip-address { mask | mask-length } ]

undo static-lsp egress lsp-name

Default

No static LSPs exist.

Views

System view

Predefined user roles

network-admin

Parameters

lsp-name: Specifies a name for the static LSP, a case-sensitive string of 1 to 15 characters.

in-label in-label: Specifies an incoming label in the range of 16 to 1023.

destination ip-address: Specifies a destination IP address for the LSP.

mask: Specifies the mask of the destination IP address.

mask-length: Specifies the mask length of the destination address, in the range of 0 to 32.

Usage guidelines

You must specify the incoming label on the egress node if PHP is not configured. If PHP is not configured, an egress node pops the incoming label of a packet, and performs label forwarding according to the inner label or IP forwarding.

To associate a static LSP with an LDP LSP, you must specify the incoming label and destination address on the egress node of the static LSP.

You can associate a static LSP with an LDP LSP to simplify packet processing when the following conditions are met:

· Packets are forwarded over the static LSP and the LDP LSP to the destination.

· The egress node of the static LSP is also the ingress node of the LDP LSP.

After receiving a packet with the specified incoming label, the egress node of the static LSP swaps the label with the outgoing label for the LDP LSP. Then, the node forwards the packet to the next hop.

A static LSP must have a different incoming label than an existing static CRLSP or static PW. If they are the same, the static LSP is not available, even if you change the incoming label of the static CRLSP or the static PW. To make the static LSP available, delete the static LSP, and reconfigure it with an unused incoming label.

Examples

# Configure a static LSP on the egress node: specify the LSP's name as bj-sh and incoming label as 233.

<Sysname> system-view

[Sysname] static-lsp egress bj-sh in-label 233

Related commands

display mpls static-lsp

static-lsp ingress

Use static-lsp ingress to configure the ingress node of a static LSP.

Use undo static-lsp ingress to delete the ingress node configuration of a static LSP.

Syntax

static-lsp ingress lsp-name destination ip-address { mask | mask-length } { nexthop next-hop-ip-address | outgoing-interface interface-type interface-number } out-label out-label

undo static-lsp ingress lsp-name

Default

No static LSPs exist.

Views

System view

Predefined user roles

network-admin

Parameters

lsp-name: Specifies a name for the static LSP, a case-sensitive string of 1 to 15 characters.

destination ip-address: Specifies a destination IP address for the LSP.

mask: Specifies the mask of the destination IP address.

mask-length: Specifies the mask length of the destination address, in the range of 0 to 32.

nexthop next-hop-ip-address: Specifies a next hop address.

outgoing-interface interface-type interface-number: Specifies an outgoing interface by its type and number. The specified interface must be a point-to-point interface.

out-label out-label: Specifies an outgoing label. The label value can be 0, 3, or an integer in the range of 16 to 1048575.

Usage guidelines

The next hop or outgoing interface specified for the LSP must be consistent with that of the optimal route destined for the specified address. If you configure a static IP route for the LSP, be sure to specify the same next hop or outgoing interface for the static route and the static LSP.

You must enable MPLS on the outgoing interface of the static LSP.

Examples

# Configure a static LSP on the ingress node: specify the LSP's name as bj-sh, destination address as 202.25.38.1/24, next hop address as 202.55.25.33, and outgoing label as 237.

<Sysname> system-view

[Sysname] static-lsp ingress bj-sh destination 202.25.38.1 24 nexthop 202.55.25.33 out-label 237

Related commands

display mpls static-lsp

static-lsp transit

Use static-lsp transit to configure the transit node of a static LSP.

Use undo static-lsp transit to delete the transit node configuration of a static LSP.

Syntax

static-lsp transit lsp-name in-label in-label { nexthop next-hop-ip-address | outgoing-interface interface-type interface-number } out-label out-label

undo static-lsp transit lsp-name

Default

No static LSPs exist.

Views

System view

Predefined user roles

network-admin

Parameters

lsp-name: Specifies a name for the static LSP, a case-sensitive string of 1 to 15 characters.

in-label in-label: Specifies an incoming label in the range of 16 to 1023.

nexthop next-hop-ip-address: Specifies a next hop address.

outgoing-interface interface-type interface-number: Specifies an outgoing interface by its type and number. The specified interface must be a point-to-point interface.

out-label out-label: Specifies an outgoing label. The label value can be 0, 3, or an integer in the range of 16 to 1048575.

Usage guidelines

You must enable MPLS on the outgoing interface of the static LSP.

Examples

# Configure a static LSP on the transit node: specify the LSP's name as bj-sh, incoming label as 123, next hop address as 202.34.114.7, and outgoing label as 253.

<Sysname> system-view

[Sysname] static-lsp transit bj-sh in-label 123 nexthop 202.34.114.7 out-label 253

Related commands

display mpls static-lsp

LDP commands

The following matrix shows the feature and hardware compatibility:

Hardware	LDP compatibility
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No
MSR2600-6-X1/2600-10-X1	Yes
MSR 2630	Yes
MSR3600-28/3600-51	Yes
MSR3600-28-SI/3600-51-SI	Yes
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes
MSR 3610/3620/3620-DP/3640/3660	Yes
MSR5620/5660/5680	Yes

Hardware	LDP compatibility
MSR810-LM-GL	No
MSR810-W-LM-GL	No
MSR830-6EI-GL	No
MSR830-10EI-GL	No
MSR830-6HI-GL	No
MSR830-10HI-GL	No
MSR2600-6-X1-GL	Yes
MSR3600-28-SI-GL	Yes

Commands and descriptions for centralized devices apply to the following routers:

· MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS.

· MSR2600-6-X1/2600-10-X1.

· MSR 2630.

· MSR3600-28/3600-51.

· MSR3600-28-SI/3600-51-SI.

· MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC.

· MSR 3610/3620/3620-DP/3640/3660.

Commands and descriptions for distributed devices apply to the following routers:

· MSR5620.

· MSR 5660.

· MSR 5680.

LDP common commands

backoff

Use backoff to set the LDP backoff initial delay time and maximum delay time.

Use undo backoff to restore the default.

Syntax

backoff initial initial-time maximum maximum-time

undo backoff

Default

The LDP backoff initial delay time is 15 seconds, and the maximum delay time is 120 seconds.

Views

LDP view

LDP-VPN instance view

Predefined user roles

network-admin

Parameters

initial initial-time: Specifies the LDP backoff initial delay time in the range of 15 to 50331 seconds.

maximum maximum-time: Specifies the LDP backoff maximum delay time in the range of 120 to 50331 seconds.

Usage guidelines

LDP peers continually negotiate with each other until a session is set up. If LDP peers use incompatible negotiation parameters (for example, different label advertisement modes), a large amount of negotiation traffic will enter the network. To suppress LDP session negotiation traffic, use this command to control the interval between negotiation attempts.

After LDP fails to establish a session to a peer LSR for the first time, LDP does not start another attempt until the initial delay timer expires. If the session setup fails again, LDP waits for two times the previous delay before the next attempt. This process continues until the maximum delay time is reached. After that, the maximum delay time always takes effect.

If you configure the initial delay time to be larger than the maximum delay time, the configuration does not take effect. LDP uses the maximum delay time as the initial delay time.

Examples

# Configure LDP backoff for the public network, and set the initial delay time to 100 seconds and the maximum delay time to 300 seconds.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] backoff initial 100 maximum 300

display mpls ldp discovery

Use display mpls ldp discovery to display LDP discovery information.

Syntax

display mpls ldp discovery [ vpn-instance vpn-instance-name ] [ [ interface interface-type interface-number | peer peer-lsr-id ] [ ipv6 ] | [ targeted-peer { ipv4-address | ipv6-address } ] ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. This command displays LDP discovery information for the specified VPN instance. If you do not specify a VPN instance, this command displays LDP discovery information for the public network.

interface interface-type interface-number: Specifies an interface by its type and number. This command displays information about basic discovery that uses the interface to send Link Hellos.

peer peer-lsr-id: Specifies an LDP peer by its LSR ID. This command displays information about both basic discovery and extended discovery that have discovered the specified LDP peer.

ipv6: Displays LDP IPv6 basic and extended discovery information. If you do not specify this keyword, the command displays LDP IPv4 basic and extended discovery information.

targeted-peer { ipv4-address | ipv6-address }: Specifies an LDP peer by its IPv4/IPv6 address. This command displays information about extended discovery that has sent Targeted Hellos to the specified LDP peer.

verbose: Displays detailed LDP discovery information. If you do not specify this keyword, the command displays brief LDP discovery information.

Usage guidelines

If you do not specify any parameters, this command displays all LDP IPv4 basic and extended discovery information.

Examples

# Display brief LDP IPv4 discovery information for the public network.

<Sysname> display mpls ldp discovery

Type: L - Link Hello, T - Targeted Hello

Discovery Source Hello Sent/Rcvd Peer LDP ID

(L) GE2/0/2 83/80 100.100.100.18:0

200.100.100.18:0

(T) 100.100.100.18 23/20 100.100.100.18:0

Table 11 Command output

Field	Description
Type	Type of LDP discovery: · L—Basic discovery, which sends Link Hellos to discover peers. · T—Extended discovery, which sends Targeted Hellos to discover peers.
Discovery Source	Discovery source. · If the LDP discovery type is L, this field displays the interface that discovers the peer. · If the LDP discovery type is T, this field displays the IPv4 address of the peer.
Hello Sent/Rcvd	Number of hellos sent to the peer/number of hellos received from the peer.
Peer LDP ID	LDP identifier of the LDP peer.

# Display brief LDP IPv6 discovery information for the public network.

<Sysname> display mpls ldp discovery ipv6

Interface: GigabitEthernet2/0/2

Hello Sent/Rcvd: 12/12

Peer LDP ID: 100.100.100.18:0

Peer LDP ID: 200.200.200.28:0

Targeted Hellos: 2001:0000:130F::09C0:876A:130B ->

2005:130F::09C0:876A:130B

Hello Sent/Rcvd: 93/80

Peer LDP ID: 100.100.100.180:0

Table 12 Command output

Field	Description
Interface	Interface that discovers the LDP peer by using basic discovery.
Hello Sent/Rcvd	Number of hellos sent to the peer/number of hellos received from the peer.
Peer LDP ID	LDP identifier of the LDP peer.
Targeted Hellos	Extended LDP discovery information. The address before -> is the local IP address. The address after -> is the peer IP address.

# Display detailed LDP IPv4 discovery information for the public network.

<Sysname> display mpls ldp discovery verbose

Link Hellos:

Interface GigabitEthernet2/0/2

Hello Interval : 5000 ms Hello Sent/Rcvd : 83/160

Transport Address: 100.100.100.17

Peer LDP ID : 100.100.100.18:0

Source Address : 202.118.224.18 Transport Address: 100.100.100.18

Hello Hold Time: 15 sec (Local: 15 sec, Peer: 15 sec)

Peer LDP ID : 100.100.100.20:0

Source Address : 202.118.224.20 Transport Address: 100.100.100.20

Hello Hold Time: 15 sec (Local: 15 sec, Peer: 15 sec)

Targeted Hellos:

100.100.100.17 -> 100.100.100.18 (Active, Passive)

Hello Interval : 15000 ms Hello Sent/Rcvd : 23/20

Transport Address: 100.100.100.17

Peer LDP ID : 100.100.100.18:0

Source Address : 100.100.100.18 Transport Address: 100.100.100.18

Hello Hold Time: 45 sec (Local: 45 sec, Peer: 45 sec)

100.100.100.17 -> 100.100.100.20 (Active, Passive)

Hello Interval : 15000 ms Hello Sent/Rcvd : 23/22

Transport Address: 100.100.100.17

Peer LDP ID : 100.100.100.20:0

Source Address : 100.100.100.20 Transport Address: 100.100.100.20

Hello Hold Time: 45 sec (Local: 45 sec, Peer: 45 sec)

# Display detailed LDP IPv6 discovery information for the public network.

<Sysname> display mpls ldp discovery ipv6 verbose

Link Hellos:

Interface GigabitEthernet2/0/2

Hello Interval : 5000 ms Hello Sent/Rcvd : 83/160

Transport Address: 2001::2

Peer LDP ID : 100.100.100.18:0

Source Address : FE80:130F:20C0:29FF:FEED:9E60:876A:130B

Transport Address: 2001::1

Hello Hold Time: 15 sec (Local: 15 sec, Peer: 15 sec)

Targeted Hellos:

2001:0000:130F::09C0:876A:130B ->

2005:130F::09C0:876A:130B(Active, Passive)

Hello Interval : 15000 ms Hello Sent/Rcvd : 23/22

Transport Address: 2001:0000:130F::09C0:876A:130B

Peer LDP ID : 100.100.100.18:0

Source Address : 2005:130F::09C0:876A:130B

Destination Address : 2001:0000:130F::09C0:876A:130B

Transport Address : 2005:130F::09C0:876A:130B

Hello Hold Time: 45 sec (Local: 45 sec, Peer: 45 sec)

Table 13 Command output

Field	Description
Link Hellos	Information about basic discovery that sends Link Hellos on interfaces. In a non-point-to-point network, an interface might discover multiple peers.
Interface	Interface using basic discovery.
Hello Interval	Hello interval in milliseconds.
Hello Sent/Rcvd	Number of Hellos sent or received on the interface.
Transport Address	Local transport address.
Peer LDP ID	LDP identifier of the LDP peer.
Source Address	Source IP address of received Hello messages.
Destination Address	Destination IP address of received Hello messages.
Transport Address	Transport address in the received Hello messages—the transport address of the LDP peer.
Hello Hold Time	Hello hold time in seconds. Local—Local hello hold time. Peer—Peer hello hold time. The negotiated hello hold time is the smaller value of the local and peer hold time values.
Targeted Hellos	Information about extended LDP discovery that sends Targeted Hellos to peers.
100.100.100.17 -> 100.100.100.18 (Active, Passive)	· The address before -> (100.100.100.17 in this example) is the local IP address. · The address after -> (100.100.100.18 in this example) is the peer IP address. · (Active) indicates that the local LSR is the Targeted Hello sender. · (Passive) indicates that the local LSR is the Targeted Hello receiver. · (Active, Passive) indicates that the local LSR is both the Targeted Hello sender and receiver.

display mpls ldp fec

Use display mpls ldp fec to display LDP FEC-label mappings.

Syntax

display mpls ldp fec [ vpn-instance vpn-instance-name ] [ ipv4-address mask-length | ipv6-address prefix-length | [ ipv6 ] [ summary ] ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. This command displays FEC-label mappings for the specified VPN instance. If you do not specify a VPN instance, this command displays FEC-label mappings for the public network.

ipv4-address mask-length: Specifies an IPv4 FEC by an IPv4 address and a mask length in the range of 0 to 32.

ipv6-address prefix-length: Specifies an IPv6 FEC by an IPv6 address and a prefix length in the range of 0 to 128.

ipv6: Displays IPv6 FEC-label mappings.

summary: Displays summary information about all FEC-label mappings learned by LDP.

Usage guidelines

If you specify only the ipv6 keyword, this command displays detailed information about all IPv6 FEC-label mappings.

If you specify only the summary keyword, this command displays summary information about IPv4 FEC-label mappings.

If you specify only the summary and ipv6 keywords, this command displays summary information about all IPv6 FEC-label mappings.

If you do not specify the ipv4-address mask-length, ipv6-address prefix-length, ipv6, and summary parameters, this command displays detailed information about IPv4 FEC-label mappings.

Examples

# Display detailed information about all IPv4 FEC-label mappings learned by LDP for the public network.

<Sysname> display mpls ldp fec

FEC: 100.100.100.18/32

Flags: 0x02

In Label: 1531

Label Advertisement Policy:

FEC Prefix-list: Fec-prefix-list

Peer Prefix-list: Peer-prefix-list

Upstream Info:

Peer: 100.100.100.18:0 State: Established (stale)

Downstream Info:

Peer: 100.100.100.18:0

Out Label: 3 State: Established (stale)

Next Hops: 202.118.224.18 GE2/0/2

100.19.100.18 GE2/0/3

FEC: 200.100.100.18/32 (No route)

Flags: 0x0

In Label: 1532

Upstream Info:

Peer: 200.200.200.28:0 State: Established

Downstream Info:

Peer: 120.100.100.18:0

Out Label: 3 State: Idle

# Display detailed information about all IPv6 FEC-label mappings learned by LDP for the public network.

<Sysname> display mpls ldp fec ipv6

FEC: 2005:130F::09C0/128

Flags: 0x02

In Label: 1026

Label Advertisement Policy:

FEC Prefix-list: Fec-ipv6-prefix-list

Peer Prefix-list: Peer-ipv6-prefix-list

Upstream Info:

Peer: 100.100.100.18:0 State: Established (stale)

Downstream Info:

Peer: 100.100.100.18:0

Out Label: 3 State: Established (stale)

Next Hops:

FE80:130F:20C0:29FF:FEED:9E60:876A:130B GE2/0/2

Table 14 Command output

Field	Description
FEC	Forwarding equivalence class identified by an IP prefix.
Flags	FEC flags: · 0x01—Egress LSP. · 0x02—Ingress LSP. · 0x04—Waiting to add an outgoing label to RIB. · 0x08—Waiting to add an LSP to LSM. · 0x10—Non-egress LSP waiting for the recovery during a GR process. · 0x20—Ready to advertise labels. This field displays the sum of the flags. For example, if the FEC has flags 0x01 and 0x20, this field displays 0x21.
In Label	Incoming label assigned by the local LSR to the FEC.
Label Advertisement Policy	Label advertisement policy.
FEC Prefix-list	IP prefix list for filtering FEC prefixes.
Peer Prefix-list	IP prefix list for filtering LDP peers.
Upstream Info	Upstream peer to which the local LSR advertised the FEC-label mapping and current state of the LSP.
Peer	LDP ID of an upstream peer.
State	Current state of the LSP established with the upstream peer: · Established—Active state. · Idle—Initial state. · Release Awaited—Waiting for a Release message. · Resource Awaited—Waiting for a label for the FEC. If the state is marked as stale, the FEC-label mapping is under a GR process.
Downstream Info	Downstream peer from which the local LSR received the FEC-label mapping, and current state of the LSP.
Peer	LDP ID of a downstream peer.
Out Label	Outgoing label assigned by the downstream LSR for the FEC.
State	Current state of the LSP established with the downstream peer: · Established—Active state. · Idle—Inactive state. If the state is marked as stale, the FEC-label mapping is under a GR process.
Next Hops	Next hops and outgoing interfaces.

# Display summary information about all IPv4 FEC-label mappings learned by LDP for the public network.

<Sysname> display mpls ldp fec summary

FECs : 3

Implicit Null: 1

Explicit Null: 0

Non-Null : 2

No Label : 0

No Route : 0

Sent : 3

Received : 3

# Display summary information about all IPv6 FEC-label mappings learned by LDP for the public network.

<Sysname> display mpls ldp fec ipv6 summary

FECs : 4

Implicit Null: 0

Explicit Null: 0

Non-Null : 4

No Label : 0

No Route : 0

Sent : 3

Received : 3

Table 15 Command output

Field	Description
FECs	Number of FECs that LDP has discovered from the routing protocol or FEC-label mappings advertised by peers.
Implicit Null	Number of FECs that are bound to the implicit null label.
Explicit Null	Number of FECs that are bound to the explicit null label.
Non-Null	Number of FECs that are bound to non-null labels.
No Label	Number of FECs without a label.
No Route	Number of FECs without matching routes. The reason why an FEC has no matching route might be one of the following: · No matching route exists in the routing table. · The matching route exists in the routing table, but it is not redistributed into LDP. · (For IPv6) The mpls ldp ipv6 enable or targeted-peer ipv6-address command is not configured on the device. In this case, an FEC is considered to have no route even though the matching IPv6 route exists in the routing table and has been redistributed into LDP.
Sent	Number of label mappings sent and being sent.
Received	Number of label mappings accepted.

display mpls ldp interface

Use display mpls ldp interface to display LDP interface information.

Syntax

display mpls ldp interface [ vpn-instance vpn-instance-name ] [ interface-type interface-number ] [ ipv6 ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. This command displays LDP interface information for the specified VPN instance. If you do not specify a VPN instance, this command displays LDP interface information for the public network.

interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, this command displays information about all LDP interfaces.

ipv6: Displays information about interfaces enabled with IPv6 LDP. If you do not specify this keyword, the command displays information about interfaces enabled with IPv4 LDP.

Examples

# Display information about all interfaces enabled with IPv4 LDP for the public network.

<Sysname> display mpls ldp interface

Interface MPLS LDP Auto-config

GE2/0/2 Enabled Configured -

GE2/0/3 Enabled Configured -

# Display information about all interfaces enabled with IPv6 LDP for the public network.

<Sysname> display mpls ldp interface ipv6

Interface MPLS LDP Auto-config

GE2/0/2 Enabled Not Configured -

GE2/0/3 Enabled Not Configured -

Table 16 Command output

Field	Description
Interface	Interface enabled with LDP.
MPLS	Whether the interface is enabled with MPLS.
LDP	Whether the interface is configured with the mpls ldp enable command or the mpls ldp ipv6 enable command.
Auto-config	LDP automatic configuration information: · If LDP autoconfiguration is enabled, this field displays IGP process information, such as OSPF process ID and OSPF area ID. · If LDP autoconfiguration is disabled, this field displays a hyphen (-).

Related commands

mpls ldp

mpls ldp enable

mpls ldp ipv6 enable

display mpls ldp lsp

Use display mpls ldp lsp to display information about LSPs generated by LDP.

Syntax

display mpls ldp lsp [ vpn-instance vpn-instance-name ] [ ipv4-address mask-length | ipv6-address prefix-length | ipv6 ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. This command displays LDP LSP information for the specified VPN instance. If you do not specify a VPN instance, this command displays LDP LSP information for the public network.

ipv4-address mask-length: Specifies an IPv4 FEC by an IPv4 address and a mask length in the range of 0 to 32.

ipv6-address prefix-length: Specifies an IPv6 FEC by an IPv6 address and a mask length in the range of 0 to 128.

ipv6: Displays information about LDP LSPs for IPv6 FECs.

Usage guidelines

If you do not specify the ipv4-address mask-length, ipv6-address prefix-length, and ipv6 parameters, this command displays information about LDP LSPs for all IPv4 FECs.

Examples

# Display LDP LSP information for IPv4 FECs on the public network.

<Sysname> display mpls ldp lsp

Status Flags: * - stale, L - liberal, B - backup

FECs: 4 Ingress: 1 Transit: 1 Egress: 3

FEC In/Out Label Nexthop OutInterface

1.1.1.1/32 -/3 10.1.1.1 GE2/0/2

1151/3 10.1.1.1 GE2/0/2

-/1025(B) 30.1.1.1 GE2/0/3

1151/1025(B) 30.1.1.1 GE2/0/3

2.2.2.2/32 3/-

-/1151(L)

10.1.1.0/24 1149/-

-/1149(L)

192.168.1.0/24 1150/-

-/1150(L)

# Display LDP LSP information for IPv6 FECs on the public network.

<Sysname> display mpls ldp lsp ipv6

Status Flags: * - stale, L - liberal, B - backup

FECs: 2 Ingress: 1 Transit: 1 Egress: 1

FEC: 2080::29FF:FEED:9E60:876A:130B/128

In/Out Label: -/3 OutInterface : GE2/0/2

Nexthop : FE80:12F:C0::130B

In/Out Label: 1151/3 OutInterface : GE2/0/2

Nexthop : FE80:12F:C0::130B

In/Out Label: -/1026(L) OutInterface : -

Nexthop : -

FEC: 2001::1/128

In/Out Label: 3/- OutInterface : -

Nexthop : -

Table 17 Command output

Field	Description
Status Flags	LSP status: · *—Stale, indicating that the LSP is under a GR process. · L—Liberal, indicating that the LSP is not available. · B—Backup, indicating a backup LSP.
FECs	Total number of FECs.
Ingress	Number of LSPs that take the local device as the ingress node.
Transit	Number of LSPs that take the local device as a transit node.
Egress	Number of LSPs that take the local device as the egress node.
FEC	Forwarding equivalence class identified by an IP prefix.
In/Out Label	Incoming/outgoing label.
Nexthop	Next hop address for the FEC.
OutInterface	Outgoing interface for the FEC.

Related commands

display mpls lsp

display mpls ldp parameter

Use display mpls ldp parameter to display LDP running parameters.

Syntax

display mpls ldp parameter [ vpn-instance vpn-instance-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. This command displays LDP running parameters for the specified VPN instance. If you do not specify a VPN instance, this command displays LDP running parameters for the public network.

Usage guidelines

This command displays the following LDP running parameters:

· Global parameters, which are applicable to all LDP networks.

· Instance parameters, which are applicable to a specific LDP network.

Examples

# Display LDP running parameters for the public network.

<Sysname> display mpls ldp parameter

Global Parameters:

Protocol Version : V1 IGP Sync Delay on Restart : 90 sec

Nonstop Routing : Off Nonstop Routing State : Not Ready

Graceful Restart : Off Forwarding State Hold Time: 360 sec

Reconnect Time : 120 sec DSCP Value : 48

Instance Parameters:

Instance ID : 0

LSR ID : 0.0.0.0

Loop Detection : Off

Hop Count Limit : 32 Path Vector Limit : 32

Label Retention Mode: Liberal Label Distribution Control Mode: Ordered

IGP Sync Delay : 0 sec

Table 18 Command output

Field	Description
Global Parameters	LDP running parameters for all LDP-enabled networks.
Protocol Version	LDP protocol version.
IGP Sync Delay on Restart	Maximum delay time (in seconds) that LDP must wait before it notifies IGP of an LDP session-up event when there is an LDP restart.
Nonstop Routing	Whether the nonstop routing feature is enabled: · On—Enabled. · Off—Disabled.
Nonstop Routing State	LDP NSR state: · Ready—NSR is enabled, and LDP session and LSP information has been synchronized to the standby process. If an active/standby switchover occurs, the LDP session stays in Operational state, and the forwarding is not interrupted. · Not Ready—NSR is not enabled, or NSR is enabled but LDP session and LSP information synchronization to the standby process is not completed. If an active/standby switchover occurs, the LDP session might not be able to stay in Operational state, and the forwarding might be interrupted.
Graceful Restart	Whether the GR feature is enabled: · On—Enabled. · Off—Disabled.
Forwarding State Hold Time	MPLS Forwarding State Holding time in seconds.
Reconnect Time	Reconnect time in seconds.
DSCP Value	DSCP value for outgoing LDP packets.
Instance Parameters	LDP running parameters for a VPN instance or public network.
Instance ID	VPN instance ID. For the public network, this field displays 0.
LSR ID	LSR ID of the local device.
Loop Detection	Whether loop detection is enabled: · On—Enabled. · Off—Disabled.
Hop Count Limit	Hop count limit specified for loop detection.
Path Vector Limit	Path Vector length limit specified for loop detection.
Label Retention Mode	The device supports only the Liberal mode.
Label Distribution Control Mode	Label distribution control mode: Ordered or Independent.
IGP Sync Delay	Delay time (in seconds) that LDP must wait before it notifies IGP of an LDP session-up event.

display mpls ldp peer

Use display mpls ldp peer to display LDP peer and session information.

Syntax

display mpls ldp peer [ vpn-instance vpn-instance-name ] [ peer-lsr-id ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. This command displays LDP peer and session information for the specified VPN instance. If you do not specify a VPN instance, this command displays LDP peer and session information for the public network.

peer peer-lsr-id: Specifies an LDP peer by its LSR ID. If you do not specify this option, the command displays all LDP peers and related session information.

verbose: Displays detailed LDP peer and session information. If you do not specify this keyword, the command displays brief LDP peer and session information.

Examples

# Display brief information about all LDP peers and LDP sessions for the public network.

<Sysname> display mpls ldp peer

Total number of peers: 1

Peer LDP ID State Role GR MD5 KA Sent/Rcvd

2.2.2.9:0 Operational Passive Off Off 39/39

Table 19 Command output

Field	Description
Peer LDP ID	LDP identifier of the peer.
State	State of the LDP session between the local LSR and the peer: · Non Existent—No TCP connection is established. · Initialized—A TCP connection has been established. · OpenRecv—LDP has received an acceptable initialization message. · OpenSent—LDP has sent an initialization message. · Operational—An LDP session has been established.
Role	Role of the local LSR in the session: Active or Passive. In a session, the LSR with a higher IP address takes the Active role. The Active LSR initiates a TCP connection to the passive LSR.
GR	Whether GR is enabled on the peer: · On—Enabled. · Off—Disabled.
MD5	Whether MD5 authentication is enabled for the LDP session on the local device: · On—Enabled. · Off—Disabled.
KA Sent/Rcvd	Number of keepalive messages sent/received.

# Display detailed information about all LDP peers and LDP sessions for the public network.

<Sysname> display mpls ldp peer verbose

Peer LDP ID : 100.100.100.20:0

Local LDP ID : 100.100.100.17:0

TCP Connection : 100.100.100.20:47515 -> 100.100.100.17:646

Session State : Operational Session Role : Passive

Session Up Time : 0000:00:03 (DD:HH:MM)

Max PDU Length : 4096 bytes (Local: 4096 bytes, Peer: 4096 bytes)

Keepalive Time : 45 sec (Local: 45 sec, Peer: 45 sec)

Keepalive Interval : 15 sec

Msgs Sent/Rcvd : 288/426

KA Sent/Rcvd : 13/13

Label Adv Mode : DU Graceful Restart : On

Reconnect Time : 120 sec Recovery Time : 360 sec

Loop Detection : On Path Vector Limit: 32

Discovery Sources:

Targeted Hello 100.100.100.17 -> 100.100.100.20 (Active, Passive)

Hello Hold Time: 45 sec Hello Interval : 15000 ms

Targeted Hello 2005:130F::09C0:876A:130B ->

2001:0000:130F:0000:0000:09C0:876A:130B (Active, Passive)

Hello Hold Time: 45 sec Hello Interval : 15000 ms

GigabitEthernet2/0/2

Hello Hold Time: 15 sec Hello Interval : 5000 ms

GigabitEthernet2/0/2 (v6)

Hello Hold Time: 15 sec Hello Interval : 5000 ms

Label Acceptance Policy :

prefix-from-20

prefix-from-30(v6)

Session Protection : On

State : Ready Duration : 120 sec

Addresses received from peer:

202.118.224.20 100.100.100.20 11.22.33.44 1.2.3.10

1.2.3.4

2005:130F::09C0:876A:130B

Table 20 Command output

Field	Description
Peer LDP ID	LDP identifier of the peer.
Local LDP ID	LDP identifier of the local LSR.
TCP connection	TCP connection information for the session. It includes the IP addresses and port numbers used by both ends of the TCP connection, and whether MD5 authentication is enabled for the TCP connection. If MD5 authentication is enabled, this field displays MD5 On. If MD5 is not enabled, this field does not display MD5 information.
Session State	State of the LDP session: · Non Existent—No TCP connection is established. · Initialized—A TCP connection has been established. · OpenRecv—LDP has received an acceptable initialization message. · OpenSent—LDP has sent an initialization message. · Operational—An LDP session has been established.
Session Role	Role the local LSR in the session: Active or Passive.
Session Up time	Duration of the session in Operational state.
Max PDU Length	Maximum PDU length negotiated, in bytes. Local—Maximum PDU length (in bytes) on the local LSR. Peer—Maximum PDU length (in bytes) on the peer.
Keepalive Time	Keepalive time negotiated, in seconds. Local—Locally configured Keepalive holding time in seconds. Peer—Keepalive holding time (in seconds) configured on the peer.
Keepalive Interval	Keepalive interval in seconds.
Msgs Sent/Rcvd	Total number of LDP messages sent and received.
KA Sent/Rcvd	Total number of Keepalive messages sent and received.
Label Adv Mode	Label advertisement mode negotiated. The device only supports the DU mode.
Graceful Restart	Whether GR is enabled on the peer: · On—Enabled. · Off—Disabled.
Reconnect Time	Reconnect time negotiated, in seconds.
Recovery Time	Recovery time (in seconds) carried in packets sent by the peer.
Loop Detection	Whether loop detection is enabled on the peer: · On—Enabled. · Off—Disabled.
Path Vector Limit	Maximum Path Vector length configured on the peer.
Discovery Sources	Discovery source of the LDP peer.
Targeted Hello	LDP peer discovered by the extended discovery mechanism. · The address before -> (100.100.100.17 in this example) is the local IP address. · The address after -> (100.100.100.20 in this example) is the peer IP address. · (Active) indicates that the local LSR is the active end. It actively sends Targeted Hellos to its peer. · (Passive) indicates that the local LSR is the passive end. It passively responds to the Targeted Hellos from its peer. · (Active, Passive) indicates that the local LSR acts as both the active end and the passive end.
GigabitEthernet2/0/2	Interface running LDP basic discovery. The device discovers the LDP peer by sending Link Hellos out of the interface. (v6) indicates that the LDP peer is discovered by sending IPv6 Link Hellos.
Hello Hold Time	Hello hold time negotiated, in seconds.
Hello Interval	Current Hello interval, in milliseconds.
Label Acceptance Policy	Label acceptance policy used to filter label mappings received from the peer. (v6) indicates that the label acceptance policy uses IPv6 prefixes to filter label mappings.
Session Protection	Whether session protection is enabled: · On—Enabled. · Off—Disabled.
State	Session protection state: · Incomplete—Session protection is not ready. · Ready—Session protection is ready. · Protecting—The session is under protection.
Duration	Local session protection duration, in seconds. Infinite indicates that session protection takes effect permanently.
Holdup time remaining	Remaining time of the session hold timer, in seconds. This field is displayed only when the session protection state is Protecting. A value of Infinite indicates that session protection takes effect permanently.
Addresses received from peer	IPv4/IPv6 addresses received from the peer.

display mpls ldp summary

Use display mpls ldp summary to display LDP summary information.

Syntax

display mpls ldp summary [ all | vpn-instance vpn-instance-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

all: Displays LDP summary information for the public network and all VPN instances.

vpn-instance vpn-instance-name: Displays LDP summary information for the specified VPN instance. The vpn-instance-name argument is a case-sensitive string of 1 to 31 characters.

Usage guidelines

If you do not specify any parameters, this command displays LDP summary information for the public network.

Examples

# Display LDP summary information for the public network.

<Sysname> display mpls ldp summary

VPN Instance Name : Public

Instance ID : 0

Instance State : Active

Interfaces : 1 (1 active)

Targeted Peers : 0

Targeted Peers(v6) : 0

Adjacencies : 1

Adjacencies(v6) : 1

Peers : 1

Operational : 1 (0 GR)

OpenSent : 0

OpenRecv : 0

Initialized : 0

Non-Existent: 0

Table 21 Command output

Field	Description
Instance ID	VPN instance identifier. A value of 0 represents the public network.
Instance State	LDP status in the VPN instance, Active or Inactive.
Interfaces	Number of interfaces enabled with LDP. active: Number of interfaces running LDP.
Targeted Peers	Number of LDP IPv4 peers discovered by the LDP extended discovery mechanism, including the manually specified peers and the automatically established peers.
Targeted Peers(v6)	Number of LDP IPv6 peers discovered by the LDP extended discovery mechanism, including the manually specified peers and the automatically established peers.
Adjacencies	Number of IPv4 Hello adjacencies.
Adjacencies(v6)	Number of IPv6 Hello adjacencies.
Peers	Total number of peers.
Operational	Number of peers in Operational state. GR: Number of GR-capable peers.
OpenSent	Number of peers in OpenSent state.
OpenRecv	Number of peers in OpenRecv state.
Initialized	Number of peers in Initialized state.
Non-Existent	Number of peers in Non-Existent state.

dscp

Use dscp to set a DSCP value for outgoing LDP packets.

Use undo dscp to restore the default.

Syntax

dscp dscp-value

undo dscp

Default

The DSCP value for outgoing LDP packets is 48.

Views

LDP view

Predefined user roles

network-admin

Parameters

dscp-value: Specifies the DSCP value for outgoing LDP packets, in the range of 0 to 63.

Usage guidelines

To control the transmission preference of outgoing LDP packets, set a DSCP value for outgoing LDP packets.

Examples

# Set the DSCP value for outgoing LDP packets to 56.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] dscp 56

Related commands

display mpls ldp parameter

graceful-restart

Use graceful-restart to enable Graceful Restart (GR) for LDP.

Use undo graceful-restart to disable LDP GR.

Syntax

graceful-restart

undo graceful-restart

Default

LDP GR is disabled.

Views

LDP view

Predefined user roles

network-admin

Usage guidelines

LDP GR enables an LSR to retain MPLS forwarding entries during an LDP restart, ensuring continuous MPLS forwarding.

The configuration of this command takes effect only on new LDP sessions. To apply the configuration to existing LDP sessions, you must reset the LDP sessions by using the reset mpls ldp command.

Examples

# Enable GR for LDP.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] graceful-restart

Related commands

display mpls ldp parameter

reset mpls ldp

graceful-restart timer

Use graceful-restart timer to set the MPLS Forwarding State Holding timer and the Reconnect timer for GR.

Use undo graceful-restart timer to restore the default.

Syntax

graceful-restart timer { forwarding-hold hold-time | reconnect reconnect-time }

undo graceful-restart timer { forwarding-hold | reconnect }

Default

The MPLS Forwarding State Holding timer is 180 seconds and the Reconnect timer is 120 seconds.

Views

LDP view

Predefined user roles

network-admin

Parameters

forwarding-hold hold-time: Specifies the MPLS Forwarding State Holding time in the range of 60 to 600 seconds. This time specifies how long the local LSR retains its MPLS forwarding entries after the control plane of the local LSR restarts.

reconnect reconnect-time: Specifies the Reconnect time in the range of 60 to 300 seconds. This time specifies the period the local LSR expects the peer to wait for LDP session re-establishment after the peer detects an LDP session failure. The local LSR sends the Reconnect time to the peer.

Usage guidelines

In a GR process, the timers operate as follows:

1. When LDP restarts, the GR restarter starts the MPLS Forwarding State Holding timer, and marks the MPLS forwarding entries as stale. When a GR helper detects that the LDP session to the GR restarter is down, it performs the following operations:

a. Marks the FEC-label mappings learned from the session as stale.

b. Starts the Reconnect timer received from the GR restarter.

2. After the LDP restart, the GR restarter re-establishes an LDP session to the GR helper.

¡ If the LDP session is not set up before the Reconnect timer expires, the GR helper deletes stale FEC-label mappings and corresponding MPLS forwarding entries.

¡ If the LDP session is successfully set up before the Reconnect timer expires, the GR restarter sends the remaining time of the MPLS Forwarding State Holding timer to the GR helper.

The remaining time is sent as the LDP Recovery time.

3. After the LDP session is re-established, the GR helper starts the LDP Recovery timer.

4. The GR restarter and the GR helper exchange label mappings and update their MPLS forwarding tables.

The GR restarter compares each received label mapping against stale MPLS forwarding entries. If a match is found, the restarter deletes the stale mark for the matching entry. If no match is found, it adds a new entry for the label mapping.

The GR helper compares each received label mapping against stale FEC-label mappings. If a match is found, the helper deletes the stale mark for the matching mapping. If no match is found, it adds the received FEC-label mapping and a new MPLS forwarding entry for the mapping.

5. When the MPLS Forwarding State Holding timer expires, the GR restarter deletes all stale MPLS forwarding entries.

6. When the LDP Recovery timer expires, the GR helper deletes all stale FEC-label mappings.

The MPLS Forwarding State Holding time must be greater than the Reconnect time.

The configuration of this command takes effect only on new LDP sessions. To apply the configuration to existing LDP sessions, you must reset the LDP sessions by using the reset mpls ldp command.

Examples

# Set the MPLS Forwarding State Holding time to 200 seconds, and the Reconnect time to 100 seconds.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] graceful-restart timer forwarding-hold 200

[Sysname-ldp] graceful-restart timer reconnect 100

Related commands

display mpls ldp parameter

graceful-restart

label-distribution

Use label-distribution to configure the label distribution control mode.

Use undo label-distribution to restore the default.

Syntax

label-distribution { independent | ordered }

undo label-distribution

Default

The label distribution control mode is ordered.

Views

LDP view

LDP-VPN instance view

Predefined user roles

network-admin

Parameters

independent: Specifies Independent label distribution mode. In this mode, an LSR can distribute label mappings to the upstream LSR at any time.

ordered: Specifies Ordered label distribution mode. In this mode, an LSR distributes a label mapping for an FEC to the upstream LSR only when one of the following events occurs:

· The LSR receives a label mapping for that FEC from the downstream LSR.

· The LSR is the egress node of that FEC.

Usage guidelines

In Ordered mode, an LSR can determine that the downstream LSR has established an LSP when the LSR receives an FEC-label mapping from the downstream LSR.

The Independent mode enables faster LSP convergence because each LSR independently advertises labels without waiting for labels from downstream LSRs.

Examples

# Set the Independent LDP label distribution mode for the public network.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] label-distribution independent

Related commands

display mpls ldp parameter

loop-detect

Use loop-detect to enable loop detection.

Use undo loop-detect to disable loop detection.

Syntax

loop-detect

undo loop-detect

Default

Loop detection is disabled.

Views

LDP view

LDP-VPN instance view

Predefined user roles

network-admin

Usage guidelines

The LDP loop detection feature enables LDP to detect loops during an LSP establishment. If LDP detects a loop, it terminates the LSP establishment. This feature is applicable to an MPLS network where most of the devices do not support the TTL mechanism, such as ATM switches.

LDP uses hop count (see "maxhops") and path vector (see "pv-limit") for loop detection.

To use this feature, you must enable it on all LSRs that the LSP passes through.

To avoid extra LDP overhead, do not use this feature if most of the devices in an MPLS network support the TTL mechanism. Using the TTL mechanism can prevent endless routing loops.

The configuration of this command takes effect only on new LDP sessions. To apply the configuration to existing LDP sessions, you must reset the LDP sessions by using the reset mpls ldp command.

Examples

# Enable LDP loop detection for the public network.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] loop-detect

Related commands

display mpls ldp parameter

maxhops

pv-limit

lsr-id

Use lsr-id to configure an LDP LSR ID.

Use undo lsr-id to restore the default.

Syntax

lsr-id lsr-id

undo lsr-id

Default

No LDP LSR ID is configured. LDP uses the MPLS LSR ID configured by the mpls lsr-id command for both the public network and VPN instances.

Views

LDP view

LDP-VPN instance view

Predefined user roles

network-admin

Parameters

lsr-id: Specifies an LDP LSR ID, in dotted decimal notation.

Usage guidelines

If you configure an LDP LSR ID by using the lsr-id command in LDP view or LDP-VPN instance view, LDP uses the LDP LSR ID. If no LDP LSR ID is configured, LDP uses the LSR ID configured by the mpls lsr-id command.

LDP uses the same LSR ID for all sessions in the same VPN instance. After you configure a new LSR ID for a VPN instance, LDP does not use the new LSR ID unless the reset mpls ldp command is executed. The reset mpls ldp command re-establishes all LDP sessions in the VPN instance.

As a best practice, use the default LDP LSR ID configured by the mpls lsr-id command for the public network. If the lsr-id command is required to configure an LDP LSR ID for the public network, specify the IP address of a local loopback interface as the LDP LSR ID.

Examples

# Configure the LDP LSR ID as 2.2.2.2 for the public network.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] lsr-id 2.2.2.2

Related commands

display mpls ldp parameter

mpls lsr-id

maxhops

Use maxhops to set the maximum hop count for loop detection.

Use undo maxhops to restore the default.

Syntax

maxhops hop-number

undo maxhops

Default

The maximum hop count for loop detection is 32.

Views

LDP view

LDP-VPN instance view

Predefined user roles

network-admin

Parameters

hop-number: Specifies the maximum hop count for loop detection, in the range of 1 to 32.

Usage guidelines

LDP adds a hop count in a label request or label mapping message. The hop count increments by 1 on each LSR. When the hop count reaches the maximum hop count configured by this command, LDP considers that a loop occurs and terminates LSP establishment.

Set a proper maximum hop count according to the number of LSRs in your network. For example, set a smaller maximum hop count in small networks to allow for fast loop detection. Set a higher maximum hop count in large networks to ensure that LSPs can be successfully established.

The configuration of this command takes effect only on new LDP sessions. To apply the configuration to existing LDP sessions, you must reset the LDP sessions by using the reset mpls ldp command.

Examples

# Set the maximum hop count to 25 for loop detection on the public network.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] maxhops 25

Related commands

display mpls ldp parameter

loop-detect

pv-limit

md5-authentication

Use md5-authentication to enable LDP MD5 authentication.

Use undo md5-authentication to disable LDP MD5 authentication.

Syntax

md5-authentication peer-lsr-id { cipher | plain } string

undo md5-authentication peer-lsr-id

Default

LDP MD5 authentication is disabled.

Views

LDP view

LDP-VPN instance view

Predefined user roles

network-admin

Parameters

peer-lsr-id: Specifies the LSR ID of a peer.

cipher: Specifies a key in encrypted form.

plain: Specifies a key in plaintext form. For security purposes, the key specified in plaintext form will be stored in encrypted form.

string: Specifies the key. Its plaintext form is a case-sensitive string of 1 to 16 characters. Its encrypted form is a case-sensitive string of 1 to 53 characters.

Usage guidelines

To improve security for LDP sessions, you can configure MD5 authentication for the underlying TCP connections to check the integrity of LDP messages.

For the local LSR and the peer LSR to establish a TCP connection, they must have the same key.

MD5 authentication key settings take effect only on new LDP sessions. To apply the new settings to existing LDP sessions, you must reset the LDP sessions by using the reset mpls ldp command.

Examples

# Enable LDP MD5 authentication for peer 3.3.3.3 on the public network, and set a key of pass in plaintext form.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] md5-authentication 3.3.3.3 plain pass

Related commands

display mpls ldp peer

mpls ldp

Use mpls ldp to enable LDP globally for an LSR and enter LDP view.

Use undo mpls ldp to disable LDP globally for an LSR and delete all LDP-VPN instances.

Syntax

mpls ldp

undo mpls ldp

Default

LDP is globally disabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

You must enable LDP globally for an LSR to run LDP.

The NSR and GR commands, the session protection command, and the targeted-peer command are available only in LDP view. All other commands available in LDP view are also available in LDP-VPN instance view.

Commands executed in LDP view take effect only on the public network. Commands executed in LDP-VPN instance view take effect only on the specified VPN instance. The NSR and GR commands are global commands and take effect on all VPN instances and the public network.

Examples

# Enable LDP globally and enter LDP view.

<Sysname> System-view

[Sysname] mpls ldp

[Sysname-ldp]

Related commands

mpls ldp enable

vpn-instance

mpls ldp timer

Use mpls ldp timer to set the Hello hold time, Hello interval, Keepalive hold time, and Keepalive interval.

Use undo mpls ldp timer to restore the default.

Syntax

mpls ldp timer { hello-hold timeout | hello-interval interval | keepalive-hold timeout | keepalive-interval interval }

undo mpls ldp timer { hello-hold | hello-interval | keepalive-hold | keepalive-interval }

Default

· The Link Hello hold time is 15 seconds.

· The Link Hello interval is 5 seconds.

· The Targeted Hello hold time is 45 seconds.

· The Targeted Hello interval is 15 seconds.

· The Keepalive hold time is 45 seconds.

· The Keepalive interval is 15 seconds.

Views

Interface view

LDP peer view

Predefined user roles

network-admin

Parameters

hello-hold timeout: Specifies the Hello hold time in the range of 1 to 65535 seconds. LDP keeps the hello adjacency during the Hello hold time. The negotiated Hello hold time takes the smaller value of the local Hello hold time and the peer Hello hold time. If LDP receives no Hello message from the peer before the Hello hold timer expires, LDP deletes the Hello adjacency with the peer. If you set the Hello hold time to 65535, LDP permanently keeps the Hello adjacency.

hello-interval interval: Specifies the Hello interval in the range of 1 to 65535 seconds. LDP sends Hello messages at this interval.

keepalive-hold timeout: Specifies the Keepalive hold time in the range of 15 to 65535 seconds. LDP keeps the LDP session to the peer during the Keepalive hold time. The negotiated Keepalive hold time takes the smaller value of the local Keepalive hold time and the peer Keepalive hold time. If LDP receives no LDP message from the peer before the Keepalive hold timer expires, LDP deletes the LDP session to the peer.

keepalive-interval interval: Specifies the Keepalive interval in the range of 1 to 65535 seconds. LDP sends Keepalive messages to the peer at this interval.

Usage guidelines

In interface view, this command sets a Link Hello hold time and a Link Hello interval.

In LDP peer view, this command sets a Targeted Hello hold time and a Targeted Hello interval.

LDP automatically sends Targeted Hellos to the specified peer after one of the following features is configured:

· LDP session protection.

· LDP over MPLS TE.

· MPLS L2VPN LDP PW.

· VPLS LDP PW.

To modify the Targeted Hello/Keepalive hold time and interval, you must use the targeted-peer command to create the LDP peer, and then perform the modification in the LDP peer view.

If the local Hello hold time and local Keepalive hold time are different from those of a peer LSR, the negotiation is as follows:

· During LDP peer discovery, an LSR compares the local Hello hold time with the peer LSR's Hello hold time carried in Hellos. Then, the LSR uses the smaller one as the negotiated Hello hold time.

¡ If the negotiated Hello hold time is larger than three times the local Hello interval, the LSR sends Hello messages at the local Hello interval.

¡ If it is not larger than three times the local Hello interval, the LSR sends Hello messages at an interval 1/3 of the negotiated Hello hold time.

· During LDP session negotiation, an LSR compares the local Keepalive hold time with the Keepalive hold time of the peer LSR by exchanging Initialization messages. Then, the LSR uses the smaller one as the negotiated Keepalive hold time.

¡ If the negotiated Keepalive hold time is larger than three times the local Keepalive interval, the LSR sends Keepalive messages at the local Keepalive interval.

¡ If it is not larger than three times the local Keepalive interval, the LSR sends Keepalive messages at an interval 1/3 of the negotiated Keepalive hold time.

If the Hello hold time and the Keepalive hold time values are too large, LDP cannot quickly detect link failures. If the values are too small, LDP might mistakenly consider a normal link failed. As a best practice, use the default values.

Make sure all links between two LSRs have the same Keepalive hold time as the one configured in LDP peer view in either of the following situations:

· Multiple Link Hello adjacencies exist when the two LSRs are directly connected through multiple links.

· Both a Link Hello adjacency and a Targeted Hello adjacency exist between the two LSRs.

Keepalive hold time and keepalive interval settings take effect only on new LDP sessions. To apply the settings to existing LDP sessions, you must reset the LDP sessions by using the reset mpls ldp command.

Examples

# Set the Targeted Hello hold time to 1000 seconds, Targeted Hello interval to 50 seconds, Keepalive hold time to 1000 seconds, and Keepalive interval to 50 seconds for peer 3.3.3.3.

<Sysname> System-view

[Sysname] mpls ldp

[Sysname-ldp] targeted-peer 3.3.3.3

[Sysname-ldp-peer-3.3.3.3] mpls ldp timer hello-hold 1000

[Sysname-ldp-peer-3.3.3.3] mpls ldp timer hello-interval 50

[Sysname-ldp-peer-3.3.3.3] mpls ldp timer keepalive-hold 1000

[Sysname-ldp-peer-3.3.3.3] mpls ldp timer keepalive-interval 50

# On GigabitEthernet 2/0/1, set the Link Hello hold time to 100 seconds, Link Hello interval to 20 seconds, Keepalive hold time to 50 seconds, and Keepalive interval to 10 seconds.

<Sysname> System-view

[Sysname] interface gigabitethernet 2/0/1

[Sysname-GigabitEthernet2/0/1] mpls ldp timer hello-hold 100

[Sysname-GigabitEthernet2/0/1] mpls ldp timer hello-interval 20

[Sysname-GigabitEthernet2/0/1] mpls ldp timer keepalive-hold 50

[Sysname-GigabitEthernet2/0/1] mpls ldp timer keepalive-interval 10

Related commands

display mpls ldp discovery

display mpls ldp peer

non-stop-routing

Use non-stop-routing to enable LDP NSR.

Use undo non-stop-routing to disable LDP NSR.

Syntax

non-stop-routing

undo non-stop-routing

Default

LDP NSR is disabled.

Views

LDP view

Predefined user roles

network-admin

Usage guidelines

The following matrix shows the command and hardware compatibility:

Hardware	Command compatibility
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No
MSR2600-6-X1/2600-10-X1	· In standalone mode: No · In IRF mode: Yes
MSR 2630	· In standalone mode: No · In IRF mode: Yes
MSR3600-28/3600-51	· In standalone mode: No · In IRF mode: Yes
MSR3600-28-SI/3600-51-SI	No
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	· In standalone mode: No · In IRF mode: Yes
MSR 3610/3620/3620-DP/3640/3660	· In standalone mode: No · In IRF mode: Yes
MSR5620/5660/5680	Yes

Hardware	Command compatibility
MSR810-LM-GL	No
MSR810-W-LM-GL	No
MSR830-6EI-GL	No
MSR830-10EI-GL	No
MSR830-6HI-GL	No
MSR830-10HI-GL	No
MSR2600-6-X1-GL	No
MSR3600-28-SI-GL	No

LDP nonstop routing (NSR) backs up protocol states and data (including LDP session and LSP information) from the active process to the standby process. After the LDP active process fails, the standby process becomes active and takes over processing seamlessly. The LDP peers are not notified of the LDP interruption. The LDP session stays in Operational state, and the forwarding is not interrupted.

The LDP active process fails when one of the following events occurs:

· The active process restarts.

· The MPU where the active process resides fails.

· The MPU where the active process resides performs an ISSU.

· An active/standby process switchover occurs when the position determined by process placement is different from the position where the process operates.

To use LDP NSR, the device must have two or more MPUs, and the active and standby processes for LDP reside on different MPUs. To use LDP GR, the device can have only one MPU on the device.

Example

# Enable LDP NSR.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] non-stop-routing

Related commands

display mpls ldp discovery

display mpls ldp fec

display mpls ldp peer

display mpls ldp summary

pv-limit

Use pv-limit to set the path vector limit.

Use undo pv-limit to restore the default.

Syntax

pv-limit pv-number

undo pv-limit

Default

The path vector limit is 32.

Views

LDP view

LDP-VPN instance view

Predefined user roles

network-admin

Parameters

pv-number: Specifies the path vector limit in the range of 1 to 32.

Usage guidelines

LDP adds LSR ID information in a label request or label mapping message. Each LSR checks whether its LSR ID is contained in the message.

· If it is not, the LSR adds its own LSR ID into the message.

· If it is, the LSR considers that a loop occurs and terminates LSP establishment.

In addition, when the number of LSR IDs in the message reaches the path vector limit, LDP also considers that a loop occurs and terminates LSP establishment.

The configuration of this command takes effect only on new LDP sessions. To apply the configuration to existing LDP sessions, you must reset the LDP sessions by using the reset mpls ldp command.

Examples

# Set the path vector limit to 3 for LDP loop detection on the public network.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] pv-limit 3

Related commands

display mpls ldp parameter

loop-detect

maxhops

reset mpls ldp

Use reset mpls ldp to reset LDP sessions.

Syntax

reset mpls ldp [ vpn-instance vpn-instance-name ] [ peer peer-id ]

Views

User view

Predefined user roles

network-admin

Parameters

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. This command resets the LDP sessions in the specified VPN instance. If you do not specify a VPN instance, this command resets the LDP sessions in the public network.

peer peer-id: Specifies a peer by its LSR ID. If you do not specify a peer, this command resets all LDP sessions in the specified VPN instance or the public network.

Usage guidelines

Resetting an LDP session deletes and re-establishes the session and all LSPs based on the session.

Changes to LDP session parameters take effect only on new LDP sessions. To apply the changes to an existing LDP session on a network, you must reset all LDP sessions on that network by executing this command without the peer keyword. If you specify the peer keyword, this command resets the LDP session to the specified peer without applying the parameter changes to the session.

Examples

# Reset all LDP sessions in the public network.

<Sysname> reset mpls ldp

# Reset all LDP sessions in VPN instance vpn1.

<Sysname> reset mpls ldp vpn-instance vpn1

snmp-agent trap enable ldp

Use snmp-agent trap enable ldp to enable SNMP notifications for LDP.

Use undo snmp-agent trap enable ldp to disable SNMP notifications for LDP.

Syntax

snmp-agent trap enable ldp

undo snmp-agent trap enable ldp

Default

SNMP notifications for LDP are enabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

This command enables generating SNMP notifications for LDP upon LDP session changes, as defined in RFC 3815. For LDP event notifications to be sent correctly, you must also configure SNMP on the device. For more information about SNMP configuration, see the network management and monitoring configuration guide for the device.

Examples

# Enable SNMP notifications for LDP.

<Sysname> system-view

[Sysname] snmp-agent trap enable ldp

vpn-instance

Use vpn-instance to enable LDP for a VPN instance and enter LDP-VPN instance view, or enter the view of an existing LDP-VPN instance.

Use undo vpn-instance to delete the LDP-VPN instance.

Syntax

vpn-instance vpn-instance-name

undo vpn-instance vpn-instance-name

Default

LDP is disabled for a VPN instance.

Views

LDP view

Predefined user roles

network-admin

Parameters

vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. The VPN instance must have been created by the ip vpn-instance command in system view.

Usage guidelines

Enabling LDP for VPN instances is used for the Carrier's Carrier network that uses LDP between the Level 1 carrier and Level 2 carrier PEs. In such a network, you must enable LDP for each VPN instance on each Level 1 carrier PE.

The NSR, GR, and LDP-IGP synchronization commands, the dscp command, the session protection command, and the targeted-peer command are available only in LDP view. All other commands available in LDP view are available in LDP-VPN instance view.

Commands executed in LDP view take effect only on the public network. Commands executed in LDP-VPN instance view take effect only on the specified VPN instance. The dscp command, NSR commands, and GR commands are global commands and take effect on all VPN instances and the public network.

Examples

# Enable LDP for VPN instance vpn1 and enter LDP-VPN instance view.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] vpn-instance vpn1

[Sysname-ldp-vpn-instance-vpn1]

Related commands

ip vpn-instance

mpls ldp

IPv4 LDP commands

accept-label

Use accept-label to configure a label acceptance policy.

Use undo accept-label to delete a label acceptance policy.

Syntax

accept-label peer peer-lsr-id prefix-list prefix-list-name

undo accept-label peer peer-lsr-id

Default

No label acceptance policy is configured. LDP accepts all IPv4 FEC-label mappings from all peers.

Views

LDP view

LDP-VPN instance view

Predefined user roles

network-admin

Parameters

peer peer-lsr-id: Specifies an LDP peer by its LSR ID.

prefix-list prefix-list-name: Specifies an IPv4 prefix list by its name, a case-sensitive string of 1 to 63 characters.

Usage guidelines

This feature enables you to control the number of FEC-label mappings received from peers. LDP accepts only the FEC-label mappings whose IPv4 prefixes are permitted by the specified IPv4 prefix list from the specified peer.

To accept the previously denied label mappings from a peer, use the undo accept-label command or change the IPv4 prefix list for the peer. Then, execute the reset mpls ldp command to reset the LDP session to that peer to apply the new settings.

Using a label advertisement policy on an LSR or using a label acceptance policy on its upstream LSR can achieve the same purpose. As a best practice, use the label advertisement policy to reduce network load.

Examples

# Configure a label acceptance policy to accept only the FEC-label mappings containing IPv4 prefixes 10.1.1.0/24 and 10.2.1.0/24 from the LDP peer 1.1.1.9.

<Sysname> system-view

[Sysname] ip prefix-list prefix-from-RTA index 1 permit 10.1.1.0 24

[Sysname] ip prefix-list prefix-from-RTA index 2 permit 10.2.1.0 24

[Sysname] mpls ldp

[Sysname-ldp] accept-label peer 1.1.1.9 prefix-list prefix-from-RTA

Related commands

display mpls ldp peer verbose

ip prefix-list (Layer 3—IP Routing Command Reference)

advertise-label

Use advertise-label to configure a label advertisement policy.

Use undo advertise-label to delete a label advertisement policy.

Syntax

advertise-label prefix-list prefix-list-name [ peer peer-prefix-list-name ]

undo advertise-label prefix-list prefix-list-name

Default

No label advertisement policy is configured. The device advertises IPv4 FEC-label mappings permitted by the LSP generation policy to all peers.

Views

LDP view

LDP-VPN instance view

Predefined user roles

network-admin

Parameters

prefix-list prefix-list-name: Specifies an IPv4 prefix list by its name, a case-sensitive string of 1 to 63 characters. This prefix list filters advertised label mappings.

peer peer-prefix-list-name: Specifies an IPv4 prefix list by its name, a case-sensitive string of 1 to 63 characters. This prefix list filters LDP peers. If you do not specify this option, the device advertises label mappings to all peers.

Usage guidelines

Use a label advertisement policy to filter label mappings advertised to peers.

Configure multiple label advertisement policies by executing this command multiple times.

If a label mapping is permitted by an advertisement policy, LDP advertises the mapping by following these rules:

· If the policy has no peer IPv4 prefix list (peer peer-prefix-list-name not specified), LDP advertises the label mapping to all peers.

· If the policy has a peer IPv4 prefix list, LDP advertises the label mapping to the peers permitted by the peer IPv4 prefix list.

If a label mapping is permitted by multiple advertisement policies, LDP advertises the label mapping according to the first configured policy.

Examples

# Configure two label advertisement policies. One policy advertises only the label mapping for subnet 10.1.1.0/24 to the peer 3.3.3.9. The other policy advertises only the label mapping for subnet 10.2.1.0/24 to the peer 4.4.4.9.

<Sysname> system-view

[Sysname] ip prefix-list prefix-to-C permit 10.1.1.0 24

[Sysname] ip prefix-list prefix-to-D permit 10.2.1.0 24

[Sysname] ip prefix-list peer-C permit 3.3.3.9 32

[Sysname] ip prefix-list peer-D permit 4.4.4.9 32

[Sysname] mpls ldp

[Sysname-ldp] advertise-label prefix-list prefix-to-C peer peer-C

[Sysname-ldp] advertise-label prefix-list prefix-to-D peer peer-D

Related commands

display mpls ldp fec

ip prefix-list (Layer 3—IP Routing Command Reference)

lsp-trigger

display mpls ldp igp sync

Use display mpls ldp igp sync to display LDP-IGP synchronization information.

Syntax

display mpls ldp igp sync [ interface interface-type interface-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

interface interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, this command displays LDP-IGP synchronization information for all interfaces.

Example

# Display LDP-IGP synchronization information for all interfaces.

<Sysname> display mpls ldp igp sync

GigabitEthernet2/0/2:

IGP protocols: OSPF

Sync status: Ready

Peers:

10.1.1.2:0

GigabitEthernet2/0/3:

IGP protocols: OSPF, IS-IS

Sync status: Delayed (24 sec remaining)

Peers:

20.1.1.2:0

GigabitEthernet2/0/1:

LDP-IGP synchronization is disabled on the interface

Table 22 Command output

Field	Description
IGP protocols	IGP protocols that require LDP-IGP synchronization: OSPF and IS-IS.
Sync status	LDP-IGP synchronization state: · Ready—LDP is converged and is available for IGP. · Delayed—LDP is waiting to notify IGP of the convergence. remaining indicates the remaining time for the delay, in seconds. · Not ready—LDP is not converged and is not available for IGP. · LDP not enabled—LDP is not enabled on the interface.
Peers	LDP peer that completes LDP convergence on the interface.

igp sync delay

Use igp sync delay to set the delay for LDP to notify IGP of the LDP convergence completion.

Use undo igp sync delay to restore the default.

Syntax

igp sync delay time

undo igp sync delay

Default

LDP immediately notifies IGP of the LDP convergence completion.

Views

LDP view

Predefined user roles

network-admin

Parameters

time: Specifies the notification delay in the range of 5 to 300 seconds.

Usage guidelines

LDP convergence on a link is completed when the following conditions exist:

· The local device establishes an LDP session to a minimum of one peer, and the LDP session is already in Operational state.

· The local device has distributed the label mappings to a minimum of one peer.

If LDP notifies IGP immediately after convergence, MPLS traffic forwarding might be interrupted in one of the following scenarios:

· LDP peers use the Ordered label distribution control mode. When LDP notifies IGP of the LDP convergence, the device has not received a label mapping from downstream.

· A large number of label mappings are distributed from downstream. When LDP notifies IGP of the LDP convergence completion, label advertisement is not completed.

In these scenarios, you must use the igp sync delay command to configure the notification delay. When LDP convergence on a link is completed, LDP waits a delay time before notifying IGP of the LDP convergence completion to reduce traffic interruption.

Examples

# Set a 30-second delay for LDP to notify IGP of the LDP convergence.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] igp sync delay 30

Related commands

igp sync delay on-restart

mpls ldp igp sync disable

mpls ldp sync (IS-IS view)

mpls ldp sync (OSPF view/OSPF area view)

igp sync delay on-restart

Use igp sync delay on-restart to set the maximum delay for LDP to notify IGP of the LDP-IGP synchronization status after an LDP restart or an active/standby switchover occurs.

Use undo igp sync delay on-restart to restore the default.

Syntax

igp sync delay on-restart time

undo igp sync delay on-restart

Default

The maximum notification delay is 90 seconds.

Views

LDP view

Predefined user roles

network-admin

Parameters

time: Specifies the maximum notification delay in the range of 60 to 600 seconds.

Usage guidelines

When an LDP restart or an active/standby switchover occurs, LDP takes time to converge. LDP notifies IGP of the LDP-IGP synchronization status as follows:

· If a notification delay is not configured, LDP immediately notifies IGP of the current synchronization states during convergence, and then updates the states after LDP convergence. This could impact IGP processing.

· If a notification delay is configured, LDP notifies IGP of the synchronization states in bulk when one of the following events occurs:

¡ LDP recovers to the state before the restart or switchover.

¡ The maximum delay timer expires.

Examples

# Set a 300-second maximum delay for LDP to notify IGP of the LDP-IGP synchronization status after an LDP restart or active/standby switchover occurs.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] igp sync delay on-restart 300

Related commands

igp sync delay

mpls ldp igp sync disable

mpls ldp sync (IS-IS view)

mpls ldp sync (OSPF view/OSPF area view)

import bgp

Use import bgp to enable LDP to redistribute BGP IPv4 unicast routes.

Use undo import bgp to disable LDP from redistributing BGP IPv4 unicast routes.

Syntax

import bgp [ as-number ]

undo import bgp

Default

LDP does not redistribute BGP IPv4 unicast routes.

Views

LDP view

LDP-VPN instance view

Predefined user roles

network-admin

Parameters

as-number: Redistributes BGP IPv4 unicast routes in the specified AS. An AS number is in the range of 1 to 4294967295. If you do not specify an AS number, this command enables LDP to redistribute all BGP IPv4 unicast routes.

Usage guidelines

CAUTION:

Use this command only if necessary. Execution of this command will increase the number of routes redistributed to LDP. A large number of redistributed routes will use a large amount of labels and memory.

By default, LDP automatically redistributes IPv4 IGP routes, including the BGP IPv4 unicast routes that have been redistributed into IGP. Then, LDP assigns labels to the IGP routes and labeled BGP routes if these routes are permitted by an LSP generation policy. LDP does not automatically redistribute BGP IPv4 unicast routes if the routes are not redistributed into the IGP.

For example, on a carrier's carrier network where IGP is not configured between a PE of a Level 1 carrier and a CE of a Level 2 carrier, LDP cannot redistribute BGP IPv4 unicast routes to assign labels to them. For this network to operate correctly, you can enable LDP to redistribute BGP IPv4 unicast routes. If the routes are permitted by an LSP generation policy, LDP assigns labels to them to establish LSPs. For more information about carrier's carrier, see MPLS Configuration Guide.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Enable LDP to redistribute BGP IPv4 unicast routes in AS 100 on the public network.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] import bgp 100

Related commands

lsp-trigger

Use lsp-trigger to configure an LSP generation policy for IPv4 FECs.

Use undo lsp-trigger to restore the default.

Syntax

lsp-trigger { all | prefix-list prefix-list-name }

undo lsp-trigger

Default

LDP only uses redistributed IPv4 host routes with a 32-bit mask to generate LSPs.

Views

LDP view

LDP-VPN instance view

Predefined user roles

network-admin

Parameters

all: Enables LDP to use all redistributed routes to generate LSPs.

prefix-list prefix-name: Specifies an IPv4 prefix list by its name, a case-sensitive string of 1 to 63 characters. LDP uses only the redistributed routes permitted by the IPv4 prefix list to generate LSPs.

Usage guidelines

LDP assigns labels to the routes that have been redistributed into LDP to generate LSPs. An LSP generation policy specifies the routes that LDP uses to generate LSPs.

The default LSP generation policy depends on the label distribution control mode.

· In Ordered mode, LDP can only use the following routes to generate LSPs:

¡ Loopback interface address routes with a 32-bit mask.

¡ The routes with a 32-bit mask that match the FECs of label mappings received from downstream LSRs.

· In Independent mode, LDP can use all routes with a 32-bit mask to generate LSPs.

After you configure an LSP generation policy, LDP uses all redistributed routes or those permitted by the IPv4 prefix list to generate LSPs, regardless of the label distribution control mode.

As a best practice, use the default LSP generation policy.

Examples

# Configure an LSP generation policy that enables LDP to use only redistributed routes 10.10.1.0/24 and 10.20.1.0/24 to establish LSPs for the public network.

<Sysname> system-view

[Sysname] ip prefix-list egress-fec-list index 1 permit 10.10.1.0 24

[Sysname] ip prefix-list egress-fec-list index 2 permit 10.20.1.0 24

[Sysname] mpls ldp

[Sysname-ldp] lsp-trigger prefix-list egress-fec-list

Related commands

import bgp

ip prefix-list (Layer 3—IP Services Command Reference)

mpls ldp enable

Use mpls ldp enable to enable IPv4 LDP on an interface.

Use undo mpls ldp enable to disable IPv4 LDP on an interface.

Syntax

mpls ldp enable

undo mpls ldp enable

Default

IPv4 LDP is disabled on an interface.

Views

Interface view

Predefined user roles

network-admin

Usage guidelines

An up interface enabled with IPv4 LDP and MPLS sends IPv4 Link Hellos for neighbor discovery.

On an LDP over MPLS TE network, an up MPLS TE tunnel interface enabled with LDP sends Targeted Hellos to the tunnel destination. The interface establishes a session to the tunnel peer to set up an LDP LSP over the MPLS TE tunnel.

Before you enable IPv4 LDP on an interface, use the mpls ldp command in system view to enable LDP globally. If the interface is bound to a VPN instance, you must also use the vpn-instance command to enable LDP for the VPN instance.

Disabling LDP on an interface terminates all LDP sessions on the interface, and removes all LSPs established through the sessions.

An interface can be enabled with both IPv4 LDP and IPv6 LDP.

Examples

# Enable IPv4 LDP on interface GigabitEthernet 2/0/1.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] quit

[Sysname] interface gigabitethernet 2/0/1

[Sysname-GigabitEthernet2/0/1] mpls ldp enable

Related commands

display mpls ldp interface

mpls enable

mpls ldp

mpls ldp ipv6 enable

mpls ldp igp sync disable

Use mpls ldp igp sync disable to disable LDP-IGP synchronization on an interface.

Use undo mpls ldp igp sync disable to enable LDP-IGP synchronization on an interface.

Syntax

mpls ldp igp sync disable

undo mpls ldp igp sync disable

Default

LDP-IGP synchronization is enabled on an interface.

Views

Interface view

Predefined user roles

network-admin

Usage guidelines

After you enable LDP-IGP synchronization for an OSPF area or an IS-IS process, LDP-IGP synchronization is enabled on the OSPF or IS-IS process interfaces by default. To disable LDP-IGP synchronization on an interface, execute the mpls ldp igp sync disable command on that interface.

Examples

# Disable LDP-IGP synchronization on GigabitEthernet 2/0/1.

<Sysname> System-view

[Sysname] interface gigabitethernet 2/0/1

[Sysname-GigabitEthernet2/0/1] mpls ldp igp sync disable

Related commands

mpls ldp sync (IS-IS view)

mpls ldp sync (OSPF view/OSPF area view)

mpls ldp sync (IS-IS view)

Use mpls ldp sync to enable LDP-ISIS synchronization.

Use undo mpls ldp sync to disable LDP-ISIS synchronization.

Syntax

mpls ldp sync [ level-1 | level-2 ]

undo mpls ldp sync [ level-1 | level-2 ]

Default

LDP-ISIS synchronization is disabled.

Views

IS-IS view

Predefined user roles

network-admin

Parameters

level-1: Specifies Level-1 of the IS-IS process.

level-2: Specifies Level-2 of the IS-IS process.

Usage guidelines

LDP establishes LSPs based on the IGP optimal route. If LDP is not synchronized with IGP, MPLS traffic forwarding might be interrupted. The LDP-IGP synchronization feature is used to solve the synchronization problem.

After LDP-IGP synchronization is enabled, IGP advertises the actual cost of a link only when LDP convergence on the link is completed. Before LDP is converged, IGP advertises the maximum cost of the link. As a result, the link is visible on the IGP topology, but IGP does not select the link as the optimal route when other links are available. In this way, the device can avoid discarding MPLS packets due to lack of LDP LSP on the optimal route.

LDP-IGP synchronization is not supported for an IS-IS process that belongs to a VPN instance.

If you do not specify any keywords, this command enables LDP-ISIS synchronization for both Level-1 and Level-2.

If you execute this command multiple times, the most recent configuration takes effect. For example, if you execute the mpls ldp sync level-1 command after you execute the mpls ldp sync command, LDP-ISIS synchronization is enabled for Level-1 but disabled for Level-2.

Examples

# Enable LDP-ISIS synchronization for Level-2 of IS-IS process 1.

<Sysname> system-view

[Sysname] isis 1

[Sysname-isis-1] mpls ldp sync level-2

Related commands

display mpls ldp igp sync

igp sync delay

igp sync delay on-restart

mpls ldp igp sync disable

mpls ldp sync (OSPF view/OSPF area view)

Use mpls ldp sync to enable LDP-OSPF synchronization.

Use undo mpls ldp sync to disable LDP-OSPF synchronization.

Syntax

mpls ldp sync

undo mpls ldp sync

Default

LDP-OSPF synchronization is disabled.

Views

OSPF view

OSPF area view

Predefined user roles

network-admin

Usage guidelines

LDP-IGP synchronization is not supported for an OSPF process and its OSPF areas if the OSPF process belongs to a VPN instance.

To enable LDP-OSPF synchronization for an OSPF area, use this command in OSPF area view. To enable LDP-OSPF synchronization for all areas of an OSPF process, use this command in OSPF view.

Examples

# Enable LDP-OSPF synchronization for OSPF process 1.

<Sysname> system-view

[Sysname] ospf 1

[Sysname-ospf-1] mpls ldp sync

Related commands

display mpls ldp igp sync

igp sync delay

igp sync delay on-restart

mpls ldp igp sync disable

mpls ldp transport-address

Use mpls ldp transport-address to specify the LDP transport address.

Use undo mpls ldp transport-address to remove the configuration.

Syntax

In interface view:

mpls ldp transport-address { ipv4-address | interface }

undo mpls ldp transport-address { ipv4-address | interface }

In LDP peer view:

mpls ldp transport-address ipv4-address

undo mpls ldp transport-address

Default

In interface view, if the interface belongs to the public network, the LDP transport address is the local LSR ID. If the interface belongs to a VPN, the LDP transport address is the primary IP address of the interface.

In LDP peer view, the LDP transport address is the local LSR ID.

Views

Interface view

LDP peer view

Predefined user roles

network-admin

Parameters

ipv4-address: Specifies the LDP IPv4 transport address.

interface: Uses the IPv4 address of the current interface as the LDP IPv4 transport address.

Usage guidelines

Before two LSRs establish an IPv4 LDP session, they must establish a TCP connection by using the LDP IPv4 transport address.

As a best practice, use the default transport address.

If two LSRs have multiple links in between and you want to establish an IPv4 LDP session on each link, make sure all the links use the same IPv4 transport address.

Examples

# Specify the LDP transport address carried in Targeted Hellos sent to peer 3.3.3.3 as 2.2.2.2.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] targeted-peer 3.3.3.3

[Sysname-ldp-peer-3.3.3.3] mpls ldp transport-address 2.2.2.2

# On interface GigabitEthernet 2/0/1, specify the LDP transport address carried in Link Hellos as the IP address of the interface.

<Sysname> system-view

[Sysname] interface gigabitethernet 2/0/1

[Sysname-GigabitEthernet2/0/1] mpls ldp transport-address interface

Related commands

display mpls ldp discovery

targeted-peer

session protection

Use session protection to enable session protection.

Use undo session protection to disable session protection.

Syntax

session protection [ duration time ] [ peer peer-prefix-list-name ]

undo session protection

Default

Session protection is disabled.

Views

LDP view

Predefined user roles

network-admin

Parameters

duration time: Specifies the session protection duration time in the range of 30 to 2147483 seconds. If you do not specify the duration, session protection always takes effect.

peer peer-prefix-list-name: Specifies an IP prefix list by its name, a case-sensitive string of 1 to 63 characters. Sessions to the peers whose LSR IDs are permitted by the specified IP prefix list are protected. If you do not specify this option, all sessions established by the Basic Discovery mechanism are protected.

Usage guidelines

If two LDP peers have both a direct link and an indirect link in between, you can configure this feature to protect their LDP session when the direct link fails.

LDP establishes both a Link Hello adjacency over the direct link and a Targeted Hello adjacency over the indirect link with the peer. When the direct link fails, LDP deletes the Link Hello adjacency but still maintains the Targeted Hello adjacency. In this way, the LDP session between the two peers is kept available, and the FEC-label mappings based on this session are not deleted. When the direct link recovers, the LDP peers do not need to re-establish the LDP session or re-learn the FEC-label mappings.

When you enable the session protection feature, you can specify the session protection duration. If the Link Hello adjacency does not recover within the duration, LDP deletes the Targeted Hello adjacency and the LDP session. If you do not specify the session protection duration, the two peers always maintain the LDP session over the Targeted Hello adjacency.

Examples

# Enable protection for the session to the peer 3.3.3.3, and set the session protection duration to 120 seconds.

<Sysname> system-view

[Sysname] ip prefix-list protected-peer-list index 1 permit 3.3.3.3 32

[Sysname] mpls ldp

[Sysname-ldp] session protection duration 120 peer protected-peer-list

Related commands

display mpls ldp peer

targeted-peer

Use targeted-peer to create a targeted IPv4 LDP peer and enter its view, or enter the view of an existing targeted IPv4 LDP peer. The device can send unsolicited IPv4 Targeted Hellos to the peer and can respond to IPv4 Targeted Hellos received from the peer.

Use undo targeted-peer to cancel the configuration.

Syntax

targeted-peer ipv4-address

undo targeted-peer ipv4-address

Default

No targeted LDP peers exist. The device does not send IPv4 Targeted Hellos to any peers, or respond to IPv4 Targeted Hellos received from any peers.

Views

LDP view

Predefined user roles

network-admin

Parameters

ipv4-address: Specifies the peer IPv4 address.

Usage guidelines

If you do not specify the LDP transport address, LDP sends the local LSR ID to the peer specified by this command in IPv4 Targeted Hellos.

To ensure a successful IPv4 Targeted Hello adjacency, make sure the following requirements are met:

· The peer IPv4 address configured on the local LSR is the same as the IPv4 transport address configured in LDP peer view on the peer.

· A route exists between the local IPv4 transport address and the peer IPv4 address.

LDP automatically sends Targeted Hellos to the specified peer after one of the following features is configured:

· LDP session protection.

· LDP over MPLS TE.

· MPLS L2VPN LDP PW.

· VPLS LDP PW.

To modify the Targeted Hello/Keepalive hold time and interval, you must use this command to create the LDP peer, and then perform the modification in the LDP peer view.

Examples

# Configure the device to send IPv4 Targeted Hellos to the peer 3.3.3.3, and enter LDP peer view.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] targeted-peer 3.3.3.3

[Sysname-ldp-peer-3.3.3.3]

Related commands

display mpls ldp discovery

display mpls ldp peer

IPv6 LDP commands

ipv6 accept-label

Use ipv6 accept-label to configure a label acceptance policy.

Use undo ipv6 accept-label to delete a label acceptance policy.

Syntax

ipv6 accept-label peer peer-lsr-id prefix-list prefix-list-name

undo ipv6 accept-label peer peer-lsr-id

Default

No label acceptance policy is configured. LDP accepts all IPv6 FEC-label mappings from all peers.

Views

LDP view

LDP-VPN instance view

Predefined user roles

network-admin

Parameters

peer peer-lsr-id: Specifies an LDP peer by its LSR ID.

prefix-list prefix-list-name: Specifies an IPv6 prefix list by its name, a case-sensitive string of 1 to 63 characters.

Usage guidelines

This feature enables you to control the number of FEC-label mappings received from peers. LDP accepts only the FEC-label mappings whose IPv6 prefixes are permitted by the specified IPv6 prefix list from the specified peer.

To accept the previously denied label mappings from a peer, use the undo ipv6 accept-label command or change the IPv6 prefix list for the peer. Then, execute the reset mpls ldp command to reset the LDP session to that peer to apply the new settings.

Examples

# Configure a label acceptance policy to accept only the FEC-label mappings containing IPv6 prefix 2001:D00::/32 and a prefix length greater than or equal to 32 bits from the LDP peer 1.1.1.9.

<Sysname> system-view

[Sysname] ipv6 prefix-list prefix-from-RTA permit 2001:D00:: 32 less-equal 128

[Sysname] mpls ldp

[Sysname-ldp] ipv6 accept-label peer 1.1.1.9 prefix-list prefix-from-RTA

Related commands

display mpls ldp peer verbose

ipv6 prefix-list (Layer 3—IP Routing Command Reference)

ipv6 advertise-label

Use ipv6 advertise-label to configure a label advertisement policy.

Use undo ipv6 advertise-label to delete a label advertisement policy.

Syntax

ipv6 advertise-label prefix-list prefix-list-name [ peer peer-prefix-list-name ]

undo ipv6 advertise-label prefix-list prefix-list-name

Default

No label advertisement policy is configured. The device advertises IPv6 FEC-label mappings permitted by the LSP generation policy to all peers.

Views

LDP view

LDP-VPN instance view

Predefined user roles

network-admin

Parameters

prefix-list prefix-list-name: Specifies an IPv6 prefix list by its name, a case-sensitive string of 1 to 63 characters. This prefix list filters advertised label mappings.

peer peer-prefix-list-name: Specifies an IPv6 prefix list by its name, a case-sensitive string of 1 to 63 characters. This prefix list filters LDP peers. If you do not specify this option, the device advertises label mappings to all peers.

Usage guidelines

Use a label advertisement policy to filter label mappings advertised to peers.

Configure multiple label advertisement policies by executing this command multiple times.

If a label mapping is permitted by an advertisement policy, LDP advertises the mapping by following these rules:

· If the policy has no peer IPv6 prefix list (peer peer-prefix-list-name not specified), LDP advertises the label mapping to all peers.

· If the policy has a peer IPv6 prefix list, LDP advertises the label mapping to the peers permitted by the peer IPv6 prefix list.

If a label mapping is permitted by multiple advertisement policies, LDP advertises the label mapping according to the first configured policy.

Examples

# Configure two label advertisement policies. One policy advertises only the label mapping for subnet 2001::1/64 to the peer 3.3.3.9. The other policy advertises only the label mapping for subnet 3001::1/64 to the peer 4.4.4.9.

<Sysname> system-view

[Sysname] ipv6 prefix-list prefix-to-C permit 2001::1 64

[Sysname] ipv6 prefix-list prefix-to-D permit 3001::1 64

[Sysname] ip prefix-list peer-C permit 3.3.3.9 32

[Sysname] ip prefix-list peer-D permit 4.4.4.9 32

[Sysname] mpls ldp

[Sysname-ldp] ipv6 advertise-label prefix-list prefix-to-C peer peer-C

[Sysname-ldp] ipv6 advertise-label prefix-list prefix-to-D peer peer-D

Related commands

display mpls ldp fec

ipv6 prefix-list (Layer 3—IP Routing Command Reference)

ipv6 lsp-trigger

Use ipv6 lsp-trigger to configure an LSP generation policy for IPv6 FECs.

Use undo ipv6 lsp-trigger to restore the default.

Syntax

ipv6 lsp-trigger { all | prefix-list prefix-list-name }

undo ipv6 lsp-trigger

Default

LDP only uses redistributed IPv6 host routes with a 128-bit mask to generate LSPs.

Views

LDP view

LDP-VPN instance view

Predefined user roles

network-admin

Parameters

all: Enables LDP to use all redistributed routes to generate LSPs.

prefix-list prefix-name: Specifies an IPv6 prefix list by its name, a case-sensitive string of 1 to 63 characters. LDP uses only the redistributed routes permitted by the IPv6 prefix list to generate LSPs.

Usage guidelines

LDP assigns labels to the routes that have been redistributed into LDP to generate LSPs. An LSP generation policy specifies the routes that LDP uses to generate LSPs.

The default LSP generation policy depends on the label distribution control mode.

· In Ordered mode, LDP can only use the following routes to generate LSPs:

¡ Loopback interface address routes with a 128-bit mask.

¡ The routes with a 128-bit mask that match the FECs of label mappings received from downstream LSRs.

· In Independent mode, LDP can use all routes with a 128-bit mask to generate LSPs.

After you configure an LSP generation policy, LDP uses all redistributed routes or those permitted by the IPv6 prefix list to generate LSPs, regardless of the label distribution control mode.

As a best practice, use the default LSP generation policy.

Examples

# Configure an LSP generation policy that enables LDP to use only redistributed routes 2001::1/64 to establish LSPs for the public network.

<Sysname> system-view

[Sysname] ipv6 prefix-list egress-fec-list permit 2001::1 64

[Sysname] mpls ldp

[Sysname-ldp] ipv6 lsp-trigger prefix-list egress-fec-list

Related commands

ipv6 import bgp

ipv6 prefix-list (Layer 3—IP Services Command Reference)

ipv6 import bgp

Use ipv6 import bgp to enable LDP to redistribute BGP IPv6 unicast routes.

Use undo ipv6 import bgp to disable LDP from redistributing BGP IPv6 unicast routes.

Syntax

ipv6 import bgp [ as-number ]

undo ipv6 import bgp

Default

LDP does not redistribute BGP IPv6 unicast routes.

Views

LDP view

LDP-VPN instance view

Predefined user roles

network-admin

Parameters

as-number: Redistributes BGP IPv6 unicast routes in the specified AS. An AS number is in the range of 1 to 4294967295. If you do not specify an AS number, this command enables LDP to redistribute all BGP IPv6 unicast routes.

Usage guidelines

CAUTION:

Use this command only if necessary. Execution of this command will increase the number of routes redistributed to LDP. A large number of redistributed routes use a large amount of labels and memory.

By default, LDP automatically redistributes IPv6 IGP routes, including the BGP IPv6 unicast routes that have been redistributed into IGP. Then, LDP assigns labels to the IGP routes and labeled BGP routes if these routes are permitted by an LSP generation policy. LDP does not automatically redistribute BGP IPv6 unicast routes if the routes are not redistributed into the IGP.

For example, on a carrier's carrier network where IGP is not configured between a PE of a Level 1 carrier and a CE of a Level 2 carrier, LDP cannot redistribute BGP IPv6 unicast routes to assign labels to them. For this network to operate correctly, enable LDP to redistribute BGP IPv6 unicast routes. If the routes are permitted by an LSP generation policy, LDP assigns labels to them to establish LSPs. For more information about carrier's carrier, see MPLS Configuration Guide.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Enable LDP to redistribute BGP IPv6 unicast routes in AS 100 on the public network.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] ipv6 import bgp 100

Related commands

ipv6 lsp-trigger

mpls ldp ipv6 enable

Use mpls ldp ipv6 enable to enable IPv6 LDP on an interface.

Use undo mpls ldp ipv6 enable to disable IPv6 LDP on an interface.

Syntax

mpls ldp ipv6 enable

undo mpls ldp ipv6 enable

Default

IPv6 LDP is disabled on an interface.

Views

Interface view

Predefined user roles

network-admin

Usage guidelines

An up interface enabled with IPv6 LDP and MPLS sends IPv6 Link Hellos for neighbor discovery.

Before you enable IPv6 LDP on an interface, use the mpls ldp command in system view to enable LDP globally. If the interface is bound to a VPN instance, you must also use the vpn-instance command to enable LDP for the VPN instance.

An interface can be enabled with both IPv4 LDP and IPv6 LDP.

If an interface is enabled with only IPv6 LDP, LDP can send IPv6 Hellos only after you specify the LDP transport address by using the mpls ldp transport-address command.

Examples

# Enable IPv6 LDP on interface GigabitEthernet 2/0/1.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] quit

[Sysname] interface gigabitethernet 2/0/1

[Sysname-GigabitEthernet2/0/1] mpls ldp ipv6 enable

Related commands

display mpls ldp interface

mpls enable

mpls ldp

mpls ldp enable

mpls ldp transport-address

Use mpls ldp transport-address to specify the IPv6 LDP transport address.

Use undo mpls ldp transport-address to remove the configuration.

Syntax

In interface view:

mpls ldp transport-address ipv6-address

undo mpls ldp transport-address ipv6-address

In LDP peer view:

mpls ldp transport-address ipv6-address

undo mpls ldp transport-address

Default

No LDP IPv6 transport address is configured.

Views

Interface view

LDP peer view

Predefined user roles

network-admin

Parameters

ipv6-address: Specifies the LDP IPv6 transport address.

Usage guidelines

Before two LSRs establish an IPv6 LDP session, they must establish a TCP connection by using the IPv6 LDP transport address.

The local LSR sends the IPv6 transport address carried in IPv6 Link Hellos or IPv6 Targeted Hellos to the peer.

Examples

# Specify the LDP transport address as 2002::1 for the TCP connection established with peer 2001::1.

<Sysname> System-view

[Sysname] mpls ldp

[Sysname-ldp] targeted-peer 2001::1

[Sysname-ldp-peer-2001::1] mpls ldp transport-address 2002::1

Related commands

display mpls ldp discovery

targeted-peer

Use targeted-peer to create a targeted IPv6 LDP peer and enter its view, or enter the view of an existing targeted IPv6 LDP peer. The device can send unsolicited IPv6 Targeted Hellos to the peer and can respond to IPv6 Targeted Hellos received from the peer.

Use undo targeted-peer to cancel the configuration.

Syntax

targeted-peer ipv6-address

undo targeted-peer ipv6-address

Default

No targeted LDP peers exist. The device does not send IPv6 Targeted Hellos to any peers, or respond to IPv6 Targeted Hellos received from any peers.

Views

LDP view

Predefined user roles

network-admin

Parameters

ipv6-address: Specifies the peer IPv6 address.

Usage guidelines

After a targeted IPv6 LDP peer is created, LDP does not send IPv6 Targeted Hellos to the peer until you specify the LDP IPv6 transport address in LDP peer view.

To ensure a successful IPv6 Targeted Hello adjacency, make sure the following requirements are met:

· The peer IPv6 address configured on the local LSR is the same as the IPv6 transport address configured in LDP peer view on the peer.

· A route exists between the local IPv6 transport address and the peer IPv6 address.

Examples

# Configure the device to send IPv6 Targeted Hellos to the peer 2001::1, and enter LDP peer view.

<Sysname> system-view

[Sysname] mpls ldp

[Sysname-ldp] targeted-peer 2001::1

[Sysname-ldp-peer-2001::1]

Related commands

display mpls ldp discovery

display mpls ldp peer

MPLS TE commands

The following matrix shows the feature and hardware compatibility:

Hardware	MPLS TE compatibility
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No
MSR2600-6-X1/2600-10-X1	Yes
MSR 2630	Yes
MSR3600-28/3600-51	Yes
MSR3600-28-SI/3600-51-SI	No
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes
MSR 3610/3620/3620-DP/3640/3660	Yes
MSR5620/5660/5680	Yes

Hardware	MPLS TE compatibility
MSR810-LM-GL	No
MSR810-W-LM-GL	No
MSR830-6EI-GL	No
MSR830-10EI-GL	No
MSR830-6HI-GL	No
MSR830-10HI-GL	No
MSR2600-6-X1-GL	Yes
MSR3600-28-SI-GL	No

auto-bandwidth enable

Use auto-bandwidth enable to enable automatic bandwidth adjustment globally, and set the output rate sampling interval.

Use undo auto-bandwidth enable to disable automatic bandwidth adjustment.

Syntax

auto-bandwidth enable [ sample-interval interval ]

undo auto-bandwidth enable

Default

The global automatic bandwidth adjustment is disabled.

Views

MPLS TE view

Predefined user roles

network-admin

Parameters

sample-interval interval: Specifies an output rate sampling interval for tunnels enabled with automatic bandwidth adjustment, in the range of 1 to 604800 seconds. The default sampling interval is 300 seconds. As a best practice, use the default sampling interval.

Usage guidelines

The automatic bandwidth adjustment feature measures the average output rate of a tunnel, and periodically tunes the bandwidth assigned to the tunnel based on the measurement results.

The output rate sampling feature calculates the average output rate of a tunnel based on the traffic passed through the tunnel interface during a sampling interval.

To use the automatic bandwidth adjustment feature for an MPLS TE tunnel, you must perform the following tasks:

1. Execute the auto-bandwidth enable command to enable this feature globally.

2. Execute the mpls te auto-bandwidth adjustment command in the tunnel interface view.

Examples

# Enable global automatic bandwidth adjustment, and set the output rate sampling interval to 600 seconds on MPLS TE tunnel interfaces.

<Sysname> system-view

[Sysname] mpls te

[Sysname-te] auto-bandwidth enable sample-interval 600

Related commands

mpls te auto-bandwidth

reset mpls te auto-bandwidth-adjustment timers

auto-tunnel backup

Use auto-tunnel backup to enable the automatic bypass tunnel setup feature (also called auto FRR) globally, and enter MPLS TE auto FRR view.

Use undo auto-tunnel backup to disable the auto FRR feature globally.

Syntax

auto-tunnel backup

undo auto-tunnel backup

Default

The auto FRR feature is disabled globally.

Views

MPLS TE view

Predefined user roles

network-admin

Usage guidelines

This feature enables the device to automatically set up two bypass tunnels for each primary CRLSP: one for link protection and the other for node protection. For the tunnels to be set up, you must also use the tunnel-number command to specify a tunnel interface number range.

Execution of the undo auto-tunnel backup command deletes all existing bypass tunnels automatically created for MPLS TE auto FRR.

If the PLR is the penultimate node of a primary CRLSP, the PLR does not create a node-protection bypass tunnel for the primary CRLSP.

Examples

# Enable the automatic bypass tunnel setup feature globally, and enter MPLS TE auto FRR view.

<Sysname> system-view

[Sysname] mpls te

[Sysname-te] auto-tunnel backup

[Sysname-te-auto-bk]

Related commands

mpls te auto-backup disable

nhop-only

timers removal unused

tunnel-number

destination

Use destination to configure the destination address for a tunnel bundle interface.

Use undo destination to restore the default.

Syntax

destination ip-address

undo destination

Default

No destination address is specified for a tunnel bundle interface.

Views

Tunnel bundle interface view

Predefined user roles

network-admin

Parameters

ip-address: Specifies the destination IPv4 address.

Usage guidelines

When the remote PE have the same address as the tunnel bundle destination, the tunnel bundle can be used as the public tunnel for MPLS L3VPN, MPLS L2VPN, and VPLS.

As a best practice, configure the same destination address for a tunnel bundle interface and its member interfaces. If a tunnel bundle interface and its member interfaces have different destination addresses, traffic cannot be forwarded unless the member interfaces can reach the tunnel bundle interface's destination address.

Examples

# Configure the destination address for tunnel bundle interface Tunnel-Bundle 2 as 2.2.2.2.

<Sysname> system-view

[Sysname] interface tunnel-bundle 2

[Sysname-tunnel-bundle2] destination 2.2.2.2

Related commands

display tunnel-bundle

disable

Use disable to disable the current explicit path.

Use undo disable to restore the default.

Syntax

disable

undo disable

Default

The explicit path is enabled.

Views

Explicit path view

Predefined user roles

network-admin

Usage guidelines

You can use the disable command to prevent an explicit path from being used by a tunnel during explicit path configuration.

Examples

# Disable the explicit path named path1.

<Sysname> system-view

[Sysname] explicit-path path1

[Sysname-explicit-path-path1] disable

display explicit-path

Use display explicit-path to display explicit path information.

Syntax

display explicit-path [ path-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

path-name: Displays information about the explicit path specified by its name, a case-sensitive string of 1 to 31 characters. If you do not specify this argument, the command displays information about all explicit paths.

Examples

# Display information about all explicit paths.

<Sysname> display explicit-path

Path Name: path1 Hop Count: 3 Path Status: Enabled

Index IP Address Hop Type Hop Attribute

1 1.1.1.1 Strict Include

101 2.2.2.2 Loose Include

201 3.3.3.3 - Exclude

Table 23 Command output

Field	Description
Path Name	Name of the explicit path.
Hop Count	Number of nodes specified in the explicit path.
Path Status	Explicit path status: · Enabled—The explicit path is available. · Disabled—The explicit path is not available.
Index	Index of a node on the explicit path.
IP Address	IP address of a node on the explicit path.
Hop Type	Node type: · Strict—The node must be connected directly to its previous hop. · Loose—The node can be connected indirectly to its previous hop.
Hop Attribute	Node attribute: · Include—The node must be included in the explicit path. · Exclude—The node must not be included in the explicit path.

display isis mpls te advertisement

Use display isis mpls te advertisement to display link and node information in an IS-IS TEDB.

Syntax

display isis mpls te advertisement [ [ level-1 | level-2 ] | [ originate-system system-id | local ] | verbose ] * [ process-id ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

level-1: Displays link and node information for Level-1 routers.

level-2: Displays link and node information for Level-2 routers.

originate-system system-id: Displays link and node information advertised by the system specified by its system ID, in the format of XXXX.XXXX.XXXX.

local: Displays link and node information advertised by the local device.

verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information.

process-id: Specifies an IS-IS process by its ID in the range of 1 to 65535. If you do not specify an IS-IS process, this command displays link and node information for all IS-IS processes.

Usage guidelines

If you do not specify the level-1 or level-2 keyword, this command displays link and node information for both Level-1 and Level-2 routers.

If you do not specify the originate-system system-id option or the local keyword, this command displays link and node information advertised by all systems.

Examples

# Display brief link and node information in the IS-IS TEDB for Level-1 routers.

<Sysname> display isis mpls te advertisement level-1

TE information for IS-IS(1)

---------------------------

Level-1 TE node and link information

-------------------------------

Node total count : 2

Node index : 0

System ID : 0000.0000.0004

MPLS LSR ID : 4.4.4.4

Node flags : -/-/R/-

Link total count : 1

Link information :

Neighbour Frag ID Link Type Local Address Remote Address

0000.0000.0004.04 0x00 Broadcast 1.1.1.3

Node index : 1

System ID : 0000.0000.0001

MPLS LSR ID : 1.1.1.1

Node flags : -/-/R/-

Link total count : 1

Link information :

Neighbour Frag ID Link Type Local Address Remote Address

0000.0000.0004.04 0x00 Broadcast 1.1.1.1 --

# Display detailed link and node information in the IS-IS TEDB for Level-1 routers.

<Sysname> display isis mpls te advertisement level-1 local verbose

TE information for IS-IS(1)

---------------------------

Level-1 TE node and link information

-------------------------------

Node total count : 2

Node index : 0

System ID : 0000.0000.0004

MPLS LSR ID : 4.4.4.4

Node flags : -/-/R/-

Link total count : 1

Link information :

Link index : 0

Neighbor : 0000.0000.0004.04 Frag ID : 0x00

Link type : Broadcast Admin group : 0x00000000

IGP metric : 10 TE metric : 10

Link flags : -/-/-

Physical bandwidth: 12500000 bytes/sec

Reservable bandwidth: 0 bytes/sec

Unreserved bandwidth for each TE class:

TE class 0: 0 bytes/sec TE class 1: 0 bytes/sec

TE class 2: 0 bytes/sec TE class 3: 0 bytes/sec

TE class 4: 0 bytes/sec TE class 5: 0 bytes/sec

TE class 6: 0 bytes/sec TE class 7: 0 bytes/sec

TE class 8: 0 bytes/sec TE class 9: 0 bytes/sec

TE class 10: 0 bytes/sec TE class 11: 0 bytes/sec

TE class 12: 0 bytes/sec TE class 13: 0 bytes/sec

TE class 14: 0 bytes/sec TE class 15: 0 bytes/sec

Bandwidth constraint model: Prestandard DS-TE RDM

Bandwidth constraints:

BC[00]: 0 bytes/sec BC[01]: 0 bytes/sec

Local address: 1.1.1.3

Node index : 1

System ID : 0000.0000.0001

MPLS LSR ID : 1.1.1.1

Node flags : -/-/-/-

Link total count : 1

Link information :

Link index : 0

Neighbor : 0000.0000.0004.04 Frag ID : 0x00

Link type : Broadcast Admin group : 0x00000000

IGP metric: 10 TE metric : 10

Link flags: -/-/-

Physical bandwidth: 12500000 bytes/sec

Reservable bandwidth: 0 bytes/sec

Unreserved bandwidth for each TE class:

TE class 0: 0 bytes/sec TE class 1: 0 bytes/sec

TE class 2: 0 bytes/sec TE class 3: 0 bytes/sec

TE class 4: 0 bytes/sec TE class 5: 0 bytes/sec

TE class 6: 0 bytes/sec TE class 7: 0 bytes/sec

TE class 8: 0 bytes/sec TE class 9: 0 bytes/sec

TE class 10: 0 bytes/sec TE class 11: 0 bytes/sec

TE class 12: 0 bytes/sec TE class 13: 0 bytes/sec

TE class 14: 0 bytes/sec TE class 15: 0 bytes/sec

Bandwidth constraint model: Prestandard DS-TE RDM

Bandwidth constraints:

BC[00]: 0 bytes/sec BC[01]: 0 bytes/sec

Local address: 1.1.1.1

Table 24 Command output

Field	Description
TE information for IS-IS(1)	TE information for IS-IS process 1.
Node total count	Total number of nodes that advertised TE information.
Node flags	Node information flags: · A—Already synchronized node information with CSPF. · S—Ready to synchronize node information with CSPF again after the previous synchronization failed. · R—The node is reachable. · O—The node is overloaded.
Link total count	Total number of links advertised by the node.
Link information	Link information advertised by the node.
Neighbor	System ID of the neighbor.
Frag ID	LSP fragment number.
Link type	Link type: Broadcast or P2P.
Admin group	Administrator group attribute of the link.
Link flags	Link information flags: · A—Already synchronized link information with CSPF. · U—Ready to update link information with CSPF again after the previous update failed. · D—Ready to delete link information from CSPF again after the previous deletion failed.
Bandwidth constraint model	Bandwidth constraint model: · Prestandard DS-TE RDM. · IETF DS-TE RDM. · IETF DS-TE MAM.
Local address	Local IP address of the link.
Remote address	Remote IP address of the link.

display isis mpls te configured-sub-tlvs

Use display isis mpls te configured-sub-tlvs to display sub-TLV information for IS-IS TE.

Syntax

display isis mpls te configured-sub-tlvs [ process-id ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

process-id: Specifies an IS-IS process by its ID in the range of 1 to 65535. If you do not specify an IS-IS process, this command displays sub-TLV information for all IS-IS processes.

Examples

# Display sub-TLV information for IS-IS TE.

<Sysname> display isis mpls te configured-sub-tlvs

TE sub-TLV information for IS-IS(1)

-----------------------------------

Type value of the unreserved sub-pool bandwidth sub-TLV : 251

Type value of the bandwidth constraint sub-TLV : 252

Table 25 Command output

Field	Description
TE Sub-TLV Information for IS-IS(1)	DS-TE sub-TLV information for IS-IS process 1.

display isis mpls te network

Use display isis mpls te network to display network information in an IS-IS TEDB.

Syntax

display isis mpls te network [ [ level-1 | level-2 ] | local | lsp-id lsp-id ] * [ process-id ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

level-1: Displays network information for Level-1 routers.

level-2: Displays network information for Level-2 routers.

local: Displays network information advertised by the local device.

lsp-id lsp-id: Displays network information for an LSP. The lsp-id argument is the LSP ID in the format of SYSID.Pseudonode ID-fragment num. SYSID represents the system ID of the node or pseudonode that generates the LSP. Pseudonode ID represents ID of the pseudonode. fragment num represents the fragment number of the LSP.

process-id: Specifies an IS-IS process by its ID in the range of 1 to 65535. If you do not specify an IS-IS process, this command displays network information for all IS-IS processes.

Usage guidelines

If you do not specify the level-1 or level-2 keyword, this command displays network information for both Level-1 and Level-2 routers.

If you do not specify the local keyword or the lsp-id lsp-id option, this command displays all TE network information.

Examples

# Display network information in IS-IS TEDBs.

<Sysname> display isis mpls te network

TE information for IS-IS(1)

--------------------------

Level-1 network information

---------------------------

LAN ID : 0000.0000.0004.04

Frag ID : 0x00

Flags : -/-/-

Attached routers : 0000.0000.0001

0000.0000.0004

Level-2 Network Information

---------------------------

LAN ID : 0000.0000.0004.04

Frag ID : 0x00

Flags : -/-/-

Attached routers : 0000.0000.0001

0000.0000.0004

Table 26 Command output

Field	Description
TE information for IS-IS(1)	TE information for IS-IS process 1.
LAN ID	Broadcast network ID, in the format of System-ID.Pseudonode-ID.
Frag ID	LSP fragment number.
Flags	State flag for network information: · A—Already synchronizes network information with CSPF. · U—Ready to update network information with CSPF again after the previous update failed. · D—Ready to delete network information from CSPF again after the previous deletion failed.

display isis mpls te tunnel

Use display isis mpls te tunnel to display MPLS TE tunnel interface information for IS-IS.

Syntax

display isis mpls te tunnel [ level-1 | level-2 ] [ process-id ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

level-1: Displays tunnel interface information for Level-1 routers.

level-2: Displays tunnel interface information for Level-2 routers.

process-id: Specifies an IS-IS process by its ID in the range of 1 to 65535. If you do not specify an IS-IS process, this command displays tunnel information for all IS-IS processes.

Usage guidelines

If you do not specify the level-1 or level-2 keyword, this command displays IS-IS tunnel interface information for both IS-IS Level-1 and IS-IS Level-2 routers.

Examples

# Display MPLS TE tunnel interface information for IS-IS.

<Sysname> display isis mpls te tunnel

MPLS-TE tunnel information for IS-IS(1)

---------------------------------------

Level-1 Tunnel Statistics

-------------------------

Tunnel Name Auto Route Destination Metric

-----------------------------------------------------------------------

Tun0 Advertise 2.2.2.2 Relative 0

Level-2 Tunnel Statistics

-------------------------

Tunnel Name Auto Route Destination Metric

-----------------------------------------------------------------------

Tun0 Advertise 2.2.2.2 Relative 0

Table 27 Command output

Field	Description
MPLS-TE tunnel information for IS-IS(1)	MPLS TE tunnel interface information for IS-IS process 1.
Auto Route	Automatic route advertisement method on the tunnel interface: · Advertise—Forwarding adjacency. · Shortcut—IGP shortcut.
Destination	Tunnel destination address.
Metric	Metric type and value configured on the tunnel interface: · Relative. · Absolute.

display mpls te ds-te

Use display mpls te ds-te to display DS-TE information, including the DS-TE mode, bandwidth constraint (BC) model, and TE classes.

Syntax

display mpls te ds-te

Views

Any view

Predefined user roles

network-admin

network-operator

Examples

# Display DS-TE information.

<Sysname> display mpls te ds-te

MPLS LSR ID : 0.0.0.0

MPLS DS-TE mode : Prestandard

MPLS DS-TE BC model : RDM

TE Class Class Type Priority

0 0 0

1 0 1

2 0 2

3 0 3

4 0 4

5 0 5

6 0 6

7 0 7

8 1 0

9 1 1

10 1 2

11 1 3

12 1 4

13 1 5

14 1 6

15 1 7

Table 28 Command output

Field	Description
MPLS LSR ID	MPLS LSR ID of the device.
MPLS DS-TE mode	DS-TE mode: Prestandard or IETF.
MPLS DS-TE BC model	DS-TE BC model: · RDM—Russian Dolls Model. · MAM—Maximum Allocation Model.
TE Class	Serial number of a TE class.

display mpls te link-management bandwidth-allocation

Use display mpls te link-management bandwidth-allocation to display bandwidth information on MPLS TE-enabled interfaces.

Syntax

display mpls te link-management bandwidth-allocation [ interface interface-type interface-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

interface interface-type interface-number: Displays bandwidth information on the interface specified by its type and number. If you do not specify this option, the command displays bandwidth information on all MPLS TE-enabled interfaces.

Examples

# Display bandwidth information on all MPLS TE-enabled interfaces.

<Sysname> display mpls te link-management bandwidth-allocation

Interface: GigabitEthernet2/0/1

Max Link Bandwidth : 3200000 kbps

Max Reservable Bandwidth of Prestandard RDM : 2000000 kbps

Max Reservable Bandwidth of IETF RDM : 200000 kbps

Max Reservable Bandwidth of IETF MAM : 300000 kbps

Allocated Bandwidth-Item Count :1

Allocated Bandwidth :1000 kbps

Physical Link Status : Up

BC Prestandard RDM(kbps) IETF RDM(kbps) IETF MAM(kbps)

0 2000000 200000 2000

1 1000000 150000 2000

2 0 100000 2000

3 0 50000 2000

TE Class Class Type Priority BW Reserved(kbps) BW Available(kbps)

0 0 0 0 2000000

1 0 1 0 2000000

2 0 2 0 2000000

3 0 3 0 2000000

4 0 4 0 2000000

5 0 5 0 2000000

6 0 6 0 2000000

7 0 7 1000 1999000

8 1 0 0 1000000

9 1 1 0 1000000

10 1 2 0 1000000

11 1 3 0 1000000

12 1 4 0 1000000

13 1 5 0 1000000

14 1 6 0 1000000

15 1 7 0 1000000

Table 29 Command output

Field	Description
Interface	Interface enabled with MPLS TE.
Max Link Bandwidth	Maximum link bandwidth for MPLS TE traffic.
Allocated Bandwidth-Item Count	Number of CRLSPs that have successfully obtained bandwidth.

Related commands

mpls te max-link-bandwidth

mpls te max-reservable-bandwidth

mpls te max-reservable-bandwidth mam

mpls te max-reservable-bandwidth rdm

display mpls te pce discovery

Use display mpls te pce discovery to display information about discovered PCEs.

Syntax

display mpls te pce discovery [ ip-address ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

ip-address: Specifies a PCE by its IP address. If you do not specify this argument, the command displays information about all discovered PCEs.

verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information.

Examples

# Display brief information about PCE 100.100.100.150.

<Sysname> display mpls te pce discovery 100.100.100.150

Total number of PCEs: 1

Peer address Discovery methods

100.100.100.150 Static, OSPF

# Display brief information about all discovered PCEs.

<Sysname> display mpls te pce discovery

Total number of PCEs: 3

Peer address Discovery methods

100.100.100.10 OSPF

100.100.100.150 Static, OSPF

100.100.100.160 Static

Table 30 Command output

Field	Description
Peer address	IP address of the PCE.
Discovery methods	PCE discovery methods: · Static—The PCE is specified by command. · OSPF—The PCE is discovered automatically by OSPF.

Field

Description

Peer address

IP address of the PCE.

Discovery methods

PCE discovery methods:

· Static—The PCE is specified by command.

· OSPF—The PCE is discovered automatically by OSPF.

# Display detailed information about PCE 2.2.2.9.

<Sysname> display mpls te pce discovery 2.2.2.9 verbose

PCE address: 2.2.2.9

Discovery methods: OSPF

Path scopes:

Path scope Preference

Compute intra-area paths 7

Act as PCE for inter-area TE LSP computation 6

Act as a default PCE for inter-area TE LSP computation 6

Capabilities:

Bidirectional path computation

Support for request prioritization

Support for multiple requests per message

Domains:

OSPF 1 area 0.0.0.0

OSPF 1 area 0.0.0.1

# Display detailed information about all discovered PCEs.

<Sysname> display mpls te pce discovery verbose

PCE address: 2.2.2.9

Discovery methods: OSPF

Path scopes:

Path scope Preference

Compute intra-area paths 7

Act as PCE for inter-area TE LSP computation 6

Act as a default PCE for inter-area TE LSP computation 6

Capabilities:

Bidirectional path computation

Support for request prioritization

Support for multiple requests per message

Domains:

OSPF 1 area 0.0.0.0

OSPF 1 area 0.0.0.1

PCE address: 4.4.4.9

Discovery methods: OSPF

Path scopes:

Path scope Preference

Compute intra-area paths 7

Act as PCE for inter-area TE LSP computation 6

Capabilities:

Bidirectional path computation

Support for request prioritization

Support for multiple requests per message

Domains:

OSPF 1 area 0.0.0.2

Neighbor domains:

OSPF 1 area 0.0.0.0

Table 31 Command output

Field	Description
Discovery methods	PCE discovery methods: · Static—The PCE is specified by command. · OSPF—The PCE is discovered automatically by OSPF.
Path scopes	Scope of PCE path computation: · Compute intra-area paths. · Act as PCE for inter-area TE LSP computation. · Act as a default PCE for inter-area TE LSP computation. · Act as PCE for inter-AS TE LSP. · Act as a default PCE for inter-AS TE LSP. · Act as PCE for inter-layer TE LSP.
Preference	Preference of the PCE path scope, in the range of 0 to 7. A higher value represents a higher priority.
Capabilities	PCE capability: · Path computation with GMPLS link constraints. · Bidirectional path computation. · Diverse path computation. · Load-balanced path computation. · Synchronized path computation. · Support for multiple objective functions. · Support for additive path constraints. · Support for request prioritization. · Support for multiple requests per message.

display mpls te pce peer

Use display mpls te pce peer to display information about peers that are establishing or have established PCEP sessions to the local device.

Syntax

display mpls te pce peer [ ip-address ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

ip-address: Specifies a peer by its IP address. If you do not specify this argument, the command displays information about all peers.

verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information.

Examples

# Display brief information about all peers.

<Sysname> display mpls te pce peer

Total number of peers: 1

Peer address Peer type State Mastership Role

100.100.100.100 PCE UP Normal Active

Table 32 Command output

Field	Description
Peer type	Peer type, PCC or PCE.
State	PCEP session state: · Idle—Initial state. · TCPPending—Waiting for the TCP connection to be set up. · OpenWait—Waiting for an Open message from the peer. · KeepWait—Waiting for a Keepalive message from the peer. · UP—The PCEP session is established.
Mastership	Peer role: · Normal—Normal PCC or PCE. · Primary—Primary PCE to which the CRLSP is delegated. This role is not supported in the current software version. · Backup—Backup PCE to which the CRLSP is delegated. This role is not supported in the current software version.
Role	Role of the local device in the PCEP session: · Active—Initiator of the PCEP session. · Passive—Responder of the PCEP session.

# Display detailed information about all peers.

<Sysname> display mpls te pce peer verbose

Peer address: 100.100.100.20

TCP Connection : 100.100.100.20:5696 -> 100.100.100.10:4189

Peer type : PCC

Session type : Active stateful

Session state : UP

Mastership : Normal

Role : active

Session up time : 0000 days 01 hours 03 minutes

Session ID : Local 1, Peer 1

Keepalive interval : Local 0 sec, Peer 0 sec

Recommended DeadTimer : Local 0 sec, Peer 0 sec

Tolerance:

Min keepalive interval: 10 sec

Max unknown messages : 10

Request timeout : 50 sec

Table 33 Command output

Field	Description
Peer type	Peer type, PCC or PCE.
Session type	PCEP session type: · Stateless. · Passive stateful. This type is not supported in the current software version. · Active stateful. This type is not supported in the current software version.
Session state	PCEP session state: · Idle—Initial state. · TCPPending—Waiting for the TCP connection to be set up. · OpenWait—Waiting for an Open message from the peer. · KeepWait—Waiting for a Keepalive message from the peer. · UP—The PCEP session is established.
Mastership	Peer role: · Normal—Normal PCC or PCE. · Primary—Primary PCE to which the CRLSP is delegated. This role is not supported in the current software version. · Backup—Backup PCE to which the CRLSP is delegated. This role is not supported in the current software version.
Role	Role of the local device in the PCEP session: · Active—Initiator of the PCEP session. · Passive—Responder of the PCEP session.
Min keepalive interval	Minimum acceptable keepalive interval in seconds.
Max unknown messages	Maximum number of unknown messages allowed in one minute.
Request timeout	Request timeout time in seconds.

display mpls te pce statistics

Use display mpls te pce statistics to display PCC and PCE statistics.

Syntax

display mpls te pce statistics [ ip-address ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

ip-address: Specifies a PCC or PCE by its IP address. If you do not specify this argument, the command displays statistics about all PCEs and PCCs.

Examples

# Display statistics about all PCCs and PCEs.

<Sysname> display mpls te pce statistics

PCE address: 2.2.2.9

Keepalive messages sent/received : 70/75

Open messages sent/received : 1/1

PCReq messages sent/received : 0/0

PCRep messages sent/received : 0/0

PCErr messages sent/received : 0/0

PCNtf messages sent/received : 0/0

Session setup failures : 0

Unknown messages received : 0

Unknown requests received : 0

Unknown responses received : 0

Requests sent : 0

Response is pending : 0

Response with ERO received : 0

Response with NO-PATH received : 0

Canceled by peer sending a PCNtf : 0

Canceled by peer sending a PCErr : 0

Canceled by local speaker sending a PCNtf: 0

Implicitly canceled (session down) : 0

Timeout : 0

Requests received : 0

Response is pending : 0

Response with ERO sent : 0

Response with NO-PATH sent : 0

Canceled by local speaker sending a PCNtf: 0

Canceled by local speaker sending a PCErr: 0

Canceled by peer sending a PCNtf : 0

Implicitly canceled (session down) : 0

Table 34 Command output

Field	Description
Unknown requests received	Number of unknown requests (the request ID carried in the RP object is 0) received.
Unknown responses received	Number of unknown responses (the request ID in the response does not match the one in the request) received.
Requests sent	Total number of sent requests.
Response is pending	Number of requests that are waiting for responses.
Response with ERO received	Number of requests that have received responses with ERO.
Response with NO-PATH received	Number of requests that have received responses with NO-PATH.
Cancelled by peer sending a PCNtf	Number of requests canceled byPCNtf messages sent by the peer.
Canceled by peer sending a PCErr	Number of requests canceled byPCErr messages sent by the peer.
Canceled by local speaker sending a PCNtf	Number of requests canceled by PCNtf messages sent by the local device.
Implicitly canceled(session down)	Number of requests that became invalid because the PCEP session was down.
Timeout	Number of requests that became invalid because of request timeout.
Requests received	Total number of received requests.
Response is pending	Number of requests whose responses are not sent yet.
Response with ERO sent	Number of responses sent with ERO.
Response with NO-PATH sent	Number of responses sent with NO-PATH.
Canceled by local speaker sending a PCNtf	Number of PCNtf messages for request cancellation sent by the local device.
Canceled by local speaker sending a PCErr	Number of PCErr messages for request cancellation sent by the local device.
Canceled by peer sending a PCNtf	Number of PCNtf messages for request cancellation sent by the peer.
Implicitly canceled(session down)	Number of requests that became invalid because the PCEP session was down.

display mpls te tedb

Use display mpls te tedb to display MPLS TE database (TEDB) information.

Syntax

display mpls te tedb { { isis { level-1 | level-2 } | ospf area area-id } | link ip-address | network | node [ local | mpls-lsr-id ] | summary }

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

isis: Displays TEDB information for IS-IS.

level-1: Displays TEDB information for Level-1 routers.

level-2: Displays TEDB information for Level-2 routers.

ospf area area-id: Displays TEDB information for an OSPF area. The value range for the OSPF area ID is 0 to 4294967295.

link ip-address: Displays TEDB information for a link. The ip-address argument represents the IP address of the local interface on the link.

network: Displays TEDB information for all broadcast and NBMA networks.

node: Displays TEDB information for the local or specified node. If you do not specify the local keyword or the mpls-lsr-id argument, this command displays TEDB information for all nodes.

local: Displays TEDB information for the local node.

mpls-lsr-id: Displays TEDB information for the node specified by its MPLS LSR ID.

summary: Displays summary TEDB information.

Examples

# Display TEDB information for all broadcast and NBMA networks.

<Sysname> display mpls te tedb network

DR MPLS LSR-ID DR-address IGP Process-ID Area/Level Neighbors

8.1.1.2 3.0.0.2 OSPF 100 0 1.1.1.1

2.1.1.1

8.1.1.2

2.1.1.1 3.0.0.3 OSPF 100 0 2.1.1.1

3.1.1.1

2.1.1.2

3.1.1.2 3.0.0.4 OSPF 100 0 3.1.1.1

4.1.1.1

3.1.1.2

4.1.1.2 3.0.0.5 OSPF 100 0 4.1.1.1

5.1.1.1

4.1.1.2

5.1.1.2 3.0.0.6 OSPF 100 0 5.1.1.1

6.1.1.1

5.1.1.2

6.1.1.2 3.0.0.9 OSPF 100 0 6.1.1.1

7.1.1.1

6.1.1.2

7.1.1.1 12.0.0.7 OSPF 100 0 3.1.1.1

7.1.1.1

7.1.1.2

Table 35 Command output

Field	Description
DR MPLS LSR-ID	MPLS LSR ID of a designated router (DR), in dotted decimal notation.
DR-address	Interface address of the DR.
IGP	Internal gateway protocol: OSPF or IS-IS.
Process-ID	IGP process ID.
Area/Level	OSPF area or IS-IS level of the router.
Neighbors	Router IDs of the routers that have formed full adjacencies with the DR, and router ID of the DR itself.

# Display summary TEDB information.

<Sysname> display mpls te tedb summary

MPLS LSR-ID IGP Process-ID Area/Level Links-Count

1.1.1.1 OSPF 100 1001 20

1002 30

1003 40

1004 50

1007 70

1010 80

2.1.1.1 ISIS 100 Level-1 20

Level-1 30

3.1.1.1 OSPF 100 0 4

Table 36 Command output

Field	Description
MPLS LSR-ID	MPLS LSR ID of a router, in dotted decimal notation.
IGP	Internal gateway protocol: OSPF or IS-IS.
Process-ID	IGP process ID.
Area/Level	OSPF area or IS-IS level of the router.
Links-Count	Number of links in an OSPF area or IS-IS level.

# Display TEDB information for an OSPF area.

<Sysname> display mpls te tedb ospf area 1

Node information for OSPF area 1:

MPLS LSR-ID IGP Process-ID Area Links-Count

2.2.2.2 OSPF 100 1 1

3.3.3.3 OSPF 100 1 1

Network information for OSPF area 1:

DR MPLS LSR-ID DR-address IGP Process-ID Area Neighbors

3.3.3.3 20.1.1.2 OSPF 100 1 2.2.2.2

3.3.3.3

Table 37 Command output

Field	Description
MPLS LSR-ID	MPLS LSR ID of a router, in dotted decimal notation.
IGP	Internal gateway protocol: OSPF or IS-IS.
Process-ID	IGP process ID.
Area	OSPF area of the router.
Links-Count	Number of links in the OSPF area or IS-IS level.
DR MPLS LSR-ID	MPLS LSR ID of a DR.
DR-address	Interface address of the DR.
Neighbors	Router IDs of the routers that have formed full adjacencies with the DR, and router ID of the DR itself.

# Display TEDB information for the local node in prestandard mode.

<Sysname> display mpls te tedb node local

MPLS LSR-ID: 1.1.1.1

IGP Type: OSPF Process ID: 100 Area: 1

Link[1]:

Local IP Address: 2.0.1.33

Neighbor IP Address: 2.0.1.2

Neighbor MPLS LSR-ID: 1.1.1.2

Link Type: P2P Link Status: Inactive

IGP Metric: 100 TE Metric: 100 Link Attribute: 0xff

Maximum Link Bandwidth: 100 kbps

Maximum Reservable Bandwidth: 20 kbps

Bandwidth Constraint Model: Prestandard DS-TE RDM

Bandwidth Constraints:

BC[0]: 100 kbps

BC[1]: 20 kbps

Unreserved Bandwidth for each TE class:

TE class 0: 10 kbps

TE class 1: 10 kbps

TE class 2: 10 kbps

TE class 3: 10 kbps

TE class 4: 10 kbps

TE class 5: 10 kbps

TE class 6: 10 kbps

TE class 7: 10 kbps

TE class 8: 10 kbps

TE class 9: 10 kbps

TE class 10: 10 kbps

TE class 11: 10 kbps

TE class 12: 10 kbps

TE class 13: 10 kbps

TE class 14: 10 kbps

TE class 15: 10 kbps

MPLS LSR-ID: 1.1.1.1

IGP Type: ISIS Process ID: 100 Level: Level-1

Link[1]:

Local IP Address: 2.0.1.33

Neighbor IP Address: 2.0.1.2

Neighbor MPLS LSR-ID: 1.1.1.2

Link Type: P2P Link Status: Active

IGP Metric: 10 TE Metric: 10 Link Attribute: 0x11

Maximum Bandwidth: 100 (kbps)

Maximum Reservable Bandwidth: 100 (kbps)

Bandwidth Constraint Model: Prestandard DS-TE RDM

Bandwidth Constraints:

BC[0]: 100 kbps

BC[1]: 20 kbps

Unreserved Bandwidth for each TE Class:

TE class 0: 10 kbps

TE class 1: 10 kbps

TE class 2: 10 kbps

TE class 3: 10 kbps

TE class 4: 10 kbps

TE class 5: 10 kbps

TE class 6: 10 kbps

TE class 7: 10 kbps

TE class 8: 10 kbps

TE class 9: 10 kbps

TE class 10: 10 kbps

TE class 11: 10 kbps

TE class 12: 10 kbps

TE class 13: 10 kbps

TE class 14: 10 kbps

TE class 15: 10 kbps

Table 38 Command output

Field	Description
MPLS LSR-ID	MPLS LSR ID of a router, in dotted decimal notation.
IGP Type	Internal gateway protocol: OSPF or IS-IS.
Process ID	IGP process ID.
Area	OSPF area of the router.
Level	IS-IS level of the router: Level-1 or Level-2.
Link[n]	Information about a link. n is the number of the link.
Local IP Address	Local interface address.
Neighbor IP Address	Remote interface address for a P2P or P2MP link. For an NBMA or a broadcast link, this field displays a hyphen (-).
Link Type	Link type: · P2P. · P2MP. · NBMA. · Broadcast.
Link Status	Link status: Active or Inactive.
Bandwidth Constraint Model	Bandwidth constraint model: · Prestandard DS-TE RDM. · IETF DS-TE RDM. · IETF DS-TE MAM.

# Display TEDB information for the link connected to interface 20.1.1.1 in IETF DS-TE RDM model.

<Sysname> display mpls te tedb link 20.1.1.1

MPLS LSR-ID: 2.2.2.2

IGP Type: ISIS Process ID: 100 Level: Level-1

Local IP Address: 20.1.1.1

Neighbor MPLS LSR-ID: 20.1.1.2

Link Type: Broadcast Link Status: Active

IGP Metric: 10 TE Metric: 0 Link Attribute: 0x0

Maximum Bandwidth: 0 kbps

Maximum Reservable Bandwidth: 0 kbps

Bandwidth Constraint Model: IETF DS-TE RDM

Bandwidth Constraints:

BC[0] : 0 kbps

BC[1] : 0 kbps

BC[2] : 0 kbps

BC[3] : 0 kbps

Unreserved Bandwidth for each TE class:

TE class 0: 0 kbps

TE class 1: 0 kbps

TE class 2: 0 kbps

TE class 3: 0 kbps

TE class 4: 0 kbps

TE class 5: 0 kbps

TE class 6: 0 kbps

TE class 7: 0 kbps

Table 39 Command output

Field	Description
MPLS LSR-ID	MPLS LSR ID of a router, in dotted decimal notation.
IGP Type	Internal gateway protocol: OSPF or IS-IS.
Process ID	IGP process ID.
Area	OSPF area of the router.
Level	IS-IS level of the router: Level-1 or Level-2.
Local IP Address	Local interface address.
Neighbor IP Address	Remote interface address for a P2P or P2MP link. For an NBMA or a broadcast link, this field is not displayed.
Link Type	Link type: · P2P. · P2MP. · NBMA. · Broadcast.
Link Status	Link status: Active or Inactive.
Bandwidth Constraint Mode	Bandwidth constraint model: · Prestandard DS-TE RDM. · IETF DS-TE RDM. · IETF DS-TE MAM.

display mpls te tunnel-interface

Use display mpls te tunnel-interface to display information about MPLS TE tunnel interfaces.

Syntax

display mpls te tunnel-interface [ tunnel number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

tunnel number: Displays information about the tunnel interface specified by its number. If you do not specify this option, the command displays information about all MPLS TE tunnel interfaces.

The following matrix shows the value ranges for the number argument:

Hardware	Argument compatibility	Value range
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No	N/A
MSR2600-6-X1/2600-10-X1	Yes	0 to 10239
MSR 2630	Yes	0 to 10239
MSR3600-28/3600-51	Yes	0 to 10239
MSR3600-28-SI/3600-51-SI	No	N/A
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes	0 to 10239
MSR 3610/3620/3620-DP/3640/3660	Yes	0 to 10239
MSR5620/5660/5680	Yes	0 to 10239

Hardware	Argument compatibility	Value range
MSR810-LM-GL	No	N/A
MSR810-W-LM-GL	No	N/A
MSR830-6EI-GL	No	N/A
MSR830-10EI-GL	No	N/A
MSR830-6HI-GL	No	N/A
MSR830-10HI-GL	No	N/A
MSR2600-6-X1-GL	Yes	0 to 10239
MSR3600-28-SI-GL	No	N/A

Examples

# Display information about all MPLS TE tunnel interfaces.

<Sysname> display mpls te tunnel-interface

Tunnel Name : Tunnel 0

Tunnel State : Up (Main CRLSP up)

Tunnel Attributes :

LSP ID : 1 Tunnel ID : 0

Admin State : Normal

Ingress LSR ID : 1.1.1.1 Egress LSR ID : 3.3.3.3

Signaling : Static Static CRLSP Name : static-cr-lsp-1

Static SRLSP Name : -/-

Resv Style : -

Tunnel mode : -

Reverse-LSP name : -

Reverse-LSP LSR ID : - Reverse-LSP Tunnel ID: -

Class Type : - Tunnel Bandwidth : -

Reserved Bandwidth : -

Setup Priority : 0 Holding Priority : 0

Affinity Attr/Mask : -/-

Explicit Path : -

Backup Explicit Path : -

Metric Type : TE

Record Route : - Record Label : -

FRR Flag : - Bandwidth Protection : -

Backup Bandwidth Flag: - Backup Bandwidth Type: -

Backup Bandwidth : -

Bypass Tunnel : - Auto Created : -

Route Pinning : -

Retry Limit : 10 Retry Interval : 2 sec

Reoptimization : - Reoptimization Freq : -

Backup Type : - Backup LSP ID : -

Auto Bandwidth : - Auto Bandwidth Freq : -

Min Bandwidth : - Max Bandwidth : -

Collected Bandwidth : - Service-Class : -

Table 40 Command output

Field	Description
Tunnel Name	Name of the tunnel interface.
Tunnel State	Running state of the tunnel: Down or Up. Description information includes: · Main CRLSP down. · Main CRLSP up. · Main CRLSP being set up. · Shared-resource CRLSP down. · Shared-resource CRLSP up. · Shared-resource CRLSP being set up. · Shared-resource CRLSP being activated. · Shared-resource CRLSP switching to Main CRLSP. · Backup CRLSP down. · Backup CRLSP up. · Backup CRLSP being set up. · Reverse CRLSP down. · Reverse CRLSP up. · Reverse CRLSP being set up.
Admin State	Administrative state of the tunnel interface: · Normal—The interface is not shut down by the shutdown command. · Shutdown—The tunnel interface is shut down by the shutdown command.
Signaling	Signaling protocol used to set up the tunnel: RSVP-TE or Static.
Static CRLSP Name	Static CRLSP used by the tunnel.
Static SRLSP Name	Static SRLSP used by the tunnel.
Resv Style	Resource reservation style for the CRLSPs. This field displays FF or SE for an MPLS TE tunnel that uses dynamic CRLSPs, and displays a hyphen (-) for an MPLS TE tunnel that uses static CRLSPs.
Tunnel Mode	Tunnel mode of the bidirectional tunnel: · Co-routed, active—The device is the active end of the co-routed bidirectional tunnel. · Co-routed, passive—The device is the passive end of the co-routed bidirectional tunnel. · Associated—The tunnel is an associated bidirectional tunnel.
Reverse-LSP Name	Name of the associated reverse LSP.
Reverse-LSP LSR ID	LSR ID of the reverse LSP. This field has a value for the LSR of an associated reverse LSP and the passive end of the co-routed bidirectional tunnel. For other LSPs, this field displays a hyphen (-).
Reverse-LSP Tunnel ID	Tunnel ID of the reverse LSP. This field has a value for an associated reverse LSP and the passive end of the co-routed bidirectional tunnel. For other LSPs, this field displays a hyphen (-).
Class Type	CT of the tunnel: CT 0, CT 1, CT 2, or CT 3.
Tunnel Bandwidth	Bandwidth required by the tunnel, in kbps.
Reserved Bandwidth	Bandwidth reserved for the tunnel, in kbps.
Setup Priority	Tunnel setup priority.
Holding Priority	Tunnel holding priority.
Affinity Attr/Mask	Tunnel affinity attribute and mask.
Explicit Path Name	Name of the explicit path used by the tunnel. If the path used by the tunnel is not an explicit path, this field displays a hyphen (-).
Backup Explicit Path	Name of the explicit path used by the backup tunnel. If the path used by the backup tunnel is not an explicit path, this field displays a hyphen (-).
Metric Type	Link metric type used for tunnel path selection, TE or IGP.
Bandwidth Protection	Whether FRR needs bandwidth protection, Enabled or Disabled.
Backup Bandwidth Flag	Whether the bandwidth and the type of CRLSPs that the bypass tunnel can protect have been configured (by using the mpls te backup bandwidth command): · Enabled—Configured. · Disabled—Not configured.
Backup Bandwidth Type	Class type of the traffic on the primary tunnel that the bypass tunnel can protect.
Backup Bandwidth	Bandwidth that the bypass tunnel can protect, in kbps.
Bypass Tunnel	Whether it is a bypass tunnel: Yes or No.
Auto Created	Whether the bypass tunnel is automatically created: Yes or No.
Retry Limit	Maximum number of tunnel setup retries.
Retry Interval	Tunnel setup retry interval, in seconds.
Reoptimization Freq	Tunnel reoptimization frequency, in seconds.
Backup Type	CRLSP backup mode: · None—CRLSP backup is disabled. · Hot Standby. · Ordinary.
Backup LSP ID	LSP ID of the backup tunnel.
Auto Bandwidth	State of the automatic bandwidth adjustment feature.
Auto Bandwidth Freq	Automatic bandwidth adjustment interval, in seconds.
Min Bandwidth	Minimum bandwidth (in kbps) that can be applied to the tunnel by automatic bandwidth adjustment.
Max Bandwidth	Maximum bandwidth (in kbps) that can be applied to the tunnel by automatic bandwidth adjustment.
Collected Bandwidth	Current output rate, in kbps.

display ospf mpls te advertisement

Use display ospf mpls te advertisement to display link and node information in an OSPF TEDB.

Syntax

display ospf [ process-id ] [ area area-id ] mpls te advertisement [ originate-router advertising-router-id | self-originate ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

process-id: Specifies an OSPF process ID in the range of 1 to 65535. If you do not specify this argument, the command displays information about all OSPF processes.

area area-id: Specifies an area by its ID, an IP address or a decimal integer. The integer is in the range of 0 to 4294967295. If you specify an integer, the system will translate the integer into the IP address format. If you do not specify this option, the command displays information about all areas.

originate-router advertising-router-id: Displays information originated from a router specified by its router ID.

self-originate: Displays information generated by the local router.

Examples

# Display link and node information for all processes in all areas.

<Sysname> display ospf mpls te advertisement

OSPF Process 1 with Router ID 2.2.2.2

Traffic Engineering Database

Area: 0.0.0.1

Adv Router ID : 1.1.1.1

MPLS LSR ID : 1.1.1.1

Flags : A/S/R

Router Address Count : 1

Router Address Index : 0

Instance ID : 0.0.0.0

MPLS LSR ID : 1.1.1.1

Link Count : 1

Link Index : 0

Link Type : Broadcast

Instance ID : 0.0.0.1

Link Flags : -/U/-

Link ID : 197.168.1.1

TE Metric : 1000

IGP Metric : 1000

Maximum Bandwidth : 12500000 bytes/sec

Maximum Reservable BW : 0 bytes/sec

Administrative Group : 0x0

Unreserved Bandwidth for each TE Class:

TE class 0 = 0 bytes/sec

TE class 1 = 0 bytes/sec

TE class 2 = 0 bytes/sec

TE class 3 = 0 bytes/sec

TE class 4 = 0 bytes/sec

TE class 5 = 0 bytes/sec

TE class 6 = 0 bytes/sec

TE class 7 = 0 bytes/sec

TE class 8 = 0 bytes/sec

TE class 9 = 0 bytes/sec

TE class 10 = 0 bytes/sec

TE class 11 = 0 bytes/sec

TE class 12 = 0 bytes/sec

TE class 13 = 0 bytes/sec

TE class 14 = 0 bytes/sec

TE class 15 = 0 bytes/sec

Bandwidth Constraint Model: Prestandard DS-TE RDM

Bandwidth Constraints:

BC [ 0] = 0 bytes/sec

BC [ 1] = 0 bytes/sec

Local Interface Address : 197.168.1.1

Remote Interface Address : 197.168.1.11

Table 41 Command output

Field	Description
Adv Router ID	ID of the router that advertised TE information.
MPLS LSR ID	MPLS LSR ID of the router that advertised TE information.
Flags	TE information flags: · A—Already synchronized information with CSPF. · S—Ready to synchronize information with CSPF. · R—The router that advertised information is reachable.
Router Address Count	Number of Router TLV messages in TEDB.
Router Address Index	Index of the current Router TLV message.
Instance ID	LSA instance ID.
Link Count	Number of Link TLV messages in TEDB.
Link Index	Index of the current Link TLV message.
Link Type	Link types: · Point to Point. · Point to Multi Point. · Broadcast. · NBMA.
Link Flags	Link information flags: · A—Already synchronized information with CSPF. · U—Ready to update information with CSPF again after the previous update failed. · D—Ready to delete information from CSPF again after the previous deletion failed.
Link ID	Link state ID.
IGP Metric	OSPF protocol metric.
Administrative Group	Link attributes.
Bandwidth Constraint Model	Bandwidth constraint model: Prestandard DS-TE RDM, IETF DS-TE RDM, or IETF DS-TE MAM.
Bandwidth Constraints	This field takes effect only on DS-TEs.
BC	Bandwidth constraint value. The Prestandard mode supports two BCs, and the IETF mode supports four BCs.

display ospf mpls te network

Use display ospf mpls te network to display network information in an OSPF TEDB.

Syntax

display ospf [ process-id ] [ area area-id ] mpls te network [ originate-router advertising-router-id | self-originate ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

process-id: Specifies an OSPF process ID in the range of 1 to 65535. If you do not specify this argument, the command displays information about all OSPF processes.

area area-id: Specifies an area by its ID, an IP address or a decimal integer, in the range of 0 to 4294967295. If you specify an integer, the system will translate the integer into the IP address format. If you do not specify this option, the command displays information about all areas.

originate-router advertising-router-id: Displays information originated from a router specified by its router ID.

self-originate: Displays information generated by the local router.

Examples

# Display network information for all processes in all areas.

<Sysname> display ospf mpls te network

OSPF Process 1 with Router ID 12.1.1.1

Traffic Engineering Network

Area: 0.0.0.0

Adv Router ID : 1.1.1.1

Designated Router : 197.168.1.1

Flags : -/U/-

Attached Router 2.2.2.2

Attached Router 1.1.1.1

Table 42 Command output

Field	Description
Adv Router ID	ID of the router that advertised the TE network information.
Designated Router	IP address of the designated router.
Flag	Network information flags: · A—Already synchronized information with CSPF. · U—Ready to update information with CSPF again after the previous update failed. · D—Ready to delete information from CSPF again after the previous deletion failed.
Attached Router	ID of the attached router.

display ospf mpls te pce

Use display ospf mpls te pce to display information about PCEs discovered by OSPF.

Syntax

display ospf [ process-id ] [ area area-id ] mpls te pce [ originate-router advertising-router-id | self-originate ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

process-id: Specifies an OSPF process ID in the range of 1 to 65535. If you do not specify this argument, the command displays information about all OSPF processes.

originate-router advertising-router-id: Displays information originated from a router specified by its router ID.

self-originate: Displays information generated by the local router.

Examples

# Display PCE information for all processes in all areas.

<Sysname> display ospf mpls te pce

OSPF Process 1 with Router ID 2.1.1.1

Path Computation Element

Area: 0.0.0.1

Adv Router ID : 2.1.1.1

PCE Address : 5.6.7.8

Flags : A/-/R/E

PCE Path Scopes:

Path Scope Preference

L (PCE for intra-area) 7

R (PCE for inter-area) 6

PCE Capabilities:

Bidirectional path computation

Support for request prioritization

Support for multiple requests per message

PCE Domain List:

Area 0.0.0.1

Area 0.0.0.3

PCE Neighbor Domain List:

Area 0.0.0.2

Table 43 Command output

Field	Description
Adv Router ID	ID of the router that advertised the information.
Flags	PCE information flag: · A—Already synchronized information with PCEP. · U—Ready to update information with PCEP again after the previous update failed. · D—Ready to delete information from PCEP again after the previous deletion failed. · R—The router that advertised information is reachable. · E—PCE information is valid.
Path Scope	PCE path scope: · L (PCE for intra-area). · R (PCE for inter-area). · Rd (Default PCE for inter-area). · S (PCE for inter-AS). · Sd (Default PCE for inter-AS). · Y (PCE for inter-layer).
Preference	Preference of the PCE path scope, in the range of 0 to 7. A higher value represents a higher priority.
PCE Capabilities	PCE capability: · Path computation with GMPLS link constraints. · Bidirectional path computation. · Diverse path computation. · Load-balanced path computation. · Synchronized path computation. · Support for multiple objective functions. · Support for additive path constraints. · Support for request prioritization. · Support for multiple requests per message.
PCE Domain List	List of local domains that support TE on the PCE.
PCE Neighbor Domain List	List of neighbor domains that support TE on the PCE.
Area	Area that supports TE.
AS	AS that supports TE.

display ospf mpls te tunnel

Use display ospf mpls te tunnel to display MPLS TE tunnel interface information for OSPF.

Syntax

display ospf [ process-id ] [ area area-id ] mpls te tunnel

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

process-id: Specifies an OSPF process ID in the range of 1 to 65535. If you do not specify this argument, the command displays information about all OSPF processes.

Examples

# Display MPLS TE tunnel interface information for all OSPF processes in all areas.

<Sysname> display ospf mpls te tunnel

OSPF Process 1 with Router ID 2.2.2.2

Traffic Engineering Tunnel

Area: 0.0.0.1

Interface: Tunnel1 (12.1.1.2)

State: Inactive

Neighbor ID: 0.0.0.0 Cost: 0

Destination: 125.1.1.1

Auto Route: IGP Shortcut

Metric: Relative 10

Table 44 Command output

Field	Description
Interface	Name and IP address of a tunnel interface.
State	Tunnel interface states: · Inactive—The tunnel interface is not used to forward packets, because the tunnel route is not the optimal route. · Active—The tunnel interface is used to forward packets, because the tunnel route is the optimal route.
Neighbor ID	Router ID for the tunnel destination.
Cost	Route cost of the tunnel interface.
Destination	LSR ID for the tunnel destination.
Auto Route	Automatic route advertisement method: IGP Shortcut or IGP Advertise. IGP Advertise indicates that forwarding adjacency is enabled.
Metric	Absolute or relative metric of the MPLS TE tunnel.

display tunnel-bundle

Use display tunnel-bundle to display information about tunnel bundle interfaces and their member interfaces.

Syntax

display tunnel-bundle [ number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

number: Specifies a tunnel bundle interface and its member interfaces by the tunnel bundle interface number. If you do not specify this argument, the command displays information about all tunnel bundle interfaces and their member interfaces.

The following matrix shows the value ranges for the number argument:

Hardware	Argument compatibility	Value range
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No	N/A
MSR2600-6-X1/2600-10-X1	Yes	0 to 1023
MSR 2630	Yes	0 to 1023
MSR3600-28/3600-51	Yes	0 to 1023
MSR3600-28-SI/3600-51-SI	No	N/A
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes	0 to 2047
MSR 3610/3620/3620-DP/3640/3660	Yes	0 to 2047
MSR5620/5660/5680	Yes	0 to 4095

Hardware	Argument compatibility	Value range
MSR810-LM-GL	No	N/A
MSR810-W-LM-GL	No	N/A
MSR830-6EI-GL	No	N/A
MSR830-10EI-GL	No	N/A
MSR830-6HI-GL	No	N/A
MSR830-10HI-GL	No	N/A
MSR2600-6-X1-GL	Yes	0 to 1023
MSR3600-28-SI-GL	No	N/A

Examples

# Display information about all tunnel bundle interfaces and their member interfaces.

<Sysname> display tunnel-bundle

Total number of tunnel bundles: 1, 1 up, 0 down

Tunnel bundle name: Tunnel-Bundle 1

Bundle state : Up

Bundle attributes :

Working mode : Load Balancing

Tunnel type : CR-LSP

Tunnel destination : 2.2.2.2

Bundle members:

Member State Load-share

Tunnel2 Up 2

Tunnel3 Down 3

Tunnel6 Down 3

Table 45 Command output

Field	Description
Working mode	Tunnel bundle interface operating modes: · Load Balancing. · 1+1—1+1 protection switching mode. · 1:1—1:1 protection switching mode. For more information about 1+1 and 1:1 protection switching modes, see MPLS Configuration Guide.
Tunnel type	This field supports only CRLSP.
Tunnel destination	Destination address for the tunnel bundle interface.
Load-share	Weight of the interface for load sharing. This field is displayed when the tunnel bundle interface operates in Load Balancing mode.
Role	Role of a member interface. This field is displayed when the tunnel bundle interface operates in 1+1 or 1:1 mode. · Working—The tunnel for the member interface is the working tunnel. · Protection—The tunnel for the member interface is the protection tunnel.

ds-te bc-model

Use ds-te bc-model to specify the bandwidth constraint (BC) model used in IETF DS-TE.

Use undo ds-te bc-model to restore the default.

Syntax

ds-te bc-model mam

undo ds-te bc-model

Default

The BC model of IETF DS-TE is Russian Dolls Model (RDM).

Views

MPLS TE view

Predefined user roles

network-admin

Parameters

mam: Specifies the BC model as Maximum Allocation Model (MAM).

Usage guidelines

RDM does not define the bandwidth for one class type (CT) but limits the shared bandwidth for multiple CTs. In cooperation with priority preemption, the RDM model can also implement the isolation between CTs, ensuring each CT its share of bandwidth. RDM is suitable for networks where traffic is unstable and traffic bursts might occur.

MAM constrains the bandwidth for only one CT on an interface. This ensures isolation between CTs no matter whether preemption is used or not. Compared with RDM, MAM is easy to understand and configure. MAM is suitable for networks where traffic of each CT is stable.

This command applies only to IETF DS-TE. The prestandard DS-TE only uses RDM.

After you change the BC model in IETF DS-TE mode, all nonzero-bandwidth CRLSPs on the device are deleted and then re-established.

Examples

# Specify the BC model of IETF DS-TE as MAM.

<Sysname> system-view

[Sysname] mpls te

[Sysname-te] ds-te bc-model mam

Related commands

display mpls te ds-te

ds-te mode

ds-te te-class

Use ds-te te-class to configure a TE class used in IETF DS-TE mode.

Use undo ds-te te-class to restore the default.

Syntax

ds-te te-class te-class-index class-type class-type-number priority priority

undo ds-te te-class te-class-index

Default

Table 46 Default TE classes in IETF mode

TE class	CT	Priority
0	0	7
1	1	7
2	2	7
3	3	7
4	0	0
5	1	0
6	2	0
7	3	0

Views

MPLS TE view

Predefined user roles

network-admin

Parameters

te-class-index: Specifies a TE class index in the range of 0 to 7.

class-type class-type-number: Specifies a CT by its number in the range of 0 to 3. The system supports four CTs, CT 0 through CT 3.

priority priority: Specifies a priority number in the range of 0 to 7.

Usage guidelines

The setup or/and holding priority of the LSP transporting a traffic trunk from a CT must be the priority specified for the CT in the TE class.

When you configure a TE class, make sure to specify a CT-priority pair different from that in any existing TE class.

When you restore the default settings for a TE class, make sure the default CT-priority pair is different from the CT-priority pair of an existing TE class.

After a TE class is modified, the device performs the following operations:

1. Notifies the IGP to re-advertise the bandwidth information for all TE interfaces.

2. Removes and then re-establishes the CRLSPs of the TE class on all TE interfaces.

Examples

# Specify CT 2 and priority 3 for TE class 7 in IETF DS-TE mode.

<Sysname> system-view

[Sysname] mpls te

[Sysname-mpls] ds-te te-class 7 class-type 2 priority 3

Related commands

display mpls te ds-te

ds-te mode

Use ds-te mode to configure the DS-TE mode.

Use undo ds-te mode to restore the default.

Syntax

ds-te mode ietf

undo ds-te mode

Default

The DS-TE mode is prestandard.

Views

MPLS TE view

Predefined user roles

network-admin

Parameters

ietf: Specifies the DS-TE mode as IETF.

Usage guidelines

The prestandard and IETF modes of DS-TE have the following differences:

· The prestandard mode supports two CTs (CT 0 and CT 1), eight priorities, and a maximum of 16 TE classes. The IETF mode supports four CTs (CT 0 through CT 3), eight priorities, and a maximum of eight TE classes.

· The prestandard mode does not allow you to configure TE classes. The IETF mode allows for TE class configuration.

· The prestandard mode supports only RDM. The IETF mode supports both RDM and MAM.

· A device operating in prestandard mode cannot communicate with devices from some vendors. A device operating in IETF mode can communicate with devices from other vendors.

Be aware of these differences and choose a proper DS-TE mode as needed.

After the DS-TE mode is changed, all CRLSPs on the device are deleted and then re-established.

Examples

# Configure the DS-TE mode as IETF.

<Sysname> system-view

[Sysname] mpls te

[Sysname-te] ds-te mode ietf

Related commands

display mpls te ds-te

ds-te bc-model

explicit-path

Use explicit-path to create an explicit path and enter its view, or enter the view of an existing explicit path.

Use undo explicit-path to remove an explicit path.

Syntax

explicit-path path-name

undo explicit-path path-name

Default

No explicit paths exist.

Views

System view

Predefined user roles

network-admin

Parameters

path-name: Specifies a name for the explicit path, a case-sensitive string of 1 to 31 characters.

Usage guidelines

In explicit path view, you can use the nexthop command to explicitly specify a node or link that a tunnel must or must not traverse.

After a tunnel is associated with an explicit path, the record route flag is automatically set for the tunnel, regardless of the mpls te record-route command setting.

Examples

# Create an explicit path named path1 and enter its view.

<Sysname> system-view

[Sysname] explicit-path path1

[Sysname-explicit-path-path1]

Related commands

display explicit-path

mpls te backup-path

mpls te path

nexthop

fast-reroute timer

Use fast-reroute timer to set the interval for selecting an optimal bypass tunnel.

Use undo fast-reroute timer to restore the default.

Syntax

fast-reroute timer interval

undo fast-reroute timer

Default

The optimal bypass tunnel selection interval is 300 seconds.

Views

MPLS TE view

Predefined user roles

network-admin

Parameters

interval: Specifies the interval for selecting an optimal bypass tunnel, in the range of 0 to 604800 seconds. If you set the interval to 0 seconds, RSVP does not periodically select an optimal bypass tunnel.

Usage guidelines

If you have specified multiple bypass tunnels for a primary CRLSP, MPLS TE selects an optimal bypass tunnel to protect the primary CRLSP. Sometimes, a bypass tunnel might become better than the current optimal bypass tunnel because, for example, the reservable bandwidth changes. Therefore, MPLS TE must poll the bypass tunnels periodically to update the optimal bypass tunnel.

NOTE:

After traffic is switched from the primary CRLSP to a bypass tunnel, MPLS TE no longer periodically selects optimal bypass tunnels for the primary CRLSP.

Examples

# Set the optimal bypass tunnel selection interval to 120 seconds.

<Sysname> system-view

[Sysname] mpls te

[Sysname-te] fast-reroute timer 120

interface tunnel-bundle

Use interface tunnel-bundle to create a tunnel bundle interface in load sharing mode, and enter tunnel bundle interface view, or enter the view of an existing tunnel bundle interface.

Use undo interface tunnel-bundle to delete a tunnel bundle interface.

Syntax

interface tunnel-bundle number

undo interface tunnel-bundle number

Default

No tunnel bundle interfaces exist.

Views

System view

Predefined user roles

network-admin

Parameters

number: Specifies the tunnel bundle interface number.

The following matrix shows the value ranges for the number argument:

Hardware	Argument compatibility	Value range
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No	N/A
MSR2600-6-X1/2600-10-X1	Yes	0 to 1023
MSR 2630	Yes	0 to 1023
MSR3600-28/3600-51	Yes	0 to 1023
MSR3600-28-SI/3600-51-SI	No	N/A
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes	0 to 2047
MSR 3610/3620/3620-DP/3640/3660	Yes	0 to 2047
MSR5620/5660/5680	Yes	0 to 4095

Hardware	Argument compatibility	Value range
MSR810-LM-GL	No	N/A
MSR810-W-LM-GL	No	N/A
MSR830-6EI-GL	No	N/A
MSR830-10EI-GL	No	N/A
MSR830-6HI-GL	No	N/A
MSR830-10HI-GL	No	N/A
MSR2600-6-X1-GL	Yes	0 to 1023
MSR3600-28-SI-GL	No	N/A

Usage guidelines

You can specify multiple member interfaces (MPLS TE tunnel interfaces) for a tunnel bundle interface. The member interfaces form a tunnel bundle. When the outgoing interface is the tunnel bundle interface, traffic can be forwarded through multiple MPLS TE tunnels, and load sharing is implemented.

Examples

# Create tunnel bundle interface Tunnel-Bundle 2 in load sharing mode, and enter the interface's view.

<Sysname> system-view

[Sysname] interface tunnel-bundle 2

[Sysname-tunnel-bundle2]

Related commands

destination

display tunnel-bundle

member interface

link-management periodic-flooding timer

Use link-management periodic-flooding timer to set the interval at which IGP floods TE information.

Use undo link-management periodic-flooding timer to restore the default.

Syntax

link-management periodic-flooding timer interval

undo link-management periodic-flooding timer

Default

The IGP floods TE information every 180 seconds.

Views

MPLS TE view

Predefined user roles

network-admin

Parameters

interval: Specifies the interval at which IGP floods TE information, in the range of 0 to 3600 seconds.

Usage guidelines

When the reservable bandwidth of a link changes, IGP floods the link TE information to notify network devices of the change. You can use the mpls te bandwidth change thresholds command to configure IGP to flood only significant bandwidth changes of a link to prevent excessive IGP flooding. The bandwidth changes that cannot trigger immediate flooding are flooded at the interval configured by the link-management periodic-flooding timer command.

If you set the interval to 0, the periodical flooding feature is disabled. If you set the interval to a value less than 30 seconds (1 to 29 seconds), the device automatically sets the interval to 30 seconds.

After you execute this command, the configured interval takes effect immediately.

Examples

# Configure IGP to flood TE information every 100 seconds.

<Sysname> system-view

[Sysname] mpls te

[Sysname-te] link-management periodic-flooding timer 100

Related commands

mpls te bandwidth change thresholds

member interface

Use member interface to specify a member interface for a tunnel bundle interface.

Use undo member interface to delete a member interface from a tunnel bundle interface.

Syntax

member interface tunnel tunnel-number [ load-share value ]

undo member interface tunnel tunnel-number

Default

No member interface is specified for a tunnel bundle interface.

Views

Tunnel bundle interface view

Predefined user roles

network-admin

Parameters

tunnel tunnel-number: Specifies a member interface by its interface number.

The following matrix shows the value ranges for the tunnel-number argument:

Hardware	Argument compatibility	Value range
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No	N/A
MSR2600-6-X1/2600-10-X1	Yes	0 to 10239
MSR 2630	Yes	0 to 10239
MSR3600-28/3600-51	Yes	0 to 10239
MSR3600-28-SI/3600-51-SI	No	N/A
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes	0 to 10239
MSR 3610/3620/3620-DP/3640/3660	Yes	0 to 10239
MSR5620/5660/5680	Yes	0 to 10239

Hardware	Argument compatibility	Value range
MSR810-LM-GL	No	N/A
MSR810-W-LM-GL	No	N/A
MSR830-6EI-GL	No	N/A
MSR830-10EI-GL	No	N/A
MSR830-6HI-GL	No	N/A
MSR830-10HI-GL	No	N/A
MSR2600-6-X1-GL	Yes	0 to 10239
MSR3600-28-SI-GL	No	N/A

load-share value: Configures a weight for a member interface, in the range of 1 to 65535. The default value is 1.

Usage guidelines

You can specify multiple member interfaces for a tunnel bundle interface.

Traffic is shared on the member interfaces in proportion of their weights. If the member interfaces have the same weight, they will share the same load.

For example, a tunnel bundle interface has three member interfaces. The weights for the member interfaces are 1, 1, and 2, respectively. The proportions of traffic forwarded by the member interfaces are 1/4, 1/4, and 1/2, respectively. If you configure the weights for the member interfaces as 2, 2, and 4, the traffic forwarding proportions of the member interfaces are still 1/4, 1/4, and 1/2, respectively.

Examples

# Specify Tunnel 1 and Tunnel 2 as the member interfaces for Tunnel-Bundle 2, and configure the weights of the member interfaces as 1 and 3, respectively.

<Sysname> system-view

[Sysname] interface tunnel-bundle 2

[Sysname-tunnel-bundle2] member interface tunnel 1

[Sysname-tunnel-bundle2] member interface tunnel 2 load-share 3

Related commands

display tunnel-bundle

mpls te

Use mpls te to enable MPLS TE for the local node and enter MPLS TE view.

Use undo mpls te to disable MPLS TE for the local node.

Syntax

mpls te

undo mpls te

Default

MPLS TE is disabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

Disabling MPLS TE also deletes all CRLSPs on the device and MPLS TE configurations on all interfaces.

Examples

# Enable MPLS TE for the local node and enter MPLS TE view.

<Sysname> system-view

[Sysname] mpls lsr-id 1.1.1.9

[Sysname] mpls te

[Sysname-te]

Related commands

mpls te enable

mpls te affinity-attribute

Use mpls te affinity-attribute to set an affinity for a tunnel.

Use undo mpls te affinity-attribute to restore the default.

Syntax

mpls te affinity-attribute attribute-value [ mask mask-value ]

undo mpls te affinity-attribute

Default

The affinity is 0x00000000, and the mask is 0x00000000. That is, a tunnel can use any link.

Views

Tunnel interface view

Predefined user roles

network-admin

Parameters

attribute-value: Specifies the affinity value in the range of 0x00000000 to 0xFFFFFFFF. An affinity is a 32-bit binary number. Each bit of the affinity represents an attribute, which takes a value of 0 or 1.

mask mask-value: Specifies the mask of the affinity bits, in the range of 0x00000000 to 0xFFFFFFFF. A mask is a 32-bit binary number. Each bit of the mask determines whether to check the corresponding bit of the link attribute. If the mask bit is 1, the corresponding link attribute bit must be checked with the affinity bit. The link can be used by the tunnel only when the link attribute bit meets certain requirements. If the mask bit is 0, the corresponding link attribute bit is not checked.

Usage guidelines

Affinity determines which links a tunnel can use. The affinity attribute and its mask, and the link attribute are all 32-bit long. A link is available for a tunnel if the link attribute meets the following requirements:

· The link attribute bits corresponding to the affinity attribute's 1 bits whose mask bits are 1 must have a minimum of one bit set to 1.

· The link attribute bits corresponding to the affinity attribute's 0 bits whose mask bits are 1 must have no bit set to 1.

The link attribute bits corresponding to the 0 bits in the affinity mask are not checked.

For example, if the affinity is 0xFFFFFFF0 and the mask is 0x0000FFFF, a link is available for the tunnel when its attribute bits meet the following requirements:

· The highest 16 bits each can be 0 or 1 (no requirements).

· The 17th through 28th bits must have a minimum of one bit whose value is 1.

· The lowest four bits must be 0.

Examples

# Set the tunnel affinity to 0x101 and mask to 0x303. Then, a link is available for the tunnel only when the link attribute bits (from left to right) meet the following requirements:

· The 23rd bit is 0.

· The 31st bit is 0.

· A minimum of one bit from the 24th to 32nd bits must be 1.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te affinity-attribute 101 mask 303

Related commands

display mpls te tunnel-interface

mpls te link-attribute

mpls te auto-bandwidth

Use mpls te auto-bandwidth to enable automatic bandwidth adjustment or output rate collection for an MPLS TE tunnel.

Use undo mpls te auto-bandwidth to disable automatic bandwidth adjustment or output rate collection for an MPLS TE tunnel.

Syntax

mpls te auto-bandwidth { adjustment [ frequency seconds ] [ max-bw max-bandwidth | min-bw min-bandwidth ] * | collect-bw [ frequency seconds ] }

undo mpls te auto-bandwidth

Default

Automatic bandwidth adjustment and output rate collection are disabled for an MPLS TE tunnel.

Views

Tunnel interface view

Predefined user roles

network-admin

Parameters

adjustment: Enables automatic bandwidth adjustment for the tunnel.

collect-bw: Enables output rate collection for the tunnel, but does not adjust the tunnel's bandwidth.

frequency seconds: Specifies the automatic bandwidth adjustment interval (with the adjustment keyword) or the output rate collection interval (with the collect-bw keyword). The value range for the seconds argument is 300 to 604800, in seconds. The default interval is 86400 seconds.

max-bw max-bandwidth: Specifies the maximum automatic bandwidth for the tunnel, in the range of 1 to 4294967295, in kbps. If you do not specify this option, TE does not limit the maximum bandwidth value.

min-bw min-bandwidth: Specifies the minimum automatic bandwidth for the tunnel, in the range of 1 to 4294967295, in kbps. If you do not specify this option, TE does not limit the minimum bandwidth value.

Usage guidelines

Automatic bandwidth adjustment functions as follows:

1. Samples the tunnel interface output rate at regular intervals.

The sampling interval is specified by using the auto-bandwidth enable command.

2. Calculates the average output rate in each sampling interval.

3. Adjusts the MPLS TE tunnel bandwidth to the maximum average output rate when the automatic bandwidth adjustment interval is reached.

The maximum average output rate refers to the largest of all average output rates calculated in the sampling intervals during the automatic bandwidth adjustment interval. As a best practice, set the bandwidth adjustment interval to a value a minimum of 3 times the sampling interval to get the accurate output rate.

4. Establishes a new CRLSP based on the adjusted bandwidth.

5. Switches traffic to the new CRLSP, and then deletes the old CRLSP.

The output rate collection feature collects the tunnel output rate regularly at the specified collection interval. The collected output rate is the largest of all average output rates calculated in the sampling intervals during the collection interval.

To enable MPLS TE to adjust bandwidth or collects the output rate for an MPLS TE tunnel, perform the following tasks:

· Enable the global automatic bandwidth adjustment by using the auto-bandwidth enable command in MPLS TE view.

· Enable automatic bandwidth adjustment or output rate collection for the MPLS TE tunnel by using the mpls te auto-bandwidth command.

In the same tunnel interface view, the mpls te auto-bandwidth command is mutually exclusive with these commands: mpls te reoptimization, mpls te route-pinning, and mpls te backup.

If both the mpls te auto-bandwidth and mpls te bidirectional commands are configured, only the mpls te bidirectional command takes effect.

Examples

# Enable automatic bandwidth adjustment for MPLS TE Tunnel 0, and set the adjustment interval to 3600 seconds.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te auto-bandwidth adjustment frequency 3600

Related commands

auto-bandwidth enable

display mpls te tunnel-interface

reset mpls te auto-bandwidth-adjustment timers

mpls te auto-tunnel backup disable

Use mpls te auto-tunnel backup disable to disable the auto FRR feature on an RSVP-enabled interface.

Use undo mpls te auto-tunnel backup disable to enable the auto FRR feature on an RSVP-enabled interface.

Syntax

mpls te auto-tunnel backup disable

undo mpls te auto-tunnel backup disable

Default

The auto FRR feature is enabled on all RSVP-enabled interfaces after it is enabled globally.

Views

Interface view

Predefined user roles

network-admin

Usage guidelines

The auto FRR feature allows an interface to automatically set up a node-protection bypass tunnel and a link-protection bypass tunnel for each of its primary CRLSPs. The egress interface of the primary CRLSPs is the interface itself.

Bypass tunnels are set up before the primary CRLSP fails. Therefore, they use extra bandwidth. To save network bandwidth, configure auto FRR only for key interfaces. On other interfaces, use the mpls te auto-tunnel backup disable command to disable the interfaces from automatically setting up bypass tunnels.

Execution of the mpls te auto-tunnel backup disable command deletes all existing bypass tunnels automatically created on the interface.

Examples

# Disable auto FRR on interface GigabitEthernet 2/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 2/0/1

[Sysname-GigabitEthernet2/0/1] mpls te auto-tunnel backup disable

Related commands

auto-tunnel backup

mpls te backup

Use mpls te backup to enable tunnel backup and specify the backup mode for a tunnel.

Use undo mpls te backup to disable tunnel backup.

Syntax

mpls te backup { hot-standby | ordinary }

undo mpls te backup

Default

Tunnel backup is disabled.

Views

Tunnel interface view

Predefined user roles

network-admin

Parameters

hot-standby: Enables hot backup for the tunnel. In this mode, a backup CRLSP is established immediately after the primary CRLSP is established. When the primary CRLSP fails, MPLS TE immediately switches traffic to the backup CRLSP.

ordinary: Enables ordinary backup for the tunnel. In this mode, a backup CRLSP is established after the primary CRLSP fails.

Usage guidelines

After you execute this command for a tunnel, the record route flag is automatically set for the tunnel, regardless of whether the mpls te record-route command is configured.

In the same tunnel interface view, the mpls te backup command is mutually exclusive with the mpls te reoptimization and mpls te auto-bandwidth adjustment commands.

If both the mpls te backup and mpls te bidirectional commands are configured, only the mpls te bidirectional command takes effect.

Examples

# Enable hot backup for Tunnel 0.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te backup hot-standby

Related commands

mpls te backup-path

mpls te backup bandwidth

Use mpls te backup bandwidth to configure the bandwidth and the CT that the bypass tunnel can protect.

Use undo mpls te backup bandwidth to restore the default.

Syntax

mpls te backup bandwidth [ ct0 | ct1 | ct2 | ct3 ] { bandwidth | un-limited }

undo mpls te backup bandwidth

Default

The bandwidth and the CT that the bypass tunnel can protect are not specified.

Views

Tunnel interface view

Predefined user roles

network-admin

Parameters

bandwidth: Specifies the total bandwidth that the bypass tunnel can protect, in the range of 1 to 4294967295, in kbps.

ct0: Specifies the bypass tunnel to protect only CRLSPs of CT 0.

ct1: Specifies the bypass tunnel to protect only CRLSPs of CT 1.

ct2: Specifies the bypass tunnel to protect only CRLSPs of CT 2.

ct3: Specifies the bypass tunnel to protect only CRLSPs of CT 3.

un-limited: Puts no limit on total protected bandwidth. This keyword means the bypass tunnel does not provide bandwidth protection.

Usage guidelines

If you specify the un-limited keyword, the bypass tunnel does not provide bandwidth protection. FRR does not guarantee the bandwidth of the protected tunnels. If the sum of traffic of the protected tunnels exceeds the actual bandwidth of the bypass tunnel, traffic of protected tunnels might be lost. The primary CRLSP that does not need bandwidth protection prefers this type of bypass tunnels over other types of bypass tunnels.

If you specify the bandwidth argument, the bypass tunnel provides bandwidth protection. The primary CRLSP that needs bandwidth protection prefers this type of bypass tunnels over other types of bypass tunnels. If you set the value for the bandwidth argument to 0, the bypass tunnel performs best-effort forwarding for the traffic of primary CRLSP, and the occupied bandwidth is not fixed. Therefore, this type of bypass tunnel cannot protect a primary CRLSP with the bandwidth 0 or a primary CRLSP whose bandwidth exceeds the protected bandwidth.

The specified bandwidth value must be less than the actual bandwidth of the bypass tunnel. Otherwise, the bypass tunnel will be overwhelmed after FRR, and the protected tunnel might be torn down.

After an FRR, the primary CRLSP will be down if you modify the bandwidth that the bypass tunnel can protect and your modification results in one of the following:

· The CT type changes.

· The bypass tunnel cannot protect adequate bandwidth as configured.

· FRR protection type (whether or not to provide bandwidth protection for the primary CRLSP) changes.

The bandwidth value specified is used only for calculating and determining the bandwidth protection relationship between a primary CRLSP and a bypass tunnel. The bandwidth is not reserved on the bypass tunnel.

If no CT is specified, CRLSPs of all CTs can use the bypass tunnel.

After you execute this command for a tunnel, the record route flag is automatically set for the tunnel, regardless of whether the mpls te record-route command is configured.

Examples

# Configure Tunnel 0 to provide protection for CRLSPs of CT 0 without constraining the protected bandwidth. Configure Tunnel 1 to provide protection for CRLSPs of CT 1 and protect a maximum of 1000 kbps bandwidth.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te backup bandwidth ct0 un-limited

[Sysname-Tunnel0] quit

[Sysname] interface tunnel 1 mode mpls-te

[Sysname-Tunnel1] mpls te backup bandwidth ct1 1000

Related commands

display mpls te tunnel-interface

mpls te fast-reroute

mpls te backup-path

Use mpls te backup-path to specify a path for the backup CRLSP and set the preference of the path.

Use undo mpls te backup-path to delete the specified path for the backup CRLSP.

Syntax

mpls te backup-path preference value { dynamic [ pce [ ip-address ]&<0-8> ] | explicit-path path-name } [ no-cspf ]

undo mpls te backup-path preference value

Default

MPLS TE uses the dynamically calculated path to establish the backup CRLSP.

Views

Tunnel interface view

Predefined user roles

network-admin

Parameters

preference value: Specifies a preference value for a path, in the range of 1 to 10. A smaller value represents a higher preference.

dynamic: Uses the path dynamically calculated by CSPF to establish the backup CRLSP.

pce: Uses the path calculated by PCEs to establish the CRLSP. If you do not specify this keyword, the local LSR uses the path dynamically calculated by CSPF.

[ ip-address ]&<0-8>: Specifies a space-separated list of a maximum of eight PCE addresses. If you do not specify a PCE address, the system automatically selects a PCE from the discovered PCEs. If you specify more than one PCE address, a BRPC calculation will be performed on the specified PCEs in configuration order.

explicit-path path-name: Uses the specified explicit path to establish the backup CRLSP. The path-name argument specifies the name of an explicit path, a case-sensitive string of 1 to 31 characters.

no-cspf: Calculates the path by searching the routing table instead of using the CSPF algorithm.

Usage guidelines

You can specify a maximum of 10 backup paths for a tunnel interface. The backup paths must have different preferences.

When establishing a backup CRLSP, MPLS TE performs CSPF calculations using the specified paths in the descending order of preference until the backup CRLSP is established successfully. If the CSPF calculations for all paths are failed, the backup CRLSP cannot be established.

This command takes effect only when backup has been enabled for the current tunnel by using the mpls te backup command.

If you specify PCE addresses in this command or in the mpls te path command, the local device establishes PCEP sessions to the specified PCEs. If you do not specify a PCE address, the local device establishes PCEP sessions to all discovered PCEs.

Examples

# Configure interface Tunnel 0 to use explicit path path1 and the path calculated by PCEs to establish a backup CRLSP. Set a higher preference for the path calculated by PCEs.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te backup-path preference 2 explicit-path path1

[Sysname-Tunnel0] mpls te backup-path preference 1 dynamic pce 1.1.1.9 2.2.2.9

Related commands

display mpls te tunnel-interface

mpls te backup

mpls te path

mpls te bandwidth

Use mpls te bandwidth to assign bandwidth to the MPLS TE tunnel and specify a class type (CT) for the tunnel.

Use undo mpls te bandwidth to restore the default.

Syntax

mpls te bandwidth [ ct0 | ct1 | ct2 | ct3 ] bandwidth

undo mpls te bandwidth

Default

No bandwidth (0 bps) is assigned to an MPLS TE tunnel and the tunnel is available for CT 0.

Views

Tunnel interface view

Predefined user roles

network-admin

Parameters

ct0: Specifies CT 0 for the tunnel.

ct1: Specifies CT 1 for the tunnel.

ct2: Specifies CT 2 for the tunnel.

ct3: Specifies CT 3 for the tunnel.

bandwidth: Specifies the bandwidth required by the MPLS TE tunnel, in the range of 1 to 4294967295, in kbps.

Usage guidelines

If you do not specify a CT for the tunnel, the tunnel is available for CT 0.

If the bandwidth required by the MPLS TE tunnel is more than 1024 kbps, set the bandwidth to a multiple of 1024 kbps.

This command applies only to the MPLS TE tunnels established by RSVP-TE. The bandwidth and CT of an MPLS TE tunnel established by using a static CRLSP are determined by the static-cr-lsp ingress command.

Examples

# Assign 1000 kbps bandwidth to MPLS TE Tunnel 0 and specify the CT of the tunnel as CT 1.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te bandwidth ct1 1000

Related commands

display mpls te tunnel-interface

mpls te max-link-bandwidth

mpls te max-reservable-bandwidth

mpls te max-reservable-bandwidth mam

mpls te max-reservable-bandwidth rdm

mpls te bandwidth change thresholds

Use mpls te bandwidth change thresholds to set the bandwidth up/down threshold for the IGP to flood TE information.

Use undo mpls te bandwidth change thresholds to restore the default.

Syntax

mpls te bandwidth change thresholds { down | up } percent

undo mpls te bandwidth change thresholds { down | up }

Default

The IGP floods the TE information when the bandwidth increases or decreases by 10% of the link reservable bandwidth.

Views

Interface view

Predefined user roles

network-admin

Parameters

down: Specifies the bandwidth decrease percentage threshold that triggers the IGP to flood TE information. When the percentage of the link reservable-bandwidth decrease to the maximum link reservable bandwidth reaches or exceeds the threshold, the IGP floods the TE information and updates the TEDB.

up: Specifies the bandwidth increase percentage threshold that triggers the IGP to flood TE information. When the percentage of the link reservable-bandwidth increase to the maximum link reservable bandwidth reaches or exceeds the threshold, the IGP floods the TE information and updates the TEDB.

percent: Specifies the IGP flooding threshold in the range of 0% to 100%.

Usage guidelines

When the reservable bandwidth of a link changes, the IGP floods the link TE information to notify network devices of the change. To avoid frequent TE information flooding from affecting network performance, you can use this command to configure the IGP to flood only significant bandwidth changes of a link.

Examples

# On interface GigabitEthernet 2/0/1, configure the IGP to flood TE information when the link available bandwidth decreases by 100%.

<Sysname> system-view

[Sysname] interface gigabitethernet 2/0/1

[Sysname-GigabitEthernet2/0/1] mpls te bandwidth change thresholds down 100

Related commands

link-management periodic-flooding timer

mpls te bidirectional

Use mpls te bidirectional to enable the bidirectional tunnel feature on an MPLS TE tunnel interface.

Use undo mpls te bidirectional to disable the bidirectional tunnel feature on an MPLS TE tunnel interface.

Syntax

mpls te bidirectional { associated reverse-lsp { lsp-name lsp-name | lsr-id ingress-lsr-id tunnel-id tunnel-id } | co-routed { active | passive reverse-lsp lsr-id ingress-lsr-id tunnel-id tunnel-id } }

undo mpls te bidirectional

Default

The bidirectional tunnel feature is disabled on an MPLS TE tunnel interface. A tunnel established on an MPLS TE tunnel interface is a unidirectional MPLS TE tunnel.

Views

Tunnel interface view

Predefined user roles

network-admin

Parameters

associated reverse-lsp lsp-name lsp-name: Configures an associated bidirectional MPLS TE tunnel, and specifies the associated reverse CRLSP. The lsp-name argument specifies the name of a static CRLSP (the reverse CRLSP), a case-sensitive string of 1 to 15 characters.

associated reverse-lsp lsr-id ingress-lsr-id tunnel-id tunnel-id: Configures an associated bidirectional MPLS TE tunnel, and specifies the associated reverse CRLSP. The ingress-lsr-id argument specifies the LSR ID of the ingress node on the reverse CRLSP and the tunnel-id argument specifies the tunnel ID of the reverse CRLSP. The value range for the tunnel-id argument is 0 to 65535.

co-routed: Configures a co-routed bidirectional MPLS TE tunnel.

active: Specifies the local end as the active end of the co-routed bidirectional MPLS TE tunnel.

passive reverse-lsp lsr-id ingress-lsr-id tunnel-id tunnel-id: Specifies the local end as the passive end of the co-routed bidirectional MPLS TE tunnel, and specifies the associated reverse CRLSP. The ingress-lsr-id argument specifies the LSR ID of the ingress node on the reverse CRLSP and the tunnel-id argument specifies the tunnel ID of the reverse CRLSP. The value range for the tunnel-id argument is 0 to 65535. You must specify a reverse CRLSP on the passive end, so that the CRLSP and the reverse CRLSP are associated to form a bidirectional MPLS TE tunnel.

Usage guidelines

A bidirectional MPLS TE tunnel can be established in co-routed mode or associated mode.

· Co-routed mode uses the extended RSVP-TE protocol to establish a bidirectional MPLS TE tunnel. To establish a co-routed bidirectional MPLS TE tunnel, you must perform the following tasks:

¡ Specify the signaling protocol as RSVP-TE.

¡ Configure one end of the tunnel as the active end and the other as the passive end.

· In associated mode, you establish a bidirectional MPLS TE tunnel by binding two unidirectional CRLSPs in opposite directions. The two CRLSPs can be established in different modes and use different paths. For example, one CRLSP is established statically and the other CRLSP is established dynamically by RSVP-TE.

To create a bidirectional MPLS TE tunnel, you must disable the PHP feature on both ends of the tunnel to assign non-null labels to the penultimate hop.

If the mpls te bidirectional command is configured together with one of the following commands, only the mpls te bidirectional command takes effect:

· mpls te backup

· mpls te auto-bandwidth

· mpls te reoptimization

· mpls te fast-reroute

Examples

· Configure an MPLS TE bidirectional tunnel between Sysname1 and Sysname2 in co-routed mode:

# Configure Sysname1 as follows:

¡ Enable the MPLS TE bidirectional tunnel feature on tunnel interface Tunnel 0.

¡ Configure Sysname1 as the active end of the co-routed bidirectional tunnel.

<Sysname1> system-view

[Sysname1] interface tunnel 0 mode mpls-te

[Sysname1-Tunnel0] destination 10.0.0.2

[Sysname1-Tunnel0] mpls te bidirectional co-routed active

# Configure Sysname2 as follows:

¡ Enable the MPLS TE bidirectional tunnel feature on tunnel interface Tunnel 1.

¡ Configure Sysname2 as the passive end of the co-routed bidirectional tunnel.

¡ Specify the ingress node's LSR ID of the reverse CRLSP as 10.0.0.1—the LSR ID of Sysname1.

¡ Specify the tunnel ID of the reverse CRLSP as 0—the tunnel ID configured on Sysname1.

<Sysname2> system-view

[Sysname2] interface tunnel 1 mode mpls-te

[Sysname2-Tunnel1] destination 10.0.0.1

[Sysname2-Tunnel1] mpls te bidirectional co-routed passive reverse-lsp lsr-id 10.0.0.1 tunnel-id 0

· Configure an MPLS TE bidirectional tunnel between Sysname1 and Sysname2 in associated mode:

# Configure Sysname1 as follows:

¡ Enable the MPLS TE bidirectional tunnel feature on tunnel interface Tunnel 0.

¡ Configure the tunnel establishment mode as associated.

¡ Specify the ingress node's LSR ID of the reverse CRLSP as 10.0.0.2—the LSR ID of Sysname2.

¡ Specify the tunnel ID of the reverse CRLSP as 1—the tunnel ID configured on Sysname2.

<Sysname1> system-view

[Sysname1] interface tunnel 0 mode mpls-te

[Sysname1-Tunnel0] destination 10.0.0.2

[Sysname1-Tunnel0] mpls te bidirectional associated reverse-lsp lsr-id 10.0.0.2 tunnel-id 1

# Configure Sysname2 as follows:

¡ Enable the MPLS TE bidirectional tunnel feature on tunnel interface Tunnel 1.

¡ Configure the tunnel establishment mode as associated.

¡ Specify the ingress node's LSR ID of the reverse CRLSP as 10.0.0.1—the LSR ID of Sysname1.

¡ Specify the tunnel ID of the reverse CRLSP as 0—the tunnel ID configured on Sysname1.

<Sysname2> system-view

[Sysname2] interface tunnel 1 mode mpls-te

[Sysname2-Tunnel1] destination 10.0.0.1

[Sysname2-Tunnel1] mpls te bidirectional associated reverse-lsp lsr-id 10.0.0.1 tunnel-id 0

Related commands

display mpls te tunnel-interface

mpls te enable (interface view)

Use mpls te enable to enable MPLS TE on an interface.

Use undo mpls te enable to disable MPLS TE on an interface.

Syntax

mpls te enable

undo mpls te enable

Default

MPLS TE is disabled on an interface.

Views

Interface view

Predefined user roles

network-admin

Usage guidelines

After you enable MPLS TE on an interface by using the mpls te enable command, the interface can act as part of an MPLS TE tunnel.

After you execute the undo mpls te enable command on an interface, MPLS TE is disabled on the interface and all CRLSPs on the interface are deleted.

Examples

# Enable MPLS TE on interface GigabitEthernet 2/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 2/0/1

[Sysname-GigabitEthernet2/0/1] mpls te enable

Related commands

display mpls te link-management bandwidth-allocation

mpls te

mpls te enable (IS-IS view)

Use mpls te enable to enable MPLS TE for an IS-IS process.

Use undo mpls te enable to disable MPLS TE for an IS-IS process.

Syntax

mpls te enable [ level-1 | level-2 ]

undo mpls te enable [ level-1 | level-2 ]

Default

MPLS TE is disabled for an IS-IS process.

Views

IS-IS view

Predefined user roles

network-admin

Parameters

level-1: Enables MPLS TE for IS-IS at Level-1.

level-2: Enables MPLS TE for IS-IS at Level-2.

Usage guidelines

If you do not specify an IS-IS level, this command enables MPLS TE for IS-IS at both Level-1 and Level-2.

IS-IS TE uses a sub-TLV of the extended IS reachability TLV (type 22) to carry TE attributes. Because the extended IS reachability TLV carries wide metrics, specify a wide metric-compatible metric style for the IS-IS process before enabling IS-IS TE. Available metric styles for IS-IS TE include wide, compatible, or wide-compatible. For more information about IS-IS, see Layer 3—IP Routing Configuration Guide.

If you execute this command multiple times, the most recent configuration takes effect. For example, if you execute the mpls te enable command and then the mpls te enable level-1 command, MPLS TE is enabled for Level-1 and disabled for Level-2.

After you enable MPLS TE for both Level-1 and Level-2, executing the undo mpls te enable level-1 command disables MPLS TE for Level-1. MPLS TE is still enabled for Level-2. Similarly, the undo mpls te enable level-2 command only disables MPLS TE for Level-2.

IS-IS messages cannot be fragmented at the IP layer. For IS-IS TE to operate correctly, make sure the following requirements are met:

· The Link State PDU size is large enough so that the Link State PDUs can carry TE information. To set the maximum size of Level-1 and Level-2 Link State PDUs, use the lsp-length originate command.

· The MTU of an IS-IS enabled interface is greater than or equal to the size of IS-IS Link State PDUs with TE information. To set the interface MTU, use the mtu command.

Examples

# Enable MPLS TE for IS-IS process 1 at Level-2.

<Sysname> system-view

[Sysname] isis 1

[Sysname-isis-1] cost-style compatible

[Sysname-isis-1] mpls te enable level-2

Related commands

cost-style (Layer 3—IP Routing Command Reference)

mpls te enable (OSPF area view)

Use mpls te enable to enable MPLS TE for an OSPF area.

Use undo mpls te enable to disable MPLS TE for an OSPF area.

Syntax

mpls te enable

undo mpls te enable

Default

MPLS TE is disabled for an OSPF area.

Views

OSPF area view

Predefined user roles

network-admin

Usage guidelines

OSPF TE uses Type-10 opaque LSAs to carry the TE attributes for a link. Before you configure OSPF TE, you must enable opaque LSA advertisement and reception by using the opaque-capability enable command. For more information about opaque LSA advertisement and reception, see Layer 3—IP Routing Configuration Guide.

Examples

# Enable MPLS TE for OSPF process 1 in OSPF area 1.

<Sysname> system-view

[Sysname] ospf 1

[Sysname-ospf-1] area 1

[Sysname-ospf-1-area-0.0.0.1] mpls te enable

Related commands

opaque-capability enable (Layer 3—IP Routing Command Reference)

mpls te fast-reroute

Use mpls te fast-reroute to enable fast reroute (FRR).

Use undo mpls te fast-reroute to disable FRR.

Syntax

mpls te fast-reroute [ bandwidth ]

undo mpls te fast-reroute

Default

FRR is disabled.

Views

Tunnel interface view

Predefined user roles

network-admin

Parameters

bandwidth: Provides bandwidth protection for the primary CRLSP. If you do not specify this keyword, bandwidth protection is not provided for the primary CRLSP.

Usage guidelines

FRR provides a quick link or node protection on a CRLSP. FRR traffic switching can happen in as fast as 50 milliseconds, minimizing data loss.

After FRR is enabled for an MPLS TE tunnel, once a link or node fails on the primary CRLSP, the following events occur:

· FRR reroutes the traffic to a bypass tunnel.

· The ingress node attempts to set up a new CRLSP.

After the new CRLSP is set up successfully, traffic is forwarded on the new CRLSP.

When a primary CRLSP does not need bandwidth protection, it prefers to use a bypass tunnel that does not provide bandwidth protection. No bandwidth guarantee is required after FRR.

When a primary CRLSP needs bandwidth protection, it prefers to use the bypass tunnel that can protect bandwidth as much as possible to provide bandwidth guarantee after FRR.

Regardless of whether a primary CRLSP requires bandwidth protection, the following will occur when the primary CRLSP is bound to a bypass tunnel that provides bandwidth protection:

· The bypass tunnel will reserve the protected bandwidth for the primary CRLSP.

· The RRO message of the PLR will carry the bandwidth protection flag.

After FRR is enabled for a tunnel, the label recording feature is automatically enabled for the tunnel, regardless of whether the mpls te record-route label command is configured.

If both the mpls te fast-reroute and mpls te bidirectional commands are configured, only the mpls te bidirectional command takes effect.

Examples

# Enable FRR for interface Tunnel 0.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te fast-reroute

Related commands

display mpls te tunnel-interface

mpls te backup bandwidth

mpls te fast-reroute bypass-tunnel

Use mpls te fast-reroute bypass-tunnel to specify a bypass tunnel for an interface.

Use undo mpls te fast-reroute bypass-tunnel to delete a bypass tunnel from an interface.

Syntax

mpls te fast-reroute bypass-tunnel tunnel tunnel-number

undo mpls te fast-reroute bypass-tunnel tunnel tunnel-number

Default

No bypass tunnel is specified for an interface.

Views

Interface view

Predefined user roles

network-admin

Parameters

tunnel tunnel-number: Specifies a bypass tunnel by the tunnel interface number.

The following matrix shows the value ranges for the tunnel-number argument:

Hardware	Argument compatibility	Value range
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No	N/A
MSR2600-6-X1/2600-10-X1	Yes	0 to 10239
MSR 2630	Yes	0 to 10239
MSR3600-28/3600-51	Yes	0 to 10239
MSR3600-28-SI/3600-51-SI	No	N/A
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes	0 to 10239
MSR 3610/3620/3620-DP/3640/3660	Yes	0 to 10239
MSR5620/5660/5680	Yes	0 to 10239

Hardware	Argument compatibility	Value range
MSR810-LM-GL	No	N/A
MSR810-W-LM-GL	No	N/A
MSR830-6EI-GL	No	N/A
MSR830-10EI-GL	No	N/A
MSR830-6HI-GL	No	N/A
MSR830-10HI-GL	No	N/A
MSR2600-6-X1-GL	Yes	0 to 10239
MSR3600-28-SI-GL	No	N/A

Usage guidelines

The protected interface (where the command is executed) is the outgoing interface of a primary CRLSP. When the outgoing interface is down or a neighbor failure is detected through the BFD or hello mechanism, traffic of the primary CRLSP is switched to the bypass tunnel.

When you use this command, follow these restrictions and guidelines:

· You can specify a maximum of three bypass tunnels for an interface.

· A bypass tunnel can protect a maximum of three interfaces.

· The bypass tunnel specified by this command must be established by RSVP.

· The protected interface must not be the outgoing interface of a bypass tunnel.

Examples

# Configure tunnel interface Tunnel 0 as the bypass tunnel for GigabitEthernet 2/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 2/0/1

[Sysname-GigabitEthernet2/0/1] mpls te fast-reroute bypass-tunnel tunnel 0

Related commands

fast-reroute timer

mpls te igp advertise

Use mpls te igp advertise to enable forwarding adjacency for an MPLS TE tunnel or tunnel bundle, so IGP advertises the tunnel as a link in the IGP network.

Use undo mpls te igp advertise to disable forwarding adjacency for an MPLS TE tunnel or tunnel bundle.

Syntax

Tunnel interface view:

mpls te igp advertise [ hold-time value ]

undo mpls te igp advertise

Tunnel bundle interface view:

mpls te igp advertise

undo mpls te igp advertise

Default

Forwarding adjacency is disabled for an MPLS TE tunnel or tunnel bundle, and IGP does not advertise the tunnel as a link in the IGP network.

Views

Tunnel interface view

Tunnel bundle interface view

Predefined user roles

network-admin

Parameters

hold-time value: Specifies the period of time that IGP waits to advertise an MPLS TE tunnel up/down state change. The value range is 0 to 4294967295 milliseconds. The default value is 0, which means when the MPLS TE tunnel state changes, IGP immediately advertises the state change.

Usage guidelines

Forwarding adjacency is a method to direct traffic to an MPLS TE tunnel or tunnel bundle.

After forwarding adjacency is enabled on the tunnel ingress node, the ingress node advertises the MPLS TE tunnel or tunnel bundle as a link in the network through the IGP. Therefore, all devices in the IGP network can use the MPLS TE tunnel or tunnel bundle in their IGP route calculation.

To make forwarding adjacency take effect, you must establish two MPLS TE tunnels or tunnel bundles in opposite directions between two nodes, and enable forwarding adjacency on both nodes.

On the same tunnel interface or tunnel bundle interface, the mpls te igp advertise command and the mpls te igp shortcut command cannot both take effect. The most recent configuration takes effect.

After a tunnel interface becomes a tunnel bundle member interface, the hold-time configuration for the tunnel interface still takes effect. As a best practice, remove the hold-time configuration by using the undo mpls te igp advertise command in tunnel interface view to avoid impact on the tunnel bundle interface.

Examples

# Enable forwarding adjacency for MPLS TE Tunnel 0, and set the wait time before advertising a tunnel state change to 10000 milliseconds.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te igp advertise hold-time 10000

Related commands

mpls te igp metric

mpls te igp shortcut

mpls te igp metric

Use mpls te igp metric to assign a metric to an MPLS TE tunnel or tunnel bundle.

Use undo mpls te igp metric to restore the default.

Syntax

mpls te igp metric { absolute value | relative value }

undo mpls te igp metric

Default

The metric of an MPLS TE tunnel or tunnel bundle equals its IGP metric.

Views

Tunnel interface view

Tunnel bundle interface view

Predefined user roles

network-admin

Parameters

absolute value: Assigns an absolute metric to the MPLS TE tunnel or tunnel bundle, an integer in the range of 1 to 65535. An absolute metric is directly used as the MPLS TE tunnel or tunnel bundle's metric.

relative value: Assigns a relative metric to the MPLS TE tunnel or tunnel bundle, an integer in the range of –10 to +10. The MPLS TE tunnel or tunnel bundle's metric is the assigned metric value plus the IGP metric.

Usage guidelines

When IGP shortcut is enabled for an MPLS TE tunnel or tunnel bundle, the tunnel is included in the IGP route calculation as a link. You can use this command to configure the metric of this link used for IGP route calculation.

Examples

# Assign MPLS TE tunnel interface Tunnel 0 a relative metric of –1 for route calculation in IGP shortcut mechanism.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te igp metric relative -1

Related commands

mpls te igp shortcut

Use mpls te igp shortcut to enable IGP shortcut for an MPLS TE tunnel or tunnel bundle. The tunnel ingress node includes the MPLS TE tunnel or tunnel bundle in the IGP route calculation as a link.

Use undo mpls te igp shortcut to disable IGP shortcut for an MPLS TE tunnel or tunnel bundle.

Syntax

mpls te igp shortcut [ isis | ospf ]

undo mpls te igp shortcut

Default

IGP shortcut is disabled for an MPLS TE tunnel or tunnel bundle. The ingress node does not include the MPLS TE tunnel or tunnel bundle in the IGP route calculation as a link.

Views

Tunnel interface view

Tunnel bundle interface view

Predefined user roles

network-admin

Parameters

isis: Specifies IS-IS as the IGP.

ospf: Specifies OSPF as the IGP.

Usage guidelines

IGP shortcut is a method to direct traffic to an MPLS TE tunnel or tunnel bundle.

After IGP shortcut is enabled on the tunnel ingress node, IGP shortcut does not advertise the MPLS TE tunnel or tunnel bundle as a link through the IGP. Only the ingress node includes the MPLS TE tunnel or tunnel bundle in route calculation. Other devices do not consider the MPLS TE tunnel or tunnel bundle in route calculation.

If you do not specify the IGP in this command, both OSPF and IS-IS will include the MPLS TE tunnel or tunnel bundle in route calculation.

On the same tunnel interface or tunnel bundle interface, the mpls te igp advertise command and the mpls te igp shortcut command cannot both take effect. The most recent configuration takes effect.

Examples

# Enable IGP shortcut for MPLS TE Tunnel 0, so the tunnel ingress node considers the tunnel as a link in the OSPF and IS-IS route calculation.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te igp shortcut

Related commands

mpls te igp advertise

mpls te igp metric

mpls te link-attribute

Use mpls te link-attribute to set the link attribute.

Use undo mpls te link-attribute to restore the default.

Syntax

mpls te link-attribute attribute-value

undo mpls te link-attribute

Default

The link attribute value is 0x00000000.

Views

Interface view

Predefined user roles

network-admin

Parameters

attribute-value: Specifies the link attribute value in the range of 0x00000000 to 0xFFFFFFFF. A link attribute value is a 32-bit binary number. Each bit represents an attribute with a value of 0 or 1.

Usage guidelines

The TE information for a link advertised by the IGP includes the link attribute configured by this command. After receiving the link TE information, the ingress node of an MPLS TE tunnel determines whether the link can be used for MPLS TE tunnel establishment according to the following settings:

· The configured tunnel affinity attribute.

· The affinity mask.

· The link attribute.

A link is available for a tunnel if the following requirements are met:

· The link attribute bits corresponding to the affinity attribute's 1 bits whose mask bits are 1 must have a minimum of one bit set to 1.

· The link attribute bits corresponding to the affinity attribute's 0 bits whose mask bits are 1 must have no bit set to 1.

The link attribute bits corresponding to the 0 bits in the affinity mask are not checked.

For example, if the affinity is 0xFFFFFFF0 and the mask is 0x0000FFFF, a link is available for the tunnel when its link attribute bits meet the following requirements:

· The highest 16 bits each can be 0 or 1 (no requirements).

· The 17th through 28th bits must have a minimum of one bit whose value is 1.

· The lowest four bits must be 0.

Examples

# On interface GigabitEthernet 2/0/1, set the link attribute to 0x00000101.

<Sysname> system-view

[Sysname] interface gigabitethernet 2/0/1

[Sysname-GigabitEthernet2/0/1] mpls te link-attribute 101

Related commands

mpls te affinity-attribute

mpls te loop-detection

Use mpls te loop-detection to enable loop detection during establishment of an MPLS TE tunnel.

Use undo mpls te loop-detection to disable loop detection for the MPLS TE tunnel.

Syntax

mpls te loop-detection

undo mpls te loop-detection

Default

Loop detection is disabled for an MPLS TE tunnel.

Views

Tunnel interface view

Predefined user roles

network-admin

Usage guidelines

When loop detection is enabled on the ingress node of an MPLS TE tunnel, the route recording feature is automatically enabled for the tunnel, regardless of whether the mpls te record-route command is configured. When establishing the MPLS TE tunnel, each node of the tunnel detects whether a loop has occurred according to the recorded route information.

Examples

# Enable loop detection for establishing MPLS TE Tunnel 0.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te loop-detection

mpls te max-link-bandwidth

Use mpls te max-link-bandwidth to set the maximum bandwidth for MPLS TE traffic on an interface.

Use undo mpls te max-link-bandwidth to restore the default.

Syntax

mpls te max-link-bandwidth bandwidth-value

undo mpls te max-link-bandwidth

Default

The maximum link bandwidth for MPLS TE traffic is 0 kbps.

Views

Interface view

Predefined user roles

network-admin

Parameters

bandwidth-value: Specifies the maximum link bandwidth in the range of 1 to 4294967295 kbps.

Usage guidelines

The device carries the maximum link bandwidth in advertised IGP routes. The tunnel ingress node can obtain the information and use the information in CSPF calculation to select a path that meets the tunnel bandwidth requirements.

Examples

# On interface GigabitEthernet 2/0/1, set the maximum link bandwidth for MPLS TE traffic to 1158 kbps.

<Sysname> system-view

[Sysname] interface gigabitethernet 2/0/1

[Sysname-GigabitEthernet2/0/1] mpls te max-link-bandwidth 1158

Related commands

display mpls te link-management bandwidth-allocation

mpls te bandwidth

mpls te max-reservable-bandwidth

mpls te max-reservable-bandwidth mam

mpls te max-reservable-bandwidth rdm

mpls te max-reservable-bandwidth

Use mpls te max-reservable-bandwidth to set the maximum reservable bandwidth of the link (BC 0) and BC 1 in prestandard DS-TE RDM model.

Use undo mpls te max-reservable-bandwidth to restore the default.

Syntax

mpls te max-reservable-bandwidth bandwidth-value [ bc1 bc1-bandwidth ]

undo mpls te max-reservable-bandwidth

Default

The maximum reservable bandwidth of a link is 0 kbps and BC 1 is 0 kbps.

Views

Interface view

Predefined user roles

network-admin

Parameters

bandwidth-value: Specifies the maximum reservable bandwidth of the link (the value of BC 0), in the range of 1 to 4294967295 kbps.

bc1 bc1-bandwidth: Specifies the value of BC 1, in the range of 1 to 4294967295 kbps. The default value is 0.

Usage guidelines

The device carries the bandwidth values configured by this command in IGP route advertisements. The tunnel ingress node can obtain the information and use the information in CSPF calculation to select a path that meets the tunnel bandwidth requirements.

The maximum reservable bandwidth of a link (bandwidth-value) cannot be greater than the maximum bandwidth of the link (configured with the mpls te max-link-bandwidth command). The value of BC 1 (bc1-bandwidth) cannot be greater than the maximum reservable bandwidth of the link (bandwidth-value).

The bandwidth values configured by this command are only for MPLS TE traffic.

Examples

# Set the link maximum reservable bandwidth to 1158 kbps and BC 1 to 200 kbps for MPLS TE traffic in prestandard DS-TE RDM model.

<Sysname> system-view

[Sysname] interface gigabitethernet 2/0/1

[Sysname-GigabitEthernet2/0/1] mpls te max-reservable-bandwidth 1158 bc1 200

Related commands

display mpls te link-management bandwidth-allocation

mpls te bandwidth

mpls te max-link-bandwidth

mpls te max-reservable-bandwidth mam

mpls te max-reservable-bandwidth rdm

mpls te max-reservable-bandwidth mam

Use mpls te max-reservable-bandwidth mam to set the maximum reservable bandwidth of the link and the BCs in MAM model of the IETF DS-TE.

Use undo mpls te max-reservable-bandwidth mam to restore the default.

Syntax

mpls te max-reservable-bandwidth mam bandwidth-value { bc0 bc0-bandwidth | bc1 bc1-bandwidth | bc2 bc2-bandwidth | bc3 bc3-bandwidth } *

undo mpls te max-reservable-bandwidth mam

Default

The maximum reservable bandwidth of a link is 0 kbps and each BC is 0 kbps.

Views

Interface view

Predefined user roles

network-admin

Parameters

bandwidth-value: Specifies the maximum reservable bandwidth of the link, in the range of 1 to 4294967295 kbps.

bc0 bc0-bandwidth: Specifies the value of BC 0, in the range of 1 to 4294967295 kbps. By default, BC 0 is 0 kbps.

bc1 bc1-bandwidth: Specifies the value of BC 1, in the range of 1 to 4294967295 kbps. By default, BC 1 is 0 kbps.

bc2 bc2-bandwidth: Specifies the value of BC 2, in the range of 1 to 4294967295 kbps. By default, BC 2 is 0 kbps.

bc3 bc3-bandwidth: Specifies the value of BC 3, in the range of 1 to 4294967295 kbps. By default, BC 3 is 0 kbps.

Usage guidelines

The maximum reservable bandwidth of a link (bandwidth-value) cannot be greater than the maximum bandwidth of the link (configured with the mpls te max-link-bandwidth command). Each BC (bc0-bandwidth, bc1-bandwidth, bc2-bandwidth and bc3-bandwidth) cannot be greater than the maximum reservable bandwidth of the link (bandwidth-value).

The maximum reservable bandwidth and BCs configured by this command are only for MPLS TE traffic.

Examples

# Set the link maximum reservable bandwidth to 1158 kbps and BC 0 through BC 3 to 500 kbps, 300 kbps, 400 kbps, and 100 kbps for MPLS TE traffic in IETF DS-TE MAM model.

<Sysname> system-view

[Sysname] interface gigabitethernet 2/0/1

[Sysname-GigabitEthernet2/0/1] mpls te max-reservable-bandwidth mam 1158 bc0 500 bc1 300 bc2 400 bc3 100

Related commands

display mpls te link-management bandwidth-allocation

mpls te bandwidth

mpls te max-link-bandwidth

mpls te max-reservable-bandwidth

mpls te max-reservable-bandwidth rdm

Use mpls te max-reservable-bandwidth rdm to set the BCs in IETF DS-TE RDM model.

Use undo mpls te max-reservable-bandwidth rdm to restore the default.

Syntax

mpls te max-reservable-bandwidth rdm bandwidth-value [ bc1 bc1-bandwidth ] [ bc2 bc2-bandwidth ] [ bc3 bc3-bandwidth ]

undo mpls te max-reservable-bandwidth rdm

Default

Each BC is 0 kbps.

Views

Interface view

Predefined user roles

network-admin

Parameters

bandwidth-value: Specifies the maximum reservable bandwidth of the link, or, the value of BC 0, in the range of 1 to 4294967295 kbps.

bc1 bc1-bandwidth: Specifies the value of BC 1, in the range of 1 to 4294967295 kbps. By default, BC 1 is 0 kbps.

bc2 bc2-bandwidth: Specifies the value of BC 2, in the range of 1 to 4294967295 kbps. By default, BC 2 is 0 kbps.

bc3 bc3-bandwidth: Specifies the value of BC 3, in the range of 1 to 4294967295 kbps. By default, BC 3 is 0 kbps.

Usage guidelines

BC 0 (bandwidth-value) must be smaller than or equal to the maximum bandwidth of the link (configured with the mpls te max-link-bandwidth command). BC 0 must be greater than or equal to BC 1. BC 1 must be greater than or equal to BC 2. BC 2 must be greater than or equal to BC 3.

The BCs configured by this command are only for MPLS TE traffic.

Examples

# Set BC 0 in IETF RDM model to 500 kbps, BC 1 to 400 kbps, BC 2 to 300 kbps, and BC 3 to 100 kbps.

<Sysname> system-view

[Sysname] interface gigabitethernet 2/0/1

[Sysname-GigabitEthernet2/0/1] mpls te max-reservable-bandwidth rdm 500 bc1 400 bc2 300 bc3 100

Related commands

display mpls te link-management bandwidth-allocation

mpls te bandwidth

mpls te max-link-bandwidth

mpls te max-reservable-bandwidth

mpls te max-reservable-bandwidth mam

mpls te metric

Use mpls te metric to assign a TE metric to the link.

Use undo mpls te metric to restore the default.

Syntax

mpls te metric value

undo mpls te metric

Default

A link uses its IGP metric as its TE metric.

Views

Interface view

Predefined user roles

network-admin

Parameters

value: Specifies a TE metric for the link, in the range of 1 to 4294967295.

Usage guidelines

The device carries two types of metrics (IGP metric and TE metric) of a link in the advertised IGP routes. You can use this command to configure the TE metric. When the tunnel ingress receives the link metrics, it uses the IGP or TE metric for path selection according to the configuration of the mpls te path-metric-type or path-metric-type command.

Examples

# Assign a TE metric of 20 to the link on GigabitEthernet 2/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 2/0/1

[Sysname-GigabitEthernet2/0/1] mpls te metric 20

Related commands

mpls te path metric-type

path metric-type

mpls te path

Use mpls te path to specify a path for the tunnel and set the preference of the path.

Use undo mpls te path to delete the specified path for the tunnel.

Syntax

mpls te path preference value { dynamic [ pce [ ip-address ]&<0-8> ] | explicit-path path-name } [ no-cspf ]

undo mpls te path preference value

Default

MPLS TE uses the dynamically calculated path to establish a CRLSP.

Views

Tunnel interface view

Predefined user roles

network-admin

Parameters

preference value: Specifies a preference value for a path, in the range of 1 to 10. A smaller value represents a higher preference.

dynamic: Uses the path dynamically calculated by CSPF to establish the CRLSP.

pce: Uses the path calculated by PCEs to establish the CRLSP. If you do not specify this keyword, the local LSR uses the path dynamically calculated by CSPF.

[ ip-address ]&<0-8>: Specifies a space-separated list of a maximum of eight PCE addresses. If you do not specify a PCE address, the system automatically selects a PCE from discovered PCEs. If you specify more than one PCE address, a BRPC calculation will be performed on the specified PCEs in configuration order.

explicit-path path-name: Uses the specified explicit path to establish the CRLSP. The path-name argument specifies the name of an explicit path, a case-sensitive string of 1 to 31 characters.

no-cspf: Calculates the path by searching the routing table instead of using the CSPF algorithm.

Usage guidelines

You can specify a maximum of 10 paths for a tunnel interface. The paths must have different preferences.

When establishing a CRLSP, MPLS TE performs CSPF calculations according to the specified paths in a descending order of preference until the CRLSP is established successfully. If the CSPF calculations for all paths are failed, the CRLSP cannot be established.

If you specify PCE addresses in this command or in the mpls te backup-path command, the local device establishes PCEP sessions to the specified PCEs. If you do not specify a PCE address, the local device establishes PCEP sessions to all discovered PCEs.

Examples

# Configure Tunnel 0 to use explicit path path1 and the path calculated by PCEs for CRLSP establishment. Set a higher preference for the path calculated by PCEs.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te path preference 2 explicit-path path1

[Sysname-Tunnel0] mpls te path preference 1 dynamic pce 1.1.1.9 2.2.2.9

Related commands

display mpls te tunnel-interface

mpls te backup-path

mpls te path-metric-type

Use mpls te path-metric-type to specify the link metric type for path selection of a tunnel.

Use undo mpls te path-metric-type to restore the default.

Syntax

mpls te path-metric-type { igp | te }

undo mpls te path-metric-type

Default

No link metric type is specified for path selection of a tunnel.

Views

Tunnel interface view

Predefined user roles

network-admin

Parameters

igp: Uses the IGP metric.

te: Uses the TE metric.

Usage guidelines

Each MPLS TE link has two metrics: IGP metric and TE metric. By using the two metrics, you can select different tunnels for different classes of traffic. For example, use the IGP metric to represent a link delay (a smaller IGP metric value indicates a lower link delay). Use the TE metric to represent a link bandwidth value (a smaller TE metric value indicates a bigger link bandwidth value).

You can establish two MPLS TE tunnels: Tunnel1 for voice traffic and Tunnel2 for video traffic. Configure Tunnel1 to use IGP metrics for path selection, and configure Tunnel2 to use TE metrics for path selection. As a result, the video traffic travels through the path that has larger bandwidth and the voice service travels through the path that has lower delay.

If you specify a metric type for a tunnel by using this command, the tunnel uses the specified metric type for path selection. If you do not specify a metric type, the tunnel uses the metric type specified by the path-metric-type command in MPLS TE view for path selection.

Examples

# Configure Tunnel 0 to use the IGP metric for path selection.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te path-metric-type igp

Related commands

display mpls te tunnel-interface

mpls te metric

path-metric-type

mpls te priority

Use mpls te priority to set a setup priority and a holding priority for an MPLS TE tunnel.

Use undo mpls te priority to restore the default.

Syntax

mpls te priority setup-priority [ hold-priority ]

undo mpls te priority

Default

The setup priority and the holding priority of an MPLS TE tunnel are both 7.

Views

Tunnel interface view

Predefined user roles

network-admin

Parameters

setup-priority: Specifies the setup priority in the range of 0 to 7. A smaller number represents a higher priority.

hold-priority: Specifies the holding priority in the range of 0 to 7. A smaller number represents a higher priority. If you do not specify this argument, the holding priority is the same as the setup priority.

Usage guidelines

The setup priority and holding priority of an MPLS TE tunnel determines the importance of the tunnel. A tunnel that has a higher setup priority than the holding priority of another tunnel can preempt the resources of the second.

The setup priority and holding priority can be applied to the following scenarios:

· Multiple MPLS TE tunnels use the same path but the path does not have enough bandwidth for all the tunnels. You can configure different setup and holding priorities for different tunnels to make sure important tunnels can be established first.

· Before an important tunnel is established, multiple less-important MPLS TE tunnels have existed on the network, occupying the bandwidth resources and the optimal path. You can assign a higher setup priority to the import tunnel, so the tunnel can preempt the resources of the existing tunnels and use the optimal path.

The setup priority of a tunnel must not be higher than its holding priority. Configure the setup priority value to be equal to or greater than the holding priority value.

Examples

# Set both the setup priority and holding priority of Tunnel 0 to 1.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te priority 1 1

Related commands

display mpls te tunnel-interface

mpls te record-route

Use mpls te record-route to enable route recording and label recording for a tunnel.

Use undo mpls te record-route to disable route recording and label recording for a tunnel.

Syntax

mpls te record-route [ label ]

undo mpls te record-route

Default

Route recording or label recording is disabled for a tunnel.

Views

Tunnel interface view

Predefined user roles

network-admin

Parameters

label: Enables both route recording and label recording. If you do not specify this keyword, the command enables only route recording.

Usage guidelines

Route recording records the nodes that an MPLS TE tunnel traverses. Label recording records the label assigned by each node. The recorded information helps you know about the path used by the MPLS TE tunnel and the label distribution information. When the tunnel fails, the recorded information helps you locate the fault.

Examples

# Enable route recording for MPLS TE tunnel 0.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te record-route

Related commands

display explicit-path

display mpls te tunnel-interface

mpls te reoptimization (tunnel interface view)

Use mpls te reoptimization to enable tunnel reoptimization.

Use undo mpls te reoptimization to disable tunnel reoptimization.

Syntax

mpls te reoptimization [ frequency seconds ]

undo mpls te reoptimization

Default

Tunnel reoptimization is disabled.

Views

Tunnel interface view

Predefined user roles

network-admin

Parameters

frequency seconds: Specifies the tunnel reoptimization frequency in the range of 1 to 604800 seconds. The default is 3600 seconds.

Usage guidelines

MPLS TE uses the tunnel reoptimization feature to implement dynamic CRLSP optimization. For example, if a link on the optimal path does not have enough reservable bandwidth during tunnel setup, MPLS TE sets up the tunnel on another path. When the link has enough bandwidth, tunnel optimization can automatically switch the tunnel to the optimal path.

You can configure the ingress to perform tunnel reoptimization periodically. Or, you can use the mpls te reoptimization command in user view to trigger the ingress to perform a tunnel reoptimization at any time.

On the same tunnel interface, the mpls te reoptimization command is mutually exclusive with these commands: mpls te auto-bandwidth adjustment, mpls te route-pinning, and mpls te backup.

If both the mpls te reoptimization and mpls te bidirectional commands are configured, only the mpls te bidirectional command takes effect.

Examples

# Enable reoptimization for tunnel 0, and set the reoptimization frequency to 43200 seconds (12 hours).

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te reoptimization frequency 43200

Related commands

display mpls te tunnel-interface

mpls te reoptimization (user view)

Use mpls te reoptimization to reoptimize all reoptimization-enabled MPLS TE tunnels.

Syntax

mpls te reoptimization

Views

User view

Predefined user roles

network-admin

Usage guidelines

After this command is executed in tunnel interface view, you can execute it in user view to trigger the ingress node to immediately reselect an optimal path for a tunnel.

Examples

# Reoptimize all reoptimization-enabled MPLS TE tunnels.

<Sysname> mpls te reoptimization

Related commands

mpls te reoptimization (tunnel interface view)

mpls te resv-style

Use mpls te resv-style to configure the resource reservation style for the MPLS TE tunnel.

Use undo mpls te resv-style to restore the default.

Syntax

mpls te resv-style { ff | se }

undo mpls te resv-style

Default

The resource reservation style is SE.

Views

Tunnel interface view

Predefined user roles

network-admin

Parameters

ff: Specifies the resource reservation style as fixed filter (FF). For this style, resources are reserved for individual senders and cannot be shared among senders on the same session.

se: Specifies the resource reservation style as shared explicit (SE). For this style, resources are reserved for senders on the same session and shared among them.

Usage guidelines

This command applies only to MPLS TE tunnels established by RSVP-TE.

Examples

# Use the FF reservation style to establish MPLS TE tunnel 0.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te resv-style ff

Related commands

display mpls te tunnel-interface

mpls te signaling

mpls te retry

Use mpls te retry to set the maximum number of tunnel setup attempts.

Use undo mpls te retry to restore the default.

Syntax

mpls te retry retries

undo mpls te retry

Default

The maximum number of tunnel setup attempts is 3.

Views

Tunnel interface view

Predefined user roles

network-admin

Parameters

retries: Specifies the number of tunnel setup attempts, in the range of 1 to 4294967295.

Usage guidelines

After failing to establish an MPLS TE tunnel, the tunnel ingress node waits for the tunnel setup retry interval (configured by the mpls te timer retry command). Then it tries to set up the tunnel until the tunnel is established successfully. If the tunnel cannot be established when the number of attempts reaches the maximum, the ingress waits for a longer period and then repeats the previous process.

Examples

# Set the maximum number of tunnel setup attempts to 20.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te retry 20

Related commands

display mpls te tunnel-interface

mpls te timer retry

mpls te route-pinning

Use mpls te route-pinning to enable route pinning.

Use undo mpls te route-pinning to restore the default.

Syntax

mpls te route-pinning

undo mpls te route-pinning

Default

Route pinning is disabled.

Views

Tunnel interface view

Predefined user roles

network-admin

Usage guidelines

When route pinning is enabled, an established CRLSP does not re-select an optimal path even if the optimal route has changed.

Use this feature to avoid CRLSPs from changing frequently on an unstable network. This feature ensures that the established CRLSPs are not re-established as long as they are available.

In the same tunnel interface view, the mpls te route-pinning command cannot be used together with the mpls te reoptimization and mpls te auto-bandwidth adjustment commands.

Examples

# Enable route pinning for Tunnel 0.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te route-pinning

Related commands

display mpls te tunnel-interface

mpls te service-class

Use mpls te service-class to set a service class for an MPLS TE tunnel.

Use undo mpls te service-class to delete the service class of an MPLS TE tunnel.

Syntax

mpls te service-class service-class-value

undo mpls te service-class

Default

No service class is set for an MPLS TE tunnel.

Views

Tunnel interface view

Predefined user roles

network-admin

Parameters

service-class-value: Specifies a service class for an MPLS TE tunnel, in the range of 0 to 7. The smaller service class value, the lower tunnel priority. An MPLS TE tunnel that is not assigned a service class has the lowest priority.

Usage guidelines

Class Based Tunnel Selection (CBTS) compares the service class of the traffic with the service classes of MPLS TE tunnels. CBTS uses the following rules to select a tunnel to forward the traffic:

· If the traffic matches an MPLS TE tunnel, CBTS uses this tunnel.

· If the traffic matches multiple MPLS TE tunnels, CBTS randomly selects a matching tunnel.

· If the traffic does not match any MPLS TE tunnels, CBTS randomly selects a tunnel from all tunnels with the lowest priority.

To set a service class for traffic, use the remark service-class command in traffic behavior view. For information about the remark service-class command, see QoS commands in ACL and QoS Command Reference.

Examples

# Specify the service class of Tunnel 0 to 5.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te service-class 5

Related commands

remark service-class (ACL and QoS Command Reference)

mpls te signaling

Use mpls te signaling to configure the signaling protocol for an MPLS TE tunnel interface.

Use undo mpls te signaling to restore the default.

Syntax

mpls te signaling { rsvp-te | static }

undo mpls te signaling

Default

MPLS TE uses RSVP-TE to establish tunnels.

Views

Tunnel interface view

Predefined user roles

network-admin

Parameters

rsvp-te: Uses the RSVP-TE signaling protocol to establish a tunnel.

static: Uses a static CRLSP to establish a tunnel.

Usage guidelines

To use RSVP-TE to establish an MPLS TE tunnel, you must enable MPLS TE and RSVP on each node and interface that the MPLS TE tunnel traverses.

To establish an MPLS TE tunnel over a static CRLSP, you must configure the tunnel to use the static CRLSP by using the mpls te static-cr-lsp command.

Examples

# Use RSVP-TE to establish the MPLS TE tunnel 0.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te signaling rsvp-te

Related commands

display mpls te tunnel-interface

mpls te static-cr-lsp

Use mpls te static-cr-lsp to specify a static CRLSP for a tunnel.

Use undo mpls te static-cr-lsp to remove the configuration.

Syntax

mpls te static-cr-lsp lsp-name

undo mpls te static-cr-lsp lsp-name

Default

A tunnel does not use any static CRLSP.

Views

Tunnel interface view

Predefined user roles

network-admin

Parameters

lsp-name: Specifies a static CRLSP by its name, a case-sensitive string of 1 to 15 characters.

Usage guidelines

This command takes effect only when the mpls te signaling static command has been configured in tunnel interface view.

Execute this command on the ingress node. The static CRLSP specified must have been created by using the static-cr-lsp ingress command.

Examples

# Configure tunnel 0 to use static CRLSP named static-te-3.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te static-cr-lsp static-te-3

Related commands

display mpls te tunnel-interface

mpls te signaling

static-cr-lsp egress

static-cr-lsp ingress

static-cr-lsp transit

mpls te timer retry

Use mpls te timer retry to set the tunnel setup retry interval.

Use undo mpls te timer retry to restore the default.

Syntax

mpls te timer retry seconds

undo mpls te timer retry

Default

The retry interval is 2 seconds.

Views

Tunnel interface view

Predefined user roles

network-admin

Parameters

seconds: Specifies the interval at which MPLS TE tries to re-establish the tunnel, in the range of 1 to 604800 seconds.

Usage guidelines

After failing to establish an MPLS TE tunnel, the tunnel ingress node waits for the tunnel setup retry interval. Then, it tries to set up the tunnel until the tunnel is established successfully. If the tunnel cannot be established when the number of attempts reaches the maximum (configured by the mpls te retry command), the ingress waits for a longer period. Then, it repeats the previous process.

Examples

# Set the setup retry interval to 20 seconds for tunnel 0.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te timer retry 20

Related commands

display mpls te tunnel-interface

mpls te retry

nexthop

Use nexthop to add or modify a node in an explicit path, and configure the attributes of the node.

Use undo nexthop to delete a node in an explicit path.

Syntax

nexthop [ index index-number ] ip-address [ exclude | include [ loose | strict ] ]

undo nexthop index index-number

Default

An explicit path does not include any nodes.

Views

Explicit path view

Predefined user roles

network-admin

Parameters

index index-number: Specifies an index for the node in the explicit path, in the range of 1 to 65535. If you do not specify an index, MPLS TE automatically calculates an index for the node, the value of which is the current maximum index value plus 100.

ip-address: Specifies a node by its IP address in dotted decimal notation.

exclude: Excludes the specified node from the explicit path.

include: Includes the specified node on the explicit path.

loose: Specifies the node as a loose node, which means the specified node and its previous hop can be indirectly connected.

strict: Specifies the node as a strict node, which means the node and its previous hop must be directly connected.

Usage guidelines

The IP address specified in this command can be one of the following:

· Link IP address—IP address of an interface on the device, identifying a link.

· Device LSR ID—Identifies the device.

The address of a strict node must be a link IP address. The address of a loose node can be a link IP address or the device LSR ID.

CSPF excludes the links or devices specified by exclude from path calculation, and uses the links specified by include in ascending order of indexes to establish a CRLSP.

When you execute the nexthop command, follow these guidelines:

· If you specify an existing index, the command modifies the IP address or attribute of the node identified by that index.

· If you specify neither include nor exclude, the include keyword is used by default.

· If you specify neither loose nor strict, the strict keyword is used by default.

Examples

# Exclude IP address 10.0.0.125 from the MPLS TE explicit path named path1.

<Sysname> system-view

[Sysname] explicit-path path1

[Sysname-explicit-path-path1] nexthop 10.0.0.125 exclude

Related commands

display explicit-path

nhop-only

Use nhop-only to configure the PLR to create only link-protection bypass tunnels.

Use undo nhop-only to restore the default.

Syntax

nhop-only

undo nhop-only

Default

The PLR automatically creates both link-protection and node-protection bypass tunnels.

Views

MPLS TE auto FRR view

Predefined user roles

network-admin

Usage guidelines

Execution of the nhop-only command deletes all existing node-protection bypass tunnels automatically created for MPLS TE auto FRR.

Examples

# Configure the device to automatically create only link-protection bypass tunnels.

<Sysname> system-view

[Sysname] mpls te

[Sysname-te] auto-tunnel backup

[Sysname-te-auto-bk] nhop-only

Related commands

auto-tunnel backup

tunnel-number

path-metric-type

Use path-metric-type to specify the link metric type to be used for path selection when a metric type is not explicitly specified for a tunnel.

Use undo path-metric-type to restore the default.

Syntax

path-metric-type { igp | te }

undo path-metric-type

Default

A tunnel uses TE metrics of links for path selection when no metric type is specified for the tunnel.

Views

MPLS TE view

Predefined user roles

network-admin

Parameters

igp: Uses the IGP metric.

te: Uses the TE metric.

Usage guidelines

Each MPLS TE link has two metrics: IGP metric and TE metric. By correctly planning the two metrics, you can select different tunnels for different classes of traffic. For example, use the IGP metric to represent a link delay (a smaller IGP metric value indicates a lower link delay). Use the TE metric to represent a link bandwidth value (a smaller TE metric value indicates a bigger link bandwidth value).

You can establish two MPLS TE tunnels: Tunnel1 for voice traffic and Tunnel2 for video traffic. Configure Tunnel1 to use IGP metrics for path selection, and configure Tunnel2 to use TE metrics for path selection. As a result, the video traffic travels through the path that has larger bandwidth and the voice traffic travels through the path that has lower delay.

If you specify a metric type for a tunnel by using the mpls te path-metric-type command, the tunnel uses the specified metric type for path selection. If you do not specify a metric type, the tunnel uses the metric type specified by the path-metric-type command for path selection.

Examples

# Configure MPLS TE tunnels that are not explicitly specified with a metric type to use the IGP metric for path selection.

<Sysname> system-view

[Sysname] mpls te

[Sysname-te] path-metric-type igp

Related commands

mpls te metric

mpls te path-metric-type

pce address

Use pce address to configure an IP address for a PCE.

Use undo pce address to restore the default.

Syntax

pce address ip-address

undo pce address

Default

No PCE IP address is configured.

Views

MPLS TE view

Predefined user roles

network-admin

Parameters

ip-address: Specifies the PCE IP address.

Usage guidelines

For the device to act as a PCE, use this command to specify a PCE IP address for the device.

As a best practice, configure the loopback interface address as the PCE address. For a PCE to be discovered, enable OSPF TE on the loopback interface to advertise the PCE address or manually specify the PCE on PCCs.

If no PCE address is configured, the local device can only act as a PCC and use the MPLS LSR ID to communicate with the PCE. A PCC sends a PCEP connection request to a PCE, but it does not accept a request from a PCE.

Examples

# Specify the local device as a PCE and configure the IP address for the PCE as 10.10.10.10.

<Sysname> system-view

[Sysname] mpls te

[Sysname-te] pce address 10.10.10.10

pce deadtimer

Use pce deadtimer to set the PCEP session deadtimer.

Use undo pce deadtimer to restore the default.

Syntax

pce deadtimer value

undo pce deadtimer

Default

The PCEP session deadtimer is 120 seconds.

Views

MPLS TE view

Predefined user roles

network-admin

Parameters

value: Specifies the PCEP session deadtimer in the range of 0 to 255 seconds. Value 0 indicates that the PCEP session will never time out.

Usage guidelines

The local device sends the deadtimer setting to its peer. If the local device does not receive a PCEP message from its peer before the deadtimer expires, it tears down the PCEP session. Then, the local device tries to establish a new PCEP session to its peer.

The deadtimer must be greater than the keepalive interval.

Examples

# Set the PCEP session deadtimer to 180 seconds.

<Sysname> system-view

[Sysname] mpls te

[Sysname-te] pce deadtimer 180

Related commands

display mpls te pce peer

pce keepalive

Use pce keepalive to set the keepalive interval for PCEP sessions.

Use undo pce keepalive to restore the default.

Syntax

pce keepalive interval

undo pce keepalive

Default

The keepalive interval is 30 seconds.

Views

MPLS TE view

Predefined user roles

network-admin

Parameters

interval: Specifies the keepalive interval in the range of 0 to 255 seconds. Value 0 indicates that no keepalive messages will be sent once the PCEP session is established.

Usage guidelines

If the keepalive interval for the local device is less than the min-keepalive setting on the peer device, the local device uses the peer's min-keepalive setting as the keepalive interval.

If the keepalive interval is set to 0 on the local device, configure the min-keepalive value as 0 on the peer device to avoid session establishment failure.

For more information about the min-keepalive setting, see the pce tolerance command.

Examples

# Set the keepalive interval to 60 seconds.

<Sysname> system-view

[Sysname] mpls te

[Sysname-te] pce keepalive 60

Related commands

display mpls te pce peer

pce deadtimer

pce tolerance

pce request-timeout

Use pce request-timeout to set the path calculation request timeout time.

Use undo pce request-timeout to restore the default.

Syntax

pce request-timeout value

undo pce request-timeout

Default

The request timeout time is 10 seconds.

Views

MPLS TE view

Predefined user roles

network-admin

Parameters

value: Specifies the request timeout time in the range of 5 to 100 seconds.

Usage guidelines

In EPC calculation, if a PCC does not receive a calculation reply within the configured timeout time, it resends calculation requests to the PCE until it receives a reply.

In BRPC calculation, if a PCC does not receive a calculation reply from the PCE within the configured timeout time, the PCC does not resend a request. If a PCE does not receive a calculation reply from its downstream PCE within the timeout time, it sends the local calculation result to its upstream device as a reply. The PCE does not wait for a reply from its downstream PCE.

Examples

# Set the request timeout time to 20 seconds.

<Sysname> system-view

[Sysname] mpls te

[Sysname-te] pce request-timeout 20

Related commands

display mpls te pce peer

pce static

Use pce static to specify a PCE as a peer on a PCC or PCE.

Use undo pce static to delete the specified PCE peer.

Syntax

pce static ip-address

undo pce static ip-address

Default

No PCE peers exist.

Views

MPLS TE view

Predefined user roles

network-admin

Parameters

ip-address: Specifies the IP address of a PCE peer.

Examples

# Specify the PCE 10.10.10.10 as a peer.

<Sysname> system-view

[Sysname] mpls te

[Sysname-te] pce static 10.10.10.10

Related commands

display mpls te pce discovery

pce tolerance

Use pce tolerance to set the minimum acceptable keepalive interval and the maximum number of allowed unknown messages received from the peer.

Use undo pce tolerance to restore the default.

Syntax

pce tolerance { min-keepalive value | max-unknown-messages value }

undo pce tolerance { min-keepalive | max-unknown-messages }

Default

The minimum acceptable keepalive interval is 10 seconds, and the maximum number of allowed unknown messages in a minute is 5.

Views

MPLS TE view

Predefined user roles

network-admin

Parameters

min-keepalive value: Specifies the minimum acceptable keepalive interval in the range of 0 to 255 seconds. Value 0 indicates that any keepalive interval is acceptable.

max-unknown-messages value: Limits the maximum number of allowed unknown messages in a minute, in the range of 0 to 16384. Value 0 indicates that no limit is enforced.

Usage guidelines

If the keepalive interval set on the peer device is less than the min-keepalive setting on the local device, the peer device uses the min-keepalive setting as the keepalive interval.

If the number of unknown messages received from the peer in a minute exceeds the max-unknown-messages setting on the local device, the local device tears down the PCEP session.

Examples

# Set the minimum acceptable keepalive interval to 20 seconds and the maximum number of allowed unknown messages to 10.

<Sysname> system-view

[Sysname] mpls te

[Sysname-te] pce tolerance min-keepalive 20

[Sysname-te] pce tolerance max-unknown-messages 10

Related commands

display mpls te pce peer

pce keepalive

reset mpls te auto-bandwidth-adjustment timers

Use reset mpls te auto-bandwidth-adjustment timers to reset the automatic bandwidth adjustment feature.

Syntax

reset mpls te auto-bandwidth-adjustment timers

Views

User view

Predefined user roles

network-admin

Usage guidelines

After this command is executed, the system clears the output rate sampling information and the remaining time to the next bandwidth adjustment. Then, it starts new output rate sampling and bandwidth adjustment.

Examples

# Reset the automatic bandwidth adjustment feature.

<Sysname> reset mpls te auto-bandwidth-adjustment timers

Related commands

auto-bandwidth enable

mpls te auto-bandwidth

reset mpls te pce statistics

Use reset mpls te pce statistics to clear PCC and PCE statistics.

Syntax

reset mpls te pce statistics [ ip-address ]

Views

User view

Predefined user roles

network-admin

Parameters

ip-address: Specifies a PCC or PCE by its IP address. If you do not specify this argument, the command clears statistics about all PCEs and PCCs.

Examples

# Clear statistics about PCE 10.10.10.10.

<Sysname> reset mpls te pce statistics 10.10.10.10

Related commands

display mpls te pce statistics

snmp-agent trap enable te

Use snmp-agent trap enable te to enable SNMP notifications for MPLS TE.

Use undo snmp-agent trap enable te to disable SNMP notifications for MPLS TE.

Syntax

snmp-agent trap enable te

undo snmp-agent trap enable te

Default

SNMP notifications for MPLS TE are disabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

This command enables generating SNMP notifications for MPLS TE upon MPLS TE tunnel status changes, as defined in RFC 3812. For MPLS TE event notifications to be sent correctly, you must also configure SNMP on the device. For more information about SNMP configuration, see the network management and monitoring configuration guide for the device.

Examples

# Enable SNMP notifications for MPLS TE.

<Sysname> system-view

[Sysname] snmp-agent trap enable te

te-subtlv

Use te-subtlv to specify the types of the sub-TLVs for carrying DS-TE parameters.

Use undo te-subtlv to restore the default.

Syntax

te-subtlv { bw-constraint value | unreserved-subpool-bw value } *

undo te-subtlv { bw-constraint | unreserved-subpool-bw } *

Default

The bw-constraint parameter is carried in sub-TLV 252, and the unreserved-subpool-bw parameter is carried in sub-TLV 251.

Views

IS-IS view

Predefined user roles

network-admin

Parameters

bw-constraint value: Specifies the type value of the sub-TLV that carries the bandwidth constraints, in the range of 23 to 254.

unreserved-subpool-bw value: Specifies the type value of the sub-TLV that carries the unreserved subpool bandwidth, in the range of 23 to 254.

Usage guidelines

This command takes effect when the DS-TE mode is prestandard. It does not take effect when the DE-TE mode is IETF.

In prestandard mode, no standard sub-TLV type values are defined to carry DS-TE parameters. Different vendors might use different type values. To communicate with devices from other vendors, use this command to specify the sub-TLV type values.

Examples

# For IS-IS process 1, specify the sub-TLV type value 200 for bw-constraint, and 202 for unreserved-subpool-bw.

<Sysname> system-view

[Sysname] isis 1

[Sysname-isis-1] te-subtlv bw-constraint 200 unreserved-subpool-bw 202

Related commands

display isis mpls te configured-sub-tlvs

timers removal unused

Use timers removal unused to set a removal timer for unused bypass tunnels.

Use undo timers removal unused to restore the default.

Syntax

timers removal unused seconds

undo timers removal unused

Default

A bypass tunnel is removed after it is unused for 3600 seconds.

Views

MPLS TE auto FRR view

Predefined user roles

network-admin

Parameters

seconds: Specifies the period of time after which an unused bypass tunnel is removed, in the range of 300 to 604800 seconds. You can also set this argument to 0, which means not to remove unused bypass tunnels.

Usage guidelines

An automatically created bypass tunnel can protect multiple primary CRLSPs. A bypass tunnel is unused when the bypass tunnel is not bound to any primary CRLSP. When a bypass tunnel is unused for the period of time configured by this command, MPLS TE removes the bypass tunnel to release the occupied bandwidth and tunnel interface number.

Configure a removal timer according to your network conditions, with the following considerations:

· Save resources—If the timer value is too big, unused bypass tunnels occupy bandwidth and interface numbers for a long time.

· Keep network stability—If the timer value is too small, bypass tunnels might be set up and removed frequently.

Examples

# Set the removal timer to 60000 seconds (100 minutes) for unused bypass tunnels.

<Sysname> system-view

[Sysname] mpls te

[Sysname-te] auto-tunnel backup

[Sysname-te-auto-bk] timers removal unused 60000

Related commands

auto-tunnel backup

tunnel-number

tunnel route-static

Use tunnel route-static to configure automatic static route advertisement.

Use undo tunnel route-static to restore the default.

Syntax

tunnel route-static [ preference preference-value ]

undo tunnel route-static

Default

Automatic static route advertisement is not configured.

Views

Tunnel interface view

Predefined user roles

network-admin

Parameters

preference preference-value: Specifies a preference for the static route to be advertised, in the range of 1 to 255. The default value is 60.

Usage guidelines

IGP shortcut or forwarding adjacency is usually configured to direct traffic to an MPLS TE tunnel. On a network that contains multiple IGP areas, however, configuring IGP shortcut and forwarding adjacency causes route convergence failure. As a result, traffic cannot be forwarded over the MPLS TE tunnel. To direct traffic to an MPLS TE tunnel in this scenario, you can execute the tunnel route-static command on the ingress node of the MPLS TE tunnel. This command creates a static route whose destination address and output interface are the tunnel destination address and the tunnel interface, respectively.

Examples

# Configure automatic static route advertisement on Tunnel 1 and set the preference to 3.

<Sysname> system-view

[Sysname] interface tunnel 1 mode mpls-te

[Sysname-Tunnel1] tunnel route-static preference 3

Related commands

mpls te igp advertise

mpls te igp shortcut

tunnel-number

Use tunnel-number to specify an interface number range for automatically created bypass tunnels.

Use undo tunnel-number to restore the default.

Syntax

tunnel-number min min-number max max-number

undo tunnel-number

Default

No interface number range is specified, and the PLR cannot set up a bypass tunnel automatically.

Views

MPLS TE auto FRR view

Predefined user roles

network-admin

Parameters

min min-number max max-number: Specifies a range of interface numbers for automatically created bypass tunnels. The min-number must be smaller than or equal to the max-number, and the specified interface number range must include no more than 1000 interface numbers.

The following matrix shows the value ranges for the min-number argument:

Hardware	Argument compatibility	Value range
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No	N/A
MSR2600-6-X1/2600-10-X1	Yes	0 to 10239
MSR 2630	Yes	0 to 10239
MSR3600-28/3600-51	Yes	0 to 10239
MSR3600-28-SI/3600-51-SI	No	N/A
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes	0 to 10239
MSR 3610/3620/3620-DP/3640/3660	Yes	0 to 10239
MSR5620/5660/5680	Yes	0 to 10239

Hardware	Argument compatibility	Value range
MSR810-LM-GL	No	N/A
MSR810-W-LM-GL	No	N/A
MSR830-6EI-GL	No	N/A
MSR830-10EI-GL	No	N/A
MSR830-6HI-GL	No	N/A
MSR830-10HI-GL	No	N/A
MSR2600-6-X1-GL	Yes	0 to 10239
MSR3600-28-SI-GL	No	N/A

The following matrix shows the value ranges for the max-number argument:

Hardware	Argument compatibility	Value range
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No	N/A
MSR2600-6-X1/2600-10-X1	Yes	0 to 10239
MSR 2630	Yes	0 to 10239
MSR3600-28/3600-51	Yes	0 to 10239
MSR3600-28-SI/3600-51-SI	No	N/A
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes	0 to 10239
MSR 3610/3620/3620-DP/3640/3660	Yes	0 to 10239
MSR5620/5660/5680	Yes	0 to 10239

Hardware	Argument compatibility	Value range
MSR810-LM-GL	No	N/A
MSR810-W-LM-GL	No	N/A
MSR830-6EI-GL	No	N/A
MSR830-10EI-GL	No	N/A
MSR830-6HI-GL	No	N/A
MSR830-10HI-GL	No	N/A
MSR2600-6-X1-GL	Yes	0 to 10239
MSR3600-28-SI-GL	No	N/A

Usage guidelines

To enable the PLR to automatically create bypass tunnels, you must perform the following tasks:

1. Enable auto FRR globally by using the auto-tunnel backup command.

2. Specify the interface number range for bypass tunnels by using the tunnel-number command.

The PLR uses the interface numbers in the specified range in ascending order for the bypass tunnels.

When you use the tunnel-number command, follow these restrictions and guidelines:

· If you execute this command multiple times, the most recent configuration takes effect.

· If bypass tunnels are already created automatically, make sure the min-number is not greater than the minimum interface number used by the existing bypass tunnels. The max-number is not smaller than the maximum interface number used by the existing bypass tunnels.

· The interface number range specified by this command can include the interface numbers used by the tunnel interfaces created by the interface tunnel command. However, those interface numbers cannot be used for bypass tunnels, unless they are released by the undo interface tunnel command.

Examples

# Specify interface numbers 800 to 900 for automatically created bypass tunnels.

<Sysname> system-view

[Sysname] mpls te

[Sysname-te] auto-tunnel backup

[Sysname-te-auto-bk] tunnel-number min 800 max 900

Related commands

auto-tunnel backup

Static CRLSP commands

The following matrix shows the feature and hardware compatibility:

Hardware	Static CRLSP compatibility
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No
MSR2600-6-X1/2600-10-X1	Yes
MSR 2630	Yes
MSR3600-28/3600-51	Yes
MSR3600-28-SI/3600-51-SI	No
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes
MSR 3610/3620/3620-DP/3640/3660	Yes
MSR5620/5660/5680	Yes

Hardware	Static CRLSP compatibility
MSR810-LM-GL	No
MSR810-W-LM-GL	No
MSR830-6EI-GL	No
MSR830-10EI-GL	No
MSR830-6HI-GL	No
MSR830-10HI-GL	No
MSR2600-6-X1-GL	Yes
MSR3600-28-SI-GL	No

display mpls static-cr-lsp

Use display mpls static-cr-lsp to display information about static CRLSPs.

Syntax

display mpls static-cr-lsp [ lsp-name lsp-name ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

lsp-name lsp-name: Displays information about the static CRLSP specified by its name, a case-sensitive string of 1 to 15 characters. If you do not specify a static CRLSP, this command displays information about all static CRLSPs.

verbose: Displays detailed information about static CRLSPs. If you do not specify this keyword, the command displays brief information about static CRLSPs.

Examples

# Display brief information about static CRLSPs.

<Sysname> display mpls static-cr-lsp

Name LSR Type In/Out Label Out Interface State

static-cr-lsp-1 Ingress Null/20 GE2/0/1 Up

Table 47 Command output

Field	Description
Name	Name of the static CRLSP.
LSR Type	LSR type of the local node on the static CRLSP: Ingress, Transit, or Egress.
In/Out Label	Incoming label/outgoing label.
Out Interface	Output interface.
State	Current state of the static CRLSP: · Down—The static CRLSP is not available. · Up—The static CRLSP is available. · Idle—The incoming label of the static CRLSP is not available. · Dup—The incoming label of the static CRLSP is being used by a static LSP or a static PW.

# Display detailed information about static CRLSPs.

<Sysname> display mpls static-cr-lsp verbose

LSP Name : Tunnel0

LSR Type : Ingress

In-Label : -

Out-Label : 60

Out-Interface : GE2/0/1

Nexthop : 20.1.1.2

Class Type : CT0

Bandwidth : 0 kbps

LSP State : Up

Table 48 Command output

Field	Description
LSP Name	Name of the static CRLSP.
LSR Type	LSR type of the local node on the static CRLSP: Ingress, Transit, or Egress.
In-Label	Incoming label.
Out-Label	Outgoing label.
Out-Interface	Output interface.
Nexthop	Next hop address.
Class Type	Class type of the static CRLSP: CT0, CT1, CT2, or CT3.
Bandwidth	Bandwidth required by the static CRLSP, in kbps.
LSP State	Current state of the static CRLSP: · Down—The static CRLSP is not available. · Up—The static CRLSP is available. · Idle—The incoming label of the static CRLSP is not available. · Duplicate—The incoming label of the static CRLSP is being used by a static LSP or a static PW.

Related commands

static-cr-lsp egress

static-cr-lsp ingress

static-cr-lsp transit

static-cr-lsp egress

Use static-cr-lsp egress to configure the egress node of a static CRLSP.

Use undo static-cr-lsp egress to delete the egress node configuration of a static CRLSP.

Syntax

static-cr-lsp egress lsp-name in-label in-label-value

undo static-cr-lsp egress lsp-name

Default

No static CRLSPs exist.

Views

System view

Predefined user roles

network-admin

Parameters

lsp-name: Specifies a name for the static CRLSP, a case-sensitive string of 1 to 15 characters.

in-label in-label-value: Specifies an incoming label. The value range for the in-label-value argument is 16 to 1023.

Usage guidelines

A static CRLSP must have a different incoming label than an existing static LSP or static PW. If they are the same, the static CRLSP is not available, even if you change the incoming label of the static LSP or the static PW. To make the static CRLSP available, delete the static CRLSP, and reconfigure it with an unused incoming label.

Examples

# On the egress node, configure a static CRLSP with the name static-te-1 and incoming label 233.

<Sysname> system-view

[Sysname] static-cr-lsp egress static-te-1 in-label 233

Related commands

display mpls static-cr-lsp

static-cr-lsp ingress

static-cr-lsp transit

static-cr-lsp ingress

Use static-cr-lsp ingress to configure the ingress node of a static CRLSP.

Use undo static-cr-lsp ingress to delete the ingress node configuration of a static CRLSP.

Syntax

static-cr-lsp ingress lsp-name { nexthop ip-address | outgoing-interface interface-type interface-number } out-label out-label-value [ bandwidth [ ct0 | ct1 | ct2 | ct3 ] bandwidth-value ]

undo static-cr-lsp ingress lsp-name

Default

No static CRLSPs exist.

Views

System view

Predefined user roles

network-admin

Parameters

lsp-name: Specifies a name for the static CRLSP, a case-sensitive string of 1 to 15 characters.

nexthop ip-address: Specifies the next hop IP address. The address cannot be a public IP address on the local device.

outgoing-interface interface-type interface-number: Specifies an outgoing interface by its type and number. The specified interface must be a P2P interface.

out-label out-label-value: Specifies an outgoing label. The label value can be 0, 3, or an integer in the range of 16 to 1048575.

bandwidth: Specifies the CT and required bandwidth for the static CRLSP. If you do not specify this keyword, the bandwidth required by the static CRLSP is 0 kbps. If you specify this keyword but do not specify a CT, the static CRLSP belongs to CT 0.

ct0: Specifies CT 0 for the static CRLSP.

ct1: Specifies CT 1 for the static CRLSP.

ct2: Specifies CT 2 for the static CRLSP.

ct3: Specifies CT 3 for the static CRLSP.

bandwidth-value: Specifies the bandwidth required by the static CRLSP, in the range of 1 to 4294967295 kbps. The default is 0 kbps.

Usage guidelines

CT 2 and CT 3 are valid only in IETF DS-TE mode. In prestandard DS-TE mode, CT 2 and CT 3 are invalid and the tunnel cannot be established.

Examples

# Configure a static CRLSP on the ingress node: specify its name as static-te-2, next hop IP address as 202.55.25.33, outgoing label as 237, CT as CT 0, and required bandwidth as 20 kbps.

<Sysname> system-view

[Sysname] static-cr-lsp ingress static-te-2 nexthop 202.55.25.33 out-label 237 bandwidth ct0 20

Related commands

display mpls static-cr-lsp

static-cr-lsp egress

static-cr-lsp transit

Use static-cr-lsp transit to configure a transit node for a static CRLSP.

Use undo static-cr-lsp transit to delete the transit node configuration of a static CRLSP.

Syntax

static-cr-lsp transit lsp-name in-label in-label-value { nexthop ip-address | outgoing-interface interface-type interface-number } out-label out-label-value [ bandwidth [ ct0 | ct1 | ct2 | ct3 ] bandwidth-value ]

undo static-cr-lsp transit lsp-name

Default

No static CRLSPs exist.

Views

System view

Predefined user roles

network-admin

Parameters

lsp-name: Specifies a name for the static CRLSP, a case-sensitive string of 1 to 15 characters.

in-label in-label-value: Specifies an incoming label in the range of 16 to 1023.

nexthop ip-address: Specifies the next hop IP address. The address cannot be a public IP address on the local device.

outgoing-interface interface-type interface-number: Specifies an outgoing interface by its type and number. The specified interface must be a P2P interface.

out-label out-label-value: Specifies an outgoing label. The label value can be 0, 3, or an integer in the range of 16 to 1048575.

ct0: Specifies CT 0 for the static CRLSP.

ct1: Specifies CT 1 for the static CRLSP.

ct2: Specifies CT 2 for the static CRLSP.

ct3: Specifies CT 3 for the static CRLSP.

bandwidth-value: Specifies the bandwidth required by the static CRLSP, in the range of 1 to 4294967295 kbps. The default is 0 kbps.

Usage guidelines

CT 2 and CT 3 are valid only in IETF DS-TE mode. In prestandard DS-TE mode, CT 2 and CT 3 are invalid and the tunnel cannot be established.

Examples

# Configure a static CRLSP on the transit node: specify its name as static-te-3, incoming label as 123, next hop IP address as 1.1.1.1, outgoing label as 253, CT as CT 0, and required bandwidth as 20 kbps.

<Sysname> system-view

[Sysname] static-cr-lsp transit static-te-3 in-label 123 nexthop 1.1.1.1 out-label 253 bandwidth ct0 20

Related commands

display mpls static-cr-lsp

static-cr-lsp egress

static-cr-lsp ingress

RSVP commands

The following matrix shows the feature and hardware compatibility:

Hardware	RSVP compatibility
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No
MSR2600-6-X1/2600-10-X1	Yes
MSR 2630	Yes
MSR3600-28/3600-51	Yes
MSR3600-28-SI/3600-51-SI	No
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes
MSR 3610/3620/3620-DP/3640/3660	Yes
MSR5620/5660/5680	Yes

Hardware	RSVP compatibility
MSR810-LM-GL	No
MSR810-W-LM-GL	No
MSR830-6EI-GL	No
MSR830-10EI-GL	No
MSR830-6HI-GL	No
MSR830-10HI-GL	No
MSR2600-6-X1-GL	Yes
MSR3600-28-SI-GL	No

authentication challenge

Use authentication challenge to enable the RSVP challenge-response handshake feature globally or for an RSVP neighbor.

Use undo authentication challenge to disable the challenge-response handshake feature globally or for an RSVP neighbor.

Syntax

authentication challenge

undo authentication challenge

Default

The RSVP challenge-response handshake feature is disabled.

Views

RSVP view

RSVP neighbor view

Predefined user roles

network-admin

Usage guidelines

To prevent packet replay attacks, RSVP requires received authentication messages to carry incremental sequence numbers. To verify the subsequent messages, RSVP saves the sequence number of the last valid message in a receive-type security association.

However, when RSVP creates a new receive-type security association, it cannot obtain the sequence number of the sender. To successfully establish the receive-type security association, RSVP sets the receive sequence number to 0 by default. Then, the association can receive a message with any sequence number from the peer. Because this introduces a vulnerability to replay attacks, you should execute the authentication challenge command. When RSVP creates a receive-type security association, it will perform a challenge-response handshake to obtain the sequence number of the sender.

RSVP challenge-response handshake can be configured in the following views:

· RSVP view—Configuration applies to all RSVP security associations.

· RSVP neighbor view—Configuration applies only to RSVP security associations with the specified neighbor.

· Interface view—Configuration applies only to RSVP security associations established on the current interface.

The execution of this command affects only security associations established after the execution. To apply the setting to existing security associations, you must execute the reset rsvp authentication command to delete and then re-establish the security associations.

Examples

# Enable RSVP challenge-response handshake globally.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp] authentication challenge

# Enable challenge-response handshake for RSVP neighbor 1.1.1.9.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp] peer 1.1.1.9

[Sysname-rsvp-peer-1.1.1.9] authentication challenge

Related commands

authentication key

authentication lifetime

authentication window-size

display rsvp authentication

reset rsvp authentication

rsvp authentication challenge

rsvp authentication key

rsvp authentication lifetime

rsvp authentication window-size

authentication key

Use authentication key to enable RSVP authentication globally or for an RSVP neighbor, and configure the authentication key.

Use undo authentication key to disable RSVP authentication.

Syntax

authentication key { cipher | plain } string

undo authentication key

Default

RSVP authentication is disabled.

Views

RSVP view

RSVP neighbor view

Predefined user roles

network-admin

Parameters

cipher: Specifies an authentication key in encrypted form.

plain: Specifies an authentication key in plaintext form. For security purposes, the key specified in plaintext form will be stored in encrypted form.

string: Specifies the authentication key. Its plaintext form is a case-sensitive string of 1 to 16 characters. Its encrypted form is a case-sensitive string of 1 to 53 characters.

Usage guidelines

RSVP authentication ensures integrity of RSVP messages, and prevents false resource reservation requests from occupying network resources.

With RSVP authentication, the sender uses the MD5 algorithm and the authentication key to calculate a message digest for an RSVP message. The sender inserts the message digest to the RSVP message. When the receiver receives the message, it performs the same calculation and compares the result with the message digest received. If the two digests match, the receiver accepts the message. If the two digests do not match, it drops the message.

RSVP authentication can be configured in the following views:

· RSVP view—Configuration applies to all RSVP security associations.

· RSVP neighbor view—Configuration applies only to RSVP security associations with the specified RSVP neighbor.

· Interface view—Configuration applies only to RSVP security associations established on the current interface.

Configurations in RSVP neighbor view, interface view, and RSVP view are in descending order of priority. If RSVP authentication for a neighbor is enabled in both RSVP neighbor view and RSVP view with different authentication keys configured, the key configured in RSVP neighbor view is used.

To re-establish a security association, you must delete the authentication key used by the current security association or delete the current security association (using the reset rsvp authentication command). Then, the device can re-establish a security association by looking up a new authentication key in order of priorities.

After you enable RSVP authentication on the local device, you must also enable RSVP authentication and configure the same authentication key on the RSVP neighbor.

Examples

# Enable RSVP authentication globally, and configure the authentication key as a plaintext string of abcdefgh.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp] authentication key plain abcdefgh

# Enable RSVP authentication for the neighbor 1.1.1.9, and configure the authentication key as a plaintext string of abcdefgh.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp] peer 1.1.1.9

[Sysname-rsvp-peer-1.1.1.9] authentication key plain abcdefgh

Related commands

authentication challenge

authentication lifetime

authentication window-size

display rsvp authentication

reset rsvp authentication

rsvp authentication challenge

rsvp authentication key

rsvp authentication lifetime

rsvp authentication window-size

authentication lifetime

Use authentication lifetime in RSVP view to set the global idle timeout for RSVP security associations.

Use authentication lifetime in RSVP neighbor view to set the idle timeout for RSVP security associations with an RSVP neighbor.

Use undo authentication lifetime to restore the default.

Syntax

authentication lifetime life-time

undo authentication lifetime

Default

The idle timeout for an RSVP security association is 1800 seconds.

Views

RSVP view

RSVP neighbor view

Predefined user roles

network-admin

Parameters

life-time: Specifies the RSVP security association idle timeout in the range of 30 to 86400 seconds.

Usage guidelines

When RSVP authentication is enabled, the device dynamically establishes security associations when receiving and sending RSVP messages.

To release memory resources, each security association has an idle timeout. When a security association is idle for the specified timeout time, the device deletes the security association. When the device sends or receives an authenticated RSVP message, it resets the idle timeout timer for the corresponding security association.

The RSVP authentication idle timeout can be configured in the following views:

· RSVP view—Configuration applies to all RSVP security associations.

· RSVP neighbor view—Configuration applies only to RSVP security associations with the specified RSVP neighbor.

· Interface view—Configuration applies only to RSVP security associations established on the current interface.

An RSVP security association established by using the authentication key configured in a view uses the idle timeout configured in the same view.

A modification to the idle timeout affects only security associations established after the modification. To apply the new setting to existing security associations, you must execute the reset rsvp authentication command to delete and then re-establish the security associations.

Examples

# Set the global idle timeout to 100 seconds for RSVP security associations.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp] authentication lifetime 100

# Set the idle timeout to 100 seconds for the security associations with the RSVP neighbor 1.1.1.9.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp] peer 1.1.1.9

[Sysname-rsvp-peer-1.1.1.9] authentication lifetime 100

Related commands

authentication challenge

authentication key

authentication window-size

display rsvp authentication

reset rsvp authentication

rsvp authentication challenge

rsvp authentication key

rsvp authentication lifetime

rsvp authentication window-size

authentication window-size

Use authentication window-size in RSVP view to set the global RSVP authentication window size, which is the maximum number of authenticated RSVP messages that can be received out of sequence.

Use authentication window-size in RSVP neighbor view to set the RSVP authentication window size for an RSVP neighbor.

Use undo authentication window-size to restore the default.

Syntax

authentication window-size number

undo authentication window-size

Default

Only one authenticated RSVP message can be received out of sequence.

Views

RSVP view

RSVP neighbor view

Predefined user roles

network-admin

Parameters

number: Specifies the maximum number of authenticated RSVP messages that can be received out of sequence, in the range of 1 to 64.

Usage guidelines

To protect against replay attacks, the sender places a unique sequence number in each RSVP message that contains authentication information. The sender increases the value of the sequence number by one each time it sends an RSVP message. If the sequence number of a received message is in the specified authentication window size, the receiver accepts the message. If it is not in the specified authentication window size, the receiver discards the message.

When the receiver receives an RSVP message, it compares the sequence number of the last accepted RSVP message with the sequence number of the newly received RSVP message.

· If the new sequence number is greater than the last sequence number, RSVP accepts the message and updates the last sequence number with the new sequence number.

· If the new sequence number equals the last sequence number, RSVP regards the message a replay message and discards the message.

· If the new sequence number is smaller than the last sequence number but greater than the last sequence number minus the window size, and has never been received before, RSVP accepts the message. If the new sequence number has been received before, RSVP regards the message a replay message and discards the message.

· If the new sequence number is smaller than or equal to the last sequence number minus the window size, RSVP regards the message invalid and discards the message.

By default, the authentication window size is 1. If the sequence number of a newly received RSVP message is smaller than that of the last accepted message, the device discards the message. However, if the sender sends multiple RSVP messages in a short time, these messages might arrive at the neighbor out of sequence. If you use the default window size, the out-of-sequence messages will be discarded. To solve this problem, you can use the authentication window-size command to configure a correct window size.

A security association established by using the authentication key configured in a view uses the window size configured in that view.

A modification to the window size affects only security associations established after the modification. To apply the new setting to existing security associations, you must execute the reset rsvp authentication command to delete and then re-establish the security associations.

Examples

# In RSVP view, set the maximum number of out-of-sequence authenticated RSVP messages that can be received to 10.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp] authentication window-size 10

# In RSVP neighbor view, set the maximum number of out-of-sequence authenticated RSVP messages that can be received from the RSVP neighbor 1.1.1.9 to 10.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp] peer 1.1.1.9

[Sysname-rsvp-peer-1.1.1.9] authentication window-size 10

Related commands

authentication challenge

authentication key

authentication lifetime

display rsvp authentication

reset rsvp authentication

rsvp authentication challenge

rsvp authentication key

rsvp authentication lifetime

rsvp authentication window-size

display rsvp

Use display rsvp to display RSVP information.

Syntax

display rsvp [ interface [ interface-type interface-number ] ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

interface: Displays RSVP information on interfaces.

interface-type interface-number: Displays RSVP information on the interface specified by its type and number.

Usage guidelines

If you do not specify the interface keyword, this command displays global RSVP information.

If you specify the interface keyword but do not specify the interface-type interface-number argument, this command displays RSVP information for all interfaces.

If you specify the interface interface-type interface-number option, this command displays RSVP information for the specified interface.

Examples

# Display global RSVP information.

<Sysname> display rsvp

LSR ID: 50.0.0.1 Fast Reroute time: 300 sec

Refresh interval: 30 sec Keep multiplier: 3

Hello interval: 3 sec Hello lost: 4

Graceful Restart: Disabled DSCP value: 48

Authentication: Enabled

Lifetime: 300 sec

Window size: 64

Challenge: Enabled

Statistics:

PSB number: 5 RSB number: 5

LSP number: 5 Request number: 5

Peer number: 5 SA number: 5

Table 49 Command output

Field	Description
Fast Reroute time	Interval for detecting whether a better bypass CRLSP is available for a primary CRLSP, in seconds.
Refresh interval	Interval for refreshing Path and Resv messages, in seconds.
Keep multiplier	PSB and RSB timeout multiplier.
Hello interval	Interval for sending hello requests, in seconds.
Hello lost	Maximum number of consecutive lost or erroneous hellos allowed.
DSCP value	DSCP value for outgoing RSVP packets.
Authentication	RSVP authentication state.
Lifetime	Idle timeout for RSVP security associations, in seconds.
Window size	Maximum number of out-of-sequence authenticated RSVP messages that can be received.
Challenge	State of the challenge-response handshake feature.
Statistics	RSVP statistics.
PSB number	Total number of PSBs.
RSB number	Total number of RSBs.
LSP number	Total number of LSPs established by RSVP.
Request number	Total number of RSVP request data blocks.
Peer number	Total number of RSVP neighbors.
SA number	Total number of security associations.

# Display RSVP information for all interfaces.

<Sysname> display rsvp interface

Interface: GE2/0/1 Logical interface handle: 0x3

State: Up IP address: 50.1.0.1

MPLS TE: Enabled RSVP: Enabled

Hello: Enabled BFD: Enabled

Summary refresh: Enabled Reliability: Disabled

Retransmit interval: 500 ms Retransmit increment: 1

Authentication: Enabled

Lifetime: 300 sec

Window size: 64

Challenge: Enabled

Bypass tunnels: Tunnel0

Interface: GE2/0/2 Logical interface handle: 0x67

State: Up IP address: 50.2.0.1

MPLS TE: Enabled RSVP: Enabled

Hello: Enabled BFD: Enabled

Summary refresh: Disabled Reliability: Disabled

Retransmit interval: 500 ms Retransmit increment: 1

Authentication: Enabled

Lifetime: 300 sec

Window size: 64

Challenge: Enabled

Bypass tunnels: Tunnel0, Tunnel1, Tunnel2

Table 50 Command output

Field	Description
Logical interface handle	Logical interface handle, used to distinguish logical outgoing interfaces on the RSVP interface.
State	Interface state recorded by RSVP: UP or Down.
IP address	IP address of the current interface used by RSVP.
MPLS TE	MPLS TE state on the interface.
RSVP	RSVP state on the interface.
Hello	State of the hello extension feature on the interface.
BFD	BFD state on the interface.
Summary refresh	State of the summary refresh feature on the interface.
Reliability	State of the reliable RSVP message delivery feature on the interface.
Retransmit interval	Initial retransmission interval for reliable RSVP message delivery, in milliseconds.
Retransmit increment	Retransmission increment value for reliable RSVP message delivery.
Authentication	RSVP authentication state on the interface.
Lifetime	Idle timeout for RSVP security associations, in seconds.
Window size	Maximum number of out-of-sequence authenticated RSVP messages that can be received.
Challenge	State of the challenge-response handshake feature on the interface.
Bypass tunnels	Bypass tunnels configured on the interface for fast reroute (FRR). If no bypass tunnels are configured, this field displays None.

display rsvp authentication

Use display rsvp authentication to display information about the security associations established with RSVP neighbors.

Syntax

display rsvp authentication [ from ip-address ] [ to ip-address ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

from ip-address: Displays information about the security associations with the specified source IP address.

to ip-address: Displays information about the security associations with the specified destination IP address.

verbose: Displays detailed information about RSVP security associations. If you do not specify this keyword, the command displays brief information about RSVP security associations.

Usage guidelines

After RSVP authentication is enabled, the device automatically establishes security associations when sending and receiving RSVP messages. A security association includes the following information:

· IP address of the authentication source node.

· IP address of the authentication destination node.

· Authentication direction.

· Authentication type.

· Authentication key.

· Authentication expiration time.

The device obtains the RSVP authentication source and destination IP addresses from the IP header or RSVP message objects, as shown in Table 51.

Table 51 How to get RSVP authentication source and destination IP addresses

Message type received or sent	Authentication source IP	Authentication destination IP
Path	Address in the HOP object of the RSVP message.	Address in the SESSION object of the RSVP message.
PathTear	Address in the HOP object of the RSVP message.	Address in the SESSION object of the RSVP message.
PathError	Source IP address in the IP header	Destination IP address in the IP header
Resv	Address in the HOP object of the RSVP message.	Destination IP address in the IP header
ResvTear	Address in the HOP object of the RSVP message.	Destination IP address in the IP header
ResvError	Address in the HOP object of the RSVP message.	Destination IP address in the IP header
ResvConfirm	Source IP address in the IP header	Address in the CONFIRM object of the RSVP message.
ACK	Source IP address in the IP header	Destination IP address in the IP header
Srefresh	Source IP address in the IP header	Destination IP address in the IP header
Hello	Source IP address in the IP header	Destination IP address in the IP header

If you do not specify the from ip-address to ip-address options, this command displays information about the security associations established with all RSVP neighbors.

Examples

# Display brief information about the security associations established with all RSVP neighbors.

<Sysname> display rsvp authentication

From To Mode Type Key-ID Expiration

57.10.10.1 57.10.10.2 Receive Interface 000103000000 280s

57.10.10.2 57.10.10.1 Send Interface 000103000000 280s

Table 52 Command output

Field	Description
From	RSVP authentication source IP address.
To	RSVP authentication destination IP address.
Mode	Direction of the security association: · Receive—Receive security association, used to authenticate messages received from an RSVP neighbor. · Send—Send security association, used to authenticate messages sent to an RSVP neighbor.
Type	Type of the security association: · Peer—Security association established in RSVP neighbor view. · Interface—Security association established in interface view. · Global—Security association established in RSVP view.
Key-ID	Key ID of the security association. · For a send security association, this field displays the local key ID. · For a receive security association, this field displays the key ID received from the peer.
Expiration	Idle timeout remaining time of the security association, in seconds.

# Display detailed information about the security associations established with all RSVP neighbors.

<Sysname> display rsvp authentication verbose

From: 20.1.1.1 To: 4.4.4.9

Mode: Send Type: Interface

Challenge: Supported Peer: 20.1.1.2

Local key ID: 0x000104000000 Peer key ID: 0x0

Lifetime: 1800 sec Expiration time: 1781 sec

Window size: 1

Last sent sequence number:

5781735195480686593

From: 20.1.1.2 To: 20.1.1.1

Mode: Receive Type: Interface

Challenge: Not configured Peer: 20.1.1.2

Local key ID: 0x0 Peer key ID: 0x000104000000

Lifetime: 1800 sec Expiration time: 1798 sec

Window size: 1

Received sequence numbers:

5781742445385482241

Table 53 Command output

Field	Description
From	RSVP authentication source IP address.
To	RSVP authentication destination IP address.
Mode	Direction of the security association: · Receive—Receive security association, used to authenticate messages received from an RSVP neighbor. · Send—Send security association, used to authenticate messages sent to an RSVP neighbor.
Type	Type of the security association: · Peer—Security association established in RSVP neighbor view. · Interface—Security association established in interface view. · Global—Security association established in RSVP view.
Challenge	State of the authentication challenge-response feature: · Not configured—The challenge-response handshake feature is disabled locally. (For a receive security association.) · Configured—The challenge-response handshake feature is enabled locally. (For a receive security association.) · In progress—The local device has sent an Integrity Challenge message to the peer and is waiting for the Integrity Response message from the peer. · Completed—The local device has received an Integrity Response message from the peer and the message has passed the authentication. · Failed—The Failed state is displayed when one of the following events occurs: ¡ The local device has received an Integrity Response message from the peer but the message failed the authentication. ¡ The local device has not received any valid Integrity Response after sending three Integrity Challenge messages to the peer. ¡ The challenge-response feature is disabled on the peer. · Supported—The local device supports the challenge-response feature. (For a send security association.)
Peer	IP address of the authentication neighbor.
Local key ID	Local key ID, for a send security association.
Peer key ID	Peer key ID, for a receive security association.
Lifetime	Idle timeout of the security association, in seconds.
Expiration time	Idle timeout remaining time of the security association, in seconds.
Window size	Maximum number of out-of-sequence authenticated RSVP messages that can be received.
Received sequence numbers	Sequence numbers of the received messages. This field can display the sequence numbers for a maximum of window-size messages.
Last sent sequence number	Sequence number of the last sent message.

Related commands

authentication challenge

authentication key

authentication lifetime

authentication window-size

reset rsvp authentication

rsvp authentication challenge

rsvp authentication key

rsvp authentication lifetime

rsvp authentication window-size

display rsvp lsp

Use display rsvp lsp to display information about CRLSPs established by RSVP.

Syntax

display rsvp lsp [ destination ip-address ] [ source ip-address ] [ tunnel-id tunnel-id ] [ lsp-id lsp-id ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

destination ip-address: Displays information about the CRLSP with the specified tunnel destination address.

source ip-address: Displays information about the CRLSP with the specified tunnel source address. The tunnel source address is the extended tunnel ID in the Session object of an RSVP message.

tunnel-id tunnel-id: Displays information about the CRLSP with the specified tunnel ID in the range of 0 to 65535.

lsp-id lsp-id: Displays information about the CRLSP with the specified LSP ID in the range of 0 to 65535.

verbose: Displays detailed information about CRLSPs. If you do not specify this keyword, the command displays brief information about CRLSPs.

Examples

# Display brief information about all CRLSPs established by RSVP.

<Sysname> display rsvp lsp

Destination Source Tunnel-ID LSP-ID Direction Tunnel-name

50.0.0.1 50.0.0.3 0 1 Uni Sysname_t0

50.0.0.1 50.0.0.3 1 2 Bi-Down Sysname_t1

Table 54 Command output

Field	Description
Destination	Tunnel destination address.
Source	Tunnel source address.
Direction	Tunnel direction: · Uni—Unidirectional tunnel. · Bi-Down—Forward CRLSP of a bidirectional tunnel. · Bi-Up—Backward CRLSP of a bidirectional tunnel.
Tunnel-name	The value for a tunnel name is Sysname_ttunnel-ID, where Sysname represents the device name, and tunnel-ID represents the ID of the tunnel. You can configure the device name by executing the sysname command in system view. This field contains a maximum of 80 characters, and displays the first 77 characters and three dots (.) if the name contains more than 80 characters.

# Display detailed information about all CRLSPs established by RSVP.

<Sysname> display rsvp lsp verbose

Tunnel name: Sysname_t1

Destination: 3.3.3.9 Source: 1.1.1.9

Tunnel ID: 1 LSP ID: 5

LSR type: Transit Direction: Unidirectional

Setup priority: 7 Holding priority: 7

In-Label: 1146 Out-Label: 3

In-Interface: GE2/0/2 Out-Interface: GE2/0/4

Nexthop: 57.20.20.1 Exclude-any: 0

Include-Any: 0 Include-all: 0

Mean rate (CIR): 0.00 kbps Mean burst size (CBS): 1000.00 bytes

Path MTU: 1500 Class type: CT0

RRO number: 8

57.10.10.1/32 Flag: 0x00 (No FRR)

57.10.10.2/32 Flag: 0x40 (No FRR/In-Int)

1146 Flag: 0x01 (Global label)

2.2.2.9/32 Flag: 0x20 (No FRR/Node-ID)

57.20.20.2/32 Flag: 0x00 (No FRR)

57.20.20.1/32 Flag: 0x40 (No FRR/In-Int)

3 Flag: 0x01 (Global label)

3.3.3.9/32 Flag: 0x20 (No FRR/Node-ID)

Fast Reroute protection: Ready

FRR inner label: 3 Bypass tunnel: Tunnel253

Tunnel name: Sysname_t253

Destination: 3.3.3.9 Source: 2.2.2.9

Tunnel ID: 253 LSP ID: 17767

LSR type: Ingress Direction: Bidirectional, Downstream

Setup priority: 7 Holding priority: 7

In-Label: - Out-Label: 1025

In-Interface: - Out-Interface: GE2/0/6

Nexthop: 10.11.112.135 Exclude-any: 0

Include-Any: 0 Include-all: 0

Mean rate (CIR): 125.00 kbps Mean burst size (CBS): 0.00 bytes

Path MTU: 0 Class type: CT0

RRO number: 8

10.11.112.140/32 Flag: 0x00 (No FRR)

10.11.112.135/32 Flag: 0x40 (No FRR/In-Int)

1025 Flag: 0x01 (Global label)

5.5.5.9/32 Flag: 0x20 (No FRR/Node-ID)

57.40.40.3/32 Flag: 0x00 (No FRR)

57.40.40.1/32 Flag: 0x40 (No FRR/In-Int)

3 Flag: 0x01 (Global label)

3.3.3.9/32 Flag: 0x20 ((No FRR/Node-ID)

Fast Reroute protection: None

Table 55 Command output

Field	Description
Tunnel name	The value for a tunnel name is Sysname_ttunnel-ID, where Sysname represents the device name, and tunnel-ID represents the ID of the tunnel. You can configure the device name by executing the sysname command in system view.
Destination	Tunnel destination address.
Source	Tunnel source address.
Direction	Tunnel direction: · Unidirectional—Unidirectional tunnel. · Bidirectional, Downstream—Forward CRLSP of a bidirectional tunnel. · Bidirectional, Upstream—Backward CRLSP of a bidirectional tunnel.
Exclude-any	Affinity representing a set of attribute filters. Matching any filter renders a link unacceptable.
Include-any	Affinity representing a set of attribute filters. Matching any filter renders a link acceptable.
Include-all	Affinity representing a set of attribute filters. All filters must be present for a link to be acceptable.
Class type	CT of the LSP.
RRO number	Number of Record Route Objects (RROs). If the number is not 0, the subsequent output displays the IP addresses or labels recorded in the RROs. The RRO information is displayed only when route recording is configured on the tunnel interface.
Flag	Flag value and its meaning in an RRO: · No FRR—FRR is not configured. · FRR Avail—FRR is available. · In use—FRR has occurred. · BW—Bandwidth protection. · Node-Prot—Node protection. · Node-ID—The IP address in the RRO is the LSR ID of the node. · In-Int—The IP address in the RRO is address of the incoming interface. · Global label—Per-platform label space.
Fast Reroute protection	Whether the tunnel has been bound to an FRR bypass tunnel: · None—Not bound to a bypass tunnel. · Ready—Bound to a bypass tunnel. No FRR has occurred. · Active—Bound to a bypass tunnel. An FRR has occurred.
FRR inner label	Incoming label of the FRR bypass tunnel. This field is displayed only when a bypass tunnel is bound.
Bypass tunnel	Name of the bypass tunnel. This field is displayed only when a bypass tunnel is bound.

Related commands

display rsvp request

display rsvp reservation

display rsvp sender

display rsvp peer

Use display rsvp peer to display RSVP neighbor information.

Syntax

display rsvp peer [ interface interface-type interface-number ] [ ip ip-address ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

interface interface-type interface-number: Displays information about RSVP neighbors connected to the interface specified by its type and number.

ip ip-address: Displays information about the RSVP neighbor specified by its IP address.

verbose: Displays detailed information about RSVP neighbors. If you do not specify this keyword, the command displays brief information about RSVP neighbors.

Examples

# Display brief information about all RSVP neighbors.

<Sysname> display rsvp peer

Peer Interface State Type Summary refresh

57.10.10.1 GE2/0/1 Idle Active Enabled

57.20.20.1 GE2/0/2 Init Passive Disabled

Table 56 Command output

Field	Description
Peer	Address of the RSVP neighbor.
Interface	Interface connected to the RSVP neighbor.
State	Local hello state: · Idle—Hello extension is disabled. · Init—Hello extension is enabled. The local device failed to exchange hellos with the neighbor or hello exchanges are in progress. · Up—Hello extension is enabled. The local device successfully exchanged hellos with the neighbor.
Type	Role of the local device in the neighbor relationship: · Active—The local device actively sends hello requests to the neighbor. · Passive—The local end passively receives hello requests from the neighbor and replies with hello ACK messages.
Summary refresh	State of the Srefresh feature on the neighbor, Enabled or Disabled.

# Display detailed information about all RSVP neighbors.

<Sysname> display rsvp peer verbose

Peer: 57.10.10.1 Interface: GE2/0/2

Hello state: Idle Hello type: Active

PSB count: 1 RSB count: 0

Src instance: 0x32e Dst instance: 0x0

Summary refresh: Enabled Graceful Restart state: Invalid

Peer GR restart time: 0 ms Peer GR recovery time: 0 ms

Peer: 57.20.20.1 Interface: GE2/0/4

Hello state: Init Hello type: Active

PSB count: 0 RSB count: 1

Src instance: 0x32e Dst instance: 0x0

Summary refresh: Disabled Graceful Restart state: Ready

Peer GR restart time: 0 ms Peer GR recovery time: 0 ms

Table 57 Command output

Field	Description
Peer	Address of the RSVP neighbor.
Interface	Interface connected to the RSVP neighbor.
Hello state	Local hello state: · Idle—Hello extension is disabled locally. · Init—Hello extension is enabled locally. The local device failed to exchange hellos with the neighbor or hello exchanges are in progress. · Up—Hello extension is enabled locally. The local device successfully exchanged hellos with the neighbor.
Hello type	Role of the local device in the neighbor relationship: · Active—The local device actively sends hello requests to the neighbor. · Passive—The local device passively receives hello requests from the neighbor and replies with hello ACK messages.
PSB count	Number of PSBs for the neighbor.
RSB count	Number of RSBs for the neighbor.
Src instance	Local device instance carried in the hello sent to the neighbor.
Dst instance	Neighbor device instance carried in the last hello received from the neighbor.
Summary refresh	State of the Srefresh feature on the neighbor, Enabled or Disabled.
Graceful Restart state	GR state of the neighbor: · Invalid—Neighbor is not GR capable, or GR is disabled locally. · Ready—Neighbor is GR capable. · Restarting—Neighbor is restarting. · Recovering—Neighbor is recovering.
Peer GR restart time	GR restart period of the neighbor, in milliseconds.
Peer GR recovery time	GR recovery period of the neighbor, in milliseconds.

display rsvp request

Use display rsvp request to display information about RSVP resource reservation requests sent to upstream devices.

Syntax

display rsvp request [ destination ip-address ] [ source ip-address ] [ tunnel-id tunnel-id ] [ prevhop ip-address ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

destination ip-address: Displays information about the RSVP resource reservation requests with the specified tunnel destination address.

source ip-address: Displays information about the RSVP resource reservation requests with the specified tunnel source address. The tunnel source address is the extended tunnel ID in the Session object of an RSVP message.

tunnel-id tunnel-id: Displays information about the RSVP resource reservation requests with the specified tunnel ID. The value range for a tunnel ID is 0 to 65535.

prevhop ip-address: Displays information about the RSVP resource reservation requests sent to the specified upstream device. The ip-address argument is the address of the destination device of the RSVP resource reservation requests, which is the address of the previous hop on the tunnel.

verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information.

Examples

# Display brief information about the RSVP resource reservation requests sent to all upstream devices.

<Sysname> display rsvp request

Destination Source Tunnel-ID Previous-hop Style

3.3.3.9 1.1.1.9 1 57.10.10.1 SE

Table 58 Command output

Field	Description
Destination	Tunnel destination address.
Source	Tunnel source address.
Style	Resource reservation style: · SE—Shared-explicit style. · FF—Fixed-filter style.

# Display detailed information about the RSVP resource reservation requests sent to all upstream devices.

<Sysname> display rsvp request verbose

Destination: 3.3.3.9 Source: 1.1.1.9

Tunnel ID: 1 Style: SE

Previous hop: 57.10.10.1 Previous hop LIH: 0xf0008

Sent message epoch: 0 Sent message ID: 0

Out-Interface: GE2/0/2 Refresh interval: 30000 ms

Unknown object number: 0

Flow descriptor 1:

Flow specification:

Mean rate (CIR): 50.00 kbps Mean burst size (CBS): 1000.00 bytes

Path MTU: 1500 QoS service: Controlled-Load

Filter specification 1:

Sender address: 1.1.1.9 LSP ID: 23

Label: 1110

Table 59 Command output

Field	Description
Destination	Tunnel destination address.
Source	Tunnel source address.
Style	Resource reservation style: · SE—Shared-explicit style. · FF—Fixed-filter style.
Previous hop LIH	Logical interface handle of the previous hop.
Sent message epoch	Value of the Epoch field in the Message ID object of the sent message.
Sent message ID	Message ID in the sent message.
Out-Interface	Outgoing interface of the message.
Refresh interval	Refresh interval for Path and Resv messages, in milliseconds.
Unknown object number	Number of unknown objects.
QoS service	QoS service type: Controlled-Load or Guaranteed.
Sender address	Sender address identifies the tunnel source end.
Label	Incoming label of the forward LSP.

Related commands

display rsvp lsp

display rsvp reservation

display rsvp sender

display rsvp reservation

Use display rsvp reservation to display information about RSVP resource reservation states.

Syntax

display rsvp reservation [ destination ip-address ] [ source ip-address ] [ tunnel-id tunnel-id ] [ nexthop ip-address ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

destination ip-address: Displays information about the RSVP resource reservation states with the specified tunnel destination address.

source ip-address: Displays information about the RSVP resource reservation states with the specified tunnel source address. The tunnel source address is the extended tunnel ID in the Session object of an RSVP message.

tunnel-id tunnel-id: Displays information about the RSVP resource reservation states with the specified tunnel ID. The value range for a tunnel ID is 0 to 65535.

nexthop ip-address: Displays information about the RSVP resource reservation states received from the specified downstream device. The ip-address argument is the address of the device that sent the RSVP resource reservation states, which is the address of the next hop on the tunnel.

verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information.

Examples

# Display brief information about all RSVP resource reservation states.

<Sysname> display rsvp reservation

Destination Source Tunnel-ID Nexthop Style

3.3.3.9 1.1.1.9 1 57.20.20.1 SE

Table 60 Command output

Field	Description
Destination	Tunnel destination address.
Source	Tunnel source address.
Style	Resource reservation style: · SE—Shared-explicit style. · FF—Fixed-filter style.

# Display detailed information about all RSVP resource reservation states.

<Sysname> display rsvp reservation verbose

Destination: 3.3.3.9 Source: 1.1.1.9

Tunnel ID: 1 Style: SE

Nexthop: 57.20.20.1 Nexthop LIH: 0x35

Received message epoch: 0 Received message ID: 0

In-Interface: GE2/0/4 Unknown object number: 0

Flow descriptor 1:

Flow specification:

Mean rate (CIR): 50.00 kbps Mean burst size (CBS): 1000.00 bytes

Path MTU: 1500 QoS service: Controlled-Load

Filter specification 1:

Sender address: 1.1.1.9 LSP ID: 23

Label: 3

RRO number: 3

57.20.20.1/32 Flag: 0x40 (No FRR/In-Int)

3 Flag: 0x01 (Global label)

3.3.3.9/32 Flag: 0x20 (No FRR/Node-ID)

Table 61 Command output

Field	Description
Destination	Tunnel destination address.
Source	Tunnel source address.
Style	Resource reservation style: · SE—Shared-explicit style. · FF—Fixed-filter style.
Nexthop LIH	Logical interface handle of the local outgoing interface for the next hop.
Received message epoch	Value of the Epoch field in the Message ID object of the received message.
Received message ID	Message ID in the received message.
In-Interface	Incoming interface of the message.
Unknown object number	Number of unknown objects.
QoS service	QoS service type: Controlled-Load or Guaranteed.
Sender address	Sender address identifies the tunnel source end.
Label	Outgoing label of the forward LSP.
RRO number	Number of RROs. If the number is not 0, the subsequent output displays the IP addresses or labels recorded in the RROs. The RRO information is displayed only when route recording is configured on the tunnel interface.
Flag	Flag value and its meaning in an RRO: · No FRR—FRR is not configured. · FRR Avail—FRR is available. · In use—FRR has occurred. · BW—Bandwidth protection. · Node-Prot—Node protection. · Node-ID—The IP address in the RRO is the LSR ID of the node. · In-Int—The IP address in the RRO is that of the incoming interface. · Global label—Per-platform label space.

Related commands

display rsvp lsp

display rsvp request

display rsvp sender

Use display rsvp sender to display information about RSVP path states.

Syntax

display rsvp sender [ destination ip-address ] [ source ip-address ] [ tunnel-id tunnel-id ] [ lsp-id lsp-id ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

destination ip-address: Displays information about the RSVP path states with the specified tunnel destination address.

source ip-address: Displays information about the RSVP path states with the specified tunnel source address. The tunnel source address is the extended tunnel ID in the Session object of an RSVP message.

tunnel-id tunnel-id: Displays information about the RSVP path states with the specified tunnel ID. The value range for a tunnel ID is 0 to 65535.

lsp-id lsp-id: Displays information about the RSVP path states with the specified LSP ID. The lsp-id argument specifies the ID of a CRLSP, in the range of 0 to 65535.

verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information.

Examples

# Display brief information about all RSVP path states.

<Sysname> display rsvp sender

Destination Source Tunnel-ID LSP-ID Style Bitrate

3.3.3.9 1.1.1.9 1 5 SE 0.00

3.3.3.9 2.2.2.9 253 17767 SE 125.00

Table 62 Command output

Field	Description
Destination	Tunnel destination address.
Source	Tunnel source address.
Style	Resource reservation style: · SE—Shared-explicit style. · FF—Fixed-filter style.
Bitrate	Tunnel bandwidth in kbps.

# Display detailed information about all RSVP path states.

<Sysname> display rsvp sender verbose

Destination: 3.3.3.9 Source: 1.1.1.9

Tunnel ID: 1 Style: SE

Sender address: 1.1.1.9 LSP ID: 5

Setup priority: 7 Holding priority: 7

FRR desired: Yes BW protection desired: Yes

Received upstream label: 1051 Sent upstream label: 1051

Previous hop: 57.10.10.1 Previous hop LIH: 0xf0008

Mean rate (CIR): 0.00 kbps Mean burst size (CBS): 1000.00 bytes

MTU: 1500 Qos service: Controlled-Load

Received message epoch: 0 Received message ID: 0

Sent message epoch: 0 Sent message ID: 0

In-Interface: GE2/0/2 Local LIH: 0x35

Local address: 57.20.20.2 Refresh interval: 30000 ms

Out-Interface: GE2/0/4 Nexthop: 57.20.20.1

Unknown object number: 0

Received ERO number: 2

57.10.10.2/32 Strict

57.20.20.1/32 Loose

XRO number: 2

67.10.10.1/32

67.20.20.1/32

Sent ERO number: 1

57.20.20.1/32 Loose

RRO number: 1

57.10.10.1/32 Flag: 0x00 (No FRR)

Fast Reroute PLR: Active

FRR inner label: 3 Bypass tunnel: Tunnel253

Sender Template:

Sender address: 10.11.112.140 LSP ID: 5

FRR ERO number: 1

3.3.3.9/32 Strict

Fast Reroute MP: None

Destination: 3.3.3.9 Source: 2.2.2.9

Tunnel ID: 253 Style: SE

Sender address: 2.2.2.9 LSP ID: 17767

Setup priority: 7 Holding priority: 7

FRR desired: Yes BW protection desired: Yes

Received upstream label: 1115 Sent upstream label: 1115

Previous hop: 57.10.10.1 Previous hop LIH: 0xf0008

Mean rate (CIR): 125.00 kbps Mean burst size (CBS): 0.00 bytes

MTU: 1500 Qos service: Controlled-Load

Received message epoch: 0 Received message ID: 0

Sent message epoch: 0 Sent message ID: 0

In-Interface: GE2/0/2 Local LIH: 0x67

Local address: 10.11.112.140 Refresh interval: 30000 ms

Out-Interface: GE2/0/3 Nexthop: 10.11.112.135

Unknown object number: 0

Received ERO number: 5

2.2.2.9/32 Strict

10.11.112.140/32 Strict

10.11.112.135/32 Strict

57.40.40.3/32 Strict

57.40.40.1/32 Strict

Sent ERO number: 3

10.11.112.135/32 Strict

57.40.40.3/32 Strict

57.40.40.1/32 Strict

XRO number: 1

67.40.40.1/32

RRO number: 0

Fast Reroute PLR: None

Fast Reroute MP: Active

In-Interface: GE2/0/2

Sender Template:

Sender address: 10.11.112.140 LSP ID: 5

Table 63 Command output

Field	Description
Destination	Tunnel destination address.
Source	LSR ID of the device at the tunnel source end.
Style	Resource reservation style: · SE—Shared-explicit style. · FF—Fixed-filter style.
Sender address	Sender address identifies the tunnel source end.
FRR desired	State of FRR, Yes or No.
BW protection desired	State of bandwidth protection, Yes or No.
Received upstream label	Backward LSP label received from the upstream device.
Sent upstream label	Backward LSP label sent to the downstream device.
Previous hop LIH	Logical interface handle of the previous hop.
QoS service	QoS service type: Controlled-Load or Guaranteed.
Received message Epoch	Value of the Epoch field in the Message ID object of the received message.
Received message ID	Message ID in the received message.
Sent message epoch	Value of the Epoch field in the Message ID object of the sent message.
Sent message ID	Message ID in the sent message.
In-Interface	Incoming interface of the message.
Local LIH	Local logical interface handle.
Local address	IP address of the outgoing interface of the Path message.
Refresh interval	Refresh interval for Path and Resv messages, in milliseconds.
Out-Interface	Outgoing interface of the message.
Unknown object number	Number of unknown objects.
Received ERO number	Number of received Explicit Route Objects (EROs) and the ERO information. ERO information includes the addresses of the nodes on the explicit path, and whether the current node is a loose or strict next hop.
Sent ERO number	Number of sent EROs and the ERO information. ERO information includes the addresses of the nodes on the explicit path, and whether the current node is a loose or strict next hop.
XRO number	Number of Exclude Route Objects (XROs). If the number is not 0, the subsequent output displays the IP addresses in the XROs. The IP addresses are the addresses of interfaces or the LSR IDs of the nodes that are to be excluded from routes. The addresses in the XROs are non-sequenced.
RRO number	Number of Record Route Objects (RROs). If the number is not 0, the subsequent output displays the IP addresses or labels recorded in the RROs. The RRO information is displayed only when route recording is configured on the tunnel interface.
Flag	Flag value and its meaning in an RRO: · No FRR—FRR is not configured. · FRR Avail—FRR is available. · In use—FRR has occurred. · BW—Bandwidth protection. · Node-Prot—Node protection. · Node-ID—The IP address in the RRO is the LSR ID of the node. · In-Int—The IP address in the RRO is that of the incoming interface. · Global label—Per-platform label space.
Fast Reroute PLR	Point of Local Repair (PLR) information: · None—Not bound to an FRR bypass tunnel. · Ready—Bound to an FRR bypass tunnel. No FRR has occurred. · Active—Bound to an FRR bypass tunnel. An FRR has occurred.
FRR inner label	Incoming label of the FRR bypass tunnel. Only the PLR node displays this field.
Bypass tunnel	Name of the bypass tunnel. Only the PLR node displays this field.
Sender address	Address of the path message sender after an FRR. The value of this field is the address of the outgoing interface of the bypass tunnel on the PLR node.
LSP ID	LSP ID carried in the path message after an FRR.
Fast Reroute MP	Merge Point (MP) information: · Active—The node is an MP and an FRR has occurred. · None—The node is not an MP, or the node is an MP but no FRR has occurred.
In-Interface	Incoming interface of the message.

Related commands

display rsvp lsp

display rsvp request

display rsvp reservation

display rsvp statistics

Use display rsvp statistics to display RSVP statistics.

Syntax

display rsvp statistics [ interface [ interface-type interface-number ] ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

interface: Displays RSVP statistics on interfaces.

interface-type interface-number: Displays RSVP statistics on the interface specified by its type and number.

Usage guidelines

If you do not specify the interface keyword, this command displays global RSVP statistics.

If you specify the interface keyword without the interface-type interface-number argument, this command displays RSVP statistics on all RSVP-enabled interfaces.

If you specify the interface interface-type interface-number option, this command displays RSVP statistics on the specified interface.

Examples

# Display global RSVP statistics.

<Sysname> display rsvp statistics

Object Added Deleted

PSB 3 1

RSB 3 1

LSP 3 1

Packet Received Sent

Path 5 5

Resv 5 5

PathError 0 0

ResvError 0 0

PathTear 0 0

ResvTear 0 0

ResvConf 0 0

Bundle 0 0

Ack 0 0

Srefresh 0 0

Hello 0 0

Challenge 0 0

Response 0 0

Error 0 0

# Display RSVP statistics on interfaces.

<Sysname> display rsvp statistics interface

GE2/0/2:

Packet Received Sent

Path 2 2

Resv 2 2

PathError 0 0

ResvError 0 0

PathTear 0 0

ResvTear 0 0

ResvConf 0 0

Bundle 0 0

Ack 0 0

Srefresh 0 0

Hello 0 0

Challenge 0 0

Response 0 0

Error 0 0

GE2/0/4:

Packet Received Sent

Path 3 3

Resv 3 3

PathError 0 0

ResvError 0 0

PathTear 0 0

ResvTear 0 0

ResvConf 0 0

Bundle 0 0

Ack 0 0

Srefresh 0 0

Hello 0 0

Challenge 0 0

Response 0 0

Error 0 0

Table 64 Command output

Field	Description
PSB	Number of added/deleted PSBs.
RSB	Number of added/deleted RSBs.
LSP	Number of added/deleted LSPs.
Path	Number of received/sent Path messages.
Resv	Number of received/sent Resv messages.
PathError	Number of received/sent Path Error messages.
ResvError	Number of received/sent Resv Error messages.
PathTear	Number of received/sent Path Tear messages.
ResvTear	Number of received/sent Resv Tear messages.
ResvConf	Number of received/sent Resv Conf messages.
Bundle	Number of received/sent Bundle messages.
Ack	Number of received/sent Ack messages.
Srefresh	Number of received/sent Srefresh messages.
Hello	Number of received/sent Hello messages.
Challenge	Number of received/sent Integrity Challenge messages.
Response	Number of received/sent Integrity Response messages.
Error	Number of received/sent error messages.

Related commands

reset rsvp statistics

dscp

Use dscp to set a DSCP value for outgoing RSVP packets.

Use undo dscp to restore the default.

Syntax

dscp dscp-value

undo dscp

Default

The DSCP value for outgoing RSVP packets is 48.

Views

RSVP view

Predefined user roles

network-admin

Parameters

dscp-value: Specifies a DSCP value in the range of 0 to 63.

Usage guidelines

The DSCP value of an IP packet specifies the priority level of the packet and affects the transmission priority of the packet.

Examples

# Set the DSCP value for outgoing RSVP packets to 56.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp] dscp 56

Related commands

display rsvp

graceful-restart enable

Use graceful-restart enable to enable RSVP GR.

Use undo graceful-restart enable to disable RSVP GR.

Syntax

graceful-restart enable

undo graceful-restart enable

Default

RSVP GR is disabled.

Views

RSVP view

Predefined user roles

network-admin

Usage guidelines

RSVP supports only the GR helper feature. The device is not able to perform GR, but it can help neighbor devices to perform GR.

Nonstop forwarding (NSF) is implemented between active and standby processes on the device.

The local device can act as a GR helper for the RSVP neighbor connected to an interface only after the following features are enabled on that interface:

· RSVP GR (configured by the graceful-restart enable command).

· RSVP hello extension (configured by the rsvp hello enable command).

Examples

# Enable RSVP GR globally.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp] graceful-restart enable

Related commands

rsvp hello enable

hello interval

Use hello interval to set the interval for sending hello requests.

Use undo hello interval to restore the default.

Syntax

hello interval interval

undo hello interval

Default

Hello request messages are sent at an interval of 5 seconds.

Views

RSVP view

Predefined user roles

network-admin

Parameters

interval: Specifies the interval at which RSVP sends hello requests, in the range of 1 to 60 seconds.

Usage guidelines

If no hello request is received from a neighbor within the hello interval, the device sends a hello request to the neighbor. If the device receives a hello request from a neighbor within the interval, it immediately replies the neighbor with a hello ACK message.

The hello interval command takes effect only on interfaces that have the RSVP hello extension feature enabled (by using the rsvp hello enable command).

Examples

# Set the interval for sending hello request messages to 10 seconds.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp] hello interval 10

Related commands

hello lost

rsvp hello enable

hello lost

Use hello lost to set the maximum number of consecutive lost or erroneous hellos.

Use undo hello lost to restore the default.

Syntax

hello lost times

undo hello lost

Default

The maximum number of consecutive lost or erroneous hellos is 4.

Views

RSVP view

Predefined user roles

network-admin

Parameters

times: Specifies the maximum number of consecutive lost or erroneous hellos, in the range of 3 to 10.

Usage guidelines

When a device sends a hello to a neighbor but the device does not receive any replies within an interval, the hello is lost. The device determines that the neighbor fails when the number of consecutive lost hellos or erroneous hellos from the neighbor reaches the maximum (configured by this command).

If RSVP GR is enabled, the local device acts as a GR helper to help the neighbor to perform GR. If RSVP GR is disabled but FRR is enabled on the local device, it performs an FRR.

If the maximum number is too big, neighbor failures cannot be promptly detected. If the maximum number is too small, an operating neighbor might be regarded failed.

This command takes effect only after the RSVP hello extension feature has been enabled by using the rsvp hello enable command.

Examples

# Set the maximum number of consecutive lost or erroneous hellos to 6.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp] hello lost 6

Related commands

hello interval

rsvp hello enable

keep-multiplier

Use keep-multiplier to set the PSB and RSB timeout multiplier.

Use undo keep-multiplier to restore the default.

Syntax

keep-multiplier number

undo keep-multiplier

Default

The PSB and RSB timeout multiplier is 3.

Views

RSVP view

Predefined user roles

network-admin

Parameters

number: Specifies the PSB and RSB timeout multiplier in the range of 3 to 255.

Usage guidelines

The PSB and RSB timeout is computed in this formula: Timeout = (keep-multiplier+0.5) × 1.5 × refresh-time. Refresh-time is the interval at which the peer device advertises the Path and Resv messages to the local device.

To prevent too many PSBs and RSBs from occupying system resources, the device removes a PSB or RSB if no Path or Resv message is received within the timeout interval.

Examples

# Set the PSB and RSB timeout multiplier to 5.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp] keep-multiplier 5

Related commands

refresh interval

peer

Use peer to create an RSVP authentication neighbor and enter its view, or enter the view of an existing RSVP authentication neighbor.

Use undo peer to delete an RSVP authentication neighbor.

Syntax

peer ip-address

undo peer ip-address

Default

No RSVP authentication neighbors exist.

Views

RSVP view

Predefined user roles

network-admin

Parameters

ip-address: Specifies an RSVP authentication neighbor by its IP address.

Usage guidelines

After this command is executed, you can configure RSVP authentication information for the specified RSVP neighbor, such as the authentication key and idle timeout of the security association.

After the device receives an RSVP message with an authentication object, it checks whether it has an RSVP authentication neighbor that matches one of the following addresses:

· The IP address in PHOP of the message (Path or Path Tear message).

· The source IP address in the message (message other than Path and Path Tear).

If a matching neighbor exists and an authentication key has been configured for the neighbor, the device verifies the validity of the message according to the key. Otherwise, the device uses the authentication key configured in interface view or RSVP view to verify the message validity. If no authentication key is configured in any view, the device ignores the authentication object carried in the message and accepts the message.

When sending an RSVP message, the device checks whether it has a matching authentication neighbor according to the next hop address for the destination address in the RSVP message. If a matching neighbor exists and an authentication key has been configured for the neighbor, the device sets the authentication object of the message according to the key. Otherwise, the device uses the authentication key configured in interface view or RSVP view to set the authentication object. If no authentication key is configured in any view, the device does not add an authentication object in the message.

If an FRR occurs, the downstream authentication neighbor of the PLR node is the destination IP address of the bypass tunnel. The upstream authentication neighbor of the MP node is the IP address of the physical outgoing interface of the bypass tunnel on the PLR.

Examples

# Create RSVP authentication neighbor 1.1.1.1, enter RSVP neighbor view, and configure a plaintext authentication key abcdfegh for the neighbor.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp] peer 1.1.1.1

[Sysname-rsvp-peer-1.1.1.1] authentication key plain abcdfegh

Related commands

authentication challenge

authentication key

authentication lifetime

authentication window-size

refresh interval

Use refresh interval to set the refresh interval for Path and Resv messages.

Use undo refresh interval to restore the default.

Syntax

refresh interval interval

undo refresh interval

Default

The refresh interval for Path and Resv messages is 30 seconds.

Views

RSVP view

Predefined user roles

network-admin

Parameters

interval: Specifies the interval at which RSVP refreshes Path and Resv messages, in the range of 10 to 65535 seconds.

Usage guidelines

This command performs the following operations:

· Determines the interval for sending Path and Resv messages.

· Adds the locally configured refresh interval in the sent Path and Resv messages, so the peer device can use this value to calculate the PSB and RSB timeout.

Examples

# Set the refresh interval for Path and Resv messages to 60 seconds.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp] refresh interval 60

Related commands

keep-multiplier

reset rsvp authentication

Use reset rsvp authentication to clear RSVP security associations.

Syntax

reset rsvp authentication [ from ip-address to ip-address ]

Views

User view

Predefined user roles

network-admin

Parameters

from ip-address: Clears the RSVP security associations with the specified authentication source IP address.

to ip-address: Clears the RSVP security associations with the specified authentication destination IP address.

Usage guidelines

If you do not specify the from ip-address to ip-address options, this command clears the security associations established with all RSVP neighbors.

Examples

# Clear all RSVP security associations.

<Sysname> reset rsvp authentication

# Clear the RSVP security association sourced from 1.1.1.1 to 2.2.2.2.

<Sysname> reset rsvp authentication from 1.1.1.1 to 2.2.2.2

Related commands

display rsvp authentication

reset rsvp statistics

Use reset rsvp statistics to clear RSVP statistics.

Syntax

reset rsvp statistics [ interface [ interface-type interface-number ] ]

Views

User view

Predefined user roles

network-admin

Parameters

interface: Clears RSVP statistics on interfaces.

interface-type interface-number: Clears RSVP statistics on the interface specified by its type and number.

Usage guidelines

If you do not specify the interface keyword, this command clears global RSVP statistics.

If you specify the interface keyword without the interface-type interface-number argument, this command clears RSVP statistics on all RSVP-enabled interfaces.

If you specify the interface interface-type interface-number option, this command clears RSVP statistics on the specified interface.

Examples

# Clear global RSVP statistics.

<Sysname> reset rsvp statistics

# Clear RSVP statistics on all RSVP-enabled interfaces.

<Sysname> reset rsvp statistics interface

Related commands

display rsvp statistics

rsvp

Use rsvp to enable RSVP globally and enter RSVP view.

Use undo rsvp to disable RSVP globally.

Syntax

rsvp

undo rsvp

Default

RSVP is disabled globally.

Views

System view

Predefined user roles

network-admin

Usage guidelines

To enable global RSVP, you must enable both global RSVP (by using the rsvp command) and global MPLS TE (by using the mpls te command).

Examples

# Enable RSVP globally and enter RSVP view.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp]

Related commands

mpls te

rsvp enable

rsvp authentication challenge

Use rsvp authentication challenge to enable RSVP challenge-response handshake on an interface.

Use undo rsvp authentication challenge to disable RSVP challenge-response handshake on an interface.

Syntax

rsvp authentication challenge

undo rsvp authentication challenge

Default

RSVP challenge-response handshake is disabled on an interface.

Views

Interface view

Predefined user roles

network-admin

Usage guidelines

To prevent packet replay attacks, RSVP requires received authentication messages to carry incremental sequence numbers. RSVP saves the sequence number of the last valid message in a receive-type security association to verify the subsequent messages. However, when RSVP creates a new receive-type security association, it cannot obtain the sequence number of the sender. To successfully establish the receive-type security association, RSVP sets the receive sequence number to 0 by default. Then, the association can receive a message with any sequence number from the peer. Because this introduces a vulnerability to replay attacks, you should execute the authentication challenge command. When RSVP creates a receive-type security association, it will perform a challenge-response handshake to obtain the sequence number of the sender.

RSVP challenge-response handshake can be configured in the following views:

· RSVP view—Configuration applies to all RSVP security associations.

· RSVP neighbor view—Configuration applies only to RSVP security associations with the specified RSVP neighbor.

· Interface view—Configuration applies only to RSVP security associations established on the current interface.

Examples

# Enable RSVP challenge-response handshake on interface GigabitEthernet 2/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 2/0/1

[Sysname-GigabitEthernet2/0/1] rsvp authentication challenge

Related commands

authentication challenge

authentication key

authentication lifetime

authentication window-size

display rsvp authentication

reset rsvp authentication

rsvp authentication key

rsvp authentication lifetime

rsvp authentication window-size

rsvp authentication key

Use rsvp authentication key to enable RSVP authentication on an interface and configure the authentication key.

Use undo rsvp authentication key to disable RSVP authentication on an interface.

Syntax

rsvp authentication key { cipher | plain } string

undo rsvp authentication key

Default

RSVP authentication is disabled.

Views

Interface view

Predefined user roles

network-admin

Parameters

cipher: Specifies an authentication key in encrypted form.

plain: Specifies an authentication key in plaintext form. For security purposes, the key specified in plaintext form will be stored in encrypted form.

string: Specifies the authentication key. Its plaintext form is a case-sensitive string of 1 to 16 characters. Its encrypted form is a case-sensitive string of 1 to 53 characters.

Usage guidelines

RSVP authentication ensures integrity of RSVP messages, preventing fake resource reservation requests from occupying network resources.

RSVP uses MD5 to calculate a digest for the authentication key and the message body, adds the digest to the message, and sends the message. When the peer receives the message, it performs the same calculation and compares the calculated digest with the digest in the message. If the two digests are the same, the message passes the RSVP authentication and is accepted. If the two digests are different, the peer device discards the message.

RSVP authentication can be configured in the following views:

· RSVP view—Configuration applies to all RSVP security associations.

· RSVP neighbor view—Configuration applies only to RSVP security associations with the specified RSVP neighbor.

· Interface view—Configuration applies only to RSVP security associations established on the current interface.

Configurations in RSVP neighbor view, interface view, and RSVP view are in descending order of priority. If RSVP authentication for a neighbor is enabled in both RSVP neighbor view and RSVP view, the authentication key configured in RSVP neighbor view is used.

After RSVP authentication is enabled on the local device, you must also enable RSVP authentication and configure the same authentication key on the RSVP neighbor.

Examples

# Enable RSVP authentication and configure the authentication key as abcdefgh on interface GigabitEthernet 2/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 2/0/1

[Sysname-GigabitEthernet2/0/1] rsvp authentication key plain abcdefgh

Related commands

authentication challenge

authentication key

authentication lifetime

authentication window-size

display rsvp authentication

reset rsvp authentication

rsvp authentication challenge

rsvp authentication lifetime

rsvp authentication window-size

rsvp authentication lifetime

Use rsvp authentication lifetime to set the idle timeout for RSVP security associations on an interface.

Use undo rsvp authentication lifetime to restore the default.

Syntax

rsvp authentication lifetime life-time

undo rsvp authentication lifetime

Default

The idle timeout for RSVP security associations is 1800 seconds on an interface.

Views

Interface view

Predefined user roles

network-admin

Parameters

life-time: Specifies the RSVP security association idle timeout in the range of 30 to 86400 seconds.

Usage guidelines

When RSVP authentication is enabled, the device dynamically establishes security associations when receiving and sending RSVP messages to record the message sequence numbers, which are used in RSVP authentication.

The RSVP authentication idle timeout can be configured in the following views:

· RSVP view—Configuration applies to all RSVP security associations.

· RSVP neighbor view—Configuration applies only to RSVP security associations with the specified RSVP neighbor.

· Interface view—Configuration applies only to RSVP security associations established on the current interface.

An RSVP security association established by using the authentication key configured in a view uses the idle timeout configured in the same view.

A modification to the idle timeout affects only security associations established after the modification. To apply the modification to existing security associations, you must execute the reset rsvp authentication command to delete and then re-establish the security associations.

Examples

# Set the idle timeout for RSVP security associations to 100 seconds on interface GigabitEthernet 2/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 2/0/1

[Sysname-GigabitEthernet2/0/1] rsvp authentication lifetime 100

Related commands

authentication challenge

authentication key

authentication lifetime

authentication window-size

display rsvp authentication

reset rsvp authentication

rsvp authentication challenge

rsvp authentication key

rsvp authentication window-size

Use rsvp authentication window-size to set the RSVP authentication window size, which is the maximum number of authenticated RSVP messages that can be received out of sequence on an interface.

Use undo rsvp authentication window-size to restore the default.

Syntax

rsvp authentication window-size number

undo rsvp authentication window-size

Default

Only one authenticated RSVP message can be received out of sequence on an interface.

Views

Interface view

Predefined user roles

network-admin

Parameters

number: Specifies the maximum number of authenticated RSVP messages that can be received out of sequence, in the range of 1 to 64.

Usage guidelines

When the receiver receives an RSVP message, it compares the sequence number of the last accepted RSVP message with the sequence number of the newly received RSVP message.

· If the new sequence number is greater than the last sequence number, RSVP accepts the message and updates the last sequence number with the new sequence number.

· If the received sequence number equals the last sequence number, RSVP regards the message a replay message and discards the message.

· If the new sequence number is smaller than the last sequence number but greater than the new sequence number minus the window size, and has never been received before, RSVP accepts the message. If the new sequence number has been received before, RSVP regards the message a replay message and discards the message.

· If the new sequence number is smaller than the new sequence number minus the window size, RSVP regards the message invalid and discards the message.

By default, the authentication window size is 1. If the sequence number of a newly received RSVP message is smaller than that of the last accepted message, the device discards the message.

If the sender sends multiple RSVP messages in a short time, these messages might arrive at the neighbor out of sequence. If you use the default window size, the out-of-sequence messages will be discarded. To solve this problem, you can use the rsvp authentication window-size command to configure a correct window size.

A security association established by using the authentication key configured in a view uses the window size configured in that view.

Examples

# Set the maximum number of out-of-sequence authenticated RSVP messages that can be received on interface GigabitEthernet 2/0/1 to 10.

<Sysname> system-view

[Sysname] interface gigabitethernet 2/0/1

[Sysname-GigabitEthernet2/0/1] rsvp authentication window-size 10

Related commands

authentication challenge

authentication key

authentication lifetime

authentication window-size

display rsvp authentication

reset rsvp authentication

rsvp authentication challenge

rsvp authentication key

rsvp authentication lifetime

rsvp bfd enable

Use rsvp bfd enable to enable BFD for RSVP on an interface.

Use undo rsvp bfd enable to restore the default.

Syntax

rsvp bfd enable

undo rsvp bfd enable

Default

RSVP-TE does not use BFD to detect the link status to an RSVP neighbor.

Views

Interface view

Predefined user roles

network-admin

Usage guidelines

By sending hellos, RSVP cannot promptly detect neighbor status. By executing this command on an interface, a BFD session is established to detect the link status to the RSVP neighbor on the interface. When the neighbor fails, BFD can quickly detect the failure and notify RSVP of the failure so RSVP can respond as configured, for example, performs an FRR.

Examples

# Enable BFD to detect the link status to the RSVP neighbor on interface GigabitEthernet 2/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 2/0/1

[Sysname-GigabitEthernet2/0/1] rsvp bfd enable

rsvp enable

Use rsvp enable to enable RSVP on an interface.

Use undo rsvp enable to disable RSVP on an interface.

Syntax

rsvp enable

undo rsvp enable

Default

RSVP is disabled on an interface.

Views

Interface view

Predefined user roles

network-admin

Usage guidelines

Before you enable RSVP on an interface, you must first enable RSVP globally by using the rsvp command in system view.

Examples

# Enable RSVP on interface GigabitEthernet 2/0/1.

<Sysname> system-view

[Sysname] rsvp

[Sysname-rsvp] quit

[Sysname] interface gigabitethernet 2/0/1

[Sysname-GigabitEthernet2/0/1] rsvp enable

Related commands

rsvp

rsvp hello enable

Use rsvp hello enable to enable RSVP hello extension.

Use undo rsvp hello enable to disable RSVP hello extension.

Syntax

rsvp hello enable

undo rsvp hello enable

Default

RSVP hello extension is disabled.

Views

Interface view

Predefined user roles

network-admin

Usage guidelines

With RSVP hello extension enabled, an interface sends and receives hello messages to detect the neighbor status.

Examples

# Enable RSVP hello extension on interface GigabitEthernet 2/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 2/0/1

[Sysname-GigabitEthernet2/0/1] rsvp hello enable

Related commands

hello interval

hello lost

rsvp reduction retransmit increment

Use rsvp reduction retransmit increment to set the RSVP message retransmission increment value.

Use undo rsvp reduction retransmit increment to restore the default.

Syntax

rsvp reduction retransmit increment increment-value

undo rsvp reduction retransmit increment

Default

The RSVP message retransmission increment is 1.

Views

Interface view

Predefined user roles

network-admin

Parameters

increment-value: Specifies the RSVP message retransmission increment in the range of 1 to 10.

Usage guidelines

After the rsvp reduction srefresh reliability command is executed, the retransmission increment and retransmission interval together determine the time for the next transmission of the RSVP message. For more information, see the usage guidelines in the rsvp reduction srefresh command.

Examples

# On interface GigabitEthernet 2/0/1, set the RSVP message retransmission increment value to 2.

<Sysname> system-view

[Sysname] interface gigabitethernet 2/0/1

[Sysname-GigabitEthernet2/0/1] rsvp reduction retransmit increment 2

Related commands

rsvp reduction retransmit interval

rsvp reduction srefresh

rsvp reduction retransmit interval

Use rsvp reduction retransmit interval to set the RSVP message retransmission interval.

Use undo rsvp reduction retransmit interval to restore the default.

Syntax

rsvp reduction retransmit interval interval

undo rsvp reduction retransmit interval

Default

The RSVP message retransmission interval is 500 milliseconds.

Views

Interface view

Predefined user roles

network-admin

Parameters

interval: Specifies the RSVP message retransmission interval in the range of 500 to 3000 milliseconds.

Usage guidelines

Examples

# On interface GigabitEthernet 2/0/1, set the RSVP message retransmission interval to 1000 milliseconds.

<Sysname> system-view

[Sysname] interface gigabitethernet 2/0/1

[Sysname-GigabitEthernet2/0/1] rsvp reduction retransmit interval 1000

Related commands

rsvp reduction retransmit increment

rsvp reduction srefresh

Use rsvp reduction srefresh to enable summary refresh and reliable RSVP message delivery.

Use undo rsvp reduction srefresh to disable summary refresh and reliable RSVP message delivery.

Syntax

rsvp reduction srefresh [ reliability ]

undo rsvp reduction srefresh

Default

Summary refresh and reliable RSVP message delivery are disabled.

Views

Interface view

Predefined user roles

network-admin

Parameters

reliability: Enables reliable RSVP message delivery. If you do not specify this keyword, the command enables only the summary refresh feature.

Usage guidelines

RSVP sends Path and Resv messages with the same states and objects to maintain the path and reservation states at intervals (configured by the refresh interval command). These messages are collectively referred to as refresh messages. Refresh messages are used to synchronize the path and reservation states on RSVP neighbors and to recover from lost RSVP messages.

When multiple RSVP sessions exist on a network, the periodically sent refresh messages can cause network degradation. In this case, the refreshing interval of Path and Resv messages should not be too short. However, delay sensitive applications want to recover from lost RSVP messages through the refresh messages as soon as possible. In this case, the refreshing interval should not be too long. You can use the summary refresh (Srefresh) and the reliable RSVP message delivery features to find the appropriate balance.

Srefresh is implemented by adding a Message_ID object to a Path or Resv message to uniquely identify the message. To refresh Path and Resv states, RSVP does not need to send standard Path and Resv messages. Instead, it can send a summary refresh message at regular intervals (configured by the refresh interval command). The message carries a set of Message_ID objects that identify the Path and Resv states to be refreshed. The Srefresh feature reduces the number of refresh messages on the network and speeds up the refresh message processing.

Reliable RSVP message delivery requires the peer device to acknowledge each RSVP message received from the local device. If no acknowledgment is received, the local device retransmits the message.

To implement reliable RSVP message delivery, a node sends an RSVP message that includes a Message_ID object in which the ACK_Desired flag is set. The receiver needs to confirm the delivery by sending back a message that includes the Message_ID_ACK object. If the sender does not receive a Message_ID_ACK within the retransmission interval (Rf), it performs the following operations:

· Retransmits the message when Rf expire.

· Sets the next transmission interval to (1 + delta) × Rf.

The sender repeats this process until it receives the Message_ID_ACK before the retransmission time expires or it has transmitted the message three times.

The initial value of Rf is configured by the rsvp reduction retransmit interval command. The delta value is configured by the rsvp reduction retransmit increment command.

After the summary refresh is enabled, RSVP maintains the path and reservation states by sending Srefresh messages rather than standard refresh messages.

Examples

# On interface GigabitEthernet 2/0/1, enable summary refresh and reliable RSVP message delivery.

<Sysname> system-view

[Sysname] interface gigabitethernet 2/0/1

[Sysname-GigabitEthernet2/0/1] rsvp reduction srefresh reliability

Related commands

refresh interval

rsvp reduction retransmit increment

rsvp reduction retransmit interval

Tunnel policy commands

The following matrix shows the feature and hardware compatibility:

Hardware	Tunnel policy compatibility
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No
MSR2600-6-X1/2600-10-X1	Yes
MSR 2630	Yes
MSR3600-28/3600-51	Yes
MSR3600-28-SI/3600-51-SI	No
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes
MSR 3610/3620/3620-DP/3640/3660	Yes
MSR5620/5660/5680	Yes

Hardware	Tunnel policy compatibility
MSR810-LM-GL	No
MSR810-W-LM-GL	No
MSR830-6EI-GL	No
MSR830-10EI-GL	No
MSR830-6HI-GL	No
MSR830-10HI-GL	No
MSR2600-6-X1-GL	Yes
MSR3600-28-SI-GL	No

display mpls tunnel

Use display mpls tunnel to display tunnel information.

Syntax

display mpls tunnel { all | statistics | [ vpn-instance vpn-instance-name ] destination { ipv4-address | ipv6-address } }

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

all: Displays all tunnels. GRE and MPLS TE tunnels are displayed only when the network layer is up.

statistics: Displays tunnel statistics.

vpn-instance vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays tunnel information for the public network.

destination: Displays the tunnel destined for the specified address.

ipv4-address: Specifies the tunnel destination IPv4 address.

ipv6-address: Specifies the tunnel destination IPv6 address.

Examples

# Display information about all tunnels.

<Sysname> display mpls tunnel all

Destination Type Tunnel/NHLFE VPN Instance

2.2.2.2 LSP NHLFE1024 -

3.3.3.3 CRLSP Tunnel2 -

3.3.3.3 GRE Tunnel3 -

4.4.4.4 CRLSP Tunnel-Bundle0 -

Table 65 Command output

Field	Description
Destination	Tunnel destination address.
Type	Tunnel type: LSP, GRE, or CRLSP (MPLS TE tunnel).
Tunnel/NHLFE	Tunnel, tunnel bundle, or NHLFE entry. NHLFEnumber represents the ingress LSP that matches the NHLFE entry with NID of number.
VPN Instance	VPN instance name. If the tunnel belongs to the public network, this field displays a hyphen (-).

# Display tunnel statistics.

<Sysname> display mpls tunnel statistics

LSP : 1

GRE : 0

CRLSP: 0

Table 66 Command output

Field	Description
LSP	Number of LSP tunnels.
GRE	Number of GRE tunnels.
CRLSP	Number of CRLSPs (MPLS TE tunnels).

preferred-path

Use preferred-path to configure a tunnel or a tunnel bundle as a preferred tunnel.

Use undo preferred-path to remove a preferred tunnel.

Syntax

preferred-path { tunnel number | tunnel-bundle number }

undo preferred-path { tunnel number | tunnel-bundle number }

Default

No preferred tunnels are configured.

Views

Tunnel policy view

Predefined user roles

network-admin

Parameters

tunnel number: Specifies an MPLS TE tunnel or a GRE tunnel by its tunnel interface number.

The following matrix shows the value ranges for the number argument:

Hardware	Argument compatibility	Value range
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No	N/A
MSR2600-6-X1/2600-10-X1	Yes	0 to 10239
MSR 2630	Yes	0 to 1023
MSR3600-28/3600-51	Yes	0 to 1023
MSR3600-28-SI/3600-51-SI	No	N/A
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes	0 to 2047
MSR 3610/3620/3620-DP/3640/3660	Yes	0 to 2047
MSR5620/5660/5680	Yes	0 to 4095

Hardware	Argument compatibility	Value range
MSR810-LM-GL	No	N/A
MSR810-W-LM-GL	No	N/A
MSR830-6EI-GL	No	N/A
MSR830-10EI-GL	No	N/A
MSR830-6HI-GL	No	N/A
MSR830-10HI-GL	No	N/A
MSR2600-6-X1-GL	Yes	0 to 10239
MSR3600-28-SI-GL	No	N/A

tunnel-bundle number: Specifies a tunnel bundle by its tunnel bundle interface number.

The following matrix shows the value ranges for the number argument:

Hardware	Argument	Value range
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No	N/A
MSR2600-6-X1/2600-10-X1	Yes	0 to 10239
MSR 2630	Yes	0 to 1023
MSR3600-28/3600-51	Yes	0 to 1023
MSR3600-28-SI/3600-51-SI	No	N/A
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes	0 to 2047
MSR 3610/3620/3620-DP/3640/3660	Yes	0 to 2047
MSR5620/5660/5680	Yes	0 to 4095

Hardware	Argument compatibility	Value range
MSR810-LM-GL	No	N/A
MSR810-W-LM-GL	No	N/A
MSR830-6EI-GL	No	N/A
MSR830-10EI-GL	No	N/A
MSR830-6HI-GL	No	N/A
MSR830-10HI-GL	No	N/A
MSR2600-6-X1-GL	Yes	0 to 1023
MSR3600-28-SI-GL	No	N/A

Usage guidelines

As a best practice, configure a preferred tunnel and make sure the destination address of the tunnel/tunnel bundle interface identifies the peer PE for an MPLS VPN. In this method, the local PE forwards traffic destined for the peer PE over the tunnel/tunnel bundle.

For a tunnel policy to solely use a tunnel or tunnel bundle, do not configure the tunnel or tunnel bundle as the preferred tunnel in other tunnel policies.

If you configure multiple preferred tunnels that have the same destination address in a tunnel policy, only the first configured tunnel takes effect. If the first tunnel is not available, the second tunnel is used, and so forth. No load balancing will be performed on these tunnels.

You can configure a maximum of 128 preferred tunnels in a tunnel policy.

Examples

# Configure tunnel 1 and tunnel 2 as preferred tunnels for tunnel policy policy1.

<Sysname> system-view

[Sysname] tunnel-policy policy1

[Sysname-tunnel-policy-policy1] preferred-path tunnel 1

[Sysname-tunnel-policy-policy1] preferred-path tunnel 2

select-seq load-balance-number

Use select-seq load-balance-number to configure the tunnel selection order and set the number of tunnels for load balancing.

Use undo select-seq to restore the default.

Syntax

select-seq { cr-lsp | gre | lsp } * load-balance-number number

undo select-seq

Default

The device selects only one tunnel in LSP-GRE-CRLSP order.

Views

Tunnel policy view

Predefined user roles

network-admin

Parameters

cr-lsp: Uses CRLSP tunnels.

gre: Uses GRE tunnels..

lsp: Uses LSP tunnels.

load-balance-number number: Specifies the number of tunnels for load balancing, in the range of 1 to 32.

Usage guidelines

A tunnel type closer to the select-seq keyword has a higher priority, and only the tunnel types specified in this command can be used. For example, the select-seq lsp gre load-balance-number 3 command gives LSP higher priority over GRE. If no LSP is available or the number of LSPs is less than 3, VPN uses GRE tunnels.

Tunnels selected by this method are not fixed, making it hard to plan VPN traffic. As a best practice, do not use this method.

When you configure both the select-seq load-balance-number and preferred-path commands for a tunnel policy, the tunnel policy selects tunnels in the following steps:

1. If the destination address of the preferred tunnel identifies a peer PE, the tunnel policy uses the preferred tunnel to forward traffic destined for the peer PE.

2. If not, the tunnel policy selects tunnels as configured by the select-seq load-balance-number command.

Examples

# Configure tunnel policy policy1 to use only GRE tunnels, and set the load balancing number to 2.

<Sysname> system-view

[Sysname] tunnel-policy policy1

[Sysname-tunnel-policy-policy1] select-seq gre load-balance-number 2

tunnel-policy

Use tunnel-policy to create a tunnel policy and enter its view, or enter the view of an existing tunnel policy.

Use undo tunnel-policy to delete a tunnel policy.

Syntax

tunnel-policy tunnel-policy-name

undo tunnel-policy tunnel-policy-name

Default

No tunnel policies exist.

Views

System view

Predefined user roles

network-admin

Parameters

tunnel-policy-name: Specifies a name for the tunnel policy, a case-sensitive string of 1 to 19 characters.

Examples

# Create tunnel policy policy1 and enter its view.

<Sysname> system-view

[Sysname] tunnel-policy policy1

[Sysname-tunnel-policy-policy1]

MPLS L3VPN commands

The following matrix shows the feature and hardware compatibility:

Hardware	MPLS L3VPN compatibility
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No
MSR2600-6-X1/2600-10-X1	Yes
MSR 2630	Yes
MSR3600-28/3600-51	Yes
MSR3600-28-SI/3600-51-SI	Yes
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes
MSR 3610/3620/3620-DP/3640/3660	Yes
MSR5620/5660/5680	Yes

Hardware	MPLS L3VPN compatibility
MSR810-LM-GL	No
MSR810-W-LM-GL	No
MSR830-6EI-GL	No
MSR830-10EI-GL	No
MSR830-6HI-GL	No
MSR830-10HI-GL	No
MSR2600-6-X1-GL	Yes
MSR3600-28-SI-GL	Yes

address-family ipv4 (VPN instance view)

Use address-family ipv4 to enter IPv4 VPN view.

Use undo address-family ipv4 to remove all configurations from IPv4 VPN view.

Syntax

address-family ipv4

undo address-family ipv4

Views

VPN instance view

Predefined user roles

network-admin

Usage guidelines

In IPv4 VPN view, you can configure IPv4 VPN parameters such as inbound and outbound routing policies.

Examples

# Enter IPv4 VPN view.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] address-family ipv4

[Sysname-vpn-ipv4-vpn1]

Related commands

address-family ipv6 (VPN instance view)

address-family vpnv4

Use address-family vpnv4 in BGP view to create the BGP VPNv4 address family and enter its view, or enter the view of the existing BGP VPNv4 address family.

Use address-family vpnv4 in BGP-VPN instance view to create the BGP-VPN VPNv4 address family and enter its view, or enter the view of the existing BGP-VPN VPNv4 address family.

Use undo address-family vpnv4 to remove the BGP VPNv4 address family or BGP-VPN VPNv4 address family, and all settings in address family view.

Syntax

address-family vpnv4

undo address-family vpnv4

Default

The BGP VPNv4 address family or BGP-VPN VPNv4 address family does not exist.

Views

BGP instance view

BGP-VPN instance view

Predefined user roles

network-admin

Usage guidelines

A VPNv4 address consists of an RD and an IPv4 prefix. VPNv4 routes are routes that carry VPNv4 addresses.

For a PE to exchange BGP VPNv4 routes with a BGP peer, enable that peer by executing the peer enable command in BGP VPNv4 or BGP-VPN VPNv4 address family view.

In BGP VPNv4 address family view, you can configure the following settings:

· BGP VPNv4 route attributes, such as the preferred value.

· Whether to allow the local AS number to appear in the AS_PATH attribute of received route updates.

The settings in BGP VPNv4 address family view control VPNv4 route exchange between PEs.

The settings in BGP-VPN VPNv4 address family view control VPNv4 route exchange between provider PE and provider CE in nested MPLS L3VPN.

Examples

# In BGP instance default, create the BGP VPNv4 address family and enter its view.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family vpnv4

[Sysname-bgp-default-vpnv4]

# In BGP instance default, create the BGP-VPN VPNv4 address family and enter its view.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] ip vpn-instance vpn1

[Sysname-bgp-default-vpn1] address-family vpnv4

[Sysname-bgp-default-vpnv4-vpn1]

description (VPN instance view)

Use description to configure a description for a VPN instance.

Use undo description to restore the default.

Syntax

description text

undo description

Default

No description is configured for a VPN instance.

Views

VPN instance view

Predefined user roles

network-admin

Parameters

text: Specifies a description, a case-sensitive string of 1 to 79 characters.

Examples

# Configure a description of This is vpn1 for VPN instance vpn1.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] description This is vpn1

display bgp routing-table ipv4 unicast inlabel

Use display bgp routing-table ipv4 unicast inlabel to display incoming labels for BGP IPv4 unicast routes.

Syntax

display bgp [ instance instance-name ] routing-table ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] inlabel

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

instance instance-name: Specifies a BGP instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a BGP instance, this command displays incoming labels for BGP IPv4 unicast routes in the default BGP instance.

vpn-instance vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays incoming labels for BGP IPv4 unicast routes on the public network.

Usage guidelines

This command displays incoming labels for BGP IPv4 unicast routes regardless of whether the unicast keyword is specified or not.

Examples

# Display incoming labels for all BGP IPv4 unicast routes on the public network.

<Sysname> display bgp routing-table ipv4 inlabel

Total number of routes: 1

BGP local router ID is 3.3.3.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Network NextHop OutLabel InLabel

* > 2.2.2.9/32 1.1.1.2 1151 1279

Table 67 Command output

Field	Description
BGP local router ID	Router ID of the local BGP router.
Status codes	Route status codes: · * - valid—Valid route. · > - best—Common optimal route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route.
Origin	Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols.
OutLabel	Outgoing label.
InLabel	Incoming label.

display bgp routing-table ipv4 unicast outlabel

Use display bgp routing-table ipv4 unicast outlabel to display outgoing labels for BGP IPv4 unicast routes.

Syntax

display bgp [ instance instance-name ] routing-table ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] outlabel

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

instance instance-name: Specifies a BGP instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a BGP instance, this command displays outgoing labels for BGP IPv4 unicast routes in the default BGP instance.

vpn-instance vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays outgoing labels for BGP IPv4 unicast routes on the public network.

Usage guidelines

This command displays outgoing labels for BGP IPv4 unicast routes regardless of whether the unicast keyword is specified or not.

Examples

# Display outgoing labels for all public BGP IPv4 unicast routes in the default BGP instance.

<Sysname> display bgp routing-table ipv4 outlabel

Total number of routes: 1

BGP local router ID is 3.3.3.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Network NextHop OutLabel

* > 2.2.2.9/32 1.1.1.2 1151

Table 68 Command output

Field	Description
BGP local router ID	Router ID of the local BGP router.
Status codes	Route status codes: · * - valid—Valid route. · > - best—Common optimal route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route.
Origin	Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols.
OutLabel	Outgoing label.

display bgp routing-table vpnv4

Use display bgp routing-table vpnv4 to display BGP VPNv4 routing information.

Syntax

display bgp [ instance instance-name ] routing-table vpnv4 [ [ route-distinguisher route-distinguisher ] [ ipv4-address [ { mask | mask-length } [ longest-match ] ] | ipv4-address [ mask | mask-length ] advertise-info | as-path-acl as-path-acl-number | community-list { { basic-community-list-number | comm-list-name } [ whole-match ] | adv-community-list-number } ] | [ vpn-instance vpn-instance-name ] peer ipv4-address { advertised-routes | received-routes } [ ipv4-address [ mask | mask-length ] | statistics ] | statistics ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

instance instance-name: Specifies a BGP instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a BGP instance, this command displays BGP VPNv4 routes in the default BGP instance.

route-distinguisher route-distinguisher: Specifies an RD, a string of 3 to 21 characters in one of the following formats:

· 16-bit AS number:32-bit user-defined number. For example, 101:3.

· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.

· 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1.

ipv4-address: Specifies the destination IPv4 address.

mask: Specifies the network mask, in dotted decimal notation.

mask-length: Specifies the length of the network mask, in the range of 0 to 32.

longest-match: Displays the longest matching BGP VPNv4 route. The longest matching BGP VPNv4 route is selected through the following steps:

1. ANDs the specified network address with the mask of each route.

2. Matches a route if the AND result is the same as the network address of the route and the mask of the route is shorter than or equal to the specified mask.

3. Selects the route with the longest mask among the matching routes.

advertise-info: Displays advertisement information for BGP VPNv4 routes.

as-path-acl as-path-acl-number: Displays BGP VPNv4 routes that match the AS path list specified by its number in the range of 1 to 256.

community-list: Displays BGP VPNv4 routes that match a BGP community list.

basic-community-list-number: Specifies a basic community list by its number in the range of 1 to 99.

comm-list-name: Specifies a community list by its name, a case-sensitive string of 1 to 63 characters.

whole-match: Displays BGP VPNv4 routes exactly matching the specified community list. If you do not specify this keyword, the command displays BGP VPNv4 routes whose COMMUNITY attributes include the specified community list.

adv-community-list-number: Specifies an advanced community list by its number in the range of 100 to 199.

vpn-instance vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays BGP VPNv4 routes advertised to or received from the specified peer on the public network.

peer: Displays BGP VPNv4 routing information advertised to or received from a peer.

ipv4-address: Specifies the peer IPv4 address.

advertised-routes: Displays BGP VPNv4 routing information advertised to the specified peer.

received-routes: Displays BGP VPNv4 routing information received from the specified peer.

statistics: Displays BGP VPNv4 routing statistics.

Usage guidelines

If you do not specify any parameters, this command displays brief information about all BGP VPNv4 routes.

If you specify ipv4-address mask or ipv4-address mask-length, this command displays detailed information about the BGP VPNv4 route that exactly matches the specified address and mask.

If you specify only ipv4-address, the system ANDs the network address with the mask of a route. If the result matches the network address of the route, this command displays detailed information about the BGP VPNv4 route.

Examples

# Display brief information about all BGP VPNv4 routes in the default BGP instance.

<Sysname> display bgp routing-table vpnv4

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Total number of routes from all PEs: 2

Route distinguisher: 100:1(vpn1)

Total number of routes: 6

Network NextHop MED LocPrf PrefVal Path/Ogn

* > 10.1.1.0/24 10.1.1.2 0 32768 ?

* e 10.1.1.1 0 0 65410?

* > 10.1.1.2/32 127.0.0.1 0 32768 ?

* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?

* >e 192.168.1.0 10.1.1.1 0 0 65410?

* i 3.3.3.9 0 100 0 65420?

Route distinguisher: 200:1

Total number of routes: 2

Network NextHop MED LocPrf PrefVal Path/Ogn

* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?

* >i 192.168.1.0 3.3.3.9 0 100 0 65420?

# Display brief information about BGP VPNv4 routes with RD 100:1 in the default BGP instance.

<Sysname> display bgp routing-table vpnv4 route-distinguisher 100:1

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Route distinguisher: 100:1(vpn1)

Total number of routes: 6

Network NextHop MED LocPrf PrefVal Path/Ogn

* > 10.1.1.0/24 10.1.1.2 0 32768 ?

* e 10.1.1.1 0 0 65410?

* > 10.1.1.2/32 127.0.0.1 0 32768 ?

* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?

* >e 192.168.1.0 10.1.1.1 0 0 65410?

* i 3.3.3.9 0 100 0 65420?

# Display information about BGP VPNv4 routes matching AS_PATH list 1 in the default BGP instance.

<Sysname> display bgp routing-table vpnv4 as-path-acl 1

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Total number of routes from all PEs: 2

Route distinguisher: 100:1(vpn1)

Total number of routes: 6

Network NextHop MED LocPrf PrefVal Path/Ogn

* > 10.1.1.0/24 10.1.1.2 0 32768 ?

* e 10.1.1.1 0 0 65410?

* > 10.1.1.2/32 127.0.0.1 0 32768 ?

* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?

* >e 192.168.1.0 10.1.1.1 0 0 65410?

* i 3.3.3.9 0 100 0 65420?

Route distinguisher: 200:1

Total number of routes: 2

Network NextHop MED LocPrf PrefVal Path/Ogn

* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?

* >i 192.168.1.0 3.3.3.9 0 100 0 65420?

# Display information about BGP VPNv4 routes matching BGP community list 100 in the default BGP instance.

<Sysname> display bgp routing-table vpnv4 community-list 100

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Total number of routes from all PEs: 2

Route distinguisher: 100:1(vpn1)

Total number of routes: 6

Network NextHop MED LocPrf PrefVal Path/Ogn

* > 10.1.1.0/24 10.1.1.2 0 32768 ?

* e 10.1.1.1 0 0 65410?

* > 10.1.1.2/32 127.0.0.1 0 32768 ?

* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?

* >e 192.168.1.0 10.1.1.1 0 0 65410?

* i 3.3.3.9 0 100 0 65420?

Route distinguisher: 200:1

Total number of routes: 2

Network NextHop MED LocPrf PrefVal Path/Ogn

* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?

* >i 192.168.1.0 3.3.3.9 0 100 0 65420?

# Display information about public BGP VPNv4 routes advertised to peer 3.3.3.9 in the default BGP instance.

<Sysname> display bgp routing-table vpnv4 peer 3.3.3.9 advertised-routes

Total number of routes: 2

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Route distinguisher: 100:1

Total number of routes: 2

Network NextHop MED LocPrf Path/Ogn

* > 10.1.1.0/24 10.1.1.2 0 ?

* >e 192.168.1.0 10.1.1.1 0 65410?

# Display information about public BGP VPNv4 routes received from peer 3.3.3.9 in the default BGP instance.

<Sysname> display bgp routing-table vpnv4 peer 3.3.3.9 received-routes

Total number of routes: 2

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Route distinguisher: 200:1

Total number of routes: 2

Network NextHop MED LocPrf PrefVal Path/Ogn

* >i 10.3.1.0/24 3.3.3.9 0 100 0 ?

* >i 192.168.1.0 3.3.3.9 0 100 0 65420?

Table 69 Command output

Field	Description
BGP local router ID	Router ID of the local BGP router.
Status codes	Route status codes: · * - valid—Valid route. · > - best—Common optimal route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route.
Origin	Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols.
Total number of routes from all PEs	Total number of VPNv4 routes from all PEs.
Network	Network address.
NextHop	Next hop address.
MED	MULTI_EXIT_DISC attribute.
LocPrf	Local preference value.
PrefVal	Preferred value.
Path/Ogn	AS_PATH and Origin attributes.

# Display detailed information about BGP VPNv4 routes to 10.3.1.0/24 in the default BGP instance.

<Sysname> display bgp routing-table vpnv4 10.3.1.0 24

BGP local router ID: 1.1.1.9

Local AS number: 100

Route distinguisher: 100:1(vpn1)

Total number of routes: 1

Paths: 1 available, 1 best

BGP routing table information of 10.3.1.0/24:

From : 3.3.3.9 (3.3.3.9)

Rely nexthop : 172.1.1.2

Original nexthop: 3.3.3.9

OutLabel : 1279

Ext-Community : <RT: 111:1>

AS-path : (null)

Origin : incomplete

Attribute value : MED 0, localpref 100, pref-val 0

State : valid, internal, best

IP precedence : N/A

QoS local ID : N/A

Traffic index : N/A

VPN-Peer UserID : N/A

DSCP : N/A

Route distinguisher: 200:1

Total number of routes: 1

Paths: 1 available, 1 best

BGP routing table information of 10.3.1.0/24:

From : 3.3.3.9 (3.3.3.9)

Rely nexthop : 172.1.1.2

Original nexthop: 3.3.3.9

OutLabel : 1279

Ext-Community : <RT: 111:1>

AS-path : (null)

Origin : incomplete

Attribute value : MED 0, localpref 100, pref-val 0

State : valid, internal, best

IP precedence : N/A

QoS local ID : N/A

Traffic index : N/A

VPN-Peer UserID : N/A

DSCP : N/A

# Display detailed information about the BGP VPNv4 route to 10.3.1.0/24 and with RD 100:1 in the default BGP instance.

<Sysname> display bgp routing-table vpnv4 route-distinguisher 100:1 10.3.1.0 24

BGP local router ID: 1.1.1.9

Local AS number: 100

Route distinguisher: 100:1(vpn1)

Total number of routes: 1

Paths: 1 available, 1 best

BGP routing table information of 10.3.1.0/24:

From : 3.3.3.9 (3.3.3.9)

Rely nexthop : 172.1.1.2

Original nexthop: 3.3.3.9

OutLabel : 1279

Ext-Community : <RT: 111:1>

AS-path : (null)

Origin : incomplete

Attribute value : MED 0, localpref 100, pref-val 0

State : valid, internal, best

IP precedence : N/A

QoS local ID : N/A

Traffic index : N/A

VPN-Peer UserID : N/A

DSCP : N/A

Table 70 Command output

Field	Description
Rely Nexthop	Recursive next hop. If no recursive next hop is found, this field displays not resolved.
Original nexthop	Original next hop. If the route is learned from a BGP update, it is the next hop in the update message.
Ext-Community	Extended community attribute.
Origin	Route origin: · igp—Originated in the AS. The origin of routes advertised by the network command is IGP. · egp—Learned through EGP. · incomplete—Redistributed from IGP protocols.
Attribute value	BGP route attribute information: · MED—MED attribute. · localpref—Local preference. · pref-val—Preferred value. · pre—Protocol preference.
State	Route status: · valid—Valid route. · internal—Internal route. · external—External route. · local—Locally generated route. · synchronize—Synchronized route. · best—Optimal route.
IP precedence	IP priority of a route, in the range of 0 to 7. N/A indicates that the route does not support this field.
QoS local ID	QoS local ID attribute of a route, in the range of 1 to 4095. N/A indicates that the route does not support this field.
Traffic index	Index of the traffic, in the range of 1 to 64. N/A indicates that the route does not support this field.
VPN-Peer UserID	VPN peer ID in the range of 1 to 134217727. N/A indicates that the route does not support this field.
DSCP	DSCP value in the range of 0 to 63. N/A indicates that the route does not support this field.

# Display advertisement information for BGP VPNv4 routes to 10.1.1.0/24 in the default BGP instance.

<Sysname> display bgp routing-table vpnv4 10.1.1.0 24 advertise-info

BGP local router ID: 1.1.1.9

Local AS number: 100

Route distinguisher: 100:1

Total number of routes: 1

Paths: 1 best

BGP routing table information of 10.1.1.0/24:

Advertised to VPN peers (1 in total):

3.3.3.9

Inlabel : 1279

Table 71 Command output

Field	Description
Paths	Number of routes to the specified destination network.
BGP routing table information of 10.1.1.0/24	Advertisement information for the BGP route to 10.1.1.0/24.
Advertised to VPN peers (1 in total)	VPNv4 peers to which the route is advertised, and the number of peers.
Inlabel	Incoming label of the route.

# Display statistics about public BGP VPNv4 routes advertised to peer 3.3.3.9 in the default BGP instance.

<Sysname> display bgp routing-table vpnv4 peer 3.3.3.9 advertised-routes statistics

Advertised routes total: 2

# Display statistics about public BGP VPNv4 routes received from peer 3.3.3.9 in the default BGP instance.

<Sysname> display bgp routing-table vpnv4 peer 3.3.3.9 received-routes statistic

Received routes total: 2

Table 72 Command output

Field	Description
Advertised routes total	Total number of routes advertised to the specified peer.
Received routes total	Total number of routes received from the specified peer.

# Display statistics about public BGP VPNv4 routes in the default BGP instance.

<Sysname> display bgp routing-table vpnv4 statistics

Total number of routes from all PEs: 2

Route distinguisher: 100:1(vpn1)

Total number of routes: 6

Route distinguisher: 200:1

Total number of routes: 2

Table 73 Command output

Field	Description
Total number of routes from all PEs	Total number of VPNv4 routes from all PEs.
Total number of routes	Total number of VPNv4 routes with the specified RD.

Related commands

ip as-path (Layer 3—IP Routing Command Reference)

display bgp routing-table vpnv4 inlabel

Use display bgp routing-table vpnv4 inlabel to display incoming labels for BGP VPNv4 routes.

Syntax

display bgp [ instance instance-name ] routing-table vpnv4 inlabel

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

Examples

# Display incoming labels for all BGP VPNv4 routes in the default BGP instance.

<Sysname> display bgp routing-table vpnv4 inlabel

Total number of routes: 2

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Route distinguisher: 100:1

Total number of routes: 2

Network NextHop OutLabel InLabel

* > 10.1.1.0/24 10.1.1.2 NULL 1279

* >e 192.168.1.0 10.1.1.1 NULL 1278

Table 74 Command output

Field	Description
BGP local router ID	Router ID of the local BGP router.
Status codes	Route status codes: · * - valid—Valid route. · > - best—Common optimal route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route.
Origin	Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols.

display bgp routing-table vpnv4 outlabel

Use display bgp routing-table vpnv4 outlabel to display outgoing labels for BGP VPNv4 routes.

Syntax

display bgp [ instance instance-name ] routing-table vpnv4 outlabel

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

Examples

# Display outgoing labels for all BGP VPNv4 routes in the default BGP instance.

<Sysname> display bgp routing-table vpnv4 outlabel

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Total number of routes from all PEs: 2

Route distinguisher: 100:1(vpn1)

Total number of routes: 2

Network NextHop OutLabel

* >i 10.3.1.0/24 3.3.3.9 1279

* i 192.168.1.0 3.3.3.9 1278

Route distinguisher: 200:1

Total number of routes: 2

Network NextHop OutLabel

* >i 10.3.1.0/24 3.3.3.9 1279

* >i 192.168.1.0 3.3.3.9 1278

Table 75 Command output

Field	Description
BGP local router ID	Router ID of the local BGP router.
Status codes	Route status codes: · * - valid—Valid route. · > - best—Common optimal route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route.
Origin	Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols.
OutLabel	Outgoing label. If the peer PE assigns an explicit null label, this field displays exp-null.

display ip vpn-instance

Use display ip vpn-instance to display information about VPN instances.

Syntax

display ip vpn-instance [ instance-name vpn-instance-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

instance-name vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays brief information about all VPN instances.

Examples

# Display brief information about all VPN instances.

<Sysname> display ip vpn-instance

Total VPN-Instances configured : 1

VPN-Instance Name RD Create time

abc 1:1 2011/05/18 10:48:17

Table 76 Command output

Field	Description
VPN-Instance Name	Name of the VPN instance.
RD	RD of the VPN instance.
Create Time	Time when the VPN instance was created.

# Display detailed information about VPN instance vpn1.

<Sysname> display ip vpn-instance instance-name vpn1

VPN-Instance Name and Index : vpn1, 2

Route Distinguisher : 100:1

VPN ID : 1:1

Description : vpn1

Interfaces : GigabitEthernet2/0/2

Address-family IPv4:

Export VPN Targets :

2:2

Import VPN Targets :

3:3

Export Route Policy : outpolicy

Import Route Policy : inpolicy

Tunnel Policy : tunnel1

Maximum Routes Limit : 500

Threshold Value(%): 50

Address-family IPv6:

Export VPN Targets :

2:2

Import VPN Targets :

3:3

Export Route Policy : outpolicy

Import Route Policy : inpolicy

Tunnel Policy : tunnel1

Maximum Routes Limit :500

Threshold Value(%): 50

display ospf sham-link

Use display ospf sham-link to display OSPF sham link information.

Syntax

display ospf [ process-id ] sham-link [ area area-id ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

process-id: Specifies an OSPF process by its ID. The process ID is in the range of 1 to 65535. If you do not specify a process, this command displays sham link information for all OSPF processes.

area area-id: Specifies an OSPF area by its ID, which is an IP address, or an integer. The integer is in the range of 0 to 4294967295. If you do not specify an area, this command displays sham link information for all OSPF areas.

Usage guidelines

If you do not specify any processes or areas, this command displays information about all OSPF sham links.

Examples

# Display information about all OSPF sham links.

<Sysname> display ospf sham-link

OSPF Process 1 with Router ID 125.1.1.1

Sham link

Area Neighbor ID Source IP Destination IP State Cost

0.0.0.0 95.1.1.1 125.2.1.1 95.2.1.1 P-2-P 1

# Display OSPF sham link information for OSPF area 1.

<Sysname> display ospf sham-link area 1

OSPF Process 100 with Router ID 100.1.1.2

Sham link: 3.3.3.3 --> 5.5.5.5

Neighbor ID: 120.1.1.2 State: Full

Area: 0.0.0.1

Cost: 1 State: P-2-P Type: Sham

Timers: Hello 10, Dead 40, Retransmit 5, Transmit Delay 1

Request list: 0 Retransmit list: 0

GTSM: Enabled, maximum number of hops: 2

MD5 authentication enabled.

The last key is 3.

The rollover is in progress, 1 neighbor(s) left.

Table 77 Command output

Field	Description
State	Neighbor state for the sham link, Down, Init, 2-way, ExStart, Exchange, Loading, or Full.
Cost	Cost of the sham link.
State	Sham link state: Down or P-2-P.
Timers	Timers for the sham link, in seconds. The timers include Hello timer, Dead timer, Retransmit timer, and Transmit Delay timer.
GTSM: Enabled, maximum number of hops: 2	OSPF GTSM is enabled, and the maximum number of hops is 2. If OSPF GTSM is disabled, this field displays GTSM: Disabled.

domain-id (OSPF view)

Use domain-id to set an OSPF domain ID.

Use undo domain-id to delete an OSPF domain ID.

Syntax

domain-id domain-id [ secondary ]

undo domain-id [ domain-id ]

Default

The OSPF domain ID is 0.

Views

OSPF view

Predefined user roles

network-admin

Parameters

domain-id: Specifies an OSPF domain ID, in one of the following formats:

· Integer, in the range of 0 to 4294967295. For example, 1.

· Dotted decimal notation. For example, 0.0.0.1.

· Dotted decimal notation:16-bit user-defined number in the range of 0 to 65535. For example, 0.0.0.1:512.

secondary: Specifies a secondary domain ID. If you do not specify this keyword, the command specifies a primary domain ID.

Usage guidelines

When you redistribute OSPF routes into BGP, BGP adds the primary domain ID to the redistributed BGP VPNv4 routes as a BGP extended community attribute. Then, BGP advertises the routes to the peer PE.

When the peer PE receives the routes, it compares the OSPF domain ID in the routes with the locally configured primary and secondary domain IDs. OSPF advertises these routes in Network Summary LSAs (Type 3) if both the following conditions exist:

· The primary or secondary domain ID is the same as the received domain ID.

· The received routes are intra-area or inter-area routes.

Otherwise, OSPF advertises these routes in AS External LSAs (Type 5) or NSSA External LSAs (Type 7).

If you do not specify any parameters, the undo domain-id command restores the default.

Examples

# Set the OSPF domain ID to 234.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] domain-id 234

export route-policy

Use export route-policy to apply an export routing policy to a VPN instance.

Use undo export route-policy to restore the default.

Syntax

export route-policy route-policy

undo export route-policy

Default

No export routing policy is applied to a VPN instance.

Views

VPN instance view

IPv4 VPN view

IPv6 VPN view

Predefined user roles

network-admin

Parameters

route-policy: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.

Usage guidelines

You can specify an export routing policy to filter advertised routes or modify their route attributes for the VPN instance.

If you execute this command multiple times, the most recent configuration takes effect.

An export routing policy specified in VPN instance view applies to both IPv4 VPN and IPv6 VPN.

An export routing policy specified in IPv4 VPN view or IPv6 VPN view applies only to IPv4 VPN or IPv6 VPN.

IPv4 VPN prefers the export routing policy specified in IPv4 VPN view over the one specified in VPN instance view. IPv6 VPN prefers the export routing policy specified in IPv6 VPN view over the one specified in VPN instance view.

Examples

# Apply the export routing policy poly-1 to VPN instance vpn1.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] export route-policy poly-1

# Apply the export routing policy poly-2 to IPv4 VPN vpn2.

<Sysname> system-view

[Sysname] ip vpn-instance vpn2

[Sysname-vpn-instance-vpn2] address-family ipv4

[Sysname-vpn-ipv4-vpn2] export route-policy poly-2

# Apply the export routing policy poly-3 to IPv6 VPN vpn3.

<Sysname> system-view

[Sysname] ip vpn-instance vpn3

[Sysname-vpn-instance-vpn3] address-family ipv6

[Sysname-vpn-ipv6-vpn3] export route-policy poly-3

Related commands

import route-policy

route-policy (Layer 3—IP Routing Command Reference)

ext-community-type (OSPF view)

Use ext-community-type to configure the type code of an OSPF extended community attribute.

Use undo ext-community-type to restore the default.

Syntax

ext-community-type { domain-id type-code1 | router-id type-code2 | route-type type-code3 }

undo ext-community-type [ domain-id | router-id | route-type ]

Default

The type codes for domain ID, router ID, and route type are hex numbers 0005, 0107, and 0306, respectively.

Views

OSPF view

Predefined user roles

network-admin

Parameters

domain-id type-code1: Specifies the type code for domain ID. Valid values are hex numbers 0005, 0105, 0205, and 8005.

router-id type-code2: Specifies the type code for router ID. Valid values are hex numbers 0107 and 8001.

route-type type-code3: Specifies the type code for route type. Valid values are hex numbers 0306 and 8000.

Examples

# Configure the type codes of domain ID, router ID, and route type as hex numbers 8005, 8001, and 8000, respectively, for OSPF process 100.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] ext-community-type domain-id 8005

[Sysname-ospf-100] ext-community-type router-id 8001

[Sysname-ospf-100] ext-community-type route-type 8000

import route-policy

Use import route-policy to apply an import routing policy to a VPN instance.

Use undo import route-policy to restore the default.

Syntax

import route-policy route-policy

undo import route-policy

Default

All routes matching the import target attribute are accepted.

Views

VPN instance view

IPv4 VPN view

IPv6 VPN view

Predefined user roles

network-admin

Parameters

route-policy: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.

Usage guidelines

You can specify an import routing policy to filter received routes or modify their route attributes for the VPN instance.

If you execute this command multiple times, the most recent configuration takes effect.

An import routing policy specified in VPN instance view applies to both IPv4 VPN and IPv6 VPN.

An import routing policy specified in IPv4 VPN view or IPv6 VPN view applies only to the IPv4 VPN or IPv6 VPN.

IPv4 VPN prefers the import routing policy specified in IPv4 VPN view over the one specified in VPN instance view. IPv6 VPN prefers the import routing policy specified in IPv6 VPN view over the one specified in VPN instance view.

Examples

# Apply the import routing policy poly-1 to VPN instance vpn1.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] import route-policy poly-1

# Apply the import routing policy poly-2 to IPv4 VPN vpn2.

<Sysname> system-view

[Sysname] ip vpn-instance vpn2

[Sysname-vpn-instance-vpn2] address-family ipv4

[Sysname-vpn-ipv4-vpn2] import route-policy poly-2

# Apply the import routing policy poly-3 to IPv6 VPN vpn3.

<Sysname> system-view

[Sysname] ip vpn-instance vpn3

[Sysname-vpn-instance-vpn3] address-family ipv6

[Sysname-vpn-ipv6-vpn3] import route-policy poly-3

Related commands

export route-policy

route-policy (Layer 3—IP Routing Command Reference)

ip binding vpn-instance

Use ip binding vpn-instance to associate an interface with a VPN instance.

Use undo ip binding vpn-instance to restore the default.

Syntax

ip binding vpn-instance vpn-instance-name

undo ip binding vpn-instance

Default

An interface is associated with no VPN instance and belongs to the public network.

Views

Interface view

Predefined user roles

network-admin

Parameters

vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters.

Usage guidelines

Use this command to associate the VPN instance with the interface connected to the CE.

This command or its undo form clears the IP address and routing protocol configuration on the interface. The specified VPN instance must have been created by using the ip vpn-instance command in system view.

To associate a new VPN instance with an interface, first execute the undo ip binding vpn-instance command to remove the existing association.

Examples

# Associate interface GigabitEthernet 2/0/1 with VPN instance vpn1.

<Sysname> system-view

[Sysname] interface gigabitethernet 2/0/1

[Sysname-GigabitEthernet2/0/1] ip binding vpn-instance vpn1

Related commands

ip vpn-instance (system view)

Use ip vpn-instance to create a VPN instance and enter its view, or enter the view of an existing VPN instance.

Use undo ip vpn-instance to delete a VPN instance.

Syntax

ip vpn-instance vpn-instance-name

undo ip vpn-instance vpn-instance-name

Default

No VPN instances exist.

Views

System view

Predefined user roles

network-admin

Parameters

vpn-instance-name: Specifies a VPN instance name, a case-sensitive string of 1 to 31 characters.

Examples

# Create a VPN instance named vpn1 and enter its view.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1]

Related commands

route-distinguisher

nesting-vpn

Use nesting-vpn to enable the nested VPN feature.

Use undo nesting-vpn to disable the nested VPN feature.

Syntax

nesting-vpn

undo nesting-vpn

Default

The nested VPN feature is disabled.

Views

BGP VPNv4 address family view

Predefined user roles

network-admin

Usage guidelines

To exchange VPNv4 routes with a peer in nested VPN, enable nested VPN, and then execute the peer enable command to enable that peer in BGP-VPN VPNv4 address family view.

Examples

# Enable nested VPN for BGP instance default.

<Sysname> system-view

[Sysname] bgp 10

[Sysname-bgp-default] address-family vpnv4

[Sysname-bgp-default-vpnv4] nesting-vpn

peer next-hop-invariable

Use peer next-hop-invariable to configure the device to not change the next hop of routes advertised to BGP peers.

Use undo peer next-hop-invariable to configure the device to use its address as the next hop of routes advertised to BGP peers.

Syntax

peer { group-name | ip-address [ mask-length ] } next-hop-invariable

undo peer { group-name | ip-address [ mask-length ] } next-hop-invariable

Default

The device uses its address as the next hop of routes advertised to BGP peers.

Views

BGP VPNv4 address family view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters.

ip-address: Specifies a peer by its IP address.

mask-length: Specifies a mask length in the range of 0 to 32. You can use the ip-address and mask-length arguments together to specify a subnet. If you specify a subnet in this command, the device does not change the next hop of routes advertised to the dynamic peers in the subnet.

Usage guidelines

On an RR in an inter-AS option C scenario, you must configure next-hop-invariable to not change the next hop of VPNv4 routes advertised to BGP peers and RR clients.

This command is exclusive with the peer next-hop-local command.

Examples

# Configure the device to not change the next hop of routes advertised to BGP peer 1.1.1.1 in BGP instance default.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family vpnv4

[Sysname-bgp-default-af-vpnv4] peer 1.1.1.1 next-hop-invariable

Related commands

peer next-hop-local (Layer 3—IP Routing Command Reference)

peer upe

Use peer upe to configure BGP peers as HoVPN UPEs.

Use undo peer upe to delete HoVPN UPEs.

Syntax

peer { group-name | ip-address [ mask-length ] } upe

undo peer { group-name | ip-address [ mask-length ] } upe

Default

No BGP peer is configured as a UPE.

Views

BGP VPNv4 address family view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The specified peer group must exist.

ip-address: Specifies a peer by its IP address. The specified peer must exist.

mask-length: Specifies a mask length in the range of 0 to 32. You can use the ip-address and mask-length arguments together to specify a subnet. If you specify a subnet, this command configures all dynamic peers in the subnet as UPEs.

Usage guidelines

A UPE is a special VPNv4 peer. It can accept one default route for each related VPN instance and routes permitted by the routing policy on the SPE. An SPE is a common VPN peer.

Examples

# Configure peer 1.1.1.1 as a UPE in BGP instance default.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family vpnv4

[Sysname-bgp-default-vpnv4] peer 1.1.1.1 upe

peer upe route-policy

Use peer upe route-policy to advertise routes permitted by a routing policy to UPEs.

Use undo peer upe route-policy to remove the configuration.

Syntax

peer { group-name | ip-address [ mask-length ] } upe route-policy route-policy-name export

undo peer { group-name | ip-address [ mask-length ] } upe route-policy export

Default

No routes are advertised to any peers.

Views

BGP VPNv4 address family view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must exist.

ip-address: Specifies a peer by its IP address. The peer must exist.

mask-length: Specifies a mask length in the range of 0 to 32. You can use the ip-address and mask-length arguments together to specify a subnet. If you specify a subnet, this command advertises routes permitted by a routing policy to all dynamic peers in the subnet.

route-policy-name: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.

export: Applies the filtering policy to routes to be advertised.

Usage guidelines

This command must be used with the peer upe command.

Examples

# Configure peer 1.1.1.1 as a UPE, and advertise routes permitted by routing policy hope to peer 1.1.1.1 in BGP instance default.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] peer 1.1.1.1 as-number 200

[Sysname-bgp-default] address-family vpnv4

[Sysname-bgp-default-vpnv4] peer 1.1.1.1 enable

[Sysname-bgp-default-vpnv4] peer 1.1.1.1 upe

[Sysname-bgp-default-vpnv4] peer 1.1.1.1 upe route-policy hope export

Related commands

peer upe

route-policy (Layer 3—IP Routing Command Reference)

policy vpn-target

Use policy vpn-target to enable route target filtering of received VPNv4 routes. Only VPNv4 routes whose export route target attribute matches local import route target attribute are added to the routing table.

Use undo policy vpn-target to disable route target filtering, permitting all incoming VPNv4 routes.

Syntax

policy vpn-target

undo policy vpn-target

Default

The route target filtering feature is enabled for received VPNv4 routes.

Views

BGP VPNv4 address family view

Predefined user roles

network-admin

Usage guidelines

In an inter-AS option B scenario, an ASBR must save all incoming VPNv4 routes and advertise those routes to the peer ASBR. For this purpose, you must execute the undo policy vpn-target command on the ASBR to disable route target filtering.

Examples

# Disable route target filtering of received VPNv4 routes in BGP instance default.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family vpnv4

[Sysname-bgp-default-vpnv4] undo policy vpn-target

route-distinguisher (VPN instance view)

Use route-distinguisher to configure a route distinguisher (RD) for a VPN instance.

Use undo route-distinguisher to restore the default.

Syntax

route-distinguisher route-distinguisher

undo route-distinguisher

Default

No RD is configured for a VPN instance.

Views

VPN instance view

Predefined user roles

network-admin

Parameters

route-distinguisher: Specifies an RD for the VPN instance, a string of 3 to 21 characters in one of the following formats:

· 16-bit AS number:32-bit user-defined number. For example, 101:3.

· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.

· 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1.

Usage guidelines

RDs enable VPNs to use the same address space. An RD and an IPv4 prefix comprise a unique VPN IPv4 prefix.

To modify an RD, execute the undo route-distinguisher command to remove the RD and then execute the route-distinguisher command.

Examples

# Configure RD 22:1 for VPN instance vpn1.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] route-distinguisher 22:1

route-replicate

Use route-replicate to enable a VPN instance to replicate routes from the public network or other VPN instances.

Use undo route-replicate to cancel the configuration.

Syntax

route-replicate from { public | vpn-instance vpn-instance-name } protocol bgp as-number [ route-policy route-policy-name ]

route-replicate from { public | vpn-instance vpn-instance-name } protocol { direct | static | { isis | ospf | rip } process-id } [ advertise ] [ route-policy route-policy-name ]

undo route-replicate from { public | vpn-instance vpn-instance-name } protocol { direct | static | bgp as-number | { isis | ospf | rip } process-id }

Default

A VPN instance cannot replicate routes of the public network or other VPN instances.

Views

IPv4 VPN view

Predefined user roles

network-admin

Parameters

public: Replicates routes from the public network.

vpn-instance vpn-instance-name: Replicates routes from a VPN instance. The vpn-instance-name argument specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters.

protocol: Replicates routes of the specified routing protocol.

bgp: Replicates BGP routes.

as-number: Specifies an AS number in the range of 1 to 4294967295.

direct: Replicates direct routes.

static: Replicates static routes.

isis: Replicates IS-IS routes.

ospf: Replicates OSPF routes.

rip: Replicates RIP routes.

process-id: Specifies a process by its ID, in the range of 1 to 65535.

advertise: Allows the VPN instance to advertise replicated routes. If you do not specify this keyword, the VPN instance cannot advertise replicated routes.

route-policy route-policy-name: Applies a routing policy to replicated routes. The route-policy-name argument specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.

Usage guidelines

In a BGP/MPLS L3VPN network, only VPN instances that have matching route targets can communicate with each other.

This command allows a VPN instance to communicate with the public network or other VPN instances by replicating routing information of the public network or other VPN instances.

In an intelligent traffic control network, traffic of different tenants is assigned to different VPNs. To enable the tenants to communicate with the public network, configure this command to replicate routes from the public network to the VPN instances.

Examples

# Replicates OSPF routes from the public network to VPN instance vpn1.

<Sysname> system-view

[Sysname]ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] address-family ipv4

[Sysname-vpn-ipv4-vpn1] route-replicate from public protocol ospf 1

route-tag (OSPF view)

Use route-tag to configure an external route tag for redistributed VPN routes.

Use undo route-tag to restore the default.

Syntax

route-tag tag-value

undo route-tag

Default

If BGP runs within an MPLS backbone, and the BGP AS number is not greater than 65535, the first two octets of the external route tag are 0xD000, and the last two octets are the local BGP AS number. For example, if the local BGP AS number is 100, the external route tag value is 3489661028 (100 + the decimal value of 0xD0000000). If the AS number is greater than 65535, the external route tag is 0.

Views

OSPF view

Predefined user roles

network-admin

Parameters

tag-value: Specifies the external route tag for redistributed VPN routes, in the range of 0 to 4294967295.

Usage guidelines

In a dual-homed scenario where OSPF runs between the CE and the connected PEs (PE-A and PE-B, for example), you can use external route tags to avoid routing loops.

PE-A redistributes BGP routes from the peer PE into OSPF, and advertises these routes in the Type 5 or 7 LSAs to the CE. In these LSAs, PE-A adds the local external route tag.

When PE-B receives the Type 5 or 7 LSAs advertised by the CE, it compares the external route tag in the LSAs with the local external route tag. If the two tags have the same value (including the value of 0), PE-B ignores the LSA in route calculation to avoid routing loops.

The commands used to configure the external route tag (in the descending order of tag priority) are as follows:

· import-route

· route-tag (for PEs) and default tag (for CEs and MCEs)

As a best practice, configure the same external route tag for PEs in the same area.

An external route tag is not transferred in any BGP extended community attribute. It takes effect only on the PEs that receive BGP routes and generate OSPF Type 5 or 7 LSAs.

You can configure the same external route tag for different OSPF processes.

Examples

# In OSPF process 100, set the external route tag to 100 for redistributed VPN routes.

<Sysname> system-view

[Sysname] ospf 100

[Sysname-ospf-100] route-tag 100

Related commands

default (Layer 3—IP Routing Command Reference)

import-route (Layer 3—IP Routing Command Reference)

routing-table limit

Use routing-table limit to set the maximum number of active routes in a VPN instance.

Use undo routing-table limit to restore the default.

Syntax

routing-table limit number { warn-threshold | simply-alert }

undo routing-table limit

Default

The maximum number of active routes varies by device model. For more information, see the matrix table for the number argument.

Views

VPN instance view

IPv4 VPN view

IPv6 VPN view

Predefined user roles

network-admin

Parameters

number: Specifies the maximum number of active routes.

The following matrix shows the number argument and hardware compatibility:

Hardware	Argument compatibility	Value range	Default
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No	N/A	N/A
MSR2600-6-X1/2600-10-X1	Yes	1 to 51024	51024
MSR 2630	Yes	1 to 51024	51024
MSR3600-28/3600-51	Yes	1 to 51024	51024
MSR3600-28-SI/3600-51-SI	No	N/A	N/A
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes	1 to 101024	101024
MSR 3610/3620/3620-DP/3640/3660	Yes	1 to 101024	101024
MSR5620/5660/5680	Yes	1 to 101024	101024

Hardware	Argument compatibility	Value range	Default
MSR810-LM-GL	No	N/A	N/A
MSR810-W-LM-GL	No	N/A	N/A
MSR830-6EI-GL	No	N/A	N/A
MSR830-10EI-GL	No	N/A	N/A
MSR830-6HI-GL	No	N/A	N/A
MSR830-10HI-GL	No	N/A	N/A
MSR2600-6-X1-GL	Yes	1 to 51024	51024
MSR3600-28-SI-GL	No	N/A	N/A

warn-threshold: Specifies a warning threshold in the range of 1 to 100 in percentage. When the percentage of the existing active routes to the maximum active routes exceeds the threshold, the system gives a log message but still allows new active routes. If active routes in the VPN instance reach the maximum, no more active routes are added.

simply-alert: Specifies that when active routes exceed the maximum number, the system still accepts active routes but generates a log message.

Usage guidelines

Setting the maximum number of active routes for a VPN instance can prevent a PE from learning too many routes.

A limit configured in VPN instance view applies to both the IPv4 VPN and the IPv6 VPN.

A limit configured in IPv4 VPN view or IPv6 VPN view applies to only the IPv4 VPN or the IPv6 VPN.

IPv4 VPN prefers the limit configured in IPv4 VPN view over the limit configured in VPN instance view. IPv6 VPN prefers the limit configured in IPv6 VPN view over the limit configured in VPN instance view.

Examples

# Specify that VPN instance vpn1 supports a maximum of 1000 active routes. When active routes exceed this limit, the device can receive new active routes but generates a log message.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] route-distinguisher 100:1

[Sysname-vpn-instance-vpn1] routing-table limit 1000 simply-alert

# Specify that IPv4 VPN vpn2 supports a maximum of 1000 active routes. When active routes exceed this limit, the device can receive new active routes but generates a log message.

<Sysname> system-view

[Sysname] ip vpn-instance vpn2

[Sysname-vpn-instance-vpn2] route-distinguisher 100:2

[Sysname-vpn-instance-vpn2] address-family ipv4

[Sysname-vpn-ipv4-vpn2] routing-table limit 1000 simply-alert

# Specify that IPv6 VPN vpn3 supports a maximum of 1000 active routes. When active routes exceed this limit, the device can receive new active routes but generates a log message.

<Sysname> system-view

[Sysname] ip vpn-instance vpn3

[Sysname-vpn-instance-vpn3] route-distinguisher 100:3

[Sysname-vpn-instance-vpn3] address-family ipv6

[Sysname-vpn-ipv4-vpn3] routing-table limit 1000 simply-alert

rr-filter (BGP VPNv4 address family view)

Use rr-filter to create a route reflector (RR) reflection policy. Only IBGP routes whose extended community attribute matches the specified extended community list are reflected.

Use undo rr-filter to restore the default.

Syntax

rr-filter ext-comm-list-number

undo rr-filter

Default

An RR does not filter reflected routes.

Views

BGP VPNv4 address family view

BGP-VPN VPNv4 address family view

Predefined user roles

network-admin

Parameters

ext-comm-list-number: Specifies an extended community list number in the range of 1 to 65535.

Usage guidelines

By configuring different RR reflection policies on RRs in a cluster, you can implement load balancing among the RRs.

Examples

# Configure the RR to reflect only VPNv4 routes that are permitted by extended community list 10 in BGP instance default.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family vpnv4

[Sysname-bgp-default-vpnv4] rr-filter 10

sham-link (OSPF area view)

Use sham-link to create an OSPF sham link.

Use undo sham-link to remove an OSPF sham link or restore the defaults of specified parameters for an OSPF sham link.

Syntax

sham-link source-ip-address destination-ip-address [ cost cost-value | dead dead-interval | hello hello-interval | { { hmac-md5 | md5 } key-id { cipher | plain } string | simple { cipher | plain } string } | retransmit retrans-interval | trans-delay delay | ttl-security hops hop-count ] *

undo sham-link source-ip-address destination-ip-address [ cost | dead | hello | { { hmac-md5 | md5 } key-id | simple } | retransmit | trans-delay | ttl-security ] *

Default

No OSPF sham links exist.

Views

OSPF area view

Predefined user roles

network-admin

Parameters

source-ip-address: Specifies the source IP address of the sham link.

destination-ip-address: Specifies the destination IP address of the sham link.

cost cost-value: Specifies the cost of the sham link, in the range of 1 to 65535. The default cost is 1.

dead dead-interval: Specifies the dead interval in the range of 1 to 32768 seconds. The default is 40 seconds. The dead interval configured on the two ends of the sham link must be identical, and it must be at least four times the hello interval.

hello hello-interval: Specifies the interval for sending hello packets, in the range of 1 to 8192 seconds. The default is 10 seconds. The hello interval configured on the two ends of the sham link must be identical.

hmac-md5: Enables HMAC-MD5 authentication.

md5: Enables MD5 authentication.

simple: Enables simple authentication.

key-id: Specifies a key ID in the range of 1 to 255.

cipher: Specifies a key in encrypted form.

plain: Specifies a key in plaintext form. For security purposes, the key specified in plaintext form will be stored in encrypted form.

string: Specifies the key. This argument is case sensitive.

· In simple authentication mode, the plaintext form of the key is a string of 1 to 8 characters. The encrypted form of the key is a string of 33 to 41 characters.

· In MD5/HMAC-MD5 authentication mode, the plaintext form of the key is a string of 1 to 16 characters. The encrypted form of the key is a string of 33 to 53 characters.

retransmit retrans-interval: Specifies the interval for retransmitting LSAs, in the range of 1 to 3600 seconds. The default is 5 seconds.

trans-delay delay: Specifies the delay interval before the interface sends an LSA, in the range of 1 to 3600 seconds. The default is 1 second.

ttl-security hops hop-count: Enables OSPF GTSM and specifies the maximum number of hops to the sham link neighbor. The value range for the hop-count argument is 1 to 254. By default, OSPF GTSM is disabled.

Usage guidelines

When a backdoor link exists between the two sites of a VPN, traffic is forwarded through the backdoor link. To forward VPN traffic over the backbone, you can create a sham link between PEs. A sham link is considered an OSPF intra-area route.

This command can configure MD5/HMAC-MD5 or simple authentication for the sham link, but not both. For MD5/HMAC-MD5 authentication, you can configure multiple keys by executing this command multiple times, but a key-id can correspond with only one key.

To modify the MD5/HMAC-MD5 authentication key of a sham link, perform the following tasks:

1. Configure a new key for the sham link on the local device. If the neighbor on the sham link has not been configured with the new key, this configuration triggers a key rollover process, during which, OSPF advertises both the new and old keys so the neighbor can pass authentication and the neighbor relationship is maintained.

2. Configure the same key for the sham link on the neighbor. After the local device receives a packet carrying the new key from the neighbor, it quits the key rollover process.

3. Execute the undo sham-link command on the local device and the neighbor to remove the old key. This operation can avoid attacks to the sham link that uses the old key and reduce bandwidth consumption by key rollover.

OSPF GTSM protects the device from being attacked by CPU-utilization attacks. When OSPF GTSM is enabled for a sham link, the device compares the TTL value of an OSPF packet received from the sham link against the valid TTL range. If the TTL value is within the valid TTL range, the packet is accepted. If not, the packet is discarded. The valid TTL range is from "255 – the configured hop count + 1" to 255. For packets sent to the sham link, the device sets the packet TTL value to 255.

You cannot configure a sham link with the same source and destination IP address for multiple OSPF processes in a VPN instance.

For an OSPF neighbor relationship to be successfully established, the sham links configured on the local and remote PEs must be in the same OSPF area.

To use GTSM, you must configure GTSM on both the local and peer devices. You can specify different hop-count values on the devices.

Examples

# Create a sham link with the source address 1.1.1.1 and destination address 2.2.2.2.

<Sysname> system-view

[Sysname] ospf

[Sysname-ospf-1] area 0

[Sysname-ospf-1-area-0.0.0.0] sham-link 1.1.1.1 2.2.2.2

Related commands

display ospf sham-link

snmp context-name

Use snmp context-name to configure an SNMP context for a VPN instance.

Use undo snmp context-name to restore the default.

Syntax

snmp context-name context-name

undo snmp context-name

Default

No SNMP context is configured for a VPN instance.

Views

VPN instance view

Predefined user roles

network-admin

Parameters

context-name: Specifies an SNMP context, a case-sensitive string of 1 to 32 characters.

Usage guidelines

VPN-aware features such as AAA and NAT do not know the VPN instance to which a managed MIB node belongs. To resolve this issue, configure different SNMP contexts for different VPN instances.

The device selects a MIB for an SNMP packet according to the context (for SNMPv3) or community name (for SNMPv1/v2c) in the following ways:

· For an SNMPv3 packet:

¡ The device selects the public MIB if the packet does not carry a context.

¡ The device selects the MIB of a VPN instance if the packet meets the following conditions:

- Carries a context that was configured with the snmp-agent context command in system view.

- Matches the context of the VPN instance.

¡ The device does not process any MIBs in other situations.

· For an SNMPv1/v2c packet:

¡ The device selects the public MIB if no SNMP community to SNMP context mapping was configured with the snmp-agent community-map command in system view.

¡ The device selects the MIB of a VPN instance if the SNMP community is mapped to an SNMP context and the context matches the context of the VPN instance.

¡ The device does not process any MIBs in other situations.

For more information about SNMP context and community name, see Network Management and Monitoring Configuration Guide.

Do not configure the same SNMP context for different VPN instances.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Configure SNMP context vpna for VPN instance vpna.

<Sysname> system-view

[Sysname] snmp-agent context vpna

[Sysname] ip vpn-instance vpna

[Sysname-vpn-instance-vpna] route-distinguisher 22:33

[Sysname-vpn-instance-vpna] snmp context-name vpna

Related commands

snmp-agent community-map (Network Management and Monitoring Command Reference)

snmp-agent context (Network Management and Monitoring Command Reference)

snmp-agent trap enable l3vpn

Use snmp-agent trap enable l3vpn to enable SNMP notifications for MPLS L3VPN.

Use undo snmp-agent trap enable l3vpn to disable SNMP notifications for MPLS L3VPN.

Syntax

snmp-agent trap enable l3vpn

undo snmp-agent trap enable l3vpn

Default

SNMP notifications for MPLS L3VPN are enabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

To report critical MPLS L3VPN events to an NMS, enable SNMP notifications for MPLS L3VPN. For MPLS L3VPN event notifications to be sent correctly, you must also configure SNMP on the device. For more information about SNMP configuration, see the network management and monitoring configuration guide for the device.

Examples

# Enable SNMP notifications for MPLS L3VPN.

<Sysname> system-view

[Sysname] snmp-agent trap enable l3vpn

tnl-policy

Use tnl-policy to associate a VPN instance with a tunnel policy.

Use undo tnl-policy to restore the default.

Syntax

tnl-policy tunnel-policy-name

undo tnl-policy

Default

No tunnel policy is associated with a VPN instance.

Views

VPN instance view

IPv4 VPN view

IPv6 VPN view

Predefined user roles

network-admin

Parameters

tunnel-policy-name: Specifies a tunnel policy by its name, a case-sensitive string of 1 to 19 characters.

Usage guidelines

The VPN instance uses the specified tunnel policy to select tunnels for traffic.

If a VPN instance is not associated with any tunnel policies or the associated tunnel policy is not configured, the VPN instance selects tunnels according to the default tunnel policy. The default tunnel policy selects only one tunnel in this order: LSP tunnel, GRE tunnel, CRLSP tunnel.

A tunnel policy specified in VPN instance view applies to both the IPv4 VPN and the IPv6 VPN.

A tunnel policy specified in IPv4 VPN view or IPv6 VPN view applies only to the IPv4 VPN or IPv6 VPN.

IPv4 VPN prefers the tunnel policy specified in IPv4 VPN view over the tunnel policy specified in VPN instance view. IPv6 VPN prefers the tunnel policy specified in IPv6 VPN view over the tunnel policy specified in VPN instance view.

Examples

# Associate VPN instance vpn1 with tunnel policy po1.

<Sysname> system-view

[Sysname] tunnel-policy po1

[Sysname-tunnel-policy-po1] select-seq lsp load-balance-number 1

[Sysname-tunnel-policy-po1] quit

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] route-distinguisher 22:33

[Sysname-vpn-instance-vpn1] tnl-policy po1

[Sysname-vpn-instance-vpn1] quit

# Associate the IPv4 VPN vpn2 with tunnel policy po1.

[Sysname] ip vpn-instance vpn2

[Sysname-vpn-instance-vpn2] route-distinguisher 11:22

[Sysname-vpn-instance-vpn2] address-family ipv4

[Sysname-vpn-ipv4-vpn2] tnl-policy po1

[Sysname-vpn-ipv4-vpn2] quit

[Sysname-vpn-instance-vpn2] quit

# Associate the IPv6 VPN vpn3 with tunnel policy po1.

[Sysname] ip vpn-instance vpn3

[Sysname-vpn-instance-vpn3] route-distinguisher 11:33

[Sysname-vpn-instance-vpn3] address-family ipv6

[Sysname-vpn-ipv6-vpn3] tnl-policy po1

Related commands

tunnel-policy

vpn popgo

Use vpn popgo to specify the VPN label processing mode as POPGO forwarding on an egress PE. In POPGO forwarding mode, the egress PE pops the label for each packet and forwards the packet out of the interface corresponding to the label.

Use undo vpn popgo to restore the default.

Syntax

vpn popgo

undo vpn popgo

Default

The VPN label processing mode is POP forwarding on an egress PE, which will pop the label for each packet and forward the packet through the FIB table.

Views

BGP instance view

Predefined user roles

network-admin

Usage guidelines

After you execute the vpn popgo command, the egress PE disconnects and re-establishes BGP sessions to re-learn VPN routes, and it does not support load sharing among VPN BGP peers.

The vpn popgo and label-allocation-mode per-vrf commands are mutually exclusive. Do not configure both commands in a BGP instance.

Examples

# Specify the VPN label processing mode on the egress PE as POPGO forwarding for the BGP instance default.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] vpn popgo

# Specify the VPN label processing mode on the egress PE as POP forwarding for the BGP instance default.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] undo vpn popgo

Related commands

label-allocation-mode (Layer 3—IP Routing Command Reference)

vpn-id

Use vpn-id to configure a VPN ID for a VPN instance.

Use undo vpn-id to restore the default.

Syntax

vpn-id vpn-id

undo vpn-id

Default

No VPN ID is configured for a VPN instance.

Views

VPN instance view

Predefined user roles

network-admin

Parameters

vpn-id: Specifies a VPN ID for the VPN instance, in the form of OUI:Index. Both OUI and Index are hex numbers. The OUI is in the range of 0 to FFFFFF, and the index is in the range of 0 to FFFFFFFF.

Usage guidelines

A VPN ID uniquely identifies a VPN instance. Different VPN instances must have different VPN IDs.

A VPN ID cannot be 0:0.

Examples

# Configure VPN ID 20:1 for VPN instance vpn1.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] vpn-id 20:1

Related commands

display ip vpn-instance

vpn-route cross multipath

Use vpn-route cross multipath to enable ECMP VPN route redistribution.

Use undo vpn-route cross multipath to disable ECMP VPN route redistribution.

Syntax

vpn-route cross multipath

undo vpn-route cross multipath

Default

ECMP VPN route redistribution is disabled. If multiple routes have the same prefix and RD, a VPN redistributes only the optimal route to its routing table.

Views

BGP IPv4 unicast address family view

BGP IPv6 unicast address family view

BGP-VPN IPv4 unicast address family view

BGP-VPN IPv6 unicast address family view

Predefined user roles

network-admin

Usage guidelines

This feature enables a VPN instance to redistribute multiple routes that have the same prefix and RD into its routing table. Then, you can configure load sharing among the ECMP routes or MPLS L3VPN FRR.

Examples

# In BGP-VPN IPv4 unicast address family view, enable ECMP route redistribution.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] ip vpn-instance vpn1

[Sysname-bgp-default-vpn1] address-family ipv4

[Sysname-bgp-default-ipv4-vpn1] vpn-route cross multipath

vpn-target (VPN instance view/IPv4 VPN view/IPv6 VPN view)

Use vpn-target to configure route targets for a VPN instance.

Use undo vpn-target to remove the specified or all route targets of a VPN instance.

Syntax

vpn-target vpn-target&<1-8> [ both | export-extcommunity | import-extcommunity ]

undo vpn-target { all | vpn-target&<1-8> [ both | export-extcommunity | import-extcommunity ] }

Default

No route targets are configured for a VPN instance.

Views

VPN instance view

IPv4 VPN view

IPv6 VPN view

Predefined user roles

network-admin

Parameters

vpn-target&<1-8>: Specifies a space-separated list of route targets. You can specify a maximum of eight route targets each time you execute the command.

A route target is a string of 3 to 21 characters in one of the following formats:

· 16-bit AS number:32-bit user-defined number. For example, 101:3.

· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.

· 32-bit AS number:16-bit user-defined number, where the AS number must not be less than 65536. For example, 65536:1.

both: Uses the specified route targets as both import targets and export targets. The both keyword is also used when you do not specify any of the following keywords: both, export-extcommunity, and import-extcommunity.

export-extcommunity: Uses the specified route targets as export targets.

import-extcommunity: Uses the specified route targets as import targets.

all: Removes all route targets.

Usage guidelines

MPLS L3VPN uses route targets to control the advertisement of VPN routing information. A PE adds the configured export targets into the route target attribute of routes advertised to a peer. The peer uses the local import targets to match the route targets of received routes. If a match is found, the peer adds the routes to the routing table of the VPN instance.

Route targets configured in VPN instance view applies to both the IPv4 VPN and the IPv6 VPN.

Route targets configured in IPv4 VPN view or IPv6 VPN view applies only to the IPv4 VPN or IPv6 VPN.

Route targets configured in IPv4 VPN view or IPv6 VPN view take precedence over those configured in VPN instance view. If you configure route targets in both IPv4 VPN view and VPN instance view, the IPv4 VPN uses the route targets configured in IPv4 VPN view. If you configure route targets in both IPv6 VPN view and VPN instance view, the IPv6 VPN uses the route targets configured in IPv6 VPN view.

Examples

# Configure route targets for VPN instance vpn1.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] vpn-target 3:3 export-extcommunity

[Sysname-vpn-instance-vpn1] vpn-target 4:4 import-extcommunity

[Sysname-vpn-instance-vpn1] vpn-target 5:5 both

# Configure route targets for IPv4 VPN vpn2.

<Sysname> system-view

[Sysname] ip vpn-instance vpn2

[Sysname-vpn-instance-vpn2] address-family ipv4

[Sysname-vpn-ipv4-vpn2] vpn-target 3:3 export-extcommunity

[Sysname-vpn-ipv4-vpn2] vpn-target 4:4 import-extcommunity

[Sysname-vpn-ipv4-vpn2] vpn-target 5:5 both

# Configure route targets for IPv6 VPN vpn3.

<Sysname> system-view

[Sysname] ip vpn-instance vpn3

[Sysname-vpn-instance-vpn3] address-family ipv6

[Sysname-vpn-ipv6-vpn3] vpn-target 3:3 export-extcommunity

[Sysname-vpn-ipv6-vpn3] vpn-target 4:4 import-extcommunity

[Sysname-vpn-ipv6-vpn3] vpn-target 5:5 both

IPv6 MPLS L3VPN commands

This chapter describes only IPv6 MPLS L3VPN-specific commands. For information about the commands available for both IPv4 MPLS L3VPN and IPv6 MPLS L3VPN, see "MPLS L3VPN commands."

The following matrix shows the feature and hardware compatibility:

Hardware	IPv6 MPLS L3VPN compatibility
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No
MSR2600-6-X1/2600-10-X1	Yes
MSR 2630	Yes
MSR3600-28/3600-51	Yes
MSR3600-28-SI/3600-51-SI	No
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes
MSR 3610/3620/3620-DP/3640/3660	Yes
MSR5620/5660/5680	Yes

Hardware	IPv6 MPLS L3VPN compatibility
MSR810-LM-GL	No
MSR810-W-LM-GL	No
MSR830-6EI-GL	No
MSR830-10EI-GL	No
MSR830-6HI-GL	No
MSR830-10HI-GL	No
MSR2600-6-X1-GL	Yes
MSR3600-28-SI-GL	No

address-family ipv6 (VPN instance view)

Use address-family ipv6 to enter IPv6 VPN view.

Use undo address-family ipv6 to remove all configurations from IPv6 VPN view.

Syntax

address-family ipv6

undo address-family ipv6

Views

VPN instance view

Predefined user roles

network-admin

Usage guidelines

In IPv6 VPN view, you can configure IPv6 VPN parameters such as inbound and outbound routing policies.

Examples

# Enter IPv6 VPN view.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] address-family ipv6

[Sysname-vpn-ipv6-vpn1]

Related commands

address-family ipv4 (VPN instance view)

address-family vpnv6

Use address-family vpnv6 to create the BGP VPNv6 address family and enter its view, or enter the view of the existing BGP VPNv6 address family.

Use undo address-family vpnv6 to remove the BGP VPNv6 address family and all configurations in address family view.

Syntax

address-family vpnv6

undo address-family vpnv6

Default

The BGP VPNv6 address family is not created.

Views

BGP instance view

Predefined user roles

network-admin

Usage guidelines

A VPNv6 address consists of an RD and an IPv6 prefix. In IPv6 MPLS L3VPNs, PEs exchange BGP VPNv6 routes.

For a PE to exchange BGP VPNv6 routes with a BGP peer, you must enable that peer by executing the peer enable command in BGP VPNv6 address family view.

In BGP VPNv6 address family view, you can configure the following settings:

· BGP VPNv6 route attributes, such as the preferred value.

· Whether to allow the local AS number to appear in the AS_PATH attribute of received route updates.

Examples

# In BGP instance default, create the BGP VPNv6 address family and enter its view.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family vpnv6

[Sysname-bgp-default-af-vpnv6]

disable-dn-bit-check

Use disable-dn-bit-check to ignore the DN bit in OSPFv3 LSAs.

Use undo disable-dn-bit-check to restore the default.

Syntax

disable-dn-bit-check

undo disable-dn-bit-check

Default

A PE checks the DN bit in OSPFv3 LSAs.

Views

OSPFv3 view

Predefined user roles

network-admin

Usage guidelines

When a PE redistributes BGP routes into OSPFv3 and creates OSPFv3 LSAs, it sets the DN bit for the LSAs. When receiving the LSAs whose DN bit is set, the other PEs ignore the LSAs in route calculation to avoid routing loops.

If all LSAs from other PEs, including the LSAs whose DN bit is set, are required for route calculation, use the disable-dn-bit-check command to ignore the DN bit.

Before using this command, make sure it does not cause any routing loops.

This command takes effect only for a VPN OSPFv3 process that is not configured with the vpn-instance-capability simple command.

Examples

# Ignore the DN bit in LSAs for VPN OSPFv3 process 100.

<Sysname> system-view

[Sysname] ospfv3 100 vpn-instance vpn1

[Sysname-ospfv3-100] disable-dn-bit-check

Related commands

disable-dn-bit-set

display ospfv3 (Layer 3—IP Routing Command Reference)

disable-dn-bit-set

Use disable-dn-bit-set to disable setting the DN bit in OSPFv3 LSAs.

Use undo disable-dn-bit-set to restore the default.

Syntax

disable-dn-bit-set

undo disable-dn-bit-set

Default

When a PE redistributes BGP routes into OSPFv3 and creates OSPFv3 LSAs, it sets the DN bit for the LSAs.

Views

OSPFv3 view

Predefined user roles

network-admin

Usage guidelines

If other PEs require all LSAs from a local PE for route calculation, use the disable-dn-bit-set command to disable setting the DN bit in the LSAs.

Before using this command, make sure it does not cause any routing loops.

This command takes effect only for a VPN OSPFv3 process that is not configured with the vpn-instance-capability simple command.

Examples

# Disable setting the DN bit in LSAs for VPN OSPFv3 process 100.

<Sysname> system-view

[Sysname] ospfv3 100 vpn-instance vpn1

[Sysname-ospfv3-100] disable-dn-bit-set

Related commands

disable-dn-bit-check

display ospfv3 (Layer 3—IP Routing Command Reference)

display bgp routing-table vpnv6

Use display bgp routing-table vpnv6 to display BGP VPNv6 routing information.

Syntax

display bgp [ instance instance-name ] routing-table vpnv6 [ [ route-distinguisher route-distinguisher ] [ ipv6-address prefix-length [ advertise-info ] | as-path-acl as-path-acl-number | community-list { { basic-community-list-number | comm-list-name } [ whole-match ] | adv-community-list-number } ] | peer ipv4-address { advertised-routes | received-routes } [ ipv6-address prefix-length | statistics ] | statistics ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

instance instance-name: Specifies a BGP instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a BGP instance, this command displays BGP VPNv6 routes in the default BGP instance.

route-distinguisher route-distinguisher: Specifies an RD, a string of 3 to 21 characters in one of the following formats:

· 16-bit AS number:32-bit user-defined number. For example, 101:3.

· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.

· 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1.

ipv6-address prefix-length: Displays detailed information about the BGP VPNv6 route that exactly matches the specified network address and prefix length. The prefix length is in the range of 0 to 128. If you do not specify this argument, the command displays brief information about all BGP VPNv6 routes.

advertise-info: Displays BGP VPNv6 route advertisement information.

as-path-acl as-path-acl-number: Displays BGP VPNv6 routes that match the AS path list specified by its number in the range of 1 to 256.

community-list: Displays BGP VPNv6 routes that match a BGP community list.

basic-community-list-number: Specifies a basic community list by its number in the range of 1 to 99.

comm-list-name: Specifies a community list by its name, a case-sensitive string of 1 to 63 characters.

whole-match: Displays BGP VPNv6 routes exactly matching the specified community list. If you do not specify this keyword, the command displays BGP VPNv6 routes whose COMMUNITY attributes include the specified community list.

adv-community-list-number: Specifies an advanced community list by its number in the range of 100 to 199.

peer: Displays BGP VPNv6 routing information advertised to or received from a peer.

ipv4-address: Specifies the peer IP address.

advertised-routes: Displays BGP VPNv6 routing information advertised to the specified peer.

received-routes: Displays BGP VPNv6 routing information received from the specified peer.

statistics: Displays BGP VPNv6 routing statistics.

Usage guidelines

If you do not specify any parameters, this command displays brief information about all BGP VPNv6 routes.

Examples

# Display brief information about all BGP VPNv6 routes in the default BGP instance.

<Sysname> display bgp routing-table vpnv6

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Total number of routes from all PEs: 1

Route distinguisher: 100:1(vpn1)

Total number of routes: 4

* > Network : 2001:1:: PrefixLen : 96

NextHop : :: LocPrf :

PrefVal : 32768 OutLabel : NULL

MED : 0

Path/Ogn: ?

* e Network : 2001:1:: PrefixLen : 96

NextHop : 2001:1::1 LocPrf :

PrefVal : 0 OutLabel : NULL

MED : 0

Path/Ogn: 65410?

* > Network : 2001:1::2 PrefixLen : 128

NextHop : ::1 LocPrf :

PrefVal : 32768 OutLabel : NULL

MED : 0

Path/Ogn: ?

* >i Network : 2001:3:: PrefixLen : 96

NextHop : ::FFFF:3.3.3.9 LocPrf : 100

PrefVal : 0 OutLabel : 1279

MED : 0

Path/Ogn: ?

Route distinguisher: 200:1

Total number of routes: 1

* >i Network : 2001:3:: PrefixLen : 96

NextHop : ::FFFF:3.3.3.9 LocPrf : 100

PrefVal : 0 OutLabel : 1279

MED : 0

Path/Ogn: ?

# Display information about BGP VPNv6 routes matching the AS_PATH list 1 in the default BGP instance.

<Sysname> display bgp routing-table vpnv6 as-path-acl 1

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Total number of routes from all PEs: 1

Route distinguisher: 100:1(vpn1)

Total number of routes: 4

* > Network : 2001:1:: PrefixLen : 96

NextHop : :: LocPrf :

PrefVal : 32768 OutLabel : NULL

MED : 0

Path/Ogn: ?

* e Network : 2001:1:: PrefixLen : 96

NextHop : 2001:1::1 LocPrf :

PrefVal : 0 OutLabel : NULL

MED : 0

Path/Ogn: 65410?

* > Network : 2001:1::2 PrefixLen : 128

NextHop : ::1 LocPrf :

PrefVal : 32768 OutLabel : NULL

MED : 0

Path/Ogn: ?

* >i Network : 2001:3:: PrefixLen : 96

NextHop : ::FFFF:3.3.3.9 LocPrf : 100

PrefVal : 0 OutLabel : 1279

MED : 0

Path/Ogn: ?

Route distinguisher: 200:1

Total number of routes: 1

* >i Network : 2001:3:: PrefixLen : 96

NextHop : ::FFFF:3.3.3.9 LocPrf : 100

PrefVal : 0 OutLabel : 1279

MED : 0

Path/Ogn: ?

# Display information about BGP VPNv6 routes matching the BGP community list 100 in the default BGP instance.

<Sysname> display bgp routing-table vpnv6 community-list 100

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Total number of routes from all PEs: 1

Route distinguisher: 100:1(vpn1)

Total number of routes: 4

* > Network : 2001:1:: PrefixLen : 96

NextHop : :: LocPrf :

PrefVal : 32768 OutLabel : NULL

MED : 0

Path/Ogn: ?

* e Network : 2001:1:: PrefixLen : 96

NextHop : 2001:1::1 LocPrf :

PrefVal : 0 OutLabel : NULL

MED : 0

Path/Ogn: 65410?

* > Network : 2001:1::2 PrefixLen : 128

NextHop : ::1 LocPrf :

PrefVal : 32768 OutLabel : NULL

MED : 0

Path/Ogn: ?

* >i Network : 2001:3:: PrefixLen : 96

NextHop : ::FFFF:3.3.3.9 LocPrf : 100

PrefVal : 0 OutLabel : 1279

MED : 0

Path/Ogn: ?

Route distinguisher: 200:1

Total number of routes: 1

* >i Network : 2001:3:: PrefixLen : 96

NextHop : ::FFFF:3.3.3.9 LocPrf : 100

PrefVal : 0 OutLabel : 1279

MED : 0

Path/Ogn: ?

# Display information about public BGP VPNv6 routes advertised to 3.3.3.9 in the default BGP instance.

<Sysname> display bgp routing-table vpnv6 peer 3.3.3.9 advertised-routes

Total number of routes: 1

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Route distinguisher: 100:1

Total number of routes: 1

* > Network : 2001:1:: PrefixLen : 96

NextHop : :: LocPrf :

MED : 0 OutLabel : NULL

Path/Ogn: ?

# Display information about public BGP VPNv6 routes received from 3.3.3.9 in the default BGP instance.

<Sysname> display bgp routing-table vpnv6 peer 3.3.3.9 received-routes

Total number of routes: 1

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Route distinguisher: 200:1

Total number of routes: 1

* >i Network : 2001:3:: PrefixLen : 96

NextHop : ::FFFF:3.3.3.9 LocPrf : 100

PrefVal : 0 OutLabel : 1279

MED : 0

Path/Ogn: ?

Table 78 Command output

Field	Description
BGP local router ID	Router ID of the local BGP router.
Status codes	Route status codes: · * - valid—Valid route. · > - best—Common optimal route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route.
Origin	Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols.
Total number of routes from all PEs	Total number of VPNv6 routes from all PEs.
Network	Network address.
PrefixLen	Prefix length.
NextHop	Address of the next hop.
LocPrf	Local preference value.
PrefVal	Preferred value.
MED	MULTI_EXIT_DISC attribute.
Path/Ogn	AS_PATH and Origin attributes.

# Display detailed information about BGP VPNv6 routes to 2::/64 in the default BGP instance.

<Sysname> display bgp routing-table vpnv6 2:: 64

BGP local router ID: 192.168.1.135

Local AS number: 200

Paths: 2 available, 1 best

BGP routing table information of 2::/64:

From : 10.1.1.1 (192.168.1.136)

Rely nexthop : ::FFFF:10.1.1.1

Original nexthop: ::FFFF:10.1.1.1

OutLabel : NULL

AS-path : 100

Origin : igp

Attribute value : MED 0, pref-val 0

State : valid, external, best

IP precedence : N/A

QoS local ID : N/A

Traffic index : N/A

Backup route.

From : 1::1 (192.168.1.136)

Rely nexthop : 1::1

Original nexthop: 1::1

OutLabel : NULL

AS-path : 100

Origin : igp

Attribute value : MED 0, pref-val 0

State : valid, external

IP precedence : N/A

QoS local ID : N/A

Traffic index : N/A

Table 79 Command output

Field	Description
BGP local router ID	Router ID of the local BGP router.
Paths	Number of routes: · available—Available routes. · best—Optimal routes.
BGP routing table information of 2::/64	Routing information for the BGP routes to 2::/64.
From	IP address of the BGP peer that advertises the route.
Rely Nexthop	Recursive next hop. If no recursive next hop is found, this field displays not resolved.
Original nexthop	Original next hop. If the route is learned from a BGP update, it is the next hop in the update message.
Origin	Route origin: · igp—Originated in the AS. The origin of routes advertised by the network command is IGP. · egp—Learned through EGP. · incomplete—Redistributed from IGP protocols.
Attribute value	BGP route attribute information: · MED—MED attribute. · localpref—Local preference. · pref-val—Preferred value. · pre—Protocol preference.
State	Route status: · valid—Valid route. · internal—Internal route. · external—External route. · local—Locally generated route. · best—Optimal route.
IP precedence	IP priority of a route, in the range of 0 to 7. N/A indicates that the route does not support this field.
QoS local ID	QoS local ID attribute of a route, in the range of 1 to 4095. N/A indicates that the route does not support this field.
Traffic index	Index of the traffic, in the range of 1 to 64. N/A indicates that the route does not support this field.

# Display advertisement information for BGP VPNv6 routes to 2001:1::/96 in the default BGP instance.

<Sysname> display bgp routing-table vpnv6 2001:1:: 96 advertise-info

BGP local router ID: 1.1.1.9

Local AS number: 100

Route distinguisher: 100:1

Total number of routes: 1

Paths: 1 best

BGP routing table information of 2001:1::/96:

Advertised to VPN peers (1 in total):

3.3.3.9

Inlabel : 1279

Table 80 Command output

Field	Description
Paths	Number of routes to the specified destination network.
BGP routing table information of 2001:1::/96	Advertisement information for the BGP route to 2001:1::/96.
Advertised to VPN peers (1 in total)	VPNv6 peers to which the route is advertised, and the number of peers.
Inlabel	Incoming label of the route.

# Display statistics about public BGP VPNv6 routes advertised to peer 3.3.3.9 in the default BGP instance.

<Sysname> display bgp routing-table vpnv6 peer 3.3.3.9 advertised-routes statistics

Advertised routes total: 2

# Display statistics about public BGP VPNv6 routes received from peer 3.3.3.9 in the default BGP instance.

<Sysname> display bgp routing-table vpnv6 peer 3.3.3.9 received-routes statistic

Received routes total: 2

Table 81 Command output

Field	Description
Advertised routes total	Total number of routes advertised to the specified peer.
Received routes total	Total number of routes received from the specified peer.

# Display statistics about public BGP VPNv6 routes in the default BGP instance.

<Sysname> display bgp routing-table vpnv6 statistics

Total number of routes from all PEs: 1

Route distinguisher: 100:1(vpn1)

Total number of routes: 4

Route distinguisher: 200:1

Total number of routes: 1

Table 82 Command output

Field	Description
Total number of routes from all PEs	Total number of VPNv6 routes from all PEs.
Total number of routes	Total number of VPNv6 routes with the specified RD.

Related commands

ip as-path (Layer 3—IP Routing Command Reference)

display bgp routing-table vpnv6 inlabel

Use display bgp routing-table vpnv6 inlabel to display incoming labels for all BGP VPNv6 routes.

Syntax

display bgp [ instance instance-name ] routing-table vpnv6 inlabel

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

Examples

# Display incoming labels for all BGP VPNv6 routes.

<Sysname> display bgp routing-table vpnv6 inlabel

Total number of routes: 1

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Route distinguisher: 100:1

Total number of routes: 1

* > Network : 2001:1:: PrefixLen : 96

NextHop : :: OutLabel : NULL

InLabel : 1279

Table 83 Command output

Field	Description
BGP local router ID	Router ID of the local BGP router.
Status codes	Route status codes: · * - valid—Valid route. · > - best—Common optimal route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route.
Origin	Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols.
OutLabel	Outgoing label. If the peer PE assigns a null label, this field displays NULL.
InLabel	Incoming label.

display bgp routing-table vpnv6 outlabel

Use display bgp routing-table vpnv6 outlabel to display outgoing labels for BGP VPNv6 routes.

Syntax

display bgp [ instance instance-name ] routing-table vpnv6 outlabel

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

Examples

# Display outgoing labels for all BGP VPNv6 routes in the default BGP instance.

<Sysname> display bgp routing-table vpnv6 outlabel

BGP local router ID is 1.1.1.9

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Total number of routes from all PEs: 1

Route distinguisher: 100:1(vpn1)

Total number of routes: 1

* >i Network : 2001:3:: PrefixLen : 96

NextHop : ::FFFF:3.3.3.9 OutLabel : 1279

Route distinguisher: 200:1

Total number of routes: 1

* >i Network : 2001:3:: PrefixLen : 96

NextHop : ::FFFF:3.3.3.9 OutLabel : 1279

Table 84 Command output

Field	Description
BGP local router ID	Router ID of the local BGP router.
Status	Route status codes: · * - valid—Valid route. · > - best—Common optimal route. · d – damped—Route damped for route flap. · h - history—History route. · i - internal—Internal route. · e - external—External route. · s - suppressed—Suppressed route. · S - Stale—Stale route.
Origin	Route origin: · i - IGP—Originated in the AS. The origin of routes advertised by the network command is IGP. · e - EGP—Learned through EGP. · ? - incomplete—Redistributed from IGP protocols.
OutLabel	Outgoing label. If the peer PE assigns an explicit null label, this field displays exp-null.

display ospfv3 sham-link

Use display ospfv3 sham-link to display OSPFv3 sham link information.

Syntax

display ospfv3 [ process-id ] [ area area-id ] sham-link [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

process-id: Specifies an OSPFv3 process by its ID. The process ID is in the range of 1 to 65535. If you do not specify a process, this command displays sham link information for all OSPFv3 processes.

area area-id: Specifies an OSPFv3 area by its ID, which is an IP address, or an integer. The integer is in the range of 0 to 4294967295. If you do not specify an area, this command displays sham link information for all OSPFv3 areas.

verbose: Displays detailed sham link information. If you do not specify this keyword, the command displays brief sham link information.

Examples

# Display brief information about all OSPFv3 sham links.

<Sysname> display ospfv3 sham-link

OSPFv3 Process 1 with Router ID 125.0.0.1

Sham-link (Area: 0.0.0.1)

Neighbor ID State Instance ID Destination address

0.0.0.0 Down 1 1:1::58

95.0.0.1 P-2-P 1 1:1::95

# Display detailed information about all OSPFv3 sham links.

<Sysname> display ospfv3 sham-link verbose

OSPFv3 Process 1 with Router ID 125.0.0.1

Sham-link (Area: 0.0.0.1)

Source : 1:1::125

Destination : 1:1::58

Interface ID: 2147483649

Neighbor ID : 0.0.0.0, Neighbor state: Down

Cost: 1 State: Down Type: Sham Instance ID: 1

Timers: Hello 10, Dead 40, Retransmit 5, Transmit delay 1

Request list: 0 Retransmit list: 0

Source : 1:1::125

Destination : 1:1::95

Interface ID: 2147483650

Neighbor ID : 95.0.0.1, Neighbor state: Full

Cost: 1 State: P-2-P Type: Sham Instance ID: 1

Timers: Hello 10, Dead 40, Retransmit 5, Transmit delay 1

Request list: 0 Retransmit list: 0

IPsec profile name: profile001

Table 85 Command output

Field	Description
Neighbor state	Neighbor state for the sham link, Down, Init, 2-Way, ExStart, Exchange, Loading, or Full.
Request list	Number of LSAs in the request list.
Retransmit list	Number of LSAs in the retransmit list.
IPsec profile name	Name of the IPsec profile used by the sham link.

domain-id (OSPFv3 view)

Use domain-id to set an OSPFv3 domain ID.

Use undo domain-id to delete an OSPFv3 domain ID.

Syntax

domain-id { domain-id [ secondary ] | null }

undo domain-id [ domain-id | null ]

Default

The OSPFv3 domain ID is 0.

Views

OSPFv3 view

Predefined user roles

network-admin

Parameters

domain-id: Specifies an OSPFv3 domain ID, in one of the following formats:

· Integer, in the range of 0 to 4294967295. For example, 1.

· Dotted decimal notation. For example, 0.0.0.1.

· Dotted decimal notation:16-bit user-defined number in the range of 0 to 65535. For example, 0.0.0.1:512.

secondary: Specifies a secondary domain ID. If you do not specify this keyword, the command specifies a primary domain ID.

null: Carries no domain ID in the community attribute.

Usage guidelines

When you redistribute OSPFv3 routes into BGP, BGP adds the primary domain ID to the redistributed BGP VPNv6 routes as a BGP extended community attribute. Then, BGP advertises the routes to the peer PE.

When the peer PE receives the routes, it compares the OSPFv3 domain ID in the routes with the locally configured primary and secondary domain IDs. OSPFv3 advertises these routes in Inter-Area-Prefix LSAs (Type 3 LSAs) if both the following conditions exist:

· The primary or secondary domain ID is the same as the received domain ID.

· The received routes are intra-area or inter-area routes.

Otherwise, OSPFv3 advertises these routes in AS External LSAs (Type 5 LSAs) or NSSA External LSAs (Type 7 LSAs).

A null domain ID and a domain ID of 0 are considered the same in domain ID comparison.

You cannot configure a secondary domain ID when the primary domain ID is configured as 0.

If you do not specify any parameters, the undo domain-id command restores the default.

This command takes effect only for a VPN OSPFv3 process that is not configured with the vpn-instance-capability simple command.

Examples

# Set the primary domain ID for VPN OSPFv3 process 100 to 1.1.1.1.

<Sysname> system-view

[Sysname] ospfv3 100 vpn-instance vpn1

[Sysname-ospfv3-100] domain-id 1.1.1.1

Related commands

display ospfv3 (Layer 3—IP Routing Command Reference)

ext-community-type (OSPFv3 view)

Use ext-community-type to configure the type code of an OSPFv3 extended community attribute.

Use undo ext-community-type to restore the default.

Syntax

ext-community-type { domain-id type-code1 | route-type type-code2 | router-id type-code3 }

undo ext-community-type [ domain-id | route-type | router-id ]

Default

The type codes for domain ID, route type, and router ID are hex numbers 0005, 0306, and 0107, respectively.

Views

OSPFv3 view

Predefined user roles

network-admin

Parameters

domain-id type-code1: Specifies the type code for domain ID. Valid values are hex numbers 0005, 0105, 0205, and 8005.

route-type type-code2: Specifies the type code for route type. Valid values are hex numbers 0306 and 8000.

router-id type-code3: Specifies the type code for router ID. Valid values are hex numbers 0107 and 8001.

Examples

# Configure the type codes of domain ID, route type, and router ID as hex numbers 8005, 8000, and 8001, respectively, for VPN OSPFv3 process 100.

<Sysname> system-view

[Sysname] ospfv3 100 vpn-instance vpn1

[Sysname-ospfv3-100] ext-community-type domain-id 8005

[Sysname-ospfv3-100] ext-community-type route-type 8000

[Sysname-ospfv3-100] ext-community-type router-id 8001

Related commands

display ospfv3 (Layer 3—IP Routing Command Reference)

peer next-hop-invariable

Use peer next-hop-invariable to configure the device to not change the next hop of routes advertised to BGP peers.

Use undo peer next-hop-invariable to configure the device to use its address as the next hop of routes advertised to BGP peers.

Syntax

peer { group-name | ip-address [ mask-length ] } next-hop-invariable

undo peer { group-name | ip-address [ mask-length ] } next-hop-invariable

Default

The device uses its address as the next hop of routes advertised to BGP peers.

Views

BGP VPNv6 address family view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters.

ip-address: Specifies a peer by its IP address.

mask-length: Specifies a mask length in the range of 0 to 32. You can use the ip-address and mask-length arguments together to specify a network. If you specify a network in this command, the device does not change the next hop of routes advertised to the dynamic peers in the network.

Usage guidelines

On an RR in an inter-AS option C scenario, you must configure this command to not change the next hop of VPNv6 routes advertised to BGP peers and RR clients.

Examples

# In BGP VPNv6 address family view of BGP instance default, configure the device to not change the next hop of routes advertised to peer 1.1.1.1.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family vpnv6

[Sysname-bgp-default-af-vpnv6] peer 1.1.1.1 next-hop-invariable

policy vpn-target

Use policy vpn-target to enable route target filtering of received VPNv6 routes. Only VPNv6 routes whose export route target attribute matches local import route target attribute are added to the routing table.

Use undo policy vpn-target to disable route target filtering, permitting all incoming VPNv6 routes.

Syntax

policy vpn-target

undo policy vpn-target

Default

The route target filtering feature is enabled for received VPNv6 routes.

Views

BGP VPNv6 address family view

Predefined user roles

network-admin

Usage guidelines

Examples

# Disable route target filtering of received VPNv6 routes in BGP instance default.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family vpnv6

[Sysname-bgp-default-af-vpnv6] undo policy vpn-target

route-tag (OSPFv3 view)

Use route-tag to configure an external route tag for redistributed VPN routes.

Use undo route-tag to restore the default.

Syntax

route-tag tag-value

undo route-tag

Default

Views

OSPFv3 view

Predefined user roles

network-admin

Parameters

tag-value: Specifies the external route tag for redistributed VPN routes, in the range of 0 to 4294967295.

Usage guidelines

In a dual-homed scenario where OSPFv3 runs between the CE and the connected PEs (PE-A and PE-B, for example), you can use external route tags to avoid routing loops.

PE-A redistributes BGP VPNv6 routes from the peer PE into OSPFv3, and advertises these routes in the Type 5 or 7 LSAs to the CE. In these LSAs, PE-A adds the locally configured external route tag.

If the route-tag-check enable command is configured on the PE-B, it compares the external route tag in the receiving Type 5 or 7 LSAs with the locally configured tag. If they are the same, PE-B ignores the LSA in route calculation to avoid routing loops.

The commands used to configure the external route tag (in the descending order of tag priority) are as follows:

· import-route

· route-tag (for PEs) and default tag (for CEs and MCEs)

As a best practice, configure the same external route tag for PEs in the same area.

An external route tag is not transferred in any BGP extended community attribute. It takes effect only on PEs that receive BGP routes and generate OSPF Type 5 or 7 LSAs.

You can configure the same external route tag for different OSPF processes.

This command takes effect only for a VPN OSPFv3 process that is not configured with the vpn-instance-capability simple command.

Examples

# Set the external route tag for redistributed VPN routes to 100 for VPN OSPFv3 process 100.

<Sysname> system-view

[Sysname] ospfv3 100 vpn-instance vpn1

[Sysname-ospfv3-100] route-tag 100

Related commands

default tag (Layer 3—IP Routing Command Reference)

display ospfv3 (Layer 3—IP Routing Command Reference)

import-route (Layer 3—IP Routing Command Reference)

route-tag-check enable

Use route-tag-check enable to enable external route check for OSPFv3 LSAs.

Use undo route-tag-check enable to disable external route check for OSPFv3 LSAs.

Syntax

route-tag-check enable

undo route-tag-check enable

Default

The external route check feature is disabled for OSPFv3 LSAs.

Views

OSPFv3 view

Predefined user roles

network-admin

Usage guidelines

In a dual-homed scenario where OSPFv3 runs between the CE and the connected PEs (PE-A and PE-B, for example), you can use external route tags to avoid routing loops.

PE-A redistributes BGP VPNv6 routes from the peer PE into OSPFv3, and advertises these routes in the Type 5 or 7 LSAs to the CE. In these LSAs, PE-A adds the locally configured external route tag.

If external route check for OSPFv3 LSAs is enabled on PE-B, it compares the external route tag in the receiving Type 5 or 7 LSAs with the locally configured tag. If they are the same, PE-B ignores the LSA in route calculation to avoid routing loops.

Use the external route tag check feature only when the device does not support the DN bit. Otherwise, use the DN bit to avoid routing loops.

This command takes effect only for a VPN OSPFv3 process that is not configured with the vpn-instance-capability simple command.

Examples

# Enable external route check in OSPFv3 LSAs for VPN OSPFv3 process 100.

<Sysname> system-view

[Sysname] ospfv3 100 vpn-instance vpn1

[Sysname-ospfv3-100] route-tag-check enable

Related commands

display ospfv3 (Layer 3—IP Routing Command Reference)

route-tag

rr-filter (BGP VPNv6 address family view)

Use rr-filter to create an RR reflection policy. Only IBGP routes whose extended community attribute matches the specified extended community list are reflected.

Use undo rr-filter to restore the default.

Syntax

rr-filter ext-comm-list-number

undo rr-filter

Default

An RR does not filter reflected routes.

Views

BGP VPNv6 address family view

BGP-VPN VPNv4 address family view

Predefined user roles

network-admin

Parameters

ext-comm-list-number: Specifies an extended community list number in the range of 1 to 65535.

Usage guidelines

By configuring different RR reflection policies on RRs in a cluster, you can implement load balancing among the RRs.

Examples

# Configure the RR to reflect only VPNv6 routes that are permitted by extended community list 10 in BGP instance default.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family vpnv6

[Sysname-bgp-default-vpnv6] rr-filter 10

sham-link (OSPFv3 area view)

Use sham-link to create an OSPFv3 sham link.

Use undo sham-link to remove an OSPFv3 sham link or restore the defaults of specified parameters for an OSPFv3 sham link.

Syntax

Default

No OSPFv3 sham links exist.

Views

OSPFv3 area view

Predefined user roles

network-admin

Parameters

source-ipv6-address: Specifies the source IPv6 address of the sham link.

destination-ipv6-address: Specifies the destination IPv6 address of the sham link.

cost cost-value: Specifies the cost of the sham link, in the range of 1 to 65535. The default cost is 1.

dead dead-interval: Specifies the dead interval in the range of 1 to 32768 seconds. The default is 40 seconds. The dead interval configured on each end of the sham link must be identical, and it must be at least four times the hello interval.

hello hello-interval: Specifies the interval for sending hello packets, in the range of 1 to 8192 seconds. The default is 10 seconds. The hello interval configured on each end of the sham link must be identical.

instance instance-id: Specifies the instance ID of the sham link, in the range of 0 to 255. The default value is 0.

ipsec-profile profile-name: Specifies the IPsec profile for the sham link. The profile-name argument specifies the profile by its name, a case-insensitive string of 1 to 63 characters.

retransmit retrans-interval: Specifies the interval for retransmitting LSAs, in the range of 1 to 3600 seconds. The default is 5 seconds.

trans-delay delay: Specifies the delay interval before the interface sends an LSA, in the range of 1 to 3600 seconds. The default is 1 second.

Usage guidelines

Examples

# Create a sham link with the source address 1::1 and destination address 2::2.

<Sysname> system-view

[Sysname] ospfv3 100 vpn-instance vpn1

[Sysname-ospfv3-100] area 0

[Sysname-ospfv3-100-area-0.0.0.0] sham-link 1::1 2::2

Related commands

display ospfv3 sham-link

MPLS L2VPN commands

The following matrix shows the feature and hardware compatibility:

Hardware	MPLS L2VPN compatibility
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No
MSR2600-6-X1/2600-10-X1	Yes
MSR 2630	Yes
MSR3600-28/3600-51	Yes
MSR3600-28-SI/3600-51-SI	No
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes
MSR 3610/3620/3620-DP/3640/3660	Yes
MSR5620/5660/5680	Yes

Hardware	MPLS L2VPN compatibility
MSR810-LM-GL	No
MSR810-W-LM-GL	No
MSR830-6EI-GL	No
MSR830-10EI-GL	No
MSR830-6HI-GL	No
MSR830-10HI-GL	No
MSR2600-6-X1-GL	Yes
MSR3600-28-SI-GL	No

Commands and descriptions for centralized devices apply to the following routers:

· MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/ 810-LMS/810-LUS.

· MSR2600-6-X1/2600-10-X1.

· MSR 2630.

· MSR3600-28/3600-51.

· MSR3600-28-SI/3600-51-SI.

· MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC.

· MSR 3610/3620/3620-DP/3640/3660.

Commands and descriptions for distributed devices apply to the following routers:

· MSR5620.

· MSR 5660.

· MSR 5680.

ac interface

Use ac interface to bind a Layer 3 interface to a cross-connect.

Use undo ac interface to remove the binding.

Syntax

ac interface interface-type interface-number [ track track-entry-number&<1-3> ]

undo ac interface interface-type interface-number

Default

No Layer 3 interface is bound to a cross-connect.

Views

Cross-connect view

Auto-discovery cross-connect view

Predefined user roles

network-admin

Parameters

interface-type interface-number: Specifies an interface by its type and number.

track track-entry-number&<1-3>: Specifies a space-separated list of up to three track entry numbers in the range of 1 to 1024. The AC is up only if a minimum of one associated track entry is in positive state.

Usage guidelines

After you execute this command, packets received from the Layer 3 interface are forwarded to the bound PW or another AC.

Related commands

connection

display l2vpn interface

pw-type

address-family l2vpn

Use address-family l2vpn to create the BGP L2VPN address family and enter its view, or enter the view of the existing BGP L2VPN address family view.

Use undo address-family l2vpn to delete the BGP L2VPN address family and all settings from BGP L2VPN address family view.

Syntax

address-family l2vpn

undo address-family l2vpn

Default

No BGP L2VPN address family exists.

Views

BGP instance view

Predefined user roles

network-admin

Usage guidelines

To establish a BGP PW to a remote PE, you must execute the peer enable command in BGP L2VPN address family view to enable the remote PE.

Examples

# In BGP instance default, create the BGP L2VPN address family and enter BGP L2VPN address family view.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family l2vpn

[Sysname-bgp-default-l2vpn]

# In BGP instance abc, create the BGP L2VPN address family and enter BGP L2VPN address family view.

<Sysname> system-view

[Sysname] bgp 100 instance abc

[Sysname-bgp-abc] address-family l2vpn

[Sysname-bgp-abc-l2vpn]

Examples

peer enable (Layer 3—IP Routing Command Reference)

auto-discovery

Use auto-discovery to enable a cross-connect group to automatically discover neighbors and create PWs through BGP, and enter auto-discovery cross-connect group view.

Use undo auto-discovery to restore the default.

Syntax

auto-discovery bgp

undo auto-discovery

Default

A cross-connect group does not use BGP to automatically discover neighbors and create PWs.

Views

Cross-connect group view

Predefined user roles

network-admin

Parameters

bgp: Enables the cross-connect group to automatically discover neighbors and create PWs through BGP.

Usage guidelines

In auto-discovery cross-connect group view, you can configure parameters such as the local site, remote site, and route target for BGP. The local PE can use BGP to discover remote PEs and create PWs.

Examples

# Enable cross-connect group bbb to automatically discover neighbors and create PWs through BGP, and enter auto-discovery cross-connect group view.

<Sysname> system-view

[Sysname] xconnect-group bbb

[Sysname-xcg-bbb] auto-discovery bgp

[Sysname-xcg-bbb-auto]

Related commands

display l2vpn pw

display l2vpn xconnect-group

backup-peer

Use backup-peer to configure a backup PW for a cross-connect and enter cross-connect backup PW view, or enter the view of an existing cross-connect backup PW.

Use undo backup-peer to restore the default.

Syntax

backup-peer ip-address pw-id pw-id [ in-label label-value out-label label-value ] [ pw-class class-name | tunnel-policy tunnel-policy-name ] *

undo backup-peer ip-address pw-id pw-id

Default

No backup PW exists for a cross-connect.

Views

Cross-connect PW view

Predefined user roles

network-admin

Parameters

ip-address: Specifies the LSR ID of the peer PE on the backup PW.

pw-id pw-id: Specifies a PW ID for the backup PW, in the range of 1 to 4294967295.

in-label label-value: Specifies the incoming label for the backup PW, in the range of 0 to 1023.

out-label label-value: Specifies the outgoing label for the backup PW, in the range of 16 to 1048575.

pw-class class-name: Specifies a PW class by its name, a case-sensitive string of 1 to 19 characters. You can specify a PW class to configure the PW type and control word for the backup PW. If you do not specify a PW class, the PW type is determined by the link type of the AC interface. The control word feature is not supported for PW types that do not require using control word.

tunnel-policy tunnel-policy-name: Specifies a tunnel policy by its name, a case-sensitive string of 1 to 19 characters. If you do not specify a tunnel policy, the default tunnel policy is used.

Usage guidelines

This command configures a backup PW to implement PW redundancy. The backup PW is used when the primary PW fails.

To configure a backup static PW, you must specify the in-label and out-label. To configure a backup LDP PW, you do not need to specify the in-label and out-label.

The peer LSR ID and PW ID for a backup PW must be different from those for an existing VPLS PW or PW bound to a cross-connect.

PW redundancy is mutually exclusive from the multi-segment PW feature. If you have configured two PWs by using the peer command in cross-connect view, you cannot configure a backup PW by using the backup-peer command in cross-connect PW view, and vice versa.

A static PW must have a different incoming label than an existing static LSP or static CRLSP. If they are the same, the static PW is not available, even if you change the incoming label of the static LSP or the static CRLSP. To make the static PW available, delete the static PW, and reconfigure it with an unused incoming label.

Examples

# Configure a primary PW and a backup PW for cross-connect pw2pw in cross-connect group vpn2. The primary PW is destined to 6.6.6.6 and has a PW ID of 100. The backup PW is destined to 7.7.7.7 and has a PW ID of 200.

<Sysname> system-view

[Sysname] xconnect-group vpn2

[Sysname-xcg-vpn2] connection pw2pw

[Sysname-xcg-vpn2-pw2pw] peer 6.6.6.6 pw-id 100 in-label 16 out-label 17

[Sysname-xcg-vpn2-pw2pw-6.6.6.6-100] backup-peer 7.7.7.7 pw-id 200 in-label 18 out-label 19

[Sysname-xcg-vpn2-pw2pw-6.6.6.6-100-backup]

Related commands

display l2vpn ldp

display l2vpn pw

peer

bandwidth

Use bandwidth to set the expected bandwidth for a PW.

Use undo bandwidth to restore the default.

Syntax

bandwidth bandwidth-value

undo bandwidth

Default

The expected bandwidth is 10000000 kbps.

Views

Cross-connect PW view

Predefined user roles

network-admin

Parameters

bandwidth-value: Specifies the expected bandwidth in the range of 1 to 10000000 kbps.

Examples

# Set the expected bandwidth to 10000 kbps for a PW.

<Sysname> system-view

[Sysname] xconnect-group vpn1

[Sysname-xcg-vpn1] connection pw2pw

[Sysname-xcg-vpn1-pw2pw] peer 1.1.1.1 pw-id 1

[Sysname-xcg-vpn1-pw2pw-1.1.1.1-1] bandwidth 10000

ccc

Use ccc to create a remote Circuit Cross Connect (CCC) connection.

Use undo ccc to restore the default.

Syntax

ccc in-label in-label-value out-label out-label-value { nexthop nexthop | out-interface interface-type interface-number } [ pw-class class-name ]

undo ccc

Default

No remote CCC connections exist.

Views

Cross-connect view

Predefined user roles

network-admin

Parameters

in-label in-label-value: Specifies an incoming label in the range of 16 to 1023.

out-label out-label-value: Specifies an outgoing label in the range of 16 to 1048575.

nexthop nexthop: Specifies the IP address of the next hop.

out-interface interface-type interface-number: Specifies the outgoing interface by its type and number.

pw-class class-name: Specifies a PW class by its name, a case-sensitive string of 1 to 19 characters. You can specify a PW class to configure the PW type and control word. If you do not specify a PW class, the PW type is determined by the interface type. The control word feature is not supported for PW types that do not require using control word.

Usage guidelines

A remote CCC connection is a static L2VPN connection that is manually created by specifying the incoming and outgoing labels on two PEs. A remote CCC connection does not need a public tunnel, but it requires configuring two static LSPs in opposite directions on each P device between the two PEs. CCC employs only one level of label to transfer packets. The static LSPs on the P devices transfer data only for the CCC connection.

This command must be configured on both the local and remote PEs to create a remote CCC connection. The outgoing label specified on a device must be the same as the incoming label specified on the next hop device.

After you create a remote CCC connection, you must execute the ac interface command to bind an interface. The PE can forward packets received from the interface to the remote CCC connection.

Use the out-interface keyword to specify the outgoing interface only on a point-to-point link. On other interfaces, for example, Layer 3 Ethernet interfaces, you must use the nexthop keyword to specify the next hop IP address.

For the PEs to forward packets over a CCC connection, make sure the two PEs have the same CCC connection settings such as the encapsulation type and control word feature.

Examples

# Create a remote CCC connection that has incoming label 100, outgoing label 200, and next hop 10.1.1.1, and uses PW class pwc1.

<Sysname> system-view

[Sysname] xconnect-group bbb

[Sysname-xcg-bbb] connection ccc1

[Sysname-xcg-bbb-ccc1] ccc in-label 100 out-label 200 nexthop 10.1.1.1 pw-class pwc1

# Create a remote CCC connection that has incoming label 100, outgoing label 200, outgoing interface Serial2/1/0, and uses PW class pwc1.

<Sysname> system-view

[Sysname] xconnect-group bbb

[Sysname-xcg-bbb] connection ccc1

[Sysname-xcg-bbb-ccc1] ccc in-label 100 out-label 200 out-interface serial 2/1/0 pw-class pwc1

Related commands

ac interface

display l2vpn pw

connection

Use connection to create a cross-connect and enter its view, or enter the view of an existing cross-connect.

Use undo connection to remove a cross-connect.

Syntax

connection connection-name

undo connection connection-name

Default

No cross-connects exist.

Views

Cross-connect group view

Predefined user roles

network-admin

Parameters

connection-name: Specifies the name of the cross-connect, a case-sensitive string of 1 to 20 characters, excluding hyphens.

Usage guidelines

A cross-connect is a point-to-point connection.

You can perform the following operations in cross-connect view:

· Execute ac interface and peer to connect an AC to a PW, so the PE can forward packets between the AC and the PW.

· Execute ac interface twice to connect two ACs, so the PE can forward packets between the two ACs.

· Execute peer twice to connect two PWs to form a multi-segment PW.

· Execute ac interface and ccc to connect an AC to a remote CCC connection, so the PE can forward packets between the AC and the remote CCC connection.

Examples

# Create cross-connect ac2pw for cross-connect group vpn1 and enter cross-connect view.

<Sysname> system-view

[Sysname] xconnect-group vpn1

[Sysname-xcg-vpn1] connection ac2pw

[Sysname-xcg-vpn1-ac2pw]

connection remote-site-id

Use connection remote-site-id to create an auto-discovery cross-connect and enter its view, or enter the view of an existing auto-discovery cross-connect.

Use undo connection remote-site-id to remove the auto-discovery cross-connect.

Syntax

connection remote-site-id remote-site-id

undo connection remote-site-id remote-site-id

Default

No auto-discovery cross-connects exist.

Views

Site view

Predefined user roles

network-admin

Parameters

remote-site-id: Specifies a remote site by its ID in the range of 0 to 256.

Usage guidelines

This command creates an auto-discovery cross-connect that uses BGP to establish a PW from the local site to the specified remote site.

In auto-discovery cross-connect view, you can execute ac interface to bind an AC to the auto-discovery cross-connect. The PE can forward packets between the AC and the PW.

Examples

# Create an auto-discovery cross-connect from site 1 to site 3 in site view, and enter auto-discovery cross-connect view.

<Sysname> system-view

[Sysname] xconnect-group bbb

[Sysname-xcg-bbb] auto-discovery bgp

[Sysname-xcg-bbb-auto] site 1 range 10

[Sysname-xcg-bbb-auto-1] connection remote-site-id 3

[Sysname-xcg-bbb-auto-1-3]

control-word enable

Use control-word enable to enable the control word feature.

Use undo control-word enable to disable the control word feature.

Syntax

control-word enable

undo control-word enable

Default

The control word feature is disabled.

Views

PW class view

Predefined user roles

network-admin

Usage guidelines

The control word field is between the MPLS label stack and the Layer 2 data. It carries control information for the Layer 2 frame, for example, the sequence number.

The control word feature has the following functions:

· Avoids fragment disorder. In multipath forwarding, fragments received might be disordered. You can configure the control word feature so the device reorders the fragments according to the sequence number carried in the control word field.

· Transfers specific Layer 2 frame flags, such as the FECN bit and BECN bit of Frame Relay.

· Identifies the original payload length for packets that include padding.

When the PW type is FR DLCI or ATM AAL5 SDU VCC, packets on the PW always carry the control word field, and the control word feature cannot be disabled.

When the PW type is Ethernet or VLAN, the control word field is optional. Packets transmitted on the PW carry the control word field only when control word is enabled on both PEs.

Examples

# Enable the control word feature for PW class pw100.

<Sysname> system-view

[Sysname] pw-class pw100

[Sysname-pw-pw100] control-word enable

Related commands

display l2vpn pw-class

default-nexthop

Use default-nexthop to specify the default next hop.

Use undo default-nexthop to restore the default.

Syntax

default-nexthop { ip ip-address | mac { mac-address | broadcast } }

undo default-nexthop

Default

No default next hop is specified.

Views

Interface view

Predefined user roles

network-admin

Parameters

ip ip-address: Specifies the IP address of the default next hop.

mac: Specifies the MAC address of the default next hop.

mac-address: Specifies the MAC address of the default next hop.

broadcast: Uses the broadcast MAC address as the MAC address of the default next hop.

Usage guidelines

If a CE is connected to a PE through an Ethernet link in an MPLS L2VPN interworking scenario, configure the default next hop on the PE. This allows the PE to encapsulate a link layer header for the packets to be sent to the CE.

If you specify the CE's MAC address or a broadcast MAC address as the default next hop, the PE uses this MAC address as the destination address of the outgoing packets. If you specify the CE's IP address as the default next hop, the PE performs the following operations:

1. Resolves the IP address to a MAC address through ARP.

2. Uses the resolved MAC address as the destination MAC address of the outgoing packets.

Examples

# Specify the default next hop IP address as 1.1.1.1 on GigabitEthernet 2/0/1 (PE's interface connected to the CE).

<Sysname> system-view

[Sysname] interface gigabitethernet 2/0/1

[Sysname-GigabitEthernet2/0/1] default-nexthop ip 1.1.1.1

description (cross-connect group view)

Use description to configure a description for a cross-connect group.

Use undo description to restore the default.

Syntax

description text

undo description

Default

No description is configured for a cross-connect group.

Views

Cross-connect group view

Predefined user roles

network-admin

Parameters

text: Specifies a description, a case-sensitive string of 1 to 80 characters.

Examples

# Configure a description of vpws for vpn2 for cross-connect group vpn2.

<Sysname> system-view

[Sysname] xconnect-group vpn2

[Sysname-xcg-vpn2] description vpws for vpn2

Related commands

display l2vpn xconnect-group

display bgp l2vpn signaling

Use display bgp l2vpn signaling to display MPLS L2VPN label block information discovered by BGP.

Syntax

display bgp [ instance instance-name ] l2vpn signaling [ peer ip-address { advertised | received } [ statistics ] | route-distinguisher route-distinguisher [ site-id site-id [ label-offset label-offset [ advertise-info ] ] ] | statistics ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

instance instance-name: Displays MPLS L2VPN label block information in a BGP instance. The instance-name argument specifies the BGP instance name, a case-sensitive string of 1 to 31 characters. If you do not specify a BGP instance, this command displays MPLS L2VPN label block information in the default BGP instance.

peer ip-address: Displays MPLS L2VPN label block information advertised to or received from a BGP peer. The ip-address argument specifies the peer IP address.

advertised: Displays MPLS L2VPN label block information advertised to the BGP peer.

received: Displays MPLS L2VPN label block information received from the BGP peer.

statistics: Displays BGP MPLS L2VPN label block statistics.

route-distinguisher route-distinguisher: Displays BGP MPLS L2VPN label block information for the route distinguisher (RD), which is a string of 3 to 21 characters. You can specify an RD in one of the following formats:

· 16-bit AS number:32-bit user-defined number. For example, 101:3.

· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.

· 32-bit AS number:16-bit user-defined number, where the AS number must be equal to or greater than 65536. For example, 65536:1.

site-id site-id: Displays BGP MPLS L2VPN label block information for a site. The site-id argument specifies the site ID in the range of 0 to 65535.

label-offset label-offset: Displays information about the BGP MPLS L2VPN label block with an offset. The label-offset argument specifies the offset in the range of 0 to 65535.

advertise-info: Displays BGP MPLS L2VPN label block advertisement information.

Usage guidelines

If you do not specify any parameters, this command displays brief information about all BGP MPLS L2VPN label blocks.

Examples

# Display brief information about all BGP MPLS L2VPN label blocks in the default BGP instance.

<Sysname> display bgp l2vpn signaling

BGP local router ID is 192.168.1.135

Status codes: * - valid, > - best, d - dampened, h - history,

s - suppressed, S - stale, i - internal, e - external

Origin: i - IGP, e - EGP, ? - incomplete

Total number of label blocks: 2

Route distinguisher: 2:2

Total number of label blocks: 2

Site ID LB offset LB range LB base Nexthop

* > 1 0 10 1034 0.0.0.0

* >i 2 0 10 1162 192.3.3.3

Table 86 Command output

Field	Description
Status codes	Status codes: · * – valid—Valid route. · > – best—Best route. · d – damped—Dampened route. · h – history—History route. · s – suppressed—Suppressed route. · S – Stale—Stale route. · i – internal—Internal route. · e – external—External route.
Origin	Origin of the label block: · i – IGP—Originated in the AS. · e – EGP—Learned through EGP. · ? – incomplete—Unknown origin.
LB offset	Offset of the label block.
LB range	Size of the label block.
LB base	Initial value of the label block.

# Display detailed information about the BGP MPLS L2VPN label block that has RD 2:2, site ID 2, and offset 0 in the default BGP instance.

<Sysname> display bgp l2vpn signaling route-distinguisher 2:2 site-id 2 label-offset 0

BGP local router ID: 192.168.1.135

Local AS number: 100

Route distinguisher: 2:2

Total number of label blocks: 1

Paths: 1 available, 1 best

From : 192.3.3.3 (192.168.1.140)

Original nexthop: 192.3.3.3

Ext-Community : <RT: 2:2>, <L2VPN info: MTU 1500, Encap type VLAN>

AS-path : (null)

Origin : igp

Attribute value : localpref 100, pref-val 0

Site ID : 2

LB offset : 0

LB base : 1162

LB range : 10

State : valid, internal, best

CSV : 0x01000ABFFF

Table 87 Command output

Field	Description
Paths	Number of label block messages: · available—Number of available label block messages. · best—Number of best label block messages.
From	IP address of the peer from which the label block was received.
Original nexthop	Original next hop. If the label block was obtained from a BGP route update, this field displays the next hop address in that BGP route update.
Ext-Community	Extended community attribute: · RT—Route target. · L2VPN info—L2VPN information, including the MTU and encapsulation type.
AS-path	AS path attribute, which records all ASs that the label block passed to prevent routing loops.
Origin	Origin of the label block: · igp—Originated in the AS. · egp—Learned through EGP. · incomplete—Unknown origin.
Attribute value	Attribute of the label block: · MED—Multi-Exit Discriminator attribute. · localpref—Local preference value. · pref-val—Preferred value. · pre—Preference value.
LB offset	Offset of the label block.
LB base	Initial value of the label block.
LB range	Size of the label block.
State	State of the label block: · valid. · internal. · external. · local. · best.
CSV	Circuit status vector.

# Display BGP advertisement information for the specified MPLS L2VPN label block in the default BGP instance.

<Sysname> display bgp l2vpn signaling route-distinguisher 2:2 site-id 1 label-offset 0 advertise-info

BGP local router ID: 192.168.1.135

Local AS number: 100

Route distinguisher: 2:2

Total number of label blocks: 1

Paths: 1 best

Site ID : 1

LB offset : 0

LB base : 1034

LB range : 10

CSV : 0x01000ADFFF

Advertised to peers (1 in total):

192.3.3.3

Table 88 Command output

Field	Description
Paths	Number of label block messages: · available—Number of available label block messages. · best—Number of best label block messages.
LB offset	Offset of the label block.
LB base	Initial value of the label block.
LB range	Size of the label block.
CSV	Circuit status vector.
Advertised to peers (1 in total)	Peers to which the label block has been advertised.

display l2vpn bgp

Use display l2vpn bgp to display MPLS L2VPN label block information.

Syntax

display l2vpn bgp [ local | peer ip-address ] [ xconnect-group group-name ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

local: Displays local MPLS L2VPN label block information.

peer ip-address: Displays MPLS L2VPN label block information received from the remote peer.

xconnect-group group-name: Displays MPLS L2VPN label block information for a cross-connect group. The group-name argument specifies the cross-connect group name, a case-sensitive string of 1 to 31 characters. If you do not specify a cross-connect group, this command displays MPLS L2VPN label block information for all cross-connect groups.

verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information.

Usage guidelines

If you specify a peer, this command displays both the label block received from the peer and the local label block that matches the received label block.

If you do not specify a peer or local, this command displays label blocks received from all peers and local label blocks that match the received ones. If no local label block matches the received ones, the command only displays the label blocks received from all peers.

A local label block matches a received label block if the following condition is met: local label block LO ≤ remote site ID ≤ local label block LO + local label block LR – 1.

Examples

# Display brief information about label blocks received from all peers.

<Sysname> display l2vpn bgp

Total number of BGP PWs: 1, 1 up, 0 down

Xconnect-group Name: vpnb, Site ID:1

Rmt Site Offset RD Nexthop In/Out Label State

2 0 2:2 192.3.3.3 1036/1163 Up

Table 89 Command output

Field	Description
Rmt Site	ID of the remote site.
Offset	Offset of the label block.

# Display detailed information about label blocks received from all peers.

<Sysname> display l2vpn bgp verbose

Xconnect-group Name: vpnb, Site ID:1

Remote Site ID : 2

Offset : 0

RD : 2:2

PW State : Up

Encapsulation : VLAN

MTU : 1500

Nexthop : 192.3.3.3

Local VC Label : 1036

Remote VC Label : 1163

Link ID : 1

Local Label Block : 1034/10/0

Remote Label Block : 1162/10/0

Export Route Target: 2:2

Table 90 Command output

Field	Description
Local VC Label	Incoming label of the PW.
Remote VC Label	Outgoing label of the PW.
Link ID	Link ID of the PW.
Local Label Block	Local label block: label base/label range/Label-block offset.
Remote Label Block	Remote label block: label base/label range/Label-block offset.
Export Route Target	Route target of the remote label block.

# Display brief information about all local label blocks.

<Sysname> display l2vpn bgp local

Xconnect-group Name: vpnb

Site Offset Range Label Base RD

1 0 10 1034 2:2

# Display detailed information about all local label blocks.

<Sysname> display l2vpn bgp local verbose

Xconnect-group Name: vpnb

Site ID : 1

Offset : 0

RD : 2:2

Range : 10

Label Base : 1034

Link ID : 1

Table 91 Command output

Field	Description
Offset	Offset of the label block.
RD	RD of the label block. If no RD is configured, this field displays a hyphen (-).
Range	Range of the label block.
Label Base	Initial value of the label block.
Link ID	Link ID of the PW established using the label block. The link ID is fixed to 1 because an MPLS L2VPN cross-connect can establish only one BGP PW.

Related commands

display l2vpn pw

display l2vpn forwarding

Use display l2vpn forwarding to display cross-connect forwarding information.

Syntax

Centralized devices in standalone mode:

display l2vpn forwarding { ac | pw } [ xconnect-group group-name ] [ verbose ]

Distributed devices in standalone mode/centralized devices in IRF mode:

display l2vpn forwarding { ac | pw } [ xconnect-group group-name ] [ slot slot-number ] [ verbose ]

Distributed devices in IRF mode:

display l2vpn forwarding { ac | pw } [ xconnect-group group-name ] [ chassis chassis-number slot slot-number ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

ac: Displays AC forwarding information.

pw: Displays PW forwarding information.

xconnect-group group-name: Displays forwarding information for a cross-connect group. The group-name argument specifies the cross-connect group name, a case-sensitive string of 1 to 31 characters. If you do not specify a group, this command displays forwarding information for all cross-connect groups.

slot slot-number: Specifies a card by its slot number. If you do not specify a card, this command displays cross-connect forwarding information on the active MPU. (Distributed devices in standalone mode.)

slot slot-number: Specifies an IRF member device by its member ID. If you do not specify a member device, this command displays cross-connect forwarding information for the master device. (Centralized devices in IRF mode.)

chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The chassis-number argument represents the member ID of the IRF member device. The slot-number argument represents the slot number of the card. If you do not specify a card, this command displays cross-connect forwarding information for the global active MPU. (Distributed devices in IRF mode.)

verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information.

Examples

# Display brief AC forwarding information for all cross-connect groups.

<Sysname> display l2vpn forwarding ac

Total number of cross-connections: 2

Total number of ACs: 2

AC Xconnect-group Name Link ID

GE2/0/2 vpn1 0

GE2/0/3 vpn2 0

Table 92 Command output

Field	Description
Total number of cross-connections	Total number of cross-connects, including cross-connects not bound to any ACs.
AC	AC type. The value is a Layer 3 interface.

# Display detailed AC forwarding information for all cross-connect groups.

<Sysname> display l2vpn forwarding ac verbose

Xconnect-group Name: vpws1

Connection Name: actopw

Interface: GE2/0/1

Link ID : 1

Access Mode : Ethernet

Connection Name: actoac

Interface: GE2/0/2

Link ID : 0

Access Mode : Ethernet

Interface: GE2/0/3

Link ID : 1

Access Mode : Ethernet

Reflectors :

IP Address MAC Address Src Port Dst Port State

100.1.1.4 8850-fc51-5cee 200 201 Succeeded

100.1.2.5 3aad-0b9f-0116 49184 7 Succeeded

Table 93 Command output

Field	Description
Xconnect-group Name	Cross-connect group name.
Connection Name	Cross-connect name.
Service Instance	The field is available only when the AC is an Ethernet service instance on a Layer 2 interface. This field is not supported in the current software version.
Access Mode	AC access mode: · VLAN. · Ethernet.
Encapsulation	Match criterion of the Ethernet service instance. This field is displayed only when the AC type is Ethernet service instance on a Layer 2 interface. This field is not supported in the current software version.

# Display brief PW forwarding information for all cross-connect groups.

<Sysname> display l2vpn forwarding pw

Total number of cross-connections: 1

Total number of PWs: 2, 2 up, 0 blocked, 0 down

Xconnect-group Name In/Out Label NID Link ID State

vpn1 1279/1151 1025 0 Up

vpn1 1278/1151 1027 1 Up

Table 94 Command output

Field	Description
Total number of cross-connections	Total number of cross-connects, including those not bound to any PW.
NID	NHLFE ID for the public tunnel that carries the PW. If equal-cost tunnels are available, this field displays multiple NIDs. If no tunnel is available, this field displays None.
State	PW state: Up, Down, Blocked, or BFD Defect. Blocked indicates that the PW is a backup PW. BFD Defect indicates BFD has detected a defect on the PW.

# Display detailed PW forwarding information for all cross-connect groups.

<Sysname> display l2vpn forwarding pw verbose

Xconnect-group Name: vpn1

Connection Name: ldp

Link ID: 0

PW Type : VLAN PW State : Up

In Label : 1279 Out Label: 1151

MTU : 1500

PW Attributes : Main

VCCV CC : Router-Alert

VCCV BFD : Fault Detection with BFD

Tunnel Group ID : 0x60000000

Tunnel NHLFE IDs: 1025

Link ID: 1

PW Type : VLAN PW State : Up

In Label : 1278 Out Label: 1151

MTU : 1500

PW Attributes : Main

VCCV CC : Router-Alert

VCCV BFD : Fault Detection with BFD

Tunnel Group ID : 0x160000001

Tunnel NHLFE IDs: 1027

Table 95 Command output

Field	Description
PW State	PW state: Up, Down, Blocked, or BFD Defect. Blocked indicates that the PW is a backup PW. BFD Defect indicates BFD has detected a defect on the PW.
PW Attributes	PW attribute: · Main—The PW is the primary PW. · Backup—The PW is the backup PW.
VCCV CC	VCCV CC type: · Control-Word—Control word. · Router-Alert—MPLS Router Alert Label. This field displays a hyphen (-) if no VCCV CC type is specified.
VCCV BFD	VCCV BFD type: · Fault Detection with BFD. BFD packets use IP/UDP encapsulation (with IP/UDP headers). · Fault Detection with Raw-BFD. BFD packets use PW-ACH encapsulation (without IP/UDP headers). This field displays a hyphen (-) if BFD is not used to verify PW connectivity.
Tunnel Group ID	ID of the tunnel group for the PW.
Tunnel NHLFE IDs	NHLFE IDs of the public tunnels that carry the PW. If equal-cost tunnels are available, this field displays multiple tunnel NHLFE IDs. If no tunnel is available, this field displays None.

display l2vpn interface

Use display l2vpn interface to display L2VPN information for Layer 3 interfaces bound to cross-connects.

Syntax

display l2vpn interface [ xconnect-group group-name | interface-type interface-number ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

xconnect-group group-name: Displays L2VPN information for Layer 3 interfaces bound to cross-connects in a cross-connect group. The group-name argument specifies the cross-connect group name, a case-sensitive string of 1 to 31 characters.

interface-type interface-number: Displays L2VPN information for the specified interface.

verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information.

Usage guidelines

If you do not specify any parameters, this command displays L2VPN information for all Layer 3 interfaces bound to cross-connects.

Examples

# Display brief L2VPN information for all Layer 3 interfaces bound to cross-connects.

<Sysname> display l2vpn interface

Total number of interfaces: 2, 2 up, 0 down

Interface Owner Link ID State Type

GE2/0/1 vpws1 1 Up VPWS

GE2/0/2 vpws2 1 Up VPWS

# Display detailed L2VPN information for all Layer 3 interfaces bound to cross-connects.

<Sysname> display l2vpn interface verbose

Interface : GE2/0/1

Owner : vpws1

Link ID : 1

State : UP

Type : VPWS

Interface : GE2/0/2

Owner : vpws2

Link ID : 1

State : UP

Type : VPWS

Table 96 Command output

Field	Description
Owner	Cross-connect group name.
Link ID	Link ID of the AC.
Type	L2VPN type. The value can only be VPWS for an MPLS L2VPN network.

display l2vpn ldp

Use display l2vpn ldp to display LDP PW label information.

Syntax

display l2vpn ldp [ peer ip-address [ pw-id pw-id ] | xconnect-group group-name ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

peer ip-address: Displays LDP PW label information advertised by a peer PE. The ip-address argument specifies the LSR ID of the peer PE. If you do not specify a peer PE, this command displays LDP PW label information advertised by all peer PEs.

pw-id pw-id: Displays LDP PW label information for a PW. The pw-id argument specifies the PW ID in the range of 1 to 4294967295. If you specify peer ip-address without this option, the command displays all LDP PW label information advertised by the peer PE.

xconnect-group group-name: Displays LDP PW label information for a cross-connect group. The group-name argument specifies the cross-connect group name, a case-sensitive string of 1 to 31 characters. If you do not specify a cross-connect group, this command displays LDP PW label information for all cross-connect groups.

verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information.

Examples

# Display brief information about all LDP PW labels.

<Sysname> display l2vpn ldp

Total number of LDP PWs: 5, 4 up, 1 down

Peer PW ID/VPLS ID In/Out Label State Owner

192.3.3.3 1001 775125/775126 Up vpws1

192.3.3.3 1003 775117/775122 Up vpws3

192.3.3.3 1004 775120/775120 Up vpws4

192.4.4.4 1000 775116/unknown Down vpws5

Table 97 Command output

Field	Description
PW ID/VPLS ID	This field displays the PW ID for FEC 128, and displays the VPLS ID for FEC 129. Only VPLS supports FEC 129.
Owner	Cross-connect group of the PW.

# Display detailed information about all LDP PW labels.

<Sysname> display l2vpn ldp verbose

Peer: 192.2.2.2 PW ID: 1000

Xconnect-group: vpn1

Connection : ldp

PW State : Up

PW Status Communication: Notification method

PW ID FEC (Local/Remote):

PW Type : VLAN/VLAN

Group ID : 0/0

Label : 1151/1279

Control Word: Disabled/Disabled

VCCV CC Type: -/-

VCCV CV Type: -/-

MTU : 1500/1500

PW Status : PW forwarding/PW forwarding

Table 98 Command output

Field	Description
Xconnect-group	Cross-connect group of the PW.
Connection	Cross-connect of the PW.
PW Status Communication	PW state communicate: · Notification method—Uses notifications to communicate PW states. · Label withdraw method—Assigns a PW label to the PW when the AC is up and withdraws the PW label when the AC goes down.
VCCV CC Type	VCCV CC type: · Control-Word—Control word. · Router-Alert—MPLS Router Alert Label. This field displays a hyphen (-) if no VCCV CC type is specified. For information about VCCV, see MPLS Configuration Guide.
VCCV CV Type	VCCV CV type: · LSP Ping—Uses MPLS LSP ping to verify PW connectivity. · BFD—Uses BFD to verify PW connectivity. BFD packets use IP/UDP encapsulation (with IP/UDP headers). · Raw-BFD—Uses BFD to verify PW connectivity. BFD packets use PW-ACH encapsulation (without IP/UDP headers). This field displays a hyphen (-) if VCCV is not performed on the PW.

display l2vpn pw

Use display l2vpn pw to display L2VPN PW information.

Syntax

display l2vpn pw [ xconnect-group group-name ] [ protocol { bgp | ldp | static } ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

xconnect-group group-name: Displays L2VPN PW information for a cross-connect group. The group-name argument specifies the cross-connect group name, a case-sensitive string of 1 to 31 characters. If you do not specify a group, this command displays L2VPN PW information for all cross-connect groups.

protocol: Displays L2VPN PW information established by a protocol. If you do not specify a protocol, this command displays L2VPN PW information established by all protocols.

bgp: Displays BGP PW information.

ldp: Displays LDP PW information.

static: Displays static PW information, including remote CCC connections.

verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information.

Examples

# Display brief information about all L2VPN PWs.

<Sysname> display l2vpn pw

Flags: M - main, B - backup, BY - bypass, H - hub link, S - spoke link, N - no split horizon

Total number of PWs: 2

2 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate

Xconnect-group Name: ldp

Peer PW ID/Rmt Site In/Out Label Proto Flag Link ID State

192.3.3.3 500 1299/1299 LDP M 0 Up

Xconnect-group Name: vpnb

Peer PW ID/Rmt Site In/Out Label Proto Flag Link ID State

192.3.3.3 2 1036/1163 BGP M 1 Up

Table 99 Command output

Field	Description
Flags	PW flag.
PW ID/Rmt Site	This field displays the PW ID for a static or LDP PW, and displays the remote site ID for a BGP PW.
Proto	Protocol that established the PW: LDP, Static, or BGP.
Link ID	Link ID of the PW.
State	PW state: · Up—The PW is available. · Down—The PW is not available. · Blocked—The PW is a backup PW. · Defect—BFD has detected a defect on the PW. · Idle—The incoming label of the PW is not available. · Dup—The incoming label of the static PW is used by a static LSP or a static CRLSP.

# Display detailed information about all PWs.

<Sysname> display l2vpn pw verbose

Xconnect-group Name: ldp

Connection Name: ldp

Peer: 192.3.3.3 PW ID: 500

Signaling Protocol : LDP

Link ID : 0 PW State : Up

In Label : 1299 Out Label: 1299

MTU : 1500

PW Attributes : Main

VCCV CC : -

VCCV BFD : -

Tunnel Group ID : 0x800000160000000

Tunnel NHLFE IDs : 1026

Xconnect-group Name: vpnb

Connection of auto-discovery: Site 1

Peer: 192.3.3.3 Remote Site: 2

Signaling Protocol : BGP

Link ID : 1 PW State : Up

In Label : 1036 Out Label: 1163

MTU : 1500

PW Attributes : Main

VCCV CC : -

VCCV BFD : -

Tunnel Group ID : 0x800000160000000

Tunnel NHLFE IDs : 1026

Table 100 Command output

Field		Description
Xconnect-group Name		Cross-connect group name.
Connection Name		Cross-connect name, which is displayed for LDP and static PWs.
Peer		IP address of the peer PE of the PW.
Signaling Protocol		Protocol that established the PW: LDP, Static, or BGP.
PW State		PW state: · Up—The PW is available. · Down—The PW is not available. · Blocked—The PW is a backup PW. · Defect—BFD has detected a defect on the PW. · Idle—The incoming label of the PW is not available. · Duplicate—The incoming label of the static PW is used by a static LSP or a static CRLSP.
Wait to Restore Time		Wait time to switch traffic from the backup PW to the primary PW when the primary PW recovers, in seconds. If the switchover is disabled, this field displays Infinite. This field is available when both primary and backup PW exist, and is displayed only for the primary PW.
Remaining Time		Remaining wait time for traffic switchover, in seconds.
PW Attributes		PW attribute: · Main—Primary PW. · Backup—Backup PW.
VCCV CC	VCCV CC type: · Control-Word—Control word. · Router-Alert—MPLS Router Alert Label. This field displays a hyphen (-) if no VCCV CC type is specified.
VCCV BFD	VCCV BFD type: · Fault Detection with BFD. BFD packets use IP/UDP encapsulation (with IP/UDP headers). · Fault Detection with Raw-BFD. BFD packets use PW-ACH encapsulation (without IP/UDP headers). This field displays a hyphen (-) if BFD is not used to verify PW connectivity.
Tunnel Group ID		ID of the tunnel group for the PW.
Tunnel NHLFE IDs		NHLFE IDs of the public tunnels that carry the PW. If equal-cost tunnels are available, this field displays multiple tunnel NHLFE IDs. If no tunnel is available, this field displays None.
Connection of auto-discovery		The PW is a BGP PW.
Site		Local site ID.
Remote site		Remote site ID.

display l2vpn pw-class

Use display l2vpn pw-class to display PW class information.

Syntax

display l2vpn pw-class [ class-name ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

class-name: Displays information about the PW class specified by its name, a case-sensitive string of 1 to 19 characters. If you do not specify a PW class, this command displays information about all PW classes.

verbose: Displays detailed information. If you do not specify this keyword, the command displays brief PW class information.

Examples

# Display information about all PW classes.

<Sysname> display l2vpn pw-class

Total number of PW classes: 2

PW Class Name PW Type Control Word VCCV CC VCCV BFD

pw1 Ethernet Enabled Control-Word Raw-BFD

pw2 VLAN Disabled Router-Alert BFD

Table 101 Command output

Field	Description
PW Type	PW type: Ethernet, VLAN, TDM-CESoPSN-Basic, or TDM-SAToP-E1.
VCCV CC	VCCV CC type: · Control-Word—Control word. · Router-Alert—MPLS Router Alert Label. This field displays a hyphen (-) if no VCCV CC type is specified.
VCCV BFD	VCCV BFD type: · BFD—BFD packets use IP/UDP encapsulation (with IP/UDP headers). · Raw-BFD—BFD packets use PW-ACH encapsulation (without IP/UDP headers). This field displays a hyphen (-) if BFD is not used to verify PW connectivity.

# Display detailed information about all PW classes.

<Sysname> display l2vpn pw-class verbose

PW Class Name : pw1

PW Type : Ethernet

Control Word: Enabled

VCCV CC : Control-Word

VCCV BFD : Raw-BFD

Sequencing : Both

PW Class Name : pw2

PW Type : VLAN

Control Word: Disabled

VCCV CC : Router-Alert

VCCV BFD : BFD

Sequencing : -

Table 102 Command output

Field	Description
PW Type	PW type: Ethernet, VLAN, TDM-CESoPSN-Basic, or TDM-SAToP-E1.
Control Word	Whether control word is enabled.
VCCV CC	VCCV CC type: · Control-Word—Control word. · Router-Alert—MPLS Router Alert Label. This field displays a hyphen (-) if no VCCV CC type is specified.
VCCV BFD	VCCV BFD type: · BFD—BFD packets use IP/UDP encapsulation (with IP/UDP headers). · Raw-BFD—BFD packets use PW-ACH encapsulation (without IP/UDP headers). This field displays a hyphen (-) if BFD is not used to verify PW connectivity.
Sequencing	Sequencing on the PW. The value is Both, which means sequencing is enabled for both incoming and outgoing packets on a PW. A hyphen (-) in this field indicates that sequencing is disabled on the PW.

Related commands

pw-class

display l2vpn xconnect-group

Use display l2vpn xconnect-group to display cross-connect group information.

Syntax

display l2vpn xconnect-group [ name group-name ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

name group-name: Displays information about a cross-connect group. The group-name argument specifies the cross-connect group name, a case-sensitive sting of 1 to 31 characters. If you do not specify a group, this command displays information about all cross-connect groups.

verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information.

Examples

# Display brief information about all cross-connect groups.

<Sysname> display l2vpn xconnect-group

Total number of cross-connections: 3, 0 up, 3 down, 0 admin down

Xconnect-group Name Connection ID MTU State

abc 0 1500 Down

vpn1 2 1500 Down

vpn2 1 1500 Down

Table 103 Command output

Field	Description
Connection ID	Cross-connect ID.
State	Cross-connect group state: Up, Down, or Admin down. Admin down indicates that the cross-connect group has been shut down by using the shutdown command.

# Display detailed information about all cross-connect groups.

<Sysname> display l2vpn xconnect-group verbose

Xconnect-group Name: vpnb

Connection of auto-discovery: Site 1, Remote Site 2

Connection ID : 0

State : Up

MTU : 1500

BGP PWs:

Peer Remote Site Link ID State

192.3.3.3 2 1 Up

ACs:

AC Link ID State

GE2/0/4 0 Up

Table 104 Command output

Field	Description
Xconnect-group Name	Cross-connect group name.
Description	Description for the cross-connect group. If no description is configured, this field is not displayed.
Connection Name	Cross-connect name.
Connection of auto-discovery	Auto-discovery cross-connect.
Site	Local site ID.
Remote site	Remote site ID.
Connection ID	Cross-connect ID.
State	Cross-connect group state: Up, Down, or Admin down. Admin down indicates the cross-connect group has been shut down by using the shutdown command.
Interworking IPv4	IPv4 interworking state: Enabled or Disabled.
State	PW state: Up, Down, Blocked, or Defect.
AC	AC type. The value is a Layer 3 interface.

Related commands

xconnect-group

interworking

Use interworking to enable interworking for a cross-connect.

Use undo interworking to disable interworking for a cross-connect.

Syntax

interworking ipv4

undo interworking

Default

Interworking is disabled for a cross-connect.

Views

Cross-connect view

Predefined user roles

network-admin

Parameters

ipv4: Specifies IPv4 interworking.

Usage guidelines

Interworking enables a PW to connect ACs that have different link types. In an IPv4 interworking scenario, a PE extracts IPv4 packets from frames received from the AC and sends the packets to the peer PE through the PW. The peer PE uses the link protocol of the connected AC to encapsulate the IPv4 packets and sends the packets through the AC. This method hides the link types of ACs at the two ends.

IPv4 interworking discards non-IPv4 packets received from the AC.

When interworking is enabled, the PW type configuration does not take effect.

Examples

# Enable IPv4 interworking for cross-connect ac2pw in cross-connect group vpn1.

<Sysname> system-view

[Sysname] xconnect-group vpn1

[Sysname-xcg-vpn1] connection ac2pw

[Sysname-xcg-vpn1-ac2pw] interworking ipv4

l2vpn enable

Use l2vpn enable to enable L2VPN.

Use undo l2vpn enable to disable L2VPN.

Syntax

l2vpn enable

undo l2vpn enable

Default

L2VPN is disabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

You must enable L2VPN before configuring other L2VPN settings.

Examples

# Enable L2VPN.

<Sysname> system-view

[Sysname] l2vpn enable

l2vpn switchover

Use l2vpn switchover to switch traffic from the specified PW to its backup or primary PW.

Syntax

l2vpn switchover peer ip-address pw-id pw-id

Views

User view

Predefined user roles

network-admin

Parameters

peer ip-address: Specifies the LSR ID of the peer PE.

pw-id pw-id: Specifies a PW by its ID in the range of 1 to 4294967295.

Usage guidelines

The specified LSR ID and PW ID uniquely identify a PW.

If a PW has a backup PW or primary PW, this command switches traffic from the PW to the backup or primary PW. If the PW does not have a backup or primary PW, this command does not perform the switchover.

Examples

# Switch traffic from PW 100 destined for 3.3.3.3 to its backup PW.

<Sysname> l2vpn switchover peer 3.3.3.3 pw-id 100

mtu

Use mtu to set an MTU for PWs established on a cross-connect or auto-discovery cross-connect.

Use undo mtu to restore the default.

Syntax

mtu size

undo mtu

Default

A PW has an MTU of 1500 bytes.

Views

Cross-connect view

Auto-discovery cross-connect group view

Predefined user roles

network-admin

Parameters

size: Specifies an MTU value in the range of 300 to 65535 bytes.

Usage guidelines

The specified MTU applies to all PWs established in the cross-connect view or the auto-discovery cross-connect group view.

The MTU specifies the maximum packet length, including the control word, PW label, and network layer packet.

For an LDP PW to come up, the PEs at the two ends of the PW must have the same MTU.

Examples

# Set the MTU to 1400 bytes for cross-connect ac2pw in cross-connect group vpn1.

<Sysname> system-view

[Sysname] xconnect-group vpn1

[Sysname-xcg-vpn1] connection ac2pw

[Sysname-xcg-vpn1-ac2pw] mtu 1400

# Set the MTU to 1400 bytes for the auto-discovery cross-connect in cross-connect group bbb.

<Sysname> system-view

[Sysname] xconnect-group bbb

[Sysname-xcg-bbb] auto-discovery bgp

[Sysname-xcg-bbb-auto] mtu 1400

Related commands

display l2vpn xconnect-group

peer

Use peer to configure a PW for a cross-connect and enter cross-connect PW view, or enter the view of an existing cross-connect PW.

Use undo peer to delete a PW for a cross-connect.

Syntax

peer ip-address pw-id pw-id [ in-label label-value out-label label-value ] [ pw-class class-name | tunnel-policy tunnel-policy-name ] *

undo peer ip-address pw-id pw-id

Default

No PWs exist for a cross-connect.

Views

Cross-connect view

Predefined user roles

network-admin

Parameters

ip-address: Specifies the LSR ID of the peer PE.

pw-id pw-id: Specifies a PW ID for the PW, in the range of 1 to 4294967295.

in-label label-value: Specifies the incoming label of the PW, in the range of 16 to 1023.

out-label label-value: Specifies the outgoing label of the PW, in the range of 16 to 1048575.

tunnel-policy tunnel-policy-name: Specifies a tunnel policy by its name, a case-sensitive string of 1 to 19 characters. If you do not specify a tunnel policy, the default tunnel policy is used.

Usage guidelines

To create a static PW, you must specify the incoming and outgoing labels. To enter the view of an existing static PW, you do not need to specify the incoming and outgoing labels.

If you do not specify the incoming and outgoing labels when you create a new PW, LDP is used to create the PW.

The PW ID for a PW must be the same on the PEs at the ends of the PW.

On a PE, the LSR ID of the peer PE and the PW ID uniquely identify a PW. The peer LSR ID and PW ID combination of a PW must be unique among all VPLS PWs and cross-connect PWs.

PW redundancy is mutually exclusive with the multi-segment PW feature. If you have configured two PWs by using the peer command in cross-connect view, you cannot configure a backup PW by using the backup-peer command in cross-connect PW view, and vice versa.

Examples

# Configure an LDP PW destined to 4.4.4.4 for cross-connect pw2pw in cross-connect group vpn1 and enter cross-connect PW view. The PW ID is 200.

<Sysname> system-view

[Sysname] xconnect-group vpn1

[Sysname-xcg-vpn1] connection pw2pw

[Sysname-xcg-vpn1-pw2pw] peer 4.4.4.4 pw-id 200

[Sysname-xcg-vpn1-pw2pw-4.4.4.4-200]

# Configure a static PW destined to 5.5.5.5 for cross-connect pw2pw in cross-connect group vpn1 and enter cross-connect PW view. The static PW has an ID of 200, an incoming label of 100, and an outgoing label of 200.

<Sysname> system-view

[Sysname] xconnect-group vpn1

[Sysname-xcg-vpn1] connection pw2pw

[Sysname-xcg-vpn1-pw2pw] peer 5.5.5.5 pw-id 200 in-label 100 out-label 200

[Sysname-xcg-vpn1-pw2pw-5.5.5.5-200]

Related commands

display l2vpn ldp

display l2vpn pw

pw-class

tunnel-policy

peer signaling

Use peer signaling to enable BGP to exchange label block information with the specified peer or peer group.

Use undo peer signaling to disable BGP to exchange label block information with the specified peer or peer group.

Syntax

peer { group-name | ip-address [ mask-length ] } signaling [ non-standard ]

undo peer { group-name | ip-address [ mask-length ] } signaling

Default

BGP can exchange label block information with an L2VPN peer or peer group through RFC 4761 MP_REACH_NLRI.

Views

BGP L2VPN address family view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The specified peer group must have been created.

ip-address: Specifies a peer by its IP address. The specified peer must have been created.

mask-length: Specifies a mask length in the range of 0 to 32. You can use the ip-address and mask-length arguments together to specify a subnet. If you specify a subnet, this command enables BGP to exchange label block information with all dynamic peers in the subnet.

non-standard: Uses draft-kompella-ppvpn-l2vpn-03 MP_REACH_NLRI to exchange label block information. If you do not specify this keyword, RFC 4761 MP_REACH_NLRI is used to exchange label block information.

Usage guidelines

L2VPN uses MP-BGP to exchange label blocks when creating a BGP PW.

To enable BGP to exchange label blocks with the specified peers through RFC 4761 MP_REACH_NLRI, you can also use the peer enable command in BGP L2VPN address family view. To disable the capability, use the undo peer signaling command.

Examples

# Enable BGP to exchange label block information with the peer 3.3.3.9 through draft-kompella-ppvpn-l2vpn-03 MP_REACH_NLRI in BGP instance default.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family l2vpn

[Sysname-bgp-default-l2vpn] peer 3.3.3.9 signaling non-standard

# Enable BGP to exchange label block information with the peer 3.3.3.9 through draft-kompella-ppvpn-l2vpn-03 MP_REACH_NLRI in BGP instance abc.

<Sysname> system-view

[Sysname] bgp 100 instance abc

[Sysname-bgp-abc] address-family l2vpn

[Sysname-bgp-abc-l2vpn] peer 3.3.3.9 signaling non-standard

Related commands

display bgp l2vpn signaling

policy vpn-target

Use policy vpn-target to enable route target-based filtering of incoming BGP L2VPN information.

Use undo policy vpn-target to disable route target-based filtering of incoming BGP L2VPN information.

Syntax

policy vpn-target

undo policy vpn-target

Default

Route target-based filtering of incoming BGP L2VPN information is enabled.

Views

BGP L2VPN address family view

Predefined user roles

network-admin

Usage guidelines

If route target-based filtering is enabled, L2VPN accepts only the incoming BGP L2VPN information whose export route target attribute matches the local import route target attribute. If route target-based filtering is disabled, L2VPN accepts all incoming BGP L2VPN information.

To establish a BGP PW between two MP-IBGP peers that use a route reflector, you must disable route target-based filtering of incoming BGP L2VPN information on the route reflector.

Examples

# Disable route target-based filtering of incoming BGP L2VPN information in BGP instance default.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family l2vpn

[Sysname-bgp-default-l2vpn] undo policy vpn-target

# Disable route target-based filtering of incoming BGP L2VPN information in BGP instance abc.

<Sysname> system-view

[Sysname] bgp 100 instance abc

[Sysname-bgp-abc] address-family l2vpn

[Sysname-bgp-abc-l2vpn] undo policy vpn-target

ppp ipcp ignore local-ip

Use ppp ipcp ignore local-ip to configure PPP to support IPCP negotiation without an IP address.

Use undo ppp ipcp ignore local-ip to restore the default.

Syntax

ppp ipcp ignore local-ip

undo ppp ipcp ignore local-ip

Default

PPP does not support IPCP negotiation without an IP address, and the local interface must be configured with an IP address to perform IPCP negotiation with the peer.

Views

Interface view

Predefined user roles

network-admin

Usage guidelines

In an MPLS L2VPN interworking scenario, link layer negotiation packets cannot be delivered on the network, and Layer 2 connections cannot be established directly between CEs. Therefore, PEs must establish Layer 2 connections with the connected CEs. For example, on a PPP link, the PE and its connected CE perform PPP negotiation to establish a PPP connection.

If the PE's interface that is connected to the CE has an IP address, IPCP negotiation is performed.

If the interface does not have an IP address, use this command to ensure a successful IPCP negotiation without an IP address. The configuration for IPCP negotiation without an IP address takes precedence over the IPCP proxy IP address configuration.

Examples

# Configure PPP to support IPCP negotiation without an IP address on Serial 2/1/0.

<Sysname> system-view

[Sysname] interface serial 2/1/0

[Sysname-Serial2/1/0] link-protocol ppp

[Sysname-Serial2/1/0] ppp ipcp ignore local-ip

Related commands

ppp ipcp proxy

Use ppp ipcp proxy to specify an IPCP proxy IP address.

Use undo ppp ipcp proxy to restore the default.

Syntax

ppp ipcp proxy ip-address

undo ppp ipcp proxy

Default

No IPCP proxy IP address is specified.

Views

Interface view

Predefined user roles

network-admin

Parameters

ip-address: Specifies an IPCP proxy IP address.

Usage guidelines

If the PE's interface that is connected to the CE has an IP address, IPCP negotiation is performed.

If the interface does not have an IP address, use this command to specify the IPCP proxy IP address as the IP address of the peer CE. This ensures a successful IPCP negotiation. The configuration for IPCP negotiation without an IP address takes precedence over the IPCP proxy IP address configuration.

Examples

# Specify the IPCP proxy IP address as 1.1.1.1.

<Sysname> system-view

[Sysname] interface serial 2/1/0

[Sysname-Serial2/1/0] link-protocol ppp

[Sysname-Serial2/1/0] ppp ipcp proxy 1.1.1.1

Related commands

ppp ipcp ignore local-ip

protection dual-receive

Use protection dual-receive to enable the dual receive feature for PW redundancy. After the dual receive feature is enabled, both the primary and backup PWs can receive packets, but only the primary PW sends packets.

Use undo protection dual-receive to restore the default.

Syntax

protection dual-receive

undo protection dual-receive

Default

The dual receive feature is disabled. When the primary PW is normal, the backup PW does not send or receive packets.

Views

Cross-connect view

Predefined user roles

network-admin

Examples

# Enable the dual receive feature for cross-connect ac2pw in cross-connect group vpn1.

<Sysname> system-view

[Sysname] xconnect-group vpn1

[Sysname-xcg-vpn1] connection ac2pw

[Sysname-xcg-vpn1-ac2pw] protection dual-receive

pw-class (auto-discovery cross-connect group view)

Use pw-class to specify a PW class for an auto-discovery cross-connect group.

Use undo pw-class to restore the default.

Syntax

pw-class class-name

undo pw-class

Default

No PW class is specified.

Views

Auto-discovery cross-connect group view

Predefined user roles

network-admin

Parameters

class-name: Specifies a PW class by its name, a case-sensitive string of 1 to 19 characters.

Usage guidelines

The specified PW class will be used to establish all PWs in the auto-discovery cross-connect group.

Examples

# Specify a PW class named pw100 for auto-discovery cross-connect group bbb.

<Sysname> system-view

[Sysname] pw-class pw100

[Sysname-pw-pw100] quit

[Sysname] xconnect-group bbb

[Sysname-xcg-bbb] auto-discovery bgp

[Sysname-xcg-bbb-auto] pw-class pw100

Related commands

control-word enable

display l2vpn pw-class

pw-class

pw-type

pw-class (system view)

Use pw-class to create a PW class and enter its view, or enter the view of an existing PW class.

Use undo pw-class to delete a PW class.

Syntax

pw-class class-name

undo pw-class class-name

Default

No PW classes exist.

Views

System view

Predefined user roles

network-admin

Parameters

class-name: Specifies a name for the PW class, a case-sensitive string of 1 to 19 characters.

Usage guidelines

In PW class view, you can configure PW attributes such as the PW type and whether to enable control word. You can configure PWs to use the same PW class to simplify PW attribute configuration.

Examples

# Create a PW class named pw100 and enter PW view.

<Sysname> system-view

[Sysname] pw-class pw100

[Sysname-pw-pw100]

Related commands

control-word enable

display l2vpn pw-class

pw-type

Use pw-type to specify a PW type for a PW class.

Use undo pw-type to restore the default.

Syntax

pw-type { ethernet | tdm-cesopsn-basic | tdm-satop-e1 | vlan }

undo pw-type

Default

The PW type is VLAN.

Views

PW class view

Predefined user roles

network-admin

Parameters

ethernet: Specifies the PW type as Ethernet.

tdm-cesopsn-basic: Specifies the PW type as TDM-CESoPSN-Basic.

tdm-satop-e1: Specifies the PW type as TDM-SAToP-E1.

vlan: Specifies the PW type as VLAN.

Usage guidelines

Packets are forwarded between the AC and PW as follows according to the PW type:

· Ethernet—P-tag is not transferred on a PW.

¡ For a packet from a CE:

- If the packet contains a P-tag, the PE removes the P-tag, and adds a PW label and an outer tag into the packet before forwarding it.

- If the packet contains no P-tag, the PE directly adds a PW label and an outer tag into the packet before forwarding it.

¡ For a packet to a CE:

- If the access mode is configured as VLAN by using the ac interface command, the PE adds a P-tag into the packet before sending it to the CE.

- If the access mode is configured as Ethernet by using the ac interface command, the PE directly sends the packet to the CE.

You cannot rewrite or remove existing tags.

· VLAN—Packets transmitted over a PW must carry a P-tag.

¡ For a packet from a CE:

- If the peer PE does not require the ingress to rewrite the P-tag, the PE keeps the P-tag unchanged for the packet, and then encapsulates the packet. If the packet contains no P-tag, the PE adds a null label (the label value is 0) into the packet, and then encapsulates the packet.

- If the peer PE requires the ingress to rewrite the P-tag, the PE changes the P-tag to the expected VLAN tag (the tag value might be 0), and then adds a PW label and an outer tag into the packet. If the packet contains no P-tag, the PE adds a VLAN tag expected by the peer PE (the tag value might be 0), and then adds a PW label and an outer tag into the packet.

¡ For a packet to a CE:

- If the access mode is configured as VLAN by using the ac interface command, the PE rewrites or retains the P-tag before forwarding the packet.

- If the access mode is configured as Ethernet by using the ac interface command, the PE removes the P-tag before forwarding the packet.

· TDM-CESoPSN-Basic—Provides structured TDM transport of E1 or T1 frames through a PW.

· TDM-SAToP-E1—Provides unstructured, transparent TDM transport of E1 frames through a PW over the MPLS backbone. All time slots on an E1 interface are forwarded through the same PW.

Examples

# Configure the PW type as Ethernet.

<Sysname> system-view

[Sysname] pw-class pw100

[Sysname-pw-pw100] pw-type ethernet

Related commands

ac-interface

display l2vpn pw-class

revertive

Use revertive to specify the switchover mode and set the switchover wait time.

Use undo revertive to restore the default.

Syntax

revertive { wtr wtr-time | never }

undo revertive { wtr | never }

Default

The switchover mode is revertive and the switchover wait time is 0 seconds. When the primary PW recovers, traffic is immediately switched from the backup PW to the primary PW.

Views

Cross-connect view

Predefined user roles

network-admin

Parameters

wtr wtr-time: Specifies the switchover mode as revertive and specifies the wait time in the range of 0 to 3600 seconds. When the primary PW recovers, the PE waits for the specified time before switching traffic from the backup PW to the primary PW.

never: Specifies the switchover mode as non-revertive. After the primary PW recovers, traffic is not switched from the backup PW to the primary PW.

Examples

# Specify the revertive mode and set the switchover wait time to 120 seconds for cross-connect ac2pw in cross-connect group vpn1.

<Sysname> system-view

[Sysname] xconnect-group vpn1

[Sysname-xcg-vpn1] connection ac2pw

[Sysname-xcg-vpn1-ac2pw] revertive wtr 120

Related commands

display l2vpn pw

route-distinguisher

Use route-distinguisher to configure a route distinguisher (RD) for a BGP cross-connect group.

Use undo route-distinguisher to restore the default.

Syntax

route-distinguisher route-distinguisher

undo route-distinguisher

Default

No RD is configured for a BGP cross-connect group.

Views

Auto-discovery cross-connect group view

Predefined user roles

network-admin

Parameters

route-distinguisher: Specifies an RD, a string of 3 to 21 characters. An RD can be in one of the following formats:

· 16-bit AS number:32-bit user-defined number. For example, 101:3.

· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.

· 32-bit AS number:16-bit user-defined number, where the AS number must be equal to or greater than 65536. For example, 65536:1.

Usage guidelines

MPLS L2VPN uses RDs to differentiate the sites with the same site ID but in different VPNs.

BGP adds the configured RD before the site ID. The RD and the site ID uniquely identify a VPN site.

You cannot configure the same RD for different BGP cross-connect groups.

To modify an RD, execute the undo route-distinguisher command to remove the RD, and then execute the route-distinguisher command.

Examples

# Configure RD 22:2 for BGP cross-connect group bbb.

<Sysname> system-view

[Sysname] xconnect-group bbb

[Sysname-xcg-bbb] auto-discovery bgp

[Sysname-xcg-bbb-auto] route-distinguisher 22:2

rr-filter

Use rr-filter to create a route reflector (RR) reflection policy. Only the L2VPN information that contains the specified extended community number is reflected.

Use undo rr-filter to restore the default.

Syntax

rr-filter extended-community-number

undo rr-filter

Default

An RR does not filter reflected L2VPN information.

Views

BGP L2VPN address family view

Predefined user roles

network-admin

Parameters

extended-community-number: Specifies an extended community number in the range of 1 to 199.

Usage guidelines

By configuring different RR reflection policies on RRs in a cluster, you can implement load balancing among the RRs.

Examples

# Configure the RR to reflect only the BGP L2VPN information that contains the extended community number 10 in BGP instance default.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family l2vpn

[Sysname-bgp-default-l2vpn] rr-filter 10

# Configure the RR to reflect only the BGP L2VPN information that contains the extended community number 10 in BGP instance abc.

<Sysname> system-view

[Sysname] bgp 100 instance abc

[Sysname-bgp-abc] address-family l2vpn

[Sysname-bgp-abc-l2vpn] rr-filter 10

sequencing

Use sequencing to enable sequencing for packets on a PW.

Use undo sequencing to restore the default.

Syntax

sequencing both

undo sequencing both

Default

Sequencing is disabled for packets on a PW.

Views

PW class view

Predefined user roles

network-admin

Parameters

both: Enables sequencing for both incoming and outgoing packets on a PW.

Usage guidelines

During packet switching, packet disorder might occur due to load balancing or heavy forwarding load. To ensure that packets are forwarded correctly, enable packet sequencing on the ingress and egress PEs. Then, the ingress PE adds a sequence number to each packet on the PW, and the egress PE resequences the packets according to the sequence numbers.

If packet sequencing is enabled on the remote PE, not on the local PE, the local PE does not sequence the received packets with sequence numbers.

Examples

# Enable sequencing for both incoming and outgoing packets on PWs that use PW class aaa.

<Sysname> system-view

[Sysname] pw-class aaa

[Sysname-pwc-aaa] sequencing both

shutdown (cross-connect group view)

Use shutdown to disable a cross-connect group.

Use undo shutdown to enable a cross-connect group.

Syntax

shutdown

undo shutdown

Default

A cross-connect group is enabled.

Views

Cross-connect group view

Predefined user roles

network-admin

Usage guidelines

After you disable a cross-connect group, all cross-connects in the group cannot provide L2VPN services.

Use the shutdown command when you want to temporarily disable L2VPN. When a cross-connect group is disabled, you can still configure the cross-connect group. After the configuration, use the undo shutdown command to enable the cross-connect group. The cross-connect group will provide L2VPN services using the new settings.

Examples

# Disable cross-connect group vpn2.

<Sysname> system-view

[Sysname] xconnect-group vpn2

[Sysname-xcg-vpn2] shutdown

Related commands

display l2vpn xconnect-group

site

Use site to create a local site and enter its view, or enter the view of an existing local site.

Use undo site to delete a local site.

Syntax

site site-id [ range range-value ] [ default-offset default-offset ]

undo site site-id

Default

No sites exist.

Views

Auto-discovery cross-connect group view

Predefined user roles

network-admin

Parameters

site-id: Specifies a local site ID in the range of 0 to 256.

range range-value: Specifies the maximum number of sites in a VPN, in the range of 2 to 257. The default value is 10.

default-offset default-offset: Specifies the start site ID, 0 or 1. The default value is 0.

Usage guidelines

The range range-value and default-offset default-offset options determine the label block of the site.

· If you execute the site command with the range-value of range1, a label block with LR of range1 and LO of default-offset is assigned to the site.

· If you execute another site command with range-value of range2 (range2 is larger than range1), a second label block with LR of range2 to range1 and LO being range1 + default-offset is assigned to the site.

For example, if you execute the following commands, three label blocks LB1/0/10, LB2/10/12, and LB3/22/14 are assigned to site 1. LB1, LB2, and LB3 are automatically selected.

site 1 range 10 default-offset 0

site 1 range 22

site 1 range 36

You can create multiple local sites for a cross-connect group.

You can use the site command to increase the range value for an existing site. You cannot decrease the range value for an existing site with the site command. To decrease the range value, execute the undo site command to delete the site and then execute the site command.

Select a large range value to reduce future modifications for VPN expansion.

You cannot modify the default-offset for a site with the site command. To modify it, execute the undo site command to delete the site and then execute the site command.

Examples

# Create site 1, configure the VPN to contain a maximum of 30 sites, set the start site ID to 0 for cross-connect group bbb, and enter site view.

<Sysname> system-view

[Sysname] xconnect-group bbb

[Sysname-xcg-bbb] auto-discovery bgp

[Sysname-xcg-bbb-auto] site 1 range 30 default-offset 0

[Sysname-xcg-bbb-auto-1]

Related commands

display l2vpn pw

display l2vpn xconnect-group

snmp-agent trap enable l2vpn

Use snmp-agent trap enable l2vpn to enable SNMP notifications for L2VPN PW.

Use undo snmp-agent trap enable l2vpn to disable SNMP notifications for L2VPN PW.

Syntax

snmp-agent trap enable l2vpn [ pw-delete | pw-switch | pw-up-down ] *

undo snmp-agent trap enable l2vpn [ pw-delete | pw-switch | pw-up-down ] *

Default

SNMP notifications for L2VPN PW are disabled.

Views

System view

Predefined user roles

network-admin

Parameters

pw-delete: Enables PW deletion notifications.

pw-switch: Enables PW primary/backup switchover notifications.

pw-up-down: Enables PW up/down notifications.

Usage guidelines

This feature enables L2VPN to generate SNMP notifications when PW deletions, PW status changes, or PW switchovers occur. For L2VPN event notifications to be sent correctly, you must also configure SNMP on the device. For more information about SNMP configuration, see the network management and monitoring configuration guide for the device.

If you do not specify a notification, this command enables all notifications for L2VPN PW.

Examples

# Enable PW up/down notifications.

<Sysname> system-view

[Sysname] snmp-agent trap enable l2vpn pw-up-down

Related commands

display snmp-agent trap-list (Network Management and Monitoring Command Reference)

tunnel-policy (auto-discovery cross-connect view)

Use tunnel-policy to specify a tunnel policy for an auto-discovery cross-connect.

Use undo tunnel-policy to restore the default.

Syntax

tunnel-policy tunnel-policy-name

undo tunnel-policy

Default

No tunnel policy is specified.

Views

Auto-discovery cross-connect view

Predefined user roles

network-admin

Parameters

tunnel-policy-name: Specifies a tunnel policy by its name, a case-sensitive string of 1 to 19 characters.

Usage guidelines

The PWs on the auto-discovery cross-connect use the specified tunnel policy to select public tunnels.

If you do not specify a tunnel policy or specify a nonexistent tunnel policy, the default tunnel policy applies. The default tunnel policy selects only one public tunnel for a PW in this order: LSP tunnel, GRE tunnel, CRLSP tunnel.

Examples

# Specify tunnel policy policy1 for the auto-discovery cross-connect in cross-connect group bbb.

<Sysname> system-view

[Sysname] tunnel-policy policy1

[Sysname-tunnel-policy-policy1] quit

[Sysname] xconnect-group bbb

[Sysname-xcg-bbb] auto-discovery bgp

[Sysname-xcg-bbb-auto] site 2 range 10 default-offset 0

[Sysname-xcg-bbb-auto-2] connection remote-site-id 3

[Sysname-xcg-bbb-auto-2-3] tunnel-policy policy1

Related commands

tunnel-policy (system view)

vpn-target

Use vpn-target to configure route targets for a cross-connect group.

Use undo vpn-target to remove the specified or all route targets for a cross-connect group.

Syntax

vpn-target vpn-target&<1-8> [ both | export-extcommunity | import-extcommunity ]

undo vpn-target { vpn-target&<1-8> | all } [ both | export-extcommunity | import-extcommunity ]

Default

No route targets are configured for a cross-connect group.

Views

Auto-discovery cross-connect group view

Predefined user roles

network-admin

Parameters

vpn-target&<1-8>: Specifies a space-separated list of route targets. You can specify a maximum of eight route targets each time you execute this command.

A route target is a string of 3 to 21 characters in one of the following formats:

· 16-bit AS number:32-bit user-defined number. For example, 101:3.

· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.

· 32-bit AS number:16-bit user-defined number, where the AS number must be equal to or greater than 65536. For example, 65536:1.

both: Uses the specified route targets as both import targets and export targets. The both keyword is used when you do not specify any of both, export-extcommunity, and import-extcommunity.

export-extcommunity: Uses the specified route targets as export targets.

import-extcommunity: Uses the specified route targets as import targets.

all: Removes all route targets.

Usage guidelines

A local PE sets the route targets as export targets in BGP update messages when it advertises L2VPN information through the update messages to a remote peer. The peer uses its import targets to match the received export targets. If a match is found, the peer accepts the L2VPN information.

Examples

# Configure import route targets as 10:1 100:1 1000:1 and export route targets as 20:1 200:1 2000:1 for BGP cross-connect group bbb.

<Sysname> system-view

[Sysname] xconnect-group bbb

[Sysname-xcg-bbb] auto-discovery bgp

[Sysname-xcg-bbb-auto] vpn-target 10:1 100:1 1000:1 import-extcommunity

[Sysname-xcg-bbb-auto] vpn-target 20:1 200:1 2000:1 export-extcommunity

xconnect-group

Use xconnect-group to create a cross-connect group and enter its view, or enter the view of an existing cross-connect group.

Use undo xconnect-group to delete a cross-connect group.

Syntax

xconnect-group group-name

undo xconnect-group group-name

Default

No cross-connect groups exist.

Views

System view

Predefined user roles

network-admin

Parameters

group-name: Specifies a name for the cross-connect group, a case-sensitive string of 1 to 31 characters excluding hyphens.

Usage guidelines

L2VPN can create multiple LDP, BGP, and static PWs for a cross-connect group.

Examples

# Create a cross-connect group named vpn1 and enter cross-connect group view.

<Sysname> system-view

[Sysname] xconnect-group vpn1

[Sysname-xcg-vpn1]

Related commands

display l2vpn xconnect-group

L2VPN access to L3VPN or IP backbone commands

The following matrix shows the feature and hardware compatibility:

Hardware	L2VPN access to L3VPN or IP backbone compatibility
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No
MSR2600-6-X1/2600-10-X1	Yes
MSR 2630	Yes
MSR3600-28/3600-51	Yes
MSR3600-28-SI/3600-51-SI	No
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes
MSR 3610/3620/3620-DP/3640/3660	Yes
MSR5620/5660/5680	Yes

Hardware	L2VPN access to L3VPN or IP backbone compatibility
MSR810-LM-GL	No
MSR810-W-LM-GL	No
MSR830-6EI-GL	No
MSR830-10EI-GL	No
MSR830-6HI-GL	No
MSR830-10HI-GL	No
MSR2600-6-X1-GL	Yes
MSR3600-28-SI-GL	No

bandwidth

Use bandwidth to set the expected bandwidth for an interface.

Use undo bandwidth to restore the default.

Syntax

bandwidth bandwidth-value

undo bandwidth

Default

The expected bandwidth is 100000 kbps.

Views

L2VE interface view

L3VE interface view

Predefined user roles

network-admin

Parameters

bandwidth-value: Specifies the expected bandwidth in the range of 1 to 400000000 kbps.

Usage guidelines

The expected bandwidth for an interface affects the CBQ bandwidth and the link costs in OSPF, OSPFv3, and IS-IS. For more information, see ACL and QoS Configuration Guide and Layer 3—IP Routing Configuration Guide.

Examples

# Set the expected bandwidth for VE-L2VPN 100 to 10000 kbps.

<Sysname> system-view

[Sysname] interface ve-l2vpn 100

[Sysname-VE-L2VPN100] bandwidth 10000

# Set the expected bandwidth for VE-L3VPN 100 to 10000 kbps.

<Sysname> system-view

[Sysname] interface ve-l3vpn 100

[Sysname-VE-L3VPN100] bandwidth 10000

default

Use default to restore the default settings for an interface.

Syntax

default

Views

L2VE interface view

L3VE interface view

Predefined user roles

network-admin

Usage guidelines

CAUTION:

The default command might interrupt ongoing network services. Make sure you are fully aware of the impact of this command when you use it on a live network.

This command might fail to restore the default settings for some commands for reasons such as command dependencies or system restrictions. Use the display this command in interface view to identify these commands. Use their undo forms or follow the command reference to restore their default settings. If your restoration attempt still fails, follow the error message instructions to resolve the problem.

Examples

# Restore the default settings for interface VE-L2VPN 100.

<Sysname> system-view

[Sysname] interface ve-l2vpn 100

[Sysname-VE-L2VPN100] default

This command will restore the default settings. Continue? [Y/N]:y

# Restore the default settings for interface VE-L3VPN 100.

<Sysname> system-view

[Sysname] interface ve-l3vpn 100

[Sysname-VE-L3VPN100] default

This command will restore the default settings. Continue? [Y/N]:y

description

Use description to configure a description for an interface.

Use undo description to restore the default.

Syntax

description text

undo description

Default

The description for an interface is VE-L2VPNnumber Interface, for example, VE-L2VPN100 Interface.

Views

L2VE interface view

L3VE interface view

Predefined user roles

network-admin

Parameters

text: Specifies a description, a case-sensitive string of 1 to 255 characters.

Usage guidelines

Configure descriptions for different interfaces for identification and management purposes.

You can use the display interface command to display the configured interface description.

Examples

# Configure a description for interface VE-L2VPN 100 as L2VPN-Terminate.

<Sysname> system-view

[Sysname] interface ve-l2vpn 100

[Sysname-VE-L2VPN100] description L2VPN-Terminate

# Configure a description for interface VE-L3VPN 100 as L3VPN-Access.

<Sysname> system-view

[Sysname] interface ve-l3vpn 100

[Sysname-VE-L3VPN100] description L3VPN-Access

display interface

Use display interface to display interface information.

Syntax

display interface [ ve-l2vpn [ interface-number ] | ve-l3vpn [ interface-number ] ] [ brief [ description | down ] ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

ve-l2vpn: Displays information about L2VE interfaces.

ve-l3vpn: Displays information about L3VE interfaces.

interface-number: Specifies the number of an existing L2VE interface or an L3VE interface.

brief: Displays brief interface information. If you do not specify this keyword, the command displays detailed interface information.

description: Displays complete interface descriptions. If you do not specify this keyword, the command displays only the first 27 characters of interface descriptions.

down: Displays information about interfaces in the physical state of DOWN and the causes. If you do not specify this keyword, the command displays information about interfaces in all states.

Usage guidelines

If you do not specify an interface type, this command displays information about both L2VE and L3VE interfaces on the device.

If you specify an interface type but no interface number, this command displays information about all interfaces of the specified type.

If you specify both an interface type and an interface number, this command displays information about the specified interface.

Examples

# Display information about interface VE-L2VPN 100.

<Sysname> display interface ve-l2vpn 100

VE-L2VPN100

Current state: UP

Line protocol state: UP

Description: VE-L2VPN100 Interface

Bandwidth: 100000kbps

Maximum Transmit Unit: 1500

Internet protocol processing: disabled

IP Packet Frame Type:PKTFMT_ETHNT_2, Hardware Address: 0011-2200-0202

IPv6 Packet Frame Type:PKTFMT_ETHNT_2, Hardware Address: 0011-2200-0202

Link service is PWE3 ethernet mode

Physical: L2VE, baudrate: 100000000 bps

Last clearing of counters: Never

Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec

Last 300 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec

Input: 0 packets, 0 bytes, 0 drops

Output: 0 packets, 0 bytes, 0 drops

Table 105 Command output

Field	Description
VE-L2VPN100	Information about interface VE-L2VPN 100.
Current state	State of the interface: · Administratively DOWN—The interface has been shut down by using the shutdown command. · DOWN—The interface is administratively up, but its physical state is down. · UP—Both the administrative and physical states of the interface are up.
Line protocol state	Link layer protocol state of the interface. The value is determined by parameter negotiation on the link layer. · UP—The protocol state of the interface is up. · UP (spoofing)—The link protocol state of the interface is up, but the link is temporarily set up on demand or does not exist. This attribute is available for null interfaces and loopback interfaces. · DOWN—The protocol state of the interface is down.
Description	Description for the interface.
Bandwidth	Expected bandwidth for the interface, in kbps.
Maximum Transmit Unit	MTU of the interface.
Internet protocol processing	IP address of the interface. If no IP address is assigned to the interface, this field displays Internet protocol processing: disabled, and the interface cannot process packets. Primary indicates that it is the primary IP address of the interface.
Link service	Link service mode: · VPLS mode—This mode is available when the interface is bound with a VPLS instance. For more information about VPLS instances, see "Configuring VPLS." · PWE3 ethernet mode—This mode is available when the interface is associated with a PW whose encapsulation type is Ethernet. For more information about PWs, see "Configuring MPLS L2VPN." · PWE3 vlan mode—This mode is available when the interface is associated with a PW whose encapsulation type is VLAN. For more information about PWs, see "Configuring MPLS L2VPN."
Physical	Physical type of the interface: · L2VE—L2VE interface for terminating an MPLS L2VPN. · L3VE—L3VE interface for accessing an MPLS L3VPN or IP backbone.
Baudrate	Baud rate of the interface.
Last clearing of counters	Last time the counters were cleared by using the reset counters interface command. If the reset counters interface command has never been executed since the device started up, this field displays Never.
Last 300 seconds input rate	Average input rate in the last 300 seconds.
Last 300 seconds output rate	Average output rate in the last 300 seconds.

# Display brief information about all L2VE interfaces.

<Sysname> display interface ve-l2vpn brief

Brief information of interface(s) under route mode:

Link: ADM - administratively down; Stby - standby

Protocol: (s) - spoofing

Interface Link Protocol Main IP Description

L2VE20 DOWN DOWN --

# Display brief information about interface VE-L2VPN 2, including the entire interface description.

<Sysname> display interface ve-l2vpn 2 brief description

Brief information of interface(s) under route mode:

Link: ADM - administratively down; Stby - standby

Protocol: (s) - spoofing

Interface Link Protocol Main IP Description

L2VE2 UP UP 1.1.1.1 L2VPN-Terminate

# Display information about interfaces in the physical state of DOWN and the causes.

<Sysname> display interface brief down

Brief information of interface(s) under route mode:

Link: ADM - administratively down; Stby - standby

Interface Link Cause

L2VE20 DOWN Administratively

L3VE20 DOWN Administratively

Table 106 Command output

Field	Description
Brief information of interface(s) under route mode:	Brief information about Layer 3 interfaces.
Link: ADM - administratively down; Stby - standby	Link status: · ADM—The interface has been administratively shut down. To bring it up, use the undo shutdown command. · Stby—The interface is a backup interface. To show the primary interface, use the display interface-backup state command.
Protocol: (s) - spoofing	(s) indicates that the link layer protocol state is UP, but the link is not available because it is an on-demand link or not present at all.
Interface	Abbreviated interface name.
Link	Link state of the interface: · UP—The link is physically up. · DOWN—The link is physically down. · ADM—The link has been administratively shut down. To bring it up, use the undo shutdown command. · Stby—The interface is a backup interface. To display the primary interface, use the display interface-backup state command.
Protocol	Link layer protocol state whose value is determined by parameter negotiation on the link layer: · UP—The protocol state of the interface is up. · UP (s)—The link protocol state of the interface is up, but the link is temporarily set up on demand or does not exist. This attribute is available for null interfaces and loopback interfaces. · DOWN—The protocol state of the interface is down.
Main IP	Primary IP address of the interface.
Description	Description for the interface.
Cause	Causes for the link state of DOWN: · Administratively—The link has been shut down by using the shutdown command. To bring it up, use the undo shutdown command. · Not connected—The tunnel is not established.

Related commands

reset counters interface

interface ve-l2vpn

Use interface ve-l2vpn to create an L2VE interface and enter its view, or enter the view of an existing L2VE interface.

Use undo interface ve-l2vpn to delete an L2VE interface.

Syntax

interface ve-l2vpn interface-number

undo interface ve-l2vpn interface-number

Default

No L2VE interfaces exist.

Views

System view

Predefined user roles

network-admin

Parameters

interface-number: Specifies the L2VE interface number in the range of 1 to 8192.

Usage guidelines

A VE-L2VPN interface (an L2VE interface) terminates MPLS L2VPN packets. The L2VE interface performs the following operations:

· Removes the MPLS label from an MPLS L2VPN packet.

· Sends the original Layer 2 packet to an L3VE interface that has the same interface number as the L2VE interface.

Examples

# Create L2VE interface VE-L2VPN 100, and enter L2VE interface view.

<Sysname> system-view

[Sysname] interface ve-l2vpn 100

[Sysname-VE-L2VPN100]

interface ve-l3vpn

Use interface ve-l3vpn to create an L3VE interface and enter its view, or enter the view of an existing L3VE interface.

Use undo interface ve-l3vpn to delete an L3VE interface.

Syntax

interface ve-l3vpn interface-number

undo interface ve-l3vpn interface-number

Default

No L3VE interfaces exist.

Views

System view

Predefined user roles

network-admin

Parameters

interface-number: Specifies the L3VE interface number in the range of 1 to 8192.

Usage guidelines

A VE-L3VPN interface (an L3VE interface) provides access to an MPLS L3VPN or IP backbone for packets. The L3VE interface forwards packets received from the backbone to an L2VE interface that has the same interface number as the L3VE interface.

Examples

# Create L3VE interface VE-L3VPN 100, and enter L3VE interface view.

<Sysname> system-view

[Sysname] interface ve-l3vpn 100

[Sysname-VE-L3VPN100] quit

mtu

Use mtu to set the MTU for an interface.

Use undo mtu to restore the default.

Syntax

mtu size

undo mtu

Default

The MTU of an interface is 1500 bytes.

Views

L2VE interface view

L3VE interface view

Predefined user roles

network-admin

Parameters

mtu-size: Specifies the MTU in the range of 46 to 1560 bytes.

Examples

# Set the MTU for interface VE-L2VPN 100 to 1430 bytes.

<Sysname> system-view

[Sysname] interface ve-l2vpn 100

[Sysname-VE-L2VPN100] mtu 1430

# Set the MTU for interface VE-L3VPN 100 to 1430 bytes.

<Sysname> system-view

[Sysname] interface ve-l3vpn 100

[Sysname-VE-L3VPN100] mtu 1430

reset counters interface

Use reset counters interface to clear interface statistics.

Syntax

reset counters interface [ ve-l2vpn [ interface-number ] | ve-l3vpn [ interface-number ] ]

Views

User view

Predefined user roles

network-admin

Parameters

ve-l2vpn: Clears statistics for L2VE interfaces.

ve-l3vpn: Clears statistics for L3VE interfaces.

interface-number: Specifies the number of an existing L2VE interface or an L3VE interface.

Usage guidelines

If you do not specify an interface type, this command clears statistics for both L2VE and L3VE interfaces on the device.

If you specify an interface type but no interface number, this command clears statistics for all interfaces of the specified type.

If you specify both an interface type and an interface number, this command clears statistics for the specified interface.

Examples

# Clear statistics for interface VE-L2VPN 100.

<Sysname> reset counters interface ve-l2vpn 100

# Clear statistics for interface VE-L3VPN 100.

<Sysname> reset counters interface ve-l3vpn 100

Related commands

display interface

shutdown

Use shutdown to shut down an interface.

Use undo shutdown to bring up an interface.

Syntax

shutdown

undo shutdown

Default

L2VE interfaces and L3VE interfaces are up.

Views

L2VE interface view

L3VE interface view

Predefined user roles

network-admin

Examples

# Shut down interface VE-L2VPN 100.

<Sysname> system-view

[Sysname] interface ve-l2vpn 100

[Sysname-VE-L2VPN100] shutdown

# Shut down interface VE-L3VPN 100.

<Sysname> system-view

[Sysname] interface ve-l3vpn 100

[Sysname-VE-L3VPN100] shutdown

MPLS OAM commands

The following matrix shows the feature and hardware compatibility:

Hardware	MPLS OAM compatibility
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No
MSR2600-6-X1/2600-10-X1	Yes
MSR 2630	Yes
MSR3600-28/3600-51	Yes
MSR3600-28-SI/3600-51-SI	No
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes
MSR 3610/3620/3620-DP/3640/3660	Yes
MSR5620/5660/5680	Yes

Hardware	MPLS OAM compatibility
MSR810-LM-GL	No
MSR810-W-LM-GL	No
MSR830-6EI-GL	No
MSR830-10EI-GL	No
MSR830-6HI-GL	No
MSR830-10HI-GL	No
MSR2600-6-X1-GL	Yes
MSR3600-28-SI-GL	No

bfd discriminator

Use bfd discriminator to set local and remote discriminators for the BFD session used to verify PW connectivity.

Use undo bfd discriminator to restore the default.

Syntax

bfd discriminator local local-id remote remote-id

undo bfd discriminator

Default

No local or remote discriminators are set for the BFD session used to verify PW connectivity. The system automatically assigns local and remote discriminators to the BFD session.

Views

Cross-connect backup PW view

Cross-connect PW view

VSI LDP backup PW view

VSI LDP PW view

VSI static backup PW view

VSI static PW view

Predefined user roles

network-admin

Parameters

local local-id: Specifies the local discriminator value for the BFD session.

The following matrix shows the value ranges for the local-id argument:

Hardware	Argument compatibility	Value range
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No	N/A
MSR2600-6-X1/2600-10-X1	Yes	1 to 32
MSR 2630	Yes	1 to 32
MSR3600-28/3600-51	Yes	1 to 32
MSR3600-28-SI/3600-51-SI	No	N/A
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes	1 to 512
MSR 3610/3620/3620-DP/3640/3660	Yes	1 to 512
MSR5620/5660/5680	Yes	1 to 1024

Hardware	Argument compatibility	Value range
MSR810-LM-GL	No	N/A
MSR810-W-LM-GL	No	N/A
MSR830-6EI-GL	No	N/A
MSR830-10EI-GL	No	N/A
MSR830-6HI-GL	No	N/A
MSR830-10HI-GL	No	N/A
MSR2600-6-X1-GL	Yes	1 to 32
MSR3600-28-SI-GL	No	N/A

remote remote-id: Specifies the remote discriminator value for the BFD session, in the range of 1 to 4294967295.

Usage guidelines

A BFD session for PW connectivity verification can be established in one of the following modes:

· Static mode—Specify the local and remote discriminator values by using the bfd discriminator command. You must specify the discriminators on both the local and remote PEs. Make sure the local discriminator and remote discriminator on the local PE are the same as the remote discriminator and local discriminator on the remote PE, respectively. Otherwise, the BFD session cannot be established for the PW.

· Dynamic mode—If you do not specify local and remote discriminators, the system automatically runs MPLS ping to negotiate the discriminator values.

Examples

# In VSI LDP PW view, set both the local and remote discriminator values to 1 for the BFD session used to verify PW connectivity.

<Sysname> system-view

[Sysname] vsi ttt

[Sysname-vsi-ttt] pwsignaling ldp

[Sysname-vsi-ttt-ldp] peer 22.22.2.2 pw-id 1 pw-class ttt

[Sysname-vsi-ttt-ldp-22.22.2.2-1] bfd discriminator local 1 remote 1

Related commands

display l2vpn pw bfd

mpls bfd enable

vccv bfd

vccv cc

bfd ip-router-alert

Use bfd ip-router-alert to add the Router Alert option in BFD packets for LSP connectivity verification.

Use undo bfd ip-router-alert to remove the Router Alert option in BFD packets for LSP connectivity verification.

Syntax

bfd ip-router-alert

undo bfd ip-router-alert

Default

The device sends BFD packets carrying the Router Alert option to detect an LSP.

Views

System view

Predefined user roles

network-admin

network-operator

Usage guidelines

Execute the undo bfd ip-router-alert command on the local device if the peer device cannot identify the Router Alert option in BFD packets.

This command takes effect only on BFD sessions that come up after this command is executed.

Examples

# Remove the Router Alert option in BFD packets.

<Sysname> system-view

[Sysname] undo bfd ip-router-alert

display l2vpn pw bfd

Use display l2vpn pw bfd to display BFD information for PWs.

Syntax

display l2vpn pw bfd [ peer peer-ip pw-id pw-id ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

peer peer-ip pw-id pw-id: Specifies a PW. The peer-ip argument specifies the LSR ID for the peer PE of the PW. The pw-id argument specifies the PW ID in the range of 1 to 4294967295. If you do not specify a PW, this command displays BFD information for all PWs.

Examples

# Display BFD information for all PWs.

<Sysname> display l2vpn pw bfd

Total number of sessions: 1, 1 up, 0 down, 0 init

FEC Type: PW FEC-128

FEC Info:

Peer IP: 22.22.2.2

PW ID: 1

VSI Index: 0 Link ID: 8

Local Discr: 514 Remote Discr: 514

Source IP: 11.11.1.1 Destination IP: 127.0.0.2

Session State: Up Session Role: Active

Template Name: -

Table 107 Command output

Field	Description
Peer IP	LSR ID of the peer PE.
VSI Index	Index of the VSI to which the PW belongs. This field is displayed when the PW is a VPLS PW.
Connection ID	ID of the cross-connect to which the PW belongs. This field is displayed when the PW is a VPWS PW.
Link ID	Link ID of the PW.
Local Discr	Local discriminator of the BFD session.
Remote Discr	Remote discriminator of the BFD session.
Source IP	Source IP of the BFD session, which is the MPLS LSR ID of the local PE.
Destination IP	Destination IP address of the BFD session, which is on subnet 127.0.0.0/8.
Session State	BFD session state: · Init—BFD session is in initialization state. · Up—BFD session is up. · Down—BFD session is down.
Session Role	Role of the local PE in the BFD session: · Active—Sender of the BFD session. · Passive—Receiver of the BFD session.
Template Name	Name of the BFD session parameter template.

Related commands

bfd discriminator

vccv bfd

vccv cc

display mpls bfd

Use display mpls bfd to display BFD information for LSP tunnels or MPLS TE tunnels.

Syntax

display mpls bfd [ ipv4 ipv4-address mask-length | te tunnel tunnel-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

ipv4 ipv4-address mask-length: Specifies an FEC by a destination IP address and mask length. The mask length is in the range of 0 to 32.

te tunnel tunnel-number: Specifies an MPLS TE tunnel by the tunnel interface number.

Usage guidelines

If you do not specify any parameters, this command displays BFD information for all LSP tunnels and all MPLS TE tunnels.

Examples

# Display BFD information for the LSPs to destination 22.22.2.2/32.

<Sysname> display mpls bfd ipv4 22.22.2.2 32

Total number of sessions: 1, 1 up, 0 down, 0 init

FEC Type: LSP

FEC Info:

Destination: 22.22.2.2

Mask Length: 32

NHLFE ID: 1025

Local Discr: 513 Remote Discr: 513

Source IP: 11.11.1.1 Destination IP: 127.0.0.1

Session State: Up Session Role: Passive

Template Name: -

# Display BFD information for the MPLS TE tunnel interface tunnel 1.

<Sysname> display mpls bfd te tunnel 1

Total number of sessions: 1, 1 up, 0 down, 0 init

FEC Type: TE Tunnel

FEC Info:

Source : 100.1.1.1

Destination: 200.1.1.1

Tunnel ID : 1

LSP ID : 100

NHLFE ID: 1025

Local Discr: 513 Remote Discr: 513

Source IP: 11.11.1.1 Destination IP: 127.0.0.1

Session State: Up Session Role: Passive

Template Name: -

Table 108 Command output

Field	Description
Local Discr	Local discriminator of the BFD session.
Remote Discr	Remote discriminator of the BFD session.
Source IP	Source IP of the BFD session, which is the MPLS LSR ID of the local PE.
Destination IP	Destination IP address of the BFD session. At the ingress node, it is an address on subnet 127.0.0.0/8. At the egress node, it is the MPLS LSR ID of the ingress node.
Session State	BFD session state: · Init—BFD session is in initialization state. · Up—BFD session is up. · Down—BFD session is down.
Session Role	Role of the local PE in the BFD session: · Active—Initiator of the BFD session. · Passive—Responder of the BFD session.
Template Name	Name of the BFD session parameter template.

Related commands

mpls bfd (for LSP)

mpls bfd (for TE tunnel)

mpls bfd enable

Use mpls bfd enable to enable BFD for MPLS.

Use undo mpls bfd enable to disable BFD for MPLS.

Syntax

mpls bfd enable

undo mpls bfd enable

Default

BFD for MPLS is disabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

To use BFD to verify LSP, PW, or TE tunnel connectivity, you must use this command to enable BFD for MPLS. Otherwise, the BFD session cannot be established after you execute the mpls bfd (for LSP), mpls bfd (for TE tunnel), or vccv bfd command.

Examples

# Enable BFD for MPLS.

<Sysname> system-view

[Sysname] mpls bfd enable

mpls bfd (for LSP)

Use mpls bfd to enable BFD for LSPs associated with an FEC.

Use undo mpls bfd to disable BFD for LSPs associated with an FEC.

Syntax

mpls bfd dest-addr mask-length [ nexthop nexthop-address [ discriminator local local-id remote remote-id ] ] [ template template-name ]

undo mpls bfd dest-addr mask-length [ nexthop nexthop-address ]

Default

BFD is not used to verify LSP connectivity for an FEC.

Views

System view

Predefined user roles

network-admin

Parameters

dest-addr mask-length: Specifies an FEC by a destination IP address and mask length. The mask length is in the range of 0 to 32.

nexthop nexthop-address: Specifies the next hop address of the FEC. If you specify the FEC next hop, BFD verifies the specified LSP. If you do not specify a next hop, BFD verifies all LSPs for the FEC.

discriminator: Specifies discriminator values for the BFD session.

local local-id: Specifies the local discriminator value for the BFD session.

The following matrix shows the value ranges for the local-id argument:

Hardware	Argument compatibility	Value range
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No	N/A
MSR2600-6-X1/2600-10-X1	Yes	1 to 32
MSR 2630	Yes	1 to 32
MSR3600-28/3600-51	Yes	1 to 32
MSR3600-28-SI/3600-51-SI	No	N/A
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes	1 to 512
MSR 3610/3620/3620-DP/3640/3660	Yes	1 to 512
MSR5620/5660/5680	Yes	1 to 1024

Hardware	Argument compatibility	Value range
MSR810-LM-GL	No	N/A
MSR810-W-LM-GL	No	N/A
MSR830-6EI-GL	No	N/A
MSR830-10EI-GL	No	N/A
MSR830-6HI-GL	No	N/A
MSR830-10HI-GL	No	N/A
MSR2600-6-X1-GL	Yes	1 to 32
MSR3600-28-SI-GL	No	N/A

remote remote-id: Specifies the remote discriminator value for the BFD session, in the range of 1 to 4294967295.

template template-name: Specifies a BFD session parameter template by its name, a case-sensitive string of 1 to 63 characters. If you do not specify a template, BFD uses the multihop BFD session parameters configured in system view.

Usage guidelines

After you enable BFD for MPLS and execute the mpls bfd command, the device creates a BFD session for each LSP associated with the specified FEC. When an LSP fails, BFD can quickly detect the failure and notify the device to take an action, such as switching traffic to the backup LSP.

A BFD session for LSP connectivity verification can be established in one of the following modes:

· Static mode—Specify the local and remote discriminator values by using the discriminator keyword in the mpls bfd command. You must enable BFD for MPLS and configure the mpls bfd command on both the local and remote devices. Make sure the discriminators configured on the local device match those configured on the remote device. A static BFD session verifies connectivity of a pair of LSPs in opposite directions between two devices.

· Dynamic mode—If you do not specify local and remote discriminators, the system automatically runs MPLS ping to negotiate the discriminator values. You must enable BFD for MPLS on both the local and remote devices, but the mpls bfd command is not needed on the remote PE. A dynamic BFD session verifies the connectivity of a unidirectional LSP from the local device to the remote device.

The source address of the BFD session is the MPLS LSR ID of the local device. Before configuring BFD for the LSP tunnel, perform the following tasks:

1. Configure an MPLS LSR ID for the local device.

2. Make sure a route is available on the remote device to reach the MPLS LSR ID.

Examples

# Use BFD to verify the connectivity of the LSPs to destination 22.22.2.2/32.

<Sysname> system-view

[Sysname] mpls bfd enable

[Sysname] mpls bfd 22.22.2.2 32

# Use BFD to verify the connectivity of the LSP with destination 22.22.2.2/32 and next hop 12.0.0.2.

<Sysname> system-view

[Sysname] mpls bfd enable

[Sysname] mpls bfd 22.22.2.2 32 nexthop 12.0.0.2

# Use BFD to verify the connectivity of the LSP with destination 22.22.2.2/32 and next hop 12.0.0.2. Set both the local and remote discriminators to 1, and use the BFD session parameter template test.

<Sysname> system-view

[Sysname] mpls bfd enable

[Sysname] mpls bfd 22.22.2.2 32 nexthop 12.0.0.2 discriminator local 1 remote 1 template test

Related commands

display mpls bfd

mpls bfd enable

mpls bfd (for TE tunnel)

Use mpls bfd to enable BFD on an MPLS TE tunnel.

Use undo mpls bfd to restore the default.

Syntax

mpls bfd [ discriminator local local-id remote remote-id ] [ template template-name ]

undo mpls bfd

Default

BFD is not enabled on an MPLS TE tunnel.

Views

Tunnel interface view

Predefined user roles

network-admin

Parameters

discriminator: Specifies discriminator values for the BFD session.

local local-id: Specifies the local discriminator value for the BFD session.

The following matrix shows the value ranges for the local-id argument:

Hardware	Argument compatibility	Value range
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No	N/A
MSR2600-6-X1/2600-10-X1	Yes	1 to 32
MSR 2630	Yes	1 to 32
MSR3600-28/3600-51	Yes	1 to 32
MSR3600-28-SI/3600-51-SI	No	N/A
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes	1 to 512
MSR 3610/3620/3620-DP/3640/3660	Yes	1 to 512
MSR5620/5660/5680	Yes	1 to 1024

Hardware	Argument compatibility	Value range
MSR810-LM-GL	No	N/A
MSR810-W-LM-GL	No	N/A
MSR830-6EI-GL	No	N/A
MSR830-10EI-GL	No	N/A
MSR830-6HI-GL	No	N/A
MSR830-10HI-GL	No	N/A
MSR2600-6-X1-GL	Yes	1 to 32
MSR3600-28-SI-GL	No	N/A

remote remote-id: Specifies the remote discriminator value for the BFD session, in the range of 1 to 4294967295.

template template-name: Specifies a BFD session parameter template by its name, a case-sensitive string of 1 to 63 characters. If you do not specify a template, BFD uses the BFD session parameters configured in tunnel interface view.

Usage guidelines

After you enable BFD for MPLS and execute the mpls bfd command, the device creates a BFD session on the MPLS TE tunnel. When the MPLS TE tunnel fails, BFD can quickly detect the failure and notify the device to take an action, such as switching traffic to the backup tunnel.

A BFD session can be established in one of the following modes:

· Static mode—Specify the local and remote discriminators by using the discriminator keyword in the mpls bfd command. You must enable BFD for MPLS and configure the mpls bfd command on both the local and remote devices. Make sure the local discriminator and remote discriminator on the local device are the same as the remote discriminator and local discriminator on the remote device, respectively. A static BFD session verifies the connectivity of a pair of MPLS TE tunnels in opposite directions between two devices.

· Dynamic mode—If you do not specify local and remote discriminators, the system automatically runs MPLS ping to negotiate the discriminator values. You must enable BFD for MPLS on both the local and remote devices, but the mpls bfd command is not needed on the remote device. A dynamic BFD session verifies the connectivity of a unidirectional MPLS TE tunnel from the local device to the remote device.

The source address of the BFD session is the MPLS LSR ID of the local device. Before configuring BFD for the MPLS TE tunnel, perform the following tasks:

1. Configure an MPLS LSR ID for the local device.

2. Make sure a route is available on the remote device to reach the MPLS LSR ID.

Examples

# Enable BFD for the MPLS TE tunnel interface Tunnel 1, and use the BFD session parameter template test.

<Sysname> system-view

[Sysname] mpls bfd enable

[Sysname] interface Tunnel 1

[Sysname-Tunnel1] mpls bfd template test

# Enable BFD for the MPLS TE tunnel interface Tunnel 1, and set the local and remote discriminators both to 1.

<Sysname> system-view

[Sysname] mpls bfd enable

[Sysname] interface Tunnel 1

[Sysname-Tunnel1] mpls bfd discriminator local 1 remote 1

Related commands

display mpls bfd

mpls bfd enable

mpls periodic-tracert (for LSP)

Use mpls periodic-tracert to enable periodic tracert of LSPs for an FEC.

Use undo mpls periodic-tracert to disable periodic tracert of LSPs for an FEC.

Syntax

undo mpls periodic-tracert dest-addr mask-length

Default

Periodic tracert of LSPs for an FEC is disabled.

Views

System view

Predefined user roles

network-admin

Parameters

dest-addr mask-length: Specifies an FEC by a destination IP address and mask length. The mask length is in the range of 0 to 32.

-a source-ip: Specifies the source address for MPLS echo request packets. If you do not specify this option, the device uses the MPLS LSR ID as the source address for MPLS echo requests.

-exp exp-value: Specifies the EXP value for MPLS echo request packets, in the range of 0 to 7. The default is 0.

-h ttl-value: Specifies the maximum TTL value for MPLS echo request packets (the maximum number of hops to be inspected). The value range for the ttl-value argument is 1 to 255, and the default is 30.

-m wait-time: Specifies the interval at which tracert is performed. The value range is 15 to 120 minutes. The default is 60 minutes.

-rtos tos-value: Specifies the ToS value in the IP header of an MPLS echo reply packet. The value range is 0 to 7, and the default value is 6.

-t time-out: Specifies the timeout interval for the reply to an MPLS echo request. The value range is 0 to 65535 milliseconds, and the default is 2000 milliseconds.

-u retry-attempt: Specifies the maximum number of retransmissions of an MPLS echo request if no reply is received. The value range is 1 to 9, and the default value is 3.

fec-check: Checks the FEC stack at transit nodes.

Usage guidelines

The periodic MPLS tracert feature automatically traces an LSP tunnel at intervals. It locates errors on the LSP tunnel, verifies the consistency of the data plane and control plane, and records the detected errors into system logs. You can check the logs to monitor LSP connectivity.

If both BFD and periodic MPLS tracert are configured for an LSP, both feature take effect. When periodic MPLS tracert detects a data plane failure or an inconsistency between data plane and control plane, the device performs the following operations:

1. Deletes the BFD session for the LSP.

2. Re-establishes the BFD session based on the control plane.

Before you execute this command, execute the mpls bfd enable command.

Examples

# Enable periodic tracert for LSPs to destination 11.11.1.1/32.

<Sysname> system-view

[Sysname] mpls bfd enable

[Sysname] mpls periodic-tracert 11.11.1.1 32

Related commands

mpls bfd enable

mpls bfd (for LSP)

ping mpls ipv4

Use ping mpls ipv4 to verify MPLS LSP connectivity for an IPv4 prefix.

Syntax

Views

Any view

Predefined user roles

network-admin

Parameters

-a source-ip: Specifies the source address for MPLS echo request packets. If you do not specify this option, the device uses the primary IP address of the outgoing interface as the source address for MPLS echo requests.

-c count: Specifies the number of MPLS echo request packets to be sent with the same destination address in the IP header. The value range is 1 to 4294967295. The default is 5.

-exp exp-value: Specifies the EXP value for MPLS echo request packets, in the range of 0 to 7. The default is 0.

-h ttl-value: Specifies the TTL value for MPLS echo request packets, in the range of 1 to 255. The default is 255.

-m wait-time: Specifies the interval for sending MPLS echo request packets, in the range of 1 to 10000 milliseconds. The default is 200 milliseconds.

-r reply-mode: Specifies the reply mode of the receiver in response to MPLS echo request packets. The reply-mode argument can be 1, 2, 3, or 4. The default value is 2.

· Reply mode 1 means "Do not reply."

· Reply mode 2 means "Reply by using a UDP packet."

· Reply mode 3 means "Reply by using a UDP packet that carries the Router Alert option."

· Reply mode 4 means "Reply by using a VCCV packet." Reply mode 4 does not apply to MPLS LSP connectivity detection for an IPv4 prefix. If you specify this mode, the receiver does not reply.

-rtos tos-value: Specifies the ToS value in the IP header of an MPLS echo reply packet. The value range is 0 to 7, and the default value is 6.

-s packet-size: Specifies the length (excluding the IP header and UDP header) of an MPLS echo request packet. The value for the packet-size argument is 65 to 8100 bytes, and the default is 100 bytes.

-t time-out: Specifies the timeout interval for the reply to an MPLS echo request. The value range is 0 to 65535 milliseconds, and the default is 2000 milliseconds.

-v: Displays detailed reply information. If you do not specify this keyword, the command displays brief reply information.

ipv4-address mask-length: Specifies an FEC by a destination IP address and mask length. The mask length is in the range of 0 to 32.

destination: Specifies the destination address in the IP header of MPLS echo requests. The default is 127.0.0.1.

start-address: Specifies the destination address or the start destination address. This address must be an address on subnet 127.0.0.0/8—a local loopback address. If you specify the start-address argument without the end-address argument, the start-address is the destination address in the IP header. The number of MPLS echo requests to be sent is determined by the -c count keyword. If you specify both start-address and end-address, you specify a range of destination addresses. The destination address increments by the value specified for the address-increment argument, starting from the start-address to the end-address. The number of MPLS echo requests to be sent with each of the destination addresses is determined by the -c count keyword.

end-address: Specifies the end destination address. This address must be an address on subnet 127.0.0.0/8—a local loopback address.

address-increment: Specifies the increment value by which the destination address in the IP header increases in turn. The value range is 1 to 16777215 and the default value is 1.

Examples

# Verify the connectivity of LSPs to destination 3.3.3.9/32.

<Sysname> ping mpls ipv4 3.3.3.9 32

MPLS ping FEC 3.3.3.9/32 with 100 bytes of data:

100 bytes from 100.1.2.1: Sequence=1 time=49 ms

100 bytes from 100.1.2.1: Sequence=2 time=44 ms

100 bytes from 100.1.2.1: Sequence=3 time=60 ms

100 bytes from 100.1.2.1: Sequence=4 time=60 ms

100 bytes from 100.1.2.1: Sequence=5 time=76 ms

--- Ping statistics for FEC 3.3.3.9/32 ---

5 packets transmitted, 5 packets received, 0.0% packet loss

Round-trip min/avg/max = 44/57/76 ms

# Verify the connectivity of LSPs to destination 3.3.3.9/32, and specify the following parameters:

· Set the number of MPLS echo requests to be sent with the same destination address to 3.

· Display detailed reply information.

· Specify the range of destination addresses in IP headers as 127.0.0.1 to 127.0.0.3, and set the destination address increment value to 2. With these settings, the destination addresses are 127.0.0.1 and 127.0.0.3.

<Sysname> ping mpls –c 3 –v ipv4 3.3.3.9 32 destination 127.0.0.1 127.0.0.3 2

MPLS ping FEC 3.3.3.9/32 with 100 bytes of data:

Destination address 127.0.0.1

100 bytes from 100.1.2.1: Sequence=1 time=49 ms Return Code=3(1)

Destination address 127.0.0.3

100 bytes from 100.1.2.1: Sequence=2 time=44 ms Return Code=3(1)

Destination address 127.0.0.1

100 bytes from 100.1.2.1: Sequence=3 time=60 ms Return Code=3(1)

Destination address 127.0.0.3

100 bytes from 100.1.2.1: Sequence=4 time=60 ms Return Code=3(1)

Destination address 127.0.0.1

100 bytes from 100.1.2.1: Sequence=5 time=76 ms Return Code=3(1)

Destination address 127.0.0.3

100 bytes from 100.1.2.1: Sequence=6 time=57 ms Return Code=3(1)

--- Ping statistics for FEC 3.3.3.9/32 ---

6 packets transmitted, 6 packets received, 0.0% packet loss

Round-trip min/avg/max = 44/57/76 ms

Table 109 Command output

Field	Description
MPLS Ping FEC: 3.3.3.9/32 : 100 data bytes	Verify LSP connectivity for FEC 3.3.3.9/32 by sending 100-byte MPLS echo requests.
Destination address	Destination IP address in the IP header.
100 bytes from 100.1.2.1	Received a 100-byte reply from 100.1.2.1.
Sequence	Sequence number of the reply, for determination of packet loss, disorder, or duplicate.
time	Packet round-trip delay.
Return Code	Return code. The number in parentheses represents a return subcode.
Ping statistics for FEC 3.3.3.9/32	LSP verification statistics.
packets transmitted	Number of MPLS echo requests sent.
packets received	Number of MPLS echo replies received.
packet loss	Percentage of unreplied packets to total request packets.
Round-trip min/avg/max	Minimum, average, and maximum round-trip delay.

ping mpls pw

Use ping mpls pw to verify LDP PW or static PW connectivity.

Syntax

Views

Any view

Predefined user roles

network-admin

Parameters

-a source-ip: Specifies the source address for MPLS echo request packets. If you do not specify this option, the device uses the MPLS LSR ID of the device as the source address for MPLS echo requests.

-c count: Specifies the number of MPLS echo request packets to be sent. The value range is 1 to 4294967295. The default is 5.

-exp exp-value: Specifies the EXP value for MPLS echo request packets, in the range of 0 to 7. The default is 0.

-h ttl-value: Specifies the TTL value for MPLS echo request packets, in the range of 1 to 255. The default is 255.

-m wait-time: Specifies the interval for sending MPLS echo request packets, in the range of 1 to 10000 milliseconds. The default is 200 milliseconds.

-r reply-mode: Specifies the reply mode of the receiver in response to MPLS echo request packets. The reply-mode argument can be 1, 2, 3, or 4. The default value is 2.

· Reply mode 1 means "Do not reply."

· Reply mode 2 means "Reply by using a UDP packet."

· Reply mode 3 means "Reply by using a UDP packet that carries the Router Alert option."

· Reply mode 4 means "Reply by using a VCCV packet."

-rtos tos-value: Specifies the ToS value in the IP header of an MPLS echo reply packet. The value range is 0 to 7, and the default value is 6.

-s packet-size: Specifies the length (excluding the IP header and UDP header) of an MPLS echo request packet. The value for the packet-size argument is 65 to 8100 bytes, and the default is 100 bytes.

-t time-out: Specifies the timeout interval for the reply to an MPLS echo request. The value range is 0 to 65535 milliseconds, and the default is 2000 milliseconds.

-v: Displays detailed reply information. If you do not specify this keyword, the command displays brief reply information.

ip-address: Specifies the IP address of the peer PE.

pw-id pw-id: Specifies the ID of the PW to the peer PE, in the range of 1 to 4294967295.

Examples

# Verify the connectivity of PW 301 to peer PE 3.3.3.9.

<Sysname> ping mpls pw 3.3.3.9 pw-id 301

MPLS ping PW 3.3.3.9 301 with 100 bytes of data:

100 bytes from 100.1.2.1: Sequence=1 time=49 ms

100 bytes from 100.1.2.1: Sequence=2 time=44 ms

100 bytes from 100.1.2.1: Sequence=3 time=60 ms

100 bytes from 100.1.2.1: Sequence=4 time=60 ms

100 bytes from 100.1.2.1: Sequence=5 time=76 ms

--- Ping statistics for PW 3.3.3.9 301 ---

5 packets transmitted, 5 packets received, 0.0% packet loss

Round-trip min/avg/max = 44/57/76 ms

For the command output, see Table 109.

ping mpls te

Use ping mpls te to verify MPLS TE tunnel connectivity.

Syntax

Views

Any view

Predefined user roles

network-admin

Parameter

-c count: Specifies the number of MPLS echo request packets to be sent, in the range of 1 to 4294967295. The default is 5.

-exp exp-value: Specifies the EXP value for MPLS echo request packets, in the range of 0 to 7. The default is 0.

-h ttl-value: Specifies the TTL value for MPLS echo request packets, in the range of 1 to 255. The default is 255.

-m wait-time: Specifies the interval for sending MPLS echo request packets, in the range of 1 to 10000 milliseconds. The default is 200 milliseconds.

-r reply-mode: Specifies the reply mode of the receiver in response to MPLS echo request packets. The reply-mode argument can be 1, 2, 3, or 4. The default value is 2.

· Reply mode 1 means "Do not reply."

· Reply mode 2 means "Reply by using a UDP packet."

· Reply mode 3 means "Reply by using a UDP packet that carries the Router Alert option."

· Reply mode 4 means "Reply by using a VCCV packet." Reply mode 4 does not apply to MPLS TE tunnel connectivity detection. If you specify this mode, the receiver does not reply.

-rtos tos-value: Specifies the ToS value in the IP header of an MPLS echo reply packet. The value range is 0 to 7, and the default is 6.

-s packet-size: Specifies the length (excluding the IP header and UDP header) of an MPLS echo request packet. The value range for the packet-size argument is 65 to 8100 bytes, and the default is 100 bytes.

-t time-out: Specifies the timeout interval for the reply to an MPLS echo request. The value range is 0 to 65535 milliseconds, and the default is 2000 milliseconds.

-v: Displays detailed reply information. If you do not specify this keyword, the command displays brief reply information.

tunnel interface-number: Specifies an MPLS TE tunnel interface by the interface number. The specified MPLS TE tunnel interface must have already been created.

Examples

# Verify the connectivity of the MPLS TE tunnel for tunnel interface Tunnel 1.

<Sysname> ping mpls te tunnel 1

MPLS ping TE tunnel Tunnel1 with 100 bytes of data:

100 bytes from 100.1.2.1: Sequence=1 time=49 ms

100 bytes from 100.1.2.1: Sequence=2 time=44 ms

100 bytes from 100.1.2.1: Sequence=3 time=60 ms

100 bytes from 100.1.2.1: Sequence=4 time=60 ms

100 bytes from 100.1.2.1: Sequence=5 time=76 ms

--- Ping statistics for TE tunnel Tunnel1 ---

5 packets transmitted, 5 packets received, 0.0% packet loss

Round-trip min/avg/max = 44/57/76 ms

For the command output, see Table 109.

tracert mpls ipv4

Use tracert mpls ipv4 to trace MPLS LSPs from the ingress node to the egress node for an IPv4 prefix. You can locate the error node according to the reply information.

Syntax

Views

Any view

Predefined user roles

network-admin

Parameters

-a source-ip: Specifies the source address for MPLS echo request packets. If you do not specify this option, the command uses the primary IP address of the outgoing interface as the source address for MPLS echo requests.

-exp exp-value: Specifies the EXP value for MPLS echo request packets, in the range of 0 to 7. The default is 0.

-r reply-mode: Specifies the reply mode of the receiver in response to MPLS echo request packets. The reply-mode argument can be 1, 2, or 3. 1 means "Do not reply," 2 means "Reply by using a UDP packet," and 3 means "reply by using a UDP packet that carries the Router Alert option." The default is 2.

-rtos tos-value: Specifies the ToS value in the IP header of an MPLS echo reply packet. The value range is 0 to 7, and the default value is 6.

-t time-out: Specifies the timeout interval for the reply to an MPLS echo request. The value range is 0 to 65535 milliseconds, and the default is 2000 milliseconds.

-v: Displays detailed reply information. If you do not specify this keyword, the command displays brief reply information.

fec-check: Checks the FEC stack at transit nodes.

ipv4-address mask-length: Specifies an FEC by an IPv4 destination address and a mask length. The value range for the mask-length argument is 0 to 32.

destination: Specifies the destination address in the IP header of MPLS echo requests. The default is 127.0.0.1.

start-address: Specifies the destination address or the start destination address. This address must be an address on subnet 127.0.0.0/8—a local loopback address. If you specify the start-address argument without the end-address argument, the start-address is the destination address in the IP header. If you specify both start-address and end-address, you specify a range of destination addresses. The destination address increments by the value specified for the address-increment argument, starting from the start-address to the end-address. The command performs a tracert for each of the destination addresses.

end-address: Specifies the end destination address. This address must be an address on subnet 127.0.0.0/8—a local loopback address.

address-increment: Specifies the increment value by which the destination address in the IP header increases in turn. The value range is 1 to 16777215 and the default value is 1.

Examples

# Trace the path that the LSP (for FEC 5.5.5.9/32) traverses from the ingress node to the egress node. Specify the IP header destination address range as 127.1.1.1 to 127.1.1.2 and set the address increment value to 1. With these settings, the device performs a tracert for 127.1.1.1 and 127.1.1.2.

<Sysname> tracert mpls ipv4 5.5.5.9 32 destination 127.1.1.1 127.1.1.2 1

MPLS trace route FEC 5.5.5.9/32

Destination address 127.1.1.1

TTL Replier Time Type Downstream

0 Ingress 100.1.2.1/[1025]

1 100.1.2.1 1 ms Transit 100.2.4.1/[1024]

2 100.2.4.1 63 ms Transit 100.4.5.1/[3]

3 100.4.5.1 129 ms Egress

Destination address 127.1.1.2

TTL Replier Time Type Downstream

0 Ingress 100.1.3.1/[1030]

1 100.1.3.1 1 ms Transit 100.3.4.1/[1024]

2 100.3.4.1 51 ms Transit 100.4.5.1/[3]

3 100.4.5.1 80 ms Egress

# Trace the path that the LSP (for FEC 5.5.5.9/32) traverses from the ingress node to the egress node. Display detailed reply information, specify the IP header destination address range as 127.1.1.1 to 127.1.1.2, and set the address increment value to 1. With these settings, the device performs a tracert for 127.1.1.1 and 127.1.1.2.

<Sysname> tracert mpls –v ipv4 5.5.5.9 32 destination 127.1.1.1 127.1.1.2 1

MPLS trace route FEC 5.5.5.9/32

Destination address 127.1.1.1

TTL Replier Time Type Downstream

0 Ingress 100.1.2.1/[1025]

1 100.1.2.1 1 ms Transit 100.2.4.1/[1024] ReturnCode 8(1)

2 100.2.4.1 63 ms Transit 100.4.5.1/[3] ReturnCode 8(1)

3 100.4.5.1 129 ms Egress ReturnCode 3(1)

Destination address 127.1.1.2

TTL Replier Time Type Downstream

0 Ingress 100.1.3.1/[1030]

1 100.1.3.1 1 ms Transit 100.3.4.1/[1024] ReturnCode 8(1)

2 100.3.4.1 51 ms Transit 100.4.5.1/[3] ReturnCode 8(1)

3 100.4.5.1 80 ms Egress ReturnCode 3(1)

Table 110 Command output

Field	Description
MPLS trace route FEC	Trace the LSPs for the specified FEC.
Destination address	Destination IP address in the IP header.
TTL	Number of hops.
Replier	Address of the LSR that replied the request.
Time	Time used to receive the reply, in milliseconds.
Type	LSR type: Ingress, Transit, or Egress.
Downstream	Address of the downstream LSR and the label assigned by the downstream LSR.
ReturnCode	Return code. The number in parentheses represents a return subcode.

tracert mpls te

Use tracert mpls te to trace an MPLS TE tunnel from the ingress node to the egress node. You can locate the error node according to the reply information.

Syntax

Views

Any view

Predefined user roles

network-admin

Parameters

-exp exp-value: Specifies the EXP value for MPLS echo request packets, in the range of 0 to 7. The default is 0.

-r reply-mode: Specifies the reply mode of the receiver in response to MPLS echo request packets. The reply-mode argument can be 2 or 3. 2 means "Reply by using a UDP packet," and 3 means "reply by using a UDP packet that carries the Router Alert option." The default is 2.

-rtos tos-value: Specifies the ToS value in the IP header of an MPLS echo reply packet. The value range is 0 to 7, and the default value is 6.

-t time-out: Specifies the timeout interval for the reply to an MPLS echo request. The value range is 0 to 65535 milliseconds, and the default is 2000 milliseconds.

-v: Displays detailed reply information. If you do not specify this keyword, the command displays brief reply information.

fec-check: Checks the FEC stack at transit nodes.

tunnel interface-number: Specifies an existing MPLS TE tunnel interface by the interface number.

Examples

# Trace the path that MPLS TE tunnel 1 traverses from the ingress node to the egress node.

<Sysname> tracert mpls te tunnel 1

MPLS trace route TE tunnel Tunnel1

TTL Replier Time Type Downstream

0 Ingress 10.4.5.1/[1025]

1 10.4.5.1 1 ms Transit 100.3.4.1/[1024]

2 100.3.4.1 63 ms Transit 100.1.2.1/[3]

3 100.1.2.1 129 ms Egress

For the command output, see Table 110.

vccv bfd

Use vccv bfd to configure BFD to verify PW connectivity.

Use undo vccv bfd to restore the default.

Syntax

vccv bfd [ raw-bfd ] [ template template-name ]

undo vccv bfd

Default

BFD is not used to verify PW connectivity.

Views

PW class view

Predefined user roles

network-admin

Parameters

raw-bfd: Specifies the BFD packets to use PW-ACH encapsulation (without IP/UDP headers). This keyword takes effect only when the CC type is control word. If you do not specify this keyword, the BFD packets use IP/UDP encapsulation (with IP/UDP headers).

Usage guidelines

After you execute this command and specify the PW class for a PW, the PEs use the specified encapsulation type to verify PW connectivity when the following conditions are met:

· Both PEs of the PW have configured BFD for the PW.

· The PEs use the same encapsulation type for BFD packets.

If any of the previous conditions are not met, the PEs do not use BFD to verify PW connectivity.

To use BFD for PW connectivity verification, you must execute the vccv bfd and mpls bfd enable commands on both ends of the PW.

Examples

# Configure BFD to verify PW connectivity, specify the BFD packet encapsulation type as raw-bfd, and specify the BFD session parameter template as aaa.

<Sysname> system-view

[Sysname] pw-class test

[Sysname-pw-test] vccv bfd raw-bfd template aaa

Related commands

display l2vpn pw bfd

mpls bfd enable

vccv cc

Use vccv cc to specify the VCCV control channel (CC) type.

Use undo vccv cc to restore the default.

Syntax

vccv cc { control-word | router-alert }

undo vccv cc

Default

No VCCV CC type is specified.

Views

PW class view

Predefined user roles

network-admin

Parameters

control-word: Specifies the VCCV CC type as control word.

router-alert: Specifies the VCCV CC type as MPLS router alert label.

Usage guidelines

The packets used to verify PW connectivity are collectively referred to as VCCV packets. A PE transfers VCCV packets through a CC.

CCs include the following types:

· Control word—Identifies VCCV packets through the control word (PW-ACH, PW Associated Channel Header). You can use this CC type only when the PW supports control word. For more information about control word, see MPLS Configuration Guide.

· MPLS router alert label—Identifies a VCCV packet by adding an MPLS router alert label before the PW label.

After you execute this command and specify the PW class for a PW, the specified CC is used if both PEs have specified the same VCCV CC type. Otherwise, the PEs do not use any CC and they cannot establish a BFD session for the PW.

Examples

# Specify the VCCV CC type as control word.

<Sysname> system-view

[Sysname] pw-class test

[Sysname-pw-test] vccv cc control-word

Related commands

display l2vpn pw bfd

mpls bfd enable

vccv bfd

MPLS protection switching commands

The following matrix shows the feature and hardware compatibility:

Hardware	MPLS protection switching compatibility
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No
MSR2600-6-X1/2600-10-X1	Yes
MSR 2630	Yes
MSR3600-28/3600-51	Yes
MSR3600-28-SI/3600-51-SI	No
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes
MSR 3610/3620/3620-DP/3640/3660	Yes
MSR5620/5660/5680	Yes

Hardware	MPLS protection switching compatibility
MSR810-LM-GL	No
MSR810-W-LM-GL	No
MSR830-6EI-GL	No
MSR830-10EI-GL	No
MSR830-6HI-GL	No
MSR830-10HI-GL	No
MSR2600-6-X1-GL	Yes
MSR3600-28-SI-GL	No

Commands and descriptions for centralized devices apply to the following routers:

· MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS.

· MSR2600-6-X1/2600-10-X1.

· MSR 2630.

· MSR3600-28/3600-51.

· MSR3600-28-SI/3600-51-SI.

· MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC.

· MSR 3610/3620/3620-DP/3640/3660.

Commands and descriptions for distributed devices apply to the following routers:

· MSR5620.

· MSR 5660.

· MSR 5680.

bandwidth

Use bandwidth to set the expected bandwidth for an interface.

Use undo bandwidth to restore the default.

Syntax

bandwidth bandwidth-value

undo bandwidth

Default

The expected bandwidth is 64 kbps.

Views

Tunnel bundle interface view

Predefined user roles

network-admin

Parameters

bandwidth-value: Specifies the expected bandwidth in the range of 1 to 400000000 kbps.

Usage guidelines

The expected bandwidth for an interface affects the CBQ bandwidth, and the link costs in OSPF, OSPFv3, and IS-IS. For more information about the CBQ bandwidth, see ACL and QoS Configuration Guide. For more information about the link costs, see Layer 3—IP Routing Configuration Guide.

Examples

# Set the expected bandwidth to 1000 kbps for Tunnel-Bundle 2.

<Sysname> system-view

[Sysname] interface tunnel-bundle 2

[Sysname-tunnel-bundle2] bandwidth 1000

Related commands

display interface tunnel-bundle

default

Use default to restore the default settings for a tunnel bundle interface.

Syntax

default

Views

Tunnel bundle interface view

Predefined user roles

network-admin

Usage guidelines

CAUTION:

The default command might interrupt ongoing network services. Make sure you are fully aware of the impact of this command when you use it on a live network.

Examples

# Restore the default settings of interface Tunnel-Bundle 2.

<Sysname> system-view

[Sysname] interface tunnel-bundle 2

[Sysname-tunnel-bundle2] default

description

Use description to configure a description for a tunnel bundle interface.

Use undo description to restore the default.

Syntax

description text

undo description

Default

The description for a tunnel bundle interface is Tunnel-Bundlenumber Interface, for example, Tunnel-Bundle1 Interface.

Views

Tunnel bundle interface view

Predefined user roles

network-admin

Parameters

text: Specifies a description, a case-sensitive string of 1 to 255 characters.

Usage guidelines

Configure descriptions for interfaces for identification and management purposes.

You can use the display interface command to display the configured interface descriptions.

Examples

# Configure the description for interface Tunnel-Bundle 2 as tunnel-bundle2.

<Sysname> system-view

[Sysname] interface tunnel-bundle 2

[Sysname-tunnel-bundle2] description tunnel-bundle2

Related commands

display interface tunnel-bundle

destination

Use destination to specify the destination address for a tunnel bundle interface.

Use undo destination to restore the default.

Syntax

destination ip-address

undo destination

Default

No tunnel destination address is configured.

Views

Tunnel bundle interface view

Predefined user roles

network-admin

Parameters

ip-address: Specifies the tunnel destination IPv4 address.

Usage guidelines

For MPLS L3VPN, MPLS L2VPN, and VPLS, the tunnel destination address in this command determines whether the tunnel bundle can be the public tunnel to carry VPN services. When the remote PE address is the same as the tunnel destination address for a tunnel bundle interface, the tunnel bundle can be the public tunnel.

As a best practice, configure the same tunnel destination address for a tunnel bundle interface and its member interfaces. If they have different tunnel destination addresses, make sure the member interfaces have a route to the tunnel bundle interface for successful traffic forwarding.

Examples

# Specify 2.2.2.2 as the destination address for Tunnel-Bundle 2.

<Sysname> system-view

[Sysname] interface tunnel-bundle 2

[Sysname-tunnel-bundle2] destination 2.2.2.2

Related commands

display interface tunnel-bundle

display tunnel-bundle

display interface tunnel-bundle

Use display interface tunnel-bundle to display tunnel bundle interface information.

Syntax

display interface [ tunnel-bundle [ number ] ] [ brief [ description | down ] ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

number: Specifies the number of an existing tunnel bundle interface.

brief: Displays brief interface information. If you do not specify this keyword, the command displays detailed interface information.

description: Displays complete interface descriptions. If you do not specify this keyword, the command displays only the first 27 characters of interface descriptions.

down: Displays information about interfaces in the physical state of DOWN and the causes. If you do not specify this keyword, the command displays information about interfaces in all states.

Usage guidelines

If you do not specify the tunnel-bundle keyword, this command displays information about all interfaces on the device.

If you specify the tunnel-bundle keyword without the number argument, this command displays information about all existing tunnel bundle interfaces.

Examples

# Display detailed information about interface Tunnel-Bundle 100.

<Sysname> display interface tunnel-bundle 100

Tunnel-Bundle100

Current state: UP

Line protocol state: UP

Description: Tunnel-Bundle100 Interface

Bandwidth: 64kbps

Maximum Transmit Unit: 1500

Internet protocol processing: disabled

Tunnel-Bundle destination unknown

Tunnel type: CRLSP

Last clearing of counters: Never

Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec

Last 300 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec

Input: 0 packets, 0 bytes, 0 drops

Output: 0 packets, 0 bytes, 0 drops

Table 111 Command output

Field	Description
Tunnel-Bundle100	Information about the tunnel bundle interface Tunnel-Bundle 100.
Current state	State of the tunnel bundle interface: · Administratively DOWN—The interface has been shut down by using the shutdown command. · DOWN—The interface is administratively up, but its physical state is down. · UP—Both the administrative and physical states of the interface are up.
Line protocol state	Link layer protocol state of the tunnel bundle interface. The value is determined by parameter negotiation on the link layer. · UP—The link protocol state of the interface is up. · UP (spoofing)—The link protocol state of the interface is up, but the link is temporarily set up on demand or does not exist. This attribute is available for null interfaces and loopback interfaces. · DOWN—The link protocol state of the interface is down.
Description	Description for the tunnel bundle interface.
Bandwidth	Expected bandwidth for the tunnel bundle interface.
Maximum Transmit Unit	MTU of the tunnel bundle interface.
Internet protocol processing	IP address of the tunnel bundle interface. If no IP address is assigned to the interface, this field displays Internet protocol processing: disabled. The tunnel bundle interface cannot process packets. Primary indicates that it is the primary IP address of the interface.
Tunnel-Bundle destination	Destination address of the tunnel bundle interface. unknown indicates that no destination address is assigned to the interface.
Tunnel type	Tunnel mode for the tunnel bundle interface. The value can only be CRLSP.
Last clearing of counters	Last time when counters were cleared.
Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec	Average input rate in the last 300 seconds.
Last 300 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec	Average output rate in the last 300 seconds.

# Display brief information about interface Tunnel-Bundle 100.

<Sysname> display interface tunnel-bundle 100 brief

Brief information on interface(s) under route mode:

Link: ADM - administratively down; Stby - standby

Protocol: (s) - spoofing

Interface Link Protocol Main IP Description

Tunnel-B100 UP UP -- aaaaaaaaaaaaaaaaaaaaaaaaaaa

# Display brief information about interface Tunnel-Bundle 100, including the complete interface description.

<Sysname> display interface tunnel-bundle 100 brief description

Brief information on interface(s) under route mode:

Link: ADM - administratively down; Stby - standby

Protocol: (s) - spoofing

Interface Link Protocol Main IP Description

Tunnel-B100 UP UP -- aaaaaaaaaaaaaaaaaaaaaaaaaaaaa

Aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

# Display information about interfaces in DOWN state and the causes.

<Sysname> display interface tunnel-bundle brief down

Brief information on interface(s) under route mode:

Link: ADM - administratively down; Stby - standby

Interface Link Cause

Tunnel-B100 DOWN Not connected

Tunnel-B101 DOWN Not connected

Table 112 Command output

Field	Description
Brief information on interface(s) under route mode	Brief information about Layer 3 interfaces.
Link: ADM - administratively down; Stby - standby	Link state: · ADM—The interface has been administratively shut down. To bring it up, use the undo shutdown command. · Stby—The interface is a backup interface. To show the primary interface, use the display interface-backup state command.
Protocol: (s) - spoofing	(s) indicates that the link layer protocol state is UP, but the link is not available because it is an on-demand link or not present at all.
Interface	Abbreviated interface name.
Link	Link state of the interface: · UP—The link is physically up. · DOWN—The link is physically down. · ADM—The link has been administratively shut down. To bring it up, use the undo shutdown command.
Protocol	Link layer protocol state whose value is determined by parameter negotiation on the link layer: · UP—The protocol state of the interface is up. · UP (spoofing)—The link protocol state of the interface is up, but the link is temporarily set up on demand or does not exist. This attribute is available for null interfaces and loopback interfaces. · DOWN—The protocol state of the interface is down.
Main IP	Primary IP address of the interface.
Description	Description for the interface.
Cause	Causes for the physical state of DOWN: · Administratively—The link has been shut down by using the shutdown command. To bring it up, use the undo shutdown command. · Not connected—The tunnel bundle is not established.

display mpls forwarding protection

Use display mpls forwarding protection to display forwarding state information for MPLS protection groups.

Syntax

Centralized devices in standalone mode:

display mpls forwarding protection [ tunnel-bundle number ]

Distributed devices in standalone mode/centralized devices in IRF mode:

display mpls forwarding protection [ tunnel-bundle number ] [ slot slot-number ]

Distributed devices in IRF mode:

display mpls forwarding protection [ tunnel-bundle number ] [ chassis chassis-number slot slot-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

tunnel-bundle number: Specifies an existing tunnel bundle interface by its number. If you do not specify this option, the command displays forwarding state information for all MPLS protection groups.

slot slot-number: Specifies a card by its slot number. If you do not specify a card, this command displays information on the active MPU. (Distributed devices in standalone mode.)

slot slot-number: Specifies an IRF member device by its member ID. If you do not specify a member device, this command displays information for the master device. (Centralized devices in IRF mode.)

chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The chassis-number argument represents the member ID of the IRF member device. The slot-number argument represents the slot number of the card. If you do not specify a card, this command displays information for the global active MPU. (Distributed devices in IRF mode.)

Examples

# Display forwarding state information for all MPLS protection groups.

<Sysname> display mpls forwarding protection

Total number of protection groups: 1

State:

N: Normal UA: Unavailable PA: Protecting administrative

PF: Protecting failure WTR: Wait-to-Restore DNR: Do-not-Revert

M: Manual switch F: Forced switch P: Protection tunnel failure

W: Working tunnel failure HO: Hold off LO: Lockout of protection

L: Local R: Remote

Group ID Working tunnel Protection tunnel State

2 100 200 UA:LO:R

Table 113 Command output

Field	Description
Group ID	ID of the protection group.
Working tunnel	ID of the working tunnel.
Protection tunnel	ID of the protection tunnel.
State	This field contains the current protection group state, the cause, and the cause source. Current protection group state: · N—Normal state. The working and protection tunnels operate correctly, and traffic travels along the working tunnel. · UA—Unavailable state. The protection tunnel is unavailable. · PA—Protecting administrative state. The externally configured switching action enables traffic to travel along the protection tunnel. · PF—Protecting failure state. The working tunnel fails, and traffic is switched to the protection tunnel. · WTR—Wait-to-Restore state. The device is waiting for the wait time to switch traffic from the protection tunnel to the working tunnel after the working tunnel recovers. · DNR—Do-not-Revert state. Traffic is not switched from the protection tunnel to the working tunnel after the working tunnel recovers. Cause for the current protection group state: · LO—Lockout of protection. · P—A failure on the protection tunnel is detected by a signaling protocol. · W—A failure on the working tunnel is detected by a signaling protocol. · F—Forced switch. · M—Manual switch. · HO—Hold off. The device is waiting for the holdoff time to switch traffic from the working tunnel to the protection tunnel after the working tunnel fails. Cause source: · L—Local. · R—Remote. For example, UA:LO:L indicates that the protection group becomes unavailable because lockout of protection is performed on the local device.

display mpls protection

Use display mpls protection to display current state and related information for MPLS protection groups.

Syntax

display mpls protection [ tunnel-bundle number ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

tunnel-bundle number: Specifies an existing tunnel bundle interface by its number. If you do not specify this option, the command displays current state and related information for all MPLS protection groups.

verbose: Displays detailed information about MPLS protection groups. If you do not specify this keyword, the command displays brief information about MPLS protection groups.

Examples

# Display current state and related information for all MPLS protection groups.

<Sysname> display mpls protection

Total number of protection groups: 1

State:

N: Normal UA: Unavailable PA: Protecting administrative

PF: Protecting failure WTR: Wait-to-Restore DNR: Do-not-Revert

M: Manual switch F: Forced switch P: Protection tunnel failure

W: Working tunnel failure HO: Hold off LO: Lockout of protection

L: Local R: Remote

Group ID Type Working tunnel Protection tunnel State

2 Tunnel bundle 100 200 UA:LO:R

Table 114 Command output

Field	Description
Group ID	ID of the protection group.
Type	Tunnel type. The value can only be Tunnel bundle.
Working tunnel	ID of the working tunnel.
Protection tunnel	ID of the protection tunnel.
State	This field contains the current protection group state, the cause, and the cause source. Current protection group state: · N—Normal state. The working and protection tunnels operate correctly, and traffic travels along the working tunnel. · UA—Unavailable state. The protection tunnel is unavailable. · PA—Protecting administrative state. The externally configured switching action enables traffic to travel along the protection tunnel. · PF—Protecting failure state. The working tunnel fails, and traffic is switched to the protection tunnel. · WTR—Wait-to-Restore state. The device is waiting for the wait time to switch traffic from the protection tunnel to the working tunnel after the working tunnel recovers. · DNR—Do-not-Revert state. Traffic is not switched from the protection tunnel to the working tunnel after the working tunnel recovers. Cause for the current protection group state: · LO—Lockout of protection. · P—A failure on the protection tunnel is detected by a signaling protocol. · W—A failure on the working tunnel is detected by a signaling protocol. · F—Forced switch. · M—Manual switch. · HO—Hold off. The device is waiting for the holdoff time to switch traffic from the working tunnel to the protection tunnel after the working tunnel fails. Cause source: · L—Local. · R—Remote. For example, UA:LO:L indicates that the protection group becomes unavailable because lockout of protection is performed on the local device.

# Display brief information about MPLS protection groups.

<Sysname> display mpls protection verbose

Protection group ID : 2

Protection group type : Tunnel bundle

Tunnel bundle name : Tunnel-Bundle200

Working tunnel : Tunnel100

Protection tunnel : Tunnel200

Protection mode : 1:1

Switching mode : Bidirectional

Tunnel in use : Working-path

Working tunnel state : No defect

Protection tunnel state : Signal fail

Holdoff time : 5s (Remaining: 3s)

Wait to restore time : 30s (Remaining: 10s)

Message interval : 5s

Revertive mode : Revertive

State : Unavailable (UA),

Protection tunnel failure (P),

Local (L)

Table 115 Command output

Field	Description
Protection group ID	ID of the protection group.
Protection group type	Tunnel type. The value can only be Tunnel bundle.
Tunnel bundle name	Name of the tunnel bundle interface name for the protection group.
Working tunnel	Tunnel interface name for the working tunnel.
Protection tunnel	Tunnel interface name for the protection tunnel.
Protection mode	Protection mode: 1+1 or 1:1.
Switching mode	Switching mode: Bidirectional or Unidirectional.
Tunnel in use	Tunnel in use: Working-path or Protection-path.
Working tunnel state	Working tunnel state: · No defect. · Signal fail—A failure is detected by a signaling protocol. · OAM defect—A failure is detected by the OAM mechanism. · Remote defect—A failure is received from the remote device.
Protection tunnel state	Protection tunnel state: · No defect. · Signal fail—A failure is detected by a signaling protocol. · OAM defect—A failure is detected by the OAM mechanism. · Remote defect—A failure is received from the remote device.
Holdoff time	Holdoff time and the remaining holdoff time in seconds.
Wait to restore time	Wait time for the switchover from the protection tunnel to the working tunnel, and the remaining wait time, in seconds.
Message interval	PSC message sending interval in seconds.
Revertive mode	Revertive mode: Revertive or Non-revertive.
State	This field contains the current protection group state, the cause, and the cause source. Current protection group state: · Normal (N)—The working and protection tunnels operate correctly, and traffic travels along the working tunnel. · Unavailable (UA)—The protection tunnel is unavailable. · Protecting administrative (PA)—The externally configured switching action enables traffic to travel along the protection tunnel. · Protecting failure (PF)—The working tunnel fails, and traffic is switched to the protection tunnel. · Wait-to-Restore (WTR)—The device is waiting for the wait time to switch traffic from the protection tunnel to the working tunnel after the working tunnel recovers. · Do-not-Revert (DNR)—Traffic is not switched from the protection tunnel to the working tunnel after the working tunnel recovers. Cause for the current protection group state: · Lockout of protection (LO). · Protection tunnel failure (P)—A failure on the protection tunnel is detected by a signaling protocol. · Working tunnel failure (W)—A failure on the working tunnel is detected by a signaling protocol. · Forced switch (F). · Manual switch (M). · Hold off (HO)—The device is waiting for the holdoff time to switch traffic from the working tunnel to the protection tunnel after the working tunnel fails. Cause source, Local (L) or Remote (R). For example, UA:LO:L indicates that the protection group becomes unavailable because lockout of protection is performed on the local device.

display tunnel-bundle

Use display tunnel-bundle to display information about tunnel bundle interfaces and their member interfaces.

Syntax

display tunnel-bundle [ number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

number: Specifies an existing tunnel bundle interface and its member interfaces by the tunnel bundle interface number. If you do not specify this argument, the command displays information about all tunnel bundle interfaces and their member interfaces.

Examples

# Display information about all tunnel bundle interfaces and their member interfaces.

<Sysname> display tunnel-bundle

Total number of tunnel bundles: 1, 1 up, 0 down

Tunnel bundle name: Tunnel-Bundle 2

Bundle state : Up

Bundle attributes :

Working mode : 1:1

Tunnel type : CR-LSP

Tunnel destination : 3.3.3.3

Bundle members:

Member State Role

Tunnel4 Up Working

Tunnel5 Up Protection

Table 116 Command output

Field	Description
Total number of tunnel bundles	Total number of tunnel bundle interfaces in up and down states.
Working mode	Tunnel bundle interface operating mode: · Load Balancing. · 1+1—1+1 protection switching mode. · 1:1—1:1 protection switching mode. For more information about 1+1 and 1:1 protection switching modes, see MPLS Configuration Guide.
Tunnel type	The tunnel type can only be CRLSP.
Tunnel destination	Tunnel destination address of the tunnel bundle interface.
Role	Role of a member interface: · Working—The tunnel for the member interface is the working tunnel. · Protection—The tunnel for the member interface is the protection tunnel.

interface tunnel-bundle protection

Use interface tunnel-bundle protection to create a tunnel bundle interface in protection switching mode and enter its view, or enter the view of an existing tunnel bundle interface.

Use undo interface tunnel-bundle to delete a tunnel bundle interface.

Syntax

interface tunnel-bundle number [ protection { oneplusone | onetoone } ]

undo interface tunnel-bundle number

Default

No tunnel bundle interfaces exist.

Views

System view

Predefined user roles

network-admin

Parameters

number: Specifies the tunnel bundle interface number.

The following matrix shows the value ranges for the number argument:

Hardware	Argument compatibility	Value range
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No	N/A
MSR2600-6-X1/2600-10-X1	Yes	0 to 10239
MSR 2630	Yes	0 to 10239
MSR3600-28/3600-51	Yes	0 to 10239
MSR3600-28-SI/3600-51-SI	No	N/A
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes	0 to 10239
MSR 3610/3620/3620-DP/3640/3660	Yes	0 to 10239
MSR5620/5660/5680	Yes	0 to 10239

Hardware	Argument compatibility	Value range
MSR810-LM-GL	No	N/A
MSR810-W-LM-GL	No	N/A
MSR830-6EI-GL	No	N/A
MSR830-10EI-GL	No	N/A
MSR830-6HI-GL	No	N/A
MSR830-10HI-GL	No	N/A
MSR2600-6-X1-GL	Yes	0 to 1023
MSR3600-28-SI-GL	No	N/A

protection { oneplusone | onetoone }: Specifies a protection switching mode. To create a tunnel bundle interface, you must specify the protection switching mode. To enter the view of an existing tunnel bundle interface, you do not need to specify the protection switching mode.

· oneplusone: Specifies the 1+1 protection switching mode.

· onetoone: Specifies the 1:1 protection switching mode.

Usage guidelines

After you create a tunnel bundle interface in protection switching mode, you must specify a working tunnel and a protection tunnel for the tunnel bundle interface. The two tunnels comprise an MPLS TE tunnel bundle, which is an MPLS TE protection group. In the group, the device determines the tunnel for traffic forwarding according to the external switching command and the signal fail indication. For information about specifying the working tunnel and protection tunnel, see the member interface command.

The device supports the following protection switching modes:

· 1:1 protection switching—Typically, traffic travels along the working tunnel. When either of the following situations occurs, the ingress node selects the traffic forwarding tunnel (working or protection tunnel) according to the protection state:

¡ The ingress or the egress node detects a failure on the working tunnel.

¡ An external switching command is executed on the node.

· 1+1 protection switching—Typically, traffic travels along both the working and protection tunnels, and the egress node receives traffic from the working tunnel. When either of the following situations occurs, the egress node determines from which tunnel it receives traffic according to the protection state:

¡ The ingress or egress node detects a failure on the working tunnel.

¡ An external switching command is executed on the node.

NOTE:

· The tunnel ingress or egress node can detect tunnel failures through BFD for MPLS or other detection mechanisms. For more information about BFD for MPLS, see MPLS Configuration Guide.

· The protection state indicates the comprehensive status of a PS protection group. For more information, see the display mpls forwarding protection command.

To modify the protection switching mode for a tunnel bundle interface, execute the undo interface tunnel-bundle command to delete the interface and then execute the interface tunnel-bundle protection command.

Examples

# Create tunnel bundle interface Tunnel-Bundle 2 in 1:1 protection switching mode, and enter the tunnel bundle interface view.

<Sysname> system-view

[Sysname] interface tunnel-bundle 2 protection onetoone

[Sysname-tunnel-bundle2]

Related commands

destination

display tunnel bundle

member interface

mpls protection

member interface

Use member interface to specify a member interface for a tunnel bundle interface.

Use undo member interface to delete a member interface from a tunnel bundle interface.

Syntax

member interface tunnel tunnel-number [ protection ]

undo member interface tunnel tunnel-number

Default

No member interfaces exist for a tunnel bundle interface.

Views

Tunnel bundle interface view

Predefined user roles

network-admin

Parameters

tunnel tunnel-number: Specifies a member interface by the interface number. The tunnel interface must have been created.

protection: Specifies a member interface as the backup member interface. If you do not specify this keyword, the specified member interface is the primary member interface. The tunnel for the primary member interface is the working tunnel, and the tunnel for the backup member interface is the protection tunnel.

Usage guidelines

You can specify only one primary member interface and one backup member interface for a tunnel bundle interface in protection switching mode. The device selects a member interface for traffic forwarding according to the external switching command and the signal fail indication.

Examples

# Specify interface Tunnel 1 as the primary member interface, and Tunnel 2 as the backup member interface for Tunnel-Bundle 2.

<Sysname> system-view

[Sysname] interface tunnel-bundle 2 protection onetoone

[Sysname-tunnel-bundle2] member interface tunnel 1

[Sysname-tunnel-bundle2] member interface tunnel 2 protection

Related commands

display mpls protection

display tunnel-bundle

mpls protection

Use mpls protection to enable MPLS protection switching and enter MPLS protection switching view.

Use undo mpls protection to disable MPLS protection switching.

Syntax

mpls protection

undo mpls protection

Default

MPLS protection switching is disabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

Enable MPLS protection switching by using the mpls protection command before you execute other MPLS protection switching commands.

When MPLS protection switching is disabled, the display mpls protection command does not display the protection group information for a tunnel bundle interface. However, the tunnel bundle interface can forward traffic according to the specified protection switching mode (1:1 or 1+1).

After MPLS protection switching is enabled, you can configure the tunnel bundle interface for PS as needed, for example, configuring an external switching command and configuring PS state coordination.

Examples

# Enable MPLS protection switching and enter MPLS protection switching view.

<Sysname> system-view

[Sysname] mpls protection

[Sysname-mpls-protection]

protection holdoff

Use protection holdoff to set the holdoff time when a working tunnel failure is detected.

Use undo protection holdoff to restore the default.

Syntax

protection holdoff holdoff-time

undo protection holdoff

Default

The holdoff time is 0 seconds. When the working tunnel fails, traffic is immediately switched from the working tunnel to the protection tunnel.

Views

Tunnel bundle interface view

Predefined user roles

network-admin

Parameters

holdoff-time: Specifies the holdoff time in the range of 0 to 10 seconds.

Usage guidelines

When the working tunnel fails, the tunnel bundle interface waits for the holdoff time to switch traffic from the working tunnel to the protection tunnel.

To avoid repeated switches on unstable networks, traffic is not switched from the working tunnel to the protection tunnel if the working tunnel recovers within the holdoff time.

You can execute this command only after MPLS protection switching is enabled by using the mpls protection command.

You can execute this command only for tunnel bundle interfaces in protection switching mode.

Examples

# Set the holdoff time to 3 seconds for Tunnel-Bundle 2.

<Sysname> system-view

[Sysname] interface tunnel-bundle 2 protection onetoone

[Sysname-tunnel-bundle2] protection holdoff 3

Related commands

mpls protection

protection revertive

Use protection revertive to specify the switchover mode and set the switchover wait time.

Use undo protection revertive to restore the default.

Syntax

protection revertive { never | wtr [ wtr-time ] }

undo protection revertive

Default

When the working tunnel recovers, traffic is immediately switched from the protection tunnel to the working tunnel.

Views

Tunnel bundle interface view

Predefined user roles

network-admin

Parameters

never: Specifies the switchover mode as non-revertive. After the working tunnel recovers, the protection group continues to use the protection tunnel as long as the protection group is operating correctly.

wtr: Specifies the switchover mode as revertive. In revertive mode, traffic is switched from the protection tunnel to the working tunnel when the working tunnel recovers.

wtr-time: Specifies the wait time in the range of 0 to 3600 seconds. The default value is 600 seconds. When the working tunnel recovers, the wait timer starts. If the working tunnel is still operating correctly when the wait timer expires, traffic is switched from the protection tunnel to the working tunnel.

Usage guidelines

Typically, traffic preferentially uses the working tunnel when both the working and protection tunnels are operating correctly. When the working tunnel recovers, traffic should be immediately switched from the protection tunnel to the working tunnel. However, on an unstable network, the immediate switchover might affect traffic forwarding and burden the device. To resolve the problem, use this command to specify the switchover mode and the wait time for the switchover.

Both ends of a tunnel must have the same switchover mode (revertive or non-revertive) and wait time.

You can execute this command only after MPLS protection switching is enabled by using the mpls protection command.

You can execute this command only for tunnel bundle interfaces in protection switching mode.

Examples

# Specify the revertive mode for Tunnel-Bundle 2, and set the wait time to 10 seconds.

<Sysname> system-view

[Sysname] interface tunnel-bundle 2 protection onetoone

[Sysname-tunnel-bundle2] protection revertive wtr 10

Related commands

mpls protection

protection switching-mode bidirectional

protection switch

Use protection switch to execute an external command for protection switching on a tunnel bundle interface.

Syntax

protection switch { clear | force | lock | manual }

Default

No external command is configured.

Views

Tunnel bundle interface view

Predefined user roles

network-admin

Parameters

clear: Specifies the Clear command. This command clears the active external command.

force: Specifies the Forced Switch command. This command forces traffic to travel on the protection tunnel.

lock: Specifies the Lockout of Protection command. This command locks protection switching. Traffic is always forwarded by the working tunnel.

manual: Specifies the Manual Switch command. This command switches traffic from the working tunnel to the protection tunnel. If the protection tunnel is not available, traffic switching is not performed.

Usage guidelines

The following shows the protection switching triggers in the descending order of priority:

· Clear.

· Lockout of protection.

· Forced switch.

· Signal fail on the protection tunnel—The signaling protocol detected a failure on the protection tunnel.

· Signal fail on the working tunnel—The signaling protocol detected a failure on the working tunnel.

· Clear signal fail—The signaling protocol detected that the working or protection tunnel has recovered.

· Manual switch.

If multiple triggers exist, the one with the highest priority determines the tunnel for traffic forwarding.

Before configuring this command, you must enable MPLS protection switching by using the mpls protection command.

You can execute this command only for tunnel bundle interfaces in protection switching mode.

If you execute this command multiple times to specify multiple external commands, the external command with higher priority overwrites the one with lower priority. To change an external command to one with lower priority, first execute the clear command to clear the active external command.

Examples

# On Tunnel-Bundle 2, force traffic to travel on the protection tunnel.

<Sysname> system-view

[Sysname] interface tunnel-bundle 2 protection oneplusone

[Sysname-tunnel-bundle2] protection switch force

Related commands

mpls protection

protection switching-mode bidirectional

Use protection switching-mode bidirectional to configure a protection group to use bidirectional switching.

Use undo protection switching-mode bidirectional to restore the default.

Syntax

protection switching-mode bidirectional

undo protection switching-mode bidirectional

Default

A protection group uses unidirectional switching.

Views

Tunnel bundle interface view

Predefined user roles

network-admin

Usage guidelines

A bidirectional MPLS TE tunnel switches the traffic forwarding path in one of the following modes:

· Unidirectional switching—When an external command or a signal fail indication triggers protection switching for traffic in one direction, PS switches the traffic forwarding tunnel only in this direction. The traffic forwarding tunnel in the other direction does not change.

· Bidirectional switching—When an external command or a signal fail indication triggers protection switching for traffic in one direction, PS switches the traffic forwarding tunnels in both directions.

To implement bidirectional switching, the ingress node and the egress node periodically send Protection State Coordination (PSC) packets to each other to coordinate the protection state. When one tunnel end performs a PS, the other end also performs a PS.

1:1 protection switching supports both unidirectional and bidirectional switching. 1+1 protection switching supports only bidirectional switching.

Bidirectional path switching requires that the working and protection tunnels are both bidirectional tunnels. For bidirectional path switching to function correctly, you must configure bidirectional path switching on both ends of the working tunnel.

Before configuring this command, you must enable MPLS protection switching by using the mpls protection command.

You can execute this command only for tunnel bundle interfaces in protection switching mode.

Examples

# Configure the protection group for interface Tunnel-Bundle 2 to use the bidirectional switching mode.

<Sysname> system-view

[Sysname] interface tunnel-bundle 2 protection onetoone

[Sysname-tunnel-bundle2] protection switching-mode bidirectional

Related commands

mpls protection

protection holdoff

psc message-interval

Use psc message-interval to set the interval for sending PSC messages.

Use undo psc message-interval to restore the default.

Syntax

psc message-interval interval

undo psc message-interval

Default

The PSC message sending interval is 5 seconds.

Views

MPLS protection switching view

Predefined user roles

network-admin

Parameters

interval: Specifies the PSC message sending interval in the range of 1 to 65535 seconds.

Usage guidelines

The two ends of a tunnel periodically send PSC messages to coordinate the protection state for bidirectional path switching.

You can prevent PSC messages from occupying too many system and bandwidth resources by modifying the sending interval as needed.

You can execute this command only after MPLS protection switching is enabled by using the mpls protection command.

Examples

# Set the PSC message sending interval to 10 seconds.

<Sysname> system-view

[Sysname] mpls protection

[sys-mpls-protection] psc message-interval 10

Related commands

mpls protection

protection switching-mode bidirectional

reset counters interface

Use reset counters interface to clear interface statistics.

Syntax

reset counters interface [ tunnel-bundle [ number ] ]

Views

User view

Predefined user roles

network-admin

Parameters

tunnel-bundle: Specifies a tunnel bundle interface.

number: Specifies the tunnel bundle interface number. The tunnel bundle interface must have been created.

Usage guidelines

Use this command to clear old statistics so you can observe new traffic statistics on a tunnel bundle interface.

· If you do not specify the tunnel-bundle keyword, this command clears statistics for all interfaces.

· If you specify only the tunnel-bundle keyword, this command clears statistics for all tunnel bundle interfaces.

· If you specify both the tunnel-bundle keyword and the number argument, this command clears statistics for the specified tunnel bundle interface.

Examples

# Clear statistics for interface Tunnel-Bundle 2.

<Sysname> reset counters tunnel-bundle 2

Related commands

display interface tunnel-bundle

interface tunnel-bundle

service

Use service to specify a primary traffic processing slot for an interface.

Use undo service to restore the default.

Syntax

Distributed devices in standalone mode/centralized devices in IRF mode:

service slot slot-number

undo service slot

Distributed devices in IRF mode:

service chassis chassis-number slot slot-number

undo service chassis

Default

No primary traffic processing slot is specified for an interface.

Views

Tunnel bundle interface view

Predefined user roles

network-admin

Parameters

slot slot-number: Specifies a card by its slot number. (Distributed devices in standalone mode.)

slot slot-number: Specifies an IRF member device by its member ID. (Centralized devices in IRF mode.)

Usage guidelines

The following matrix shows the command and hardware compatibility:

Hardware	Command compatibility
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No
MSR2600-6-X1/2600-10-X1	No
MSR 2630	· In standalone mode: No · In IRF mode: Yes
MSR3600-28/3600-51	· In standalone mode: No · In IRF mode: Yes
MSR3600-28-SI/3600-51-SI	No
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	· In standalone mode: No · In IRF mode: Yes
MSR 3610/3620/3620-DP/3640/3660	· In standalone mode: No · In IRF mode: Yes
MSR5620/5660/5680	Yes

Hardware	Command compatibility
MSR810-LM-GL	No
MSR810-W-LM-GL	No
MSR830-6EI-GL	No
MSR830-10EI-GL	No
MSR830-6HI-GL	No
MSR830-10HI-GL	No
MSR2600-6-X1-GL	No
MSR3600-28-SI-GL	No

Specify a traffic processing slot if MPLS protection switching requires that all traffic on a tunnel bundle interface be processed on the same slot.

For high availability, you can specify one primary and one backup traffic processing slot by using the service command and the service standby command, respectively.

To avoid processing slot switchover, specify the primary slot before specifying the backup slot. If you specify the backup slot before specifying the primary slot, traffic is switched over to the primary slot immediately after you specify the primary slot.

If you specify both primary and backup slots for an interface, traffic on that interface is processed as follows:

· The backup slot takes over when the primary slot becomes unavailable. The backup slot continues to process traffic for the interface after the primary slot becomes available again. The switchover will not occur until the backup slot becomes unavailable.

· When no specified traffic processing slots are available, the traffic is processed on the slot at which it arrives. Then, the processing slot that first becomes available again takes over.

If you do not specify a primary or a backup traffic processing slot for an interface, traffic on that interface is processed on the slot at which the traffic arrives.

Examples

# (Distributed devices in standalone mode.) Specify a primary traffic processing slot for Tunnel-Bundle 2.

<Sysname> system-view

[Sysname] interface tunnel-bundle 2

[Sysname-tunnel-bundle2] service slot 2

# (Centralized devices in IRF mode.) Specify a primary traffic processing slot for Tunnel-Bundle 2.

<Sysname> system-view

[Sysname] interface tunnel-bundle 2

[Sysname-tunnel-bundle2] service slot 2

# (Distributed devices in IRF mode.) Specify a primary traffic processing slot for Tunnel-Bundle 2.

<Sysname> system-view

[Sysname] interface tunnel-bundle 2

[Sysname-tunnel-bundle2] service chassis 2 slot 2

Related commands

service standby

Use service standby to specify a backup traffic processing slot for an interface.

Use undo service standby to restore the default.

Syntax

Distributed devices in standalone mode/centralized devices in IRF mode:

service standby slot slot-number

undo service standby slot

Distributed devices in IRF mode:

service standby chassis chassis-number slot slot-number

undo service standby chassis

Default

No backup traffic processing slot is specified for an interface.

Views

Tunnel bundle interface view

Predefined user roles

network-admin

Parameters

slot slot-number: Specifies a card by its slot number. (Distributed devices in standalone mode.)

slot slot-number: Specifies an IRF member device by its member ID. (Centralized devices in IRF mode.)

Usage guidelines

The following matrix shows the command and hardware compatibility:

Hardware	Command compatibility
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No
MSR2600-6-X1/2600-10-X1	No
MSR 2630	· In standalone mode: No · In IRF mode: Yes
MSR3600-28/3600-51	· In standalone mode: No · In IRF mode: Yes
MSR3600-28-SI/3600-51-SI	No
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	· In standalone mode: No · In IRF mode: Yes
MSR 3610/3620/3620-DP/3640/3660	· In standalone mode: No · In IRF mode: Yes
MSR5620/5660/5680	Yes

Hardware	Command compatibility
MSR810-LM-GL	No
MSR810-W-LM-GL	No
MSR830-6EI-GL	No
MSR830-10EI-GL	No
MSR830-6HI-GL	No
MSR830-10HI-GL	No
MSR2600-6-X1-GL	No
MSR3600-28-SI-GL	No

Specify a traffic processing slot if MPLS protection switching requires that all traffic on a tunnel bundle interface be processed on the same slot.

For high availability, you can specify one primary and one backup traffic processing slot by using the service command and the service standby command, respectively.

If you specify both primary and backup slots for an interface, traffic on that interface is processed as follows:

· When no specified traffic processing slots are available, the traffic is processed on the slot at which it arrives. Then, the processing slot that first becomes available again takes over.

If you do not specify a primary or a backup traffic processing slot for an interface, traffic on that interface is processed on the slot at which the traffic arrives.

Examples

# (Distributed devices in standalone mode.) Specify a primary and a backup traffic processing slot for Tunnel-Bundle 2.

<Sysname> system-view

[Sysname] interface tunnel-bundle 2

[Sysname-tunnel-bundle2] service slot 2

[Sysname-tunnel-bundle2] service standby slot 3

# (Distributed devices in standalone mode.) Specify a primary and a backup traffic processing slot for Tunnel-Bundle 2.

<Sysname> system-view

[Sysname] interface tunnel-bundle 2

[Sysname-tunnel-bundle2] service slot 1

[Sysname-tunnel-bundle2] service standby slot 2

# (Distributed devices in standalone mode.) Specify a primary and a backup traffic processing slot for Tunnel-Bundle 2.

<Sysname> system-view

[Sysname] interface tunnel-bundle 2

[Sysname-tunnel-bundle2] service chassis 2 slot 2

[Sysname-tunnel-bundle2] service standby chassis 1 slot 2

Related commands

service

shutdown

Use shutdown to shut down a tunnel bundle interface and its member interfaces.

Use undo shutdown to bring up a tunnel bundle interface.

Syntax

shutdown

undo shutdown

Default

A tunnel bundle interface is up.

Views

Tunnel bundle interface view

Predefined user roles

network-admin

Examples

# Shut down interface Tunnel-Bundle 2.

<Sysname> system-view

[Sysname] interface tunnel-bundle 2

[Sysname-tunnel-bundle2] shutdown

MCE commands

The following matrix shows the feature and hardware compatibility:

Hardware	MCE compatibility
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No
MSR2600-6-X1/2600-10-X1	Yes
MSR 2630	Yes
MSR3600-28/3600-51	Yes
MSR3600-28-SI/3600-51-SI	No
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes
MSR 3610/3620/3620-DP/3640/3660	Yes
MSR5620/5660/5680	Yes

Hardware	MCE compatibility
MSR810-LM-GL	No
MSR810-W-LM-GL	No
MSR830-6EI-GL	No
MSR830-10EI-GL	No
MSR830-6HI-GL	No
MSR830-10HI-GL	No
MSR2600-6-X1-GL	Yes
MSR3600-28-SI-GL	No

address-family ipv4 (VPN instance view)

Use address-family ipv4 to enter IPv4 VPN view.

Use undo address-family ipv4 to remove all configurations from IPv4 VPN view.

Syntax

address-family ipv4

undo address-family ipv4

Views

VPN instance view

Predefined user roles

network-admin

Usage guidelines

In IPv4 VPN view, you can configure IPv4 VPN parameters such as inbound and outbound routing policies.

Examples

# Enter IPv4 VPN view.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] address-family ipv4

[Sysname-vpn-ipv4-vpn1]

Related commands

address-family ipv6 (VPN instance view)

description (VPN instance view)

Use description to configure a description for a VPN instance.

Use undo description to restore the default.

Syntax

description text

undo description

Default

No description is configured for a VPN instance.

Views

VPN instance view

Predefined user roles

network-admin

Parameters

text: Specifies a description, a case-sensitive string of 1 to 79 characters.

Usage guidelines

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Configure a description of This is vpn1 for VPN instance vpn1.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] description This is vpn1

display ip vpn-instance

Use display ip vpn-instance to display information about VPN instances.

Syntax

display ip vpn-instance [ instance-name vpn-instance-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

instance-name vpn-instance-name: Displays information about the specified VPN instance. The vpn-instance-name argument is a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays brief information about all VPN instances.

Examples

# Display brief information about all VPN instances.

<Sysname> display ip vpn-instance

Total VPN-Instances configured : 1

VPN-Instance Name RD Create time

abc 1:1 2011/05/18 10:48:17

Table 117 Command output

Field	Description
VPN-Instance Name	Name of the VPN instance.
RD	RD of the VPN instance.
Create Time	Time when the VPN instance was created.

# Display detailed information about VPN instance vpn1.

<Sysname> display ip vpn-instance instance-name vpn1

VPN-Instance Name and Index : vpn1, 2

Route Distinguisher : 100:1

VPN ID : 1:1

Description : vpn1

Interfaces : GigabitEthernet2/0/2

Address-family IPv4:

Export VPN Targets :

2:2

Import VPN Targets :

3:3

Export Route Policy : outpolicy

Import Route Policy : inpolicy

Tunnel Policy : tunnel1

Maximum Routes Limit : 500

Threshold Value(%): 50

Address-family IPv6:

Export VPN Targets :

2:2

Import VPN Targets :

3:3

Export Route Policy : outpolicy

Import Route Policy : inpolicy

Tunnel Policy : tunnel1

Maximum Routes Limit :500

Threshold Value(%): 50

export route-policy

Use export route-policy to apply an export routing policy to a VPN instance.

Use undo export route-policy to restore the default.

Syntax

export route-policy route-policy

undo export route-policy

Default

No export routing policy is applied to a VPN instance.

Views

VPN instance view

IPv4 VPN view

IPv6 VPN view

Predefined user roles

network-admin

Parameters

route-policy: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.

Usage guidelines

You can specify an export routing policy to filter advertised routes or modify their route attributes for the VPN instance.

If you execute this command multiple times, the most recent configuration takes effect.

An export routing policy specified in VPN instance view applies to both IPv4 VPN and IPv6 VPN.

An export routing policy specified in IPv4 VPN view or IPv6 VPN view applies only to IPv4 VPN or IPv6 VPN.

If you have specified export routing policies in both IPv4 VPN view and VPN instance view, IPv4 VPN uses the export routing policy specified in IPv4 VPN view.

If you have specified export routing policies in both IPv6 VPN view and VPN instance view, IPv6 VPN uses the export routing policy specified in IPv6 VPN view.

Examples

# Apply export routing policy poly-1 to VPN instance vpn1.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] export route-policy poly-1

# Apply export routing policy poly-2 to IPv4 VPN vpn2.

<Sysname> system-view

[Sysname] ip vpn-instance vpn2

[Sysname-vpn-instance-vpn2] address-family ipv4

[Sysname-vpn-ipv4-vpn2] export route-policy poly-2

# Apply export routing policy poly-3 to IPv6 VPN vpn3.

<Sysname> system-view

[Sysname] ip vpn-instance vpn3

[Sysname-vpn-instance-vpn3] address-family ipv6

[Sysname-vpn-ipv6-vpn3] export route-policy poly-3

Related commands

import route-policy

route-policy (Layer 3—IP Routing Command Reference)

import route-policy

Use import route-policy to apply an import routing policy to a VPN instance.

Use undo import route-policy to restore the default.

Syntax

import route-policy route-policy

undo import route-policy

Default

All routes matching the import target attribute are accepted.

Views

VPN instance view

IPv4 VPN view

IPv6 VPN view

Predefined user roles

network-admin

Parameters

route-policy: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.

Usage guidelines

You can specify an import routing policy to filter received routes or modify their route attributes for the VPN instance.

If you execute this command multiple times, the most recent configuration takes effect.

An import routing policy specified in VPN instance view applies to both IPv4 VPN and IPv6 VPN.

An import routing policy specified in IPv4 VPN view or IPv6 VPN view applies only to the IPv4 VPN or IPv6 VPN.

If you have specified import routing policies in both IPv4 VPN view and VPN instance view, IPv4 VPN uses the import routing policy specified in IPv4 VPN view.

If you have specified import routing policies in both IPv6 VPN view and VPN instance view, IPv6 VPN uses the import routing policy specified in IPv6 VPN view.

Examples

# Apply import routing policy poly-1 to VPN instance vpn1.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] import route-policy poly-1

# Apply import routing policy poly-2 to IPv4 VPN vpn2.

<Sysname> system-view

[Sysname] ip vpn-instance vpn2

[Sysname-vpn-instance-vpn2] address-family ipv4

[Sysname-vpn-ipv4-vpn2] import route-policy poly-2

# Apply import routing policy poly-3 to IPv6 VPN vpn3.

<Sysname> system-view

[Sysname] ip vpn-instance vpn3

[Sysname-vpn-instance-vpn3] address-family ipv6

[Sysname-vpn-ipv6-vpn3] import route-policy poly-3

Related commands

export route-policy

route-policy (Layer 3—IP Routing Command Reference)

ip binding vpn-instance

Use ip binding vpn-instance to associate an interface with a VPN instance.

Use undo ip binding vpn-instance to restore the default.

Syntax

ip binding vpn-instance vpn-instance-name

undo ip binding vpn-instance

Default

An interface is associated with no VPN instance and belongs to the public network.

Views

Interface view

Predefined user roles

network-admin

Parameters

vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters.

Usage guidelines

Use this command to associate the VPN instance with the interface connected to the CE.

This command or its undo form clears the IP address and routing protocol configuration on the interface.

The specified VPN instance must have been created by using the ip vpn-instance command in system view.

To associate a new VPN instance with an interface, first execute the undo ip binding vpn-instance command to remove the existing association.

Examples

# Associate interface GigabitEthernet 2/0/1 with VPN instance vpn1.

<Sysname> system-view

[Sysname] interface gigabitethernet 2/0/1

[Sysname-GigabitEthernet2/0/1] ip binding vpn-instance vpn1

Related commands

ip vpn-instance (system view)

Use ip vpn-instance to create a VPN instance and enter its view, or enter the view of an existing VPN instance.

Use undo ip vpn-instance to delete a VPN instance.

Syntax

ip vpn-instance vpn-instance-name

undo ip vpn-instance vpn-instance-name

Default

No VPN instances exist.

Views

System view

Predefined user roles

network-admin

Parameters

vpn-instance-name: Specifies a VPN instance name, a case-sensitive string of 1 to 31 characters.

Examples

# Create a VPN instance named vpn1 and enter its view.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1]

Related commands

route-distinguisher

route-distinguisher (VPN instance view)

Use route-distinguisher to configure an RD for a VPN instance.

Use undo route-distinguisher to restore the default.

Syntax

route-distinguisher route-distinguisher

undo route-distinguisher

Default

No RD is specified for a VPN instance.

Views

VPN instance view

Predefined user roles

network-admin

Parameters

route-distinguisher: Specifies an RD for the VPN instance, a string of 3 to 21 characters in one of the following formats:

· 16-bit AS number:32-bit user-defined number. For example, 101:3.

· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.

· 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1.

Usage guidelines

RDs enable VPNs to use the same address space. An RD and an IPv4 prefix comprise a unique VPN IPv4 prefix.

To modify an RD, execute the undo route-distinguisher command to remove the RD and then execute the route-distinguisher command.

Examples

# Configure RD 22:1 for VPN instance vpn1.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] route-distinguisher 22:1

routing-table limit

Use routing-table limit to set the maximum number of active routes in a VPN instance.

Use undo routing-table limit to restore the default.

Syntax

routing-table limit number { warn-threshold | simply-alert }

undo routing-table limit

Default

The maximum number of active routes varies by device model. For more information, see the matrix table for the number argument.

Views

VPN instance view

IPv4 VPN view

IPv6 VPN view

Predefined user roles

network-admin

Parameters

number: Specifies the maximum number of active routes.

The following matrix shows the number argument and hardware compatibility:

Hardware	Argument compatibility	Value range	Default
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No	N/A	N/A
MSR2600-6-X1/2600-10-X1	Yes	1 to 51024	51024
MSR 2630	Yes	1 to 51024	51024
MSR3600-28/3600-51	Yes	1 to 51024	51024
MSR3600-28-SI/3600-51-SI	No	N/A	N/A
MSR3610-X1/3610-X1-DP/3610-X1-DC/ 3610-X1-DP-DC	Yes	1 to 101024	101024
MSR 3610/3620/3620-DP/3640/3660	Yes	1 to 101024	101024
MSR5620/5660/5680	Yes	1 to 101024	101024

Hardware	Argument compatibility	Value range	Default
MSR810-LM-GL	No	N/A	N/A
MSR810-W-LM-GL	No	N/A	N/A
MSR830-6EI-GL	No	N/A	N/A
MSR830-10EI-GL	No	N/A	N/A
MSR830-6HI-GL	No	N/A	N/A
MSR830-10HI-GL	No	N/A	N/A
MSR2600-6-X1-GL	Yes	1 to 51024	51024
MSR3600-28-SI-GL	No	N/A	N/A

simply-alert: Specifies that when active routes exceed the maximum number, the system still accepts active routes but generates a log message.

Usage guidelines

Setting the maximum number of active routes for a VPN instance can prevent a PE from learning too many routes.

A limit configured in VPN instance view applies to both the IPv4 VPN and the IPv6 VPN.

A limit configured in IPv4 VPN view or IPv6 VPN view applies only to the IPv4 VPN or the IPv6 VPN.

If you have specified limits in both IPv4 VPN view and VPN instance view, IPv4 VPN uses the limit specified in IPv4 VPN view.

If you have specified limits in both IPv6 VPN view and VPN instance view, IPv6 VPN uses the limit specified in IPv6 VPN view.

Examples

# Specify that VPN instance vpn1 supports a maximum of 1000 active routes. When active routes exceed this limit, the device can receive new active routes but generates a log message.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] route-distinguisher 100:1

[Sysname-vpn-instance-vpn1] routing-table limit 1000 simply-alert

# Specify that the IPv4 VPN vpn2 supports a maximum of 1000 active routes. When active routes exceed this limit, the device can receive new active routes but generates a log message.

<Sysname> system-view

[Sysname] ip vpn-instance vpn2

[Sysname-vpn-instance-vpn2] route-distinguisher 100:2

[Sysname-vpn-instance-vpn2] address-family ipv4

[Sysname-vpn-ipv4-vpn2] routing-table limit 1000 simply-alert

# Specify that the IPv6 VPN vpn3 supports a maximum of 1000 active routes. When active routes exceed this limit, the device can receive new active routes but generates a log message.

<Sysname> system-view

[Sysname] ip vpn-instance vpn3

[Sysname-vpn-instance-vpn3] route-distinguisher 100:3

[Sysname-vpn-instance-vpn3] address-family ipv6

[Sysname-vpn-ipv4-vpn3] routing-table limit 1000 simply-alert

vpn-id

Use vpn-id to configure a VPN ID for a VPN instance.

Use undo vpn-id to restore the default.

Syntax

vpn-id vpn-id

undo vpn-id

Default

No VPN ID is configured for a VPN instance.

Views

VPN instance view

Predefined user roles

network-admin

Parameters

vpn-id: Specifies a VPN ID for the VPN instance, in the form of OUI:Index. Both OUI and Index are hex numbers. The OUI is in the range of 0 to FFFFFF, and the index is in the range of 0 to FFFFFFFF.

Usage guidelines

A VPN ID uniquely identifies a VPN instance. Different VPN instances must have different VPN IDs.

A VPN ID cannot be 0:0.

Examples

# Configure VPN ID 20:1 for VPN instance vpn1.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] vpn-id 20:1

Related commands

display ip vpn-instance

vpn-instance-capability simple (OSPF view)

Use vpn-instance-capability simple to disable routing loop detection for a VPN OSPF process.

Use undo vpn-instance-capability to enable routing loop detection for a VPN OSPF process.

Syntax

vpn-instance-capability simple

undo vpn-instance-capability

Default

Routing loop detection is enabled for a VPN OSPF process.

Views

OSPF view

Predefined user roles

network-admin

Usage guidelines

For the MCE to receive OSPF routes from the PE, you must disable routing loop detection for a VPN OSPF process on the MCE.

This command is applicable only to VPN OSPF processes.

Examples

# Disable routing loop detection for VPN OSPF process 100.

<Sysname> system-view

[Sysname] ospf 100 vpn-instance vpna

[Sysname-ospf-100] vpn-instance-capability simple

vpn-target (VPN instance view/IPv4 VPN view/IPv6 VPN view)

Use vpn-target to configure route targets for a VPN instance.

Use undo vpn-target to remove the specified or all route targets of a VPN instance.

Syntax

vpn-target vpn-target&<1-8> [ both | export-extcommunity | import-extcommunity ]

undo vpn-target { all | vpn-target&<1-8> [ both | export-extcommunity | import-extcommunity ] }

Default

No route targets are configured for a VPN instance.

Views

VPN instance view

IPv4 VPN view

IPv6 VPN view

Predefined user roles

network-admin

Parameters

vpn-target&<1-8>: Specifies a space-separated list of route targets. You can specify a maximum of eight route targets each time you execute this command.

A route target is a string of 3 to 21 characters in one of the following formats:

· 16-bit AS number:32-bit user-defined number. For example, 101:3.

· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.

· 32-bit AS number:16-bit user-defined number, where the AS number must not be less than 65536. For example, 65536:1.

export-extcommunity: Uses the specified route targets as export targets.

import-extcommunity: Uses the specified route targets as import targets.

all: Removes all route targets.

Usage guidelines

Route targets configured in VPN instance view are applicable to both the IPv4 VPN and the IPv6 VPN.

Route targets configured in IPv4 VPN view or IPv6 VPN view are applicable only to the IPv4 VPN or IPv6 VPN.

Examples

# Configure route targets for VPN instance vpn1.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] vpn-target 3:3 export-extcommunity

[Sysname-vpn-instance-vpn1] vpn-target 4:4 import-extcommunity

[Sysname-vpn-instance-vpn1] vpn-target 5:5 both

# Configure route targets for IPv4 VPN vpn2.

<Sysname> system-view

[Sysname] ip vpn-instance vpn2

[Sysname-vpn-instance-vpn2] address-family ipv4

[Sysname-vpn-ipv4-vpn2] vpn-target 3:3 export-extcommunity

[Sysname-vpn-ipv4-vpn2] vpn-target 4:4 import-extcommunity

[Sysname-vpn-ipv4-vpn2] vpn-target 5:5 both

# Configure route targets for IPv6 VPN vpn3.

<Sysname> system-view

[Sysname] ip vpn-instance vpn3

[Sysname-vpn-instance-vpn3] address-family ipv6

[Sysname-vpn-ipv6-vpn3] vpn-target 3:3 export-extcommunity

[Sysname-vpn-ipv6-vpn3] vpn-target 4:4 import-extcommunity

[Sysname-vpn-ipv6-vpn3] vpn-target 5:5 both

IPv6 MCE commands

This chapter describes only IPv6 MCE-specific commands. For information about the commands available for both IPv4 MCE and IPv6 MCE, see "MCE commands."

The following matrix shows the feature and hardware compatibility:

Hardware	IPv6 MCE compatibility
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No
MSR2600-6-X1/2600-10-X1	Yes
MSR 2630	Yes
MSR3600-28/3600-51	Yes
MSR3600-28-SI/3600-51-SI	No
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes
MSR 3610/3620/3620-DP/3640/3660	Yes
MSR5620/5660/5680	Yes

address-family ipv6 (VPN instance view)

Use address-family ipv6 to enter IPv6 VPN view.

Use undo address-family ipv6 to remove all configurations from IPv6 VPN view.

Syntax

address-family ipv6

undo address-family ipv6

Views

VPN instance view

Predefined user roles

network-admin

Usage guidelines

In IPv6 VPN view, you can configure IPv6 VPN parameters such as inbound and outbound routing policies.

Examples

# Enter IPv6 VPN view.

<Sysname> system-view

[Sysname] ip vpn-instance vpn1

[Sysname-vpn-instance-vpn1] address-family ipv6

[Sysname-vpn-ipv6-vpn1]

Related commands

address-family ipv4 (VPN instance view)

vpn-instance-capability simple (OSPFv3 view)

Use vpn-instance-capability simple to disable routing loop detection for a VPN OSPFv3 process.

Use undo vpn-instance-capability to enable routing loop detection for a VPN OSPFv3 process.

Syntax

vpn-instance-capability simple

undo vpn-instance-capability

Default

Routing loop detection is enabled for a VPN OSPFv3 process.

Views

OSPFv3 view

Predefined user roles

network-admin

Usage guidelines

For the MCE to receive OSPFv3 routes from the PE, you must disable routing loop detection for a VPN OSPFv3 process on the MCE.

This command is applicable only to VPN OSPFv3 processes.

Examples

# Disable routing loop detection for VPN OSPFv3 process 100.

<Sysname> system-view

[Sysname] ospfv3 100 vpn-instance vpn1

[Sysname-ospfv3-100] vpn-instance-capability simple

Static SR over MPLS commands

The following matrix shows the feature and hardware compatibility:

Hardware	Static SR over MPLS compatibility
MSR810/810-W/810-W-DB/810-LM/810-W-LM/810-10-PoE/810-LM-HK/810-W-LM-HK/810-LMS/810-LUS	No
MSR2600-6-X1/2600-10-X1	Yes
MSR 2630	Yes
MSR3600-28/3600-51	Yes
MSR3600-28-SI/3600-51-SI	No
MSR3610-X1/3610-X1-DP/3610-X1-DC/3610-X1-DP-DC	Yes
MSR 3610/3620/3620-DP/3640/3660	Yes
MSR5620/5660/5680	Yes

Hardware	Static SR over MPLS compatibility
MSR810-LM-GL	No
MSR810-W-LM-GL	No
MSR830-6EI-GL	No
MSR830-10EI-GL	No
MSR830-6HI-GL	No
MSR830-10HI-GL	No
MSR2600-6-X1-GL	Yes
MSR3600-28-SI-GL	No

display mpls static-sr-mpls

Use display mpls static-sr-mpls to display static SRLSP and adjacency segment information.

Syntax

display mpls static-sr-mpls { lsp [ lsp-name ] | adjacency [ adjacency-path-name ] }

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

lsp lsp-name: Specifies a static SRLSP by its name, a case-sensitive string of 1 to 15 characters. If you do not specify the lsp-name argument, the command displays information about all static SRLSPs.

adjacency adjacency-path-name: Specifies an adjacency segment by its name, a case-sensitive string of 1 to 15 characters. If you do not specify the adjacency-path-name argument, the command displays information about all adjacency segments.

Examples

# Display information about static SRLSP lsp1.

<Sysname> display mpls static-sr-mpls lsp lsp1

Name : lsp1

Type : LSP

In-Label : -

Out-Label : 60,70,80

Out-Interface : GE1/0/1

Nexthop : 20.1.1.2

State : Up

Table 118 Command output

Field	Description
Name	Name of the static SRLSP or adjacency segment.
Type	Information type: · LSP—Static SRLSP information. · Adjacency—Adjacency segment information.
In-Label	Incoming label.
Out-Label	Outgoing label.
Out-Interface	Output interface.
Nexthop	Next hop address.
State	Status of the static SRLSP or adjacency segment: · Down. · Up.

Related commands

static-sr-mpls lsp

static-sr-mpls adjacency

display mpls static-sr-mpls prefix

Use display mpls static-sr-mpls prefix to display prefix segment information.

Syntax

display mpls static-sr-mpls prefix [ path prefix-path-name | destination ip-address [ mask | mask-length ] ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

path prefix-path-name: Specifies a prefix segment by its name, a case-sensitive string of 1 to 15 characters.

destination ip-address: Specifies the destination IP address of the prefix segment.

mask: Specifies the mask.

mask-length: Specifies the mask length, in the range of 0 to 32.

Usage guidelines

If you do not specify any parameters, this command displays information about all prefix segments.

Examples

# Display information about all prefix segments.

<Sysname> display mpls static-sr-mpls prefix

Prefix Name : prefixname

Destination : 2.2.2.2/32

In-Label : 1024

Active : Yes(1)

Out-Interface : GE0/0/1

Nexthop : 10.0.0.2

Out-Label : 600000

Status : up

Out-Interface : GE0/0/2

Nexthop : 11.0.0.2

Out-Label : 600002

Status : down(No Route)

Out-Interface : GE0/0/3

Nexthop : 12.0.0.2

Out-Label : 600001

Status : down(No Mpls)

Table 119 Command output

Field	Description
Prefix Name	Name of the prefix segment.
Destination	Destination IP address of the prefix segment.
In-Label	Incoming label of the prefix segment.
Active	Status of the prefix segment: · Yes(count)—The prefix segment is active. The value of count represents the number of egresses in up status. · No—The prefix segment is inactive.
Out-Label	Outgoing label of the prefix segment.
Status	Status of the egress: · down—The egress is inactive. The cause is displayed in brackets, which can be No Route or No Mpls. No Route means that the device has no route to reach the destination IP address over the output interface. No Mpls means that MPLS is disabled on the output interface. · up—The egress is active. · duplicate—An egress conflict has occurred because the output interface is already used by another prefix segment.

Related commands

static-sr-mpls prefix

mpls te static-sr-mpls

Use mpls te static-sr-mpls to bind a static SRLSP to an MPLS TE tunnel interface.

Use undo mpls te static-sr-mpls to unbind a static SRLSP from an MPLS TE tunnel interface.

Syntax

mpls te static-sr-mpls lsp-name [ backup ]

undo mpls te static-sr-mpls lsp-name

Default

An MPLS TE tunnel interface does not use any static SRLSPs.

Views

Tunnel interface view

Predefined user roles

network-admin

Parameters

lsp-name: Specifies a static SRLSP by its name, a case-sensitive string of 1 to 15 characters. The specified static SRLSP must be already created by using the static-sr-mpls lsp command.

backup: Specifies the backup static SRLSP. If you do not specify this keyword, this command specifies the main static SRLSP.

Usage guidelines

This command takes effect only if you have configured the mpls te signaling static command in tunnel interface view.

Execute this command only on the ingress node of a static SRLSP.

If you execute the mpls te static-sr-mpls and mpls te static-cr-lsp commands on a device, only the mpls te static-cr-lsp command takes effect. For the mpls te static-sr-mpls command to take effect, execute the undo mpls te static-cr-lsp command.

Examples

# Bind static SRLSP static-sr-3 to MPLS TE tunnel interface 0.

<Sysname> system-view

[Sysname] interface tunnel 0 mode mpls-te

[Sysname-Tunnel0] mpls te static-sr-mpls static-sr-3

Related commands

display mpls te tunnel-interface

mpls te signaling

static-sr-mpls lsp

static-sr-mpls adjacency

Use static-sr-mpls adjacency to configure an adjacency segment for static SR.

Use undo static-sr-mpls adjacency to delete an adjacency segment.

Syntax

static-sr-mpls adjacency adjacency-path-name in-label label-value { nexthop ip-address | outgoing-interface interface-type interface-number }

undo static-sr-mpls adjacency adjacency-path-name

Default

No adjacency segments exist.

Views

System view

Predefined user roles

network-admin

Parameters

adjacency-path-name: Specifies the adjacency segment name, a case-sensitive string of 1 to 15 characters.

in-label label-value: Specifies the incoming label in the range of 16 to 1023.

nexthop ip-address: Specifies the next hop address.

outgoing-interface interface-type interface-number: Specifies an output interface by its type and number. The output interface must be a P2P interface.

Usage guidelines

Execute this command on all nodes of a static SRLSP.

If you specify the next hop address, make sure the following requirements are met:

· The device has a route to reach the next hop address.

· MPLS is enabled on the output interface of the route.

If you specify an output interface, make sure the following requirements are met:

· The interface is up.

· The interface can receive direct routes.

· MPLS is enabled on the interface.

On a device, the incoming label specified by this command must be different than other static LSPs, static PWs, and static CRLSPs. If not, the configured adjacency segment is unavailable. The adjacency segment cannot become available even if you change the incoming label of the static LSP, static PW, or static CRLSP. To resolve this problem, you must delete the existing adjacency segment and configure a new one with a different incoming label.

Examples

# Configure adjacency segment adj1, and specify the incoming label as 100 and the next hop address as 12.2.1.2.

<Sysname> system-view

[Sysname] static-sr-mpls adjacency adj1 in-label 100 nexthop 12.2.1.2

Related commands

static-sr-mpls lsp

display static-sr-mpls

static-sr-mpls lsp

Use static-sr-mpls lsp to configure a static SRLSP.

Use undo static-sr-mpls lsp to delete a static SRLSP.

Syntax

static-sr-mpls lsp lsp-name out-label out-label-value&<1-5>

undo static-sr-mpls lsp lsp-name

Default

No static SRLSPs exist.

Views

System view

Predefined user roles

network-admin

Parameters

lsp-name: Specifies the static SRLSP name, a case-sensitive string of 1 to 15 characters.

out-label out-label-value&<1-5>: Specifies a space-separated list of up to five outgoing labels from outer to inner in the label stack. The value range for the out-label-value argument is 0, 3, and 16 to 1048575.

Usage guidelines

Execute this command only on the ingress node of a static SRLSP.

The outgoing labels specified by this command represent the incoming labels of the adjacency segments that a static SRLSP traverses in sequence. The outermost label must use the incoming label of the first adjacency segment that the static SRLSP traverses.

Examples

# Configure static SRLSP lsp1, and specify the outgoing labels as 100 and 200.

<Sysname> system-view

[Sysname] static-sr-mpls lsp lsp1 out-label 100 200

Related commands

static-sr-mpls adjacency

display static-sr-mpls

static-sr-mpls prefix

Use static-sr-mpls prefix to configure a prefix segment for static SR.

Use undo static-sr-mpls prefix to delete a prefix segment.

Syntax

static-sr-mpls prefix prefix-path-name destination ip-address { mask | mask-length } in-label in-label-value [ { nexthop ip-address | output-interface interface-type interface-number } out-label out-label-value ]

undo static-sr-mpls prefix prefix-path-name [ destination ip-address { mask | mask-length } in-label in-label-value [ nexthop ip-address | output-interface interface-type interface-number ] ]

Default

No prefix segments exist.

Views

System view

Predefined user roles

network-admin

Parameters

prefix-path-name: Specifies the prefix segment name, a case-sensitive string of 1 to 15 characters.

destination ip-address: Specifies the destination IP address.

mask: Specifies the mask.

mask-length: Specifies the mask length, in the range of 0 to 32.

in-label label-value: Specifies the incoming label. The value range depends on the device model.

nexthop ip-address: Specifies the next hop address.

outgoing-interface interface-type interface-number: Specifies an output interface by its type and number. The output interface must be a P2P interface.

out-label out-label-value: Specifies the outgoing label, in the range of 0, 3, and 16 to 1048575.

Usage guidelines

Execute this command on all nodes of a static SRLSP.

A prefix segment must use the next hop or output interface of the optimal route to the destination address of the prefix segment. You can configure multiple prefix segments to the destination address for load sharing if the optimal route has more than one next hops or output interfaces. To avoid configuration failure, make sure all prefix segments use the same prefix segment name, incoming label, and outgoing label.

If you specify only the prefix-path-name argument, the undo static-sr-mpls prefix command deletes all prefix segments with the specified name. If you specify all parameters, only the prefix segment that matches the specified name, destination IP address, and next hop or output interface is deleted.

Examples

# Configure prefix segment prefix1, set the destination IP address, incoming label, outgoing label, and next hop to 2.2.2.2, 16000, 16001, and 10.0.0.2, respectively.

<Sysname> system-view

[Sysname] static-sr-mpls prefix prefix1 destination 2.2.2.2 32 in-label 16000 nexthop 10.0.0.2 out-label 16001

Related commands

display mpls static-sr-mpls prefix

Index

A B C D E F G H I K L M N P R S T V X

ac interface,293

accept-label,63

address-family ipv4 (VPN instance view),395

address-family ipv4 (VPN instance view),229

address-family ipv6 (VPN instance view),407

address-family ipv6 (VPN instance view),270

address-family l2vpn,294

address-family vpnv4,230

address-family vpnv6,271

advertise-label,64

authentication challenge,180

authentication key,181

authentication lifetime,183

authentication window-size,184

auto-bandwidth enable,84

auto-discovery,295

auto-tunnel backup,85

backoff,32

backup-peer,295

bandwidth,370

bandwidth,297

bandwidth,339

bfd discriminator,349

bfd ip-router-alert,350

ccc,297

connection,299

connection remote-site-id,299

control-word enable,300

default,371

default,340

default-nexthop,301

description,340

description,372

description (cross-connect group view),302

description (VPN instance view),395

description (VPN instance view),231

destination,86

destination,372

disable,86

disable-dn-bit-check,271

disable-dn-bit-set,272

display bgp l2vpn signaling,302

display bgp routing-table ipv4 unicast inlabel,231

display bgp routing-table ipv4 unicast outlabel,232

display bgp routing-table vpnv4,234

display bgp routing-table vpnv4 inlabel,242

display bgp routing-table vpnv4 outlabel,243

display bgp routing-table vpnv6,273

display bgp routing-table vpnv6 inlabel,281

display bgp routing-table vpnv6 outlabel,282

display explicit-path,87

display interface,341

display interface tunnel-bundle,373

display ip vpn-instance,245

display ip vpn-instance,396

display isis mpls te advertisement,88

display isis mpls te configured-sub-tlvs,91

display isis mpls te network,92

display isis mpls te tunnel,93

display l2vpn bgp,306

display l2vpn forwarding,308

display l2vpn interface,311

display l2vpn ldp,312

display l2vpn pw,314

display l2vpn pw bfd,351

display l2vpn pw-class,317

display l2vpn xconnect-group,318

display mpls bfd,352

display mpls forwarding ilm,1

display mpls forwarding nhlfe,3

display mpls forwarding protection,376

display mpls interface,5

display mpls label,5

display mpls ldp discovery,33

display mpls ldp fec,36

display mpls ldp igp sync,65

display mpls ldp interface,40

display mpls ldp lsp,41

display mpls ldp parameter,43

display mpls ldp peer,44

display mpls ldp summary,48

display mpls lsp,6

display mpls lsp statistics,12

display mpls nib,13

display mpls nid,14

display mpls protection,378

display mpls static-cr-lsp,175

display mpls static-lsp,27

display mpls static-sr-mpls,409

display mpls static-sr-mpls prefix,410

display mpls summary,15

display mpls te ds-te,94

display mpls te link-management bandwidth-allocation,95

display mpls te pce discovery,96

display mpls te pce peer,99

display mpls te pce statistics,101

display mpls te tedb,102

display mpls te tunnel-interface,108

display mpls tunnel,224

display ospf mpls te advertisement,111

display ospf mpls te network,113

display ospf mpls te pce,114

display ospf mpls te tunnel,116

display ospf sham-link,246

display ospfv3 sham-link,283

display rsvp,186

display rsvp authentication,188

display rsvp lsp,192

display rsvp peer,195

display rsvp request,196

display rsvp reservation,198

display rsvp sender,200

display rsvp statistics,204

display tunnel-bundle,381

display tunnel-bundle,117

domain-id (OSPF view),247

domain-id (OSPFv3 view),285

dscp,207

dscp,49

ds-te bc-model,119

ds-te mode,121

ds-te te-class,120

explicit-path,122

export route-policy,397

export route-policy,248

ext-community-type (OSPF view),249

ext-community-type (OSPFv3 view),286

fast-reroute timer,122

ftn enable,16

graceful-restart,50

graceful-restart enable,207

graceful-restart timer,50

hello interval,208

hello lost,209

igp sync delay,66

igp sync delay on-restart,67

import bgp,68

import route-policy,398

import route-policy,250

interface tunnel-bundle,123

interface tunnel-bundle protection,382

interface ve-l2vpn,344

interface ve-l3vpn,345

interworking,320

ip binding vpn-instance,399

ip binding vpn-instance,251

ip vpn-instance (system view),400

ip vpn-instance (system view),252

ipv6 accept-label,77

ipv6 advertise-label,78

ipv6 import bgp,80

ipv6 lsp-trigger,79

keep-multiplier,209

l2vpn enable,321

l2vpn switchover,321

label-distribution,52

link-management periodic-flooding timer,124

loop-detect,53

lsp-trigger,69

lsr-id,53

maxhops,54

md5-authentication,55

member interface,125

member interface,384

mpls bfd (for LSP),354

mpls bfd (for TE tunnel),356

mpls bfd enable,354

mpls enable,17

mpls forwarding split-horizon,17

mpls label advertise,18

mpls ldp,56

mpls ldp enable,70

mpls ldp igp sync disable,71

mpls ldp ipv6 enable,81

mpls ldp sync (IS-IS view),72

mpls ldp sync (OSPF view/OSPF area view),73

mpls ldp timer,57

mpls ldp transport-address,81

mpls ldp transport-address,73

mpls lsr-id,19

mpls mtu,19

mpls periodic-tracert (for LSP),358

mpls protection,384

mpls statistics,20

mpls statistics interval,21

mpls te,126

mpls te affinity-attribute,127

mpls te auto-bandwidth,128

mpls te auto-tunnel backup disable,129

mpls te backup,130

mpls te backup bandwidth,131

mpls te backup-path,132

mpls te bandwidth,134

mpls te bandwidth change thresholds,135

mpls te bidirectional,135

mpls te enable (interface view),138

mpls te enable (IS-IS view),138

mpls te enable (OSPF area view),139

mpls te fast-reroute,140

mpls te fast-reroute bypass-tunnel,141

mpls te igp advertise,142

mpls te igp metric,143

mpls te igp shortcut,144

mpls te link-attribute,145

mpls te loop-detection,146

mpls te max-link-bandwidth,147

mpls te max-reservable-bandwidth,147

mpls te max-reservable-bandwidth mam,148

mpls te max-reservable-bandwidth rdm,150

mpls te metric,151

mpls te path,151

mpls te path-metric-type,152

mpls te priority,153

mpls te record-route,154

mpls te reoptimization (tunnel interface view),155

mpls te reoptimization (user view),156

mpls te resv-style,156

mpls te retry,157

mpls te route-pinning,158

mpls te service-class,158

mpls te signaling,159

mpls te static-cr-lsp,160

mpls te static-sr-mpls,411

mpls te timer retry,161

mpls ttl expiration enable,22

mpls ttl propagate,23

mpls-forwarding statistics prefix-list,24

mtu,322

mtu,346

nesting-vpn,252

nexthop,161

nhop-only,162

non-stop-routing,59

path-metric-type,163

pce address,164

pce deadtimer,165

pce keepalive,165

pce request-timeout,166

pce static,167

pce tolerance,168

peer,323

peer,210

peer next-hop-invariable,287

peer next-hop-invariable,253

peer signaling,324

peer upe,254

peer upe route-policy,254

ping mpls ipv4,359

ping mpls pw,362

ping mpls te,363

policy vpn-target,287

policy vpn-target,325

policy vpn-target,255

ppp ipcp ignore local-ip,326

ppp ipcp proxy,326

preferred-path,225

protection dual-receive,327

protection holdoff,385

protection revertive,386

protection switch,387

protection switching-mode bidirectional,388

psc message-interval,389

pv-limit,60

pw-class (auto-discovery cross-connect group view),328

pw-class (system view),329

pw-type,329

refresh interval,211

reset counters interface,346

reset counters interface,390

reset mpls ldp,61

reset mpls statistics,24

reset mpls te auto-bandwidth-adjustment timers,168

reset mpls te pce statistics,169

reset rsvp authentication,212

reset rsvp statistics,213

revertive,331

route-distinguisher,331

route-distinguisher (VPN instance view),401

route-distinguisher (VPN instance view),256

route-replicate,257

route-tag (OSPF view),258

route-tag (OSPFv3 view),288

route-tag-check enable,289

routing-table limit,259

routing-table limit,402

rr-filter,332

rr-filter (BGP VPNv4 address family view),260

rr-filter (BGP VPNv6 address family view),290

rsvp,213

rsvp authentication challenge,214

rsvp authentication key,215

rsvp authentication lifetime,216

rsvp authentication window-size,218

rsvp bfd enable,219

rsvp enable,220

rsvp hello enable,220

rsvp reduction retransmit increment,221

rsvp reduction retransmit interval,222

rsvp reduction srefresh,222

select-seq load-balance-number,227

sequencing,333

service,390

service standby,392

session protection,75

sham-link (OSPF area view),261

sham-link (OSPFv3 area view),291

shutdown,394

shutdown,347

shutdown (cross-connect group view),334

site,334

snmp context-name,263

snmp-agent trap enable l2vpn,335

snmp-agent trap enable l3vpn,264

snmp-agent trap enable ldp,62

snmp-agent trap enable mpls,26

snmp-agent trap enable te,169

static-cr-lsp egress,177

static-cr-lsp ingress,177

static-cr-lsp transit,178

static-lsp egress,28

static-lsp ingress,29

static-lsp transit,30

static-sr-mpls adjacency,412

static-sr-mpls lsp,413

static-sr-mpls prefix,414

targeted-peer,76

targeted-peer,82

te-subtlv,170

timers removal unused,171

tnl-policy,264

tracert mpls ipv4,364

tracert mpls te,366

tunnel route-static,171

tunnel-number,172

tunnel-policy,227

tunnel-policy (auto-discovery cross-connect view),336

vccv bfd,367

vccv cc,368

vpn popgo,266

vpn-id,403

vpn-id,266

vpn-instance,62

vpn-instance-capability simple (OSPF view),404

vpn-instance-capability simple (OSPFv3 view),408

vpn-route cross multipath,267

vpn-target,337

vpn-target (VPN instance view/IPv4 VPN view/IPv6 VPN view),268

vpn-target (VPN instance view/IPv4 VPN view/IPv6 VPN view),404

xconnect-group,338

10-MPLS Command Reference

Basic MPLS commands

mpls forwarding split-horizon

snmp-agent trap enable ldp

MPLS TE commands

auto-bandwidth enable

auto-tunnel backup

display explicit-path

display isis mpls te advertisement

display mpls te link-management bandwidth-allocation

display mpls te pce discovery

display ospf mpls te advertisement

ds-te te-class

explicit-path

link-management periodic-flooding timer

mpls te auto-tunnel backup disable

mpls te bandwidth

mpls te enable (interface view)

mpls te enable (IS-IS view)

mpls te enable (OSPF area view)

mpls te igp metric

mpls te max-link-bandwidth

mpls te max-reservable-bandwidth mam

mpls te max-reservable-bandwidth rdm

mpls te metric

mpls te path

mpls te reoptimization (tunnel interface view)

mpls te signaling