Login
- Table of Contents
-
- 13-Layer 3—IP Services Command Reference
- 00-Preface
- 01-IP addressing commands
- 02-IP forwarding basics commands
- 03-Fast forwarding commands
- 04-ARP commands
- 05-IPv6 basics commands
- 06-IPv6 fast forwarding commands
- 07-DHCP commands
- 08-DHCPv6 commands
- 09-DNS commands
- 10-IP performance optimization commands
- 11-Multi-CPU packet distribution commands
- 12-WAAS commands
- 13-Adjacency table commands
- 14-Web caching commands
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 02-IP forwarding basics commands | 105.54 KB |
Basic IP forwarding commands
display fib
Use display fib to display FIB entries.
Syntax
display fib [ vpn-instance vpn-instance-name ] [ ip-address [ mask | mask-length ] ]
Views
Any view
Predefined user roles
network-admin
network-operator
context-admin
context-operator
Parameters
vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. To display the FIB entries for the public network, do not specify any VPN instance.
ip-address: Displays the FIB entry that matches the specified destination IP address.
mask: Specifies the mask for the IP address.
mask-length: Specifies the mask length for the IP address. The value range is 0 to 32.
Usage guidelines
If you specify an IP address without a mask or mask length, this command displays the longest matching FIB entry.
If you specify an IP address and a mask or mask length, this command displays the exactly matching FIB entry.
Examples
# Display all FIB entries of the public network.
<Sysname> display fib
Destination count: 5 FIB entry count: 5
Flag:
U:Useable G:Gateway H:Host B:Blackhole D:Dynamic S:Static
R:Relay F:FRR
Destination/Mask Nexthop Flag OutInterface/Token Label
0.0.0.0/32 127.0.0.1 UH InLoop0 Null
192.168.100.0/24 192.168.100.96 U GE1/0/0 Null
127.0.0.0/8 127.0.0.1 U InLoop0 Null
127.0.0.0/32 127.0.0.1 UH InLoop0 Null
127.0.0.1/32 127.0.0.1 UH InLoop0 Null
# Display the FIB entries for VPN vpn1.
<Sysname> display fib vpn-instance vpn1
Destination count: 6 FIB entry count: 6
Flag:
U:Useable G:Gateway H:Host B:Blackhole D:Dynamic S:Static
R:Relay F:FRR
Destination/Mask Nexthop Flag OutInterface/Token Label
0.0.0.0/32 127.0.0.1 UH InLoop0 Null
20.20.20.0/24 20.20.20.25 U GE1/0/0 Null
20.20.20.0/32 20.20.20.25 UBH GE1/0/0 Null
20.20.20.25/32 127.0.0.1 UH InLoop0 Null
20.20.20.25/32 20.20.20.25 H GE1/0/0 Null
20.20.20.255/32 20.20.20.25 UBH GE1/0/0 Null
# Display the FIB entries matching the destination IP address 10.2.1.1.
<Sysname> display fib 10.2.1.1
Destination count: 1 FIB entry count: 1
Flag:
U:Useable G:Gateway H:Host B:Blackhole D:Dynamic S:Static
R:Relay F:FRR
Destination/Mask Nexthop Flag OutInterface/Token Label
10.2.1.1/32 127.0.0.1 UH InLoop0 Null
Table 1 Command output
|
Field |
Description |
|
Destination count |
Total number of destination addresses. |
|
FIB entry count |
Total number of FIB entries. |
|
Destination/Mask |
Destination address and the mask length. |
|
Nexthop |
Next hop address. |
|
Flag |
Flags of routes: · U—Usable route. · G—Gateway route. · H—Host route. · B—Blackhole route. · D—Dynamic route. · S—Static route. · R—Relay route. · F—Fast reroute. |
|
OutInterface/Token |
Output interface/LSP index number. |
|
Label |
Inner label. |
ip last-hop hold
Use ip last-hop hold to enable last hop holding.
Use undo ip last-hop hold to disable last hop holding.
Syntax
ip last-hop hold
undo ip last-hop hold
The following compatibility matrix shows the support of hardware platforms for this command:
|
Hardware series |
Models |
Command compatibility |
|
F50X0 series |
F5010, F5020, F5020-GM, F5030, F5030-6GW, F5040, F5060, F5080, F5000-A, F5000-C, F5000-S, F5000-M |
Yes |
|
F5000-CN series |
F5000-CN30, F5000-CN60 |
Yes |
|
F5000-AI series |
F5000-AI-15, F5000-AI-20, F5000-AI-40 |
Yes |
|
F5000-V series |
F5000-V30 |
Yes |
|
F1000-AI series |
F1000-AI-05, F1000-AI-10, F1000-AI-15, F1000-AI-20, F1000-AI-25, F1000-AI-30, F1000-AI-35, F1000-AI-50, F1000-AI-55, F1000-AI-60, F1000-AI-65, F1000-AI-70, F1000-AI-75, F1000-AI-80, F1000-AI-90 |
Yes |
|
F1000-L series |
F1003-L, F1005-L, F1010-L |
Yes |
|
F10X0 series |
F1005, F1010, F1020, F1020-GM, F1030, F1030-GM, F1050, F1060, F1070, F1070-GM, F1070-GM-L, F1080, F1090 |
Yes |
|
F1000-V series |
F1000-V50, F1000-V60, F1000-V70, F1000-V90 |
Yes |
|
F1000-SASE series |
F1000-SASE100, F1000-SASE200 |
Yes |
|
F1000-AK series |
F1000-AK108, F1000-AK109, F1000-AK110, F1000-AK115, F1000-AK120, F1000-AK125, F1000-AK130, F1000-AK135, F1000-AK140, F1000-AK145, F1000-AK150, F1000-AK155, F1000-AK160, F1000-AK165, F1000-AK170, F1000-AK175, F1000-AK180, F1000-AK185, F1000-GM-AK370, F1000-GM-AK380, F1000-AK710, F1000-AK711, F1000-AK1010, F1000-AK1020, F1000-AK1030, F1000-AK1110, F1000-AK1120, F1000-AK1130, F1000-AK1140, F1000-AK1150, F1000-AK1160, F1000-AK1170, F1000-AK1180, F1000-AK1212, F1000-AK1222, F1000-AK1232, F1000-AK1242, F1000-AK1252, F1000-AK1262, F1000-AK1272, F1000-AK1312, F1000-AK1322, F1000-AK1332, F1000-AK1342, F1000-AK1352, F1000-AK1362, F1000-AK1414, F1000-AK1424, F1000-AK1434, F1000-AK1514, F1000-AK1524, F1000-AK1534, F1000-AK1614, F1000-AK9110, F1000-AK9210 |
Yes |
|
IM-NGFWX-IV, LSPM6FWD, LSPM6FWDB, LSQM1FWDSC0, LSQM2FWDSC0, LSU3FWCEA0, LSUM1FWCEAB0, LSUM1FWDEC0, LSWM1FWD0, LSX1FWCEA1, LSXM1FWDF1 |
Yes |
|
|
vFW series |
vFW1000, vFW2000 |
No |
Default
Last hop holding is disabled.
Views
Layer 3 Ethernet interface view
Layer 3 Ethernet subinterface view
Predefined user roles
network-admin
context-admin
Usage guidelines
Last hop holding implements symmetric routing.
When the interface enabled with this feature receives the first IP packet of a forward flow, this feature implements the following operations:
· Obtains the forward flow information and last hop information of the packet.
· Based on the information, creates a fast forwarding entry for the reverse flow.
When packets of the reverse flow arrive at the device, the device forwards those packets based on the entry.
Last hop holding is based on fast forwarding entries. If the MAC address of a last hop changes on an Ethernet link, this feature can function correctly only after the fast forwarding entry is updated for the MAC address.
Examples
# Enable the last hop holding feature.
<Sysname> system-view
[Sysname] interface gigabitethernet 1/0/1
[Sysname-GigabitEthernet1/0/1] ip last-hop hold
last-hop backup enable
Use last-hop backup enable to enable last hop backup.
Use undo last-hop backup enable to disable last hop backup.
Syntax
last-hop backup enable
undo last-hop backup enable
The following compatibility matrix shows the support of hardware platforms for this command:
|
Hardware series |
Models |
Command compatibility |
|
F50X0 series |
F5010, F5020, F5020-GM, F5030, F5030-6GW, F5040, F5060, F5080, F5000-A, F5000-C, F5000-S, F5000-M |
Yes |
|
F5000-CN series |
F5000-CN30, F5000-CN60 |
Yes |
|
F5000-AI series |
F5000-AI-15, F5000-AI-20, F5000-AI-40 |
Yes |
|
F5000-V series |
F5000-V30 |
Yes |
|
F1000-AI series |
F1000-AI-05, F1000-AI-10, F1000-AI-15, F1000-AI-20, F1000-AI-25, F1000-AI-30, F1000-AI-35, F1000-AI-50, F1000-AI-55, F1000-AI-60, F1000-AI-65, F1000-AI-70, F1000-AI-75, F1000-AI-80, F1000-AI-90 |
Yes |
|
F1000-L series |
F1003-L, F1005-L, F1010-L |
Yes |
|
F10X0 series |
F1005, F1010, F1020, F1020-GM, F1030, F1030-GM, F1050, F1060, F1070, F1070-GM, F1070-GM-L, F1080, F1090 |
Yes |
|
F1000-V series |
F1000-V50, F1000-V60, F1000-V70, F1000-V90 |
|
|
F1000-SASE series |
F1000-SASE100, F1000-SASE200 |
Yes |
|
F1000-AK series |
F1000-AK108, F1000-AK109, F1000-AK110, F1000-AK115, F1000-AK120, F1000-AK125, F1000-AK130, F1000-AK135, F1000-AK140, F1000-AK145, F1000-AK150, F1000-AK155, F1000-AK160, F1000-AK165, F1000-AK170, F1000-AK175, F1000-AK180, F1000-AK185, F1000-GM-AK370, F1000-GM-AK380, F1000-AK710, F1000-AK711, F1000-AK1010, F1000-AK1020, F1000-AK1030, F1000-AK1110, F1000-AK1120, F1000-AK1130, F1000-AK1140, F1000-AK1150, F1000-AK1160, F1000-AK1170, F1000-AK1180, F1000-AK1212, F1000-AK1222, F1000-AK1232, F1000-AK1242, F1000-AK1252, F1000-AK1262, F1000-AK1272, F1000-AK1312, F1000-AK1322, F1000-AK1332, F1000-AK1342, F1000-AK1352, F1000-AK1362, F1000-AK1414, F1000-AK1424, F1000-AK1434, F1000-AK1514, F1000-AK1524, F1000-AK1534, F1000-AK1614, F1000-AK9110, F1000-AK9210 |
Yes |
|
Firewall modules |
IM-NGFWX-IV, LSPM6FWD, LSPM6FWDB, LSQM1FWDSC0, LSQM2FWDSC0, LSU3FWCEA0, LSUM1FWCEAB0, LSUM1FWDEC0, LSWM1FWD0, LSX1FWCEA1, LSXM1FWDF1 |
Yes |
|
vFW series |
vFW1000, vFW2000 |
No |
Default
Last hop backup is enabled.
Views
System view
Predefined user roles
network-admin
context-admin
Usage guidelines
This feature enables the system to transmit the forward flow and reverse flow between the local node and a peer node over the same path.
In an IRF fabric enabled with this feature, the IRF master device performs the following operations when receiving the first IP packet of a forward flow on an interface enabled with last hop holding:
1. Saves the last hop information of the packet.
2. Synchronizes the last hop information to subordinate devices in the IRF fabric.
The last hop information can be used for guiding the backward flow when the flow arrives at the master device or is forwarded through a subordinate device.
For this feature to take effect in an IRF fabirc, you must also enable session synchronization by using the session synchronization enable command. For more information about the session synchronization enable command, see Security Command Reference.
This feature is also applicable to multi-module devices enabled with service backup. If this feature is enabled on such a device, a device module performs the following operations when receiving the first IP packet of a forward flow on an interface enabled with last hop holding:
1. Saves the last hop information of the packet.
2. Synchronizes the last hop information to other modules in the device.
The last hop information can be used for guiding the backward flow when the flow arrives at one of these modules.
For this feature to take effect on a multi-module device, you must also enable session flow redirection by using the session flow-redirect enable command. For more information about the session flow-redirect enable command, see Security Command Reference.
Examples
# Disable last hop backup.
<Sysname> system-view
[Sysname] undo last-hop backup enable
Related commands
ip last-hop hold
session flow-redirect enable (Security Command Reference)
session synchronization enable (Security Command Reference)
Load sharing commands
bandwidth-based-sharing
Use bandwidth-based-sharing to enable IPv4 load sharing based on bandwidth.
Use undo bandwidth-based-sharing to disable IPv4 load sharing based on bandwidth.
Syntax
bandwidth-based-sharing
undo bandwidth-based-sharing
Default
The IPv4 load sharing based on bandwidth is disabled.
Views
System view
Predefined user roles
network-admin
context-admin
Usage guidelines
This feature load shares flow traffic among multiple output interfaces based on their load percentages. The device calculates the load percentage for each output interface in terms of their expected bandwidths.
Devices that run load sharing protocols implement load sharing based on the ratios defined by these protocols.
Examples
# Enable IPv4 load sharing based on bandwidth.
<Sysname> system-view
[Sysname] bandwidth-based-sharing
ip load-sharing local-first enable
Use ip load-sharing local-first enable to enable local-first load sharing.
Use undo ip load-sharing local-first enable to disable local-first load sharing.
Syntax
ip load-sharing local-first enable
undo ip load-sharing local-first enable
Default
Local-first load sharing is disabled.
Views
System view
Predefined user roles
network-admin
context-admin
Usage guidelines
Local-first load sharing takes effect only on an IRF fabric.
Examples
# Enable local-first load sharing.
<Sysname> system-view
[Sysname] ip load-sharing local-first enable
ip load-sharing mode
Use ip load-sharing mode to configure the load sharing mode.
Use undo ip load-sharing mode to restore the default.
Syntax
ip load-sharing mode { per-flow [ algorithm algorithm-number | [ dest-ip | dest-port | ip-pro | src-ip | src-port ] * ] | per-packet } { global | slot slot-number }
undo ip load-sharing mode { global | slot slot-number }
The following compatibility matrix shows the support of hardware platforms for this command:
|
Hardware series |
Models |
Command compatibility |
|
F50X0 series |
F5010, F5020, F5020-GM, F5030, F5030-6GW, F5040, F5060, F5080, F5000-A, F5000-C, F5000-S, F5000-M |
Yes |
|
F5000-CN series |
F5000-CN30, F5000-CN60 |
Yes |
|
F5000-AI series |
F5000-AI-15, F5000-AI-20, F5000-AI-40 |
Yes |
|
F5000-V series |
F5000-V30 |
Yes |
|
F1000-AI series |
F1000-AI-05, F1000-AI-10, F1000-AI-15 |
No |
|
F1000-AI-20, F1000-AI-25, F1000-AI-30, F1000-AI-35, F1000-AI-50, F1000-AI-55, F1000-AI-60, F1000-AI-65, F1000-AI-70, F1000-AI-75, F1000-AI-80, F1000-AI-90 |
Yes |
|
|
F1000-L series |
F1003-L, F1005-L, F1010-L |
No |
|
F10X0 series |
F1005, F1010 |
No |
|
F1020, F1020-GM, F1030, F1030-GM, F1050, F1060, F1070, F1070-GM, F1070-GM-L, F1080, F1090 |
Yes |
|
|
F1000-V series |
F1000-V50, F1000-V60, F1000-V70, F1000-V90 |
Yes |
|
F1000-SASE series |
F1000-SASE100, F1000-SASE200 |
No |
|
F1000-AK series |
F1000-AK108, F1000-AK109, F1000-AK110, F1000-AK115, F1000-AK120, F1000-AK125, F1000-AK710, F1000-AK1010, F1000-AK1020, F1000-AK1030, F1000-AK1110, F1000-AK1120, F1000-AK1130, F1000-AK1140, F1000-AK1150, F1000-AK1160, F1000-AK1170, F1000-AK1180 |
No |
|
F1000-AK130, F1000-AK135, F1000-AK140, F1000-AK145, F1000-AK150, F1000-AK155, F1000-AK160, F1000-AK165, F1000-AK170, F1000-AK175, F1000-AK180, F1000-AK185, F1000-GM-AK370, F1000-GM-AK380, F1000-AK711, F1000-AK1212, F1000-AK1222, F1000-AK1232, F1000-AK1242, F1000-AK1252, F1000-AK1262, F1000-AK1272, F1000-AK1312, F1000-AK1322, F1000-AK1332, F1000-AK1342, F1000-AK1352, F1000-AK1362, F1000-AK1414, F1000-AK1424, F1000-AK1434, F1000-AK1514, F1000-AK1524, F1000-AK1534, F1000-AK1614, F1000-AK9110, F1000-AK9210 |
Yes |
|
|
IM-NGFWX-IV, LSPM6FWD, LSPM6FWDB, LSQM1FWDSC0, LSQM2FWDSC0, LSU3FWCEA0, LSUM1FWCEAB0, LSUM1FWDEC0, LSWM1FWD0, LSX1FWCEA1, LSXM1FWDF1 |
No |
|
|
vFW series |
vFW1000, vFW2000 |
Yes |
Default
The device performs per-flow load sharing.
Views
System view
Predefined user roles
network-admin
context-admin
Parameters
per-flow: Implements per-flow load sharing.
dest-ip: Identifies flows by destination IP address.
dest-port: Identifies flows by destination port.
ip-pro: Identifies flows by protocol number.
src-ip: Identifies flows by source IP address.
src-port: Identifies flows by source port.
global: Configures the load sharing mode globally.
per-packet: Implements per-packet load sharing.
slot slot-number: Specifies an IRF member device by its member ID. If you do not specify a member device, this command configures the load sharing mode for all member devices.
Usage guidelines
The per-packet load sharing mode does not take effect in fast forwarding.
Examples
# Configure per-flow load sharing for slot 1.
<Sysname> system-view
[Sysname] ip load-sharing mode per-flow slot 1
