Field	Description
HPF Trace	HPF trace information.
Start Node	Name and index of the start node.
Max Number	Maximum number of HPF trace records.
Total Number	Total number of filtered packets.
HPF Filter	Information about the HPF framework-based trace filter.
Filter Rule	Filter rule. If no rule exists, this field displays a hyphen (-).
Filter Node	HPF node that acts as the HPF trace filter. If no HPF trace information filter exists, this field displays a hyphen (-).
Module Filter	HPF trace filter configured for modules.
ETH	Ethernet module.
IP	IP module.
TCP	TCP module.
UDP	UDP module.
ACL number	Number of the IPv4 ACL used for HPF trace filtering.
ACL6 number	Number of the IPv6 ACL used for HPF trace filtering.

Related commands

hpf trace filter

hpf trace filter ethernet

hpf trace filter ip

hpf trace filter ipv6

hpf trace filter tcp

hpf trace filter udp

display fib

Use display fib to display FIB entries.

Syntax

display fib [ vpn-instance vpn-instance-name ] [ ip-address [ mask | mask-length ] ] [ slot slot-number]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. To display the FIB entries for the public network, do not specify any VPN instance.

ip-address: Displays the FIB entry that matches the specified destination IP address.

mask: Specifies the mask for the IP address.

mask-length: Specifies the mask length for the IP address. The value range is 0 to 32.

slot slot-number: Specifies a card by its slot number. If you do not specify a card, this command displays FIB entries for the active MPU.

Usage guidelines

You can use this command to view the number of FIB entries successfully issued to hardware.

If you specify an IP address without a mask or mask length, this command displays the longest matching FIB entry.

If you specify an IP address and a mask or mask length, this command displays the exactly matching FIB entry.

Examples

# Display all FIB entries of the public network.

<Sysname> display fib

Route destination count: 5

Directly-connected host count: 0

Entries issued to hardware: 5

Flag:

U:Usable G:Gateway H:Host B:Blackhole D:Dynamic S:Static

R:Relay F:FRR

Destination/Mask Nexthop Flag OutInterface/Token Label

0.0.0.0/32 127.0.0.1 UH InLoop0 Null

1.1.1.0/24 192.168.126.1 USGF M-GE0/0/0 Null

127.0.0.0/8 127.0.0.1 U InLoop0 Null

127.0.0.0/32 127.0.0.1 UH InLoop0 Null

127.0.0.1/32 127.0.0.1 UH InLoop0 Null

# Display the FIB entries for VPN vpn1.

<Sysname> display fib vpn-instance vpn1

Route destination count: 8

Directly-connected host count: 0

Entries issued to hardware: 5

Flag:

U:Usable G:Gateway H:Host B:Blackhole D:Dynamic S:Static

R:Relay F:FRR

Destination/Mask Nexthop Flag OutInterface/Token Label

0.0.0.0/32 127.0.0.1 UH InLoop0 Null

20.20.20.0/24 20.20.20.25 U M-GE0/0/0 Null

20.20.20.0/32 20.20.20.25 UBH M-GE0/0/0 Null

20.20.20.25/32 127.0.0.1 UH InLoop0 Null

20.20.20.25/32 20.20.20.25 H M-GE0/0/0 Null

20.20.20.255/32 20.20.20.25 UBH M-GE0/0/0 Null

20.20.20.255/32 1000:2000:3000:4000:5000:6000:7000:8000 UBH MGE0

/0/0 Null

# Display the FIB entries matching the destination IP address 10.2.1.1.

<Sysname> display fib 10.2.1.1

FIB entry count: 1

Entries issued to hardware: 1

Flag:

U:Usable G:Gateway H:Host B:Blackhole D:Dynamic S:Static

R:Relay F:FRR

Destination/Mask Nexthop Flag OutInterface/Token Label

10.2.1.1/32 127.0.0.1 UH InLoop0 Null

Table 2 Command output

Field	Description
Route destination count	Number of route destination addresses.
Directly-connected host count	Number of directly connected hosts learned by features such as ARP.
Entries issued to hardware	Number of FIB entries successfully issued to hardware.
FIB entry count	Total number of FIB entries.
Destination/Mask	Destination address and the mask length.
Nexthop	Next hop address.
Flag	Flags of routes: · U—Usable route. · G—Gateway route. · H—Host route. · B—Blackhole route. · D—Dynamic route. · S—Static route. · R—Relay route. · F—Fast reroute.
OutInterface/Token	Output interface/LSP index number.
Label	Inner label.

‌

display fib prefix diff

Use display fib prefix diff to display the differences in FIB entries between two slots.

Syntax

display fib prefix diff [ all | [ vpn-instance vpn-instance-name ] [ ip-address [ mask | mask-length ] ] ] slot slot-number1 slot slot-number2

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

all: Specifies all FIB entries of the public network and VPN instances.

vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters without spaces.

ip-address: Compares the FIB entries that match the specified destination IPv4 address.

mask: Specifies the mask for the IPv4 address.

mask-length: Specifies the mask length for the IPv4 address. The value range is 0 to 32.

slot slot-number1 slot slot-number2: Specifies two cards by their slot numbers. You must specify two different cards.

Usage guidelines

Application scenarios

Inconsistency of FIB entries between the MPU and the interface module might cause issues such as packet loss, packet processing delay on the interface module, and packet queue overload. Use this command to display the differences in FIB entries between the MPU and interface module and check for inconsistency. If inconsistency exists, execute the display current-configuration diff command in any view to display the differences that the running configuration has as compared with the next-startup configuration and identify unnecessary configuration.

Operating mechanism

You can specify a subnet to match FIB entries when specifying the ip-address argument. If you do not specify any mask or mask length, the system compares the FIB entry that has the longest match with the specified destination IPV4 address on each slot. If you specify a mask or mask length, the system compares the FIB entry that has the exact match with the specified destination IPV4 address and mask on each slot.

Examples

# Display the differences in FIB entries between slot 0 and slot 3.

<Sysname> display fib prefix diff slot 0 slot 3

--- Slot 0 CPU 0

+++ Slot 3 CPU 0

@@ -1,19 +0,0 @@

-Destination/Mask:0.0.0.0/32 VNID:0x310000003 VPN:--

-Destination/Mask:10.0.0.0/24 VNID:0x710000007 VPN:--

-Destination/Mask:10.0.0.0/32 VNID:0x710000007 VPN:--

-Destination/Mask:10.0.0.1/32 VNID:0x310000003 VPN:--

-Destination/Mask:10.0.0.2/32 VNID:-- VPN:--

-Destination/Mask:10.0.0.255/32 VNID:0x710000007 VPN:--

-Destination/Mask:30.0.0.0/24 VNID:0x17000000 VPN:--

-Destination/Mask:127.0.0.0/8 VNID:0x310000003 VPN:--

-Destination/Mask:127.0.0.0/32 VNID:0x410000004 VPN:--

-Destination/Mask:127.0.0.1/32 VNID:0x310000003 VPN:--

-Destination/Mask:127.255.255.255/32 VNID:0x410000004 VPN:--

-Destination/Mask:172.16.94.0/24 VNID:0x610000006 VPN:--

-Destination/Mask:172.16.94.0/32 VNID:0x610000006 VPN:--

-Destination/Mask:172.16.94.100/32 VNID:0x310000003 VPN:--

-Destination/Mask:172.16.94.200/32 VNID:-- VPN:--

-Destination/Mask:172.16.94.201/32 VNID:-- VPN:--

-Destination/Mask:172.16.94.255/32 VNID:0x610000006 VPN:--

-Destination/Mask:255.255.255.255/32 VNID:0x310000003 VPN:--

\ No newline at end of file

+Destination/Mask:192.168.100.10/24 VNID:-- VPN:--

+Destination/Mask:192.168.100.20/24 VNID:-- VPN:--

\ No newline at end of file

Table 3 Command output

Field	Description
--- A +++ B	· A—Source slot number and CPU number for comparison. · B—Destination slot number and CPU number for comparison.
@@ -linenumber1,number1 +linenumber2,number2 @@	· -linenumber1,number1—Display number1 entries starting from linenumber1 on the source slot. · +linenumber2,number2—Display number2 entries starting from linenumber2 on the destination slot.
Destination/Mask	Destination IP address and mask length. · A hyphen(-) in front of this field indicates that the entry exists on the source slot but not on the destination slot. · A plus sign(+) in front of this field indicates that the entry exists on the destination slot but not on the source slot.
VNID	VN ID. Two hyphens (--) indicates that no VN ID exists.
VPN	VPN instance name. Two hyphens (--) indicates the public network.
No newline at end of file	No more comparison results are available.

‌

display fib vn diff

Use display fib vn diff to display the differences in FIB VN entries between two slots.

Syntax

display fib vn diff [ id id ] slot slot-number1 slot slot-number2

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

id id: Specifies the VN entry by its VN ID.

slot slot-number1 slot slot-number2: Specifies two cards by their slot numbers. You must specify two different cards.

Usage guidelines

Inconsistency of VN entries between the MPU and the interface module might cause issues such as packet loss, packet processing delay on the interface module, and packet queue overload. Use this command to display the differences in VN entries between the MPU and interface module and check for inconsistency. If inconsistency exists, execute the display current-configuration diff command in any view to display the differences that the running configuration has as compared with the next-startup configuration and identify unnecessary configuration.

If you do not specify the id keyword, the command displays the differences in all FIB VN entries between two slots.

Examples

# Display the differences in FIB VN entries between slot 0 and slot 3.

<Sysname> display fib vn diff slot 0 slot 3

--- Slot 0 CPU 0

+++ Slot 3 CPU 0

@@ -1,19 +1,2 @@

-VNID:0x810000008 NextHopNum:1 Flag:U Nexthop:[0]10.0.0.1

-VNID:0x70000001 NextHopNum:1 Flag:-- Nexthop:[0]Invalid

-VNID:0x10000000 NextHopNum:1 Flag:U Nexthop:[0]127.0.0.1

-VNID:0x20000000 NextHopNum:1 Flag:U Nexthop:[0]::1

-VNID:0x510000005 NextHopNum:1 Flag:U Nexthop:[0]127.0.0.1

-VNID:0x520000005 NextHopNum:1 Flag:U Nexthop:[0]::

-VNID:0x210000002 NextHopNum:1 Flag:-- Nexthop:[0]0.0.0.0

-VNID:0x220000002 NextHopNum:1 Flag:U Nexthop:[0]::1

-VNID:0x710000007 NextHopNum:1 Flag:U Nexthop:[0]10.0.0.1

-VNID:0x410000004 NextHopNum:1 Flag:U Nexthop:[0]127.0.0.1

-VNID:0x420000004 NextHopNum:1 Flag:U Nexthop:[0]::

-VNID:0x110000001 NextHopNum:1 Flag:U Nexthop:[0]127.0.0.1

-VNID:0x120000001 NextHopNum:1 Flag:U Nexthop:[0]::

-VNID:0x610000006 NextHopNum:1 Flag:U Nexthop:[0]172.16.94.100

-VNID:0x17000000 NextHopNum:2 Flag:-- Nexthop:[0]172.16.94.200

-VNID:0x17000000 NextHopNum:2 Flag:-- Nexthop:[1]172.16.94.201

-VNID:0x310000003 NextHopNum:1 Flag:-- Nexthop:[0]0.0.0.0

-VNID:0x320000003 NextHopNum:1 Flag:U Nexthop:[0]::

\ No newline at end of file

+VNID:0x70000001 NextHopNum:1 Flag:-- Nexthop:[0]Invalid

\ No newline at end of file

Table 4 Command output

Field	Description
--- A +++ B	· A—Source slot number and CPU number for comparison. · B—Destination slot number and CPU number for comparison.
@@ -linenumber1,number1 +linenumber2,number2 @@	· -linenumber1,number1—Display number1 entries starting from linenumber1 on the source slot. · +linenumber2,number2—Display number2 entries starting from linenumber2 on the destination slot.
VNID	Virtual next hop ID.
NextHopNum	Total number of next hops.
Nexthop	Next hop information in the [Number]IP format: · Number—Next hop index number, starting from 0. · IP—Next hop IPv4 or IPv6 address.
Flag	Flag bit value: · U—The next hop takes effect. · --—The next hop does not take effect.
No newline at end of file	No more comparison results are available.

‌

hpf trace filter ethernet

Use hpf trace filter ethernet to configure an HPF trace filter for the Ethernet module.

Syntax

hpf trace filter ethernet { acl { [ ipv6 ] { advanced-acl-number | basic-acl-number } | mac mac-acl-number } | interface interface-type interface-number } slot slot-number

undo hpf trace filter ethernet slot slot-number

Default

No HPF trace filter is configured for the Ethernet module.

Views

User view

Predefined user roles

network-admin

network-operator

Parameters

acl: Creates an ACL-type filter.

ipv6: Specifies an IPv6 ACL.

advanced-acl-number: Specifies an advanced ACL by its number. The value range for this argument is 3000 to 3999.

basic-acl-number: Specifies a basic ACL by its number. The value range for this argument is 2000 to 2999.

mac mac-acl-number: Specifies a Layer 2 ACL by its number. The value range for this argument is 4000 to 4999.

interface interface-type interface-number: Specifies an input or output interface by its type and number. The interface-type interface-number represents the interface type and the interface number.

slot slot-number: Specifies a card by its slot number. If you do not specify a card, this command takes effect on the active MPU.

Usage guidelines

With this feature configured, you can use the display hpf trace command to view the filtered trace information.

If you specify an ACL that does not exist or does not have any rules, the configured filter cannot take effect.

Examples

# On slot 1, configure IPv4 ACL 2001 as the HPF trace information filter for the Ethernet module.

<Sysname> hpf trace filter ethernet acl 2001 slot 1

# On slot 1, configure IPv6 ACL 3001 as the HPF trace information filter for the Ethernet module.

<Sysname> hpf trace filter ethernet acl ipv6 3001 slot 1

# On slot 1, configure Layer 2 ACL 4001 as the HPF trace information filter for the Ethernet module.

<Sysname> hpf trace filter ethernet mac 4001 slot 1

hpf trace filter ip

Use hpf trace filter ip to configure an HPF trace filter for the IP module.

Syntax

hpf trace filter ip acl acl-number slot slot-number

undo hpf trace filter ip slot slot-number

Default

No HPF trace filter is configured for the IP module.

Views

User view

Predefined user roles

network-admin

network-operator

Parameters

acl acl-number: Specifies an IPv4 ACL by its number. The value range for the acl-number argument is 2000 to 2999 for a basic ACL and is 3000 to 3999 for an advanced ACL.

slot slot-number: Specifies a card by its slot number. If you do not specify a card, this command takes effect on the active MPU.

Usage guidelines

With this feature configured, you can use the display hpf trace command to view the filtered trace information.

If you specify an ACL that does not exist or does not have any rules, the configured filter cannot take effect.

Examples

# On slot 1, configure IPv4 ACL 2001 as the HPF trace information filter for the IPv4 module.

<Sysname> hpf trace filter ip acl 2001 slot 1

hpf trace filter ipv6

Use hpf trace filter ipv6 to configure an HPF trace filter for the IPv6 module.

Syntax

hpf trace filter ipv6 acl acl-number slot slot-number

undo hpf trace filter ipv6 slot slot-number

Default

No HPF trace filter is configured for the IPv6 module.

Views

User view

Predefined user roles

network-admin

network-operator

Parameters

acl acl-number: Specifies an IPv6 ACL by its number. The value range for the acl-number argument is 2000 to 2999 for a basic ACL and is 3000 to 3999 for an advanced ACL.

slot slot-number: Specifies a card by its slot number. If you do not specify a card, this command takes effect on the active MPU.

Usage guidelines

With this feature configured, you can use the display hpf trace command to view the filtered trace information.

If you specify an ACL that does not exist or does not have any rules, the configured filter cannot take effect.

Examples

# On slot 1, configure IPv6 ACL 2001 as the HPF trace information filter for the IPv6 module.

<Sysname> hpf trace filter ipv6 acl 2001 slot 1

hpf trace filter tcp

Use hpf trace filter tcp to configure an HPF trace filter for the TCP module.

Syntax

hpf trace filter tcp { acl acl-number | acl6 ipv6-acl-number } slot slot-number

undo hpf trace filter tcp { acl | acl6 } slot slot-number

Default

No HPF trace information filter is configured for the TCP module.

Views

User view

Predefined user roles

network-admin

network-operator

Parameters

acl acl-number: Specifies an IPv4 ACL by its number. The value range for the acl-number argument is 2000 to 2999 for a basic ACL and is 3000 to 3999 for an advanced ACL.

acl6 ipv6-acl-number: Specifies an IPv6 ACL by its number. The value range for the ipv6-acl-number is 2000 to 2999 for a basic ACL and is 3000 to 3999 for an advanced ACL.

slot slot-number: Specifies a card by its slot number. If you do not specify a card, this command takes effect on the active MPU.

Usage guidelines

With this feature configured, you can use the display hpf trace command to display the filtered trace information.

If you specify an ACL that does not exist or does not have any rules, the configured filter cannot take effect.

Examples

# On slot 1, configure IPv4 ACL 2001 as the HPF trace information filter for the TCP module.

<Sysname> hpf trace filter tcp acl 2001 slot 1

# On slot 1, configure IPv6 ACL 2001 as the HPF trace information filter for the TCP module.

<Sysname> hpf trace filter tcp acl6 2001 slot 1

hpf trace filter udp

Use hpf trace filter udp to configure an HPF trace filter for the UDP module.

Syntax

hpf trace filter udp { acl acl-number | acl6 ipv6-acl-number } slot slot-number

undo hpf trace filter udp { acl | acl6 } slot slot-number

Default

No HPF trace filter is configured for the UDP module.

Views

User view

Predefined user roles

network-admin

network-operator

Parameters

acl acl-number: Specifies an IPv4 ACL by its number. The value range for the acl-number argument is 2000 to 2999 for a basic ACL and is 3000 to 3999 for an advanced ACL.

acl6 ipv6-acl-number: Specifies an IPv6 ACL by its number. The value range for the ipv6-acl-number is 2000 to 2999 for a basic ACL and is 3000 to 3999 for an advanced ACL.

slot slot-number: Specifies a card by its slot number. If you do not specify a card, this command takes effect on the active MPU.

Usage guidelines

With this feature configured, you can use the display hpf trace command to view the filtered trace information.

If you specify an ACL that does not exist or does not have any rules, the configured filter cannot take effect.

Examples

# On slot 1, configure IPv4 ACL 2001 as the HPF trace information filter for the UDP module.

<Sysname> hpf trace filter udp acl 2001 slot 1

# On slot 1, configure IPv6 ACL 2001 as the HPF trace information filter for the UDP module.

<Sysname> hpf trace filter udp acl6 2001 slot 1

ip fib consistency-check enable

Use ip fib consistency-check enable to enable consistency check for IPv4 FIB entries.

Use undo ip fib consistency-check enable to disable consistency check for IPv4 FIB entries.

Syntax

ip fib consistency-check enable

undo ip fib consistency-check enable

Default

Consistency check for IPv4 FIB entries is disabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

This feature enables the device to perform consistency check regularly on all the IPv4 FIB entries in the software and hardware. If the device detects any inconsistency, it updates entries in hardware based on entries in the software.

Examples

# Enable consistency check for IPv4 FIB entries.

<Sysname> system-view

[Sysname] ip fib consistency-check enable

ip forwarding

Use ip forwarding to enable IPv4 packet forwarding on an interface that has no IPv4 address configured.

Use undo ip forwarding to disable IPv4 packet forwarding on an interface that has no IPv4 address configured.

Syntax

ip forwarding

undo ip forwarding

Default

If an interface has no IPv4 address configured, it cannot forward IPv4 packets.

Views

Interface view

Predefined user roles

network-admin

Usage guidelines

On a device that supports both IPv4 and IPv6, the next hop of an IPv4 packet might be an IPv4 address or an IPv6 address. If the output interface has no IPv4 address configured, the interface cannot forward the IPv4 packet. To resolve this issue, execute this command on the interface. This feature allows the interface to forward IPv4 packets even though the interface has no IPv4 address configured.

Examples

# Enable IPv4 packet forwarding on Ten-GigabitEthernet 0/0/6 that has no IPv4 address configured.

<Sysname> system-view

[Sysname] interface ten-gigabitethernet 0/0/6

[Sysname-Ten-GigabitEthernet0/0/6] ip forwarding

ip last-hop hold

Use ip last-hop hold to enable last hop holding.

Use undo ip last-hop hold to disable last hop holding.

Syntax

ip last-hop hold

undo ip last-hop hold

Default

Last hop holding is disabled.

Views

Layer 3 Ethernet interface view

Layer 3 Ethernet subinterface view

Dialer interface view

Predefined user roles

network-admin

Usage guidelines

Last hop holding implements symmetric routing.

When the interface enabled with this feature receives the first IP packet of a forward flow, this feature implements the following operations:

· Obtains the forward flow information and last hop information of the packet.

· Based on the information, records the neighbor information for the reverse flow.

When packets of the reverse flow arrive at the device, the device forwards those packets based on the recorded neighbor information.

On devices supporting fast forwarding, last hop holding is based on fast forwarding entries. If the MAC address of a last hop changes, this feature can function correctly only after the fast forwarding entry is updated for the MAC address.

This command is not applicable to MPLS networks.

Examples

# Enable the last hop holding feature.

<Sysname> system-view

[Sysname] interface ten-gigabitethernet 0/0/6

[Sysname-Ten-GigabitEthernet0/0/6] ip last-hop hold

snmp-agent trap enable fib

Use snmp-agent trap enable fib to enable SNMP notifications for FIB events.

Use undo snmp-agent trap enable fib to disable SNMP notifications for FIB events.

Syntax

snmp-agent trap enable fib

undo snmp-agent trap enable fib

Default

SNMP notifications for FIB events are enabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

This feature enables the FIB module to generate SNMP notifications for critical FIB events. The SNMP notifications are sent to the SNMP module. For the SNMP notifications to be sent correctly, you must also configure SNMP. For more information about SNMP configuration, see Network Management and Monitoring Configuration Guide.

Examples

# Disable SNMP notifications for FIB events.

<Sysname> system-view

[Sysname] undo snmp-agent trap enable fib

08-Layer 3—IP Services Command Reference

Basic IP forwarding commands

display hpf trace filter

display fib

display fib prefix diff

display fib vn diff

hpf trace filter ethernet

hpf trace filter ip

hpf trace filter ipv6

hpf trace filter tcp

hpf trace filter udp

ip fib consistency-check enable

ip forwarding

ip last-hop hold

snmp-agent trap enable fib

Cloud & AI

Intelligent Connection

Intelligent Computing

Intelligent Storage

Security

SMB Products

Intelligent Terminal Products

Industry Solutions

Product Support Services

Technical Service Solutions

Resource Center

Policy

Online Help

Technical Blogs

Training & Certification

Become a Partner

Partner Policy & Program

Global Learning

Partner Sales Resources

Partner Business Management

Service Business

Profile

News & Events

Online Exhibition Center

Contact Us