Use address-family dedicated to create the BGP dedicated address family and enter its view, or enter the view of the existing BGP dedicated address family.

Use undo address-family dedicated to remove the BGP dedicated address family and all its configurations.

Syntax

address-family dedicated

undo address-family dedicated

Default

No BGP dedicated address family exists.

Views

BGP instance view

Predefined user roles

network-admin

Usage guidelines

Configurations made in BGP dedicated address family view apply only to the BGP dedicated routes.

Examples

# In BGP instance view, create the BGP dedicated address family and enter its view.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family dedicated

[Sysname-bgp-default-dedicated

address-family link-state

Use address-family link-state to create the BGP LS address family and enter its view, or enter the view of the existing address family.

Use undo address-family link-state to remove the BGP LS address family and all its configurations.

Syntax

address-family link-state

undo address-family link-state

Default

No BGP LS address family exists.

Views

BGP instance view

Predefined user roles

network-admin

Usage guidelines

Configurations made in BGP LS address family view apply only to the BGP LS routes and peers of the public network.

Examples

# In BGP instance view, create the BGP LS address family and enter its view.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family link-state

[Sysname-bgp-default-ls]

apply-label

apply-label { explicit-null | static static-label-value }

undo apply-label

Syntax

apply-label { explicit-null | static static-label-value }

undo apply-label

Default

BGP assigns labels to IPv6 unicast routes on a per next hop basis.

Views

BGP IPv6 unicast address family view

Predefined user roles

network-admin

Parameters

explicit-null: Specifies the explicit null label.

static static-label-value: Specifies a static label. The value range for this argument is 16 to 250000.

Usage guidelines

CAUTION:

Use this command with caution, because this command causes temporary interruption on labeled unicast traffic.

‌

By default, a 6PE device assigns a label to each next hop. When multiple next hops exist, the device might assign too many labels to the routes from the same site and use up its label resources. In this case, the device will fail to advertise IPv6 unicast routes due to label insufficiency. To resolve this issue, use this command to specify a label for BGP IPv6 unicast routes. Then, the 6PE device will assign the label to all IPv6 unicast routes. This can save label resources.

Before using this command, use the display mpls label command to view MPLS label information first. If the specified static label is used by another routing protocol, this command does not take effect. When the state of the static label becomes idle, you can specify this label for BGP IPv6 unicast routes as follows:

1. Use the undo apply-label command to restore the default.

2. Use the apply-label command to specify this label for BGP IPv6 unicast routes.

Examples

# Specify static label 1000 for BGP IPv6 unicast routes.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family ipv6

[Sysname-bgp-default-ipv6] apply-label static 1000

This configuration causes service interruption. Continue? [Y/N]:y

Related commands

display mpls label (MPLS Command Reference)

as-notation dotted

Use as-notation dotted to display 4-byte AS numbers in dotted notation.

Use undo as-notation dotted to restore the default.

Syntax

as-notation dotted

undo as-notation dotted

Default

Four-byte AS numbers are displayed in decimal integer notation.

Views

System view

Predefined user roles

network-admin

Usage guidelines

Application scenarios

By default, a BGP display command uses decimal integer notation to represent 4-byte AS numbers. A 4-byte AS number in decimal integer notation tends to be long and not reader-friendly. To resolve this issue, use this command to display AS numbers in dotted notation.

Operating mechanism

The dotted notation refers to a method of representing AS numbers in X.Y format. The value range for argument Y is 0 to 65535, and the value range for a dotted AS number is 0.1 to 65535.65535. To convert an AS number from dotted notation to decimal integer notation, use the following formula: integer= X x 65536 + Y. For example, if a dotted AS number is 2.1, its decimal integer notation is (2 x 65536 + 1 =131073).

Restrictions and guidelines

After you use this command, the AS path list can match only 4-byte AS numbers in dotted notation. To avoid route filtering failure, make sure that the AS path list used in a route filtering policy is configured to match 4-byte AS numbers in dotted notation.

This command does not take effect on the 4-byte AS numbers in the system configuration file.

Examples

# Display 4-byte AS numbers in dotted notation.

<Sysname> system-view

[Sysname] as-notation dotted

bmp server

Use bmp server to create a BGP monitoring protocol (BMP) server and enter BMP server view.

Use undo bmp server to remove a BMP server and all its configurations.

Syntax

bmp server server-number

undo bmp server server-number

Default

No BMP servers exist.

Views

System view

Predefined user roles

network-admin

Parameters

server-number: Specifies a BMP server by its number in the range of 1 to 8.

Examples

# Create BMP server 5 and enter its view.

<Sysname> system-view

[Sysname] bmp server 5

[Sysname-bmpserver-5]

bmp server monitor all-vpn-instance

Use bmp server monitor all-vpn-instance to enable the specified BMP server to monitor all peers in all BGP-VPN instances.

Use undo bmp server monitor all-vpn-instance to remove the configuration.

Syntax

bmp server server-number monitor all-vpn-instance [ route-mode { adj-rib-in { pre-policy | post-policy | both } | adj-rib-out { pre-policy | post-policy | both } } * ]

undo bmp server server-number monitor all-vpn-instance [ route-mode { adj-rib-in { pre-policy | post-policy | both } | adj-rib-out { pre-policy | post-policy | both } } * ]

Default

A BMP server cannot monitor the peers in a BGP-VPN instance.

Views

BGP instance view

Predefined user roles

network-admin

Parameters

server-number: Specifies a BMP server by its number in the range of 1 to 8. The BMP server must have been created.

route-mode: Sends routes exchanged with a monitored peer or peer group to the BMP server. If you do not specify this keyword, BGP determines whether to send routes exchanged with a peer or peer group to the BMP server based on the following commands:

· peer route-mode

· bmp server monitor current-instance

· route-mode adj-rib-in

· route-mode adj-rib-out

adj-rib-in: Sends routes received from the monitored peer or peer group to the BMP server.

adj-rib-out: Sends routes advertised to the monitored peer or peer group to the BMP server.

pre-policy: Sends routes to the BMP server without route filtering.

post-policy: Sends routes to the BMP server after route filtering.

both: Sends both filtered and unfiltered routes to the BMP server.

Usage guidelines

For a BGP peer, the following rules apply when BGP selects a BMP server:

· The BMP server specified by the peer bmp server command takes precedence over that specified by the bmp server monitor current-instance command.

· The BMP server specified by the bmp server monitor current-instance command takes precedence over that specified by the bmp server monitor all-vpn-instance command.

For a BGP peer, the following rules apply when BGP determines the type of routes to send to the BMP server:

· The route type specified by the peer route-mode command takes precedence over that specified by the bmp server monitor current-instance route-mode command.

· The route type specified by the bmp server monitor current-instance route-mode command takes precedence over that specified by the bmp server monitor all-vpn-instance route-mode command.

· The route type specified by the bmp server monitor all-vpn-instance route-mode command takes precedence over that specified by the route-mode adj-rib-out or route-mode adj-rib-out command.

If you execute this command multiple times for a BGP instance, the most recent configuration takes effect.

Examples

# Enable BMP server 1 to monitor all BGP peers in all BGP-VPN instances.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] bmp server 1 monitor all-vpn-instance

Related commands

display bgp bmp server

peer bmp server

peer route-mode

route-mode adj-rib-in

route-mode adj-rib-out

bmp server monitor current-instance

Use bmp server monitor current-instance to enable the specified BMP server to monitor all peers in the current instance.

Use undo bmp server monitor current-instance to remove the configuration.

Syntax

bmp server server-number monitor current-instance [ route-mode { adj-rib-in { pre-policy | post-policy | both } | adj-rib-out { pre-policy | post-policy | both } } * ]

undo bmp server server-number monitor current-instance [ route-mode { adj-rib-in { pre-policy | post-policy | both } | adj-rib-out { pre-policy | post-policy | both } } * ]

Default

A BMP server cannot monitor the peers in the current instance.

Views

BGP instance view

BGP-VPN instance view

Predefined user roles

network-admin

Parameters

server-number: Specifies a BMP server by its number in the range of 1 to 8. The BMP server must have been created.

· peer route-mode

· bmp server monitor all-vpn-instance

· route-mode adj-rib-in

· route-mode adj-rib-out

adj-rib-in: Sends routes received from the monitored peer or peer group to the BMP server.

adj-rib-out: Sends routes advertised to the monitored peer or peer group to the BMP server.

pre-policy: Sends routes to the BMP server without route filtering.

post-policy: Sends routes to the BMP server after route filtering.

both: Sends both filtered and unfiltered routes to the BMP server.

Usage guidelines

To enable a BMP server to monitor all BGP peers in the public network, execute this command in BGP instance view. To enable a BMP server to monitor all BGP peers in a VPN instance, execute this command in BGP-VPN instance view.

For a BGP peer, the following rules apply when BGP selects a BMP server:

· The BMP server specified by the peer bmp server command takes precedence over that specified by the bmp server monitor current-instance command.

· The BMP server specified by the bmp server monitor current-instance command takes precedence over that specified by the bmp server monitor all-vpn-instance command.

For a BGP peer, the following rules apply when BGP determines the type of routes to send to the BMP server:

· The route type specified by the peer route-mode command takes precedence over that specified by the bmp server monitor current-instance route-mode command.

· The route type specified by the bmp server monitor current-instance route-mode command takes precedence over that specified by the bmp server monitor all-vpn-instance route-mode command.

· The route type specified by the bmp server monitor all-vpn-instance route-mode command takes precedence over that specified by the route-mode adj-rib-out or route-mode adj-rib-out command.

If you execute this command multiple times for an instance, the most recent configuration takes effect.

Examples

# Enable BMP server 1 to monitor all BGP peers in the public network and VPN instance vpn1.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] bmp server 1 monitor current-instance

[Sysname-bgp-default] ip vpn-instance vpn1

[Sysname-bgp-default-vpn1] bmp server 1 monitor current-instance

Related commands

display bgp bmp server

peer bmp server

peer route-mode

route-mode adj-rib-in

route-mode adj-rib-out

bmp server monitor all-vpn-instance

check-origin-validation

Use check-origin-validation to enable BGP RPKI validation.

Use undo check-origin-validation to disable BGP RPKI validation.

Syntax

check-origin-validation

undo check-origin-validation

Default

BGP RPKI validation is disabled.

Views

BGP RPKI view

Predefined user roles

network-admin

Usage guidelines

This command enables BGP to validate the prefix and origin AS number of a received route. BGP determines the validation state of the route based on the following requirements:

1. A minimum of one ROA in the ROA database contains the prefix.

2. The mask length of the route does not exceed the longest mask length among all ROAs in the ROA database.

3. The AS number of an ROA in the ROA database is the same as the origin AS number of the route.

If the route meets all requirements, the route is in Valid state. If the route cannot meet requirement 1, the route is in Not-found state. If the route meets requirement 1, but cannot meet requirement 2 or 3, the route is in Invalid state.

You can configure a routing policy to filter routes based on the BGP RPKI validation state.

Examples

# Enable BGP RPKI validation.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] rpki

[Sysname-bgp-default-rpki] check-origin-validation

display bgp bmp server

Use display bgp bmp server to display BMP server information.

Syntax

display bgp [ instance instance-name ] bmp server server-number

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

instance instance-name: Specifies a BGP instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify this option, the command displays BMP server information for the default BGP instance.

server-number: Specifies a BMP server by its number in the range of 1 to 8.

Examples

# Display information about BMP server 1.

<Sysname> display bgp bmp server 1

BMP server number: 1

Server VPN instance name: vpna

Server address: 100.1.1.1 Server port: 6895

Client address: 100.1.1.2 Client port: 21452

BMP server state: Connected Up for 00h41m53s

TCP source interface has been configured

Statistics report interval: 5s

Reported route mode: adj-rib-in post-policy

Pu-monitor-mode: Enable

Pd-monitor-mode: Enable

Message statistics:

Total messages sent: 15

INITIATION: 1

TERMINATION: 0

STATS-REPORT: 0

PEER-UP: 4

PEER-DOWN: 3

ROUTE-MON: 7

BGP peers monitored by BMP server:

10.1.1.1

Table 1 Command output

Field	Description
Server VPN instance name	Name of the VPN instance to which the BMP server belongs. If the VPN instance name is followed by character string (Deleted), the VPN instance has been deleted. This field displays -- if the BMP server belongs to the public network.
Server address	IP address of the BMP server used by the TCP connection to the BMP client.
Server port	Port number of the BMP server used by the TCP connection to the BMP client.
Client address	IP address of the BMP client used by the TCP connection to the BMP server.
Client port	Port number of the BMP client used by the TCP connection to the BMP server.
BMP server current state	TCP connection status: · Connected. · Not connected.
TCP source interface has been configured	Source interface of TCP connections to the BMP server.
Statistics report interval	Interval (in seconds) at which BGP sends statistics information to the BMP server.
Reported route mode	Type of routes that BGP sends to the BMP server: · adj-rib-in—Send routes received from the monitored peer or peer group to the BMP server. · adj-rib-out—Send routes advertised to the monitored peer or peer group to the BMP server. · pre-policy—Send routes to the BMP server without route filtering. · post-policy—Send routes to the BMP server after route filtering. · both—Send both filtered and unfiltered routes to the BMP server. · loc-rib—Send the optimal routes in the routing table to the BMP server.
Pu-monitor-mode	Whether the peer up notifications that the BMP client sends to the BMP server carry the mode flag. · Enabled—Carry the mode flag. · Disabled—Do not carry the mode flag.
Pd-monitor-mode	Whether the peer down notifications that the BMP client sends to the BMP server carry the mode flag. · Enabled—Carry the mode flag. · Disabled—Do not carry the mode flag.
Up for	Duration of the TCP connection.
Total messages sent	Number of messages that BGP sends to the BMP server.
INITIATION	Number of initiation messages that BGP sends to the BMP server.
TERMINATION	Number of termination messages that BGP sends to the BMP server.
STATS-REPORT	Number of statistics messages that BGP sends to the BMP server.
PEER-UP	Number of peer-up messages that BGP sends to the BMP server.
PEER-DOWN	Number of peer-down messages that BGP sends to the BMP server.
ROUTE-MON	Number of route monitoring messages that BGP sends to the BMP server.
BGP peers monitored by BMP server	Peers that are monitored by the BMP server.

‌

Related commands

reset bgp bmp server statistics

display bgp bmp server monitor-peer

Use display bgp bmp server monitor-peer to display information about BGP peers monitored by the specified BMP server for the specified BGP instance.

Syntax

display bgp [ instance instance-name ] bmp server server-number monitor-peer all

display bgp [ instance instance-name ] bmp server server-number monitor-peer [ vpn-instance vpn-instance-name ] { ipv4 | ipv6 } { ipv4-address | ipv6-address }

display bgp [ instance instance-name ] bmp server server-number monitor-peer { l2vpn evpn | vpnv4 | vpnv6 } { ipv4-address | ipv6-address }

display bgp [ instance instance-name ] bmp server server-number monitor-peer vpn-instance vpn-instance-name vpnv4 ipv4-address

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

instance instance-name: Specifies a BGP instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify this option, the command displays information for the default BGP instance.

server-number: Specifies a BMP server by its number in the range of 1 to 8. The BMP server must have been created.

all: Displays information about all BGP peers monitored by the specified BMP server.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays information for the public network.

ipv4: Displays information about monitored BGP peers in IPv4 unicast address family.

ipv6: Displays information about monitored BGP peers in IPv6 unicast address family.

l2vpn evpn: Displays information about monitored BGP peers in BGP EVPN address family.

vpnv4: Displays information about monitored BGP peers in VPNv4 address family.

vpnv6: Displays information about monitored BGP peers in VPNv6 address family.

ipv4-address: Specifies a peer by its IPv4 address.

ipv6-address: Specifies a peer by its IPv6 address.

Examples

# Display information about BGP peers monitored by BMP server 1 for the default BGP instance.

<Sysname> display bgp bmp server 1 monitor-peer all

Server address: 1.1.1.1 Server state: Down

>>BGP IPv4 unicast:

Peer Route mode

10.1.1.1 adj-rib-in post-policy

>>BGP IPv6 unicast:

Peer Route mode

20.1.1.1 adj-rib-in post-policy

>>BGP VPNv4:

Peer Route mode

30.1.1.1 adj-rib-in post-policy

>>BGP VPNv6:

Peer Route mode

40.1.1.1 adj-rib-in post-policy

>>BGP IPv4 unicast VPN instance vpn1:

Peer Route mode

11.1.1.1 adj-rib-in post-policy

12.1.1.1 adj-rib-in post-policy

>>BGP EVPN:

Peer Route mode

50.1.1.1 adj-rib-in post-policy

# Display information about IPv6 unicast peers monitored by BMP server 1 for the public instance.

<Sysname> display bgp bmp server 1 monitor-peer ipv6 20.1.1.1

Server address: 1.1.1.1 Server state: Down

>>BGP IPv6 unicast:

Peer Route mode

20.1.1.1 adj-rib-in post-policy

# Display information about VPNv4 peers monitored by BMP server 1.

<Sysname> display bgp bmp server 1 monitor-peer vpnv4 30.1.1.1

Server address: 1.1.1.1 Server state: Down

>>BGP VPNv4:

Peer Route mode

30.1.1.1 adj-rib-in post-policy

# Display information about VPNv6 peers monitored by BMP server 1.

<Sysname> display bgp bmp server 1 monitor-peer vpnv6 40.1.1.1

Server address: 1.1.1.1 Server state: Down

>>BGP VPNv6:

Peer Route mode

40.1.1.1 adj-rib-in post-policy

# Display information about BGP EVPN peers monitored by BMP server 1.

<Sysname> display bgp bmp server 1 monitor-peer l2vpn evpn 50.1.1.1

Server address: 1.1.1.1 Server state: Down

>>BGP EVPN:

Peer Route mode

50.1.1.1 adj-rib-in post-policy

Table 2 Command output

Field	Description
Server address	IP address of the BMP server.
Server state	State of the TCP connection to the BMP server.
BGP IPv4 unicast	BGP IPv4 unicast address family.
BGP IPv6 unicast	BGP IPv6 unicast address family.
BGP IPv4 unicast VPN instance	BGP-VPN instance IPv4 unicast address family.
BGP IPv6 unicast VPN instance	BGP-VPN instance IPv6 unicast address family.
BGP VPNv4	BGP VPNv4 address family.
BGP VPNv6	BGP VPNv6 address family.
BGP VPNv4 VPN instance	BGP-VPN instance VPNv4 address family.
BGP EVPN	BGP EVPN address family.
Peer	Address of the monitored peer.
Route mode	Type of routes that BGP sends to the BMP server: · adj-rib-in—Send routes received from the monitored peer to the BMP server. · adj-rib-out—Send routes advertised to the monitored peer to the BMP server. · pre-policy—Send routes to the BMP server without route filtering. · post-policy—Send routes to the BMP server after route filtering. · both—Send both filtered and unfiltered routes to the BMP server.

‌

Related commands

display bgp bmp server

reset bgp bmp server statistics

reset bgp bmp server

peer route-mode

route-mode adj-rib-in

route-mode adj-rib-out

route-mode loc-rib

display bgp link-state

Use display bgp link-state to display BGP LS information.

Syntax

display bgp [ instance instance-name ] link-state [ ls-prefix [ advertise-info | as-path | cluster-list ] | peer { ipv4-address | ipv6-address } { advertised | received } [ statistics ] | statistics ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

instance instance-name: Specifies a BGP instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify this option, the command displays BGP LS information for the default BGP instance.

ls-prefix: Specifies an LS prefix. If you do not specify this argument, the command displays all BGP LS information.

advertise-info: Displays advertisement information for the specified LS prefix.

as-path: Displays AS_PATH attribute information for the specified LS prefix.

cluster-list: Displays CLUSTER_LIST attribute information for the specified LS prefix.

ipv4-address: Specifies a peer by its IPv4 address.

ipv6-address: Specifies a peer by its IPv6 address.

advertised: Displays advertised LS information.

received: Displays received LS information.

statistics: Displays statistics about LS messages.

Usage guidelines

If you do not specify any parameters, this command displays brief BGP LS route information.

Examples

# Display brief BGP LS route information for the public network.

<Sysname> display bgp link-state

Total number of routes: 2

BGP local router ID is 1.1.2.1

Status codes: * - valid, > - best, d – dampened, h – history,

s – suppressed, S – stale, i - internal, e - external

a - additional-path

Origin: i - IGP, e - EGP, ? - incomplete

Prefix codes: E link, V node, T4 IPv4 route, T6 IPv6 route, SD SRv6 SID desc

u/U unknown,

I Identifier, N local node, R remote node, L link, P prefix,

L1/L2 ISIS level-1/level-2, O OSPF, O3 OSPFv3,

D direct, S static, B BGP, SS SRv6 SID,

a area-ID, l link-ID, t topology-ID, s ISO-ID,

c confed-ID/ASN, b bgp-identifier, r router-ID,

i if-address, n peer-address, o OSPF Route-type, p IP-prefix

d designated router address/interface, ID Link Descriptor Identifer

* >e Network : [V][O][I0x0][N[c20][b1.1.1.2][a0.0.0.0][r1.1.1.2]]/376

NextHop : 1.1.1.2 LocPrf :

PrefVal : 0 OutLabel : NULL

MED :

Path/Ogn: 20i

* >e Network : [T4][O][I0x0][N[c20][b1.1.1.2][a0.0.0.0][r1.1.1.2]][P[o0x1][p1.1.1.0/24]]/480

NextHop : 1.1.1.2 LocPrf :

PrefVal : 0 OutLabel : NULL

MED :

Path/Ogn: 20i

Table 3 Command output

Field	Description
Status codes	Status codes: · * – valid—Valid route. · > – best—Optimal route. · d - dampened—Dampened route. · h – history—History route. · s – suppressed—Suppressed route. · S – stale—Stale route. · i – internal—Internal route. · e – external—External route. · a - additional-path—Add-Path optimal route.
Prefix codes	Route prefix codes: · E—Link. · V—Node. · T4—IPv4 route. · T6—IPv6 route. · SD—SRv6 SID description. · u/U—Unknown. · I—Identifier. · N—Local node. · R—Remote node. · L—Link. · P—Prefix. · L1/L2—ISIS level-1/level-2. · O—OSPF. · O3—OSPFv3. · D—Direct. · S—Static. · B—BGP. · SS—SRv6 SID. · a—Area-ID. · l—Link-ID. · t—Topology-ID. · s—ISO-ID. · c—Confed-ID/ASN. · b—BGP-identifier. · r—Router-ID. · i—If-address. · n—Peer-address. · o—OSPF Route-type. · p—IP-prefix. · d—Designated router address/interface. · ID—Link descriptor identifier.
Origin	Origin of the route: · i – IGP—Originated in the AS. · e – EGP—Learned through EGP. · ? – incomplete—Unknown origin.
Network	NLRI for the LS.
NextHop	Next hop IP address.
LocPrf	Local preference.
OutLabel	Outgoing label of the route.
MED	MED attribute.
Path/Ogn	AS_PATH and ORIGIN attributes of the route: · AS_PATH—Records the ASs the route has passed, which avoids routing loops. · ORIGIN—Identifies the origin of the route.
SEGMENT-ROUTING	Segment Routing.
bgp-ls-identifier	Area ID of BGP LS.
bgp-router-id	BGP router ID.
TE	Traffic engineering.
protocol-origin3	Configuration origin.
Flag	Flag.
endpoint	Destination node address.
color	Color attribute.
originator-as	AS number.
originator-address	Address identifier.
discriminator	Path identifier.

‌

# Display detailed BGP LS route information with the specified LS prefix.

<Sysname> display bgp link-state [V][O][I0x0][N[c20][b1.1.1.2][a0.0.0.0][r1.1.1.2]]/376

BGP local router ID: 1.1.1.2

Local AS number: 20

Paths: 1 available, 1 best

BGP LS information of [V][O][I0x0][N[c20][b1.1.1.2][a0.0.0.0][r1.1.1.2]]/376:

Imported route.

Original nexthop: 0.0.0.0

OutLabel : NULL

RxPathID : 0x0

TxPathID : 0xffffffff

LS : Node flag bits: 30[EA] , Local TE router ID: 3006::1 LAN Adjacency Segme

nt Identifier(Flags/Weight/System-ID/SID): 0x30/0/0000.0000. 0001/1278

LAN Adjacency Segment Identifier(Flags/Weight/System-ID/SID):

0x70/0/0000.0000. 0001/1279

AS-path : (null)

Origin : igp

Attribute value : pref-val 32768

State : valid, local, best

IP precedence : N/A

QoS local ID : N/A

Traffic index : N/A

# Display detailed BGP LS route information with the specified LS prefix.

<Sysname> display bgp link-state [V][O][I0x0][N[c20][b1.1.1.2][a0.0.0.0][r1.1.1.2]]/376

BGP local router ID: 1.1.1.2

Local AS number: 20

Paths: 1 available, 1 best

BGP LS information of [V][O][I0x0][N[c20][b1.1.1.2][a0.0.0.0][r1.1.1.2]]/376:

Imported route.

Original nexthop: 0.0.0.0

OutLabel : NULL

RxPathID : 0x0

TxPathID : 0xffffffff

LS : Node flag bits: 30[EA] , Local TE router ID: 3006::1 LAN Adjacency Segme

nt Identifier(Flags/Weight/System-ID/SID): 0x30/0/0000.0000. 0001/1278

LAN Adjacency Segment Identifier(Flags/Weight/System-ID/SID):

0x70/0/0000.0000. 0001/1279

AS-path : (null)

Origin : igp

Attribute value : pref-val 32768

State : valid, local, best

IP precedence : N/A

QoS local ID : N/A

Traffic index : N/A

# Display AS_PATH attribute information for the specified LS prefix.

<Sysname> display bgp link-state [V][O][I0x0][N[c20][b1.1.1.2][a0.0.0.0][r1.1.1.2]]/376 as-path

BGP local router ID: 1.1.1.2

Local AS number: 20

Paths: 1 available, 1 best

BGP LS information of [V][O][I0x0][N[c20][b1.1.1.2][a0.0.0.0][r1.1.1.2]]/376:

As-path: 100

# Display CLUSTER_LIST attribute information for the specified LS prefix.

<Sysname> display bgp link-state [V][O][I0x0][N[c20][b1.1.1.2][a0.0.0.0][r1.1.1.2]]/376 cluster-list

BGP local router ID: 1.1.1.2

Local AS number: 20

Paths: 1 available, 1 best

BGP LS information of [V][O][I0x0][N[c20][b1.1.1.2][a0.0.0.0][r1.1.1.2]]/376:

Cluster list: 100

Table 4 Command output

Field	Description
Paths	Number of routes: · available—Number of valid routes. · best—Number of optimal routes.
BGP LS information of	NLRI prefix.
Original nexthop	Original next hop of the route. If the route was obtained from a BGP update message, the original next hop is the next hop IP address in the message.
LS	LS attribute: · Node flag bits—Node attribute in hexadecimal format: ¡ 10[A]—OSPF or OSPFv3 ABR bit. ¡ 20[E]—OSPF or OSPFv3 External bit. ¡ 30[EA]—OSPF or OSPFv3 External bit and ABR bit. · Metric—Link or prefix cost. · Local TE router ID. · Average delay flag—Flag indicating whether the average delay exceeds 16777215 microseconds. ¡ 0: Stable link state whose average delay is not higher than 16777215 microseconds. ¡ 1: Unstable link state whose average delay is higher than 16777215 microseconds. · Average delay—Average delay in microseconds. · Min/Max delay flag—Flag indicating whether the Min/Max delay exceeds 16777215 microseconds. ¡ 0: Stable link state whose Min/Max delay is not higher than 16777215 microseconds. ¡ 1: Unstable link state whose Min/Max delay is higher than 16777215 microseconds. · Min delay—Minimum delay in microseconds. · Max delay—Maximum delay in microseconds. · Delay variation—Acceptable delay variation in microseconds. · Remaining bandwidth—Available bandwidth in bit/s. · Utilized bandwidth—Used bandwidth in bit/s. · SR/SRv6 capability—SR-MPLS or SRv6 capabilities: flag(O)—SRH flags OAM flag (SRH.Flags.O). 1 represents that the flag is supported. · Segment routing local block (-)—Sub-TLV information of the segment routing local block. No flag bit is defined now. This field displays a hyphen (-), and the value is fixed at 0x00. · SRLB base—Minimum label value of the SRLB range. · SRLB range—Number of labels in the SRLB. · SRv6 node MSD—Maximum SID Depths (MSD) information about the SRv6 node: ¡ MPLS MSD—Maximum number of SIDs that SR-MPLS can encapsulate in a packet. ¡ Segment Left—Maximum Segment Left value. ¡ End Pop MSD—Maximum number of SIDs that can be popped by end nodes supporting PSP or USP. ¡ T.Insert MSD—Maximum number of SIDs that the transit node can insert into a packet by using an SR policy. ¡ T.Encaps MSD—Maximum number of SIDs that the transit node can encapsulate into a packet by using an SR policy. ¡ End D MSD—Maximum number of SIDs that can be decapsulated by the end node. · SR/SRv6 link MSD—Maximum SID Depths (MSD) information about the SR or SRv6 link. ¡ MPLS MSD—Maximum number of SIDs that SR-MPLS can encapsulate in a packet. · SRv6 End.X SID—SRv6 End.X SID information: ¡ function type—SID function type. Only End.X with PSP is supported in the current software version. ¡ algorithm—SID algorithm. 0 represent the SPF algorithm and 1 represents the strict SPF algorithm. ¡ weight—SID weight. ¡ flags(B/S/P)—SID flag. B represents the backup flag, S represents the set flag, and P represents the persistent flag. · SRv6 LAN End.X SID—SRv6 LAN End.X SID information. ¡ function type—SID function. Only End.X with PSP is supported in the current software version. ¡ algorithm—SID algorithm. 0 represent the SPF algorithm and 1 represents the strict SPF algorithm. ¡ weight—SID weight. ¡ flags(B/S/P)—SID flag. B represents the backup flag, S represents the set flag, and P represents the persistent flag. ¡ neighbor—Neighbor node ID. This field displays system ID for IS-IS and router ID for OSPFv3. · SRv6 locator—SRv6 locator information. ¡ metric—Locator metric. ¡ algorithm—Locator algorithm. 0 represent the SPF algorithm and 1 represents the strict SPF algorithm. ¡ flags(D/A)—Locator flag. D is set when the locator is leaked to an IGP area. A is set when the locator is configured with anycast. · SRv6 SID information—SRv6 SID information: SID—SRv6 SID. · SRv6 endpoint function—SID attribute information about the SRv6 endpoint. ¡ function type—SID function type. ¡ algorithm—SID algorithm. 0 represent the SPF algorithm and 1 represents the strict SPF algorithm. · flags—SID flag. · BSID —Effective SID of the ingress node. · Provisioned BSID—Ingress node SID configured through the command. · Flags(D/B/U/L/F)—Flags. ¡ D—BSID type. If this bit is set, the BSID type is IPv6. If this bit is not set, the BSID type is IPv4. ¡ B—If this bit is set, the BSID is statically assigned. ¡ U—If this bit is set, the BSID configured through the command failed to be assigned. ¡ L—If this bit is set, the BSID is assigned from SRLB. If this bit is not set, the BSID is dynamically assigned. ¡ F—If this bit is set, the BSID is dynamically assigned. · Priority—Priority. · Flags(S/A/B/E/V/O/D/C/I/T)—Flags. ¡ S—If this bit is set, the candidate path is in shutdown state. ¡ A—If this bit is set, the candidate path is active. ¡ B—If this bit is set, the candidate path is a backup path. ¡ E—If this bit is set, the candidate path is valid. ¡ V—If this bit is set, the candidate path has a minimum of one valid seglist. ¡ O—If this bit is set, the policy is generated through ODN. ¡ D—If this bit is set, the candidate path is calculated by the PCE/controller. ¡ C—If this bit is set, the candidate path is deployed by the PCE/controller. ¡ I—If this bit is set, the forwarding path is invalid and the packet is discarded. ¡ T—If this bit is set, the forwarding path is available. · Preference—Priority of the candidate path. · CPathName—Name of the candidate path. · SR Segment List—SID list. · Flags—Flags of the the SID list, which indicate the attributes and status of the SID list. This field is 2 bytes long and only the first 9 bits (D\|E\|C\|V\|R\|F\|A\|T\|M\|) are informative: ¡ D—If the SID list only contains SRv6 SIDs, this bit is set. If the SID list only contains SR-MPLS labels, this bit is not set. ¡ E—If the SID list is associated with explicit candidate paths, this bit is set. If the SID list is associated with dynamic candidate paths, this bit is not set. ¡ C—If the SID list is used to calculate dynamic paths, this bit is set. ¡ V—If the SID list has been validated or does not require validation, this bit is set. If the SID list has not been validated, this bit is not set. ¡ R—If the first segment of the SID list has been resolved, this bit is set. If the segment resolution has failed, this bit is not set. ¡ F—If the calculation of dynamic paths has failed, this bit is set. If the calculation of dynamic paths has succeeded or is not required, this bit is not set. ¡ A—If all SIDs in the SID list belong to the specified algorithm, this bit is set. ¡ T—If all SIDs in the SID list belong to the specified topology, this bit is set. ¡ M—If the SID list has been removed from the forwarding plane due to fault detection by the monitoring mechanism, this bit is set. If no failure is detected or monitoring is not performed, this bit is not set. · MTID—Multitopology ID. · Alg—ID of the algorithm used for SID list calculation. · Weight—Weight of the SID list in the candidate path. · Segment(<Type, Flags, SID, SID Descriptor>)—SID list information. ¡ Type—SID type. ¡ Flags—Flag. ¡ SID—SID value. ¡ SID Descriptor—SID descriptor. · L AN Adjacency Segment Identifier(Flags/Weight/System-ID/SID)—Adjacency SID list information. ¡ Flags—Flag. ¡ Weight—SID weight. ¡ System-ID—System ID. ¡ SID—SID value.
RxPathID	Add-path ID of received routes.
TxPathID	Add-path ID of advertised routes.
AS-path	AS_PATH attribute of the route, which records the ASs the route has passed and avoids routing loops.
Cluster list	CLUSTER_LIST attribute of the route.
Attribute value	BGP path attributes: · MED—MED value. · localpref—Local preference value. · pref-val—Preferred value. · pre—Route preference.
State	Current state of the route: · valid. · internal. · external. · local. · synchronize. · best.
IP precedence	IP precedence in the range of 0 to 7. N/A indicates that the route does not support this field.
QoS local ID	QoS local ID in the range of 1 to 4095. N/A indicates that the route does not support this field.
Traffic index	Traffic index in the range of 1 to 64. N/A indicates that the route does not support this field.

‌

# Display advertisement information for the specified LS prefix.

<Sysname> display bgp link-state [E][B][I0x0][N[r1.1.1.2]][c65008][R[r44.33.22.11]][c65009]][L[i2.1.1.3][n1.1.1.3]]/536 advertise-info

BGP local router ID: 1.1.1.2

Local AS number: 65008

Paths: 1 best

BGP LS information of [E][B][I0x0][N[r1.1.1.2]][c65008][R[r44.33.22.11]][c65009]][L[i2.1.1.3][n1.1.1.3]]/536

(TxPathID:0):

Advertised to peers (1 in total):

10.1.1.2

LS attribute :

Peer node segment identifier : Flag c0[VL], Metric 0, Label 23001

Table 5 Command output

Field	Description
Paths	Number of routes: · available—Number of valid routes. · best—Number of optimal routes.
BGP LS information of	NLRI prefix.
Advertised to peers (1 in total)	Peers to which the information has been advertised, and the total number of such peers.
Peer node segment identifier	Peer node SID: · Flag c0[VL]: ¡ V—Value flag. If set, the SID carries a label value. ¡ L—Local flag. If set, the SID has local significance. · Metric—Link cost. · Label—Label value.
TxPathID	Add-path ID of advertised routes.

‌

# Display BGP LS route statistics.

<Sysname> display bgp link-state statistics

Total number of routes: 1

Table 6 Command output

Field	Description
Total number of routes	Total number of routes.

‌

display bgp non-stop-routing status

Use display bgp non-stop-routing status to display BGP NSR status information.

Syntax

display bgp [ instance instance-name ] non-stop-routing status

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

instance instance-name: Specifies a BGP instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify this option, the command displays BGP NSR status information for the default BGP instance.

Usage guidelines

Non-default vSystems do not support this command.

Examples

# Display BGP NSR status information.

<Sysname> display bgp non-stop-routing status

BGP NSR status: Not ready

Location of preferred standby process: -

TCP NSR status: Not ready

Table 7 Command output

Field	Description
BGP NSR status	BGP NSR status: · Ready—BGP NSR has backed up BGP neighbor and routing information from the active process to the standby process. In this state, BGP NSR can ensure continuous routing when an active/standby process switchover occurs. · Not ready—BGP NSR is backing up BGP neighbor and routing information from the active process to the standby process. If an active/standby process switchover occurs in this state, traffic is interrupted and the BGP session will be re-established. · Not configured—BGP NSR is disabled.
Location of preferred standby process	ID of the IRF member device where the preferred standby process resides. This field displays a hyphen (-) if no standby processes exist.
TCP NSR status	TCP NSR status: · Ready—TCP NSR has backed up TCP connection information from the active process to the standby process. · Not ready—TCP NSR is backing up TCP connection information from the active process to the standby process.

‌

display bgp peer received prefix-list

Use display bgp peer received prefix-list to display the ORF prefix information received by a peer.

Syntax

display bgp [ instance instance-name ] peer ipv4 [ multicast | [ unicast ] [ vpn-instance vpn-instance-name ] ipv4-address received prefix-list

display bgp [ instance instance-name ] peer ipv6 [ multicast | [ unicast ] [ vpn-instance vpn-instance-name ] ipv6-address received prefix-list

display bgp [ instance instance-name ] peer ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] ipv6-address [ interface interface-type interface-number ] received prefix-list

display bgp [ instance instance-name ] peer ipv6 [ unicast ] [ vpn-instance vpn-instance-name ] { ipv4-address | link-local-address interface interface-type interface-number } received prefix-list

display bgp [ instance instance-name ] peer { vpnv4 | vpnv6 } ipv4-address received prefix-list

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

instance instance-name: Specifies a BGP instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify this option, the command displays ORF prefix information for the default BGP instance.

ipv4: Displays BGP IPv4 peer information.

ipv6: Displays BGP IPv6 peer information.

vpnv4: Displays BGP VPNv4 peer information.

vpnv6: Displays BGP VPNv6 peer information.

multicast: Displays BGP multicast peer information.

unicast: Displays BGP unicast peer information.

vpn-instance vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify an instance, this command displays information for the public network.

ipv4-address: Specifies a peer by its IPv4 address.

ipv6-address: Specifies a peer by its IPv6 address. If you specify the interface interface-type interface-number option, the ipv6-address argument must specify the peer's link-local address that the specified interface learned in ND entries.

link-local-address: Specifies a peer by its link-local address.

interface-type interface-number: Specifies an interface by its type and number.

Examples

# Display the ORF prefix information received by peer 10.110.25.20.

<Sysname> display bgp peer ipv4 10.110.25.20 received prefix-list

ORF prefix list entries: 2

index: 10 prefix 1.1.1.0/24 ge 26 le 32

index: 20 prefix 2.1.1.0/24 ge 26 le 32

Table 8 Command output

Field	Description
ORF prefix list entries	Number of ORF prefixes.
index	Prefix index.
prefix	Prefix information.
ge	Greater than or equal to.
le	Less than or equal to.

‌

display bgp routing-table dedicated

Use display bgp routing-table dedicated to display BGP dedicated routing information.

Syntax

display bgp [ instance instance-name ] routing-table dedicated [ peer { ipv4-address | ipv6-address } { advertised-routes | received-routes } [ statistics ] | [ route-type mac-ip ] [ { dedicated-route route-length | dedicated-prefix } [ advertise-info ] | ipv4-address | ipv6-address | mac-address ] | statistics ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

peer: Displays BGP dedicated routing information advertised to or received from the specified peer.

ipv4-address: Specifies a peer by its IPv4 address.

ipv6-address: Specifies a peer by its IPv6 address.

advertised-routes: Displays advertised BGP dedicated routing information.

received-routes: Displays received BGP dedicated routing information.

statistics: Displays BGP dedicated route statistics.

route-type: Displays BGP dedicated routes of the specified type. Only MAC/IP routes are supported in the current software version.

mac-ip: Displays MAC/IP routes.

dedicated-route route-length: Displays detailed information about the specified BGP dedicated route. The dedicated-route argument specifies the BGP dedicated routing information, in the range of 1 to 512 characters. The route-length argument specifies the length of the BGP dedicated routing information, in the range of 0 to 65535 bits.

dedicated-prefix: Displays detailed information about the specified BGP dedicated route. The dedicated-prefix argument is a case-insensitive string of 1 to 512 characters and specifies the routing information and routing information length of the dedicated route in dedicated-route/route-length format.

advertise-info: Displays advertisement information for BGP dedicated routes.

ipv4-address: Displays BGP dedicated routes that carry the specified IPv4 address.

ipv6-address: Displays BGP dedicated routes that carry the specified IPv6 address.

mac-address: Displays BGP dedicated routes that carry the specified MAC address.

Examples

# Display brief information about all BGP dedicated routes.

<Sysname> display bgp routing-table dedicated

BGP local router ID is 8.8.8.8

Status codes: * - valid, > - best, d - dampened, h - history

s - suppressed, S - stale, i - internal, e - external

a – additional-path

Origin: i - IGP, e - EGP, ? - incomplete

Total number of routes: 2

* >e Network : [1][48][0011-0022-0033][32][11.22.33.44][3]/104

NextHop : 1.2.3.4 LocPrf : 100

PrefVal : 0

MED : 0

Path/Ogn: 200i

* >e Network : [1][48][0710-0101-3451][0][3]/72

NextHop : 1.2.3.9 LocPrf : 100

PrefVal : 0

MED : 0

Path/Ogn: 200i

Table 9 Command output

Field	Description
BGP local router ID	Local router ID.
Status codes	Status codes: · * – valid—Valid route. · > – best—Optimal route. · d - dampened—Dampened route. · h – history—History route. · s – suppressed—Suppressed route. · S – stale—Stale route. · i – internal—Internal route. · e – external—External route. · a - additional-path—Add-Path optimal route.
Origin	Origin of the route: · i – IGP—Originated in the AS. The origin of routes advertised with the network command is IGP. · e – EGP—Learned through EGP. · ?– incomplete—Unknown origin.
Total number of routes	Total number of BGP dedicated routes.
Network	BGP dedicated route/route length in [1][MACLength][MAC][IPAddressLength][IPAddress][OriginType] format: · 1—The route is a MAC/IP route and carries IPSG binding information. · MACLength—MAC address length. · MAC—MAC address. · IPAddressLength—IP address length. · IPAddress—IP address. · OriginType—IPSG binding source. Options include the following: ¡ 3—DHCP relay. ¡ 7—ND snooping. ¡ 8—DHCPv6 relay.
NextHop	Next hop IP address.
LocPrf	Local preference value.
PrefVal	Preferred value of the route.
MED	MED attribute.
Path/Ogn	AS_PATH and ORIGIN attributes of the route: · AS_PATH—Records the ASs the route has passed, which avoids routing loops. This field can display only 16 AS numbers. Exceeding AS numbers are omitted. You can view the omitted AS numbers by displaying the detailed route information. · ORIGIN—Identifies the origin of the route.

‌

# Display detailed information about BGP dedicated route [1][48][0011-0022-0033][32][11.22.33.44][3]/120.

<Sysname> display bgp routing-table dedicated [1][48][0011-0022-0033][32][11.22.33.44][3]/120

BGP local router ID: 1.1.1.2

Local AS number: 100

Total number of routes: 1

Paths: 2 available, 1 best

BGP routing table information of [1][48][0011-0022-0033][32][11.22.33.44][3]/120:

From : 10.1.1.2 (192.168.56.17)

Rely nexthop : 10.1.1.2

Original nexthop: 10.1.1.2

OutLabel : NULL

RxPathID : 0x0

TxPathID : 0x0

AS-path : 200

Origin : egp

Attribute value : MED 0, pref-val 0

State : valid, external, best

IP precedence : N/A

QoS local ID : N/A

Traffic index : N/A

Route type : MAC/IP route

MAC length : 48

MAC address : 0011-0022-0033

IP length : 32

IP address : 11.22.33.44

Origin type : DHCP relay agent

VLAN ID : 4096

Inner VLAN ID : 10

Origin router ID: 1.1.1.2

Table 10 Command output

Field	Description
BGP local router ID	Local router ID.
Local AS number	Local AS number.
Total number of routes	Total number of BGP dedicated routes.
Paths	Number of routes: · available—Number of valid routes. · best—Number of optimal routes.
BGP routing table information of [1][48][0011-0022-0033][32][11.22.33.44][3]/120	Detailed information about BGP dedicated route [1][48][0011-0022-0033][32][11.22.33.44][3]/120.
From	IP address of BGP peer that advertised the route.
Rely Nexthop	Next hop found by route recursion. If no next hop is found, this field displays not resolved.
Original nexthop	Original next hop of the route. If the route was obtained from a BGP UPDATE message, the original next hop is the next hop IP address in the message.
OutLabel	Outgoing label of the route. This field is not supported in BGP dedicated address family.
RxPathID	Add-path ID of received routes. This field is not supported in BGP dedicated address family.
TxPathID	Add-path ID of advertised routes. This field is not supported in BGP dedicated address family.
AS-path	AS_PATH attribute of the route.
Origin	Origin of the route: · igp—Originated in the AS. · egp—Learned through EGP. · incomplete—Unknown origin.
Attribute value	BGP path attributes: · MED—MED value. · localpref—Local preference value. · pref-val—Preferred value. · pre—Route preference.
State	Current state of the route: · valid. · internal. · external. · local. · best.
IP precedence	IP precedence in the range of 0 to 7. N/A indicates that the route does not support this field.
QoS local ID	QoS local ID in the range of 1 to 4095. N/A indicates that the route does not support this field.
Traffic index	Traffic index in the range of 1 to 64. N/A indicates that the route does not support this field.
Route Type	Route type. Only MAC/IP is supported in the current software version.
MAC Length	Length of the MAC address carried in the dedicated route.
MAC	MAC address carried in the dedicated route.
IPAddressLength	Length of the IP address carried in the dedicated route.
IPAddress	IP address carried in the dedicated route.
Origin type	IPSG binding origin: · ND snooping. · DHCP relay agent. · DHCPv6 relay agent.
VLAN ID	VLAN ID carried in the dedicated route.
Inner VLAN ID	Inner VLAN ID carried in the dedicated route. This field displays N/A if the route carries only one VLAN tag.
Origin router ID	ID of the router that generated the route.

‌

# Display advertisement information about BGP dedicated route [1][48][0011-0022-0033][32][11.22.33.44][3]/120.

<Sysname> display bgp routing-table dedicated [1][48][0011-0022-0033][32][11.22.33.44][3]/120 advertise-info

BGP local router ID: 192.168.1.136

Local AS number: 100

Total number of routes: 1

Paths: 1 best

BGP routing table information of [1][48][0011-0022-0033][32][11.22.33.44]/104:

Advertised to peers (1 in total):

10.1.1.2

Table 11 Command output

Field	Description
BGP local router ID	Local router ID.
Local AS number	Local AS number.
Total number of routes	Total number of BGP dedicated routes.
Paths	Number of optimal routes to the destination.
BGP routing table information of [1][48][0011-0022-0033][32][11.22.33.44][3]/120	Advertisement information about BGP dedicated route [1][48][0011-0022-0033][32][11.22.33.44][3]/120.
Advertised to peers (1 in total)	Peers to which the route has been advertised.

‌

# Display statistics about BGP dedicated routes advertised to peer 1::1.

<Sysname> display bgp routing-table dedicated peer 1::1 advertised-routes statistics

Advertised routes total: 1

# Display statistics about BGP dedicated routes received from peer 1::1.

<Sysname> display bgp routing-table dedicated peer 1::1 received-routes statistics

Received routes total: 1

Table 12 Command output

Field	Description
Advertised routes total	Total number of BGP dedicated routes advertised to the peer.
Received routes total	Total number of BGP dedicated routes received from the peer.

‌

# Display BGP dedicated route statistics.

<Sysname> display bgp routing-table dedicated statistics

Total number of routes: 4

Table 13 Command output

Field	Description
Total number of routes	Total number of BGP dedicated routes.

‌

display bgp routing-table ipv6 unicast inlabel

Use display bgp routing-table ipv6 unicast inlabel to display incoming labels for BGP IPv6 unicast routes.

Syntax

display bgp [ instance instance-name ] routing-table ipv6 [ unicast ] inlabel

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

instance instance-name: Specifies a BGP instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify this option, the command displays incoming labels of BGP IPv6 unicast routes in the default BGP instance.

Usage guidelines

This command displays incoming labels for BGP IPv6 unicast routes regardless of whether the unicast keyword is specified.

Examples

# Display incoming labels for all BGP IPv6 unicast routes.

<Sysname> display bgp routing-table ipv6 inlabel

Total number of routes: 2

BGP local router ID is 2.2.2.2

Status codes: * - valid, > - best, d - dampened, h - history

s - suppressed, S - stale, i - internal, e - external

a - additional-path

Origin: i - IGP, e - EGP, ? - incomplete

* > Network : 1::1 PrefixLen : 128

NextHop : 10::1 OutLabel : NULL

InLabel : 1279

* > Network : 10:: PrefixLen : 64

NextHop : :: OutLabel : NULL

InLabel : 1278

Table 14 Command output

Field	Description
Status codes	Status codes: · * – valid—Valid route. · > – best—Optimal route. · d - dampened—Dampened route. · h – history—History route. · s – suppressed—Suppressed route. · S – stale—Stale route. · i – internal—Internal route. · e – external—External route. · a - additional-path—Add-Path optimal route.
Origin	Origin of the route: · i – IGP—Originated in the AS. The origin of routes advertised with the network command is IGP. · e – EGP—Learned through EGP. · ? – incomplete—Unknown origin. The origin of routes redistributed from IGP protocols is INCOMPLETE.
Network	Destination network address.
PrefixLen	Prefix length of the destination network address.
NextHop	Next hop IPv6 address.
OutLabel	Outgoing label of the IPv6 unicast route, which is assigned by the peer 6PE device.
InLabel	Incoming label of the IPv6 unicast route, which is assigned by the local 6PE device.

‌

display bgp rpki server

Use display bgp rpki server to display information about connections to RPKI servers.

Syntax

display bgp [ instance instance-name ] rpki server [ [ vpn-instance vpn-instance-name ] { ipv4-address | ipv6-address } ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

vpn-instance vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify this option, the command displays information for the public network.

ipv4-address: Specifies an RPKI server by its IPv4 address.

ipv6-address: Specifies an RPKI server by its IPv6 address.

Examples

# Display brief information about connections to RPKI servers.

<Sysname> display bgp rpki server

Server VPN-index Port State Time ROAs(IPv4/IPv6)

1.1.1.2 0 1234 Establish 00:05:51 1/0

2.2.2.2 0 1234 Establish 00:06:07 3/1

Table 15 Command output

Field	Description
Server	IP address of the RPKI server.
VPN-index	VPN index.
Port	Port number of the RPKI server.
State	Connection state: · Establish—BGP has established a connection to the RPKI server. · Connect—BGP is establishing a connection to the RPKI server. · Shutdown—BGP has not established a connection to the RPKI server.
Time	Duration of the current connection state.
ROAs(IPv4/IPv6)	Number of IPv4/IPv6 ROAs.

‌

# Display detailed information about the connection to RPKI server 2.2.2.1.

<Sysname> display bgp rpki server 2.2.2.1

RPKI Cache-Server 2.2.2.1

Port: TCP port 1234

Local addr: 2.2.2.2, Local port: 14342

Connect state: Establish

Total byte Rx: 72

Total byte Tx: 8

Session ID: 1

Serial number: 1

Last PDU type 7, Time: 00:00:15

Last disconnect reason: Response timer expired

RPKI ROA limit: 1000

Limit state: reconnect in 1234 seconds

Table 16 Command output

Field	Description
RPKI Cache-Server	IP address of the RPKI server.
Port	Port number of the RPKI server.
Local addr	Local IP address of the connection.
Local port	Local port number of the connection.
Connect state	Connection state: · Establish—BGP has established a connection to the RPKI server. · Connect—BGP is establishing a connection to the RPKI server. · Shutdown—BGP has not established a connection to the RPKI server.
Total byte Rx	Number of received bytes.
Total byte Tx	Number of sent bytes.
Session ID	Session ID assigned by the RPKI server.
Serial number	Serial number assigned by the RPKI server.
Last PDU Type	Type of the most recently received PDU.
Time	Duration of the current connection state.
Last disconnect reason	Reason for the most recent connection interruption: · Configure reset—The port number used to establish the connection was changed or the reset bgp rpki server command was executed. · Receive error report PDU—Received error report packets from the server. · Response timer expired—No response was received within the response time from the RPKI server. · Receive error PDU—Received error packets. · TCP connect failed—The TCP connection was down. · Shutdown port—No port number was specified. · Not enough memory—The memory was insufficient. · Receive cache reset PDU—Received reset packets from the RPKI server. · Maximum number of ROAs reached—The number of ROAs received from the RPKI server exceeds the limit specified by the rpki-limit command.
RPKI ROA limit	Maximum number of ROAs that can be received from the specified RPKI server. If you do not configure the rpki-limit command for an RPKI server, this field is not displayed.
Limit state	Configuration of the rpki-limit command: · reconnect after resetting—When the number of ROAs received from the RPKI server reaches the limit, the device tears down the TCP connection to the RPKI server. In this situation, the device will not attempt to re-establish the connection to the RPKI server. You can execute the reset bgp rpki server command to re-establish the connection. · reconnect in number seconds—When the number of ROAs received from the RPKI server reaches the limit, the device tears down the TCP connection to the RPKI server and starts the reconnection timer. After the reconnection timer expires, the device re-establishes the TCP connection to the RPKI server. · alert only—When the number of ROAs received from the RPKI server reaches the limit, the device generates a log message only. It does not tear down the TCP connection to the RPKI server and can continue to receive ROAs from the RPKI server. · alert and discard—When the number of ROAs received from the RPKI server reaches the value for the limit argument, the device retains the TCP connection to the RPKI server, discards excess ROAs, and generates a log message. · normal—The number of ROAs received from the RPKI server is less than the limit. If you do not configure the rpki-limit command for an RPKI server, this field is not displayed.

‌

display bgp rpki table

Use display bgp rpki table to display the ROA information obtained from RPKI servers.

Syntax

display bgp [ instance instance-name ] rpki table { ipv4 [ ipv4-address min min-length max max-length ] | ipv6 [ ipv6-address min min-length max max-length ] }

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

ipv4: Displays information about ROAs with IPv4 prefixes.

ipv4-address: Specifies an IPv4 prefix.

ipv6: Displays information about ROAs with IPv6 prefixes.

ipv6-address: Specifies an IPv6 prefix.

min-length: Specifies the minimum prefix length. The value range for this argument is 0 to 32 for IPv4 prefixes and 0 to 128 for IPv6 prefixes.

max-length: Specifies the maximum prefix length. The value range for this argument is 0 to 32 for IPv4 prefixes and 0 to 128 for IPv6 prefixes.

Examples

# Display brief information about ROAs with IPv4 prefixes.

<Sysname> display bgp rpki table ipv4

Total number of entries: 4

Status codes: S - stale, U - used

Network Mask-range Origin-AS Server Status

1.2.3.4 8-32 100 1.1.1.2 U

5.2.3.4 8-32 100 2.2.2.2 U

6.6.6.6 8-32 100 2.2.2.2 U

7.7.7.7 8-32 20 2.2.2.2 U

Table 17 Command output

Field	Description
Total number of entries	Total number of ROAs.
Network	Network address.
Mask-range	Mask or prefix length range.
Server	IP address of the RPKI server.
Status	ROA state: · U—The ROA is available. · S—The ROA is in aging state.

‌

# Display detailed information about ROAs with IPv4 prefixes.

<Sysname> display bgp rpki table ipv4 5.2.3.4 min 8 max 32

RPKI ROA entry for 5.2.3.4/8-32

Origin-AS: 100 from 2.2.2.1, used

Table 18 Command output

Field

Description

Origin-AS

ROA information:

· AS number.

· IP address of the RPKI server.

· ROA state:

¡ used—The ROA is available.

¡ stale—The ROA is in aging state.

‌

display ttl-security statistics

Use display ttl-security statistics to display GTSM discarded packet statistics.

Syntax

display ttl-security statistics [ slot slot-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

slot slot-number: Specifies an IRF member device by its member ID. If you do not specify a member device, this command displays GTSM discarded packet statistics for all member devices.

Examples

# Display statistics for packets discarded by GTSM on slot 1.

<Sysname> display ttl-security statistics slot 1

Slot 1

Protocol Drop Counters

BGP 56

BGP4+ 83

OSPF 15

OSPFv3 0

LDP 0

LDPv6 0

Table 19 Command output

Field

Description

Protocol

Protocol name. Options include the following:

· BGP.

· BGP4+.

· OSPF.

· OSPFv3.

· LDP. (This protocol is not supported in the current software version.)

· LDPv6. (This protocol is not supported in the current software version.)

Drop Counters

Number of discarded packets for the protocol.

‌

Related commands

ospf ttl-security

peer ttl-security

reset ttl-security statistics

ttl-security

domain-distinguisher

Use domain-distinguisher to specify an AS number and a router ID for BGP LS messages.

Use undo domain-distinguisher to restore the default.

Syntax

domain-distinguisher as-number:router-id

undo domain-distinguisher

Default

The AS number and router ID of the current BGP process are used.

Views

BGP LS address family view

Predefined user roles

network-admin

Parameters

as-number:router-id: Specifies the AS number and router ID. The value range for the as-number argument is 1 to 4294967295, and the router ID is in IP address format.

Examples

# Set the AS number and router ID for BGP LS messages to 65009 and 1.1.1.1, respectively.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family link-state

[Sysname-bgp-default-ls] domain-distinguisher 65009:1.1.1.1

ebgp-interface-sensitive

Use ebgp-interface-sensitive to enable immediate re-establishment of direct EBGP sessions.

Use undo ebgp-interface-sensitive to disable immediate re-establishment of direct EBGP sessions.

Syntax

ebgp-interface-sensitive

undo ebgp-interface-sensitive

Default

Immediate re-establishment of direct EBGP sessions is enabled.

Views

BGP instance view

Predefined user roles

network-admin

Usage guidelines

When a direct link to an EBGP peer fails, BGP tears down the session and re-establishes a session to the peer immediately. If the feature is not enabled, the router does not tear down the session until the hold time expires. However, disabling this feature can prevent routing flaps from affecting EBGP session state.

This command applies only to direct EBGP sessions.

Examples

# Enable immediate re-establishment of direct EBGP sessions.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] ebgp-interface-sensitive

fast-reroute route-policy

Use fast-reroute route-policy to apply a routing policy to fast reroute (FRR) for a BGP address family.

Use undo fast-reroute route-policy to restore the default.

Syntax

fast-reroute route-policy route-policy-name

undo fast-reroute route-policy

Default

No routing policy is applied to FRR.

Views

BGP IPv4 unicast address family view

BGP-VPN IPv4 unicast address family view

BGP IPv6 unicast address family view

BGP-VPN IPv6 unicast address family view

Predefined user roles

network-admin

Parameters

route-policy-name: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.

Usage guidelines

You can use the following methods to configure BGP FRR:

· Method 1—Execute the pic command in BGP address family view. BGP calculates a backup next hop for a BGP route in the address family if there are two or more unequal-cost routes to reach the destination.

· Method 2—Execute the fast-reroute route-policy command to use a routing policy in which a backup next hop is specified by using the command apply [ ipv6 ] fast-reroute backup-nexthop. For BGP to generate a backup next hop for the primary route, the backup next hop calculated by BGP must be the same as the specified backup next hop. You can also configure if-match clauses in the routing policy to identify the routes protected by FRR.

If both methods are configured, Method 2 takes precedence over Method 1.

Examples

# Apply routing policy frr-policy to FRR in BGP IPv4 unicast address family view.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family ipv4

[Sysname-bgp-default-ipv4] fast-reroute route-policy frr-policy

Related commands

apply fast-reroute

apply ipv6 fast-reroute

pic

route-policy

flush suboptimal-route

Use flush suboptimal-route to enable BGP to flush the suboptimal BGP route to the RIB.

Use undo flush suboptimal-route to disable BGP from flushing the suboptimal BGP route to the RIB.

Syntax

flush suboptimal-route

undo flush suboptimal-route

Default

BGP is disabled from flushing the suboptimal BGP route to the RIB. Only the optimal route is flushed to the RIB.

Views

BGP instance view

Predefined user roles

network-admin

Usage guidelines

This command flushes the suboptimal BGP route to the RIB when the following conditions are met:

· The optimal route is generated by the network command or is redistributed by the import-route command.

· The suboptimal route is received from a BGP peer.

After the suboptimal route is flushed to the RIB on a network, BGP immediately switches traffic to the suboptimal route when the optimal route fails.

For example, the device has a static route to the subnet 1.1.1.0/24 that has a higher priority than a BGP route. BGP redistributes the static route and receives a route to 1.1.1.0/24 from a peer. After the flush suboptimal-route command is executed, BGP flushes the received BGP route to the RIB as the suboptimal route. When the static route fails, BGP immediately switches traffic to the suboptimal route if inter-protocol FRR is enabled. For more information about inter-protocol FRR, see Layer 3—IP Routing Configuration Guide.

Examples

# Enable BGP to flush the suboptimal BGP route to the RIB.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] flush suboptimal-route

forwarding-conversational-learning

Use forwarding-conversational-learning to enable conversational remote host route learning.

Use undo forwarding-conversational-learning to disable conversational remote host route learning.

Syntax

forwarding-conversational-learning [ route-policy route-policy-name ]

undo forwarding-conversational-learning

Default

Conversational remote host route learning is disabled in BGP IPv4 and IPv6 address family views.

In BGP EVPN address family view, conversational remote host route learning is enabled.

Views

BGP IPv4 unicast address family view

BGP IPv6 unicast address family view

Predefined user roles

network-admin

Parameters

route-policy route-policy-name: Issues only the remote host routes matching the specified routing policy to the FIB. The route-policy-name argument specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters. If you do not specify a routing policy or the specified routing policy does not exist, BGP issues all remote host routes to the FIB. The apply clauses in the specified routing policy do not take effect.

Usage guidelines

By default, BGP generates FIB entries for all host routes received from peers (remote host routes) and issues the routes to the FIB. To conserve device resources, execute this command in BGP IPv4/IPv6 unicast address family view to enable conversational remote host route learning. The command enables BGP to issue a remote host route to the FIB only if it is required for forwarding a packet.

When you execute this command in BGP IPv4/IPv6 unicast address family view, follow these restrictions and guidelines:

· This command takes effect only on remote host routes generated based on ARP or ND entries and does not take effect on local host routes and other BGP routes. Host routes generated based on ARP or ND entries carry a special mark advertised through the extended community attribute. Executing this command also enables BGP to advertise the extended community attribute to all peers and peer groups.

· This command takes effect only if you execute the ip forwarding-conversational-learning command.

· The device can perform conversational learning for a remote host route only if a local interface belongs to a network segment that contains the destination address of the host route.

Examples

# In BGP IPv4 unicast address family view, enable conversational remote host route learning and specify routing policy policy1 to match remote host routes.

<Sysname>system-view

[Sysname] bgp 200

[Sysname-bgp-default] address-family ipv4 unicast

[Sysname-bgp-default-ipv4] forwarding-conversational-learning route-policy policy1

Related commands

ip forwarding-conversational-learning (EVPN Command Reference)

peer advertise-ext-community

ignore all-peers

Use ignore all-peers to disable BGP session establishment with all peers and peer groups.

Use undo ignore all-peers to restore the default.

Syntax

ignore all-peers [ graceful graceful-time { community { community-number | aa:nn } | local-preference preference | med med } * ]

undo ignore all-peers

Default

BGP can establish sessions to all peers and peer groups.

Views

BGP instance view

Predefined user roles

network-admin

Parameters

graceful graceful-time: Gracefully shuts down BGP sessions to all peers and peer groups in the specified graceful shutdown period of time. The value range for the graceful-time argument is 60 to 65535 seconds. If you set the value for this option to 0, the device does not shut down the sessions to peers and peer groups. If you do not specify this option, the command immediately shuts down the sessions to all peers and peer groups.

community { community-number | aa:nn }: Specifies the community attribute for routes advertised to all peers and peer groups. The community-number argument represents the community sequence number in the range of 1 to 4294967295. The aa:nn argument represents the community number. Both aa and nn are in the range of 0 to 65535. If you do not specify this option, the command does not change the community attribute for routes advertised to all peers and peer groups.

local-preference preference: Specifies the local preference for routes advertised to all peers and peer groups, in the range of 0 to 4294967295. A larger value represents a higher preference. If you do not specify this option, the command does not change the local preference for routes advertised to all peers and peer groups.

med med: Specifies the MED value for routes advertised to all peers and peer groups, in the range of 0 to 4294967295. The smaller the MED value, the higher the route priority. If you do not specify this option, the command does not change the MED value for routes advertised to all peers and peer groups.

Usage guidelines

CAUTION:

Executing this command tears down all existing sessions to peers and peer groups and clears all related routing information.

‌

This command enables you to temporarily tear down the BGP sessions to all peers and peer groups. You can perform network upgrade and maintenance without needing to delete and reconfigure the peers and peer groups. To recover the sessions, execute the undo ignore all-peers command.

If you specify the graceful keyword in the ignore all-peers command, BGP performs the following tasks:

1. Starts the wait timer specified with the graceful keyword.

2. Advertises all routes to all peers and peer groups and changes the attribute for the advertised routes to the specified value.

3. Shuts down all sessions to peers and peer groups after the wait timer expires.

This configuration lowers the priority of the routes advertised by BGP and BGP peers can select other peers' routes as optimal routes, which avoids traffic interruption upon wait timer expiration or peer disconnection. To enable BGP to advertise low-priority routes without tearing down BGP sessions, you can set the value for the graceful graceful-time option to 0.

For a BGP peer or peer group, the configuration made by the peer ignore command takes precedence over the configuration made by the ignore all-peers command.

Examples

# In BGP instance view, configure BGP to gracefully shut down the sessions to all peers and peer groups in 60 seconds, advertise all routes to all peers and peer groups, and change the community attribute and local preference for the advertised routes to 1:1 and 200, respectively.

<Sysname> system-view

[Sysname] bgp 1

[Sysname-bgp-default] ignore all-peers graceful 60 community 1:1 local-preference 200

Related commands

peer ignore

isolate enable

Use isolate enable to enable BGP isolation.

Use undo isolate enable to restore the default.

Syntax

isolate enable

undo isolate enable

Default

BGP isolation is disabled.

Views

BGP instance view

Predefined user roles

network-admin

Usage guidelines

To maintain a BGP network device, you can use BGP isolation to remove the device from the network. This feature reduces configuration workload and impact on the network by retaining the device configuration during the maintenance. After maintenance, you can disable BGP isolation to add the device back to the network.

BGP isolation works as follows:

1. BGP withdraws all routes advertised by the device except for the direct routes.

2. BGP keeps all routes learned from its peers.

3. Each peer of the device reselects an optimal route and updates the FIB table. During optimal route selection, the peers can still use the routes advertised by the device to forward traffic.

4. After an optimal route is selected and the FIB table is updated, the peers stop forwarding packets except for those destined for the device to the device. The device is fully isolated from the network and you can upgrade it.

5. After the maintenance, disable BGP isolation on the device to gracefully add it back to the network. After returning to the network, the device advertises and learns routes as follows:

¡ Advertises routes to its peers.

¡ Learns routes if BGP was reset during the isolation.

To avoid isolation failure, do not use this feature when GR or NSR is enabled for the device.

Examples

# Isolate the device from the network in BGP instance view.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] isolate enable

label-allocation-mode

Use label-allocation-mode to specify a label allocation mode.

Use undo label-allocation-mode to restore the default.

Syntax

label-allocation-mode { per-prefix | per-vrf }

undo label-allocation-mode

Default

BGP allocates labels on a per-next-hop basis.

Views

BGP instance view

Predefined user roles

network-admin

Parameters

per-prefix: Allocates a label to each route prefix.

per-vrf: Allocates a label to each VPN instance.

Usage guidelines

CAUTION:

A change to the label allocation mode enables BGP to re-advertise all routes, which will cause temporary service interruption. Use this command with caution.

‌

BGP supports the following label allocation modes:

· Per-prefix—Allocates a label to each route prefix.

· Per-next-hop—Allocates a label to each next hop. This mode is applicable when the number of labels required by the per-prefix mode exceeds the maximum number of labels supported by the device.

· Per-VPN-instance—Allocates a label to each VPN instance. This mode is applicable when the number of labels required by the per-next-hop mode exceeds the maximum number of labels supported by the device.

When you specify the per-prefix or per-next-hop label allocation mode, you can execute the vpn popgo command to specify the POPGO forwarding mode on an egress PE. The egress PE will pop the label for each packet and forward the packet out of the interface corresponding to the label.

When you specify the per-VPN instance label allocation mode, do not execute the vpn popgo command because it is mutually exclusive with the label-allocation-mode per-vrf command. The egress PE will pop the label for each packet and forward the packet through the FIB table.

Examples

# Specify the per-prefix label allocation mode.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] label-allocation-mode per-prefix

labeled-route ignore-no-tunnel

Use labeled-route ignore-no-tunnel to disable optimal route selection for labeled routes without tunnel information.

Use undo labeled-route ignore-no-tunnel to restore the default.

Syntax

labeled-route ignore-no-tunnel

undo labeled-route ignore-no-tunnel

Default

Labeled routes without tunnel information can participate in optimal route selection.

Views

BGP instance view

Predefined user roles

network-admin

Examples

# Disable optimal route selection for labeled routes without tunnel information.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] labeled-route ignore-no-tunnel

nexthop recursive-lookup delay

Use nexthop recursive-lookup delay to set the delay time for responding to recursive next hop changes.

Use undo nexthop recursive-lookup delay to disable BGP from delaying responding to recursive next hop changes.

Syntax

nexthop recursive-lookup [ non-critical-event ] delay [ delay-value ]

undo nexthop recursive-lookup [ non-critical-event ] delay

Default

BGP responds to recursive next hop changes immediately.

Views

BGP IPv4 unicast address family view

BGP-VPN IPv4 unicast address family view

BGP VPNv4 address family view

BGP-VPN VPNv4 address family view

BGP IPv6 unicast address family view

BGP LS address family view

BGP-VPN IPv6 unicast address family view

BGP VPNv6 address family view

BGP L2VPN address family view

BGP EVPN address family view

BGP IPv4 multicast address family view

BGP IPv6 multicast address family view

Predefined user roles

network-admin

Parameters

non-critical-event: Delays responding to noncritical next hop changes. If you do not specify this keyword, BGP delays responding to both critical and noncritical next hop changes.

Next hop changes include the following types:

· Critical route recursion changes—Changes that cause route unreachability and service interruption. For example, a BGP route cannot find a recursive next hop or tunnel because of network failures.

· Noncritical route recursion changes—A recursive or related route changes but the change will not cause route unreachability or service interruption. For example, the recursive interface or tunnel of a BGP route changes but traffic forwarding is not affected.

delay-value: Specifies a delay time in the range of 1 to 240 seconds. The default delay time is 5 seconds.

Usage guidelines

When recursive or related routes change frequently, configure this command to reduce unnecessary path selection and update messages and prevent traffic loss.

To avoid traffic loss, do not configure this command if only one route is available to a specific destination.

Set an appropriate delay time based on your network condition. A short delay time cannot reduce unnecessary path selection or update messages, and a long delay time might cause traffic loss.

When you configure both the nexthop recursive-lookup delay and nexthop recursive-lookup non-critical-event delay commands for an address family, follow these guidelines:

· BGP delays responding to both critical and noncritical next hop changes in the address family.

· For noncritical next hop changes, the delay time specified by the nexthop recursive-lookup non-critical-event delay command takes effect.

If you execute the nexthop recursive-lookup delay command multiple times, the most recent configuration takes effect.

If you execute the nexthop recursive-lookup non-critical-event delay command multiple times, the most recent configuration takes effect.

Examples

# In BGP IPv4 unicast address family view, set the delay time for responding to recursive next hop changes to 100 seconds.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family ipv4 unicast

[Sysname-bgp-default-ipv4] nexthop recursive-lookup delay 100

nexthop recursive-lookup longest-match

Use nexthop recursive-lookup longest-match to specify the longest match principle for BGP next hop recursion.

Use undo nexthop recursive-lookup longest-match to restore the default.

Syntax

nexthop recursive-lookup longest-match [ route-policy route-policy-name ]

undo nexthop recursive-lookup longest-match

Default

By default, BGP first looks up in its directly connected routes for a recursive route during a route recursion. If no matching routes exist, BGP will look up in routes generated by all routing protocols based on the longest match principle.

Views

BGP IPv4 unicast address family view

BGP-VPN IPv4 unicast address family view

BGP IPv6 unicast address family view

BGP-VPN IPv6 unicast address family view

Predefined user roles

network-admin

Parameters

route-policy route-policy-name: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.

Usage guidelines

The default method for next hop recursion might cause packet forwarding failure. The device considers the next hop of a received BGP route as directly connected when the next hop belongs to the same subnet as a direct route. As a result, packet forwarding failure will occur when the device uses this BGP route to forward matching packets.

To resolve this issue, you can use this feature to ensure the recursive route is reachable. BGP will directly look up in routes generated by all routing protocols and select a matching route based on the longest match principle.

The nexthop recursive-lookup longest-match command applies to all BGP routes received from peers in one of the following scenarios:

· The route-policy route-policy-name option is not specified.

· The specified routing policy does not exist.

Examples

# Specify the longest match principle to iterate routes that pass routing policy policy1 in BGP IPv4 unicast address family view.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family ipv4 unicast

[Sysname-bgp-default-ipv4] nexthop recursive-lookup longest-match route-policy policy1

nexthop recursive-lookup route-policy

Use nexthop recursive-lookup route-policy to enable routing policy-based nexthop recursion.

Use undo nexthop recursive-lookup route-policy to restore the default.

Syntax

nexthop recursive-lookup route-policy route-policy-name

undo nexthop recursive-lookup route-policy

Default

BGP does not perform routing policy-based nexthop recursion for routes.

Views

BGP IPv4 unicast address family view

BGP-VPN IPv4 unicast address family view

BGP VPNv4 address family view

BGP-VPN VPNv4 address family view

BGP IPv6 unicast address family view

BGP LS address family view

BGP-VPN IPv6 unicast address family view

BGP VPNv6 address family view

BGP EVPN address family view

BGP IPv4 multicast address family view

BGP IPv6 multicast address family view

Predefined user roles

network-admin

Parameters

route-policy-name: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters.

Usage guidelines

CAUTION:

Before executing this command, make sure that BGP routes can be iterated to the desired paths under the constraints of the specified routing policy. If the recursion results of a BGP route are all filtered out by the specified routing policy, BGP considers the route unreachable.

‌

Application scenarios

When BGP performs nexthop recursion for a route without any constraints, the route might be iterated to an incorrect traffic forwarding path. To resolve this issue, use this command to enable routing policy-based nexthop recursion. BGP can then iterate routes to the desired forwarding paths under the constraints of the specified routing policy.

Operating mechanism

With this command executed, a BGP route can take effect only when some of its nexthop recursion results can match a permit node of the specified routing policy. If the recursion results of a route are all filtered out by the specified routing policy, the route is considered unreachable and cannot take effect.

Restrictions and guidelines

· Before executing this command for an address family, perform the following task:

a. Determine the routes to which that the BGP routes in that address family can be iterated.

b. Configure a routing policy that contains the desired match criteria.

· After you execute this command for an address family, BGP reperforms next hop recursion for the routes in that address family.

· If the routing policy specified in this command does not exist, this command does not take effect. It will take effect immediately after you create the specified routing policy.

· This command does not take effect on the routes learned from directly-connected EBGP peers.

· This command does not take effect on the routes learned from the specified peer or peer group when you configure this command together with the peer nexthop-recursive-policy disable command.

· When you execute the nexthop recursive-lookup route-policy command and the protocol nexthop recursive-lookup command, follow these restrictions and guidelines:

¡ If the following conditions exist, only the nexthop recursive-lookup route-policy command takes effect on the routes in a BGP address family:

- You execute the nexthop recursive-lookup route-policy command in the view of the BGP address family.

- You execute the protocol nexthop recursive-lookup command in RIB IPv4 or IPv6 address family view.

¡ If the following conditions exist, BGP performs nexthop recursion for the routes in a BGP address family according to the configuration of the protocol nexthop recursive-lookup command in RIB IPv4 or IPv6 address family view:

- You do not execute the nexthop recursive-lookup route-policy command in the view of the BGP address family.

- You execute the protocol nexthop recursive-lookup command in RIB IPv4 or IPv6 address family view.

Examples

# In BGP IPv4 unicast address family view, specify routing policy test-policy to filter the nexthop recursion results of public BGP IPv4 unicast routes.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family ipv4 unicast

[Sysname-bgp-default-ipv6] nexthop recursive-lookup route-policy test-policy

Related commands

peer nexthop-recursive-policy disable

protocol nexthop recursive-lookup (Layer 3—IP Routing Command Reference)

non-stop-routing

Use non-stop-routing to enable BGP nonstop routing (NSR).

Use undo non-stop-routing to disable BGP NSR.

Syntax

non-stop-routing

undo non-stop-routing

Default

BGP NSR is disabled.

Views

BGP instance view

Predefined user roles

network-admin

Usage guidelines

BGP NSR ensures continuous routing by synchronizing BGP state and data information from the active BGP process to the standby BGP process. The standby BGP process can seamlessly take over all services when the active process fails.

Examples

# Enable BGP NSR.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] non-stop-routing

Related commands

display bgp non-stop-routing status

passwords

Use passwords to set the MD5 authentication password.

Use undo passwords to restore the default.

Syntax

passwords { cipher | simple } string

undo passwords

Default

The MD5 authentication password is not set.

Views

BGP RPKI server view

Predefined user roles

network-admin

Parameters

cipher: Specifies a password in encrypted form.

simple: Specifies a password in plaintext form. For security purposes, the password specified in plaintext form will be stored in encrypted form.

string: Specifies the password. Its encrypted form is a case-sensitive string of 33 to 137 characters. Its plaintext form is a case-sensitive string of 1 to 80 characters.

Usage guidelines

This command can enhance security in the following ways:

· Perform MD5 authentication when establishing TCP connections. Only the two parties that have the same password configured can establish TCP connections.

· Perform MD5 calculation on the packets transmitted over the TCP connections to avoid packet modification.

Examples

# In BGP RPKI server view, set the MD5 authentication password.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] rpki

[Sysname-bgp-default-rpki] server tcp 1.1.1.1

[Sysname-bgp-default-rpki-server] passwords simple 123456

pd-monitor-mode enable

Use pd-monitor-mode enable to configure the BMP client to send peer down notifications with mode flags to the BMP server.

Use undo pd-monitor-mode enable to restore the default.

Syntax

pd-monitor-mode enable

undo pd-monitor-mode enable

Default

The BMP client sends peer down notifications without mode flags to the BMP server.

Views

BMP server view

Predefined user roles

network-admin

Usage guidelines

Execute this command to configure the BMP client to send peer down notifications with the following flags to the BMP server:

· Adj-RIB-In—The BMP client sends routes received from monitored peers to the BMP server.

· Adj-RIB-Out—The BMP client sends routes advertised to monitored peers to the BMP server.

· pre-policy—The BMP client sends routes to the BMP server without filtering.

· post-policy—The BMP client sends routes to the BMP server after filtering.

By default, the BMP client sends peer down notifications with the Adj-RIB-In and pre-policy flags to the BMP server after you execute this command.

After you delete the route sending mode by executing the route-mode adj-rib-in, route-mode adj-rib-out, or peer route-mode command, the BMP client will send peer down notifications with the new mode flag to the BMP server.

Examples

# Configure the BMP client to send peer down notifications with mode flags to the BMP server.

<Sysname> system-view

[Sysname] bmp server 1

[Sysname-bmpserver-1] pd-monitor-mode enable

Related commands

peer route-mode

route-mode adj-rib-in

route-mode adj-rib-out

interface-peer/peer additional-paths

Use interface-peer/peer additional-paths to configure the BGP Additional Paths capabilities.

Use undo interface-peer/peer additional-paths to remove the configuration.

Syntax

In BGP-VPN VPNv4 address family view/BGP VPNv6 address family view:

peer { group-name | ipv4-address [ mask-length ] } additional-paths { receive | send } *

undo peer { group-name | ipv4-address [ mask-length ] } additional-paths { receive | send } *

In BGP IPv4 unicast address family view/BGP-VPN IPv4 unicast address family view/BGP VPNv4 address family view/BGP IPv6 unicast address family view/BGP-VPN IPv6 unicast address family view/BGP EVPN address family view:

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } additional-paths { receive | send } *

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } additional-paths { receive | send } *

In BGP IPv6 unicast address family view/BGP-VPN IPv6 unicast address family view:

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } additional-paths { receive | send } *

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } additional-paths { receive | send } *

In BGP IPv4 unicast address family view/BGP-VPN IPv4 unicast address family view/BGP IPv6 unicast address family view/BGP-VPN IPv6 unicast address family view:

interface-peer interface-type interface-number additional-paths { receive | send } *

undo interface-peer interface-type interface-number additional-paths { receive | send } *

Default

No BGP Additional Paths capabilities are configured.

Views

BGP IPv4 unicast address family view

BGP-VPN IPv4 unicast address family view

BGP VPNv4 address family view

BGP-VPN VPNv4 address family view

BGP IPv6 unicast address family view

BGP-VPN IPv6 unicast address family view

BGP VPNv6 address family view

BGP EVPN address family view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must have been created.

ipv4-address: Specifies a peer by its IPv4 address. The peer must have been created.

mask-length: Specifies a mask length in the range of 0 to 32. You can use the ipv4-address and mask-length arguments together to specify a subnet. If you specify a subnet, this command configures the BGP Additional Paths capabilities for all dynamic peers in the subnet.

ipv6-address: Specifies a peer by its IPv6 address. The peer must have been created.

prefix-length: Specifies a prefix length in the range of 0 to 128. You can use the ipv6-address and prefix-length arguments together to specify a subnet. If you specify a subnet, this command configures the BGP Additional Paths capabilities for all dynamic peers in the subnet.

link-local-address: Specifies a peer by its link-local address.

interface-type interface-number: Specifies an interface by its type and number.

interface-peer interface-type interface-number: Specifies peers that have been created through link-local addresses in the ND entries learned by the specified interface.

receive: Enables the BGP additional path receiving capability.

send: Enables the BGP additional path sending capability.

Usage guidelines

You can enable the BGP additional path sending, receiving, or both sending and receiving capabilities on a BGP router. For two BGP peers to successfully negotiate the Additional Paths capabilities, make sure one end has the sending capability and the other end has the receiving capability.

Examples

# In BGP IPv4 unicast address family view, enable the BGP additional path receiving capability.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family ipv4 unicast

[Sysname-bgp-default-ipv4] peer 1.1.1.1 additional-paths receive

interface-peer/peer advertise additional-paths best

Use interface-peer/peer advertise additional-paths best to set the maximum number of Add-Path optimal routes that can be advertised to a peer or peer group.

Use undo interface-peer/peer advertise additional-paths best to remove the configuration.

Syntax

In BGP-VPN VPNv4 address family view/BGP VPNv6 address family view:

peer { group-name | ipv4-address [ mask-length ] } advertise additional-paths best number

undo peer { group-name | ipv4-address [ mask-length ] } advertise additional-paths best

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } advertise additional-paths best number

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } advertise additional-paths best

In BGP IPv6 unicast address family view/BGP-VPN IPv6 unicast address family view:

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } advertise additional-paths best number

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } advertise additional-paths best

In BGP IPv4 unicast address family view/BGP-VPN IPv4 unicast address family view/BGP IPv6 unicast address family view/BGP-VPN IPv6 unicast address family view:

interface-peer interface-type interface-number advertise additional-paths best number

undo interface-peer interface-type interface-number advertise additional-paths best

Default

A maximum of one Add-Path optimal route can be advertised to a peer or peer group.

Views

BGP IPv4 unicast address family view

BGP-VPN IPv4 unicast address family view

BGP VPNv4 address family view

BGP-VPN VPNv4 address family view

BGP IPv6 unicast address family view

BGP-VPN IPv6 unicast address family view

BGP VPNv6 address family view

BGP EVPN address family view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must have been created.

ipv4-address: Specifies a peer by its IPv4 address. The peer must have been created.

mask-length: Specifies a mask length in the range of 0 to 32. You can use the ipv4-address and mask-length arguments together to specify a subnet. If you specify a subnet, this command sets the maximum number of Add-Path optimal routes that can be advertised to all dynamic peers in the subnet.

ipv6-address: Specifies a peer by its IPv6 address. The peer must have been created.

prefix-length: Specifies a prefix length in the range of 0 to 128. You can use the ipv6-address and prefix-length arguments together to specify a subnet. If you specify a subnet, this command sets the maximum number of Add-Path optimal routes that can be advertised to all dynamic peers in the subnet.

link-local-address: Specifies a peer by its link-local address.

interface-type interface-number: Specifies an interface by its type and number.

interface-peer interface-type interface-number: Specifies peers that have been created through link-local addresses in the ND entries learned by the specified interface.

number: Specifies the maximum number of Add-Path optimal routes that can be advertised to a peer or peer group, in the range of 2 to 64.

Usage guidelines

If the number of Add-Path optimal routes advertised to a peer or peer group exceeds the number of optimal routes, the number of optimal routes takes effect.

Examples

# In BGP IPv4 unicast address family view, set the maximum number to 3 for Add-Path optimal routes that can be advertised to peer 1.1.1.1.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family ipv4 unicast

[Sysname-bgp-default-ipv4] peer 1.1.1.1 advertise additional-paths best 3

Related commands

additional-paths select-best

peer additional-paths

interface-peer/peer advertise origin-as-validation

Use interface-peer/peer advertise origin-as-validation to configure BGP to advertise the BGP RPKI validation state to a peer or peer group.

Use undo interface-peer/peer advertise origin-as-validation to restore the default.

Syntax

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } advertise origin-as-validation

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } advertise origin-as-validation

In BGP VPNv4 address family view/BGP VPNv6 address family view:

peer { group-name | ipv4-address [ mask-length ] } advertise origin-as-validation

undo peer { group-name | ipv4-address [ mask-length ] } advertise origin-as-validation

In BGP IPv6 unicast address family view/BGP-VPN IPv6 unicast address family view:

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } advertise origin-as-validation

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } advertise origin-as-validation

In BGP IPv4 unicast address family view/BGP-VPN IPv4 unicast address family view/BGP IPv6 unicast address family view/BGP-VPN IPv6 unicast address family view:

interface-peer interface-type interface-number advertise origin-as-validation

undo interface-peer interface-type interface-number advertise origin-as-validation

Default

BGP does not advertise the BGP RPKI validation state to any peer or peer groups.

Views

BGP IPv4 unicast address family view

BGP-VPN IPv4 unicast address family view

BGP IPv6 unicast address family view

BGP-VPN IPv6 unicast address family view

BGP VPNv4 address family view

BGP VPNv6 address family view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must have been created.

ipv4-address: Specifies a peer by its IPv4 address. The peer must have been created.

ipv6-address: Specifies a peer by its IPv6 address. The peer must have been created.

link-local-address: Specifies a peer by its link-local address.

interface-type interface-number: Specifies a peer-facing interface by its type and number.

interface-peer interface-type interface-number: Specifies peers that have been created through link-local addresses in the ND entries learned by the specified interface.

Usage guidelines

BGP advertises the BGP RPKI validation state to a peer or peer group through the extended community attribute. To configure this command, you must first enable BGP to advertise the extended community attribute to the peer or peer group.

In the current software version, BGP can advertise the BGP RPKI validation state only to IBGP peers and peer groups.

Examples

# In BGP IPv4 unicast address family view, configure BGP to advertise the BGP RPKI validation state to peer group test.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family ipv4 unicast

[Sysname-bgp-default-ipv4] peer test advertise-ext-community

[Sysname-bgp-default-ipv4] peer test advertise origin-as-validation

interface-peer/peer bfd

Use interface-peer/peer bfd to enable BFD for the link to a BGP peer or peer group.

Use undo interface-peer/peer bfd to remove the configuration.

Syntax

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } bfd [ echo | multi-hop | single-hop ]

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } bfd

peer link-local-address interface interface-type interface-number bfd [ multi-hop | single-hop ]

undo peer link-local-address interface interface-type interface-number bfd

interface-peer interface-type interface-number bfd [ multi-hop | single-hop ]

undo interface-peer interface-type interface-number bfd

Default

BFD is disabled for the link to a BGP peer or peer group.

Views

BGP instance view

BGP-VPN instance view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must have been created.

ipv4-address: Specifies a peer by its IPv4 address. The peer must have been created.

mask-length: Specifies a mask length in the range of 0 to 32. You can use the ipv4-address and mask-length arguments together to specify a subnet. If you specify a subnet, this command enables BFD for links to all dynamic peers in the subnet.

ipv6-address: Specifies a peer by its IPv6 address. The peer must have been created.

prefix-length: Specifies a prefix length in the range of 0 to 128. You can use the ipv6-address and prefix-length arguments together to specify a subnet. If you specify a subnet, this command enables BFD for links to all dynamic peers in the subnet.

link-local-address: Specifies a peer by its link-local address.

interface-type interface-number: Specifies an interface by its type and number.

interface-peer interface-type interface-number: Specifies peers that have been created through link-local addresses in the ND entries learned by the specified interface.

echo: Specifies the echo packet mode for BFD.

multi-hop: Specifies the control packet mode for multi-hop BFD.

single-hop: Specifies the control packet mode for single-hop BFD.

Usage guidelines

When you do not specify the multi-hop, single-hop, or echo keyword:

· If an IBGP peer or peer group is specified, this command enables multi-hop BFD in control packet mode for the IBGP peer or peer group.

· If a directly connected EBGP peer or peer group is specified and the peer ebgp-max-hop command is not configured, this command enables single-hop BFD in control packet mode for the EBGP peer or peer group. If the EBGP peer or peer group is not directly connected or the peer ebgp-max-hop command is configured, this command enables multi-hop BFD in control packet mode for the EBGP peer or peer group.

Follow these restrictions and guidelines when you configure echo packet mode BFD:

· Echo packet mode BFD is applicable only to directly connected BGP peers.

· Echo packet mode BFD is not applicable to BGP peers established by using loopback interfaces.

· For successful BFD session establishment, make sure a source address has been specified for echo packets by using the bfd echo-source-ip or bfd echo-source-ipv6 command.

To detect the link to a BGP peer established through link-local addresses, you must configure single-hop BFD in control packet mode.

To establish a control packet mode BFD session to a BGP peer, you must configure the same BFD detection mode (multi-hop or single-hop) on the local router and the BGP peer.

For more information about BFD, see BFD configuration in High Availability Configuration Guide.

BFD helps speed up BGP routing convergence upon link failures. However, if you have enabled GR, use BFD with caution. BFD might detect a failure before the system performs GR, resulting in GR failure. If you have enabled both BFD and GR for BGP, do not disable BFD during a GR process to avoid GR failure.

Examples

# In BGP instance view, enable control packet mode single-hop BFD for the link to BGP peer group test.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] peer test bfd single-hop

Related commands

bfd echo-source-ip (High Availability Command Reference)

bfd echo-source-ipv6 (High Availability Command Reference)

display bgp peer

display bfd session (High Availability Command Reference)

peer bfd parameters

Use peer bfd parameters to configure BFD parameters for the specified BGP peer or peer group.

Use undo peer bfd parameters to restore the default.

Syntax

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } bfd parameters { detect-multiplier detect-multiplier | min-receive-interval min-receive-interval | min-transmit-interval min-transmit-interval } *

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } bfd parameters { detect-multiplier | min-receive-interval | min-transmit-interval } *

Default

No BFD parameters are configured for a BGP peer or peer group.

Views

BGP instance view

BGP-VPN instance view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must have been created.

ipv4-address: Specifies a peer by its IPv4 address. The peer must have been created.

ipv6-address: Specifies a peer by its IPv6 address. The peer must have been created.

detect-multiplier detect-multiplier: Specifies the detection time multiplier. The value range for the detect-multiplier argument is 3 to 50.

min-receive-interval min-receive-interval: Specifies the minimum interval for receiving BFD control packets, in milliseconds. The value range for the min-receive-interval argument is 3 to 1000.

min-transmit-interval min-transmit-interval: Specifies the minimum interval for transmitting BFD control packets, in milliseconds. The value range for the min-transmit-interval argument is 3 to 1000.

Usage guidelines

When you configure BFD parameters for a BGP peer or peer group, follow these restrictions and guidelines:

· When you add a peer to a peer group, the peer will inherit the BFD settings of the peer group.

· When you configure BFD parameters for a peer group, the configuration takes effect on all peers in the peer group.

· If you configure a BFD parameter multiple times for a peer or peer group, the most recent configuration takes effect.

· For a peer, the most recent configuration of a BFD parameter takes effect regardless of the configuration source.

Examples

# Configure BFD parameters for peer 2.2.2.9.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] peer 2.2.2.9 bfd parameters min-transmit-interval 100 min-receive-interval 100 detect-multiplier 5

Related commands

display bfd session (High Availability Command Reference)

display bgp peer

peer bfd

interface-peer/peer bmp server

Use interface-peer/peer bmp server to specify a peer or peer group to be monitored by the specified BMP servers.

Use undo interface-peer/peer bmp server to remove the configuration.

Syntax

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } bmp server server-number-list

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } bmp server

interface-peer interface-type interface-number bmp server server-number-list

undo interface-peer interface-type interface-number bmp server

Default

No peer or peer group is specified.

Views

BGP instance view

BGP-VPN instance view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must have been created.

ipv4-address: Specifies a peer by its IPv4 address. The peer must have been created.

ipv6-address: Specifies a peer by its IPv6 address. The peer must have been created.

link-local-address: Specifies a peer by its link-local address.

interface-type interface-number: Specifies an interface by its type and number.

interface-peer interface-type interface-number: Specifies peers that have been created through link-local addresses in the ND entries learned by the specified interface.

server-number-list: Specifies a list of up to 8 BMP servers. The value range for the BMP server number is 1 to 8. The BMP servers must have been created.

Usage guidelines

If you execute this command multiple times for a peer or peer group, the most recent configuration takes effect.

Examples

# In BGP instance view, configure BMP server 1 to monitor peer 1.1.1.1.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] peer 1.1.1.1 bmp server 1

Related commands

bmp server

peer capability-advertise conventional

Use peer capability-advertise conventional to disable the BGP multi-protocol extension, route refresh, and 4-byte AS number features for a peer or peer group.

Use undo peer capability-advertise conventional to enable the BGP multi-protocol extension, route refresh, and 4-byte AS number features for a peer or peer group.

Syntax

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } capability-advertise conventional

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } capability-advertise conventional

Default

The BGP multi-protocol extension, route refresh, and 4-byte AS number features are enabled.

Views

BGP instance view

BGP-VPN instance view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must have been created.

ipv4-address: Specifies a peer by its IPv4 address. The peer must have been created.

mask-length: Specifies a mask length in the range of 0 to 32. You can use the ipv4-address and mask-length arguments together to specify a subnet. If you specify a subnet, this command disables BGP multi-protocol extension and route refresh for all dynamic peers in the subnet.

ipv6-address: Specifies a peer by its IPv6 address. The peer must have been created.

prefix-length: Specifies a prefix length in the range of 0 to 128. You can use the ipv6-address and prefix-length arguments together to specify a subnet. If you specify a subnet, this command disables BGP multi-protocol extension and route refresh for all dynamic peers in the subnet.

Usage guidelines

The route refresh feature enables BGP to send and receive Route-refresh messages and implement BGP session soft-reset.

The multi-protocol extension feature enables BGP to advertise and receive routing information for various protocols (for example, IPv6 routing information).

The 4-byte AS number feature enables BGP to use 4-byte AS numbers in the range of 1 to 4294967295.

If both the peer capability-advertise conventional and peer capability-advertise route-refresh commands are executed, the most recent configuration takes effect.

Examples

# In BGP instance view, disable the multi-protocol extension, route refresh, and 4-byte AS number features for peer 1.1.1.1.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] peer 1.1.1.1 as-number 100

[Sysname-bgp-default] peer 1.1.1.1 capability-advertise conventional

Related commands

display bgp peer

peer capability-advertise route-refresh

peer capability-advertise graceful-restart

Use peer capability-advertise graceful-restart to enable t he capability of GR negotiation with a peer.

Use undo peer capability-advertise graceful-restart to disable the capability of GR negotiation with a peer.

Syntax

peer { group-name | ipv4-address | ipv6-address } capability-advertise graceful-restart

undo peer { group-name | ipv4-address | ipv6-address } capability-advertise graceful-restart

Default

The GR negotiation capability is disabled.

Views

BGP instance view

BGP-VPN instance view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must have been created. This command does not take effect on the dynamic peers and the peers established through link-local addresses in the specified peer group.

ipv4-address: Specifies a peer by its IPv4 address. The peer must have been created.

ipv6-address: Specifies a peer by its IPv6 address. The peer must have been created.

Usage guidelines

Application scenarios

The graceful-restart command globally enables the BGP GR capability for a BGP instance. The BGP instance can establishes GR-capable sessions to all peers. However, enabling the BGP GR capability globally will terminate and re-establish all BGP sessions and thus cause unnecessary traffic interruption. To avoid this issue, use the peer capability-advertise graceful-restart command to enable the capability of BGP GR negotiation with only desired peers.

Operating mechanism

After you configure this command, the local device re-establishes the session to the specified peer and performs GR capability negotiation with the peer through Open messages. If both the local device and the peer have GR capability, they can establish a GR-capable session. When an end of the session restarts BGP, the other end can ensure continuous data forwarding.

Restrictions and guidelines

· The local device can negotiate GR capability with a peer successfully when the GR negotiation capability is enabled globally or only for the peer on the local device.

· If the local device starts BGP GR through the configuration of the peer capability-advertise graceful-restart command, enable or disable the global GR capability with caution. This operation will terminate the current BGP GR process and re-establish BGP sessions.

· If the local device starts BGP GR through the configuration of the graceful-restart command, use the peer capability-advertise graceful-restart command with caution. This command will terminate the BGP GR process associated with the local device and the specified peer and re-establish the session between the two peers.

· If you use this command to enable the capability of GR negotiation with a peer, the time settings used by the GR process that involves the local device and the peer depend on the following commands:

¡ peer graceful-restart timer restart

¡ peer graceful-restart timer wait-for-rib

¡ graceful-restart timer purge-time

¡ peer graceful-restart timer restart extra

You can enable the GR negotiation capability globally and for a single peer on the local device at the same time. The GR time settings configured for the peer take precedence over the global GR time settings.

Examples

# In BGP instance 100, enable the capability of GR negotiation with peer 1.1.1.1.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] peer 1.1.1.1 capability-advertise graceful-restart

Related commands

graceful-restart

graceful-restart timer purge-time

peer graceful-restart timer restart

peer graceful-restart timer restart extra

peer graceful-restart timer wait-for-rib

peer capability-advertise orf non-standard

Use peer capability-advertise orf non-standard to enable nonstandard ORF capabilities negotiation for a peer or peer group.

Use undo peer capability-advertise orf non-standard to disable nonstandard ORF capabilities negotiation for a peer or peer group.

Syntax

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } capability-advertise orf non-standard

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } capability-advertise orf non-standard

Default

Nonstandard ORF capabilities negotiation is disabled for a peer or peer group.

Views

BGP instance view

BGP-VPN instance view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must have been created.

ipv4-address: Specifies a peer by its IPv4 address. The peer must have been created.

mask-length: Specifies a mask length in the range of 0 to 32. You can use the ip-address and mask-length arguments together to specify a subnet. If you specify a subnet, this command enables BGP to negotiate nonstandard ORF capabilities with all dynamic peers in the subnet.

ipv6-address: Specifies a peer by its IPv6 address. The peer must have been created.

prefix-length: Specifies a prefix length in the range of 0 to 128. You can use the ipv6-address and prefix-length arguments together to specify a subnet. If you specify a subnet, this command enables BGP to negotiate nonstandard ORF capabilities with all dynamic peers in the subnet.

Usage guidelines

To enable BGP peers to negotiate nonstandard ORF capabilities, you must configure this command together with the peer capability-advertise orf prefix-list command.

Examples

# Enable nonstandard ORF capabilities negotiation for peer 1.1.1.1.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] peer 1.1.1.1 capability-advertise orf non-standard

Related commands

peer capability-advertise orf prefix-list

interface-peer/peer capability-advertise orf prefix-list

Use interface-peer/peer capability-advertise orf prefix-list to enable BGP ORF capabilities negotiation for a peer or peer group.

Use undo interface-peer/peer capability-advertise orf prefix-list to disable BGP ORF capabilities negotiation for a peer or peer group.

Syntax

In BGP VPNv4 address family view/BGP VPNv6 address family view/BGP IPv4 multicast address family view:

peer { group-name | ipv4-address [ mask-length ] } capability-advertise orf prefix-list { both | receive | send }

undo peer { group-name | ipv4-address [ mask-length ] } capability-advertise orf prefix-list { both | receive | send }

In BGP IPv4 unicast address family view/BGP-VPN IPv4 unicast address family view/BGP IPv6 unicast address family view/BGP-VPN IPv6 unicast address family view:

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } capability-advertise orf prefix-list { both | receive | send }

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } capability-advertise orf prefix-list { both | receive | send }

In BGP IPv6 multicast address family view:

peer { group-name | ipv6-address [ prefix-length ] } capability-advertise orf prefix-list { both | receive | send }

undo peer { group-name | ipv6-address [ prefix-length ] } capability-advertise orf prefix-list { both | receive | send }

In BGP IPv6 unicast address family view/BGP-VPN IPv6 unicast address family view:

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } capability-advertise orf prefix-list { both | receive | send }

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } capability-advertise orf prefix-list { both | receive | send }

In BGP IPv4 unicast address family view/BGP-VPN IPv4 unicast address family view/BGP IPv6 unicast address family view/BGP-VPN IPv6 unicast address family view:

interface-peer interface-type interface-number capability-advertise orf prefix-list { both | receive | send }

undo interface-peer interface-type interface-number capability-advertise orf prefix-list { both | receive | send }

Default

BGP ORF capabilities are disabled.

Views

BGP IPv4 unicast address family view

BGP-VPN IPv4 unicast address family view

BGP VPNv4 address family view

BGP IPv6 unicast address family view

BGP-VPN IPv6 unicast address family view

BGP VPNv6 address family view

BGP IPv4 multicast address family view

BGP IPv6 multicast address family view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must have been created.

ipv4-address: Specifies a peer by its IPv4 address. The peer must have been created.

ipv6-address: Specifies a peer by its IPv6 address. The peer must have been created.

link-local-address: Specifies a peer by its link-local address.

interface-type interface-number: Specifies an interface by its type and number.

interface-peer interface-type interface-number: Specifies peers that have been created through link-local addresses in the ND entries learned by the specified interface.

both: Enables BGP to send and receive route fresh messages that carry the ORF information.

receive: Enables BGP to receive route fresh messages that carry the ORF information.

send: Enables BGP to send route fresh messages that carry the ORF information.

Usage guidelines

After you configure this command, the BGP peers negotiate the ORF capabilities through Open messages. After completing the negotiation process, the BGP peers can exchange ORF information through route refresh messages. To enable the peers to exchange nonstandard ORF information, you must also configure the peer capability-advertise orf non-standard command.

Examples

# Enables BGP ORF capabilities negotiation for peer 1.1.1.1.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family ipv4

[Sysname-bgp-default-ipv4] peer 1.1.1.1 capability-advertise orf prefix-list both

Related commands

peer capability-advertise orf non-standard

peer capability-advertise route-refresh

Use peer capability-advertise route-refresh to enable BGP route refresh for a peer or peer group.

Use undo peer capability-advertise route-refresh to disable BGP route refresh for a peer or peer group.

Syntax

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } capability-advertise route-refresh

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } capability-advertise route-refresh

Default

BGP route refresh is enabled.

Views

BGP instance view

BGP-VPN instance view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must have been created.

ipv4-address: Specifies a peer by its IPv4 address. The peer must have been created.

mask-length: Specifies a mask length in the range of 0 to 32. You can use the ipv4-address and mask-length arguments together to specify a subnet. If you specify a subnet, this command enables BGP route refresh for all dynamic peers in the subnet.

ipv6-address: Specifies a peer by its IPv6 address. The peer must have been created.

prefix-length: Specifies a prefix length in the range of 0 to 128. You can use the ipv6-address and prefix-length arguments together to specify a subnet. If you specify a subnet, this command enables BGP route refresh for all dynamic peers in the subnet.

Usage guidelines

The route refresh feature enables BGP to send and receive Route-refresh messages.

BGP uses the route refresh feature to implement BGP session soft-reset. After a policy is modified, the router advertises a Route-refresh message to the peers. The peers resend their routing information to the router. After receiving the routing information, the router filters the routing information by using the new policy. This method allows you to refresh the BGP routing table and apply the new route selection policy without tearing down BGP sessions.

BGP route refresh requires that both the local router and the peer support route refresh.

If both the peer capability-advertise route-refresh and peer capability-advertise conventional commands are executed, the most recent configuration takes effect.

Examples

# In BGP instance view, enable BGP route refresh for peer 1.1.1.1.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] peer 1.1.1.1 as-number 100

[Sysname-bgp-default] peer 1.1.1.1 capability-advertise route-refresh

Related commands

display bgp peer

peer capability-advertise conventional

peer keep-all-routes

refresh bgp

peer capability-advertise suppress-4-byte-as

Use peer capability-advertise suppress-4-byte-as to enable 4-byte AS number suppression.

Use undo peer capability-advertise suppress-4-byte-as to disable 4-byte AS number suppression.

Syntax

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } capability-advertise suppress-4-byte-as

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } capability-advertise suppress-4-byte-as

Default

The 4-byte AS number suppression feature is disabled.

Views

BGP instance view

BGP-VPN instance view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must have been created.

ipv4-address: Specifies a peer by its IPv4 address. The peer must have been created.

mask-length: Specifies a mask length in the range of 0 to 32. You can use the ipv4-address and mask-length arguments together to specify a subnet. If you specify a subnet, this command enables 4-byte AS number suppression for all dynamic peers in the subnet.

ipv6-address: Specifies a peer by its IPv6 address. The peer must have been created.

prefix-length: Specifies a prefix length in the range of 0 to 128. You can use the ipv6-address and prefix-length arguments together to specify a subnet. If you specify a subnet, this command enables 4-byte AS number suppression for all dynamic peers in the subnet.

Usage guidelines

CAUTION:

If the peer device supports 4-byte AS numbers, do not enable the 4-byte AS number suppression feature. If this feature is enabled, the BGP session cannot be established.

‌

BGP supports 4-byte AS numbers. The 4-byte AS number occupies four bytes, in the range of 1 to 4294967295. By default, a device sends an Open message to the peer device for session establishment. The Open message indicates that the device supports 4-byte AS numbers. If the peer device supports 2-byte AS numbers instead of 4-byte AS numbers, the session cannot be established. To resolve this issue, enable the 4-byte AS number suppression feature. The device then sends an Open message to inform the peer that it does not support 4-byte AS numbers, so the BGP session can be established.

Examples

# In BGP instance view, enable 4-byte AS number suppression for peer 1.1.1.1.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] peer 1.1.1.1 as-number 100

[Sysname-bgp-default] peer 1.1.1.1 capability-advertise suppress-4-byte-as

Related commands

display bgp peer

pe er capability-advertise withdraw-refresh

Use peer capability-advertise withdraw-refresh to enable BGP to exchange withdrawal ROUTE-REFRESH messages with a peer or peer group.

Use undo peer capability-advertise withdraw-refresh to disable BGP from exchanging withdrawal ROUTE-REFRESH messages with a peer or peer group.

Syntax

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } capability-advertise withdraw-refresh

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } capability-advertise withdraw-refresh

Default

BGP cannot exchange withdrawal ROUTE-REFRESH messages with any peer or peer group.

Views

BGP instance view

BGP-VPN instance view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must have been created.

ipv4-address: Specifies a peer by its IPv4 address. The peer must have been created.

ipv6-address: Specifies a peer by its IPv6 address. The peer must have been created.

Usage guidelines

Application scenarios

This command is applicable to multi-level BGP networking scenarios.

When all uplinks of an upstream device fail and the device cannot complete route convergence in time, the device might also fail to send route withdrawal messages to downstream devices in time. At this time, those downstream devices still forward some user traffic to the upstream device, resulting in traffic forwarding failure.

To avoid this issue, enable the upstream device to exchange withdrawal ROUTE-REFRESH messages with downstream devices. When all uplinks of the upstream device fail, it sends withdrawal ROUTE-REFRESH messages to the downstream devices. On receipt of the withdrawal ROUTE-REFRESH messages, the downstream devices immediately perform route switchover and forward traffic to another upstream device with normal uplinks.

Operating mechanism

After this command is executed on an upstream device, the upstream device performs the following operations:

1. Terminates and re-establishes the BGP session to the specified downstream device.

2. Exchanges OPEN messages with the downstream device to negotiate the capability of exchanging withdrawal ROUTE-REFRESH messages.

To ensure successful negotiation, you must configure this command at both ends of the BGP session, specifying the other end.

With the withdrawal ROUTE-REFRESH capability negotiated successfully, if the upstream device is disconnected from all peers in the same AS, it sends a withdrawal ROUTE-REFRESH message to the downstream device. The sent message carries the AS number (for example, AS 10) from which the upstream device is disconnected.

After receiving the withdrawal ROUTE-REFRESH message, the downstream device performs the following operations:

1. Searches in all BGP routes received from the upstream BGP device for routes with AS 10 as the first AS number in the NEXT_HOP attribute.

To view AS number information in the NEXT_HOP attribute of a BGP route, see the AS-path field in the output of the display rib nib or display ipv6 rib nib command.

2. After finding routes with AS 10 as the first AS number in the NEXT_HOP attribute, marks the IP routes corresponding to those routes as backup routes.

The downstream device no longer uses these routes for traffic forwarding, achieving fast route switchover.

After receiving a withdrawal ROUTE-REFRESH message, the device forwards the message to its peers as follows:

· If the message is received from an IBGP peer, the device forwards the message only to EBGP peers.

· If the message is received from an EBGP peer, the device forwards the message to IBGP peers without changing the original AS number of the message.

You can use this command in conjunction with the peer tracking command on an upstream device. The peer tracking command enables the upstream device to fast detect status of the specified BGP peer session. When the related peer is unreachable, the local device immediately terminates the BGP peer session in time and sends withdrawal ROUTE-REFRESH messages to downstream devices. Collaboration of the two commands expedites forwarding path convergence upon uplink failures.

Restrictions and guidelines

Execute this command with caution, because this operation will terminate and re-establish the BGP session between the local device and the specified peer.

This command is not applicable to scenarios where upstream devices that advertise withdrawal ROUTE-REFRESH messages are connected to IBGP peers in the uplink direction.

Examples

# In BGP instance view, enable BGP to exchange withdrawal ROUTE-REFRESH messages with peer 1.1.1.1.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] peer 1.1.1.1 capability-advertise withdraw-refresh

Related commands

display ipv6 rib nib (Layer 3—IP Routing Command Reference)

display rib nib (Layer 3—IP Routing Command Reference)

peer tracking

interface-peer/peer dscp

Use interface-peer/peer dscp to set a DSCP value for outgoing BGP packets.

Use undo interface-peer/peer dscp to remove the configuration.

Syntax

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } dscp dscp-value

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } dscp

interface-peer interface-type interface-number dscp dscp-value

undo interface-peer interface-type interface-number dscp

Default

The DSCP value for outgoing BGP packets is 48.

Views

BGP instance view

BGP-VPN instance view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must have been created.

ipv4-address: Specifies a peer by its IPv4 address. The peer must have been created.

mask-length: Specifies a mask length in the range of 0 to 32. You can use the ipv4-address and mask-length arguments together to specify a subnet. If you specify a subnet, this command specifies a DSCP value for outgoing BGP packets to all dynamic peers in the subnet.

ipv6-address: Specifies a peer by its IPv6 address. The peer must have been created.

prefix-length: Specifies a prefix length in the range of 0 to 128. You can use the ipv6-address and prefix-length arguments together to specify a subnet. If you specify a subnet, this command specifies a DSCP value for outgoing BGP packets to all dynamic peers in the subnet.

link-local-address: Specifies a peer by its link-local address.

interface-type interface-number: Specifies an interface by its type and number.

interface-peer interface-type interface-number: Specifies peers that have been created through link-local addresses in the ND entries learned by the specified interface.

dscp-value: Specifies a DSCP value in the range of 0 to 63.

Usage guidelines

The DSCP value of an IP packet specifies the priority level of the packet and affects the transmission priority of the packet. A larger DSCP value represents a higher priority.

Examples

# In BGP instance view, set the DSCP value to 10 for outgoing BGP packets to peer group test.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] peer test dscp 10

peer flap-dampen

Use peer flap-dampen to configure flap dampening for a peer or peer group.

Use undo peer flap-dampen to disable flap dampening for a peer or peer group.

Syntax

peer { group-name | ipv4-address | ipv6-address } flap-dampen [ max-idle-time max-time | min-established-time min-time ]*

undo peer { group-name | ipv4-address | ipv6-address } flap-dampen

Default

Flap dampening is disabled for all peers and peer groups.

Views

BGP instance view

BGP-VPN instance view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must have been created.

ipv4-address: Specifies a peer by its IPv4 address. The peer must have been created.

ipv6-address: Specifies a peer by its IPv6 address. The peer must have been created.

max-time: Specifies the maximum time during which a BGP peer remains in idle state. The value range for this argument is 1 to 65536 seconds, and the default value is 1800 seconds.

min-time: Specifies the minimum time during which a BGP peer remains in Established state so as to exit the dampened state. The value range for this argument is 1 to 4294967295 seconds, and the default value is 600 seconds.

Usage guidelines

Execute this command to dampen a BGP peer when the peer state frequently changes between up and down. BGP increases the idle time of the peer each time the peer comes up until the maximum idle time is reached. To exit the dampened state, the peer must remain in Established state for a time period longer than the minimum established time. After the peer exits the dampened state, BGP resets the idle time of the peer when the peer comes up again.

Set a maximum idle time and a minimum established time based on your network condition.

Examples

# In BGP instance view, enable flap dampening for peer group test, and set the maximum idle time and minimum established time to 800 seconds and 2000 seconds, respectively.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] peer test flap-dampen max-idle-time 800 min-established-time 2000

peer graceful-restart timer restart

Use peer graceful-restart timer restart to set the GR timer for a peer.

Use undo peer graceful-restart timer restart to restore the default.

Syntax

peer { group-name | ipv4-address | ipv6-address } graceful-restart timer restart time-value

undo peer { group-name | ipv4-address | ipv6-address } graceful-restart timer restart

Default

The GR timer is 150 seconds for peers.

Views

BGP instance view

BGP-VPN instance view

Predefined user roles

network-admin

Parameters

ipv4-address: Specifies a peer by its IPv4 address. The peer must have been created.

ipv6-address: Specifies a peer by its IPv6 address. The peer must have been created.

time-value: Specifies the GR timer in the range of 3 to 3600 seconds.

Usage guidelines

Application scenarios

Configure this command on t he GR restarter to set a GR timer for the GR helper. The GR restarter then advertises the configured GR timer to the GR helper. If the GR restarter starts a BGP GR process, the GR helper will use the GR timer.

Operating mechanism

After you use the peer capability-advertise graceful-restart command to enable the capability of GR negotiation with a peer, the local device sends the configured GR timer to the peer upon GR capability negotiation. When the local device initiates a GR process, the peer acts as the GR helper and marks all BGP routes learned from the local device as stale. If the local device and the peer do not establish a BGP session before both the GR timer and the extra timer to wait expire, the peer removes the stale routes and reselects optimal routes. If the local device and the peer establish a BGP session timely, they start to exchange BGP routes. To configrue the extra timer to wait for BGP session re-establishment, use the peer graceful-restart timer restart extra command.

Restrictions and guidelines

This command takes effect only on the peers for which the GR negotiation capability is enabled through the peer capability-advertise graceful-restart command.

Using this command will terminate and re-establish the session between the local device and the specified peer.

If you execute this command multiple times for a peer or peer group, the most recent configuration takes effect.

Examples

# In BGP instance 100, set the GR timer to 3000 seconds for peer 1.1.1.1.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] peer 1.1.1.1 graceful-restart timer restart 3000

Related commands

peer capability-advertise graceful-restart

peer graceful-restart timer wait-for-rib

Use peer graceful-restart timer wait-for-rib to configure the maximum time to wait for the End-of-RIB marker from a peer.

Use undo peer graceful-restart timer wait-for-rib to restore the default.

Syntax

peer { group-name | ipv4-address | ipv6-address } graceful-restart timer wait-for-rib time-value

undo peer { group-name | ipv4-address | ipv6-address } graceful-restart timer wait-for-rib

Default

The maximum time to wait for the End-of-RIB marker from a peer is 600 seconds.

Views

BGP instance view

BGP-VPN instance view

Predefined user roles

network-admin

Parameters

ipv4-address: Specifies a peer by its IPv4 address. The peer must have been created.

ipv6-address: Specifies a peer by its IPv6 address. The peer must have been created.

time-value: Specifies the maximum time to wait for the End-of-RIB marker from the specified peer, in the range of 3 to 16777215 seconds.

Usage guidelines

Application scenarios

Configure this command on both the GR restarter and the GR helper.

Operating mechanism

If you use the peer capability-advertise graceful-restart command to enable the capability of GR negotiation with a peer, use this command to set the maximum time to wait for the End-of-RIB marker from that peer. When the local device and the peer start a GR process and re-establish their BGP session, the specified End-Of-RIB wait timer functions as follows:

· If the local device acts as the GR restarter in the GR process, it waits for the End-of-RIB marker from the peer before the wait timer expires:

¡ If no End-of-RIB marker is received from the peer, the local device performs the following operations after the wait timer expires:

i. Updates RIB entries based on the learned BGP routes and removes expired RIB entries.

ii. Exits from the GR process.

¡ If an End-of-RIB marker is received from the peer, the local device determines that the peer has finished route sending, and immediately performs the following operations:

i. Updates RIB entries based on the received BGP routes and removes expired RIB entries.

ii. Exits from the GR process.

· If the local device acts as the GR helper, it waits for the End-of-RIB marker from the peer before the wait timer expires:

¡ If no End-of-RIB marker is received from the peer, the local device performs the following operations after the wait timer expires:

i. Removes stale BGP routes, reselects optimal routes, and updates RIB entries.

ii. Exits from the GR process.

¡ If an End-of-RIB marker is received from the peer, the local device determines that the peer has finished route sending, and immediately performs the following operations:

i. Removes stale BGP routes, reselects optimal routes, and updates RIB entries.

ii. Exits from the GR process.

Restrictions and guidelines

If you use this command to set the End-Of-RIB wait timer for a peer, the local device will not advertise the configured wait timer to that peer. The wait timer only controls the time to wait for the End-of-RIB marker from the peer. It takes effect only after the local device re-establishes the session to the peer.

If you execute this command multiple times for a peer or peer group, the most recent configuration takes effect.

Examples

# Set the maximum time to wait for the End-of-RIB marker from peer 1.1.1.1 on the local device to 3000 seconds.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] peer 1.1.1.1 as-number 100

[Sysname-bgp-default] peer 1.1.1.1 graceful-restart timer wait-for-rib 3000

Related commands

peer capability-advertise graceful-restart

interface-peer/peer ignore

Use interface-peer/peer ignore to disable BGP session establishment with a peer or peer group.

Use undo interface-peer/peer ignore to enable BGP session establishment with a peer or peer group.

Syntax

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } ignore [ graceful graceful-time { community { community-number | aa:nn } | local-preference preference | med med } * ]

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } ignore

interface-peer interface-type interface-number ignore [ graceful graceful-time { community { community-number | aa:nn } | local-preference preference | med med } * ]

undo interface-peer interface-type interface-number ignore

Default

BGP can establish a session to a peer or peer group.

Views

BGP instance view

BGP-VPN instance view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must have been created.

ipv4-address: Specifies a peer by its IPv4 address. The peer must have been created.

mask-length: Specifies a mask length in the range of 0 to 32. You can use the ipv4-address and mask-length arguments together to specify a subnet. If you specify a subnet in this command, BGP tears down sessions to all dynamic peers in the subnet.

link-local-address: Specifies a peer by its link-local address.

interface-type interface-number: Specifies an interface by its type and number.

interface-peer interface-type interface-number: Specifies peers that have been created through link-local addresses in the ND entries learned by the specified interface.

graceful graceful-time: Gracefully shuts down the session to a peer or peer group in the specified graceful shutdown period of time. The value range for the graceful-time argument is 60 to 65535 seconds. If you set the value for this option to 0, the device does not shut down the sessions to peers and peer groups. If you do not specify this option, the command immediately shuts down the session to the peer or peer group.

community { community-number | aa:nn }: Specifies the community attribute for advertised routes. The community-number argument represents the community sequence number in the range of 1 to 4294967295. The aa:nn argument represents the community number. Both aa and nn are in the range of 0 to 65535. If you do not specify this option, the command does not change the community attribute for advertised routes.

local-preference preference: Specifies the local preference for advertised routes, in the range of 0 to 4294967295. A larger value represents a higher preference. If you do not specify this option, the command does not change the local preference for advertised routes.

med med: Specifies the MED value for advertised routes, in the range of 0 to 4294967295. The smaller the MED value, the higher the route priority. If you do not specify this option, the command does not change the MED value for advertised routes.

ipv6-address: Specifies a peer by its IPv6 address. The peer must have been created.

prefix-length: Specifies a prefix length in the range of 0 to 128. You can use the ipv6-address and prefix-length arguments together to specify a subnet. If you specify a subnet in this command, BGP tears down sessions to all dynamic peers in the subnet.

Usage guidelines

CAUTION:

· If a session has been established to a peer, executing this command for the peer tears down the session and clears all related routing information.

· If sessions have been established to a peer group, executing this command for the peer group tears down the sessions to all peers in the group and clears all related routing information.

‌

This command enables you to temporarily tear down the BGP session to a peer or peer group. You can perform network upgrade and maintenance without needing to delete and reconfigure the peer or peer group. To recover the session, execute the undo peer ignore command.

If you specify the graceful keyword in the peer ignore command, BGP performs the following tasks:

1. Starts the wait timer specified with the graceful keyword.

2. Advertises all routes to the specified peer or peer group and changes the attribute for the advertised routes to the specified value.

Advertises the routes from the specified peer or peer group to other peers and peer groups and changes the attribute for the advertised routes to the specified value.

3. Shuts down the session to the specified peer or peer group after the wait timer expires.

For a BGP peer or peer group, the configuration made by the peer ignore command takes precedence over the configuration made by the ignore all-peers command.

Examples

# In BGP instance view, disable session establishment with peer 1.1.1.1.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] peer 1.1.1.1 ignore

# In BGP instance view, configure BGP to gracefully shut down the session to peer 1.1.1.1 in 60 seconds, advertise all routes to peer 1.1.1.1, and change the community attribute and local preference for the advertised routes to 1:1 and 200, respectively.

<Sysname> system-view

[Sysname] bgp 1

[Sysname-bgp-default] peer 1.1.1.1 ignore graceful 60 community 1:1 local-preference 200

Related commands

ignore all-peers

interface-peer/peer keep-all-routes

Use interface-peer/peer keep-all-routes to save all route updates from a peer or peer group, regardless of whether the routes have passed the configured routing policy.

Use undo interface-peer/peer keep-all-routes to remove the configuration.

Syntax

In BGP IPv4 multicast address family view:

peer { group-name | ipv4-address [ mask-length ] } keep-all-routes

undo peer { group-name | ipv4-address [ mask-length ] } keep-all-routes

In BGP IPv4 unicast address family view/BGP-VPN IPv4 unicast address family view/BGP VPNv4 address family view/BGP IPv6 unicast address family view/BGP-VPN IPv6 unicast address family view:

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } keep-all-routes

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } keep-all-routes

In BGP IPv6 multicast address family view:

peer { group-name | ipv6-address [ prefix-length ] } keep-all-routes

undo peer { group-name | ipv6-address [ prefix-length ] } keep-all-routes

In BGP IPv6 unicast address family view/BGP-VPN IPv6 unicast address family view:

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } keep-all-routes

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } keep-all-routes

In BGP IPv4 unicast address family view/BGP-VPN IPv4 unicast address family view/BGP IPv6 unicast address family view/BGP-VPN IPv6 unicast address family view:

interface-peer interface-type interface-number keep-all-routes

undo interface-peer interface-type interface-number keep-all-routes

Default

Route updates from a peer or peer group are not saved.

Views

BGP IPv4 unicast address family view

BGP-VPN IPv4 unicast address family view

BGP VPNv4 address family view

BGP IPv6 unicast address family view

BGP-VPN IPv6 unicast address family view

BGP IPv4 multicast address family view

BGP IPv6 multicast address family view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must have been created.

ipv4-address: Specifies a peer by its IPv4 address. The peer must have been created.

mask-length: Specifies a mask length in the range of 0 to 32. You can use the ipv4-address and mask-length arguments together to specify a subnet. If you specify a subnet, this command saves all route updates from all dynamic peers in the subnet, regardless of whether the routes have passed the configured routing policy.

ipv6-address: Specifies a peer by its IPv6 address. The peer must have been created.

prefix-length: Specifies a prefix length in the range of 0 to 128. You can use the ipv6-address and prefix-length arguments together to specify a subnet. If you specify a subnet, this command saves all route updates from all dynamic peers in the subnet, regardless of whether the routes have passed the configured routing policy.

link-local-address: Specifies a peer by its link-local address.

interface-type interface-number: Specifies an interface by its type and number.

interface-peer interface-type interface-number: Specifies peers that have been created through link-local addresses in the ND entries learned by the specified interface.

Usage guidelines

To implement BGP session soft-reset when the local router and a peer or peer group do not support the route refresh feature, use the peer keep-all-routes command. The command saves all route updates received from the peer or peer group. After modifying the route selection policy, filter all saved routes with the new policy to refresh the routing table. This method avoids tearing down BGP sessions.

Examples

# In BGP IPv4 unicast address family view, save all route updates from peer 1.1.1.1.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family ipv4 unicast

[Sysname-bgp-default-ipv4] peer 1.1.1.1 keep-all-routes

Related commands

peer capability-advertise route-refresh

refresh bgp

interface-peer/peer keychain

Use interface-peer/peer keychain to enable keychain authentication for a BGP peer or peer group.

Use undo interface-peer/peer keychain to remove keychain authentication for a BGP peer or peer group.

Syntax

peer { group-name | ip-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } keychain keychain-name

undo peer { group-name | ip-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } keychain

interface-peer interface-type interface-number keychain keychain-name

undo interface-peer interface-type interface-number keychain

Default

Keychain authentication is disabled.

Views

BGP instance view

BGP-VPN instance view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must have been created.

ip-address: Specifies a peer by its IPv4 address. The peer must have been created.

mask-length: Specifies a mask length in the range of 0 to 32. You can use the ip-address and mask-length arguments together to specify a subnet. If you specify a subnet, this command enables keychain authentication for all dynamic peers in the subnet.

ipv6-address: Specifies a peer by its IPv6 address. The peer must have been created.

prefix-length: Specifies a prefix length in the range of 0 to 128. You can use the ipv6-address and prefix-length arguments together to specify a subnet. If you specify a subnet, this command enables keychain authentication for all dynamic peers in the subnet.

link-local-address: Specifies a peer by its link-local address.

interface-type interface-number: Specifies an interface by its type and number.

interface-peer interface-type interface-number: Specifies peers that have been created through link-local addresses in the ND entries learned by the specified interface.

keychain-name: Specifies a keychain by its name, a case-sensitive string of 1 to 63 characters. The keychain must have been created.

Usage guidelines

Keychain authentication enhances the security of BGP in the following ways:

· BGP peers can establish TCP connections only when they use the same key for keychain authentication.

· The keys used by the BGP peers at the same time must have the same ID.

· The keys with the same ID must use the same authentication algorithm and key string.

BGP supports the HMAC-MD5, MD5, and HMAC-SHA authentication algorithms. To specify an authentication algorithm for a key, use the authentication-algorithm command.

The ID of keys used for authentication can only be in the range of 0 to 63. To create a key, use the key command.

The peer keychain and peer password commands are mutually exclusive.

Examples

# In BGP instance view, configure peer 10.1.1.1 to use keychain abc for authentication.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] peer 10.1.1.1 as-number 100

[Sysname-bgp-default] peer 10.1.1.1 keychain abc

Related commands

authentication-algorithm (Security Command Reference)

key (Security Command Reference)

peer label-route-capability

Use peer label-route-capability to enable BGP to exchange labeled routes with a peer or peer group.

Use undo peer label-route-capability to disable BGP from exchanging labeled routes with a peer or peer group.

Syntax

In BGP IPv4 unicast address family view/BGP-VPN IPv4 unicast address family view/BGP IPv6 unicast address family view:

peer { group-name | ipv4-address [ mask-length ] } label-route-capability

undo peer { group-name | ipv4-address [ mask-length ] } label-route-capability

In BGP-VPN IPv6 unicast address family view:

peer ipv4-address [ mask-length ] label-route-capability

undo peer ipv4-address [ mask-length ] label-route-capability

Default

BGP cannot exchange labeled routes with a peer or peer group.

Views

BGP IPv4 unicast address family view

BGP-VPN IPv4 unicast address family view

BGP IPv6 unicast address family view

BGP-VPN IPv6 unicast address family view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must have been created.

ipv4-address: Specifies a peer by its IPv4 address. The peer must have been created.

mask-length: Specifies a mask length in the range of 0 to 32. You can use the ipv4-address and mask-length arguments together to specify a subnet. If you specify a subnet in this command, BGP exchanges labeled routes with all dynamic peers in the subnet.

Usage guidelines

On an inter-AS option C network, use this command in BGP IPv4 unicast or BGP-VPN IPv4 unicast address family view to exchange labeled IPv4 unicast routes for inter-AS public LSP establishment.

On a 6PE network, use this command in BGP IPv6 unicast address family view to exchange labeled IPv6 unicast routes for forwarding IPv6 packets over an IPv4 network.

Examples

# In BGP IPv4 unicast address family view, enable BGP to exchange labeled IPv4 routes with peer 2.2.2.2.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family ipv4

[Sysname-bgp-default-ipv4] peer 2.2.2.2 label-route-capability

interface-peer/peer low-memory-exempt

Use interface-peer/peer low-memory-exempt to configure BGP to protect EBGP peers or peer groups when the memory usage reaches level 2 threshold.

Use undo interface-peer/peer low-memory-exempt to remove the configuration.

Syntax

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } low-memory-exempt

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } low-memory-exempt

interface-peer interface-type interface-number low-memory-exempt

undo interface-peer interface-type interface-number low-memory-exempt

Default

When the memory usage reaches level 2 threshold, BGP tears down an EBGP session to release memory resources periodically.

Views

BGP instance view

BGP-VPN instance view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must have been created.

ipv4-address: Specifies a peer by its IPv4 address. The peer must have been created.

mask-length: Specifies a mask length in the range of 0 to 32. You can use the ipv4-address and mask-length arguments together to specify a subnet. If you specify a subnet in this command, BGP protects all dynamic peers in the subnet when the memory usage reaches level 2 threshold.

ipv6-address: Specifies a peer by its IPv6 address. The peer must have been created.

prefix-length: Specifies a prefix length in the range of 0 to 128. You can use the ipv6-address and prefix-length arguments together to specify a subnet. If you specify a subnet in this command, BGP protects all dynamic peers in the subnet when the memory usage reaches level 2 threshold.

link-local-address: Specifies a peer by its link-local address.

interface-type interface-number: Specifies an interface by its type and number.

interface-peer interface-type interface-number: Specifies peers that have been created through link-local addresses in the ND entries learned by the specified interface.

Usage guidelines

When level 2 memory usage threshold is reached, BGP tears down an EBGP session to release memory resources periodically until the memory usage is exempt from level 2 threshold. You can use this command to avoid tearing down the BGP session to an EBGP peer when memory usage reaches level 2 threshold. For more information about thresholds, see Fundamentals Configuration Guide.

Examples

# In BGP instance view, configure BGP to protect EBGP peer 1.1.1.1 when the memory usage reaches level 2 threshold.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] peer 1.1.1.1 as-number 200

[Sysname-bgp-default] peer 1.1.1.1 low-memory-exempt

peer monitor-link group

Use peer monitor-link group to configure the BGP session state to collaborate with the monitor link downlink interfaces.

Use undo peer monitor-link group to disable the BGP session state from collaborating with the monitor link downlink interfaces.

Syntax

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } monitor-link group group-id

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } monitor-link group

Default

The BGP session state does not collaborate with the monitor link downlink interfaces.

Views

BGP instance view

BGP-VPN instance view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must have been created.

ipv4-address: Specifies a peer by its IPv4 address. The peer must have been created.

ipv6-address: Specifies a peer by its IPv6 address. The peer must have been created.

group-id: Specifies a monitor link group by its ID. The value range for the group-id argument is 1 to 16.

Usage guidelines

Operating mechanism

After this command is executed, the BGP session between the local device and a peer or peer group specified by this command will be used as an uplink interface of the specified monitor link group. The uplink interfaces and downlink interfaces in a monitor link group collaborate as follows:

· Uplink interfaces are defined as follows:

¡ In a monitor link group, an interface specified by using the port uplink or port monitor-link group uplink command is considered as an uplink interface.

¡ In a monitor link group, each BGP process specified by using the monitor bgp command is considered as an uplink interface.

¡ In a monitor link group, a BGP session specified by using the peer monitor-link group command is considered as an uplink interface.

If the BGP sessions specified by using the peer monitor-link group command are established in the BGP process specified by using the monitor bgp command, and at least one of these BGP sessions is in Established state, the BGP process is not considered as an uplink interface. If the BGP sessions specified by using the peer monitor-link group command are established in the BGP process specified by using the monitor bgp command, and none of these BGP sessions is in Established state, these BGP sessions are not considered as uplink interfaces, and only the BGP process is considered as an uplink interface.

For example, use the monitor bgp command to specify BGP instances aaa and bbb as two uplink interfaces in a monitor link group, use the peer monitor-link group command in BGP instance aaa to specify two BGP sessions as the uplink interfaces, and do not use the peer monitor-link group command in BGP instance bbb to specify uplink interfaces. In this case, when at least one of the two specified BGP sessions are in Established state, the monitor link group has three uplink interfaces in total, including two BGP sessions and one BGP process without BGP sessions specified. When neither of the two specified BGP sessions is in Established state, the monitor link group has two uplink interfaces in total. One uplink interface is the BGP process with BGP sessions specified but neither of the BGP sessions is in Established state. The other is the BGP process without BGP sessions specified.

· Downlink interfaces are defined as follows: In a monitor link group, an interface specified by using the port downlink or port monitor-link group downlink command is considered as a downlink interface.

· Uplink interfaces and downlink interfaces collaborate as follows:

¡ When the number of uplink interfaces in up state in a monitor link group is lower than the threshold configured by using the uplink up-port-threshold command, the physical state is set to down for all downlink interfaces in the monitor link group. An uplink interface is determined as up or down following these rules:

- For an interface specified by using the port uplink or port monitor-link group uplink command, the uplink interface is considered as up if the interface is physically up, and the uplink interface is considered as down if the interface is physically down.

- For a BGP process specified by using the monitor bgp command, the uplink interface is considered as up when the BGP instance exists and runs normally, and the uplink interface is considered as down when the BGP instance is deleted and the corresponding process exits.

- For a BGP session specified by using the peer monitor-link group command, the uplink interface is considered as up when the BGP session is in Established state, and the uplink interface is considered as down when the BGP session is in any other state.

¡ When the number of uplink interfaces in up state in a monitor link group is greater than or equal to the threshold configured by using the uplink up-port-threshold command, the physical state is set to up for all downlink interfaces in the monitor link group.

Restrictions and guidelines

To prevent BGP session flappings from causing frequent downlink switchovers in a monitor link group, execute the downlink up-delay command in the monitor link group to set the switchover delay for the downlink interfaces in the monitor link group.

For more information about monitor link, see monitor link configuration in High Availability Configuration Guide.

If you execute this command multiple times for the same peer or peer group, the most recent configuration takes effect.

Examples

# In BGP instance view, configure the BGP session between the local device and peer 1.1.1.1 to collaborate with the downlink interfaces of monitor link group 1.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] peer 1.1.1.1 monitor-link group 1

Related commands

downlink up-delay (High Availability Command Reference)

monitor bgp (High Availability Command Reference)

monitor-link group (High Availability Command Reference)

port (High Availability Command Reference)

port monitor-link group (High Availability Command Reference)

peer mpls-local-ifnet disable

Use peer mpls-local-ifnet disable to disable MPLS local IFNET tunnel establishment to the specified EBGP peer or peer group.

Use undo peer mpls-local-ifnet disable to restore the default.

Syntax

peer { group name | ipv4-address [ mask-length ] } mpls-local-ifnet disable

undo peer { group name | ipv4-address [ mask-length ] } mpls-local-ifnet disable

Default

MPLS local IFNET tunnel establishment is enabled. Two MP-EBGP peers automatically establish an MPLS local IFNET tunnel after they exchange labeled routes and VPNv4 routes.

Views

BGP instance view

BGP-VPN instance view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must have been created.

ipv4-address: Specifies a peer by its IPv4 address. The peer must have been created.

mask-length: Specifies a mask length in the range of 0 to 32. You can use the ipv4-address and mask-length arguments together to specify a subnet. If you specify a subnet in this command, the command takes effect on all dynamic peers in the subnet.

Usage guidelines

An MPLS local IFNET tunnel is automatically established between MP-EBGP peers. Only directly connected MP-EBGP peers are able to forward traffic through this tunnel.

For two indirectly connected MP-EBGP peers, traffic between them is interrupted upon failover to the MPLS local IFNET tunnel. To avoid this issue, you can disable BGP from establishing MPLS local IFNET tunnels to the specified EBGP peer or peer group.

When you configure this command, follow these restrictions and guidelines:

· Disabling MPLS local IFNET tunnel establishment deletes the MPLS local IFNET tunnels already established to the specified EBGP peer or peer group.

· Disabling BGP from establishing MPLS local IFNET tunnels to directly connected EBGP peers and peer groups will cause traffic loss. Make sure you fully understand the impact before performing the operation.

Examples

# In BGP instance view, create an EBGP peer 1.1.1.1, and then disable MPLS local IFNET tunnel establishment to EBGP peer 1.1.1.1.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] peer 1.1.1.1 as-number 200

[Sysname-bgp-default] peer 1.1.1.1 mpls-local-ifnet disable

Related commands

display mpls lsp (MPLS Command Reference)

interface-peer/peer nexthop-recursive-policy disable

Use interface-peer/peer nexthop-recursive-policy disable to disable route recursion policy control for routes received from the specified peer or peer group.

Use undo interface-peer/peer nexthop-recursive-policy disable to remove the configuration.

Syntax

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } nexthop-recursive-policy disable

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } nexthop-recursive-policy disable

interface-peer interface-type interface-number nexthop-recursive-policy disable

undo interface-peer interface-type interface-number nexthop-recursive-policy disable

Default

The route recursion policy applies to routes received from the specified peer or peer group.

Views

BGP instance view

BGP-VPN instance view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must have been created.

ipv4-address: Specifies a peer by its IPv4 address. The peer must have been created.

ipv6-address: Specifies a peer by its IPv6 address. The peer must have been created.

link-local-address: Specifies a peer by its link-local address.

interface-type interface-number: Specifies an interface by its type and number.

interface-peer interface-type interface-number: Specifies peers that have been created through link-local addresses in the ND entries learned by the specified interface.

Usage guidelines

If you configure routing policy-based recursive lookup for BGP routes, this route recursion policy applies to BGP routes learned from all peers. This command allows you to disable route recursion policy control for routes learned from certain peers, for example, direct EBGP peers.

Examples

# In BGP instance view, disable route recursion policy control for routes received from peer 1.1.1.1.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] peer 1.1.1.1 as-number 200

[Sysname-bgp-default] peer 1.1.1.1 nexthop-recursive-policy disable

Related commands

protocol nexthop recursive-lookup

interface-peer/peer password

Use interface-peer/peer password to enable MD5 authentication for a BGP peer or peer group.

Use undo interface-peer/peer password to remove MD5 authentication for a BGP peer or peer group.

Syntax

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } password { cipher | simple } password

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } password

interface-peer interface-type interface-number password { cipher | simple } password

undo interface-peer interface-type interface-number password

Default

MD5 authentication is disabled.

Views

BGP instance view

BGP-VPN instance view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must have been created.

ipv4-address: Specifies a peer by its IPv4 address. The peer must have been created.

mask-length: Specifies a mask length in the range of 0 to 32. You can use the ipv4-address and mask-length arguments together to specify a subnet. If you specify a subnet, this command enables MD5 authentication for all dynamic peers in the subnet.

ipv6-address: Specifies a peer by its IPv6 address. The peer must have been created.

prefix-length: Specifies a prefix length in the range of 0 to 128. You can use the ipv6-address and prefix-length arguments together to specify a subnet. If you specify a subnet, this command enables MD5 authentication for all dynamic peers in the subnet.

link-local-address: Specifies a peer by its link-local address.

interface-type interface-number: Specifies an interface by its type and number.

interface-peer interface-type interface-number: Specifies peers that have been created through link-local addresses in the ND entries learned by the specified interface.

cipher: Specifies a password in encrypted form.

simple: Specifies a password in plaintext form. For security purposes, the password specified in plaintext form will be stored in encrypted form.

password: Specifies the password. Its encrypted form is a case-sensitive string of 33 to 137 characters. Its plaintext form is a case-sensitive string of 1 to 80 characters.

Usage guidelines

You can enable MD5 authentication to enhance security using the following methods:

· Perform MD5 authentication when establishing TCP connections. Only the two parties that have the same password configured can establish TCP connections.

· Perform MD5 calculation on TCP segments to avoid modification to the encapsulated BGP packets.

The peer password and peer keychain commands are mutually exclusive.

Examples

# In BGP instance view, perform MD5 authentication on the TCP connection between local router 10.1.100.1 and peer router 10.1.100.2. Set the authentication password to aabbcc in plaintext form.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] peer 10.1.100.2 password simple aabbcc

peer route-mode

Use peer route-mode enable BGP to send routes exchanged with the specified monitored peer or peer group to the BMP server

Use undo peer route-mode to restore the default.

Syntax

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } route-mode { adj-rib-in { pre-policy | post-policy | both } | adj-rib-out { pre-policy | post-policy | both } } *

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } route-mode

Default

BGP determines whether to send routes exchanged with a peer or peer group to the BMP server based on the following configurations:

· Configuration of the route-mode adj-rib-in command in BMP server view.

· Configuration of the route-mode adj-rib-out command in BMP server view.

Views

BGP instance view

BGP-VPN instance view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must have been created.

ipv4-address: Specifies a peer by its IPv4 address. The peer must have been created.

ipv6-address: Specifies a peer by its IPv6 address. The peer must have been created.

adj-rib-in: Sends routes received from the specified monitored peer or peer group to the BMP server.

adj-rib-out: Sends routes advertised to the specified monitored peer and peer group to the BMP server.

pre-policy: Sends routes to the BMP server without route filtering.

post-policy: Sends routes to the BMP server after route filtering.

both: Sends both filtered and unfiltered routes to the BMP server.

Usage guidelines

To enable BGP to send routes exchanged with a peer or peer group to the BMP server, make sure BGP has established a TCP connection to the BMP server.

The configuration of the route-mode adj-rib-in or route-mode adj-rib-out command in BMP server view takes effect on all peers and peer groups. The configuration of the peer route-mode command in BGP instance view or BGP-VPN instance view takes effect only on the specified peer or peer group. The configuration of the peer route-mode command takes precedence over the configuration of the route-mode adj-rib-in or route-mode adj-rib-out command.

If you execute this command multiple times for a peer or peer group, the most recent configuration takes effect.

Examples

# Send routes received from peer 1.1.1.1 to the BMP server without route filtering.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] peer 1.1.1.1 route-mode adj-rib-in pre-policy

peer route-server-client

Use peer route-server-client to configure the device as a route server and specify a peer or peer group as a client.

Use undo peer route-server-client to remove the configuration.

Syntax

In BGP IPv4 unicast address family view/BGP-VPN IPv4 unicast address family view:

peer { group-name | ipv4-address [ mask-length ] } route-server-client [ external ]

undo peer { group-name | ipv4-address [ mask-length ] } route-server-client

In BGP IPv6 unicast address family view/BGP-VPN IPv6 unicast address family view:

peer { group-name | ipv6-address [ prefix-length ] } route-server-client [ external ]

undo peer { group-name | ipv6-address [ prefix-length ] } route-server-client

In BGP EVPN address family view:

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } route-server-client [ external ]

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } route-server-client

Default

Neither the route server nor the client is configured.

Views

BGP IPv4 unicast address family view

BGP-VPN IPv4 unicast address family view

BGP IPv6 unicast address family view

BGP-VPN IPv6 unicast address family view

BGP EVPN address family view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must have been created.

ipv4-address: Specifies a peer by its IPv4 address. The peer must have been created.

mask-length: Specifies a mask length in the range of 0 to 32. You can use the ipv4-address and mask-length arguments together to specify a subnet. If you specify a subnet, this command configures the device as a route server and specifies all dynamic peers in the subnet as clients.

ipv6-address: Specifies a peer by its IPv6 address. The peer must have been created.

prefix-length: Specifies a prefix length in the range of 0 to 128. You can use the ipv6-address and prefix-length arguments together to specify a subnet. If you specify a subnet, this command configures the device as a route server and specifies all dynamic peers in the subnet as clients.

external: Applies this feature only to EBGP routes. After you specify this keyword, this command does not take effect on IBGP routes.

Usage guidelines

Some networks require the border devices in multiple ASs to establish full mesh connections, which consumes many network resources and reduces device performance. To resolve this issue, configure a device as a route server and the border devices in different ASs as its clients as needed.

Once a device is configured as a route server, it advertises routes to the clients without changing their AS path, next hop, and MED attributes. The clients can exchange routes without establishing EBGP connections and forward traffic to each other without the participation of the route server.

If you do not specify the external keyword, the route server advertises IBGP routes to its clients without changing the routes' AS path, next hop, and MED attributes. As a result, these routes might be unusable for EBGP peers. To resolve this issue, specify the external keyword when you use this command. The route server can change the AS path, next hop, and MED attributes of IBGP routes before advertising them to the clients.

The EBGP routes advertised to the clients does not carry the AS number of the route server. To avoid peer establishment failures, execute the peer ignore-first-as command on the clients.

This command is mutually exclusive with one of the following commands:

· peer label-route-capability

· confederation id

· confederation peer-as

· confederation nonstandard commands

Examples

# Configure peer group test as a client in BGP IPv4 unicast address family view.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family ipv4 unicast

[Sysname-bgp-default-ipv4] peer test route-server-client

interface-peer/peer soo

Use interface-peer/peer soo to configure the Site of Origin (SoO) attribute for a BGP peer or peer group.

Use undo interface-peer/peer soo to remove the configuration.

Syntax

In BGP-VPN VPNv4 address family view/BGP VPNv6 address family view/BGP IPv4 multicast address family view:

peer { group-name | ipv4-address [ mask-length ] } soo site-of-origin

undo peer { group-name | ipv4-address [ mask-length ] } soo

In BGP IPv4 unicast address family view/BGP-VPN IPv4 unicast address family view/BGP VPNv4 address family view/BGP IPv6 unicast address family view/BGP-VPN IPv6 unicast address family view:

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } soo site-of-origin

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } soo

In BGP-VPN IPv6 unicast address family view/BGP IPv6 multicast address family view:

peer { group-name | ipv6-address [ prefix-length ] } soo site-of-origin

undo peer { group-name | ipv6-address [ prefix-length ] } soo

In BGP IPv6 unicast address family view/BGP-VPN IPv6 unicast address family view:

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } soo site-of-origin

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } soo

In BGP IPv4 unicast address family view/BGP-VPN IPv4 unicast address family view/BGP IPv6 unicast address family view/BGP-VPN IPv6 unicast address family view:

interface-peer interface-type interface-number soo site-of-origin

undo interface-peer interface-type interface-number soo

Default

No SoO attribute is configured for a peer or peer group.

Views

BGP IPv4 unicast address family view

BGP-VPN IPv4 unicast address family view

BGP VPNv4 address family view

BGP-VPN VPNv4 address family view

BGP IPv6 unicast address family view

BGP-VPN IPv6 unicast address family view

BGP VPNv6 address family view

BGP IPv4 multicast address family view

BGP IPv6 multicast address family view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must have been created.

ipv4-address: Specifies a peer by its IPv4 address. The peer must have been created.

ipv6-address: Specifies a peer by its IPv6 address. The peer must have been created.

link-local-address: Specifies a peer by its link-local address.

interface-type interface-number: Specifies an interface by its type and number.

interface-peer interface-type interface-number: Specifies peers that have been created through link-local addresses in the ND entries learned by the specified interface.

site-of-origin: Specifies the SoO attribute, a string of 3 to 24 characters. The SoO attribute has the following formats:

· 16-bit AS number:32-bit user-defined number. For example, 100:3.

· 32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.

· 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1.

· 32-bit IP address/IPv4 address mask length:16-bit user-defined number. For example, 192.168.122.15/24:1.

· 32-bit AS number in dotted format:16-bit user-defined number. For example, 65535.65535:1.

Usage guidelines

The SoO attribute specifies the site where the route was originated. It prevents advertising a route back to the originating site. If the AS-path attribute is lost, the router can use the SoO attribute to avoid routing loops.

After you configure the SoO attribute for a BGP peer or peer group, BGP adds the SoO attribute into the route updates received from the BGP peer or peer group. Before advertising route updates to the peer or peer group, BGP checks the SoO attribute of the route update against the configured SoO attribute. If they are the same, BGP does not advertise the route updates to the BGP peer or peer group to avoid loops.

If a PE configured with AS number substitution connects to multiple CEs in the same VPN site through different interfaces, routing loops will occur. To avoid routing loops, configure the same SoO attribute for the CEs on the PE.

Examples

# In BGP IPv4 unicast address family view, set the SoO attribute to 100:1 for peer 1.1.1.1.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family ipv4

[Sysname-bgp-default-ipv4] peer 1.1.1.1 soo 100:1

Related commands

peer substitute-as

peer tcp-mss

Use peer tcp-mss to s et the TCP maximum segment size (MSS) for a peer or peer group.

Use undo peer tcp-mss to restore the default.

Syntax

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } tcp-mss mss-value

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } tcp-mss

Default

The TCP MSS is not set.

Views

BGP instance view

BGP-VPN instance view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must have been created.

ipv4-address: Specifies a peer by its IPv4 address. The peer must have been created.

mask-length: Specifies a mask length in the range of 0 to 32. If you use the ipv4-address and mask-length arguments together to specify a subnet, this command applies to all dynamic peers in the subnet.

ipv6-address: Specifies a peer by its IPv6 address. The peer must have been created.

prefix-length: Specifies a prefix length in the range of 0 to 128. If you use the ipv6-address and prefix-length arguments together to specify a subnet, this command applies to all dynamic peers in the subnet.

mss-value: Specifies the TCP MSS in bytes. The value range for this argument is 176 to 4096.

Usage guidelines

CAUTION:

This command might cause BGP session re-establishment. Make sure you understand the potential impact before executing this command.

‌

BGP typically establishes a multihop TCP connection with a peer. Multiple intermediate devices might fragment BGP packets due to their MTU settings, resulting in frequent packet encapsulations and decapsulations that reduce forwarding efficiency.

To resolve this issue, you can execute this command to set the TCP MSS for a peer or peer group. TCP segments sent by the source will not be re-fragmented along the path to the destination.

During TCP connection establishment with the peer or peer group specified in the peer tcp-mss command, the minimum of the following MSSs takes effect:

· The MSS calculated according to the IPv4 MTU set by the ip mtu command on the peer-facing interface.

· The MSS set by the tcp mss command for the peer-facing interface.

· The MSS calculated according to the path MTU detected by TCP path MTU discovery (enabled with the tcp path-mtu-discovery command).

· The MSS set by the peer tcp-mss command.

The MSS is calculated by using the following formula:

MSS = path MTU (or interface MTU) – IP header length – TCP header length

For more information about MTU and MSS, see IP performance optimization configuration in Layer 3—IP Services Configuration Guide.

Examples

# Set the TCP MSS to 500 for peer group test.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] peer test tcp-mss 500

Warning:This operation might reset the peer session. Continue? [Y/N]:

Related commands

tcp path-mtu-discovery (Layer 3 —IP Services Command Reference)

peer tracking

Use peer tracking to enable peer unreachability detection.

Use undo peer tracking to disable peer unreachability detection.

Syntax

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } tracking [ delay delay-time ]

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } tracking

Default

Peer unreachability detection is disabled.

Views

BGP instance view

BGP-VPN instance view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must have been created.

ipv4-address: Specifies a peer by its IPv4 address. The peer must have been created.

ipv6-address: Specifies a peer by its IPv6 address. The peer must have been created.

delay delay-time: Sets the delay time of peer disconnection, in seconds. The value range for the delay-time argument is 0 to 65535. If you specify this option, BGP disconnects from the specified peer or peer group immediately if that peer or peer group is detected unreachable.

Usage guidelines

Peer unreachability detection enables BGP to discover link failures quickly. With this feature enabled, BGP will disconnect from the specified peer or peer group if that peer or peer group is detected unreachable.

BGP considers a peer unreachable if one of the following conditions exists:

· BGP cannot find a route to that peer in the routing table of the public network instance or VPN instance to which the peer belongs.

· BGP finds the route to that peer is a blackhole route in the routing table of the public network instance or VPN instance to which the peer belongs.

When you set the delay time of peer disconnection, follow these guidelines to improve network stability:

· To avoid IBGP session flappings caused by unstable traffic, make sure the delay time of peer disconnection specified for an IBGP peer or peer group is longer than the convergence time of IGP routes.

· With peer unreachability detection enabled, the GR helper can detect whether the GR restarter is reachable. To ensure successful GR, make sure the delay time of peer disconnection is longer than the GR timer plus the extra timer to wait.

This command does not take effect if you specify a link-local address for the ipv6-address argument.

Examples

# Enable peer unreachability detection for peer 1.1.1.1.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] peer 1.1.1.1 as-number 200

[Sysname-bgp-default] peer 1.1.1.1 tracking

peer ttl-security

Use peer ttl-security to configure Generalized TTL Security Mechanism (GTSM) for a BGP peer or peer group.

Use undo peer ttl-security to disable BGP GTSM for a peer or peer group.

Syntax

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } ttl-security hops hop-count

undo peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } ttl-security hops

Default

GTSM is disabled for BGP.

Views

BGP instance view

BGP-VPN instance view

Predefined user roles

network-admin

Parameters

group-name: Specifies a peer group by its name, a case-sensitive string of 1 to 47 characters. The peer group must have been created.

ipv4-address: Specifies a peer by its IPv4 address. The peer must have been created.

ipv6-address: Specifies a peer by its IPv6 address. The peer must have been created.

hops hop-count: Specifies the maximum number of hops to the specified peer, in the range of 1 to 254.

Usage guidelines

GTSM protects a BGP session by comparing the TTL value of an incoming IP packet against the valid TTL range. If the TTL value is within the valid TTL range, the packet is accepted. If not, the packet is discarded.

The valid TTL range is from 255 – the configured hop count + 1 to 255.

When GTSM is configured, the BGP packets sent by the device have a TTL of 255.

When GTSM is configured, the local device can establish an EBGP session to the peer after they pass GTSM check, regardless of whether the maximum number of hops is reached.

To use GTSM, you must configure GTSM on both the local and peer devices. You can specify different hop-count values for them.

Examples

# In BGP instance view, enable GTSM for BGP peer group test and set the maximum number of hops to the specified peer in the peer group to 1.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] peer test ttl-security hops 1

Related commands

peer ebgp-max-hop

pic

Use pic to enable BGP FRR for a BGP address family.

Use undo pic to disable BGP FRR for a BGP address family.

Syntax

pic

undo pic

Default

BGP FRR is disabled.

Views

BGP IPv4 unicast address family view

BGP-VPN IPv4 unicast address family view

BGP IPv6 unicast address family view

BGP-VPN IPv6 unicast address family view

BGP VPNv4 address family view

BGP VPNv6 address family view

BGP EVPN address family view

Predefined user roles

network-admin

Usage guidelines

FRR is used in a dual-homing network to protect a primary route with a backup route. It uses ARP (for IPv4), ND (for IPv6), or echo-mode BFD (for IPv4) to detect the connectivity of the primary route. When the primary route fails, BGP directs packets to the backup route.

After you enable FRR, BGP calculates a backup route for each BGP route in the address family if there are two or more unequal-cost routes to reach the destination.

You can also configure BGP FRR by using the fast-reroute route-policy command, which takes precedence over the pic command. For more information about routing policies, see Layer 3—IP Routing Configuration Guide.

Use the pic command with caution because it might cause routing loops in specific scenarios.

Examples

# Enable BGP FRR in BGP IPv4 unicast address family view.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family ipv4 unicast

[Sysname-bgp-default-ipv4] pic

Related commands

fast-reroute route-policy

port

Use port to specify the port number of the RPKI server.

Use undo port to restore the default.

Syntax

port port-number

undo port

Default

The port number of the RPKI server is not specified.

Views

BGP RPKI server view

Predefined user roles

network-admin

Parameters

port-number: Specifies the port number of the RPKI server, in the range of 1 to 65535.

Usage guidelines

After you specify the IP address and port number of the RPKI server, the device automatically establishes a TCP connection to the server.

Make sure the specified port number is the same as the port number used by the RPKI server.

Changing the port number will cause temporary connection interruption.

Examples

# In BGP RPKI server view, specify 1234 as the port number of the RPKI server.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] rpki

[Sysname-bgp-default-rpki] server tcp 1.1.1.1

[Sysname-bgp-default-rpki-server] port 1234

Related commands

server tcp

primary-path-detect bfd

Use primary-path-detect bfd to configure BGP FRR to use BFD to detect next hop connectivity for the primary route.

Use undo primary-path-detect bfd to restore the default.

Syntax

primary-path-detect bfd { ctrl | echo }

undo primary-path-detect bfd

Default

BGP FRR uses ARP to detect the connectivity to the next hop of the primary route.

Views

BGP instance view

Predefined user roles

network-admin

Parameters

ctrl: Uses control-mode BFD to detect the connectivity to the next hop of the primary route.

echo: Uses echo-mode BFD to detect the connectivity to the next hop of the primary route.

Usage guidelines

This command enables BGP to create an IP FRR BFD session that detects next hop connectivity for the primary route. This can speed up primary and backup route switchover when the next hop of the primary route fails.

This command takes effect and creates an IP FRR BFD session only when the primary route has a backup next hop.

BGP does not support backup next hop calculation for the routes used for load balancing. This command cannot take effect when the primary route is an equal-cost route. To enable BFD-based next hop detection for equal-cost routes, use the primary-path-detect bfd protocol-ecmp bgp command or the primary-path-detect bfd protocol-ecmp bgp4+ command. For more information about the two commands, see IP routing basics commands in Layer 3—IP Routing Command Reference.

BGP can establish a control-mode BFD session with a peer only after negotiation. To use control-mode BFD to detect the next hop of the primary link, perform one of the following tasks:

· Execute the primary-path-detect bfd command on the peer device in the primary link.

This task is applicable when both ends of the primary link are configured with FRR.

· Manually configure a static BFD session that uses the following settings on the peer device in the primary link:

¡ Source IP address: Destination IP address of the BFD session automatically created on the local device in the primary link.

¡ Destination IP address: Source IP address of the BFD session automatically created on the local device in the primary link.

¡ Remote ID: Local ID of the BFD session automatically created on the local device in the primary link.

When another routing protocol (such as RIB, OSPF, or IS-IS) uses BFD to detect next hop connectivity for the primary route, it also creates a BFD session. If the detected link is the same as the link attached to the next hop of the BGP primary route, BGP reuses the BFD session created by the protocol. In this situation, BGP will not create an additional BFD session.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# In BGP instance view, configure BGP FRR to use echo-mode BFD to detect next hop connectivity for the primary route.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] primary-path-detect bfd echo

Related commands

fast-reroute route-policy

pic

primary-path-detect bfd (Layer 3—IP Routing Command Reference)

pu-monitor-mode enable

Use pu-monitor-mode enable to configure the BMP client to send peer up notifications with mode flags to the BMP server.

Use undo pu-monitor-mode enable to restore the default.

Syntax

pu-monitor-mode enable

undo pu-monitor-mode enable

Default

The BMP client sends peer up notifications without mode flags to the BMP server.

Views

BMP server view

Predefined user roles

network-admin

Usage guidelines

Execute this command to configure the BMP client to send peer up notifications with the following flags to the BMP server:

· Adj-RIB-In—The BMP client sends routes received from monitored peers to the BMP server.

· Adj-RIB-Out—The BMP client sends routes advertised to monitored peers to the BMP server.

· pre-policy—The BMP client sends routes to the BMP server without filtering.

· post-policy—The BMP client sends routes to the BMP server after filtering.

By default, the BMP client sends peer up notifications with the Adj-RIB-In and pre-policy flags to the BMP server after you execute this command.

After you add a route sending mode by executing the route-mode adj-rib-in, route-mode adj-rib-out, or peer route-mode command, the BMP client will send peer up notifications with the new mode flag to the BMP server.

Examples

# Configure the BMP client to send peer up notifications with mode flags to the BMP server.

<Sysname> system-view

[Sysname] bmp server 1

[Sysname-bmpserver-1] pu-monitor-mode enable

Related commands

peer route-mode

route-mode adj-rib-in

route-mode adj-rib-out

purge-time

Use purge-time to set the aging time for the ROA information.

Use undo purge-time to restore the default.

Syntax

purge-time purge-time

undo purge-time

Default

The aging time for the ROA information is 60 seconds.

Views

BGP RPKI server view

Predefined user roles

network-admin

Parameters

purge-time: Specifies the aging time for the ROA information, in the range of 30 to 360 seconds.

Usage guidelines

When the connection between a router and an RPKI server goes down (except when the shutdown command is executed), the router takes the following actions:

· Attempts to reconnect to the server.

· Places the ROA information obtained from the server in aging state, and starts the aging timer for the ROA information.

If the router reconnects to the server before the aging timer expires, it releases the ROA information from the aging state. If the router fails to reconnect to the server when the aging timer expires, it deletes the ROA information obtained from the server.

Examples

# Set the aging time for the ROA information to 150 seconds.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] rpki

[Sysname-bgp-default-rpki] server tcp 1.1.1.1

[Sysname-bgp-default-rpki-server] purge-time 150

refresh bgp

Use refresh bgp to manually soft-reset BGP sessions.

Syntax

refresh bgp [ instance instance-name ] { ipv4-address [ mask-length ] | all | external | group group-name | internal } { export | import } ipv4 [ multicast | [ unicast ] [ vpn-instance vpn-instance-name ]

refresh bgp [ instance instance-name ] ipv6-address [ mask-length ] { export | import } ipv4 [ unicast ] [ vpn-instance vpn-instance-name ]

refresh bgp [ instance instance-name ] { ipv6-address [ prefix-length ] | [ link-local-address ] interface interface-type interface-number } { export | import } ipv4 [ unicast ] [ vpn-instance vpn-instance-name ]

refresh bgp [ instance instance-name ] { ipv6-address [ prefix-length ] | [ link-local-address ] interface interface-type interface-number | all | external | group group-name | internal } { export | import } ipv6 [ unicast ] [ vpn-instance vpn-instance-name ]

refresh bgp [ instance instance-name ] { ipv6-address [ prefix-length ] | all | external | group group-name | internal } { export | import } ipv6 [ multicast | [ unicast ] [ vpn-instance vpn-instance-name ]

refresh bgp [ instance instance-name ] ipv4-address [ mask-length ] { export | import } ipv6 [ unicast ] [ vpn-instance vpn-instance-name ]

refresh bgp [ instance instance-name ] { ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | all | external | group group-name | internal } { export | import } link-state

refresh bgp [ instance instance-name ] { ipv4-address [ mask-length ] | all | external | group group-name | internal } { export | import } vpnv4 [ vpn-instance vpn-instance-name ]

refresh bgp [ instance instance-name ] ipv6-address [ prefix-length ] { export | import } vpnv4

refresh bgp [ instance instance-name ] { ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | all | external | group group-name | internal } { export | import } vpnv6

refresh bgp [ instance instance-name ] { ipv4-address [ mask-length ] | all | external | group group-name | internal } { export | import } l2vpn [ evpn ]

refresh bgp [ instance instance-name ] { ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | all | external | group group-name | internal } { export | import } dedicated

Views

User view

Predefined user roles

network-admin

Parameters

instance instance-name: Specifies a BGP instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify this option, the command soft-resets BGP sessions for the default BGP instance.

ipv4-address: Soft-resets the BGP session to a peer specified by its IP address.

mask-length: Specifies a mask length in the range of 0 to 32. You can use the ipv4-address and mask-length arguments together to specify a subnet. If you specify a subnet, this command soft-resets BGP sessions to all dynamic peers in the subnet.

ipv6-address: Soft-resets the BGP session to a peer specified by its IPv6 address.

prefix-length: Specifies a prefix length in the range of 0 to 128. You can use the ipv6-address and prefix-length arguments together to specify a subnet. If you specify a subnet, this command soft-resets BGP sessions to all dynamic peers in the subnet.

link-local-address: Specifies a peer by its link-local address. If you do not specify this argument, this command displays information about all peers established through link-local addresses that the specified interface learned in ND entries. This argument is not supported in multicast address family view.

interface interface-type interface-number: Specifies an interface by its type and number.

all: Soft-resets all BGP sessions.

external: Soft-resets all EBGP sessions.

group group-name: Soft-resets the BGP sessions to the peers of the specified peer group. The group-name argument refers to the name of a peer group, a case-sensitive string of 1 to 47 characters.

internal: Soft-resets all IBGP sessions.

export: Performs outbound soft-reset (filters routes advertised to the specified peer or peer group by using the new configuration).

import: Performs inbound soft-reset (filters routes received from the specified peer or peer group by using the new configuration).

ipv4: Soft-resets BGP sessions for IPv4 address family.

ipv6: Soft-resets BGP sessions for IPv6 address family.

link-state: Soft-resets BGP sessions for LS address family.

multicast: Soft-resets BGP sessions for multicast address family.

unicast: Soft-resets BGP sessions for unicast address family.

vpnv4: Soft-resets BGP sessions for VPNv4 address family.

vpnv6: Soft-resets BGP sessions for VPNv6 address family.

l2vpn: Soft-resets BGP sessions for L2VPN address family.

evpn: Soft-resets BGP sessions for EVPN address family.

dedicated: Soft-resets BGP sessions for dedicated address family.

vpn-instance vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command soft-resets BGP sessions for the specified address family on the public network.

Usage guidelines

A soft-reset operation enables the router to apply a new route selection policy without tearing down BGP connections.

To apply a new policy to outbound BGP sessions, execute this command with the export keyword. The router uses the new policy to filter routing information and sends the routing information that passes the filtering to the BGP peers.

To apply a new policy to inbound sessions, execute this command with the import keyword. The router advertises a route-refresh message to the peer and the peer resends its routing information to the router. After receiving the routing information, the router uses the new policy to filter the routing information.

This command requires that both the local router and the peer support route refresh.

If the peer keep-all-routes command is configured, the refresh bgp import command does not take effect.

By default, the unicast keyword is used if you do not specify the unicast keyword.

Examples

# Soft-reset all inbound BGP sessions for the IPv4 unicast address family.

<Sysname> refresh bgp all import ipv4

Related commands

peer capability-advertise route-refresh

peer keep-all-routes

refresh-time

Use refresh-time to set the RPKI connection check interval.

Use undo refresh-time to restore the default.

Syntax

refresh-time refresh-time

undo refresh-time

Default

The RPKI connection check interval is 600 seconds.

Views

BGP RPKI server view

Predefined user roles

network-admin

Parameters

refresh-time: Specifies the RPKI connection check interval in the range of 15 to 3600 seconds.

Usage guidelines

After a router establishes a TCP connection with an RPKI server, the router checks the connection at the specified interval. If the router does not receive a response from the RPKI server within the specified time period, it tears down the connection to the RPKI server.

Examples

# Set the RPKI connection check interval to 15 seconds.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] rpki

[Sysname-bgp-default-rpki] server tcp 1.1.1.1

[Sysname-bgp-default-rpki-server] refresh-time 15

Related commands

response-time

retain local-label

Use retain local-label to set an update delay for local MPLS labels.

Use undo retain local-label to restore the default.

Syntax

retain local-label retain-time

undo retain local-label

Default

The update delay is 60 seconds.

Views

BGP instance view

Predefined user roles

network-admin

Parameters

retain-time: Specifies the update delay in the range of 1 to 21845 seconds.

Usage guidelines

BGP includes local MPLS labels in advertised VPNv4 routes, VPNv6 routes, labeled IPv4 unicast routes, and labeled IPv6 unicast routes.

When a local label is changed, BGP removes the old label and advertises the new label. Traffic interruption occurs if BGP peers use the old label to forward packets before they learn the new label. To resolve this issue, configure an update delay for local MPLS labels. BGP does not remove the old label before the update delay timer expires.

Examples

# Set the update delay for local MPLS labels to 100 seconds.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] retain local-label 100

reset bgp bmp server

Use reset bgp bmp server to r eset the connection to a BMP server and clear statistics information.

Syntax

reset bgp [ instance instance-name ] bmp server { server-number | all }

Views

User view

Predefined user roles

network-admin

Parameters

instance instance-name: Specifies a BGP instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify this option, the command resets the connection to a BMP server and clears statistics information for the default BGP instance.

server-number: Specifies a BMP server by its number in the range of 1 to 8. The BMP server must have been created.

all: Resets the connections to all BMP servers and clears statistics information for the specified BGP instance.

Usage guidelines

When the BMP configuration changes, you can execute this command to reset the connection to the BMP server so that the configuration can take effect immediately.

Executing this command will disconnect the connection to the BMP server and clear statistics information. Use this command with caution.

Examples

# Reset the connection to BMP server 1 in the default BGP instance.

<Sysname> reset bgp bmp server 1

Related commands

display bgp bmp server

reset bgp bmp server statistics

Use reset bgp bmp server statistics to clear BMP server statistics.

Syntax

reset bgp [ instance instance-name ] bmp server server-number statistics

Views

User view

Predefined user roles

network-admin

Parameters

instance instance-name: Specifies a BGP instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify this option, the command clears the BMP server statistics of the default BGP instance.

server-number: Specifies a BMP server by its number in the range of 1 to 8.

Examples

# Clear the statistics of BMP server 1.

<Sysname> reset bgp bmp server 1 statistics

Related commands

display bgp bmp server

reset bgp rpki server

Use reset bgp rpki server to reset BGP RPKI sessions.

Syntax

reset bgp [ instance instance-name ] rpki server [ vpn-instance vpn-instance-name ] tcp { ipv4 address | ipv6 address }

Views

User view

Predefined user roles

network-admin

Parameters

instance instance-name: Specifies a BGP instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify this option, the command resets BGP RPKI sessions for the default BGP instance.

vpn-instance vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify this option, the command resets BGP RPKI sessions for the public network.

ipv4-address: Specifies an RPKI server by its IPv4 address.

ipv6-address: Specifies an RPKI server by its IPv6 address.

Usage guidelines

After you execute this command, the device will delete and re-establish the specified BGP RPKI session and cause temporary session interruption.

Examples

# Reset the BGP RPKI session to RPKI server 2.2.2.1.

<Sysname> reset bgp rpki server tcp 2.2.2.1

reset ttl-security statistics

Use reset ttl-security statistics to clear GTSM discarded packet statistics.

Syntax

reset ttl-security statistics [ slot slot-number ]

Views

User view

Predefined user roles

network-admin

Parameters

slot slot-number: Specifies an IRF member device by its member ID. If you do not specify a member device, this command clears GTSM discarded packet statistics for all member devices.

Examples

# Clear all GTSM discarded packet statistics.

<Sysname> reset ttl-security statistics

Related commands

display ttl-security statistics

ospf ttl-security

peer ttl-security

ttl-security

response-time

Use response-time to set the time to wait for the response from the RPKI server.

Use undo response-time to restore the default.

Syntax

response-time response-time

undo response-time

Default

The time to wait for the response from the RPKI server is 30 seconds.

Views

BGP RPKI server view

Predefined user roles

network-admin

Parameters

response-time: Specifies the time to wait for the response from the RPKI server, in the range of 15 to 3600 seconds.

Usage guidelines

A router checks the connection to an RPKI server at the check interval. If the router does not receive a response from the RPKI server within the specified time period, it tears down the connection to the RPKI server.

Examples

# Set the time to wait for the response from RPKI server 1.1.1.1 to 15 seconds.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] rpki

[Sysname-bgp-default-rpki] server tcp 1.1.1.1

[Sysname-bgp-default-rpki-server] response-time 15

Related commands

refresh-time

route-mode adj-rib-in

Use route-mode adj-rib-in to enable BGP to send routes received from all the monitored peers and peer groups to the BMP server.

Use undo route-mode adj-rib-in to restore the default.

Syntax

route-mode adj-rib-in [ pre-policy | post-policy | both ]

undo route-mode adj-rib-in

Default

BGP sends routes received from all the monitored peers and peer groups to the BMP server without route filtering.

Views

BMP server view

Predefined user roles

network-admin

Parameters

pre-policy: Sends routes to the BMP server without route filtering.

post-policy: Sends routes to the BMP server after route filtering.

both: Sends both filtered and unfiltered routes to the BMP server.

Usage guidelines

To enable BGP to send routes received from all monitored peers and peer groups to the BMP server, make sure BGP has established a TCP connection to the BMP server.

If you do not specify any parameters, the command sends routes received from all the monitored peers and peer groups to the BMP server without route filtering.

The configuration of the route-mode adj-rib-in command takes effect on all peers and peer groups. The configuration of the peer route-mode command in BGP instance view or BGP-VPN instance view takes effect only on the specified peer or peer group. The configuration of the peer route-mode command takes precedence over the configuration of the route-mode adj-rib-in command.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Enable BGP to send routes received from all the monitored peers and peer groups to the BMP server after route filtering.

<Sysname> system-view

[Sysname] bmp server 5

[Sysname-bmpserver-5] route-mode adj-rib-in post-policy

route-mode adj-rib-out

Use route-mode adj-rib-out to enable BGP to send routes advertised to all the monitored peers and peer groups to the BMP server.

Use undo route-mode adj-rib-out to restore the default.

Syntax

route-mode adj-rib-out [ pre-policy | post-policy | both ]

undo route-mode adj-rib-out

Default

BGP does not send routes advertised to a monitored peer or peer group to the BMP server.

Views

BMP server view

Predefined user roles

network-admin

Parameters

pre-policy: Sends routes to the BMP server without route filtering.

post-policy: Sends routes to the BMP server after route filtering.

both: Sends both filtered and unfiltered routes to the BMP server.

Usage guidelines

To enable BGP to send routes advertised to all monitored peers and peer groups to the BMP server, make sure BGP has established a TCP connection to the BMP server.

If you do not specify any parameters, the command sends routes advertised to all the monitored peers and peer groups to the BMP server after route filtering.

The configuration of the route-mode adj-rib-out command takes effect on all peers and peer groups. The configuration of the peer route-mode command in BGP instance view or BGP-VPN instance view takes effect only on the specified peer or peer group. The configuration of the peer route-mode command takes precedence over the configuration of the route-mode adj-rib-out command.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Enable BGP to send routes advertised to all the monitored peers and peer groups to the BMP server without route filtering.

<Sysname> system-view

[Sysname] bmp server 5

[Sysname-bmpserver-5] route-mode adj-rib-out pre-policy

route-mode loc-rib

Use route-mode loc-rib to configure BGP to send the optimal routes in the routing table to the BMP server.

Use undo route-mode loc-rib to restore the default.

Syntax

route-mode loc-rib

undo route-mode loc-rib

Default

BGP does not send the optimal routes in the routing table to the BMP server.

Views

BMP server view

Predefined user roles

network-admin

Usage guidelines

Before executing this command, make sure BGP has established a TCP connection to the BMP server.

After you execute this command, BGP sends all routes to the BMP server. If routes update later, BGP sends only the optimal routes to the server.

This command takes effect only on BGP IPv4 unicast and BGP-VPN IPv4 unicast routes.

Examples

# Configure BGP to send the optimal routes in the routing table to the BMP server.

<Sysname> system-view

[Sysname] bmp server 5

[Sysname-bmpserver-5] route-mode loc-rib

route-select delay

Use route-select delay to configure optimal route selection delay.

Use undo route-select delay to restore the default.

Syntax

route-select delay delay-value

undo route-select delay

Default

The optimal route selection delay timer is 0 seconds, which means optimal route selection is not delayed.

Views

BGP IPv4 unicast address family view

BGP-VPN IPv4 unicast address family view

BGP IPv6 unicast address family view

BGP-VPN IPv6 unicast address family view

BGP IPv4 multicast address family view

BGP IPv6 multicast address family view

BGP VPNv4 address family view

BGP VPNv6 address family view

BGP L2VPN address family view

BGP EVPN address family view

BGP LS address family view

Predefined user roles

network-admin

Parameters

delay-value: Specifies the optimal route selection delay timer in the range of 0 to 600 seconds. A value of 0 means optimal route selection is not delayed.

Usage guidelines

To avoid packet loss caused by path switchover, configure this command to delay optimal route selection upon a route change.

Follow these restrictions and guidelines when you configure the command:

· The optimal route selection delay setting applies only when multiple effective routes with the same prefix exist after a route change occurs.

· For routes being delayed for optimal route selection, modifying the optimal route selection delay timer has the following effects:

¡ If you modify the delay timer to a non-zero value, the routes are not affected, and they still use the original delay timer.

¡ If you execute the undo form of the command or modify the delay timer to 0, the device performs optimal route selection immediately.

· If you execute the command multiple times for an address family, the most recent configuration takes effect.

· The optimal route selection delay configuration does not apply to the following conditions:

¡ A route change is caused by execution of a command or by route withdrawal.

¡ After a route change occurs, only one route exists for a specific destination network.

¡ An active/standby process switchover occurs.

¡ A route change occurs among equal-cost routes.

¡ Only the optimal and suboptimal routes exist when FRR is configured.

¡ Optimal route selection is triggered by a redistributed route.

¡ The next hop of the optimal route changes and a route with the same prefix is waiting for the delay timer to expire.

Examples

# In BGP IPv4 unicast address family view, set the optimal route selection delay timer to 100 seconds.

<Sysname> system-view

[Sysname] bgp 65009

[Sysname-bgp-default] address-family ipv4 unicast

[Sysname-bgp-default-ipv4] route-select delay 100

route-select suppress on-peer-up

Use route-select suppress on-peer-up to enable optimal route selection delay based on DOWN-to-UP peer state changes and set a delay timer.

Use undo route-select suppress on-peer-up to restore the default.

Syntax

route-select suppress on-peer-up milliseconds

undo route-select suppress on-peer-up

Default

When the state of a peer changes from DOWN to UP, the device does not delay optimal route selection for BGP routes received from that peer.

Views

BGP IPv4 unicast address family view

BGP-VPN IPv4 unicast address family view

BGP IPv6 unicast address family view

BGP-VPN IPv6 unicast address family view

BGP IPv4 multicast address family view

BGP IPv6 multicast address family view

BGP VPNv4 address family view

BGP VPNv6 address family view

BGP L2VPN address family view

BGP EVPN address family view

BGP LS address family view

Predefined user roles

network-admin

Parameters

milliseconds: Specifies the delay timer of optimal route selection in the range of 100 to 600000 milliseconds. The step is 100.

Usage guidelines

Application scenarios

When the device receives BGP routes from a peer after the state of that peer changes from DOWN to UP, the device immediately performs optimal route selection for those received routes. In this situation, packet forwarding might fail if the following conditions exist:

· The device forwards packets to the peer based on the selected optimal routes.

· The peer has not completed FIB convergence due to device restart or other reasons.

To avoid packet loss caused by this issue, use this command to delay optimal route selection for routes received from the peer.

Operating mechanism

With this command executed, the local device starts the specified delay timer when the state of a peer changes from DOWN to UP. The local device performs optimal route selection for routes received from that peer only after the delay timer expires. This mechanism avoids traffic loss caused by forwarding failures, because it ensures that the local device uses routes received from the peer for traffic forwarding only after the peer finishes FIB convergence.

Restrictions and guidelines

Follow these restrictions and guidelines when you configure the command:

· If you execute the command multiple times for an address family, the most recent configuration takes effect.

· If you edit the delay timer of optimal route selection, this operation will not take effect on the routes being delayed. The new delay timer takes effect only when a new DOWN-to-UP peer state change occurs.

· If you configure this command and the route-select delay command synchronously, only the longer delay timer takes effect.

· To have the device immediately perform optimal route selection for routes being delayed, execute either of the following commands:

¡ undo route-select suppress on-peer-up

This command takes effect only on routes that are delayed by the route-select suppress on-peer-up command.

¡ undo route-select delay

This command takes effect only on routes that are delayed by the route-select suppress on-peer-up command or the route-select delay command.

Examples

# In BGP IPv4 unicast address family view, enable optimal route selection delay based on DOWN-to-UP peer state changes and set the delay timer to 200 milliseconds.

<Sysname> system-view

[Sysname] bgp 65009

[Sysname-bgp-default] address-family ipv4 unicast

[Sysname-bgp-default-ipv4] route-select suppress on-peer-up 200

Related commands

route-select delay

routing-table bgp-rib-only

Use routing-table bgp-rib-only to disable BGP from flushing specific routes to the IP routing table.

Use undo routing-table bgp-rib-only to restore the default.

Syntax

routing-table bgp-rib-only [ all ] [ route-policy route-policy-name ]

undo routing-table bgp-rib-only

Default

BGP flushes the optimal routes to the IP routing table.

Views

BGP IPv4 unicast address family view

BGP IPv6 unicast address family view

BGP-VPN IPv4 unicast address family view

BGP-VPN IPv6 unicast address family view

Predefined user roles

network-admin

Parameters

all: Disables BGP from flushing all routes to the IP routing table, including redistributed routes and routes received from peers and peer groups. If you do not specify this keyword, only the routes received from the specified peer or peer group cannot be flushed to the routing table and BGP still flushes redistributed routes to the routing table.

route-policy route-policy-name: Specifies a routing policy by its name, a case-sensitive string of 1 to 63 characters. If you do not specify a routing policy or the specified routing policy does not exist, BGP does not flush any routes to the routing table. The apply clauses in the specified routing policy do not take effect.

Usage guidelines

In a route reflection network, execute this command to disable BGP from flushing specific BGP routes to the routing table of the RR. Then, the RR only advertises and receives routes but does not forward service traffic, which saves the system resources of the RR.

This command is mutually exclusive with the advertise-rib-active command.

Examples

# In BGP IPv4 unicast address family view, disable BGP from flushing BGP IPv4 unicast routes matching routing policy policy1 to the routing table.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] address-family ipv4 unicast

[Sysname-bgp-default-ipv4] routing-table bgp-rib-only route-policy policy1

rpki

Use rpki to enter BGP RPKI view.

Use undo rpki to remove all configurations in BGP RPKI view.

Syntax

rpki

undo rpki

Views

BGP instance view

Predefined user roles

network-admin

Examples

# Enter BGP RPKI view.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] rpki

[Sysname-bgp-default-rpki]

rpki-limit

Use rpki-limit to specify the maximum number of ROAs that can be received from an RPKI server.

Use undo rpki-limit to restore the default.

Syntax

rpki-limit limit [ alert-only | discard | reconnect reconnect-time ]

undo rpki-limit

Default

The number of ROAs that can be received from an RPKI server is not limited.

Views

RPKI server view

Predefined user roles

network-admin

Parameters

limit: Specifies the maximum number of ROAs that can be received from the specified RPKI server, in the range of 1 to 4294967295. The device tears down the TCP connection to the RPKI server if the following conditions exist:

· The alert-only, discard, and reconnect keywords are not specified.

· The number of ROAs received from the RPKI server reaches the value for the limit argument.

In this situation, the device will not attempt to re-establish the connection to the RPKI server. You can execute the reset bgp rpki server command to re-establish the connection.

alert-only: When the number of ROAs received from the RPKI server reaches the value for the limit argument, the device generates a log message only. It does not tear down the TCP connection to the RPKI server and can continue to receive ROAs from the RPKI server.

discard: When the number of ROAs received from the RPKI server reaches the value for the limit argument, the device retains the TCP connection to the RPKI server, discards excess ROAs, and generates a log message. When the number of ROAs received from the RPKI server falls below the value for the limit argument, the device can continue to receive ROAs from the RPKI server. If you execute this command with other keywords or the number of ROAs received from the RPKI server falls below the value for the limit argument, the device sends a reset query to the RPKI server. Then, the RPKI server sends the ROAs to the device again to restore the discarded ROAs.

reconnect reconnect-time: Specifies a reconnection timer. When the number of ROAs received from the RPKI server reaches the value for the limit argument, the device tears down the TCP connection to the RPKI server and starts the reconnection timer. After the reconnection timer expires, the device re-establishes the TCP connection to the RPKI server. The reconnect-time argument specifies the reconnection timer in the range of 1 to 86400 seconds.

Usage guidelines

This command saves system resources of the device, because it prevents the device from receiving too many ROAs from an RPKI server.

This command takes effect only on the TCP connection between the device and the RPKI server specified in the current view. You can execute this command in the views of multiple RPKI servers.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# In BGP RPKI server view, set the maximum number of ROAs that can be received from RPKI server 1.1.1.1 to 1000.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] rpki

[Sysname-bgp-default-rpki] server tcp 1.1.1.1

[Sysname-bgp-default-rpki-server] rpki-limit 1000

server

Use server to configure an IP address and port number for a BMP server.

Use undo server to remove the configuration.

Syntax

server address { ipv4-address | ipv6-address } port port-number

undo server

Default

No IP address and port number are configured for the BMP server.

Views

BMP server view

Predefined user roles

network-admin

Parameters

ipv4-address: Specifies an IPv4 address for the BMP server.

Ipv6-address: Specifies an IPv6 address for the BMP server.

port-number: Specifies a port number for the BMP server, in the range of 1 to 65535.

Usage guidelines

After you configure an IP address and port number for a BMP server, the BMP client establishes a TCP connection to the BMP server and sends BMP messages to the BMP server.

Examples

# Configure IP address 100.1.1.1 and port number 8888 for BMP server 5.

<Sysname> system-view

[Sysname] bmp server 5

[Sysname-bmpserver-5] server address 100.1.1.1 port 8888

server connect-interface

Use server connect-interface to specify the source interface of TCP connections to the BMP server.

Use undo server connect-interface to restore the default.

Syntax

server connect-interface interface-type interface-number

undo server connect-interface

Default

BGP uses the primary IPv4 address of the output interface in the optimal route to the BMP server as the source address of TCP connections to the BMP server.

Views

BMP server view

Predefined user roles

network-admin

Parameters

interface-type interface-number: Specifies an interface by its type and number.

Usage guidelines

After you configure this command, BGP uses the address of the specified interface to establish TCP connections to the BMP server.

For a BMP server, this command does not take effect if the VPN instance of the specified interface is different from that specified by the server vpn-instance command.

Examples

# Configure Loopback 0 as the source interface of TCP connections to BMP server 5.

<Sysname> system-view

[Sysname] bmp server 5

[Sysname-bmpserver-5] server address 100.1.1.1 port 8888

[Sysname-bmpserver-5] server connect-interface loopback0

Related commands

display bgp bmp server

ip vpn-instance (system view) (MCE Command Reference)

server password

Use server password to specify the authentication mode and key for BGP to establish TCP connections to the BMP server.

Use undo server password to restore the default.

Syntax

server password { keychain keychain-name | md5 { cipher | simple } string }

undo server password

Default

BGP establishes TCP connections to the BMP server without authentication.

Views

BMP server view

Predefined user roles

network-admin

Parameters

keychain: Specifies keychain authentication.

keychain-name: Specifies a keychain by its name, a case-sensitive string of 1 to 63 characters. The keychain must have been created.

md5: Specifies MD5 authentication.

cipher: Specifies a password in encrypted form.

simple: Specifies a password in plaintext form. For security purposes, the password specified in plaintext form will be stored in encrypted form.

string: Specifies the password. Its encrypted form is a case-sensitive string of 33 to 137 characters. Its plaintext form is a case-sensitive string of 1 to 80 characters.

Usage guidelines

Configure this command to secure the TCP connections and packets exchanged with the BMP server.

You cannot repeat the server password command to edit the authentication mode and key. To edit the authentication mode and key, first execute the undo server password command and then the server password command to configure a new authentication mode and key.

Examples

# In BMP server view, use keychain abc to authenticate the TCP connections to the BMP server.

<Sysname> system-view

[Sysname] bmp server 5

[Sysname-bmpserver-5] server password keychain abc

server source-address

Use server source-address to specify the source address of TCP connections to the BMP server.

Use undo server source-address to restore the default.

Syntax

server source-address { ipv4-address | ipv6-address }

undo server source-address

Default

BGP uses the primary IPv4 or IPv6 address of the output interface in the optimal route to the BMP server as the source address of TCP connections to the BMP server.

Views

BMP server view

Predefined user roles

network-admin

Parameters

ipv4-address: Specifies the source IPv4 address of TCP connections to the BMP server.

ipv6-address: Specifies the source IPv6 address of TCP connections to the BMP server.

Usage guidelines

For a BMP server, the following rules apply:

· The configuration of the server source-address command does not take effect if the server source-address and server commands specify different types of IP addresses.

· If you execute both the server source-address and server connect-interface commands, the server source-address command takes effect.

Examples

# Configure IP address 100.1.1.1 and port number 8888 for BMP server 5, and then configure 1.1.1.1 as the source address of TCP connections to BMP server 5.

<Sysname> system-view

[Sysname] bmp server 5

[Sysname-bmpserver-5] server address 100.1.1.1 port 8888

[Sysname-bmpserver-5] server source-address 1.1.1.1

Related commands

display bgp bmp server

server connect-interface

server tcp

Use server tcp to specify an RPKI server and enter BGP RPKI server view.

Use undo server tcp to cancel the configuration.

Syntax

server [ vpn-instance vpn-instance-name ] tcp { ipv4-address | ipv6-address }

undo server [ vpn-instance vpn-instance-name ] tcp { ipv4-address | ipv6-address }

Default

No RPKI server is specified.

Views

BGP RPKI view

Predefined user roles

network-admin

Parameters

vpn-instance vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify this option, the command specifies an RPKI server in the public network.

ipv4-address: Specifies an RPKI server by its IPv4 address.

ipv6-address: Specifies an RPKI server by its IPv6 address.

Usage guidelines

You can execute this command multiple times to configure a router to establish TCP connections to multiple RPKI servers.

After you execute the undo server command, all configurations in BGP RPKI server view are deleted.

Examples

# Specify an RPKI server with the IP address 1.1.1.1 and enter BGP RPKI server view.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] rpki

[Sysname-bgp-default-rpki] server tcp 1.1.1.1

[Sysname-bgp-default-rpki-server]

server vpn-instance

Use server vpn-instance to specify a VPN instance for a BMP server.

Use undo server vpn-instance to restore the default.

Syntax

server vpn-instance vpn-instance-name

undo server vpn-instance

Default

No VPN instance is specified for a BMP server. A BMP server belongs to the public network.

Views

BMP server view

Predefined user roles

network-admin

Parameters

vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters. The specified VPN instance must have been created.

Usage guidelines

If you delete the VPN instance of a BMP server, BGP disconnects from the BMP server. After you create the VPN instance again, BGP reconnects to the BMP server.

If you execute this command multiple times for a BMP server, the most recent configuration takes effect.

Examples

# Configure IP address 100.1.1.1 and port number 8888 for BMP server 5, and specify VPN instance vpna for BMP server 5.

<Sysname> system-view

[Sysname] bmp server 5

[Sysname-bmpserver-5] server address 100.1.1.1 port 8888

[Sysname-bmpserver-5] server vpn-instance vpna

Related commands

server connect-interface

shutdown process

Use shutdown process to shut down BGP sessions to all peers and peer groups.

Use undo shutdown process to restore the default.

Syntax

shutdown process

undo shutdown process

Default

BGP does not shut down sessions to any peers or peer groups.

Views

BGP instance view

Predefined user roles

network-admin

Usage guidelines

For maintenance purposes, you can execute this command to temporarily disconnect BGP sessions from all peers and peer groups on the device. After maintenance, you can restore the sessions by simply executing the undo form of the command without reconfiguring peer or peer group settings.

This command enables the device to tear down all sessions and clear all routing information.

When you configure the shutdown process command together with the peer ignore or ignore all-peers command, follow these restrictions and guidelines:

· Once BGP shutdown is enabled by the shutdown process command, the device cannot establish BGP sessions with all peers and peer groups.

· To disable BGP session establishment with a peer or peer group if you have disabled BGP shutdown, perform one of the following tasks:

¡ Disable BGP session establishment with that peer or peer group by using the peer ignore command.

¡ Disable BGP session establishment with all peers and peer groups by using the ignore all-peers command.

Examples

# Shut down BGP sessions to all peers and peer groups for BGP instance 100.

<Sysname> system-view

[Sysname] bgp 100

[Sysname-bgp-default] shutdown process

statistics-interval

Use statistics-interval to set the interval at which BGP sends statistics information to the BMP server.

Use undo statistics-interval to restore the default.

Syntax

statistics-interval value

undo statistics-interval

Default

BGP does not send statistics information to the BMP server.

Views

BMP server view

Predefined user roles

network-admin

Parameters

value: Specifies the interval at which BGP sends statistics information to the BMP server, in the range of 1 to 3600 seconds.

Usage guidelines

After establishing a TCP connection to the BMP server, BGP sends statistics information to the BMP server at the specified interval.

Examples

# Set the interval to 5 seconds at which BGP sends statistics information to the BMP server.

<Sysname> system-view

[Sysname] bmp server 5

[Sysname-bmpserver-5] statistics-interval 5

user-move fast-update

Use user-move fast-update to enable fast host route update upon user migration.

Use undo user-move fast-update to disable fast host route update upon user migration.

Syntax

user-move fast-update

undo user-move fast-update

Default

Fast host route update upon user migration is disabled.

Views

BGP IPv4 unicast address family view

BGP IPv6 unicast address family view

Predefined user roles

network-admin

Usage guidelines

An access device does not detect the online state of a client actively or update the host route entries in real time. Traffic forwarding might be affected when a client roams between access devices. To resolve this issue, execute this command to enable fast host route update upon user migration.

Executing this command also enables BGP to advertise the extended community attribute to all peers and peer groups.

Examples

# In BGP IPv4 unicast address family view, enable fast host route update upon user migration.

<Sysname>system-view

[Sysname] bgp 200

[Sysname-bgp-default] address-family ipv4 unicast

[Sysname-bgp-default-ipv4] user-move fast-update

Related commands

peer advertise-ext-community

08-Layer 3—IP Routing Command Reference

Application scenarios

Operating mechanism

Restrictions and guidelines

check-origin-validation

display bgp non-stop-routing status

display bgp routing-table dedicated

fast-reroute route-policy

Operating mechanism

Restrictions and guidelines

Application scenarios

Operating mechanism

Restrictions and guidelines

Application scenarios

Operating mechanism

Restrictions and guidelines

Application scenarios

Operating mechanism

Restrictions and guidelines

peer monitor-link group

Operating mechanism

Restrictions and guidelines

Application scenarios

Operating mechanism

Restrictions and guidelines

Intelligent Terminal Products

Product Support Services

Technical Service Solutions

Resource Center

Policy

Online Help

Become a Partner

Partner Policy & Program

Global Learning

Partner Sales Resources

Service Business

News & Events

Contact Us