Login
- Table of Contents
-
- 04-Layer 3—IP Services Command Reference
- 00-Preface
- 01-ARP commands
- 02-IP addressing commands
- 03-DHCP commands
- 04-DNS commands
- 05-mDNS gateway commands
- 06-mDNS relay commands
- 07-IP forwarding basics commands
- 08-Fast forwarding commands
- 09-Adjacency table commands
- 10-IRDP commands
- 11-IP performance optimization commands
- 12-UDP helper commands
- 13-IPv6 basics commands
- 14-DHCPv6 commands
- 15-IPv6 fast forwarding commands
- 16-Tunneling commands
- 17-GRE commands
- 18-HTTP redirect commands
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 07-IP forwarding basics commands | 92.17 KB |
forwarding vxlan-packet inner-protocol
snmp-agent trap enable ip-forwarding
ip load-sharing local-first enable
ip load-sharing symmetric enable
Basic IP forwarding commands
display fib
Use display fib to display FIB entries.
Syntax
display fib [ vpn-instance vpn-instance-name ] [ ip-address [ mask | mask-length ] ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. To display the FIB entries for the public network, do not specify any VPN instance.
ip-address: Displays the FIB entry that matches the specified destination IP address.
mask: Specifies the mask for the IP address.
mask-length: Specifies the mask length for the IP address. The value range is 0 to 32.
Usage guidelines
If you specify an IP address without a mask or mask length, this command displays the longest matching FIB entry.
If you specify an IP address and a mask or mask length, this command displays the exactly matching FIB entry.
Examples
# Display all FIB entries of the public network.
<Sysname> display fib
Destination count: 5 FIB entry count: 5
Flag:
U:Usable G:Gateway H:Host B:Blackhole D:Dynamic S:Static
R:Relay F:FRR
Destination/Mask Nexthop Flag OutInterface/Token Label
0.0.0.0/32 127.0.0.1 UH InLoop0 Null
1.1.1.0/24 192.168.126.1 USGF M-GE0/0/0 Null
127.0.0.0/8 127.0.0.1 U InLoop0 Null
127.0.0.0/32 127.0.0.1 UH InLoop0 Null
127.0.0.1/32 127.0.0.1 UH InLoop0 Null
# Display the FIB entries for VPN vpn1.
<Sysname> display fib vpn-instance vpn1
Destination count: 6 FIB entry count: 6
Flag:
U:Usable G:Gateway H:Host B:Blackhole D:Dynamic S:Static
R:Relay F:FRR
Destination/Mask Nexthop Flag OutInterface/Token Label
0.0.0.0/32 127.0.0.1 UH InLoop0 Null
20.20.20.0/24 20.20.20.25 U M-GE0/0/0 Null
20.20.20.0/32 20.20.20.25 UBH M-GE0/0/0 Null
20.20.20.25/32 127.0.0.1 UH InLoop0 Null
20.20.20.25/32 20.20.20.25 H M-GE0/0/0 Null
20.20.20.255/32 20.20.20.25 UBH M-GE0/0/0 Null
# Display the FIB entries matching the destination IP address 10.2.1.1.
<Sysname> display fib 10.2.1.1
Destination count: 1 FIB entry count: 1
Flag:
U:Usable G:Gateway H:Host B:Blackhole D:Dynamic S:Static
R:Relay F:FRR
Destination/Mask Nexthop Flag OutInterface/Token Label
10.2.1.1/32 127.0.0.1 UH InLoop0 Null
Table 1 Command output
|
Field |
Description |
|
Destination count |
Total number of destination addresses. |
|
FIB entry count |
Total number of FIB entries. |
|
Destination/Mask |
Destination address and the mask length. |
|
Nexthop |
Next hop address. |
|
Flag |
Flags of routes: · U—Usable route. · G—Gateway route. · H—Host route. · B—Blackhole route. · D—Dynamic route. · S—Static route. · R—Relay route. · F—Fast reroute. |
|
OutInterface/Token |
Output interface/LSP index number. |
|
Label |
Inner label. |
forwarding vxlan-packet inner-protocol
Use forwarding vxlan-packet inner-protocol to enable hardware forwarding for specific packets received from VXLAN tunnels.
Use undo forwarding vxlan-packet inner-protocol to restore the default.
Syntax
forwarding vxlan-packet inner-protocol { ipv4 | ipv6 } *
undo forwarding vxlan-packet inner-protocol [ ipv4 | ipv6 ]
Default
Packets received from VXLAN tunnels are delivered to the CPU for processing.
Views
System view
Predefined user roles
network-admin
Parameters
ipv4: Specifies IPv4 packets.Only ARP packets are supported.
ipv6: Specifies IPv6 packets.Only MLD packets are supported.
Usage guidelines
By default, the device forwards ARP and MLD packets received from VXLAN tunnels to the CPU for processing when acting as a VTEP in a distributed EVPN gateway network. If a large number of such packets are received, packet loss might occur because of software rate limit, which might cause service exceptions on downlink devices.
To resolve this issue, you can enable the device to forward ARP and MLD packets received from VXLAN tunnels in hardware without delivering them to the CPU.
Traffic forwarding issues might occur if you use this command together with either of the following commands:
· flooding disable all all-direction
· flooding disable broadcast all-direction
To make sure the device can forward traffic correctly, perform the following steps before you enable this feature:
1. Check the configuration for the flooding disable all all-direction and flooding disable broadcast all-direction commands.
2. If either command exists, do the following:
a. Execute the undo flooding disable command to enable flooding on the device.
b. Execute the flooding disable all command to disable the device from flooding any types of traffic received from ACs to VXLAN tunnel interfaces of the VSI.
c. Configure port isolation for the ACs to confine their flooding traffic.
To ensure access to slient devices, such as dumb terminals, you must also execute the undo mac-address static source-check enable command to disable the static source check feature. If you cannot identify whether silient devices exist, disable static source check as a best practice.
Examples
# Enable hardware forwarding for IPv4 packets received from VXLAN tunnels.
<Sysname> system-view
[Sysname] forwarding vxlan-packet inner-protocol ipv4
ip forwarding-table save
Use ip forwarding-table save to save the IP forwarding entries to a file.
Syntax
ip forwarding-table save filename filename
Views
Any view
Predefined user roles
network-admin
Parameters
filename filename: Specifies the name of a file, a string of 1 to 255 characters. For information about the filename argument, see file system management in Fundamentals Configuration Guide.
Usage guidelines
The command automatically creates the file if you specify a nonexistent file. If the file already exists, this command overwrites the file content.
To automatically save the IP forwarding entries periodically, configure a schedule for the device to automatically run the ip forwarding-table save command. For information about scheduling a task, see Fundamentals Configuration Guide.
Examples
# Save the IP forwarding entries to the fib.txt file.
<Sysname> ip forwarding-table save filename fib.txt
snmp-agent trap enable fib
Use snmp-agent trap enable fib to enable SNMP notifications for FIB events.
Use undo snmp-agent trap enable fib to disable SNMP notifications for FIB events.
Syntax
snmp-agent trap enable fib [ deliver-failed | ecmp-limit | entry-consistency | entry-limit ] *
undo snmp-agent trap enable fib [ deliver-failed | ecmp-limit | entry-consistency | entry-limit ] *
Default
SNMP notifications for FIB events are enabled.
Views
System view
Predefined user roles
network-admin
Parameters
deliver-failed: Specifies notifications to be sent when FIB entry deployment to the hardware fails.
ecmp-limit: Specifies notifications to be sent when the number of ECMP routes exceeds the upper limit.
entry-consistency: Specifies notifications to be sent when the FIB software and hardware entries are inconsistent.
entry-limit: Specifies notifications to be sent when the number of FIB entries exceeds the upper limit.
Usage guidelines
This feature enables the FIB module to generate SNMP notifications for critical FIB events. The SNMP notifications are sent to the SNMP module.
You can enable specific SNMP notifications for FIB events as needed. If you do not specify any SNMP notification types, the command enables all types of SNMP notifications.
· With ecmp-limit specified, when the number of ECMP routes learned by a module exceeds the upper limit, the device sends an SNMP notification that carries the module number to the SNMP module.
· With entry-consistency specified, if the FIB software and hardware entries on the device are inconsistent, the device sends an SNMP notification that carries the module number to the SNMP module.
· With entry-limit specified, when the number of FIB entries exceeds the upper limit, the device sends an SNMP notification that carries the FIB entry module name to the SNMP module.
· With deliver-failed specified, when FIB entry deployment to the hardware fails, the device sends an SNMP notification that carries the entry VRF, IP address type, IP address, mask, and failure reason to the SNMP module.
For the SNMP notifications to be sent correctly, you must also configure SNMP. For more information about SNMP configuration, see Network Management and Monitoring Configuration Guide.
Examples
# Disable SNMP notifications for FIB events.
<Sysname> system-view
[Sysname] undo snmp-agent trap enable fib
snmp-agent trap enable ip-forwarding
Use snmp-agent trap enable ip-forwarding to enable SNMP notifications for IP forwarding events.
Use undo snmp-agent trap enable ip-forwarding to disable SNMP notifications for IP forwarding events.
Syntax
snmp-agent trap enable ip-forwarding [ ttl-expired | mbuf-alloc ]
undo snmp-agent trap enable ip-forwarding
Default
SNMP notifications for IP forwarding events are enabled.
Views
System view
Predefined user roles
network-admin
Parameters
ttl-expired: Specifies notifications about TTL timeout.
mbuf-alloc: Specifies notifications about MBUF allocation failures.
Usage guidelines
This feature enables the IP forwarding module to generate SNMP notifications for critical IP forwarding events. The SNMP notifications are sent to the SNMP module. For the SNMP notifications to be sent correctly, you must also configure SNMP. For more information about SNMP configuration, see Network Management and Monitoring Configuration Guide.
You can enable SNMP notifications for the following IP forwarding events as needed:
· After you enable SNMP notifications about TTL timeout, the device checks the number of dropped packets at the specified time interval. An SNMP notification is generated and sent to the SNMP module when the number of dropped packets reaches or exceeds the specified threshold.
· After you enable SNMP notifications about MBUF allocation failures, an SNMP notification is generated and sent to the SNMP module when MBUF allocation fails.
If you do not specify any parameters, the command enables all types of SNMP notifications for IP forwarding events.
After you disable the SNMP notifications for IP forwarding events, the device sends only logs to the device's information center module. In this case, you can configure the log output destinations and output rules to view the log information of the basic IPv6 modules. For more information about configuring the information center, see information center configuration in Network Management and Monitoring Configuration Guide.
Examples
# Disable SNMP notifications for IP forwarding events.
<Sysname> system-view
[Sysname] undo snmp-agent trap enable ip-forwarding
Load sharing commands
ip load-sharing local-first enable
Use ip load-sharing local-first enable to enable local-first load sharing.
Use undo ip load-sharing local-first enable to disable local-first load sharing.
Syntax
ip load-sharing local-first enable
undo ip load-sharing local-first enable
Default
Local-first load sharing is enabled.
Views
System view
Predefined user roles
network-admin
Usage guidelines
Local-first load sharing takes effect only on an IRF fabric.
Examples
# Enable local-first load sharing.
<Sysname> system-view
[Sysname] ip load-sharing local-first enable
ip load-sharing mode
Use ip load-sharing mode to specify a shift value for the load sharing algorithm result.
Use undo ip load-sharing mode to restore the default.
Syntax
ip load-sharing mode per-flow [ algorithm algorithm-number [ seed seed-number ] [ shift shift-number ] | [ dest-ip | dest-port | ingress-port | ip-pro | src-ip | src-port ] * | tunnel { all | inner | outer } ] } { global | slot slot-number }
undo ip load-sharing mode { global | slot slot-number }
Default
The shift value is 0 for the load sharing algorithm result.
Views
System view
Predefined user roles
network-admin
Parameters
algorithm algorithm-number: Specifies an algorithm for per-flow load sharing. The value range for the algorithm-number argument is 0 to 8.
seed seed-number: Specifies the seed value for the algorithm. The value range is 0 to 1.
shift shift-number: Specifies the shift value for the hash algorithm result. The value range is 0 to 15, and the default value is 0.
per-flow: Implements per-flow load sharing.
global: Configures the load sharing mode globally.
slot slot-number: Specifies an IRF member device by its member ID. If you do not specify a member device, this command configures the load sharing mode for all member devices.
Usage guidelines
If traffic is not shared equally, you can use the shift shift-number option to adjust the algorithm result.
The priority of slot-specific load balancing is higher than the global load balancing method. The global configuration takes effect only on slots that are not specified with a load balancing method.
Examples
# Configure the device to use algorithm 0 for global per-flow load sharing and set the shift value to 1 for the algorithm result.
<Sysname> system-view
[Sysname] ip load-sharing mode per-flow algorithm 0 shift 1 global
ip load-sharing symmetric enable
Use ip load-sharing symmetric enable to enable symmetric load sharing.
Use undo ip load-sharing symmetric enable to disable symmetric load sharing.
Syntax
ip load-sharing symmetric enable
undo ip load-sharing symmetric enable
Default
Symmetric load sharing is disabled.
Views
System view
Predefined user roles
network-admin
Usage guidelines
Symmetric load sharing ensures that bidirectional traffic specific to a particular source and destination address pair flow along the same path.
Examples
# Enable symmetric load sharing.
<Sysname> system-view
[Sysname] ip load-sharing symmetric enable
